last executing test programs:

44m11.993338168s ago: executing program 2 (id=2501):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r1, @ANYBLOB="210f00000000000000002000000008000300", @ANYRES32=r3], 0x1c}, 0x1, 0x0, 0x0, 0x14}, 0x4000)

44m11.982830388s ago: executing program 2 (id=2502):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000ac0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b708000002001e007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000d00)='sched_switch\x00', r4}, 0x18)
r5 = gettid()
rt_tgsigqueueinfo(0x0, r5, 0x1c, &(0x7f0000000140)={0x4, 0x0, 0x3})
timerfd_create(0x9, 0x80000)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$SOCK_DIAG_BY_FAMILY(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000a40)=ANY=[], 0x28}}, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000180)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r7, 0x1, 0x1a, &(0x7f00000001c0)={0x3, &(0x7f0000000040)=[{0x20, 0x0, 0x0, 0xfffff00c}, {0x28, 0x0, 0x0, 0x6ebf}, {0x6, 0x0, 0x0, 0x1000000}]}, 0x10)
sendmmsg$unix(r6, &(0x7f00000000c0), 0x3f, 0x0)
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000000040)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(0xffffffffffffffff, &(0x7f0000932000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

44m10.939771603s ago: executing program 2 (id=2510):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000003005740ed0b0011c3ec000000010902120001000000000904"], 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, &(0x7f0000000780)={0x84, &(0x7f0000000000)=ANY=[@ANYBLOB="00000100000022"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r0, 0x0, &(0x7f00000004c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
timer_create(0x0, 0x0, 0x0)
r1 = accept4(0xffffffffffffffff, 0x0, 0x0, 0x0)
ioctl$int_in(r1, 0x5452, 0x0)
syz_usb_connect(0x3, 0x61, &(0x7f0000000840)={{0x12, 0x1, 0x201, 0x4d, 0xb, 0xf3, 0x8, 0x5c5, 0x2, 0x9376, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x4f, 0x1, 0x5, 0xa3, 0x80, 0x9, [{{0x9, 0x4, 0x9f, 0x5, 0x2, 0xf6, 0x52, 0xf0, 0xd9, [@hid_hid={0x9, 0x21, 0xd, 0x0, 0x1, {0x22, 0xfe4}}], [{{0x9, 0x5, 0x8, 0x3, 0x3ff, 0xc, 0x2, 0x9b}}, {{0x9, 0x5, 0x2, 0x8, 0x400, 0xc3, 0x73, 0x10, [@generic={0x22, 0x30, "55b42a9fd0a7d964ead5632881572c9641d9aa26769d883d5db2aecb377d01c9"}]}}]}}]}}]}}, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000700)={0x84, &(0x7f0000000640)=ANY=[@ANYBLOB="201104060000000101"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

44m7.885855877s ago: executing program 2 (id=2525):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = getpid()
process_vm_readv(r1, 0x0, 0x0, 0x0, 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
r3 = open_tree(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x89901)
move_mount(r3, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000240)='./file0\x00', &(0x7f00000000c0)='./file0/../file0/../file0/../file0/../file0\x00')

44m7.873741757s ago: executing program 2 (id=2526):
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000040)={'lo\x00', <r3=>0x0})
sendto$packet(r1, &(0x7f0000000080)="a99c383d33c9c607b1b9d49688a883", 0x12, 0x0, &(0x7f0000000000)={0x11, 0x0, r3, 0x1, 0x0, 0x6, @link_local}, 0x14)
recvmmsg(r0, &(0x7f0000000480), 0x0, 0x10022, 0x0)

44m7.794106039s ago: executing program 2 (id=2527):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120141014813442024040075ee6901020301090224000c000010000904b8070296d1ca000905060200020d0006090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x5, 0x4, "abdc2eff"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="601004000000cf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

44m7.793787948s ago: executing program 32 (id=2527):
r0 = syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="120141014813442024040075ee6901020301090224000c000010000904b8070296d1ca000905060200020d0006090582020002"], 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000900)={0x84, &(0x7f00000003c0)={0x0, 0x5, 0x4, "abdc2eff"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000740)={0x44, &(0x7f0000000180)=ANY=[@ANYBLOB="601004000000cf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

23m54.717686736s ago: executing program 0 (id=8007):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(r3, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',fscache'])
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)

23m54.551783949s ago: executing program 0 (id=8010):
r0 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001800)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
ftruncate(r0, 0x80000001)

23m54.47631988s ago: executing program 0 (id=8013):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x4, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
mkdir(&(0x7f0000000040)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r3, &(0x7f0000000180)=ANY=[@ANYBLOB="1500000065ffff097b00000800395032303030"], 0x15)
r4 = dup(r3)
write$FUSE_BMAP(r4, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r4, &(0x7f0000000440)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, 0x0, &(0x7f0000000b80), 0x0, &(0x7f0000000580)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r4}})

23m54.367340402s ago: executing program 0 (id=8014):
syz_mount_image$f2fs(&(0x7f0000000000), &(0x7f0000000080)='./file1\x00', 0x0, &(0x7f00000069c0)=ANY=[@ANYBLOB="6c617a7974696d652c6e6f696e6c696e655f78617474722c6c617a7974696d652c6e6f626172726965722c6163746976655f6c6f67733d342c757365725f78617474722c6d6f64653d6c66732c616c6c6f635f6d6f64653d64656661756c742c00be9ee044c45511e65887f6fac9eba6d787c3684a836f23dbf8ad3dd5931c08b4d8bde7e8acbbf3bf3326f2faa5952a332ad2ced40c98a2affa2dad4d623f9ff3ffa81e45095548ab6200f069d0f63d20fd71d3043b0dd5c4cf9785f3f531abc19bc1678f5e0b33006bd1049ca45fd8500d67a5aa6e1c23d900000000007867738729e703bb122283fb2fae9813a0cfefcdf3dc968af1cf80e96649d943198a96d9b1af9c91506b30922be8537f54e65cf60c6b6a5798955796aea325770d6ccc93a95fad93b2c7bad114fcbc55036a301c23b07073c71555791db8919235022bb0ee4294211ab9b43f3fbedecd223722d937aa22b31e2e9c97e5ea94e4ab83d4e5811c7556813c334aec856af0a0c12b3c93ba5aa906c6e2268a0c6cbbb13f496d87c608604eb02b2c031d5ae40c75"], 0x1, 0x5531, &(0x7f0000000b00)="$eJzs3EtvG1UUAODrpOmbEiEW7DpShZRItVWnSQW7AK14iFQRjwUr6tiO5db2RLHjhKxYsEQs+CcIJFYs+Q0sWLNDLEDskIo89wY1PCpQHJsk3ydNz8yd6zPnjqpEZyZyAM6s+ezXn0vhWrgUQpgNIVwNodgvpa2wGsMLIYTrIYSZJ7ZSGv9j4HwI4XII4dooecxZSqc+vzm8sfLTW798892Fc1e++Pr76a0amLYXQwjdrbi/240xb8X4MI3Xhu0idpeHKcYT3UfpOI9xt7lRZNitHcyrFfF2K87Pt3b6o7jZqdVHsdXeLMa3evGC/WHrIE/xgYe17eK40dwoYrufF7G1H+va248/2/b7g5inkfJ9VKQPg8FBjOPNvWZcz9ajItZ7gzQe8+aN5t4oDlNMlwv1vNMo6tg4yp3+f3u73dvZy4bN7X4772UrlepLleqdcnU7bzQHzeVyrdu4s5wttDqjaeVBs9ZdbeV5q9Os1PPuYrbQqtfL1Wq2cLe50a71smq1crtyq7yymPZuZq/ffz/rNLKFUXy13dsZtDv9bDPfzuInFrOlyu2XF7Mb1ezdtfVs/Z1799bW3/vw7gf3X1l787U06S9lZQtLt5aWytVb5aXq4sld/+h3/X9a/yep6DGuH46k9LSTDyZXB8AJov8HpmGi/f9cGHv/H/T/Y6H/P7Prf5wc7QZytj21/wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DT7Ye7LN4qd+Xh8JY0/k4aeS8elEMJMCOHx35gN5w/lnE155v5h/tyfavi2FIoMo2tcSNvlEMJq2n579rjvAgAAAJxeX318/bPYrcd/5qddEJMUH9rMXH0wpnylEMLc/I9jyBLSw6bw/NGrikb/v8+FvTFlKx5gXRxTsvjI7dy4sv0rs4fCxSdCKYaZg5nnJ1oXAABwnA53ApPtQgAAAJikT6ddANNRvGlNf4ufXvNdiCG9ELx06AgAAAA4gUrTLgAAAAA4dkX/7/v/AAAA4HSL3/8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAL+zcze5aQNRAICfDS609AdV3fcq3cExeoQuu4y4CkcgV8gFOAPZZZtdBBH2JAoRhBAbE6Lvk+xhbOvxjPDijUcDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABzTdTEbX1787teNs1zV08zdAAAAANssitm4/DCs+oN0/Fs69DP1s4jII2Jb7d6JTxsxOylOseP64lkOVxFlhPV39NL2JSL+pO3ux7F/BQAAAPi45pPpqKrWq93w1AnRpmrQJv/6t6F4WUQUw5uGouXr3a9XXbraPz60/n934/+Os9lhqZUDW1F7ysyDcsit21S0/TrpcX9s+k+arGry9tIBAADaslkJtFiFAAAA0LJ/p06A0yjfeqa5+GkCf69q0gvBzxs9AAAA4AwdOusZAAAAeI8GL54t6/8zWP/v+631/wAAAODNqvX/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOKZFMRvPJ9NR3TjLVT3N3A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAPfvzjsIwDAZhcJMor07oAr7/Lc2C3bp1MwOCj38rAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABceRwvzzNejZlso9eZ5N3zSvLp1Ph2avw6N/5Jxrr7NwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fvGzcVBwD8e+fzlRYQIaAMQYhKDLDQ9FpaujKAIgb+BKQovZbAlR9tBlpVoCxsKHMXBCNCSKCw9X/o3EpdytbhhiIxMYDss5PXo4iDKvaRfD7S8/vacvy+z4mifP2cAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnMvzorNwiTuVsduP7i+XvR3pvrCze27y0Ur4s7fXP+L/Up8/r2Y7nSW2ksEAACAwyOr6/uIfuQ7q0XQXSjr/7w+p6j5v3l6Etf1/HTdX/d17V+0n3+6//zuQAuTcYqLXtgYDU/+NZVeto/znGfP/OMZvfLOl89esvIb0n1n67lxXt7Pzle3br3VL8MjTWQLAPwXJ+q+Cuq/h4p+0GZiABwavaoV7lX1f7bQbk4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATehvxZN13ImI5d5eXLjz4Pp62U/t39y+u1y3szdubKfXLC6RR8SFjdHwZFMT+R+4cvXah2uj0fBy88FLEdHe6FXw3gznRLSZoeBxg271sz7bVx2PiPZzbj9o+RcTAAAHTl61oq6/l++sFsc6ixF/fPtw/f9KEkda/0/1af1///2zt9Ox0vp/0NgM59/K5qVPVq5cvfbaxqW1i8OLw49ePzV4Y3D63Jkz51bKZyUrnpgAAADwePpVS+v/7mLEeGr9/1gSx4z1/6dfDz5Px8rU/4+0t+jXdiYAAACH27PHf/u184jjnX4/Plvb3Lw8mGx3909Nti2k+q8dqVpa/2eLbWcFAAAANGG81Xlo/f98EseM6/9PfffCD+k1s4g4Wq3/n1j/eHS+uem05PeZzmri34n3faoAAADMtaNVS9f/8/L9/+7uKw/diHj15UlcfQzgTPV/9vaX36djpe//n25uinOpuzS5H2W/FNFbajsjAAAADrInqlYU+7/kO6sf/Hjs3b73/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACa9mcAAAD//6vIRLE=")
openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x143042, 0x111)
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2500000000040000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000040000008500000006000000850000005000000095"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x18)
socket$inet_udp(0x2, 0x2, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r3 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r3])
write$FUSE_BMAP(r3, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
write$FUSE_DIRENTPLUS(r3, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',fscache'])
mount$incfs(0x0, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

23m53.822506729s ago: executing program 0 (id=8016):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002180)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00'}, 0x10)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000001800)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
ftruncate(r3, 0x80000001)

23m53.05687695s ago: executing program 0 (id=8020):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',fscache'])
chdir(&(0x7f0000000000)='./file0\x00')
mount$incfs(0x0, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

23m53.05674078s ago: executing program 33 (id=8020):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, 0x0, &(0x7f0000000240), 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x4}}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1, @ANYBLOB=',fscache'])
chdir(&(0x7f0000000000)='./file0\x00')
mount$incfs(0x0, &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0)
fchownat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0)
listxattr(&(0x7f0000000100)='./file0\x00', 0x0, 0x0)

6m16.002168658s ago: executing program 4 (id=12299):
r0 = socket$tipc(0x1e, 0x5, 0x0)
r1 = socket$tipc(0x1e, 0x2, 0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000000)={0x42, 0x1}, 0x10)
bind$tipc(r2, 0x0, 0x0)
setsockopt$TIPC_GROUP_JOIN(r1, 0x10f, 0x87, &(0x7f0000000000)={0x2000042, 0x4}, 0x10)
sendmsg$tipc(r0, &(0x7f0000000380)={&(0x7f0000000140)=@name={0x1e, 0x2, 0x3, {{0x42, 0x4}}}, 0x10, 0x0}, 0x14)

6m15.985009358s ago: executing program 4 (id=12300):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000040000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000060000001811", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000800)=@bpf_tracing={0x1a, 0x2, &(0x7f0000000400)=@raw=[@cb_func={0x18, 0x0, 0x4, 0x0, 0xfffffffffffffffc}], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x22, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000700)={0x5, 0xb, 0x3ff, 0x7fff}, 0x10, 0xb90d, 0xffffffffffffffff, 0x1, &(0x7f0000000740)=[r0, 0xffffffffffffffff, r0, 0xffffffffffffffff, 0xffffffffffffffff], &(0x7f0000000780)=[{0x2, 0x2, 0x10, 0xb}], 0x10, 0x3, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0x0, &(0x7f00000000c0), &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = syz_open_dev$tty20(0xc, 0x4, 0x1)
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f0000000640)=0x13)
ioctl$TCSETA(r2, 0x5406, &(0x7f0000000280)={0xfeff, 0x8, 0x8, 0xfffe, 0x11, "0100000000000080"})
ioctl$TIOCL_GETMOUSEREPORTING(r2, 0x5412, &(0x7f00000006c0)=0xa)

6m15.963635888s ago: executing program 4 (id=12301):
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r0=>0x0, <r1=>0x0})
close(r0)
setsockopt$sock_attach_bpf(r1, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={<r2=>0x0, <r3=>0x0})
close(r2)
setsockopt$sock_attach_bpf(r3, 0x10f, 0x87, &(0x7f0000000180), 0x4bd)
socketpair(0x1e, 0x80005, 0x0, &(0x7f0000000000)={0x0, <r4=>0x0})
setsockopt$sock_attach_bpf(r4, 0x10f, 0x87, &(0x7f0000000180), 0x127)

6m15.905863049s ago: executing program 4 (id=12304):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
socket(0x10, 0x803, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000180))
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000002000/0x18000)=nil, &(0x7f00000000c0)=[@text16={0x10, &(0x7f0000000040)="0f01cb650f741065666765f36f0f330f09660f3a0cb9000000752066b9800000c00f326635004000000f300f01d7ba4100ed", 0x32}], 0x1, 0x12, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000000)={0x1, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x0, 0x0, 0x8000, 0x40, 0x0, 0x0, 0x2004cb, 0x0, 0xfffffffffffffffe, 0x3, 0x0, 0x4, 0x0, 0x2, 0x0, 0x7fffffff], 0x80a0000})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m15.84957254s ago: executing program 4 (id=12308):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r1, 0x2000000, 0xe, 0x0, &(0x7f00000004c0)="630b008646dc3f0adf33c9f7b986", 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x2}, 0x50)

6m15.781191611s ago: executing program 4 (id=12312):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x98, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
setsockopt(0xffffffffffffffff, 0xff, 0x1, 0xfffffffffffffffe, 0xfd8f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.write_iops_device\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f00000000c0)=ANY=[], 0x6a)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ptrace(0x10, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x800088c)

6m0.778544668s ago: executing program 34 (id=12312):
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x98, &(0x7f00000005c0)={[{@nogrpid}, {@min_batch_time}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@nobarrier}, {@nodiscard}, {@quota}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
setsockopt(0xffffffffffffffff, 0xff, 0x1, 0xfffffffffffffffe, 0xfd8f)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), 0x0}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x10, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, &(0x7f0000000000)={{&(0x7f0000ffc000/0x3000)=nil, 0x3000}, 0x1})
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
sendmsg$TCPDIAG_GETSOCK(0xffffffffffffffff, 0x0, 0x0)
r4 = openat$cgroup_int(0xffffffffffffffff, &(0x7f0000000040)='blkio.throttle.write_iops_device\x00', 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f00000000c0)=ANY=[], 0x6a)
sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000001000/0x4000)=nil)
ptrace(0x10, 0x1)
truncate(&(0x7f0000000000)='./file1\x00', 0x800088c)

3m10.890357198s ago: executing program 7 (id=13502):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61127000000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000d60602000f02000067060000200000007a0a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611e6dd581c52698f9542a444a8a3969946faded5275c00"/417], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e3, &(0x7f00000004c0)="$eJzs3M1uG0UcAPD/bp20TUvtShz4uFiARCRE0qQtUAkkIi4c2hM9cMSK0xLVaVBjJFpFfAjEDSQQDwAH4BE4woF3gDNwgEoRyoGUm9Hau46J7bRpHYyS308aeWZn65nd6ax3J7MTwKFVjYiXI+JIRJyJiHK+Pc1DvN8J2X5bm+uLf2+uLybRar32ZxJJvq34riT/PJF/wXQakX6UxOMDyl27eetardFYupGnZ5srb82u3bz17PJK7erS1aXr88+dPXf+/AsX5p8f2bFurCSfPPXNxd8++7j++U9/fF/J6nsyz+s9jlGpRrV7Tna6MOrCxuxYTzwpjbEiAADsKs3v/Uvt+/9yHIntm7dyfPrjWCsHAAAAjESrVXwCAAAAB1fi2R8AAAAOuGIewNbm+mIRxjgdgf/YxkJEVDrtfycPnZxS953eiR3v945SNSJePXZpPguxT+9hAwAAABxmPyx0Fv7rH/9L45Ge/Y5HxFSxtt8IVXek+8d/0tsjLpIeGwsRL0bEnb7xv7TYpXIkTz3UHiqcSK4sN5bORMSpiJiOiaNZem6XMt594tq3w/J6x/++/PX1uaz87HN7j/R26ei//0291qw9yDGzbeODiMdKg9o/6Y759q6TeT/eWN56aVhe1v5Zexehv/3ZT62vIp4e2P+3Vy5Ndl+fdbZ9PZgtrgr9fjn59YfDyu/t/1nIyi/+FsD+y/r/1O7t314nt7te79rey/jur0s/D8u7e/sPvv5PJpfbFZzMt71TazZvzEVMJhf7t/vf1FWcj+J8Ze0//eTg3//i/i/Jf/tP9awPvRevvHf68rA8/X+8svav76n/7z3y5tSj08PKv7f+f65dmeJL3P/d3b020LjrCQAAAAAAAMBopO25fUk6042n6cxMZ57vwzGVNlbXms9cWX37er0zB7ASE2kx06vcMx90rvMaeTc9vyN9NiJOR8QX5ePt9MziaqM+7oMHAACAQ+LEkOf/zO/387IHAAAA8P9UGXcFAAAAgH3n+R8AAAAOtAdZ119EROSgRsZ9ZQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA43P4JAAD//+0cwvs=")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
syz_init_net_socket$bt_rfcomm(0x1f, 0x3, 0x3)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = dup(0xffffffffffffffff)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r3)
io_setup(0x200, &(0x7f0000000140))
creat(&(0x7f0000000000)='./bus\x00', 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)

3m9.718226453s ago: executing program 7 (id=13505):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @quota={{0xa}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_QUOTA_FLAGS={0x8}, @NFTA_QUOTA_CONSUMED={0xc, 0x4, 0x1, 0x0, 0x2}, @NFTA_QUOTA_BYTES={0xc, 0x1, 0x1, 0x0, 0x9}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0xa}}}, 0x8c}}, 0x40880)

3m9.658213694s ago: executing program 7 (id=13506):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@test_dummy_encryption}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x3, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
syz_mount_image$fuse(0x0, &(0x7f0000000e80)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
chdir(&(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00')
unlink(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prlimit64(0x0, 0x4, &(0x7f0000000440)={0x80000001, 0x81}, &(0x7f0000000480))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000004000000b703000000000000850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x200488c1}, 0x0)
unlinkat(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

3m8.722751727s ago: executing program 7 (id=13509):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000180)='rpc_pipefs\x00', 0x1, 0x0)

3m8.721737587s ago: executing program 7 (id=13511):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)

3m8.675751858s ago: executing program 7 (id=13513):
socket$packet(0x11, 0x2, 0x300)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x2})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x8000000, 0x6000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

3m8.626484299s ago: executing program 35 (id=13513):
socket$packet(0x11, 0x2, 0x300)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x9)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000000)={0x8080000, 0x1d000, 0x2})
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000180)={0x8000000, 0x6000})
ioctl$KVM_UNREGISTER_COALESCED_MMIO(r1, 0x4010ae68, &(0x7f0000000040)={0xdddd0000, 0x10000})

1m23.144104416s ago: executing program 1 (id=14235):
r0 = syz_open_dev$usbfs(&(0x7f0000000080), 0x1ff, 0x101301)
ioctl$USBDEVFS_RESET(r0, 0x5514)

1m23.121679076s ago: executing program 1 (id=14236):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b000000000000000000"], 0x48)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000b80)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x50)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000380)={r4, r1, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x1c)
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x3, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x29, 0x0, @empty, @empty}, {0x0, 0x0, 0x18, 0x0, @wg=@data}}}}}, 0x0)

1m22.664788823s ago: executing program 1 (id=14238):
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000480)={0x24, 0x0, 0x0, &(0x7f0000000080)=ANY=[], 0x0}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000022c0)={[{@errors_remount}, {@nobarrier}, {@init_itable}, {@errors_remount}, {@block_validity}, {@dioread_lock}]}, 0x3, 0x44b, &(0x7f0000000780)="$eJzs3MtvG1UXAPAz46TvfslXlUcfQKAgKh5Jk5bSBRsQSCxAQoJFWYYkrUrdBjVBolUFBaGyRJXYI5ZI/AWsYIOAFRJb2KNKFeqmhZXR2DON7dpJ4zqegn8/adx7Z8a953jm2nfm2glgaE1kD0nEjoj4LSLGGtXWHSYa/9y8fnHur+sX55Ko1d78M6nvd+P6xbli1+J524vKSET6aRL7OrS7dP7C6dlqdeFcXp9aPvPe1NL5C8+eOjN7cuHkwtmZY8eOHJ5+/ujMc33JM8vrxt4PF/fvefXtK6/PHb/yzk/fJEX+bXn0ycRqG5+o1frcXLl2NpWTkRIDYV0qjW4ao/X+PxaVWDl4Y/HKJ6UGB2yoWq1Wu7/75ks14D8sibIjAMpRfNBn17/FMqChxz3h2ouNC6As75v50tgyEmm+z2jb9W0/TUTE8Ut/f5ktsTH3IQAAWnyXjX+e6TT+S6P5vtD/8jmU8Yj4f0TsioijEbE7Iu6LqO/7QEQ8uM722ydJbh//pFd7SuwOZeO/F/K5rdbxXzH6i/FKXttZz380OXGqunAof00OxujmrD69Shvfv/zr5922NY//siVrvxgL5nFcHdnc+pz52eXZu8m52bWPI/aOdMo/uTUTkETEnojY22Mbp576en+3bWvnv4o+zDPVvop4snH8L0Vb/oVk9fnJqS1RXTg0VZwVt/v5l8tvdGv/rvLvg+z4b+t4/t/Kfzxpnq9dWn8bl3//rOs1Ta/n/6bkrZZ1H8wuL5+bjtiUvNYIemV95dxM234zK/tn+R880Ln/74qVV2JfRGQn8UMR8XBEPJLH/mhEPBYRB1bJ/8eXHn+39/w3Vpb//LqO/0phU7Sv6VyonP7h25ZGx9eTf3b8j9RLB/M1d/L+tznWjqu3sxkAAAD+fdKI2BFJOnmrnKaTk43v8O+ObWl1cWn56ROL75+db/xGYDxG0+JO11jT/dDp/LK+qM+01Q/n942/qGyt1yfnFqvzZScPQ257l/6f+aNSdnTAhuttHi3texzA4Pm9Jgwv/R+Gl/4Pw6tD/99aRhzA4HX6/P+ohDiAwRtpesz/JhgwJNa8/r8xmDiAwXP/D4aX/g9DaWlrrP0jeQWF2wqRbsD/HFtKz6vMQvGV2nshnpLfmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrknwAAAP//qkbiWw==")
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec8500000075000000040000000700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x69703000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000280)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000000d40)='./file0\x00', 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020}, 0x2020)
syz_usb_connect$hid(0x2, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000010c41090ea40000000040109022400010000000009040000010e01000009210000000122050009058103"], 0x0)

1m19.502109946s ago: executing program 1 (id=14259):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x2125099, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='mountinfo\x00')
sendfile(r0, r0, &(0x7f0000000000)=0x2eb4, 0x2000007ff)

1m19.419853187s ago: executing program 1 (id=14262):
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r1 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x8)
bind$bt_hci(r0, &(0x7f0000000000)={0x1f, 0xffff, 0x3}, 0x6)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000100)={0x36, &(0x7f0000000280)=[{0x2, 0xa6, 0x2, 0x3}, {0x2, 0x8, 0x8, 0xfffc}, {0xaee, 0x2, 0xac, 0x1000}, {0x40, 0xaf, 0x5, 0x2}, {0x6, 0x80, 0x0, 0x2}, {0x0, 0x3, 0x5, 0x9}]}, 0x10)
write$binfmt_misc(r0, &(0x7f0000000100), 0x6)

1m19.361860058s ago: executing program 1 (id=14266):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000002280), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}}, 0x10)

1m19.361810558s ago: executing program 36 (id=14266):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl802154(&(0x7f0000002280), r0)
sendmsg$NL802154_CMD_NEW_INTERFACE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000001c0)={0x20, r1, 0x1, 0x70bd26, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc}]}, 0x20}}, 0x10)

9.575304399s ago: executing program 5 (id=14516):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0400000000000000"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)

8.536885693s ago: executing program 5 (id=14520):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240))
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000080)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050427bd7000fedbdf2501000000", @ANYBLOB], 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
io_setup(0x3ff, 0x0)
io_setup(0x9, &(0x7f0000000000)=<r3=>0x0)
io_destroy(r3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040), 0x0)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x40, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

6.921148585s ago: executing program 8 (id=14522):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)

5.885029159s ago: executing program 3 (id=14524):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='br_fdb_add\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r4, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

5.84530073s ago: executing program 3 (id=14525):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='sched_switch\x00'}, 0x18)
fsopen(&(0x7f0000000100)='bpf\x00', 0x0)

5.765155291s ago: executing program 8 (id=14526):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d"], 0x0)
ppoll(&(0x7f0000000d40)=[{r2}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)

4.441153439s ago: executing program 8 (id=14528):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

4.320861211s ago: executing program 3 (id=14530):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0400000000000000"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.292355661s ago: executing program 9 (id=14531):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000002540)={{r0}, &(0x7f00000024c0), &(0x7f0000002500)}, 0x20)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d13"], 0x0)
ppoll(&(0x7f0000000d40)=[{r2}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)

4.055631154s ago: executing program 9 (id=14533):
socket(0x1e, 0x4, 0x0)
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$packet_tx_ring(r0, 0x10f, 0x87, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
futex(&(0x7f0000000040)=0x2, 0xc, 0x1, &(0x7f0000000100), &(0x7f0000000140)=0x1, 0x2)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYRES32, @ANYBLOB, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/27], 0x48)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000000)={@multicast1, @local}, 0xc)
getsockopt$inet_buf(r4, 0x0, 0x29, &(0x7f0000000000)=""/145, &(0x7f0000695ffc)=0x24b)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
dup(0xffffffffffffffff)
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)

3.153087497s ago: executing program 8 (id=14534):
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000000980)=ANY=[@ANYBLOB="61124c00000000006113860000000000bf2000000000000007000000080000002d030100000000009500000c000000006926000000000000bf67000000000000150600000fff070056060000200000006a0200000ee60000bf050000000000003d350000000000006507000002000000070700004a0000000f75000000000000bf54000000000000070400000400f9ff6d53010000000000840400000000000073720000000000009500000000000000db13d5d8b741f2cdaabc8383caf56b8c2b84a8d09535a157f9005bd38addaa65b925cd3ded85d3cdd66d9c79f0529d045625b8b9e2a095d2c51ef45c5588ec78c7f32946b17cecfe54c53ab530c58b67851b7e0e82452a083b98a6aa766401047d150203b0417edef332233b081df18961d6822d133bf72a4de1c2ea17f04537fc211576846ac629d1d93265ba474580047a9dc88de358ce795731891a2031de4e09740c64e5306f991ed4785a9773a433e0db9c1a7d4ab9d658ce9cfdb4db3bed62bcb2bc91ddcdfac2e6d4421c49fb6641cbf56914e76702f673b586c700e3806f825f1d0da2a304e06543b56d35235d7897a7fe912971aab876022e96f5143b6234f5a6b701690b07fb664b44e22b72e843e7cf55f394cf75d1cd57c9150bfb98cc45b3fde43e42e150d4a2fddd9a9767748ca3522443097c55dc97c09d38485b18ad2cff787338bab324336f50c97b751f2ed2c4281858b428d1b2c1194b06f9bb7ffcc95c1bcfc5540f9574f20e7f513a2a7c5dad90e7d479724d69fa0c0bf97af1231a49ea166f743279d240e2e6f01d8704f313d68b16198be5f6a50e9e0fd20893b2922df566d2622edee5000000000000000000d91c6da09fa7cdbbf16d4780d8c2401c55aff772aced3ff966ff76d796c171f5f7a31e1b14b0c0c712c0fdd2710f37a3d15710d68e7326a7db043c57784bd9bdb047db75"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0x7, 0x4, 0x208, 0x21, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="180000000000000000000000000000001812", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000001850000001b000000b70000000000070095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r1 = syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000240)='./file1/file0\x00', 0x200010, &(0x7f0000000340)={[], [{@euid_eq}]}, 0xfe, 0x57a, &(0x7f0000000580)="$eJzs3U1rG0cfAPD/yi95fZ44EELbQzHk0JQ0cmz3JYUe0mNpQwPtPRWyYoLlKFhyiN1AkkNzyaWEQikNlH6A3nsM/QL9FIE2EEow7aEXlZVXjhJJsezItlr9frDJzM6uZ0azM5rRSmwAQ2sy/ScX8WpEfJ1EHGlJG40scXL9uLUnN4rplkS9/tkfSSTZvubxSfb/oSzySkT88lXEqVx7vtWV1YVCuVxayuJTtcWrU9WV1dOXFwvzpfnSlZnZ2bPvzM68/967favrmxf++u7TBx+dvXti7dufHh29l8S5OJyltdbjJdxqjUzGZPaajMW55w6c7kNmgyTZ6wKwLSNZPx+LdAw4EiNZrwf++25GRB0YUon+D0OqOQ9oru37tA7+13j84foCqL3+o+ufjcT+xtro4FryzMooXe9O9CH/NI+ff79/L92if59DAGzq1u2IODM62j7+Jdn4t31nejjm+TyMf7B7HqTzn7c6zX9yG/Of6DD/OdSh727H5v0/96jDaUm/PqVO538fdJz/bty0mhjJYv9rzPnGkkuXy6V0bPt/RJyMsX1p/EX3c86uPax3S2ud/6Vbmn9zLpiV49HovmfPmSvUCi9T51aPb0e81nH+m2y0f9Kh/dPX40KPeRwv3X+9W9rm9d9Z9R8j3mhp/6cpyTOhF9yfnGpcD1PNq6Ldn3eO/9ot/72uf9r+Bzte/xv1n0ha79dWt57HD/v/LnVL2+71P5583giPZ/uuF2q1pemI8eST9v0zT89txpvHp/U/eeLF41+n6/9ARHzRY/3vHLvT9dBBaP+5LbX/1gMPP/7y+27599b+bzdCJ7M9vYx/vRbwZV47AAAAAAAAGDS5iDgcSS6/Ec7l8vn173cci4O5cqVaO3WpsnxlLhq/lZ2IsVzzTveRlu9DTGffh23GZ5rx8fX4bEQcjYhvRg404vlipTy315UHAAAAAAAAAAAAAAAAAACAAXGoy+//U7+NdDxlfHdLCOwoj/yG4bVp/+/Hk56AgbTV9/99O1QOYPdta/5/oP/lAHaf9T8MqbG9LgCwl7z/w/DS/2F46f8wvPR/AAAAAAAAAAAAAAAAAAAAAAAAAAAA6KsL58+nW33tyY1iGp+7trK8ULl2eq5UXcgvLhfzxcrS1fx8pTJfLuWLlcXN/l65Urk6PRPL16dqpWptqrqyenGxsnyldvHyYmG+dLHkaUMAAAAAAAAAAAAAAAAAAADQrrqyulAol0tLAoMdGBmMYrQHRgejGL0GbsZAFGNnA3f70Ls7DBbFXR6cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACDzTwAAAP//dzsyzQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x28f43000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="19000000040000000400000008"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000001500000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8efffffb703000008000000b704000000000000850000000300008071ffffdcf4753e4d"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
ioctl$AUTOFS_IOC_PROTOSUBVER(r4, 0x80049367, &(0x7f0000000380))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000001c80)={{r5}, &(0x7f0000001c00), &(0x7f0000001c40)=r6}, 0x20)
r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000df00"/28], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b7140000000000008500000055000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r8 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r9 = openat$cgroup_int(r8, &(0x7f00000001c0)='cpuset.cpus\x00', 0x2, 0x0)
mknodat$loop(r1, &(0x7f0000000400)='./file1/file0\x00', 0xc000, 0x0)
write$cgroup_int(r9, &(0x7f0000000040), 0x1)

2.681776423s ago: executing program 6 (id=14535):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0x9, 0x4)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000300)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, 0x0, &(0x7f00000006c0)=r2}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'ip6_vti0\x00', <r4=>0x0})
sendto$packet(r0, &(0x7f0000000180)="10030600e0fc020004004788aa96a13bb1000011", 0x14, 0x0, &(0x7f0000000140)={0x11, 0x0, r4}, 0x14)

2.681326303s ago: executing program 5 (id=14536):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)

2.661139344s ago: executing program 6 (id=14537):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$usbfs(&(0x7f00000001c0), 0x800000001fe, 0x181002)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
r7 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x1)
sendfile(r7, r6, 0x0, 0x80000000)
fsmount(r6, 0x0, 0xb)
fsopen(&(0x7f0000000240)='ntfs\x00', 0x1)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

2.611394444s ago: executing program 3 (id=14538):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d"], 0x0)
ppoll(&(0x7f0000000d40)=[{r2}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)

2.607790394s ago: executing program 9 (id=14539):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
linkat(0xffffffffffffffff, &(0x7f0000000100)='./file1\x00', 0xffffffffffffffff, 0x0, 0x0)

2.546234335s ago: executing program 9 (id=14540):
timer_create(0x2, &(0x7f0000533fa0)={0x0, 0x27, 0x1}, 0x0)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
listen(0xffffffffffffffff, 0x3)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_clone3(&(0x7f0000000780)={0x1c3002480, 0x0, 0x0, 0x0, {0x2b}, 0x0, 0x0, 0x0, 0x0}, 0x58)

2.531221615s ago: executing program 3 (id=14541):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r3}, 0x0, &(0x7f0000000040)}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)

2.252868279s ago: executing program 5 (id=14542):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000a5df850000002d00"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'bridge0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="280000001c000100000000000000000007000000", @ANYRES32=r3, @ANYBLOB="4000aa000a0002"], 0x28}}, 0x0)

2.21026369s ago: executing program 6 (id=14543):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000006c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
setsockopt$sock_timeval(r5, 0x1, 0x14, &(0x7f0000000000)={0x0, 0xea60}, 0x10)
io_submit(0x0, 0x2, &(0x7f0000000380)=[&(0x7f00000001c0)={0x0, 0x4, 0x0, 0x0, 0x1, r5, &(0x7f0000000100)="02", 0x1}, &(0x7f0000000080)={0x0, 0x0, 0x2, 0x3, 0x0, 0xffffffffffffffff, 0x0}])
io_submit(0x0, 0x0, &(0x7f0000000180))
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)

2.095344961s ago: executing program 5 (id=14544):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r5, r6, 0x0, 0x20000023896)

2.090833522s ago: executing program 8 (id=14545):
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
syz_open_dev$usbfs(&(0x7f00000001c0), 0x800000001fe, 0x181002)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$sock_linger(r0, 0x1, 0x3c, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
getpeername$packet(0xffffffffffffffff, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x2d)
r6 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00')
sendfile(0xffffffffffffffff, r6, 0x0, 0x80000000)
fsmount(r6, 0x0, 0xb)
fsopen(&(0x7f0000000240)='ntfs\x00', 0x1)
bind$inet(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x12, 0xc, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)

733.0176ms ago: executing program 6 (id=14546):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x58, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800", @ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fgetxattr(r2, 0x0, 0x0, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
r4 = dup(r3)
ioctl$KVM_SET_VAPIC_ADDR(r4, 0x4008ae93, &(0x7f00000000c0)=0x10000)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

690.206701ms ago: executing program 8 (id=14547):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$team(&(0x7f00000044c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000240))
sendmsg$TEAM_CMD_OPTIONS_SET(r0, &(0x7f0000004bc0)={0x0, 0x0, &(0x7f0000004b80)={&(0x7f0000000080)=ANY=[@ANYBLOB='d\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="050427bd7000fedbdf2501000000", @ANYBLOB], 0x64}, 0x1, 0x0, 0x0, 0x4000401}, 0x44084)
r2 = fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
setsockopt$TIPC_GROUP_LEAVE(r2, 0x10f, 0x88)
syz_usb_connect$cdc_ncm(0x1, 0x0, 0x0, 0x0)
io_setup(0x3ff, 0x0)
io_setup(0x9, &(0x7f0000000000)=<r3=>0x0)
io_destroy(r3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = socket$inet6(0xa, 0x3, 0x6)
setsockopt$inet6_buf(r5, 0x29, 0x39, &(0x7f0000000040)="ff02040000b5ffffffffffff", 0xc)
connect$inet6(r5, &(0x7f0000000080)={0xa, 0x4e20, 0x40, @private1={0xfc, 0x1, '\x00', 0xa}, 0xae3e}, 0x1c)
sendmmsg$inet6(r5, &(0x7f0000002940)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}}], 0x62, 0x0)

420.535344ms ago: executing program 6 (id=14548):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_read_part_table(0x635, &(0x7f0000000000)="$eJzs3D9oXeUbB/DvSe899yaFtr8fTl1SncViZ28NSHqpdKp061IVJFQc4lSx5Ea6mCGDg7NLEbLUumjo4KAt4iROoYNacRWkqNQiPXLuOfdPBEFsOwifz5Dzvs953vd5n5yTMSf8py2kmxTjYS+dJMdf/kvGZiYJ6df5Sapue+/czuqp01VVVUWdcz7dPPn5oetJOu2S/nSbqqo2ppOTufrB0o13i1F353Zd9ObWgTq82BzjSPL0wbI/3mZuh1TVvoP1HuXvgX/n2uBWUVwp29lTvzxYST76efXs7pmt966/2IY3ki+T+vm/U78Xk+y3cvHYhc54WD/lN+f3/bW5lLPI7HEvprPvDKMr68PtlcHa3iRwdLjz6WvP/X7sRqoT+arsLExuFLP9ymT08O3X/R+u3/7tS4O1veHlxemNJ97//xdZbid3qypH6pL/y/hPZ/kRVAYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4HG4NriVZDTcTtb2hr02unp298xWmeSFV/tt6Pj8qgPt9WIu3KmvG1lPfvgk3fmkov4xjiyku9LEvl+unhkPOpP6vcVmcGmwtje8v5TcefbB0WGzKjc/OzErtzHdeTfPt6N7VWM82fy7JtsS1eEm7+v78/0XnWR9uD2uf/nHotM0/HExmh5zIcnrvbzSNFPdK9u1f8zaAAAAAAAAAAAAAAAAAAAAgIeyeur0G3fb8fl+kp/eXqjHVa/5L/diqdiX/20vWTyZXO2nGK0kuf3Sb+U3h7a+az8dMEovoyQHP9w81y4p920w/URAkap8nJ3xT/wZAAD//8Wbezo=")
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_REGISTER_COALESCED_MMIO(r1, 0x4010ae67, &(0x7f0000000640)={0x0, 0xd000})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$FS_IOC_FIEMAP(0xffffffffffffffff, 0xc020660b, &(0x7f0000000000)=ANY=[@ANYBLOB="0400000000000000"])
ioctl$KVM_RUN(r3, 0xae80, 0x0)

407.582534ms ago: executing program 3 (id=14549):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='sched_switch\x00', r3}, 0x18)
r4 = fsopen(&(0x7f0000000100)='bpf\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)

377.920475ms ago: executing program 5 (id=14550):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000000580)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000000}}, {@noauto_da_alloc}, {@dioread_nolock}, {@test_dummy_encryption}, {@nobarrier}, {@nodelalloc}, {@minixdf}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x3, 0xba6, &(0x7f0000000c00)="$eJzs3M1rXFUUAPDzXj7bRicVEeumEZEWxGlaSbFFsJWKGxeCboWGdFJCph8kkZo0i4n+A6KuBTeCWpQu7LobBbdutG4tLoQisVEQ0cibjyQ2M0naTvJq8vvBzbt3zpvcc/KYeffCTALYsQayH2nEvog4nUQU6o+nEdFd7fVGVGrnLczPjvwxPzuSxOLi678mkUTE7fnZkcbvSurHPfVBb0R891ISj7y7et7J6Znx4XK5NFEfH5o6d/HQ5PTMs2Pnhs+WzpbOHz76/NCRoaODx4baVuufP5249vuTr/xc+euzv6/89sEnSZyIvnpsZR3tMhADS3+TlTojYrjdk+Wko17PyjqTznWelG5yUgAAtJSuWMM9FoXoiOXFWyG+/j7X5AAAAIC2WOyIWAQAAAC2ucT+HwAAALa5xucAbs/PjjRavp9I2Fq3TkZEf63+hXqrRTqjUj32RldE7L6dxMqvtSa1p923gYi4+eOxL7MWm/Q95LVU5iLi8WbXP6nW31/9Fvfq+tOIGGzD/AN3jP9P9Z9ow/x51w/AznT9ZO1Gtvr+ly6tf6LJ/a+zyb3rXuR9/2us/xZWrf+W6+9osf57bYNzXP70o0utYln9L1x7+YtGy+bPjvdV1F24NRfxRGez+pOl+pMW9Z/e4ByFfy6VWsXyrn/x44gD0bz+hmTt/090aHSsXBqs/Ww6x9y3Q5+3mj/v+rPrv7tF/etd/4sbnOPNU6eutoqtX3/6S3fyRrXXXX/k7eGpqYnDEd3Jq6sfP7J2Lo1zGr8jq//gU2u//pvVn70nVOp/h2wvMFc/ZuN37pjzxSuXv1qr/mzvl+f1P3OP1/+9Dc7x9DfvH2wVW7n/zVo2/82kthcGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIY0IvoiSYtL/TQtFiP2RMSjsTstX5icemb0wlvnz2SxiP7oSkfHyqXBiCjUxkk2PlztL4+P3DF+LiL2RsSHhV3VcXHkQvlM3sUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwZE9E9EWSFiMijYiFQpoWi3lnBQAAALRdf94JAAAAAJvO/h8AAAC2P/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANtne/ddvJBFROb6r2jLd9VhXrpkBmy3NOwEgNx15JwDkpjPvBIDc3OUe33IBtqFknXhvy0hP23MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4MF1YN/1G0lEVI7vqrZMdz3W1fQZ+7cwO2AzpXknAOSmY61g59blAWw9L3HYuZrv8YGdJFkn3rt8TuW/kZ5NywkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAB09ftSVpMSLSaj9Ni8WIhyKiP7qS0bFyaTAiHo6IHwpdPdm4J++kAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaLvJ6Znx4XK5NKGjo5NvJ3kw0qh18n5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgD5PTM+PD5XJpYjLvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIC8TU7PjA+Xy6WJDXSu3s3JKzp51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+DQAA//+LYA3r")
unlink(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
prlimit64(r0, 0x4, 0x0, &(0x7f0000000480))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge_slave_1\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1c0000005e000100"/20, @ANYRES32=r5, @ANYRES32], 0x1c}, 0x1, 0x0, 0x0, 0x200488c1}, 0x0)
unlinkat(0xffffffffffffffff, &(0x7f0000000380)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

253.168137ms ago: executing program 9 (id=14551):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a000000010000000800000008"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x80002, 0x88)
bind$inet6(r2, &(0x7f0000000000)={0xa, 0x10000000004e20, 0x0, @mcast2, 0x6}, 0x1c)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
syz_emit_ethernet(0x83, &(0x7f0000000240)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaf9ff030086dd601b8b97004d88c19edace00000000000000002100000002ff02000000000000000000000000000104004e20004d"], 0x0)
ppoll(&(0x7f0000000d40)=[{r2}], 0x25, &(0x7f0000000300)={0x0, 0x3938700}, 0x0, 0x0)

69.850609ms ago: executing program 6 (id=14552):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)

0s ago: executing program 9 (id=14553):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0xc906, &(0x7f0000000840)={[{@nobarrier}, {@noblock_validity}, {@mblk_io_submit}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@errors_remount}, {@acl}, {@noauto_da_alloc}, {@max_batch_time={'max_batch_time', 0x3d, 0x6}}, {@grpjquota, 0x32}], [{@defcontext={'defcontext', 0x3d, 'sysadm_u'}}]}, 0x1e, 0x4e1, &(0x7f0000000a40)="$eJzs3UFvG1kdAPD/OHGbtClJBYdSiVLRoqSC2klD24hDAQnBqRJQ7iUkThTFiaPYaZuoglR8ACSEAIkTJy5IfAAk1I+AkCrBfbW72tVqt9097GG3Xnlsd9PUbhLVsaP495Om897M2P//c+Nnv5knTwB962JEXIuI59VqtVYfbWzPNJZIImK7ftyzpw/naksS1eqdD5N0V61eO2xix3Oerj8khiLiFz+N+HXyatzy5tbybLFYWG/U85WVtXx5c+vq0srsYmGxsDo9PXVj5ubM9ZnJjrRzJCJu/fjdP/3+7z+59e/v3n/r7vsTv0ka22NHOzqt3vRs+lo0DUbE+mEE64GBRnuyvU4EAIB9aX7P/1ZEXInRGEi/zQEAAADHSfUHI/FZElFtYajl1pedbLdjaO/HAgAAAN2RSefAJplcYx7ASGQyuVx9Du/X4lSmWCpXvrNQ2lidr8+VHYtsZmGpWJhszBUei2xSq0+l5S/r13bVpyPibET8cXR4OJaKhdxcqTjf65MfAAAA0CdO7xr/fzJaH/8DAAAAx8xYrxMAAAAADp3xPwAAABx/xv8AAABwrP3s9u3aUm3e/3r+3ubGcune1flCeTm3sjGXmyutr+UWS6XF9Df7VvZ6vmKptPa9WN14kK8UypV8eXPr7kppY7Vyd+mlW2ADAAAAXXT2m4//n0TE9veH06XmRK+TArpi8CAHv3N4eQDdN9DrBICeOdDnP3CsZHudANBzyR77207e+U/ncwEAAA7H+NdbX/9P9jw3sJ3pUorAIXH+D/qX6//Qv1z/h/6VjYEwkIf+dvjX/6vVAyUEAAB03Ei6JJlcRHoeYCQymVwu4kx6W4BssrBULExGxFci4n+j2ZO1+lT6yGTPMQMAAAAAAAAAAAAAAAAAAAAAAAAAUFetJlEFAAAAjrWIzHtJ4/5f46OXR3afHziRfDqariPi/l/v/PnBbKWyPlXb/tGL7ZW/NLZf68UZDAAAAGC35ji9OY4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgE569vThXHPpZtwPfhQRY63iD8ZQuh6KwYg49XGSrpuSiBjoQPztRxFxrlX8pJZWjDWyaBV/uIfxMxFxugPxoZ89rvU/P2z1/svExXTd+v13I+2h3lzb/i9pHjGU9nOt+p8z+4xx/sk/823jP4o4P9i6/2n2v0mb+Jf2Gf9Xv9zaarev+reI8ZafP8lLsfKVlbV8eXPr6tLK7GJhsbA6PT11Y+bmzPWZyfzCUrHQ+HdHl3zxRekP3/jX89e1/1Sb+GN7tP/yPtv/+ZMHT79aL2ZbxZ+41Prv71yb+JnGZ9+3G+Xa/vFmebte3unCP/574XXtn6+3f/Cg//8T+2z/lZ//7u19HgoAdEF5c2t5tlgsrPd14Y1ejdrXoiPRisMsDMeRSKPDhd8ejTSOZKG3/RIAANB5r46BAQAAAAAAAAAAAAAAAAAAgG7r5q/rNW33pqkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK/1RQAAAP//2jzOsg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/cpuinfo\x00', 0x0, 0x0)
sendfile(r4, r5, 0x0, 0x20000023896)

kernel console output (not intermixed with test programs):

e found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[ 3023.758728][ T6377] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3023.767679][ T6377] usb 2-1: config 0 descriptor??
[ 3023.825772][ T5520] usb 4-1: new high-speed USB device number 89 using dummy_hcd
[ 3023.935830][ T5520] usb 4-1: device descriptor read/8, error -71
[ 3024.067053][T10548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13619'.
[ 3024.077978][T10548] device bridge0 entered promiscuous mode
[ 3024.084398][T10548] bridge0: port 3(macsec1) entered blocking state
[ 3024.091122][T10548] bridge0: port 3(macsec1) entered disabled state
[ 3024.098541][T10548] device bridge0 left promiscuous mode
[ 3024.165798][ T5520] usb 4-1: device descriptor read/8, error -71
[ 3024.235843][T17176] usb 9-1: USB disconnect, device number 4
[ 3024.247036][ T6377] hid-generic 0003:0955:7214.0022: unknown main item tag 0x0
[ 3024.254556][ T6377] hid-generic 0003:0955:7214.0022: unknown main item tag 0x0
[ 3024.262022][ T6377] hid-generic 0003:0955:7214.0022: unknown main item tag 0x0
[ 3024.269511][ T6377] hid-generic 0003:0955:7214.0022: unknown main item tag 0x0
[ 3024.277890][ T6377] hid-generic 0003:0955:7214.0022: unknown main item tag 0x0
[ 3024.288256][ T6377] hid-generic 0003:0955:7214.0022: hidraw0: USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.1-1/input0
[ 3024.506564][   T30] kauditd_printk_skb: 23 callbacks suppressed
[ 3024.506590][   T30] audit: type=1400 audit(1749286852.923:6963): avc:  denied  { read } for  pid=10537 comm="syz.1.13617" name="snapshot" dev="devtmpfs" ino=90 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:acpi_bios_t tclass=chr_file permissive=1
[ 3024.560480][ T1235] usb 2-1: USB disconnect, device number 65
[ 3024.954968][T10559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13622'.
[ 3026.406957][T10587] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3026.716633][T10590] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3026.924320][ T1235] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[ 3027.425860][ T1235] usb 9-1: Using ep0 maxpacket: 16
[ 3027.465902][ T1235] usb 9-1: too many configurations: 18, using maximum allowed: 8
[ 3027.514749][T12440] Bluetooth: hci0: Frame reassembly failed (-84)
[ 3027.545806][T17176] usb 2-1: new full-speed USB device number 66 using dummy_hcd
[ 3027.595825][ T1235] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 3027.603639][ T1235] usb 9-1: can't read configurations, error -61
[ 3027.758310][T10610] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13638'.
[ 3027.784288][ T1235] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[ 3027.955836][T17176] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3027.966953][T17176] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3028.055869][T17176] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3028.065028][T17176] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3028.073095][T17176] usb 2-1: SerialNumber: syz
[ 3028.075735][ T1235] usb 9-1: Using ep0 maxpacket: 16
[ 3028.083165][T17176] usb 2-1: config 0 descriptor??
[ 3028.115910][ T1235] usb 9-1: too many configurations: 18, using maximum allowed: 8
[ 3028.136427][T17176] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3028.143381][T17176] usb 2-1: No valid video chain found.
[ 3028.245833][ T1235] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 3028.253522][ T1235] usb 9-1: can't read configurations, error -61
[ 3028.259939][ T1235] usb usb9-port1: attempt power cycle
[ 3028.865738][ T1235] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[ 3028.955805][ T1235] usb 9-1: Using ep0 maxpacket: 16
[ 3028.995894][ T1235] usb 9-1: too many configurations: 18, using maximum allowed: 8
[ 3029.115822][ T1235] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 3029.123563][ T1235] usb 9-1: can't read configurations, error -61
[ 3029.275798][ T1235] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 3029.613338][ T7370] Bluetooth: hci0: command 0x1003 tx timeout
[ 3029.640835][ T7679] Bluetooth: hci0: sending frame failed (-49)
[ 3029.799093][T10630] tipc: Started in network mode
[ 3029.804049][T10630] tipc: Node identity 7f000001, cluster identity 4711
[ 3029.811092][T10630] tipc: Enabled bearer <udp:syz2>, priority 10
[ 3029.885779][ T1235] usb 9-1: device descriptor read/8, error -71
[ 3029.917443][ T7370] usb 2-1: USB disconnect, device number 66
[ 3030.007851][T10634] tipc: Enabled bearer <udp:syz0>, priority 10
[ 3030.258943][T10636] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 3030.267958][T10636] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 3030.279613][T10636] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 3030.325973][ T1235] usb 9-1: device descriptor read/8, error -71
[ 3030.445837][ T1235] usb usb9-port1: unable to enumerate USB device
[ 3031.065917][T10653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13651'.
[ 3031.081085][T17176] tipc: Node number set to 2130706433
[ 3031.565825][ T7370] usb 7-1: new high-speed USB device number 44 using dummy_hcd
[ 3031.699000][T17176] Bluetooth: hci0: command 0x1001 tx timeout
[ 3032.681754][T17176] Bluetooth: hci1: command 0x1003 tx timeout
[ 3032.687944][T10628] Bluetooth: hci0: sending frame failed (-49)
[ 3032.702626][T10628] Bluetooth: hci1: sending frame failed (-49)
[ 3032.722601][T10667] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 3032.732026][T10667] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 3032.743982][T10667] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 3032.782133][T10672] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3032.865931][ T7370] usb 7-1: Using ep0 maxpacket: 16
[ 3033.086386][T10675] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3033.106249][ T7370] usb 7-1: too many configurations: 18, using maximum allowed: 8
[ 3033.226128][ T7370] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 3033.234218][ T7370] usb 7-1: can't read configurations, error -61
[ 3033.385769][ T7370] usb 7-1: new high-speed USB device number 45 using dummy_hcd
[ 3033.648182][ T7370] usb 7-1: Using ep0 maxpacket: 16
[ 3033.686118][ T7370] usb 7-1: too many configurations: 18, using maximum allowed: 8
[ 3033.835842][ T7370] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 3033.843586][ T7370] usb 7-1: can't read configurations, error -61
[ 3033.850354][ T7370] usb usb7-port1: attempt power cycle
[ 3034.265740][ T7370] usb 7-1: new high-speed USB device number 46 using dummy_hcd
[ 3034.333256][T10684] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 3034.375782][ T7370] usb 7-1: device descriptor read/8, error -71
[ 3034.685781][ T7370] usb 7-1: device descriptor read/8, error -71
[ 3034.725755][T18276] Bluetooth: hci1: command 0x1001 tx timeout
[ 3034.731840][T10628] Bluetooth: hci1: sending frame failed (-49)
[ 3034.738010][T18276] Bluetooth: hci0: command 0x1009 tx timeout
[ 3035.425234][T10702] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13667'.
[ 3035.441140][T10702] device bridge0 entered promiscuous mode
[ 3035.448487][T10702] bridge0: port 1(macsec1) entered blocking state
[ 3035.455047][T10702] bridge0: port 1(macsec1) entered disabled state
[ 3035.463125][T10702] device bridge0 left promiscuous mode
[ 3036.132981][T10708] overlayfs: option "workdir=./file0" is useless in a non-upper mount, ignore
[ 3036.142266][T10708] overlayfs: NFS export requires "redirect_dir=nofollow" on non-upper mount, falling back to nfs_export=off.
[ 3036.154130][T10708] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 3036.634726][T10714] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3036.799274][T10716] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3036.809151][ T7370] Bluetooth: hci1: command 0x1009 tx timeout
[ 3037.235749][ T1235] usb 2-1: new high-speed USB device number 67 using dummy_hcd
[ 3037.277434][T10724] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13674'.
[ 3037.292691][T10724] device bridge0 entered promiscuous mode
[ 3037.299722][T10724] bridge0: port 1(macsec1) entered blocking state
[ 3037.306239][T10724] bridge0: port 1(macsec1) entered disabled state
[ 3037.315784][T10724] device bridge0 left promiscuous mode
[ 3037.475763][ T1235] usb 2-1: Using ep0 maxpacket: 16
[ 3037.515811][ T1235] usb 2-1: too many configurations: 18, using maximum allowed: 8
[ 3037.635822][ T1235] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 3037.643497][ T1235] usb 2-1: can't read configurations, error -61
[ 3037.795818][ T1235] usb 2-1: new high-speed USB device number 68 using dummy_hcd
[ 3038.035753][ T1235] usb 2-1: Using ep0 maxpacket: 16
[ 3038.086141][ T1235] usb 2-1: too many configurations: 18, using maximum allowed: 8
[ 3038.205840][ T1235] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 3038.213540][ T1235] usb 2-1: can't read configurations, error -61
[ 3038.219994][ T1235] usb usb2-port1: attempt power cycle
[ 3038.371023][T10738] fuse: Bad value for 'fd'
[ 3038.483810][T10746] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13682'.
[ 3038.492977][T10746] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13682'.
[ 3038.610980][T10750] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13680'.
[ 3038.628573][T10750] device bridge0 entered promiscuous mode
[ 3038.637008][T10750] bridge0: port 3(macsec1) entered blocking state
[ 3038.643591][T10750] bridge0: port 3(macsec1) entered disabled state
[ 3038.657096][T10750] device bridge0 left promiscuous mode
[ 3038.870615][ T1235] usb 2-1: new high-speed USB device number 69 using dummy_hcd
[ 3038.917378][T10755] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3038.966300][ T1235] usb 2-1: Using ep0 maxpacket: 16
[ 3039.005808][ T1235] usb 2-1: too many configurations: 18, using maximum allowed: 8
[ 3039.107609][T10757] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3039.365927][ T1235] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 3039.375748][ T1235] usb 2-1: can't read configurations, error -61
[ 3039.799432][ T1235] usb 2-1: new high-speed USB device number 70 using dummy_hcd
[ 3039.846313][T10772] fuse: Bad value for 'fd'
[ 3039.895802][ T1235] usb 2-1: Using ep0 maxpacket: 16
[ 3039.935845][ T1235] usb 2-1: too many configurations: 18, using maximum allowed: 8
[ 3040.025825][ T1235] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 3040.033605][ T1235] usb 2-1: can't read configurations, error -71
[ 3040.044210][ T1235] usb usb2-port1: unable to enumerate USB device
[ 3041.195326][T10805] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3041.249710][T10807] fuse: Bad value for 'fd'
[ 3041.389924][T10820] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3041.776127][ T6377] usb 7-1: new high-speed USB device number 48 using dummy_hcd
[ 3042.205573][T25568] usb 9-1: new full-speed USB device number 9 using dummy_hcd
[ 3042.705897][T25568] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3042.723193][T25568] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3042.735718][ T6377] usb 7-1: Using ep0 maxpacket: 16
[ 3042.776076][ T6377] usb 7-1: too many configurations: 18, using maximum allowed: 8
[ 3042.829850][T25568] usb 9-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3042.856339][T25568] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3042.867156][T25568] usb 9-1: SerialNumber: syz
[ 3042.908573][ T6377] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 3042.913286][T25568] usb 9-1: config 0 descriptor??
[ 3042.916743][ T6377] usb 7-1: can't read configurations, error -61
[ 3043.035239][T25568] usb 9-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3043.079905][T25568] usb 9-1: No valid video chain found.
[ 3043.105736][ T6377] usb 7-1: new high-speed USB device number 49 using dummy_hcd
[ 3043.317768][T10848] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13713'.
[ 3043.328750][T10848] device bridge0 entered promiscuous mode
[ 3043.335156][T10848] bridge0: port 3(macsec1) entered blocking state
[ 3043.341684][T10848] bridge0: port 3(macsec1) entered disabled state
[ 3043.349107][T10848] device bridge0 left promiscuous mode
[ 3043.495729][ T6377] usb 7-1: Using ep0 maxpacket: 16
[ 3043.535838][ T6377] usb 7-1: too many configurations: 18, using maximum allowed: 8
[ 3043.629723][T10856] fuse: Invalid rootmode
[ 3043.655833][ T6377] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 3043.663622][ T6377] usb 7-1: can't read configurations, error -61
[ 3043.670325][ T6377] usb usb7-port1: attempt power cycle
[ 3044.045756][  T286] usb 2-1: new high-speed USB device number 71 using dummy_hcd
[ 3044.265772][ T6377] usb 7-1: new high-speed USB device number 50 using dummy_hcd
[ 3044.285762][  T286] usb 2-1: Using ep0 maxpacket: 16
[ 3044.415789][  T286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3044.426921][  T286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3044.436703][  T286] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 3044.449598][  T286] usb 2-1: New USB device found, idVendor=10c4, idProduct=8acf, bcdDevice= 0.00
[ 3044.458707][  T286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3044.467670][  T286] usb 2-1: config 0 descriptor??
[ 3044.512281][T10870] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13720'.
[ 3044.537045][T10872] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3045.165931][T10874] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3045.283412][T18276] usb 9-1: USB disconnect, device number 9
[ 3045.368222][ T6377] usb 7-1: device not accepting address 50, error -71
[ 3045.575063][  T286] hid-generic 0003:10C4:8ACF.0023: hidraw0: USB HID v0.00 Device [HID 10c4:8acf] on usb-dummy_hcd.1-1/input0
[ 3045.724838][T10890] fuse: Invalid rootmode
[ 3045.777447][  T286] usb 2-1: USB disconnect, device number 71
[ 3046.170812][T10900] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13728'.
[ 3046.181715][T10900] device bridge0 entered promiscuous mode
[ 3046.187884][T10900] bridge0: port 1(macsec1) entered blocking state
[ 3046.194324][T10900] bridge0: port 1(macsec1) entered disabled state
[ 3046.201678][T10900] device bridge0 left promiscuous mode
[ 3047.078711][T10912] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3047.136114][ T6377] usb 7-1: new high-speed USB device number 51 using dummy_hcd
[ 3047.235879][ T6377] usb 7-1: Using ep0 maxpacket: 16
[ 3047.294121][T10921] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3047.535729][ T6377] usb 7-1: too many configurations: 18, using maximum allowed: 8
[ 3047.595797][  T286] usb 2-1: new full-speed USB device number 72 using dummy_hcd
[ 3047.665802][ T6377] usb 7-1: unable to read config index 0 descriptor/start: -61
[ 3047.674584][ T6377] usb 7-1: can't read configurations, error -61
[ 3047.684725][ T6377] usb usb7-port1: unable to enumerate USB device
[ 3047.693744][T10925] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13737'.
[ 3047.728777][T10925] device bridge0 entered promiscuous mode
[ 3047.742233][T10925] bridge0: port 1(macsec1) entered blocking state
[ 3047.756096][T10925] bridge0: port 1(macsec1) entered disabled state
[ 3047.770805][T10925] device bridge0 left promiscuous mode
[ 3047.986844][T10929] fuse: Invalid rootmode
[ 3047.996358][  T286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3048.023292][  T286] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3048.115813][  T286] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3048.137723][  T286] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3048.146324][  T286] usb 2-1: SerialNumber: syz
[ 3048.152173][  T286] usb 2-1: config 0 descriptor??
[ 3048.196857][  T286] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3048.204059][  T286] usb 2-1: No valid video chain found.
[ 3048.563883][T10947] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13745'.
[ 3048.575037][T10947] device bridge0 entered promiscuous mode
[ 3048.581472][T10947] bridge0: port 3(macsec1) entered blocking state
[ 3048.587983][T10947] bridge0: port 3(macsec1) entered disabled state
[ 3048.595341][T10947] device bridge0 left promiscuous mode
[ 3049.054177][T10954] syz.6.13748[10954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 3049.054262][T10954] syz.6.13748[10954] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 3049.059531][T10956] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3049.550283][T10959] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3049.564297][T25568] usb 2-1: USB disconnect, device number 72
[ 3050.131117][T10963] fuse: Bad value for 'rootmode'
[ 3050.215874][ T6377] usb 6-1: new high-speed USB device number 57 using dummy_hcd
[ 3050.369665][T10971] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13752'.
[ 3050.392109][T10971] device bridge0 entered promiscuous mode
[ 3050.398047][  T286] usb 7-1: new high-speed USB device number 52 using dummy_hcd
[ 3050.413492][T10971] bridge0: port 3(macsec1) entered blocking state
[ 3050.427182][T10971] bridge0: port 3(macsec1) entered disabled state
[ 3050.442046][T10971] device bridge0 left promiscuous mode
[ 3050.465869][ T6377] usb 6-1: Using ep0 maxpacket: 32
[ 3050.505718][T25568] usb 2-1: new high-speed USB device number 73 using dummy_hcd
[ 3050.625839][ T6377] usb 6-1: config 0 has an invalid interface number: 35 but max is 0
[ 3050.637113][ T6377] usb 6-1: config 0 has no interface number 0
[ 3050.675701][  T286] usb 7-1: Using ep0 maxpacket: 16
[ 3050.745710][T25568] usb 2-1: Using ep0 maxpacket: 32
[ 3050.816076][  T286] usb 7-1: config index 0 descriptor too short (expected 16456, got 72)
[ 3050.825743][  T286] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[ 3050.841136][  T286] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[ 3050.849572][ T6377] usb 6-1: New USB device found, idVendor=10c4, idProduct=818a, bcdDevice=7d.8f
[ 3050.862770][ T6377] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3050.872999][  T286] usb 7-1: config 0 has an invalid interface number: 125 but max is 1
[ 3050.885603][ T6377] usb 6-1: Product: syz
[ 3050.891409][  T286] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 3050.902567][ T6377] usb 6-1: Manufacturer: syz
[ 3050.911332][ T6377] usb 6-1: SerialNumber: syz
[ 3050.918046][  T286] usb 7-1: config 0 has no interface number 0
[ 3050.927087][ T6377] usb 6-1: config 0 descriptor??
[ 3050.935179][  T286] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 3050.954980][  T286] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 3050.964991][  T286] usb 7-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 3050.975398][  T286] usb 7-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 3051.006433][ T6377] usbhid 6-1:0.35: couldn't find an input interrupt endpoint
[ 3051.013967][  T286] usb 7-1: config 0 interface 125 has no altsetting 0
[ 3051.025718][  T286] usb 7-1: config 0 interface 125 has no altsetting 2
[ 3051.025831][T25568] usb 2-1: New USB device found, idVendor=06a2, idProduct=0003, bcdDevice=b4.8c
[ 3051.065745][T25568] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3051.073783][T25568] usb 2-1: Product: syz
[ 3051.095855][T25568] usb 2-1: Manufacturer: syz
[ 3051.100588][T25568] usb 2-1: SerialNumber: syz
[ 3051.115989][T25568] usb 2-1: config 0 descriptor??
[ 3051.185784][  T286] usb 7-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 3051.195037][  T286] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3051.209127][T10952] netlink: 'syz.5.13747': attribute type 6 has an invalid length.
[ 3051.210160][  T286] usb 7-1: Product: syz
[ 3051.226312][T25568] usb 6-1: USB disconnect, device number 57
[ 3051.227594][  T286] usb 7-1: Manufacturer: syz
[ 3051.241537][  T286] usb 7-1: SerialNumber: syz
[ 3051.261387][  T286] usb 7-1: config 0 descriptor??
[ 3051.561408][  T286] usb 7-1: USB disconnect, device number 52
[ 3051.685961][T18276] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 3051.995765][T18276] usb 9-1: Using ep0 maxpacket: 16
[ 3052.135206][T18276] usb 9-1: config index 0 descriptor too short (expected 65535, got 18)
[ 3052.143850][T18276] usb 9-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[ 3052.152817][T18276] usb 9-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[ 3052.163266][T18276] usb 9-1: config 255 has 0 interfaces, different from the descriptor's value: 255
[ 3052.454484][ T6377] usb 2-1: USB disconnect, device number 73
[ 3052.467564][T10999] fuse: Bad value for 'rootmode'
[ 3052.531374][T18276] usb 9-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 3052.540996][T18276] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3052.549303][T18276] usb 9-1: Product: syz
[ 3052.553479][T18276] usb 9-1: Manufacturer: syz
[ 3052.558091][T18276] usb 9-1: SerialNumber: syz
[ 3052.585755][  T286] usb 7-1: new high-speed USB device number 53 using dummy_hcd
[ 3052.605769][ T7370] usb 4-1: new full-speed USB device number 91 using dummy_hcd
[ 3052.909818][T18276] usb 9-1: USB disconnect, device number 10
[ 3052.985796][ T7370] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3052.996918][ T7370] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3053.085815][ T7370] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3053.094936][ T7370] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3053.102983][ T7370] usb 4-1: SerialNumber: syz
[ 3053.113041][ T7370] usb 4-1: config 0 descriptor??
[ 3053.115717][  T286] usb 7-1: Using ep0 maxpacket: 8
[ 3053.156444][ T7370] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3053.164248][ T7370] usb 4-1: No valid video chain found.
[ 3053.172090][T11012] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13766'.
[ 3053.197109][T11012] device bridge0 entered promiscuous mode
[ 3053.203200][T11012] bridge0: port 1(macsec1) entered blocking state
[ 3053.209659][T11012] bridge0: port 1(macsec1) entered disabled state
[ 3053.217076][T11012] device bridge0 left promiscuous mode
[ 3053.395803][  T286] usb 7-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[ 3053.405187][  T286] usb 7-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 3053.414033][  T286] usb 7-1: Product: syz
[ 3053.418408][  T286] usb 7-1: Manufacturer: syz
[ 3053.423082][  T286] usb 7-1: SerialNumber: syz
[ 3053.436368][  T286] usb 7-1: config 0 descriptor??
[ 3053.799763][  T286] usb 7-1: USB disconnect, device number 53
[ 3054.304308][T11032] fuse: Bad value for 'rootmode'
[ 3055.360654][ T6377] usb 4-1: USB disconnect, device number 91
[ 3055.385820][T11057] netlink: 104 bytes leftover after parsing attributes in process `syz.6.13782'.
[ 3055.445967][  T286] usb 9-1: new high-speed USB device number 11 using dummy_hcd
[ 3055.528950][T11066] fuse: Unknown parameter 'use00000000000000000000'
[ 3055.685781][  T286] usb 9-1: Using ep0 maxpacket: 16
[ 3056.135334][  T286] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 3056.143003][  T286] usb 9-1: can't read configurations, error -61
[ 3056.295739][  T286] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 3056.725790][T18276] usb 4-1: new full-speed USB device number 92 using dummy_hcd
[ 3056.741254][T11094] netlink: 104 bytes leftover after parsing attributes in process `syz.5.13796'.
[ 3056.806339][  T286] usb 9-1: Using ep0 maxpacket: 16
[ 3056.882337][T11102] fuse: Unknown parameter 'use00000000000000000000'
[ 3057.095748][  T286] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 3057.103432][  T286] usb 9-1: can't read configurations, error -61
[ 3057.109855][  T286] usb usb9-port1: attempt power cycle
[ 3057.115814][T18276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3057.126999][T18276] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3057.220808][T18276] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3057.240146][T18276] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3057.260335][T18276] usb 4-1: SerialNumber: syz
[ 3057.272990][T18276] usb 4-1: config 0 descriptor??
[ 3057.316386][T18276] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3057.323333][T18276] usb 4-1: No valid video chain found.
[ 3057.515721][  T286] usb 9-1: new high-speed USB device number 13 using dummy_hcd
[ 3057.736668][T11118] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13803'.
[ 3057.762664][T11118] device bridge0 entered promiscuous mode
[ 3057.769536][T11118] bridge0: port 3(macsec1) entered blocking state
[ 3057.776156][T11118] bridge0: port 3(macsec1) entered disabled state
[ 3057.783698][T11118] device bridge0 left promiscuous mode
[ 3057.914381][T11125] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 3057.995712][  T286] usb 9-1: device not accepting address 13, error -71
[ 3058.126850][T11136] fuse: Unknown parameter 'use00000000000000000000'
[ 3058.823279][T11149] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13814'.
[ 3058.842217][T11149] device bridge0 entered promiscuous mode
[ 3058.849848][T11149] bridge0: port 1(macsec1) entered blocking state
[ 3058.856486][T11149] bridge0: port 1(macsec1) entered disabled state
[ 3058.868103][T11149] device bridge0 left promiscuous mode
[ 3058.886096][  T286] usb 9-1: new high-speed USB device number 14 using dummy_hcd
[ 3058.975888][  T286] usb 9-1: Using ep0 maxpacket: 16
[ 3059.138101][  T286] usb 9-1: unable to read config index 0 descriptor/start: -61
[ 3059.146161][  T286] usb 9-1: can't read configurations, error -61
[ 3059.152760][  T286] usb usb9-port1: unable to enumerate USB device
[ 3059.326952][  T286] usb 4-1: USB disconnect, device number 92
[ 3059.375149][T11167] fuse: Unknown parameter 'user_i00000000000000000000'
[ 3059.437579][T11171] fuse: Unknown parameter 'user_i00000000000000000000'
[ 3059.495819][T25568] usb 7-1: new high-speed USB device number 54 using dummy_hcd
[ 3060.045955][T25568] usb 7-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[ 3060.055816][T25568] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3060.064136][T25568] usb 7-1: Product: syz
[ 3060.068850][T25568] usb 7-1: Manufacturer: syz
[ 3060.073614][T25568] usb 7-1: SerialNumber: syz
[ 3061.645513][T11208] fuse: Unknown parameter 'user_i00000000000000000000'
[ 3061.833305][T11218] netlink: 4 bytes leftover after parsing attributes in process `syz.5.13837'.
[ 3061.854217][T11218] device bridge0 entered promiscuous mode
[ 3061.867936][T11218] bridge0: port 1(macsec1) entered blocking state
[ 3061.875720][ T1235] usb 4-1: new full-speed USB device number 93 using dummy_hcd
[ 3061.884789][T11218] bridge0: port 1(macsec1) entered disabled state
[ 3061.900987][T11218] device bridge0 left promiscuous mode
[ 3062.219833][T11200] usb 7-1: USB disconnect, device number 54
[ 3062.255865][ T1235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3062.269018][ T1235] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3062.355847][ T1235] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3062.365055][ T1235] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3062.663734][ T1235] usb 4-1: SerialNumber: syz
[ 3062.677833][ T1235] usb 4-1: config 0 descriptor??
[ 3062.716484][ T1235] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3062.724171][ T1235] usb 4-1: No valid video chain found.
[ 3063.114540][T11200] usb 7-1: new full-speed USB device number 55 using dummy_hcd
[ 3063.375718][T16377] usb 2-1: new high-speed USB device number 74 using dummy_hcd
[ 3063.485812][T11200] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3063.496872][T11200] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3063.585882][T11200] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3063.595026][T11200] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3063.603103][T11200] usb 7-1: SerialNumber: syz
[ 3063.638526][T11200] usb 7-1: config 0 descriptor??
[ 3063.653759][T11241] 8021q: VLANs not supported on ip6gre0
[ 3063.660656][T16377] usb 2-1: Using ep0 maxpacket: 16
[ 3063.680769][T11245] fuse: Unknown parameter 'user_id00000000000000000000'
[ 3063.724744][T11200] usb 7-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3063.732184][T11200] usb 7-1: No valid video chain found.
[ 3064.055787][T16377] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 3064.063444][T16377] usb 2-1: can't read configurations, error -61
[ 3064.151866][T11200] usb 4-1: USB disconnect, device number 93
[ 3064.215750][T16377] usb 2-1: new high-speed USB device number 75 using dummy_hcd
[ 3064.383704][T11258] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13854'.
[ 3064.401696][T11258] device bridge0 entered promiscuous mode
[ 3064.410658][T11258] bridge0: port 3(macsec1) entered blocking state
[ 3064.417275][T11258] bridge0: port 3(macsec1) entered disabled state
[ 3064.428031][T11258] device bridge0 left promiscuous mode
[ 3064.455728][T16377] usb 2-1: Using ep0 maxpacket: 16
[ 3064.645820][T16377] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 3064.653628][T16377] usb 2-1: can't read configurations, error -61
[ 3064.660398][T16377] usb usb2-port1: attempt power cycle
[ 3065.195721][T16377] usb 2-1: new high-speed USB device number 76 using dummy_hcd
[ 3065.275809][T30117] usb 7-1: USB disconnect, device number 55
[ 3065.296011][T16377] usb 2-1: Using ep0 maxpacket: 16
[ 3065.455832][T16377] usb 2-1: unable to read config index 0 descriptor/start: -61
[ 3065.463661][T16377] usb 2-1: can't read configurations, error -61
[ 3065.615721][T16377] usb 2-1: new high-speed USB device number 77 using dummy_hcd
[ 3065.705776][ T1235] usb 6-1: new high-speed USB device number 58 using dummy_hcd
[ 3065.713504][T16377] usb 2-1: Using ep0 maxpacket: 16
[ 3065.835819][T16377] usb 2-1: unable to read config index 0 descriptor/start: -71
[ 3065.844265][T16377] usb 2-1: can't read configurations, error -71
[ 3065.850922][T16377] usb usb2-port1: unable to enumerate USB device
[ 3066.225790][ T1235] usb 6-1: Using ep0 maxpacket: 16
[ 3066.345806][ T1235] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x4 has invalid wMaxPacketSize 0
[ 3066.355501][ T1235] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 0
[ 3066.365282][ T1235] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3066.375113][ T1235] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 0
[ 3066.725817][ T1235] usb 6-1: New USB device found, idVendor=04d8, idProduct=0a30, bcdDevice=ce.47
[ 3066.734992][ T1235] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3066.743033][ T1235] usb 6-1: Product: syz
[ 3066.747288][ T1235] usb 6-1: Manufacturer: syz
[ 3066.751913][ T1235] usb 6-1: SerialNumber: syz
[ 3066.756577][T16377] usb 2-1: new full-speed USB device number 78 using dummy_hcd
[ 3066.765240][ T1235] usb 6-1: config 0 descriptor??
[ 3067.007758][ T1235] usb 6-1: USB disconnect, device number 58
[ 3067.153333][T16377] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3067.167583][T16377] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3067.198100][T11297] netlink: 4 bytes leftover after parsing attributes in process `syz.8.13868'.
[ 3067.208503][T11297] device bridge0 entered promiscuous mode
[ 3067.214775][T11297] bridge0: port 3(macsec1) entered blocking state
[ 3067.221265][T11297] bridge0: port 3(macsec1) entered disabled state
[ 3067.228564][T11297] device bridge0 left promiscuous mode
[ 3067.255851][T16377] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3067.265161][T16377] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3067.273588][T16377] usb 2-1: SerialNumber: syz
[ 3067.292644][T16377] usb 2-1: config 0 descriptor??
[ 3067.336734][T16377] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3067.343746][T16377] usb 2-1: No valid video chain found.
[ 3067.585801][ T1235] usb 9-1: new high-speed USB device number 15 using dummy_hcd
[ 3067.826990][ T1235] usb 9-1: Using ep0 maxpacket: 16
[ 3067.955783][ T1235] usb 9-1: config index 0 descriptor too short (expected 65535, got 18)
[ 3067.964280][ T1235] usb 9-1: config 255 has too many interfaces: 255, using maximum allowed: 32
[ 3067.973196][ T1235] usb 9-1: config 255 has an invalid descriptor of length 0, skipping remainder of the config
[ 3067.983534][ T1235] usb 9-1: config 255 has 0 interfaces, different from the descriptor's value: 255
[ 3068.145834][ T1235] usb 9-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[ 3068.155181][ T1235] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3068.674880][ T1235] usb 9-1: Product: syz
[ 3068.679147][ T1235] usb 9-1: Manufacturer: syz
[ 3068.685036][ T1235] usb 9-1: SerialNumber: syz
[ 3068.829635][T25568] usb 2-1: USB disconnect, device number 78
[ 3069.090213][ T1235] usb 9-1: USB disconnect, device number 15
[ 3069.196345][T11334] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13881'.
[ 3069.206750][T11334] device bridge0 entered promiscuous mode
[ 3069.212832][T11334] bridge0: port 1(macsec1) entered blocking state
[ 3069.219287][T11334] bridge0: port 1(macsec1) entered disabled state
[ 3069.226523][T11334] device bridge0 left promiscuous mode
[ 3069.380622][T11342] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13880'.
[ 3069.401994][T11342] device bridge0 entered promiscuous mode
[ 3069.414698][T11342] bridge0: port 1(macsec1) entered blocking state
[ 3069.421295][T11342] bridge0: port 1(macsec1) entered disabled state
[ 3069.431800][T11342] device bridge0 left promiscuous mode
[ 3071.370607][T11368] netlink: 4 bytes leftover after parsing attributes in process `syz.3.13892'.
[ 3071.381169][T11368] device bridge0 entered promiscuous mode
[ 3071.387413][T11368] bridge0: port 3(macsec1) entered blocking state
[ 3071.393870][T11368] bridge0: port 3(macsec1) entered disabled state
[ 3071.401182][T11368] device bridge0 left promiscuous mode
[ 3071.425720][T11200] usb 6-1: new full-speed USB device number 59 using dummy_hcd
[ 3071.567396][  T286] usb 9-1: new full-speed USB device number 16 using dummy_hcd
[ 3072.795760][T11200] usb 6-1: unable to read config index 0 descriptor/all
[ 3072.802812][T11200] usb 6-1: can't read configurations, error -71
[ 3072.832469][   T30] audit: type=1326 audit(1749286901.243:6964): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=11408 comm="syz.5.13910" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1a05d1c929 code=0x0
[ 3073.117239][T11425] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13904'.
[ 3073.156140][T11425] device bridge0 entered promiscuous mode
[ 3073.172548][T11425] bridge0: port 1(macsec1) entered blocking state
[ 3073.195742][T11425] bridge0: port 1(macsec1) entered disabled state
[ 3073.221067][T11425] device bridge0 left promiscuous mode
[ 3073.305710][  T286] usb 9-1: new high-speed USB device number 17 using dummy_hcd
[ 3073.714201][  T286] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3073.725308][  T286] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3073.735134][  T286] usb 9-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[ 3073.744267][  T286] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3073.816941][  T286] usb 9-1: config 0 descriptor??
[ 3074.946860][T11445] netlink: 12 bytes leftover after parsing attributes in process `syz.3.13923'.
[ 3075.900902][T11445] netlink: 8 bytes leftover after parsing attributes in process `syz.3.13923'.
[ 3075.910011][T11445] netlink: 16 bytes leftover after parsing attributes in process `syz.3.13923'.
[ 3075.919149][T11445] netlink: 16 bytes leftover after parsing attributes in process `syz.3.13923'.
[ 3075.975738][T11200] usb 6-1: new full-speed USB device number 61 using dummy_hcd
[ 3076.006606][  T286] logitech-djreceiver 0003:046D:C534.0024: unknown main item tag 0x0
[ 3076.014763][  T286] logitech-djreceiver 0003:046D:C534.0024: unknown main item tag 0x0
[ 3076.023374][  T286] logitech-djreceiver 0003:046D:C534.0024: unknown main item tag 0x0
[ 3076.031558][  T286] logitech-djreceiver 0003:046D:C534.0024: unknown main item tag 0x0
[ 3076.040474][  T286] logitech-djreceiver 0003:046D:C534.0024: unknown main item tag 0x0
[ 3076.170837][ T7370] usb 9-1: USB disconnect, device number 17
[ 3076.181724][T11457] netlink: 4 bytes leftover after parsing attributes in process `syz.6.13927'.
[ 3076.205812][T28743] usb 2-1: new full-speed USB device number 79 using dummy_hcd
[ 3076.227533][T11457] device bridge0 entered promiscuous mode
[ 3076.234781][T11457] bridge0: port 1(macsec1) entered blocking state
[ 3076.241760][T11457] bridge0: port 1(macsec1) entered disabled state
[ 3076.252415][T11457] device bridge0 left promiscuous mode
[ 3076.395812][T11200] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3076.407009][T11200] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3076.495958][T11200] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3076.505222][T11200] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3076.513326][T11200] usb 6-1: SerialNumber: syz
[ 3076.523064][T11200] usb 6-1: config 0 descriptor??
[ 3076.568799][T11200] usb 6-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3076.575963][T28743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3076.587472][T11200] usb 6-1: No valid video chain found.
[ 3076.593024][T28743] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3076.725236][T11200] usb 6-1: USB disconnect, device number 61
[ 3076.742946][T28743] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3076.763615][T28743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3076.772668][T28743] usb 2-1: SerialNumber: syz
[ 3076.940893][T28743] usb 2-1: config 0 descriptor??
[ 3076.990153][T28743] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3076.997632][T28743] usb 2-1: No valid video chain found.
[ 3078.924528][T16377] usb 2-1: USB disconnect, device number 79
[ 3078.938290][T11521] fuse: Unknown parameter '0x0000000000000004'
[ 3079.425725][ T1235] usb 7-1: new full-speed USB device number 56 using dummy_hcd
[ 3079.488270][T11539] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 3079.685726][ T7370] usb 4-1: new high-speed USB device number 94 using dummy_hcd
[ 3079.985718][ T7370] usb 4-1: Using ep0 maxpacket: 8
[ 3080.032800][T11553] fuse: Unknown parameter '0x0000000000000004'
[ 3080.045804][ T1235] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3080.057522][ T1235] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3080.123115][T11562] syz.5.13965[11562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 3080.123202][T11562] syz.5.13965[11562] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 3080.149464][ T1235] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3080.170687][ T1235] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3080.179276][ T1235] usb 7-1: SerialNumber: syz
[ 3080.184883][ T1235] usb 7-1: config 0 descriptor??
[ 3080.316029][ T7370] usb 4-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 3080.326032][ T7370] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3080.334187][ T7370] usb 4-1: Product: syz
[ 3080.338891][ T7370] usb 4-1: Manufacturer: syz
[ 3080.343606][ T7370] usb 4-1: SerialNumber: syz
[ 3080.838465][ T7370] usb 4-1: config 0 descriptor??
[ 3080.908809][ T1235] usb 7-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3080.915774][ T1235] usb 7-1: No valid video chain found.
[ 3080.935722][T11200] usb 9-1: new full-speed USB device number 18 using dummy_hcd
[ 3081.055720][T16377] usb 6-1: new high-speed USB device number 62 using dummy_hcd
[ 3081.120935][ T5520] usb 4-1: USB disconnect, device number 94
[ 3081.195758][ T1235] usb 2-1: new high-speed USB device number 80 using dummy_hcd
[ 3081.295732][T16377] usb 6-1: Using ep0 maxpacket: 16
[ 3081.325795][T11200] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3081.337029][T11200] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3081.415805][T16377] usb 6-1: config index 0 descriptor too short (expected 16456, got 72)
[ 3081.424270][T16377] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 3081.432464][T16377] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 3081.435809][T11200] usb 9-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3081.440797][ T1235] usb 2-1: Using ep0 maxpacket: 8
[ 3081.449909][T11200] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3081.454819][T16377] usb 6-1: config 0 has an invalid interface number: 125 but max is 1
[ 3081.462935][T11200] usb 9-1: SerialNumber: syz
[ 3081.471079][T16377] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 3081.477302][T11200] usb 9-1: config 0 descriptor??
[ 3081.485796][T16377] usb 6-1: config 0 has no interface number 0
[ 3081.495464][T16377] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 3081.506686][T16377] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 3081.516739][T16377] usb 6-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 3081.526622][T16377] usb 6-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 3081.536991][T11200] usb 9-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3081.539758][T16377] usb 6-1: config 0 interface 125 has no altsetting 0
[ 3081.546919][T11200] usb 9-1: No valid video chain found.
[ 3081.553613][T16377] usb 6-1: config 0 interface 125 has no altsetting 2
[ 3081.755821][T16377] usb 6-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 3081.765003][ T1235] usb 2-1: New USB device found, idVendor=0763, idProduct=2081, bcdDevice=d0.ab
[ 3081.774399][T16377] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3081.782564][ T1235] usb 2-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[ 3081.845735][T11574] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3082.366660][T16377] usb 6-1: Product: syz
[ 3082.370945][T16377] usb 6-1: Manufacturer: syz
[ 3082.375587][ T1235] usb 2-1: Product: syz
[ 3082.379790][T16377] usb 6-1: SerialNumber: syz
[ 3082.384411][ T1235] usb 2-1: Manufacturer: syz
[ 3082.389534][ T1235] usb 2-1: SerialNumber: syz
[ 3082.394467][T16377] usb 6-1: config 0 descriptor??
[ 3082.400994][ T5520] usb 7-1: USB disconnect, device number 56
[ 3082.407259][ T1235] usb 2-1: config 0 descriptor??
[ 3082.653399][ T5520] usb 6-1: USB disconnect, device number 62
[ 3082.717905][T11580] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3082.939490][ T1235] usb 2-1: USB disconnect, device number 80
[ 3083.115210][ T5520] usb 9-1: USB disconnect, device number 18
[ 3083.180076][T10269] udevd[10269]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 3083.194196][T11585] fuse: Unknown parameter '0x0000000000000004'
[ 3084.732419][T11616] syz.8.13984[11616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 3084.732502][T11616] syz.8.13984[11616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 3084.745924][ T7370] usb 7-1: new high-speed USB device number 57 using dummy_hcd
[ 3084.765971][T11619] fuse: Unknown parameter 'fd0x0000000000000004'
[ 3084.795644][T11624] fuse: Unknown parameter 'fd0x0000000000000004'
[ 3084.982097][T11633] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3085.015848][ T7370] usb 7-1: Using ep0 maxpacket: 8
[ 3085.046207][T28743] usb 9-1: new high-speed USB device number 19 using dummy_hcd
[ 3085.316444][T28743] usb 9-1: Using ep0 maxpacket: 16
[ 3085.376164][ T7370] usb 7-1: New USB device found, idVendor=084e, idProduct=1001, bcdDevice=ed.ae
[ 3085.386678][ T7370] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3085.394801][ T7370] usb 7-1: Product: syz
[ 3085.399521][ T7370] usb 7-1: Manufacturer: syz
[ 3085.404237][ T7370] usb 7-1: SerialNumber: syz
[ 3085.442384][ T7370] usb 7-1: config 0 descriptor??
[ 3085.485963][T28743] usb 9-1: config index 0 descriptor too short (expected 16456, got 72)
[ 3085.489762][ T5520] usb 2-1: new full-speed USB device number 81 using dummy_hcd
[ 3085.506795][T28743] usb 9-1: config 0 has an invalid interface number: 125 but max is 1
[ 3085.515094][T28743] usb 9-1: config 0 has an invalid interface number: 125 but max is 1
[ 3085.523295][T28743] usb 9-1: config 0 has an invalid interface number: 125 but max is 1
[ 3085.531931][T28743] usb 9-1: config 0 has 1 interface, different from the descriptor's value: 2
[ 3085.541006][T28743] usb 9-1: config 0 has no interface number 0
[ 3085.547150][T28743] usb 9-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[ 3085.558310][T28743] usb 9-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[ 3085.568233][T28743] usb 9-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[ 3085.578113][T28743] usb 9-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 3085.591261][T28743] usb 9-1: config 0 interface 125 has no altsetting 0
[ 3085.598073][T28743] usb 9-1: config 0 interface 125 has no altsetting 2
[ 3085.655746][ T6377] usb 4-1: new high-speed USB device number 95 using dummy_hcd
[ 3085.702075][ T1235] usb 7-1: USB disconnect, device number 57
[ 3085.785904][T28743] usb 9-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[ 3085.795125][T28743] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3085.803151][T28743] usb 9-1: Product: syz
[ 3085.807315][T28743] usb 9-1: Manufacturer: syz
[ 3085.811915][T28743] usb 9-1: SerialNumber: syz
[ 3085.817541][T28743] usb 9-1: config 0 descriptor??
[ 3085.839206][T11200] hid-generic 0000:0000:0000.0025: unknown main item tag 0x0
[ 3085.847271][T11200] hid-generic 0000:0000:0000.0025: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[ 3085.865893][ T5520] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3085.877373][ T5520] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3085.915874][ T6377] usb 4-1: Using ep0 maxpacket: 32
[ 3085.965866][ T5520] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3085.975050][ T5520] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3085.983086][ T5520] usb 2-1: SerialNumber: syz
[ 3085.988817][ T5520] usb 2-1: config 0 descriptor??
[ 3086.026804][ T5520] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3086.033864][ T5520] usb 2-1: No valid video chain found.
[ 3086.039562][ T6377] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3086.052050][ T6377] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3086.062050][ T6377] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 3086.071190][ T6377] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3086.091186][T11200] usb 9-1: USB disconnect, device number 19
[ 3086.093675][ T6377] usb 4-1: config 0 descriptor??
[ 3086.136735][ T6377] hub 4-1:0.0: USB hub found
[ 3086.435758][ T6377] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[ 3086.697744][ T6377] hid-generic 0003:046D:C31C.0026: item fetching failed at offset 0/1
[ 3086.712189][ T6377] hid-generic: probe of 0003:046D:C31C.0026 failed with error -22
[ 3086.916500][T11662] fuse: Unknown parameter 'fd0x0000000000000004'
[ 3087.052975][T28743] usb 4-1: USB disconnect, device number 95
[ 3087.167405][T11672] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3087.380168][T28743] usb 2-1: USB disconnect, device number 81
[ 3088.006175][T28743] usb 2-1: new high-speed USB device number 82 using dummy_hcd
[ 3089.104085][T11711] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14015'.
[ 3089.146885][T11711] device bridge0 entered promiscuous mode
[ 3089.157003][T11711] bridge0: port 1(macsec1) entered blocking state
[ 3089.163536][T11711] bridge0: port 1(macsec1) entered disabled state
[ 3089.267274][T11711] device bridge0 left promiscuous mode
[ 3089.545740][ T6377] usb 4-1: new full-speed USB device number 96 using dummy_hcd
[ 3089.553449][ T1235] usb 6-1: new full-speed USB device number 63 using dummy_hcd
[ 3089.695761][T28743] usb 2-1: config 0 has no interfaces?
[ 3089.701320][T28743] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 3089.710403][T28743] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3089.723185][T28743] usb 2-1: config 0 descriptor??
[ 3089.935858][ T6377] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3089.946946][ T1235] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3089.957953][ T6377] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3089.967739][ T1235] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3090.055806][ T6377] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3090.064999][ T1235] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3090.074123][ T6377] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3090.082188][ T1235] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3090.090558][ T6377] usb 4-1: SerialNumber: syz
[ 3090.095257][ T1235] usb 6-1: SerialNumber: syz
[ 3090.100786][ T6377] usb 4-1: config 0 descriptor??
[ 3090.106063][ T1235] usb 6-1: config 0 descriptor??
[ 3090.146365][ T6377] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3090.153826][ T1235] usb 6-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3090.160779][ T6377] usb 4-1: No valid video chain found.
[ 3090.166568][ T1235] usb 6-1: No valid video chain found.
[ 3090.177891][T11693] UDC core: couldn't find an available UDC or it's busy: -16
[ 3090.185395][T11693] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[ 3090.193378][T28743] usb 2-1: USB disconnect, device number 82
[ 3090.525722][ T6377] usb 7-1: new high-speed USB device number 58 using dummy_hcd
[ 3090.737137][T11738] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3091.023517][T11741] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14025'.
[ 3091.033971][T11741] device bridge0 entered promiscuous mode
[ 3091.040121][T11741] bridge0: port 1(macsec1) entered blocking state
[ 3091.046646][T11741] bridge0: port 1(macsec1) entered disabled state
[ 3091.053674][T11741] device bridge0 left promiscuous mode
[ 3091.065799][ T6377] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3091.076854][ T6377] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3091.086662][ T6377] usb 7-1: New USB device found, idVendor=046d, idProduct=c534, bcdDevice= 0.00
[ 3091.095764][ T6377] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3091.104555][ T6377] usb 7-1: config 0 descriptor??
[ 3091.399273][T28743] usb 4-1: USB disconnect, device number 96
[ 3091.405796][ T5520] usb 6-1: USB disconnect, device number 63
[ 3091.465803][T11743] netlink: 24 bytes leftover after parsing attributes in process `syz.3.14026'.
[ 3091.860413][ T6377] logitech-djreceiver 0003:046D:C534.0027: unknown main item tag 0x0
[ 3091.868665][ T6377] logitech-djreceiver 0003:046D:C534.0027: unknown main item tag 0x0
[ 3091.876902][ T6377] logitech-djreceiver 0003:046D:C534.0027: unknown main item tag 0x0
[ 3091.885059][ T6377] logitech-djreceiver 0003:046D:C534.0027: unknown main item tag 0x0
[ 3091.893305][ T6377] logitech-djreceiver 0003:046D:C534.0027: unknown main item tag 0x0
[ 3091.963599][ T6377] usb 7-1: USB disconnect, device number 58
[ 3092.225713][ T5520] usb 2-1: new full-speed USB device number 83 using dummy_hcd
[ 3092.417254][T11770] tmpfs: Unknown parameter 'usrquota'
[ 3092.585808][ T5520] usb 2-1: config 150 has an invalid interface number: 204 but max is 1
[ 3092.594239][ T5520] usb 2-1: config 150 has an invalid descriptor of length 0, skipping remainder of the config
[ 3092.604744][ T5520] usb 2-1: config 150 has 1 interface, different from the descriptor's value: 2
[ 3092.878220][ T5520] usb 2-1: config 150 has no interface number 0
[ 3092.884586][ T5520] usb 2-1: config 150 interface 204 has no altsetting 0
[ 3092.946472][T11787] netlink: 24 bytes leftover after parsing attributes in process `syz.5.14041'.
[ 3093.045902][ T5520] usb 2-1: New USB device found, idVendor=04e2, idProduct=1424, bcdDevice=c7.eb
[ 3093.055155][ T5520] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3093.063272][ T5520] usb 2-1: Product: syz
[ 3093.065708][T28743] usb 7-1: new full-speed USB device number 59 using dummy_hcd
[ 3093.067649][ T5520] usb 2-1: Manufacturer: syz
[ 3093.079803][ T5520] usb 2-1: SerialNumber: syz
[ 3093.155769][ T1235] usb 9-1: new full-speed USB device number 20 using dummy_hcd
[ 3093.357009][ T5520] usb 2-1: USB disconnect, device number 83
[ 3093.445825][T28743] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3093.456935][T28743] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3093.515831][ T1235] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3093.527071][ T1235] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3093.565833][T28743] usb 7-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3093.575035][T28743] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3093.583050][T28743] usb 7-1: SerialNumber: syz
[ 3093.588451][T28743] usb 7-1: config 0 descriptor??
[ 3093.615820][ T1235] usb 9-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3093.624918][ T1235] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3093.632972][ T1235] usb 9-1: SerialNumber: syz
[ 3093.638527][ T1235] usb 9-1: config 0 descriptor??
[ 3093.646319][T28743] usb 7-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3093.653268][T28743] usb 7-1: No valid video chain found.
[ 3093.686564][ T1235] usb 9-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3093.693474][ T1235] usb 9-1: No valid video chain found.
[ 3094.155717][ T1235] usb 2-1: new high-speed USB device number 84 using dummy_hcd
[ 3094.395701][ T1235] usb 2-1: Using ep0 maxpacket: 8
[ 3094.675842][ T1235] usb 2-1: New USB device found, idVendor=0ccd, idProduct=10a3, bcdDevice=23.a2
[ 3094.684980][ T1235] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3094.693021][ T1235] usb 2-1: Product: syz
[ 3094.697218][ T1235] usb 2-1: Manufacturer: syz
[ 3094.701838][ T1235] usb 2-1: SerialNumber: syz
[ 3094.707911][ T1235] usb 2-1: config 0 descriptor??
[ 3094.950368][T11822] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3095.273940][   T30] audit: type=1400 audit(1749286923.683:6965): avc:  denied  { mounton } for  pid=11826 comm="syz.5.14056" path="/522/file0" dev="tmpfs" ino=2847 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[ 3095.327309][T11831] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14058'.
[ 3095.484018][T30117] usb 9-1: USB disconnect, device number 20
[ 3095.526384][  T286] usb 7-1: USB disconnect, device number 59
[ 3095.532364][   T30] audit: type=1400 audit(1749286923.943:6966): avc:  denied  { unmount } for  pid=4502 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:bpf_t tclass=filesystem permissive=1
[ 3095.556319][T11842] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14063'.
[ 3095.623581][T11849] tipc: Bearer <udp:s>: already 2 bearers with priority 10
[ 3095.641267][T11849] tipc: Bearer <udp:s>: trying with adjusted priority
[ 3095.649425][T11849] tipc: Enabled bearer <udp:s>, priority 9
[ 3096.275720][  T286] usb 4-1: new full-speed USB device number 97 using dummy_hcd
[ 3096.635796][  T286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3096.647127][  T286] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3096.665705][T30117] usb 9-1: new full-speed USB device number 21 using dummy_hcd
[ 3096.735902][  T286] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3096.745036][  T286] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3096.753050][  T286] usb 4-1: SerialNumber: syz
[ 3096.758382][  T286] usb 4-1: config 0 descriptor??
[ 3096.796341][  T286] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3096.803317][  T286] usb 4-1: No valid video chain found.
[ 3096.809040][ T5520] usb 6-1: new full-speed USB device number 64 using dummy_hcd
[ 3096.894559][  T286] usb 2-1: USB disconnect, device number 84
[ 3097.035763][T30117] usb 9-1: config 0 has an invalid interface number: 241 but max is 0
[ 3097.044041][T30117] usb 9-1: config 0 has no interface number 0
[ 3097.105992][T11887] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3097.285966][T30117] usb 9-1: New USB device found, idVendor=1a0a, idProduct=0101, bcdDevice=1f.24
[ 3097.295179][T30117] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3097.303261][T30117] usb 9-1: Product: syz
[ 3097.307519][T30117] usb 9-1: Manufacturer: syz
[ 3097.312151][T30117] usb 9-1: SerialNumber: syz
[ 3097.317506][T30117] usb 9-1: config 0 descriptor??
[ 3097.356366][T30117] usb_ehset_test: probe of 9-1:0.241 failed with error -32
[ 3097.395818][ T5520] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3097.406181][ T5520] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 3097.573485][ T6377] usb 9-1: USB disconnect, device number 21
[ 3097.579759][ T5520] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 3097.595627][ T5520] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3097.605221][ T5520] usb 6-1: Product: syz
[ 3097.609711][ T5520] usb 6-1: Manufacturer: syz
[ 3097.614331][ T5520] usb 6-1: SerialNumber: syz
[ 3097.985778][ T5520] usb 6-1: 0:2 : does not exist
[ 3097.995458][ T5520] usb 6-1: USB disconnect, device number 64
[ 3098.200724][T10269] udevd[10269]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 3098.971640][T30117] usb 4-1: USB disconnect, device number 97
[ 3099.285734][T11931] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3099.640811][T11924] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14094'.
[ 3099.652545][T11924] device bridge0 entered promiscuous mode
[ 3099.659110][T11924] bridge0: port 1(macsec1) entered blocking state
[ 3099.665860][T11924] bridge0: port 1(macsec1) entered disabled state
[ 3099.673497][T11924] device bridge0 left promiscuous mode
[ 3099.755863][T11941] usb usb2: usbfs: interface 0 claimed by hub while 'syz.8.14100' sets config #0
[ 3100.163666][T11970] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3100.455708][ T5520] usb 9-1: new full-speed USB device number 22 using dummy_hcd
[ 3100.876067][ T5520] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3100.893168][ T5520] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3101.015790][ T5520] usb 9-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3101.025051][ T5520] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3101.033200][ T5520] usb 9-1: SerialNumber: syz
[ 3101.039011][ T5520] usb 9-1: config 0 descriptor??
[ 3101.076506][ T5520] usb 9-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3101.083460][ T5520] usb 9-1: No valid video chain found.
[ 3101.115713][T11200] usb 4-1: new high-speed USB device number 98 using dummy_hcd
[ 3101.475820][T11200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3101.486842][T11200] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3101.496627][T11200] usb 4-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[ 3101.505736][T11200] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3101.516230][T11200] usb 4-1: config 0 descriptor??
[ 3101.726976][T11998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.14120'.
[ 3101.738004][T11998] device bridge0 entered promiscuous mode
[ 3101.744243][T11998] bridge0: port 1(macsec1) entered blocking state
[ 3101.750820][T11998] bridge0: port 1(macsec1) entered disabled state
[ 3101.758277][T11998] device bridge0 left promiscuous mode
[ 3102.037247][T11200] hid-steam 0003:28DE:1142.0028: : USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[ 3102.093292][T11200] hid-steam 0003:28DE:1142.0029: hidraw0: USB HID v0.00 Device [HID 28de:1142] on usb-dummy_hcd.3-1/input0
[ 3102.176741][T11200] hid-steam 0003:28DE:1142.0028: Steam wireless receiver connected
[ 3102.664872][T11200] usb 4-1: USB disconnect, device number 98
[ 3102.678499][T11200] hid-steam 0003:28DE:1142.0028: Steam wireless receiver disconnected
[ 3102.881356][T30117] usb 9-1: USB disconnect, device number 22
[ 3102.905860][ T7370] usb 6-1: new high-speed USB device number 65 using dummy_hcd
[ 3103.145727][ T7370] usb 6-1: Using ep0 maxpacket: 16
[ 3103.265771][ T7370] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3103.276825][ T7370] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3103.286611][ T7370] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[ 3103.299429][ T7370] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[ 3103.308552][ T7370] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3103.319102][ T7370] usb 6-1: config 0 descriptor??
[ 3103.366753][T12042] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14136'.
[ 3103.399182][T12042] device bridge0 entered promiscuous mode
[ 3103.423853][T12042] bridge0: port 3(macsec1) entered blocking state
[ 3103.436197][T12042] bridge0: port 3(macsec1) entered disabled state
[ 3103.444317][T12042] device bridge0 left promiscuous mode
[ 3103.567123][T12046] binfmt_misc: register: failed to install interpreter file ./file2
[ 3103.715722][T11200] usb 2-1: new high-speed USB device number 85 using dummy_hcd
[ 3103.883576][ T7370] microsoft 0003:045E:07DA.002A: unknown main item tag 0x0
[ 3103.906535][ T7370] microsoft 0003:045E:07DA.002A: unknown main item tag 0x0
[ 3103.927335][ T7370] microsoft 0003:045E:07DA.002A: unknown main item tag 0x0
[ 3103.937073][ T7370] microsoft 0003:045E:07DA.002A: No inputs registered, leaving
[ 3103.955776][T11200] usb 2-1: Using ep0 maxpacket: 8
[ 3103.980345][ T7370] microsoft 0003:045E:07DA.002A: hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[ 3103.992103][ T7370] microsoft 0003:045E:07DA.002A: no inputs found
[ 3103.998634][ T7370] microsoft 0003:045E:07DA.002A: could not initialize ff, continuing anyway
[ 3104.084599][ T7370] usb 6-1: USB disconnect, device number 65
[ 3104.105755][T11200] usb 2-1: config 0 has an invalid interface number: 150 but max is 0
[ 3104.117056][T11200] usb 2-1: config 0 has an invalid interface number: 112 but max is 0
[ 3104.134568][T11200] usb 2-1: config 0 has an invalid interface number: 3 but max is 0
[ 3104.143142][T11200] usb 2-1: config 0 has 3 interfaces, different from the descriptor's value: 1
[ 3104.152531][T11200] usb 2-1: config 0 has no interface number 0
[ 3104.158733][T11200] usb 2-1: config 0 has no interface number 1
[ 3104.164855][T11200] usb 2-1: config 0 has no interface number 2
[ 3104.171175][T11200] usb 2-1: config 0 interface 150 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 3104.184194][T11200] usb 2-1: too many endpoints for config 0 interface 112 altsetting 233: 104, using maximum allowed: 30
[ 3104.195411][T11200] usb 2-1: config 0 interface 112 altsetting 233 has 1 endpoint descriptor, different from the interface descriptor's value: 104
[ 3104.208890][T11200] usb 2-1: config 0 interface 150 has no altsetting 0
[ 3104.215719][T11200] usb 2-1: config 0 interface 112 has no altsetting 0
[ 3104.222527][T11200] usb 2-1: New USB device found, idVendor=1395, idProduct=0300, bcdDevice=81.75
[ 3104.231618][T11200] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3104.240902][T11200] usb 2-1: config 0 descriptor??
[ 3104.934011][T28743] usb 9-1: new full-speed USB device number 23 using dummy_hcd
[ 3105.185798][T11200] usb 2-1: string descriptor 0 read error: -71
[ 3105.195379][T11200] usb 2-1: USB disconnect, device number 85
[ 3105.335805][T28743] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3105.346873][T28743] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3105.406172][T10269] udevd[10269]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.150/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 3105.429146][T12090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.14154'.
[ 3105.443471][T12090] device bridge0 entered promiscuous mode
[ 3105.450638][T12090] bridge0: port 3(macsec1) entered blocking state
[ 3105.455826][T28743] usb 9-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3105.457148][T12090] bridge0: port 3(macsec1) entered disabled state
[ 3105.469518][T28743] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3105.480925][T28743] usb 9-1: SerialNumber: syz
[ 3105.485949][T12090] device bridge0 left promiscuous mode
[ 3105.492268][T28743] usb 9-1: config 0 descriptor??
[ 3105.546422][T28743] usb 9-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3105.553533][T28743] usb 9-1: No valid video chain found.
[ 3106.082874][T12102] netlink: 60 bytes leftover after parsing attributes in process `syz.5.14159'.
[ 3106.515888][   T30] audit: type=1400 audit(1749286934.913:6967): avc:  denied  { mount } for  pid=12115 comm="syz.3.14163" name="/" dev="devpts" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 3106.641076][   T30] audit: type=1400 audit(1749286935.043:6968): avc:  denied  { unmount } for  pid=6780 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:devpts_t tclass=filesystem permissive=1
[ 3107.165301][  T286] usb 9-1: USB disconnect, device number 23
[ 3107.419113][T12141] netlink: 4 bytes leftover after parsing attributes in process `syz.8.14172'.
[ 3107.437947][T12141] device bridge0 entered promiscuous mode
[ 3107.446083][T12141] bridge0: port 3(macsec1) entered blocking state
[ 3107.452666][T12141] bridge0: port 3(macsec1) entered disabled state
[ 3107.463701][T12141] device bridge0 left promiscuous mode
[ 3108.095733][ T7370] usb 2-1: new high-speed USB device number 86 using dummy_hcd
[ 3109.375712][ T7370] usb 2-1: Using ep0 maxpacket: 8
[ 3109.495704][  T286] usb 7-1: new high-speed USB device number 60 using dummy_hcd
[ 3109.505768][ T7370] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[ 3109.516917][ T7370] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[ 3109.526821][ T7370] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[ 3109.536837][ T7370] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12336, setting to 1024
[ 3109.548148][ T7370] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[ 3109.558332][ T7370] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[ 3109.567450][ T7370] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3109.586034][ T7370] usb 2-1: config 0 descriptor??
[ 3109.605733][T11200] usb 4-1: new full-speed USB device number 99 using dummy_hcd
[ 3109.605793][T12156] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[ 3109.830681][ T5520] usb 2-1: USB disconnect, device number 86
[ 3109.898894][T12196] netlink: 4 bytes leftover after parsing attributes in process `syz.8.14194'.
[ 3109.916859][T12196] device bridge0 entered promiscuous mode
[ 3109.924821][T12196] bridge0: port 3(macsec1) entered blocking state
[ 3109.931707][T12196] bridge0: port 3(macsec1) entered disabled state
[ 3109.942553][T12196] device bridge0 left promiscuous mode
[ 3109.985780][T11200] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3109.997255][T11200] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1024, setting to 64
[ 3110.011237][T11200] usb 4-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[ 3110.025778][  T286] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3110.034838][  T286] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3110.043135][  T286] usb 7-1: Product: syz
[ 3110.047398][  T286] usb 7-1: Manufacturer: syz
[ 3110.052007][  T286] usb 7-1: SerialNumber: syz
[ 3110.195774][T11200] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3110.205928][T11200] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3110.214338][T11200] usb 4-1: Product: syz
[ 3110.218854][T11200] usb 4-1: Manufacturer: syz
[ 3110.223605][T11200] usb 4-1: SerialNumber: syz
[ 3110.255766][T12181] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 3111.385816][ T5520] usb 6-1: new full-speed USB device number 66 using dummy_hcd
[ 3111.485756][T11200] cdc_ncm 4-1:1.0: bind() failure
[ 3111.505789][T11200] cdc_ncm: probe of 4-1:1.1 failed with error -71
[ 3111.525755][T11200] cdc_mbim: probe of 4-1:1.1 failed with error -71
[ 3111.533805][T11200] usb 4-1: USB disconnect, device number 99
[ 3111.565742][  T286] cdc_ncm 7-1:1.0: failed to get mac address
[ 3111.585970][  T286] cdc_ncm 7-1:1.0: bind() failure
[ 3111.605728][  T286] cdc_ncm: probe of 7-1:1.1 failed with error -71
[ 3111.625765][  T286] cdc_mbim: probe of 7-1:1.1 failed with error -71
[ 3111.638408][  T286] usb 7-1: USB disconnect, device number 60
[ 3111.905890][ T5520] usb 6-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 3111.915195][ T5520] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3111.923313][ T5520] usb 6-1: Product: syz
[ 3111.928701][ T5520] usb 6-1: Manufacturer: syz
[ 3111.933340][ T5520] usb 6-1: SerialNumber: syz
[ 3111.947717][ T5520] usb 6-1: config 0 descriptor??
[ 3112.690866][   T30] audit: type=1400 audit(1749286941.103:6969): avc:  denied  { write } for  pid=12269 comm="syz.1.14224" name="urandom" dev="devtmpfs" ino=8 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:urandom_device_t tclass=chr_file permissive=1
[ 3112.865732][ T5520] usb 4-1: new full-speed USB device number 100 using dummy_hcd
[ 3113.300737][    T8] tipc: Disabling bearer <udp:syz2>
[ 3113.306289][    T8] tipc: Disabling bearer <udp:syz0>
[ 3113.311611][    T8] tipc: Disabling bearer <udp:s>
[ 3113.316907][    T8] tipc: Left network mode
[ 3113.360417][T12288] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3113.367579][T12288] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3113.375264][T12288] device bridge_slave_0 entered promiscuous mode
[ 3113.385070][T12288] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3113.392190][T12288] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3113.399728][T12288] device bridge_slave_1 entered promiscuous mode
[ 3113.455754][ T5520] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3113.464031][T12288] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3113.466415][ T5520] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 3113.473030][T12288] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3113.473165][T12288] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3113.496173][T12288] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3113.521236][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 3113.529320][ T1945] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3113.536738][ T1945] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3113.548963][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 3113.557346][ T1945] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3113.564412][ T1945] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3113.565864][ T5520] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.00
[ 3113.580838][ T5520] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 3113.583603][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 3113.589022][ T5520] usb 4-1: SerialNumber: syz
[ 3113.603053][ T1945] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3113.610161][ T1945] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3113.626583][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 3113.636522][ T5520] usb 4-1: 0:2 : does not exist
[ 3113.642576][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 3113.660330][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 3113.675562][T12288] device veth0_vlan entered promiscuous mode
[ 3113.682212][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 3113.696701][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 3113.704361][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 3113.722081][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 3113.731879][T12288] device veth1_macvtap entered promiscuous mode
[ 3113.744326][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 3113.755178][ T1945] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 3113.769782][   T30] audit: type=1326 audit(1749286942.183:6970): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.812142][   T30] audit: type=1326 audit(1749286942.183:6971): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.840506][   T30] audit: type=1326 audit(1749286942.183:6972): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.882383][   T30] audit: type=1326 audit(1749286942.183:6973): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.917604][   T30] audit: type=1326 audit(1749286942.183:6974): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.941495][   T30] audit: type=1326 audit(1749286942.183:6975): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.966521][   T30] audit: type=1326 audit(1749286942.183:6976): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.990390][    T8] device veth1_macvtap left promiscuous mode
[ 3113.990468][   T30] audit: type=1326 audit(1749286942.183:6977): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3113.997121][    T8] device veth0_vlan left promiscuous mode
[ 3114.025802][   T30] audit: type=1326 audit(1749286942.183:6978): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12280 comm="syz.1.14229" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f39ce384929 code=0x7fc00000
[ 3114.115871][T11200] usb 9-1: new high-speed USB device number 24 using dummy_hcd
[ 3114.354299][  T286] usb 6-1: USB disconnect, device number 66
[ 3114.365700][T11200] usb 9-1: Using ep0 maxpacket: 32
[ 3114.489250][T12307] tipc: Started in network mode
[ 3114.494222][T12307] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[ 3114.503384][T12307] tipc: Enabled bearer <udp:syz0>, priority 10
[ 3114.515773][T11200] usb 9-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[ 3114.526601][T11200] usb 9-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 3114.536449][T11200] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3114.546632][T11200] usb 9-1: config 0 descriptor??
[ 3114.566144][T12299] raw-gadget.2 gadget: fail, usb_ep_enable returned -22
[ 3114.586717][T11200] hub 9-1:0.0: bad descriptor, ignoring hub
[ 3114.592672][T11200] hub: probe of 9-1:0.0 failed with error -5
[ 3114.599207][T11200] usbhid 9-1:0.0: couldn't find an input interrupt endpoint
[ 3114.825769][T25568] usb 2-1: new full-speed USB device number 87 using dummy_hcd
[ 3115.075747][  T286] usb 6-1: new high-speed USB device number 67 using dummy_hcd
[ 3115.215815][T25568] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3115.227130][T25568] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3115.325788][T25568] usb 2-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3115.334947][T25568] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3115.343028][T25568] usb 2-1: SerialNumber: syz
[ 3115.348908][T25568] usb 2-1: config 0 descriptor??
[ 3115.396464][T25568] usb 2-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3115.403448][T25568] usb 2-1: No valid video chain found.
[ 3115.455747][  T286] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 3115.466747][  T286] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3115.476531][  T286] usb 6-1: New USB device found, idVendor=17ef, idProduct=6047, bcdDevice= 0.00
[ 3115.485588][  T286] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 3115.494344][  T286] usb 6-1: config 0 descriptor??
[ 3115.499485][ T6377] tipc: Node number set to 1
[ 3115.607260][T25568] usb 4-1: USB disconnect, device number 100
[ 3115.996761][  T286] lenovo 0003:17EF:6047.002B: unknown main item tag 0x0
[ 3116.003852][  T286] lenovo 0003:17EF:6047.002B: unknown main item tag 0x0
[ 3116.010957][  T286] lenovo 0003:17EF:6047.002B: unknown main item tag 0x0
[ 3116.018172][  T286] lenovo 0003:17EF:6047.002B: unknown main item tag 0x0
[ 3116.025174][  T286] lenovo 0003:17EF:6047.002B: unknown main item tag 0x0
[ 3116.033809][  T286] lenovo 0003:17EF:6047.002B: hidraw0: USB HID v0.00 Device [HID 17ef:6047] on usb-dummy_hcd.5-1/input0
[ 3116.326070][ T6377] usb 7-1: new high-speed USB device number 61 using dummy_hcd
[ 3116.435885][  T286] lenovo 0003:17EF:6047.002B: Failed to switch middle button: -71
[ 3116.455843][  T286] lenovo 0003:17EF:6047.002B: Fn-lock setting failed: -71
[ 3116.475777][  T286] lenovo 0003:17EF:6047.002B: Sensitivity setting failed: -71
[ 3116.485095][  T286] usb 6-1: USB disconnect, device number 67
[ 3116.506549][T12341] fido_id[12341]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[ 3116.605728][ T6377] usb 7-1: Using ep0 maxpacket: 32
[ 3116.735351][T12347] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3117.015810][T25568] usb 9-1: USB disconnect, device number 24
[ 3117.138520][ T6377] usb 7-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[ 3117.153894][ T6377] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3117.167126][ T6377] usb 7-1: Product: syz
[ 3117.172386][ T6377] usb 7-1: Manufacturer: syz
[ 3117.181149][ T6377] usb 7-1: SerialNumber: syz
[ 3117.616700][ T6377] usb 7-1: config 0 descriptor??
[ 3117.622293][  T286] usb 2-1: USB disconnect, device number 87
[ 3117.704119][ T1945] tipc: Disabling bearer <udp:syz2>
[ 3117.709564][ T1945] tipc: Disabling bearer <udp:syz0>
[ 3117.715078][ T1945] tipc: Left network mode
[ 3117.751617][T12378] cgroup: name respecified
[ 3117.853424][T12382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3117.868162][T12382] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3117.876073][T12382] device bridge_slave_0 entered promiscuous mode
[ 3117.896219][T12382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3117.903432][T12382] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3117.911115][T12382] device bridge_slave_1 entered promiscuous mode
[ 3118.082490][T12392] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3118.122444][T12382] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3118.129594][T12382] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3118.136938][T12382] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3118.143979][T12382] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3118.255774][T25568] usb 6-1: new full-speed USB device number 68 using dummy_hcd
[ 3118.314215][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 3118.321953][    T8] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3118.329493][    T8] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3118.341633][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 3118.349943][    T8] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3118.356998][    T8] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3118.367576][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 3118.376249][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3118.383292][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3118.402464][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 3118.417938][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 3118.430118][ T1945] device veth1_macvtap left promiscuous mode
[ 3118.436918][ T1945] device veth0_vlan left promiscuous mode
[ 3118.546316][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 3118.559348][T12382] device veth0_vlan entered promiscuous mode
[ 3118.566088][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 3118.574404][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 3118.582928][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 3118.599723][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 3118.609994][T12382] device veth1_macvtap entered promiscuous mode
[ 3118.623032][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 3118.636315][    T8] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 3118.653503][T25568] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3118.710823][T25568] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3118.815783][T25568] usb 6-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3118.825011][T25568] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3118.833137][T25568] usb 6-1: SerialNumber: syz
[ 3118.844188][T25568] usb 6-1: config 0 descriptor??
[ 3118.909502][T25568] usb 6-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3118.916933][T25568] usb 6-1: No valid video chain found.
[ 3119.121562][T25568] usb 7-1: USB disconnect, device number 61
[ 3119.245711][ T6377] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 3119.495745][ T6377] usb 10-1: Using ep0 maxpacket: 8
[ 3119.625295][T12442] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[ 3119.655771][ T6377] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 3119.735758][ T6377] usb 10-1: config 6 has an invalid interface number: 70 but max is 0
[ 3119.744155][ T6377] usb 10-1: config 6 has no interface number 0
[ 3119.750459][ T6377] usb 10-1: config 6 interface 70 has no altsetting 0
[ 3120.401619][T12446] tipc: Enabling of bearer <udp:syz0> rejected, already enabled
[ 3120.826087][ T2025] usb 6-1: USB disconnect, device number 68
[ 3120.885774][ T6377] usb 10-1: New USB device found, idVendor=1ae7, idProduct=0525, bcdDevice=63.7b
[ 3120.901712][ T6377] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3120.930321][ T6377] usb 10-1: Product: syz
[ 3120.934635][ T6377] usb 10-1: Manufacturer: syz
[ 3120.959680][ T6377] usb 10-1: SerialNumber: syz
[ 3121.723801][T12469] xt_socket: unknown flags 0xc
[ 3122.940059][ T6377] usb 10-1: USB disconnect, device number 2
[ 3123.373995][T12490] incfs_lookup_dentry err:-5
[ 3123.378799][T12490] incfs: Can't find or create .index dir in ./file0
[ 3123.385539][T12490] incfs: mount failed -5
[ 3123.394920][T12490] 9pnet: p9_client_clunk (12490): Trying to clunk with invalid fid
[ 3123.404319][T12490] CPU: 0 PID: 12490 Comm: syz.6.14304 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 3123.414429][T12490] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 3123.424636][T12490] Call Trace:
[ 3123.427937][T12490]  <TASK>
[ 3123.430888][T12490]  __dump_stack+0x21/0x30
[ 3123.435222][T12490]  dump_stack_lvl+0xee/0x150
[ 3123.439807][T12490]  ? show_regs_print_info+0x20/0x20
[ 3123.445000][T12490]  ? v9fs_fid_find+0x316/0x360
[ 3123.449771][T12490]  ? v9fs_fid_lookup_with_uid+0x4a8/0x800
[ 3123.455498][T12490]  dump_stack+0x15/0x20
[ 3123.459656][T12490]  p9_client_clunk+0x2c8/0x390
[ 3123.464429][T12490]  v9fs_statfs+0x18f/0x340
[ 3123.468848][T12490]  ? selinux_sb_show_options+0x650/0x650
[ 3123.474486][T12490]  ? v9fs_drop_inode+0x140/0x140
[ 3123.479429][T12490]  vfs_statfs+0x13a/0x2d0
[ 3123.483758][T12490]  ovl_get_lowerstack+0x1fd/0x1bf0
[ 3123.488871][T12490]  ? ovl_get_upper+0x580/0x580
[ 3123.493633][T12490]  ? ovl_get_workdir+0x10b0/0x10b0
[ 3123.498742][T12490]  ? __kmalloc+0x13d/0x2c0
[ 3123.503156][T12490]  ? ovl_fill_super+0x1472/0x2a80
[ 3123.508178][T12490]  ovl_fill_super+0x1771/0x2a80
[ 3123.513041][T12490]  ? ovl_mount+0x40/0x40
[ 3123.517280][T12490]  ? register_shrinker_prepared+0xd7/0x100
[ 3123.523090][T12490]  ? sget+0x4a0/0x4c0
[ 3123.527070][T12490]  ? ovl_mount+0x40/0x40
[ 3123.531326][T12490]  mount_nodev+0x5c/0xf0
[ 3123.535577][T12490]  ovl_mount+0x2c/0x40
[ 3123.535728][ T7370] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 3123.539648][T12490]  legacy_get_tree+0xed/0x190
[ 3123.539672][T12490]  ? virtio_fs_request_complete+0xce0/0xce0
[ 3123.539693][T12490]  vfs_get_tree+0x89/0x260
[ 3123.539715][T12490]  do_new_mount+0x25a/0xa20
[ 3123.539738][T12490]  path_mount+0x675/0x1020
[ 3123.571100][T12490]  ? user_path_at_empty+0x161/0x1c0
[ 3123.576302][T12490]  __se_sys_mount+0x318/0x380
[ 3123.580996][T12490]  ? __x64_sys_mount+0xd0/0xd0
[ 3123.585793][T12490]  ? __kasan_check_write+0x14/0x20
[ 3123.590930][T12490]  __x64_sys_mount+0xbf/0xd0
[ 3123.595545][T12490]  x64_sys_call+0x6bf/0x9a0
[ 3123.600078][T12490]  do_syscall_64+0x4c/0xa0
[ 3123.604517][T12490]  ? clear_bhb_loop+0x50/0xa0
[ 3123.609195][T12490]  ? clear_bhb_loop+0x50/0xa0
[ 3123.613872][T12490]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3123.619763][T12490] RIP: 0033:0x7fa4f2140929
[ 3123.624173][T12490] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3123.643777][T12490] RSP: 002b:00007fa4f07a9038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 3123.652188][T12490] RAX: ffffffffffffffda RBX: 00007fa4f2367fa0 RCX: 00007fa4f2140929
[ 3123.660155][T12490] RDX: 0000200000000340 RSI: 00002000000000c0 RDI: 0000000000000000
[ 3123.668129][T12490] RBP: 00007fa4f21c2b39 R08: 0000200000000080 R09: 0000000000000000
[ 3123.676099][T12490] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 3123.684063][T12490] R13: 0000000000000000 R14: 00007fa4f2367fa0 R15: 00007fff74deaa98
[ 3123.692040][T12490]  </TASK>
[ 3123.695774][T12490] overlayfs: statfs failed on './file0'
[ 3123.846774][ T7370] usb 9-1: Using ep0 maxpacket: 32
[ 3124.036020][ T7370] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 3124.115952][ T7370] usb 9-1: config 6 has an invalid interface number: 155 but max is 0
[ 3124.124746][ T7370] usb 9-1: config 6 has no interface number 0
[ 3124.128388][  T286] usb 6-1: new high-speed USB device number 69 using dummy_hcd
[ 3124.145707][T25568] usb 4-1: new full-speed USB device number 101 using dummy_hcd
[ 3124.285722][ T6377] usb 10-1: new full-speed USB device number 3 using dummy_hcd
[ 3124.285811][ T7370] usb 9-1: New USB device found, idVendor=0cf3, idProduct=817a, bcdDevice=51.5f
[ 3124.302551][ T7370] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3124.310640][ T7370] usb 9-1: Product: syz
[ 3124.314795][ T7370] usb 9-1: Manufacturer: syz
[ 3124.319399][ T7370] usb 9-1: SerialNumber: syz
[ 3124.395696][  T286] usb 6-1: Using ep0 maxpacket: 32
[ 3124.505852][T25568] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[ 3124.516882][T25568] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 3124.597197][ T7370] usb 9-1: USB disconnect, device number 25
[ 3124.605860][T25568] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[ 3124.614910][T25568] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=4
[ 3124.623228][T25568] usb 4-1: SerialNumber: syz
[ 3124.628953][T25568] usb 4-1: config 0 descriptor??
[ 3124.659084][  T286] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 3124.676470][T25568] usb 4-1: Found UVC 0.00 device <unnamed> (10c4:ea90)
[ 3124.683713][T25568] usb 4-1: No valid video chain found.
[ 3124.739597][ T6377] usb 10-1: unable to get BOS descriptor or descriptor too short
[ 3124.747551][  T286] usb 6-1: config 7 has an invalid interface number: 128 but max is 0
[ 3124.755902][  T286] usb 6-1: config 7 contains an unexpected descriptor of type 0x1, skipping
[ 3124.764601][  T286] usb 6-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[ 3124.774691][  T286] usb 6-1: config 7 has no interface number 0
[ 3124.780854][  T286] usb 6-1: config 7 interface 128 altsetting 2 has an invalid endpoint with address 0x17, skipping
[ 3124.791575][  T286] usb 6-1: config 7 interface 128 altsetting 2 endpoint 0x87 has an invalid bInterval 209, changing to 11
[ 3124.802961][ T6377] usb 10-1: not running at top speed; connect to a high speed hub
[ 3124.811138][  T286] usb 6-1: config 7 interface 128 altsetting 2 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[ 3124.876212][T12509] netlink: 4 bytes leftover after parsing attributes in process `syz.6.14309'.
[ 3124.894562][T12509] device bridge0 entered promiscuous mode
[ 3124.902496][T12509] bridge0: port 3(macsec1) entered blocking state
[ 3124.908997][T12509] bridge0: port 3(macsec1) entered disabled state
[ 3124.920457][T12509] device bridge0 left promiscuous mode
[ 3124.953341][  T286] usb 6-1: config 7 interface 128 has no altsetting 0
[ 3125.065789][ T6377] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 3125.076142][ T6377] usb 10-1: config 1 interface 1 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 3125.089153][ T6377] usb 10-1: config 1 interface 1 has no altsetting 0
[ 3125.175831][  T286] usb 6-1: New USB device found, idVendor=6033, idProduct=4108, bcdDevice=cc.13
[ 3125.185240][  T286] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3125.193388][  T286] usb 6-1: Product: syz
[ 3125.197741][  T286] usb 6-1: Manufacturer: syz
[ 3125.202564][  T286] usb 6-1: SerialNumber: syz
[ 3125.225790][T12488] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[ 3125.255815][ T6377] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 3125.265164][ T6377] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 3125.273419][ T6377] usb 10-1: Product: syz
[ 3125.277732][ T6377] usb 10-1: Manufacturer: syz
[ 3125.282434][ T6377] usb 10-1: SerialNumber: syz
[ 3125.656047][  T286] usb 6-1: MIDIStreaming interface descriptor not found
[ 3125.886764][  T286] usb 6-1: USB disconnect, device number 69
[ 3125.915773][ T6377] usb 10-1: selecting invalid altsetting 0
[ 3125.921688][ T6377] usb 10-1: selecting invalid altsetting 0
[ 3125.927891][ T6377] cdc_ncm 10-1:1.0: bind() failure
[ 3125.939898][ T6377] usb 10-1: USB disconnect, device number 3
[ 3126.133754][ T9380] udevd[9380]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:7.128/sound/card0/controlC0/../uevent} for writing: No such file or directory
[ 3127.063819][ T7370] usb 4-1: USB disconnect, device number 101
[ 3127.564590][T12539] xt_socket: unknown flags 0xc
[ 3129.375748][ T6377] usb 6-1: new high-speed USB device number 70 using dummy_hcd
[ 3133.145733][ T6377] usb 6-1: unable to read config index 0 descriptor/all
[ 3133.165316][ T6377] usb 6-1: can't read configurations, error -71
[ 3134.426758][T12595] usb usb8: usbfs: process 12595 (syz.9.14332) did not claim interface 0 before use
[ 3137.202929][T12626] 9pnet: p9_fd_create_tcp (12626): problem connecting socket to 127.0.0.1
[ 3140.613467][T12643] xt_socket: unknown flags 0xc
[ 3140.886783][T12648] overlayfs: failed to resolve './file0': -2
[ 3141.086580][T12653] bridge: RTM_NEWNEIGH with invalid ether address
[ 3141.585697][T12660] xt_bpf: check failed: parse error
[ 3143.211814][T12695] udevd[12695]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[ 3143.859740][T12704] xt_socket: unknown flags 0xc
[ 3144.857496][T12713] overlayfs: failed to resolve './file0': -2
[ 3145.823005][   T30] kauditd_printk_skb: 21 callbacks suppressed
[ 3145.823022][   T30] audit: type=1326 audit(1749286974.233:7000): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12709 comm="syz.5.14369" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f1a05d1c929 code=0x0
[ 3148.741630][T12753] xt_socket: unknown flags 0xc
[ 3150.778398][T12769] xt_socket: unknown flags 0xc
[ 3151.683860][T12778] netlink: 4 bytes leftover after parsing attributes in process `syz.5.14383'.
[ 3151.736523][T12778] device bridge0 entered promiscuous mode
[ 3151.772191][T12778] bridge0: port 1(macsec1) entered blocking state
[ 3151.817496][T12778] bridge0: port 1(macsec1) entered disabled state
[ 3151.919843][T12778] device bridge0 left promiscuous mode
[ 3153.646110][T12787] usb usb8: usbfs: process 12787 (syz.6.14386) did not claim interface 0 before use
[ 3155.144606][T12810] xt_bpf: check failed: parse error
[ 3156.433703][T12832] xt_socket: unknown flags 0xc
[ 3160.575875][ T2025] usb 4-1: new full-speed USB device number 102 using dummy_hcd
[ 3161.507819][T12875] xt_socket: unknown flags 0xc
[ 3161.715743][ T2025] usb 4-1: device not accepting address 102, error -71
[ 3162.214338][T12890] usb usb8: usbfs: process 12890 (syz.9.14418) did not claim interface 0 before use
[ 3165.391834][T12954] usb usb8: usbfs: process 12954 (syz.5.14432) did not claim interface 0 before use
[ 3165.564970][   T30] audit: type=1326 audit(1749286993.973:7001): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=12947 comm="syz.6.14430" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fa4f2140929 code=0x0
[ 3169.251709][T13000] usb usb8: usbfs: process 13000 (syz.8.14446) did not claim interface 0 before use
[ 3174.053365][T13052] usb usb8: usbfs: process 13052 (syz.5.14462) did not claim interface 0 before use
[ 3176.913623][T13098] xt_bpf: check failed: parse error
[ 3177.245867][T13101] usb usb8: usbfs: process 13101 (syz.9.14477) did not claim interface 0 before use
[ 3177.281694][T13105] bridge: RTM_NEWNEIGH with invalid ether address
[ 3180.384868][T13155] usb usb8: usbfs: process 13155 (syz.3.14494) did not claim interface 0 before use
[ 3181.957106][ T8489] tipc: Disabling bearer <udp:syz2>
[ 3181.970115][ T8489] tipc: Disabling bearer <udp:syz0>
[ 3182.645706][    C0] ------------[ cut here ]------------
[ 3182.651213][    C0] refcount_t: addition on 0; use-after-free.
[ 3182.657418][    C0] WARNING: CPU: 0 PID: 13176 at lib/refcount.c:25 refcount_warn_saturate+0x104/0x1a0
[ 3182.666965][    C0] Modules linked in:
[ 3182.670875][    C0] CPU: 0 PID: 13176 Comm: syz.3.14498 Not tainted 5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 3182.680975][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 3182.691067][    C0] RIP: 0010:refcount_warn_saturate+0x104/0x1a0
[ 3182.697265][    C0] Code: 04 01 48 c7 c7 60 ef 62 85 e8 08 9d 50 02 0f 0b eb df e8 5f d6 1c ff c6 05 ba f8 99 04 01 48 c7 c7 a0 ee 62 85 e8 ec 9c 50 02 <0f> 0b eb c3 e8 43 d6 1c ff c6 05 9f f8 99 04 01 48 c7 c7 00 ef 62
[ 3182.716916][    C0] RSP: 0018:ffffc90000007820 EFLAGS: 00010246
[ 3182.723009][    C0] RAX: f4a62ba032f71100 RBX: 0000000000000002 RCX: ffff88812e47e2c0
[ 3182.731033][    C0] RDX: 0000000000000100 RSI: 0000000080000101 RDI: 0000000000000000
[ 3182.739055][    C0] RBP: ffffc90000007830 R08: dffffc0000000000 R09: fffff52000000e51
[ 3182.747071][    C0] R10: fffff52000000e51 R11: 1ffff92000000e50 R12: ffff88811dd08008
[ 3182.755069][    C0] R13: dffffc0000000000 R14: 0000000000000002 R15: ffffc900000079b8
[ 3182.763091][    C0] FS:  00007f470005a6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 3182.772066][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3182.778691][    C0] CR2: 00007f4700038f98 CR3: 00000001162b0000 CR4: 00000000003506b0
[ 3182.786696][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000004144
[ 3182.794686][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 3182.802695][    C0] Call Trace:
[ 3182.806000][    C0]  <IRQ>
[ 3182.808861][    C0]  tipc_crypto_xmit+0x1938/0x2400
[ 3182.813913][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 3182.819161][    C0]  ? skb_clone+0x202/0x360
[ 3182.823604][    C0]  tipc_crypto_clone_msg+0x9b/0x150
[ 3182.828844][    C0]  tipc_crypto_xmit+0x1ab9/0x2400
[ 3182.833886][    C0]  ? get_nohz_timer_target+0x74/0x550
[ 3182.839292][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 3182.844509][    C0]  ? memcpy+0x56/0x70
[ 3182.848526][    C0]  ? __copy_skb_header+0x437/0x600
[ 3182.853658][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 3182.858891][    C0]  ? __skb_clone+0x47a/0x790
[ 3182.863500][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 3182.868474][    C0]  ? skb_clone+0x202/0x360
[ 3182.872907][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 3182.877900][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3182.883118][    C0]  ? _find_next_bit+0x106/0x200
[ 3182.888020][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3182.893239][    C0]  call_timer_fn+0x38/0x290
[ 3182.897783][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3182.903008][    C0]  __run_timers+0x639/0x9a0
[ 3182.907564][    C0]  ? calc_index+0x200/0x200
[ 3182.912087][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 3182.916978][    C0]  run_timer_softirq+0x6a/0xf0
[ 3182.921766][    C0]  handle_softirqs+0x250/0x560
[ 3182.926612][    C0]  __irq_exit_rcu+0x52/0xf0
[ 3182.931135][    C0]  irq_exit_rcu+0x9/0x10
[ 3182.935396][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 3182.941063][    C0]  </IRQ>
[ 3182.944007][    C0]  <TASK>
[ 3182.946963][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 3182.952960][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x56/0x80
[ 3182.959415][    C0] Code: 39 6d 86 e8 1c 74 01 fd 4c 89 f7 48 83 3d 69 95 c7 01 00 74 31 e8 3e 77 a9 fc 66 90 f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 35 5f a1 fc 65 8b 05 16 c9 5c 7b 85 c0 74 05 5b 41 5e 5d c3 e8
[ 3182.979055][    C0] RSP: 0018:ffffc90000d075c0 EFLAGS: 00000206
[ 3182.985143][    C0] RAX: 0000000000000001 RBX: 0000000000000a02 RCX: dffffc0000000000
[ 3182.993141][    C0] RDX: ffffc90000ecf6d8 RSI: 0000000000000a02 RDI: 0000000000000001
[ 3183.001143][    C0] RBP: ffffc90000d075d0 R08: dffffc0000000000 R09: ffffed1020067c59
[ 3183.009148][    C0] R10: ffffed1020067c59 R11: 1ffff11020067c58 R12: ffff8881240ee900
[ 3183.017151][    C0] R13: 0000000000000010 R14: 0000000000000001 R15: 0000000000000000
[ 3183.025141][    C0]  __wake_up_sync_key+0x166/0x280
[ 3183.030204][    C0]  ? __wake_up_locked_key_bookmark+0x20/0x20
[ 3183.036220][    C0]  ? __skb_try_recv_datagram+0x3da/0x4d0
[ 3183.041883][    C0]  ? sock_load_diag_module+0x140/0x140
[ 3183.047382][    C0]  __unix_dgram_recvmsg+0x495/0xd50
[ 3183.052594][    C0]  ? __kasan_check_read+0x11/0x20
[ 3183.057656][    C0]  ? unix_unhash+0x10/0x10
[ 3183.062092][    C0]  ? sysvec_call_function_single+0x61/0xc0
[ 3183.067931][    C0]  unix_dgram_recvmsg+0xc2/0xe0
[ 3183.072803][    C0]  ? unix_dgram_sendmsg+0x1880/0x1880
[ 3183.078209][    C0]  ____sys_recvmsg+0x291/0x580
[ 3183.082993][    C0]  ? __sys_recvmsg_sock+0x50/0x50
[ 3183.088048][    C0]  ? memset+0x35/0x40
[ 3183.092054][    C0]  ? import_iovec+0x7c/0xb0
[ 3183.096589][    C0]  ___sys_recvmsg+0x1af/0x4f0
[ 3183.101280][    C0]  ? __sys_recvmsg+0x250/0x250
[ 3183.106081][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[ 3183.112255][    C0]  ? do_recvmmsg+0x317/0x780
[ 3183.116876][    C0]  do_recvmmsg+0x344/0x780
[ 3183.121311][    C0]  ? __sys_recvmmsg+0x280/0x280
[ 3183.126197][    C0]  ? __se_sys_futex+0x139/0x310
[ 3183.131076][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[ 3183.136159][    C0]  ? do_recvmmsg+0x780/0x780
[ 3183.140796][    C0]  ? switch_fpu_return+0x15d/0x2c0
[ 3183.145975][    C0]  x64_sys_call+0x297/0x9a0
[ 3183.150500][    C0]  do_syscall_64+0x4c/0xa0
[ 3183.154930][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 3183.159638][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 3183.164378][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3183.170305][    C0] RIP: 0033:0x7f4701a12929
[ 3183.174737][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3183.194548][    C0] RSP: 002b:00007f470005a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 3183.203012][    C0] RAX: ffffffffffffffda RBX: 00007f4701c3a080 RCX: 00007f4701a12929
[ 3183.211178][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[ 3183.219196][    C0] RBP: 00007f4701a94b39 R08: 0000000000000000 R09: 0000000000000000
[ 3183.227206][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 3183.235190][    C0] R13: 0000000000000000 R14: 00007f4701c3a080 R15: 00007fff2dace638
[ 3183.243202][    C0]  </TASK>
[ 3183.246247][    C0] ---[ end trace d473c6f4c129cd5b ]---
[ 3183.251727][    C0] ------------[ cut here ]------------
[ 3183.257207][    C0] refcount_t: underflow; use-after-free.
[ 3183.262951][    C0] WARNING: CPU: 0 PID: 13176 at lib/refcount.c:28 refcount_warn_saturate+0x120/0x1a0
[ 3183.272459][    C0] Modules linked in:
[ 3183.276384][    C0] CPU: 0 PID: 13176 Comm: syz.3.14498 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 3183.287864][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 3183.297948][    C0] RIP: 0010:refcount_warn_saturate+0x120/0x1a0
[ 3183.304129][    C0] Code: 04 01 48 c7 c7 a0 ee 62 85 e8 ec 9c 50 02 0f 0b eb c3 e8 43 d6 1c ff c6 05 9f f8 99 04 01 48 c7 c7 00 ef 62 85 e8 d0 9c 50 02 <0f> 0b eb a7 e8 27 d6 1c ff c6 05 80 f8 99 04 01 48 c7 c7 40 ee 62
[ 3183.323793][    C0] RSP: 0018:ffffc90000007820 EFLAGS: 00010246
[ 3183.329916][    C0] RAX: f4a62ba032f71100 RBX: 0000000000000003 RCX: ffff88812e47e2c0
[ 3183.337925][    C0] RDX: 0000000000000100 RSI: 0000000080000101 RDI: 0000000000000000
[ 3183.345936][    C0] RBP: ffffc90000007830 R08: dffffc0000000000 R09: fffff52000000e51
[ 3183.353929][    C0] R10: fffff52000000e51 R11: 1ffff92000000e50 R12: ffff88811dd08008
[ 3183.361943][    C0] R13: dffffc0000000000 R14: 0000000000000003 R15: 00000000c0000000
[ 3183.369953][    C0] FS:  00007f470005a6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 3183.378916][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3183.385662][    C0] CR2: 00007f4700038f98 CR3: 00000001162b0000 CR4: 00000000003506b0
[ 3183.393676][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000004144
[ 3183.401720][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 3183.409742][    C0] Call Trace:
[ 3183.413035][    C0]  <IRQ>
[ 3183.415909][    C0]  tipc_crypto_xmit+0x1a82/0x2400
[ 3183.420960][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 3183.426204][    C0]  ? skb_clone+0x202/0x360
[ 3183.430638][    C0]  tipc_crypto_clone_msg+0x9b/0x150
[ 3183.435875][    C0]  tipc_crypto_xmit+0x1ab9/0x2400
[ 3183.440922][    C0]  ? get_nohz_timer_target+0x74/0x550
[ 3183.446331][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 3183.451545][    C0]  ? memcpy+0x56/0x70
[ 3183.455543][    C0]  ? __copy_skb_header+0x437/0x600
[ 3183.460693][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 3183.465931][    C0]  ? __skb_clone+0x47a/0x790
[ 3183.470542][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 3183.475501][    C0]  ? skb_clone+0x202/0x360
[ 3183.479952][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 3183.484917][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3183.490164][    C0]  ? _find_next_bit+0x106/0x200
[ 3183.495050][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3183.500305][    C0]  call_timer_fn+0x38/0x290
[ 3183.504829][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3183.510064][    C0]  __run_timers+0x639/0x9a0
[ 3183.514591][    C0]  ? calc_index+0x200/0x200
[ 3183.519132][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 3183.524005][    C0]  run_timer_softirq+0x6a/0xf0
[ 3183.528803][    C0]  handle_softirqs+0x250/0x560
[ 3183.533589][    C0]  __irq_exit_rcu+0x52/0xf0
[ 3183.538128][    C0]  irq_exit_rcu+0x9/0x10
[ 3183.542390][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 3183.548056][    C0]  </IRQ>
[ 3183.550996][    C0]  <TASK>
[ 3183.553938][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 3183.559956][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x56/0x80
[ 3183.566411][    C0] Code: 39 6d 86 e8 1c 74 01 fd 4c 89 f7 48 83 3d 69 95 c7 01 00 74 31 e8 3e 77 a9 fc 66 90 f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 35 5f a1 fc 65 8b 05 16 c9 5c 7b 85 c0 74 05 5b 41 5e 5d c3 e8
[ 3183.586056][    C0] RSP: 0018:ffffc90000d075c0 EFLAGS: 00000206
[ 3183.592141][    C0] RAX: 0000000000000001 RBX: 0000000000000a02 RCX: dffffc0000000000
[ 3183.600146][    C0] RDX: ffffc90000ecf6d8 RSI: 0000000000000a02 RDI: 0000000000000001
[ 3183.608150][    C0] RBP: ffffc90000d075d0 R08: dffffc0000000000 R09: ffffed1020067c59
[ 3183.616150][    C0] R10: ffffed1020067c59 R11: 1ffff11020067c58 R12: ffff8881240ee900
[ 3183.624135][    C0] R13: 0000000000000010 R14: 0000000000000001 R15: 0000000000000000
[ 3183.632149][    C0]  __wake_up_sync_key+0x166/0x280
[ 3183.637211][    C0]  ? __wake_up_locked_key_bookmark+0x20/0x20
[ 3183.643209][    C0]  ? __skb_try_recv_datagram+0x3da/0x4d0
[ 3183.648877][    C0]  ? sock_load_diag_module+0x140/0x140
[ 3183.654358][    C0]  __unix_dgram_recvmsg+0x495/0xd50
[ 3183.659587][    C0]  ? __kasan_check_read+0x11/0x20
[ 3183.664632][    C0]  ? unix_unhash+0x10/0x10
[ 3183.669100][    C0]  ? sysvec_call_function_single+0x61/0xc0
[ 3183.674932][    C0]  unix_dgram_recvmsg+0xc2/0xe0
[ 3183.679822][    C0]  ? unix_dgram_sendmsg+0x1880/0x1880
[ 3183.685212][    C0]  ____sys_recvmsg+0x291/0x580
[ 3183.690013][    C0]  ? __sys_recvmsg_sock+0x50/0x50
[ 3183.695051][    C0]  ? memset+0x35/0x40
[ 3183.699076][    C0]  ? import_iovec+0x7c/0xb0
[ 3183.703596][    C0]  ___sys_recvmsg+0x1af/0x4f0
[ 3183.708306][    C0]  ? __sys_recvmsg+0x250/0x250
[ 3183.713099][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[ 3183.719285][    C0]  ? do_recvmmsg+0x317/0x780
[ 3183.723893][    C0]  do_recvmmsg+0x344/0x780
[ 3183.728341][    C0]  ? __sys_recvmmsg+0x280/0x280
[ 3183.733212][    C0]  ? __se_sys_futex+0x139/0x310
[ 3183.738095][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[ 3183.743138][    C0]  ? do_recvmmsg+0x780/0x780
[ 3183.747761][    C0]  ? switch_fpu_return+0x15d/0x2c0
[ 3183.752894][    C0]  x64_sys_call+0x297/0x9a0
[ 3183.757441][    C0]  do_syscall_64+0x4c/0xa0
[ 3183.761881][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 3183.766603][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 3183.771305][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3183.777251][    C0] RIP: 0033:0x7f4701a12929
[ 3183.781690][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3183.801846][    C0] RSP: 002b:00007f470005a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 3183.810518][    C0] RAX: ffffffffffffffda RBX: 00007f4701c3a080 RCX: 00007f4701a12929
[ 3183.818741][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[ 3183.826930][    C0] RBP: 00007f4701a94b39 R08: 0000000000000000 R09: 0000000000000000
[ 3183.835110][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 3183.843411][    C0] R13: 0000000000000000 R14: 00007f4701c3a080 R15: 00007fff2dace638
[ 3183.851635][    C0]  </TASK>
[ 3183.854879][    C0] ---[ end trace d473c6f4c129cd5c ]---
[ 3183.860614][    C0] ------------[ cut here ]------------
[ 3183.866316][    C0] refcount_t: saturated; leaking memory.
[ 3183.872346][    C0] WARNING: CPU: 0 PID: 13176 at lib/refcount.c:22 refcount_warn_saturate+0x158/0x1a0
[ 3183.882328][    C0] Modules linked in:
[ 3183.886509][    C0] CPU: 0 PID: 13176 Comm: syz.3.14498 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 3183.898338][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 3183.908638][    C0] RIP: 0010:refcount_warn_saturate+0x158/0x1a0
[ 3183.915025][    C0] Code: 04 01 48 c7 c7 40 ee 62 85 e8 b4 9c 50 02 0f 0b eb 8b e8 0b d6 1c ff c6 05 65 f8 99 04 01 48 c7 c7 40 ee 62 85 e8 98 9c 50 02 <0f> 0b e9 6c ff ff ff e8 ec d5 1c ff c6 05 4a f8 99 04 01 48 c7 c7
[ 3183.934877][    C0] RSP: 0018:ffffc900000079e0 EFLAGS: 00010246
[ 3183.941229][    C0] RAX: f4a62ba032f71100 RBX: 0000000000000001 RCX: ffff88812e47e2c0
[ 3183.949433][    C0] RDX: 0000000000000100 RSI: 0000000000000101 RDI: 0000000000000000
[ 3183.957684][    C0] RBP: ffffc900000079f0 R08: dffffc0000000000 R09: fffff52000000e89
[ 3183.965884][    C0] R10: fffff52000000e89 R11: 1ffff92000000e88 R12: ffff88810ddba808
[ 3183.974071][    C0] R13: dffffc0000000000 R14: 0000000000000001 R15: ffffc90000007ba0
[ 3183.982268][    C0] FS:  00007f470005a6c0(0000) GS:ffff8881f7000000(0000) knlGS:0000000000000000
[ 3183.991437][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3183.998225][    C0] CR2: 00007f4700038f98 CR3: 00000001162b0000 CR4: 00000000003506b0
[ 3184.006413][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000004144
[ 3184.014640][    C0] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[ 3184.022870][    C0] Call Trace:
[ 3184.026360][    C0]  <IRQ>
[ 3184.029398][    C0]  tipc_crypto_xmit+0x1938/0x2400
[ 3184.034643][    C0]  ? tipc_crypto_do_cmd+0xcf0/0xcf0
[ 3184.040073][    C0]  ? __copy_skb_header+0x437/0x600
[ 3184.045387][    C0]  tipc_bearer_xmit_skb+0x226/0x360
[ 3184.050839][    C0]  ? __skb_clone+0x47a/0x790
[ 3184.055642][    C0]  ? tipc_bearer_mtu+0x160/0x160
[ 3184.060800][    C0]  ? skb_clone+0x202/0x360
[ 3184.065405][    C0]  tipc_disc_timeout+0x6a2/0x830
[ 3184.070550][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3184.075960][    C0]  ? _find_next_bit+0x106/0x200
[ 3184.081022][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3184.086431][    C0]  call_timer_fn+0x38/0x290
[ 3184.091125][    C0]  ? tipc_disc_init_msg+0x600/0x600
[ 3184.096547][    C0]  __run_timers+0x639/0x9a0
[ 3184.101260][    C0]  ? calc_index+0x200/0x200
[ 3184.105987][    C0]  ? sched_clock_cpu+0x18/0x3c0
[ 3184.111031][    C0]  run_timer_softirq+0x6a/0xf0
[ 3184.116023][    C0]  handle_softirqs+0x250/0x560
[ 3184.120991][    C0]  __irq_exit_rcu+0x52/0xf0
[ 3184.125716][    C0]  irq_exit_rcu+0x9/0x10
[ 3184.130153][    C0]  sysvec_apic_timer_interrupt+0xa9/0xc0
[ 3184.135998][    C0]  </IRQ>
[ 3184.139121][    C0]  <TASK>
[ 3184.142242][    C0]  asm_sysvec_apic_timer_interrupt+0x1b/0x20
[ 3184.148435][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0x56/0x80
[ 3184.155089][    C0] Code: 39 6d 86 e8 1c 74 01 fd 4c 89 f7 48 83 3d 69 95 c7 01 00 74 31 e8 3e 77 a9 fc 66 90 f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> 35 5f a1 fc 65 8b 05 16 c9 5c 7b 85 c0 74 05 5b 41 5e 5d c3 e8
[ 3184.174927][    C0] RSP: 0018:ffffc90000d075c0 EFLAGS: 00000206
[ 3184.181240][    C0] RAX: 0000000000000001 RBX: 0000000000000a02 RCX: dffffc0000000000
[ 3184.189421][    C0] RDX: ffffc90000ecf6d8 RSI: 0000000000000a02 RDI: 0000000000000001
[ 3184.197606][    C0] RBP: ffffc90000d075d0 R08: dffffc0000000000 R09: ffffed1020067c59
[ 3184.205797][    C0] R10: ffffed1020067c59 R11: 1ffff11020067c58 R12: ffff8881240ee900
[ 3184.213961][    C0] R13: 0000000000000010 R14: 0000000000000001 R15: 0000000000000000
[ 3184.222345][    C0]  __wake_up_sync_key+0x166/0x280
[ 3184.227595][    C0]  ? __wake_up_locked_key_bookmark+0x20/0x20
[ 3184.233785][    C0]  ? __skb_try_recv_datagram+0x3da/0x4d0
[ 3184.239624][    C0]  ? sock_load_diag_module+0x140/0x140
[ 3184.245281][    C0]  __unix_dgram_recvmsg+0x495/0xd50
[ 3184.250696][    C0]  ? __kasan_check_read+0x11/0x20
[ 3184.255952][    C0]  ? unix_unhash+0x10/0x10
[ 3184.260560][    C0]  ? sysvec_call_function_single+0x61/0xc0
[ 3184.266577][    C0]  unix_dgram_recvmsg+0xc2/0xe0
[ 3184.271631][    C0]  ? unix_dgram_sendmsg+0x1880/0x1880
[ 3184.277206][    C0]  ____sys_recvmsg+0x291/0x580
[ 3184.282170][    C0]  ? __sys_recvmsg_sock+0x50/0x50
[ 3184.287401][    C0]  ? memset+0x35/0x40
[ 3184.291589][    C0]  ? import_iovec+0x7c/0xb0
[ 3184.296307][    C0]  ___sys_recvmsg+0x1af/0x4f0
[ 3184.301177][    C0]  ? __sys_recvmsg+0x250/0x250
[ 3184.306151][    C0]  ? asm_sysvec_call_function_single+0x1b/0x20
[ 3184.312491][    C0]  ? do_recvmmsg+0x317/0x780
[ 3184.317294][    C0]  do_recvmmsg+0x344/0x780
[ 3184.321912][    C0]  ? __sys_recvmmsg+0x280/0x280
[ 3184.326996][    C0]  ? __se_sys_futex+0x139/0x310
[ 3184.332046][    C0]  __x64_sys_recvmmsg+0x18d/0x240
[ 3184.337376][    C0]  ? do_recvmmsg+0x780/0x780
[ 3184.342203][    C0]  ? switch_fpu_return+0x15d/0x2c0
[ 3184.347702][    C0]  x64_sys_call+0x297/0x9a0
[ 3184.352408][    C0]  do_syscall_64+0x4c/0xa0
[ 3184.357043][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 3184.361943][    C0]  ? clear_bhb_loop+0x50/0xa0
[ 3184.366873][    C0]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3184.372966][    C0] RIP: 0033:0x7f4701a12929
[ 3184.377596][    C0] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 3184.397430][    C0] RSP: 002b:00007f470005a038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[ 3184.406067][    C0] RAX: ffffffffffffffda RBX: 00007f4701c3a080 RCX: 00007f4701a12929
[ 3184.414258][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[ 3184.422458][    C0] RBP: 00007f4701a94b39 R08: 0000000000000000 R09: 0000000000000000
[ 3184.430658][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[ 3184.438849][    C0] R13: 0000000000000000 R14: 00007f4701c3a080 R15: 00007fff2dace638
[ 3184.447035][    C0]  </TASK>
[ 3184.450259][    C0] ---[ end trace d473c6f4c129cd5d ]---
[ 3184.456009][ T8489] tipc: Disabling bearer <udp:s>
[ 3184.488042][ T8489] tipc: Left network mode
[ 3184.646489][T13175] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3185.687925][T13175] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3185.766996][T13175] device bridge_slave_0 entered promiscuous mode
[ 3185.774358][T13175] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3185.784533][T13175] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3185.792578][T13175] device bridge_slave_1 entered promiscuous mode
[ 3186.087117][ T8489] ------------[ cut here ]------------
[ 3186.092837][ T8489] refcount_t: saturated; leaking memory.
[ 3186.114490][ T8489] WARNING: CPU: 1 PID: 8489 at lib/refcount.c:19 refcount_warn_saturate+0x13c/0x1a0
[ 3186.152169][ T8489] Modules linked in:
[ 3186.172979][ T8489] CPU: 1 PID: 8489 Comm: kworker/u4:5 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 3186.233364][ T8489] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 3186.282386][ T8489] Workqueue: netns cleanup_net
[ 3186.294096][ T8489] RIP: 0010:refcount_warn_saturate+0x13c/0x1a0
[ 3186.300460][ T8489] Code: 04 01 48 c7 c7 00 ef 62 85 e8 d0 9c 50 02 0f 0b eb a7 e8 27 d6 1c ff c6 05 80 f8 99 04 01 48 c7 c7 40 ee 62 85 e8 b4 9c 50 02 <0f> 0b eb 8b e8 0b d6 1c ff c6 05 65 f8 99 04 01 48 c7 c7 40 ee 62
[ 3186.320245][ T8489] RSP: 0018:ffffc90000b077c0 EFLAGS: 00010246
[ 3186.329494][ T8489] RAX: 69361c76ad75f000 RBX: 0000000000000000 RCX: ffff88811c0613c0
[ 3186.341732][ T8489] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 3186.352162][ T8489] RBP: ffffc90000b077d0 R08: dffffc0000000000 R09: fffff52000160e45
[ 3186.360316][ T8489] R10: fffff52000160e45 R11: 1ffff92000160e44 R12: 1ffff92000160f04
[ 3186.368389][ T8489] R13: ffff88812576908c R14: 0000000000000000 R15: 0000000000000cc0
[ 3186.376515][ T8489] FS:  0000000000000000(0000) GS:ffff8881f7100000(0000) knlGS:0000000000000000
[ 3186.385527][ T8489] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 3186.392272][ T8489] CR2: 00007f87e84a5f98 CR3: 0000000143822000 CR4: 00000000003506a0
[ 3186.400352][ T8489] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 3186.408473][ T8489] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 3186.416550][ T8489] Call Trace:
[ 3186.419952][ T8489]  <TASK>
[ 3186.422944][ T8489]  nf_nat_masq_schedule+0x439/0x4c0
[ 3186.428240][ T8489]  ? __kasan_check_write+0x14/0x20
[ 3186.433491][ T8489]  ? nf_nat_masq_schedule+0x4c0/0x4c0
[ 3186.438958][ T8489]  ? masq_device_event+0xd0/0xd0
[ 3186.444019][ T8489]  ? nfqnl_rcv_dev_event+0x441/0x470
[ 3186.449415][ T8489]  ? __kasan_check_read+0x11/0x20
[ 3186.458840][ T8489]  masq_device_event+0x9b/0xd0
[ 3186.465734][ T8489]  raw_notifier_call_chain+0x90/0x100
[ 3186.475322][ T8489]  dev_close_many+0x32d/0x4d0
[ 3186.480094][ T8489]  ? irqentry_exit+0x37/0x40
[ 3186.484779][ T8489]  ? sysvec_reschedule_ipi+0x78/0x80
[ 3186.533266][ T8489]  ? __dev_open+0x4c0/0x4c0
[ 3186.537902][ T8489]  ? __kasan_check_read+0x11/0x20
[ 3186.542964][ T8489]  unregister_netdevice_many+0x44c/0x1990
[ 3186.550303][ T8489]  ? __cond_resched+0xb0/0xb0
[ 3186.555030][ T8489]  ? alloc_netdev_mqs+0xc90/0xc90
[ 3186.560120][ T8489]  ? irqentry_exit+0x37/0x40
[ 3186.565221][ T8489]  ? sysvec_reschedule_ipi+0x78/0x80
[ 3186.571217][ T8489]  ? asm_sysvec_reschedule_ipi+0x1b/0x20
[ 3186.576958][ T8489]  ? ip6gre_exit_batch_net+0x3ad/0x5f0
[ 3186.582472][ T8489]  ip6gre_exit_batch_net+0x5a5/0x5f0
[ 3186.587838][ T8489]  ? ip6gre_init_net+0x340/0x340
[ 3186.592816][ T8489]  ? ip6gre_init_net+0x340/0x340
[ 3186.598081][ T8489]  cleanup_net+0x602/0xad0
[ 3186.602529][ T8489]  ? ops_init+0x4a0/0x4a0
[ 3186.607010][ T8489]  ? __schedule+0xb76/0x14c0
[ 3186.611646][ T8489]  process_one_work+0x6be/0xba0
[ 3186.616553][ T8489]  worker_thread+0xa59/0x1200
[ 3186.621274][ T8489]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 3186.626822][ T8489]  kthread+0x411/0x500
[ 3186.630925][ T8489]  ? worker_clr_flags+0x190/0x190
[ 3186.639197][ T8489]  ? kthread_blkcg+0xd0/0xd0
[ 3186.643854][ T8489]  ret_from_fork+0x1f/0x30
[ 3186.649577][ T8489]  </TASK>
[ 3186.652804][ T8489] ---[ end trace d473c6f4c129cd5e ]---
[ 3186.853289][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 3186.861068][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 3186.869907][T13224] xt_bpf: check failed: parse error
[ 3187.043168][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 3187.055971][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 3187.065281][T12440] bridge0: port 1(bridge_slave_0) entered blocking state
[ 3187.072373][T12440] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 3187.081707][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 3187.092470][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 3187.101643][T12440] bridge0: port 2(bridge_slave_1) entered blocking state
[ 3187.108739][T12440] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 3187.116750][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 3187.132511][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 3187.140906][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 3187.150565][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 3187.159209][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 3187.176954][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 3187.192848][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 3187.201358][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 3187.209053][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 3187.218814][ T8489] device veth1_macvtap left promiscuous mode
[ 3187.225081][ T8489] device veth0_vlan left promiscuous mode
[ 3187.330314][T13175] device veth0_vlan entered promiscuous mode
[ 3187.343075][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 3187.353027][T13175] device veth1_macvtap entered promiscuous mode
[ 3187.364722][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 3187.373347][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 3187.384554][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 3187.393115][T12440] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 3191.220716][T13267] bridge: RTM_NEWNEIGH with invalid ether address
[ 3192.411652][   T30] audit: type=1326 audit(1749287020.823:7002): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3192.718319][   T30] audit: type=1326 audit(1749287021.053:7003): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3192.780659][T13281] bridge: RTM_NEWNEIGH with invalid ether address
[ 3192.799254][   T30] audit: type=1326 audit(1749287021.083:7004): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3192.825743][   T30] audit: type=1326 audit(1749287021.083:7005): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3192.854837][   T30] audit: type=1326 audit(1749287021.083:7006): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3192.885964][   T30] audit: type=1326 audit(1749287021.083:7007): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3193.085856][   T30] audit: type=1326 audit(1749287021.083:7008): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3193.148649][   T30] audit: type=1326 audit(1749287021.083:7009): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3193.174422][   T30] audit: type=1326 audit(1749287021.083:7010): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=4 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3193.886812][   T30] audit: type=1326 audit(1749287021.083:7011): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13276 comm="syz.9.14527" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f87e9e7f929 code=0x7ffc0000
[ 3194.854832][T13324] bridge: RTM_NEWNEIGH with invalid ether address
[ 3196.305059][T13327] overlayfs: failed to resolve './file0': -2
[ 3197.274082][ T4707] ==================================================================
[ 3197.282343][ T4707] BUG: KASAN: use-after-free in tcp_metrics_flush_all+0xd3/0x210
[ 3197.290088][ T4707] Read of size 4 at addr ffff88812576908c by task kworker/u4:3/4707
[ 3197.298080][ T4707] 
[ 3197.300419][ T4707] CPU: 0 PID: 4707 Comm: kworker/u4:3 Tainted: G        W         5.15.185-syzkaller-00339-ge678c93d43cc #0
[ 3197.311888][ T4707] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 3197.321952][ T4707] Workqueue: netns cleanup_net
[ 3197.326730][ T4707] Call Trace:
[ 3197.330010][ T4707]  <TASK>
[ 3197.332943][ T4707]  __dump_stack+0x21/0x30
[ 3197.337280][ T4707]  dump_stack_lvl+0xee/0x150
[ 3197.341873][ T4707]  ? show_regs_print_info+0x20/0x20
[ 3197.347305][ T4707]  ? load_image+0x3a0/0x3a0
[ 3197.351829][ T4707]  ? __kasan_check_read+0x11/0x20
[ 3197.356867][ T4707]  ? preempt_schedule_common+0xbe/0xf0
[ 3197.362335][ T4707]  print_address_description+0x7f/0x2c0
[ 3197.367892][ T4707]  ? tcp_metrics_flush_all+0xd3/0x210
[ 3197.373271][ T4707]  kasan_report+0xf1/0x140
[ 3197.377692][ T4707]  ? _raw_spin_lock_bh+0x8e/0xe0
[ 3197.382647][ T4707]  ? tcp_metrics_flush_all+0xd3/0x210
[ 3197.388023][ T4707]  kasan_check_range+0x280/0x290
[ 3197.392964][ T4707]  __kasan_check_read+0x11/0x20
[ 3197.397816][ T4707]  tcp_metrics_flush_all+0xd3/0x210
[ 3197.403020][ T4707]  ? tcp_net_metrics_init+0x150/0x150
[ 3197.408391][ T4707]  tcp_net_metrics_exit_batch+0x10/0x20
[ 3197.413940][ T4707]  cleanup_net+0x602/0xad0
[ 3197.418364][ T4707]  ? ops_init+0x4a0/0x4a0
[ 3197.422699][ T4707]  ? __schedule+0xb76/0x14c0
[ 3197.427301][ T4707]  process_one_work+0x6be/0xba0
[ 3197.432161][ T4707]  worker_thread+0xa59/0x1200
[ 3197.436846][ T4707]  ? _raw_spin_lock_irqsave+0xb0/0x110
[ 3197.442314][ T4707]  kthread+0x411/0x500
[ 3197.446388][ T4707]  ? worker_clr_flags+0x190/0x190
[ 3197.451415][ T4707]  ? kthread_blkcg+0xd0/0xd0
[ 3197.456010][ T4707]  ret_from_fork+0x1f/0x30
[ 3197.460435][ T4707]  </TASK>
[ 3197.463454][ T4707] 
[ 3197.465776][ T4707] Allocated by task 4502:
[ 3197.470102][ T4707]  __kasan_slab_alloc+0xbd/0xf0
[ 3197.474954][ T4707]  slab_post_alloc_hook+0x4f/0x2b0
[ 3197.480073][ T4707]  kmem_cache_alloc+0xf7/0x260
[ 3197.484846][ T4707]  copy_net_ns+0x145/0x5c0
[ 3197.489264][ T4707]  create_new_namespaces+0x3a2/0x660
[ 3197.494549][ T4707]  unshare_nsproxy_namespaces+0x120/0x170
[ 3197.500269][ T4707]  ksys_unshare+0x4ac/0x7b0
[ 3197.504777][ T4707]  __x64_sys_unshare+0x38/0x40
[ 3197.509566][ T4707]  x64_sys_call+0x442/0x9a0
[ 3197.514070][ T4707]  do_syscall_64+0x4c/0xa0
[ 3197.518486][ T4707]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3197.524387][ T4707] 
[ 3197.526716][ T4707] Last potentially related work creation:
[ 3197.532427][ T4707]  kasan_save_stack+0x3a/0x60
[ 3197.537113][ T4707]  __kasan_record_aux_stack+0xd2/0x100
[ 3197.542572][ T4707]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 3197.548378][ T4707]  insert_work+0x51/0x310
[ 3197.552736][ T4707]  __queue_work+0x8e5/0xc60
[ 3197.557244][ T4707]  queue_work_on+0xd2/0x140
[ 3197.561751][ T4707]  xfrm_hash_grow_check+0xd7/0x140
[ 3197.566866][ T4707]  xfrm_state_find+0x26a0/0x2a70
[ 3197.571804][ T4707]  xfrm_resolve_and_create_bundle+0x626/0x28d0
[ 3197.577965][ T4707]  xfrm_lookup_with_ifid+0xa3e/0x2120
[ 3197.583340][ T4707]  xfrm_lookup_route+0x3c/0x170
[ 3197.588191][ T4707]  ip6_dst_lookup_flow+0x9b/0xc0
[ 3197.593135][ T4707]  rawv6_sendmsg+0xc07/0x16d0
[ 3197.597814][ T4707]  inet_sendmsg+0xa5/0xc0
[ 3197.602144][ T4707]  ____sys_sendmsg+0x5a2/0x8c0
[ 3197.606908][ T4707]  ___sys_sendmsg+0x1f0/0x260
[ 3197.611588][ T4707]  __sys_sendmmsg+0x278/0x480
[ 3197.616271][ T4707]  __x64_sys_sendmmsg+0xa0/0xb0
[ 3197.621124][ T4707]  x64_sys_call+0x6c6/0x9a0
[ 3197.625626][ T4707]  do_syscall_64+0x4c/0xa0
[ 3197.630047][ T4707]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3197.635947][ T4707] 
[ 3197.638272][ T4707] Second to last potentially related work creation:
[ 3197.644852][ T4707]  kasan_save_stack+0x3a/0x60
[ 3197.649534][ T4707]  __kasan_record_aux_stack+0xd2/0x100
[ 3197.654996][ T4707]  kasan_record_aux_stack_noalloc+0xb/0x10
[ 3197.660804][ T4707]  insert_work+0x51/0x310
[ 3197.665138][ T4707]  __queue_work+0x8e5/0xc60
[ 3197.669644][ T4707]  queue_work_on+0xd2/0x140
[ 3197.674151][ T4707]  xfrm_hash_grow_check+0xd7/0x140
[ 3197.679268][ T4707]  xfrm_state_find+0x26a0/0x2a70
[ 3197.684214][ T4707]  xfrm_resolve_and_create_bundle+0x626/0x28d0
[ 3197.690386][ T4707]  xfrm_lookup_with_ifid+0xa3e/0x2120
[ 3197.695770][ T4707]  xfrm_lookup_route+0x3c/0x170
[ 3197.700621][ T4707]  ip6_dst_lookup_flow+0x9b/0xc0
[ 3197.705564][ T4707]  rawv6_sendmsg+0xc07/0x16d0
[ 3197.710248][ T4707]  inet_sendmsg+0xa5/0xc0
[ 3197.714581][ T4707]  ____sys_sendmsg+0x5a2/0x8c0
[ 3197.719344][ T4707]  ___sys_sendmsg+0x1f0/0x260
[ 3197.724019][ T4707]  __sys_sendmmsg+0x278/0x480
[ 3197.728701][ T4707]  __x64_sys_sendmmsg+0xa0/0xb0
[ 3197.733552][ T4707]  x64_sys_call+0x6c6/0x9a0
[ 3197.738054][ T4707]  do_syscall_64+0x4c/0xa0
[ 3197.742477][ T4707]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3197.748374][ T4707] 
[ 3197.750697][ T4707] The buggy address belongs to the object at ffff888125769000
[ 3197.750697][ T4707]  which belongs to the cache net_namespace of size 3968
[ 3197.765009][ T4707] The buggy address is located 140 bytes inside of
[ 3197.765009][ T4707]  3968-byte region [ffff888125769000, ffff888125769f80)
[ 3197.778376][ T4707] The buggy address belongs to the page:
[ 3197.784007][ T4707] page:ffffea000495da00 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff88812576a000 pfn:0x125768
[ 3197.795546][ T4707] head:ffffea000495da00 order:3 compound_mapcount:0 compound_pincount:0
[ 3197.803869][ T4707] flags: 0x4000000000010200(slab|head|zone=1)
[ 3197.809957][ T4707] raw: 4000000000010200 ffffea00041f6800 0000000200000002 ffff8881001c4000
[ 3197.818547][ T4707] raw: ffff88812576a000 0000000080080004 00000001ffffffff 0000000000000000
[ 3197.827130][ T4707] page dumped because: kasan: bad access detected
[ 3197.833538][ T4707] page_owner tracks the page as allocated
[ 3197.839248][ T4707] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 281, ts 24910440041, free_ts 0
[ 3197.857413][ T4707]  post_alloc_hook+0x192/0x1b0
[ 3197.862196][ T4707]  prep_new_page+0x1c/0x110
[ 3197.866714][ T4707]  get_page_from_freelist+0x2cc5/0x2d50
[ 3197.872266][ T4707]  __alloc_pages+0x18f/0x440
[ 3197.876857][ T4707]  new_slab+0xa1/0x4d0
[ 3197.880930][ T4707]  ___slab_alloc+0x381/0x810
[ 3197.885537][ T4707]  __slab_alloc+0x49/0x90
[ 3197.889863][ T4707]  kmem_cache_alloc+0x138/0x260
[ 3197.894713][ T4707]  copy_net_ns+0x145/0x5c0
[ 3197.899129][ T4707]  create_new_namespaces+0x3a2/0x660
[ 3197.904414][ T4707]  unshare_nsproxy_namespaces+0x120/0x170
[ 3197.910132][ T4707]  ksys_unshare+0x4ac/0x7b0
[ 3197.914640][ T4707]  __x64_sys_unshare+0x38/0x40
[ 3197.919406][ T4707]  x64_sys_call+0x442/0x9a0
[ 3197.923915][ T4707]  do_syscall_64+0x4c/0xa0
[ 3197.928329][ T4707]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[ 3197.934227][ T4707] page_owner free stack trace missing
[ 3197.939595][ T4707] 
[ 3197.941919][ T4707] Memory state around the buggy address:
[ 3197.947550][ T4707]  ffff888125768f80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[ 3197.955632][ T4707]  ffff888125769000: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3197.963711][ T4707] >ffff888125769080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3197.971772][ T4707]                       ^
[ 3197.976113][ T4707]  ffff888125769100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3197.984171][ T4707]  ffff888125769180: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[ 3197.992243][ T4707] ==================================================================
[ 3198.000298][ T4707] Disabling lock debugging due to kernel taint
[ 3198.055695][   T30] kauditd_printk_skb: 1 callbacks suppressed
[ 3198.055714][   T30] audit: type=1400 audit(1749287026.453:7013): avc:  denied  { write } for  pid=273 comm="syz-executor" path="pipe:[14882]" dev="pipefs" ino=14882 scontext=root:sysadm_r:sysadm_t tcontext=system_u:system_r:sshd_t tclass=fifo_file permissive=1
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[ 3198.657974][T24669] tipc: Disabling bearer <udp:s>
[ 3198.663066][T24669] tipc: Disabling bearer <udp:syz2>
[ 3198.677454][T24669] tipc: Disabling bearer <udp:syz0>
[ 3198.735641][T24669] tipc: Left network mode
[ 3198.773095][T24669] device ip6gretap1 left promiscuous mode
[ 3198.785449][T24669] bridge1: port 1(ip6gretap1) entered disabled state
[ 3199.686477][T24669] bridge3: port 1(veth3) entered disabled state
[ 3199.694118][T24669] device bridge_slave_1 left promiscuous mode
[ 3199.700300][T24669] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3199.707958][T24669] device bridge_slave_0 left promiscuous mode
[ 3199.714112][T24669] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3199.722373][T24669] device veth1_macvtap left promiscuous mode
[ 3199.728417][T24669] device veth0_vlan left promiscuous mode
[ 3200.618024][T24669] tipc: Disabling bearer <udp:syz2>
[ 3200.623308][T24669] tipc: Disabling bearer <udp:syz0>
[ 3200.628702][T24669] tipc: Left network mode
[ 3200.633303][T24669] tipc: Disabling bearer <udp:syz0>
[ 3200.638818][T24669] tipc: Left network mode
[ 3201.727189][T24669] device bridge_slave_1 left promiscuous mode
[ 3201.733363][T24669] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3201.740965][T24669] device bridge_slave_0 left promiscuous mode
[ 3201.747281][T24669] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3201.755272][T24669] device bridge_slave_1 left promiscuous mode
[ 3201.761416][T24669] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3201.769009][T24669] device bridge_slave_0 left promiscuous mode
[ 3201.775114][T24669] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3201.783097][T24669] device bridge_slave_1 left promiscuous mode
[ 3201.789382][T24669] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3201.796907][T24669] device bridge_slave_0 left promiscuous mode
[ 3201.803016][T24669] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3201.810999][T24669] device bridge_slave_1 left promiscuous mode
[ 3201.817189][T24669] bridge0: port 2(bridge_slave_1) entered disabled state
[ 3201.824650][T24669] device bridge_slave_0 left promiscuous mode
[ 3201.830892][T24669] bridge0: port 1(bridge_slave_0) entered disabled state
[ 3201.839466][T24669] device veth1_macvtap left promiscuous mode
[ 3201.845471][T24669] device veth0_vlan left promiscuous mode
[ 3201.851520][T24669] device veth1_macvtap left promiscuous mode
[ 3201.857557][T24669] device veth0_vlan left promiscuous mode
[ 3201.863401][T24669] device veth1_macvtap left promiscuous mode
[ 3201.869410][T24669] device veth0_vlan left promiscuous mode
[ 3201.875246][T24669] device veth1_macvtap left promiscuous mode
[ 3201.881609][T24669] device veth0_vlan left promiscuous mode