last executing test programs:

5m1.231257652s ago: executing program 32 (id=355):
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000480)='./file1\x00', 0x1008400, &(0x7f0000000080)=ANY=[], 0x85, 0x697, &(0x7f0000000cc0)="$eJzs3ctvXFcdB/DvHY8fE0rqpkmbokqJGgkQEYkdKwWzaUAIZVGhqixYW4mTWJmkxXGRWyEa3tss8geUhXcsEBL7iLJhA7tuvayEYNMNZjXoPsae+O02fiR8PtX1OXfOPef87m/uYx6NJsD/ravn036UIlfPv7lYri8vTXWXl6bu9OtJRpO0knZdpPhPr9f7OLmSeskr5YPNcMVW8zycm377k8+WP63X2s1Sbd/art/u3G+WnE0y1JRParxrO403ttNwxeoelgk7108cHLbhJL3Kvx7Wj/zkb8+ttgzobNZ7xyMfeAoU9X1zg/HkWHOil68D6rtifc8+onq72ur+vscBAAAAh+/5laxkMccPOw4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4mjS//180S6tfP5ui//v/I81jaepHy5m9bf5ov+IAAAAAAAAAgAN0ZiUrWczx/nqvqL7zf61aOVn9/VLey73MZj4XspiZLGQh85lMMj4w0MjizMLC/ORqz/7/GbCx56VNe17aIdDRpuw8ib0GAAAAAAAAgGfOL3N17ft/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4CopkqC6q5WS/Pp5WO8lYkpFyu/vJP/r1p9mjww4AAAAAvoDeLrd7fiUrWczx1X5F9Z7/pep9/1jey90sZC4L6WY216vPAup3/a3lpanu8tLUneWlsU3G/e6/9xRuNWLqzx42n/l0/UFEbmQu3QfJhVzLOymK62lVPUun63jWlscn+UUZU/FGbXiXkV1vynLyB025wYd72tmt7PHDlPEqZ8N1RjKbiSa2MhsvNBkYbbZdl4k9PjvrZ5pMazXYk+tyvm4nHsv5G7uc71hTlvvz261yfijWZ+LSwNH30vZHX/K1P//hx7e6d2/funHv/NHZpd0Zasr6utLZmImpgUy8/CxnYoOJKhOnVtev5gf5Uc7nbN7KfOby08xkIbM5m+9XtZnmeC4GTvlNMlVeoK48NtFbO0Uy0hyh9ZP1eEzZIabXqr7HM5cf5p1cz2xer/67lMl8K5dzOdMDz/CpXVxpW1uc9b0vbxr8ua83lU6S3zVl5WZ7px3fZ2VeXxjI6+A1d7xqG3xkLUsn9nA/6mfpj9uH0v5KUynn+FVTHg3rMzE5kIkXt8/E76vLyr3u3dvzt2be3d10Jx40lfI8+s2RukuUx8uJ8smq1h4/Osq2F5u24WpZy9dI841L3a+1oe3Ualt9pt7f8kwdaV7DbRzpUtX28qZtU1Xb6YG2zmpb/Xqru/p66Fn48gfgmXXsG8dGOv/s/L3zUefXnVudN8e+N/rt0VdHMvzX4e+0J4a+2nq1+FM+ys/X3v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACf3733P7g90+3Ozq+r9Hq9D7do2rbS/+G5vfU6sEr/58wOcNJXnts8G0mx72GMJDkamf9vr9drHimOQjzbV3ql0fQ+Z/e/JNlmm6G1572dZLNtzhx+Eg7xogQciIsLd969eO/9D745d2fm5uzN2bvTly9PT0xffn3q4o257uxE/fewowT2w9pN/7AjAQAAAAAAAAAAAHbrIP45wdazjx3krgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABPqavn036UIpMTFybK9eWlqW659OtrW7aTtJIUP0uKj5MrqZeMDwxXbDXPw7nptz/5bPnTtbHa/e1b2/XbnfvNkrNJhprySY137QuPV6zuYZmwc/3EwWH7XwAAAP//b5L8NQ==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000040), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r0, 0x0)
fdatasync(r0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
ftruncate(r0, 0x5)

4m33.637875148s ago: executing program 4 (id=423):
syz_open_dev$vim2m(0x0, 0x800, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x400c084)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$MAP_CREATE(0x0, &(0x7f0000000480)=ANY=[], 0x50)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$unix(0x1, 0x1, 0x0)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48)

4m32.257311064s ago: executing program 4 (id=428):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000180)='/proc/consoles\x00', 0x0, 0x0)
r3 = syz_io_uring_setup(0x49c, &(0x7f00000000c0)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e, 0x0, r2}, &(0x7f0000000340)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r2, 0xffffffffffffffff, &(0x7f0000000580)=""/207, 0xcf, 0x2, 0x1})
io_uring_enter(r3, 0x627, 0x4c1, 0x43, 0x0, 0x30)

4m30.427020156s ago: executing program 33 (id=430):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
r1 = fcntl$dupfd(r0, 0x406, r0)
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000280)=[{0x6, 0xfd, 0x0, 0xe4}]}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000100)='bbr', 0x3)
sendmsg$NFT_BATCH(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004340)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWSET={0x24, 0x9, 0xa, 0x5, 0x0, 0x0, {0x1, 0x0, 0x1}, [@NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3a}, @NFTA_SET_ID={0x8, 0xa, 0x1, 0x0, 0x2}]}, @NFT_MSG_DELSETELEM={0x3c, 0xe, 0xa, 0x0, 0x0, 0x0, {0x3, 0x0, 0x8}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x8, 0x1, 0x0, 0x1, [@NFTA_DATA_VERDICT={0x4}]}]}]}, @NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz2\x00'}]}, @NFT_MSG_DELSETELEM={0x244, 0xe, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x5}, [@NFTA_SET_ELEM_LIST_SET_ID={0x8, 0x4, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_SET_ID={0x8}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x214, 0x3, 0x0, 0x1, [{0xe4, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_USERDATA={0xc9, 0x6, 0x1, 0x0, "fde80b91b72fa437c27b47f8e96f06a2e77483f1b7b24658a400e9ca482a88de2374e981725f0baf66ec00ecc9acdfb6e16259b6a31acbcc805fdb6044513c0db09a9e19b45799ce56a77dabe19cb180ee61ce20112f4f095e4cb88775a066a944222a625ae96af1afce02646d553a68adbad1fa8f3dbc5ea9047da508ef5e12cba8ef78f1052551aef5cbfc846112d2736286594eae1c86b3a96c58eae28155600335cef4847c6e353f701fd3f48e9dda292582965936e650412c1cecaa1cffb1437c98b9"}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x2}, @NFTA_SET_ELEM_EXPIRATION={0xc, 0x5, 0x1, 0x0, 0xfffffffffffffff8}]}, {0x5c, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0x58, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x51, 0x1, "8ce1677e3343e241f994522eb45a68aaf79e7c7d4c53c8f6b14e057a1a59f45accda398dc8b9fe8577c19abbf63d7590c64fd0dc726aca8c5f47b2d01c610d80acad066f2cc9606f81fa225e0c"}]}]}, {0xd0, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_EXPR={0x1c, 0x7, 0x0, 0x1, @tunnel={{0xb}, @val={0xc, 0x2, 0x0, 0x1, [@NFTA_TUNNEL_MODE={0x8, 0x3, 0x1, 0x0, 0x1}]}}}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x3}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_SET_ELEM_KEY_END={0x9c, 0xa, 0x0, 0x1, [@NFTA_DATA_VALUE={0x85, 0x1, "1302a3d3596be284c900fcbe888878bf237bf323a13e97745bb35014715a9763f8be336a95d22bb0c49ec8cfaf18f32e6ae0f6db26e10925452a3cc58e4962c1e7a207157c8afe0d305c7848c9a3bccf109c4bb08cd9e4ab2e80a0e5fdd4634ae083c1114f586804f7cd21c716ecc64348cbb3621e51a8c5d1a17e1aa688accdd6"}, @NFTA_DATA_VERDICT={0x10, 0x2, 0x0, 0x1, [@NFTA_VERDICT_CHAIN={0x9, 0x2, 'syz1\x00'}]}]}, @NFTA_SET_ELEM_KEY={0x4}]}]}]}, @NFT_MSG_DELTABLE={0x104, 0x2, 0xa, 0x201, 0x0, 0x0, {0x7, 0x0, 0x8}, [@NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_HANDLE={0xc, 0x4, 0x1, 0x0, 0x3}, @NFTA_TABLE_USERDATA={0xd5, 0x6, "7aba14293c0b0793ddabf09d6c3cfab4ff3a3275532366a7a67ba43c9ed0d97037de20d84f07452c5b6df31a5bee021ef9f5439465ae065853deaada20f7dc50e4f3bf5201c48be2e175bb02c1ab6e5df47b8eae92c6810b4a4f9bea285f12d21f49a89bd576a13c46b9027c6f4ddd2dc638d2fb800197fa9e1f31e514c0847aa9ef5a36a13dc536fae56640dd8789983aff58e6de3a4e799d08ec487ec311aef7d73735dd06b68c84052919db03fc19e476a97b0e577374d2ac529dbaae65bd914d0cf287b0b5645d72dcbc0c3fe7aac8"}]}, @NFT_MSG_NEWFLOWTABLE={0x278, 0x16, 0xa, 0xb05, 0x0, 0x0, {0x0, 0x0, 0x6}, [@NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK={0x78, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1ff}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x6}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x400}, @NFTA_FLOWTABLE_HOOK_DEVS={0x40, 0x3, 0x0, 0x1, [{0x14, 0x1, 'dummy0\x00'}, {0x14, 0x1, 'gre0\x00'}, {0x14, 0x1, 'pimreg\x00'}]}]}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_FLOWTABLE_HOOK={0x2c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x4}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HOOK={0xdc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}, @NFTA_FLOWTABLE_HOOK_PRIORITY={0x8}, @NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'macvtap0\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}, {0x14, 0x1, 'vlan1\x00'}, {0x14, 0x1, 'vlan0\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x4}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'bond0\x00'}, {0x14, 0x1, 'bridge0\x00'}, {0x14, 0x1, 'veth1_to_hsr\x00'}, {0x14, 0x1, 'nr0\x00'}, {0x14, 0x1, 'macvtap0\x00'}]}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}, @NFTA_FLOWTABLE_HOOK={0xc0, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x54, 0x3, 0x0, 0x1, [{0x14, 0x1, 'veth1_to_team\x00'}, {0x14, 0x1, 'veth0_virt_wifi\x00'}, {0x14, 0x1, 'team_slave_1\x00'}, {0x14, 0x1, 'veth1_virt_wifi\x00'}]}, @NFTA_FLOWTABLE_HOOK_DEVS={0x68, 0x3, 0x0, 0x1, [{0x14, 0x1, 'pimreg1\x00'}, {0x14, 0x1, 'bond_slave_1\x00'}, {0x14, 0x1, 'veth0\x00'}, {0x14, 0x1, 'ip6gre0\x00'}, {0x14, 0x1, 'ipvlan1\x00'}]}]}, @NFTA_FLOWTABLE_HANDLE={0xc, 0x5, 0x1, 0x0, 0x4}]}, @NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x201, 0x0, 0x0, {0x0, 0x0, 0x3}}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x65c}, 0x1, 0x0, 0x0, 0x4004}, 0xc8010)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000600)=0xdfa, 0x4)
read$FUSE(r1, &(0x7f0000001180)={0x2020}, 0x2020)
sendmsg$NL80211_CMD_VENDOR(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000007c0)=ANY=[@ANYBLOB, @ANYRES16=0x0, @ANYRES32=0x0], 0x1f0}, 0x1, 0x0, 0x0, 0x20040000}, 0x24020841)

4m29.338229074s ago: executing program 4 (id=434):
syz_mount_image$minix(&(0x7f0000000080), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0049cef4df796851925f86c004000000e4cf62dc777d55387afc4a70d087ede499a199c4d7e87a07cdb3e45fc513a1f97b0b9047144790d8f3affa2044cbd987208cf1dcd4ec17f5138b1f4efbdc2a7be39782db000000000000002c2e5cf00c404f4a3246fb740282b4265c2c2c686173682c00181f302d7cd22530b02054463a3dd16b847ce0f9c3bd119a1498eb8cc1ae04dee8bfa77d492c96fd54cb0abb83366c6b4d4785b8103b6ea5ce14afc0ebaae0f62832e93c0cd17b2130111d313bea3d9ab4738453538e448d770b602e104974e6cd92f7d589103fde2331f870b425e8776f9e2152dec6551ec1f61ced64b19c9e56"], 0x5, 0x1a7, &(0x7f00000008c0)="$eJzs20+u0lAUx/FfoYUHKkHRiXHQxAFOBIH4h5nOHTo2IVAJsSgRJxAT4yJcgDPjWlyKJLoBMW1oDS0GBdoifD+jnnt63z3N45bThArA2bJly5AhywtuXVTf14ysSwKQkqWkn0sA5yn/feOod2/YovQX5wA4Xosn0kTStx/v+spb0fbgY0XS4yCfK8ROWHyQbpqrvFHURbS/+CTVg/lGKd6AVKVymC/H0t7fv3M7WP+SLuuKKvKeUa7q2io/COff2LcdAs6KoUY0XhvI6cXIde6FseXHrSD8akoj12mH+YKf74Rx0Y8b/dfuILFrALCb3Jb9n4/sf3N9/wP4j01n85c913XeHO+BYUrxlDfqSbOeDWUkdlCQlPxadpr/SlvZfJCCp86k1/ryr7Oe1/cozDxIzZ+tP6UyuyUBSEnz7XjSnM7md0fj3tAZOq/aj9rdB537rYfdpt/5F7XW/wM4Hb+/9LOuBAAAAAAAAAAAAAAA7Kqm61mXAAAAACAl/u9/n21+Q+jpgd6OyvoaAQAAAAAAAAAAAAAAAAAAgFPxKwAA//+C9QwF")
lremovexattr(&(0x7f0000000100)='./file0\x00', 0x0)

4m28.037574773s ago: executing program 4 (id=435):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x470, &(0x7f0000000bc0)="$eJzs281rXFUbAPDn3ny0ffuRvH37qq1Vo0UIikmTVu3CjaLgoqKgi7qMybSEThtpothSbCpSN4IUdC0uBf8CdyKIuhLc6saVFIp20+oqcu/c206mM6kxk9zY+f1gMufMPTP3eXK/zj1nJoCeNZL9SSJ2RMRPETHUqC5vMNJ4unHt/PQf185PJ7G09OpvSd7u+rXz02XT8n3bi8poGpG+nxQrWW7+7LmTU/V67UxRH1849eb4/NlzT7x9aupE7UTt9OSRI4cPTTz91OSTXckzy+v6vnfn9u998fXLL00fu/zGd19k8e4oljfn0S0jWeK/L+Valz3a7ZVVbGdTOemvMBBWpS8iss01kB//Q9EXtzbeULzwXqXBAesquzZt6bx4cQm4iyVRdQRANcoLfXb/Wz42qOuxKVx9tnEDlOV9o3g0lvRHWrQZaLm/7aaRiDi2+Oen2SPWaRwCAKDZh9OfHO1v2/9L4578+Zf8765iDmU4Iv4bEbsj4n8RsSci/h+Rt703Iu5bYzy393/SK2v8yBVl/b9nirmt5f2/svcXw31FbWee/0ByfLZeO1j8T0ZjYEtWn1hhHV89/+NHnZY19/+yR7b+si9YxHGlv2WAbmZqYSrvlHbB1YsR+/rb5Z/cnAlIImJvROxb3UfvKguzj32+v1OjO+e/gi7MMy19lqW3mOW/GC35l5Lm+cnZ2+Ynx7dGvXZwvNwrbvf9D5de6bT+NeXfBVdrjeem7d/aZDhpnq+dX/06Lv38Qcd7mn+4/6eDyWv5PPNg8do7UwsLZyYiBpOjeX3Z65O33lvWy/bZ/j96oP3xv7t4T5b//RGR7cQPRMSDEfFQEfvDEfFIRBxYIf9vn+u8rMw/0oq2/8WImbbnv5v7f8v2X32h7+Q3X3Za/9/b/ofz0mjxSn7+u4N24WSni9YA1/K/AwAAgH+LNP8OfJKO3Syn6dhY4zv8e+I/aX1ufuHx43NvnZ5pfFd+OAbScqRrqBgPrc/WaxPJYvGJjfHRyWKsuBwvPVSMG3/cty2vj03P1Wcqzh163fYOx3/m176qowPW2ba2r04ObnggQAVa59HT5dULL4eTAdyt/F4betcdjv90o+IANp7rP/Sudsf/hZa6uQC4O7n+Q+9y/EOPSr+uOgKgQq7/0JPW8rv+dSxs3RxhVFPYrBslL0SUhXRTxKOwToWqz0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8VcAAAD//9Jf6+E=")
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

4m27.95831863s ago: executing program 3 (id=436):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r2, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000080)={0x3, r2, 0x1fc, 0x0, 0x4, 0x800008, 0x0, 0x4, 0x4000})

4m27.203579956s ago: executing program 4 (id=438):
socket$inet_sctp(0x2, 0x1, 0x84)
socket$can_j1939(0x1d, 0x2, 0x7)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080))
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$inet6_sctp(0xa, 0x801, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0xa, 0x922000000003, 0x11)
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x400000000010, 0x3, 0x0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f00000013c0)=ANY=[@ANYBLOB, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r1, @ANYBLOB='\b', @ANYRES32], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

4m27.199551561s ago: executing program 3 (id=439):
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x6, 0x50, 0xffffffffffffffff, 0x0)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
madvise(&(0x7f000072a000/0x4000)=nil, 0x4000, 0x4)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r2}, 0x10)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmmsg$inet(0xffffffffffffffff, &(0x7f00000017c0)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast2, @multicast1}}}], 0x20}}], 0x1, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000001380), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_REMOVE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r4, 0x1, 0x70bd25, 0x25dfdbff, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x24004004}, 0x80)
r5 = socket$inet(0x2, 0xa, 0x0)
setsockopt$inet_mreqn(r5, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r6 = socket$netlink(0x10, 0x3, 0x0)
writev(r6, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r6, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r7 = socket$inet(0x2, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x1, 0x4, &(0x7f0000000040)=@framed={{0xffffffb7, 0x5, 0x0, 0x0, 0x0, 0x79, 0x10, 0xa8}, [@ldst={0x7}]}, &(0x7f00000002c0)='GPL\x00', 0x5, 0xfd90, &(0x7f0000000300)=""/188, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x1f3, 0x10, &(0x7f0000000080), 0xfffffffffffffc79}, 0x2a)
setsockopt$inet_msfilter(r7, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB="e00000027f"], 0x57)
setsockopt$inet_mreqsrc(r5, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)
r8 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x149a82, 0x10)
write$cgroup_int(r8, &(0x7f0000000000)=0x2b00, 0x12)

4m23.69368301s ago: executing program 4 (id=444):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x33c, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, r2, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)="27031c0016001c00", 0x8}, {0x0}], 0x2}, 0x24004088)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040))
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0x2d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})

4m23.002636668s ago: executing program 34 (id=444):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x33c, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
mmap(&(0x7f0000003000/0x2000)=nil, 0x2000, 0x0, 0x2000011, r2, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000180)="27031c0016001c00", 0x8}, {0x0}], 0x2}, 0x24004088)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000040))
sendmsg$nl_route(r4, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x8044)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCBRDELBR(r5, 0x89a2, &(0x7f0000000200)='bridge0\x00')
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000000)={'syz_tun\x00', &(0x7f0000002fc0)=@ethtool_coalesce={0x2d, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}})

4m22.969259656s ago: executing program 3 (id=448):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x2001)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_misc(r1, &(0x7f0000000040), 0xe09)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd000000801900", [0x0, 0xffffffff9673e35d]}})

4m21.85439309s ago: executing program 3 (id=449):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x470, &(0x7f0000000bc0)="$eJzs281rXFUbAPDn3ny0ffuRvH37qq1Vo0UIikmTVu3CjaLgoqKgi7qMybSEThtpothSbCpSN4IUdC0uBf8CdyKIuhLc6saVFIp20+oqcu/c206mM6kxk9zY+f1gMufMPTP3eXK/zj1nJoCeNZL9SSJ2RMRPETHUqC5vMNJ4unHt/PQf185PJ7G09OpvSd7u+rXz02XT8n3bi8poGpG+nxQrWW7+7LmTU/V67UxRH1849eb4/NlzT7x9aupE7UTt9OSRI4cPTTz91OSTXckzy+v6vnfn9u998fXLL00fu/zGd19k8e4oljfn0S0jWeK/L+Valz3a7ZVVbGdTOemvMBBWpS8iss01kB//Q9EXtzbeULzwXqXBAesquzZt6bx4cQm4iyVRdQRANcoLfXb/Wz42qOuxKVx9tnEDlOV9o3g0lvRHWrQZaLm/7aaRiDi2+Oen2SPWaRwCAKDZh9OfHO1v2/9L4578+Zf8765iDmU4Iv4bEbsj4n8RsSci/h+Rt703Iu5bYzy393/SK2v8yBVl/b9nirmt5f2/svcXw31FbWee/0ByfLZeO1j8T0ZjYEtWn1hhHV89/+NHnZY19/+yR7b+si9YxHGlv2WAbmZqYSrvlHbB1YsR+/rb5Z/cnAlIImJvROxb3UfvKguzj32+v1OjO+e/gi7MMy19lqW3mOW/GC35l5Lm+cnZ2+Ynx7dGvXZwvNwrbvf9D5de6bT+NeXfBVdrjeem7d/aZDhpnq+dX/06Lv38Qcd7mn+4/6eDyWv5PPNg8do7UwsLZyYiBpOjeX3Z65O33lvWy/bZ/j96oP3xv7t4T5b//RGR7cQPRMSDEfFQEfvDEfFIRBxYIf9vn+u8rMw/0oq2/8WImbbnv5v7f8v2X32h7+Q3X3Za/9/b/ofz0mjxSn7+u4N24WSni9YA1/K/AwAAgH+LNP8OfJKO3Syn6dhY4zv8e+I/aX1ufuHx43NvnZ5pfFd+OAbScqRrqBgPrc/WaxPJYvGJjfHRyWKsuBwvPVSMG3/cty2vj03P1Wcqzh163fYOx3/m176qowPW2ba2r04ObnggQAVa59HT5dULL4eTAdyt/F4betcdjv90o+IANp7rP/Sudsf/hZa6uQC4O7n+Q+9y/EOPSr+uOgKgQq7/0JPW8rv+dSxs3RxhVFPYrBslL0SUhXRTxKOwToWqz0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8VcAAAD//9Jf6+E=")
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

4m21.14394218s ago: executing program 3 (id=450):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
r1 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r1, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[<r2=>0x0], 0x0, 0x0, 0xfffffd52, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR(r0, 0xc01c64a3, &(0x7f0000000280)={0x3, r2, 0x1, 0xffff, 0xa, 0x1ff, 0x1})
ioctl$DRM_IOCTL_MODE_CURSOR2(r0, 0xc02464bb, &(0x7f0000000080)={0x3, r2, 0x1fc, 0x0, 0x4, 0x800008, 0x0, 0x4, 0x4000})

4m18.241777715s ago: executing program 3 (id=457):
syz_mount_image$minix(&(0x7f0000000080), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0049cef4df796851925f86c004000000e4cf62dc777d55387afc4a70d087ede499a199c4d7e87a07cdb3e45fc513a1f97b0b9047144790d8f3affa2044cbd987208cf1dcd4ec17f5138b1f4efbdc2a7be39782db000000000000002c2e5cf00c404f4a3246fb740282b4265c2c2c686173682c00181f302d7cd22530b02054463a3dd16b847ce0f9c3bd119a1498eb8cc1ae04dee8bfa77d492c96fd54cb0abb83366c6b4d4785b8103b6ea5ce14afc0ebaae0f62832e93c0cd17b2130111d313bea3d9ab4738453538e448d770b602e104974e6cd92f7d589103fde2331f870b425e8776f9e2152dec6551ec1f61ced64b19c9e56"], 0x5, 0x1a7, &(0x7f00000008c0)="$eJzs20+u0lAUx/FfoYUHKkHRiXHQxAFOBIH4h5nOHTo2IVAJsSgRJxAT4yJcgDPjWlyKJLoBMW1oDS0GBdoifD+jnnt63z3N45bThArA2bJly5AhywtuXVTf14ysSwKQkqWkn0sA5yn/feOod2/YovQX5wA4Xosn0kTStx/v+spb0fbgY0XS4yCfK8ROWHyQbpqrvFHURbS/+CTVg/lGKd6AVKVymC/H0t7fv3M7WP+SLuuKKvKeUa7q2io/COff2LcdAs6KoUY0XhvI6cXIde6FseXHrSD8akoj12mH+YKf74Rx0Y8b/dfuILFrALCb3Jb9n4/sf3N9/wP4j01n85c913XeHO+BYUrxlDfqSbOeDWUkdlCQlPxadpr/SlvZfJCCp86k1/ryr7Oe1/cozDxIzZ+tP6UyuyUBSEnz7XjSnM7md0fj3tAZOq/aj9rdB537rYfdpt/5F7XW/wM4Hb+/9LOuBAAAAAAAAAAAAAAA7Kqm61mXAAAAACAl/u9/n21+Q+jpgd6OyvoaAQAAAAAAAAAAAAAAAAAAgFPxKwAA//+C9QwF")
lremovexattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)=ANY=[])

4m17.210564976s ago: executing program 35 (id=457):
syz_mount_image$minix(&(0x7f0000000080), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000480)=ANY=[@ANYBLOB="0049cef4df796851925f86c004000000e4cf62dc777d55387afc4a70d087ede499a199c4d7e87a07cdb3e45fc513a1f97b0b9047144790d8f3affa2044cbd987208cf1dcd4ec17f5138b1f4efbdc2a7be39782db000000000000002c2e5cf00c404f4a3246fb740282b4265c2c2c686173682c00181f302d7cd22530b02054463a3dd16b847ce0f9c3bd119a1498eb8cc1ae04dee8bfa77d492c96fd54cb0abb83366c6b4d4785b8103b6ea5ce14afc0ebaae0f62832e93c0cd17b2130111d313bea3d9ab4738453538e448d770b602e104974e6cd92f7d589103fde2331f870b425e8776f9e2152dec6551ec1f61ced64b19c9e56"], 0x5, 0x1a7, &(0x7f00000008c0)="$eJzs20+u0lAUx/FfoYUHKkHRiXHQxAFOBIH4h5nOHTo2IVAJsSgRJxAT4yJcgDPjWlyKJLoBMW1oDS0GBdoifD+jnnt63z3N45bThArA2bJly5AhywtuXVTf14ysSwKQkqWkn0sA5yn/feOod2/YovQX5wA4Xosn0kTStx/v+spb0fbgY0XS4yCfK8ROWHyQbpqrvFHURbS/+CTVg/lGKd6AVKVymC/H0t7fv3M7WP+SLuuKKvKeUa7q2io/COff2LcdAs6KoUY0XhvI6cXIde6FseXHrSD8akoj12mH+YKf74Rx0Y8b/dfuILFrALCb3Jb9n4/sf3N9/wP4j01n85c913XeHO+BYUrxlDfqSbOeDWUkdlCQlPxadpr/SlvZfJCCp86k1/ryr7Oe1/cozDxIzZ+tP6UyuyUBSEnz7XjSnM7md0fj3tAZOq/aj9rdB537rYfdpt/5F7XW/wM4Hb+/9LOuBAAAAAAAAAAAAAAA7Kqm61mXAAAAACAl/u9/n21+Q+jpgd6OyvoaAQAAAAAAAAAAAAAAAAAAgFPxKwAA//+C9QwF")
lremovexattr(&(0x7f0000000100)='./file0\x00', &(0x7f00000000c0)=ANY=[])

4m5.977537124s ago: executing program 2 (id=482):
sendmsg$key(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4000054)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000500)=ANY=[], 0x110}}, 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x3)
ioctl$sock_ifreq(0xffffffffffffffff, 0x89a3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000300), 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000140)='mountinfo\x00')
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x0, 0x0})
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0x2, 0x6, 0xfffa}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x7fffffff, 0x2, 0x7, 0x7f, 0x20000006, 0x4d, 0x6, 0x5f, 0x9, 0x5, 0xffff2d37, 0xffffff01, 0x7, 0x3, 0x0, 0x5, 0x24, 0x1, 0x7, 0x3c5a, 0x1, 0x24, 0x6, 0x1, 0x5, 0xffffffff, 0xe661, 0x4, 0x7, 0x89d2, 0x8, 0x4c74, 0x80000000, 0x40000, 0x3, 0xe, 0x0, 0x80008071, 0x7, 0x17, 0xd, 0x407, 0x5, 0x3e, 0x8f, 0x4006, 0x6, 0x80000000, 0x0, 0x4, 0x8, 0x400, 0x80, 0x0, 0x4, 0x7, 0x8, 0x4, 0xfffffffe, 0x40], [0x10000007, 0xf0000000, 0x8000012f, 0x8004, 0x5, 0x6, 0x129432e6, 0xc8, 0xf9, 0xe, 0x2bf, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0x10, 0x312, 0xd, 0xea4, 0xffffffff, 0x4, 0x7, 0x7fff, 0x5a7c, 0x420, 0x401, 0x6, 0x0, 0xff, 0x1, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x4, 0x20009, 0x8, 0x9, 0x9, 0x4a, 0x8000, 0x1, 0xfe000000, 0xffff, 0xfffffffe, 0x7, 0x9, 0x5, 0x3, 0x8, 0x1, 0x3, 0x6c0, 0xbc45, 0x48c93690, 0x42, 0x3], [0x7, 0x408, 0x8004, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xb, 0x4, 0x9, 0x5, 0x0, 0x1ef, 0x5, 0x8, 0x10000, 0x3, 0x5, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x4, 0x6d01, 0x6, 0x1, 0x800003, 0x200, 0x7e, 0x7, 0x4, 0x2950bfaf, 0xffe, 0xa2, 0x7, 0xa9, 0x5, 0x9, 0xac8, 0x2000bf, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x0, 0x0, 0x5, 0x1c, 0x120000, 0xffffff49, 0x2004, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x7, 0xb, 0x4, 0x938, 0x6, 0x6, 0x0, 0xb9, 0xce7, 0x9, 0x2, 0x57, 0x5, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0xffff, 0x2000a620, 0x2, 0x5, 0x1, 0x2, 0x5, 0xe7, 0x6, 0x16, 0xfffffffe, 0x80000003, 0x6, 0x1, 0xc8, 0x9, 0xfffff000, 0x10000, 0x3, 0x7e, 0xfd, 0x9602, 0x7, 0xaf, 0x8, 0x6, 0xffffffff, 0x5, 0x5, 0x8, 0x30b1d693, 0x5, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
syz_open_dev$vim2m(&(0x7f0000000040), 0x40005, 0x2)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

4m5.249628806s ago: executing program 2 (id=484):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f00000002c0)={0x38, 0x5, 0x8, 0x8002, 0x0, 0x9, 0x0, 0xd, 0xfa11, 0x6}, 0x0)
ioctl$IOMMU_TEST_OP_ACCESS_PAGES$syz(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x7, 0xffffffffffffffff, 0x0, 0x10000, 0x0, 0x4003, 0x11a72, 0x3325dc})
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, 0x0)
r2 = openat$6lowpan_enable(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
readv(r2, &(0x7f00000003c0)=[{&(0x7f0000000240)=""/1, 0x1}], 0x1)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r3)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
r4 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
close(r4)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f00000001c0), 0x802, 0x0)
unshare(0xc040400)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000400)={0xffffffffffffffff, 0xe0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd6, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6e, 0x8, 0x0, 0x0}}, 0x10)
mmap(&(0x7f0000ffb000/0x2000)=nil, 0x2000, 0x4000000, 0x20010, r5, 0x6)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
execve(&(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000300)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})
syz_open_procfs(0x0, &(0x7f0000000280)='net/sockstat\x00')
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x10)

4m3.111556693s ago: executing program 2 (id=486):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000600)=@newtfilter={0x44, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x7, 0xf}, {}, {0x7, 0x10}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_EMATCHES={0x10, 0xb, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x2}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x40}, 0x2008c014)

4m1.655008528s ago: executing program 2 (id=488):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'cp850'}}, {@gid}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@fmask={'fmask', 0x3d, 0x4}}, {@namecase}, {@umask={'umask', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@zero_size_dir}]}, 0x1, 0x152c, &(0x7f0000000400)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
r1 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904020000ff4f9b000904b000003a3846000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000400000000000000000003850000002c000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1500}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xe, 0x0, &(0x7f0000000100)="25c89d0918a25b3725f245a434ac", 0x0, 0xf01, 0x88be, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfa}, 0x50)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000680), 0x4)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r7 = socket$inet6(0xa, 0x800000000000002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1000004}, [@call={0x85, 0x0, 0x0, 0x9e}]}, &(0x7f0000001640)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmmsg$inet6(r7, &(0x7f0000000e00), 0x0, 0x0)
recvmmsg(r7, &(0x7f0000003880)=[{{0x0, 0x0, 0x0}}], 0x1, 0x12141, 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])

3m58.42148369s ago: executing program 2 (id=491):
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xa, 0x4, &(0x7f0000006680))
bind$packet(0xffffffffffffffff, 0x0, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='net/ptype\x00')
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000004c00)=""/102392, 0x18ff8)
io_uring_setup(0x2f10, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000001c0), 0x680, 0x0)
ioctl$TIOCSSOFTCAR(r1, 0x5453, 0x0)

3m57.961946628s ago: executing program 2 (id=492):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000000c0)={0x18, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000240)=""/118, 0x76}], 0x1)

3m57.53677936s ago: executing program 36 (id=492):
syz_usb_control_io$hid(0xffffffffffffffff, 0x0, 0x0)
syz_usb_control_io(0xffffffffffffffff, &(0x7f00000000c0)={0x18, &(0x7f0000000440)=ANY=[@ANYBLOB='\x00\x00\b'], 0x0, 0x0, 0x0, 0x0}, 0x0)
readv(0xffffffffffffffff, &(0x7f00000002c0)=[{&(0x7f0000000240)=""/118, 0x76}], 0x1)

3m45.780165374s ago: executing program 0 (id=505):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x20008d0, &(0x7f0000000680)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610936dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84bb90577b8b405a48292eeca69f5275cb7b7027d4bf643bd69b034c0221a30"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x1c1842, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cpuacct.usage_percpu\x00', 0x275a, 0x0)
ftruncate(r1, 0x9)
copy_file_range(r1, 0x0, r0, 0x0, 0xffffffffa003e459, 0x700000000000000)
r2 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./bus\x00', 0x141842, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000400)={'#! ', './file0'}, 0xb)
copy_file_range(0xffffffffffffffff, &(0x7f00000001c0), r2, 0x0, 0xffffffffa003e45b, 0x700000000000000)

3m44.780395326s ago: executing program 0 (id=506):
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001640)=@mangle={'mangle\x00', 0x44, 0x6, 0x3e0, 0x2a8, 0x98, 0x2a8, 0x130, 0x1f0, 0x370, 0x370, 0x370, 0x370, 0x370, 0x6, 0x0, {[{{@uncond, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x11, 0x0, 0x69}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0x70, 0x98}, @unspec=@CHECKSUM={0x28}}, {{@ip={@loopback, @empty, 0x0, 0x0, 'syzkaller0\x00', 'dvmrp1\x00', {}, {}, 0x6}, 0x0, 0x70, 0xb8}, @common=@unspec=@LED={0x48, 'LED\x00', 0x0, {'syz0\x00', 0x1, 0x3, {0x5}}}}, {{@ip={@broadcast, @dev={0xac, 0x14, 0x14, 0x18}, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0x98, 0xc8, 0x0, {}, [@inet=@rpfilter={{0x28}, {0xc}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x440)

3m43.81785027s ago: executing program 0 (id=507):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000340)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x3, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x7fff}}]}, 0x38}}, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@gettclass={0x24, 0x2a, 0x129, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x1, 0x3}, {}, {0x8, 0x1a}}}, 0x24}}, 0x40004)
syz_genetlink_get_family_id$ethtool(&(0x7f00000003c0), r3)

3m43.427640621s ago: executing program 0 (id=508):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x80078b, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0xff}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x5c}}, {@nouid32}, {@resgid}, {@errors_remount}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x470, &(0x7f0000000bc0)="$eJzs281rXFUbAPDn3ny0ffuRvH37qq1Vo0UIikmTVu3CjaLgoqKgi7qMybSEThtpothSbCpSN4IUdC0uBf8CdyKIuhLc6saVFIp20+oqcu/c206mM6kxk9zY+f1gMufMPTP3eXK/zj1nJoCeNZL9SSJ2RMRPETHUqC5vMNJ4unHt/PQf185PJ7G09OpvSd7u+rXz02XT8n3bi8poGpG+nxQrWW7+7LmTU/V67UxRH1849eb4/NlzT7x9aupE7UTt9OSRI4cPTTz91OSTXckzy+v6vnfn9u998fXLL00fu/zGd19k8e4oljfn0S0jWeK/L+Valz3a7ZVVbGdTOemvMBBWpS8iss01kB//Q9EXtzbeULzwXqXBAesquzZt6bx4cQm4iyVRdQRANcoLfXb/Wz42qOuxKVx9tnEDlOV9o3g0lvRHWrQZaLm/7aaRiDi2+Oen2SPWaRwCAKDZh9OfHO1v2/9L4578+Zf8765iDmU4Iv4bEbsj4n8RsSci/h+Rt703Iu5bYzy393/SK2v8yBVl/b9nirmt5f2/svcXw31FbWee/0ByfLZeO1j8T0ZjYEtWn1hhHV89/+NHnZY19/+yR7b+si9YxHGlv2WAbmZqYSrvlHbB1YsR+/rb5Z/cnAlIImJvROxb3UfvKguzj32+v1OjO+e/gi7MMy19lqW3mOW/GC35l5Lm+cnZ2+Ynx7dGvXZwvNwrbvf9D5de6bT+NeXfBVdrjeem7d/aZDhpnq+dX/06Lv38Qcd7mn+4/6eDyWv5PPNg8do7UwsLZyYiBpOjeX3Z65O33lvWy/bZ/j96oP3xv7t4T5b//RGR7cQPRMSDEfFQEfvDEfFIRBxYIf9vn+u8rMw/0oq2/8WImbbnv5v7f8v2X32h7+Q3X3Za/9/b/ofz0mjxSn7+u4N24WSni9YA1/K/AwAAgH+LNP8OfJKO3Syn6dhY4zv8e+I/aX1ufuHx43NvnZ5pfFd+OAbScqRrqBgPrc/WaxPJYvGJjfHRyWKsuBwvPVSMG3/cty2vj03P1Wcqzh163fYOx3/m176qowPW2ba2r04ObnggQAVa59HT5dULL4eTAdyt/F4betcdjv90o+IANp7rP/Sudsf/hZa6uQC4O7n+Q+9y/EOPSr+uOgKgQq7/0JPW8rv+dSxs3RxhVFPYrBslL0SUhXRTxKOwToWqz0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADd8VcAAAD//9Jf6+E=")
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', 0x0, 0x0, 0x1adc11, 0x0)
mount$bpf(0x0, &(0x7f0000000040)='./file0\x00', 0x0, 0x84000, 0x0)

3m43.181990217s ago: executing program 0 (id=509):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADDDEST(r2, 0x0, 0x487, &(0x7f0000000000)={{0x84, @rand_addr=0x64010100, 0x4e20, 0x3, 'lc\x00', 0x8, 0x323b, 0x55}, {@remote, 0x4e23, 0x2000, 0x0, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)

3m42.761585802s ago: executing program 0 (id=510):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x504c3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x4c040)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e25, @local}, 0x10, 0x0}, 0x200000e0)

3m42.373654947s ago: executing program 37 (id=510):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), r1)
getsockname$packet(r1, &(0x7f0000000180)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@newlink={0x38, 0x10, 0x437, 0x0, 0x0, {0x0, 0x0, 0x0, r2, 0x504c3}, [@IFLA_LINKINFO={0x18, 0x12, 0x0, 0x1, @gre={{0x8}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x8, 0x7, @remote}]}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40010}, 0x4c040)
sendmsg$inet(r0, &(0x7f0000000380)={&(0x7f0000000080)={0x2, 0x4e25, @local}, 0x10, 0x0}, 0x200000e0)

42.996101848s ago: executing program 9 (id=880):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x22020600)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000007880)='ns/cgroup\x00')
setns(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4], 0x1c}}, 0x24044080)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
mremap(&(0x7f000054e000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f000022c000/0x3000)=nil)
socketpair$tipc(0x1e, 0x1, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, 0x0)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r6, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b50000000100"], 0xc8)
dup3(r7, r6, 0x0)
r8 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000000)={0xf0f041})
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r8, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000380)='maps\x00')
pread64(r9, &(0x7f0000000600)=""/4091, 0xffb, 0x12c)

38.303150149s ago: executing program 9 (id=888):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1f, 0x4, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1a, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = syz_open_procfs$namespace(0x0, &(0x7f0000000280)='ns/uts\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee1, 0x8031, r0, 0x0)
r2 = socket(0x14, 0x6, 0x4)
ioctl$SIOCX25GDTEFACILITIES(r2, 0x61e1, 0x0)
write(r1, 0x0, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)

35.511835599s ago: executing program 9 (id=893):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0)
close_range(0xffffffffffffffff, r0, 0x6)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
socket(0x2b, 0x80801, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10b, &(0x7f00000003c0)={0x0, 0x334b, 0x80, 0x3, 0x805}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000380)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
rt_sigqueueinfo(0x0, 0x21, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc600c7, 0x0)
io_uring_enter(r3, 0xbbc, 0xd582, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800f87d, 0x2)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000140)={0xb, @pix_mp={0x1, 0x2, 0x35323645, 0x5, 0x3, [{0x4, 0xb}, {0x10001, 0xa7000000}, {0x6, 0x6}, {0x9, 0x9}, {0x3, 0x8}, {0x2, 0xe15}, {0x4, 0x5}, {0x9ec, 0xfffffff7}], 0x9, 0x1, 0x6, 0x2, 0x6}})

30.302713209s ago: executing program 1 (id=903):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
syz_emit_ethernet(0x84a, 0x0, 0x0)
bpf$PROG_BIND_MAP(0x23, &(0x7f0000000000), 0xc)
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0x0, 0x1}, 0x6)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff}, 0x67)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$TUNATTACHFILTER(0xffffffffffffffff, 0x401054d5, 0x0)
bind$bt_hci(r1, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
write$bt_hci(r1, &(0x7f0000000040)=ANY=[], 0x6)

29.578560203s ago: executing program 1 (id=905):
r0 = syz_open_dev$video(&(0x7f00000000c0), 0x481, 0x2000)
ioctl$VIDIOC_SUBDEV_S_EDID(r0, 0xc0285629, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
syz_open_procfs(0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xb, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r4, &(0x7f0000000140)='^', 0x34000, 0x4f4, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r4, 0xda92)
accept4(r4, 0x0, 0x0, 0x0)

28.347349689s ago: executing program 9 (id=909):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'cp850'}}, {@gid}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@fmask={'fmask', 0x3d, 0x4}}, {@namecase}, {@umask={'umask', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@zero_size_dir}]}, 0x1, 0x152c, &(0x7f0000000400)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
r1 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904020000ff4f9b000904b000003a3846000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])

23.217681653s ago: executing program 9 (id=915):
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
syz_emit_ethernet(0x66, &(0x7f0000000000)={@broadcast, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1e}, @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x2, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @multicast1}, {{0x0, 0x0, 0x1, 0x0, 0x2, 0x0, 0x0, 0x4, 0x86dd}, {0x0, 0x0, 0x0, 0x0, 0x11}}}}}}, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0x9}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e21, 0xfffffff8, @ipv4={'\x00', '\xff\xff', @local}, 0x7}, 0x1c)
setsockopt$inet6_buf(r2, 0x29, 0x6, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)

22.398151575s ago: executing program 1 (id=917):
listen(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, 0xffffffffffffffff, 0x1, 0x2}}, 0x20)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x401, 0x9, 0x8, 0x0, 0x7}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ba1000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x5ff, 0x2000)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r3 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7, 0x3)
r4 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000006400), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000680)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1", 0xbe, 0xfffffffffffffffe)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x178, 0x19, 0x1, 0x0, 0x10, {{@in=@multicast1, @in=@remote, 0x0, 0x0, 0xffff, 0x0, 0xa, 0x80, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x1, 0x0, 0x80}}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}, 0x0, 0x0, 0x0, 0x0, 0x800}, {{@in=@loopback, 0x0, 0x2b}, 0x0, @in=@multicast1, 0x800000, 0x3, 0x1}, {{@in6=@local, 0x4d4, 0x6c}, 0x0, @in=@multicast1, 0x3}]}]}, 0x178}}, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x33, 0x0, 0x802e2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}})
pipe(&(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r10=>0x0)
io_submit(r10, 0x2, &(0x7f0000000300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r9, &(0x7f00000001c0)='m', 0x1}])
write$binfmt_aout(r9, 0x0, 0x5c3c)

22.229738983s ago: executing program 9 (id=918):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0)
close_range(0xffffffffffffffff, r0, 0x6)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
socket(0x2b, 0x80801, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10b, &(0x7f00000003c0)={0x0, 0x334b, 0x80, 0x3, 0x805}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000380)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
rt_sigqueueinfo(0x0, 0x21, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc600c7, 0x0)
io_uring_enter(r3, 0xbbc, 0xd582, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800f87d, 0x2)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000140)={0xb, @pix_mp={0x1, 0x2, 0x35323645, 0x5, 0x3, [{0x4, 0xb}, {0x10001, 0xa7000000}, {0x6, 0x6}, {0x9, 0x9}, {0x3, 0x8}, {0x2, 0xe15}, {0x4, 0x5}, {0x9ec, 0xfffffff7}], 0x9, 0x1, 0x6, 0x2, 0x6}})

20.719163019s ago: executing program 38 (id=918):
syz_usb_connect(0x0, 0x24, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000d1d7a440041601801f44010203010902120001000000000904"], 0x0)
r0 = syz_open_dev$sndctrl(&(0x7f0000000000), 0xdc3, 0x0)
close_range(0xffffffffffffffff, r0, 0x6)
openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
socket(0x2b, 0x80801, 0x1)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0x10b, &(0x7f00000003c0)={0x0, 0x334b, 0x80, 0x3, 0x805}, &(0x7f00000001c0)=<r4=>0x0, &(0x7f0000000380)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000540)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000040)='./file0/file0\x00', 0x60, 0x185500, 0x12345})
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, 0x0)
rt_sigqueueinfo(0x0, 0x21, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc600c7, 0x0)
io_uring_enter(r3, 0xbbc, 0xd582, 0x0, 0x0, 0x0)
syz_open_dev$vim2m(&(0x7f0000000000), 0x800f87d, 0x2)
ioctl$VIDIOC_G_FMT(0xffffffffffffffff, 0xc0d05604, &(0x7f0000000140)={0xb, @pix_mp={0x1, 0x2, 0x35323645, 0x5, 0x3, [{0x4, 0xb}, {0x10001, 0xa7000000}, {0x6, 0x6}, {0x9, 0x9}, {0x3, 0x8}, {0x2, 0xe15}, {0x4, 0x5}, {0x9ec, 0xfffffff7}], 0x9, 0x1, 0x6, 0x2, 0x6}})

17.662779282s ago: executing program 6 (id=926):
listen(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x401, 0x9, 0x8, 0x0, 0x7}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ba1000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x5ff, 0x2000)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r2 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7, 0x3)
r3 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r4 = add_key$user(&(0x7f0000006400), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000680)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1", 0xbe, 0xfffffffffffffffe)
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x178, 0x19, 0x1, 0x0, 0x10, {{@in=@multicast1, @in=@remote, 0x0, 0x0, 0xffff, 0x0, 0xa, 0x80, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x1, 0x0, 0x80}}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}, 0x0, 0x0, 0x0, 0x0, 0x800}, {{@in=@loopback, 0x0, 0x2b}, 0x0, @in=@multicast1, 0x800000, 0x3, 0x1}, {{@in6=@local, 0x4d4, 0x6c}, 0x0, @in=@multicast1, 0x3}]}]}, 0x178}}, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r2, r3, r4}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(r6, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x33, 0x0, 0x802e2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}})
pipe(&(0x7f0000000040)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r9=>0x0)
io_submit(r9, 0x2, &(0x7f0000000300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r7, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r8, &(0x7f00000001c0)='m', 0x1}])
write$binfmt_aout(r8, 0x0, 0x5c3c)

16.890713377s ago: executing program 1 (id=927):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'cp850'}}, {@gid}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@fmask={'fmask', 0x3d, 0x4}}, {@namecase}, {@umask={'umask', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@zero_size_dir}]}, 0x1, 0x152c, &(0x7f0000000400)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
r1 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904020000ff4f9b000904b000003a3846000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])

15.404407334s ago: executing program 8 (id=930):
setsockopt$SO_TIMESTAMP(0xffffffffffffffff, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
socket$kcm(0x10, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x0, 0xf, 0x9}, 0x0)
syz_usb_connect(0x0, 0x5f, 0x0, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000140)={0xa, 0x4e21, 0xfffffff8, @ipv4={'\x00', '\xff\xff', @local}, 0x7}, 0x1c)
setsockopt$inet6_buf(r2, 0x29, 0x6, 0x0, 0x0)
syz_open_dev$sg(0x0, 0x0, 0x2)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
fchdir(0xffffffffffffffff)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
mbind(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x9, 0x2)

14.989703195s ago: executing program 7 (id=932):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='::,:/', 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
mkdir(&(0x7f0000000040)='./bus\x00', 0x49)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@userxattr}, {@redirect_dir_on}]})
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000000c0)={0x32, 0x6, '\x00', [@pad1, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x18, {0x2, 0x4, 0x3e, 0xaa5, [0x8, 0x0]}}, @ra={0x5, 0x2, 0x3}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x1, [0x0]}, @ra={0x5, 0x2, 0xa}]}, 0x40)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})
socket(0x1, 0x2, 0x0)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x9, &(0x7f0000000240)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000002f000000b709000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

14.217540084s ago: executing program 6 (id=933):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
syz_open_dev$sndctrl(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000100)='::,:/', 0x0)
r4 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x40000, 0x0, 0x2, 0x1}})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000000)=@ethtool_cmd={0x2c, 0x6, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}})
mkdir(&(0x7f0000000040)='./bus\x00', 0x49)
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
mount$overlay(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f00000002c0)={[{@userxattr}, {@redirect_dir_on}]})
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000000c0)={0x32, 0x6, '\x00', [@pad1, @padn={0x1, 0x5, [0x0, 0x0, 0x0, 0x0, 0x0]}, @calipso={0x7, 0x18, {0x2, 0x4, 0x3e, 0xaa5, [0x8, 0x0]}}, @ra={0x5, 0x2, 0x3}, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @padn={0x1, 0x1, [0x0]}, @ra={0x5, 0x2, 0xa}]}, 0x40)
ioctl$sock_inet_SIOCSIFFLAGS(r4, 0x8914, &(0x7f0000000040)={'veth0_to_team\x00', 0x3fa1dc947ffe4b82})
socket(0x1, 0x2, 0x0)
r5 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0300000004000000040000000a"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x9, &(0x7f0000000240)=ANY=[@ANYBLOB="1808000000000000000000000000000018120000", @ANYRES32=r5, @ANYBLOB="0000000000000000b703000000000000850000002f000000b709000000000000850000000700000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)

13.324046202s ago: executing program 7 (id=934):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@base={0x16, 0x0, 0xb161, 0x2}, 0x48)
unshare(0x28000600)
r0 = bpf$ITER_CREATE(0x21, &(0x7f0000000000), 0x8)
syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
bpf$ITER_CREATE(0x21, &(0x7f0000000180)={r0}, 0x8)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x18, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r1}, 0x10)
unshare(0x62040200)
r2 = socket$netlink(0x10, 0x3, 0x4)
bind$netlink(r2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0xd, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x0, 0x1, 0xb1}]}, &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000300)={0x38, r4, 0x1, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x24, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_PORT={0x6, 0x5, 0x4e23}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @multicast1=0xac1414aa}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x1}]}]}, 0x38}}, 0x0)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r5)
r6 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r5, &(0x7f0000000080)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r6, 0x0)
r7 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r7, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)

12.03072604s ago: executing program 6 (id=935):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_udplite(0xa, 0x2, 0x88)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x5}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000007e40)=[{{&(0x7f0000000340)={0xa, 0x4e20, 0x0, @dev}, 0x18, 0x0}}], 0x6c00, 0x48)

11.631645351s ago: executing program 1 (id=937):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="180000000200000000000000000000009500000000000000bbd687ed5521d54f8c2b59a1a8421c7c67fa75bf4d9451c499b7b36e00b5219f7d20e06edf8ffa0ca7832092452d3081836621dc5eba7c3f1eb3145e9f1bd5837e93ae5098b2ea1811907b450c36337b833fc98e97a8be63ac9fa6f0f7556c2abb16a352ee9529f8a6d3345107540d8b70af79ef2a53733387d843b53ffcca18994e4993d38f1bd3f6287a1d17909e2a40c5e7bc9655958a556a55"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000740), r0)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, 0x0)
sendmsg$NL802154_CMD_NEW_SEC_KEY(r0, &(0x7f0000000940)={&(0x7f0000000700)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f0000000900)={&(0x7f00000007c0)={0x110, r2, 0x400, 0x70bd28, 0x25dfdbfb, {}, [@NL802154_ATTR_SEC_KEY={0x64, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "3674917455309f0d3e83bbba8d81df1d"}, @NL802154_KEY_ATTR_ID={0x18, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_INDEX={0x5, 0x2, 0x2}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x7}]}, @NL802154_KEY_ATTR_ID={0xc, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}]}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "621185bd84b543e1514c98c1ab96f38b"}, @NL802154_KEY_ATTR_BYTES={0x14, 0x4, "18ae64ff6e4c45b5db2e888cdfa8242b"}]}, @NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x200000002}, @NL802154_ATTR_SEC_KEY={0x3c, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_BYTES={0x14, 0x4, "c8e6c1e08ba4a41cc258dc8ce5ef2cc3"}, @NL802154_KEY_ATTR_USAGE_CMDS={0x24, 0x3, "21a138c2370656376ed4a49776c10f634dc589b13274cad5b82ac60a2089be1d"}]}, @NL802154_ATTR_IFINDEX={0x8}, @NL802154_ATTR_SEC_KEY={0x48, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x34, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x6}, @NL802154_KEY_ID_ATTR_SOURCE_EXTENDED={0xc, 0x5, 0x45}, @NL802154_KEY_ID_ATTR_INDEX={0x5}, @NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_SOURCE_SHORT={0x8, 0x4, 0x2}]}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x6}, @NL802154_KEY_ATTR_USAGE_FRAMES={0x5, 0x2, 0x7}]}]}, 0x110}, 0x1, 0x0, 0x0, 0x8000}, 0x20000015)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)={0x30, 0xd, 0xa, 0x801, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x4}]}, 0x30}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)
socket$packet(0x11, 0x2, 0x300)
sendmsg$NFT_BATCH(r1, &(0x7f00000006c0)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x20}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x11}, 0x40)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
r3 = socket$alg(0x26, 0x5, 0x0)
accept4(r3, 0x0, 0x0, 0x800)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'dummy0\x00', <r5=>0x0})
r6 = gettid()
r7 = socket(0x10, 0x803, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
sendmsg$nl_route(r7, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0xfffffff9, 0x25dfdbfe, {0x0, 0x0, 0x74, r5, 0x19c04, 0x55007}, [@IFLA_NET_NS_PID={0x8, 0x13, r6}, @IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4802}, 0x0)

10.809945494s ago: executing program 7 (id=939):
listen(0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
write$RDMA_USER_CM_CMD_SET_OPTION(r2, &(0x7f0000000180)={0xe, 0x18, 0xfa00, @ib_path={0x0, 0xffffffffffffffff, 0x1, 0x2}}, 0x20)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0x401, 0x9, 0x8, 0x0, 0x7}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000ba1000/0x1000)=nil, 0x1000, 0x0, 0x4, 0x1c0000)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x5ff, 0x2000)
syz_io_uring_setup(0x10d, 0x0, 0x0, 0x0)
r3 = add_key$user(&(0x7f0000000380), &(0x7f0000000000), &(0x7f0000000400)='_', 0x1, 0xfffffffffffffffe)
preadv(0xffffffffffffffff, 0x0, 0x0, 0x7, 0x3)
r4 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd)
r5 = add_key$user(&(0x7f0000006400), &(0x7f0000000340)={'syz', 0x3}, &(0x7f0000000680)="3e12d23d346cfdeb1716f738274bc1c03bee4423fa20837e6e86b86592e9be8351aabbd6e24f37d5095f839fa4a3507df4f7526f2440e7988da94ccd868dd8741d1e43eba0b67b516be14a8b51a75bfd611b2d7ae6a21d056c2c5116a416a76b0204dc55ea62d43c809e0ed6e56163fdab317afd5c34d614367e4425bb9a97e38b8beb84ef6d549eed5aaa86dbe646fc77a9b3df93199c796fa597f452bed6b6fbcc812df9be8e35d8d15086609c033a5d2a42d5dcb0d103098fa302c5b1", 0xbe, 0xfffffffffffffffe)
socket$nl_xfrm(0x10, 0x3, 0x6)
r6 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=@updpolicy={0x178, 0x19, 0x1, 0x0, 0x10, {{@in=@multicast1, @in=@remote, 0x0, 0x0, 0xffff, 0x0, 0xa, 0x80, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x1, 0x0, 0x80}}, [@tmpl={0xc4, 0x5, [{{@in=@local, 0x0, 0x3c}, 0x0, @in6=@dev={0xfe, 0x80, '\x00', 0xfd}, 0x0, 0x0, 0x0, 0x0, 0x800}, {{@in=@loopback, 0x0, 0x2b}, 0x0, @in=@multicast1, 0x800000, 0x3, 0x1}, {{@in6=@local, 0x4d4, 0x6c}, 0x0, @in=@multicast1, 0x3}]}]}, 0x178}}, 0x0)
keyctl$dh_compute(0x17, &(0x7f0000000100)={r3, r4, r5}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}})
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
ioctl$sock_SIOCETHTOOL(r7, 0x8946, &(0x7f0000000100)={'netdevsim0\x00', &(0x7f0000000000)=@ethtool_ringparam={0x33, 0x0, 0x802e2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x401}})
pipe(&(0x7f0000000040)={<r8=>0xffffffffffffffff, <r9=>0xffffffffffffffff})
io_setup(0x3ff, &(0x7f0000000500)=<r10=>0x0)
io_submit(r10, 0x2, &(0x7f0000000300)=[&(0x7f00000000c0)={0x0, 0x0, 0x0, 0x5, 0x0, r8, 0x0}, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, r9, &(0x7f00000001c0)='m', 0x1}])
write$binfmt_aout(r9, 0x0, 0x5c3c)

10.521588484s ago: executing program 1 (id=940):
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x2, @loopback, 0x8001}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}], 0x2c)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0xc0205838, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x200000000180, 0x2000000001b0, 0x2000000001e0], 0x0, 0x0, &(0x7f0000000180)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
socket$inet6(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getpeername(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000180)=ANY=[@ANYBLOB="40000000140009052cbd810b61d6805dc25b0000", @ANYBLOB="cc7911f6f603d5558a595cbfce9785ea7bec057751eac2bb1829c3564f7e51c714a7a8690b7bbb7c0fae6dd77dd58c8c999e29e2ffcc0f93cc26f1e30963300aa7a6cf4f625122b3", @ANYBLOB="0800040000000000080002006401010108000a000200000008000400640101020800010064010101"], 0x40}}, 0x200000c4)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
request_key(0x0, &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9n::e\x00'/18, 0xfffffffffffffffe)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000300)={'wlan0\x00'})
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080)=@assoc_value, &(0x7f0000000100)=0x8)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x40200)

9.435864076s ago: executing program 39 (id=940):
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, &(0x7f00000000c0)=[@in6={0xa, 0x4e21, 0x2, @loopback, 0x8001}, @in={0x2, 0x4e22, @dev={0xac, 0x14, 0x14, 0x21}}], 0x2c)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0xc0205838, 0x0)
socket$netlink(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x80000000005, 0x100000001000087}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x14, &(0x7f0000000040)=0x6)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(r1, 0x0, 0x80, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x0, 0x90, [0x0, 0x200000000180, 0x2000000001b0, 0x2000000001e0], 0x0, 0x0, &(0x7f0000000180)=[{0x0, '\x00', 0x0, 0xfffffffffffffffe}, {0x0, '\x00', 0x0, 0xffffffffffffffff}, {0x0, '\x00', 0x0, 0xffffffffffffffff}]}, 0x108)
socket$inet6(0x10, 0x3, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getpeername(r2, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000d40)={&(0x7f0000000180)=ANY=[@ANYBLOB="40000000140009052cbd810b61d6805dc25b0000", @ANYBLOB="cc7911f6f603d5558a595cbfce9785ea7bec057751eac2bb1829c3564f7e51c714a7a8690b7bbb7c0fae6dd77dd58c8c999e29e2ffcc0f93cc26f1e30963300aa7a6cf4f625122b3", @ANYBLOB="0800040000000000080002006401010108000a000200000008000400640101020800010064010101"], 0x40}}, 0x200000c4)
r3 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
request_key(0x0, &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9n::e\x00'/18, 0xfffffffffffffffe)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000300)={'wlan0\x00'})
socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(0xffffffffffffffff, 0x84, 0xd, &(0x7f0000000080)=@assoc_value, &(0x7f0000000100)=0x8)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000400), 0x40200)

9.413961238s ago: executing program 8 (id=943):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[], 0x44}}, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000000c0)=[{0x0}], 0x1)

8.94692721s ago: executing program 6 (id=944):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000140)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x0, 0x8, 0xb, 0x0, 0x9, 0x7, 0x7, 0xfa14, 0xffffffff}, 0x0)
ioctl$USBDEVFS_REAPURBNDELAY(0xffffffffffffffff, 0x4004550c, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'caif0\x00'})
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000001780)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r4, 0x0, 0x0)
connect$inet6(r4, 0x0, 0x0)
sendmsg$nl_generic(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)=ANY=[@ANYBLOB="1c0000001e00010a0000006c8000"], 0x1c}, 0x1, 0x0, 0x0, 0x800d1}, 0x0)
lseek(0xffffffffffffffff, 0xfffffffffffffff6, 0x1)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
listen(0xffffffffffffffff, 0x0)

8.881071311s ago: executing program 8 (id=945):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x28)
setsockopt$inet_tcp_int(r2, 0x6, 0x80000000000002, &(0x7f00000004c0)=0x79, 0x4)
bind$inet(r2, &(0x7f0000000080)={0x2, 0x4e23, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r2, 0x6, 0xd, &(0x7f0000000000)='bbr', 0x3)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendto$inet(r2, &(0x7f0000000580)="17", 0xfdef, 0x10008095, 0x0, 0x0)

8.055114091s ago: executing program 5 (id=946):
socket$inet_sctp(0x2, 0x1, 0x84)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x4)
flock(0xffffffffffffffff, 0x2)
timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100))
timer_settime(0x0, 0x0, &(0x7f0000000500)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)
fcntl$setstatus(r0, 0x4, 0x42000)
read$FUSE(r0, &(0x7f00000040c0)={0x2020}, 0x2020)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
writev(r1, &(0x7f0000000000)=[{&(0x7f0000000cc0)="e1", 0x10113}], 0x1)

6.964448216s ago: executing program 7 (id=947):
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
setsockopt$MRT_ADD_VIF(r0, 0x0, 0xca, &(0x7f0000003d80)={0x0, 0x0, 0x3, 0x0, @vifc_lcl_addr=@local, @local}, 0x10)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x1, 0x0, 0x0, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x40}}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, 0x0, 0x0)
syz_emit_ethernet(0x2a, &(0x7f0000000240)={@local, @broadcast, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0xfb, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @echo_reply={0x0, 0x0, 0x0, 0x64, 0xd2}}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@empty, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

6.360600668s ago: executing program 8 (id=948):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x3)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f0000000140)=@gcm_128={{0x303}, "87ee8ac6c46d8a33", "26070893804fcf00fd4ef2dece6c7c58", '\x00', '#\x00'}, 0x28)
memfd_create(0x0, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000001a40)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, 0x0, 0x0, 0x0)
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f00000002c0)={'comedi_bond\x00', [0x9, 0x0, 0x3, 0x6, 0x2f, 0x7, 0x7, 0x5, 0xffe, 0x4, 0x0, 0x8500, 0x1003, 0x4, 0xffff, 0xffff, 0xffffffa8, 0x7ffffffd, 0x1ff, 0x3, 0x10, 0x0, 0x8, 0xe2df, 0xf, 0x8, 0x5, 0x3, 0x0, 0x4, 0x8049, 0xfffffffe]})
sendmsg$inet(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000009c0)=[{&(0x7f0000000240)="6e37cff5b582e082d5", 0x9}], 0x1}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
mknod$loop(&(0x7f0000000180)='./file0\x00', 0x6000, 0x0)
r2 = creat(&(0x7f00000000c0)='./file0\x00', 0x0)
ioctl$BLKTRACESETUP(r2, 0xc0481273, &(0x7f0000000240)={'\x00', 0x3, 0x8000a, 0x10, 0x3ffffffe, 0x1})

5.32241942s ago: executing program 8 (id=949):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x18, 0x5, 0x0, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f00000001c0)={[{@iocharset={'iocharset', 0x3d, 'cp850'}}, {@gid}, {@errors_continue}, {@keep_last_dots}, {@iocharset={'iocharset', 0x3d, 'macroman'}}, {@fmask={'fmask', 0x3d, 0x4}}, {@namecase}, {@umask={'umask', 0x3d, 0x1}}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@zero_size_dir}]}, 0x1, 0x152c, &(0x7f0000000400)="$eJzs3AuYTtUaOPD3XWvtMSS+JrkMa6138yWXZZIklyS5JEklSXJLSJrkSEJiCEkakpBchiSGkFwmJo37/X5JSJImSUJyS9b/mfB3OnX+dc7pn/OceX/Ps59Z76y91n73936Xtfcz833TZUitxrWrNyQi+I/g+R9JABALAAMAIC8ABABQPq58XFZ/TolJ/9lB2J/rgdTLnQG7nLj+2RvXP3vj+mdvXP/sjeufvXH9szeuf/bG9WcsO9s4tdBVvGXfje//Z2f8+f8/JLPMmC9Wl7mmK0DMHx3C9c/euP7/s4I/shPXP3vj+mdXsZc7AfZfgF//2UGOf9rD9c/euP6MZWeX+/7z5d4g8l/2GBzOeb4wf9X5M8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjf4FT/hIFABfblzsvxhhjjDHGGGOM/Xl8jsudAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBAFdCHsgLEbgK4uBqyAfXQH4oAAWhEMRDYSgCGgxYIAihKBSDKFwLxeE6KAEloRSUBgdlIAGuh7JwA5SDG6E83AQV4GaoCJWgMlSBW6Aq3ArV4DaoDrdDDagJtaA23AF14E6oC3dBPbgb6sM9cC/cBw3gfmgID0AjeBAaw0PQBB6GptAMmkMLaPlvjX8OesDz0BN6QRL0hj7wAvSFftAfXoQB8BIMhJdhELwCyTAYhsCrMBReg2HwOgyHETAS3oBR8CaMhjEwFsZBCoyHCfAWTIS3YRK8A5NhCqTCVJgG78J0mAEz4T2YBe/DbJgDc2EepMEHMB8WQDp8CAvhI8iARbAYlsBSWAbLYQWshFWwGtbAWlgH62EDbIRNsBm2wFbYBtvhY9gBn8BO2AW74VPYA5/9i+NP/sP4rggIKFCgQoUxGIOxGIu5MBfmxtyYB/NgBCMYh3GYD/NhfsyPBbEgxmM8FsEiaNAgIWFRLIpRjGJxLI4lsASWwlLo0GECJmBZvAHLYTksj+WxAlbAilgJK2EVrIJVsSpWw2pYHatjDayBtbAW3oF3YG+si3WxHtbD+lj/4u0pbIgNsRE2wsbYGJtgE2yKTbE5NseW2BJbYStsja2xLbbFdtgO22N7TMRE7IAdsCN2xE7YCTtjZ+yCXbArdsNumc/lAHwen8deWEP0xj7YB/tico7++CK+iC/hQHwZX8ZXMBkH4xB8FV/F13AYnsDhOAJH4kisKt7E0TgGSYzDFEzBCTgBJ+JEzEr0HZyCqTgVp+E0nI4zcAa+h7PwfXwf5+AcnIdpmIbzcQGmYzouxJOYgYtwMS7BpbgMl+IKXIkrcDWuwdW4DtfhBtyAm3ATbsEtuA234ceoAPAT3IW7MBn34B7ci3txH+7D/bgfMzETD+ABPIgH8RAewsN4GI/gUTyGR/E4HscTeBJP4Sk8g2fwLD4T/1Wjj0uuSgaRRQklYkSMiBWxIpfIJXKL3CKPyCMiIiLiRJzIJ/KJ/CK/KCgKingRL4qIIsIII0iEMQAgoiIqioviooQoIUqJUsIJJxJEgigryopyopwoL24SFcTNoqKoJNq4KqKKqCraumriNlFdVBc1RE1RS9QWtUUdUUfUFXVFPVFP1Bf1xb3iPtFA9Mb++IDIqkxjMRibiCHYVDQT8sI7WCsxDFuLNqKteEyMwOHYXrRyieJJ0UGMxo7ib2IMPi06i3HYRTwruopuort4TvQQrV1P0UtMwt6ij5iCfUU/0V+8KKZjTfEezspZS7wiksVgMUS8Kubha2KYeF0MFyPESPGGGCXeFKPFGDFWjBMpYryYIN4SE8XbYpJ4R0wWU0SqmCqmiXfFdDFDzBTviVnifTFbzBFzxTyRJj4Q88UCkS4+FAvFRyJDLBKLxRKxVCwTy8UKsVKsEqvFGrFWrBPrxQaxUWwSm0UsbBXbxHbxsdghPhE7xS6xW3wq9ojPxF7xudgnvhD7xZciU3wlDoivxUHxjTgkvhWHxXfiiDgqjonvxXHxgzghTopT4rQ4I34UZ8VP4pzwAiRKIaVUMpAxMoeMlTllLnmFzC2DC4/uVTJOXi3zyWtkfllAFpSFZLwsLItILY20kmQoi8piMiqvlcXldbKELClLydLSyTIyQV4vy8obZDl5oywvb5IV5M2yoqwkK8sq8hZZVd4qIXL+GDVkTVlL1pZ3yCS4U9aVd8l68m5ZX94j75X3yQbyftlQPiAbyQdlY/mQbCIflk1lM9lctpAt5SOylXxUtpZtZFv5mGwnH5ft5RMyUT4pO0h/4SnytOwsn5Fd5LOyq+wmu8uf5DnpZU/ZS0JvkH3kC7Kv7Cf7xwKAfEkOlC/LQfIVmSwHyyHyVTlUviaHydflcDlCjpRvyFHyTTlajpFj5TiZIsfLCfItOVG+LSfJd+RkOUWmyqmyvxzw80wzpfzd8W/9xvhBPx99g9woN8nNcovcKrfJ7fJjuUPukDvlTrlb7pZ75B65V+6V++Q+uV/ul5kyUx6QB+RBeVAekofkYXlYHpFH5Wn5vTwuf5An5El5Up6WZ+QZefbCYwAKlVBSKRWoGJVDxaqcKpe6QuVWV6o8Kq+KqKtUnLpa5VPXqPyqgCqoCql4VVgVUVoZZRWpUBVVxVRUXYsXnjCqlCqtnCqjEtT1/8p4VVxdp0qokr8YfzG/pH+SX0vVUrVSrVRr1Vq1VW1VO9VOtVftVaJKVB1UB9VRdVSdVCfVWXVWXVSXrOeD6q66qx6qh+qpeqoklaT6qBdUX9VP9VcvqgHqJTVQDVSD1CCVrJLVEDVEDVVD1TA1TA1Xw9VINVKNUqPUaDVajVVjVYpKURPUBDVRTVST1CQ1WU1WqSpVTVPT1HQ1Xc1UM9UsNUvNVrPVXDVXpak0NV/NV+kqXS1UC1WGWqQWqSVqiVqmlqkVaoVapVapNWqNWqfWqQy1UW1Um9VmtVVtVdvVdrVD7VA7xU61W+1We9QetVftVfvUPrVf7VeZKlMdUAfUQXVQHVKH1GF1WB1RR9QxdUwdV8fVCXVCnVKn1Bl1Rp1VZ9U5dS5r2ReIQAQqUEFMEBPEBrFBriBXkDvIHeQJ8gSRIBLEBXFBvuCaIH9QICgYFArig8JBkUAHJrCBuFD0aHBtUDy4LigRlAxKBaUDF5QJEoLrg7LBDUG54MagfHBTUCG4OagYVAoqB1WCW4Kqwa1BteC2oHpwe1AjqBnUCmoHdwR1gjuDusFdQb3g7qB+cE9wb3Bf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmQbOgedAiaPmnzu/9iQKPup66l07SvXUf/YLuq/vp/vpFPUC/pAfql/Ug/YpO1oP1EP2qHqpf08P063q4HqFH6jf0KP2mHq3H6LF6nE7R4/UE/ZaeqN/Wk/Q7erKeolP1VD1Nv6un6xl6pn5Pz9Lv69l6jp6r5+k0/YGerxfodP2hXqg/0hl6kV6sl+ileplerlfolXqVXq3X6LV6nV6vN+iNepPerLforXqb3q4/1jv0J3qn3qV360/1Hv2Z3qs/1/v0F3q//lJn6q/0Af21Pqi/0Yf0t/qw/k4f0Uf1Mf29Pq5/0Cf0SX1Kn9Zn9I/6rP5Jn9M+a3Gf9fFulFEmxsSYWBNrcplcJrfJbfKYPCZiIibOxJl8Jp/Jb/KbgqagiTfxpogpYrKQIVPUFDVREzXFTXFTwpQwpUwp44wzCSbBlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3GJuMbeaW81t5jZzu7nd1DQ1TW1T29QxdUxdU9fUM/VMfVPf3GvuNQ1MA9PQNDSNTCPT2DQ2TUwT09Q0Nc1Nc9PStDStTCvT2rQ2bU1b0860M+1Ne5NoEk0H08F0NB1NJ9PJdDadTRfTxXQ1XU130930MD1MT9PTJJkk08f0MX1NX9Pf9DcDzAAz0Aw0g8wgk2ySzRAzxAw1Q80wM8wMNyPMyKyFqnnTjDZjzFgzzqSYFDPBTDATzUQzyUwyk81kk2pSzTQzzUw3081MM9PMMrPMbDPbzDVzTZpJM/PNfJNu0s1Cs9BkmAyz2Cw2S81Ss9wsNyvNSrParDZrYa1Zb9abjWaj2Ww2m61mq9lutpsdZofZaXaa3Wa32WP2mL1mr9ln9pn9Zr/JNJnmgDlgDpqD5pA5ZA6bw+aIOWKOmWPmuDluTpgT5pQ5Zc6YAhc+L72JtTltLnuFzW2vtHlsXvuPcUFbyMbbwraI1Ta/LfCL2FhrS9iStpQtbZ0tYxPs9b+KK9pKtrKtYm+xVe2tttqv4jr2TlvX3mXr2bttbXvHL+L69h6btTppgAhgm9lGtoVtbB+yTezDtqltZpvbFradfdy2t0/YRPuk7WCf+lU83y6wK+0qu9qusTvtLnvKnrYH7Tf2jP3R9rS97AD7kh1oX7aD7Cs22Q7+VTzSvmFH2TftaDvGjrXjfhVPtlNsqp1qp9l37XQ741dxmv3AzrLpdradY+faeT/HWTml2w/tQvuRzbABLLZL7FK7zC63Ky7m6vPadXa93WB32E/sZrvFbrXb7PaLC2G7y+62n9o99jN7wH5t99kv7H57yGbar36Os87vkP3WHrbf2SP2qD1mv7fH7Q/q4uisc//e/mTPWW+BkIAkKQoohnJQLOWkXHQF5aYrKQ/lpQhdRXF0NeWjayg/FaCCVIjiqTAVIU2GLBGFVJSKUZSupYvplaLS5KgMJdD1VJZuoHJ0I5Wnm6gC3UwVqRJVpip0C1WlW6ka3UbV6XaqQTWpFtWmO6gO3Ul16S6qR3dTfbqH7qX7qAHdTw3pAWpED1Jjeoia0MPUlJpRc2pBLekRakWPUmtqQ23pMWpHj1N7eoIS6UnqQE9RR/obdaKnqTM9Q13oWepK3ag7PUc96HnqSb0oiXpTH3qB+lI/6k8v0gB6iQbSyzSIXqFkGkxD6FUaSq/RMHqdhtMIGklv0Ch6k0bTGBpL4yiFxtMEeosm0ts0id6hyTSFUmkqTaN3aTrNoJn0Hs2i92k2zaG5NI/S6AOaTwsonT6khfQRZdAiWkxLaCkto+W0glbSKlpNa2gtraP1tIE20ibaTFtoK22j7fQx7aBPaCftot30Ke2hzwjpc9pHX9B++pIy6Ss6QF/TQfqGDtG3vhd9R0foKB2j7+k4/UAn6CSdotN0hn6ks/QTnSNPEGIoQhmqMAhjwhxhbJgzzBVeEeYOrwzzhHnDSHhVGBdeHeYLrwnzhwXCgmGhMD4sHBYJdWhCG1IYhkXDYmE0vDYsHl4XlghLhqXC0qELy4QJ4fVh2fCGsFx4Y1g+vCmsEN4cVgwrhQ/dXSW8Jawa3hpWC28Lq4e3hzXCmmGtsHZ4R1gnvDOsG94V1gvvDsuF94T3hveFDcL7w4bhA2Gj8MGwcfhQ2CR8OGwaNgubhy3CluEjYavw0bB12CZsGz4WtgsfD9uHT4SJ4ZNhh/Cpn/vvWfDP+5PC3mGf8IXwhdD7u+Tc6LxoWvSD6Pzogmh69MPowuhH0Yzoouji6JLo0uiy6PLoiujK6Kro6uia6Nrouuj66Iao97VzgEMnnHTKBS7G5XCxLqfL5a5wud2VLo/L6yLuKhfnrnb53DUuvyvgCrpCLt4VdkWcdsZZRy50RV0xF3XXuuLuOlfClXSlXGnnXBmX4Fq4lq6la+Ueda1dG9fWPeYec4+7x90T7gn3pOvgnnId3d9cJ/e06+yecc+4Z11X1811d8+5Hm58nvOvySTXx/VxfV1f19/1dwPcADfQDXSD3CCX7JLdEDfEDXVD3TA3zA13w91IN9KNcqPcaDfajXVjXYpLcRPcBDfRTXST3CQ32U12qS7VTXPT3HQ33VWdcf4os91sN9fNdWkuzc13WWvGdLfQLXQZLsMtdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W13290Ot8Pt9HnPT+r2uL1ur9vn9rn97kuX6b5yB9zX7qD7xh1y37rD7jt3xB11x9z37rj7wZ1wJ90pd9qdcT+6s+4nd855lxIZH5kQeSsyMfJ2ZFLknaxZI6mRqZFpkXcj0yMzIjMj70VmRd6PzI7MicyNzIukRT6IzI8siKRHPowsjHwUyYgsiiyOLIksjSyLeF94c+iL+mI+6q/1xf11voQv6Uv50t75Mj7BX+/L+ht8OX+jL+9v8hX8zb6ir+Qr+4d9U9/MN/ctfEv/iG/lH/WtfRvf1j/m2/nHfXv/hE/0T/oO/inf0f/Nd/JP+87+Gd/FP+u7+m6+u3/O9/DP+56+l0/yvX0f/4Lv6/v5/v5FP8C/5Af6l/0g/4pP9oP9EP+qH+pf88P86364H+FHxrzhR128RIZxPsWP9xP8W36if9tP8u/4yX6KT/VT/TT/rp/uZ/iZ/j0/y7/vZ/s5fq6f59P8B36+X+DT/Yd+of/IZ/hFF28q++V+hV/pV/nVfo1f69f59X6D3+g3+c1+i9/qt/nt/mO/w3/id/pdfrf/1O/xn/m9/nO/z3/h9/svfab/yh/wX/uD/ht/yH/rD/vv/BF/1B/z3/vj/gd/wp/0p/xpf8b/6M/6n/w5/p81xhhjjLE/ZPylpvhlz/nb+b1/Y4z4u537AMCVWwpl/n1/1opybf7z7X4ivl0EAJ7s1eWBi1uNGklJSRf2zZAQFJuTte6+ND4GLsWLoC08DonQBsr+Zv79RLcz9DvzR28CyPV3Y2LhUnxp/s8BMOk35n/ksZHzK4Sn4v4f888BKFHs0piccCleBG1/vr/SBsr9k/wLtPqd/HN+kQLQ+u/G5IZL8aX8E+BReAoSf7EnY4wxxhhjjDF2Xj9RudPF68+Lf/H5W9fn8erSmBxwKf6963PGGGOMMcYYY4xdfk936/7EI4mJbTr9641qv7+P+mMTxvxWVxP4dxPjxr/V8B7g/xYOAP7DCQGyGvKvPItNf8mxki+8dP6xa+lpH8B/Ryn/jMZlfmNijDHGGGOM/ekuLfp/+Xt1uRJijDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcayof/0O97gD3xL3+U+R8YYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+z8BAAD//9t19x0=")
r1 = syz_usb_connect(0x2, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="120100002d3d6a08c6050592ac29000000010902240003000000000904020000ff4f9b000904b000003a3846000904"], 0x0)
syz_usb_control_io$uac1(r1, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])

4.500029996s ago: executing program 6 (id=950):
socket$inet(0xa, 0x801, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb703000008000000b703000000000020850000007200000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000200)={0x38, 0x1403, 0x1, 0x70bd26, 0x25dfdbff, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'wg1\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x40}, 0x4008010)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYRES16=r0], 0x7c}}, 0x10)
r1 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@newqdisc={0x60, 0x24, 0xd0f, 0x70bd2d, 0x0, {0x60, 0x0, 0x0, r3, {0x0, 0xa}, {0xffff, 0xffff}, {0x1a, 0xffff}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x34, 0x2, [@TCA_TBF_PARMS={0x28, 0x1, {{0xea, 0x2, 0x0, 0x0, 0x9, 0x5}, {0x12, 0x2, 0x0, 0x401, 0x8001, 0x1400}, 0xa5, 0x5, 0xffffffd}}, @TCA_TBF_BURST={0x8, 0x6, 0x8057}]}}]}, 0x60}, 0x1, 0x0, 0x0, 0x40000}, 0x44080)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0xd0f, 0x70bd29, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffe0, 0xa}, {0xf, 0x10}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x24, 0x2, [@TCA_FQ_CODEL_MEMORY_LIMIT={0x8, 0x9, 0xffffffff}, @TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0x3}, @TCA_FQ_CODEL_LIMIT={0x8, 0x2, 0x101}, @TCA_FQ_CODEL_CE_THRESHOLD_MASK={0x5, 0xb, 0x8}]}}]}, 0x58}, 0x1, 0x0, 0x0, 0x55}, 0x4000)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r4, &(0x7f0000000040)={0xa, 0x3, 0x7, @loopback, 0x800000}, 0x1c)

4.289722277s ago: executing program 5 (id=951):
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
prlimit64(0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(r0, 0xc1105517, &(0x7f00000003c0)={{0x5, 0x6, 0x0, 0x5, 'syz0\x00', 0xffff}, 0x3, 0x400, 0xfffffff9, r1, 0x0, 0xff, 'syz1\x00', 0x0})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$tty1(0xc, 0x4, 0x1)
write$UHID_INPUT(r4, &(0x7f0000002080)={0xfc, {"a2e3ad09ed0d09f91b5e071887f70e09d038e7ff7fc6e5539b0d500a8b089b3f363563030890e0879b0af8c6e70a9b334a959b669a242f0a0af3988f7ef319520100ffe8d178708c523c921b1b5b31070d0773090acd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006)

3.87817859s ago: executing program 7 (id=952):
fsopen(0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$IPSET_CMD_GET_BYNAME(0xffffffffffffffff, 0x0, 0xc004004)
sched_setattr(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47f9, 0x0, 0x0, 0x0, 0x0)
mremap(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x3000, 0x2, &(0x7f0000ffc000/0x3000)=nil)
r2 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x109800, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r2, 0x3b81, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r3=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r0, 0x8916, &(0x7f0000000240)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x18, r3})
ioctl$IOMMU_TEST_OP_ADD_RESERVED(r2, 0x3ba0, 0x0)
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r2, 0x3ba0, &(0x7f0000000140)={0x48, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1})
fsopen(&(0x7f0000000000)='f2fs\x00', 0x0)
ioprio_set$pid(0x2, 0x0, 0x0)
r4 = openat$random(0xffffffffffffff9c, &(0x7f00000003c0), 0x40202, 0x0)
sendfile(r4, r4, 0x0, 0x4800000009)

3.081328724s ago: executing program 6 (id=953):
socket$nl_generic(0x10, 0x3, 0x10)
socket(0xa, 0x3, 0x3a)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
unshare(0x22020600)
r2 = syz_open_procfs$namespace(0x0, &(0x7f0000007880)='ns/cgroup\x00')
setns(r2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_DAT_CACHE(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000040)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4], 0x1c}}, 0x24044080)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
write$USERIO_CMD_SEND_INTERRUPT(0xffffffffffffffff, 0x0, 0x0)
r5 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCGETTUNNEL(r5, 0x89f0, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r6 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r7 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r6, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b50000000100"], 0xc8)
dup3(r7, r6, 0x0)
r8 = syz_open_dev$swradio(&(0x7f0000000040), 0x0, 0x2)
ioctl$VIDIOC_S_CTRL(r8, 0xc008561c, &(0x7f0000000000)={0xf0f041})
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0, 0x11, r8, 0x0)
r9 = syz_open_procfs(0x0, &(0x7f0000000380)='maps\x00')
pread64(r9, &(0x7f0000000600)=""/4091, 0xffb, 0x12c)

3.057144897s ago: executing program 5 (id=954):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB], 0xc8}, 0x1, 0x0, 0x0, 0x4000090}, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={0x8c, 0x0, 0x1, 0x401, 0x0, 0x0, {0x2}, [@CTA_TUPLE_ORIG={0x24, 0x1, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @multicast1}, {0x8, 0x2, @multicast1}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_TUPLE_REPLY={0x24, 0x2, 0x0, 0x1, [@CTA_TUPLE_IP={0x14, 0x1, 0x0, 0x1, @ipv4={{0x8, 0x1, @empty}, {0x8, 0x2, @loopback}}}, @CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5}}]}, @CTA_SEQ_ADJ_ORIG={0x1c, 0xf, 0x0, 0x1, [@CTA_SEQADJ_OFFSET_AFTER={0x8, 0x3, 0x1, 0x0, 0x8001}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x1}, @CTA_SEQADJ_OFFSET_BEFORE={0x8, 0x2, 0x1, 0x0, 0x7}]}, @CTA_STATUS={0x8, 0x3, 0x1, 0x0, 0x100e}, @CTA_SEQ_ADJ_REPLY={0xc, 0x4, 0x0, 0x1, [@CTA_SEQADJ_CORRECTION_POS={0x8}]}]}, 0x8c}}, 0x0)

2.104583233s ago: executing program 5 (id=955):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, 0x0, 0xc000)

1.713800731s ago: executing program 5 (id=956):
sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000180)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000000}, 0x48050)
socket(0x10, 0x3, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xc36e5000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
recvmmsg(r0, 0x0, 0x0, 0x45833af92e4b39ff, 0x0)

1.693172379s ago: executing program 7 (id=957):
openat$tun(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r0 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000018c0), 0xe0c81)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0xb, 0x8001, 0x0, 0x9, 0x0, 0x6, 0xfa11, 0xffffffff}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
sendto$inet(r3, &(0x7f0000000140)='^', 0x34000, 0x4f4, &(0x7f0000004ff0)={0x2, 0x0, @rand_addr=0xfffffffffffffffe}, 0x10)
listen(r3, 0xda92)
accept4(r3, 0x0, 0x0, 0x0)

1.669648275s ago: executing program 8 (id=958):
socket$tipc(0x1e, 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
bind$alg(0xffffffffffffffff, &(0x7f00000001c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(aes-generic)\x00'}, 0x58)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x2000000000000022, 0x0, 0x0)
close(0x3)
fanotify_init(0x200, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='fdinfo/3\x00')
ioctl$LOOP_CONFIGURE(r2, 0x4c0a, &(0x7f00000004c0)={0xffffffffffffffff, 0x7f, {0x0, 0x0, 0x0, 0x4d9, 0x1000, 0x0, 0x4, 0xc, 0xd0c923ae33bb993a, "33a06ba032769bcdc1e110ab557f1dd5109ed82f8fb9959a144221b808d6679386c1c88bb7f908000000025314b3139a1c0301b21ad0aaabf79454b41200", "7ce449f02591bcc3a9c5dd2ac482044ace2f7fc8a27ec68842fad491c42f1cbf357c3af34f3d93732627c18cb6ff16586bcc7d4fc038c6c70faa514796e66519", "66276b4152e108c1a315569381c472cfd3359dc7f9944a175c8edb88e702a77d", [0x6, 0x325]}})
unshare(0x68040200)

0s ago: executing program 5 (id=959):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0)
r1 = socket(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x44fc2, 0x1)
close(r3)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
mount$9p_fd(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f00000003c0)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r3, @ANYBLOB="ede2bb87fcaeee27ec5ebd4661fa171df0f9a02e6960013fe2b4103d415f43288ad0d7d05e69390d9c586727beaa7f095333a47727f5b2322d7485461371a2b36b", @ANYRESHEX=r5, @ANYBLOB=',\x00'])
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r6, &(0x7f000001b700)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x8004)
bind$netlink(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f0000007040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a030000000000000000000a00ecff0800010073797a300000000074000000160a010100000000000000000a00000008000740000000014000038008000140000000002c000380140001006e657464657673696d300000000000001400010076657468305f766c616e00000000000008000240000000070900010073797a3000000000090002"], 0xbc}}, 0x0)
sendmsg$inet_sctp(r2, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1, 0x0, 0x0, 0x804c040}, 0x1)
setsockopt$inet_sctp_SCTP_DEFAULT_SEND_PARAM(r2, 0x84, 0xa, &(0x7f0000000000)={0x7, 0x5404, 0x204, 0x4, 0x4, 0x1, 0x1, 0x80000001}, 0x20)
clock_settime(0x0, &(0x7f0000000040)={0x77359400})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0xffffffffffffffff, 0x0, &(0x7f00000000c0)={&(0x7f0000001540)=ANY=[@ANYBLOB="280000006800010000000000000400000a00000000000000030a2a670000000008000500", @ANYRES32=0x0, @ANYBLOB], 0x28}, 0x1, 0x0, 0x0, 0x20004880}, 0x0)
socket$rds(0x15, 0x5, 0x0)

kernel console output (not intermixed with test programs):

evsim netdevsim5 netdevsim1: renamed from eth1
[  337.641056][ T8282] Bluetooth: MGMT ver 1.23
[  338.296444][ T8048] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  338.333837][ T8048] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  338.407952][ T7842] veth1_macvtap: entered promiscuous mode
[  338.796370][ T5889] usb 9-1: new low-speed USB device number 4 using dummy_hcd
[  338.830851][ T7842] batman_adv: batadv0: Interface activated: batadv_slave_0
[  338.913031][ T7842] batman_adv: batadv0: Interface activated: batadv_slave_1
[  338.989472][ T5889] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  339.006801][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  339.050205][ T5889] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  339.075457][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  339.091842][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  339.101243][ T7863] veth0_vlan: entered promiscuous mode
[  339.110725][ T5889] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  339.119656][ T3507] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  339.126567][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  339.181738][ T5889] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  339.215043][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  339.222980][ T3507] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  339.246991][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  339.354391][ T7863] veth1_vlan: entered promiscuous mode
[  339.369352][ T3507] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  339.405110][ T3507] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  339.415664][ T5889] usb 9-1: config 168 descriptor has 1 excess byte, ignoring
[  339.427114][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  339.500211][ T5889] usb 9-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  339.540734][ T8048] 8021q: adding VLAN 0 to HW filter on device bond0
[  339.548600][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  339.591840][ T5889] usb 9-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  340.181003][ T6428] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.232444][ T6428] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.283636][ T6428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  340.284145][ T7863] veth0_macvtap: entered promiscuous mode
[  340.300194][ T6428] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  340.350426][ T7863] veth1_macvtap: entered promiscuous mode
[  340.390350][ T8048] 8021q: adding VLAN 0 to HW filter on device team0
[  340.435231][  T151] bridge0: port 1(bridge_slave_0) entered blocking state
[  340.442736][  T151] bridge0: port 1(bridge_slave_0) entered forwarding state
[  340.500727][  T151] bridge0: port 2(bridge_slave_1) entered blocking state
[  340.508069][  T151] bridge0: port 2(bridge_slave_1) entered forwarding state
[  340.601713][ T7863] batman_adv: batadv0: Interface activated: batadv_slave_0
[  340.651931][ T7863] batman_adv: batadv0: Interface activated: batadv_slave_1
[  340.690025][   T12] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  340.708184][   T12] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  341.738291][   T12] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  341.776198][ T6034] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  341.951910][ T5889] usb 9-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  341.996132][ T5889] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  342.034793][ T5889] usb 9-1: can't set config #168, error -71
[  342.068495][ T5889] usb 9-1: USB disconnect, device number 4
[  342.888306][ T3507] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  342.920624][ T3507] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  343.351035][ T8328] loop8: detected capacity change from 0 to 40427
[  343.409060][ T8328] F2FS-fs (loop8): invalid crc value
[  343.469074][ T8328] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  343.479232][ T8328] F2FS-fs (loop8): Start checkpoint disabled!
[  343.488116][ T8328] F2FS-fs (loop8): f2fs_disable_checkpoint() finish, err:0
[  343.499168][ T8328] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  343.947214][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  343.996593][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  344.475771][ T8048] 8021q: adding VLAN 0 to HW filter on device batadv0
[  344.493526][   T13] kworker/u8:1: attempt to access beyond end of device
[  344.493526][   T13] loop8: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  344.605749][  T151] kworker/u8:6: attempt to access beyond end of device
[  344.605749][  T151] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  344.686292][  T151] CPU: 0 UID: 0 PID: 151 Comm: kworker/u8:6 Not tainted syzkaller #0 PREEMPT(full) 
[  344.686343][  T151] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  344.686361][  T151] Workqueue: writeback wb_workfn (flush-7:8)
[  344.686408][  T151] Call Trace:
[  344.686418][  T151]  <TASK>
[  344.686429][  T151]  dump_stack_lvl+0x189/0x250
[  344.686474][  T151]  ? __pfx_dump_stack_lvl+0x10/0x10
[  344.686510][  T151]  ? __pfx_queue_work_on+0x10/0x10
[  344.686539][  T151]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  344.686574][  T151]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  344.686616][  T151]  f2fs_handle_critical_error+0x37c/0x540
[  344.686664][  T151]  f2fs_write_end_io+0x886/0xb60
[  344.686710][  T151]  __submit_merged_bio+0x27a/0x6a0
[  344.686753][  T151]  __submit_merged_write_cond+0x255/0x530
[  344.686798][  T151]  f2fs_write_data_pages+0x261d/0x3000
[  344.686871][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  344.686952][  T151]  ? __pfx_ieee80211_subif_start_xmit+0x10/0x10
[  344.686986][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687037][  T151]  ? __local_bh_enable_ip+0x12d/0x1c0
[  344.687064][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687097][  T151]  ? __local_bh_enable_ip+0x12d/0x1c0
[  344.687123][  T151]  ? __pfx___local_bh_enable_ip+0x10/0x10
[  344.687150][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687190][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687218][  T151]  ? __lock_acquire+0xab9/0xd20
[  344.687247][  T151]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  344.687272][  T151]  do_writepages+0x32e/0x550
[  344.687311][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687339][  T151]  ? reacquire_held_locks+0x127/0x1d0
[  344.687369][  T151]  ? writeback_sb_inodes+0x384/0x1010
[  344.687417][  T151]  __writeback_single_inode+0x145/0xff0
[  344.687451][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687480][  T151]  ? do_raw_spin_unlock+0x122/0x240
[  344.687520][  T151]  writeback_sb_inodes+0x6c7/0x1010
[  344.687582][  T151]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  344.687667][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687697][  T151]  ? rcu_is_watching+0x15/0xb0
[  344.687728][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.687764][  T151]  wb_writeback+0x43b/0xaf0
[  344.687809][  T151]  ? queue_io+0x301/0x590
[  344.687857][  T151]  ? __pfx_wb_writeback+0x10/0x10
[  344.687898][  T151]  ? _raw_spin_unlock_irq+0x23/0x50
[  344.687932][  T151]  wb_workfn+0x409/0xef0
[  344.687974][  T151]  ? __pfx_wb_workfn+0x10/0x10
[  344.688005][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.688030][  T151]  ? __lock_acquire+0xab9/0xd20
[  344.688063][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.688092][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.688121][  T151]  ? _raw_spin_unlock_irq+0x23/0x50
[  344.688147][  T151]  ? process_scheduled_works+0x9ef/0x17b0
[  344.688170][  T151]  ? process_scheduled_works+0x9ef/0x17b0
[  344.688196][  T151]  process_scheduled_works+0xae1/0x17b0
[  344.688251][  T151]  ? __pfx_process_scheduled_works+0x10/0x10
[  344.688283][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.688318][  T151]  worker_thread+0x8a0/0xda0
[  344.688346][  T151]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  344.688414][  T151]  ? __kthread_parkme+0x7b/0x200
[  344.688451][  T151]  kthread+0x711/0x8a0
[  344.688486][  T151]  ? __pfx_worker_thread+0x10/0x10
[  344.688510][  T151]  ? __pfx_kthread+0x10/0x10
[  344.688538][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.688567][  T151]  ? _raw_spin_unlock_irq+0x23/0x50
[  344.688593][  T151]  ? srso_alias_return_thunk+0x5/0xfbef5
[  344.688618][  T151]  ? lockdep_hardirqs_on+0x9c/0x150
[  344.688652][  T151]  ? __pfx_kthread+0x10/0x10
[  344.688685][  T151]  ret_from_fork+0x4bc/0x870
[  344.688713][  T151]  ? __pfx_ret_from_fork+0x10/0x10
[  344.688744][  T151]  ? __switch_to_asm+0x39/0x70
[  344.688763][  T151]  ? __switch_to_asm+0x33/0x70
[  344.688780][  T151]  ? __pfx_kthread+0x10/0x10
[  344.688812][  T151]  ret_from_fork_asm+0x1a/0x30
[  344.688855][  T151]  </TASK>
[  345.103698][  T151] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  345.156177][ T5875] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  345.474534][ T5875] usb 2-1: device descriptor read/64, error -71
[  345.746457][ T5875] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  345.816335][ T5889] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  345.922417][ T5875] usb 2-1: device descriptor read/64, error -71
[  346.001050][ T5889] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  346.011367][ T5889] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  346.021872][ T5889] usb 8-1: Product: syz
[  346.028973][ T5889] usb 8-1: Manufacturer: syz
[  346.033880][ T5889] usb 8-1: SerialNumber: syz
[  346.059406][ T5875] usb usb2-port1: attempt power cycle
[  346.063814][ T5889] usb 8-1: config 0 descriptor??
[  346.436569][ T5875] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  346.471818][ T5875] usb 2-1: device descriptor read/8, error -71
[  346.786744][ T5875] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  346.823563][ T5875] usb 2-1: device descriptor read/8, error -71
[  347.145162][ T5875] usb usb2-port1: unable to enumerate USB device
[  347.247149][ T8048] veth0_vlan: entered promiscuous mode
[  347.275130][ T8048] veth1_vlan: entered promiscuous mode
[  347.563631][ T8048] veth0_macvtap: entered promiscuous mode
[  347.639482][ T8048] veth1_macvtap: entered promiscuous mode
[  347.888851][ T8048] batman_adv: batadv0: Interface activated: batadv_slave_0
[  348.136711][  T979] usb 10-1: new low-speed USB device number 4 using dummy_hcd
[  348.404521][ T8048] batman_adv: batadv0: Interface activated: batadv_slave_1
[  348.509090][ T6428] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  348.537939][ T6428] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  348.558705][  T979] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  348.581776][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  348.581800][ T6428] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  348.581852][ T6428] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  348.646593][  T979] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  348.736155][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  348.775762][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  348.811244][  T979] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  348.872788][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  349.090857][  T979] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  349.124485][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  349.195800][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  349.286806][  T979] usb 10-1: config 168 descriptor has 1 excess byte, ignoring
[  349.347158][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  349.542333][  T979] usb 10-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  349.565357][ T6073] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  349.600300][ T6073] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  349.608496][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  349.691760][  T979] usb 10-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  350.027656][ T6428] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  350.088423][ T6428] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  350.747030][  T979] usb 10-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  350.780613][    T9] usb 8-1: USB disconnect, device number 5
[  350.820288][  T979] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.918097][ T8398] batadv_slave_1: entered promiscuous mode
[  350.956139][  T979] usb 10-1: can't set config #168, error -71
[  351.023138][  T979] usb 10-1: USB disconnect, device number 4
[  351.514160][ T8395] batadv_slave_1: left promiscuous mode
[  352.016674][    T9] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  352.207149][    T9] usb 9-1: Using ep0 maxpacket: 32
[  352.248319][    T9] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  352.283344][    T9] usb 9-1: config 0 has no interface number 0
[  352.325813][    T9] usb 9-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  352.389397][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.439354][    T9] usb 9-1: Product: syz
[  352.474285][    T9] usb 9-1: Manufacturer: syz
[  352.525166][    T9] usb 9-1: SerialNumber: syz
[  352.606394][    T9] usb 9-1: config 0 descriptor??
[  352.611663][ T5919] IPVS: starting estimator thread 0...
[  352.696214][ T8418] IPVS: using max 29 ests per chain, 69600 per kthread
[  352.758218][    T9] usb 9-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  352.803340][    T9] usb 9-1: selecting invalid altsetting 1
[  352.859407][    T9] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  352.941379][    T9] usb 9-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  353.083744][    T9] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  353.111588][    T9] usb 9-1: media controller created
[  353.241198][    T9] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  353.376902][ T8401] loop9: detected capacity change from 0 to 32768
[  353.456598][    T9] usb 9-1: dvb_usb_ce6230: usb_control_msg() failed=-71
[  353.489940][   T30] audit: type=1800 audit(1761886750.663:57): pid=8401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.572" name="file1" dev="loop9" ino=4 res=0 errno=0
[  353.539487][    T9] zl10353_read_register: readreg error (reg=127, ret==-71)
[  353.563994][    T9] usb 9-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  354.070801][    T9] usb 9-1: USB disconnect, device number 5
[  358.500213][ T5919] IPVS: starting estimator thread 0...
[  358.616146][ T8485] IPVS: using max 25 ests per chain, 60000 per kthread
[  360.239032][ T8504] vivid-008: disconnect
[  360.662301][ T8504] vivid-008: reconnect
[  360.915416][ T8512] batadv_slave_1: entered promiscuous mode
[  361.334269][ T8507] batadv_slave_1: left promiscuous mode
[  363.919030][  T979] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  364.136927][  T979] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  364.178139][  T979] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.210618][  T979] usb 7-1: Product: syz
[  364.225206][  T979] usb 7-1: Manufacturer: syz
[  364.276977][  T979] usb 7-1: SerialNumber: syz
[  364.335862][  T979] usb 7-1: config 0 descriptor??
[  364.610616][   T51] IPVS: starting estimator thread 0...
[  364.686044][ T5919] usb 10-1: new high-speed USB device number 5 using dummy_hcd
[  364.753508][ T8548] IPVS: using max 27 ests per chain, 64800 per kthread
[  364.987381][ T5919] usb 10-1: Using ep0 maxpacket: 8
[  365.007761][ T5919] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  365.196956][ T5919] usb 10-1: config 0 has no interface number 0
[  365.203382][ T5919] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  365.215112][ T5919] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  365.256152][ T5919] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  365.416130][ T5919] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  365.586555][ T5919] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  365.638468][ T5919] usb 10-1: config 0 descriptor??
[  365.688880][ T5919] ldusb 10-1:0.55: Interrupt in endpoint not found
[  365.897507][ T5875] usb 10-1: USB disconnect, device number 5
[  366.231179][ T8567] Illegal XDP return value 1111705458 on prog  (id 26) dev N/A, expect packet loss!
[  366.701477][ T8567] loop7: detected capacity change from 0 to 1024
[  366.978583][ T8567] EXT4-fs: Ignoring removed orlov option
[  366.984428][ T8567] EXT4-fs: Ignoring removed i_version option
[  367.254406][ T8567] EXT4-fs (loop7): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  367.458439][ T8567] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  367.567981][ T8567] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  368.383196][  T979] usb 7-1: USB disconnect, device number 2
[  370.843714][ T8609] batadv_slave_1: entered promiscuous mode
[  371.389145][ T8618] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  371.708980][ T8602] batadv_slave_1: left promiscuous mode
[  372.442496][ T8626] loop5: detected capacity change from 0 to 40427
[  372.466236][ T8626] F2FS-fs (loop5): invalid crc value
[  372.545546][ T5919] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  372.552171][ T8626] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  372.566009][ T8626] F2FS-fs (loop5): Start checkpoint disabled!
[  372.587132][ T8626] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  372.595001][ T8626] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  372.614536][ T7998] IPVS: starting estimator thread 0...
[  373.106232][ T8631] IPVS: using max 33 ests per chain, 79200 per kthread
[  373.170194][ T6134] kworker/u8:10: attempt to access beyond end of device
[  373.170194][ T6134] loop5: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  373.221454][ T6134] kworker/u8:10: attempt to access beyond end of device
[  373.221454][ T6134] loop5: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  373.256277][ T5919] usb 10-1: Using ep0 maxpacket: 8
[  373.326977][ T5919] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  373.377548][ T5919] usb 10-1: config 0 has no interface number 0
[  373.412142][ T6134] CPU: 0 UID: 0 PID: 6134 Comm: kworker/u8:10 Not tainted syzkaller #0 PREEMPT(full) 
[  373.412170][ T6134] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  373.412184][ T6134] Workqueue: writeback wb_workfn (flush-7:5)
[  373.412217][ T6134] Call Trace:
[  373.412226][ T6134]  <TASK>
[  373.412235][ T6134]  dump_stack_lvl+0x189/0x250
[  373.412269][ T6134]  ? __pfx_dump_stack_lvl+0x10/0x10
[  373.412296][ T6134]  ? __pfx_queue_work_on+0x10/0x10
[  373.412317][ T6134]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  373.412342][ T6134]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  373.412378][ T6134]  f2fs_handle_critical_error+0x37c/0x540
[  373.412415][ T6134]  f2fs_write_end_io+0x886/0xb60
[  373.412455][ T6134]  __submit_merged_bio+0x27a/0x6a0
[  373.412490][ T6134]  __submit_merged_write_cond+0x255/0x530
[  373.412525][ T6134]  f2fs_write_data_pages+0x261d/0x3000
[  373.412581][ T6134]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  373.412614][ T6134]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  373.412680][ T6134]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  373.412723][ T6134]  ? trace_f2fs_writepages+0x7f/0x200
[  373.412753][ T6134]  ? f2fs_write_node_pages+0x478/0x6e0
[  373.412797][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.412818][ T6134]  ? __lock_acquire+0xab9/0xd20
[  373.412843][ T6134]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  373.412863][ T6134]  do_writepages+0x32e/0x550
[  373.412895][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.412919][ T6134]  ? reacquire_held_locks+0x127/0x1d0
[  373.412940][ T6134]  ? writeback_sb_inodes+0x384/0x1010
[  373.412976][ T6134]  __writeback_single_inode+0x145/0xff0
[  373.413003][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413024][ T6134]  ? do_raw_spin_unlock+0x122/0x240
[  373.413056][ T6134]  writeback_sb_inodes+0x6c7/0x1010
[  373.413111][ T6134]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  373.413183][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413204][ T6134]  ? rcu_is_watching+0x15/0xb0
[  373.413227][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413258][ T6134]  wb_writeback+0x43b/0xaf0
[  373.413294][ T6134]  ? queue_io+0x301/0x590
[  373.413323][ T6134]  ? __pfx_wb_writeback+0x10/0x10
[  373.413360][ T6134]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.413388][ T6134]  wb_workfn+0x409/0xef0
[  373.413428][ T6134]  ? __pfx_wb_workfn+0x10/0x10
[  373.413455][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413475][ T6134]  ? __lock_acquire+0xab9/0xd20
[  373.413506][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413542][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413567][ T6134]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.413588][ T6134]  ? process_scheduled_works+0x9ef/0x17b0
[  373.413609][ T6134]  ? process_scheduled_works+0x9ef/0x17b0
[  373.413636][ T6134]  process_scheduled_works+0xae1/0x17b0
[  373.413689][ T6134]  ? __pfx_process_scheduled_works+0x10/0x10
[  373.413719][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413750][ T6134]  worker_thread+0x8a0/0xda0
[  373.413801][ T6134]  kthread+0x711/0x8a0
[  373.413832][ T6134]  ? __pfx_worker_thread+0x10/0x10
[  373.413852][ T6134]  ? __pfx_kthread+0x10/0x10
[  373.413874][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413901][ T6134]  ? _raw_spin_unlock_irq+0x23/0x50
[  373.413922][ T6134]  ? srso_alias_return_thunk+0x5/0xfbef5
[  373.413942][ T6134]  ? lockdep_hardirqs_on+0x9c/0x150
[  373.413965][ T6134]  ? __pfx_kthread+0x10/0x10
[  373.413992][ T6134]  ret_from_fork+0x4bc/0x870
[  373.414016][ T6134]  ? __pfx_ret_from_fork+0x10/0x10
[  373.414045][ T6134]  ? __switch_to_asm+0x39/0x70
[  373.414061][ T6134]  ? __switch_to_asm+0x33/0x70
[  373.414075][ T6134]  ? __pfx_kthread+0x10/0x10
[  373.414102][ T6134]  ret_from_fork_asm+0x1a/0x30
[  373.414139][ T6134]  </TASK>
[  374.216369][ T5919] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  374.367029][ T5919] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  374.387985][ T5919] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  374.451682][ T6134] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  374.546138][ T5919] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  374.555683][ T5919] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.707308][ T5919] usb 10-1: config 0 descriptor??
[  374.761744][ T5919] ldusb 10-1:0.55: Interrupt in endpoint not found
[  374.937776][ T5919] usb 10-1: USB disconnect, device number 6
[  375.318427][   T44] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  376.010919][   T44] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  376.041640][   T44] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  376.077641][   T44] usb 8-1: Product: syz
[  376.082652][   T44] usb 8-1: Manufacturer: syz
[  376.096604][   T44] usb 8-1: SerialNumber: syz
[  376.135487][   T44] usb 8-1: config 0 descriptor??
[  376.327285][ T8649] fuse: Unknown parameter 'group_i00000000000000000000'
[  376.602064][ T8654] loop6: detected capacity change from 0 to 2048
[  377.044062][ T8662] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  381.225272][ T8675] netlink: 8 bytes leftover after parsing attributes in process `syz.5.629'.
[  381.393256][ T8680] netlink: 8 bytes leftover after parsing attributes in process `syz.5.629'.
[  381.637012][ T8662] NILFS (loop6): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[  381.688324][ T8662] NILFS error (device loop6): nilfs_bmap_propagate: broken bmap (inode number=4)
[  381.720884][ T8675] 8021q: adding VLAN 0 to HW filter on device bond1
[  381.747146][ T8662] Remounting filesystem read-only
[  381.763386][ T7842] NILFS (loop6): disposed unprocessed dirty file(s) when stopping log writer
[  382.520992][ T8699] loop6: detected capacity change from 0 to 40427
[  382.613844][ T8699] F2FS-fs (loop6): invalid crc value
[  382.704822][ T8699] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  382.737696][ T8699] F2FS-fs (loop6): Start checkpoint disabled!
[  382.755323][ T8699] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  382.772731][ T8699] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  383.434585][ T6428] kworker/u8:15: attempt to access beyond end of device
[  383.434585][ T6428] loop6: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  383.515832][ T6034] kworker/u8:8: attempt to access beyond end of device
[  383.515832][ T6034] loop6: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  383.581296][ T6034] CPU: 0 UID: 0 PID: 6034 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  383.581333][ T6034] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  383.581352][ T6034] Workqueue: writeback wb_workfn (flush-7:6)
[  383.581394][ T6034] Call Trace:
[  383.581404][ T6034]  <TASK>
[  383.581416][ T6034]  dump_stack_lvl+0x189/0x250
[  383.581459][ T6034]  ? __pfx_dump_stack_lvl+0x10/0x10
[  383.581496][ T6034]  ? __pfx_queue_work_on+0x10/0x10
[  383.581523][ T6034]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  383.581556][ T6034]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  383.581604][ T6034]  f2fs_handle_critical_error+0x37c/0x540
[  383.581665][ T6034]  f2fs_write_end_io+0x886/0xb60
[  383.581715][ T6034]  __submit_merged_bio+0x27a/0x6a0
[  383.581767][ T6034]  __submit_merged_write_cond+0x255/0x530
[  383.581815][ T6034]  f2fs_write_data_pages+0x261d/0x3000
[  383.581885][ T6034]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  383.581907][ T6034]  ? __local_bh_enable_ip+0x12d/0x1c0
[  383.581955][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.581983][ T6034]  ? cfg80211_inform_single_bss_data+0x13da/0x1ac0
[  383.582056][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582092][ T6034]  ? unwind_next_frame+0xa5/0x2390
[  383.582148][ T6034]  ? rcu_read_lock_sched_held+0x89/0x100
[  383.582191][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582220][ T6034]  ? xfd_validate_state+0x6d/0x150
[  383.582254][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582282][ T6034]  ? __lock_acquire+0xab9/0xd20
[  383.582314][ T6034]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  383.582341][ T6034]  do_writepages+0x32e/0x550
[  383.582384][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582413][ T6034]  ? reacquire_held_locks+0x127/0x1d0
[  383.582443][ T6034]  ? writeback_sb_inodes+0x384/0x1010
[  383.582493][ T6034]  __writeback_single_inode+0x145/0xff0
[  383.582531][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582560][ T6034]  ? do_raw_spin_unlock+0x122/0x240
[  383.582603][ T6034]  writeback_sb_inodes+0x6c7/0x1010
[  383.582721][ T6034]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  383.582836][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582865][ T6034]  ? rcu_is_watching+0x15/0xb0
[  383.582894][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.582936][ T6034]  wb_writeback+0x43b/0xaf0
[  383.582985][ T6034]  ? queue_io+0x301/0x590
[  383.583027][ T6034]  ? __pfx_wb_writeback+0x10/0x10
[  383.583077][ T6034]  ? _raw_spin_unlock_irq+0x23/0x50
[  383.583118][ T6034]  wb_workfn+0x409/0xef0
[  383.583171][ T6034]  ? __pfx_wb_workfn+0x10/0x10
[  383.583208][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.583237][ T6034]  ? __lock_acquire+0xab9/0xd20
[  383.583278][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.583312][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.583347][ T6034]  ? _raw_spin_unlock_irq+0x23/0x50
[  383.583376][ T6034]  ? process_scheduled_works+0x9ef/0x17b0
[  383.583403][ T6034]  ? process_scheduled_works+0x9ef/0x17b0
[  383.583434][ T6034]  process_scheduled_works+0xae1/0x17b0
[  383.583507][ T6034]  ? __pfx_process_scheduled_works+0x10/0x10
[  383.583547][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.583589][ T6034]  worker_thread+0x8a0/0xda0
[  383.583624][ T6034]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  383.583677][ T6034]  ? __kthread_parkme+0x7b/0x200
[  383.583724][ T6034]  kthread+0x711/0x8a0
[  383.583765][ T6034]  ? __pfx_worker_thread+0x10/0x10
[  383.583793][ T6034]  ? __pfx_kthread+0x10/0x10
[  383.583824][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.583859][ T6034]  ? _raw_spin_unlock_irq+0x23/0x50
[  383.583888][ T6034]  ? srso_alias_return_thunk+0x5/0xfbef5
[  383.583917][ T6034]  ? lockdep_hardirqs_on+0x9c/0x150
[  383.583948][ T6034]  ? __pfx_kthread+0x10/0x10
[  383.583985][ T6034]  ret_from_fork+0x4bc/0x870
[  383.584018][ T6034]  ? __pfx_ret_from_fork+0x10/0x10
[  383.584057][ T6034]  ? __switch_to_asm+0x39/0x70
[  383.584079][ T6034]  ? __switch_to_asm+0x33/0x70
[  383.584100][ T6034]  ? __pfx_kthread+0x10/0x10
[  383.584137][ T6034]  ret_from_fork_asm+0x1a/0x30
[  383.584187][ T6034]  </TASK>
[  383.584198][ T6034] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  384.446126][  T979] usb 8-1: USB disconnect, device number 6
[  385.046082][  T979] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  385.225517][  T979] usb 8-1: Using ep0 maxpacket: 8
[  385.252731][  T979] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  385.262836][  T979] usb 8-1: config 0 has no interface number 0
[  385.275010][  T979] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  385.317648][  T979] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  385.601752][  T979] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  385.679250][  T979] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  385.749947][  T979] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  385.866152][  T979] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  385.906092][  T979] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  385.974022][  T979] usb 8-1: config 0 descriptor??
[  386.022931][ T8709] loop1: detected capacity change from 0 to 32768
[  386.030172][  T979] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  386.235122][ T8720] ldusb 8-1:0.55: Couldn't submit interrupt_in_urb -90
[  386.399503][ T5919] usb 8-1: USB disconnect, device number 7
[  386.441067][ T8709] ocfs2: Mounting device (7,1) on (node local, slot 0) with writeback data mode.
[  386.603911][ T5919] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  386.630936][ T7863] ocfs2: Unmounting device (7,1) on (node local)
[  386.708437][ T8743] fuse: Bad value for 'fd'
[  387.356159][    T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd
[  387.555198][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  387.561912][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  387.596081][    T9] usb 7-1: Using ep0 maxpacket: 32
[  387.614375][    T9] usb 7-1: config 0 has no interfaces?
[  387.632760][    T9] usb 7-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  387.653723][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  387.672947][    T9] usb 7-1: Product: syz
[  387.693280][    T9] usb 7-1: Manufacturer: syz
[  387.713783][    T9] usb 7-1: SerialNumber: syz
[  387.796935][    T9] usb 7-1: config 0 descriptor??
[  388.042065][ T5889] usb 7-1: USB disconnect, device number 3
[  388.117563][ T8756] fuse: Unknown parameter 'group_id00000000000000000000'
[  389.633062][ T5846] Bluetooth: hci2: command 0x0406 tx timeout
[  389.730773][ T8787] loop8: detected capacity change from 0 to 128
[  390.737329][ T8800] fuse: Invalid rootmode
[  391.247795][    T9] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  391.284210][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  391.337207][ T8807] FAT-fs (loop8): Filesystem has been set read-only
[  391.419778][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  391.466462][    T9] usb 10-1: Using ep0 maxpacket: 8
[  391.484384][    T9] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  391.509725][    T9] usb 10-1: config 0 has no interface number 0
[  391.522734][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  391.573711][    T9] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  391.615835][    T9] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  391.631381][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  391.701527][    T9] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  391.766040][    T9] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  391.806080][    T9] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  391.849766][    T9] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  391.870155][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  391.876170][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.962693][    T9] usb 10-1: config 0 descriptor??
[  391.976113][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  392.021912][ T8798] loop6: detected capacity change from 0 to 32768
[  392.052517][    T9] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  392.143557][ T8817] vivid-000: disconnect
[  392.268526][ T8798] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  392.287347][ T8805] ldusb 10-1:0.55: Couldn't submit interrupt_in_urb -90
[  392.317720][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  392.318707][  T979] usb 10-1: USB disconnect, device number 7
[  392.391936][  T979] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[  392.606476][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  392.629402][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  392.698416][ T8807] FAT-fs (loop8): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  392.862297][   T30] audit: type=1800 audit(1761886790.043:58): pid=8807 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.8.651" name="file2" dev="loop8" ino=1048673 res=0 errno=0
[  392.896103][ T8817] vivid-000: reconnect
[  393.228813][ T8827] Invalid source name
[  393.233004][ T8827] UBIFS error (pid: 8827): cannot open "./file0", error -22
[  393.420833][ T7842] ocfs2: Unmounting device (7,6) on (node local)
[  394.786087][ T5969] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  395.006340][ T5969] usb 10-1: Using ep0 maxpacket: 32
[  395.020144][ T5969] usb 10-1: config 0 has an invalid interface number: 1 but max is 0
[  395.186150][ T5969] usb 10-1: config 0 has no interface number 0
[  395.433131][ T5969] usb 10-1: New USB device found, idVendor=8086, idProduct=9500, bcdDevice=b6.d8
[  395.556113][ T5969] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.586656][ T5969] usb 10-1: Product: syz
[  395.590982][ T5969] usb 10-1: Manufacturer: syz
[  395.616089][ T5969] usb 10-1: SerialNumber: syz
[  395.652189][ T5969] usb 10-1: config 0 descriptor??
[  395.689485][ T5969] usb 10-1: dvb_usb_v2: found a 'Intel CE9500 reference design' in warm state
[  395.763267][ T5969] usb 10-1: selecting invalid altsetting 1
[  395.816108][ T5969] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-22
[  395.875307][ T5969] usb 10-1: dvb_usb_v2: will pass the complete MPEG2 transport stream to the software demuxer
[  395.966431][ T5969] dvbdev: DVB: registering new adapter (Intel CE9500 reference design)
[  395.996898][ T5969] usb 10-1: media controller created
[  396.253529][ T8852] vivid-002: disconnect
[  396.444861][ T5969] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  396.987088][ T8833] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-110
[  397.069023][ T5969] usb 10-1: dvb_usb_ce6230: usb_control_msg() failed=-32
[  397.090836][ T8852] vivid-002: reconnect
[  397.156283][ T5969] zl10353_read_register: readreg error (reg=127, ret==-32)
[  397.210082][ T5969] usb 10-1: dvb_usb_ce6230: usb_set_interface() failed=-71
[  397.460628][ T5969] usb 10-1: USB disconnect, device number 8
[  399.866335][ T5142] Bluetooth: hci4: command 0x0406 tx timeout
[  399.872523][ T5836] Bluetooth: hci0: command 0x0406 tx timeout
[  401.219060][ T8895] loop7: detected capacity change from 0 to 128
[  401.349234][ T8895] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  401.416047][ T8906] loop8: detected capacity change from 0 to 128
[  401.454476][ T8895] ext4 filesystem being mounted at /30/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  401.508699][ T8886] loop5: detected capacity change from 0 to 32768
[  401.549307][ T5919] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  401.587067][ T8906] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  401.618345][ T5846] Bluetooth: hci2: unexpected event 0x03 length: 1 < 11
[  401.659977][ T8886] ocfs2: Mounting device (7,5) on (node local, slot 0) with writeback data mode.
[  401.673328][ T8906] ext4 filesystem being mounted at /42/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  401.756583][ T5919] usb 7-1: Using ep0 maxpacket: 8
[  401.929439][ T5919] usb 7-1: config 0 has an invalid interface number: 55 but max is 0
[  402.013847][ T5919] usb 7-1: config 0 has no interface number 0
[  402.093856][ T5919] usb 7-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  402.282811][ T5919] usb 7-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  402.342713][ T7489] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  402.412393][ T5919] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  402.514683][ T5919] usb 7-1: config 0 interface 55 altsetting 0 endpoint 0x8B has invalid wMaxPacketSize 0
[  402.576130][ T5919] usb 7-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  402.631480][ T8048] ocfs2: Unmounting device (7,5) on (node local)
[  402.643050][ T5919] usb 7-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  402.652936][ T8919] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  402.720046][ T8922] loop1: detected capacity change from 0 to 128
[  402.726425][ T5919] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  402.770455][ T5919] usb 7-1: config 0 descriptor??
[  402.839920][ T5919] ldusb 7-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  403.036808][ T5919] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  403.060747][ T8901] ldusb 7-1:0.55: Couldn't submit interrupt_in_urb -90
[  403.145836][    T9] usb 7-1: USB disconnect, device number 4
[  403.248255][    T9] ldusb 7-1:0.55: LD USB Device #0 now disconnected
[  403.870777][ T5919] usb 10-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  404.058390][ T5919] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  404.218356][ T5919] usb 10-1: Product: syz
[  404.222760][ T5919] usb 10-1: Manufacturer: syz
[  404.227605][ T5919] usb 10-1: SerialNumber: syz
[  404.237264][ T5919] usb 10-1: config 0 descriptor??
[  405.204968][ T8959] netlink: 'syz.5.683': attribute type 4 has an invalid length.
[  405.227292][ T8959] netlink: 'syz.5.683': attribute type 4 has an invalid length.
[  405.368539][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  405.455070][ T8961] FAT-fs (loop1): Filesystem has been set read-only
[  405.555670][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  405.682247][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  405.756121][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  405.805348][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  405.856134][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  405.930742][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  406.126446][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  406.314612][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  406.342148][ T8969] loop6: detected capacity change from 0 to 1024
[  406.350971][ T8969] EXT4-fs: Ignoring removed orlov option
[  406.358731][ T8969] EXT4-fs: Ignoring removed i_version option
[  406.368509][ T8969] EXT4-fs (loop6): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  406.398051][ T8969] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.437171][ T8969] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  406.526427][ T8961] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  406.567892][   T30] audit: type=1800 audit(1761886803.763:59): pid=8961 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.676" name="file2" dev="loop1" ino=1048674 res=0 errno=0
[  407.631787][ T5889] usb 10-1: USB disconnect, device number 9
[  407.750389][ T7550] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  407.992195][ T8985] loop5: detected capacity change from 0 to 128
[  408.233109][ T8985] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  408.404599][ T8985] ext4 filesystem being mounted at /23/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  408.639033][ T5846] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11
[  408.973535][ T8048] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  409.128030][ T8999] policy can only be matched on NF_INET_PRE_ROUTING
[  409.128057][ T8999] unable to load match
[  410.506091][    T9] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  410.530031][ T9025] ip_tunnel: non-ECT from 172.20.20.187 with TOS=0x2
[  410.711076][ T5875] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  410.726123][    T9] usb 2-1: Using ep0 maxpacket: 8
[  410.737715][    T9] usb 2-1: config 0 has an invalid interface number: 55 but max is 0
[  410.749501][    T9] usb 2-1: config 0 has no interface number 0
[  410.800132][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  410.811719][    T9] usb 2-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  410.842954][    T9] usb 2-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  410.896344][ T5875] usb 6-1: Using ep0 maxpacket: 8
[  410.912761][    T9] usb 2-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  410.944228][    T9] usb 2-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  410.947782][ T5875] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  410.964083][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  410.977130][    T9] usb 2-1: config 0 descriptor??
[  411.082377][    T9] ldusb 2-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  411.136246][ T5875] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  411.210458][    T9] usb 2-1: USB disconnect, device number 22
[  411.244417][    T9] ldusb 2-1:0.55: LD USB Device #0 now disconnected
[  411.302987][ T5875] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  411.442127][ T5875] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  411.487681][ T9037] loop6: detected capacity change from 0 to 128
[  411.509673][ T5875] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  411.519155][ T5875] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.751537][ T9037] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  411.925106][ T9037] ext4 filesystem being mounted at /26/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  411.950978][ T5875] usb 6-1: GET_CAPABILITIES returned 0
[  411.981553][ T5875] usbtmc 6-1:16.0: can't read capabilities
[  412.324731][ T9017] raw_sendmsg: syz.5.694 forgot to set AF_INET. Fix it!
[  412.497797][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.537364][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.546656][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.594986][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.611393][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.620976][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.630298][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.639716][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.817910][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.827138][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.836226][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.845557][    C0] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.933893][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.943168][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  412.952327][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  413.099639][    C1] usbtmc 6-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  413.121923][ T5875] usb 6-1: USB disconnect, device number 15
[  413.130384][ T9052] loop1: detected capacity change from 0 to 128
[  413.372432][ T9052] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  413.454632][ T9052] ext4 filesystem being mounted at /21/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  413.643231][ T5846] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11
[  413.992312][ T7863] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  414.668291][ T9071] loop9: detected capacity change from 0 to 128
[  415.013876][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.024935][ T9075] FAT-fs (loop9): Filesystem has been set read-only
[  415.031844][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.042198][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.052538][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.065395][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.076350][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.087098][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.097276][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.107431][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.118001][ T9075] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  415.128869][   T30] audit: type=1800 audit(1761886812.323:60): pid=9075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.706" name="file2" dev="loop9" ino=1048675 res=0 errno=0
[  417.129047][ T9088] netlink: 40 bytes leftover after parsing attributes in process `syz.9.708'.
[  417.162331][ T9088] netlink: 32 bytes leftover after parsing attributes in process `syz.9.708'.
[  417.956518][ T9100] syz_tun: entered allmulticast mode
[  417.988400][ T7842] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  418.177127][ T9102] syz_tun: left allmulticast mode
[  418.356450][ T5889] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  418.563257][ T5889] usb 10-1: Using ep0 maxpacket: 8
[  418.610166][ T5889] usb 10-1: config 0 has an invalid interface number: 55 but max is 0
[  418.628611][ T5889] usb 10-1: config 0 has no interface number 0
[  418.687241][ T9113] loop5: detected capacity change from 0 to 128
[  418.720975][ T5889] usb 10-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  418.793262][ T5889] usb 10-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  418.825349][ T9091] loop8: detected capacity change from 0 to 32768
[  418.855357][ T9113] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  418.867806][    T9] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  418.877924][ T9119] loop6: detected capacity change from 0 to 512
[  418.891474][ T5889] usb 10-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  418.897799][ T9119] EXT4-fs: Ignoring removed oldalloc option
[  418.933015][ T9119] EXT4-fs (loop6): Test dummy encryption mode enabled
[  418.951897][ T9119] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  418.956035][ T5889] usb 10-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  418.990809][ T9113] ext4 filesystem being mounted at /28/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  418.993346][ T9091] ocfs2: Mounting device (7,8) on (node local, slot 0) with writeback data mode.
[  419.035543][ T9119] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  419.077024][    T9] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  419.099772][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  419.111865][ T9119] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.717: bad orphan inode 131083
[  419.164461][ T5889] usb 10-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  419.185350][    T9] usb 8-1: Product: syz
[  419.190216][ T7550] ocfs2: Unmounting device (7,8) on (node local)
[  419.200822][ T5142] Bluetooth: hci1: unexpected event 0x03 length: 1 < 11
[  419.230349][ T9119] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  419.254499][    T9] usb 8-1: Manufacturer: syz
[  419.295835][ T5889] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  419.320083][    T9] usb 8-1: SerialNumber: syz
[  419.516567][ T5875] usb 2-1: new high-speed USB device number 23 using dummy_hcd
[  419.555988][ T5889] usb 10-1: config 0 descriptor??
[  419.931275][ T8048] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  419.940747][    T9] usb 8-1: config 0 descriptor??
[  419.961968][ T5889] ldusb 10-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  419.984036][ T7842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.015688][ T5889] usb 10-1: USB disconnect, device number 10
[  420.036896][ T5875] usb 2-1: Using ep0 maxpacket: 8
[  420.071670][ T5875] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  420.129657][ T5875] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  420.183850][ T5889] ldusb 10-1:0.55: LD USB Device #0 now disconnected
[  420.213145][ T5875] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  420.296039][ T5875] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  420.348140][ T5836] Bluetooth: hci3: command 0x0406 tx timeout
[  420.354760][ T5142] Bluetooth: hci6: command 0x0406 tx timeout
[  420.396098][ T5875] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  420.405403][ T5875] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  421.183119][ T5875] usb 2-1: GET_CAPABILITIES returned 0
[  421.223051][ T5875] usbtmc 2-1:16.0: can't read capabilities
[  421.322822][ T9151] mmap: syz.6.722 (9151) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  421.405364][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.414495][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.423599][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.432789][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.454657][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.464318][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.473521][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.482806][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.492004][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.524033][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.533185][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.542302][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.551420][    C1] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.567027][ T9150] netlink: 192 bytes leftover after parsing attributes in process `syz.6.722'.
[  421.614083][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.623335][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.632466][    C0] usbtmc 2-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  421.753208][ T5889] usb 2-1: USB disconnect, device number 23
[  423.955165][ T9185] loop9: detected capacity change from 0 to 1024
[  423.962779][ T9185] EXT4-fs: Ignoring removed orlov option
[  423.969821][ T9185] EXT4-fs: Ignoring removed i_version option
[  424.204587][ T9185] EXT4-fs (loop9): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  424.388677][ T9185] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  424.423590][ T9185] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.533203][ T5906] usb 8-1: USB disconnect, device number 8
[  426.000112][   T30] audit: type=1326 audit(1761886823.183:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  426.358378][   T30] audit: type=1326 audit(1761886823.183:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  426.601476][   T30] audit: type=1326 audit(1761886823.193:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  426.909904][   T30] audit: type=1326 audit(1761886823.243:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  427.031519][ T9213] loop9: detected capacity change from 0 to 512
[  427.160224][   T30] audit: type=1326 audit(1761886823.243:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  427.510794][ T9213] EXT4-fs: Ignoring removed oldalloc option
[  427.751686][ T9213] EXT4-fs (loop9): Test dummy encryption mode enabled
[  427.761982][ T9213] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  427.796819][   T30] audit: type=1326 audit(1761886823.343:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa5e0d8d810 code=0x7ffc0000
[  427.819054][    C1] vkms_vblank_simulate: vblank timer overrun
[  427.886259][ T5889] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  427.924989][   T30] audit: type=1326 audit(1761886823.343:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  427.930016][ T9213] EXT4-fs error (device loop9): ext4_orphan_get:1418: comm syz.9.734: bad orphan inode 131083
[  427.947864][   T30] audit: type=1326 audit(1761886823.343:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  427.982454][   T30] audit: type=1326 audit(1761886823.343:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  428.004566][    C1] vkms_vblank_simulate: vblank timer overrun
[  428.033478][   T30] audit: type=1326 audit(1761886823.343:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9195 comm="syz.5.730" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5e0d8efc9 code=0x7ffc0000
[  428.055856][    C1] vkms_vblank_simulate: vblank timer overrun
[  428.089055][ T9213] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  428.106082][ T5889] usb 8-1: Using ep0 maxpacket: 8
[  428.147885][ T5889] usb 8-1: config 0 has an invalid interface number: 55 but max is 0
[  428.176042][ T5889] usb 8-1: config 0 has no interface number 0
[  428.185403][ T5889] usb 8-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  428.290010][ T5889] usb 8-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  428.354224][ T5889] usb 8-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  428.894331][ T7621] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.904436][ T5889] usb 8-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  428.945233][ T5889] usb 8-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  429.001648][ T5889] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  429.074601][ T5889] usb 8-1: config 0 descriptor??
[  429.159982][ T5889] ldusb 8-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  429.380801][ T5875] usb 8-1: USB disconnect, device number 9
[  429.414006][ T5875] ldusb 8-1:0.55: LD USB Device #0 now disconnected
[  429.780375][ T5906] usb 10-1: new high-speed USB device number 11 using dummy_hcd
[  429.968371][ T5906] usb 10-1: Using ep0 maxpacket: 8
[  430.013735][ T5906] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  430.086955][ T5906] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  430.160210][ T9246] wg1 speed is unknown, defaulting to 1000
[  430.164172][ T5906] usb 10-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  430.209004][ T9246] wg1 speed is unknown, defaulting to 1000
[  430.253824][ T9249] loop7: detected capacity change from 0 to 128
[  430.261448][ T5906] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  430.503211][ T5906] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  430.515763][ T5906] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  430.617828][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.629915][ T9252] FAT-fs (loop7): Filesystem has been set read-only
[  430.637051][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.647649][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.657841][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.668030][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.678273][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.688429][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.698770][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.709140][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  430.720010][ T9252] FAT-fs (loop7): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  431.417242][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.436164][ T5906] usb 10-1: GET_CAPABILITIES returned 0
[  431.457327][ T5906] usbtmc 10-1:16.0: can't read capabilities
[  431.533748][ T9246] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  431.656172][ T9246] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  431.708726][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.718308][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.727517][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.736867][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.790547][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.805373][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.814608][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.824071][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.833265][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.844378][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.851887][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.861983][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.871233][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.878722][ T9246] wg1 speed is unknown, defaulting to 1000
[  431.913182][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.922396][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  431.931964][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  432.036730][    T9] usb 6-1: new high-speed USB device number 16 using dummy_hcd
[  432.177208][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  432.186768][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  432.196054][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  432.205269][    C1] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  432.327280][    T9] usb 6-1: Using ep0 maxpacket: 8
[  432.356878][    T9] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  432.371085][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  432.400631][    C0] usbtmc 10-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  432.413778][    T9] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  432.431159][ T5889] usb 10-1: USB disconnect, device number 11
[  432.635659][    T9] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  432.997526][    T9] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  433.049412][    T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.400654][    T9] usb 6-1: GET_CAPABILITIES returned 0
[  433.438414][    T9] usbtmc 6-1:16.0: can't read capabilities
[  433.617649][ T9293] netlink: 'syz.7.747': attribute type 4 has an invalid length.
[  433.674312][ T9294] netlink: 'syz.7.747': attribute type 4 has an invalid length.
[  433.765951][ T5889] usb 6-1: USB disconnect, device number 16
[  434.326324][ T5889] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  434.517355][ T5889] usb 9-1: Using ep0 maxpacket: 8
[  434.542584][ T5889] usb 9-1: config 6 has an invalid interface number: 2 but max is 0
[  434.543968][ T9310] loop6: detected capacity change from 0 to 512
[  434.567372][ T5889] usb 9-1: config 6 has no interface number 0
[  434.604377][ T5889] usb 9-1: config 6 interface 2 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  434.652602][ T5889] usb 9-1: config 6 interface 2 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  434.678619][ T9310] EXT4-fs: Ignoring removed oldalloc option
[  434.696167][ T9310] EXT4-fs (loop6): Test dummy encryption mode enabled
[  434.713396][ T5889] usb 9-1: config 6 interface 2 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  434.739745][ T9310] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  434.826325][ T5889] usb 9-1: config 6 interface 2 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  435.736071][   T53] Bluetooth: hci1: command 0x0406 tx timeout
[  435.804149][ T5889] usb 9-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  435.847207][ T9310] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.750: bad orphan inode 131083
[  435.915253][ T5889] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.151665][ T5889] usb 9-1: Product: syz
[  436.389028][ T9310] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  436.454548][ T5889] usb 9-1: Manufacturer: syz
[  436.516425][ T5889] usb 9-1: SerialNumber: syz
[  436.686700][ T5889] hso 9-1:6.2: Failed to find BULK IN ep
[  437.123250][ T7842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  437.194977][ T9333] fuse: Unknown parameter 'group_id00000000000000000000'
[  437.743637][ T9344] netlink: 24 bytes leftover after parsing attributes in process `syz.5.757'.
[  438.660999][ T9357] fuse: Bad value for 'fd'
[  439.051234][ T9359] netlink: 40 bytes leftover after parsing attributes in process `syz.1.761'.
[  439.077347][ T9359] netlink: 32 bytes leftover after parsing attributes in process `syz.1.761'.
[  439.706268][ T5969] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  439.913803][ T5969] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  439.980639][ T5969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.031458][ T5969] usb 2-1: Product: syz
[  440.056014][ T5969] usb 2-1: Manufacturer: syz
[  440.060676][ T5969] usb 2-1: SerialNumber: syz
[  440.137445][ T5969] usb 2-1: config 0 descriptor??
[  441.643125][ T5919] usb 9-1: USB disconnect, device number 6
[  442.086290][ T5889] usb 6-1: new high-speed USB device number 17 using dummy_hcd
[  442.267115][ T9386] loop6: detected capacity change from 0 to 1024
[  442.275073][ T9386] EXT4-fs: Ignoring removed orlov option
[  442.281012][ T9386] EXT4-fs: Ignoring removed i_version option
[  442.291033][ T9386] EXT4-fs (loop6): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  442.345088][ T9386] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  442.365583][ T9386] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  442.407585][ T5889] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  442.505872][ T5889] usb 6-1: config 1 descriptor has 1 excess byte, ignoring
[  442.536384][ T5889] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  442.545597][ T5889] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  442.629349][ T5889] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  442.671341][ T5889] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  442.725179][ T5889] usb 6-1: Product: syz
[  442.763690][ T5889] usb 6-1: Manufacturer: syz
[  442.806206][ T7998] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  442.823994][ T5889] cdc_wdm 6-1:1.0: skipping garbage
[  442.839089][ T5889] cdc_wdm 6-1:1.0: probe with driver cdc_wdm failed with error -22
[  442.925703][ T9399] loop9: detected capacity change from 0 to 512
[  442.960443][ T9399] EXT4-fs: Ignoring removed oldalloc option
[  442.977466][ T9399] EXT4-fs (loop9): Test dummy encryption mode enabled
[  443.012722][ T7998] usb 9-1: Using ep0 maxpacket: 8
[  443.023414][ T9399] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  443.038289][ T7998] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  443.066676][ T7998] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  443.106469][ T9399] EXT4-fs error (device loop9): ext4_orphan_get:1418: comm syz.9.768: bad orphan inode 131083
[  443.126353][ T7998] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  443.165290][ T7998] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  443.190981][ T9399] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  443.280104][ T7998] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  443.311867][ T7998] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  443.592424][ T7998] usb 9-1: GET_CAPABILITIES returned 0
[  443.673662][ T7998] usbtmc 9-1:16.0: can't read capabilities
[  444.363680][ T7621] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  444.382402][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.391856][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.400986][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.410131][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.506465][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.515604][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.530378][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.539856][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.548977][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.558176][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.686388][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.695627][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.704752][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.713837][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.749057][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.758279][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  444.843091][ T5919] usb 6-1: USB disconnect, device number 17
[  444.898194][ T5813] usb 9-1: USB disconnect, device number 7
[  444.928098][ T9413] tipc: Started in network mode
[  444.998683][ T9413] tipc: Node identity , cluster identity 4711
[  445.101481][ T9413] tipc: Failed to obtain node identity
[  445.136108][ T9413] tipc: Enabling of bearer <eth:ip6gre0> rejected, failed to enable media
[  445.297391][ T7998] usb 2-1: USB disconnect, device number 24
[  446.043995][ T9435] loop8: detected capacity change from 0 to 128
[  446.081222][ T9435] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  446.155394][ T9435] ext4 filesystem being mounted at /53/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  446.165136][ T9438] fuse: Bad value for 'fd'
[  446.306335][ T5846] Bluetooth: hci0: unexpected event 0x03 length: 1 < 11
[  446.576052][ T7550] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  448.119644][ T9468] netlink: 'syz.8.783': attribute type 4 has an invalid length.
[  448.511982][ T9471] netlink: 'syz.8.783': attribute type 4 has an invalid length.
[  449.096313][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  449.102709][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  449.586270][ T5969] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  449.810347][ T5969] usb 2-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  449.868143][ T5969] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  449.927264][ T5969] usb 2-1: Product: syz
[  449.946128][ T5969] usb 2-1: Manufacturer: syz
[  449.973323][ T5969] usb 2-1: SerialNumber: syz
[  450.020856][ T5969] usb 2-1: config 0 descriptor??
[  451.509582][ T9479] loop7: detected capacity change from 0 to 32768
[  451.745823][ T9479] XFS (loop7): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  451.869667][ T9479] XFS (loop7): Ending clean mount
[  452.162293][ T7489] XFS (loop7): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  452.290832][ T9519] siw: device registration error -23
[  452.355145][ T9521] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  453.336471][ T9532] loop8: detected capacity change from 0 to 1024
[  453.343960][ T9532] EXT4-fs: Ignoring removed orlov option
[  453.350590][ T9532] EXT4-fs: Ignoring removed i_version option
[  453.368636][ T9532] EXT4-fs (loop8): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  453.406039][   T30] kauditd_printk_skb: 28 callbacks suppressed
[  453.406062][   T30] audit: type=1326 audit(1761886850.593:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  453.530077][ T9532] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  453.548748][ T9532] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  453.606435][   T30] audit: type=1326 audit(1761886850.653:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  453.707511][   T30] audit: type=1326 audit(1761886850.653:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=314 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  453.832949][   T30] audit: type=1326 audit(1761886850.653:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  453.857772][   T30] audit: type=1326 audit(1761886850.653:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  453.881151][   T30] audit: type=1326 audit(1761886850.653:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  453.903800][   T30] audit: type=1326 audit(1761886850.663:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  454.091226][ T9544] netlink: 24 bytes leftover after parsing attributes in process `syz.9.795'.
[  454.174188][   T30] audit: type=1326 audit(1761886850.673:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff358f8d810 code=0x7ffc0000
[  454.327035][   T30] audit: type=1326 audit(1761886850.763:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  454.525557][   T30] audit: type=1326 audit(1761886850.763:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9530 comm="syz.7.792" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff358f8efc9 code=0x7ffc0000
[  455.486654][  T979] usb 2-1: USB disconnect, device number 25
[  455.755601][ T9560] fuse: Bad value for 'user_id'
[  455.779794][ T9560] fuse: Bad value for 'user_id'
[  456.987536][  T979] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  457.348116][  T979] usb 7-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  457.377782][  T979] usb 7-1: config 1 has an invalid descriptor of length 49, skipping remainder of the config
[  457.426188][  T979] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 66
[  457.435311][  T979] usb 7-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  457.567801][  T979] usb 7-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  457.603389][  T979] usb 7-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  457.654295][  T979] usb 7-1: Product: syz
[  457.663916][  T979] usb 7-1: Manufacturer: syz
[  457.724576][  T979] cdc_wdm 7-1:1.0: skipping garbage
[  457.768616][  T979] cdc_wdm 7-1:1.0: skipping garbage
[  457.800933][  T979] cdc_wdm 7-1:1.0: probe with driver cdc_wdm failed with error -22
[  457.912806][ T9587] loop8: detected capacity change from 0 to 2048
[  458.034569][ T9591] NILFS (loop8): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  459.735037][ T5889] usb 7-1: USB disconnect, device number 5
[  460.031636][ T9582] loop9: detected capacity change from 0 to 32768
[  460.556592][ T9582] XFS (loop9): Mounting V5 Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  460.718780][ T9582] XFS (loop9): Ending clean mount
[  460.918826][ T5969] usb 6-1: new high-speed USB device number 18 using dummy_hcd
[  461.128128][ T5969] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  461.154928][ T7621] XFS (loop9): Unmounting Filesystem 986211a9-7d00-4ebf-a576-e3de63fa2cbd
[  461.207912][ T5969] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.208449][ T9626] Invalid source name
[  461.220842][ T9626] UBIFS error (pid: 9626): cannot open "./file0", error -22
[  461.487829][ T5969] usb 6-1: Product: syz
[  461.692972][ T5969] usb 6-1: Manufacturer: syz
[  461.698259][ T5969] usb 6-1: SerialNumber: syz
[  461.755545][ T5969] usb 6-1: config 0 descriptor??
[  462.028770][ T5875] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  462.256601][ T5875] usb 9-1: Using ep0 maxpacket: 8
[  462.274978][ T5875] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  462.449361][ T5875] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  462.513692][ T5875] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  462.525412][ T5875] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  462.632841][ T5875] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  462.875211][ T5875] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  463.143976][ T5875] usb 9-1: GET_CAPABILITIES returned 0
[  463.196362][ T5875] usbtmc 9-1:16.0: can't read capabilities
[  463.329375][ T9650] loop9: detected capacity change from 0 to 1024
[  463.853542][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  463.862851][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  463.872149][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  463.881254][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  463.890454][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.032953][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.042139][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.051252][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.060689][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.123569][ T9659] loop1: detected capacity change from 0 to 128
[  464.226458][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.235629][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.244775][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.254059][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.325942][ T9659] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  464.459895][ T9667] loop9: detected capacity change from 0 to 128
[  464.479950][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.489268][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.498419][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  464.556396][ T9659] ext4 filesystem being mounted at /38/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  464.589480][   T44] usb 9-1: USB disconnect, device number 8
[  465.682295][ T9678] loop7: detected capacity change from 0 to 40427
[  465.736596][ T9678] F2FS-fs (loop7): invalid crc value
[  465.827253][ T9678] F2FS-fs (loop7): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  465.886476][ T9678] F2FS-fs (loop7): Start checkpoint disabled!
[  465.896469][ T9678] F2FS-fs (loop7): f2fs_disable_checkpoint() finish, err:0
[  465.915624][ T9678] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  466.625145][ T6438] kworker/u8:21: attempt to access beyond end of device
[  466.625145][ T6438] loop7: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  466.717771][ T6438] kworker/u8:21: attempt to access beyond end of device
[  466.717771][ T6438] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  466.780126][ T6438] CPU: 1 UID: 0 PID: 6438 Comm: kworker/u8:21 Not tainted syzkaller #0 PREEMPT(full) 
[  466.780163][ T6438] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  466.780197][ T6438] Workqueue: writeback wb_workfn (flush-7:7)
[  466.780244][ T6438] Call Trace:
[  466.780255][ T6438]  <TASK>
[  466.780266][ T6438]  dump_stack_lvl+0x189/0x250
[  466.780317][ T6438]  ? __pfx_dump_stack_lvl+0x10/0x10
[  466.780354][ T6438]  ? __pfx_queue_work_on+0x10/0x10
[  466.780383][ T6438]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  466.780418][ T6438]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  466.780470][ T6438]  f2fs_handle_critical_error+0x37c/0x540
[  466.780509][ T6438]  f2fs_write_end_io+0x886/0xb60
[  466.780549][ T6438]  __submit_merged_bio+0x27a/0x6a0
[  466.780588][ T6438]  __submit_merged_write_cond+0x255/0x530
[  466.780629][ T6438]  f2fs_write_data_pages+0x261d/0x3000
[  466.780685][ T6438]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  466.780728][ T6438]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  466.780791][ T6438]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  466.780834][ T6438]  ? trace_f2fs_writepages+0x7f/0x200
[  466.780864][ T6438]  ? f2fs_write_node_pages+0x478/0x6e0
[  466.780897][ T6438]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  466.780931][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.780952][ T6438]  ? __lock_acquire+0xab9/0xd20
[  466.780976][ T6438]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  466.780996][ T6438]  do_writepages+0x32e/0x550
[  466.781028][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781048][ T6438]  ? reacquire_held_locks+0x127/0x1d0
[  466.781069][ T6438]  ? writeback_sb_inodes+0x384/0x1010
[  466.781107][ T6438]  __writeback_single_inode+0x145/0xff0
[  466.781134][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781154][ T6438]  ? do_raw_spin_unlock+0x122/0x240
[  466.781186][ T6438]  writeback_sb_inodes+0x6c7/0x1010
[  466.781248][ T6438]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  466.781322][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781342][ T6438]  ? rcu_is_watching+0x15/0xb0
[  466.781364][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781395][ T6438]  wb_writeback+0x43b/0xaf0
[  466.781431][ T6438]  ? queue_io+0x301/0x590
[  466.781462][ T6438]  ? __pfx_wb_writeback+0x10/0x10
[  466.781498][ T6438]  ? _raw_spin_unlock_irq+0x23/0x50
[  466.781527][ T6438]  wb_workfn+0x409/0xef0
[  466.781567][ T6438]  ? __pfx_wb_workfn+0x10/0x10
[  466.781594][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781614][ T6438]  ? __lock_acquire+0xab9/0xd20
[  466.781645][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781669][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781695][ T6438]  ? _raw_spin_unlock_irq+0x23/0x50
[  466.781720][ T6438]  ? process_scheduled_works+0x9ef/0x17b0
[  466.781740][ T6438]  ? process_scheduled_works+0x9ef/0x17b0
[  466.781767][ T6438]  process_scheduled_works+0xae1/0x17b0
[  466.781821][ T6438]  ? __pfx_process_scheduled_works+0x10/0x10
[  466.781850][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.781881][ T6438]  worker_thread+0x8a0/0xda0
[  466.781907][ T6438]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  466.781939][ T6438]  ? __kthread_parkme+0x7b/0x200
[  466.781974][ T6438]  kthread+0x711/0x8a0
[  466.782003][ T6438]  ? __pfx_worker_thread+0x10/0x10
[  466.782024][ T6438]  ? __pfx_kthread+0x10/0x10
[  466.782046][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.782071][ T6438]  ? _raw_spin_unlock_irq+0x23/0x50
[  466.782092][ T6438]  ? srso_alias_return_thunk+0x5/0xfbef5
[  466.782113][ T6438]  ? lockdep_hardirqs_on+0x9c/0x150
[  466.782135][ T6438]  ? __pfx_kthread+0x10/0x10
[  466.782162][ T6438]  ret_from_fork+0x4bc/0x870
[  466.782186][ T6438]  ? __pfx_ret_from_fork+0x10/0x10
[  466.782215][ T6438]  ? __switch_to_asm+0x39/0x70
[  466.782231][ T6438]  ? __switch_to_asm+0x33/0x70
[  466.782245][ T6438]  ? __pfx_kthread+0x10/0x10
[  466.782272][ T6438]  ret_from_fork_asm+0x1a/0x30
[  466.782309][ T6438]  </TASK>
[  467.329411][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.339843][ T9694] FAT-fs (loop9): Filesystem has been set read-only
[  467.346763][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.356956][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.367204][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.377601][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.388653][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.398945][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.409254][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.419631][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.430287][ T9694] FAT-fs (loop9): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  467.726272][ T6438] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  467.836115][   T30] kauditd_printk_skb: 27 callbacks suppressed
[  467.836142][   T30] audit: type=1800 audit(1761886864.633:136): pid=9694 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.9.822" name="file2" dev="loop9" ino=1048677 res=0 errno=0
[  468.057128][ T5875] usb 6-1: USB disconnect, device number 18
[  468.464923][ T7863] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  469.336466][ T5875] usb 6-1: new high-speed USB device number 19 using dummy_hcd
[  470.021474][ T5875] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  470.049039][ T5875] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  470.120134][ T5875] usb 6-1: Product: syz
[  470.124448][ T5875] usb 6-1: Manufacturer: syz
[  470.150753][ T5875] usb 6-1: SerialNumber: syz
[  470.179766][ T5875] usb 6-1: config 0 descriptor??
[  471.039772][ T9725] siw: device registration error -23
[  471.852807][ T9735] loop6: detected capacity change from 0 to 512
[  471.927271][ T9735] EXT4-fs: Ignoring removed oldalloc option
[  471.992464][ T9735] EXT4-fs (loop6): Test dummy encryption mode enabled
[  472.004070][ T9735] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  472.082506][ T9735] EXT4-fs error (device loop6): ext4_orphan_get:1418: comm syz.6.834: bad orphan inode 131083
[  472.130297][ T9735] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  472.262690][ T9741] netlink: 8 bytes leftover after parsing attributes in process `syz.9.835'.
[  472.984812][ T7842] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  473.356284][ T9750] loop9: detected capacity change from 0 to 40427
[  473.428114][ T9750] F2FS-fs (loop9): invalid crc value
[  473.546260][ T9750] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  473.557041][ T9750] F2FS-fs (loop9): Start checkpoint disabled!
[  473.579183][ T9750] F2FS-fs (loop9): f2fs_disable_checkpoint() finish, err:0
[  473.611480][ T9750] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e6
[  474.314934][ T3507] kworker/u8:7: attempt to access beyond end of device
[  474.314934][ T3507] loop9: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  474.468312][ T9769] vivid-006: disconnect
[  474.714006][ T3507] kworker/u8:7: attempt to access beyond end of device
[  474.714006][ T3507] loop9: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  474.919151][ T3507] CPU: 0 UID: 0 PID: 3507 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  474.919194][ T3507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  474.919212][ T3507] Workqueue: writeback wb_workfn (flush-7:9)
[  474.919255][ T3507] Call Trace:
[  474.919265][ T3507]  <TASK>
[  474.919276][ T3507]  dump_stack_lvl+0x189/0x250
[  474.919320][ T3507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  474.919356][ T3507]  ? __pfx_queue_work_on+0x10/0x10
[  474.919385][ T3507]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  474.919416][ T3507]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  474.919460][ T3507]  f2fs_handle_critical_error+0x37c/0x540
[  474.919505][ T3507]  f2fs_write_end_io+0x886/0xb60
[  474.919549][ T3507]  __submit_merged_bio+0x27a/0x6a0
[  474.919592][ T3507]  __submit_merged_write_cond+0x255/0x530
[  474.919637][ T3507]  f2fs_write_data_pages+0x261d/0x3000
[  474.919697][ T3507]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  474.919730][ T3507]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  474.919782][ T3507]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  474.919821][ T3507]  ? trace_f2fs_writepages+0x7f/0x200
[  474.919850][ T3507]  ? f2fs_write_node_pages+0x478/0x6e0
[  474.919881][ T3507]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[  474.919912][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.919934][ T3507]  ? __lock_acquire+0xab9/0xd20
[  474.919960][ T3507]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  474.919995][ T3507]  do_writepages+0x32e/0x550
[  474.920036][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920062][ T3507]  ? reacquire_held_locks+0x127/0x1d0
[  474.920084][ T3507]  ? writeback_sb_inodes+0x384/0x1010
[  474.920118][ T3507]  __writeback_single_inode+0x145/0xff0
[  474.920145][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920166][ T3507]  ? do_raw_spin_unlock+0x122/0x240
[  474.920207][ T3507]  writeback_sb_inodes+0x6c7/0x1010
[  474.920257][ T3507]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  474.920319][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920339][ T3507]  ? rcu_is_watching+0x15/0xb0
[  474.920361][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920390][ T3507]  wb_writeback+0x43b/0xaf0
[  474.920423][ T3507]  ? queue_io+0x301/0x590
[  474.920451][ T3507]  ? __pfx_wb_writeback+0x10/0x10
[  474.920485][ T3507]  ? _raw_spin_unlock_irq+0x23/0x50
[  474.920512][ T3507]  wb_workfn+0x409/0xef0
[  474.920547][ T3507]  ? __pfx_wb_workfn+0x10/0x10
[  474.920572][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920592][ T3507]  ? __lock_acquire+0xab9/0xd20
[  474.920620][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920643][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920667][ T3507]  ? _raw_spin_unlock_irq+0x23/0x50
[  474.920688][ T3507]  ? process_scheduled_works+0x9ef/0x17b0
[  474.920707][ T3507]  ? process_scheduled_works+0x9ef/0x17b0
[  474.920731][ T3507]  process_scheduled_works+0xae1/0x17b0
[  474.920777][ T3507]  ? __pfx_process_scheduled_works+0x10/0x10
[  474.920805][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.920833][ T3507]  worker_thread+0x8a0/0xda0
[  474.920856][ T3507]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  474.920886][ T3507]  ? __kthread_parkme+0x7b/0x200
[  474.920917][ T3507]  kthread+0x711/0x8a0
[  474.920946][ T3507]  ? __pfx_worker_thread+0x10/0x10
[  474.920970][ T3507]  ? __pfx_kthread+0x10/0x10
[  474.920992][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.921016][ T3507]  ? _raw_spin_unlock_irq+0x23/0x50
[  474.921037][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  474.921057][ T3507]  ? lockdep_hardirqs_on+0x9c/0x150
[  474.921083][ T3507]  ? __pfx_kthread+0x10/0x10
[  474.921120][ T3507]  ret_from_fork+0x4bc/0x870
[  474.921152][ T3507]  ? __pfx_ret_from_fork+0x10/0x10
[  474.921182][ T3507]  ? __switch_to_asm+0x39/0x70
[  474.921197][ T3507]  ? __switch_to_asm+0x33/0x70
[  474.921212][ T3507]  ? __pfx_kthread+0x10/0x10
[  474.921237][ T3507]  ret_from_fork_asm+0x1a/0x30
[  474.921270][ T3507]  </TASK>
[  475.324611][ T3507] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  475.860736][ T9774] syzkaller0: entered promiscuous mode
[  475.890913][ T9774] syzkaller0: entered allmulticast mode
[  476.010778][ T9773] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  476.093435][ T9769] vivid-006: reconnect
[  476.184391][ T5889] usb 6-1: USB disconnect, device number 19
[  479.030808][ T9812] loop5: detected capacity change from 0 to 512
[  479.100187][ T9812] EXT4-fs: Ignoring removed oldalloc option
[  479.154954][ T9812] EXT4-fs (loop5): Test dummy encryption mode enabled
[  479.226306][ T9812] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  479.325135][ T9812] EXT4-fs error (device loop5): ext4_orphan_get:1418: comm syz.5.850: bad orphan inode 131083
[  479.358288][ T9812] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  479.436051][ T5969] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  480.066030][ T5969] usb 8-1: Using ep0 maxpacket: 32
[  480.106076][ T5969] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  480.133667][ T5969] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  480.134960][ T8048] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  480.169281][ T5969] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 56, changing to 9
[  480.190675][ T5969] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has invalid maxpacket 9275, setting to 1024
[  480.262097][ T5969] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  480.384781][ T5969] usb 8-1: config 0 interface 0 has no altsetting 0
[  480.429530][ T5969] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  480.485802][ T5969] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  480.559054][ T5969] usb 8-1: Product: syz
[  480.599548][ T5969] usb 8-1: Manufacturer: syz
[  480.629452][ T5969] usb 8-1: SerialNumber: syz
[  480.892621][ T9837] syz.5.855 (9837): /proc/9837/oom_adj is deprecated, please use /proc/9837/oom_score_adj instead.
[  480.963115][ T5969] usb 8-1: config 0 descriptor??
[  481.294483][ T9814] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  481.344291][ T5969] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  481.451291][ T5969] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  481.713180][ T9849] vivid-008: disconnect
[  482.059905][ T5889] usb 8-1: USB disconnect, device number 10
[  482.066266][    C0] ldusb 8-1:0.0: usb_submit_urb failed (-19)
[  482.267274][ T5889] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  482.652225][ T9849] vivid-008: reconnect
[  482.993150][ T9868] siw: device registration error -23
[  483.029520][ T9868] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  484.611346][ T9890] loop7: detected capacity change from 0 to 512
[  484.696790][ T9890] EXT4-fs: Ignoring removed oldalloc option
[  484.782262][ T9890] EXT4-fs (loop7): Test dummy encryption mode enabled
[  484.878724][ T9890] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  485.043532][ T9890] EXT4-fs error (device loop7): ext4_orphan_get:1418: comm syz.7.867: bad orphan inode 131083
[  485.162728][ T9890] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  485.324954][ T9901] netlink: 8 bytes leftover after parsing attributes in process `syz.5.868'.
[  485.481780][ T9902] netlink: 8 bytes leftover after parsing attributes in process `syz.5.868'.
[  485.622661][ T9902] netlink: 8 bytes leftover after parsing attributes in process `syz.5.868'.
[  486.049265][ T7489] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  488.496681][ T9939] siw: device registration error -23
[  488.566627][ T9939] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  491.416692][ T9970] vivid-002: disconnect
[  491.711946][ T9973] vivid-008: disconnect
[  492.178401][ T9970] vivid-002: reconnect
[  492.511717][ T9973] vivid-008: reconnect
[  493.282747][ T9982] loop5: detected capacity change from 0 to 128
[  493.341681][ T9966] loop8: detected capacity change from 0 to 32768
[  493.519212][ T9966] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop8 (7:8) scanned by syz.8.881 (9966)
[  493.766045][ T9966] BTRFS info (device loop8): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  493.855287][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.865704][ T9986] FAT-fs (loop5): Filesystem has been set read-only
[  493.868874][ T9966] BTRFS info (device loop8): using crc32c (crc32c-lib) checksum algorithm
[  493.873095][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.895305][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.905647][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.916064][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.926364][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.936593][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.947263][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.957813][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.968153][ T9986] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 550, start 05000006)
[  493.985981][   T30] audit: type=1800 audit(1761886891.173:137): pid=9986 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.884" name="file2" dev="loop5" ino=1048678 res=0 errno=0
[  494.217368][ T9966] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  494.270420][ T9966] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  494.368548][ T9966] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  494.578164][ T9966] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  494.677548][ T9966] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  494.747418][ T9966] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  495.033360][ T9966] BTRFS error (device loop8): open_ctree failed: -12
[  495.889036][T10016] netlink: 192 bytes leftover after parsing attributes in process `syz.7.885'.
[  495.911376][   T44] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  496.019396][T10016] netdevsim netdevsim7: Direct firmware load for ..€ failed with error -2
[  496.077356][T10016] netdevsim netdevsim7: Falling back to sysfs fallback for: ..€
[  496.126394][   T44] usb 9-1: Using ep0 maxpacket: 8
[  496.151797][   T44] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  496.182500][   T44] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  496.206254][ T5969] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  496.278925][   T44] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  496.332140][   T44] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  496.463740][ T5969] usb 2-1: device descriptor read/64, error -71
[  496.506303][   T44] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  496.537575][   T44] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  496.761593][ T5969] usb 2-1: new high-speed USB device number 27 using dummy_hcd
[  496.826252][   T44] usb 9-1: GET_CAPABILITIES returned 0
[  496.842801][   T44] usbtmc 9-1:16.0: can't read capabilities
[  496.931166][ T5969] usb 2-1: device descriptor read/64, error -71
[  497.071212][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.076478][ T5969] usb usb2-port1: attempt power cycle
[  497.080356][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.095095][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.326036][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.335560][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.344692][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.444629][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.453813][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.462927][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.472094][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.564045][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.573250][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.601779][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.611065][    C0] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.616403][ T5969] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  497.655529][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.664785][    C1] usbtmc 9-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  497.707567][ T5969] usb 2-1: device descriptor read/8, error -71
[  497.773508][  T979] usb 9-1: USB disconnect, device number 9
[  498.051164][ T5969] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  498.109745][ T5969] usb 2-1: device descriptor read/8, error -71
[  498.246592][ T5969] usb usb2-port1: unable to enumerate USB device
[  498.816630][ T5919] usb 10-1: new high-speed USB device number 12 using dummy_hcd
[  499.345433][T10063] vivid-004: disconnect
[  499.358176][   T44] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  499.394619][ T5919] usb 10-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  499.408578][ T5919] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.424267][ T5919] usb 10-1: Product: syz
[  499.476544][ T5919] usb 10-1: Manufacturer: syz
[  499.502275][ T5919] usb 10-1: SerialNumber: syz
[  499.656122][   T44] usb 9-1: Using ep0 maxpacket: 8
[  499.672573][   T44] usb 9-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  499.694540][ T5919] usb 10-1: config 0 descriptor??
[  499.751696][   T44] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  499.779109][   T44] usb 9-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  499.866364][T10054] vivid-004: reconnect
[  499.962023][   T44] usb 9-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  500.066022][   T44] usb 9-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  500.189833][   T44] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  500.821411][   T44] usb 9-1: GET_CAPABILITIES returned 0
[  500.828008][   T44] usbtmc 9-1:16.0: can't read capabilities
[  501.209548][   T44] usb 9-1: USB disconnect, device number 10
[  502.021701][T10065] loop6: detected capacity change from 0 to 32768
[  504.699233][T10103] loop8: detected capacity change from 0 to 40427
[  504.767462][T10085] veth0_to_team: entered promiscuous mode
[  504.773261][T10085] veth0_to_team: entered allmulticast mode
[  504.894937][T10103] F2FS-fs (loop8): invalid crc value
[  505.002895][T10103] F2FS-fs (loop8): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  505.016613][T10103] F2FS-fs (loop8): Start checkpoint disabled!
[  505.027365][T10103] F2FS-fs (loop8): f2fs_disable_checkpoint() finish, err:0
[  505.046240][T10103] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  505.566063][ T5813] usb 10-1: USB disconnect, device number 12
[  505.627017][ T3507] kworker/u8:7: attempt to access beyond end of device
[  505.627017][ T3507] loop8: rw=1, sector=45096, nr_sectors = 8 limit=40427
[  505.711547][ T3507] kworker/u8:7: attempt to access beyond end of device
[  505.711547][ T3507] loop8: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  506.446275][ T3507] CPU: 0 UID: 0 PID: 3507 Comm: kworker/u8:7 Not tainted syzkaller #0 PREEMPT(full) 
[  506.446311][ T3507] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  506.446329][ T3507] Workqueue: writeback wb_workfn (flush-7:8)
[  506.446370][ T3507] Call Trace:
[  506.446380][ T3507]  <TASK>
[  506.446391][ T3507]  dump_stack_lvl+0x189/0x250
[  506.446435][ T3507]  ? __pfx_dump_stack_lvl+0x10/0x10
[  506.446470][ T3507]  ? __pfx_queue_work_on+0x10/0x10
[  506.446499][ T3507]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[  506.446532][ T3507]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  506.446577][ T3507]  f2fs_handle_critical_error+0x37c/0x540
[  506.446625][ T3507]  f2fs_write_end_io+0x886/0xb60
[  506.446672][ T3507]  __submit_merged_bio+0x27a/0x6a0
[  506.446718][ T3507]  __submit_merged_write_cond+0x255/0x530
[  506.446764][ T3507]  f2fs_write_data_pages+0x261d/0x3000
[  506.446830][ T3507]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  506.446872][ T3507]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  506.446944][ T3507]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  506.446984][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447040][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447069][ T3507]  ? check_buffer+0x259/0x750
[  506.447103][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447133][ T3507]  ? __rb_reserve_next+0x7d2/0xdb0
[  506.447166][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447194][ T3507]  ? __lock_acquire+0xab9/0xd20
[  506.447225][ T3507]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  506.447252][ T3507]  do_writepages+0x32e/0x550
[  506.447292][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447321][ T3507]  ? reacquire_held_locks+0x127/0x1d0
[  506.447350][ T3507]  ? writeback_sb_inodes+0x384/0x1010
[  506.447399][ T3507]  __writeback_single_inode+0x145/0xff0
[  506.447435][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447464][ T3507]  ? do_raw_spin_unlock+0x122/0x240
[  506.447506][ T3507]  writeback_sb_inodes+0x6c7/0x1010
[  506.447576][ T3507]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  506.447662][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447691][ T3507]  ? rcu_is_watching+0x15/0xb0
[  506.447721][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.447761][ T3507]  wb_writeback+0x43b/0xaf0
[  506.447807][ T3507]  ? queue_io+0x301/0x590
[  506.447846][ T3507]  ? __pfx_wb_writeback+0x10/0x10
[  506.447893][ T3507]  ? _raw_spin_unlock_irq+0x23/0x50
[  506.447930][ T3507]  wb_workfn+0x409/0xef0
[  506.447994][ T3507]  ? __pfx_wb_workfn+0x10/0x10
[  506.448038][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.448066][ T3507]  ? __lock_acquire+0xab9/0xd20
[  506.448105][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.448136][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.448170][ T3507]  ? _raw_spin_unlock_irq+0x23/0x50
[  506.448200][ T3507]  ? process_scheduled_works+0x9ef/0x17b0
[  506.448228][ T3507]  ? process_scheduled_works+0x9ef/0x17b0
[  506.448258][ T3507]  process_scheduled_works+0xae1/0x17b0
[  506.448321][ T3507]  ? __pfx_process_scheduled_works+0x10/0x10
[  506.448358][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.448398][ T3507]  worker_thread+0x8a0/0xda0
[  506.448431][ T3507]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  506.448472][ T3507]  ? __kthread_parkme+0x7b/0x200
[  506.448515][ T3507]  kthread+0x711/0x8a0
[  506.448577][ T3507]  ? __pfx_worker_thread+0x10/0x10
[  506.448603][ T3507]  ? __pfx_kthread+0x10/0x10
[  506.448634][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.448668][ T3507]  ? _raw_spin_unlock_irq+0x23/0x50
[  506.448696][ T3507]  ? srso_alias_return_thunk+0x5/0xfbef5
[  506.448725][ T3507]  ? lockdep_hardirqs_on+0x9c/0x150
[  506.448755][ T3507]  ? __pfx_kthread+0x10/0x10
[  506.448792][ T3507]  ret_from_fork+0x4bc/0x870
[  506.448823][ T3507]  ? __pfx_ret_from_fork+0x10/0x10
[  506.448858][ T3507]  ? __switch_to_asm+0x39/0x70
[  506.448878][ T3507]  ? __switch_to_asm+0x33/0x70
[  506.448898][ T3507]  ? __pfx_kthread+0x10/0x10
[  506.448933][ T3507]  ret_from_fork_asm+0x1a/0x30
[  506.448975][ T3507]  </TASK>
[  506.448986][ T3507] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  506.948056][T10119] loop9: detected capacity change from 0 to 256
[  506.963533][T10119] exfat: Deprecated parameter 'namecase'
[  507.277907][T10119] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  507.453451][T10129] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  507.606055][  T979] usb 10-1: new full-speed USB device number 13 using dummy_hcd
[  508.170446][  T979] usb 10-1: config 0 has an invalid interface number: 176 but max is 2
[  508.236033][  T979] usb 10-1: config 0 has no interface number 1
[  508.242351][  T979] usb 10-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  508.344171][  T979] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  508.450122][  T979] usb 10-1: config 0 descriptor??
[  509.276934][  T979] qcserial 10-1:0.2: Qualcomm USB modem converter detected
[  509.351364][  T979] usb 10-1: USB disconnect, device number 13
[  509.406424][  T979] qcserial 10-1:0.2: device disconnected
[  509.535036][T10142] vivid-004: disconnect
[  510.125309][T10153] netlink: 24 bytes leftover after parsing attributes in process `syz.8.908'.
[  510.447311][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  510.453905][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  510.761477][T10142] vivid-004: reconnect
[  512.030631][T10168] netlink: 192 bytes leftover after parsing attributes in process `syz.1.917'.
[  512.126382][T10168] netdevsim netdevsim1: Direct firmware load for ..€ failed with error -2
[  512.296169][T10168] netdevsim netdevsim1: Falling back to sysfs fallback for: ..€
[  513.397871][T10177] fuse: Unknown parameter 'user_i00000000000000000000'
[  513.792734][T10183] netlink: 24 bytes leftover after parsing attributes in process `syz.7.922'.
[  516.219196][   T53] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  516.253466][   T53] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  516.264731][   T53] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  516.306818][   T53] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  516.324671][   T53] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  516.471172][T10201] wg1 speed is unknown, defaulting to 1000
[  516.874932][T10211] netlink: 192 bytes leftover after parsing attributes in process `syz.6.926'.
[  517.216341][T10211] netdevsim netdevsim6: Direct firmware load for ..€ failed with error -2
[  517.225817][T10211] netdevsim netdevsim6: Falling back to sysfs fallback for: ..€
[  517.522737][T10201] chnl_net:caif_netlink_parms(): no params data found
[  517.547271][T10219] loop1: detected capacity change from 0 to 256
[  517.582423][T10219] exfat: Deprecated parameter 'namecase'
[  517.749079][T10219] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  518.136507][ T5813] usb 2-1: new full-speed USB device number 30 using dummy_hcd
[  518.259789][T10201] bridge0: port 1(bridge_slave_0) entered blocking state
[  518.267526][T10201] bridge0: port 1(bridge_slave_0) entered disabled state
[  518.351378][ T5813] usb 2-1: config 0 has an invalid interface number: 176 but max is 2
[  518.360496][T10201] bridge_slave_0: entered allmulticast mode
[  518.376106][ T5813] usb 2-1: config 0 has no interface number 1
[  518.392732][ T5813] usb 2-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  518.402580][T10201] bridge_slave_0: entered promiscuous mode
[  518.426156][   T53] Bluetooth: hci4: command tx timeout
[  518.430028][ T5813] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  518.443154][T10201] bridge0: port 2(bridge_slave_1) entered blocking state
[  518.529184][T10201] bridge0: port 2(bridge_slave_1) entered disabled state
[  518.537702][ T5813] usb 2-1: config 0 descriptor??
[  518.576207][T10201] bridge_slave_1: entered allmulticast mode
[  518.647113][T10201] bridge_slave_1: entered promiscuous mode
[  518.809728][ T5813] qcserial 2-1:0.2: Qualcomm USB modem converter detected
[  519.291478][T10201] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  519.343247][ T5813] usb 2-1: USB disconnect, device number 30
[  519.384830][ T5813] qcserial 2-1:0.2: device disconnected
[  519.393907][T10201] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  520.523520][   T53] Bluetooth: hci4: command tx timeout
[  520.970477][T10201] team0: Port device team_slave_0 added
[  521.743977][T10253] veth0_to_team: entered promiscuous mode
[  521.751297][T10253] veth0_to_team: entered allmulticast mode
[  521.865585][T10201] team0: Port device team_slave_1 added
[  522.166381][T10201] batman_adv: batadv0: Adding interface: batadv_slave_0
[  522.210051][T10201] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  522.347406][T10201] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  522.361833][T10201] batman_adv: batadv0: Adding interface: batadv_slave_1
[  522.369893][T10201] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  522.397435][T10201] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  522.586434][   T53] Bluetooth: hci4: command tx timeout
[  522.620897][T10201] hsr_slave_0: entered promiscuous mode
[  522.628364][T10201] hsr_slave_1: entered promiscuous mode
[  522.642820][T10201] debugfs: 'hsr0' already exists in 'hsr'
[  522.680425][T10201] Cannot create hsr debugfs directory
[  523.562663][ T3507] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  523.645678][T10277] netlink: 192 bytes leftover after parsing attributes in process `syz.7.939'.
[  523.962544][T10277] netdevsim netdevsim7: Direct firmware load for ..€ failed with error -2
[  523.971303][T10277] netdevsim netdevsim7: Falling back to sysfs fallback for: ..€
[  524.209435][ T3507] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  524.580603][ T3507] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  524.667899][   T53] Bluetooth: hci4: command tx timeout
[  524.678560][T10282] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  524.683730][    T9] wg1 speed is unknown, defaulting to 1000
[  524.693149][    T9] syz0: Port: 1 Link DOWN
[  524.868244][ T3507] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  526.196228][ T5846] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  526.209540][ T5846] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  526.223499][ T5846] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  526.232551][ T5846] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  526.251834][ T5846] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  526.957240][ T3507] bridge_slave_1: left allmulticast mode
[  526.963055][ T3507] bridge_slave_1: left promiscuous mode
[  527.021459][ T3507] bridge0: port 2(bridge_slave_1) entered disabled state
[  527.128746][ T3507] bridge_slave_0: left allmulticast mode
[  527.166164][ T3507] bridge_slave_0: left promiscuous mode
[  527.172174][ T3507] bridge0: port 1(bridge_slave_0) entered disabled state
[  528.375510][ T5846] Bluetooth: hci3: command tx timeout
[  528.734090][T10314] loop8: detected capacity change from 0 to 256
[  528.742228][T10314] exfat: Deprecated parameter 'namecase'
[  528.810238][T10314] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0xbe66f6fd, utbl_chksum : 0xe619d30d)
[  529.131837][ T5906] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[  529.347946][ T5906] usb 9-1: config 0 has an invalid interface number: 176 but max is 2
[  529.358561][ T5906] usb 9-1: config 0 has no interface number 1
[  529.364768][ T5906] usb 9-1: New USB device found, idVendor=05c6, idProduct=9205, bcdDevice=29.ac
[  529.412860][ T5906] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  529.447926][ T5906] usb 9-1: config 0 descriptor??
[  529.512181][ T3507] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  529.531966][ T3507] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  529.555777][ T3507] bond0 (unregistering): Released all slaves
[  529.606737][T10305] syz_tun: entered allmulticast mode
[  529.621335][T10306] dvmrp8: entered allmulticast mode
[  529.650249][T10316] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  529.668253][ T5906] qcserial 9-1:0.2: Qualcomm USB modem converter detected
[  529.826431][T10305] syz_tun: left allmulticast mode
[  530.487768][ T5846] Bluetooth: hci3: command tx timeout
[  530.974021][T10297] wg1 speed is unknown, defaulting to 1000
[  531.073461][T10331] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  531.134130][T10334] vivid-002: disconnect
[  531.913236][T10334] vivid-002: reconnect
[  531.930652][ T5906] usb 9-1: USB disconnect, device number 11
[  531.942883][ T5906] qcserial 9-1:0.2: device disconnected
[  532.242043][ T3507] hsr_slave_0: left promiscuous mode
[  532.316331][ T3507] hsr_slave_1: left promiscuous mode
[  532.367126][ T3507] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  532.394020][ T3507] batman_adv: batadv0: Removing interface: batadv_slave_0
[  532.423117][ T3507] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  532.446299][ T3507] batman_adv: batadv0: Removing interface: batadv_slave_1
[  532.546595][ T5846] Bluetooth: hci3: command tx timeout
[  532.737455][ T3507] veth1_macvtap: left promiscuous mode
[  532.794123][ T3507] veth0_macvtap: left promiscuous mode
[  532.834217][ T3507] veth1_vlan: left promiscuous mode
[  532.853299][ T3507] veth0_vlan: left promiscuous mode
[  534.095204][T10350] 9pnet_fd: Insufficient options for proto=fd
[  534.167223][T10351] netlink: 4 bytes leftover after parsing attributes in process `syz.5.959'.
[  639.445857][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  639.452918][    C0] rcu: 	1-...!: (0 ticks this GP) idle=e794/1/0x4000000000000002 softirq=58601/58601 fqs=0
[  639.464751][    C0] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P10332/1:b..l
[  639.472775][    C0] rcu: 	(detected by 0, t=10505 jiffies, g=53277, q=377 ncpus=2)
[  639.480513][    C0] Sending NMI from CPU 0 to CPUs 1:
[  639.480570][    C1] NMI backtrace for cpu 1
[  639.480591][    C1] CPU: 1 UID: 0 PID: 0 Comm: swapper/1 Not tainted syzkaller #0 PREEMPT(full) 
[  639.480616][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  639.480633][    C1] RIP: 0010:do_raw_spin_lock+0xb1/0x290
[  639.480681][    C1] Code: 06 3d ad 4e ad de 0f 85 1b 01 00 00 4c 8d 63 10 4d 89 e6 49 c1 ee 03 43 80 3c 3e 00 74 08 4c 89 e7 e8 93 c2 87 00 49 8b 04 24 <65> 48 8b 0c 25 08 20 6e 92 48 89 4c 24 10 48 39 c8 0f 84 07 01 00
[  639.480707][    C1] RSP: 0018:ffffc90000a08be0 EFLAGS: 00000046
[  639.480727][    C1] RAX: ffffffffffffffff RBX: ffff8880b8927ac0 RCX: 1ffff92000141180
[  639.480744][    C1] RDX: 0000000000000000 RSI: ffffffff8d8f29f0 RDI: ffff8880b8927ac0
[  639.480760][    C1] RBP: ffffc90000a08c90 R08: 0000000000000000 R09: ffffffff81ada832
[  639.480776][    C1] R10: dffffc0000000000 R11: fffffbfff1ef9a8f R12: ffff8880b8927ad0
[  639.480793][    C1] R13: dffffc0000000000 R14: 1ffff11017124f5a R15: dffffc0000000000
[  639.480814][    C1] FS:  0000000000000000(0000) GS:ffff88812623e000(0000) knlGS:0000000000000000
[  639.480832][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  639.480847][    C1] CR2: 00002000002e0030 CR3: 00000000505a7000 CR4: 0000000000350ef0
[  639.480865][    C1] Call Trace:
[  639.480876][    C1]  <IRQ>
[  639.480888][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.480919][    C1]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  639.480949][    C1]  ? advance_sched+0x9f8/0xc90
[  639.480973][    C1]  ? advance_sched+0x9f8/0xc90
[  639.481003][    C1]  _raw_spin_lock_irq+0xae/0xf0
[  639.481032][    C1]  ? __pfx__raw_spin_lock_irq+0x10/0x10
[  639.481062][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.481089][    C1]  __hrtimer_run_queues+0x602/0xc60
[  639.481116][    C1]  ? ktime_get_update_offsets_now+0x67/0x3d0
[  639.481155][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.481193][    C1]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  639.481217][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.481243][    C1]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.481275][    C1]  hrtimer_interrupt+0x45b/0xaa0
[  639.481318][    C1]  __sysvec_apic_timer_interrupt+0x10b/0x410
[  639.481349][    C1]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  639.481380][    C1]  </IRQ>
[  639.481387][    C1]  <TASK>
[  639.481396][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  639.481420][    C1] RIP: 0010:do_idle+0x445/0x510
[  639.481444][    C1] Code: 45 31 00 fb be f0 ff ff ff 48 8b 7c 24 18 e8 62 91 ad 06 f0 80 0b 40 48 c7 44 24 60 00 00 00 00 9c 8f 44 24 60 f6 44 24 61 02 <0f> 85 13 fd ff ff 90 0f 0b 90 e8 2c 45 31 00 fb e9 04 fd ff ff 90
[  639.481462][    C1] RSP: 0018:ffffc90000197e00 EFLAGS: 00000202
[  639.481481][    C1] RAX: ab0d4151be5dab00 RBX: ffff88801c6cdac0 RCX: ab0d4151be5dab00
[  639.481498][    C1] RDX: 0000000000000000 RSI: ffffffff8d70bf53 RDI: ffffffff8bbf05e0
[  639.481514][    C1] RBP: ffffc90000197f10 R08: ffffffff8f7cd477 R09: 1ffffffff1ef9a8e
[  639.481531][    C1] R10: dffffc0000000000 R11: fffffbfff1ef9a8f R12: ffffffff8f7cd470
[  639.481548][    C1] R13: 0000000000000001 R14: 0000000000000001 R15: 1ffff110038d9b58
[  639.481576][    C1]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  639.481599][    C1]  ? lockdep_hardirqs_on+0x9c/0x150
[  639.481629][    C1]  ? __pfx_do_idle+0x10/0x10
[  639.481659][    C1]  ? do_idle+0xc/0x510
[  639.481684][    C1]  cpu_startup_entry+0x44/0x60
[  639.481709][    C1]  start_secondary+0x101/0x110
[  639.481744][    C1]  common_startup_64+0x13e/0x147
[  639.481787][    C1]  </TASK>
[  639.482542][    C0] task:syz.6.953       state:R  running task     stack:24904 pid:10332 tgid:10329 ppid:7842   task_flags:0x40044c flags:0x00080001
[  639.834588][    C0] Call Trace:
[  639.837897][    C0]  <TASK>
[  639.840844][    C0]  __schedule+0x1798/0x4cc0
[  639.845722][    C0]  ? free_pages_and_swap_cache+0x4be/0x520
[  639.851551][    C0]  ? __pfx_free_pages_and_swap_cache+0x10/0x10
[  639.857993][    C0]  ? __pfx___schedule+0x10/0x10
[  639.862870][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.868572][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.874222][    C0]  ? __lock_acquire+0xab9/0xd20
[  639.879087][    C0]  ? preempt_schedule+0xae/0xc0
[  639.883949][    C0]  preempt_schedule_common+0x83/0xd0
[  639.889250][    C0]  preempt_schedule+0xae/0xc0
[  639.893945][    C0]  ? __pfx_preempt_schedule+0x10/0x10
[  639.899521][    C0]  preempt_schedule_thunk+0x16/0x30
[  639.904767][    C0]  _raw_spin_unlock+0x3f/0x50
[  639.909494][    C0]  unmap_page_range+0x3a7f/0x4370
[  639.914570][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.920231][    C0]  ? __pfx_unmap_page_range+0x10/0x10
[  639.925665][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.931306][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.937131][    C0]  ? unmap_vmas+0x144/0x580
[  639.941656][    C0]  unmap_vmas+0x399/0x580
[  639.946080][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.951824][    C0]  ? __pfx_unmap_vmas+0x10/0x10
[  639.956716][    C0]  exit_mmap+0x240/0xb40
[  639.960976][    C0]  ? uprobe_clear_state+0x20f/0x290
[  639.966188][    C0]  ? __pfx_exit_mmap+0x10/0x10
[  639.970975][    C0]  ? __mutex_unlock_slowpath+0x1a1/0x740
[  639.976666][    C0]  ? __pfx_exit_aio+0x10/0x10
[  639.981379][    C0]  ? uprobe_clear_state+0x27c/0x290
[  639.986589][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  639.992246][    C0]  __mmput+0x118/0x430
[  639.996332][    C0]  exit_mm+0x1da/0x2c0
[  640.000422][    C0]  ? __pfx_exit_mm+0x10/0x10
[  640.005129][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.010869][    C0]  ? rcu_is_watching+0x15/0xb0
[  640.015744][    C0]  do_exit+0x648/0x2300
[  640.019923][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.025654][    C0]  ? do_raw_spin_lock+0x121/0x290
[  640.030702][    C0]  ? __pfx_do_exit+0x10/0x10
[  640.035331][    C0]  do_group_exit+0x21c/0x2d0
[  640.040036][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.045689][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.050904][    C0]  get_signal+0x1285/0x1340
[  640.055437][    C0]  arch_do_signal_or_restart+0xa0/0x790
[  640.061012][    C0]  ? __pfx_arch_do_signal_or_restart+0x10/0x10
[  640.067271][    C0]  ? exit_to_user_mode_loop+0x40/0x130
[  640.073112][    C0]  exit_to_user_mode_loop+0x72/0x130
[  640.078433][    C0]  do_syscall_64+0x2bd/0xfa0
[  640.083045][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.088261][    C0]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.094775][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.100437][    C0]  ? exc_page_fault+0xab/0x100
[  640.105330][    C0]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  640.111235][    C0] RIP: 0033:0x7fc00478efc9
[  640.115670][    C0] RSP: 002b:00007fc0056ed038 EFLAGS: 00000246 ORIG_RAX: 000000000000012b
[  640.124188][    C0] RAX: 0000000000010106 RBX: 00007fc0049e6090 RCX: 00007fc00478efc9
[  640.132184][    C0] RDX: 0000000000010106 RSI: 00002000000000c0 RDI: 0000000000000005
[  640.140338][    C0] RBP: 00007fc004811f91 R08: 0000000000000000 R09: 0000000000000000
[  640.148312][    C0] R10: 0000000000000002 R11: 0000000000000246 R12: 0000000000000000
[  640.156286][    C0] R13: 00007fc0049e6128 R14: 00007fc0049e6090 R15: 00007ffd146061b8
[  640.164515][    C0]  </TASK>
[  640.167737][    C0] rcu: rcu_preempt kthread starved for 10505 jiffies! g53277 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  640.178947][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  640.189094][    C0] rcu: RCU grace-period kthread stack dump:
[  640.194984][    C0] task:rcu_preempt     state:R  running task     stack:27192 pid:16    tgid:16    ppid:2      task_flags:0x208040 flags:0x00080000
[  640.208556][    C0] Call Trace:
[  640.211846][    C0]  <TASK>
[  640.214780][    C0]  __schedule+0x1798/0x4cc0
[  640.219334][    C0]  ? __pfx___schedule+0x10/0x10
[  640.224379][    C0]  ? schedule+0x91/0x360
[  640.228676][    C0]  ? schedule+0x91/0x360
[  640.232952][    C0]  schedule+0x165/0x360
[  640.237560][    C0]  schedule_timeout+0x12b/0x270
[  640.242420][    C0]  ? __pfx_schedule_timeout+0x10/0x10
[  640.247796][    C0]  ? preempt_schedule+0xae/0xc0
[  640.252663][    C0]  ? __pfx_process_timeout+0x10/0x10
[  640.257968][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.263957][    C0]  ? prepare_to_swait_event+0x341/0x380
[  640.269546][    C0]  rcu_gp_fqs_loop+0x301/0x1540
[  640.274427][    C0]  ? __pfx_rcu_gp_init+0x10/0x10
[  640.279466][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.284811][    C0]  ? __pfx_rcu_gp_fqs_loop+0x10/0x10
[  640.290104][    C0]  ? _raw_spin_unlock_irq+0x2e/0x50
[  640.295331][    C0]  ? finish_swait+0xcd/0x1f0
[  640.299946][    C0]  rcu_gp_kthread+0x99/0x390
[  640.304743][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  640.310158][    C0]  ? __kthread_parkme+0x7b/0x200
[  640.315119][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.320864][    C0]  ? __kthread_parkme+0x1a1/0x200
[  640.326177][    C0]  kthread+0x711/0x8a0
[  640.330373][    C0]  ? __pfx_rcu_gp_kthread+0x10/0x10
[  640.335582][    C0]  ? __pfx_kthread+0x10/0x10
[  640.340189][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.345843][    C0]  ? _raw_spin_unlock_irq+0x23/0x50
[  640.351067][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  640.356852][    C0]  ? lockdep_hardirqs_on+0x9c/0x150
[  640.362156][    C0]  ? __pfx_kthread+0x10/0x10
[  640.366765][    C0]  ret_from_fork+0x4bc/0x870
[  640.371370][    C0]  ? __pfx_ret_from_fork+0x10/0x10
[  640.376496][    C0]  ? __switch_to_asm+0x39/0x70
[  640.381263][    C0]  ? __switch_to_asm+0x33/0x70
[  640.386021][    C0]  ? __pfx_kthread+0x10/0x10
[  640.390798][    C0]  ret_from_fork_asm+0x1a/0x30
[  640.395675][    C0]  </TASK>
[  640.398698][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  640.405019][    C0] CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0 PREEMPT(full) 
[  640.414034][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  640.424190][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  640.429937][    C0] Code: 5e 33 ca f5 cc cc cc 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 90 f3 0f 1e fa 66 90 0f 00 2d 33 21 22 00 f3 0f 1e fa fb f4 <e9> 33 33 ca f5 cc cc cc cc cc cc cc cc 90 90 90 90 90 90 90 90 90
[  640.449647][    C0] RSP: 0018:ffffffff8dc07d80 EFLAGS: 000002c6
[  640.455835][    C0] RAX: 8f57e16d61ed5d00 RBX: ffffffff81967be7 RCX: 8f57e16d61ed5d00
[  640.463819][    C0] RDX: 0000000000000001 RSI: ffffffff8d70bf53 RDI: ffffffff8bbf05e0
[  640.471807][    C0] RBP: ffffffff8dc07ea8 R08: ffff8880b8832fdb R09: 1ffff110171065fb
[  640.479985][    C0] R10: dffffc0000000000 R11: ffffed10171065fc R12: ffffffff8f7cd470
[  640.488172][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1b92a40
[  640.496255][    C0] FS:  0000000000000000(0000) GS:ffff88812613e000(0000) knlGS:0000000000000000
[  640.505289][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  640.511891][    C0] CR2: 0000001b3390fff8 CR3: 0000000058e5b000 CR4: 0000000000350ef0
[  640.520052][    C0] Call Trace:
[  640.523602][    C0]  <TASK>
[  640.526542][    C0]  default_idle+0x13/0x20
[  640.530907][    C0]  default_idle_call+0x73/0xb0
[  640.535779][    C0]  do_idle+0x1e7/0x510
[  640.539870][    C0]  ? __pfx_do_idle+0x10/0x10
[  640.544491][    C0]  cpu_startup_entry+0x44/0x60
[  640.549438][    C0]  rest_init+0x2de/0x300
[  640.553782][    C0]  start_kernel+0x3ae/0x410
[  640.558325][    C0]  x86_64_start_reservations+0x24/0x30
[  640.563895][    C0]  x86_64_start_kernel+0x143/0x1c0
[  640.569145][    C0]  common_startup_64+0x13e/0x147
[  640.574130][    C0]  </TASK>