last executing test programs:

48.153850905s ago: executing program 3 (id=1722):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r2 = socket$inet6(0xa, 0x3, 0x11)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, 0x0, 0x0)
sendmmsg(r2, &(0x7f0000000480), 0x21, 0x0)
r3 = syz_create_resource$binfmt(&(0x7f0000000e40)='./file0\x00')
openat$binfmt(0xffffff9c, r3, 0x41, 0x1ff)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! ']})

42.910362902s ago: executing program 4 (id=1727):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) (async)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff) (async, rerun: 32)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) (rerun: 32)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000001c0)={@cgroup=<r2=>r1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000200)={@cgroup=r2, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40) (async)
r3 = dup(r0)
io_setup(0x19, &(0x7f00000009c0)=<r4=>0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) (async)
io_submit(r4, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}]) (async)
write$sndseq(r3, &(0x7f00000004c0)=[{0x4, 0x0, 0x0, 0xfe, @time={0x9, 0x2}, {}, {}, @time=@time}, {0x3, 0x0, 0x3, 0x0, @time, {}, {}, @ext={0x0, 0x0}}], 0x38) (async)
r5 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
ioctl$RTC_WKALM_SET(r5, 0x4028700f, &(0x7f0000000080)={0x0, 0x0, {0x0, 0x2e, 0xfffffffe, 0x4, 0x0, 0x800}})

42.151431255s ago: executing program 4 (id=1731):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r0, &(0x7f0000001000)=ANY=[], 0xff2e)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f00000000c0)=0x81)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "df3f0400000000000000000000000609000040"})
r1 = syz_open_pts(r0, 0x0)
syz_mount_image$tmpfs(0x0, &(0x7f0000000100)='./file0\x00', 0x1000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_emit_ethernet(0xbe, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaffffffffffff0800450000b00000000000119078ac141400ac1414aa00000000004d907801000000000000008e9b985d33b16266b5efb88aaa87eda081bac8b2f9a49d564054f1c9218f47b3cf8743eb4d9e776f94a6a58d36e006ac614f6f7bce9217cbfea31675d4a860cf6003977b1e4dbb16dc31cc76522bf19d5043edd2a8cc8c41345f93eb1a7a8e23043b8a465b1ed5bf8bc91307c7193f7edd1efc4742dc481e6f57f901948177bcc5dea4029ba4683a6bdcd7a1"], 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r2 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000090024206d041cc340000000000109022400010000a000090400000103010100092100080001220100090581"], 0x0)
syz_usb_disconnect(r2)
syz_usb_connect(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000bc9cbf40480b0320"], 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000280)='./file0\x00', &(0x7f0000000000)='./file0/../file0/file0\x00', 0x0, 0x2879c03, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000059010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a3100000d0058000000060a010400000000000000000100000008000b4000000000300004802c000180090001007866726d000000001c0002800800014000000000080002400000000505000300020000000900010073797a30"], 0xcc}}, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)='./file0\x00', 0x0, 0x1adc51, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000400)='./file0/../file0/file0\x00', 0x0, 0x2885013, 0x0)
r4 = syz_open_procfs(0x0, &(0x7f00000001c0)='mounts\x00')
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1a10f16, &(0x7f0000000440)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x200000}}, {@mblk_io_submit}, {@grpjquota_path}, {@resuid}, {@nolazytime}, {@usrjquota}, {@usrjquota}, {@min_batch_time={'min_batch_time', 0x3d, 0x100409e}}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x2}}]}, 0xff, 0x46d, &(0x7f0000001bc0)="$eJzs289vVEUcAPDve7sFBGUrIgqCVNGk8UdLCyoHE6PRxIMmJnrAY20LQRZqaE2ENFqNwaMh8W48mvgXePJk1JOJVzyaGBKixAT04pq3+17pLrullYXddD+fZGFm3+zMfPvevJ2d2Q1gYI1k/yQRd0fExYioNLLNBUYa/127sjj995XF6SRqtTf/SOrlrl5ZnK7litdty+scTSPST5O8kRhaWe382XMnp6rV2TN5fnzh1Hvj82fPPX3i1NTx2eOzpyePHDl8aOK5ZyefadPr3y6sN84svqt7Ppzbu/vVty+8Pn30wjs/fpP1d9e+xvEsjvXWeTMjWeB/Nv42rcce73ZjPfZv7XqcSbnXvWGtShFRzgfnxahEKa6fvEq88klPOwfcVtk9e3Pnw0s1YANLotc9AHqjeKPPPv8Wjzs09egLl19sfADK4r6WPxpHypE2Pho1L1x02UhEHF3658vsES3rELU26wYAALfqu2z+81S7+V8au1aU257vDQ1HxL0RsSMi7ouInRFxf0S97AMR8WCnhjpMokZa8jfOP9NL/zu4Ncjmf8/ne1vN87+0KDJcynP31OMfSo6dqM4ezP8mozG0OctPtKu8qOLlXz7v1P7K+V/2yNov5oJ5JZfKjQW6LcUzM1MLU92alF7+OGJPuV38yfJOQBIRuyNiz/qq3l4kTjzx9d5OhW4e/yq6sM9U+6qoZHEpWuIvJKvvT45vierswfHiqrjRTz+ff6NT+7cUfxdk539r8/XfUqLyV7Jyv3Z++cALa23j/K+fdfxMWV779b8su/43JW/V93Q35c99MLWwcGYiYlPyWj3f9Pzk9dcW+aJ8Fv/ogfbjf0f+miz+hyIiu4j3RcTDEbE/P3ePRMSjEXFglfh/eOmxdzsd64fzP9P2/rd8/Q83n//1J0onv/+2U/tru/8drqdG82fq97+b6Nyd4jbacjUDAADABpbWvxufpGPL6TQdG2t8h39nbE2rc/MLTx6be//0TOM79MMxlBYrXZUV66ETyVJeYyM/ma8VF8cP5evGX5TuqufHpueqMz2OHQbdtg7jP/N7qde9A247v9eCwdU6/tMe9QO487z/w+Ay/mFwGf8wuNqN/49a8vYCYCOqVXrdA6B3zP9hcBn/MLiMfxhIt/K7/tuVKK/y632JfklE2hfd6JvE/j4aTeUujO4e35gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC65L8AAAD///Uk+Ss=")
read$FUSE(r4, &(0x7f0000004680)={0x2020}, 0x204f)
r5 = dup3(r1, r0, 0x0)
syz_emit_vhci(&(0x7f0000000240)=@HCI_VENDOR_PKT, 0x2)
landlock_create_ruleset(&(0x7f00000000c0), 0x2, 0x0)
ioctl$TCFLSH(r5, 0x540b, 0x2)

36.90023061s ago: executing program 4 (id=1739):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe(0x0)
pipe(&(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000100))
removexattr(0x0, 0x0)
truncate(0x0, 0xfe0)
tee(r1, 0xffffffffffffffff, 0x8, 0x0)
write$binfmt_script(r2, 0x0, 0xfffffe48)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000040)='./file1\x00', 0x1000806, &(0x7f00000017c0)={[{@dmask={'dmask', 0x3d, 0x80800000}}, {@errors_continue}, {@gid={'gid', 0x3d, 0xee01}}, {@iocharset={'iocharset', 0x3d, 'iso8859-5'}}, {@gid}, {@discard}, {@errors_continue}, {@errors_remount}, {@namecase}, {@fmask={'fmask', 0x3d, 0x3}}, {@umask}, {@discard}]}, 0x9, 0x1503, &(0x7f0000000180)="$eJzs3AnYjtX2MPC19t43L6EnybzXXjdPMmySJJKQIUmSJMmUkCRJEpIpUxKSkDnJHJIpJPM8ZU6SI0mSkJCwv0vH+XzndDp9/+90Pue63vW7rn3Zy/Os9az7We8z3e/wXbuBlepULl+LmeHfgn/9pysApABAHwC4FgAiACieuXjmS5en09j137sR8ed6eMrV7kBcTTL/1E3mn7rJ/FM3mX/qJvNP3WT+qZvMP3WT+QuRmm2ZmuM6Wal3yfn/1Exe/1M3mX/qJvNP3WT+qZvMPzVjmX8qJ/NP3WT+qZvMX4jU7E85j5z2crH/gvPZ/4H1t7vqavfxByv6f8q7el95QgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCFSk7PhCgMAf9tf7b6EEEIIIYQQQgjx5wlpr3YHQgghhBBCCCGE+M9DAKPBQARpIC2kQDpID9dABsgImeBaSMB1kBmuhyxwA2SFbJAdckBOyAW5wQKBA4YY8kBeSMKNkA9ugvxQAApCIfBQGIrAzVAUboFicCsUh9ugBNwOJaEU3AGl4U4oA3dBWSgH5eFuqAAVoRJUhnugCtwLVeE+qAb3Q3V4AGrAg1ATHoJa8DDUhkegDjwKdeExqAf1oQE0hEb/PF//6/yXoBO8DJ2hi750D3SHV6AH9IRe0Bv6wKvQF16DfvA69IcBMBDegEHwJgyGt2AIDIVh8DYMhxEwEkbBaBgDY+EdGAfvwnh4DybARJgEk2EKTIVp8D5MhxkwEz6AWfAhzIY5MBfmwXz4CBbAQlgEH8Ni+ASWwFJYBsthBayEVbAa1sBaWAfrYQNshE2wGbbAp7AVtsF22AE7YRfshs9gD3wOe+EL2Adf/g/zz/xDfnsEBFSo0KDBNJgGUzAF02N6zIAZMBNmwgQmMDNmxiyYBbNiVsyO2TEn5sTcmBsJCRkZ82AeTGIS82E+zI/5sSAWRI8ei2ARLIq3YDEshsWxOJbAElgSS2EpLI2lsQyWwbJYFsvfPgcAK2AlrIT34D14L1bFqlgNq2F1rI41sAbWxJpYC2thbayNdbAO1sW6WA/rYQNsgI2wETbGxtgEm2AzbIbNsTm2wBbYEltiK2yFrbE1tsE22BbbYjtsh+2xA3bAl/AlfBlfxi5YQXXD7tgde2AP7IW9sTe+in3xNXwNX8f+OAAH4hv4Br6Jg/E0DsGhOAyHYRk1AkfiKGQ1BsfiWByH43A8jscJOBEn4mScglNxGk7D6TgDZ+AHOAs/xA9xDs7BeTgf5+MCXIiLcBEuxjO4BJfiMlyOK3AlrsDVuAZX4zr1t4fmZtyMn+KnuA234Q7cgbtwF36Gn+Hn+Dn2x324D/fjfjyAB/AgHsRDeAgP42E8gkfwKB7FY3gMj+MJPIkn8BSewtN4Bs/iWTyH5/A8vpDzm9q7CqztD+oSo4xKo9KoFJWi0qv0KoPKoDKpTCqhEiqzyqyyqCwqq8qqsqvsKqfKqXKr3IoUKVaxyqPyqKRKqnwqHwB0VQVVQeWVV0VUEVVUFVXFVDFVXN2mSqjbVUlVSjX1pVVpVUY182VVOVVelVcVVEVVSVVWlVUVVUVVVVVVNVVNVVfVVQ31oKqpumEvfFhdmkwdNQDrqoFYT9VXDVRD9SY+rhqrwdhENVXN1JNqKA7BFqqxb6meUa3USGytnlOj8HnVVo3BdupF1V51UB3VS6qTauI7qy5qAnZT3dVk7KF6ql6qt5qOFdWliVVSr6v+aoAaqN5Q8/BNNVi9pYaooWqYelsNVyPUSDVKjVZj1Fj1jhqn3lXj1XtqgpqoJqnJaoqaqqap99V0NUPNVB+oWepDNVvNUXPVPDVffaQWqIVqkfpYLVafqCVqqVqmlqsVaqVapVarNWqtWqfWqw1qo9qkNqst6lO1VW1T29UOtVPtUrvVZ2qP+lztVV+ofepLtV/9RR1QX6mD6mt1SH2jDqtv1RH1nTqqvlfHVBd1XJ1QJ9WP6pT6SZ1WZ9RZ9bM6p35R59UFdVEFBRq10lobHek0Oq1O0el0en2NzqAz6kz6Wp3Q1+nM+nqdRd+gs+psOrvOoXPqXDq3tpq006xjnUfn1Ul9o86nb9L5dQFdUBfSXhfWRfTNuqi+RRfTt+ri+jZdQt+uS+pS+g5dWt+py+i7dFldTpfXd+sKuqKupCvre3QVfa+uqu/T1fT9urp+QNfQD+qa+iFdSz+sa+tHdB39qK6rH9P1dH3dQDfUjfTjurF+QjfRTXUz/aRurp/SLfTTuqV+RrfSz+rW+jndRj+v2+oXdDv9om6vO+iO+oK+qIPurLvorrqb7q5f0T10T91L99Z99Ku6r35N99Ov6/56gB6o39CD9Jt6sH5LD9FD9TD9th6uR+iRepQercfosfodPU6/q8fr9/QEPVFP0pP1FD1V97pcaealfAP/Mv/df5Lf79db36y36E/1Vr1Nb9c79E69S+/Wu/UevUfv1Xv1Pr1P79f79QF9QB/UB/UhfUgf1of1EX1EH9VH9TF9TB/XJ/TP+kd9Sv+kT+sz+oz+WZ/T5/T5y/cBGDTKaGNMZNKYtCbFpDPpzTUmg8loMplrTcJcZzKb600Wc4PJarKZ7CaHyWlymdzGGjLOsIlNHpPXJM2NJp+5yeQ3BUxBU8h4U9gUMTf/Xn50+RnuD/N/p7/lky7nNzKNTGPT2DQxTUwz08w0N81NC9PCtDQtTSvTyrQ2rU0b08a0NW1NO9POtDftTUfT0XQynUxnBNPVdDXdzSumh+lpepnepo951fQ1fU0/08/0N/3NQDPQDDKDzGAz2AwxQ8wwM8wMN8PNSDPSjDajzVgz1owz48x4M95MMBPMJDPJTDFTzKUX1ktmmplmlpllZpvZZq6Za+ab+WaBWWAWmUVmsVlslpilZqlZbpablWalWW1Wm7VmrVlv1puNZqNZYraYLWar2Wq2m+1mp9lpdpvdZo/ZY/aavWaf2Wf2m/3mgDlgDpqD5pA5ZA6bw+aIOWKOmqPmmDlmjpvj5qQ5aU6ZU+a0OW3OmrPmnDlnzpvz5qK5eOltX6QiFZnIRGmiNFFKlBKlj9JHGaIMUaYoU5SIElHmKHOUJbohyhpli7JHOaKcUa4od2QjilzEURzlifJGyejGKF90U5Q/KhAVjApFPiocFYlujopGt0TFoluj4tFtUYno9qhkVCq6Iyod3RmVie6KykblovLR3VGFqGJUKaoc3RNVie6Nqkb3RdWi+6Pq0QNRjejBqGb0UFQrejiqHT0S1YkejepGj0X1ovpRg6hh1OhPrR/C6WxP+M62i00L3Wx3+4rtYXvaXra37WNftX3ta7affd32twPsQPuGHWTftIPtW3aIHWqH2bftcDvCjrSj7Gg7xo6179hx9l073r5nJ9iJdpKdbKfYqXaafd9OtzPsTPuBnWU/tLPtHDvXzrPz7Ud2gV1oF9mP7WL7iV1il9pldrldYVfaVXa1XWPX2nV2vd1gN9pNdrPdYj+1W+02u93usDvtLrvbfmb32M/tXvuF3We/tPvtX+wB+5U9aL+2h+w39rD91h6x39mj9nt7zP5gj9sT9qT90Z6yP9nT9ow9a3+25+wv9ry9YC/aX3/899LLOxkylIbSUAqlUHpKTxkoA2WiTJSgBGWmzJSFslBWykrZKTvlpJyUm3LTJUxMeSgPJSlJ+Sgf5af8VJAKkidPRagIFaWiVIyKUXEqTiWoxOVHC9CddCfdRXdROSpHd9PdVJEqUmWqTFWoClWlqlSNqlF1qk41qAbVpJpUi2pRbapNdagO1aW6VI/qUQNqQI2oETWmxtSEmlAzakbNqTm1oBbUklpSK2pFrak1taE21JbaUjtqR+2pPXWkjtSJOlFn6kxdqSt1p+7Ug3pQL+pFfagP9aW+1I/6UX/qTwNpIA2iQTSYBtMQGkrD6G0aTiNoJI2i0TSGxtJYGkfjaDyNpwk0gSbRJJpCU2gaTaPpNJ1m0kyaRbNoNs2muTSX5tN8WkALaBEtosW0mJbQElpGy2gFraBVtIrW0BpaR+toA22gTbSJttAW2kpbaTttp520k3bTbtpDe2gv7aV9tI/20346QAfoIB2kQ3SIDtNhOkJH6CgdpWN0jI7TcTpJJ+kUnaLTdJrO0lk6R7/QebpAFylQikvn0rtrXAaX0WVy17p/jLO7HC6ny+VyO+uyumx/F5NzLr8r4Aq6Qs67wq6Iu/k3cUlXyt3hSrs7XRl3lyv7m7iKu9dVdfe5au5+V9nd83dxdfeAq+EedTXdY66Wq+9qu4aujnvU1XWPuXquvmvgGrrm7inXwj3tWrpnXCv37G/iBW6hW+PWunVuvdvjPndn3c/uiPvOnXO/uM6ui+vjXnV93Wuun3vd9XcDfhMPc2+74W6EG+lGudFuzG/iSW6ym+KmumnufTfdzfhNPN995Ga5RW62m+Pmunm/xpd6WuQ+dovdJ26JW+qWueVuhVvpVrnV/7vX5W6j2+Q2u93uM7fVbXPb3Q630+36Nb50HHvdF26f+9Iddt+6A+4rd9AddYfcN7/Gl47vqPveHXM/uOPuhDvpfnSn3E/utDvz6/FfOvYf3QV30QUHjKxYs+GI03BaTsfpOD1fwxk4I2fiaznB13Fmvp6z8A2clbNxds7BOTkX52bLxI6ZY87DeTnJN3I+vonzcwEuyIXYc2EuwjdzUb6Fi/GtXJxv4xJ8O5fkUnwHl+Y7uQzfxWW5HJfnu7kCV+RKXJnv4Sp8L1fl+7ga38/V+QGuwQ9yTX6Ia/HDXJsf4Tr8KNflx7ge1+cG3JAb8ePcmJ/gJtyUm/GT3Jyf4hb8NLfkZ7gVP8ut+Tluw89zW36B2/GL3J47cEd+iTvxy9yZu3BX7sbd+RXuwT25F/fmPvwq9+XXuB+/zv15AA/kN3gQv8mD+S0ewkN5GL/Nw3kEj+RRPJrH8Fh+h8fxuzye3+MJPJEn8WSewlN5Gr/P03kGz+QPeBZ/yLN5Ds/leTyfP+IFvJAX8ce8mD/hJbyUl/FyXsEreRWv5jW8ltfxet7AG3kTb+Yt/Clv5W2MvIN38i7ezZ/xHv6c9/IXvI+/5P38Fz7AX/FB/poP8Td8mL/lI/wdH+Xv+Rj/wMf5BJ/kH/kU/8Sn+Qyf5Z/5HP/C5/kCX+TAEGOsYh2bOIrTxGnjlDhdnD6+Js4QZ4wzxdfGifi6OHN8fZwlviHOGmeLs8c54pxxrjh3bGOKXcxxHOeJ88bJ+MY4X3xTnD8uEBeMC8U+LhwXiW+Oi8a3xMXiW+Pi8W1xifj2uGRcKn70/tLxnXGZ+K64bFwuLh/fHVeIK8aV4srxPXGV+N64anxfXC2+Py4WPxDXiB+Ma8YPxbXih+Pa8SNxnfjRuG78WFwvrh83iBvGjeLH48bxE3GTuGncLH4ybh4/FbeIn45bxs/EreJn//DyrnG3uHv8SvxKHMJ9em5yXnJ+8qPkguTC5KLkx8nFyU+SS5JLk8uSy5MrkiuTq5Krk2uSa5PrkuuTG5Ibk5uSm5MhVE4LHr3y2hsf+TQ+rU/x6Xx6f43P4DP6TP5an/DX+cz+ep/F3+Cz+mw+u8/hc/pcPre3nrzz7GOfx+f1SX+jz+dv8vl9AV/QF/LeF/ZFfEPfyDfyjf0Tvolv6pv5J/2T/in/lH/aP+2f8a38s761f8638c/7tv4F/4J/0bf3HXxH/5Lv5F/2nX0X39V39d19d9/D9/C9fC/fx/fxfX1f38/38/39BT/QD/SD/CA/2A/2Q/wQP8wP88P9cD/Sj/Sj/Wg/1o/14/w4P96P9xNSJvhJfpKf4qf4aX6an+6n+5l+pp+Vf5af7Wf7uX6un+/n+wV+gV/kF/nFfrFf4pf4ZX6ZX+FX+FV+lV/j1/h1fp3f4Df4TX6T3+K3+K1+q9/ut/udfqff7Xf7PX6P3+v3+n0+hNBl/9ngD/iD/mt/yH/jD/tv/RH/nT/qv/fH/A/+uD/hT/of/Sn/kz/tz/iz/md/zv/iz/sL/qIPfmzincS4xLuJ8Yn3EhMSExOTEpMTUxJTE9MS7yemJ2YkZiY+SMxKfJiYnZiTmJuYl5if+CixILEwsSjxcWJx4pPEksTSxLLE8sSKxMpECLm2xiFPyBuS4caQL9wU8ocCoWAoFHwoHIqEm0PRcEsoFm4NxcNtoUS4PZQMpcId4bFQL9QPDULD0Cg8HhqHJ0KT0DQ0C0+G5uGp0CI8HVqGZ0Kr8GxoHZ4LbcLzoW14IbQLL4b2oUPoGF4KncLLoXPoErqGbqF7eCX0CD3DL6F36BNeDX3Da6FfeD30DwPCwPBGGBTeDIPDW2FIGBqGhbfD8DAijAyjwugwJowN74Rx4d0wPrwXJoSJYVKYHKaEqWFaeD9MDzPCzPBBmBU+DLPDnDA3zAvzw0dhQVgYFoWPw+LwSVgSloZlYXmAlJVhVVgd1oS1YV1YHzaEjWFT2By2hE/D1rAtbA87ws6wK+wOn4U94fOwN3wR9oUvw/7wl3AgfBUOhq/DofBNOBy+DUfCd+Fo+D4cCz+E4+FEOBkwnAo/hdPhTDgbfg7nwi/hfLgQLsrvrAkhhBBC/F/Rf3B5t3/yf+rygl+/dw6QcVuOQ/9Yc0PWv+57qpzNEwDwTJd2D/9tVajQtWvXy9ddoiHKOwcAElfy08CVeCk0g6egJTSFov+0v56qwzn+1/V/IwUA0sM/1r/ld+qPmPUH9aPkHID8ea/kpIMr8ZX6xX6nfrbGf1A/3VdjAZr8HzkZ4Ep8pX4ReAKehZZ/d00hhBBCCCGEEOKveqo72vzR59tLn89zmis5aeFK/Eefz4UQQgghhBBCCHH1Pd+h49OPt2zZtI1srsKmXca/TuG/pZ/f2aT572jjz9vg5bNX/y39/Kc35S4/2v8nWVftKUkIIYQQQgjxH3LlTf/V7kQIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhEi9/n/8EbKrfYxCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHE1fa/AgAA//8wQRwj")
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.current\x00', 0x275a, 0x0)
write$binfmt_script(r3, &(0x7f00000004c0), 0x208e24b)

35.464564753s ago: executing program 4 (id=1742):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)={{0x14}, [@NFT_MSG_NEWRULE={0x68, 0x6, 0xa, 0x401, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x3c, 0x4, 0x0, 0x1, [{0x38, 0x1, 0x0, 0x1, @byteorder={{0xe}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_BYTEORDER_SREG={0x8, 0x1, 0x1, 0x0, 0x4}, @NFTA_BYTEORDER_DREG={0x8}, @NFTA_BYTEORDER_LEN={0x8}, @NFTA_BYTEORDER_SIZE={0x8, 0x5, 0x1, 0x0, 0x4}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x90}}, 0x0)

20.877300959s ago: executing program 1 (id=1766):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r1 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="94000000", @ANYRES16=r4, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r5, @ANYBLOB="42000e0080000000ffffffffffff080211000000505050505050c0ff000000000000000064000aa80406000000000000060200003c0401fb28177606000000000600000008000c006400000008000d00000000000a0034000202020202020000080035000010000008007e"], 0x94}}, 0x0)
socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)={0x2c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x4}]}]}]}, 0x2c}}, 0x0)
close_range(r2, r0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000180)=0x4)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xf0003, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x7, 0x10, 0x6c, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x5, 0x9, 0xd6}, {0x6, 0x24, 0x1a, 0x4, 0x1a}, [@call_mgmt={0x0, 0x24, 0x1, 0x1, 0x23}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x3, 0x47}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x8, 0x3, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x3, 0x1, 0x8}}}}}}}]}}, &(0x7f00000003c0)={0x0, 0x0, 0x1, &(0x7f0000000100)={0x5, 0xf, 0x5}, 0x3, [{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}]})

17.257297948s ago: executing program 1 (id=1774):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x2f, 0x8, 0x1a, 0x6, 0x4, @remote, @private0, 0x7800, 0x7800, 0x8000}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x8004)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x62, 0x0, 0xffffffffffffffff, 0x0, 0x0})
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x13)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240), 0x0, 0x0, 0x0)
mremap(&(0x7f00003c6000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00000f4000/0x4000)=nil)
writev(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000200), 0x208e24b)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x800, 0x10}, 0xc)
sendto$inet(r3, &(0x7f00000000c0)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)

15.80378391s ago: executing program 2 (id=1778):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r2 = socket$inet6(0xa, 0x3, 0x11)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000004480)={{{@in6=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x3c}, 0x2, @in, 0x0, 0x1}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x21, 0x0)
r3 = syz_create_resource$binfmt(0x0)
openat$binfmt(0xffffff9c, r3, 0x41, 0x1ff)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! ']})

14.767302784s ago: executing program 2 (id=1780):
r0 = openat$sequencer2(0xffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0001, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f00000004c0))
epoll_ctl$EPOLL_CTL_MOD(r2, 0x3, r1, &(0x7f00000000c0))
r3 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
r4 = dup2(r3, r3)
r5 = syz_mount_image$ext4(&(0x7f0000000200)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0xc000, &(0x7f0000000100)={[], [{@defcontext={'defcontext', 0x3d, 'user_u'}}]}, 0x2, 0x24c, &(0x7f0000000240)="$eJzs3T1oJGUcBvBn9sNzvUVObQTxA0REA+HsBJuzUTiQ4xARVDgRsRGioAl2WSsbC61VUtkEsTNaSppgowhWEVPERtBgYbDQYmV3srJuVtRsnDkyvx9M5p2PN/93yDxvppndAI11IcmlJO0kS0m6SYrpE+4plwtHmxu9nWvJcPjkz8X4vHK7NOl3PskgycNJtltFXu4ka1vP7v+6+/j9b6927/tw65lepRd55GB/74nDD6689cnlh9a++ubHK0Uupf+X6zp9xZx9nSK59f8odp0oOnWPgH/j6hsffzvK/W1J7h3nv5tWyj/eO6/dsN3Ng+//Xd93f/r6jirHCpy+4bA7+h84GAKN00rST9FaTlK2W63l5fEz/OQx7vWll15ZXXmx7pkKOC39ZO+xz859en4m/z+0y/wDZ9co/09d3fxu1D5s1z0aoBJ3lqtR/peeX38g8g+NI//QXPIPzSX/0FzyD80l/9Bc8g9nWHfSGMw9LP/QXPIPzTU//yYCaILp/AMAzTI8V/cbyEBd6p5/AAAAAAAAAAAAAAAAAACA4zZ6O9cmS1U1v3gvOXg0SWde/fb4+4iTG8c/b/qlSGeqb1F2O4Hen63n7l5k9Iv7qNq3r4vZHTd/X2n9Y768q9766yvJ4M0kFzud4/dfcXT/ndwt/3C8+8KCBf6j2RvgkaerrT/r981661/eTT4fzT8X580/rdw+Xs+ff/rTH7F8Qq/+tuAvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoDJ/BAAA//8yWWul")
r6 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x0, 0x0)
r7 = creat(&(0x7f0000000140)='./file0\x00', 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0xe, 0x6, &(0x7f0000000000)=@framed={{0x5, 0x0, 0x0, 0x0, 0x0, 0x71, 0x11, 0x61}, [@func={0x85, 0x0, 0x1, 0x0, 0x2}, @call={0x85, 0x0, 0x0, 0x5}, @exit], {0x95, 0x0, 0x5a5}}, &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
ioctl$EXT4_IOC_MOVE_EXT(r6, 0xc028660f, &(0x7f0000000040)={0xc, r7})
write$UHID_GET_REPORT_REPLY(r4, &(0x7f0000002100)={0xa, {0x2, 0x8, 0x7}}, 0xa)
symlinkat(&(0x7f0000000180)='./file0\x00', r5, &(0x7f0000000500)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')
read(r0, &(0x7f0000000640)=""/240, 0xf0)

13.564461744s ago: executing program 2 (id=1782):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r1 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="94000000", @ANYRES16=r4, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r5, @ANYBLOB="42000e0080000000ffffffffffff080211000000505050505050c0ff000000000000000064000aa80406000000000000060200003c0401fb28177606000000000600000008000c006400000008000d00000000000a0034000202020202020000080035000010000008007e"], 0x94}}, 0x0)
socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)={0x2c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x4}]}]}]}, 0x2c}}, 0x0)
close_range(r2, r0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000180)=0x4)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xf0003, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x7, 0x10, 0x6c, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x5, 0x9, 0xd6}, {0x6, 0x24, 0x1a, 0x4, 0x1a}, [@call_mgmt={0x0, 0x24, 0x1, 0x1, 0x23}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x3, 0x47}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x8, 0x3, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x3, 0x1, 0x8}}}}}}}]}}, &(0x7f00000003c0)={0x0, 0x0, 0x1, &(0x7f0000000100)={0x5, 0xf, 0x5}, 0x3, [{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}]})

11.058216777s ago: executing program 0 (id=1784):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_audit(0x10, 0x3, 0x9)
syz_io_uring_setup(0xd3f, &(0x7f0000000480), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x5, &(0x7f0000000100))
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x4000000000, 0x94b382)
r1 = memfd_create(0x0, 0x0)
pwritev(r1, 0x0, 0x0, 0x400, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)

10.255725537s ago: executing program 1 (id=1785):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000340)=ANY=[@ANYBLOB="12010000000000406c256d00000000000001090224000100000000090400000103000000092100000001220500090581"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, &(0x7f0000000540)={0x2c, &(0x7f0000000200)={0x0, 0x0, 0x5, {0x5, 0x0, "a8c6df"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000002c0)={0x24, 0x0, &(0x7f0000000380)={0x0, 0x3, 0x2, @string={0x2}}, 0x0, 0x0}, 0x0)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f00000007c0)=[{0x0}, {&(0x7f0000000440)="6f4720baeb5434a1c17a4b697e4611c434c1947fafd44daee2d61fadd23c3505eee0cc5b6c76cf081390ae92516d567c4b49af0f4b3df75ae92efbfb0fbe60ac8c4e546500f4f8f3885d5622072fb9e9b948a5edc65602c644bee9ad04b655279f383ce068ad0c202a57f9a8804b73d1241fb306b2acd9d5e26a71b19a0b9859ff0f0d7cdbd80fdfacdf9f1d02a37ae44bb6ddd978d4a0e6d61b68f629915748d6d3d184ca2b4164192c60a3a383821d0e85f04d09b712814d4b0664799b7ae6657b7452214608d01d31bd7d9e03107c638353d89515692c24b11490b9e75cfcb489e80b9334f4660204b2a17409993ddc4b0d004709cd46cb2488cf3cecd965e978182dd42cfbbfa4ebda17cce9cfc970959fd29e1a802809aa4a65c8f1c6dd14fca85d83fc995f097a62c6f04fb0d1f0dec0faa41fe09b1eae67606123d908dd74c62e66ee2635ec9da7bc74103debf3e31f0794ca5fc2268bcb8a03aeb3bf860d164e0a6cba7c8dc469147cc7e1bb94731ec450525cf19275d4af40b115f2420ff7ab4eeb41c5ddc19aae1b2e535b796c0e7aa6e71b4e13c8023806a08638d13a8595e310321860c8d7670cf167c67b3b5217a66329505cdcdc3afb3233dbaec65ff45b0bfc3cfbd309a7ffd26507a8ffe782f3b84ad9dfc2b4f44d6716e8ad892ffc3acf6e7e09018041a27fcad1ee957d6fddccc3d41f9b04127dee7c471acf9fdc32f204afffc52b22b738441542", 0x211}, {0x0}], 0x3}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000400)={0x24, 0x0, &(0x7f0000000240)={0x0, 0x3, 0x4, @lang_id={0x4}}, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="00031200000012033f"], 0x0, 0x0}, 0x0)

10.078492014s ago: executing program 2 (id=1786):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x810c90, &(0x7f0000000340)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@umask={'umask', 0x3d, 0x2}}, {@errors_continue}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@namecase}, {@gid}, {@dmask={'dmask', 0x3d, 0x7}}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1520, &(0x7f0000000440)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJIklySZIkSXJLSJrkSEJiyC1pSJLkMiSXISSXaUwa9/tdEpKkSZKQ3JL1/wh/p1Pndzq/0zl+nzPP9/PZn1nPu/ez9trv8+733Xu9M/Ntl6E1G9eq1pCI4F+C538kA0AsAAwEgKsAIACA8vHl48+tzy0x+V/bCftzPZh2uUfALieuf87G9c/ZuP45G9c/Z+P652xc/5yN65+zcf0Zy8k2Tit0NS85d+H5/5yMP///i2SXGfPl6jLXdgWI+aMpXP+cjev/Xyv4Ixtx/XM2rn9OFXu5B8D+D+DzPyfI9XfXcP1zNq4/YznZv3+OWbnLPcf9Py0QydnfgVzu1x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsZzhpL9EAcDF9uUeF2OMMcYYY4wxxv48PtflHgFjjDHGGGOMMcb+/RAESFAQQAzkgljIDXEgAOBKyAtXQQSuhni4BvLBtZAfCkBBKAQJUBiKgAYDFghCKArFIArXQXG4HkpASSgFpcFBGUiEG6As3Ajl4CYoDzdDBbgFKkIluBUqw21QBW6HqnAHVIM7oTrUgJpQC+6C2nA31IF7oC7cC/XgPqgP90MDeAAawoPQCB6CxvAwNIFHoCk0g+bQAlr+r/Kfhx7wAvSEXpAMvaEPvAh9oR/0hwEwEF6CQfAyDIZXIAWGwFB4FYbBazAcXocR8AaMhDdhFLwFo2EMjIVxkArjYQK8DRPhHZgEk2EKTIU0mAbT4V2YATNhFrwHs+F9mANzYR7Mh3T4ADJgAWTCh7AQPoIsWASLYQkshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFj2EbfALb4VPYATthF3wGu+HzfzL/xN/kd0VAQIECFSqMwRiMxViMwzjMg3kwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBByk1YFItiFKNYHItjCSyBpbAUOnSYiIlYFm/EclgOy2N5rIAVsCJWwkpYGStjFayCVbEqVsNqWB2rY02siXfhXdgb62AdrIt1sR7Wuzg9hQ2xITbCRtgYG2MTbIJNsSk2x+bYEltiK2yFrbE1tsW22A7bYXtsj0mYhB2wA3bEjtgJO2Fn7IxdsAt2xW7YLfv5XIAv4AvYC6uL3tgH+2BfTMnVHwfgAHwJB+HL+DK+gik4BIfiq/gqvobD8TiOwDdwJI7EKuItHI1jkMQ4TMVUnIATcCJOxEk4GSfjVEzDaTgdp+MMnIkz8T2cje/j+zgX5+J8TMd0zMAFmImZuBBPYBYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFL56sCgA/xZ24E1NwN+7GPbgH9+Je3If7MBuzcT/uxwMW8CAexEN4CA/jETyKR/AYHsPjeAJPYr8LXT2b8HWjT0quSgFxjhJKxIgYEStiRZyIE3lEHpFX5BURERHxIl7kE/lEfpFfFBQFRYJIEEVEEWGEESTCGAAQUREVxUVxUUKUEKVEKeGEE4kiUZQVZUU5UU6UFzeLCuIWUVFUEm1cZVFZVBFtXVVxh6gmqonqooaoKWqJWqK2qC3qiDqirqgr6ol6or64XzQQvbE/PijOVaaxGIJNxFBsKpoJeeFIWonh2Fq0EW3F4+INHIHtRSuXJJ4SHcRo7Cj+IsbgM6KzGIddxHOiq+gmuovnRQ/R2vUUvcQk7C36iKnYV/QT/cUAMQNriPdwdu6a4hWRIoaIoeJVMR9fE8PF62JEbxAjxZtilHhLjBZjxFgxTqSK8WKCeFtMFO+ISWKymCKmijQxTUwX74oZYqaYJd4Ts8X7Yo6YK+aJ+SJdfCAyxAKRKT4UC8VHIkssEovFErFULBPLxQqRG1aJ1WKNWCvWifVig9goNonNYovYKj4W28QnYrv4VOwQO8Uu8ZnYLT4Xe8QXYq/4UuwTX4ls8bXYL74RB8S34qD4ThwS34vD4og4Kn4Qx8SP4rg4IU6KU+K0+EmcET+Ls8ILkCiFlFLJQMbIXDJW5pZx8gqZRwYXnt2rZby8RuaT18r8soAsKAvJBFlYFpFaGmklyVAWlcVkVF4ni8vrZQlZUpaSpaWTZWSivEGWlTfKcvImWV7eLCvIW2RFWUneKivL22QVebuEyPl9VJc1ZE1ZS94lk+FuWUfeI+vKe2U9eZ+sL++XDeQDsqF8UDaSD8nG8mHZRD4im8pmsrlsIVvKR2Ur+ZhsLdvItvJx2U4+IdvLJ2WSfEp2kP7CS+QZ2Vk+K7vI52RX2U12lz/Ls9LLnrKXhN4g+8gXZV/ZT/aXA+RA+ZIcJF+Wg+UrMkUOkUPlq3KYfE0Ol6/LEfINOVK+KUfJt+RoOUaOleNkqhwvJ8i35UT5jpwkJ8spcqpMk9Nk/ws9zZLyH+a//Tv5g3/Z+wa5UW6Sm+UWuVV+LLfJT+R2uV3ukDvkLrlL7pa75R65R+6Ve+U+uU9myzvkfrlfHpAH5EF5UB6Sh+RheUSekj/IY/JHeVyekCfkKXlanpZnLjwHoFAJJZVSgYpRuVSsyq3i1BUqj7pS5VVXqYi6WsWra1Q+da3KrwqogqqQSlCFVRGllVFWkQpVUVVMRdV1F9+jVClVWjlVRiWqG/6ZfFVcXa9KqJK/yr84vuS/M76WqqVqpVqp1qq1aqvaqnaqnWqv2qsklaQ6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKlklqz7qRdVX9VP91QA1UL2kBqlBarAarFJUihqqhqphapgaroarEWqEGqlGqlFqlBqtRquxaqxKValqgpqgJqqJapKapKaoKSpNpanparqaoWaoWWqWmq1mqzlqjpqn5ql0la4yVIbKVJlqoVqostQitUgtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5lqY1qo9qsNqutaqvaprap7Wq72qF2qF1ql9qtdqs9ao/aq/aqfWqfylbZar/arw6oA+qgOqgOqUPqsDqsjqqj6pg6po6r4+qkOqlOq9PqjDqjzqqz5y77AhGIQAUqiAligtggNogL4oI8QZ4gb5A3iASRID6ID/IF1wb5gwJBwaBQkBAUDooEOjCBDcSFokeD64LiwfVBiaBkUCooHbigTJAY3BCUDW4MygU3BeWDm4MKwS1BxaBScGtQObgtqBLcHlQN7giqBXcG1YMaQc2gVnBXUDu4O6gT3BPUDe4N6gX3BfWD+4MGwQNBw+DBoFHwUNA4eDhoEjwSNA2aBc2DFkHLP7V/748XeMz11L10su6t++gXdV/dT/fXA/RA/ZIepF/Wg/UrOkUP0UP1q3qYfk0P16/rEfoNPVK/qUfpt/RoPUaP1eN0qh6vJ+i39UT9jp6kJ+speqpO09P0dP2unqFn6ln6PT1bv6/n6Ll6np6v0/UHOkMv0Jn6Q71Qf6Sz9CK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1x3qb/kRv15/qHXqn3qU/07v153qP/kLv1V/qfforna2/1vv1N/qA/lYf1N/pQ/p7fVgf0Uf1D/qY/lEf1yf0SX1Kn9Y/6TP6Z31W+3MX9+c+3o0yysSYGBNrYk2ciTN5TB6T1+Q1ERMx8Sbe5DP5TH6T3xQ0BU2CSTBFTBFzDhkyRU1REzVRU9wUNyVMCVPKlDLOOJNoEk1ZU9aUM+VMeVPeVDAVTEVT0dxqbjW3mdvM7eZ2c4e5w9xp7jQ1TA1Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDFNTVPT3DQ3LU1L08q0Mq1Na9PWtDXtTDvT3rQ3SSbJdDAdTEfT0XQynUxn09l0MV1MV9PVdDfdTQ/Tw/Q0PU2ySTZ9TB/T1/Q1/U1/M9AMNIPMIDPYDDYpJsUMNUPNMDPMDDfDzQjzhhl57kLVvGVGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbDJNhMk2mWWgWmiyTZRabxWapWWqWm+VmpVlpVpvVZi2sNevNerPRbDSbzWaz1Ww128w2s91sNzvMDrPL7DK7zW6zx+wxe81es8/sM9km2+w3+80Bc8AcNAfNIXPIHDaHzVFz1Bwzx8xxc9ycNCfNaVPgwuelN7E2t42zV9g89kqb115l/zYuaAvZBFvYFrHa5rcFfhUba20JW9KWsqWts2Vsor3hN3FFW8neaivb22wVe7ut+pu4tr3b1rH32Lr2XlvL3vWruJ69z9a3D9sGiAC2mW1kW9jG9mHbxD5im9pmtrltYdvZJ2x7+6RNsk/ZDvbp38QZdoFdaVfZ1XaN3WF32pP2lD1gv7Wn7U+2p+1lB9qX7CD7sh1sX7Epdshv4pH2TTvKvmVH2zF2rB33m3iKnWrT7DQ73b5rZ9iZv4nT7Qd2ts20c+xcO8/O/yXOsGgz7Yd2of3IZtkAFtsldqldZpfbFf9/rEvsOrvebrDb7ad2s91it9qP7baLF8J2p91lP7O77ed2v/3G7rVf2n32oM22X/8Snzu+g/Y7e8h+bw/bI/ao/cEesz+qi9nnjv0H+7M9a70FQgKSpCigGMpFsZSb4ugKykNXUl66iiJ0NcXTNZSPrqX8VIAKUiFKoMJUhDQZskQUUlEqRlG6ji4OrxSVJkdlKJFuoLJ0I5Wjm6g83UwV6BaqSJVyX9iMbqeqdAdVozupOtWgmlSL7qLadDfVoXuoLt1L9eg+qk/3UwN6gBrSg9SIHqLG9DA1oUeoKTWj5tSCWtKj1Ioeo9bUhtrS49SOnqD29CQl0VPUgZ6mjvQX6kTPUGd6lrrQc9SVulF3ep560AvUk3pRMvWmPvQi9aV+1J8G0EB6iQbRyzSYXqEUGkJD6VUaRq/RcHqdRtAbNJLepFH0Fo2mMTSWxlEqjacJ9DZNpHdoEk2mKTSV0mgaTad3aQbNpFn0Hs2m92kOzaV5NJ/S6QPKoAWUSR/SQvqIsmgRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6mbfQJbadPaQftpF30Ge2mz2kPfUF76UvaR19RNn1N++kbOkDf0kH6zvei7+kwHaGj9AMdox/pOJ2gk3SKTtNPdIZ+prPkCUIMRShDFQZhTJgrjA1zh3HhFWGe8Mowb3hVGAmvDuPDa8J84bVh/rBAWDAsFCaEhcMioQ5NaEMKw7BoWCyMhteFxcPrwxJhybBUWDp0YZkwMbwhLBveGJYLbwrLhzeHFcJbwophpfDheyuHt4VVwtvDquEdYbXwzrB6WCOsGdYK7wprh3eHdcJ7wrrhvWG58L6wfnh/2CB8IGwYPhg2Ch8KG4cPh03CR8KmYbOwedgibBk+GrYKHwtbh23CtuHjYbvwibB9+GSYFD4Vdgif/mX9fQv+/vrksHfYJ3wxfDH0/h45Lzo/mh79IJoRXRDNjH4YXRj9KJoVXRRdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH90Q9b5WLnDohJNOucDFuFwu1uV2ce4Kl8dd6fK6q1zEXe3i3TUun7vW5XcFXEFXyCW4wq6I084468iFrqgr5qLuOlfcXe9KuJKulCvtnCvjEl0L19K1dK3cY661a+Pausfd4+4J94R70j3pnnId3NOuo/uL6+SecZ3ds+5Z95zr6rq57u5518ONz3v+ZEt2fVwf19f1df1dfzfQDXSD3CA32A12KS7FDXVD3TA3zA13w90IN8KNdCPd3QpgtBvtxrqxLtWluglugpvoJrpJbpKb4qa4NJfmprvpboab4arMPL+XOW6Om+fmuXSX7jLcuWvGTLfQLXRZLsstdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W1z29x2t93t8Fed79TtdnvcHrfX7XX73Fcu233t9rtv3AH3rTvovnOH3PfusDvijrof3DH3ozvuTriT7pQ77X5yZ9zP7qzzLjUyPjIh8nZkYuSdyKTI5MiUyNRIWmRaZHrk3ciMyMzIrMh7kdmR9yNzInMj8yLzI+mRDyIZkQWRzMiHkYWRjyJZkUWRxZElkaWRZRHvC28OfVFfzEf9db64v96X8CV9KV/aO1/GJ/obfFl/oy/nb/Ll/c2+gr/FV/SV/K3+Ed/UN/PNfQvf0j/qW/nHfGvfxrf1j/t2/gnf3j/pk/xTvoN/2nf0f/Gd/DO+s3/Wd/HP+a6+m+/un/c9/Au+p+/lk31v38e/6Pv6fr6/H+AH+pf8IP+yH+xf8Sl+iB/qX/XD/Gt+uH/dj/Bv+JExb/pRF2+RYZxP9eP9BP+2n+jf8ZP8ZD/FT/Vpfpqf7t/1M/xMP8u/52f79/0cP9fP8/N9uv/AZ/gFPtN/6Bf6j3yWX3RxUtkv9yv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vv+x3+Y/8dv9p36H3+l3+c/8bv+53+O/8Hv9l36f/8pn+6/9fv+NP+C/9Qf9d/6Q/94f9kf8Uf+DP+Z/9Mf9CX/Sn/Kn/U/+jP/Zn+W/WWOMMcYY+0PGX2qKX685P53f+3dyxF9t3AcArtxSKPuv15+7olyb/3y7n0hoFwGAp3p1efDiUr16cnLyhW2zJATF5gJc/CbonBi4FC+CtvAEJEEbKPu74+8nup2mf9B/9GaAuL/KiYVL8aX+vwDA5N/p/9HHR2ZUCE/G/w/9zwUoUexSTm64FC+Ctr/Mr7SBcn9n/AVa/YPx5/4yFaD1X+XkgUvxpfEnwmPwNCT9akvGGGOMMcYYY+y8fuLWThfvPy/+xufv3Z8nqEs5ueBS/I/uzxljjDHGGGOMMXb5PdOt+5OPJiW16fTPN6r+r7L+cKMJ/Lt65sbvNrwHuPiIAoB/sUOAcw35nzyKTf+RfaVcOHX+dtXSUz6A/xul/DMal/mNiTHGGGOMMfanu3TR/+vH1eUaEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9J/6d2OU+RsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+38BAAD//3lG9tE=")
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0) (async)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00') (async)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0) (async)
pivot_root(&(0x7f0000000100)='./file0/../file0/../file0/../file0\x00', &(0x7f00000003c0)='./file0\x00') (async)
r1 = syz_mount_image$udf(&(0x7f00000004c0), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f00000000c0)={[{@shortad}, {@shortad}, {@umask={'umask', 0x3d, 0x2}}, {@lastblock={'lastblock', 0x3d, 0x7f}}, {@uid_forget}, {@adinicb}]}, 0x41, 0x493, &(0x7f0000000a80)="$eJzs29trHGUYx/HfM9ndbLbVbts0rVJwVVCpWHPo0XjRQwwVekjTRqSoEJNNXJoT2VSSIlq88dYbb0REQUGqaEHEG6+0d/4BCoKgF16I4F54AEGUmZ3ZmWw2TZo9JNt8P9Du5J1nZt7DvvO+u/OuAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAdOKp451dtt65AAAAjXT2wmBnN+M/AACbykU+/wMAAGwmJkffy9Q3WLAz3t9FydO5qSvzQ339lQ9rM+/IFi/e/Zfs6u45cPDQ4SPB662Pr7V7dO7CxeOZk9OTM7PZfD47mhmayo1Mj2ZXfYZqjy+3z6uAzOTlK6NjY/lM9/6eRbvn07+0bulI9x7uOOYEsUN9/f0XIjGx+JqvvsRyM/yEHO2R6beHPrWzkhxVXxcrvHfqrc0rxD6vEEN9/V5BJnLDU3PuzoGgIhy/rL5EUEcNaIuqtEtuvixRm89scTk6JlPHzwU7J6klqIdHvS+Glz8wVpPLr5mbz+clPaAmaLMNrFWOfpRpcltSA+vfrGiwmBzNy/RHb8HOe/cDtz+5t83Tz2SenhqbjsQOmN+jmn18aKQNfm9KytFZ745fsMH1zgwazp0svSXTro9f9uYV8ual23oPP3G+JzrD2L3CedzY/f78cTVjctyPHbABM6f25QIAAAAAAAAgtZqj72QqfJUJE9MmJ/LIOKnig6HM+mQRQL2Yo7dlOj9Y8L6Gj65LaYms7ylp9md/9c1/W/Lk9MzCbG78pbmK+1PJ4y/m52aHRyrvVpt7n22Jpqy0jqVKcXOUkOm5Pz+y0nWL939/KUCYmw+fDNfMJMuv771v7i6uZwqeIR29tDu6XTHLt/F81L2mmaM5mU7s2OOvVUlpSZ2pGPe5TL+/t9ePcxJu5oPTpotnHMtNZDvd2K9lev/fINZbFqUtfuzOMLbLjTWZ3jyzOHarH9sexna7sf0y3XyhcuyuMLbHjX1dpplfM0Fsyo29z4/tCGP3j0xPjFaqSuB2uf3/J5nebc9Y0Ddixfff0v7/SjgWXCs/0TJ9vtr+n46kXfP79SW3//+1x+vLXv93Kvf/N2T65Iu9flyx7yX8/du9/8P+/6xM498ujk35sTvC2K5VV2yTcNt/r0yndt0o1Y3f/n4LhK0Wbf97y98ddWr/7ZG0tH/d1toUHZLyC1cvD09MZGfZYGPDbMS1IbKxqTfW+86ERnDH/8/cWdSXP5TmO/74739MCWdWf78ajv+95Seq0/i/I5LW689G4jEpOTc5E98tJfMLVx/LTQ6PZ8ezUwc6D3UePHC06+iReCKY3IVbVdfVncht/29k+mfL9dLn3cXzv8rz/1T5ierU/jsjaalF85Wqiw6//a/LdP/NG6XvJW41/w++/3nkweJrqX+uuf3/2yYt3/7tkbS0f927alN0AAAAAAAAAAAAAAAAAGhqcXP0gUynHo9Z8Fuz1az/W/IDtDqt/+uIpI026PcKVVcqADQBR47ekelhFew1N2GrdCb6ijva/wEAAP//ua0iMQ==")
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) (async)
fcntl$getown(r1, 0x9)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000001180)={{{@in=@multicast1, @in=@multicast2}}, {{@in6}}}, &(0x7f0000001280)=0xe8)
r2 = getgid() (async)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0), 0x54}}, 0x0) (async)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r4, 0x1, 0x2f, &(0x7f0000000340)=0xfffffff9, 0x4) (async)
bind$inet(r4, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10) (async)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$sock_int(r4, 0x1, 0x12, &(0x7f0000002180), 0x4) (async)
sendto$inet(r4, &(0x7f0000000480)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d86209c060161d5ddb5fcf3d09001117cdb9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000000000002090666159e3075f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027083d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af162a9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e3bbe5230e07dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f0eac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdbc64ce943f895dd4c2e9dd7393543d89b00dc6b3a25045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bd", 0xfffffea5, 0xc000, 0x0, 0xfffffcef)
recvmsg(r4, &(0x7f00000033c0)={&(0x7f00000003c0)=@ethernet={0x0, @dev}, 0x80, &(0x7f0000002040)=[{&(0x7f0000000080)=""/49, 0x31}, {&(0x7f0000000f80)=""/4096, 0x1000}, {0x0}, {&(0x7f0000000100)=""/102, 0x66}, {&(0x7f0000004240)=""/4096, 0x1000}], 0x5, &(0x7f00000020c0)=""/182, 0xb6}, 0x120) (async)
lstat(&(0x7f0000000d40)='./file0\x00', &(0x7f0000000d80)={0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}) (async)
r6 = getpid()
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000240)="6fd14b5d036705c2bd00f349e9a426fb4f935b4f251215481c87b90ac6dd5116d16adbfd1d1235aa4d2d18a04a47873dd91474de69aafaa9d25ad694caa17cba9245902c058003cc6c0f50f5396391737912acb540a46eeeacb2a0c6d98de870909813f47b6d3e73816330ea12c63a705000daf2334d74b55f48592406a95b3e5da9287894e1541d4c145c53ba82af4288b91dbe5576b2684b185ddad9a37e915b563ef9a04ccb73ab0df9441a514496b491a2026a926fcd11ac086d422226475e956993eb6849536189f1cfecbf428346a427e951831bc1fa91c2439a5d50", 0xdf}, {&(0x7f0000000140)="b4122bdc972e029561e9e30d8712e41abeea300a7d8b98c1f2", 0x19}], 0x2, &(0x7f0000004180)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES64=r6, @ANYRES32, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="002cabac84a922f6c500000020000000000000000100000001000000", @ANYRES32=r4, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="0000000018000000000000000100000011000000", @ANYRES32], 0xb8, 0x4040001}}, {{&(0x7f0000000440)=@file={0x1, './bus/file0\x00'}, 0x6e, &(0x7f0000000800)=[{&(0x7f00000004c0)="771d0defacef11b43dd99be98b2162a4130599ce4d6cb56c0f67c77d18eef4e5963118c176f014061a1653617e27524961a56a151ebac6b2e722287f07d353ea752c6b7430449ce6399e18e18c03d1e10edf21a842faec8c076bc95b183d4684feb7b7bf31523499141395aa", 0x6c}, {&(0x7f00000005c0)="f50c2fb2caca1ed26e0047d0f84ed384713ee48307a339c2a3a4bcb58589a1223d7aeb8029625b554c713915bc82796dae09750edc9511db1976bdc8566419885cf79d9ae82cfe648cf8e82c9f1e36cf058e92d3b919d876fde376847b6ead6c1f62be421d4ede8a48de7c51a1394deace99dd0c4fbd14c19dffc827804868ac08f41bf9aa3d3b21aaa21d350fc79215c4e4a6c6699e1a7df82d", 0x9a}, {&(0x7f0000000680)="2a58f44e31261c2ae255dd78b56a9eb42e881219c26585aa69adc6ca3d9efa20c6415e3d511a0a1c5d6021313de25c8128e0c9b3b6f6f739cf0b643440aeaece1701a6add7009d170eeff751a6b1f9210ed12a372b476f30ae2a6042daa1e7", 0x5f}, {&(0x7f0000000700)="24e617cd8e3df481dcf8b3ba7b4c16ee71fd70dcb6ba080803e5f096e6b6fe95608c6b6a18a8c69e993f6a1b4fb1a172428407d4fcf7ed86c5050eac4b6737664d638d3f181af7f0cf7ecfdee6e38687589eb578b30d1950d083fbc453f44b63713a505eab146eb12b248f7875ff14c756eeec05b542b74b51690bd1eceb36b9211fa621dcf8676bc33e058ce2f1967358afcebbd1c8cd31de98221af845a8c6ecde89c278e155d9c9d39571e0ae21a14809544b3d6f8c607c30c1170f09c94c43d9ccaa87ad29718019b4b2ca6695f685fa238ab822feea63f2134cc27d2a6bdbb63fbe62c095e849abb93e66658e4953da47ec1433c173065524d3f805", 0xfe}], 0x4, &(0x7f0000000880)=[@cred={{0x1c, 0x1, 0x2, {0xffffffffffffffff, 0x0, 0xee00}}}], 0x20}}, {{&(0x7f00000008c0)=@file={0x0, './bus/file0\x00'}, 0x6e, &(0x7f0000000c40)=[{&(0x7f0000000940)="e2111e367fc3534a2b6b3a167cadfda92e76fb1adbfd31028420d28e87e81346c354f00dc26aeb2ac01b4159356893a3f1f3c176afd31eaebec786c198c0d1f02b99d298ed84dca9d8320762c27d991c65dac6036e87d462b885ac9e09089785a29243931fb6abaf4cceadb23156443bdf4bb884d93b62f6a47727683eca828f27b4a12f4fecfddfb60aa6541464f0d4c92938b53309b3068865846ec7bdbcf00395dd995990cf331102f2516d5ede346869e6bf253bfd53888ec75997239b739924594e9e91bd8397850064", 0xcc}, {&(0x7f0000000a40)="ebbcc0c387278e24e1dbdd4f39a8c11f22c1f74e95d1ea4534d33a2b1411c1e989ea131f1429d7e102cfc8f3a3cc339c35558efb5cfa3486d660d4c1dc2692751f88c217588e957d8256b2a9472ad75dec0917e24141fc56e99bed60cb7b6aef3f770e6b5ad9585d2731f7f7143d719688e289a72dad697f3a2a329e6a5e5e6a3095b5224a8ff61e2ee006045ab0045e217386126aa6ee22c545c5c4b801", 0x9e}, {&(0x7f0000000b00)='qp*w', 0x4}, {&(0x7f0000000b40)}, {&(0x7f0000000b80)="a614bfdb0f0b79259ed430f5d5d27cac7badb3b62c162f63b354cea30f5c96ccaf423ed5fa25a169c2d5262e8660662e28802e0822c08af00428e3e0bec41a3b90bdcd8a84de04ce01ea31", 0x4b}, {&(0x7f0000000c00)="3aedfd65462e953afcc032068cebd13dd4a35704ceacd3d0cc5073d2fdad8565fd63194239d674c1b52ac86f40585df34e12fc24dc9c36d59c3f94b298418e", 0x3f}], 0x6, &(0x7f0000003400)=ANY=[@ANYBLOB="1c000000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYBLOB="10000000000000000100000001000000300000000000000001000000dca3cf30e819648da5daf3c8697a33ade0acf6dd0c13f6e952971b06948c1e54e204804e86516847b80c7b315033d92b9014e064de000000000000000f36f9ae5f0bff67731542fe640cd5510805f1", @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES32=r4, @ANYBLOB="1c00000000000000fd000000020000000e4a58d20a06d788b54c4b13b6b1cf6964424e7aacd6", @ANYRES32, @ANYRES32=0xee00, @ANYRES32=r5, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32=r6, @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00'], 0xc8, 0x7c60c9c9566d109}}], 0x3, 0x8) (async)
fstat(r1, &(0x7f00000012c0)={0x0, 0x0, 0x0, 0x0, 0x0, <r7=>0x0}) (async)
r8 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r8, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0xc) (async)
setregid(r2, r7) (async)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
fstat(r9, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, <r10=>0x0})
setreuid(0x0, r10)

9.877118247s ago: executing program 0 (id=1787):
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='bpf\x00', 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x7, &(0x7f0000000000)=0xfffffff9, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x80000000000000a, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r4, &(0x7f0000fa0fe4)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f00000000c0)="170000000200010000ffbe8c5ee17688a2003c000201000a000002a257fc5ad90200bb6a880000d6c8db000000df018002000000fc0607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5af9b1c568302ffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a1b47b63a6323ded2231454668492f9c681a6a9fc", 0xb8)
syz_emit_ethernet(0x0, 0x0, 0x0)
r5 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e22, 0x2, @private2, 0x8001}, 0x1c)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}}, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11c2, 0x2208, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000000240)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "0716a7"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

9.043524439s ago: executing program 2 (id=1788):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r2 = socket$inet6(0xa, 0x3, 0x11)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000004480)={{{@in6=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x3c}, 0x2, @in, 0x0, 0x1}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x21, 0x0)
r3 = syz_create_resource$binfmt(0x0)
openat$binfmt(0xffffff9c, r3, 0x41, 0x1ff)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! ']})

8.606959277s ago: executing program 2 (id=1789):
r0 = socket(0x11, 0x800000003, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000600))
socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_rose_SIOCADDRT(r0, 0x890b, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000008000000000000001000000940000000fad413ec50000000f000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
close(0xffffffffffffffff)
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000000040ac052a0200000000000109022400010000000009040000010300020009210000f60122000009058103"], 0x0)
r2 = add_key$keyring(&(0x7f0000000340), &(0x7f00000004c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, r2, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000001c0)=@keyring={'key_or_keyring:', 0x0, 0x2})
r3 = socket$inet6(0xa, 0x3, 0x8000000003c)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000680)=@newtaction={0x1e0, 0x30, 0xffff, 0x0, 0x0, {}, [{0x1cc, 0x1, [@m_mpls={0x174, 0x18, 0x0, 0x0, {{0x9}, {0x4c, 0x2, 0x0, 0x1, [@TCA_MPLS_PARMS={0x1c, 0x2, {{0xfffffc01, 0x7, 0x4, 0x9}, 0x4}}, @TCA_MPLS_TTL={0x5, 0x7, 0xcb}, @TCA_MPLS_PARMS={0x1c, 0x2, {{0x1, 0x8000, 0x7, 0x3, 0x400}, 0x1}}, @TCA_MPLS_LABEL={0x8, 0x5, 0x22c4}]}, {0x100, 0x6, "5907a3cb2425075fba32f62040a313841c0bb359920dac069cf7e787442f907f80366008143042349acc0c1c5f4542aa48fca11b48e92325c84f44d49b4f844aec39327baf32cc188c8dc7fb409f072f4e14743ff3f750d37493ab3e3391a9debe76386635e6d6fe94391e57ba091705e9c9b106ae28757c3d3c1ebee647815722a1279de3ae3425d2334a9d2b7b6549d5b3163bcd5c9d62596253d2be2bf8bb304da38b27f0c2ce9fc82d4c0da7252aec73aea4f168474dcec245079033f6292dc3d02047701f4aa2e5eca3d2becef46a3ffa2f87bcdc241f56bd7ce939f350fbffffffa350b2a8e3bb508d1a7c9d636bc10ae6334c2ce3ad770000"}, {0xc}, {0xc, 0x8, {0x3, 0x2}}}}, @m_gact={0x54, 0x2, 0x0, 0x0, {{0x9}, {0x28, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x0, 0x0, 0x0, 0x0, 0x6}}, @TCA_GACT_PROB={0xc}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2}}}}]}]}, 0x1e0}, 0x1, 0x0, 0x0, 0x800}, 0x11)
r5 = creat(&(0x7f0000000280)='./file0\x00', 0x0)
close(r5)
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000140)={0x0, &(0x7f0000000380)=[<r7=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000300)={0x0, 0xfffffffffffffe7a, r7, <r8=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r5, 0xc06864ce, &(0x7f0000000600)={r8, 0x0, 0x0, 0x0, 0x0, [<r9=>0x0]})
ioctl$DRM_IOCTL_MODE_ADDFB2(r5, 0xc06864b8, &(0x7f0000000400)={0x0, 0xae, 0x3ff, 0x34325241, 0x0, [r9], [0x2b8], [], [0x0, 0x0, 0xffffffffffffffff]})
move_mount(r5, &(0x7f0000000380)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000003c0)='./file0\x00', 0x110)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x0, 0x0, @remote, 0x4}, 0x1c)
r10 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r10, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
syz_emit_vhci(&(0x7f00000001c0)=@HCI_EVENT_PKT={0x4, @hci_ev_le_meta={{0x3e, 0xb}, @hci_ev_le_remote_conn_param_req}}, 0xe)
setsockopt$WPAN_WANTLQI(r0, 0x0, 0x3, &(0x7f00000000c0), 0x4)
r11 = socket$inet_dccp(0x2, 0x6, 0x0)
getsockopt$inet_int(r11, 0x10d, 0xcf, &(0x7f0000000000), &(0x7f0000000240)=0x4)
r12 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000100), 0x400, 0x0)
write$vga_arbiter(r12, &(0x7f0000000140)=@target={'target ', {'PCI:', 'a', ':', '15', ':', '16', '.', '12'}}, 0x16)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='netlink_extack\x00', r1}, 0x10)

6.981187832s ago: executing program 0 (id=1791):
r0 = socket$rds(0x15, 0x5, 0x0)
setsockopt$SO_RDS_MSG_RXPATH_LATENCY(r0, 0x114, 0xa, &(0x7f0000000240)=ANY=[], 0x4)
r1 = socket$alg(0x26, 0x5, 0x0)
set_mempolicy(0x2005, &(0x7f0000000000)=0x401, 0x200)
fstat(r1, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, <r2=>0x0, <r3=>0x0})
syz_mount_image$erofs(&(0x7f00000003c0), &(0x7f0000000140)='./file1\x00', 0x1000801, &(0x7f0000002ac0)=ANY=[@ANYRES32=r3, @ANYBLOB="297c00f9c21980234eab918ac814309e197710e2d610b50fc9faea1f120ff000"/44, @ANYRES32=r1, @ANYRES16, @ANYRES64=r1, @ANYBLOB="5d89e7f5ae235b3811fba8decf2b4bb7fe0fac57f981e4b693da3fb8d287ed3907380c372c58a72b23c7d425333cc64cbcc94797dce0b3b8c01cc49a50b174ba4ddd5af70bc618f171e871cc0a64eb6c5dece5d1b4ac40507673dde64359ad207e61f888d5970927486f9dd02d0db9d1492fc496e9b9e04d50dd85f94ab68d8fcdb204903f01ff93204cc4823f34e4874345777951b0af0d024c721187a93cabea1ce932d550724d733d389982b8a231575ff2db878168424a7bf3d6d66ba9f01005eec07304826949af824bf6be05e0df735aabc9bf914cd1d58c0cc4bff14262324d9229cc587b80ad6f4461bf6caeaa59da1541b2297645a59b16caf14257723220f3a89b50113ad1007e1d89a18bd9c20bd19d4c6921e42bfca1105faa27978d9575a0a1fa6ec537c2c276526115f16e7b5d37cc67541b19b7f3c39e1eba80861872ad726c57ff7f8d0c1eea3253a9358d5a11473533d4ff6c6a2b409405a28c95bf34466bab3a3d8ef8726dcebf32427599644db825612de642444f7231bc7cd265a916babf0fe35d5282503f03401bee44cd14e31359ecddb71c57aac9d6245fa6098d4c5f53d0929b9fd40dee456e58dc4512afb9028d4c6047c2c12fb4eff20e5203583c1f5c84e037e68fd9573c98f9653768ff2f01b5e65066bd16bd90a10d82188d37927a6151f6fc4528a540937909837e07cec45691027708fdba69c06becbd7fdefb0f4a878f595e0ff14a7db81ea9e34e65c34c629f84c375d47be49e392c3dea92d9d06aaceb12d20a88b21d07f7751901d0abc34a540fde1e87f08dd461460e0e896a03f19ec7dc2898d03bd1eca8cfbebac1e317fbc990dc902b3c7d6c7f462e7cde3b9676f892154fe48e4018fdfe867af5608060a6d5f73e7aa2f10b78dbed36521a7e0b9c2ffb0313ae465dcf7adcd37eae04f70a8ce09a13fa0ae50655fccab9e71b08c308b5bcf513534addc2d231b7d5f54df58b503df72e744e39f728a05d796e00930b5f7986dbc73250a819a555ce96c4755d8b5bccd8fb64ca884bf483f41b35ee005b3509f3bd32268f83058be9fa32a82f448f7369c97bd0f144075dd949a5a8605cad4447ec55ffc959eee521f239496f15e00af0bca0122cfde70e4220a565a3e82f27ae5dca790ebf1fe595299e2e7504571adce95f73f5c670140d82b703b938f89d313ffed88bb4a99f35f533f63a0e498b78d722fee3a0be39de6cb986a353e862c888e78e63722b1eef9a419e8f20aac584303a86c236483d6bb3e1759744739cb16e596093f4a42915b89dc61cb51375c120b2b5cefa69e09d98374ab4c26df424414018da546835e427af0e66944a7b295abef518ff612a2942c30c27cec6d65b7b2c749a240fe2a2c9e0324f8731de2ff282f2608c77f7d81fd6c7b5787aa099edde78237528aba04cc5fec525bbdb13800991795f15a12bbd0821ed9e9d6cb97b7934d37f9167a59b0bd55d504fbc974b45911e26ddce1d088213a1acadd96f27259f422db2ce5fa9ddbb22338a3ca9c7eb010b892170dc916ec7d3b598d1235f676741b91c0217848bb4bd23f86489eebfdcd39aff312f8e5443e7848b01a922bb7063a6ed20d863302e5b1f37869bf4c6d1203c4295cbdaad13a817d3c8cc7ca5538892e20b88c0c3c0931f34007113b5676e1d5fa81ab38079efb5864f47adc9817488bb4cf89862c72744eda97290c086475633a3cb5b1f4223b578d8bc4157bc7c93f5c2aa8ae89804664868c867f40761d1772961ae65102e529ae0248dc1fdce340a25fccf2a63a8508c74aa7ff33374ee2f10c7a90fcdb4811acf2e5d5ecc64ab17ea9678b293712a95cbe007b4705d74dc0ad5a62e1634d6d62b83c99cedaac37bac65e17ddf9efd7886d4d4f1aeeb37b1a7e99497de17573d7dfadbed7a8410150a6b0e399d0c6329029a9f2f58ac4817f54cbc2deb106b684050dfee8936c180202468d8c458c88f7cbe4935e76e4bb430417dc8d3168a46e5e4656dd4903f22d7be690822180032afb12bef9b19f8a7ef8d3fc37cf88cbc663f6feb411c18bc959d4ea9ba883840ff2669abac2232c29ab9b11e061a0fa6b532591f24f97275223e0cf9af63ce7bfd09f6c81af3c4d061768cff80dc7703fad721c788fc06fa8ce2fe7582c642c85b00d7438ff73714a7be331ade251644b0b6ea98cd88dc23143876b77662fefd432aec5376cbc5d5412c5a85da613800f1460d7c4f956c567fd4b6d87d9d65b5061d06bbfc7921bb54cb3ba93358199d1273b34c142314e252f3af935c03d23350fe036d67da9ab140c77330263ba9cfe37d13d403d73db0bc9157918a3b6027ff8c96700daf14909d28a67b7a7006a1ffa3e3e87815201913d91f39ea07a1c6f0adcf67795eb2b0fe692c31dcd8b0d1560e1893305436fabe7318f481a0f1f04655ff4cbfdc1b49eb23f291913f143aea21e1da0f5210539afde9df7925529641a9f82a3f603b0740fdeb20a1c736964779ae4950add5d05821394c939f1177740e8c8936a55bae1540637864374c910f09ca59b718b3840c3f20fb412212c0b6417771df24bc80ef6f58b9db2cdbd7b98582a9cf0ac18880cb15f38940aaa0c9583a15dd200c95b82e39c706d03746d993de038a308446b824f59f5284e48e489267e7c0025324a9fb037c47dd1ea262ae5ccfd112f18448b87a06a251d174b0ea32843177b4488663bf6ec561118babc828831bd12bc0f57fa6861a77e98c76d39492d4afc7c802a870fd5042441ec0cc9a4aec8a73bc1b0da2ca3d3f02b26bf53e713f796c2c467aa10404ec08324125438882815c3b6d53fcb6ea59cf90f83357c9485a07409418c5bdf6046c387ba717cdbb7f8313c6aa060e38a1f9e54773694a634855c45e98e5b6451f5c77b7e4f9cda54e61f04c64e91e019d774bb879b5767ce9db4d3ebd5e271651c8c8f210609b6a5299debefc69071ca9a7d8e1b04d9c9d94da22fe0ccb96d00043a578ea1fc211e41b9978b7a3bb8d49989347b1d66efbc2452b05ec3ed3c468c89544332a346f9d26675d20b379df45db62cc4e02d39b96e832b1a23e5468da52c2bbbd67821a9dce341c3d3b3d0b2b1617a8b18424fd3c8d7f8b3129dadf3415fb002a20a9b5e8921abcb13bcc012276951cc4390124863cb3848e3dc906e70fe5307fc941497d2a29bd9e0c2b3f651407bed79651379611fa6414cf7626f0fbce33dc1ccfdf68731b19b451b0c497cb5de54b0e902b6e30817cf3dbe3e6e9724ff460069a9e9a431338778c6756370fa3ccb630b9a9c1974c143ef57b5d15d7616d9a53c4c98c3d764b279cd84c69e70971eb3ba0fca65adadcaa1d0acf5340ee5290f99e4a7264334437585e36e177b8b3047456686d9331d9db3008f2d9daa89c110a8e87ae46516b25e77ff5d7287fd7bba40a592c1d16d6b5da8ea5ba1d95e74ef8d1dd5c1e68fec796c794137b1b1af5d345a3273386625604420d4371efab87b50f55818345a381d17b5ec4c25d8e6711e0ab090c3c15bf2e82aa1fc5d84479940a14150b846cff95df1ad75bbfd06304fbb8fec5b08c7d0cd18d51f0bfd0e65ab122625707790b9aeaee0f7d71a1c86ef07fa73176c38ab1a2f309b58c298095fb1a9f2b4b8e1fbd1923e89cde4532d246130ac78a8ed97b91545e6950c8103eb33a06fc05a011f5dfd42ca5d095c4649b1fd0cdd28e11e592dcb9a163b189b8f72080b92084e2b956acc8398861bcda5de79f37c2cc2aed9e7e92582e9cadd21aa4c95ee095c3f931a56a2493225187867762fc840fc94cfed1be9f1b9037570f5cf30adc133fbdf6384c93fe4535eb9566b87f1c74c95d66c7d8b8f3063ab8e529bfc0ac3e0611918ba6d7b8a082f5b0d19bad8831e25596e427590690b89c817ed270695cc8390dc885819127464c30a1fc48bd27aa53feb96c9a167d37e51e988632e2edc7ba18fda3699971550b58eeb0e2e339a3e5791e030b7d9bc27124d812c1ed28fe56b3c46a9fd2516381b9815652afdacbe8c40032cdcd5e0f741bc33e3484299a05bbf6686527285f61754a4b00611970881bd0cffbd9adb294440493ebe786e0c2a92aa81687aebf1ae465500135135fc59f3f1f182ee8685678f82ab37039589143d58e3625e4cd667cdb3c16731e8b3e57467ccc912e75165113b5d848acaba29967b9c81106cbd754b5b6cde787304a8c4a783be68e3fd33508caebc354cd2893473e906cf87a902153bdf09a876e0e046a664f73c9ab107c5f17ec18ae19624b6d0ca730c235c2f6ad9ce8471f3657dec8e51a69e02018298dc0644684bd71e8113488b50c507c8946cc0d9538f20ac85b6e931420266461d972f685640a1e443de0609ae5ada31d2ee54ed7ac578000d38a42e34be56e96cf8ddbbfaf70ab039b5bf29d30620a2d1989eec002356c920ce728360e821084d8a1537a6db35a762b4d419da11ca314eb3509af713882b6b3e034400744ba3483909b9054d179e988dcfe5e61baae6a83bfb54149b5eae5a23edfff352281a182d841b684136b1284eb4d625692113521e0876759913e7e53091c799bbfc2f7d46ed651ca4086f75583009da2689cbad5408cb8ed416ba726a06d2d1aca9435eab19d865d819fb36f8ffa72c5513188df5b9cfbe2fb1833090d2837681a441fe9b879fb87dd2d8f2b5be4609ecbb67ee10cdcd910e22439c1ca278ef0c536a54806784b9b4a83966f3227349716d635fc86fb2868b9a0026c97e7f152822e21f09e4faba0e5654986541b6a2a97150f92174b036a036e647036726fd41681a3b34c6bdc88bc4e6a357681998b19dafe34ba848c1d532d797a37cbdd5f13407c26ad2232adc7eb472053b285a489fd3c8bd640765c3d95791b56a95c6dd5d672a8b743dedc4f70e14e0866075e9698cbec82395a270c2f3be27fc5fa14ebd716c80dc70e481c3b68266a90cb39b5a42747d6a4eab190e0c6176eb1e905f8e194e588b0c6107f8541355dc551fb81466f710024bb119bd9e5303b2128e7dba2443db7a349a7849480ecd21f2e02406ffad5b69f012cd26a78076741739f7101be48cdd031a638766b775137200981e6896239a100b9aa4eeefdbea6f1dfa793364de99fa941cb050e0f14c8a9261578dbbed9e66fe1f7c42d2fa1bdfb8a42c1a2cff75ed0c1dbec8098f8eb7fc0509fc76fc1e2a3ce9284a9d8c98aa1bfef7bb4702a40e9963c976b59dbd1b18a02316e627484cf892ec8bed26336fe6a121fcdca6795efe6074031d50df3d9bf7702f0fb9678461449e17dc8763e748a6e1b706d3ffda60e81835b89231d6716b8ffc24bd2bd3846cbd2ef495baa980ff3ea27b8e366f8bb2a7968a315cc13a3b46265549acafa7bfb652880145cfa747c22c947b2b7a9cf7cad5dd17d9e78bbf911c424c51ffddbe603e889094bbaeec5384369ac086941b3c9bffc0704e4db3c2cd6ffd585be7312df9d0ce57e52ea9db6d13affbffe82595dbd7ef7306b42112f7291eae482a55afe0e1b374b30c46b34619337d46d4c0f86f08813015cc740c0a2afacd06eb2e515ad4bc086db45f6f6e8cee80d7ded5229f3dc00fd21b89624773b6c52a8a3373e040240cc2433b824210db21f24b5ee784f13edcd60968021b1e4156afff2556bb067487dc8f0401bb63d6773000262b317f3490fc98e646d4f2af2cc1af93cfafd9254017c7a573525706e056b003213f342fbe04e210d3076fef859c33551a494be4c7139e87a260a1d9879a649ecdcb330e6", @ANYRES8, @ANYRESDEC=r2], 0x2, 0x1e7, &(0x7f00000001c0)="$eJzsmb+LE0EUx78zu9mchwg2FjYWHniit9ndqFxzRQRLQYiilsGsIbpJJFkhCQgGGxtLC8HWxtLCwsrCv8BWCxUEC1PaCSMzO7s7JpsQf2BE3wdu7jszb+fNe7DfYgOCIP5bPrz/8u7B2d2LJwHsxxbKev2TlcdwI/7to9snHu6de/zszZNX3QN3XsyexwAIsXp+B8DLmoUYzE5Wvn96y7iC1rgEjuNaXwaDm8ivQpFMQjBc1TE3DN3bp0UUutd6UfN6Owo9OfhyCORQNfPLS00nDE0AG+p2QjBjfzAa32xEUdifFSWR5pnb+lGxrH/qfjWOPaTdE0I268r9exM5172BB571zweHr3UVDHWtd1GG67p5S4z6D9v5+dYq9a9XPFXi4M6fSpq+I39D7f+wKP2Wc9jsinyhs5VD09QDzZiPa6/954UyLgBzW683o+j8L5zsFDQqE7k/SWc/ZviTDTvzj0rcuVUZjMY77U6jFbbCbhBUz3inPO90UFFGlIxL/G9D+dOmcX5pQazDHAwbcdz3h0Dc97N5kIyG49af9z6rZ7jyP47to2qqPFWVXS7OwfQfV/+l2raKI+8urIkgCIIgCIIgCIIgCIIgCKKYI2BIfgkTTH8QLSK4oL5QfgsAAP//g4hmcg==")
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0, 0x0)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(0xffffffffffffffff, 0x4018f50b, &(0x7f0000000000)={0x0, 0x8000000000000001, 0x1fd})

6.696039828s ago: executing program 0 (id=1792):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r0, 0x8933, &(0x7f0000000ec0)={'wpan0\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000540), r0)
sendmsg$NL802154_CMD_DEL_SEC_KEY(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000380)={0x40, r2, 0x1, 0x0, 0x0, {}, [@NL802154_ATTR_IFINDEX={0x8, 0x3, r1}, @NL802154_ATTR_SEC_KEY={0x24, 0x30, 0x0, 0x1, [@NL802154_KEY_ATTR_ID={0x20, 0x1, 0x0, 0x1, [@NL802154_KEY_ID_ATTR_MODE={0x8}, @NL802154_KEY_ID_ATTR_IMPLICIT={0x14, 0x3, 0x0, 0x1, [@NL802154_DEV_ADDR_ATTR_MODE={0x8, 0x2, 0x3}, @NL802154_DEV_ADDR_ATTR_PAN_ID={0x6}]}]}]}]}, 0x40}, 0x1, 0x300}, 0x0)

6.429288173s ago: executing program 1 (id=1793):
ioctl$sock_ipv6_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'ip6_vti0\x00', &(0x7f0000000080)={'ip6tnl0\x00', 0x0, 0x2f, 0x8, 0x1a, 0x6, 0x4, @remote, @private0, 0x7800, 0x7800, 0x8000}})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x8004)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_STATX={0x15, 0x62, 0x0, 0xffffffffffffffff, 0x0, 0x0})
write$UHID_CREATE2(0xffffffffffffffff, 0x0, 0x118)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x13)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
preadv(r0, &(0x7f0000000240), 0x0, 0x0, 0x0)
mremap(&(0x7f00003c6000/0x4000)=nil, 0x4000, 0x4000, 0x7, &(0x7f00000f4000/0x4000)=nil)
writev(0xffffffffffffffff, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000200), 0x208e24b)
migrate_pages(0x0, 0x3, &(0x7f0000000040)=0x7f, &(0x7f0000000300)=0xa)
r1 = syz_open_procfs$pagemap(0x0, &(0x7f0000000000))
ioctl$PAGEMAP_SCAN(r1, 0xc0606610, &(0x7f0000000200)={0x60, 0x0, &(0x7f0000245000/0x2000)=nil, &(0x7f0000994000/0x2000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpuacct.usage_sys\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x0, 0x10012, r2, 0x0)
r3 = socket$inet_sctp(0x2, 0x1, 0x84)
bind$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
setsockopt$inet_sctp_SCTP_DEFAULT_PRINFO(r3, 0x84, 0x72, &(0x7f0000000140)={0x0, 0x800, 0x10}, 0xc)
sendto$inet(r3, &(0x7f00000000c0)='}', 0x1, 0x0, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
sendto$inet(r3, 0x0, 0x0, 0x0, 0x0, 0x0)

5.817497779s ago: executing program 0 (id=1794):
r0 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0)
write$dsp(r0, &(0x7f00000001c0)="5cba91a4", 0xffffffd9)
r1 = syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000100))
r2 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_DRAIN(r2, 0x4144, 0x0)
openat$bsg(0xffffffffffffff9c, &(0x7f0000000040), 0x801, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000ec0)=ANY=[@ANYBLOB="94000000", @ANYRES16=r4, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r5, @ANYBLOB="42000e0080000000ffffffffffff080211000000505050505050c0ff000000000000000064000aa80406000000000000060200003c0401fb28177606000000000600000008000c006400000008000d00000000000a0034000202020202020000080035000010000008007e"], 0x94}}, 0x0)
socket$unix(0x1, 0x1, 0x0)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r6, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000600)={0x2c, r7, 0x1, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_TX_RATES={0x10, 0x5a, 0x0, 0x1, [@NL80211_BAND_2GHZ={0xc, 0x0, 0x0, 0x1, [@NL80211_TXRATE_LEGACY={0x4}, @NL80211_TXRATE_HT={0x4}]}]}]}, 0x2c}}, 0x0)
close_range(r2, r0, 0x0)
ioctl$SNDRV_PCM_IOCTL_REWIND(r2, 0x40084146, &(0x7f0000000180)=0x4)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0xf0003, 0x0)
syz_usb_connect$cdc_ncm(0x1, 0x6e, &(0x7f0000000080)={{0x12, 0x1, 0x201, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5c, 0x2, 0x1, 0x7, 0x10, 0x6c, {{0x9, 0x4, 0x0, 0x0, 0x1, 0x2, 0xd, 0x0, 0x0, {{0x5}, {0x5, 0x24, 0x0, 0x8}, {0xd, 0x24, 0xf, 0x1, 0x2, 0x5, 0x9, 0xd6}, {0x6, 0x24, 0x1a, 0x4, 0x1a}, [@call_mgmt={0x0, 0x24, 0x1, 0x1, 0x23}]}, {{0x9, 0x5, 0x81, 0x3, 0x400, 0x0, 0x3, 0x47}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x2, 0x2, 0xd, 0x0, 0x0, "", {{{0x9, 0x5, 0x82, 0x2, 0x10, 0x8, 0x3, 0x9}}, {{0x9, 0x5, 0x3, 0x2, 0x8, 0x3, 0x1, 0x8}}}}}}}]}}, &(0x7f00000003c0)={0x0, 0x0, 0x1, &(0x7f0000000100)={0x5, 0xf, 0x5}, 0x3, [{0x0, 0x0}, {0x0, 0x0}, {0x0, 0x0}]})

4.732084507s ago: executing program 3 (id=1737):
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=@base={0x12, 0xc, 0x8, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)

3.411571285s ago: executing program 3 (id=1795):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$rxrpc(0x21, 0x2, 0x2)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_audit(0x10, 0x3, 0x9)
syz_io_uring_setup(0xd3f, &(0x7f0000000480), 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x5, &(0x7f0000000100))
ioprio_set$pid(0x1, 0x0, 0x0)
r0 = syz_open_dev$loop(&(0x7f00000001c0), 0x4000000000, 0x94b382)
r1 = memfd_create(0x0, 0x0)
pwritev(r1, 0x0, 0x0, 0x400, 0x0)
sendfile(r0, r0, 0x0, 0x24002de8)
socket$nl_route(0x10, 0x3, 0x0)
socket(0x10, 0x3, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r3 = dup(r2)
write$UHID_INPUT(r3, &(0x7f0000001040)={0xd, {"a2e3ad21ed6b0af99cfbf4c007f70eb4d04fe7ff7fc6e5539b0872fc8b546a1b4d09940f08900c878f0e1ac6e7049b4cb4956c409b3c2a0867f3988f7ef319520100ffe8d178708c523c921b1b0f5a0a169b50d336cd3b78130daa61d8f809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1010}}, 0x1b7)

2.602805021s ago: executing program 1 (id=1796):
prctl$PR_SET_ENDIAN(0x14, 0x1)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x71, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x12, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000004014deb5a02e5ebabf0095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback=0x3383e6d323cd54fc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe, @void, @value}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f0000003880)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c9f4cef7f9606056fe5c34664c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbcebddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cfd7c3a1d37a6ab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ed8dba2f23b01a9aeb980aff9fa3a64709270c701db801f44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af4c0eb97fca585ec6bf58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75055df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83766b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef3b7cda42013d53046da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b556381768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea2a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f76062adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b441233151122b41a8d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225c380fac12f8205d182f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd1f539bd43007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711d7219ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a26c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29754f928c59306ce105ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42ddd5f393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc05bea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efdb36b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800000000000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351ba332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d96ee1b84bb64b14aebc6b5194c55dd6890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b07838a3ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a139d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fcc49a729f11ab377f7132c543d29646a9378eea0761b7ed9d2172e33ed87c6513c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8dc0d472672286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8455029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a82a6ef09d0ed9829dec16ab67a4f59a504e09f55ab82bbd405087a17a229a149c53ee9145500db213cb36489a10957739e481a756e65bde579bbbfb404213f661eeaaffacbcfbfd60b1a715c366da2b37ac7e9e3033f8ec04db1c2412e02ccd0617d9fb646c4897750d068c936c3558a94b05d7c65c0d458c0d70d0aa864bc1e324d3f69b1b4061627da875a4b5c2668ab0990623fe6f3b54cd1c79da4baf256f88750c18486330589473e267fa44e220cf40db662b570c2a2fbba9a34a3dd7bbd8368fe506daa62b45797d4b397905a69e58eb436c08cc78963197adb1b16ad83a1a9b420e74c6bcdf1ed0b306141a83bf1268e954ad069257fbfaa1a7ea582badc1a7f2a5b0965f3535872d85c0bc3a233a3ea85df6a8ed76f0f803d54b7bef77d8ea71621f8a78dd17c3b58c5c7476ed6191acbb949e77f7cac81c543f7751e5e1000"/4545], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000000)={@fallback=r0, r0, 0x2f, 0x0, 0x0, @void, @value}, 0x20)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REQ_SET_REG(0xffffffffffffffff, &(0x7f00000003c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="1c010000", @ANYRES16=r2, @ANYBLOB="02002cbd7000fddbdf251b00000007002100288c0000050092000b000000080001005700000058002280140000800800070061ffffff080002000900000014000080080003000700000008000200000800002c000000080006000008000008000700000000020800010086810000080001002a0000008c0022801c000080080006000200000008000200df8e000008000600080000001c00008008e5070000000000080001000900000008000543eedaaa0a19d9007f0000001c000080080005000002000008000300fbffffff08000600020000001c00008008000600b5800000080001000002000008000300060000000c00008008000100010000000c00008008000500080000000400cc00856a1f7782af579741b129e4fdf4cee5b8100000000000000084b166405a587c0d2dc217890051e3a118b9915eac9e3500c8bf53192df45519716701820c9fd44a482ef4d1ba87ed7ef6dab6a4d72067859b8f7ff71a553a89c90f8786c63cf4878648c99c5f4fe2895179817234759c8c5ff9c33bfe04c915af26bd55474ca93b5975"], 0x11c}, 0x1, 0x0, 0x0, 0x1}, 0x20000080)
setsockopt$inet_tcp_buf(0xffffffffffffffff, 0x6, 0x1f, &(0x7f0000000340)="a6", 0x1)
setsockopt$inet_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, &(0x7f0000000240)={@in={{0x2, 0x4e24, @local}}, 0x0, 0x0, 0x11a, 0x0, "01fcffffff65bbeee896f374c77246d2056703c2b47dfa2de1d9c027116565299965c63b40a6e20df0c7ea4d62000800006764acd64f3119056d35c879947c7b4b7d92d3fa877cb4bc512d299e0135b8"}, 0xd8)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={0x54, 0x12, 0x301, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfffe}, 0xec0}, [@INET_DIAG_REQ_BYTECODE={0x8, 0x3, "11000000"}]}, 0x54}}, 0x0)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)
syz_usb_connect$cdc_ncm(0x0, 0xc3, &(0x7f00000004c0)=ANY=[@ANYBLOB="12010000020000202505a1a44000010203010902b1000201000000000006240600013b05240000000d240f010000000000000000ff0624"], 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r6=>0x0})
sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r5, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r6, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

2.306487821s ago: executing program 3 (id=1797):
getsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000100)={@remote, 0x0, 0x2}, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
bind$netlink(r0, &(0x7f0000000080)={0x10, 0x0, 0x0, 0xfffffffffffffffd}, 0xc)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r1}, 0x10)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600722, 0x19)
r2 = socket$inet6(0xa, 0x3, 0x11)
connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x0, 0x0, @empty}, 0x1c)
setsockopt$inet6_IPV6_XFRM_POLICY(r2, 0x29, 0x23, &(0x7f0000004480)={{{@in6=@empty, @in6=@mcast1, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x3c}, 0x2, @in, 0x0, 0x1}}, 0xe8)
sendmmsg(r2, &(0x7f0000000480), 0x21, 0x0)
r3 = syz_create_resource$binfmt(0x0)
openat$binfmt(0xffffff9c, r3, 0x41, 0x1ff)
execve(&(0x7f0000000080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
execve(&(0x7f0000001040)='./file0\x00', 0x0, &(0x7f0000000040)={[&(0x7f0000000080)='#! ']})

1.949018409s ago: executing program 0 (id=1798):
openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r0 = fsopen(&(0x7f0000000080)='bpf\x00', 0x0)
r1 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
setsockopt$llc_int(r1, 0x10c, 0x7, &(0x7f0000000000)=0xfffffff9, 0x4)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
socket(0x80000000000000a, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r4 = socket$inet6(0xa, 0x400000000001, 0x0)
bind$inet6(r4, &(0x7f0000fa0fe4)={0xa, 0x0, 0x0, @loopback={0xff00000000000000}}, 0x1c)
setsockopt$inet_buf(r3, 0x0, 0x8008000000010, &(0x7f00000000c0)="170000000200010000ffbe8c5ee17688a2003c000201000a000002a257fc5ad90200bb6a880000d6c8db000000df018002000000fc0607bdff59100ac45761547a681f009cee4a5acb3da400001fb700674f00c88ebbf9315033bf79ac2dfc060115003901000000000000ea000000000000000062068f5ee50ce5af9b1c568302ffff02ff030000ba000840024f0298e9e90539062a80e605007f71174aa951f3c63e5a1b47b63a6323ded2231454668492f9c681a6a9fc", 0xb8)
syz_emit_ethernet(0x0, 0x0, 0x0)
r5 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r5, &(0x7f00000002c0)={0xa, 0x4e22, 0x2, @private2, 0x8001}, 0x1c)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14}, [], {0x14, 0x10, 0x1, 0x0, 0x0, {0x0, 0x84}}}, 0x28}}, 0x0)
r6 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x11c2, 0x2208, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x2, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r0, 0x7, 0x0, 0x0, 0x0)
syz_usb_control_io$hid(r6, 0x0, 0x0)
syz_usb_control_io(r6, &(0x7f0000000240)={0x2c, &(0x7f0000000000)={0x0, 0x0, 0x5, {0x5, 0x0, "0716a7"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)

1.455586207s ago: executing program 3 (id=1799):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)="d8000000180081054e81f783db4cb9040a1d080006007c02e8fe55a10a0015000900000003600e1208000200000000000000000000c0ffff00000000035c0461c1d67f6f94007134cf6efb8000a007a290457f8a2bc9fe6609f951c7ceac3c2fb18000e5a7cef4090000001fb71b14d6d9302c11d9d314a093efe8efb9edd291b0cde24e22fe7c84877582ca9e00360db798262f3d40fad9e3bb9ad809d5e1cace0d8108b6a1802bed0bffece0b42a9ecbee5de6ccd4ac22fb414db0e1ffffffffc1c9b6278754ca397c388b0dd6e4edef3d930000000000", 0xd8}], 0x1}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3cf9ff00410edfa4f545f930cad52290b75e9810000100"/35, @ANYRES32=0x0, @ANYBLOB="00000000000000001400350070696d7265673000000000000000000008002e0000000000"], 0x3c}, 0x1, 0x4801000000000000}, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_DIRTYFB(r2, 0xc01864b1, &(0x7f0000000140)={0x0, 0x2, 0x6, 0x0, 0x0})

1.090369706s ago: executing program 4 (id=1743):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000640)=ANY=[@ANYBLOB="4c0000001000010400"/20, @ANYRES32=0x0, @ANYBLOB="00000000080000002c0012800b00010062726964676500001c00028005000700000000f5060006"], 0x4c}}, 0x0)

507.872372ms ago: executing program 3 (id=1800):
fcntl$setown(0xffffffffffffffff, 0x8, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$SYNC_IOC_MERGE(0xffffffffffffffff, 0xc0303e03, &(0x7f0000004680)={"b742ed9f0f9c498b02ae97fc3daf1e20cd949ae32bfcb8c8f1379be6d2e1ac4d", 0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f00000046c0)={0x2, "3ab73434669eab977f1cdb79007bd7f5864511234b8ea40b95c10ea1c4eda557", <r1=>0xffffffffffffffff})
ioctl$SYNC_IOC_MERGE(r0, 0xc0303e03, &(0x7f0000004700)={"d8c3c8f08d6c89978b559830aabf1df5ec33d269f3ce3e1017535910c944037a", r1})
creat(&(0x7f0000000000)='./file0\x00', 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000004740)=ANY=[@ANYBLOB="0a00000004000000080000000800000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB="000000000000000000000000000000000000000000000000000000006fb44a599cbf3535a6decd37974ac0302bd32205bd9d890900000000000000e80a0da18710def9e794ced82bad16dec9567d6ddba5906367f1283986e3b570e31f8aab14a1dd54603cfdefedab4955020617632b19c3387ee1c0c2f23c3d6ccd6d2054b24dd4532cf9603d95537fd70382ce10ddf788bd83e66cfdb53b36c94f5cda13a862eec7b71e67869d5fd798d05af93650d3ba79a74c581e05e00507a8a977924e29bbe09d06ab1f14b74258ecda0d06b1f119c4b3afe0553be5be38349657c785"], 0x48)
bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0b00000005000000020000000400000005000000", @ANYRES32, @ANYBLOB='\x00'/10, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001c40)={0x8, 0x3, &(0x7f0000001300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000001200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x0)
r5 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f00000003c0)={r2, r4}, 0x10)
bpf$ITER_CREATE(0x1d, &(0x7f0000000040)={r5, 0x7}, 0x8)
syz_mount_image$ocfs2(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000180)={[{@acl}, {@nointr}, {@atime_quantum={'atime_quantum', 0x3d, 0x7}}, {@localflocks}, {@localalloc={'localalloc', 0x3d, 0x3}}, {@localflocks}, {@intr}, {@heartbeat_none}]}, 0x1, 0x4430, &(0x7f0000000240)="$eJzs3c9PHNcdAPA3A67BtV1wfXClSl2pllq1FQKf2mKpGGNjsKkrt7aqXNYLrG2ShbVgiXLwgdws5RQphygHK5Fy42RxyNX5E3LJ0TlbSg65RIpkhWh3Z2FndldsEAux8/kcGOb9Zr8zb98chhcnKg+W1nJLa7nCSq68cG/tQu7tcml9uRjiQ9K2/2OH1z/d6cV1ctTX3i/ZzctX/3vnQgifL375Ynt7eztU9Ye2xpp+/+7bRwvNx4Y4U6fabvvWDsobIYSzLeOq6gsh/P+zEKIQwqUkbTI5DoYQToV63p1H793NHdBonj4vXsy/nHu8NX5+dvPJVue/PQrho9Lv/nZ/+es/9o1/9ZcD6h4AAAAAAAAAAAAAAAAAgFfc9K2bt/8zOhaeRaF/M2p9X3c6OXZ6P3b7wPyh938sAAAAAAAAAAAAAAAAAAAA/Eztvv+fi860ef9/KjlOdKi//a/ej5Hemfn3zakro2PJ/u9RS/7fk6RvLvWF4Tb7vmf3f7+Uqd9+//fWfvarMb5Gv0MhikdS53E8MhLCJ8nG7+eiE3GpvFb5673y+srigQ3jlZWOf333/lR0kg39u43/ZKb93u///9uWq6l6fvfgLrHXWjr+fR3Lffpu1FX8L2fqHUb82b90/PtraYPNBSbqE0A1/u/37x3/qUz7vYr/6RBCLqqONZeaAaprmGp6p/UKaen4H6ulpabO5IPsdP9/n4n/lUz7RzX/b2S/iGgrHf9f1dIGUiV27//heO/7/2qm/aOIf3X8G77/u5KO//F6Yn+qSO2T7Hb+n86036v4346TcZ6OUlfAZlRP7/T/6khLx3+gJX/3+S/uav13LVP/sJ7/Gv02nv8a0/+fo/rzH+2l4z/YsVy39/9Mpl6v5/+J2vqP/UrH/0QtLb12Hqr97Db+s5n2exX/2qpkoBH/3fnkh+P19I+t/7qSjv+v64lxc4mN2s/a+i/ae/1/PdP+Uaz/quPfiHvb6+siHf+THctV4/9FF9//NzL1muLfurg4IKPW+vuWjv+pjuVq9//A3vGfy9Tr9f3/p142DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPAKmEyOQyEaSp/H8chICJeT83PhRDRfWMzPl8oLb62FMJWk58KZ6H6pPF8o5ZdWyovFfKFUKi+EcCXJPxsGorVSuZJfLjy8utPWYPSgWFitzBcLlRDCdJL++3Cq0db8UmW58DCEcG0n7zdxefXhg8JKfnFp9Z+jo6OjYWZnDMNR8Z1KcaVS772eG8LsTt2hqGlwtezrO2M5Gb1ZXl9dKZRq6Tea6pTKC4VSU525JO+DMBxVVtdXFgqVYr5Uvt/o7yhNJMepmVv/u3VjrCX/blQ/Th7usAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4iZ6N/+PDEEJ//SwOIUw0fonalX/6vHgx/3Lu8db4+dnNJ1svOpUDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ed24EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsEvHKA0EURiA34yF2nkMq2W3s11RRAtXBE+gx/AwehQv4R1SpEibIgSSWQibXdgmqb6veTA/M+/BPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgHme3ruPt7qJSHG1uYz4+/pfHOYvpf7cj9+/OMOMnM7za/fwWDfl39NRfleOlm3epevV92eM1N7vYE+G+7TX97menGtq36bm6/veRMpVRLQlv005V9W8twAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALTtwIAAAAAAA5P/aCFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVXYgWMBAAAAAGH+1lH0bQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPArAAD//9kGHvg=")
syz_open_procfs(0x0, &(0x7f0000001080)='net/protocols\x00')
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r6 = syz_open_procfs(0x0, &(0x7f0000000300)='mounts\x00')
read$FUSE(r6, &(0x7f0000001340)={0x2020}, 0x2020)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000080)=<r7=>0x0, &(0x7f0000000100)=0x4)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000140), 0x8)
r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x6, 0x5, &(0x7f0000004880)=ANY=[@ANYRESDEC=r7, @ANYRES8=r0], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r7, @xdp=0x25, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r9 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000001200)={r8, 0x8, 0x0, 0x0, 0x0, 0x0, 0x800, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x42)
signalfd(0xffffffffffffffff, &(0x7f0000000600), 0x8)
futimesat(r9, 0x0, 0x0)

493.15304ms ago: executing program 4 (id=1801):
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
r0 = gettid()
process_vm_writev(r0, &(0x7f0000000300)=[{&(0x7f0000000940)=""/248, 0xf8}], 0x1, &(0x7f0000121000)=[{&(0x7f0000217f28)=""/227, 0xe3}], 0x1, 0x1000000)

0s ago: executing program 1 (id=1802):
r0 = socket(0x1, 0x2, 0x0)
setsockopt$sock_timeval(r0, 0x1, 0x14, &(0x7f0000000040)={0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r1, &(0x7f0000000180), &(0x7f00000000c0)=@tcp6=r0}, 0x20)
recvmsg(r0, &(0x7f0000003780)={0x0, 0x0, &(0x7f00000026c0)=[{&(0x7f0000001f00)=""/169, 0xa9}], 0x1}, 0x0)
r2 = socket(0x10, 0x3, 0x0)
ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(r2, 0x89f3, &(0x7f00000000c0)={'gre0\x00', &(0x7f0000000000)={'erspan0\x00', <r3=>0x0, 0x1, 0x40, 0x0, 0x2, {{0x27, 0x4, 0x2, 0xf, 0x9c, 0x67, 0x0, 0x9, 0x29, 0x0, @broadcast, @loopback, {[@timestamp_prespec={0x44, 0x4c, 0x1f, 0x3, 0x1, [{@empty, 0xee8}, {@private=0xa010102, 0x5b29}, {@rand_addr=0x64010100, 0x6}, {@local, 0x1ff}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0x9}, {@dev={0xac, 0x14, 0x14, 0x32}, 0x6}, {@initdev={0xac, 0x1e, 0x1, 0x0}, 0xcef9}, {@private=0xa010102, 0xfffffd16}, {@dev={0xac, 0x14, 0x14, 0x3e}, 0x5}]}, @noop, @timestamp_addr={0x44, 0x14, 0x7c, 0x1, 0x5, [{@loopback}, {@rand_addr=0x64010102, 0x6}]}, @rr={0x7, 0x27, 0xc4, [@loopback, @initdev={0xac, 0x1e, 0x1, 0x0}, @private=0xa010102, @empty, @private=0x4, @loopback, @multicast2, @empty, @multicast2]}]}}}}})
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file1\x00', 0x2010000, &(0x7f00000003c0)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d6d616363726f617469616e2c756e695f786c6174653d312c73686f77657465632c726f6469722c636f6447706167653d3933362c73686f72746e616d653d6d697865642c696f636861727365743d637039333625756e695f786c6174653d312c756e695f786c6174653d312c757466383da42c00"], 0x25, 0x344, &(0x7f0000000680)="$eJzs3U1oHOUbAPBnM0k2DfSfHP4geHH1JkhpAh70lFAqFHPQyuLXxcWmVbNrIYsrUch2L4pHxYugJ2896LFn8SDizYNXK0hVvNhbocWR3Znszn7ZRNjUj9/vsDw87/vM+8ww7E5C8u5LG7FzYSEu3rx5I5aWSjG/cWYjbpViNeYiicyV3usDAQD8O9xK0/gtzdx99gfLB9HijPsCAGan9/l/6eQgUb6X3QAAx+GQP/8/NTF7eWZtAQAzNPb5/9DQ8Miv+ef7fxMAAPxzPfP8C09ubkWcr1SWIhrvtqqtajw+GN+8GK9GPbbjdKzEnYjsQSF7Wui+PnFu6+zpStdPq1HtVrSqEY12q5o9KWwmvfpyrMVKrOb1ab8+6dav9eorEXGl3Vs/GqVWdSGW8/W/X47tWI+V+P9YfcS5rbPrlfwA1cZBfTuiE0sHJ9Ht/1SsxLcvx+Wox4Xo1g7631+rVM6kW0P1ravl3jwAAAAAAAAAAAAAAAAAAAAAAJiFU5W+1f7+N2mj3Xrn/OiE1aH9carZcL4/UCfbHygtH+zO814yuj/Q8P48rep8zN3TMwcAAAAAAAAAAAAAAAAAAIC/j+beYtTq9e3d5t5bO8WgXci8/vVnX554u9J4s1vRn/NaMqiK+exwQ8fJc1E4cjIoT/vlaTI0Jw+S4lpXr/U7Ls4p989irLwblMeGSnlPtXr95IM/fjyp6vdBJomxyzIclPL1C0ON/2WpP6maHqzfZc71NE2nle9/NF4VpYj5OHIbhwi+uvFKmqbpo73MF/mmDw8/svLs9Q8//WWnVo/80tTri7vNO+lfXisp3D+l/DqXJtwJk4POINPZbe7Vku9+fe7+978ZmZxMvn/SYuaN6Wt9PppZzIJum4c504UJN//k4MXb/bv36Bfzvk82atf2f/h5ZOjS0pSqwpvEXEQkM3n7AQAAAAAAAAAAAAAAAAAACgr/K34Ejz09u44AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4PgNvv+/EHTGMocJbrdjfKi8vducuviJYz1VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+w/4IAAD//1s9ejQ=")
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000480)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000850000005000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000002c0)='mmap_lock_acquire_returned\x00', r4}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prctl$PR_GET_TSC(0x43, &(0x7f0000000040))
prctl$PR_MCE_KILL(0x43, 0x0, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file3\x00', 0x0, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f0000000140)={'tunl0\x00', &(0x7f00000002c0)={'syztnl1\x00', <r5=>r3, 0x10, 0x8, 0x3, 0x3ff, {{0x49, 0x4, 0x0, 0x39, 0x124, 0x66, 0x0, 0x6, 0x0, 0x0, @dev={0xac, 0x14, 0x14, 0x29}, @rand_addr=0x64010100, {[@ra={0x94, 0x4}, @timestamp_prespec={0x44, 0x54, 0x7, 0x3, 0x4, [{@remote, 0x8}, {@multicast1, 0x4}, {@dev={0xac, 0x14, 0x14, 0x19}, 0x7f}, {@rand_addr=0x64010100, 0x3}, {@empty, 0x6}, {@empty}, {@multicast1, 0x9}, {@local, 0x4}, {@multicast2, 0x4}, {@empty}]}, @ra={0x94, 0x4, 0x1}, @cipso={0x86, 0x37, 0x2, [{0xe7561e336e2d5bd7, 0xb, "a89db95d5e75db05dd"}, {0x5, 0x11, "68e89a1f9bc6591f352a8f3e9b4abc"}, {0x0, 0xb, "fc2fb2e4d85388a1ae"}, {0x5, 0xa, "64085bbd379fa65f"}]}, @ssrr={0x89, 0xf, 0xfe, [@rand_addr=0x64010100, @private=0xa010101, @empty]}, @timestamp_addr={0x44, 0x24, 0x67, 0x1, 0x6, [{@local, 0x9}, {@broadcast, 0xd}, {@remote, 0xfffffffd}, {@local, 0x3}]}, @generic={0x44, 0x7, "b17b5826c8"}, @cipso={0x86, 0x40, 0x1, [{0x0, 0x9, "42a3bbf19eb9f4"}, {0x2, 0x8, "24e6d5068f6c"}, {0x1, 0x5, "4bb90c"}, {0x0, 0x9, "463558e20ea088"}, {0xf, 0x2}, {0xb, 0x10, "d57946257488f310157d2fd4336f"}, {0x5, 0x2}, {0x0, 0x7, "ce24b11f79"}]}]}}}}})
sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000100)=@bridge_newneigh={0x28, 0x1c, 0x20, 0x70bd2c, 0x25dfdbff, {0x1e, 0x0, 0x0, r5, 0x0, 0x8, 0x4}, [@NDA_LLADDR={0xffffffffffffff97, 0x2, @multicast}]}, 0x28}, 0x1, 0x0, 0x0, 0x48054}, 0x0)

kernel console output (not intermixed with test programs):

 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 bf 8e 02 00 48
[ 1006.544531][T10843] RSP: 002b:00007f5484859030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1006.553337][T10843] RAX: ffffffffffffffda RBX: 00007f5483b35f80 RCX: 00007f548397ca3c
[ 1006.561630][T10843] RDX: 000000000000000f RSI: 00007f54848590a0 RDI: 0000000000000004
[ 1006.569906][T10843] RBP: 00007f5484859090 R08: 0000000000000000 R09: 0000000000000000
[ 1006.578176][T10843] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1006.586450][T10843] R13: 0000000000000000 R14: 00007f5483b35f80 R15: 00007ffcf3b79bd8
[ 1006.594747][T10843]  </TASK>
[ 1006.665567][ T5253] usb 2-1: Using ep0 maxpacket: 32
[ 1006.713593][ T5253] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1006.754961][ T5253] usb 2-1: config 253 has an invalid interface number: 79 but max is 0
[ 1006.764021][ T5253] usb 2-1: config 253 has no interface number 0
[ 1006.770898][ T5253] usb 2-1: config 253 interface 79 altsetting 64 endpoint 0x3 has an invalid bInterval 98, changing to 10
[ 1006.786340][ T5253] usb 2-1: config 253 interface 79 has no altsetting 0
[ 1006.895715][ T5253] usb 2-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=58.16
[ 1006.905497][ T5253] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1006.914161][ T5253] usb 2-1: Product: syz
[ 1006.918613][ T5253] usb 2-1: Manufacturer: syz
[ 1006.923687][ T5253] usb 2-1: SerialNumber: syz
[ 1007.233130][ T5253] usb 2-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[ 1007.243034][ T3757] usb 2-1: Failed to submit usb control message: -71
[ 1007.251024][ T3757] usb 2-1: unable to send the bmi data to the device: -71
[ 1007.258497][ T3757] usb 2-1: unable to get target info from device
[ 1007.265735][ T3757] usb 2-1: could not get target info (-71)
[ 1007.269224][ T5253] usb 2-1: USB disconnect, device number 85
[ 1007.271897][ T3757] usb 2-1: could not probe fw (-71)
[ 1007.300766][T10775] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1007.373153][T10775] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1007.409228][T10775] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1007.456273][T10775] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1007.954374][T10861] syz_tun: entered promiscuous mode
[ 1007.960017][T10861] macsec1: entered promiscuous mode
[ 1007.966704][T10861] macsec1: entered allmulticast mode
[ 1007.972543][T10861] syz_tun: entered allmulticast mode
[ 1008.050395][T10861] syz_tun: left allmulticast mode
[ 1008.057141][T10861] syz_tun: left promiscuous mode
[ 1008.476914][T10852] loop2: detected capacity change from 0 to 4096
[ 1008.526918][T10852] ntfs3: Unknown parameter 'nohide_dot_files'
[ 1008.719994][ T3168] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1008.927847][ T3168] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1009.051339][   T44] usb 4-1: new high-speed USB device number 79 using dummy_hcd
[ 1009.200932][ T3584] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1009.209069][ T3584] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1009.310117][ T3168] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1009.324842][   T44] usb 4-1: Using ep0 maxpacket: 32
[ 1009.427297][ T3143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1009.438884][ T3143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1009.577527][ T3168] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1009.581918][   T44] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1009.597832][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1009.606349][   T44] usb 4-1: Product: syz
[ 1009.610954][   T44] usb 4-1: Manufacturer: syz
[ 1009.615877][   T44] usb 4-1: SerialNumber: syz
[ 1009.677474][   T44] usb 4-1: config 0 descriptor??
[ 1009.975302][T10775] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1010.039943][T10775] 8021q: adding VLAN 0 to HW filter on device team0
[ 1010.158725][ T3621] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1010.166614][ T3621] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1010.198153][   T44] airspy 4-1:0.0: usb_control_msg() failed -71 request 0a
[ 1010.209171][   T44] airspy 4-1:0.0: Could not detect board
[ 1010.215798][   T44] airspy 4-1:0.0: probe with driver airspy failed with error -71
[ 1010.232373][ T3168] bridge_slave_1: left allmulticast mode
[ 1010.238361][ T3168] bridge_slave_1: left promiscuous mode
[ 1010.246323][ T3168] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1010.287109][   T44] usb 4-1: USB disconnect, device number 79
[ 1010.328413][ T3168] bridge_slave_0: left allmulticast mode
[ 1010.334734][ T3168] bridge_slave_0: left promiscuous mode
[ 1010.341858][ T3168] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1010.759836][ T5206] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1010.823869][ T5206] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1010.840923][ T5206] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1010.856721][ T5206] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1010.875084][ T5206] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1010.895055][ T5206] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1011.154207][ T3168] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1011.219460][ T3168] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1011.269100][ T3168] bond0 (unregistering): Released all slaves
[ 1011.601741][   T59] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1011.609662][   T59] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1011.650434][T10875] dummy0: entered promiscuous mode
[ 1011.703748][T10875] dummy0: left promiscuous mode
[ 1012.409010][ T3168] hsr_slave_0: left promiscuous mode
[ 1012.446030][ T3168] hsr_slave_1: left promiscuous mode
[ 1012.493054][ T3168] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1012.501315][ T3168] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1012.522773][ T3168] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1012.531409][ T3168] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1012.597827][ T3168] veth1_macvtap: left promiscuous mode
[ 1012.603967][ T3168] veth0_macvtap: left promiscuous mode
[ 1012.612155][ T3168] veth1_vlan: left promiscuous mode
[ 1012.617790][ T3168] veth0_vlan: left promiscuous mode
[ 1013.108701][ T5206] Bluetooth: hci2: command tx timeout
[ 1013.202352][   T44] usb 1-1: new high-speed USB device number 96 using dummy_hcd
[ 1013.395867][   T44] usb 1-1: Using ep0 maxpacket: 32
[ 1013.533880][   T44] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1013.547791][   T44] usb 1-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[ 1013.550108][ T3168] team0 (unregistering): Port device team_slave_1 removed
[ 1013.609391][   T44] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1013.610030][ T3168] team0 (unregistering): Port device team_slave_0 removed
[ 1013.619159][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1013.636181][   T44] usb 1-1: Product: syz
[ 1013.641174][   T44] usb 1-1: Manufacturer: syz
[ 1013.648556][   T44] usb 1-1: SerialNumber: syz
[ 1013.964539][   T10] usb 4-1: new high-speed USB device number 80 using dummy_hcd
[ 1014.077060][ T8832] usb 1-1: USB disconnect, device number 96
[ 1014.228819][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1014.240465][   T10] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1014.252429][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1014.268764][   T10] usb 4-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1014.279170][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1014.530352][   T10] usb 4-1: config 0 descriptor??
[ 1015.042423][   T10] betop 0003:11C2:2208.0041: item fetching failed at offset 2/5
[ 1015.117108][   T10] betop 0003:11C2:2208.0041: parse failed
[ 1015.124038][   T10] betop 0003:11C2:2208.0041: probe with driver betop failed with error -22
[ 1015.161354][T10876] chnl_net:caif_netlink_parms(): no params data found
[ 1015.186726][ T5206] Bluetooth: hci2: command tx timeout
[ 1015.316617][   T44] usb 4-1: USB disconnect, device number 80
[ 1015.793436][ T5252] usb 1-1: new high-speed USB device number 97 using dummy_hcd
[ 1015.837899][T10907] FAULT_INJECTION: forcing a failure.
[ 1015.837899][T10907] name failslab, interval 1, probability 0, space 0, times 0
[ 1015.851813][T10907] CPU: 1 UID: 0 PID: 10907 Comm: syz.2.1520 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1015.862983][T10907] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1015.873340][T10907] Call Trace:
[ 1015.876848][T10907]  <TASK>
[ 1015.879998][T10907]  dump_stack_lvl+0x216/0x2d0
[ 1015.885041][T10907]  dump_stack+0x1e/0x30
[ 1015.889558][T10907]  should_fail_ex+0x748/0x7f0
[ 1015.894620][T10907]  should_failslab+0x17f/0x210
[ 1015.899803][T10907]  kmem_cache_alloc_noprof+0xe2/0xb20
[ 1015.905556][T10907]  ? skb_clone+0x303/0x550
[ 1015.910338][T10907]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1015.916487][T10907]  skb_clone+0x303/0x550
[ 1015.921093][T10907]  __netlink_deliver_tap+0x607/0xc90
[ 1015.926757][T10907]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1015.932904][T10907]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1015.938434][T10907]  netlink_unicast+0x1103/0x1260
[ 1015.943752][T10907]  netlink_sendmsg+0x10da/0x11e0
[ 1015.949078][T10907]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1015.954740][T10907]  ? __pfx_netlink_sendmsg+0x10/0x10
[ 1015.960411][T10907]  __sock_sendmsg+0x30f/0x380
[ 1015.965476][T10907]  ____sys_sendmsg+0x877/0xb60
[ 1015.970632][T10907]  ___sys_sendmsg+0x28d/0x3c0
[ 1015.975671][T10907]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1015.981223][T10907]  ? __rcu_read_unlock+0x7b/0xe0
[ 1015.986522][T10907]  ? __fget_files+0x4f5/0x5c0
[ 1015.991573][T10907]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1015.995945][T10775] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1015.997004][T10907]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1016.009990][T10907]  __x64_sys_sendmsg+0x300/0x4a0
[ 1016.015296][T10907]  ? perf_mmap+0x1100/0x28d0
[ 1016.020253][T10907]  x64_sys_call+0x2da0/0x3ba0
[ 1016.025302][T10907]  do_syscall_64+0xcd/0x1e0
[ 1016.030166][T10907]  ? clear_bhb_loop+0x25/0x80
[ 1016.035173][T10907]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1016.041471][T10907] RIP: 0033:0x7f548397dff9
[ 1016.046184][T10907] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1016.066200][T10907] RSP: 002b:00007f5484859038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1016.075016][T10907] RAX: ffffffffffffffda RBX: 00007f5483b35f80 RCX: 00007f548397dff9
[ 1016.083331][T10907] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000003
[ 1016.091728][T10907] RBP: 00007f5484859090 R08: 0000000000000000 R09: 0000000000000000
[ 1016.100228][T10907] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1016.108503][T10907] R13: 0000000000000000 R14: 00007f5483b35f80 R15: 00007ffcf3b79bd8
[ 1016.116950][T10907]  </TASK>
[ 1016.120272][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1016.370912][ T5252] usb 1-1: Using ep0 maxpacket: 8
[ 1016.401216][ T5252] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1016.415322][ T5252] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1016.427083][ T5252] usb 1-1: New USB device found, idVendor=0810, idProduct=0001, bcdDevice= 0.00
[ 1016.436637][ T5252] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1016.584199][ T5252] usb 1-1: config 0 descriptor??
[ 1016.894678][T10876] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1016.904346][T10876] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1016.914086][T10876] bridge_slave_0: entered allmulticast mode
[ 1016.928506][T10876] bridge_slave_0: entered promiscuous mode
[ 1017.154782][T10876] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1017.155341][T10876] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1017.156069][T10876] bridge_slave_1: entered allmulticast mode
[ 1017.159533][T10876] bridge_slave_1: entered promiscuous mode
[ 1017.268114][ T5206] Bluetooth: hci2: command tx timeout
[ 1017.377015][T10919] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1522'.
[ 1017.392968][T10919] vlan2: entered promiscuous mode
[ 1017.729687][T10876] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1017.786856][T10876] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1018.074836][T10876] team0: Port device team_slave_0 added
[ 1018.087006][T10876] team0: Port device team_slave_1 added
[ 1018.552422][T10927] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1523'.
[ 1018.642077][T10876] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1018.649632][T10876] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1018.681504][T10876] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1018.846184][T10775] veth0_vlan: entered promiscuous mode
[ 1018.911264][T10876] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1018.918551][T10876] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1018.945829][T10876] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1019.024025][T10775] veth1_vlan: entered promiscuous mode
[ 1019.219472][T10775] veth0_macvtap: entered promiscuous mode
[ 1019.343069][ T5202] Bluetooth: hci2: command tx timeout
[ 1019.527400][T10876] hsr_slave_0: entered promiscuous mode
[ 1019.553858][T10876] hsr_slave_1: entered promiscuous mode
[ 1019.597954][ T5252] usbhid 1-1:0.0: can't add hid device: -71
[ 1019.605634][ T5252] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[ 1019.617362][T10876] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1019.628767][T10876] Cannot create hsr debugfs directory
[ 1019.700776][ T5252] usb 1-1: USB disconnect, device number 97
[ 1019.756151][T10932] dummy0: entered promiscuous mode
[ 1019.775323][T10932] dummy0: left promiscuous mode
[ 1020.114195][T10775] veth1_macvtap: entered promiscuous mode
[ 1020.342147][T10940] netlink: 'syz.2.1527': attribute type 4 has an invalid length.
[ 1020.509447][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1020.520777][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.531557][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1020.542976][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.553306][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1020.564388][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.574670][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1020.585552][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.603117][T10775] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1020.646243][T10940] loop2: detected capacity change from 0 to 128
[ 1020.663975][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1020.674917][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.686778][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1020.697651][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.713404][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1020.725387][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.735745][T10775] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1020.746675][T10775] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1020.762812][T10775] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1020.785026][T10775] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1020.794619][T10775] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1020.805115][T10775] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1020.818557][T10775] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1020.998894][T10943] loop3: detected capacity change from 0 to 1024
[ 1021.056345][T10943] EXT4-fs: Ignoring removed bh option
[ 1021.067336][T10940] netlink: 'syz.2.1527': attribute type 17 has an invalid length.
[ 1021.252915][T10943] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a840c118, mo2=0002]
[ 1021.269461][T10943] System zones: 0-1, 3-12
[ 1021.304225][T10943] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1021.420992][ T5202] Bluetooth: hci2: command 0x0405 tx timeout
[ 1021.444982][   T29] audit: type=1804 audit(1728786294.467:75): pid=10943 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1529" name="/newroot/12/file1/bus" dev="loop3" ino=18 res=1 errno=0
[ 1021.772702][T10943] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1529'.
[ 1021.901459][T10943] team0 (unregistering): Port device team_slave_0 removed
[ 1021.934263][T10943] team0 (unregistering): Port device team_slave_1 removed
[ 1021.964115][T10954] netlink: 1260 bytes leftover after parsing attributes in process `syz.2.1530'.
[ 1022.286420][T10876] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1022.338665][T10876] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1022.414618][T10876] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1022.448503][T10876] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1022.466978][T10584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1023.075116][T10876] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1023.164449][T10876] 8021q: adding VLAN 0 to HW filter on device team0
[ 1023.202198][ T3143] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1023.209814][ T3143] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1023.280431][ T3143] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1023.288399][ T3143] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1024.199422][T10969] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1531'.
[ 1024.627264][   T10] usb 4-1: new low-speed USB device number 81 using dummy_hcd
[ 1025.076134][   T10] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1025.118451][   T10] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1025.129227][   T10] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1025.139121][   T10] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1025.178508][T10980] loop2: detected capacity change from 0 to 1024
[ 1025.273227][   T10] usb 4-1: string descriptor 0 read error: -22
[ 1025.280180][   T10] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1025.287538][T10876] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1025.290975][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1025.320339][T10974] loop0: detected capacity change from 0 to 1024
[ 1025.410213][   T10] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[ 1025.417801][   T10] cdc_ncm 4-1:1.0: bind() failure
[ 1025.616606][   T10] usb 4-1: USB disconnect, device number 81
[ 1025.868306][T10876] veth0_vlan: entered promiscuous mode
[ 1026.027470][T10876] veth1_vlan: entered promiscuous mode
[ 1026.375561][T10876] veth0_macvtap: entered promiscuous mode
[ 1026.435146][T10876] veth1_macvtap: entered promiscuous mode
[ 1026.665794][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.678726][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.690486][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.701564][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.711818][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.722802][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.733027][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.745017][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.758827][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1026.770989][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.795797][T10876] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1026.904376][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.917372][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.929324][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.940213][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.951810][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.966485][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.977849][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1026.988768][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1026.999058][T10876] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1027.009933][T10876] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1027.027315][T10876] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1027.100471][T10876] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1027.112927][T10876] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1027.122298][T10876] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1027.131737][T10876] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1027.183848][T10995] dummy0: entered promiscuous mode
[ 1027.277948][T10995] dummy0: left promiscuous mode
[ 1027.729994][T11003] netlink: 1260 bytes leftover after parsing attributes in process `syz.3.1540'.
[ 1027.835473][ T3143] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1027.843740][ T3143] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1028.073330][ T3143] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1028.081586][ T3143] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1028.850085][T11016] loop4: detected capacity change from 0 to 256
[ 1028.915470][T11016] exfat: Deprecated parameter 'namecase'
[ 1029.061731][ T5202] Bluetooth: hci0: command tx timeout
[ 1029.127599][T11016] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1029.460327][T11012] loop3: detected capacity change from 0 to 8
[ 1030.484454][T11037] dvmrp0: entered allmulticast mode
[ 1031.021326][ T5202] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[ 1031.030354][ T5202] Bluetooth: hci0: Injecting HCI hardware error event
[ 1031.038304][ T5202] Bluetooth: hci0: hardware error 0x00
[ 1031.425889][T11043] dummy0: entered promiscuous mode
[ 1031.521414][T11043] dummy0: left promiscuous mode
[ 1031.842627][T11046] netlink: 1260 bytes leftover after parsing attributes in process `syz.4.1551'.
[ 1032.965507][T11064] loop4: detected capacity change from 0 to 256
[ 1032.988839][T11064] exfat: Deprecated parameter 'namecase'
[ 1033.148553][ T5202] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[ 1033.315059][T11064] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1033.401074][ T8832] usb 3-1: new low-speed USB device number 79 using dummy_hcd
[ 1033.684965][ T4127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1033.693461][ T4127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1033.793424][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1033.802003][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1033.813402][ T8832] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1034.151414][ T8832] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1034.162264][ T8832] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1034.171955][ T8832] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1034.293133][ T8832] usb 3-1: string descriptor 0 read error: -22
[ 1034.300251][ T8832] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1034.310235][ T8832] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1034.411665][ T8832] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[ 1034.419072][ T8832] cdc_ncm 3-1:1.0: bind() failure
[ 1034.650269][   T10] usb 3-1: USB disconnect, device number 79
[ 1035.110820][ T7734] usb 5-1: new high-speed USB device number 96 using dummy_hcd
[ 1035.228256][T11089] loop1: detected capacity change from 0 to 64
[ 1035.303579][T11089] hfs: filesystem was not cleanly unmounted, running fsck.hfs is recommended.  mounting read-only.
[ 1035.363860][ T7734] usb 5-1: config 0 has no interfaces?
[ 1035.369838][ T7734] usb 5-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[ 1035.379661][ T7734] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1035.417581][ T7734] usb 5-1: config 0 descriptor??
[ 1035.894215][ T8832] usb 5-1: USB disconnect, device number 96
[ 1036.876179][T11099] loop4: detected capacity change from 0 to 256
[ 1036.887952][T11099] exfat: Deprecated parameter 'namecase'
[ 1036.960025][T11105] loop3: detected capacity change from 0 to 512
[ 1036.970935][T11105] EXT4-fs: Ignoring removed i_version option
[ 1036.977292][T11105] EXT4-fs: Ignoring removed nobh option
[ 1037.045512][T11105] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1037.142394][T11099] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1037.182282][T11105] EXT4-fs (loop3): 1 truncate cleaned up
[ 1037.191049][ T8832] usb 1-1: new high-speed USB device number 98 using dummy_hcd
[ 1037.191364][T11105] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1037.383992][ T8832] usb 1-1: config index 0 descriptor too short (expected 65316, got 36)
[ 1037.393634][ T8832] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1037.409005][ T8832] usb 1-1: config 0 has no interfaces?
[ 1037.416246][ T8832] usb 1-1: New USB device found, idVendor=04d5, idProduct=0001, bcdDevice= 0.00
[ 1037.425594][ T8832] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1037.550081][ T8832] usb 1-1: rejected 1 configuration due to insufficient available bus power
[ 1037.559837][ T8832] usb 1-1: no configuration chosen from 1 choice
[ 1037.952353][T10584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1038.888247][T11119] loop3: detected capacity change from 0 to 128
[ 1038.909961][T11119] omfs: Invalid superblock (7b3184f9)
[ 1039.150933][   T44] usb 2-1: new low-speed USB device number 86 using dummy_hcd
[ 1039.239831][T11132] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1575'.
[ 1039.361885][   T44] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1039.377100][   T44] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1039.388047][   T44] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1039.397736][   T44] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1039.483500][   T44] usb 2-1: string descriptor 0 read error: -22
[ 1039.491007][   T44] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1039.500695][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1039.511087][ T7734] usb 4-1: new high-speed USB device number 82 using dummy_hcd
[ 1039.563549][   T44] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[ 1039.571084][   T44] cdc_ncm 2-1:1.0: bind() failure
[ 1039.691347][ T7734] usb 4-1: Using ep0 maxpacket: 32
[ 1039.726371][ T7734] usb 4-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1039.736229][ T7734] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1039.745910][ T7734] usb 4-1: Product: syz
[ 1039.750387][ T7734] usb 4-1: Manufacturer: syz
[ 1039.758756][ T7734] usb 4-1: SerialNumber: syz
[ 1039.782794][   T44] usb 2-1: USB disconnect, device number 86
[ 1039.811084][ T7734] usb 4-1: config 0 descriptor??
[ 1039.918409][ T5253] usb 1-1: USB disconnect, device number 98
[ 1040.265544][ T7734] airspy 4-1:0.0: usb_control_msg() failed -71 request 0a
[ 1040.280388][ T7734] airspy 4-1:0.0: Could not detect board
[ 1040.288033][ T7734] airspy 4-1:0.0: probe with driver airspy failed with error -71
[ 1040.354543][ T7734] usb 4-1: USB disconnect, device number 82
[ 1040.565242][T11144] loop2: detected capacity change from 0 to 256
[ 1040.586127][T11144] exfat: Deprecated parameter 'namecase'
[ 1040.708730][T11144] exFAT-fs (loop2): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1041.065002][T11140] loop0: detected capacity change from 0 to 4096
[ 1041.168308][T11149] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1041.415472][T11153] loop2: detected capacity change from 0 to 512
[ 1041.448716][T11153] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1041.591070][ T5202] Bluetooth: hci3: command tx timeout
[ 1041.613852][T11153] EXT4-fs (loop2): 1 truncate cleaned up
[ 1041.621837][T11153] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1041.861379][T11159] loop3: detected capacity change from 0 to 128
[ 1041.973940][T11159] /dev/loop3: Can't open blockdev
[ 1042.390183][T10668] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1042.504428][T11167] loop0: detected capacity change from 0 to 128
[ 1042.629725][T11167] omfs: Invalid superblock (7b3184f9)
[ 1043.796052][T11185] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1044.693644][T11193] loop4: detected capacity change from 0 to 256
[ 1044.707898][T11193] exfat: Deprecated parameter 'namecase'
[ 1044.902634][T11190] loop0: detected capacity change from 0 to 1024
[ 1045.156276][T11190] EXT4-fs: Ignoring removed orlov option
[ 1045.162882][T11190] EXT4-fs: Ignoring removed orlov option
[ 1045.336149][T11193] exFAT-fs (loop4): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1045.624017][T11190] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1045.796897][T11207] dvmrp0: left allmulticast mode
[ 1046.724294][T11215] loop2: detected capacity change from 0 to 512
[ 1046.726946][T11215] EXT4-fs: Ignoring removed bh option
[ 1046.748013][T11215] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[ 1046.839807][T11215] EXT4-fs (loop2): 1 truncate cleaned up
[ 1046.841993][T11215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1046.944803][ T5206] Bluetooth: hci2: command 0x0405 tx timeout
[ 1047.350891][T11220] loop2: detected capacity change from 512 to 64
[ 1047.387957][T11224] EXT4-fs error (device loop2): ext4_free_branches:1036: inode #19: block 36: comm syz.2.1596: Read failure
[ 1047.464571][T11226] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1598'.
[ 1047.542123][ T7734] usb 5-1: new low-speed USB device number 97 using dummy_hcd
[ 1047.764425][ T7734] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1047.774903][ T7734] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1047.775074][ T7734] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1047.775256][ T7734] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1047.932948][ T7734] usb 5-1: string descriptor 0 read error: -22
[ 1047.933526][ T7734] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1047.933699][ T7734] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1048.014758][ T7734] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1048.015001][ T7734] cdc_ncm 5-1:1.0: bind() failure
[ 1048.044567][T10719] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1048.206420][T10668] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1048.239430][   T44] usb 5-1: USB disconnect, device number 97
[ 1048.558190][ T7734] usb 2-1: new high-speed USB device number 87 using dummy_hcd
[ 1048.627837][T11230] loop2: detected capacity change from 0 to 1024
[ 1048.761209][ T7734] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1048.775616][ T7734] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1048.786875][ T7734] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1048.800409][ T7734] usb 2-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1048.810078][ T7734] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1048.834730][T11230] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1048.852063][ T7734] usb 2-1: config 0 descriptor??
[ 1048.983526][   T29] audit: type=1800 audit(1728786321.997:76): pid=11230 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1600" name="bus" dev="loop2" ino=18 res=0 errno=0
[ 1049.271638][T11230] loop2: detected capacity change from 1024 to 0
[ 1049.293523][ T7734] betop 0003:11C2:2208.0042: item fetching failed at offset 2/5
[ 1049.326532][ T7734] betop 0003:11C2:2208.0042: parse failed
[ 1049.334023][ T7734] betop 0003:11C2:2208.0042: probe with driver betop failed with error -22
[ 1049.475370][T10668] bio_check_eod: 6 callbacks suppressed
[ 1049.475456][T10668] syz-executor: attempt to access beyond end of device
[ 1049.475456][T10668] loop2: rw=12288, sector=32, nr_sectors = 2 limit=0
[ 1049.502868][T10668] syz-executor: attempt to access beyond end of device
[ 1049.502868][T10668] loop2: rw=524288, sector=12, nr_sectors = 2 limit=0
[ 1049.520838][T10668] syz-executor: attempt to access beyond end of device
[ 1049.520838][T10668] loop2: rw=524288, sector=14, nr_sectors = 2 limit=0
[ 1049.537438][T10668] syz-executor: attempt to access beyond end of device
[ 1049.537438][T10668] loop2: rw=524288, sector=16, nr_sectors = 2 limit=0
[ 1049.557992][T10668] syz-executor: attempt to access beyond end of device
[ 1049.557992][T10668] loop2: rw=524288, sector=18, nr_sectors = 2 limit=0
[ 1049.575200][T10668] syz-executor: attempt to access beyond end of device
[ 1049.575200][T10668] loop2: rw=524288, sector=20, nr_sectors = 2 limit=0
[ 1049.597387][T10668] syz-executor: attempt to access beyond end of device
[ 1049.597387][T10668] loop2: rw=524288, sector=22, nr_sectors = 2 limit=0
[ 1049.614363][T10668] syz-executor: attempt to access beyond end of device
[ 1049.614363][T10668] loop2: rw=524288, sector=24, nr_sectors = 2 limit=0
[ 1049.628416][T10668] syz-executor: attempt to access beyond end of device
[ 1049.628416][T10668] loop2: rw=524288, sector=26, nr_sectors = 2 limit=0
[ 1049.636050][ T7734] usb 2-1: USB disconnect, device number 87
[ 1049.642524][T10668] syz-executor: attempt to access beyond end of device
[ 1049.642524][T10668] loop2: rw=12288, sector=10, nr_sectors = 2 limit=0
[ 1049.642712][T10668] EXT4-fs error (device loop2): ext4_get_inode_loc:4541: inode #2: block 5: comm syz-executor: unable to read itable block
[ 1049.676296][T10668] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[ 1049.686316][T10668] EXT4-fs (loop2): I/O error while writing superblock
[ 1049.700783][T10668] EXT4-fs error (device loop2) in ext4_reserve_inode_write:5780: IO failure
[ 1049.709842][T10668] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[ 1049.721199][T10668] EXT4-fs (loop2): I/O error while writing superblock
[ 1049.728269][T10668] EXT4-fs error (device loop2): ext4_dirty_inode:5984: inode #2: comm syz-executor: mark_inode_dirty error
[ 1049.740299][T10668] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[ 1049.749014][T10668] EXT4-fs (loop2): I/O error while writing superblock
[ 1050.150834][ T3757] EXT4-fs error (device loop2): __ext4_get_inode_loc_noinmem:4526: inode #2: block 5: comm kworker/u8:28: unable to read itable block
[ 1050.165253][ T3757] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[ 1050.174639][ T3757] EXT4-fs (loop2): I/O error while writing superblock
[ 1050.222630][T10914] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1050.368054][T10914] Buffer I/O error on dev loop2, logical block 1, lost sync page write
[ 1050.376856][T10914] EXT4-fs (loop2): I/O error while writing superblock
[ 1050.426784][T11233] Buffer I/O error on dev loop2, logical block 64, lost sync page write
[ 1050.853846][ T3757] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.095959][ T3757] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.281626][   T29] audit: type=1400 audit(1728786324.317:77): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3A2F2F2612DDB3A890 pid=11252 comm="syz.4.1609"
[ 1051.373021][ T3757] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1051.425361][T11253] loop4: detected capacity change from 0 to 256
[ 1051.458516][T11253] exfat: Unknown parameter 'pcr'
[ 1051.562377][ T3757] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1052.031652][ T3757] bridge_slave_1: left allmulticast mode
[ 1052.039280][ T3757] bridge_slave_1: left promiscuous mode
[ 1052.050019][ T3757] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1052.101633][ T3757] bridge_slave_0: left allmulticast mode
[ 1052.107665][ T3757] bridge_slave_0: left promiscuous mode
[ 1052.114351][ T3757] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1052.802460][ T3757] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1052.871106][ T3757] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1052.899690][ T3757] bond0 (unregistering): Released all slaves
[ 1053.544392][ T5202] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1053.554352][ T5202] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1053.566356][ T5202] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1053.593421][ T5202] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1053.605460][ T5202] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1053.617596][ T5202] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1053.952179][T11268] dummy0: entered promiscuous mode
[ 1054.026902][T11268] dummy0: left promiscuous mode
[ 1054.060454][T11267] loop0: detected capacity change from 0 to 128
[ 1054.290310][ T3757] hsr_slave_0: left promiscuous mode
[ 1054.337319][ T3757] hsr_slave_1: left promiscuous mode
[ 1054.360421][ T3757] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1054.368621][ T3757] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1054.388827][   T10] usb 4-1: new high-speed USB device number 83 using dummy_hcd
[ 1054.415825][T11276] loop4: detected capacity change from 0 to 64
[ 1054.426500][ T3757] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1054.434880][ T3757] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1054.469659][ T3757] veth1_macvtap: left promiscuous mode
[ 1054.476182][ T3757] veth0_macvtap: left promiscuous mode
[ 1054.482514][ T3757] veth1_vlan: left promiscuous mode
[ 1054.488175][ T3757] veth0_vlan: left promiscuous mode
[ 1054.493094][T11276] FAULT_INJECTION: forcing a failure.
[ 1054.493094][T11276] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1054.512555][T11276] CPU: 1 UID: 0 PID: 11276 Comm: syz.4.1617 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1054.523713][T11276] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1054.534069][T11276] Call Trace:
[ 1054.537585][T11276]  <TASK>
[ 1054.540759][T11276]  dump_stack_lvl+0x216/0x2d0
[ 1054.545792][T11276]  dump_stack+0x1e/0x30
[ 1054.550302][T11276]  should_fail_ex+0x748/0x7f0
[ 1054.555299][T11276]  should_fail+0x2a/0x40
[ 1054.559887][T11276]  should_fail_usercopy+0x2e/0x40
[ 1054.565317][T11276]  _copy_from_user+0x33/0x160
[ 1054.570405][T11276]  __sys_bind+0x25c/0x690
[ 1054.575031][T11276]  ? fput+0x286/0x320
[ 1054.579269][T11276]  ? ksys_write+0x405/0x4c0
[ 1054.584133][T11276]  ? ksys_write+0x416/0x4c0
[ 1054.589009][T11276]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1054.589030][   T10] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1054.589195][T11276]  __x64_sys_bind+0x91/0xe0
[ 1054.596022][   T10] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1054.604651][T11276]  x64_sys_call+0x252d/0x3ba0
[ 1054.604868][T11276]  do_syscall_64+0xcd/0x1e0
[ 1054.605054][T11276]  ? clear_bhb_loop+0x25/0x80
[ 1054.605217][T11276]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1054.605452][T11276] RIP: 0033:0x7f88c3b7dff9
[ 1054.605578][T11276] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1054.605741][T11276] RSP: 002b:00007f88c48e3038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[ 1054.605906][T11276] RAX: ffffffffffffffda RBX: 00007f88c3d35f80 RCX: 00007f88c3b7dff9
[ 1054.606034][T11276] RDX: 0000000000000074 RSI: 0000000020000000 RDI: 0000000000000006
[ 1054.606145][T11276] RBP: 00007f88c48e3090 R08: 0000000000000000 R09: 0000000000000000
[ 1054.606261][T11276] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1054.606369][T11276] R13: 0000000000000000 R14: 00007f88c3d35f80 R15: 00007fffe21b7bc8
[ 1054.606508][T11276]  </TASK>
[ 1054.732073][   T10] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1054.741610][   T10] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1054.973515][   T10] usb 4-1: config 0 descriptor??
[ 1055.004080][   T10] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1055.724874][ T3757] team0 (unregistering): Port device team_slave_1 removed
[ 1055.752409][ T5202] Bluetooth: hci5: command tx timeout
[ 1055.778060][ T3757] team0 (unregistering): Port device team_slave_0 removed
[ 1055.784991][ T5202] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[ 1056.063836][   T10] usb 5-1: new high-speed USB device number 98 using dummy_hcd
[ 1056.174772][T11283] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1618'.
[ 1056.349706][   T10] usb 5-1: Using ep0 maxpacket: 8
[ 1056.416022][   T10] usb 5-1: config 1 has an invalid interface number: 128 but max is 1
[ 1056.424889][   T10] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1056.436840][   T10] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1056.447074][   T10] usb 5-1: config 1 has no interface number 0
[ 1056.456627][   T10] usb 5-1: config 1 interface 128 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1056.469144][   T10] usb 5-1: config 1 interface 128 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1056.506627][   T10] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1056.516466][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1056.525142][   T10] usb 5-1: Product: syz
[ 1056.529597][   T10] usb 5-1: Manufacturer: syz
[ 1056.534750][   T10] usb 5-1: SerialNumber: syz
[ 1056.725238][   T10] cdc_wdm 5-1:1.128: skipping garbage
[ 1056.896020][   T10] cdc_wdm 5-1:1.128: cdc-wdm0: USB WDM device
[ 1056.903126][   T10] cdc_wdm 5-1:1.128: Unknown control protocol
[ 1057.236941][ T5253] usb 5-1: USB disconnect, device number 98
[ 1057.631785][T11262] chnl_net:caif_netlink_parms(): no params data found
[ 1057.743472][ T8832] usb 4-1: USB disconnect, device number 83
[ 1057.821905][ T5206] Bluetooth: hci5: command tx timeout
[ 1058.211655][T11312] dummy0: entered promiscuous mode
[ 1058.234728][T11314] netlink: 277 bytes leftover after parsing attributes in process `syz.0.1627'.
[ 1058.411993][T11312] dummy0: left promiscuous mode
[ 1058.697580][   T10] usb 1-1: new high-speed USB device number 99 using dummy_hcd
[ 1058.927087][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1058.938721][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1058.952850][   T10] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1058.962750][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1059.106948][ T5206] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1059.124512][   T10] usb 1-1: config 0 descriptor??
[ 1059.145377][   T10] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1059.335570][T11262] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1059.343756][T11262] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1059.352049][T11262] bridge_slave_0: entered allmulticast mode
[ 1059.361845][T11262] bridge_slave_0: entered promiscuous mode
[ 1059.410159][T11262] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1059.429622][T11262] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1059.438006][T11262] bridge_slave_1: entered allmulticast mode
[ 1059.446773][T11262] bridge_slave_1: entered promiscuous mode
[ 1059.568114][T11262] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1059.605641][T11262] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1059.833428][T11262] team0: Port device team_slave_0 added
[ 1059.871831][T11262] team0: Port device team_slave_1 added
[ 1059.900993][ T5206] Bluetooth: hci5: command tx timeout
[ 1060.130163][T11262] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1060.140839][T11262] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1060.169538][T11262] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1060.202418][T11262] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1060.209587][T11262] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1060.240127][T11262] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1060.715791][T11262] hsr_slave_0: entered promiscuous mode
[ 1060.822777][T11262] hsr_slave_1: entered promiscuous mode
[ 1060.842216][T11262] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1060.853482][T11262] Cannot create hsr debugfs directory
[ 1060.860833][   T44] usb 4-1: new high-speed USB device number 84 using dummy_hcd
[ 1061.047092][T11343] fuse: Bad value for 'fd'
[ 1061.112032][   T44] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1061.122837][   T44] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1061.136514][   T44] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1061.147110][   T44] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.257318][   T44] usb 4-1: config 0 descriptor??
[ 1061.298410][   T44] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1061.807065][   T10] usb 1-1: USB disconnect, device number 99
[ 1061.986674][ T5206] Bluetooth: hci5: command tx timeout
[ 1062.340974][   T44] usb 5-1: new low-speed USB device number 99 using dummy_hcd
[ 1062.390285][T11262] netdevsim netdevsim2 netdevsim0: renamed from eth0
[ 1062.413234][T11262] netdevsim netdevsim2 netdevsim1: renamed from eth1
[ 1062.445812][T11262] netdevsim netdevsim2 netdevsim2: renamed from eth2
[ 1062.486993][T11262] netdevsim netdevsim2 netdevsim3: renamed from eth3
[ 1062.500023][   T44] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1062.727001][   T44] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1062.727165][   T44] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1062.727344][   T44] usb 5-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1062.945729][   T44] usb 5-1: string descriptor 0 read error: -22
[ 1062.946295][   T44] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1062.946478][   T44] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1062.983015][   T44] cdc_ncm 5-1:1.0: CDC Union missing and no IAD found
[ 1062.983252][   T44] cdc_ncm 5-1:1.0: bind() failure
[ 1063.289281][T11262] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1063.305253][   T44] usb 5-1: USB disconnect, device number 99
[ 1063.355055][T11262] 8021q: adding VLAN 0 to HW filter on device team0
[ 1063.403896][ T3143] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1063.411765][ T3143] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1063.434262][ T3143] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1063.442309][ T3143] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1063.544292][ T5206] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[ 1063.716204][T11262] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1063.730375][T11262] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1063.868379][   T44] usb 4-1: USB disconnect, device number 84
[ 1064.188162][T11365] dvmrp1: entered allmulticast mode
[ 1064.314036][T11367] loop3: detected capacity change from 0 to 1024
[ 1064.421164][T11367] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1065.011542][T11262] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1065.289211][T11262] veth0_vlan: entered promiscuous mode
[ 1065.335589][T11262] veth1_vlan: entered promiscuous mode
[ 1065.763794][T11262] veth0_macvtap: entered promiscuous mode
[ 1065.791083][   T44] usb 2-1: new high-speed USB device number 88 using dummy_hcd
[ 1065.808117][T10584] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1065.950864][T11262] veth1_macvtap: entered promiscuous mode
[ 1066.063619][   T44] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1066.079367][   T44] usb 2-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1066.094502][   T44] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1066.104025][   T44] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1066.203693][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1066.215161][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.225814][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1066.236790][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.247007][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1066.258007][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.269093][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1066.284379][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.295634][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1066.308019][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.323598][T11262] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1066.376624][   T44] usb 2-1: config 0 descriptor??
[ 1066.445791][   T44] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1066.535425][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.546296][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.556678][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.567447][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.578809][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.593355][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.604629][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.615643][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.625818][T11262] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1066.636614][T11262] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1066.651528][T11262] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1066.727892][T11262] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.737198][T11262] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.746971][T11262] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1066.756842][T11262] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1067.171028][   T10] usb 5-1: new high-speed USB device number 100 using dummy_hcd
[ 1067.331000][   T10] usb 5-1: Using ep0 maxpacket: 8
[ 1067.407814][   T10] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[ 1067.417820][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1067.426475][   T10] usb 5-1: Product: syz
[ 1067.431203][   T10] usb 5-1: Manufacturer: syz
[ 1067.436311][   T10] usb 5-1: SerialNumber: syz
[ 1067.488496][   T10] usb 5-1: config 0 descriptor??
[ 1067.641283][ T7734] usb 4-1: new high-speed USB device number 85 using dummy_hcd
[ 1067.722551][   T10] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[ 1067.834038][ T7734] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1067.845747][ T7734] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1067.859580][ T7734] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1067.869529][ T7734] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1067.987143][ T7734] usb 4-1: config 0 descriptor??
[ 1068.035176][ T7734] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[ 1069.701946][ T5253] usb 2-1: USB disconnect, device number 88
[ 1070.201545][   T10] dvb_usb_rtl28xxu 5-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -32
[ 1070.493750][ T8832] usb 5-1: USB disconnect, device number 100
[ 1070.661361][   T44] usb 4-1: USB disconnect, device number 85
[ 1070.985757][T11416] loop1: detected capacity change from 0 to 1024
[ 1071.145635][T11416] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1071.331440][T11428] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1656'.
[ 1071.431923][   T10] usb 5-1: new high-speed USB device number 101 using dummy_hcd
[ 1071.612531][   T10] usb 5-1: Using ep0 maxpacket: 16
[ 1071.636894][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[ 1071.691165][   T10] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[ 1071.701678][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1071.714088][   T10] usb 5-1: Product: syz
[ 1071.718554][   T10] usb 5-1: Manufacturer: syz
[ 1071.724683][   T10] usb 5-1: SerialNumber: syz
[ 1071.737072][T10876] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1071.798821][   T10] usb 5-1: config 0 descriptor??
[ 1071.822550][   T44] usb 1-1: new low-speed USB device number 100 using dummy_hcd
[ 1071.843892][   T10] em28xx 5-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[ 1071.854170][   T10] em28xx 5-1:0.0: DVB interface 0 found: bulk
[ 1072.451919][   T10] em28xx 5-1:0.0: unknown em28xx chip ID (0)
[ 1072.566396][   T44] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1072.579020][   T44] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1072.589977][   T44] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1072.600769][   T44] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1072.736308][   T44] usb 1-1: string descriptor 0 read error: -22
[ 1072.743424][   T44] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1072.753174][   T44] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1072.854247][   T44] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[ 1072.865603][   T44] cdc_ncm 1-1:1.0: bind() failure
[ 1073.260986][ T5206] Bluetooth: hci4: command tx timeout
[ 1073.309599][   T10] em28xx 5-1:0.0: board has no eeprom
[ 1073.582224][   T10] em28xx 5-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[ 1073.590382][   T10] em28xx 5-1:0.0: dvb set to bulk mode.
[ 1073.618923][ T5253] em28xx 5-1:0.0: Binding DVB extension
[ 1073.683497][   T10] usb 5-1: USB disconnect, device number 101
[ 1073.691581][   T10] em28xx 5-1:0.0: Disconnecting em28xx
[ 1073.802958][   T44] usb 2-1: new high-speed USB device number 89 using dummy_hcd
[ 1074.001582][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1074.009988][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1074.039643][ T5253] em28xx 5-1:0.0: Registering input extension
[ 1074.070078][ T4127] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1074.078593][ T4127] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1074.093884][   T10] em28xx 5-1:0.0: Closing input extension
[ 1074.104081][   T44] usb 2-1: Using ep0 maxpacket: 8
[ 1074.206516][   T10] em28xx 5-1:0.0: Freeing device
[ 1074.231701][   T44] usb 2-1: config 0 has no interfaces?
[ 1074.288250][   T44] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 1074.298644][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1074.307252][   T44] usb 2-1: Product: syz
[ 1074.311872][   T44] usb 2-1: Manufacturer: syz
[ 1074.316758][   T44] usb 2-1: SerialNumber: syz
[ 1074.476780][   T44] usb 2-1: config 0 descriptor??
[ 1074.527094][   T44] usb 1-1: USB disconnect, device number 100
[ 1074.711084][ T5206] Bluetooth: hci3: Ignoring HCI_Connection_Complete for existing connection
[ 1075.263265][ T5202] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[ 1075.272259][ T5202] Bluetooth: hci4: Injecting HCI hardware error event
[ 1075.281802][ T5202] Bluetooth: hci4: hardware error 0x00
[ 1075.476801][   T10] usb 1-1: new high-speed USB device number 101 using dummy_hcd
[ 1075.715839][   T10] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1075.727738][   T10] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1075.741335][   T10] usb 1-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1075.751047][   T10] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1075.771892][   T10] usb 1-1: config 0 descriptor??
[ 1075.805854][   T10] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1076.513887][   T44] usb 2-1: USB disconnect, device number 89
[ 1076.980999][   T10] usb 5-1: new high-speed USB device number 102 using dummy_hcd
[ 1077.065507][T11493] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1676'.
[ 1077.177655][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1077.191923][   T10] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1077.201592][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1077.231882][   T10] usb 5-1: config 0 descriptor??
[ 1077.255235][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1077.346882][ T5202] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[ 1077.369815][   T44] usb 4-1: new low-speed USB device number 86 using dummy_hcd
[ 1077.536794][   T44] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1077.549950][ T5252] usb 3-1: new high-speed USB device number 80 using dummy_hcd
[ 1077.572520][   T44] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1077.583257][   T44] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1077.592955][   T44] usb 4-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1077.650083][   T44] usb 4-1: string descriptor 0 read error: -22
[ 1077.657444][   T44] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1077.667299][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1077.691840][   T44] cdc_ncm 4-1:1.0: CDC Union missing and no IAD found
[ 1077.699014][   T44] cdc_ncm 4-1:1.0: bind() failure
[ 1077.800222][ T5252] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1077.812184][ T5252] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1077.822720][ T5252] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1077.836313][ T5252] usb 3-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1077.846956][ T5252] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1077.885003][ T5252] usb 3-1: config 0 descriptor??
[ 1077.916296][   T10] usb 4-1: USB disconnect, device number 86
[ 1077.987314][ T5202] Bluetooth: hci5: command tx timeout
[ 1078.346732][ T5252] betop 0003:11C2:2208.0043: item fetching failed at offset 2/5
[ 1078.370229][ T5252] betop 0003:11C2:2208.0043: parse failed
[ 1078.378703][ T5252] betop 0003:11C2:2208.0043: probe with driver betop failed with error -22
[ 1078.435160][ T8832] usb 1-1: USB disconnect, device number 101
[ 1078.530779][   T10] usb 3-1: USB disconnect, device number 80
[ 1078.755816][T11505] loop0: detected capacity change from 0 to 1024
[ 1078.857113][T11505] netlink: 'syz.0.1680': attribute type 10 has an invalid length.
[ 1078.895082][T11505] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1078.910094][T11505] bond0: (slave batadv0): Enslaving as an active interface with an up link
[ 1079.364298][T11505] infiniband syz1: set active
[ 1079.369381][T11505] infiniband syz1: added bond0
[ 1079.403851][T11505] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[ 1079.414152][T11505] infiniband syz1: Couldn't open port 1
[ 1079.503310][T11505] RDS/IB: syz1: added
[ 1079.507781][T11505] smc: adding ib device syz1 with port count 1
[ 1079.515754][T11505] smc:    ib device syz1 port 1 has pnetid SYZ2 (user defined)
[ 1079.990054][ T5202] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[ 1080.001124][ T5202] Bluetooth: hci5: Injecting HCI hardware error event
[ 1080.009692][ T5202] Bluetooth: hci5: hardware error 0x00
[ 1080.081493][ T5252] usb 5-1: USB disconnect, device number 102
[ 1080.380423][ T5206] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci3/hci3:0'
[ 1080.390779][ T5206] CPU: 1 UID: 0 PID: 5206 Comm: kworker/u9:6 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1080.402016][ T5206] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1080.412439][ T5206] Workqueue: hci3 hci_rx_work
[ 1080.417719][ T5206] Call Trace:
[ 1080.421404][ T5206]  <TASK>
[ 1080.424627][ T5206]  dump_stack_lvl+0x216/0x2d0
[ 1080.429733][ T5206]  dump_stack+0x1e/0x30
[ 1080.434295][ T5206]  sysfs_create_dir_ns+0x45f/0x4c0
[ 1080.439887][ T5206]  kobject_add_internal+0xfe7/0x1900
[ 1080.445830][ T5206]  kobject_add+0x28c/0x3c0
[ 1080.450659][ T5206]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1080.456201][ T5206]  device_add+0xa90/0x1ba0
[ 1080.460996][ T5206]  hci_conn_add_sysfs+0x161/0x2c0
[ 1080.466398][ T5206]  le_conn_complete_evt+0x1ae1/0x1fa0
[ 1080.472159][ T5206]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1080.477751][ T5206]  hci_le_enh_conn_complete_evt+0x15e/0x210
[ 1080.484097][ T5206]  hci_le_meta_evt+0x600/0x850
[ 1080.489282][ T5206]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1080.496142][ T5206]  hci_event_packet+0x11df/0x1c20
[ 1080.501553][ T5206]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1080.507287][ T5206]  hci_rx_work+0x9d1/0x11f0
[ 1080.512187][ T5206]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1080.518351][ T5206]  ? __pfx_hci_rx_work+0x10/0x10
[ 1080.523683][ T5206]  ? __pfx_hci_rx_work+0x10/0x10
[ 1080.529001][ T5206]  process_scheduled_works+0xae0/0x1c40
[ 1080.534974][ T5206]  worker_thread+0xea7/0x14f0
[ 1080.540040][ T5206]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1080.546218][ T5206]  kthread+0x3e2/0x540
[ 1080.550678][ T5206]  ? __pfx_worker_thread+0x10/0x10
[ 1080.556172][ T5206]  ? __pfx_kthread+0x10/0x10
[ 1080.561171][ T5206]  ret_from_fork+0x6d/0x90
[ 1080.565951][ T5206]  ? __pfx_kthread+0x10/0x10
[ 1080.570969][ T5206]  ret_from_fork_asm+0x1a/0x30
[ 1080.576129][ T5206]  </TASK>
[ 1080.587784][ T5206] kobject: kobject_add_internal failed for hci3:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1080.606307][ T5206] Bluetooth: hci3: failed to register connection device
[ 1082.074041][ T5202] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[ 1082.579683][   T59] hfsplus: b-tree write err: -5, ino 4
[ 1083.130081][T11528] loop1: detected capacity change from 0 to 128
[ 1083.202423][T11528] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1083.220897][ T5253] usb 3-1: new high-speed USB device number 81 using dummy_hcd
[ 1083.274291][T11528] ext4 filesystem being mounted at /26/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1083.309493][T11533] netlink: 'syz.3.1688': attribute type 3 has an invalid length.
[ 1083.390896][ T5253] usb 3-1: Using ep0 maxpacket: 16
[ 1083.453222][ T5253] usb 3-1: config index 0 descriptor too short (expected 59, got 36)
[ 1083.462056][ T5253] usb 3-1: config 1 has an invalid descriptor of length 13, skipping remainder of the config
[ 1083.524472][ T5253] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1083.534492][ T5253] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[ 1083.543138][ T5253] usb 3-1: SerialNumber: syz
[ 1083.565296][ T5202] Bluetooth: hci2: unexpected event for opcode 0x0c22
[ 1083.615965][ T5253] cdc_acm 3-1:1.0: Control and data interfaces are not separated!
[ 1083.624340][ T5253] cdc_acm 3-1:1.0: This needs exactly 3 endpoints
[ 1083.631443][ T5253] cdc_acm 3-1:1.0: probe with driver cdc_acm failed with error -22
[ 1083.758541][T10876] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1083.844759][   T10] usb 5-1: new high-speed USB device number 103 using dummy_hcd
[ 1083.977695][T11518] loop2: detected capacity change from 0 to 1024
[ 1084.038794][ T5253] usb 4-1: new high-speed USB device number 87 using dummy_hcd
[ 1084.080863][   T10] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1084.093584][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1084.109465][   T10] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1084.119447][   T10] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1084.152444][ T8832] usb 3-1: USB disconnect, device number 81
[ 1084.154587][T11545] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1693'.
[ 1084.188836][   T10] usb 5-1: config 0 descriptor??
[ 1084.226993][   T10] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1084.245235][ T5253] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1084.256922][ T5253] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1084.267322][ T5253] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1084.280890][ T5253] usb 4-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1084.291359][ T5253] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1084.341219][ T5253] usb 4-1: config 0 descriptor??
[ 1084.461347][ T7734] usb 1-1: new low-speed USB device number 102 using dummy_hcd
[ 1084.632365][ T5202] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci2/hci2:0'
[ 1084.642510][ T5202] CPU: 0 UID: 0 PID: 5202 Comm: kworker/u9:4 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1084.653838][ T5202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1084.664230][ T5202] Workqueue: hci2 hci_rx_work
[ 1084.669334][ T5202] Call Trace:
[ 1084.672849][ T5202]  <TASK>
[ 1084.676023][ T5202]  dump_stack_lvl+0x216/0x2d0
[ 1084.681089][ T5202]  dump_stack+0x1e/0x30
[ 1084.685705][ T5202]  sysfs_create_dir_ns+0x45f/0x4c0
[ 1084.691197][ T5202]  kobject_add_internal+0xfe7/0x1900
[ 1084.696904][ T5202]  kobject_add+0x28c/0x3c0
[ 1084.701730][ T5202]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1084.707302][ T5202]  device_add+0xa90/0x1ba0
[ 1084.712081][ T5202]  hci_conn_add_sysfs+0x161/0x2c0
[ 1084.717482][ T5202]  le_conn_complete_evt+0x1ae1/0x1fa0
[ 1084.723231][ T5202]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1084.728782][ T5202]  hci_le_enh_conn_complete_evt+0x15e/0x210
[ 1084.735208][ T5202]  hci_le_meta_evt+0x600/0x850
[ 1084.740371][ T5202]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[ 1084.747251][ T5202]  hci_event_packet+0x11df/0x1c20
[ 1084.752784][ T5202]  ? __pfx_hci_le_meta_evt+0x10/0x10
[ 1084.758517][ T5202]  hci_rx_work+0x9d1/0x11f0
[ 1084.763471][ T5202]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1084.769654][ T5202]  ? __pfx_hci_rx_work+0x10/0x10
[ 1084.775212][ T5202]  ? __pfx_hci_rx_work+0x10/0x10
[ 1084.780580][ T5202]  process_scheduled_works+0xae0/0x1c40
[ 1084.786569][ T5202]  worker_thread+0xea7/0x14f0
[ 1084.791673][ T5202]  kthread+0x3e2/0x540
[ 1084.796218][ T5202]  ? __pfx_worker_thread+0x10/0x10
[ 1084.801863][ T5202]  ? __pfx_kthread+0x10/0x10
[ 1084.807188][ T5202]  ret_from_fork+0x6d/0x90
[ 1084.812098][ T5202]  ? __pfx_kthread+0x10/0x10
[ 1084.817107][ T5202]  ret_from_fork_asm+0x1a/0x30
[ 1084.822374][ T5202]  </TASK>
[ 1084.829539][ T5202] kobject: kobject_add_internal failed for hci2:0 with -EEXIST, don't try to register things with the same name in the same directory.
[ 1084.844993][ T5202] Bluetooth: hci2: failed to register connection device
[ 1084.854555][ T5202] Bluetooth: hci2: unexpected event for opcode 0x0c24
[ 1084.881209][ T5253] betop 0003:11C2:2208.0044: item fetching failed at offset 2/5
[ 1084.894462][ T5253] betop 0003:11C2:2208.0044: parse failed
[ 1084.900936][ T5253] betop 0003:11C2:2208.0044: probe with driver betop failed with error -22
[ 1084.919046][ T7734] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1084.933938][ T7734] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1084.944834][ T7734] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1084.954314][ T7734] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1085.063139][ T7734] usb 1-1: string descriptor 0 read error: -22
[ 1085.070121][ T7734] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1085.080712][ T7734] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1085.135284][ T8832] usb 4-1: USB disconnect, device number 87
[ 1085.140227][ T7734] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[ 1085.148750][ T7734] cdc_ncm 1-1:1.0: bind() failure
[ 1085.286398][T11555] loop1: detected capacity change from 0 to 256
[ 1085.327125][T11555] vfat: Unknown parameter '›·—#‚!ēl'
[ 1085.363428][ T7734] usb 1-1: USB disconnect, device number 102
[ 1085.902099][ T5202] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[ 1085.911318][ T5202] Bluetooth: hci3: Injecting HCI hardware error event
[ 1085.919350][ T5202] Bluetooth: hci3: hardware error 0x00
[ 1086.844800][ T7734] usb 5-1: USB disconnect, device number 103
[ 1086.998264][ T5206] Bluetooth: hci2: command 0x0405 tx timeout
[ 1087.534884][ T5206] Bluetooth: hci2: Ignoring HCI_Connection_Complete for existing connection
[ 1087.613707][T10247] Bluetooth: hci2: unexpected event for opcode 0x0c24
[ 1087.735350][T11578] loop3: detected capacity change from 0 to 256
[ 1087.767152][T11586] loop4: detected capacity change from 0 to 1024
[ 1087.817821][T11578] exfat: Unknown parameter 'pcr'
[ 1088.019059][T11578] pim6reg: entered allmulticast mode
[ 1088.026227][T11590] vivid-000: disconnect
[ 1088.032332][ T5202] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[ 1088.102915][T11577] delete_channel: no stack
[ 1088.621140][ T5253] usb 1-1: new high-speed USB device number 103 using dummy_hcd
[ 1088.721063][ T7734] usb 2-1: new high-speed USB device number 90 using dummy_hcd
[ 1088.741165][ T5252] usb 3-1: new high-speed USB device number 82 using dummy_hcd
[ 1088.785843][ T5253] usb 1-1: Using ep0 maxpacket: 32
[ 1088.828408][ T5253] usb 1-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[ 1088.838200][ T5253] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1088.847018][ T5253] usb 1-1: Product: syz
[ 1088.851705][ T5253] usb 1-1: Manufacturer: syz
[ 1088.856600][ T5253] usb 1-1: SerialNumber: syz
[ 1088.863805][ T5202] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[ 1088.864004][ T5202] Bluetooth: hci2: Injecting HCI hardware error event
[ 1088.881575][ T5202] Bluetooth: hci2: hardware error 0x00
[ 1088.902035][ T7734] usb 2-1: Using ep0 maxpacket: 16
[ 1088.928380][ T5252] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1088.940935][ T5252] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1088.953994][ T5252] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1088.969020][ T5252] usb 3-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1088.979383][ T5252] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1088.983138][ T7734] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1088.998480][ T7734] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1089.008128][T11601] netlink: 5312 bytes leftover after parsing attributes in process `syz.4.1714'.
[ 1089.033057][ T5252] usb 3-1: config 0 descriptor??
[ 1089.092987][ T7734] usb 2-1: New USB device found, idVendor=006b, idProduct=0101, bcdDevice= 0.40
[ 1089.103831][ T7734] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1089.114944][ T7734] usb 2-1: Product: syz
[ 1089.119410][ T7734] usb 2-1: Manufacturer: syz
[ 1089.125140][ T7734] usb 2-1: SerialNumber: syz
[ 1089.137472][T10425] usb 4-1: new high-speed USB device number 88 using dummy_hcd
[ 1089.150460][T11602] loop4: detected capacity change from 0 to 64
[ 1089.164038][T11601] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1714'.
[ 1089.183530][ T5253] usb 1-1: config 0 descriptor??
[ 1089.331848][T10425] usb 4-1: Using ep0 maxpacket: 16
[ 1089.366521][T10425] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1089.485370][ T5252] betop 0003:11C2:2208.0045: item fetching failed at offset 2/5
[ 1089.496600][ T5253] airspy 1-1:0.0: usb_control_msg() failed -71 request 09
[ 1089.532294][ T5253] airspy 1-1:0.0: Could not detect board
[ 1089.538373][ T5252] betop 0003:11C2:2208.0045: parse failed
[ 1089.538576][ T5253] airspy 1-1:0.0: probe with driver airspy failed with error -71
[ 1089.546949][ T5252] betop 0003:11C2:2208.0045: probe with driver betop failed with error -22
[ 1089.559986][ T7734] usb 2-1: 0:2 : does not exist
[ 1089.585581][T10425] usb 4-1: New USB device found, idVendor=18d1, idProduct=1eaf, bcdDevice= 7.79
[ 1089.595320][T10425] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1089.603905][T10425] usb 4-1: Product: syz
[ 1089.608361][T10425] usb 4-1: Manufacturer: syz
[ 1089.614503][T10425] usb 4-1: SerialNumber: syz
[ 1089.624125][T11587] vivid-000: reconnect
[ 1089.644520][ T5253] usb 1-1: USB disconnect, device number 103
[ 1089.662736][ T7734] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1089.696992][ T5252] usb 3-1: USB disconnect, device number 82
[ 1089.703190][T10425] usb 4-1: config 0 descriptor??
[ 1089.784266][ T7734] usb 2-1: 5:0: cannot get min/max values for control 3 (id 5)
[ 1089.840384][ T7734] usb 2-1: USB disconnect, device number 90
[ 1089.986370][T11599] loop3: detected capacity change from 0 to 256
[ 1090.271851][T10425] usb 4-1: Cannot retrieve CPort count: -110
[ 1090.278420][T10425] usb 4-1: Cannot retrieve CPort count: -110
[ 1090.285205][T10425] es2_ap_driver 4-1:0.0: probe with driver es2_ap_driver failed with error -110
[ 1090.712124][   T10] usb 5-1: new high-speed USB device number 104 using dummy_hcd
[ 1090.869598][T10247] Bluetooth: hci2: unexpected event for opcode 0x0c24
[ 1090.910705][T11621] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1718'.
[ 1090.940929][ T5202] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[ 1090.951345][   T10] usb 5-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[ 1090.959950][ T5252] usb 4-1: USB disconnect, device number 88
[ 1090.965157][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1090.980157][   T10] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1090.990841][   T10] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[ 1091.070804][   T10] usb 5-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[ 1091.080956][   T10] usb 5-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[ 1091.089379][   T10] usb 5-1: Manufacturer: syz
[ 1091.194220][   T10] usb 5-1: config 0 descriptor??
[ 1091.339774][ T8832] usb 3-1: new low-speed USB device number 83 using dummy_hcd
[ 1091.477273][T11610] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[ 1091.516436][ T8832] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1091.552016][ T8832] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1091.563806][ T8832] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1091.573543][ T8832] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1091.867815][   T10] appleir 0003:05AC:8243.0046: unknown main item tag 0x0
[ 1091.896432][   T10] appleir 0003:05AC:8243.0046: No inputs registered, leaving
[ 1092.016472][   T10] appleir 0003:05AC:8243.0046: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[ 1093.196793][   T10] usb 5-1: USB disconnect, device number 104
[ 1095.301788][ T8832] usb 3-1: string descriptor 0 read error: -71
[ 1095.308763][ T8832] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1095.318513][ T8832] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1095.469930][ T8832] usb 3-1: can't set config #1, error -71
[ 1095.486643][ T8832] usb 3-1: USB disconnect, device number 83
[ 1096.353964][T11638] loop4: detected capacity change from 0 to 32768
[ 1097.006177][T11644] loop0: detected capacity change from 0 to 256
[ 1097.045589][T11644] exfat: Deprecated parameter 'namecase'
[ 1097.250417][T11644] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1098.611952][ T8832] usb 5-1: new high-speed USB device number 105 using dummy_hcd
[ 1098.780948][ T8832] usb 5-1: Using ep0 maxpacket: 32
[ 1098.822250][ T8832] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1098.833963][ T8832] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1098.847514][ T8832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1098.877506][ T8832] usb 5-1: config 0 descriptor??
[ 1098.912317][ T8832] hub 5-1:0.0: bad descriptor, ignoring hub
[ 1098.918744][ T8832] hub 5-1:0.0: probe with driver hub failed with error -5
[ 1098.936164][ T8832] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1099.241847][ T8832] usb 5-1: USB disconnect, device number 105
[ 1099.391002][ T5252] usb 2-1: new high-speed USB device number 91 using dummy_hcd
[ 1099.418028][T11665] netlink: 48 bytes leftover after parsing attributes in process `syz.0.1733'.
[ 1099.547055][T11665] loop0: detected capacity change from 0 to 1024
[ 1099.589761][ T5252] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1099.601552][ T5252] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1099.611967][ T5252] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1099.625627][ T5252] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1099.635258][ T5252] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1099.656297][ T8832] usb 5-1: new high-speed USB device number 106 using dummy_hcd
[ 1099.772227][ T5252] usb 2-1: config 0 descriptor??
[ 1100.074198][ T8832] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1100.085198][ T8832] usb 5-1: New USB device found, idVendor=0b48, idProduct=2003, bcdDevice= 0.40
[ 1100.095406][ T8832] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1100.185962][ T8832] usb 5-1: config 0 descriptor??
[ 1100.236225][ T8832] ttusbir 5-1:0.0: cannot find expected altsetting
[ 1100.248180][ T8832] usbhid 5-1:0.0: couldn't find an input interrupt endpoint
[ 1100.640911][ T5252] plantronics 0003:047F:FFFF.0047: unknown main item tag 0x0
[ 1100.697234][ T5252] plantronics 0003:047F:FFFF.0047: No inputs registered, leaving
[ 1100.823950][ T5252] plantronics 0003:047F:FFFF.0047: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[ 1100.852677][T11668] FAULT_INJECTION: forcing a failure.
[ 1100.852677][T11668] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1100.866415][T11668] CPU: 1 UID: 0 PID: 11668 Comm: syz.0.1734 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1100.877551][T11668] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1100.887904][T11668] Call Trace:
[ 1100.891412][T11668]  <TASK>
[ 1100.894568][T11668]  dump_stack_lvl+0x216/0x2d0
[ 1100.899648][T11668]  dump_stack+0x1e/0x30
[ 1100.904150][T11668]  should_fail_ex+0x748/0x7f0
[ 1100.909204][T11668]  should_fail+0x2a/0x40
[ 1100.913803][T11668]  should_fail_usercopy+0x2e/0x40
[ 1100.919199][T11668]  strncpy_from_user+0x39/0x540
[ 1100.924401][T11668]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1100.930553][T11668]  bpf_raw_tp_link_attach+0x1f5/0x900
[ 1100.936383][T11668]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1100.943132][T11668]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1100.949605][T11668]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1100.955152][T11668]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1100.961388][T11668]  bpf_raw_tracepoint_open+0x354/0x7d0
[ 1100.967220][T11668]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1100.973784][T11668]  __sys_bpf+0x5a6/0xd90
[ 1100.978536][T11668]  ? ksys_write+0x416/0x4c0
[ 1100.983412][T11668]  __x64_sys_bpf+0xa0/0xe0
[ 1100.988227][T11668]  x64_sys_call+0x2cce/0x3ba0
[ 1100.993285][T11668]  do_syscall_64+0xcd/0x1e0
[ 1100.998154][T11668]  ? clear_bhb_loop+0x25/0x80
[ 1101.003228][T11668]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1101.009547][T11668] RIP: 0033:0x7f1da0b7dff9
[ 1101.014360][T11668] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1101.034443][T11668] RSP: 002b:00007f1da1893038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1101.043246][T11668] RAX: ffffffffffffffda RBX: 00007f1da0d35f80 RCX: 00007f1da0b7dff9
[ 1101.051641][T11668] RDX: 0000000000000010 RSI: 0000000020000200 RDI: 0000000000000011
[ 1101.060367][T11668] RBP: 00007f1da1893090 R08: 0000000000000000 R09: 0000000000000000
[ 1101.068669][T11668] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1101.076977][T11668] R13: 0000000000000000 R14: 00007f1da0d35f80 R15: 00007fff72ea3ef8
[ 1101.085818][T11668]  </TASK>
[ 1101.164696][T11669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1101.205449][T11661] loop4: detected capacity change from 0 to 512
[ 1101.219276][T11661] EXT4-fs: Ignoring removed mblk_io_submit option
[ 1101.249382][T11661] EXT4-fs error (device loop4): ext4_xattr_ibody_find:2240: inode #12: comm syz.4.1731: corrupted in-inode xattr: invalid ea_ino
[ 1101.278376][T11669] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1101.568400][ T5252] usb 2-1: USB disconnect, device number 91
[ 1101.731883][T11674] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1735'.
[ 1102.207432][T11661] EXT4-fs error (device loop4): ext4_orphan_get:1393: comm syz.4.1731: couldn't read orphan inode 12 (err -117)
[ 1102.245069][T11661] EXT4-fs (loop4): mounted filesystem 00000005-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1102.508414][ T5252] usb 5-1: USB disconnect, device number 106
[ 1102.934344][T11679] loop1: detected capacity change from 0 to 256
[ 1103.093033][T10775] EXT4-fs (loop4): unmounting filesystem 00000005-0000-0000-0000-000000000000.
[ 1103.107995][T10425] usb 3-1: new low-speed USB device number 84 using dummy_hcd
[ 1103.189620][T10247] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[ 1103.199734][T10247] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[ 1103.210240][T10247] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[ 1103.225093][T10247] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[ 1103.239008][   T29] audit: type=1804 audit(1728786376.267:78): pid=11679 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1738" name="/newroot/40/file0/file1" dev="loop1" ino=1048832 res=1 errno=0
[ 1103.239132][T10247] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[ 1103.242125][T10247] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[ 1103.541371][T10425] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1103.602219][   T29] audit: type=1326 audit(1728786376.647:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032f37dff9 code=0x7ffc0000
[ 1103.641196][T10425] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1103.653209][T10425] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1103.664455][T10425] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1103.773838][ T4127] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1103.814257][   T29] audit: type=1326 audit(1728786376.827:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11678 comm="syz.1.1738" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f032f37dff9 code=0x7ffc0000
[ 1103.943571][T10425] usb 3-1: string descriptor 0 read error: -22
[ 1103.951810][T10425] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1103.963997][T10425] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1104.084370][T10425] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[ 1104.091852][T10425] cdc_ncm 3-1:1.0: bind() failure
[ 1104.291938][ T4127] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1104.348098][T11679] syz.1.1738 (11679) used greatest stack depth: 5024 bytes left
[ 1104.499884][ T4127] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1104.728739][ T4127] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1105.441972][T10247] Bluetooth: hci4: command tx timeout
[ 1105.691355][T10425] usb 3-1: USB disconnect, device number 84
[ 1105.751687][ T4127] bridge_slave_1: left allmulticast mode
[ 1105.757655][ T4127] bridge_slave_1: left promiscuous mode
[ 1105.764832][ T4127] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1105.782347][ T4127] bridge_slave_0: left allmulticast mode
[ 1105.788405][ T4127] bridge_slave_0: left promiscuous mode
[ 1105.796972][ T4127] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1106.272437][T11698] FAULT_INJECTION: forcing a failure.
[ 1106.272437][T11698] name failslab, interval 1, probability 0, space 0, times 0
[ 1106.285853][T11698] CPU: 1 UID: 0 PID: 11698 Comm: syz.2.1744 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1106.296985][T11698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1106.307304][T11698] Call Trace:
[ 1106.310825][T11698]  <TASK>
[ 1106.313990][T11698]  dump_stack_lvl+0x216/0x2d0
[ 1106.319251][T11698]  dump_stack+0x1e/0x30
[ 1106.323751][T11698]  should_fail_ex+0x748/0x7f0
[ 1106.328791][T11698]  should_failslab+0x17f/0x210
[ 1106.333870][T11698]  __kmalloc_noprof+0x175/0xf30
[ 1106.339074][T11698]  ? tomoyo_realpath_from_path+0x104/0xaa0
[ 1106.345265][T11698]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1106.350761][T11698]  tomoyo_realpath_from_path+0x104/0xaa0
[ 1106.356784][T11698]  ? __srcu_read_lock+0x76/0xd0
[ 1106.361979][T11698]  tomoyo_path_number_perm+0x1d9/0x8f0
[ 1106.367821][T11698]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1106.373362][T11698]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1106.378881][T11698]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1106.385285][T11698]  tomoyo_file_ioctl+0x3f/0x50
[ 1106.390388][T11698]  security_file_ioctl+0x145/0x590
[ 1106.395947][T11698]  __se_sys_ioctl+0xd3/0x450
[ 1106.400849][T11698]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1106.406981][T11698]  __x64_sys_ioctl+0x96/0xe0
[ 1106.411936][T11698]  x64_sys_call+0x18bf/0x3ba0
[ 1106.416960][T11698]  do_syscall_64+0xcd/0x1e0
[ 1106.421797][T11698]  ? clear_bhb_loop+0x25/0x80
[ 1106.426766][T11698]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1106.433013][T11698] RIP: 0033:0x7ff11597dff9
[ 1106.437738][T11698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1106.457724][T11698] RSP: 002b:00007ff11682c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1106.466489][T11698] RAX: ffffffffffffffda RBX: 00007ff115b35f80 RCX: 00007ff11597dff9
[ 1106.474741][T11698] RDX: 0000000000000000 RSI: 0000000080045439 RDI: 0000000000000003
[ 1106.483156][T11698] RBP: 00007ff11682c090 R08: 0000000000000000 R09: 0000000000000000
[ 1106.491419][T11698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1106.499689][T11698] R13: 0000000000000000 R14: 00007ff115b35f80 R15: 00007ffc55fef738
[ 1106.507993][T11698]  </TASK>
[ 1106.520882][T11698] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1106.869820][ T5202] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1106.938633][ T5202] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1106.954096][ T5202] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1106.969764][ T5202] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1106.993778][ T5202] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[ 1107.006160][ T5202] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1107.072306][ T4127] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1107.131121][ T4127] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1107.151979][ T4127] bond0 (unregistering): Released all slaves
[ 1107.526200][T10247] Bluetooth: hci4: command tx timeout
[ 1107.846156][T11680] chnl_net:caif_netlink_parms(): no params data found
[ 1109.154046][T10247] Bluetooth: hci3: command tx timeout
[ 1109.462200][ T4127] hsr_slave_0: left promiscuous mode
[ 1109.498588][ T4127] hsr_slave_1: left promiscuous mode
[ 1109.522920][ T4127] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1109.531350][ T4127] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1109.561586][ T4127] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1109.569684][ T4127] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1109.589876][T10247] Bluetooth: hci4: command tx timeout
[ 1109.658414][ T4127] veth1_macvtap: left promiscuous mode
[ 1109.664926][ T4127] veth0_macvtap: left promiscuous mode
[ 1109.671112][ T4127] veth1_vlan: left promiscuous mode
[ 1109.676823][ T4127] veth0_vlan: left promiscuous mode
[ 1110.296143][T11729] loop0: detected capacity change from 0 to 256
[ 1110.314785][T11729] exfat: Deprecated parameter 'namecase'
[ 1110.329595][ T4127] pim6reg (unregistering): left allmulticast mode
[ 1110.534406][T11729] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1111.183883][T10247] Bluetooth: hci3: command tx timeout
[ 1111.388461][T11736] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1752'.
[ 1111.784997][T10247] Bluetooth: hci4: command tx timeout
[ 1111.894411][T11701] chnl_net:caif_netlink_parms(): no params data found
[ 1111.980240][T11680] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1111.981369][T11680] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1111.982203][T11680] bridge_slave_0: entered allmulticast mode
[ 1111.985482][T11680] bridge_slave_0: entered promiscuous mode
[ 1112.017727][ T8832] usb 1-1: new low-speed USB device number 104 using dummy_hcd
[ 1112.122211][T11680] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1112.130260][T11680] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1112.138526][T11680] bridge_slave_1: entered allmulticast mode
[ 1112.149878][T11680] bridge_slave_1: entered promiscuous mode
[ 1112.397091][ T8832] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1112.415449][ T4127] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.441332][ T8832] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1112.453049][ T8832] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1112.467942][ T8832] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1112.630169][ T4127] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.644460][ T8832] usb 1-1: string descriptor 0 read error: -22
[ 1112.654201][ T8832] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1112.665031][ T8832] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1112.692878][T11680] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1112.790249][ T8832] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[ 1112.797847][ T8832] cdc_ncm 1-1:1.0: bind() failure
[ 1112.802554][ T4127] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1112.906680][T11680] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1113.153576][T11680] team0: Port device team_slave_0 added
[ 1113.201794][ T4127] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1113.248989][T11680] team0: Port device team_slave_1 added
[ 1113.277904][T10247] Bluetooth: hci3: command tx timeout
[ 1113.377119][T11749] usb usb5: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[ 1113.432363][   T29] audit: type=1326 audit(1728786386.467:81): auid=4294967295 uid=16832 gid=0 ses=4294967295 subj=unconfined pid=11746 comm="syz.2.1756" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff11597dff9 code=0x0
[ 1113.544945][T11701] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1113.553009][T11701] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1113.561233][T11701] bridge_slave_0: entered allmulticast mode
[ 1113.572121][T11701] bridge_slave_0: entered promiscuous mode
[ 1113.605182][T11680] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1113.612696][T11680] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1113.639284][T11680] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1113.671603][T11750] loop2: detected capacity change from 0 to 256
[ 1113.698380][T11701] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1113.707455][T11701] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1113.715737][T11701] bridge_slave_1: entered allmulticast mode
[ 1113.725459][T11701] bridge_slave_1: entered promiscuous mode
[ 1113.810122][T11680] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1113.817874][T11680] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1113.844644][T11680] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1113.857850][ T4127] bridge_slave_1: left allmulticast mode
[ 1113.864222][ T4127] bridge_slave_1: left promiscuous mode
[ 1113.871309][ T4127] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1113.904199][ T4127] bridge_slave_0: left allmulticast mode
[ 1113.909110][T11750] FAT-fs (loop2): Directory bread(block 64) failed
[ 1113.913473][ T4127] bridge_slave_0: left promiscuous mode
[ 1113.917166][T11750] FAT-fs (loop2): Directory bread(block 65) failed
[ 1113.924425][ T4127] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1113.929377][T11750] FAT-fs (loop2): Directory bread(block 66) failed
[ 1113.944239][T11750] FAT-fs (loop2): Directory bread(block 67) failed
[ 1113.951402][T11750] FAT-fs (loop2): Directory bread(block 68) failed
[ 1113.958264][T11750] FAT-fs (loop2): Directory bread(block 69) failed
[ 1113.965631][T11750] FAT-fs (loop2): Directory bread(block 70) failed
[ 1113.972713][T11750] FAT-fs (loop2): Directory bread(block 71) failed
[ 1113.979737][T11750] FAT-fs (loop2): Directory bread(block 72) failed
[ 1113.988006][T11750] FAT-fs (loop2): Directory bread(block 73) failed
[ 1114.497970][T10425] usb 1-1: USB disconnect, device number 104
[ 1114.515906][ T4127] dvmrp0 (unregistering): left allmulticast mode
[ 1114.772795][ T4127] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1114.833939][ T4127] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1114.922632][ T4127] bond0 (unregistering): Released all slaves
[ 1115.138596][T11701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1115.269144][T11701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1115.341216][T10247] Bluetooth: hci3: command tx timeout
[ 1115.591498][T11764] loop0: detected capacity change from 0 to 256
[ 1115.601863][T11764] exfat: Deprecated parameter 'namecase'
[ 1115.729348][T11764] exFAT-fs (loop0): failed to load upcase table (idx : 0x00017f3e, chksum : 0x1380c30a, utbl_chksum : 0xe619d30d)
[ 1116.239148][T11680] hsr_slave_0: entered promiscuous mode
[ 1116.332326][T11680] hsr_slave_1: entered promiscuous mode
[ 1116.390864][T11680] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1116.398723][T11680] Cannot create hsr debugfs directory
[ 1116.524752][ T4127] hsr_slave_0: left promiscuous mode
[ 1116.564706][ T4127] hsr_slave_1: left promiscuous mode
[ 1116.581655][ T4127] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1116.589475][ T4127] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1116.629401][ T4127] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1116.639520][ T4127] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1116.718482][ T4127] veth1_macvtap: left promiscuous mode
[ 1116.724772][ T4127] veth0_macvtap: left promiscuous mode
[ 1116.731004][ T4127] veth1_vlan: left promiscuous mode
[ 1116.736639][ T4127] veth0_vlan: left promiscuous mode
[ 1117.638837][ T4127] team0 (unregistering): Port device team_slave_1 removed
[ 1117.764950][ T4127] team0 (unregistering): Port device team_slave_0 removed
[ 1118.070195][T11701] team0: Port device team_slave_0 added
[ 1118.117215][T11768] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1762'.
[ 1118.126673][T11768] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1762'.
[ 1118.156749][T11701] team0: Port device team_slave_1 added
[ 1118.488349][T11701] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1118.496975][T11701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1118.525207][T11701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1118.664328][T11701] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1118.672051][T11701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1118.699892][T11701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1119.456851][T11787] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1766'.
[ 1119.572570][T11701] hsr_slave_0: entered promiscuous mode
[ 1119.596868][T11701] hsr_slave_1: entered promiscuous mode
[ 1119.615054][T11701] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1119.624221][T11701] Cannot create hsr debugfs directory
[ 1119.831036][   T44] usb 2-1: new low-speed USB device number 92 using dummy_hcd
[ 1120.011384][   T44] usb 2-1: unable to get BOS descriptor or descriptor too short
[ 1120.060894][   T44] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1120.071784][   T44] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1120.081215][   T44] usb 2-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1120.171891][   T44] usb 2-1: string descriptor 0 read error: -22
[ 1120.179157][   T44] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1120.189091][   T44] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1120.248382][   T44] cdc_ncm 2-1:1.0: CDC Union missing and no IAD found
[ 1120.273115][   T44] cdc_ncm 2-1:1.0: bind() failure
[ 1120.461159][   T44] usb 2-1: USB disconnect, device number 92
[ 1120.814647][T11680] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1120.932363][T11680] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1120.976270][T11701] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1121.006681][T11680] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1121.039480][T11701] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1121.066155][T11680] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1121.091169][T11701] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1121.131457][T11701] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1122.063505][T11680] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1122.297823][T11680] 8021q: adding VLAN 0 to HW filter on device team0
[ 1122.387711][ T3757] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1122.388492][ T3757] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1122.455147][T11701] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1122.477952][ T4127] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1122.478494][ T4127] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1122.717496][T11701] 8021q: adding VLAN 0 to HW filter on device team0
[ 1122.772097][ T4127] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1122.793533][ T4127] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1122.865220][ T4127] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1122.865761][ T4127] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1123.053918][T11701] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1123.070171][T11701] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1123.629303][T11816] loop2: detected capacity change from 0 to 16
[ 1123.644444][T11816] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1123.675042][T10247] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 0] out[9000]
[ 1123.760375][T11816] erofs: (device loop2): z_erofs_lz4_decompress_mem: failed to decompress -26 in[46, 4050] out[8192]
[ 1123.773427][T11816] erofs: (device loop2): z_erofs_read_folio: read error -117 @ 0 of nid 89
[ 1123.783593][   T29] audit: type=1800 audit(1728786396.827:82): pid=11816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.1777" name="file3" dev="loop2" ino=89 res=0 errno=0
[ 1123.803675][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1124.595440][T11701] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1124.756541][T11680] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1125.474399][T11680] veth0_vlan: entered promiscuous mode
[ 1125.550100][T11839] loop2: detected capacity change from 0 to 128
[ 1125.562962][T11680] veth1_vlan: entered promiscuous mode
[ 1125.616353][T11839] ext4: Unknown parameter 'defcontext'
[ 1125.748508][T11680] veth0_macvtap: entered promiscuous mode
[ 1125.779554][T11680] veth1_macvtap: entered promiscuous mode
[ 1125.852478][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1125.865390][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1125.877014][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1125.887770][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1125.897882][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1125.908560][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1125.918604][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1125.929298][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1125.943780][T11680] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1126.106138][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.117082][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.127391][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.138274][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.149614][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.163160][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.174450][T11680] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1126.186926][T11680] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1126.202844][T11680] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1126.227286][T11680] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.237236][T11680] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.246565][T11680] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1126.256216][T11680] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1127.051802][T11701] veth0_vlan: entered promiscuous mode
[ 1127.164833][T11852] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1782'.
[ 1127.234616][T11701] veth1_vlan: entered promiscuous mode
[ 1127.492475][ T7734] usb 3-1: new low-speed USB device number 85 using dummy_hcd
[ 1127.555198][T11701] veth0_macvtap: entered promiscuous mode
[ 1127.651831][T11701] veth1_macvtap: entered promiscuous mode
[ 1127.704092][ T7734] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1127.726558][ T7734] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1127.737445][ T7734] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1127.748231][ T7734] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1127.870437][ T7734] usb 3-1: string descriptor 0 read error: -22
[ 1127.880046][ T7734] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1127.890225][ T7734] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1127.970160][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1127.983779][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1127.997927][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.009297][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.020293][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.032201][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.042291][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.053002][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.064667][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1128.075714][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.089822][T11701] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1128.175266][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.184037][ T7734] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[ 1128.186400][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.193789][ T7734] cdc_ncm 3-1:1.0: bind() failure
[ 1128.203349][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.221233][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.233184][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.244613][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.255592][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.267554][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.278156][T11701] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1128.289019][T11701] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1128.304984][T11701] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1128.424003][ T5253] usb 3-1: USB disconnect, device number 85
[ 1128.779410][T11701] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.788832][T11701] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.798949][T11701] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1128.808232][T11701] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1130.092449][T11870] loop2: detected capacity change from 0 to 256
[ 1130.125551][T11870] exfat: Deprecated parameter 'namecase'
[ 1130.133619][ T8832] usb 2-1: new high-speed USB device number 93 using dummy_hcd
[ 1130.213562][T11870] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[ 1130.327916][ T8832] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1130.338602][ T8832] usb 2-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[ 1130.348201][ T8832] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1130.385888][ T8832] usb 2-1: config 0 descriptor??
[ 1130.429968][ T8832] usbhid 2-1:0.0: couldn't find an input interrupt endpoint
[ 1130.677062][ T5252] usb 1-1: new high-speed USB device number 105 using dummy_hcd
[ 1130.898412][ T5252] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1130.911258][ T5252] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1130.921640][ T5252] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1130.935028][ T5252] usb 1-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1130.945525][ T5252] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1131.087509][ T5252] usb 1-1: config 0 descriptor??
[ 1131.277184][ T3621] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.539859][ T3621] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.772330][ T3621] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.994646][ T3621] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.333280][ T5252] betop 0003:11C2:2208.0048: item fetching failed at offset 2/5
[ 1132.347341][ T5252] betop 0003:11C2:2208.0048: parse failed
[ 1132.353917][ T5252] betop 0003:11C2:2208.0048: probe with driver betop failed with error -22
[ 1132.483430][ T5202] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1132.497326][ T3621] bridge_slave_1: left allmulticast mode
[ 1132.506304][ T3621] bridge_slave_1: left promiscuous mode
[ 1132.515060][ T3621] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1132.521140][ T5202] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1132.526574][ T5252] usb 1-1: USB disconnect, device number 105
[ 1132.654298][ T5202] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1132.678824][ T5202] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1132.703700][ T5202] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[ 1132.749495][ T5202] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1132.767914][ T3621] bridge_slave_0: left allmulticast mode
[ 1132.774084][ T3621] bridge_slave_0: left promiscuous mode
[ 1132.782994][ T3621] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1133.006685][T11900] loop0: detected capacity change from 0 to 16
[ 1133.047055][T11900] erofs: (device loop0): mounted with root inode @ nid 36.
[ 1133.069690][T11900] bio_check_eod: 15 callbacks suppressed
[ 1133.069777][T11900] syz.0.1791: attempt to access beyond end of device
[ 1133.069777][T11900] loop0: rw=0, sector=8, nr_sectors = 32 limit=16
[ 1133.090788][T11900] erofs: (device loop0): z_erofs_read_folio: read error -5 @ 8200 of nid 36
[ 1133.392264][ T3621] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1133.441994][ T3621] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1133.466357][   T44] usb 2-1: USB disconnect, device number 93
[ 1133.495073][ T3621] bond0 (unregistering): Released all slaves
[ 1134.334101][ T4127] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1134.342450][ T4127] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1134.419046][ T3584] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1134.428492][ T3584] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1134.524719][T11909] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1794'.
[ 1134.883563][ T5202] Bluetooth: hci5: command tx timeout
[ 1135.134499][ T5253] usb 1-1: new low-speed USB device number 106 using dummy_hcd
[ 1135.534074][ T5253] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1135.930733][ T3621] hsr_slave_0: left promiscuous mode
[ 1135.941609][ T3621] hsr_slave_1: left promiscuous mode
[ 1135.950853][ T3621] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1135.958908][ T3621] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1135.975973][ T3621] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1135.987012][ T3621] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1136.006528][ T5253] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1136.017709][ T5253] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1136.027229][ T5253] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1136.065038][ T3621] veth1_macvtap: left promiscuous mode
[ 1136.072936][ T3621] veth0_macvtap: left promiscuous mode
[ 1136.078934][ T3621] veth1_vlan: left promiscuous mode
[ 1136.084886][ T3621] veth0_vlan: left promiscuous mode
[ 1136.117097][ T5253] usb 1-1: string descriptor 0 read error: -22
[ 1136.124149][ T5253] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1136.133643][ T5253] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1136.181701][ T5253] cdc_ncm 1-1:1.0: CDC Union missing and no IAD found
[ 1136.188791][ T5253] cdc_ncm 1-1:1.0: bind() failure
[ 1136.472294][ T5253] usb 1-1: USB disconnect, device number 106
[ 1136.941046][T10247] Bluetooth: hci5: command tx timeout
[ 1137.239582][ T3621] team0 (unregistering): Port device team_slave_1 removed
[ 1137.277900][ T3621] team0 (unregistering): Port device team_slave_0 removed
[ 1138.128671][T11895] chnl_net:caif_netlink_parms(): no params data found
[ 1138.227780][ T3365] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1138.236156][ T3365] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1138.381957][ T5253] usb 2-1: new high-speed USB device number 94 using dummy_hcd
[ 1138.427441][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1138.436167][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1138.616666][ T5253] usb 2-1: Using ep0 maxpacket: 32
[ 1138.664292][ T5253] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1138.677706][ T5253] usb 2-1: config 1 has 0 interfaces, different from the descriptor's value: 2
[ 1138.707199][ T5253] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[ 1138.717074][ T5253] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1138.725844][ T5253] usb 2-1: Product: syz
[ 1138.730312][ T5253] usb 2-1: Manufacturer: syz
[ 1138.735559][ T5253] usb 2-1: SerialNumber: syz
[ 1138.757744][T11937] netlink: 'syz.3.1799': attribute type 21 has an invalid length.
[ 1138.767274][T11937] netlink: 168 bytes leftover after parsing attributes in process `syz.3.1799'.
[ 1138.842231][   T44] usb 1-1: new high-speed USB device number 107 using dummy_hcd
[ 1139.022705][T10247] Bluetooth: hci5: command tx timeout
[ 1139.028475][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1139.035742][ T5253] usb 2-1: USB disconnect, device number 94
[ 1139.040763][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1139.056221][   T44] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1139.069924][   T44] usb 1-1: New USB device found, idVendor=11c2, idProduct=2208, bcdDevice= 0.00
[ 1139.080370][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1139.122074][T11943] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1743'.
[ 1139.163536][   T44] usb 1-1: config 0 descriptor??
[ 1139.570696][T11895] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1139.578751][T11895] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1139.588378][T11895] bridge_slave_0: entered allmulticast mode
[ 1139.601895][T11895] bridge_slave_0: entered promiscuous mode
[ 1139.629432][T11895] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1139.637549][T11895] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1139.645843][T11895] bridge_slave_1: entered allmulticast mode
[ 1139.655557][T11895] bridge_slave_1: entered promiscuous mode
[ 1139.702322][   T44] betop 0003:11C2:2208.0049: item fetching failed at offset 2/5
[ 1139.717865][   T44] betop 0003:11C2:2208.0049: parse failed
[ 1139.724599][   T44] betop 0003:11C2:2208.0049: probe with driver betop failed with error -22
[ 1140.225774][T11895] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1140.379405][T11895] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1140.418154][T11949] loop1: detected capacity change from 0 to 256
[ 1140.464410][T11949] vfat: Unknown parameter 'showetec'
[ 1140.735875][   T44] usb 1-1: USB disconnect, device number 107
[ 1141.684752][T11947] loop3: detected capacity change from 0 to 32768
[ 1141.720984][T10247] Bluetooth: hci5: command tx timeout
[ 1141.761479][T11895] team0: Port device team_slave_0 added
[ 1141.779878][T11895] team0: Port device team_slave_1 added
[ 1141.883622][T11895] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1141.890919][T11895] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1141.917578][T11895] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1141.947150][T11947] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[ 1141.975164][T11895] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1141.984559][T11895] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1142.010635][    C1] vkms_vblank_simulate: vblank timer overrun
[ 1142.018053][T11895] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1142.072033][T11947] =====================================================
[ 1142.079441][T11947] BUG: KMSAN: uninit-value in from_kuid+0x41e/0x990
[ 1142.086628][T11947]  from_kuid+0x41e/0x990
[ 1142.091311][T11947]  ocfs2_setattr+0x254/0x3140
[ 1142.096262][T11947]  notify_change+0x1a8e/0x1b80
[ 1142.101399][T11947]  vfs_utimes+0x717/0xa80
[ 1142.106030][T11947]  do_utimes+0x1b0/0x490
[ 1142.110651][T11947]  __x64_sys_futimesat+0x42b/0x500
[ 1142.116024][T11947]  x64_sys_call+0x3127/0x3ba0
[ 1142.121260][T11947]  do_syscall_64+0xcd/0x1e0
[ 1142.126544][T11947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.133008][T11947] 
[ 1142.135478][T11947] Local variable newattrs created at:
[ 1142.141197][T11947]  vfs_utimes+0x44/0xa80
[ 1142.146960][T11947]  do_utimes+0x1b0/0x490
[ 1142.151629][T11947] 
[ 1142.154151][T11947] CPU: 1 UID: 0 PID: 11947 Comm: syz.3.1800 Not tainted 6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1142.167419][T11947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1142.177806][T11947] =====================================================
[ 1142.184885][T11947] Disabling lock debugging due to kernel taint
[ 1142.191416][T11947] Kernel panic - not syncing: kmsan.panic set ...
[ 1142.197968][T11947] CPU: 1 UID: 0 PID: 11947 Comm: syz.3.1800 Tainted: G    B              6.12.0-rc2-syzkaller-00291-g09f6b0c8904b #0
[ 1142.210611][T11947] Tainted: [B]=BAD_PAGE
[ 1142.214983][T11947] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 09/13/2024
[ 1142.225233][T11947] Call Trace:
[ 1142.228728][T11947]  <TASK>
[ 1142.231890][T11947]  dump_stack_lvl+0x216/0x2d0
[ 1142.236881][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.242875][T11947]  dump_stack+0x1e/0x30
[ 1142.247496][T11947]  panic+0x4e2/0xcf0
[ 1142.251776][T11947]  ? kmsan_get_metadata+0xe1/0x1c0
[ 1142.257143][T11947]  kmsan_report+0x2c7/0x2d0
[ 1142.261859][T11947]  ? sched_clock_cpu+0x55/0x870
[ 1142.266985][T11947]  ? __msan_warning+0x95/0x120
[ 1142.271932][T11947]  ? from_kuid+0x41e/0x990
[ 1142.276551][T11947]  ? ocfs2_setattr+0x254/0x3140
[ 1142.281588][T11947]  ? notify_change+0x1a8e/0x1b80
[ 1142.286725][T11947]  ? vfs_utimes+0x717/0xa80
[ 1142.291386][T11947]  ? do_utimes+0x1b0/0x490
[ 1142.295966][T11947]  ? __x64_sys_futimesat+0x42b/0x500
[ 1142.301538][T11947]  ? x64_sys_call+0x3127/0x3ba0
[ 1142.306739][T11947]  ? do_syscall_64+0xcd/0x1e0
[ 1142.311792][T11947]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.318095][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.323577][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.329572][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.335114][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.341122][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.346513][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.351881][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.357855][T11947]  ? filter_irq_stacks+0x60/0x1a0
[ 1142.363098][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.368496][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.374575][T11947]  __msan_warning+0x95/0x120
[ 1142.379379][T11947]  from_kuid+0x41e/0x990
[ 1142.383809][T11947]  ocfs2_setattr+0x254/0x3140
[ 1142.388906][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.394910][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.400252][T11947]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[ 1142.406223][T11947]  ? __pfx_ocfs2_setattr+0x10/0x10
[ 1142.411569][T11947]  ? __pfx_ocfs2_setattr+0x10/0x10
[ 1142.416845][T11947]  notify_change+0x1a8e/0x1b80
[ 1142.421794][T11947]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[ 1142.428312][T11947]  vfs_utimes+0x717/0xa80
[ 1142.432865][T11947]  do_utimes+0x1b0/0x490
[ 1142.437323][T11947]  __x64_sys_futimesat+0x42b/0x500
[ 1142.442692][T11947]  ? kmsan_internal_unpoison_memory+0x14/0x20
[ 1142.448975][T11947]  ? kmsan_get_metadata+0x13e/0x1c0
[ 1142.454423][T11947]  x64_sys_call+0x3127/0x3ba0
[ 1142.459309][T11947]  do_syscall_64+0xcd/0x1e0
[ 1142.464006][T11947]  ? clear_bhb_loop+0x25/0x80
[ 1142.468899][T11947]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1142.475093][T11947] RIP: 0033:0x7f111877dff9
[ 1142.479658][T11947] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1142.499551][T11947] RSP: 002b:00007f111952c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000105
[ 1142.508724][T11947] RAX: ffffffffffffffda RBX: 00007f1118935f80 RCX: 00007f111877dff9
[ 1142.516874][T11947] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000000000000e
[ 1142.525094][T11947] RBP: 00007f11187f0296 R08: 0000000000000000 R09: 0000000000000000
[ 1142.533220][T11947] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1142.541424][T11947] R13: 0000000000000000 R14: 00007f1118935f80 R15: 00007ffe5304efa8
[ 1142.549665][T11947]  </TASK>
[ 1142.553198][T11947] Kernel Offset: disabled
[ 1142.557665][T11947] Rebooting in 86400 seconds..