last executing test programs:

10m45.377382067s ago: executing program 32 (id=7):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg(r1, 0x0, 0x0)
sched_setattr(0x0, 0x0, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$can_raw(0x1d, 0x3, 0x1)
bind$can_raw(r2, &(0x7f0000000000), 0x10)
setsockopt$CAN_RAW_FILTER(r2, 0x65, 0x1, &(0x7f00000000c0), 0xf00)

10m27.39701937s ago: executing program 33 (id=18):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
socket$nl_netfilter(0x10, 0x3, 0xc)
connect$unix(r0, &(0x7f0000000300)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$F2FS_IOC_FLUSH_DEVICE(0xffffffffffffffff, 0x4008f50a, &(0x7f0000000040)={0xe, 0xfff})
sendmsg(r1, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x8800)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x0, 0x0, 0xb49, 0x9, 0x8, 0x0, 0x3}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000002c0)=@allocspi={0x150, 0x16, 0x1, 0x0, 0x0, {{{@in6=@loopback, @in=@broadcast}, {@in=@dev, 0x0, 0x6c}, @in6=@mcast2}, 0x0, 0x7fff}, [@migrate={0x50, 0x11, [{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in, @in6=@empty, @in6=@local}]}, @proto={0x5, 0x1b}]}, 0x150}}, 0x0)
rseq(0x0, 0x0, 0x0, 0x0)
io_setup(0x8, &(0x7f0000000000))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={0x0}}, 0x800)
sendmsg$key(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000004c0)=ANY=[@ANYBLOB="020a040007000000b6f1ffff0000854105001a00"], 0x38}}, 0x0)
sendmsg$key(0xffffffffffffffff, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=ANY=[@ANYBLOB="020100090e000000030000000000000405000600000000000a0000000000000400000000000000000000002100000000000100000000000002000100010000000000010200fd0000050005000000"], 0x70}}, 0x0)
sendmmsg(r3, &(0x7f0000000180), 0x3ef, 0x0)

10m25.907182981s ago: executing program 34 (id=22):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mkdir(&(0x7f0000000400)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f00000001c0)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

9m39.43540568s ago: executing program 1 (id=75):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x200000b, 0x59033, 0xffffffffffffffff, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

9m36.714732899s ago: executing program 1 (id=76):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x5a20}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x10)
sendmsg$NFT_BATCH(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000004c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0xa}}, [@NFT_MSG_NEWRULE={0x44, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x18, 0x4, 0x0, 0x1, [{0x14, 0x1, 0x0, 0x1, @inner={{0xa}, @val={0x4}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x3}}}, 0x6c}, 0x1, 0x0, 0x0, 0x8000}, 0x0)

9m33.435248061s ago: executing program 1 (id=79):
sendmsg$IPSET_CMD_FLUSH(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x1c, 0x4, 0x6, 0x201, 0x0, 0x0, {0x2, 0x0, 0x2}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x8000}, 0x4)

9m32.67785339s ago: executing program 1 (id=80):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x442, 0x0)
ioctl$TIOCSPTLCK(r0, 0x40045431, &(0x7f0000000080))
r1 = syz_io_uring_setup(0x1593, &(0x7f0000001900)={0x0, 0xe5dc, 0x8, 0x3, 0x2f0}, &(0x7f0000000280), &(0x7f0000002c00))
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ffd000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffb000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffe000/0x2000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff8000/0x3000)=nil, 0x0}, 0xffffffffffffffee)
io_uring_setup(0x5, &(0x7f0000000040)={0x0, 0x3c1d, 0xc000, 0x3, 0x38})
io_uring_register$IORING_UNREGISTER_RING_FDS(r1, 0x15, &(0x7f00000005c0)=[{0x0, 0x0, 0x0, 0x0, 0x0}], 0x1)
r2 = syz_open_pts(r0, 0x200)
read(r2, &(0x7f0000000100)=""/90, 0x5a)

9m31.644002101s ago: executing program 1 (id=81):
r0 = socket$netlink(0x10, 0x3, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x24}}, 0x0)
getsockname$packet(r1, &(0x7f0000000200)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000440)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000740)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0xe, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x2, 0x18001, 0x83}}}}]}, 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=@gettclass={0x24, 0x2a, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {0x0, 0xfff1}}}, 0x24}}, 0x0)

9m29.690088792s ago: executing program 1 (id=82):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb819bbe7bfabee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f"})
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg$unix(r1, &(0x7f0000000680), 0x4924924924925c6, 0x0)

9m14.364842231s ago: executing program 35 (id=82):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'ghash-generic\x00'}, 0x58)
r1 = accept4(r0, 0x0, 0x0, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, &(0x7f0000000080)={0x0, "4fcb819bbe7bfabee2b094a3de6dbfd30a74457bcd1cfd5feffe5c019f45d57f"})
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000200)="ad56b6cc0400aeb995298992ea5400c2", 0x10)
sendmmsg$unix(r1, &(0x7f0000000680), 0x4924924924925c6, 0x0)

7m43.071790113s ago: executing program 5 (id=17):
socket$inet(0x2, 0x802, 0x1)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r4, 0x0, 0x482, &(0x7f0000000040)={0x84, @multicast2, 0x15, 0x3, 'sh\x00', 0x1, 0x4, 0x6d}, 0x2c)
setsockopt$IP_VS_SO_SET_FLUSH(r4, 0x0, 0x485, 0x0, 0x0)
openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)

7m39.227298318s ago: executing program 5 (id=158):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000f80)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0], 0x0, 0x4, 0x0, 0x0, 0x0, 0x15, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={0x0}, 0x18)
mq_unlink(&(0x7f0000000000)='eth0\x00')
r1 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x0)
r3 = openat$cgroup_subtree(r2, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r3, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r3, &(0x7f0000000140)={[{0x2b, 'cpu'}]}, 0x5)

7m37.57890977s ago: executing program 5 (id=159):
socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
sendto$inet6(r1, &(0x7f0000000400)="2ae0e710", 0x4, 0x0, &(0x7f0000000000)={0xa, 0x0, 0x0, @mcast1}, 0x1c)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
recvmmsg(r1, &(0x7f0000000d80), 0x4000000000001e9, 0x10162, 0x0)

7m30.331728745s ago: executing program 5 (id=166):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f0000000780)={[{@bsdgroups}, {@nodiscard}, {@oldalloc}, {@grpjquota}, {@nobarrier}, {@noquota}, {@abort}, {@nodiscard}, {@nodiscard}]}, 0x64, 0x50d, &(0x7f0000000200)="$eJzs3VFrHFsdAPD/bHZj06Y3ueqDXvB69V5Ji3Y3aWwbfKgVRJ8Kan2vMdmEkE02ZDdtE4qm+AEEERV80hdfBD+AIAVffBShoM+KiiLa6oMP2rns7iRN091k226zafb3g8mcc2Zm/+dsmNk5M4eZAAbWOxFxLSIep2l6PiLGsvJcNsV2a2qs9+jh3bnGlESa3vhnEklWtvNZSTY/k212KiK+9uWIbybPxq1tbi3PVirl9Sxfqq+slWqbWxeWVmYXy4vl1enpqcszV2YuzUz2pJ1nI+LqF//6g+/+7EtXf/WZ23+6+fdz32pUazRbvrcdzyl/0MJW0wvN72LvBusvGOw4yjdbmBlpt8bQMyX3XnGdAABor3GO/8GI+GREnI+xGDr4dBYAAAB4DaWfH43/JRFpe8MdygEAAIDXSK45BjbJFbOxAKORyxWLrTG8H47TuUq1Vv/0QnVjdb41VnY8CrmFpUp5MhsrPB6FpJGfaqaf5C/uy09HxJsR8f2xkWa+OFetzPf74gcAAAAMiDP7+v//GWv1/wEAAIATZrzfFQAAAABeOf1/AAAAOPn0/wEAAOBE+8r1640p3Xn/9fytzY3l6q0L8+XacnFlY644V11fKy5Wq4vNZ/atHPZ5lWp17bOxunGnVC/X6qXa5tbNlerGav3m0lOvwAYAAACO0Jsfv/+HJCK2PzfSnBqGu9u0y9WA4yq/m0qyeZvd+o9vtOZ/OaJKAUdiqN8VAPom3+8KAH1T6HcFgL5LDlnecfDOb7P5J3pbHwAAoPcmPtr5/n/uwC23D14MHHt2Yhhc7v/D4Gre/+92JK+TBThRCs4AYOC99P3/Q6Xpc1UIAADoudHmlOSK2eW90cjlisWIs83XAhSShaVKeTIi3oiI348VPtDITzW3TA7tMwAAAAAAAAAAAAAAAAAAAAAAAAAALWmaRAoAAACcaBG5vyW/bj3Lf2LsvdH91weGk/+ORfaK0Ns/vvHDO7P1+vpUo/xfu+X1H2XlF/txBQMAAAAGwnO9wH+nn77TjwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAXnr08O7cznSUcf/xhYgYbxc/H6ea81NRiIjT/04iv2e7JCKGehB/pPHnI+3iJ41q7YZsF3+kB/G37x0YP8azb2F//OGIONOD+DDI7jeOP9fa7X+5eKc5b7//5SOeyr+ozse/2D3+DXU4/pztMsZbD35R6hj/XsRb+fbHn534SYf473YZ/xtf39rqtCz9ScRE29+f5KlYpfrKWqm2uXVhaWV2sbxYXp2enro8c2Xm0sxkaWGpUs7+to3xvY/98vFB7T/dIf74Ie1/r8v2///BnYcfaiUL7eKfe7dN/N/8NFvj2fi57LfvU1m6sXxiJ73dSu/19s9/9/ZB7Z/v0P7D/v/numz/+a9+589drgoAHIHa5tbybKVSXj+xiUYv/RhUQ+IYJr7d0w9M0zRt7FMv8TlJHIevpZno95EJAADotScn/f2uCQAAAAAAAAAAAAAAAAAAAAyuo3ic2P6Y27uppBeP0AYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6In3AwAA///d8Nla")

7m28.701205207s ago: executing program 5 (id=169):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = fsopen(&(0x7f00000001c0)='binder\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004b80), 0x0, 0x4)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r3, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000380)}}], 0x1, 0x4000800)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000b95000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0}, &(0x7f0000000040)=0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)
socket$netlink(0x10, 0x3, 0x0)
memfd_create(0x0, 0x2)

7m25.076452696s ago: executing program 8 (id=171):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, 0x0)

7m24.19533337s ago: executing program 8 (id=174):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000280)=[@in={0x2, 0x4e21, @loopback}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @loopback}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000000)="fd", 0x1}], 0x1, 0x0, 0x0, 0x804c044}, 0x881)
r1 = dup(r0)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, &(0x7f00000001c0)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x106, 0x2}}, 0x20)
sendmsg$NL80211_CMD_SET_INTERFACE(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000001340)=ANY=[], 0x20}, 0x1, 0x0, 0x0, 0x40c0}, 0x4008000)
setsockopt$inet_sctp_SCTP_MAXSEG(r1, 0x84, 0xd, &(0x7f0000000200)=@assoc_value={0x0, 0x16e2}, 0x8)
write$RDMA_USER_CM_CMD_RESOLVE_ROUTE(r1, &(0x7f00000000c0)={0x4, 0x8, 0xfa00, {0xffffffffffffffff, 0x5}}, 0x16e0)

7m19.831777122s ago: executing program 8 (id=179):
r0 = socket(0xa, 0x5, 0x0)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000200)=[@in={0x2, 0x4e24, @empty}], 0x10)
sendmmsg$inet_sctp(r0, &(0x7f0000003780)=[{&(0x7f0000000bc0)=@in={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000ec0)=[{&(0x7f0000000c00)="9f", 0x1}], 0x1, 0x0, 0x0, 0x8000}], 0x1, 0xc044)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r0, 0x84, 0x21, &(0x7f00000001c0)=0x7f, 0x4)

7m18.321732043s ago: executing program 8 (id=181):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000240)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000480)=@abs={0x0, 0x0, 0x8004e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
connect$netlink(r3, &(0x7f0000000280)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$nl_route(r3, &(0x7f0000000300)={&(0x7f0000000080), 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c00000021000f0000f901000000000002"], 0x1c}}, 0x8000)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000300)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000a00)={&(0x7f0000000340)='sched_switch\x00', r4}, 0x18)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r5)
r6 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0)
r7 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f00000001c0)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300", 0xffffffff}, 0x48, 0xffffffffffffffff)
r8 = add_key$fscrypt_v1(&(0x7f0000000400), &(0x7f0000000440)={'fscrypt:', @desc1}, &(0x7f0000000480)={0x0, "6035ae1e0fe721441705322225930e6c1e3e2a51a92fd796bc34d7cf6e0236805b4377f7ab1a9b01c103a4c6a7ef54e6763fd7264c39ea00c508ba6062696138"}, 0x48, 0xfffffffffffffffe)
keyctl$KEYCTL_MOVE(0x4, r8, 0x0, 0x0, 0x0)
keyctl$KEYCTL_MOVE(0x4, r7, r7, 0x0, 0x0)
fsmount(r6, 0x0, 0x0)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x2010000, &(0x7f0000000180)=ANY=[@ANYBLOB])

7m14.044002758s ago: executing program 8 (id=184):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000040)={0x0, 0x0})

7m12.896508365s ago: executing program 36 (id=169):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
socket$nl_netfilter(0x10, 0x3, 0xc)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400010bce)
r0 = syz_open_dev$MSR(&(0x7f0000000380), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = fsopen(&(0x7f00000001c0)='binder\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r2, 0x0, 0x0)
sendto$inet(r2, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10)
sendmmsg$inet(r2, &(0x7f0000004b80), 0x0, 0x4)
r3 = socket$inet6(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
mmap(&(0x7f00009ff000/0x600000)=nil, 0x600000, 0x0, 0x11, r3, 0x0)
sendto$inet6(r3, 0x0, 0x0, 0xfffffeffffff7ffe, &(0x7f0000000140)={0xa, 0x4e20, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000000ac0)=[{{0x0, 0x0, &(0x7f0000000380)}}], 0x1, 0x4000800)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r3, 0x6, 0x23, &(0x7f0000000280)={&(0x7f0000b95000/0x4000)=nil, 0x4000, 0x0, 0x0, 0x0, 0x0, 0x45, 0x0, 0x0}, &(0x7f0000000040)=0x40)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
getsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)
socket$netlink(0x10, 0x3, 0x0)
memfd_create(0x0, 0x2)

7m12.777543621s ago: executing program 8 (id=187):
socket$inet6_sctp(0xa, 0x5, 0x84)
set_mempolicy(0x2, 0x0, 0xf5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000480)=""/177, 0xb1, 0xe0)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x5, &(0x7f0000000200)={[0xffffffffffffffff]}, 0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000d76000/0x3000)=nil, 0x800000})
socketpair$unix(0x1, 0x3, 0x0, 0x0)
syz_usb_connect(0x6, 0xffffffffffffff80, 0x0, 0x0)
r3 = openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x3f, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

6m56.099246135s ago: executing program 37 (id=187):
socket$inet6_sctp(0xa, 0x5, 0x84)
set_mempolicy(0x2, 0x0, 0xf5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x6d, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
pread64(0xffffffffffffffff, &(0x7f0000000480)=""/177, 0xb1, 0xe0)
epoll_pwait(0xffffffffffffffff, &(0x7f0000000180), 0x0, 0x5, &(0x7f0000000200)={[0xffffffffffffffff]}, 0x8)
write$RDMA_USER_CM_CMD_CREATE_ID(r1, 0x0, 0x0)
sched_setattr(0x0, &(0x7f0000000100)={0x38, 0x5, 0x0, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0xfffffffc}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r2 = userfaultfd(0x80801)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000080)={0xaa, 0x100})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000d76000/0x3000)=nil, 0x800000})
socketpair$unix(0x1, 0x3, 0x0, 0x0)
syz_usb_connect(0x6, 0xffffffffffffff80, 0x0, 0x0)
r3 = openat$audio(0xffffffffffffff9c, 0x0, 0x40000000040201, 0x0)
ioctl$SNDCTL_DSP_SETFRAGMENT(r3, 0xc004500a, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000780)={'netdevsim0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f00000012c0)={0x0, 0x3f, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)

5m57.011604263s ago: executing program 7 (id=274):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4001, 0xfffffffe, @loopback, 0xd7}, 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x2, 0xb2f00, @empty, 0xfffffffe}, 0x1c)

5m55.339319644s ago: executing program 7 (id=277):
r0 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000040)={[{@clear_cache}, {@metadata_ratio}, {@ssd_spread}]}, 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
getsockopt$sock_cred(r1, 0x1, 0x11, &(0x7f0000000240)={0x0, <r2=>0x0}, &(0x7f0000000280)=0x5)
setuid(r2)
ioctl$BTRFS_IOC_SUBVOL_CREATE(r0, 0x5000940e, &(0x7f0000001600)={{}, "75d0f6401606109622da5c77dea785fe2b2b7f3314694c53a14bbedabe329dcb146623313962a0a6a9d6ef2333035b36908ec9f69c2d8c808f1a1604f2689a3d38f94dea1029bbea7989f11e40d5a5e58baddc1a29a37060180c7ed06b2220eef623cbc9a4cf3c673d5bc8a73efb02736449844b3e8e6559affa8b5245a3926b90babedfb0f06629a0762e1ed1ee570d38ff8cc09cd5c95b7c8cecd655e7ed29514790bca1ba1fe13499feb1fb4d1b27276e50c56bc26906e3ec65dfc6c6654fa0ac1ab487519b9f086a3de5b3c1f91e972831bf38f313f2b5d54b6f7a8c0c85194771f86744a662a685f4fe137f91e642c6359c2610409271699d6adb003d56adde468af1c6f87bd37cce9c02a09c0385d74157abc862da29cf29c093df3e9bac855a7f2b4014f5e6f6a8b19a56a78ec3ddebb4ff824030b62a8ce284988bee6f0b2afed0cebaf56bb7c1127e47b8f7be78bd893c64806c90e2253eae33534549483fe751a86cb65e218e47c3189a1f36c7f9834bf31909443f42be059b7d5381bcc7dbfbbbd4e25ca0f70a92e410e4a0d36e7a32626c56d77db4341470f2da9e64a114cc8bcb0dde782e38063284ade9086a8da3db8183b57bb8f31248afee675edb09a7abc5957acf75dc658f97b262e21ec8cb663ee27a1d612492a25561650f95159d3bd4e33724315e057fb18ac2b9c53d213914290d7d184cedce644f8d56b136a832690f229d502d680e37e85fbed70a5106d788ee41154ba223e67f9c226cd03ad8973f2a827774099094688e4fac4ef47ba81cfe200a4849870f213991cadfe21f47180ff8b0424a350bda3497ea824209d2a547999d96e9ac4e2dc8b4b9d3904dfaa247ed5903e633317f70c87b53519efc0e021dfb4d7a61e3ae8559f832e6eb99c3df346276c260d10ee14ab26408873b64fc72a5ea732d2248deedbe7fa3ed4de6dfc99bf50ab9557d877b7fcbb73cece31a5c489a5a27217ad1b5d10f5de042bfde7d22f7ef14bb1337eba91a980c0575900521bb7ff8fb286c21c1ceb9318fdf59a83c3213e9af8d60f1d031eb6796516f23fa8646f3a803d2527567f7411b49c30c2e149908f68bbddd1c1cf912394cfc877d16f3cd5dd89479735f5beda5dff22c26c80c9b427ea8cee2a5c34ecb4c1476f2f2011516aeb0ff4813939ade4ea1f21e1ec8db6d52e76e2ef1f023b1b881ad628c42878cb8b87a22dc483b85a52215359f3786b0d4050a0c659cf228247170aeede324cfdd04ca47a7936593e204abce95a422f0a78b710ef8b5271c50ee6c16e60f4d4e41190c498333c37ca61bbd8423322b25e0c19b77fbe3245adec804074a285dff9ec5c662d07324f34b04a9a40cb2f4465741cb391d0277ea87fe203c27936c683cd0ffc7a4d56cef61158710b49f90dd9bfbdb9bf4312587665c0edd50a305c44ef202059dbdb67475ca9e5c01b8caa0920b3ce0194279c4d0c47cff405c49f75eea99e6c4c8bea8b31c7164e3a68a7fc0bab2423ec59ad020fd5451b96a62fca78d3de37fe19831027146d4f771b2a0d867763d694da7c4eccbba3f0bed2c2afba899a5d7235932d456d2daca9a796feb778f8473e21fc373e73760d8c21d054df671da473d333253a7e9e5b77d778d5d2db1193b233c8292020ff3171cb34329385651f117fc3f2b489eaf601c1a2782d9048e8c8d0569c440b8546ed08058ed947a6e0749dec6a1cc2108ee7d59dc6f67411ab36f6f32f66800f61e6d96a3ccb03afe20089b3bcabb6197fe88647b49878364d02c10d1ebd3ba7283e1c2d9bb88ba5a3fe17e0b672ff703e70af8824bca71cdbddaaa998ed11338b729d9457248dd4b3ef98538a24ee773ee55185d2f4993b37ed1cd3338b93d2de4dba1b2ece17c81fc70547929c9398664a31af05d985e6ecfe678eaa1266ccc1bea1ab6722bdddd34ab69f188f8faced914e4b8e8d8c5b69ee95da62e5bd3e8ce98f8510365eaefe06088ffb6a00dff6d73059bad1bd9179e95088046c999dce6cd94253d5d75c5acd6018a2384202dbbf38a052b9767474114c8b4c1d8ab2bf1e8a9d3e0fdfbe0d7c712aa8bd976588bf481545df7a1df0bf9710338127a0feb134c36e13aafe8ad19035237a136959a405e3d2f3dbf32b34725ec2937d148a64cd7a69556d0069793a9b7eca958dea4ae06a29a5700b63e633b5dd46b37412b45099748122c4241e1cef59e37751feaac6f30863d81fa4eb5e30c37c38a0f065bbd542d2e103889ebc02e49c0c9f2cd74b83daec77d70b221f8bbd538a78929696769e25f9efc2b855bedb43f826d85e58bacc2af0bf620ad703ab604f83b2a220b42a281bf8a7e5d9211c2a0c0b78f5818b80bb6a829b47a30a9fc0af1c76ad070ac29ebff59f837c70bf18d9e914e996d6c8db39adf12549bee56ddc42c1ae71e85aec43c3e6b9a479d0a93b376c56b57954a70826fc3f68b8691c33a4e1ba8f9ce4bcfd1e81c3e2cc5aa22f7328d63a0aa649354eb0ce99b955446954eb24e848775858fb04ab0865034c8e63165c0735a7f99e55c949cfd6df7a5fec6af2407f43615c607ff1d2add29f67425bf842279fe892ce0b2b114c45d9e2e948d804f3ce1c13ba103eaf0aec7985a88976bd607dbb092e0659abdac0204324dd38f4e74c66922bc51312d5febcd3b8f9322ebb333542d5cd6d51feabec8783a975f2bfdf49ffb49efa6e613889d77e790427f3a8b35353e5b4c90cbca00cda492310b049a8837a49909f45a723691556a85c0cd458859ce40702169325d5ab97c6850df976a91ce8b7c4523e750ab9d40fe9f065e747bdb28c94075f8de7c810ebdbd5bfb355f62cf4bf642269fc2a7c22044a7e925e6707e25be738e44fedeff2188dd07da5800c20d74be1a757350413c54b01fddcdd0c413644829e0f3d8190e9354577b79bc24a64688476efe89ba307964ebd8f5d101712063efa30560380cbb04b4ae72daf9b5034b669334c8d5ebbe7e79a1f4efe928d61ae599e000d46f116c5dacb72a740e51a9565ae3d6fcda31e8cbc61f61208d8e02cb220f67d49db934c660976e3ea4cbbd2234e762e60690b23b769949ffd3b21dd712ad7e424e97ad699c6ebe2a1c7bda8c94f29a184b6ebacc17f8eac692c4c99219bfbabed2efa32de48485549c5dd6a8b5cbdf9f0714128ea360b17cfbb6fc27df8cd6bf4b4042881efef938bada0316b9950cd92676c912a35f13dd00f4f34c17662d7832cd6d92e97edea74630af002cd54c786c8d1691a2ba6b555efccb9cdea18d385fc202755c1b396b0bb06fdbdc56b94471a4dec4d9ea3cb3b02dd84b81bc1932b3fec434bdc0120f2d36cb85e6d693c3d8b6209708997ec4954b5791fbe2e6175a73340409513e9f6f790ae3cbcb46c148c9910543084bc6717c494f542192fb03ce68fe91cd1f7e4b6ab7f83f48cfecf717b8bef340491f5269285c50c975e33542727377189d33f0817ab6319b44e91955735dfc7dd358e7c97ddebfe1c62966bf3424eed44a1cf4f1af97cea853dcaa8522f75a415a5b73861c9e20ef623fca0509b18aec5057620f3e999fc61c193f86cc78bd5c5a46c985a403e35d283de52b11514a47f81cd15a6629de6cd1b3380013f5ecb8be4ec9af620d5ae551b5c84c2580227145e79b81e31c487be18cd8662077f0374302ab81a94e585d647701cd9f14233cba88aaf254770e297e39765be8e91a2d3e37cda0c40f84c5d6b44cb6befaef095b8c395465cd054c24236b0a9211d2d9165104b8a2ead6a4e454559c200c7fff2df20dfac3b74ddddbc37468ba40f362ce909fae595bfea080dba8fbcb6631cd3aff229ed0bc90199e61a1b4bc13676701c5090a6614963270b4fa85b31f1426f2e2aa911fd8c195dea15b4f8bfb4350f4d7aaf6bdd2a7357df196de4b838ec97fff2631a8508683d569d07c40804bd3ec240a80e650461d096ab1ecf069e67c8776c1a31239f57e7673aba0f72849340d8be19bed80e9982aa3a2db2df87a720d5aac9f5817d93a8559c9dadbc8e1d3ed419d97a9c2a81e3b2dcd1aee3f75ea6ffeddaf9762e364378bedcbdf42733619bb7c9d3f6bde3ca1b107e4eed268f8d584687da0f1e4d13d4242624760b55a5eb98904f0436e938484e56e7fee2c0c44220274947e4190e856f93461faf7bbb3dd1fe546457366108fc2399c77000572fcc76a33403291635992c892d3ffb092d04a7a2fcb9f7730f8d4d5b9c565a606713e14ed32dfddf4b97d8b8bf62860ec635ff3e073f95491e16fc34e1cc963ce404262effd1a762174084e9c3ec4d8e9d1694f8df919fc670aac42efb898e806dca5843618ec8b0723c0244aece6bad56f3f3f82d11bbba8dc33e0c4e6fd9350017c9132bb293c75d528c4d38839d5ce80e1c83e79073c794f5ed38c65b5312b5050db314989c5387ab49992ac9bcf30388481b27bbf0ba11cb6fe1c298a6c53ea16e3c71dd8afefd9b11adada8b27479e34ca8bfad73686058f67e369d1fa41fa3b6c2138bf501f5dea06e56f25700ff0a3abc2ecdca507e92498488436b2445dd0735d546ef2a086eaab22b7a53f3c409c8b79b8060845af1051c382dd5b3dcc24af473517c39a9b0366e68c9f7bf70b29e1fec4d6c43249569d980af65552fa5e23ab2e51d517054a2a03417f97f36dee9cbeed9d9b52ca70d3b5cd0cffd70c6f390b1e12b85d09bf6956571f9aae10e70c99cd4a5c3f01a973445f13d99c7f005f184467f95c032cbedc0836f26bfbf73a63daf1a72e0cb374476252b8d5f5b28a19c5fcdca649cc9f53d839a15535d0372c7767932fe967a40379282346f2dc96bba7f9357f4dbdad27665e97f734860364b0b6035391b5df12544d9882f43e8ce265355c8f50e06b30c43dbf3bdf91e52fc957fa7ded78d9455a5a946fec9f3b0da5511330f5b403dbbbbb4f6dc0fb10df3c900fa4a86bd87d8bb07ac4a4bd3c7d5e89434b881258b278dd3c15c6d115f3b6c89c47800982541398e49ef97fbd604055be1a2b7db79890c6a93372e0a4681f956164da3fe6a10447f193bad722ddf07e01f4e59203a7b57d9fcf21869f05ab9543b131de792fbbfd250ced24d53e78aa3f15bd8d356a6cbf003dfb73e1d21298f8dbccc77bdba56b0432ae5de6377e50131c365b50b30c3a3b893e44408333c164e7538cbc57ecc1407dfbba064f19036eb7f00eb190ea33fe9286325e67d663a212b32e819424faaf9974c6b9bf8eed2cd87b5689684c291b1963bc7c05e9a1afabed236cd0e5f668108cbbc22eb98e8f7531870b85e12a8bcdf36e52b6cdb1f330e6f4d12d65280e3a83a4c22eb7eb7fe955c345b308b2f718f86f493754941049daf0f5c283731e365132f24eb306e8fa3287eff27a84a8d541a541aa3de55ca83fc4c63bce420a0703e63df8d61136e84f85619d46438331304651dae3f8c4b0053656858510ba6bf4d1ced41d6e30dfb497c505cf37f53135cf239a153cdc886b5b253f61c212fa9b1e1e1024e7b0fe25f6cbbc5a3c5f72204a1cd4d519a3dd8c09101dc00b1147f978505f96eb1e6da6bce21376876f50650853d49a75437061645210a4c3d07d93e54ba2ced0bfa63f720a89ca1665aa90ae2993b1351b388bf09debba04fe10cbedd54202c548f8788c774409874c9ee0c3e83a954dbe79ddd68a84ae05717da98a29fab0023141ed941b378cfd1f43c0870872e4bb3e109e35d59900a034eb568452ae6cb02360294520baff43affec73761bba5"})

5m50.427838896s ago: executing program 7 (id=286):
connect$inet6(0xffffffffffffffff, &(0x7f0000000040)={0xa, 0x4001, 0xfffffffe, @loopback, 0xd7}, 0x1c)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x2, 0xb2f00, @empty, 0xfffffffe}, 0x1c)

5m48.219521808s ago: executing program 7 (id=288):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x40000040, &(0x7f0000004e80)={0x0, 0x989680})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000005c0), 0x109080, 0x0)
ioctl$TIOCGSOFTCAR(r0, 0x5419, &(0x7f0000004fc0))

5m46.937998279s ago: executing program 7 (id=291):
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020703400000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000029c0))
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000000000000000000000000000850000001900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000000c0), 0x48)
bpf$MAP_LOOKUP_ELEM(0x5, &(0x7f00000000c0)={r1, &(0x7f0000000000), &(0x7f0000000040)=""/73}, 0x70)

5m45.207686743s ago: executing program 7 (id=293):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x7)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

5m29.389189437s ago: executing program 38 (id=293):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
set_mempolicy(0x3, &(0x7f0000000000)=0x7, 0x7)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)

1m58.975964483s ago: executing program 6 (id=709):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000020000000c0000"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001700000000000000ff000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000002007b8af8ff00000000bfa200000000000007"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
lchown(&(0x7f0000000000)='./cgroup/cgroup.procs\x00', 0x0, 0xee01)
syz_usb_connect(0x5, 0xe4, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201000017ffd340b1134200bbdf000000010902d200010000400009046a00067af4190009050f102000050801060c8b631b7507250102020700090501", @ANYBLOB="162b"], 0x0)
dup(0xffffffffffffffff)

1m55.27029071s ago: executing program 6 (id=717):
socket$nl_generic(0x10, 0x3, 0x10)
socket$pppoe(0x18, 0x1, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$PPPIOCATTCHAN(r0, 0x40047438, &(0x7f0000000100)=0x1)
ioctl$PPPIOCCONNECT(r0, 0x4004743a, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
ioctl$sock_inet6_SIOCSIFADDR(r1, 0x8916, &(0x7f0000000100)={@private1={0xfc, 0x1, '\x00', 0x1}})
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_inet6_SIOCADDRT(r2, 0x890b, &(0x7f0000000140)={@rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', @mcast1, @private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa0022})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'ip6gre0\x00', <r3=>0x0})
r4 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[], 0x30}}, 0x80)
ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000540)={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, r3})
close(0x4)

1m53.653086941s ago: executing program 6 (id=719):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @mcast2, 0x4}, 0x1c)
connect$pppl2tp(r0, &(0x7f0000000240)=@pppol2tpin6={0x18, 0x1, {0x0, r1, 0x8, 0x0, 0x1003, 0x0, {0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}}}, 0x32)
writev(r0, &(0x7f0000000780)=[{&(0x7f00000001c0)='v', 0x1}], 0x1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)=ANY=[@ANYBLOB="4000000010000d0400"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b0001006772657461700000040002800a0001004d"], 0x40}}, 0x0)

1m52.607046495s ago: executing program 6 (id=722):
r0 = socket$inet_sctp(0x2, 0x4, 0x84)
sendmsg$inet_sctp(r0, &(0x7f0000000140)={&(0x7f0000000000)=@in={0x2, 0x4e24, @loopback}, 0x10, &(0x7f0000000100), 0x0, 0x0, 0x0, 0x200000c4}, 0x48000) (async)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
ioctl$sock_ifreq(r1, 0x89f0, &(0x7f0000000040)={'bond0\x00', @ifru_names='bond0\x00'}) (async)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000000c0)='./file0\x00', 0x10840, &(0x7f0000000280)={[{@iocharset={'iocharset', 0x3d, 'utf8'}}, {@shortname_winnt}, {@shortname_win95}, {@uni_xlate}, {@shortname_winnt}, {@shortname_winnt}, {@numtail}, {@uni_xlateno}, {@rodir}, {@fat=@allow_utime={'allow_utime', 0x3d, 0x10001}}, {@shortname_mixed}, {@fat=@nfs_nostale_ro}]}, 0x1, 0x26c, &(0x7f0000000340)="$eJzs3U9rU1kYB+A3bTpJC0OyGCgzDMwdZjOr0HaYfcrQgWECipKFriw2RWlqoYWCLtruit9Bv4Iu3QouxK1fQASpghvrqgshEm//JDWJjZpG7PNs+nLu++Ock17upYueXPl1eWlhZW1xd3cn8vlMZMtRjr1MFGMkRiO1FQDA92Sv0Yg3jdSw1wIAnA7vfwA4e3q9/zNbh2PnT39lAMCgfNHf/yMDWRIAMGAXL13+f7ZSmbuQJPmI5e316no1/Zlen12M61GPWkxFId5FNA6l9b//VeamkqaXxcgvb46k+c316mh7fjoKUeycn05SUW3mDvJjMbGffzYRtZiJQvzUOT/TMf9D/PlHy/ylKMTTq7ES9ViIZjbN5yJiYzpJ/jlXOZbPfegDAAAAAAAAAAAAAAAAAAAAAIBBKCWHiu3n36Tn95RK3a6n+dbzgcZ7nQ/U2Dx2vk42fskOd+8AAAAAAAAAAAAAAAAAAADwrVi7eWtpvl6vrfYqbjy592gnlwY+2dy7yOzP219qu2fP+Ml2caz48fcXdzpdykWu38/n84qxiGgdSfanfPjbACf9WsXjnWs//7U2+Xe3nsi2jtxubrWtp8uNlB3UB/66ENG1J9/3Ddla3D8oym8/6jm4lWqr48P+xU3eLc8/2Hj+6qSpHg+NxuggHkUAAAAAAAAAAAAAAAAAAHDmHf3T77BXAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADDc/T9//0WuWgbyXdt3hr2HgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4H0AAAD//7qXlSU=")
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x78)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000780)='netlink_extack\x00', r2}, 0x10) (async)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0) (async)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000001c0)={'sit0\x00', <r5=>0x0})
ioctl$sock_inet6_SIOCSIFADDR(r3, 0x8916, &(0x7f0000000100)={@loopback, 0x58, r5}) (async)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r6, &(0x7f0000000f80)=""/4096, 0x1000)

1m51.300214339s ago: executing program 6 (id=726):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x4)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = eventfd2(0x4001, 0x800)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r4 = eventfd2(0x8, 0x80001)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
r6 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r6, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x340, 0x0, 0x4c, 0x1a, 0x190, 0x73, 0x270, 0x258, 0x258, 0x270, 0x258, 0x3, 0x0, {[{{@ipv6={@rand_addr=' \x01\x00', @mcast2, [], [], 'netdevsim0\x00', 'macvlan1\x00'}, 0x0, 0x160, 0x190, 0x0, {}, [@common=@inet=@ecn={{0x28}, {0x2}}, @common=@srh1={{0x90}, {0x0, 0x0, 0x0, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00', @dev}}]}, @common=@inet=@SET2={0x30}}, {{@uncond, 0x0, 0xa8, 0xe0}, @common=@inet=@SET3={0x38}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3a0)
syz_clone(0x100000, &(0x7f0000000180)="d442fd602203c518e9ace6fa89c3b9f2bc4e5fd8ae74d294cfb4098105e60c79ffe6cb6df45b32ce69073500ab65c972e2ae2390ab90c912934c1ca5cd62fd0e1991dd9cbafb39c0b1a0239415bf645d3b1ba26eef6b886d88878655d43fa84581083b1dd02bf683f7df1cd8167bb2fff45fa333e34d6c821d7774699ac06fbeeaff72d496dcf332beb07a478b806e2593cb205d2655764af8bbd1b8a3058b65ac70a5eaa672ad85f34c47cfddda42d2ca83", 0xb2, &(0x7f00000000c0), &(0x7f0000000100), &(0x7f0000000280)="b9708a5ab2007c3a275aa5d629f256fc3fd854a3fcd7034e17eed6c532a7ecac4a43e4b0c522fc7b77001c700b8e0b40266508b79fe1a88a160c71a50b648f2f37eb7a06b54df288cb82e45035b0a056536d3bdfcb68fb1d944e16bdfd0ec66e782318808fe6800ab21c771025dccdac72fe3aeacad71285ea666b643273e70bfd91147a69723a2fa095c68bc2fbf0311ebefbbd0ddf225004ce32c5aeb74ca1a56b1ece23f60c7d5730440d0e9366c60ad65768b691")
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r5, 0x6, 0x23, 0x0, 0x0)
ioctl$KVM_IRQFD(r1, 0x4020ae76, &(0x7f0000000140)={r2, 0x7, 0x2, r4})
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000600)={0x0, 0x0, @pic={0x2a, 0xc0, 0x5, 0x7, 0x7f, 0x0, 0xf, 0x4, 0x3, 0x41, 0x3, 0x58, 0x90, 0x5, 0xb, 0x7f}})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xe, 0x4, 0x4, 0x2, 0x1000, 0xf1, 0x0, 0x7fffffffffffb, 0x5, 0x0, 0x1, 0x0, 0x5, 0x0, 0xbde], 0x1000, 0x3c4210})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

1m50.284193899s ago: executing program 6 (id=728):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
syz_io_uring_setup(0x22f, &(0x7f0000019140)={0x0, 0x8ffd, 0x10000, 0x0, 0x100002cf}, 0x0, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x9c0e, 0x10100}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x2df0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000340)=0x15)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000040)={0x1, 0x32314152, 0x4, 0x7, 0x0, @stepwise={{0x6, 0x8}, {0x9, 0xa}, {0x8, 0x6}}})

1m33.774578832s ago: executing program 39 (id=728):
r0 = syz_open_dev$video(&(0x7f0000000000), 0x75, 0x0)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000006c0), 0x48200, 0x0)
syz_io_uring_setup(0x22f, &(0x7f0000019140)={0x0, 0x8ffd, 0x10000, 0x0, 0x100002cf}, 0x0, 0x0)
syz_clone(0x2c9a4080, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000300)={0x0, 0x9c0e, 0x10100}, &(0x7f0000000000)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r2, 0x2df0, 0x0, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000340)=0x15)
ioctl$VIDIOC_ENUM_FRAMEINTERVALS(r0, 0xc034564b, &(0x7f0000000040)={0x1, 0x32314152, 0x4, 0x7, 0x0, @stepwise={{0x6, 0x8}, {0x9, 0xa}, {0x8, 0x6}}})

9.448330552s ago: executing program 2 (id=924):
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000001000/0x4000)=nil)

8.718952534s ago: executing program 2 (id=925):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in=@private=0xa010100, @in6=@empty, 0x0, 0x20, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2b}, {0x2, 0x0, 0x0, 0x8, 0x5, 0xfffffffffffffffa, 0x0, 0x5}, {0x40000004, 0xfffffffffffffffc, 0xffffffffffffffff}, 0xffffffff, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@empty, 0x0, 0x32}, 0x2, @in=@local, 0x0, 0x4}}, 0xe8)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x12, 0x0, @empty}, 0x1c)
syz_open_dev$I2C(0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xff, &(0x7f0000000140))
eventfd2(0x1, 0x1)
syz_emit_ethernet(0xce, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x4018400, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRESOCT, @ANYRES64, @ANYRES8=0x0], 0x1, 0xf23, &(0x7f000001fb40)="$eJzs3U9sHNUZAPA3a6//xCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0RATA+ISogiIU4VByoulEoBqUigShXqqe2pVW89oV6oVKVSUA9tpNhV7Dfr3ecddj22Z9e7v5/0+fnNm53vG6+zmRnPvg3AyKqtfz1xYiEL4Z3P3n705aeyT64vu6u5xuH1r1nsNUII9ZZ+lmzvi7jg2pWXTndqs3Bs/WveD49dbj52JoSwEg6Hz0MjfLi0/NUH7z5y5OPXpm5588Izr+zR7jel+wEAAMPo0p+X/37fP//0wPzVS4dOhcnm8vz4vBH7M/G4/2g8UM6Pl2uhvZ+1RKuJZL2xGLVkvbFkvfEkz3hBvnqynXrBehNd8o21LOu0nwAAALAf5ee1jZDVFtv6tdri4sZ5/3VfzE1ki8+dWz57vk+FAgAAAKX95+L6TbdCCCGEEEIIIYQY4lib6/cVCAAAAGDUpPOFbbGyuzN1NbfW6C3/5YdrnR8Pu6Dq3/+vzz/V5/wdjHj+91/1igMAQHnDejSZ71d+HJ3PY5DOIziWPG67x/+1ZDvj26yzaF7B/TLfYFGd6c91UBXVv93nsV+K6k/nwxxURfWn83QOqqL6Jyuuo6yi+jtc+RlIRfVPV1xHWUX1H6i4jrKK6p+puI6yiuqfrbiOsorqv6HiOsoqqv9gxXWUVVT/frmttqj+RsV1lFVU/3zFdZRVVP+NFddRVlH9N1VcR1mt9bees9zch1r64c7Y5j+HQwXrzXQ4p9sv53gAAAAw6v5n/j8hRizi3Q19r0OIgY0p/0aEEEIIMYxxsb+XHwAAAIABkL8vIH/X+1qUj491GR9vHZ/aXCEfr3d5/ESX8cku4wAAAEAIv3v97G1vZZvz3e10Prx83qjp8MlqKDGPUTof4Xbz73Tes53m3y/zlgEAADBash98vnr/o++9MH/10qFTLWe/q/F8N58HdDxeG/g09vP7AmaTfpafQ59qz1MrWC+9PnBD0fYe3+GOAgAAwAjLz98bIasttpx3N0Kttri4eT6+EOrZ2XPLZ47Gfv75LH+cq09eX/5QxXUDAAAAvds83+98/p9/ju9CmMgWnzu3fPb8Rn+2ubxea70uMLe5PGu9LtBIlh8rWH489vPP7/zR3PT68sXTP15+ard3HgAAAEbE+RcvPPPk8vKZn/jGN77xTfObfr8yAQAAu+3LL9+u//T47O833v+/Of/davzmcOw34tx+f4nL8/sE8vcBbHm//hPteeaK1nu+fb1Gst5YjMmk7qmW7YT1+QbbHzdflK/Rvp2JgnwzSb7ZJF86T8F4sn7WYS7B0GF+wny9uWR5Og/jeJIjS/Lf3SEXAAAA5JZeePb5pfMvXnjw3LNPPn3m6TPPHT928vsnTx596HsPLa3f17/Uenc/AAAAsB9t3vTb70oAAAAAAAAAAAAAAAAAAABgdFXxcWL93kcAAAAYdf++GEJYEaIg8g8Y7HcdYpBjbbL/NQx3hAH9d/j6R/2vYf/G9MA+rzuMqYnh3C8hhNhhTPb9tdF5n1gJYW0t/aR5AAAAgL117cpLp1vbLVayXc3X3Fpjo1mNefN29sG/zV+PfLXLD7dfLzmwq9Uw6qr+/Zd/UPNPdhx//9XdzT8VNl/7Qk+vf7X2DZxq6033mvfepV8vNPOHEG4f7zF/uv+P95qx3ZEk/72ht/xr7yX5n2jr1XrNf1+S/0CP+bfs//O9Zmx3f8y/EPtH7uk1f/su5r+l+X70+gvw3WT/nwq95k/2v9FjwsQDMT8AjKLm/+ZrF/tbyC7LjxLy4+mZ2M/3Nx5uhvTuh+0e/9eS7YzvuPL27ebHQbfG/lSzjva8uW3Uv54i/7nMxvaGknWm9stdJUX179bzuNeK6q9XXEdZRfVPVFxHWUX1dz57HzxF9U9VXEdZRfX3fCGiz4rq3y/XlYvqn6m4jrKK6p+tuI6yiurf7v/j/VJU/8GK6yirqP65iusoq6j+kpfVKldU/3zFdZRVVP+NFddRVlH9N1VcR1lF9d9ccR39ckdsi86H8/PPuTiW9xtJf7LDz7LnP4YAAAAAe+pfAzkPRMuVg77XIoQQQgghxPDHf9c29LsOIcTexdpaP68+0G97+25mAAaV1//R5vkfbZ7/0eb55+vkf4nPkn5urMv4eJfxepfxiWQ8/X2d7DJ+U7Ldtfy6ZnRzl/FvxD0oGj/Y5fG3dhlf6DJ+W5fx27uM39FlHAAAgNFwS2ydHwIAAMDwevk3n77x23ufuDJ/9dKhU2Fiy7zzR2N/Mv5t/fXYT+e9z9Xj3/x/Fvu/iu0fYvuPZH33nwAAAMDeyz8nxt//AQAAYHjln1Pq/B8AAACG13xsnf8DAADA8Loxts7/AQAAYIhlU50Xxza/LnB3bHud1w8AGHzfjO2dsT0U27ti+63Y5scB98T22xXVBwDsnl/+8Ocn38o25/s/noxfi8vzdouVjSsFWa19Jv/p2B6I7Xd6rCf9PIBe8+cO9phnr/LP7TA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8autfT5xYyEJ457O3H/3FxBt/vb7sruYah9e/ZrHXCCHUm4/LRzf7H8UVr1156XRruxrbLBwLWciay8Njl5uZZkIIK+Fw+Dw0wodLy1998O4jRz5+beqWNy8888oe/gja9g8AAACG0f8DAAD//2giHs0=")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffa)
fstat(0xffffffffffffffff, &(0x7f0000001440))
sendfile(r2, r2, 0x0, 0x800000009)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
pwritev2(r0, &(0x7f00000007c0)=[{&(0x7f0000000280)="bcb787bcbf335738bdefd6a6161add229c8c9290fdf14d413e8f8194db8640c3f80f6f74715be787d9dc4d706ce1aaed80a0d0beb962e390ad11b564ea3306e520f2b71092dd82f4a59c98ea2b97f2892768e632af38a747f2f253", 0x5b}, {&(0x7f0000000640)="2e62fcb0c41a026467c02bcdba9108581b1c5b48ddbd44b8757f574e9b95e773e817ce6272741a0803764b210be118263931301e4cc275607b9a57ae7aac15eeb20e81dc09fe1ee060b5f928d59f95c07be248106c4a9e1d54886115d2af0f41b312d972d9b2171869de8dda89ec959733d8cda496149550778d6d1e54f0cb29bc3b2251ca148c78d889358f35bfac4be8570912aed19b6a9b533f4f81ce2b19ae91155d5a9743c5cbfc47ceccdf6ab8292233a7a7b7639f4354d3deb83aff26c8c40e44365bd59a7421aed27216e6b4a43532f833e9ab76643517e3f4faee1cbfcbfc1f", 0xe4}, {&(0x7f0000000340)="fa893c52e1e3fcc2ab60ff7940968ba81a5c732e95dfb265a7519c9f96b64cda78e5649943144a64a156fce3fdf01e1211c2df275e19d87aaeab1e5e89ab8702be06f8a90457efbb09da82bff8aeeabad804dd1f5e6e202c79f713f71b1bc0", 0x5f}, {&(0x7f0000000740)="1e6d9269dd87aa5b033e272ae13b0ecacd01e884e49b5f6bd71a52f40672c82c6cf727c51edf31d4d70c4fad54eb5ec99efa1e51e6fcbb3257b30053ad99612da7d9f8d6ef5a9ed1eea8487ec0ff169b05a0d11365fffcb04f57", 0x5a}, {&(0x7f0000000180)="8658222310ff82d907e90984382b", 0xe}, {0x0}], 0x6, 0xe, 0x4, 0x4)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x40, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x2, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, 0x0, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat$cgroup(r2, &(0x7f0000000a00)='syz1\x00', 0x1ff)

8.480129245s ago: executing program 3 (id=926):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000000000000000100000850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000240)='netlink_extack\x00', r0}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000340)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="1802000000001a000000000000000000850000001700000095"], &(0x7f00000005c0)='GPL\x00'}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000100)={'batadv_slave_0\x00'})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = socket(0x400000000010, 0x3, 0x0)
r4 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001300)=@newtfilter={0x40, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, r5, {0x0, 0x10}, {}, {0xd}}, [@filter_kind_options=@f_u32={{0x8}, {0x14, 0x2, [@TCA_U32_DIVISOR={0x8, 0x4, 0xea}, @TCA_U32_DIVISOR={0x8, 0x4, 0x14}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x10}, 0x800)

8.242947259s ago: executing program 0 (id=928):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
munlockall()
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f000064d000/0x4000)=nil, 0x4000, &(0x7f0000000040)='f2fs\x00')
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
syz_usb_connect(0x0, 0x3f, &(0x7f0000003240)=ANY=[@ANYBLOB="1201000033bc1840861246202ec10000000109022d0001000040000904d80403ff04010009058f02400009000109050d00"], 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) (async)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async)
munlockall() (async)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f000064d000/0x4000)=nil, 0x4000, &(0x7f0000000040)='f2fs\x00') (async)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) (async)
syz_usb_connect(0x0, 0x3f, &(0x7f0000003240)=ANY=[@ANYBLOB="1201000033bc1840861246202ec10000000109022d0001000040000904d80403ff04010009058f02400009000109050d00"], 0x0) (async)

7.408713716s ago: executing program 3 (id=930):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100060000000000002b000000", @ANYRES32=r2, @ANYBLOB="040046000a0034000101010101010000080026006c0900000800270001000000300051"], 0x6c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

6.54613874s ago: executing program 2 (id=933):
r0 = socket(0x1, 0x5, 0x0)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x802)
write$binfmt_aout(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
setresgid(0xee00, 0xee01, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000500)='.\x00', 0x0, 0x0)
fsetxattr$system_posix_acl(r2, &(0x7f0000000000)='system.posix_acl_access\x00', &(0x7f00000000c0)={{}, {}, [], {0x4, 0x1}, [{0x8, 0x6}], {0x10, 0x3}, {0x20, 0x7}}, 0x2c, 0x1)
setreuid(0xffffffffffffffff, 0xee01)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
syz_usb_connect$cdc_ncm(0x4, 0xa0, &(0x7f0000000040)=ANY=[@ANYBLOB="12010102020000102505b1a440000102030109028e0002010600f50904000001020d0000052406000105240000040d240f01080000004e0063060806241a03001a1524120600a317a88b045e4f01a607c0ffcb7e392a0c241b0300030081030100070c241b06000700080d05007f052401020809058103ff4280849440c3b5d04fa20ee44303dc010f0904010000020d00000904010102020d00000905820220"], 0x0)
r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
r4 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000040), 0x8002)
write$binfmt_aout(r3, &(0x7f00000000c0)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff"], 0xc8)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200010, &(0x7f00000003c0)={[{@resgid}, {}, {@grpquota}, {@nobarrier}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@discard}, {@noauto_da_alloc}, {@stripe={'stripe', 0x3d, 0x2}}]}, 0x3, 0x572, &(0x7f00000006c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwIF6kCCIWxD/Au8fiH6B/RUELRUrQg5fIbGbbbZLNJunWbJ3PB6Z9b2ayb96++b79zs4uG0BhjWT/lCJejoivk4iDbdsGI984srLf0sNrk9mSxPLyJ38mkeTrWvsn+f/788pLEfHLFxHHS2vbrS8szlSq1XQur482Zi+P1hcWT1ycrUyn0+ml8YmJU29NjL/7zts96+vr5/7+7uO7H5z66ujStz/dP3Q7iTNxIN/W3o+ncKO9MhIj+XMyFGdW7TjWg8b6SbLTB8C2DORxPhTZHHAwBvKoB/7/rkfEMlBQifiHgmrlAa1r+x5dBz83Hry/cgG0tv+DK++NxJ7mtdG+peSJK6Psene4B+1nbfz8x53b2RJd3oe43oP2AFpu3IyIk4ODa+e/JJ//tu9k883jja1uo2ivP7CT7mb5zxvr5T+lR/lPrJP/7F8ndreje/yX7vegmY6y/O+9dfPfR1PX8EBee6GZ8w0lFy5W05MR8WJEHIuh3Vl9o/s5p5buLXfa1p7/ZUvWfisXzI/j/uDuJ/9mqtKoPE2f2z24GfHK4/w3iTXz/55mrrt6/LPn41xW+PXLrm0cSe+82mlb9/63630GvPxjxGvrjv/jO1rJxvcnR5vnw2jrrFjrr1tHfuvU/tb633vZ+O/buP/DSfv92vrW2/hhzz9pp23bPf93JZ82y7vydVcrjcbcWMSu5KO168cf/22r3to/6/+xoxvPf+ud/3sj4rNN9v/W4Vsdd+2H8Z/a0vhvvXDvw8+/79T+5sb/zWbpWL5mM/PfZg/waZ47AAAAAAAA6DeliDgQSan8qFwqlcsrn+84HPtK1Vq9cfxCbf7SVDS/KzscQ6XWne6DbZ+HGMs/D9uqj6+qT0TEoYj4ZmBvs16erFWndrrzAAAAAAAAAAAAAAAAAAAA0Cf2d/j+f+b3gZ0+OuCZ85PfUFxd478Xv/QE9CWv/1Bc4h+KS/xDcYl/KC7xD8Ul/qG4xD8Ul/gHAAAAAAAAAAAAAAAAAAAAAAAAAACAnjp39my2LC89vDaZ1aeuLMzP1K6cmErrM+XZ+cnyZG3ucnm6VpuupuXJ2my3x6vWapfHxmP+6mgjrTdG6wuL52dr85ca5y/OVqbT8+nQf9IrAAAAAAAAAAAAAAAAAAAAeL7UFxZnKtVqOqfQsXA6+uIwtl1Iuo3y6fxk2NIjR14Y3PkOKjyDwg5PTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQ5t8AAAD//8nLNLM=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
fallocate(r5, 0x10, 0x253e, 0x4000)
dup3(r4, r3, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x89fe, &(0x7f0000000340)={'bridge0\x00', &(0x7f0000000000)=@ethtool_coalesce={0xf, 0x0, 0x200, 0x2, 0x7, 0x9, 0x0, 0x5, 0x9, 0x2, 0xca1, 0x8, 0x1, 0x6, 0xff, 0x9, 0x3, 0x7, 0x7, 0xb, 0x64, 0x1000, 0xc}})
socket$kcm(0x29, 0x5, 0x0)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
mremap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x2000, 0x0, &(0x7f0000c87000/0x2000)=nil)
r6 = getpid()
r7 = gettid()
rt_tgsigqueueinfo(r6, r7, 0x1f, &(0x7f00000000c0)={0x0, 0x0, 0x2})
r8 = signalfd4(0xffffffffffffffff, &(0x7f0000000140)={[0xffffffffffffffff]}, 0x8, 0x0)
read$FUSE(r8, &(0x7f0000003a40)={0x2020}, 0x2020)
connect$qrtr(r0, &(0x7f0000000100)={0x2a, 0x6, 0x7ffe}, 0xc)

6.321786648s ago: executing program 9 (id=934):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$IPVS_CMD_NEW_DAEMON(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000080)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="1105000000000003000009000000300003800600040069d7000008000300000000001471cfc7e456029fae5f74422dccf1718fc685c274"], 0x44}}, 0x0) (fail_nth: 1)

6.206724715s ago: executing program 3 (id=935):
r0 = syz_mount_image$ext4(&(0x7f0000000e00)='ext3\x00', &(0x7f0000000100)='./file2\x00', 0x20005e, &(0x7f0000000cc0), 0x1, 0x47a, &(0x7f0000000e40)="$eJzs3MtvVFUYAPDv3j5424r44KFU0Ug0trSgsnABRhMXmpjoApe1LQQp1NCaCCFaXODSkLg3Lk38C1zpxqgrE7e6NyTEsAFdXXNn7u1jOjMZhqHTMr9fcuk595Fzvp575p57DtMAetZI/k8SsTMi/oyIoWp29Qkj1R93bl2Z+vfWlakksuy9f5LKebdvXZkqTy2v21FmFqv5/XXKnb90+dzk7OzMxSI/tnD+47H5S5dfOnt+8szMmZkLE8ePHzs6/uorEy83rnzSepx5nW7v+2zuwN63Prj+ztSp6x/++n1Sxl8TR4eM1NnXVyae63Bh3bZrRTrpLxJ9XaoMLcubKG+ugUr/H4q+6F86NhRvftHVygH3VZZl2ZZGB5NYzIAHWBLdrgHQHeWjPn//Lbd1G3xsADdPVl+A8rjvFFv1SH+kxTkDNe+3nZS/bZ1a/O+bfIv7Mw8BALDKjyerP9eO/9J4bMV5J4q1oeGIeDgidkfEIxGxJyIejaic+3hEPLF8SdbK8kztIsna8U96o83QWpKP/14r1rZWj//K0V8M9xW5XZX4B5LTZ2dnjkTEQxFxOAa25PnxJmX89MYfXzU6NhKRleO/fMvLL8eCRT3S2mumJxcm2494tZtXI/b114s/WVoJyNtxb0TsO9heGWdf+O5Ao2MjK8a/9eNvor+9+qyUfRvxfLX9F6Mm/lLSfH1ybGvMzhwZK++KtX77/dq7jcq/p/g7IG//7XXv/6X4h5OV67XzlX1r7slmrv31Zd13moGW4k9v9NdMUOf3/2DyfiU9WOz7dHJh4eJ4xGDydrH/xPL+ieVry3x5fh7/4UP1+//uWP5N7I+I/CZ+MiKeioiDRd2fjohnIuJQk/h/ef3Zjxod2wjtP31X7X/3ib5zP/+wqtDhJvEnUaf9j1VSh4s9rXz+Na7O8pxHHla7vzcAAADYTNKI2BlJOrqUTtPR0er/l98T29PZufmFF0/PfXJhOrZGdf4zLWe6hlbMh44XMwZlfqJ4zS/zR4t546/7tlXyo1Nzs9PdDh563I4G/T/3t+9vwIOvA+towCbVbv/PsuzzDlcFWGee/9C79H/oXXX6/7aafMO/EQBsbvWe/17soTcY/0Pv0v+hd7Xe/+/iL+4Cm4LnP/Ske/lef5G42uTL9q0l8s+fe67GOiayrEulD3Y/9qVEpBuiGvcrEcMboRrD3Su9259MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnfF/AAAA//959OOx")
r1 = signalfd(r0, &(0x7f0000000040)={[0x5]}, 0x8)
r2 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2)
poll(&(0x7f0000000140)=[{r1, 0x20}, {r0, 0x82}, {r0, 0x90}, {r0, 0x2490}, {r2, 0x20}, {r0, 0x200}], 0x6, 0x4)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x120)
lsetxattr(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)=@known='trusted.overlay.origin\x00', &(0x7f0000000400)='\x00\xd1\xd3\xe8\x1a\x82\x0e\xee\x8a\x94Ae\x92\xa55m\xa9m\xb4\x81P\xea\xe0\x84W\xfb\xc3\x0e\xce^~~1\x8c\xb2\xb4\xb2\xf8\xbd\xdbs\xe6\\#\x9a@\x94/', 0xfeba, 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCCONS(r3, 0x541d)
ioctl$TIOCVHANGUP(r3, 0x5437, 0x0)
r4 = socket$inet6(0xa, 0x80002, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file1\x00', 0x8004, &(0x7f00000006c0)=ANY=[@ANYBLOB="646f74732c646f74732c6e6f646f7404000000646f74732c646f74732c646f733178666c6f7070792c00", @ANYRESHEX=r1, @ANYRES8=r1], 0x0, 0x1e1, &(0x7f0000000240)="$eJzs3M9LFG8cB/Bn/epXMxRPQV16qEtdhvTcIQkFaaEoN/oBwYojLS67trOH3Qjarv0pEXTpFkSHrv4X3SQQT56aqE1N0X5Qrqav12U+8J4HPh8GHoZnYFYuF0IIWbIQhkIYKoS+K6ET1gthLPSFDZ1w8dWdtee37t67NlksTt2McXpydnwixjh69u39Jy/PvWuevP169M1gWB57sLI68WH51PLplU+zDytZrGSxVm/Gcpyr15vluWoa5yvZYhLjjWpaztJYqWVpY1u+UK0vLbVjuTY/MrzUSLMslmvtuJi2Y7Mem412LD8NIcQkSeLIcOBPlF6s53lYzfM8H+yEPM/3vvV9L/uiV375+XMkfbepD4XwsdMqtUrdazefnilOXYpfjW2tWmu1Sv9t5uPdPG7PB8Lwt3xi1/z/cOF8N/+SXb1e3JGfCPP7Pz4AAAAAABxJSdy06/l+kuyVd6vpmY3vxDvP9/vDmf6ejAAAAAD8RNZ+vFiuVtPGMS8GQgiHoI19K54djjYU/0xx0DsTAADwt2299P/mwkeFfeoIAAAAAAAAAAAAAAAAAAAAjp9e/E7soGcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiRzwEAAP//CxFrSw==")
setsockopt$inet6_IPV6_HOPOPTS(r4, 0x29, 0x36, &(0x7f00000003c0)=ANY=[@ANYBLOB="0e437491f347114b49b9ccbd08ea1b1bd57f63f0be2e6697882fd17d8acb7f071778561cae6498e09e62250a0b9dd7c5c65264b1f80807613f1e30533627fba175ab70438aba87604b405181006ca70308b573a27fa49dbee4d17f8cb48abfc4e5c9fc413c9220f29082f6f3e228e599ca3d79e7ff3d89250e33de46648190c2288ef8ac4525104e40fc2fc0a6c38a5b867e343c5954c33161e936da247dd6108819b4c9516ae59651c0cf1178c767bfefd62591df483a383a4eabb7e8f3762dbc34b54a438bf1bf5b2647c1653db4c897e83eee64d588156699cd4f2264c52ba033b5440b0c55ad925ee68f06a1a07981c1ed9af9b9b5b6b609de4a3a6d640fe159549455412273e74b657e94c9a969b14bb7a70f993bf96ee63fbe481e1345338be6fc2ac44e7f4493c0d06dc5aadf79b9dd08eefaf5ac21d2e6ef9efad960aadcdeaa1459c9a65820c605300aba8c2b0280cddc774081b4dbccc8f8b18378347bb01065d270be3d3d5cb52746560c2263d19d"], 0x8)
connect$inet6(r4, &(0x7f0000000000)={0xa, 0x4e2a, 0xffbfffff, @empty, 0x9}, 0x1c)
sendmmsg$inet6(r4, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x3a}}], 0x400000000000172, 0x4001c00)
socket$nl_route(0x10, 0x3, 0x0)
r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0)
ioctl$KVM_SET_IRQCHIP(r6, 0x4020aeb2, 0x0)
r7 = openat$cuse(0xffffffffffffff9c, &(0x7f00000005c0), 0x2, 0x0)
getgroups(0x3, &(0x7f0000000600)=[<r8=>0xee01, <r9=>0xee01, 0xee01])
syz_mount_image$fuse(&(0x7f0000000540), &(0x7f0000000580)='./file2\x00', 0x2200000, &(0x7f0000000b80)=ANY=[@ANYBLOB="855cc3904e02c82d742b2f13e5e21a9e52fd176231d7642d38937565671ea0683efec4a558fd4a3a7a6a053d517a41d7012acdcb7db6eff688c37bf1b879cf7bea37033a971dfef98c597cabad65fb84c1c0ea4cb229940a4a34ebdc1b372335ade228fa489b024eb38bd391a5be1238493cf239e144c36fe29377bc55ef67696b73071892972ce2006b253e11debd281092e8b03047e102624ecfd06454cc33f5eabfe2ffc9bf7e2fd0e20bf5348a", @ANYRESHEX=r7, @ANYBLOB="2c726f6f746d6fff7f000030b07d003030303030303030303030303030303134303030302c7573657a50", @ANYRES8=r9, @ANYBLOB=',group_id=', @ANYRESDEC=r8, @ANYRES8], 0x1, 0x0, &(0x7f0000000d00)="14e71570bff26bd7e29dc7f43178ae1757b3c07b909c7d68a2a01b98563e17a2a95a1c7d97180ab34748e95e4bcc4265e6691ad7a7cd8cab4c218ccaa747e476b4ffa91de8d7c3c9af900edb9cafae01071cfe0e97b6e9a1d15af637a8ccdab5f58ad75372ff1741248c874f75af38d277fe233287aafc569748ca593b89a1cb32c6efcc13e6b35a56d00a5549f1bf6019711988478961b00df3d991faa59f7321daf14a4380c9c1ce06621f835b2b002982d294dcf65fa7cdef1765a5ec4f588068a9f3c0e505bffa8f190323f1bba52462e21942d46c3e30ae3040deed2e7bd52a5886f8e85d720f365d696b")
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000640)=ANY=[@ANYBLOB="9d92c58ce1b61c", @ANYRES64=0x0, @ANYBLOB="120009"], 0x48}, 0x1, 0x0, 0x0, 0x400c881}, 0x24004884)
sendmsg(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x40855)

6.114857635s ago: executing program 4 (id=936):
bpf$BPF_MAP_GET_FD_BY_ID(0xe, &(0x7f0000000240)={0xffffffffffffffff, 0x9, 0x38}, 0xc)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000002c0)='mountinfo\x00')
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x182)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r0 = socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
r2 = openat$rfkill(0xffffffffffffff9c, &(0x7f00000000c0), 0x602, 0x0)
writev(r2, &(0x7f0000000440)=[{&(0x7f0000000040)="93d90400006700", 0x7}], 0x1)
lsetxattr$security_capability(0x0, &(0x7f0000000000), 0x0, 0x0, 0x1)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r3=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000280)={{0x12, 0x1, 0x250, 0x39, 0x2, 0xe7, 0x40, 0x7c0, 0x1503, 0xc9d1, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0xff, 0x0, 0x0, 0x30, [{{0x9, 0x4, 0x46, 0xff, 0x1, 0x2, 0x2, 0x6, 0x3, [], [{{0x9, 0x5, 0x5, 0x3, 0x0, 0x0, 0x5, 0x8}}]}}]}}]}}, &(0x7f0000000a40)={0x0, 0x0, 0x0, 0x0})
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r3, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
sendmmsg$inet_sctp(r0, &(0x7f00000032c0)=[{0x0, 0x0, 0x0, 0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="30000000000000008400000001000000000000017c"], 0x30}], 0x1, 0x0)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x82, &(0x7f0000000000)=@assoc_value, &(0x7f00000001c0)=0x8)
pipe2$9p(&(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
write$FUSE_BMAP(r6, &(0x7f0000000280)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r6, &(0x7f0000000000)=ANY=[@ANYBLOB="38010000fe0000"], 0x138)
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000004c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[{@cache_loose}, {@dfltuid}]}})

5.380591433s ago: executing program 9 (id=937):
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_CLIENT(0xffffffffffffffff, 0x404c534a, &(0x7f0000001380)={0x0, 0x8, 0xfffffffc})
mkdir(&(0x7f0000000000)='./cgroup/../file0/file0\x00', 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b70300000000000085000000720000008500000050000000"], &(0x7f0000000040)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000001b40)={&(0x7f0000000100)='kfree\x00', r0}, 0x10)
r1 = fsopen(&(0x7f0000000100)='cifs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000180)='user\x00', &(0x7f00000002c0)='\x00\x00E\x01\x00\x00\f\x01\x00\x00\x00\x00\x00\xc1~\x99l\xb7\xd6\xfc\xebw1hn\x1a\xc5\xef\xec,\xa1\xa0\x12\x1c\x7fn\a\\\xec\xd8\x94oh\x1d\xec\xf5jb\xe5\xb2\xa2e\xfd\x9c\xc4\xd22\x9c\xe97#(/\xb1\xe6\x03\xe1\xaa\x96\x92\x8b4}\xc1L\x1b\x9b\xe6n\x97\xc7\x06\xb2Y\xadQ\xa4c\x1b&\x0e?\xc0\x90\xaf\xb29\xf6>\xe1\xe8}D\f\xc1u\xab]$\x1b\x1bt\xda\x9eA\xd3\x1b\x12A\x82\xd5\xa8@\x1eIw\xb2y2F\xe8\xc7\x03e&\x98\"9\t\xe0\x81Pj\xee&\xae{P\xe8\xceL\xe1\xd1V\xc7\xeaF\xd54\x80\xb6%\xaf\xbbK\x85\x95\xf2\x1bG\xf1\xdaq:\xae\xe22\\~j~\xfe\x83\xbb>\xb0\x9b.\xa4\x95\x0eY\xb8j\xe1M\xf5\xa5\x87`\x04\xab\xf1\xc7[\xda{\r\x95\xa4\xea^\xfc\xa7\x8b\x85\xd1ld\xacK\x8aqd\x1d\xaa\x99\xeb\t|@\xd5p\x1d>+\x0e\xec\xe2\xcd\xdc\x8f\x01\xf7\xabH=z\xa5x\x1b\x9f\x95\xd1\x88k\x85L#\x99^p\x18\x98\xec6\xf69y\x052', 0x0)
fsconfig$FSCONFIG_SET_STRING(r1, 0x1, &(0x7f0000000080)='user\x00', &(0x7f00000000c0)='ocfs2\x00', 0x0)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), r3)
socket$isdn(0x22, 0x3, 0x24)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="070000000400000008000000d9"], 0x50)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, 0x0, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r5}, 0x18)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="3c0000003d000900000000000008000001000000040000001c0001801800108014000d0076657468315f766972745f7769666900080002"], 0x3c}}, 0x0)
sendmsg$NL80211_CMD_GET_SCAN(r3, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f00000000c0)=ANY=[@ANYRESOCT=r2, @ANYBLOB="210f000000000000000020000000", @ANYRES16=r4, @ANYRES64=r2, @ANYRES16], 0x1c}, 0x1, 0x0, 0x0, 0x20000414}, 0x4)
r7 = openat$cgroup_procs(r2, &(0x7f0000000380)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r7, &(0x7f0000000040), 0x12)
socket(0x50, 0x0, 0x3)

4.796174966s ago: executing program 0 (id=938):
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="480000000206010800000000000000000000000009000200"], 0x48}}, 0x0)
sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f00000001c0)=ANY=[@ANYBLOB="140100002c000100000000000000000002"], 0x114}], 0x1}, 0x0)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f000001f900)={0x1b, 0x0, 0x0, 0x18e8, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x3}, 0x50)
r2 = bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f000001f980)={0x3, 0x4, 0x4, 0xa, 0x0, r0, 0x7fff, '\x00', 0x0, 0xffffffffffffffff, 0x1, 0x5, 0x1}, 0x50)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000000f8c0000000c0a01080000000000000000010000000900020073797a3200000000600003805c000080080003400000000250000b80200001800a00010071756f7461000000100002800c0001400000000000000000140001800c000100636f756e74657200000000000000058011e70000666c6f775f6f66666c6f6164000000000900010073797a30"], 0x110}, 0x1, 0x0, 0x0, 0x24000001}, 0x0)
r4 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x400000, 0x0)
r5 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r5, 0x107, 0x14, &(0x7f0000000080)=0xfff, 0x4)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000)={<r6=>0xffffffffffffffff})
getpeername$packet(r6, &(0x7f0000000000)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000040)=0x14)
sendmmsg(r5, &(0x7f0000000440)=[{{&(0x7f0000000700)=@xdp={0x2c, 0x0, r7}, 0x80, &(0x7f00000004c0)=[{&(0x7f0000000180)='O', 0x36}], 0x1}}], 0x1, 0x0)
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f000001fe40)={&(0x7f0000020140)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x15d, 0x15d, 0x5, [@enum={0x7, 0x4, 0x0, 0x6, 0x4, [{0xc, 0x7}, {0x5, 0x2}, {0x1}, {0x4}]}, @decl_tag={0x7, 0x0, 0x0, 0x11, 0x4, 0x3}, @struct={0x0, 0x6, 0x0, 0x4, 0x1, 0x4, [{0x10, 0x1, 0x3}, {0x6, 0x3, 0x8}, {0xc, 0x1, 0x908d}, {0x5, 0x2, 0x5}, {0x6, 0x2, 0x721}, {0x1, 0x4, 0x2}]}, @union={0x6, 0x1, 0x0, 0x5, 0x1, 0xfffffffa, [{0x2, 0x3, 0x7}]}, @volatile={0x7}, @datasec={0xd, 0x6, 0x0, 0xf, 0x1, [{0x4, 0x9}, {0x2, 0x6}, {0x3, 0x6, 0x33d}, {0x2, 0x88}, {0x2, 0x1, 0x7ff}, {0x3, 0x8, 0x80000000}], "17"}, @var={0xc, 0x0, 0x0, 0xe, 0x3, 0x2}, @func_proto={0x0, 0x7, 0x0, 0xd, 0x0, [{0xa, 0x1}, {0x9, 0x1}, {0x1, 0x4}, {0x5, 0x5}, {0x3, 0x5}, {0x6}, {0xa, 0x2}]}]}, {0x0, [0x5f, 0x5f, 0x5f]}}, &(0x7f000001fd80)=""/173, 0x17d, 0xad, 0x1, 0x69d}, 0x28)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f000001ff80)={{0x1, <r9=>0xffffffffffffffff}, &(0x7f000001ff00), &(0x7f000001ff40)}, 0x20)
r10 = openat$cachefiles(0xffffffffffffff9c, &(0x7f000001ffc0), 0x420300, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000020080)={0x6, 0x1e, &(0x7f000001fa00)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0xfffffbc5, 0x0, 0x0, 0x0, 0x1}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@map_fd={0x18, 0x6, 0x1, 0x0, r2}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r4}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x7}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @cb_func={0x18, 0x8, 0x4, 0x0, 0xfffffffffffffff9}, @map_idx={0x18, 0x1, 0x5, 0x0, 0x9}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f000001fb00)='syzkaller\x00', 0x8, 0x9d, &(0x7f000001fb40)=""/157, 0x40f00, 0x6b, '\x00', r7, 0x25, r8, 0x8, &(0x7f000001fe80)={0x6, 0x2}, 0x8, 0x10, &(0x7f000001fec0)={0x2, 0x0, 0x5, 0x800}, 0x10, 0x0, 0x0, 0x4, &(0x7f0000020000)=[r9, r10], &(0x7f0000020040)=[{0x4, 0x2, 0x1}, {0x3, 0x1, 0x3, 0x5}, {0x0, 0x1, 0x6, 0xa}, {0x5, 0x5, 0x10, 0xc}], 0x10, 0x7}, 0x94)
socket$packet(0x11, 0x2, 0x300)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r11 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0xbd84, 0x0, 0x3, 0x6a}, &(0x7f0000000100)=<r12=>0x0, &(0x7f0000000640)=<r13=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r12, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r12, r13, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r11, 0x22d2, 0x20, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000140), 0xffffffffffffffff)

4.697284087s ago: executing program 9 (id=939):
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x10, 0x0, &(0x7f0000000040)="b90103600040f000009e0ff008001fff", 0x0, 0x104, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r0, 0x11c, 0x3, &(0x7f0000000040)=""/185, &(0x7f0000000100)=0xb9)
syz_usb_connect$cdc_ncm(0x0, 0x76, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000020000402505a1a4400001020301090264000201000000090400000102020000052406000105240000000d240f0100000000000000000006241a00000008241c0000007a0b090581030002000000090401"], 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_80211_inject_frame(0x0, 0x0, 0x54)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000580)="d4fa0c511aad03aa5ed217677bc41c027d9c830c439c7f821ddd78b6915cb170e7603acf9e433c2903bb6773f4b0130668a1e5b5e08d21d0b69c28ca3455aed65855c86f3d1e5789d26375a0d85eaf5e92e19c9affcf76e7a94e76556d2b104ebf645747fadc91460f4b3c94e1a89b51be4a6aa4c65285f988329a8163b69c51b801500a5bacd0463976e2960e2679ef2feee5e6ce6bb78a51fb0e15820d13e4a5aa9e0742a6f8d677ad28fea356657bb550c8311b682d9003c82267a15aa7334bc53b65b9119a1a7d905c7dd365b85c230bbad0d5d0a79819e112637819d9a187cfdf782c6127d2d4281926ab0e22f7346b616fe28ed0b9f4a0c9fdac6d3a90a9c38b5e31448a45546388c95045bc22fe88c43b82a0a5d3eb61c238a5159ea98db9c00aeef644ae98a8cb8dffff3b7ba14d7971910b559623af8295", 0x13c}], 0x2, 0x0, 0x48}, 0x0)
r1 = memfd_create(&(0x7f0000000740)='[\v\xfbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91z||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99A\xe1\xe2\x95B\\\x03\xf9\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\x01q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xec\x91\xf7?\xd4&\x81\xe9\xc6J\x8a\x13/hm\xf0\xa7\x00\xef\vO\xac\n\xac\xd8\xb3R\xb8Q\xa30\x12\t\x14\xb50m\xfd\xbb\xf0I\xb2`aYi\xeb\x90\x0e\xe9D\x80mv\x13\xc0}s8\xb4\x85e\xac\xd3\x04#\xe3\xe8\xc9\xa3x{{\xc03Y\xeaL\x8c\xbd\"\xd54rwl\xeb\xde)U:\xe8\x9fJ#\xa7\xfa\xbd+\xca\xd0\x01P\x0ef\x9a\x86W\xc57p\xa85\xffuS\xa9%X\x14B\x92.Y\xaa\xb04\x039C\x81X(\xceE\x11A\xbe\x91\x1e\xd9\xd1\xe1\xe3M\xc3\x0e\v\xe6\xf8tu\x86s\xf2\xc7\x99M\x1dz\xab\x92z\a\x84\xe7x\xe4\xa7\x98\x99`6\x7f\xd9\xfa\xe8\xcf\x948\x06o\xfbaK8\xdb(S{S\xcd\xae\a\xa5R]\xd5\xcb\xab\x19\xd5#E', 0x1)
write$binfmt_script(r1, &(0x7f00000003c0)={'#! ', './file0', [{}]}, 0xc)
execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r2 = socket(0x2, 0x3, 0xff)
sendmmsg$inet(r2, &(0x7f0000000680)=[{{&(0x7f00000000c0)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000100)=[{&(0x7f0000000500)="8fc8bf70342c6d1600bae5de9614410848dd95e7b8523bfbf4a6cbcc911b443e673a8fa77ce58a13432ac99e4be38c9c2661a892682d81d9b9022ea90797fb45a74a588fdabe42", 0x47}], 0x1}}, {{&(0x7f00000003c0)={0x2, 0x4e24, @empty}, 0x10, &(0x7f0000000700)=[{&(0x7f0000000580)="c7bace4ebe91b42a7bf8f86453e0ec420e051dc8", 0x14}, {0x0}, {&(0x7f0000000780)="3ce6c498bfc50136f2c47c20cf1a66c10fd74dd25b683183546aeadab27363e9811872eca5570c55b4ec97197dd48b3d35142a2c28aae0f19fef2b33cf00e949f96f5c28da936bdcd3b340fca079ce748c6a885a3215ac5f2986d52a4b43424aad79c75dceb42e20b00c69d6b7b2f9b883e52e876d68c646df1b0a2b0f4f193e146a728d8f43f603e3a78208c00586c54ed3a7c425", 0x95}, {&(0x7f0000000640)="a50f6202000000000000005bf0", 0xd}, {&(0x7f0000001080)="3c077982452f1e1497d128b4a4dcff3bc1fc253498237a078ed7328b2e629de0e7f73cafe0f99f9228b71a18a0e7f778e6f12663bff64f428a5687d2fb4b40744f7d77ca26cf1015484ec237c4f8ef7316bdfc1e348cf8fab1eeffa008941bad6860044a95b5c85738c5362234cd3d9fc729479c04f46240a61f272cbecfd482e95d0b7ea4ca3bef58f6708c29325c27dfed9ab6b0d0eba695efdc505190e991df78b19b1115acdcf8e8a42af7", 0xfffffe49}], 0x5}}], 0x2, 0x488c4)

4.168569195s ago: executing program 2 (id=940):
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x29c041, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000404000000002e"], 0x0, 0x37}, 0x20)
socket$inet6(0xa, 0x800, 0x5c6106ce)

4.04543209s ago: executing program 3 (id=941):
r0 = semget$private(0x0, 0x3, 0x621)
capset(&(0x7f0000000000)={0x19980330}, &(0x7f0000000040))
r1 = syz_open_dev$sg(&(0x7f0000000200), 0x0, 0x0)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffd, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="bee900008080", 0x0, 0xfffffff7, 0x5dbcc8c695e5f418, 0x3, 0x0}) (async)
ioctl$SG_IO(r1, 0x2285, &(0x7f0000000300)={0x53, 0xfffffffffffffffd, 0x6, 0x0, @scatter={0x0, 0x0, 0x0}, &(0x7f0000000380)="bee900008080", 0x0, 0xfffffff7, 0x5dbcc8c695e5f418, 0x3, 0x0})
semctl$GETPID(r0, 0x0, 0xb, &(0x7f0000000fc0)=""/4096)
socket$igmp6(0xa, 0x3, 0x2) (async)
r2 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x9, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) (async)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f00000004c0)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x9, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488)
r3 = socket$netlink(0x10, 0x3, 0xc)
syz_open_dev$video4linux(&(0x7f0000000000), 0x8000000000000001, 0x400000)
r4 = syz_open_procfs(0x0, &(0x7f00000012c0)='net/raw6\x00')
lseek(r4, 0x9ae, 0x0) (async)
lseek(r4, 0x9ae, 0x0)
r5 = semget(0x1, 0x3, 0x80)
r6 = syz_open_dev$loop(&(0x7f0000000100), 0x8, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/stat\x00', 0x0, 0x0) (async)
r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000200)='/proc/stat\x00', 0x0, 0x0)
ioctl$LOOP_CONFIGURE(r6, 0x4c0a, &(0x7f00000002c0)={r7, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x8b22, 0x0, 0x0, 0xb, 0x1c, "fee8a2ab78fc979fd1e00d96072000001ea89de2b7fb0000e60080b8785d96000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f422741b13103e52f400", [0x0, 0x2000000000001]}})
bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4) (async)
r8 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000180), 0x4)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@bloom_filter={0x1e, 0x5, 0x211cbc4f, 0xbfaa, 0x44505, r7, 0x0, '\x00', 0x0, r8, 0x1, 0x1, 0x0, 0x7}, 0x50)
semctl$IPC_STAT(r5, 0x0, 0x2, &(0x7f0000000080)=""/218)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
syz_emit_ethernet(0x4a, &(0x7f0000000440)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa00ff01000000000000000000bbfe88000000000000000000000000000100"/58, @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5002000090780001"], 0x0)

3.366819924s ago: executing program 0 (id=942):
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000040)={0x3ffffffffffffe96, &(0x7f0000000000)=[{0x2000, 0x5}]}) (fail_nth: 3)

3.316580062s ago: executing program 2 (id=943):
prlimit64(0x0, 0xe, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000040)={{{@in=@private=0xa010100, @in6=@empty, 0x0, 0x20, 0x0, 0x0, 0xa, 0x0, 0x0, 0x2b}, {0x2, 0x0, 0x0, 0x8, 0x5, 0xfffffffffffffffa, 0x0, 0x5}, {0x40000004, 0xfffffffffffffffc, 0xffffffffffffffff}, 0xffffffff, 0x0, 0x1, 0x0, 0x0, 0x3}, {{@in=@empty, 0x0, 0x32}, 0x2, @in=@local, 0x0, 0x4}}, 0xe8)
connect$inet6(r1, &(0x7f0000000240)={0xa, 0x12, 0x0, @empty}, 0x1c)
syz_open_dev$I2C(0x0, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x800000000, 0xff, &(0x7f0000000140))
eventfd2(0x1, 0x1)
syz_emit_ethernet(0xce, 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000200), &(0x7f0000000080)='./file0\x00', 0x4018400, &(0x7f0000000100)=ANY=[@ANYRES64=0x0, @ANYRES16=0x0, @ANYRESOCT, @ANYRES64, @ANYRES8=0x0], 0x1, 0xf23, &(0x7f000001fb40)="$eJzs3U9sHNUZAPA3a6//xCZeAwUDJaTQikDBDkmkprcgUI+IS++gkNAIQ1FDD0RATA+ISogiIU4VByoulEoBqUigShXqqe2pVW89oV6oVKVSUA9tpNhV7Dfr3ecddj22Z9e7v5/0+fnNm53vG6+zmRnPvg3AyKqtfz1xYiEL4Z3P3n705aeyT64vu6u5xuH1r1nsNUII9ZZ+lmzvi7jg2pWXTndqs3Bs/WveD49dbj52JoSwEg6Hz0MjfLi0/NUH7z5y5OPXpm5588Izr+zR7jel+wEAAMPo0p+X/37fP//0wPzVS4dOhcnm8vz4vBH7M/G4/2g8UM6Pl2uhvZ+1RKuJZL2xGLVkvbFkvfEkz3hBvnqynXrBehNd8o21LOu0nwAAALAf5ee1jZDVFtv6tdri4sZ5/3VfzE1ki8+dWz57vk+FAgAAAKX95+L6TbdCCCGEEEIIIYQY4lib6/cVCAAAAGDUpPOFbbGyuzN1NbfW6C3/5YdrnR8Pu6Dq3/+vzz/V5/wdjHj+91/1igMAQHnDejSZ71d+HJ3PY5DOIziWPG67x/+1ZDvj26yzaF7B/TLfYFGd6c91UBXVv93nsV+K6k/nwxxURfWn83QOqqL6Jyuuo6yi+jtc+RlIRfVPV1xHWUX1H6i4jrKK6p+puI6yiuqfrbiOsorqv6HiOsoqqv9gxXWUVVT/frmttqj+RsV1lFVU/3zFdZRVVP+NFddRVlH9N1VcR1mt9bees9zch1r64c7Y5j+HQwXrzXQ4p9sv53gAAAAw6v5n/j8hRizi3Q19r0OIgY0p/0aEEEIIMYxxsb+XHwAAAIABkL8vIH/X+1qUj491GR9vHZ/aXCEfr3d5/ESX8cku4wAAAEAIv3v97G1vZZvz3e10Prx83qjp8MlqKDGPUTof4Xbz73Tes53m3y/zlgEAADBash98vnr/o++9MH/10qFTLWe/q/F8N58HdDxeG/g09vP7AmaTfpafQ59qz1MrWC+9PnBD0fYe3+GOAgAAwAjLz98bIasttpx3N0Kttri4eT6+EOrZ2XPLZ47Gfv75LH+cq09eX/5QxXUDAAAAvds83+98/p9/ju9CmMgWnzu3fPb8Rn+2ubxea70uMLe5PGu9LtBIlh8rWH489vPP7/zR3PT68sXTP15+ard3HgAAAEbE+RcvPPPk8vKZn/jGN77xTfObfr8yAQAAu+3LL9+u//T47O833v+/Of/davzmcOw34tx+f4nL8/sE8vcBbHm//hPteeaK1nu+fb1Gst5YjMmk7qmW7YT1+QbbHzdflK/Rvp2JgnwzSb7ZJF86T8F4sn7WYS7B0GF+wny9uWR5Og/jeJIjS/Lf3SEXAAAA5JZeePb5pfMvXnjw3LNPPn3m6TPPHT928vsnTx596HsPLa3f17/Uenc/AAAAsB9t3vTb70oAAAAAAAAAAAAAAAAAAABgdFXxcWL93kcAAAAYdf++GEJYEaIg8g8Y7HcdYpBjbbL/NQx3hAH9d/j6R/2vYf/G9MA+rzuMqYnh3C8hhNhhTPb9tdF5n1gJYW0t/aR5AAAAgL117cpLp1vbLVayXc3X3Fpjo1mNefN29sG/zV+PfLXLD7dfLzmwq9Uw6qr+/Zd/UPNPdhx//9XdzT8VNl/7Qk+vf7X2DZxq6033mvfepV8vNPOHEG4f7zF/uv+P95qx3ZEk/72ht/xr7yX5n2jr1XrNf1+S/0CP+bfs//O9Zmx3f8y/EPtH7uk1f/su5r+l+X70+gvw3WT/nwq95k/2v9FjwsQDMT8AjKLm/+ZrF/tbyC7LjxLy4+mZ2M/3Nx5uhvTuh+0e/9eS7YzvuPL27ebHQbfG/lSzjva8uW3Uv54i/7nMxvaGknWm9stdJUX179bzuNeK6q9XXEdZRfVPVFxHWUX1dz57HzxF9U9VXEdZRfX3fCGiz4rq3y/XlYvqn6m4jrKK6p+tuI6yiurf7v/j/VJU/8GK6yirqP65iusoq6j+kpfVKldU/3zFdZRVVP+NFddRVlH9N1VcR1lF9d9ccR39ckdsi86H8/PPuTiW9xtJf7LDz7LnP4YAAAAAe+pfAzkPRMuVg77XIoQQQgghxPDHf9c29LsOIcTexdpaP68+0G97+25mAAaV1//R5vkfbZ7/0eb55+vkf4nPkn5urMv4eJfxepfxiWQ8/X2d7DJ+U7Ldtfy6ZnRzl/FvxD0oGj/Y5fG3dhlf6DJ+W5fx27uM39FlHAAAgNFwS2ydHwIAAMDwevk3n77x23ufuDJ/9dKhU2Fiy7zzR2N/Mv5t/fXYT+e9z9Xj3/x/Fvu/iu0fYvuPZH33nwAAAMDeyz8nxt//AQAAYHjln1Pq/B8AAACG13xsnf8DAADA8Loxts7/AQAAYIhlU50Xxza/LnB3bHud1w8AGHzfjO2dsT0U27ti+63Y5scB98T22xXVBwDsnl/+8Ocn38o25/s/noxfi8vzdouVjSsFWa19Jv/p2B6I7Xd6rCf9PIBe8+cO9phnr/LP7TA/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8autfT5xYyEJ457O3H/3FxBt/vb7sruYah9e/ZrHXCCHUm4/LRzf7H8UVr1156XRruxrbLBwLWciay8Njl5uZZkIIK+Fw+Dw0wodLy1998O4jRz5+beqWNy8888oe/gja9g8AAACG0f8DAAD//2giHs0=")
r2 = open(&(0x7f0000000240)='./file1\x00', 0x145142, 0x0)
ftruncate(r2, 0x2007ffa)
fstat(0xffffffffffffffff, &(0x7f0000001440))
sendfile(r2, r2, 0x0, 0x800000009)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x138}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
pwritev2(r0, &(0x7f00000007c0)=[{&(0x7f0000000280)="bcb787bcbf335738bdefd6a6161add229c8c9290fdf14d413e8f8194db8640c3f80f6f74715be787d9dc4d706ce1aaed80a0d0beb962e390ad11b564ea3306e520f2b71092dd82f4a59c98ea2b97f2892768e632af38a747f2f253", 0x5b}, {&(0x7f0000000640)="2e62fcb0c41a026467c02bcdba9108581b1c5b48ddbd44b8757f574e9b95e773e817ce6272741a0803764b210be118263931301e4cc275607b9a57ae7aac15eeb20e81dc09fe1ee060b5f928d59f95c07be248106c4a9e1d54886115d2af0f41b312d972d9b2171869de8dda89ec959733d8cda496149550778d6d1e54f0cb29bc3b2251ca148c78d889358f35bfac4be8570912aed19b6a9b533f4f81ce2b19ae91155d5a9743c5cbfc47ceccdf6ab8292233a7a7b7639f4354d3deb83aff26c8c40e44365bd59a7421aed27216e6b4a43532f833e9ab76643517e3f4faee1cbfcbfc1f", 0xe4}, {&(0x7f0000000340)="fa893c52e1e3fcc2ab60ff7940968ba81a5c732e95dfb265a7519c9f96b64cda78e5649943144a64a156fce3fdf01e1211c2df275e19d87aaeab1e5e89ab8702be06f8a90457efbb09da82bff8aeeabad804dd1f5e6e202c79f713f71b1bc0", 0x5f}, {&(0x7f0000000740)="1e6d9269dd87aa5b033e272ae13b0ecacd01e884e49b5f6bd71a52f40672c82c6cf727c51edf31d4d70c4fad54eb5ec99efa1e51e6fcbb3257b30053ad99612da7d9f8d6ef5a9ed1eea8487ec0ff169b05a0d11365fffcb04f57", 0x5a}, {&(0x7f0000000180)="8658222310ff82d907e90984382b", 0xe}, {0x0}], 0x6, 0xe, 0x4, 0x4)
ppoll(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=@updpolicy={0xfc, 0x19, 0x1, 0x0, 0x0, {{@in, @in6=@remote, 0x0, 0x0, 0x0, 0x40, 0x2}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x200000000000}, 0x0, 0x0, 0x1}, [@tmpl={0x44, 0x5, [{{@in6=@private2={0xfc, 0x2, '\x00', 0x1}, 0x2, 0x2b}, 0xa, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x0, 0x4}]}]}, 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x2800, &(0x7f0000000080)={&(0x7f00000001c0)={0x54, 0x0, 0x1, 0x0, 0x0, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}}, {0x14, 0x2, @in={0x2, 0x0, @broadcast}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}}, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
mkdirat$cgroup(r2, &(0x7f0000000a00)='syz1\x00', 0x1ff)

3.314350588s ago: executing program 4 (id=944):
getsockname$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x0, 0x0, @ipv4={""/10, ""/2, @multicast2}}, &(0x7f0000000040)=0x1c)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x48, &(0x7f0000000100)=0x401, 0x4)

3.121249736s ago: executing program 3 (id=945):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_JOIN_IBSS(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000000c0)=ANY=[@ANYBLOB='l\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010100060000000000002b000000", @ANYRES32=r2, @ANYBLOB="040046000a0034000101010101010000080026006c0900000800270001000000300051"], 0x6c}, 0x1, 0x0, 0x0, 0x4010}, 0x0)

2.360644903s ago: executing program 0 (id=946):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$autofs(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r1, 0xc0189371, &(0x7f00000000c0)={{0x1, 0x1, 0xfffffffffffffc9d}, './bus\x00'})
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

2.357626352s ago: executing program 4 (id=947):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x205)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000010)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004004)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000340)="aefdda9d240000005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x72}, {&(0x7f0000000780)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9", 0x2a}], 0x2)

2.137124729s ago: executing program 3 (id=948):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000006c0)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="18010000000000f6000000006debff00850000007b00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00', r0}, 0x10)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='task\x00')
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r2, 0xc008561c, &(0x7f0000000400)={0xf0f01a, 0x2})
fstat(r1, &(0x7f0000000180))
syz_emit_ethernet(0x66, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd601e190700302f00fe8000000000000000000000000000bbff0200000000000000000000000000010000883e", @ANYRESHEX], 0x0)
syz_mount_image$hfsplus(&(0x7f0000000140), &(0x7f0000000a40)='./file2\x00', 0x810084, &(0x7f0000001d40)=ANY=[@ANYRES64=0x0, @ANYRESHEX, @ANYRES16, @ANYRESDEC, @ANYRESOCT=0x0, @ANYRES64=0x0, @ANYRES64], 0x5, 0x686, &(0x7f00000001c0)="$eJzs3U9sHFcdB/DvrDd2NpTUbZM2RZUSNRIgIhI7JgVXQgSEUA4VqtoDNyQrcRorm7Q4LnIrRMP/aw/hiFQOPsEJwT1SuXCBW4/4WAnBpSdzYdHMztobe9d/Qux1yucTjd9782be+81vZ3b2j6IN8H/ryrk076fIlXOvLJft1ZWZ9urKzK1ePclEkkbSrIqiLDqdD5PL6S55PklRD1cMm+fewuxrH32y+nG31ayXavvGdvvtzt16yZkkY3W5ya2HHe/q4PE2HN1puGL9CMuEne0lDkbtSHU5l/55r7vmB395Yr2nT2vQ3jue+cBjoOjeN7eYTI7VF3r5OqB7V+zesx9rd0cdAAAAAByAJ9eyluUcH3UcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DgpvtIaK4t6afTqZ1L0fv9/vF6Xun64nN7b5vf3Kw4AAAAAAAAAOECn17KW5RzvtTtF9Z3/i1XjRPX3M3k7dzKfxZzPcuaylKUsZjrJZN9A48tzS0uL0/17Tgze8+LAPS/uEOhEXbYe0YEDAAAAAAAAwKfLT3Nl4/t/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4DIpkrFtUy4lefTKNZpKJ3nZ3k78lGR9ttP+7+6MOAAAAAA7Ak2tZy3KO99qdonrP/2z1vv9o3s7tLGUhS2lnPteqzwK67/obqysz7dWVmVvlsnXcb/5rT2FUI6b72cPgmU9VW7RyPQvVmvO5mjfTzrU0qj1Lp3rxDI7rJ2VMxTdqu4zsWl2WR/5+XW7x3p4Odpg9fpgyWWXkyHpGpurYymw8tX0m9vjobJ5pOo31YE9smqleX9ztVE4/TM6P1WV5PL8clvODcry/sTkTF/vOvme3z3nyhT/9/ns32rdv3rh+59xID+khjNVlp/rb2pqJmb5MPNfNwPdf/zRmYoupKhMn19tX8p28nnM5k1ezmIX8MHNZynzO5NtVba4+n4u+z1OHnDOXH2i9ulMk4/UZ2n2w9hbTi9W+x7OQ7+bNXMt8Xqr+Xcx0vppLuZTZvkf45C6eaRtDrvrOZwcGf/aLdaWV5Fd1OSqdif5Wmden+vLa/5w7WfX1r9nI0tOP/n7U/FxdKef4WV0eDpszMd2XiWe2z8Rvq6eVO+3bNxdvzL21u+mefr+ulNfRL0Z9l3hAeb48XT5YVevBs6Pse6bb19ycr/H6G5fufo0tfSd7fX//za9frrYZdqWO16/hml+f3XLHKvueGzjLTNV3qq9v0OstAA69Y186Nt76R+uvrQ9aP2/daL1y9FsTX5t4YTxH/nzk5ebU2OcbLxR/yAf58YNvcgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIdz5513b8612/OLmyrNdN4b0rUvlf8M6SqSPMK5ej9nNnSbI3seudhhm+efSA4mh1sr40kOfNKBlX93Op16TXEY4tm+Uv2E4UQ6+z5XM8mgrtOjT8KIn5iAfXdh6dZbF+688+6XF27NvTH/xvzt2UuXZqdmL700c+H6Qnt+qvt31FEC+2Hjpj/qSAAAAAAAAAAAAIDdOoj/TjB89qMHeagAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAY+rKuTTvp8j01Pk/lu3VlZl2ufTqG1s2kzSSFD9Kig+Ty+kumewbrhg2z72F2dc++mT1442xmr3tG9vttzt36yVnkozV5aMa7+puxvvddp3F+hGWCTvbSxyM2n8DAAD//xcoC0M=")
rename(&(0x7f0000000140)='./file0/file0\x00', &(0x7f00000002c0)='./file1\x00')

2.134317456s ago: executing program 9 (id=949):
r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
listen(r0, 0x2)
syz_mount_image$squashfs(&(0x7f00000002c0), &(0x7f0000000140)='./cgroup\x00', 0x5, &(0x7f00000000c0)=ANY=[@ANYRES16=0x0, @ANYRES8=0x0, @ANYBLOB="445419838520cab5ec5564f65806ce73d727c23f4bead8e72dfd4d4ea6d8016f88915ef8c605109e8afce7aa0cf185359b552c99a0c4283432c1fe5e1b84", @ANYRESHEX, @ANYRESHEX, @ANYRES32], 0x9f, 0x1a1, &(0x7f00000004c0)="$eJzs0c9rE0EUwPHvm9lks4FWUz3VQxcMrCtKNvHHwVPw1EIWvIoEXWpsShPRJgdbFONBBKn2b/CkRxH0JGLBc/EgeNCI4E3MIXgQD2Vlk8lf4Xxgdt4b9r3dt9vu3e65wMH47ip1JnLM89EVHGBJpmdKTfc3Ag+An+Z8F/CBiybfEQrZ/sLkxYEJ8C/4BRNuJJ1Oa9NHj3/7lL7T29reSDpZ28nNI6GOfB7r1USuxYLQVddjSg1OPkE3PcKnLDpzHL2KJg12WFFpKkEDDlX63VuV3tb26fXulbXWWutmrXbmfHQ2is7VKjfWO63oNRI+FpWNli03xgvvkWvycN8pkg0ZttVQiwf5Jrv7+sTxUyNU+IsU4X0wwv3qtOfNIJRgmSPCM3RMuYGncNL72YOWkUvqlVSdT86fnKIw0KbkstJ/8+6sQS6okqwAESyycLDHoyHlIYc1z4fOj28syVu8yXedcAbZ9aXJjhWBPHeSfn+zmocPEsTUslWCORbYQ8X1ciN7z3emZvY/vswCy7Isy7Isy7Is6z/wLwAA//8VMFdM")
setsockopt$netrom_NETROM_N2(r0, 0x103, 0x3, &(0x7f0000000000)=0x2, 0x4)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000000)=@name={0x1e, 0x2, 0x1, {{0x41}, 0x3}}, 0x10)
listen(r1, 0x0)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
getsockopt$sock_buf(r2, 0x1, 0x1c, 0x0, &(0x7f0000000200))
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_wireguard(r0, 0x8933, &(0x7f0000000180)={'wg2\x00', <r4=>0x0})
r5 = socket$packet(0x11, 0x3, 0x300)
r6 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r6, 0x107, 0xf, &(0x7f0000000100)=0x9, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r7=>0x0})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r2)
sendto$packet(r6, &(0x7f0000000180)="0b031200e0ff64000200475400f6a13bb1000000086086dd4803", 0x100a6, 0x0, &(0x7f0000000140)={0x11, 0x8100, r7}, 0x14)
r8 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
write$UHID_DESTROY(r8, &(0x7f0000000280), 0x4)
ioctl$sock_ipv6_tunnel_SIOCGET6RD(r2, 0x89f8, &(0x7f00000003c0)={'tunl0\x00', &(0x7f0000000300)={'sit0\x00', <r9=>r7, 0x7, 0x0, 0xdd7, 0x9, {{0x1a, 0x4, 0x0, 0x0, 0x68, 0x66, 0x0, 0x4, 0x2f, 0x0, @multicast1, @broadcast, {[@timestamp={0x44, 0x8, 0x5c, 0x0, 0xd, [0x4]}, @cipso={0x86, 0xc, 0x3, [{0x6, 0x6, "89ef2d69"}]}, @ssrr={0x89, 0x7, 0x23, [@empty]}, @ra={0x94, 0x4, 0x1}, @end, @noop, @noop, @ra={0x94, 0x4, 0x1}, @ssrr={0x89, 0x2b, 0xed, [@loopback, @multicast2, @loopback, @multicast2, @multicast2, @rand_addr=0x64010102, @private=0xa010100, @broadcast, @loopback, @private=0xa010102]}]}}}}})
sendmsg$ETHTOOL_MSG_PRIVFLAGS_SET(r2, &(0x7f0000000200)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000680)={0x1244, r3, 0x300, 0x70bd26, 0x25dfdbfb, {}, [@ETHTOOL_A_PRIVFLAGS_FLAGS={0xbc, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0xb5, 0x4, "8bdd2b59070441871acac086bff190704e77ef6e6c0fca5f59ab44797cf38d53b0606b6cec40e18bf8f98e1f223299448acde2b23ffb2188c9bc9a38d9f86157112f72af448d0c78d24f6aa7fc441ffaa57a2607a2a5bb55de2065a0fdbec25e2045751f90d56cf4e01bcb6b6d471401c82f488e94fc59d61090a9db41884b34a599d683804ff8dff1336063b3794b2e6f748487175bb26da3ef6acef31b68dc32cfb4ade3e3534e99050a968341f9dc02"}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x48, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_virt_wifi\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r4}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x2}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x5c, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth1_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bond\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'vcan0\x00'}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}]}, @ETHTOOL_A_PRIVFLAGS_FLAGS={0x1078, 0x2, 0x0, 0x1, [@ETHTOOL_A_BITSET_VALUE={0x1004, 0x4, "8bac9abadc652114d0d2230102552a4e1b4ab4110aaa289687ebe8ffba5f5b3065857833e8722cda32c324a0a733bc2832de219ba127407ad5be51056d6152cc2cf83c07c477ac790ddbc7981c411b1820753fd4d902d2c5620d95fa9c1d748fd4d007989c0d014f3e350ab7d3b9d2058e2aed4dd28b39cf6762ccee2c92444dfa7795b033db4333cb9bbbc6f97c18e77e1f79996991af45787e7c7e815930a0f53541aef67ed27ec749eff23f7c1e6fbe71a6cab9b329ab9bf75a97f21f637bba03d68b540de3626eba60d964ea6e0676312c37276d87e06eaa3778e67c372f68131c04d9e89ad58f35d2733b3f95ed6376e16fc84c8d70aa4d4c42677f12278cc9aa4e27ab1eee53f799251e66ebacd1d92389284975ec732a7e687a7f48b7a1cbaa1f7df6ea0a2280e4761fdd92f475ef525ae6276d4e63fc80bfd8802b1e80430d944be6b44cf2a70ebbac6aa572c6d172620e671c68cfebfc2c3819ffde7641bab5f46ad73eb9422961650a6488919cff5026300a5b254fc5b39314411e3a34c3c4d052da32af59962c52df0c907b69ec19384b36f5a16e8a2695ec9780c4b0ef2d464c74029312848615059b2a7cf8cb740d2827da0d5483fc981420e81b2ffebe44c519532a762d76933aa0696da09549c7e05c48c39c09052f0e922c624f70265a82ec33e6c2b41dba5be2e4da47ad805c9b73473dffb40d00f16e50eae9681da4e7aedb53decfe7e495612fdd2c0f52efe5fd1c01c5e08e483d5eae6b461197a89704c2f22b2ec1e7826118a39ede38fc06093854ac74fcb012960bfb50ba7b59e7e2d53698482739e95c6aeba211b2aef9b1921c583fb5b5c8cb301e618b4fc8307bed3af2ecfe8163671a282a52c55f1c005f29a242e4c1c03aca0e09d0e7c2530b3c1f4aef6de7503d73fc5ccf65ec11ccaff0005f038ea5ac3888b871b090e4c544d06807a767b004b8f50485c82f1812d70f290c20a38a946ffa849067820e77650f170c56b56a1aaf13097cd04a7e9481b6f7655908d8889be00251c8250a1428e47f63038247f5104cdbe9dab809c865b262413677eafbd81a1cf6a3ff2e1a3b912cf2f38a1e612dc290b422d0ce924ad3ae76c20647101c32b3b7635fd2486cd6619f4579b744d4df977d38052f78726c29a3143d1fb1c92bc0a3b82197db996d261faf3c46fffa81dcc082c8e7578d2382daafa64b10e83495f0395dcce7048ab57e5e1ca1759c0a42eab4983e1def17b95a677eca1a09e6d34ad0bb4a2623df0e1961c253b5afba6164b70f30a26e399f0ac8ee126fbdb60af01b4ba15dbf57ffbc0b6e3418730afb1b7f17ad4d942fcc943fc0678e7bfab0b979330757cc19398b722a0812260cf9d4b7988c6a9cb5d5cb9f6bf78954e3d6ce4d2225b143da4c24b83915680405cd1b8a145c00b5976ea5f8f01ac8bac13c092f272c0b5b7836e8563b121578d0e69003cb2608278f15298b08aa077d5cc04ff9e7e921bdc101240afda7b17dbdc8fd7e44bc1b0b08e067ce530ce4a62450bed8bbf2635e3521475e7020048c11d840ff5394de1999223420a1ab97eae3eaf9656976c3ab6cf36abf44077bee1443e8df1e5be9e9ca6a44c79c7a50e0e21cda934c9c000f1a457a42e9dfe3bea7c50b46d6c5827bcf540bc974585fb00074ddbe9ff205d80781c644b14a7c5a60c8bc9f14fc33791797b572d4396536d4964be3af939a87871ccb16a22882b7a54c7519963466816e5c1d4c3365d3212fdde1970aa4c889e7a542b2f0a86b86b0b33cba5eefd5a2443a50b25ee64ef1bc767dac6fd9a0d11e9e160da9f5d2bdbe4705394839041b8485578ce0cf820ffd614d1212428c183e9c6cdff6225a1a86d89099787c6bd7b4265a2de28543927f0e90228958e4ff8b6ce3e916491c31820d2a76e1835815c07657be496cf91fa9077c402e6dcf70468b15be3f02d8597a980cc933fcc0965ae2b570075524aea1cca747b266c7bf4b6aafbe7ee04f2f786054e0c3c40f6c38be5ab8629ba90f7f4a7d2ddeb15ef0a1ef0347107452e08dc0f6a5a5f77f285be2306c90c232b0f051011a6bfc01bd2f95f6d1134ad56f79bf4be321cc82b140e28349e0bd31688aef1c3164bd57468f87bedfa0e8158d829495f1c7ac120129f16d30c45f662290a1cf875bbbae2da10145bee6765958edd7f69459bc6ecf9db2ded6753770cc6e78c138409f061e5410f78295f3f68f09d218e69f7cdf42ed093bd7d67f773df15525b3be29bf4624d8df94434b8a485f9b99a57f890e7b6e3164d303de04de6e8b3d52a3ecdfd04ca9cc92d05ee4c9053a0a476636955f856f171d69467f341aca92f3b355b982977eedb317b8d3e1769f4aeb04cd72d09fb33903ca63877380363810d22723448e7f1ccad86628bae8bf49d1c1bdcbf712d510a4f2a85e36ca87255f1c68a3eb1cc5a175740bb047f3d8301f7554e6cb28745c924c632ab88c5352978022dc9cf7bb256d29c47cd82d9636f3f7e638279a9b513238ff9915025f5234e3cd851a83ef361f7b41b9c7ea4d40e3848f35c5c556731af74bad2def38bba627f344f5ec69c980fef7ef1519e491576ca620747a725c2ae76814266ceb69228a6806c7e72fbc2b80410527f12d0f83a294cb0480748b3d7a913c46bfdc47087e1f5a2c19843f0ec8d69cc22573c4858ba7086455a335ad62536de22a534d1d8af34ed3fbf24e0d40c361060dab630a6f1f2c6ea8f2accf385a4a52f007c2d344e8ccfd3c839c4f4de7950981abad1a942b3de3bae53d6536d185d2c16400773f912d118327944fa7ca02d9ced751595cddfffdced235a9cb98ba52139b20e3863d143136d832db729c93a319e133165b8f8f145a51738709d2d3fb23abc315a556d7da169de262a68ae026d6f805f82c62f6e0fcb45cc6e2aef2aa18eb68ace0864c655bbb288664cdbb26ed3a1cdd73aaa585d86fb3aa3e30607a053615f515c3ecb0fc3852fd13fcf697ba02dc30cf9d692fb95560808be76496c9c0b56b3f50c16c05c63372b4d3ea291eb671a1c4edeff8dff75ab44538a30a3be6ab042592c55c744d26cba058e277b44239ec996a353bdd37ca248db701535b325e22332f6551478886ef1ac2a3a9ee89ac415c52643a2ea156a02e51c60395befd500673fb898d87780ec31b9b8b0cccab66aed4f0b3809a45fd9626ff1ca361ca05ae155f977bbb854d619e7a30f15e8624b0f80eb4e46fdbfd3ffa1014d952f1053d7fd31d93761c4cee328cbbbb6d7c85d2704de9b02642d50b04c1aaadfc582160cf4e12a59e2ad1d292f5e683490bde01c65175d9b84d74ea8f86487940d19dff4f469c40fddddc6ebb098e103c290ddc4eea864b4e6a8afdac12f8f60c37bffd54b7ed1eef74dbc245ae4ee409a439fb751686c378e02bbe6101d962d95c999509e2db62a87859ac354ebdeecc3e18ab450740cfd1770d33b57e4f621d65c454a0311d6b99634b6692def2806bb600b6ff34e5c6d3c601815709638636922b61b77f7ebe6db01f77ca14eb77594489f80fd7512dc334da6230fdc6de59e9365afda8eca5cea885c1f72d0cc7066b3a24db84088a288bbda8acf16a37b431ca0d7df54b3781be28e5d40491bf866c85307b628e03d1db531d74044e1fbbe5bb160081d1114476e99f0ddd8f81fe55b4ff60cc1de4db47f5698ce50981a32c911b15f8874d0c93c0117e32a029ac562d2c8e63a1eeb385e7ae42b72c3ad452ce63b32801242eb11115ddd3e8f1fc046322f434b4a17bb65689b5efc63a4cb684bf48db7141ebff45f97a88ee147eb6cf433a8ebb4b1553b78a0daf54f304c254dc97f6047821ce8a0a2a4c39513e4e3461becfea72cc1aee32ca29a8b336d7f650776c39abf9457ad46b802719f7d7561850b05e761921f5571bd44fd2235e691bbe6b4b9e538ed53344a7b109174683a08f39852370f3353cc24a893f26289f6a892ccc901118a6804b56dff4e3f58e1d72b824ec8d22ed7aabd89950bdd773f92c04f0157be09f6eb9ff101acb22939007b3026c57420c109e2a81f14c0303ca5ef848d96928a993e4bdd76707c8dd8a29c9dcf72809d3bb21920cf21ab294ac00abf7180aff74193bfd7299b659243fb19dd8286603bc16d68780e44a1e65327106da52cb4c88e97f9b720f462ab74a11bdb42a8f60ead47fc2022ee61bb61e8ad7ceb929f2c172939bbf911c119fa2c71e4152e3accb371d22434689fd4c8919aceed9e6a8dd33e0190db25770d26c67fd2fb28c2404dcd645e20175916c5ffb2c1207ee73ce2aa6d8c31b113b09ae22fe3b1d1661c28ab2940acf6edb9b23d1aca51f87bb5ac81bb5cbf5f626df9f9e6ef29f561299fd89aedc15860f56459cf076919dac99b78e974ff39446cf82d07e32b34a5542cf6c7fdd6a04017c9038f459d115dc03043dabf2875c8728de4f6782706527d056844ff48b99d2d65a8075015eb651eea8bfb351935ea0e30f0f8faec9f45e1de81d891d2e7e727024c083af1d9e4fa3c9f366097f3aff1dc6ff8eeab59ac1b615ce881c163cd746cd42990ac0be507168071febaf85134844822cc5813f10a00429bfd694e3eb7553cac9427004f5c1a90a05143f4aec1f40becd4d698f3d329223a7535a68db301a47d83f1ab2d11d7e65c45961b845d4a7edb677275ba6fddbdafacbc8de6518a0a526775ceba16cecd7ebe6481da33d59f3bb1f713975ed25f2c36902cced77560bd81aece5d1e6057db1c8d4eddd27a7f5fb6690b39204b58cdd697251fd628eee1c1c8641208987771d88f5b188a10ccabd17cac54a19c64ec6ea18b0fcf1b10b1bf893890ba71cac6343d88127f04813a4628f80a3cc9a8058030e6bd199101400a52aa993ccd6e82ea4e850120278d8c3ef065fab5f42f4755756833dc97cbf476854de44549ad2a6f024df196270971f9033ca910b93fa141106611ac049f07a44d081b329db019c598cee072a26f1a3f1a873c00b97308bea5e5db01f9146982019b51827b12d95b79985202641d7fc03cf7a9ca69d4067f3407c6e635f7ebc6fa0191d189177998be8da7e07dfbfe7795b08b7d8890f1a316f45692d5605e195061917a9ce3e0076c0729e59de543a8aa611e9adbd4a60b23d65593d22d30803550482bdaa8d4ff97bae5aac858c293932e703aa3b1b81ecf7d14cac73b96fdc9e851f13357c1abce03e909b8f20feba4ea5220831cb8879cae7d86d8d398a36ff3c1a5a5a31d04b98553b536a8e47b3f07fec633856c699a8eacda33a6c329404e363af9dede6fdb4ddab1c19e341b8cd7baf9ad9e9c63189f7b574e2e5987d4685b839cb464ca770a64529d0d89f43392e9f9c47651ecad7ff5e2ceba9a0c090f8168afffd3a0b245d7b771e20314dbada6b2df53a4aacf371cbee68dbe2bdc120eb04adbd2c167853c4b3e68b443eafb1ba2142514d2e6fd44fd1d2a801577e50ca60e28f235a7c5b65a9eb23534b25434ba9cc76925ade9ba2b9a1b794543c772f671281a4c16b823a012bd84a2f5efb025d97a55918d7e0c6fb51ab048625d354f0822602c90a9b0ea69f2fd8e01614724405f9e51c88cdb5e6a6683aeba0208c2786e2935d66a70e7f6388a01ae99140cfe6379b439d96b7c94186aacdf5100973da56dfbb4a318cda6df884fc5a4ffd2afe64d7feadb0cf5d2834dbd541d823cb463d2d9fb3b1e7fe87864728fee95153ba244a5a124140553ed07ec9edccfb75857609071bea01d605af99a7203c58587e745491"}, @ETHTOOL_A_BITSET_SIZE={0x8, 0x2, 0xe89b}, @ETHTOOL_A_BITSET_MASK={0x10, 0x5, "d33c85886c1587522b7ffec1"}, @ETHTOOL_A_BITSET_MASK={0x11, 0x5, "a360d015bf62db9622dfaada1c"}, @ETHTOOL_A_BITSET_NOMASK={0x4}, @ETHTOOL_A_BITSET_BITS={0x40, 0x3, 0x0, 0x1, [{0x3c, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xf, 0x2, ':\\($.^@u\xd9,\x00'}, @ETHTOOL_A_BITSET_BIT_INDEX={0x8, 0x1, 0x4}, @ETHTOOL_A_BITSET_BIT_VALUE={0x4}, @ETHTOOL_A_BITSET_BIT_NAME={0xd, 0x2, 'squashfs\x00'}, @ETHTOOL_A_BITSET_BIT_NAME={0x5, 0x2, '\x00'}]}]}]}, @ETHTOOL_A_PRIVFLAGS_HEADER={0x58, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'macvlan0\x00'}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_batadv\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r7}, @ETHTOOL_A_HEADER_FLAGS={0x8, 0x3, 0x1}, @ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'pim6reg\x00'}, @ETHTOOL_A_HEADER_DEV_INDEX={0x8, 0x1, r9}]}]}, 0x1244}}, 0x80)
r10 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x100, 0x0)
ioctl$TUNSETPERSIST(r10, 0x400454cb, 0x1)

1.736217168s ago: executing program 4 (id=950):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000c80)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000600)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0xf1ff}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5, "41b57012b47bc8e8d8e3484d9c5998b3"}}}]}, 0x48}}, 0x0)

1.667629481s ago: executing program 0 (id=951):
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = openat2(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)={0x40001, 0x10, 0x10}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000208500000004"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
get_mempolicy(0x0, &(0x7f0000002000), 0x82c, &(0x7f00007ce000/0x3000)=nil, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x36, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
sendmsg$inet(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000340)="a836", 0x2}], 0x1}, 0x4040001)
recvmsg$unix(r3, &(0x7f00000038c0)={0x0, 0x0, 0x0}, 0x1)
recvmsg$unix(r3, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000000c0)=""/109, 0x6d}], 0x1}, 0xa002)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000300)='fib_table_lookup\x00', r2}, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000140)="5500000018007f5f00fe01b2a4a2809302060000fd41fd01020400000a00120002002800000019002d007fffffff0022de1330d54400009b84136ef75afb83de066a5900e1baac968300000000f2ff000001000000", 0x55}], 0x1, 0x0, 0x0, 0x7a000000}, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1f00000000000000000000000080000000000000", @ANYRES32, @ANYBLOB="0000001000"/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0xf, &(0x7f0000000140)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x400}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000000)='syzkaller\x00', 0x1, 0x0, 0x0, 0x41000, 0x72, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000}, 0x94)
getsockopt$sock_buf(r0, 0x1, 0x3b, &(0x7f00000014c0)=""/145, &(0x7f0000000000)=0x91)

1.126842164s ago: executing program 2 (id=952):
syz_usb_control_io$cdc_ecm(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000003000), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0, &(0x7f0000003f80)=ANY=[@ANYBLOB="6e6c733d63703935302c6e6f626172726965722c666f7263652c756d61736b3d30303030303030303030303030303030303030313030302c00d01280f532b0f4cf3b36fd5c6ef64269a533fc6b052f92ffcac08ca18519d5b3711b97ec291e41355fa65d9c0d15e7c10c63ab0bba736f92ab9d30478ae1452a017be98c2a0507febf295db17e98d0fffc0d349264ce2acdedc0a61ae132d4024d39e11de2dc8679fac7efcb6137aa2e361c5f6cb851e3a60ba05f834666694667f27f0d632cf9a85fe247e27251acbd739ff85088cb201010900132000000000000000000002593d600000000"], 0xfd, 0x691, &(0x7f00000002c0)="$eJzs3U1sHGf9B/DvrDdrO/+/UrdN2oKQGjUigkYkdpaSIEAEhFAOFYrEpRcOVuI0VjZp5bjIrRB1eb1y7KGHIhQOPaEekIo4VJQzEhInLrlH4u4Ti2Z2dr3Oxo43b7uBz0eanWfmeZnf/PzM7JusDfA/6/xrObCZIudPvLpRbt+62e7cutm+1i8nmU3SSJq9VYrrSfFZci69JZ8rd9bDFbsd55Xbn3xw/P2P2r2tZr1U7Rt79Rtx15ab9ZKjSWbq9QPYMd7FBx6vGMRdJuxYP3Ewad0Rm+N03/91C0ytove8OWIhOZhkrn4dkPru0Hi80T18Y93lAAAA4An11Fa2spFDk44DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAniT17/8X9dLol4+m6P/+f6va16qatyYd74P6dNIBAAAAAAAAAMBD8OJWtrKRQ/3tblF95/9StXG4evy/vJUbWclaTmYjy1nPetaylGShqn+vemxtLK+vry3t1rPb7b7bnal6nh70zFDP0yOhFXtH3p194JMHAAAAAAAAgCfMHl+W/yznt7//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAaVAkM71VtRzulxfSaCaZS9Iq220mf+6Xn2SfTjoAAAAAeAye2spWNnKo+Hdvu1tU7/mfq973z+WtXM96VrOeTlZyqfosoPeuv/H3zXbn1s32tXIZHfc7/xorjGrE9D57uPuRF6sWR+r2m0m+nx/mRI7mQtaymh9nOetZydF8ryotp8hCNdY/v5XUcY7EO1s+nNsRyoV7xfpCFcl8Lme1iu1kLg4+Bmn02wwd7Y+tZEeGGnmvzE7x7do+c3SpXpd/g9/U6+mwUJ3UgUFGFuvcl9l4+tZuua/05sns+Edq1nsag8+gDu91pPvM+cF6Xeb6V8M5f3G/ET8qwzkvozqdxmD2Pbd3zpMv/+MvF650rl+9cvnGiemZRrvqdrvv7l575+xrDzIxl+f3n4nNXTLx8c7Nmbu1mRvzhB6RVp2NXozbd8vk/PDdsttNRu6WL1V9D2U1P8gbuZSVnMlilnI2i/l6Tqe9Y4Yd2Tuv1bXWGO9aO/alujCf5Nf1ejqUeX16KK/Dd7qFqm54z3aWntlHlsa8IzU/XxfKY/x86Bln8u7MxNJQJp7dOxO/LWdkbnSuX127svzmPo93vF6Xl+0vdz4f/u5hnM/9K+fLM+Ufq9raOTvKumfvWrdU1R0e1DVG6o4M6u51pbbq13CjI/Xqnr9rXbuqe2GobsernLyRzuBVCADToju66+DLB1vzt+f/Nv/h/C/mr8y/Ovfd2bOzX2jlwF+bf5r5Q+P3jW8WL+fD/DSHJhEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8t7nx9jtXlzudlbUpLKQxXq/yfCYd89QWZpOM26toPtwwPk5y3937vxXY3/PFzkr+f49ezaEZvt1rKv4WD174xo/qZNyjcXO8y3y+HnB6flwMeHROrV9789SNt9/5yuq15ddXXl+5fvrsmbNn2l9b+uqpy6udlcXe46SjBB6F7Wf/SUcCAAAAAAAAAAAA7Nfj+I+FSZ8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8GQ7/1oObKbI0uLJxXL71s12p1z65e2WzSSNJMVPkuKz5Fx6SxaGhit2O84rtz/54Pj7H7W3x2r22zf26rc/m/WSo0lm6vWdDUbN7mu8i8PjNe4nvGJwhmXCjvUTB5P2nwAAAP//euIAEg==")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
rmdir(&(0x7f0000000240)='./file1\x00') (fail_nth: 4)
chdir(0x0)
unlink(0x0)

958.221531ms ago: executing program 4 (id=953):
r0 = syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x205)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000010)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20004004)
writev(r0, &(0x7f0000000400)=[{&(0x7f0000000340)="aefdda9d240300005a90f57f07703aeff0f64ebbee07962c22772e11b44e65d76641cb010052f436dd2a", 0x72}, {&(0x7f0000000780)="aa1d484e243103000000f7c08bfcd111fbdf23ea32db0e8f21d5bc27bd8063067a0689fff2a41cfbf0e9", 0x2a}], 0x2) (fail_nth: 4)

651.947114ms ago: executing program 9 (id=954):
r0 = syz_open_dev$sndpcmp(&(0x7f0000002000), 0x5d5d, 0x0)
ioctl$SNDRV_PCM_IOCTL_HW_PARAMS(r0, 0xc2604111, &(0x7f0000002040)={0x0, [[0x0, 0x20, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5], [0x0, 0xfffffffc, 0x0, 0x0, 0x8], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc]], '\x00', [{}, {0x0, 0x1}, {0x7}, {}, {}, {}, {0x0, 0x10000}]})

162.68034ms ago: executing program 0 (id=955):
ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, &(0x7f0000000000)=0x5)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x0)
syz_clone(0x126400, 0x0, 0x0, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

88.262046ms ago: executing program 4 (id=956):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000000c0)={0x9, 0x3ff, 0x7, 0x0, <r3=>0x0})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r2, 0xc00464b4, &(0x7f0000000100)={r3})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3})
r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
dup(r1)
r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0x8, 0x8169, 0x5})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000040)={0x9, 0x3fb, 0x107f})
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(0xffffffffffffffff, 0xc00464b4, 0x0)
dup(r2)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8})
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 9 (id=957):
epoll_pwait2(0xffffffffffffffff, &(0x7f0000000080)=[{}, {}, {}, {}, {}], 0x5, &(0x7f0000000100)={0x0, 0x3938700}, &(0x7f0000000340)={[0x13]}, 0xfffffffffffffecc)
syz_open_dev$usbfs(&(0x7f0000000100), 0x1, 0x101301)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
syz_mount_image$romfs(&(0x7f0000000140), &(0x7f0000000180)='./file0\x00', 0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="00010074fc3d16030000f7372fb90c4213280e2e2e4b0d56ee98f196307a99eda2eedf841612fe27e9ee2ea9a1b283d5c39f00000500000000f7ffffffffffe3252032dc9e00369300002b43a74c69d8fbf49c2baab2eb97c3aadf0322d8ea3d0e3dba381a2c902a4c596350a0663dadfa7b668e52705e1de015b94cb6b7c457b30a1b6933cbf05066b95b5603783ff7560827731c80dced5f815e5f55093cd664cdf405e32bf07531e961b7fd0e4cb5d4e5e891b09916d3c8cc1bcf8b77e939b11aa4c6885c52241faa0f43682202e795a1f985fd61da230600c9dfddf882afa15ecefcb82c2e89788a721d8999d80ad42ce113ec4d43fd4d587913005dab81e61fcaec08de8cb2f9bd9b9b1131f8ad56bd0ea0e64458d3337d49de773c78e303755e11f758dd21cd0a12bd7d7e553636b6c58572677664ab2f5f8e4b76ddc98bac1338797c4aebb145e883be365cbf2e3a20f0c9198d70030ba891eb78d8f6e30d09bbd0bb582d820a622c26c70b6c076c00ff38b9bbe6417118a198803bd830a1ec94dc7c0f2b1c311420f54a9c64", @ANYRES8], 0x1, 0x13a, &(0x7f0000000200)="$eJzs2r9Kw0AcB/DfIAgdHZ0ClSho/mtddRQ33yC0uTR4Z0oiSPsC4iQonIMvIfgEPkJGN10EfYnI2au2qWgnD+H7Wfqlv+RyuYPL8nOKXASsdIi2BldHLytFLqxOtNtlAYtp7ICILBWqur5xac7TZ72qyf3mArPW3sa/7Y1UHl6wjCeh6SkBAAAAAAAAAAAAAAAAAAAAAMCC7JYOrb4U5yzjSTBVLYej45jzpCgNTc8429I9XMQkv1XrE83UN1+J7D2VMrlfqLo/e/+1Dut9yZ+b6+udioFXDkdOJuI0SZOTMIw6/rbv74Tex1hec0T7Ts+Jqvren28ns6f6zR4X6TfT+7+0msnLs+bTvvYfAQEBYRJ+PVf+i8n3r7cctR/U+ed2c97Tf/7Fchp8dwD4wXsAAAD//7SlOms=")
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, &(0x7f00000000c0)=""/55, 0x37)
getdents64(r1, &(0x7f0000000f80)=""/4081, 0xff1)
r2 = socket(0x2, 0x80805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r2, 0x84, 0x6f, &(0x7f0000000000)={<r3=>0x0, 0x10, &(0x7f0000001100)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000180)=0x10)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r4, 0x84, 0xa, &(0x7f00000002c0)={0x100, 0x6, 0x8, 0x0, 0xffff43fd, 0xffff0004, 0x1, 0x6, r3}, &(0x7f0000000380)=0x20)
getsockopt$inet_sctp_SCTP_MAX_BURST(r2, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r5=>0x0}, &(0x7f0000001080)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000040)={r5, 0x4}, 0x8)
r6 = openat$dir(0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x42a00, 0x8f)
r7 = fanotify_init(0x8, 0x80000)
fanotify_mark(r7, 0x1, 0x8000021, r6, 0x0)
syz_read_part_table(0x5cd, &(0x7f00000005c0)="$eJzs2z9oG0YUB+AnxSKQQLNkyhRnyFCyJGSMhiRIStIUhBIvIUMCCSFEkwIBhQoMyVBrsLEG425ejEGL/0yWNXgoNjZ0LsaDi8GDlxZ7MXixSvEVWii0am1D4fvgeLq7n+7dDRoV/K9l45der5eJiN75/r891C4UH14t3608jcjE84gY/P6L+d92Minx+6nX0nwrzaenLnRH9h/k2ptPDq6/WGlm0/5wGhdnOkN/0fCr7/q/JKdoNr966dPnWmm0nn+7UWrsfPvjD1/P7RUqncfN1vyj3P1XKbeW6kCq76MeH+NdvIxqVON11P506sAfPuf66j/Z3r55dKXUXnxz57DYHVu+lXLlE3rv3/X/MDj+rNW4d2Ph8sTt+tJ6Zffcca76L35dAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcvdn86qVPn2ul0Xr+7UapsZONiLm9QqXzuNmaf5S7/yrl1lIdSPV91ONjvIuXUY1qvI7aCfWfbG/fPLpSai++uXNY7I4t30q58n985z/t/2Fw/Fmrce/GwuWJ2/Wl9cruueNc9fwpXQAAAAAAAAAAAAAAAAAAAAAiolB8eLV8t/I0IhPPI+LLn7/JRsRwL/3fPZNy11LdSuvTUxe6I/sPcu3NJwfXX6w0f0rrw2lcnOkMnf1r6NevAQAA//95JJRy")
r8 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r8, &(0x7f0000000040)=@file={0x1, './file0\x00'}, 0x6e)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000f40)={<r9=>0xffffffffffffffff})
connect$unix(r9, &(0x7f00000000c0)=@file={0x1, './file0\x00'}, 0x6e)
r10 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r10, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="4c0000001400010125bd7000fddbdf25011f08104e24ce2203000000030080000f000000c3000020090008000ea317d78063b45f220000009e7fd53dbe8f97ec616a4d5de75c45f7d654bc8e9c0b9de916f4af6536d08e6b65460e556864e57e397c94c6cebbe4b3b011899ac653459c8cbef431ad7b4ffe50524f6e81c145eee258799e733f541d7496bc84882c1050b07f48f0bf88d65267b6afad2d6921a20dc0936962bc93137b8b64772e2df8cd3c769a5b61b46760a3ed03c16b54d7efb6917c7ec8b19b323e91320ab5b44d2c61580324fff34fefc14f303c2677118cd545cf6516a27b422750757b45e441ee1bfed6", @ANYRES32=0x0, @ANYRESDEC=r3], 0x4c}, 0x1, 0x0, 0x0, 0x404c0dc}, 0x8080)
r11 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r11, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000280)=[{&(0x7f0000000300)="d8000000180081054e81f782db4cb904021d080406037c09e8fe55a10a0015400400142603600e122f00160006000400a8000600200003400700027c035c0461c1d67f6f94007134cf6efb8000a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d16a4683f5aeb4edbb57a5025ccca9e00360db798262f3d40fad95667e006dcdf63951f215ce3bb9ad809d5e1cace81ed0bffece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92954b43370e9703920723f9a941", 0xd8}], 0x1, 0x0, 0x0, 0x4a0f0000}, 0x0)
sendmsg$IPSET_CMD_CREATE(r4, &(0x7f0000000580)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x20000000}, 0xc, &(0x7f0000000240)={&(0x7f0000000480)=ANY=[@ANYBLOB="800000000206030000000000100000000300000305000400000000000d0003006c6973743a73657400000000120003006269746d61703a69702c6d6163000000050005000000000005000500070000000900020073797a30000000000900020073797a5443a840067ed686000200000010000300686173683a69702c6d616300f1784ba23981a19c94c47b9a454801b757797ca03b655af72cf17bdff37be89f274859497456f44c6d1a466625a17ca77f700d5928c656e2c418dd9c6c8998e00458b1b8a23c5ffe166da005d413b3012f4b40328a5be12d1b8e4d4de9a5b28e23d7377dec3d8c7341c29ee8e1195b919d36b5005d"], 0x80}, 0x1, 0x0, 0x0, 0x4}, 0x4000800)
pipe2$9p(&(0x7f0000000440), 0x0)
geteuid()
geteuid()

kernel console output (not intermixed with test programs):

04.770217][ T9120]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  804.770383][ T9120]  __x64_sys_sendmsg+0x211/0x3e0
[  804.770567][ T9120]  ? kmsan_get_metadata+0xfb/0x160
[  804.770747][ T9120]  x64_sys_call+0x32fb/0x3db0
[  804.770940][ T9120]  do_syscall_64+0xd9/0x210
[  804.771089][ T9120]  ? irqentry_exit+0x16/0x60
[  804.771222][ T9120]  ? clear_bhb_loop+0x40/0x90
[  804.771380][ T9120]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  804.771531][ T9120] RIP: 0033:0x7ff29a78e9a9
[  804.771651][ T9120] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  804.771789][ T9120] RSP: 002b:00007ff29b543038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  804.771938][ T9120] RAX: ffffffffffffffda RBX: 00007ff29a9b5fa0 RCX: 00007ff29a78e9a9
[  804.772045][ T9120] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  804.772139][ T9120] RBP: 00007ff29b543090 R08: 0000000000000000 R09: 0000000000000000
[  804.772230][ T9120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  804.772320][ T9120] R13: 0000000000000000 R14: 00007ff29a9b5fa0 R15: 00007ffe387a69a8
[  804.772453][ T9120]  </TASK>
[  805.242619][ T9122] loop6: detected capacity change from 0 to 4096
[  805.502094][ T9115] loop2: detected capacity change from 0 to 32768
[  805.657087][ T9122] NILFS (loop6): invalid segment: Inconsistency found
[  805.664616][ T9122] NILFS (loop6): trying rollback from an earlier position
[  805.721588][ T1716] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  805.729845][ T9122] NILFS (loop6): invalid segment: Checksum error in super root
[  805.741108][ T9122] NILFS (loop6): error -22 while loading super root
[  805.753842][ T9115] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  805.897037][ T1716] usb 4-1: unable to get BOS descriptor or descriptor too short
[  805.966325][ T1716] usb 4-1: config 255 has an invalid interface number: 70 but max is 0
[  805.975302][ T1716] usb 4-1: config 255 has no interface number 0
[  805.982113][ T1716] usb 4-1: config 255 interface 70 altsetting 255 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  805.993875][ T1716] usb 4-1: config 255 interface 70 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  806.004609][ T1716] usb 4-1: config 255 interface 70 has no altsetting 0
[  806.141931][ T1716] usb 4-1: New USB device found, idVendor=07c0, idProduct=1503, bcdDevice=c9.d1
[  806.151763][ T1716] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  806.161986][ T1716] usb 4-1: Product: syz
[  806.166434][ T1716] usb 4-1: Manufacturer: syz
[  806.172156][ T1716] usb 4-1: SerialNumber: syz
[  806.542600][ T9115] XFS (loop2): Ending clean mount
[  806.579990][ T9115] XFS (loop2): Quotacheck needed: Please wait.
[  806.655047][ T1716] cdc_acm 4-1:255.70: Zero length descriptor references
[  806.662763][ T1716] cdc_acm 4-1:255.70: probe with driver cdc_acm failed with error -22
[  806.734809][ T9115] XFS (loop2): Quotacheck: Done.
[  806.816371][ T1716] iowarrior 4-1:255.70: no interrupt-in endpoint found
[  806.884529][ T1716] usb 4-1: USB disconnect, device number 8
[  806.972112][ T8148] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  807.024871][ T9122] loop6: detected capacity change from 0 to 4096
[  807.071011][ T9122] ntfs3(loop6): ino=0, mi_enum_attr
[  807.175971][ T9122] ntfs3(loop6): ino=0, mi_enum_attr
[  807.186153][ T9122] ntfs3(loop6): Failed to load $MFT (-22).
[  808.424581][ T9146] netlink: 28 bytes leftover after parsing attributes in process `syz.3.655'.
[  808.439680][ T9146] netlink: 32 bytes leftover after parsing attributes in process `syz.3.655'.
[  808.455838][ T9146] netlink: 28 bytes leftover after parsing attributes in process `syz.3.655'.
[  808.472824][ T9146] netlink: 32 bytes leftover after parsing attributes in process `syz.3.655'.
[  808.949098][ T9142] loop9: detected capacity change from 0 to 32768
[  809.204816][ T9142] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=metadata_checksum=none,data_checksum=none,compression=lz4,background_compression=gzip,str_hash=crc32c,journal_flush_disabled,recovery_pass_last=set_may_go_rw,reconstruct_alloc
[  809.204996][ T9142]   allowing incompatible features above 0.0: (unknown version)
[  809.205094][ T9142]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  809.254493][ T9142] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0
[  809.264080][ T9142] bcachefs (loop9): recovering from clean shutdown, journal seq 10
[  809.273927][ T9142] bcachefs (loop9): Version upgrade required:
[  809.273927][ T9142] Version upgrade from 0.24: unwritten_extents to 1.7: mi_btree_bitmap incomplete
[  809.273927][ T9142] Doing incompatible version upgrade from 0.24: unwritten_extents to 1.28: inode_has_case_insensitive
[  809.273927][ T9142]   running recovery passes: check_allocations,check_alloc_info,check_lrus,check_btree_backpointers,check_backpointers_to_extents,check_extents_to_backpointers,check_alloc_to_lru_refs,bucket_gens_init,check_snapshot_trees,check_snapshots,check_subvols,check_subvol_children,delete_dead_snapshots,check_inodes,check_extents,check_indirect_extents,check_dirents,check_xattrs,check_root,check_unreachable_inodes,check_subvolume_structure,check_directory_structure,check_nlinks,check_rebalance_work,set_fs_needs_rebalance
[  809.362185][ T9142] bcachefs (loop9): dropping and reconstructing all alloc info
[  809.427479][ T9142] bcachefs (loop9): accounting_read... done
[  809.448166][ T9142] bcachefs (loop9): alloc_read... done
[  809.464526][ T9142] bcachefs (loop9): snapshots_read... done
[  809.497601][ T9142] bcachefs (loop9): check_allocations... done
[  809.728226][ T9142] bcachefs (loop9): going read-write
[  809.794742][ T9142] bcachefs (loop9): done starting filesystem
[  809.922648][ T9142] 9pnet_fd: Insufficient options for proto=fd
[  809.929436][ T3752] bcachefs (loop9): bucket incorrectly unset in freespace btree
[  809.929531][ T3752]   u64s 5 type deleted 0:25:0 len 0 ver 0, , continuing
[  810.206831][ T7973] bcachefs (loop9): shutting down
[  810.215776][ T7973] bcachefs (loop9): going read-only
[  810.224254][ T7973] bcachefs (loop9): finished waiting for writes to stop
[  810.389855][ T9169] kernel read not supported for file /  
 (pid: 9169 comm: syz.0.661)
[  810.421510][   T30] audit: type=1800 audit(1753335258.865:19): pid=9169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.661" name=20042008010208 dev="mqueue" ino=29924 res=0 errno=0
[  810.446781][ T3752] bcachefs (loop9): bucket incorrectly unset in freespace btree
[  810.446880][ T3752]   u64s 5 type deleted 0:28:0 len 0 ver 0, , continuing
[  810.455500][ T7973] bcachefs (loop9): flushing journal and stopping allocators, journal seq 11
[  810.607918][ T3752] bcachefs (loop9): bucket incorrectly unset in freespace btree
[  810.608016][ T3752]   u64s 5 type deleted 0:26:0 len 0 ver 0, , continuing
[  810.934186][ T3752] bcachefs (loop9): bucket incorrectly unset in freespace btree
[  810.934292][ T3752]   u64s 5 type deleted 0:29:0 len 0 ver 0, , continuing
[  811.163860][ T3752] bcachefs (loop9): bucket incorrectly unset in freespace btree
[  811.163960][ T3752]   u64s 5 type deleted 0:40:0 len 0 ver 0, , continuing
[  811.302737][ T7973] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 12
[  811.341960][ T7973] bcachefs (loop9): unclean shutdown complete, journal seq 13
[  811.391815][ T7973] bcachefs (loop9): done going read-only, filesystem not clean
[  811.536406][ T7973] bcachefs (loop9): shutdown complete
[  812.156299][ T9181] loop0: detected capacity change from 0 to 128
[  812.362690][ T9181] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  812.549587][ T9181] ext4 filesystem being mounted at /232/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  813.691101][ T5812] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  815.099993][ T1716] hid-generic 0000:0004:0000.0001: unknown main item tag 0x7
[  815.182557][ T1716] hid-generic 0000:0004:0000.0001: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  817.154056][ T9223] loop0: detected capacity change from 0 to 32768
[  817.365333][ T9223] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  817.365471][ T9223]   allowing incompatible features above 0.0: (unknown version)
[  817.365567][ T9223]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  817.409411][ T9223] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  817.420966][ T9223] bcachefs (loop0): initializing new filesystem
[  817.445695][ T9223] bcachefs (loop0): going read-write
[  817.506262][ T9223] bcachefs (loop0): marking superblocks
[  817.536432][ T9220] fido_id[9220]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  817.577822][ T9223] bcachefs (loop0): initializing freespace
[  817.619053][ T9223] bcachefs (loop0): done initializing freespace
[  817.648324][ T9223] bcachefs (loop0): reading snapshots table
[  817.654952][ T9223] bcachefs (loop0): reading snapshots done
[  817.752367][ T9241] FAULT_INJECTION: forcing a failure.
[  817.752367][ T9241] name failslab, interval 1, probability 0, space 0, times 0
[  817.752833][ T9223] bcachefs (loop0):  loop0: Superblock write was silently dropped! (seq 0 expected 42)
[  817.765660][ T9241] CPU: 1 UID: 0 PID: 9241 Comm: syz.6.682 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  817.765846][ T9241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  817.765948][ T9241] Call Trace:
[  817.766008][ T9241]  <TASK>
[  817.766069][ T9241]  __dump_stack+0x26/0x30
[  817.766284][ T9241]  dump_stack_lvl+0x1df/0x270
[  817.766494][ T9241]  dump_stack+0x1e/0x25
[  817.766675][ T9241]  should_fail_ex+0x7dc/0x8a0
[  817.766927][ T9241]  should_failslab+0x15b/0x200
[  817.767128][ T9241]  kmem_cache_alloc_noprof+0xf0/0xec0
[  817.767328][ T9241]  ? sk_prot_alloc+0x9a/0x440
[  817.767498][ T9241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  817.767689][ T9241]  ? kmsan_get_metadata+0xfb/0x160
[  817.767883][ T9241]  sk_prot_alloc+0x9a/0x440
[  817.768094][ T9241]  sk_alloc+0x57/0x8a0
[  817.768280][ T9241]  inet6_create+0x9f5/0x1ac0
[  817.768494][ T9241]  ? __pfx_inet6_create+0x10/0x10
[  817.768665][ T9241]  __sock_create+0x767/0xf60
[  817.768920][ T9241]  sock_create_kern+0x54/0x70
[  817.769156][ T9241]  mptcp_subflow_create_socket+0xc2/0xf90
[  817.769415][ T9241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  817.769604][ T9241]  __mptcp_nmpc_sk+0x150/0xb20
[  817.769760][ T9241]  ? kmsan_get_metadata+0xfb/0x160
[  817.769955][ T9241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  817.770159][ T9241]  mptcp_connect+0xb1/0x1750
[  817.770356][ T9241]  ? kmsan_get_metadata+0xfb/0x160
[  817.770544][ T9241]  ? __pfx_mptcp_connect+0x10/0x10
[  817.770737][ T9241]  __inet_stream_connect+0x2c4/0x15f0
[  817.770930][ T9241]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  817.771180][ T9241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  817.771368][ T9241]  ? __local_bh_enable_ip+0x75/0xb0
[  817.771539][ T9241]  ? _raw_spin_unlock_bh+0x2d/0x40
[  817.771770][ T9241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  817.771974][ T9241]  inet_stream_connect+0x69/0xd0
[  817.772163][ T9241]  __sys_connect+0x517/0x680
[  817.772324][ T9241]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  817.772587][ T9241]  ? kmsan_get_metadata+0xfb/0x160
[  817.772757][ T9241]  ? __pfx_inet_stream_connect+0x10/0x10
[  817.772958][ T9241]  __x64_sys_connect+0x95/0x100
[  817.773142][ T9241]  x64_sys_call+0x23bb/0x3db0
[  817.773356][ T9241]  do_syscall_64+0xd9/0x210
[  817.773531][ T9241]  ? irqentry_exit+0x16/0x60
[  817.773682][ T9241]  ? clear_bhb_loop+0x40/0x90
[  817.773864][ T9241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  817.774045][ T9241] RIP: 0033:0x7fe64698e9a9
[  817.774177][ T9241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  817.774325][ T9241] RSP: 002b:00007fe647763038 EFLAGS: 00000246 ORIG_RAX: 000000000000002a
[  817.774483][ T9241] RAX: ffffffffffffffda RBX: 00007fe646bb5fa0 RCX: 00007fe64698e9a9
[  817.774606][ T9241] RDX: 000000000000001c RSI: 0000200000000040 RDI: 0000000000000003
[  817.774712][ T9241] RBP: 00007fe647763090 R08: 0000000000000000 R09: 0000000000000000
[  817.774814][ T9241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  817.774916][ T9241] R13: 0000000000000000 R14: 00007fe646bb5fa0 R15: 00007ffed1114398
[  817.775068][ T9241]  </TASK>
[  818.060074][ T9230] loop2: detected capacity change from 0 to 2048
[  818.065363][ T9223] bcachefs (loop0): done starting filesystem
[  818.330980][ T9242] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  818.403020][ T9230] FAULT_INJECTION: forcing a failure.
[  818.403020][ T9230] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  818.419930][ T9230] CPU: 1 UID: 0 PID: 9230 Comm: syz.2.681 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  818.420116][ T9230] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  818.420207][ T9230] Call Trace:
[  818.420260][ T9230]  <TASK>
[  818.420314][ T9230]  __dump_stack+0x26/0x30
[  818.420494][ T9230]  dump_stack_lvl+0x1df/0x270
[  818.420680][ T9230]  dump_stack+0x1e/0x25
[  818.420845][ T9230]  should_fail_ex+0x7dc/0x8a0
[  818.421076][ T9230]  should_fail+0x2a/0x40
[  818.421266][ T9230]  should_fail_usercopy+0x2e/0x40
[  818.421410][ T9230]  _copy_to_user+0x35/0x120
[  818.421604][ T9230]  simple_read_from_buffer+0x1b2/0x340
[  818.421778][ T9230]  proc_fail_nth_read+0x1d2/0x2c0
[  818.421985][ T9230]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  818.422184][ T9230]  vfs_read+0x279/0xf00
[  818.422323][ T9230]  ? stack_depot_save_flags+0x35/0x7b0
[  818.422523][ T9230]  ? kmsan_get_metadata+0xfb/0x160
[  818.422682][ T9230]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  818.422931][ T9230]  __x64_sys_read+0x1fb/0x4d0
[  818.423113][ T9230]  x64_sys_call+0x39db/0x3db0
[  818.423301][ T9230]  do_syscall_64+0xd9/0x210
[  818.423462][ T9230]  ? irqentry_exit+0x16/0x60
[  818.423597][ T9230]  ? clear_bhb_loop+0x40/0x90
[  818.423759][ T9230]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  818.423916][ T9230] RIP: 0033:0x7f2b2098d3bc
[  818.424033][ T9230] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  818.424168][ T9230] RSP: 002b:00007f2b217b1030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  818.424303][ T9230] RAX: ffffffffffffffda RBX: 00007f2b20bb5fa0 RCX: 00007f2b2098d3bc
[  818.424410][ T9230] RDX: 000000000000000f RSI: 00007f2b217b10a0 RDI: 0000000000000005
[  818.424504][ T9230] RBP: 00007f2b217b1090 R08: 0000000000000000 R09: 0000000000000000
[  818.424595][ T9230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  818.424681][ T9230] R13: 0000000000000000 R14: 00007f2b20bb5fa0 R15: 00007ffd6fc1e708
[  818.424812][ T9230]  </TASK>
[  818.630816][    C1] vkms_vblank_simulate: vblank timer overrun
[  819.547235][ T9223] syz.0.678 (9223) used greatest stack depth: 1152 bytes left
[  819.902947][ T5812] bcachefs (loop0): shutting down
[  819.908471][ T5812] bcachefs (loop0): going read-only
[  819.916301][ T5812] bcachefs (loop0): finished waiting for writes to stop
[  820.034098][ T9246] netlink: 76 bytes leftover after parsing attributes in process `syz.3.683'.
[  820.043579][ T9246] netlink: 76 bytes leftover after parsing attributes in process `syz.3.683'.
[  820.272840][ T5812] bcachefs (loop0): flushing journal and stopping allocators, journal seq 5
[  820.717579][ T5812] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 5
[  820.756517][ T9244] loop9: detected capacity change from 0 to 65536
[  820.830170][ T5812] bcachefs (loop0): clean shutdown complete, journal seq 6
[  820.839432][ T9244] XFS (loop9): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  820.915729][ T5812] bcachefs (loop0): marking filesystem clean
[  820.926630][ T9247] loop3: detected capacity change from 0 to 4096
[  821.094686][ T9247] ntfs3(loop3): Different NTFS sector size (1024) and media sector size (512).
[  821.269014][ T5812] bcachefs (loop0): shutdown complete
[  821.300032][ T9247] ntfs3(loop3): MFT: r=0, expect seq=1 instead of 0!
[  821.310669][ T9247] ntfs3(loop3): Mark volume as dirty due to NTFS errors
[  821.355006][ T9244] XFS (loop9): Ending clean mount
[  821.371271][ T9244] XFS (loop9): Quotacheck needed: Please wait.
[  821.433878][ T9247] ntfs3(loop3): Failed to load $MFT (-22).
[  821.473058][ T9244] XFS (loop9): Quotacheck: Done.
[  821.508093][ T9244] XFS (loop9): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  823.513134][ T9276] gtp0: entered promiscuous mode
[  824.421005][ T9281] netlink: 32 bytes leftover after parsing attributes in process `syz.6.694'.
[  825.448336][ T9286] loop3: detected capacity change from 0 to 47
[  825.837284][ T9284] loop9: detected capacity change from 0 to 32768
[  826.188731][ T9284] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  826.188863][ T9284]   allowing incompatible features above 0.0: (unknown version)
[  826.188958][ T9284]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  826.237148][ T9284] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0
[  826.248591][ T9284] bcachefs (loop9): initializing new filesystem
[  826.269630][ T9284] bcachefs (loop9): going read-write
[  826.353194][ T9284] bcachefs (loop9): marking superblocks
[  826.414863][ T9284] bcachefs (loop9): initializing freespace
[  826.453064][ T9284] bcachefs (loop9): done initializing freespace
[  826.476900][ T9284] bcachefs (loop9): reading snapshots table
[  826.483423][ T9284] bcachefs (loop9): reading snapshots done
[  826.654927][ T9284] bcachefs (loop9):  loop9: Superblock write was silently dropped! (seq 0 expected 42)
[  826.675086][ T9284] bcachefs (loop9): done starting filesystem
[  826.772806][ T6506] kworker/u8:1: attempt to access beyond end of device
[  826.772806][ T6506] loop3: rw=1, sector=50, nr_sectors = 6 limit=47
[  827.440137][ T7973] bcachefs (loop9): shutting down
[  827.452600][ T7973] bcachefs (loop9): going read-only
[  827.461926][ T7973] bcachefs (loop9): finished waiting for writes to stop
[  827.514612][ T7973] bcachefs (loop9): flushing journal and stopping allocators, journal seq 2
[  827.783099][ T7973] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 3
[  827.860975][ T7973] bcachefs (loop9): clean shutdown complete, journal seq 4
[  827.893582][ T7973] bcachefs (loop9): marking filesystem clean
[  828.130651][ T7973] bcachefs (loop9): shutdown complete
[  828.864232][ T1716] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  830.655276][ T9322] loop6: detected capacity change from 0 to 40427
[  830.685397][ T9322] F2FS-fs (loop6): invalid crc value
[  830.818807][ T9328] loop3: detected capacity change from 0 to 128
[  831.081488][ T9328] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  831.114062][ T9329] loop2: detected capacity change from 0 to 1024
[  831.139446][ T9322] F2FS-fs (loop6): Start checkpoint disabled!
[  831.182457][ T9328] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  831.197463][ T9329] EXT4-fs: Ignoring removed mblk_io_submit option
[  831.283202][ T9322] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  831.456205][ T9329] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  831.557868][   T30] audit: type=1800 audit(1753335279.965:20): pid=9328 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.708" name="file1" dev="loop3" ino=12 res=0 errno=0
[  832.495226][ T7977] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  832.782973][ T1716] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  832.826791][ T8148] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  833.058070][ T1716] usb 7-1: config 0 has an invalid interface number: 106 but max is 0
[  833.067346][ T1716] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  833.078000][ T1716] usb 7-1: config 0 has no interface number 0
[  833.084575][ T1716] usb 7-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 43
[  833.096860][ T1716] usb 7-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  833.111221][ T1716] usb 7-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  833.120912][ T1716] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  833.306008][ T1716] usb 7-1: config 0 descriptor??
[  833.315309][ T9338] raw-gadget.0 gadget.6: fail, usb_ep_enable returned -22
[  834.291636][ T9348] loop0: detected capacity change from 0 to 128
[  834.299720][ T9342] loop3: detected capacity change from 0 to 32768
[  834.337933][ T9348] hpfs: filesystem error: improperly stopped; already mounted read-only
[  834.347542][ T9348] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  834.355909][ T9348] hpfs: filesystem error: dir band size mismatch: dir_band_start==7b318cc2, dir_band_end==7b318cc3, n_dir_band==7b318cc1
[  834.609941][ T1716] usb 7-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  834.687425][ T9342] bcachefs (loop3): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  834.687558][ T9342]   allowing incompatible features above 0.0: (unknown version)
[  834.687656][ T9342]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  834.731156][ T9342] bcachefs (loop3): Using encoding defined by superblock: utf8-12.1.0
[  834.740554][ T9342] bcachefs (loop3): initializing new filesystem
[  834.761478][ T9342] bcachefs (loop3): going read-write
[  834.769895][ T3667] usb 7-1: Failed to submit usb control message: -71
[  834.777388][ T3667] usb 7-1: unable to send the bmi data to the device: -71
[  834.785092][ T3667] usb 7-1: unable to get target info from device
[  834.791987][ T3667] usb 7-1: could not get target info (-71)
[  834.800793][ T3667] usb 7-1: could not probe fw (-71)
[  834.809146][ T1716] usb 7-1: USB disconnect, device number 10
[  834.865404][ T9342] bcachefs (loop3): marking superblocks
[  834.923790][ T9342] bcachefs (loop3): initializing freespace
[  834.955681][ T9342] bcachefs (loop3): done initializing freespace
[  834.976648][ T9342] bcachefs (loop3): reading snapshots table
[  834.983263][ T9342] bcachefs (loop3): reading snapshots done
[  835.116203][ T9342] bcachefs (loop3):  loop3: Superblock write was silently dropped! (seq 0 expected 42)
[  835.145343][ T9342] bcachefs (loop3): done starting filesystem
[  836.117265][ T9369] loop2: detected capacity change from 0 to 256
[  836.171299][ T7977] bcachefs (loop3): shutting down
[  836.176714][ T7977] bcachefs (loop3): going read-only
[  836.182979][ T7977] bcachefs (loop3): finished waiting for writes to stop
[  836.207816][ T9369] exFAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  836.219122][ T9369] exFAT-fs (loop2): Medium has reported failures. Some data may be lost.
[  836.304389][ T7977] bcachefs (loop3): flushing journal and stopping allocators, journal seq 3
[  836.397139][ T7977] bcachefs (loop3): flushing journal and stopping allocators complete, journal seq 3
[  836.450705][ T7977] bcachefs (loop3): clean shutdown complete, journal seq 4
[  836.512902][ T7977] bcachefs (loop3): marking filesystem clean
[  836.548560][ T9369] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  836.852015][ T7977] bcachefs (loop3): shutdown complete
[  838.733127][ T9388] bond0: Error: Cannot enslave bond to itself.
[  838.863691][ T9388] loop6: detected capacity change from 0 to 256
[  838.913269][ T9388] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  840.027974][ T9401] loop9: detected capacity change from 0 to 64
[  840.332577][ T9397] loop2: detected capacity change from 0 to 4096
[  841.112900][ T9397] ntfs3(loop2): try to read out of volume at offset 0x3fffffc7000
[  841.124464][ T9397] ntfs3(loop2): ino=21, The size of extended attributes must not exceed 64KiB
[  842.499202][ T9417] netlink: 76 bytes leftover after parsing attributes in process `syz.2.731'.
[  842.511003][ T9417] netlink: 76 bytes leftover after parsing attributes in process `syz.2.731'.
[  842.708672][ T9423] block device autoloading is deprecated and will be removed.
[  843.527287][ T9418] loop9: detected capacity change from 0 to 32768
[  843.545745][ T9418] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.732 (9418)
[  843.609976][ T9418] BTRFS info (device loop9): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  843.622313][ T9418] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[  843.632845][ T9418] BTRFS info (device loop9): using free-space-tree
[  844.199018][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  844.205990][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  844.338176][ T9443] loop3: detected capacity change from 0 to 1024
[  844.589075][ T9409] vivid-000: kernel_thread() failed
[  844.632445][ T9429] loop2: detected capacity change from 0 to 32768
[  844.797341][ T4674] BTRFS warning (device loop9): checksum verify failed on logical 5255168 mirror 1 wanted 0xf428b381bfb5d9bd986136cd2afb605edce0b8c34bf5038cf04cbd7e5492325b found 0x2abc6ef88350d2342a2c4eef7df196a4f37e789eb087fbf78b25a5fb0c451010 level 1
[  844.822074][ T9418] BTRFS warning (device loop9): failed to read fs tree: -5
[  844.935875][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names
[  844.936060][ T9429]   allowing incompatible features above 0.0: (unknown version)
[  844.936152][ T9429]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  844.936262][ T9429]   with devices loop2
[  845.000382][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  845.011683][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem
[  845.040899][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write
[  845.085007][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks
[  845.154701][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace
[  845.195058][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace
[  845.223337][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table
[  845.232756][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done
[  845.318644][ T9418] BTRFS error (device loop9): open_ctree failed: -5
[  845.425603][ T9429] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem
[  846.000819][ T1716] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  846.417953][ T1716] usb 4-1: unable to get BOS descriptor or descriptor too short
[  846.537361][ T1716] usb 4-1: not running at top speed; connect to a high speed hub
[  846.630753][ T1716] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  846.641482][ T1716] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  846.774481][ T1716] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  846.786797][ T1716] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  846.796325][ T1716] usb 4-1: Product: syz
[  846.800889][ T1716] usb 4-1: Manufacturer: syz
[  846.805768][ T1716] usb 4-1: SerialNumber: syz
[  847.383537][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down
[  847.394810][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only
[  847.404356][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop
[  847.483093][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 4
[  847.524427][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 4
[  847.719098][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 5
[  847.755343][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean
[  847.956243][ T1716] usb 4-1: cannot find UAC_HEADER
[  848.058972][ T8148] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[  848.221152][ T5867] usb 10-1: new high-speed USB device number 8 using dummy_hcd
[  848.268525][ T3667] hfsplus: b-tree write err: -5, ino 4
[  848.291532][ T1716] snd-usb-audio 4-1:1.0: probe with driver snd-usb-audio failed with error -22
[  848.398374][ T1716] usb 4-1: USB disconnect, device number 9
[  848.431530][ T5867] usb 10-1: Using ep0 maxpacket: 16
[  848.520720][ T5867] usb 10-1: config 1 has an invalid interface number: 105 but max is 0
[  848.529639][ T5867] usb 10-1: config 1 has no interface number 0
[  848.537327][ T5867] usb 10-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  848.548712][ T5867] usb 10-1: config 1 interface 105 has no altsetting 0
[  848.609839][ T7263] udevd[7263]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  848.732535][ T5867] usb 10-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  848.742640][ T5867] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  848.751249][ T5867] usb 10-1: Product: syz
[  848.757484][ T5867] usb 10-1: Manufacturer: syz
[  848.763171][ T5867] usb 10-1: SerialNumber: syz
[  848.941188][ T9465] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  849.202683][ T5867] aqc111 10-1:1.105: probe with driver aqc111 failed with error -22
[  849.311593][ T5873] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  849.430104][ T5867] usb 10-1: USB disconnect, device number 8
[  849.573544][ T5873] usb 4-1: Using ep0 maxpacket: 8
[  849.622867][ T5873] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  849.637909][ T5873] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  849.651296][ T5873] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  849.732135][ T5873] usb 4-1: config 0 descriptor??
[  849.915256][ T9472] tipc: Started in network mode
[  849.921371][ T9472] tipc: Node identity aaaaaaaaaa41, cluster identity 4711
[  849.930922][ T9472] tipc: Enabled bearer <eth:geneve1>, priority 10
[  849.989601][ T5873] iowarrior 4-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  850.405365][ T5867] usb 4-1: USB disconnect, device number 10
[  851.051693][ T5867] tipc: Node number set to 15444650
[  851.614377][ T9481] netlink: 76 bytes leftover after parsing attributes in process `syz.3.744'.
[  851.627900][ T9481] netlink: 76 bytes leftover after parsing attributes in process `syz.3.744'.
[  852.492065][ T9489] loop3: detected capacity change from 0 to 256
[  853.101079][ T9489] FAT-fs (loop3): Directory bread(block 64) failed
[  853.108106][ T9489] FAT-fs (loop3): Directory bread(block 65) failed
[  853.115126][ T9489] FAT-fs (loop3): Directory bread(block 66) failed
[  853.124567][ T9489] FAT-fs (loop3): Directory bread(block 67) failed
[  853.133762][ T9489] FAT-fs (loop3): Directory bread(block 68) failed
[  853.141259][ T9489] FAT-fs (loop3): Directory bread(block 69) failed
[  853.148079][ T9489] FAT-fs (loop3): Directory bread(block 70) failed
[  853.156988][ T9489] FAT-fs (loop3): Directory bread(block 71) failed
[  853.167490][ T9489] FAT-fs (loop3): Directory bread(block 72) failed
[  853.175142][ T9489] FAT-fs (loop3): Directory bread(block 73) failed
[  853.295600][ T9490] loop9: detected capacity change from 0 to 2048
[  853.357570][ T9490] UDF-fs: warning (device loop9): udf_fill_super: No fileset found
[  854.186206][ T9492] netlink: 'syz.9.749': attribute type 3 has an invalid length.
[  854.443418][ T9494] FAULT_INJECTION: forcing a failure.
[  854.443418][ T9494] name failslab, interval 1, probability 0, space 0, times 0
[  854.462956][ T9494] CPU: 0 UID: 0 PID: 9494 Comm: syz.2.738 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  854.463125][ T9494] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  854.463214][ T9494] Call Trace:
[  854.463267][ T9494]  <TASK>
[  854.463320][ T9494]  __dump_stack+0x26/0x30
[  854.463500][ T9494]  dump_stack_lvl+0x1df/0x270
[  854.463685][ T9494]  dump_stack+0x1e/0x25
[  854.463851][ T9494]  should_fail_ex+0x7dc/0x8a0
[  854.464084][ T9494]  should_failslab+0x15b/0x200
[  854.464252][ T9494]  kmem_cache_alloc_lru_noprof+0xf7/0xed0
[  854.464442][ T9494]  ? shmem_alloc_inode+0x5a/0xd0
[  854.464649][ T9494]  ? kmsan_slab_alloc+0xde/0x160
[  854.464788][ T9494]  ? __se_sys_memfd_create+0x51d/0x11f0
[  854.464992][ T9494]  ? __x64_sys_memfd_create+0x78/0xb0
[  854.465189][ T9494]  ? x64_sys_call+0x15be/0x3db0
[  854.465375][ T9494]  ? kmsan_get_metadata+0xfb/0x160
[  854.465547][ T9494]  shmem_alloc_inode+0x5a/0xd0
[  854.465731][ T9494]  ? __pfx_shmem_alloc_inode+0x10/0x10
[  854.465923][ T9494]  alloc_inode+0x87/0x4a0
[  854.466069][ T9494]  ? kmsan_get_metadata+0xfb/0x160
[  854.466221][ T9494]  ? kmsan_get_metadata+0xfb/0x160
[  854.466383][ T9494]  new_inode+0x39/0x460
[  854.466554][ T9494]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  854.466771][ T9494]  shmem_get_inode+0x663/0x1c20
[  854.466995][ T9494]  __shmem_file_setup+0x210/0x590
[  854.467183][ T9494]  shmem_file_setup+0x61/0x80
[  854.467358][ T9494]  __se_sys_memfd_create+0x844/0x11f0
[  854.467591][ T9494]  __x64_sys_memfd_create+0x78/0xb0
[  854.467791][ T9494]  x64_sys_call+0x15be/0x3db0
[  854.467982][ T9494]  do_syscall_64+0xd9/0x210
[  854.468149][ T9494]  ? irqentry_exit+0x16/0x60
[  854.468284][ T9494]  ? clear_bhb_loop+0x40/0x90
[  854.468446][ T9494]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.468599][ T9494] RIP: 0033:0x7f2b2098e9a9
[  854.468710][ T9494] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.468837][ T9494] RSP: 002b:00007f2b217b0e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  854.468983][ T9494] RAX: ffffffffffffffda RBX: 0000000000000c33 RCX: 00007f2b2098e9a9
[  854.469086][ T9494] RDX: 00007f2b217b0ef0 RSI: 0000000000000000 RDI: 00007f2b20a116fc
[  854.469185][ T9494] RBP: 0000200000002b40 R08: 00007f2b217b0bb7 R09: 00007f2b217b0e40
[  854.469288][ T9494] R10: 000000000000000a R11: 0000000000000202 R12: 00002000000000c0
[  854.469384][ T9494] R13: 00007f2b217b0ef0 R14: 00007f2b217b0eb0 R15: 0000200000000000
[  854.469523][ T9494]  </TASK>
[  854.910021][ T9496] FAULT_INJECTION: forcing a failure.
[  854.910021][ T9496] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  854.924278][ T9496] CPU: 1 UID: 0 PID: 9496 Comm: syz.3.750 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  854.924433][ T9496] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  854.924537][ T9496] Call Trace:
[  854.924591][ T9496]  <TASK>
[  854.924645][ T9496]  __dump_stack+0x26/0x30
[  854.924811][ T9496]  dump_stack_lvl+0x1df/0x270
[  854.924992][ T9496]  dump_stack+0x1e/0x25
[  854.925152][ T9496]  should_fail_ex+0x7dc/0x8a0
[  854.925364][ T9496]  should_fail+0x2a/0x40
[  854.925532][ T9496]  should_fail_usercopy+0x2e/0x40
[  854.925670][ T9496]  _copy_from_user+0x33/0x100
[  854.925861][ T9496]  ___sys_sendmsg+0x11b/0x3b0
[  854.926037][ T9496]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  854.926200][ T9496]  ? __rcu_read_unlock+0x6d/0xd0
[  854.926350][ T9496]  ? __fget_files+0x3b4/0x4a0
[  854.926503][ T9496]  ? __fget_files+0x3b9/0x4a0
[  854.926658][ T9496]  ? kmsan_get_metadata+0xfb/0x160
[  854.926808][ T9496]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  854.926960][ T9496]  __x64_sys_sendmsg+0x211/0x3e0
[  854.927129][ T9496]  ? fput+0x113/0x160
[  854.927304][ T9496]  ? kmsan_get_metadata+0xfb/0x160
[  854.927438][ T9496]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  854.927586][ T9496]  ? kmsan_get_metadata+0xfb/0x160
[  854.927744][ T9496]  x64_sys_call+0x32fb/0x3db0
[  854.927912][ T9496]  do_syscall_64+0xd9/0x210
[  854.928084][ T9496]  ? irqentry_exit+0x16/0x60
[  854.928228][ T9496]  ? clear_bhb_loop+0x40/0x90
[  854.928374][ T9496]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  854.928521][ T9496] RIP: 0033:0x7fb07118e9a9
[  854.928635][ T9496] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  854.928766][ T9496] RSP: 002b:00007fb071f50038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  854.928904][ T9496] RAX: ffffffffffffffda RBX: 00007fb0713b5fa0 RCX: 00007fb07118e9a9
[  854.929018][ T9496] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 0000000000000004
[  854.929099][ T9496] RBP: 00007fb071f50090 R08: 0000000000000000 R09: 0000000000000000
[  854.929191][ T9496] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  854.929270][ T9496] R13: 0000000000000000 R14: 00007fb0713b5fa0 R15: 00007ffd1b2870a8
[  854.929394][ T9496]  </TASK>
[  855.765538][ T9409] vivid-000: kernel_thread() failed
[  857.074000][ T9506] loop2: detected capacity change from 0 to 40427
[  857.139626][ T9506] F2FS-fs (loop2): invalid crc value
[  857.505286][ T9506] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  857.532387][ T9506] FAULT_INJECTION: forcing a failure.
[  857.532387][ T9506] name failslab, interval 1, probability 0, space 0, times 0
[  857.545540][ T9506] CPU: 1 UID: 0 PID: 9506 Comm: syz.2.753 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  857.545696][ T9506] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  857.545780][ T9506] Call Trace:
[  857.545832][ T9506]  <TASK>
[  857.545881][ T9506]  __dump_stack+0x26/0x30
[  857.546063][ T9506]  dump_stack_lvl+0x1df/0x270
[  857.546249][ T9506]  dump_stack+0x1e/0x25
[  857.546423][ T9506]  should_fail_ex+0x7dc/0x8a0
[  857.546648][ T9506]  should_failslab+0x15b/0x200
[  857.546817][ T9506]  __kmalloc_noprof+0x182/0x1310
[  857.546993][ T9506]  ? tomoyo_encode+0x626/0xa10
[  857.547193][ T9506]  ? prepend_path+0xff2/0x10c0
[  857.547364][ T9506]  ? kmsan_get_metadata+0xfb/0x160
[  857.547529][ T9506]  ? kmsan_get_metadata+0xfb/0x160
[  857.547702][ T9506]  tomoyo_encode+0x626/0xa10
[  857.547940][ T9506]  tomoyo_realpath_from_path+0x92e/0x9f0
[  857.548193][ T9506]  tomoyo_path_number_perm+0x1d0/0x7d0
[  857.548378][ T9506]  ? stack_depot_save_flags+0x35/0x7b0
[  857.548606][ T9506]  ? kmsan_get_metadata+0xfb/0x160
[  857.548760][ T9506]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.548973][ T9506]  tomoyo_file_ioctl+0x3d/0x50
[  857.549125][ T9506]  security_file_ioctl+0x141/0x590
[  857.549305][ T9506]  __se_sys_ioctl+0xbb/0x400
[  857.549532][ T9506]  __x64_sys_ioctl+0x97/0xe0
[  857.549741][ T9506]  x64_sys_call+0x1ebe/0x3db0
[  857.549931][ T9506]  do_syscall_64+0xd9/0x210
[  857.550088][ T9506]  ? irqentry_exit+0x16/0x60
[  857.550230][ T9506]  ? clear_bhb_loop+0x40/0x90
[  857.550384][ T9506]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.550549][ T9506] RIP: 0033:0x7f2b2098e9a9
[  857.550662][ T9506] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  857.550790][ T9506] RSP: 002b:00007f2b217b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  857.550930][ T9506] RAX: ffffffffffffffda RBX: 00007f2b20bb5fa0 RCX: 00007f2b2098e9a9
[  857.551036][ T9506] RDX: 0000000000000000 RSI: 00000000c0096616 RDI: 0000000000000004
[  857.551123][ T9506] RBP: 00007f2b217b1090 R08: 0000000000000000 R09: 0000000000000000
[  857.551212][ T9506] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  857.551295][ T9506] R13: 0000000000000000 R14: 00007f2b20bb5fa0 R15: 00007ffd6fc1e708
[  857.551429][ T9506]  </TASK>
[  857.787751][ T9506] ERROR: Out of memory at tomoyo_realpath_from_path.
[  857.942694][ T8148] syz-executor: attempt to access beyond end of device
[  857.942694][ T8148] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  857.960240][ T8148] CPU: 0 UID: 0 PID: 8148 Comm: syz-executor Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  857.960402][ T8148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  857.960488][ T8148] Call Trace:
[  857.960540][ T8148]  <TASK>
[  857.960596][ T8148]  __dump_stack+0x26/0x30
[  857.960783][ T8148]  dump_stack_lvl+0x1df/0x270
[  857.960970][ T8148]  dump_stack+0x1e/0x25
[  857.961130][ T8148]  f2fs_handle_critical_error+0xa6f/0xc20
[  857.961343][ T8148]  f2fs_stop_checkpoint+0x65/0x80
[  857.961514][ T8148]  f2fs_write_end_io+0xb4b/0x1920
[  857.961708][ T8148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.961891][ T8148]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  857.962067][ T8148]  bio_endio+0xe27/0xf80
[  857.962287][ T8148]  submit_bio_noacct+0x214/0x2710
[  857.962486][ T8148]  submit_bio+0x5a9/0x5d0
[  857.962641][ T8148]  f2fs_submit_write_bio+0x92/0x250
[  857.962802][ T8148]  __submit_merged_bio+0x16f/0x6a0
[  857.962955][ T8148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.963130][ T8148]  __submit_merged_write_cond+0x458/0x9a0
[  857.963314][ T8148]  f2fs_write_data_pages+0x4bb2/0x5480
[  857.963617][ T8148]  ? kmsan_get_metadata+0xfb/0x160
[  857.963773][ T8148]  ? kmsan_get_metadata+0xfb/0x160
[  857.963924][ T8148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.964096][ T8148]  ? __pfx_lru_cache_disable+0x1/0x10
[  857.964290][ T8148]  ? filter_irq_stacks+0x49/0x190
[  857.964444][ T8148]  ? stack_depot_save_flags+0x35/0x7b0
[  857.964663][ T8148]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  857.964880][ T8148]  ? kmsan_get_metadata+0xfb/0x160
[  857.965033][ T8148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  857.965192][ T8148]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  857.965364][ T8148]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  857.965532][ T8148]  do_writepages+0x3ef/0x860
[  857.965746][ T8148]  ? _raw_spin_unlock+0x30/0x50
[  857.965940][ T8148]  ? wbc_attach_and_unlock_inode+0x131/0x680
[  857.966148][ T8148]  filemap_fdatawrite+0x207/0x260
[  857.966397][ T8148]  f2fs_sync_dirty_inodes+0x2ab/0x9e0
[  857.966626][ T8148]  f2fs_write_checkpoint+0xfe2/0x2b00
[  857.966956][ T8148]  kill_f2fs_super+0x2ff/0x970
[  857.967167][ T8148]  ? __pfx_kill_f2fs_super+0x10/0x10
[  857.967355][ T8148]  deactivate_locked_super+0xc8/0x3c0
[  857.967578][ T8148]  deactivate_super+0x12f/0x140
[  857.967791][ T8148]  cleanup_mnt+0x6fb/0x780
[  857.967958][ T8148]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  857.968184][ T8148]  ? __pfx___cleanup_mnt+0x10/0x10
[  857.968364][ T8148]  __cleanup_mnt+0x22/0x30
[  857.968538][ T8148]  task_work_run+0x206/0x2b0
[  857.968722][ T8148]  exit_to_user_mode_loop+0x2a6/0x330
[  857.968911][ T8148]  do_syscall_64+0x1e3/0x210
[  857.969066][ T8148]  ? irqentry_exit+0x16/0x60
[  857.969203][ T8148]  ? clear_bhb_loop+0x40/0x90
[  857.969362][ T8148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  857.969520][ T8148] RIP: 0033:0x7f2b2098fcd7
[  857.969636][ T8148] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  857.969764][ T8148] RSP: 002b:00007ffd6fc1d998 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  857.969904][ T8148] RAX: 0000000000000000 RBX: 00007f2b20a10b55 RCX: 00007f2b2098fcd7
[  857.970004][ T8148] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd6fc1da50
[  857.970099][ T8148] RBP: 00007ffd6fc1da50 R08: 0000000000000000 R09: 0000000000000000
[  857.970191][ T8148] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffd6fc1eae0
[  857.970280][ T8148] R13: 00007f2b20a10b55 R14: 00000000000d16a4 R15: 00007ffd6fc1eb20
[  857.970411][ T8148]  </TASK>
[  858.337300][ T8148] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  858.596346][ T5873] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  859.085449][   T49] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  859.135284][   T49] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  859.231738][   T49] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  859.525027][   T49] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  859.572862][   T49] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  860.177246][ T9528] loop9: detected capacity change from 0 to 2048
[  860.264739][ T9534] netlink: 76 bytes leftover after parsing attributes in process `syz.2.758'.
[  860.274735][ T9534] netlink: 76 bytes leftover after parsing attributes in process `syz.2.758'.
[  860.388564][ T9528] UDF-fs: warning (device loop9): udf_fill_super: No fileset found
[  860.586798][ T9531] syz.0.761 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  861.639458][ T5867] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  861.695235][   T49] Bluetooth: hci3: command tx timeout
[  861.903616][ T5867] usb 3-1: config 0 has an invalid interface number: 64 but max is 0
[  861.912577][ T5867] usb 3-1: config 0 has no interface number 0
[  862.084389][ T5867] usb 3-1: New USB device found, idVendor=046d, idProduct=0823, bcdDevice= 0.07
[  862.098179][ T5867] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  862.106874][ T5867] usb 3-1: Product: syz
[  862.111489][ T5867] usb 3-1: Manufacturer: syz
[  862.116352][ T5867] usb 3-1: SerialNumber: syz
[  862.328565][ T9542] loop3: detected capacity change from 0 to 32768
[  862.417201][ T9542] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.762 (9542)
[  862.434677][ T5867] usb 3-1: config 0 descriptor??
[  862.465839][ T9542] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  862.480739][ T9542] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  862.491403][ T9542] BTRFS info (device loop3): using free-space-tree
[  862.914421][ T7977] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  862.994805][ T9564] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  863.006002][ T9564] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  863.280453][ T9524] chnl_net:caif_netlink_parms(): no params data found
[  863.386536][ T5873] usb 10-1: new high-speed USB device number 10 using dummy_hcd
[  863.701243][ T5873] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  863.718405][ T5873] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  863.777093][   T49] Bluetooth: hci3: command tx timeout
[  863.918569][ T5873] usb 10-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  863.932235][ T5873] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  863.940970][ T5873] usb 10-1: SerialNumber: syz
[  864.062155][ T5867] usb 3-1: Found UVC 0.08 device syz (046d:0823)
[  864.068887][ T5867] usb 3-1: No valid video chain found.
[  864.144244][ T5867] usb 3-1: USB disconnect, device number 7
[  864.396317][ T5873] usb 10-1: 0:2 : does not exist
[  864.759347][ T5873] usb 10-1: USB disconnect, device number 10
[  865.097247][ T7261] udevd[7261]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  865.851938][   T49] Bluetooth: hci3: command tx timeout
[  866.071627][ T9583] netlink: 'syz.2.768': attribute type 10 has an invalid length.
[  866.086303][ T9583] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  867.489160][ T9524] bridge0: port 1(bridge_slave_0) entered blocking state
[  867.500518][ T9524] bridge0: port 1(bridge_slave_0) entered disabled state
[  867.508578][ T9524] bridge_slave_0: entered allmulticast mode
[  867.518671][ T9524] bridge_slave_0: entered promiscuous mode
[  867.630968][ T9409] vivid-000: kernel_thread() failed
[  867.938902][   T49] Bluetooth: hci3: command tx timeout
[  868.078981][ T9524] bridge0: port 2(bridge_slave_1) entered blocking state
[  868.086807][ T9524] bridge0: port 2(bridge_slave_1) entered disabled state
[  868.095033][ T9524] bridge_slave_1: entered allmulticast mode
[  868.105150][ T9524] bridge_slave_1: entered promiscuous mode
[  869.063433][ T9596] netlink: 76 bytes leftover after parsing attributes in process `syz.2.772'.
[  869.073281][ T9596] netlink: 76 bytes leftover after parsing attributes in process `syz.2.772'.
[  869.490929][ T9524] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  869.729683][ T9524] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  870.597406][ T9524] team0: Port device team_slave_0 added
[  870.658163][ T9524] team0: Port device team_slave_1 added
[  870.687058][ T9598] loop0: detected capacity change from 0 to 4096
[  870.849186][ T9603] nbd0: detected capacity change from 0 to 127
[  871.400729][ T9524] batman_adv: batadv0: Adding interface: batadv_slave_0
[  871.407997][ T9524] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  871.437792][ T9524] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  871.664289][   T49] block nbd0: Receive control failed (result -104)
[  871.711264][ T9524] batman_adv: batadv0: Adding interface: batadv_slave_1
[  871.718504][ T9524] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  871.748942][ T9524] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  872.384192][ T9524] hsr_slave_0: entered promiscuous mode
[  872.396711][ T9524] hsr_slave_1: entered promiscuous mode
[  872.408782][ T9524] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  872.420952][ T9524] Cannot create hsr debugfs directory
[  873.100757][ T1876] usb 10-1: new full-speed USB device number 11 using dummy_hcd
[  873.508825][ T1876] usb 10-1: unable to get BOS descriptor or descriptor too short
[  873.568765][ T1876] usb 10-1: no configurations
[  873.577368][ T1876] usb 10-1: can't read configurations, error -22
[  874.282588][ T9409] vivid-000: kernel_thread() failed
[  875.015474][ T9641] netlink: 76 bytes leftover after parsing attributes in process `syz.9.785'.
[  875.026339][ T9641] netlink: 76 bytes leftover after parsing attributes in process `syz.9.785'.
[  875.167381][ T9644] loop3: detected capacity change from 0 to 64
[  876.204575][ T9653] netlink: 72 bytes leftover after parsing attributes in process `syz.9.788'.
[  876.256127][ T9524] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  876.320938][ T9650] netlink: 72 bytes leftover after parsing attributes in process `syz.9.788'.
[  876.398666][ T9524] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  876.487605][ T9524] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  876.638120][ T9524] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  877.464529][ T9663] syzkaller1: entered promiscuous mode
[  877.473584][ T9663] syzkaller1: entered allmulticast mode
[  877.587341][ T9661] netlink: 8 bytes leftover after parsing attributes in process `syz.9.793'.
[  878.043478][ T1876] usb 10-1: new high-speed USB device number 13 using dummy_hcd
[  878.230769][ T1876] usb 10-1: Using ep0 maxpacket: 32
[  878.267293][ T1876] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  878.278213][ T1876] usb 10-1: config 0 interface 0 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 10
[  878.294791][ T1876] usb 10-1: config 0 interface 0 has no altsetting 0
[  878.343302][ T9524] 8021q: adding VLAN 0 to HW filter on device bond0
[  878.400464][ T1876] usb 10-1: New USB device found, idVendor=108c, idProduct=0169, bcdDevice=75.b9
[  878.409965][ T1876] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  878.424140][ T1876] usb 10-1: Product: syz
[  878.428689][ T1876] usb 10-1: Manufacturer: syz
[  878.434796][ T1876] usb 10-1: SerialNumber: syz
[  878.488146][ T5873] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  878.546352][ T1876] usb 10-1: config 0 descriptor??
[  878.610169][ T1876] etas_es58x 10-1:0.0: Starting syz syz (Serial Number syz)
[  878.669013][ T9524] 8021q: adding VLAN 0 to HW filter on device team0
[  878.710044][ T5873] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  878.724032][ T5873] usb 3-1: New USB device found, idVendor=056a, idProduct=00c6, bcdDevice= 0.00
[  878.736211][ T5873] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  878.770498][ T3667] bridge0: port 1(bridge_slave_0) entered blocking state
[  878.778112][ T3667] bridge0: port 1(bridge_slave_0) entered forwarding state
[  878.833060][ T5873] usb 3-1: config 0 descriptor??
[  878.869388][ T3667] bridge0: port 2(bridge_slave_1) entered blocking state
[  878.877103][ T3667] bridge0: port 2(bridge_slave_1) entered forwarding state
[  879.437229][ T5873] wacom 0003:056A:00C6.0002: hidraw0: USB HID v0.00 Device [HID 056a:00c6] on usb-dummy_hcd.2-1/input0
[  879.711623][ T9665] loop2: detected capacity change from 0 to 512
[  879.855133][ T9409] vivid-000: kernel_thread() failed
[  879.870909][ T9665] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=2842e029, mo2=0002]
[  879.962589][ T9665] System zones: 1-12
[  880.007227][ T9665] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #11: comm syz.2.795: invalid indirect mapped block 8 (level 2)
[  880.039936][ T9676] netlink: 76 bytes leftover after parsing attributes in process `syz.0.797'.
[  880.049996][ T9676] netlink: 76 bytes leftover after parsing attributes in process `syz.0.797'.
[  880.125109][ T9665] EXT4-fs (loop2): Remounting filesystem read-only
[  880.132809][ T9665] EXT4-fs (loop2): 1 truncate cleaned up
[  880.142425][ T9665] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  880.153389][ T5867] usb 10-1: USB disconnect, device number 13
[  880.279382][ T9678] netlink: 8 bytes leftover after parsing attributes in process `syz.3.798'.
[  880.288729][ T9678] netlink: 24 bytes leftover after parsing attributes in process `syz.3.798'.
[  880.301996][ T9678] netlink: 24 bytes leftover after parsing attributes in process `syz.3.798'.
[  880.352143][ T9665] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  880.362469][ T9665] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  880.565215][ T1876] usb 3-1: USB disconnect, device number 8
[  880.918366][ T9682] loop3: detected capacity change from 0 to 512
[  880.947835][ T9682] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  880.967902][ T9685] FAULT_INJECTION: forcing a failure.
[  880.967902][ T9685] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  880.988394][ T9685] CPU: 0 UID: 0 PID: 9685 Comm: syz.9.800 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  880.988551][ T9685] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  880.988658][ T9685] Call Trace:
[  880.988711][ T9685]  <TASK>
[  880.988762][ T9685]  __dump_stack+0x26/0x30
[  880.988941][ T9685]  dump_stack_lvl+0x1df/0x270
[  880.989128][ T9685]  dump_stack+0x1e/0x25
[  880.989289][ T9685]  should_fail_ex+0x7dc/0x8a0
[  880.989510][ T9685]  should_fail+0x2a/0x40
[  880.989700][ T9685]  should_fail_usercopy+0x2e/0x40
[  880.989841][ T9685]  _copy_from_user+0x33/0x100
[  880.990040][ T9685]  ___sys_sendmsg+0x11b/0x3b0
[  880.990220][ T9685]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  880.990391][ T9685]  ? __rcu_read_unlock+0x6d/0xd0
[  880.990539][ T9685]  ? __fget_files+0x3b4/0x4a0
[  880.990700][ T9685]  ? __fget_files+0x3b9/0x4a0
[  880.990866][ T9685]  ? kmsan_get_metadata+0xfb/0x160
[  880.991015][ T9685]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  880.991178][ T9685]  __x64_sys_sendmsg+0x211/0x3e0
[  880.991335][ T9685]  ? fput+0x113/0x160
[  880.991503][ T9685]  ? kmsan_get_metadata+0xfb/0x160
[  880.991660][ T9685]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  880.991819][ T9685]  ? kmsan_get_metadata+0xfb/0x160
[  880.991991][ T9685]  x64_sys_call+0x32fb/0x3db0
[  880.992184][ T9685]  do_syscall_64+0xd9/0x210
[  880.992343][ T9685]  ? irqentry_exit+0x16/0x60
[  880.992482][ T9685]  ? clear_bhb_loop+0x40/0x90
[  880.992652][ T9685]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  880.992806][ T9685] RIP: 0033:0x7ff29a78e9a9
[  880.992914][ T9685] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  880.993042][ T9685] RSP: 002b:00007ff29b543038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  880.993188][ T9685] RAX: ffffffffffffffda RBX: 00007ff29a9b5fa0 RCX: 00007ff29a78e9a9
[  880.993287][ T9685] RDX: 0000000000000000 RSI: 0000200000000080 RDI: 0000000000000003
[  880.993373][ T9685] RBP: 00007ff29b543090 R08: 0000000000000000 R09: 0000000000000000
[  880.993461][ T9685] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  880.993545][ T9685] R13: 0000000000000000 R14: 00007ff29a9b5fa0 R15: 00007ffe387a69a8
[  880.993682][ T9685]  </TASK>
[  881.129894][ T9682] EXT4-fs (loop3): 1 truncate cleaned up
[  881.237150][ T9682] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  881.297336][ T8148] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  881.835140][ T9691] loop2: detected capacity change from 0 to 256
[  881.860117][ T9691] vfat: Unknown parameter 'codepqge'
[  881.998765][ T9524] 8021q: adding VLAN 0 to HW filter on device batadv0
[  882.648739][ T9699] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  882.697364][ T9703] FAULT_INJECTION: forcing a failure.
[  882.697364][ T9703] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  882.711234][ T9703] CPU: 1 UID: 0 PID: 9703 Comm: syz.9.805 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  882.711383][ T9703] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  882.711471][ T9703] Call Trace:
[  882.711521][ T9703]  <TASK>
[  882.711571][ T9703]  __dump_stack+0x26/0x30
[  882.711742][ T9703]  dump_stack_lvl+0x1df/0x270
[  882.711928][ T9703]  dump_stack+0x1e/0x25
[  882.712107][ T9703]  should_fail_ex+0x7dc/0x8a0
[  882.712330][ T9703]  should_fail+0x2a/0x40
[  882.712527][ T9703]  should_fail_usercopy+0x2e/0x40
[  882.712669][ T9703]  _copy_to_user+0x35/0x120
[  882.712869][ T9703]  simple_read_from_buffer+0x1b2/0x340
[  882.713046][ T9703]  proc_fail_nth_read+0x1d2/0x2c0
[  882.713256][ T9703]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  882.713444][ T9703]  vfs_read+0x279/0xf00
[  882.713579][ T9703]  ? stack_depot_save_flags+0x35/0x7b0
[  882.713768][ T9703]  ? kmsan_get_metadata+0xfb/0x160
[  882.713919][ T9703]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  882.714158][ T9703]  __x64_sys_read+0x1fb/0x4d0
[  882.714343][ T9703]  x64_sys_call+0x39db/0x3db0
[  882.714541][ T9703]  do_syscall_64+0xd9/0x210
[  882.714700][ T9703]  ? irqentry_exit+0x16/0x60
[  882.714837][ T9703]  ? clear_bhb_loop+0x40/0x90
[  882.714996][ T9703]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  882.715150][ T9703] RIP: 0033:0x7ff29a78d3bc
[  882.715260][ T9703] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  882.715391][ T9703] RSP: 002b:00007ff29b543030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  882.715541][ T9703] RAX: ffffffffffffffda RBX: 00007ff29a9b5fa0 RCX: 00007ff29a78d3bc
[  882.715648][ T9703] RDX: 000000000000000f RSI: 00007ff29b5430a0 RDI: 0000000000000004
[  882.715743][ T9703] RBP: 00007ff29b543090 R08: 0000000000000000 R09: 0000000000000000
[  882.715834][ T9703] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  882.715921][ T9703] R13: 0000000000000000 R14: 00007ff29a9b5fa0 R15: 00007ffe387a69a8
[  882.716055][ T9703]  </TASK>
[  883.459626][ T9409] vivid-000: kernel_thread() failed
[  883.608300][ T7977] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  883.747941][ T9708] netlink: 76 bytes leftover after parsing attributes in process `syz.9.808'.
[  883.757390][ T9708] netlink: 76 bytes leftover after parsing attributes in process `syz.9.808'.
[  883.899646][ T9710] loop2: detected capacity change from 0 to 256
[  885.061653][ T1876] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  885.283722][ T1876] usb 3-1: Using ep0 maxpacket: 16
[  885.339916][ T1876] usb 3-1: config 0 has too many interfaces: 153, using maximum allowed: 32
[  885.353058][ T1876] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  885.364128][ T1876] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 153
[  885.503981][ T9725] loop3: detected capacity change from 0 to 1024
[  885.541629][ T1876] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a0, bcdDevice=2b.f1
[  885.551522][ T1876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  885.559809][ T1876] usb 3-1: Product: syz
[  885.567264][ T1876] usb 3-1: Manufacturer: syz
[  885.572334][ T1876] usb 3-1: SerialNumber: syz
[  885.607674][ T9524] veth0_vlan: entered promiscuous mode
[  885.648682][ T1876] usb 3-1: config 0 descriptor??
[  885.716498][ T9524] veth1_vlan: entered promiscuous mode
[  885.961036][ T1876] usb 3-1: USB disconnect, device number 9
[  886.299531][ T9524] veth0_macvtap: entered promiscuous mode
[  886.312625][ T9727] loop0: detected capacity change from 0 to 4096
[  886.359609][ T9727] ntfs3(loop0): Different NTFS sector size (1024) and media sector size (512).
[  886.384232][ T9524] veth1_macvtap: entered promiscuous mode
[  886.602477][ T6506] hfsplus: b-tree write err: -5, ino 4
[  886.667020][ T9524] batman_adv: batadv0: Interface activated: batadv_slave_0
[  886.671584][ T9727] ntfs3(loop0): ino=1a, mi_enum_attr
[  886.679991][ T9727] ntfs3(loop0): Mark volume as dirty due to NTFS errors
[  886.823857][ T9524] batman_adv: batadv0: Interface activated: batadv_slave_1
[  886.945889][ T9524] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  886.960950][ T9524] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  886.970019][ T9524] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  886.984948][ T9524] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  887.284658][ T9739] loop3: detected capacity change from 0 to 512
[  887.352026][ T9740] fuse: root generation should be zero
[  887.358151][ T9739] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  887.482016][ T4178] ntfs3(loop0): ino=1e, ntfs3_write_inode failed, -22.
[  887.549138][ T9739] EXT4-fs (loop3): 1 truncate cleaned up
[  887.557475][ T9739] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  888.426303][ T9409] vivid-000: kernel_thread() failed
[  888.654028][ T7977] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  889.360872][ T7477] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  889.438422][ T9768] 9pnet_fd: Insufficient options for proto=fd
[  889.550733][ T7477] usb 3-1: Using ep0 maxpacket: 16
[  889.616611][ T7477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  889.628147][ T7477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  889.638480][ T7477] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  889.652188][ T7477] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  889.661979][ T7477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  889.876392][ T7477] usb 3-1: config 0 descriptor??
[  890.324004][ T9765] random: crng reseeded on system resumption
[  890.382439][ T9773] loop3: detected capacity change from 0 to 1024
[  890.395988][ T9776] loop2: detected capacity change from 0 to 128
[  890.738448][ T9779] loop9: detected capacity change from 0 to 64
[  891.517999][ T7319] hfsplus: b-tree write err: -5, ino 4
[  892.103438][ T9784] loop9: detected capacity change from 0 to 512
[  892.316783][ T9784] EXT4-fs (loop9): mounting ext2 file system using the ext4 subsystem
[  892.414227][ T7477] usbhid 3-1:0.0: can't add hid device: -71
[  892.421445][ T7477] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  892.554908][ T9784] EXT4-fs error (device loop9): ext4_orphan_get:1393: inode #15: comm syz.9.827: iget: bad i_size value: -67835469387268086
[  892.630975][ T7477] usb 3-1: USB disconnect, device number 10
[  892.680116][ T9784] EXT4-fs error (device loop9): ext4_orphan_get:1398: comm syz.9.827: couldn't read orphan inode 15 (err -117)
[  892.823984][ T9784] EXT4-fs (loop9): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  892.837731][ T9784] ext2 filesystem being mounted at /90/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  892.915862][ T9790] netlink: 88 bytes leftover after parsing attributes in process `syz.0.829'.
[  893.082055][ T9786] loop3: detected capacity change from 0 to 32768
[  893.285454][ T7973] EXT4-fs (loop9): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  893.411364][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names
[  893.411535][ T9786]   allowing incompatible features above 0.0: (unknown version)
[  893.411630][ T9786]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  893.411741][ T9786]   with devices loop3
[  893.475389][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  893.490143][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem
[  893.526625][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write
[  893.586362][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks
[  893.655458][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace
[  893.694503][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace
[  893.726975][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table
[  893.736281][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done
[  893.948361][ T9786] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem
[  894.002402][ T9806] loop9: detected capacity change from 0 to 512
[  894.063140][ T9806] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  894.257144][ T9806] EXT4-fs (loop9): 1 truncate cleaned up
[  894.266347][ T9806] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  894.989989][ T9409] vivid-000: kernel_thread() failed
[  895.324593][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down
[  895.332900][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only
[  895.341469][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop
[  895.587366][ T9813] loop0: detected capacity change from 0 to 32768
[  895.610466][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 4
[  895.781787][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 4
[  895.867222][ T9813] bcachefs (loop0): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,nocow
[  895.867349][ T9813]   allowing incompatible features above 0.0: (unknown version)
[  895.867442][ T9813]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  895.906718][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 5
[  895.910041][ T9813] bcachefs (loop0): Using encoding defined by superblock: utf8-12.1.0
[  895.935317][ T9813] bcachefs (loop0): initializing new filesystem
[  895.959199][ T9813] bcachefs (loop0): going read-write
[  896.007195][ T9813] bcachefs (loop0): marking superblocks
[  896.015680][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean
[  896.091657][ T9813] bcachefs (loop0): initializing freespace
[  896.123790][ T9813] bcachefs (loop0): done initializing freespace
[  896.151731][ T9813] bcachefs (loop0): reading snapshots table
[  896.158147][ T9813] bcachefs (loop0): reading snapshots done
[  896.455422][ T9813] bcachefs (loop0):  loop0: Superblock write was silently dropped! (seq 0 expected 42)
[  896.471541][ T9813] bcachefs (loop0): done starting filesystem
[  896.523974][ T7977] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[  896.669518][ T7973] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  897.264286][ T5812] bcachefs (loop0): shutting down
[  897.269600][ T5812] bcachefs (loop0): going read-only
[  897.275738][ T5812] bcachefs (loop0): finished waiting for writes to stop
[  897.661732][ T5812] bcachefs (loop0): flushing journal and stopping allocators, journal seq 3
[  897.880506][ T9833] loop2: detected capacity change from 0 to 65536
[  897.965584][ T9833] XFS (loop2): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  898.037531][ T4674] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  898.045926][ T4674] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  898.093187][ T5812] bcachefs (loop0): flushing journal and stopping allocators complete, journal seq 3
[  898.166630][ T9833] XFS (loop2): Ending clean mount
[  898.176702][ T9833] XFS (loop2): Quotacheck needed: Please wait.
[  898.216874][ T3667] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  898.225268][ T3667] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  898.266467][ T5812] bcachefs (loop0): clean shutdown complete, journal seq 4
[  898.291734][ T5812] bcachefs (loop0): marking filesystem clean
[  898.346822][ T9833] XFS (loop2): Quotacheck: Done.
[  898.369856][ T9833] XFS (loop2): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  898.548886][ T5812] bcachefs (loop0): shutdown complete
[  899.936195][ T9851] Cannot find set identified by id 2 to match
[  901.155379][   T96] block nbd0: Possible stuck request ffff888107dc0000: control (read@0,4096B). Runtime 30 seconds
[  901.320967][ T5873] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  901.377219][ T9858] netlink: 88 bytes leftover after parsing attributes in process `syz.2.841'.
[  901.562097][ T5873] usb 5-1: Using ep0 maxpacket: 16
[  901.632796][ T5873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  901.647195][ T5873] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  901.657692][ T5873] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  901.676566][ T5873] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  901.686997][ T5873] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  901.916304][ T5873] usb 5-1: config 0 descriptor??
[  902.201833][ T9862] loop3: detected capacity change from 0 to 64
[  902.281561][ T7477] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  902.330111][ T9856] random: crng reseeded on system resumption
[  902.381632][ T9856] loop4: detected capacity change from 0 to 128
[  902.521349][ T7477] usb 3-1: config 0 has an invalid interface number: 85 but max is 0
[  902.530066][ T7477] usb 3-1: config 0 has no interface number 0
[  902.536576][ T7477] usb 3-1: config 0 interface 85 altsetting 151 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  902.548297][ T7477] usb 3-1: config 0 interface 85 altsetting 151 endpoint 0x81 has invalid wMaxPacketSize 0
[  902.558766][ T7477] usb 3-1: config 0 interface 85 has no altsetting 0
[  902.565944][ T7477] usb 3-1: New USB device found, idVendor=1d34, idProduct=0004, bcdDevice= 0.00
[  902.575588][ T7477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  902.767194][ T7477] usb 3-1: config 0 descriptor??
[  902.836032][ T9409] vivid-000: kernel_thread() failed
[  903.351707][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.359386][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.367000][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.374545][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.382153][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.389556][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.397180][ T7477] hid-led 0003:1D34:0004.0003: unknown main item tag 0x0
[  903.669910][ T7477] hid-led 0003:1D34:0004.0003: probe with driver hid-led failed with error -71
[  903.767676][ T7477] usb 3-1: USB disconnect, device number 11
[  904.429155][ T5873] usbhid 5-1:0.0: can't add hid device: -71
[  904.445511][ T5873] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  904.537226][ T5873] usb 5-1: USB disconnect, device number 2
[  904.876878][ T9876] netlink: 'syz.4.846': attribute type 2 has an invalid length.
[  905.086021][ T9877] loop4: detected capacity change from 0 to 1024
[  905.140729][ T9877] EXT4-fs (loop4): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  905.156906][ T9877] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  905.168077][ T9877] EXT4-fs (loop4): stripe (2) is not aligned with cluster size (16), stripe is disabled
[  905.240834][ T9877] EXT4-fs error (device loop4): ext4_get_journal_inode:5796: inode #32: comm syz.4.846: iget: special inode unallocated
[  905.317931][ T9877] EXT4-fs (loop4): no journal found
[  905.323812][ T9877] EXT4-fs (loop4): can't get journal size
[  905.331086][ T5873] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  905.379082][ T9880] netlink: 'syz.0.837': attribute type 3 has an invalid length.
[  905.391425][ T9880] netlink: 8 bytes leftover after parsing attributes in process `syz.0.837'.
[  905.555537][ T9877] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  905.682540][ T1287] ieee802154 phy0 wpan0: encryption failed: -22
[  905.692384][ T1287] ieee802154 phy1 wpan1: encryption failed: -22
[  906.428100][ T9876] netlink: 'syz.4.846': attribute type 2 has an invalid length.
[  906.550942][ T9887] loop9: detected capacity change from 0 to 32768
[  906.963024][ T9887] bcachefs (loop9): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,foreground_target=invalid label 767,background_target=invalid device 7,nojournal_transaction_names
[  906.963190][ T9887]   allowing incompatible features above 0.0: (unknown version)
[  906.963273][ T9887]   features: lz4
[  907.001598][ T9887] bcachefs (loop9): Using encoding defined by superblock: utf8-12.1.0
[  907.010095][ T9887] bcachefs (loop9): initializing new filesystem
[  907.033613][ T9887] bcachefs (loop9): going read-write
[  907.068621][ T9887] bcachefs (loop9): marking superblocks
[  907.179111][ T9887] bcachefs (loop9): initializing freespace
[  907.219481][ T9887] bcachefs (loop9): done initializing freespace
[  907.257026][ T9887] bcachefs (loop9): reading snapshots table
[  907.263563][ T9887] bcachefs (loop9): reading snapshots done
[  907.389690][ T9882] loop3: detected capacity change from 0 to 65536
[  907.404246][ T5873] usb 3-1: Using ep0 maxpacket: 32
[  907.454186][ T5873] usb 3-1: config 0 has an invalid interface number: 255 but max is 1
[  907.465846][ T5873] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  907.476470][ T5873] usb 3-1: config 0 has no interface number 1
[  907.482995][ T5873] usb 3-1: config 0 interface 0 altsetting 245 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  907.499404][ T5873] usb 3-1: config 0 interface 0 has no altsetting 0
[  907.509098][ T5873] usb 3-1: config 0 interface 255 has no altsetting 0
[  907.597305][ T9887] bcachefs (loop9): done starting filesystem
[  907.617355][ T5873] usb 3-1: New USB device found, idVendor=0582, idProduct=0033, bcdDevice=8e.57
[  907.626916][ T5873] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  907.639914][ T5873] usb 3-1: Product: syz
[  907.648458][ T5873] usb 3-1: Manufacturer: syz
[  907.653540][ T5873] usb 3-1: SerialNumber: syz
[  907.668177][ T5873] usb 3-1: config 0 descriptor??
[  907.693924][ T5873] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  907.706521][ T5873] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  907.718924][ T5873] snd-usb-audio 3-1:0.0: probe with driver snd-usb-audio failed with error -2
[  907.832923][ T9882] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  907.902841][ T9524] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  908.069431][   T30] audit: type=1800 audit(1753335356.485:21): pid=9887 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.849" name="file1" dev="loop9" ino=4098 res=0 errno=0
[  908.291449][ T9913] netlink: 8 bytes leftover after parsing attributes in process `syz.9.849'.
[  908.303903][ T9913] netlink: 4 bytes leftover after parsing attributes in process `syz.9.849'.
[  908.313232][ T9913] netlink: 'syz.9.849': attribute type 18 has an invalid length.
[  908.324245][ T9913] netlink: 8 bytes leftover after parsing attributes in process `syz.9.849'.
[  908.384014][ T7477] usb 3-1: USB disconnect, device number 12
[  908.415295][ T9882] XFS (loop3): Ending clean mount
[  908.442327][ T9882] XFS (loop3): Quotacheck needed: Please wait.
[  908.567487][ T9882] XFS (loop3): Quotacheck: Done.
[  908.591165][ T9882] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  909.004500][ T7973] bcachefs (loop9): shutting down
[  909.009827][ T7973] bcachefs (loop9): going read-only
[  909.015658][ T7973] bcachefs (loop9): finished waiting for writes to stop
[  909.042800][ T7973] bcachefs (loop9): flushing journal and stopping allocators, journal seq 3
[  909.062521][ T9916] netlink: 88 bytes leftover after parsing attributes in process `syz.2.852'.
[  909.253130][ T7477] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  909.421229][ T7477] usb 5-1: Using ep0 maxpacket: 8
[  909.437994][ T7973] bcachefs (loop9): flushing journal and stopping allocators complete, journal seq 4
[  909.469008][ T9409] vivid-000: kernel_thread() failed
[  909.473409][ T7477] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  909.486541][ T7477] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  909.497983][ T7477] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  909.509021][ T7477] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  909.519367][ T7477] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  909.533312][ T7477] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  909.542802][ T7477] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  909.681862][ T7973] bcachefs (loop9): clean shutdown complete, journal seq 5
[  909.749065][ T7973] bcachefs (loop9): marking filesystem clean
[  909.774803][ T9923] loop2: detected capacity change from 0 to 64
[  909.927011][ T7973] bcachefs (loop9): shutdown complete
[  910.176697][ T7477] usb 5-1: usb_control_msg returned -32
[  910.182954][ T7477] usbtmc 5-1:16.0: can't read capabilities
[  911.224772][ T7477] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  911.420840][ T7477] usb 3-1: Using ep0 maxpacket: 16
[  911.472459][ T7477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  911.483972][ T7477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  911.496798][ T7477] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  911.511060][ T7477] usb 3-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  911.520710][ T7477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  911.673890][ T7477] usb 3-1: config 0 descriptor??
[  912.148620][ T5873] usb 5-1: USB disconnect, device number 3
[  912.170665][ T7477] input: HID 0955:7214 Haptics as /devices/virtual/input/input14
[  912.309053][ T7477] shield 0003:0955:7214.0004: Registered Thunderstrike controller
[  912.323368][ T7477] shield 0003:0955:7214.0004: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0
[  912.366167][ T9928] loop2: detected capacity change from 0 to 128
[  913.235203][ T5873] usb 4-1: new full-speed USB device number 11 using dummy_hcd
[  913.445688][ T1716] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ESHUTDOWN
[  913.457894][ T1716] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT
[  913.470108][ T1716] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT
[  913.485316][ T1716] shield 0003:0955:7214.0004: Failed to output Thunderstrike HOSTCMD request HID report due to -ENOENT
[  913.516771][ T5873] usb 4-1: unable to get BOS descriptor or descriptor too short
[  913.600961][ T5873] usb 4-1: not running at top speed; connect to a high speed hub
[  913.631293][ T7477] usb 3-1: reset high-speed USB device number 13 using dummy_hcd
[  913.658674][ T5873] usb 4-1: config 156 has an invalid interface number: 178 but max is 0
[  913.667696][ T5873] usb 4-1: config 156 has an invalid descriptor of length 0, skipping remainder of the config
[  913.682914][ T5873] usb 4-1: config 156 has no interface number 0
[  913.689499][ T5873] usb 4-1: config 156 interface 178 altsetting 8 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  913.707771][ T5873] usb 4-1: config 156 interface 178 has no altsetting 0
[  913.784938][ T7477] usb 3-1: device descriptor read/64, error -32
[  913.914409][ T5873] usb 4-1: New USB device found, idVendor=fa01, idProduct=3df9, bcdDevice=2f.31
[  913.924091][ T5873] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  913.933935][ T5873] usb 4-1: Product: syz
[  913.938394][ T5873] usb 4-1: Manufacturer: syz
[  913.946703][ T5873] usb 4-1: SerialNumber: syz
[  914.090135][ T5873] usb 4-1: bad CDC descriptors
[  914.091989][ T7477] usb 3-1: reset high-speed USB device number 13 using dummy_hcd
[  914.286763][ T1716] usb 4-1: USB disconnect, device number 11
[  914.791486][ T9945] netlink: 116 bytes leftover after parsing attributes in process `syz.0.862'.
[  914.837756][ T9941] loop2: detected capacity change from 0 to 256
[  914.898944][ T5874] usb 3-1: USB disconnect, device number 13
[  914.923006][ T9946] netlink: 'syz.0.862': attribute type 30 has an invalid length.
[  914.932169][ T9946] (unnamed net_device) (uninitialized): option arp_missed_max: invalid value (0)
[  914.941879][ T9946] (unnamed net_device) (uninitialized): option arp_missed_max: allowed values 1 - 255
[  914.967337][ T9941] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  915.328332][ T9409] vivid-000: kernel_thread() failed
[  915.657362][ T9943] loop4: detected capacity change from 0 to 32768
[  915.956404][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): starting version 1.7: mi_btree_bitmap opts=errors=continue,metadata_checksum=none,data_checksum=none,compression=lz4,journal_flush_delay=2013266920,journal_reclaim_delay=10,nojournal_transaction_names
[  915.956575][ T9943]   allowing incompatible features above 0.0: (unknown version)
[  915.956672][ T9943]   features: lz4,new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  915.956784][ T9943]   with devices loop4
[  915.966782][ T9953] loop9: detected capacity change from 0 to 2048
[  915.984792][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): Using encoding defined by superblock: utf8-12.1.0
[  916.037555][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing new filesystem
[  916.061619][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-write
[  916.151290][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking superblocks
[  916.218402][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): initializing freespace
[  916.261384][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done initializing freespace
[  916.273150][ T9953] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  916.286498][ T9953] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  916.289718][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots table
[  916.309991][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): reading snapshots done
[  916.349946][ T9951] loop3: detected capacity change from 0 to 4096
[  916.459032][ T9943] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): done starting filesystem
[  916.740617][ T9971] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  916.891285][   T30] audit: type=1800 audit(1753335365.325:22): pid=9951 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.863" name="file1" dev="loop3" ino=15 res=0 errno=0
[  917.477810][ T7973] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  917.553708][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutting down
[  917.562044][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): going read-only
[  917.574538][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): finished waiting for writes to stop
[  917.632934][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators, journal seq 4
[  917.756496][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): flushing journal and stopping allocators complete, journal seq 4
[  917.828792][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): clean shutdown complete, journal seq 5
[  917.913204][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): marking filesystem clean
[  918.039934][ T9524] bcachefs (da441363-bb6a-4ab9-999b-c1f40db4fee2): shutdown complete
[  918.225949][ T9981] netlink: 88 bytes leftover after parsing attributes in process `syz.9.866'.
[  918.282456][ T9984] loop3: detected capacity change from 0 to 128
[  919.690932][ T7477] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  919.927630][ T7477] usb 4-1: Using ep0 maxpacket: 16
[  919.955978][ T7477] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  919.967602][ T7477] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  919.978006][ T7477] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  919.994109][ T7477] usb 4-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  920.004416][ T7477] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  920.238270][ T7477] usb 4-1: config 0 descriptor??
[  920.482425][ T9409] vivid-000: kernel_thread() failed
[  920.711819][ T9995] loop3: detected capacity change from 0 to 128
[  921.205438][T10004] netlink: 8 bytes leftover after parsing attributes in process `syz.0.873'.
[  922.698914][ T7477] usbhid 4-1:0.0: can't add hid device: -71
[  922.705901][ T7477] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  922.770137][T10009] loop0: detected capacity change from 0 to 256
[  922.796614][ T7477] usb 4-1: USB disconnect, device number 12
[  922.836002][T10009] exfat: Deprecated parameter 'utf8'
[  922.843067][T10009] exfat: Deprecated parameter 'utf8'
[  923.113690][T10009] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  923.282815][T10014] loop4: detected capacity change from 0 to 64
[  923.520654][ T7477] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  923.720846][ T7477] usb 3-1: Using ep0 maxpacket: 8
[  923.764240][ T7477] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  923.776939][ T7477] usb 3-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  923.791687][ T7477] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  923.802880][ T7477] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  923.816248][ T7477] usb 3-1: New USB device found, idVendor=0af0, idProduct=6751, bcdDevice=75.8b
[  923.829153][ T7477] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  924.135760][ T7477] usb 3-1: config 0 descriptor??
[  924.141849][T10020] FAULT_INJECTION: forcing a failure.
[  924.141849][T10020] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  924.155534][T10020] CPU: 0 UID: 0 PID: 10020 Comm: syz.0.877 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  924.155695][T10020] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  924.155782][T10020] Call Trace:
[  924.155834][T10020]  <TASK>
[  924.155888][T10020]  __dump_stack+0x26/0x30
[  924.156066][T10020]  dump_stack_lvl+0x1df/0x270
[  924.156245][T10020]  dump_stack+0x1e/0x25
[  924.156409][T10020]  should_fail_ex+0x7dc/0x8a0
[  924.156625][T10020]  should_fail+0x2a/0x40
[  924.156815][T10020]  should_fail_usercopy+0x2e/0x40
[  924.156955][T10020]  _copy_from_user+0x33/0x100
[  924.157154][T10020]  ___sys_sendmsg+0x11b/0x3b0
[  924.157324][T10020]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  924.157506][T10020]  ? __rcu_read_unlock+0x6d/0xd0
[  924.157663][T10020]  ? __fget_files+0x3b4/0x4a0
[  924.157825][T10020]  ? __fget_files+0x3b9/0x4a0
[  924.158000][T10020]  ? kmsan_get_metadata+0xfb/0x160
[  924.158158][T10020]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  924.158356][T10020]  __x64_sys_sendmsg+0x211/0x3e0
[  924.158526][T10020]  ? fput+0x113/0x160
[  924.158692][T10020]  ? kmsan_get_metadata+0xfb/0x160
[  924.158830][T10020]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  924.158987][T10020]  ? kmsan_get_metadata+0xfb/0x160
[  924.159150][T10020]  x64_sys_call+0x32fb/0x3db0
[  924.159342][T10020]  do_syscall_64+0xd9/0x210
[  924.159509][T10020]  ? irqentry_exit+0x16/0x60
[  924.159635][T10020]  ? clear_bhb_loop+0x40/0x90
[  924.159795][T10020]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  924.159948][T10020] RIP: 0033:0x7fbf4918e9a9
[  924.160053][T10020] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  924.160186][T10020] RSP: 002b:00007fbf4a0b5038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  924.160322][T10020] RAX: ffffffffffffffda RBX: 00007fbf493b5fa0 RCX: 00007fbf4918e9a9
[  924.160447][T10020] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000000003
[  924.160538][T10020] RBP: 00007fbf4a0b5090 R08: 0000000000000000 R09: 0000000000000000
[  924.160623][T10020] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  924.160707][T10020] R13: 0000000000000000 R14: 00007fbf493b5fa0 R15: 00007ffe2912a038
[  924.160836][T10020]  </TASK>
[  924.169493][ T7477] hso 3-1:0.0: Can't find BULK IN endpoint
[  924.448037][T10015] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  924.457578][T10015] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  925.176366][T10021] loop4: detected capacity change from 0 to 4096
[  925.391757][T10032] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  925.429976][   T30] audit: type=1800 audit(1753335373.885:23): pid=10021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.878" name="file1" dev="loop4" ino=15 res=0 errno=0
[  925.499770][ T9409] vivid-000: kernel_thread() failed
[  925.549736][ T5873] usb 3-1: USB disconnect, device number 14
[  925.705728][T10025] loop9: detected capacity change from 0 to 4096
[  926.203606][T10039] netlink: 8 bytes leftover after parsing attributes in process `syz.0.884'.
[  926.360723][ T1876] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  926.615222][ T1876] usb 3-1: unable to get BOS descriptor or descriptor too short
[  926.673661][ T1876] usb 3-1: config 255 has an invalid interface number: 70 but max is 0
[  926.686029][ T1876] usb 3-1: config 255 has no interface number 0
[  926.694367][ T1876] usb 3-1: config 255 interface 70 altsetting 255 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  926.708870][ T1876] usb 3-1: config 255 interface 70 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  926.719601][ T1876] usb 3-1: config 255 interface 70 has no altsetting 0
[  926.985155][ T1876] usb 3-1: New USB device found, idVendor=07c0, idProduct=1503, bcdDevice=c9.d1
[  926.998589][ T1876] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  927.011153][ T1876] usb 3-1: Product: syz
[  927.015616][ T1876] usb 3-1: Manufacturer: syz
[  927.020797][ T1876] usb 3-1: SerialNumber: syz
[  927.757205][ T1876] cdc_acm 3-1:255.70: Zero length descriptor references
[  927.764670][ T1876] cdc_acm 3-1:255.70: probe with driver cdc_acm failed with error -22
[  927.785221][ T1876] iowarrior 3-1:255.70: no interrupt-in endpoint found
[  927.824794][T10054] loop0: detected capacity change from 0 to 64
[  927.901652][ T7477] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  927.924477][ T1876] usb 3-1: USB disconnect, device number 15
[  928.107980][ T7477] usb 5-1: Using ep0 maxpacket: 16
[  928.173195][ T7477] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  928.187548][ T7477] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  928.198585][ T7477] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  928.212110][ T7477] usb 5-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  928.225003][ T7477] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  928.251928][T10056] loop9: detected capacity change from 0 to 256
[  928.301390][T10056] exfat: Deprecated parameter 'utf8'
[  928.307122][T10056] exfat: Deprecated parameter 'utf8'
[  928.440723][ T7477] usb 5-1: config 0 descriptor??
[  928.546386][T10056] exFAT-fs (loop9): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  928.868112][T10049] loop4: detected capacity change from 0 to 128
[  929.376547][T10060] loop0: detected capacity change from 0 to 8
[  929.488461][T10060] squashfs: Unknown parameter '���'
[  929.953513][ T1876] usb 10-1: new full-speed USB device number 14 using dummy_hcd
[  930.265043][ T1876] usb 10-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  930.279625][ T1876] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  930.291153][ T1876] usb 10-1: Product: syz
[  930.295702][ T1876] usb 10-1: Manufacturer: syz
[  930.301242][ T1876] usb 10-1: SerialNumber: syz
[  930.514621][ T1876] usb 10-1: config 0 descriptor??
[  930.550812][ T7477] usbhid 5-1:0.0: can't add hid device: -71
[  930.557681][ T7477] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  930.623348][ T7477] usb 5-1: USB disconnect, device number 4
[  930.793503][T10069] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  930.803317][T10069] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  930.924387][ T1876] usb 10-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  931.244580][   T96] block nbd0: Possible stuck request ffff888107dc0000: control (read@0,4096B). Runtime 60 seconds
[  931.791032][ T9409] vivid-000: kernel_thread() failed
[  931.882264][T10075] loop4: detected capacity change from 0 to 4096
[  932.173632][T10079] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  932.254947][   T30] audit: type=1800 audit(1753335380.695:24): pid=10075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.895" name="file1" dev="loop4" ino=15 res=0 errno=0
[  932.563326][ T1876] dvb_usb_rtl28xxu 10-1:0.0: probe with driver dvb_usb_rtl28xxu failed with error -71
[  932.595776][ T1876] usb 10-1: USB disconnect, device number 14
[  932.759214][T10084] netlink: 8 bytes leftover after parsing attributes in process `syz.0.898'.
[  933.800787][T10093] loop4: detected capacity change from 0 to 64
[  934.550553][ T1876] usb 10-1: new high-speed USB device number 15 using dummy_hcd
[  934.922897][ T1876] usb 10-1: unable to get BOS descriptor or descriptor too short
[  934.975047][ T1876] usb 10-1: config 255 has an invalid interface number: 70 but max is 0
[  934.987439][ T1876] usb 10-1: config 255 has no interface number 0
[  934.998761][ T1876] usb 10-1: config 255 interface 70 altsetting 255 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  935.010765][ T1876] usb 10-1: config 255 interface 70 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  935.024426][ T1876] usb 10-1: config 255 interface 70 has no altsetting 0
[  935.157618][ T1876] usb 10-1: New USB device found, idVendor=07c0, idProduct=1503, bcdDevice=c9.d1
[  935.167573][ T1876] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  935.179699][ T1876] usb 10-1: Product: syz
[  935.187732][ T1876] usb 10-1: Manufacturer: syz
[  935.193953][ T1876] usb 10-1: SerialNumber: syz
[  935.355727][ T7477] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  935.538040][ T1876] cdc_acm 10-1:255.70: Zero length descriptor references
[  935.545934][ T1876] cdc_acm 10-1:255.70: probe with driver cdc_acm failed with error -22
[  935.565808][ T1876] iowarrior 10-1:255.70: no interrupt-in endpoint found
[  935.602720][ T7477] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  935.613433][ T7477] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  935.717241][ T7477] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  935.727398][ T7477] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  935.735842][ T7477] usb 4-1: Product: syz
[  935.740393][ T7477] usb 4-1: Manufacturer: syz
[  935.745260][ T7477] usb 4-1: SerialNumber: syz
[  935.766346][ T1876] usb 10-1: USB disconnect, device number 15
[  935.958853][ T7477] cdc_acm 4-1:1.0: probe with driver cdc_acm failed with error -22
[  936.090771][T10109] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  936.098351][T10109] overlayfs: failed to set xattr on upper
[  936.108087][T10109] overlayfs: ...falling back to redirect_dir=nofollow.
[  936.116832][T10109] overlayfs: ...falling back to index=off.
[  936.123096][T10109] overlayfs: ...falling back to uuid=null.
[  936.244164][T10102] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  936.329106][ T7477] usb 4-1: USB disconnect, device number 13
[  936.566722][T10112] loop0: detected capacity change from 0 to 8
[  936.619933][T10112] squashfs: Unknown parameter '���'
[  936.762896][T10113] loop2: detected capacity change from 0 to 4096
[  936.940467][T10119] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  937.071061][   T30] audit: type=1800 audit(1753335385.495:25): pid=10113 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.909" name="file1" dev="loop2" ino=15 res=0 errno=0
[  937.314182][ T9409] vivid-000: kernel_thread() failed
[  937.479801][T10120] loop4: detected capacity change from 0 to 2048
[  937.671792][T10126] netlink: 8 bytes leftover after parsing attributes in process `syz.3.913'.
[  937.682469][T10128] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  937.790960][ T1876] usb 10-1: new high-speed USB device number 16 using dummy_hcd
[  937.793523][T10120] NILFS error (device loop4): nilfs_bmap_lookup_at_level: broken bmap (inode number=6)
[  938.024132][T10120] Remounting filesystem read-only
[  938.041836][ T1876] usb 10-1: config 0 has an invalid interface number: 106 but max is 0
[  938.056822][ T1876] usb 10-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  938.068893][ T1876] usb 10-1: config 0 has no interface number 0
[  938.075548][ T1876] usb 10-1: config 0 interface 106 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 43
[  938.088941][ T1876] usb 10-1: config 0 interface 106 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 6
[  938.102633][ T1876] usb 10-1: New USB device found, idVendor=13b1, idProduct=0042, bcdDevice=df.bb
[  938.115143][ T1876] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  938.433758][ T1876] usb 10-1: config 0 descriptor??
[  938.446106][T10124] raw-gadget.0 gadget.9: fail, usb_ep_enable returned -22
[  938.534741][T10136] loop2: detected capacity change from 0 to 64
[  938.605982][ T1876] usb 10-1: Warning: ath10k USB support is incomplete, don't expect anything to work!
[  938.769584][ T7317] usb 10-1: Failed to submit usb control message: -71
[  938.780164][ T7317] usb 10-1: unable to send the bmi data to the device: -71
[  938.787798][ T7317] usb 10-1: unable to get target info from device
[  938.794944][ T7317] usb 10-1: could not get target info (-71)
[  938.804293][ T7317] usb 10-1: could not probe fw (-71)
[  938.845389][ T1876] usb 10-1: USB disconnect, device number 16
[  939.332143][T10141] netlink: 16 bytes leftover after parsing attributes in process `syz.3.916'.
[  939.440698][ T9524] NILFS (loop4): disposed unprocessed dirty file(s) when detaching log writer
[  940.077582][T10148] FAULT_INJECTION: forcing a failure.
[  940.077582][T10148] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  940.094778][T10148] CPU: 0 UID: 0 PID: 10148 Comm: syz.9.919 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  940.094945][T10148] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  940.095033][T10148] Call Trace:
[  940.095087][T10148]  <TASK>
[  940.095139][T10148]  __dump_stack+0x26/0x30
[  940.095321][T10148]  dump_stack_lvl+0x1df/0x270
[  940.095510][T10148]  dump_stack+0x1e/0x25
[  940.095671][T10148]  should_fail_ex+0x7dc/0x8a0
[  940.095936][T10148]  should_fail+0x2a/0x40
[  940.096126][T10148]  should_fail_usercopy+0x2e/0x40
[  940.096271][T10148]  _copy_from_iter+0x1ba/0x3350
[  940.096457][T10148]  ? kmsan_get_metadata+0xfb/0x160
[  940.096613][T10148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  940.096803][T10148]  ? kmsan_get_metadata+0xfb/0x160
[  940.096965][T10148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  940.097167][T10148]  netlink_sendmsg+0xc64/0x1250
[  940.097371][T10148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  940.097540][T10148]  ? __pfx_netlink_sendmsg+0x10/0x10
[  940.097710][T10148]  __sock_sendmsg+0x333/0x3d0
[  940.097915][T10148]  ____sys_sendmsg+0x7e0/0xd80
[  940.098117][T10148]  ___sys_sendmsg+0x271/0x3b0
[  940.098323][T10148]  ? __rcu_read_unlock+0x6d/0xd0
[  940.098478][T10148]  ? __fget_files+0x3b4/0x4a0
[  940.098643][T10148]  ? __fget_files+0x3b9/0x4a0
[  940.098816][T10148]  ? kmsan_get_metadata+0xfb/0x160
[  940.098979][T10148]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  940.099149][T10148]  __x64_sys_sendmsg+0x211/0x3e0
[  940.099334][T10148]  ? kmsan_get_metadata+0xfb/0x160
[  940.099509][T10148]  x64_sys_call+0x32fb/0x3db0
[  940.099698][T10148]  do_syscall_64+0xd9/0x210
[  940.099851][T10148]  ? irqentry_exit+0x16/0x60
[  940.099992][T10148]  ? clear_bhb_loop+0x40/0x90
[  940.100149][T10148]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  940.100303][T10148] RIP: 0033:0x7ff29a78e9a9
[  940.100410][T10148] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  940.100539][T10148] RSP: 002b:00007ff29b543038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  940.100678][T10148] RAX: ffffffffffffffda RBX: 00007ff29a9b5fa0 RCX: 00007ff29a78e9a9
[  940.100782][T10148] RDX: 0000000000000000 RSI: 0000200000000040 RDI: 0000000000000006
[  940.100876][T10148] RBP: 00007ff29b543090 R08: 0000000000000000 R09: 0000000000000000
[  940.100974][T10148] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  940.101061][T10148] R13: 0000000000000000 R14: 00007ff29a9b5fa0 R15: 00007ffe387a69a8
[  940.101188][T10148]  </TASK>
[  940.520950][ T7477] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  940.781708][ T7477] usb 4-1: unable to get BOS descriptor or descriptor too short
[  940.838543][ T7477] usb 4-1: config 255 has an invalid interface number: 70 but max is 0
[  940.847945][ T7477] usb 4-1: config 255 has no interface number 0
[  940.854614][ T7477] usb 4-1: config 255 interface 70 altsetting 255 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  940.866894][ T7477] usb 4-1: config 255 interface 70 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  940.877527][ T7477] usb 4-1: config 255 interface 70 has no altsetting 0
[  940.948434][T10152] trusted_key: encrypted_key: keylen for the ecryptfs format must be equal to 64 bytes
[  941.098691][ T7477] usb 4-1: New USB device found, idVendor=07c0, idProduct=1503, bcdDevice=c9.d1
[  941.108721][ T7477] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.117167][ T7477] usb 4-1: Product: syz
[  941.125430][ T7477] usb 4-1: Manufacturer: syz
[  941.132033][ T7477] usb 4-1: SerialNumber: syz
[  941.504521][ T1876] usb 10-1: new high-speed USB device number 17 using dummy_hcd
[  941.507516][ T7477] cdc_acm 4-1:255.70: Zero length descriptor references
[  941.519780][ T7477] cdc_acm 4-1:255.70: probe with driver cdc_acm failed with error -22
[  941.534770][ T7477] iowarrior 4-1:255.70: no interrupt-in endpoint found
[  941.663055][T10155] netlink: 60 bytes leftover after parsing attributes in process `syz.4.922'.
[  941.697515][ T7477] usb 4-1: USB disconnect, device number 14
[  941.777483][ T1876] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  941.788502][ T1876] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  941.874739][T10155] loop4: detected capacity change from 0 to 1024
[  941.883906][ T1876] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  941.896624][ T1876] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  941.908310][ T1876] usb 10-1: Product: syz
[  941.913839][ T1876] usb 10-1: Manufacturer: syz
[  941.918807][ T1876] usb 10-1: SerialNumber: syz
[  941.928208][ T9409] vivid-000: kernel_thread() failed
[  941.954181][T10155] ext3: Unknown parameter 'noacl'
[  942.076324][ T1876] cdc_acm 10-1:1.0: probe with driver cdc_acm failed with error -22
[  942.291426][T10156] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  942.323542][ T1876] usb 10-1: USB disconnect, device number 17
[  943.013320][T10165] loop2: detected capacity change from 0 to 4096
[  943.289241][T10174] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  943.383362][   T30] audit: type=1800 audit(1753335391.845:26): pid=10165 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.925" name="file1" dev="loop2" ino=15 res=0 errno=0
[  943.766329][T10179] FAULT_INJECTION: forcing a failure.
[  943.766329][T10179] name failslab, interval 1, probability 0, space 0, times 0
[  943.783280][T10179] CPU: 0 UID: 0 PID: 10179 Comm: syz.9.929 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  943.783444][T10179] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  943.783535][T10179] Call Trace:
[  943.783588][T10179]  <TASK>
[  943.783638][T10179]  __dump_stack+0x26/0x30
[  943.783830][T10179]  dump_stack_lvl+0x1df/0x270
[  943.784011][T10179]  dump_stack+0x1e/0x25
[  943.784173][T10179]  should_fail_ex+0x7dc/0x8a0
[  943.784396][T10179]  should_failslab+0x15b/0x200
[  943.784565][T10179]  __kmalloc_noprof+0x182/0x1310
[  943.784742][T10179]  ? tomoyo_encode+0x626/0xa10
[  943.784949][T10179]  ? kmsan_get_metadata+0xfb/0x160
[  943.785107][T10179]  ? kmsan_get_metadata+0xfb/0x160
[  943.785279][T10179]  tomoyo_encode+0x626/0xa10
[  943.785514][T10179]  tomoyo_mount_permission+0x3c7/0xfe0
[  943.785747][T10179]  ? user_path_at+0x32d/0x3d0
[  943.785969][T10179]  ? __msan_warning+0x1b/0x30
[  943.786132][T10179]  ? kmsan_get_metadata+0xfb/0x160
[  943.786285][T10179]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  943.786524][T10179]  tomoyo_sb_mount+0x4e/0x70
[  943.786680][T10179]  security_sb_mount+0x169/0x630
[  943.786899][T10179]  path_mount+0x103/0x1e90
[  943.787058][T10179]  ? user_path_at+0x32d/0x3d0
[  943.787266][T10179]  __se_sys_mount+0x6eb/0x7d0
[  943.787429][T10179]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  943.787666][T10179]  __x64_sys_mount+0xe4/0x150
[  943.787846][T10179]  x64_sys_call+0xfa7/0x3db0
[  943.788034][T10179]  do_syscall_64+0xd9/0x210
[  943.788194][T10179]  ? irqentry_exit+0x16/0x60
[  943.788332][T10179]  ? clear_bhb_loop+0x40/0x90
[  943.788487][T10179]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  943.788642][T10179] RIP: 0033:0x7ff29a78e9a9
[  943.788751][T10179] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  943.788895][T10179] RSP: 002b:00007ff29b543038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  943.789036][T10179] RAX: ffffffffffffffda RBX: 00007ff29a9b5fa0 RCX: 00007ff29a78e9a9
[  943.789141][T10179] RDX: 0000200000000180 RSI: 0000200000000000 RDI: 0000000000000000
[  943.789243][T10179] RBP: 00007ff29b543090 R08: 0000200000019200 R09: 0000000000000000
[  943.789348][T10179] R10: 0000000000800000 R11: 0000000000000246 R12: 0000000000000001
[  943.789440][T10179] R13: 0000000000000000 R14: 00007ff29a9b5fa0 R15: 00007ffe387a69a8
[  943.789573][T10179]  </TASK>
[  944.258277][T10180] netlink: 16 bytes leftover after parsing attributes in process `syz.3.930'.
[  944.836105][T10187] FAULT_INJECTION: forcing a failure.
[  944.836105][T10187] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  944.853293][T10187] CPU: 0 UID: 0 PID: 10187 Comm: syz.9.934 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  944.853450][T10187] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  944.853538][T10187] Call Trace:
[  944.853591][T10187]  <TASK>
[  944.853645][T10187]  __dump_stack+0x26/0x30
[  944.853831][T10187]  dump_stack_lvl+0x1df/0x270
[  944.854019][T10187]  dump_stack+0x1e/0x25
[  944.854182][T10187]  should_fail_ex+0x7dc/0x8a0
[  944.854406][T10187]  should_fail+0x2a/0x40
[  944.854594][T10187]  should_fail_usercopy+0x2e/0x40
[  944.854739][T10187]  _copy_from_user+0x33/0x100
[  944.854940][T10187]  ___sys_sendmsg+0x11b/0x3b0
[  944.855119][T10187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  944.855296][T10187]  ? __rcu_read_unlock+0x6d/0xd0
[  944.855444][T10187]  ? __fget_files+0x3b4/0x4a0
[  944.855609][T10187]  ? __fget_files+0x3b9/0x4a0
[  944.855789][T10187]  ? kmsan_get_metadata+0xfb/0x160
[  944.855943][T10187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  944.856118][T10187]  __x64_sys_sendmsg+0x211/0x3e0
[  944.856286][T10187]  ? fput+0x113/0x160
[  944.856482][T10187]  ? kmsan_get_metadata+0xfb/0x160
[  944.856638][T10187]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  944.856803][T10187]  ? kmsan_get_metadata+0xfb/0x160
[  944.856977][T10187]  x64_sys_call+0x32fb/0x3db0
[  944.857169][T10187]  do_syscall_64+0xd9/0x210
[  944.857327][T10187]  ? irqentry_exit+0x16/0x60
[  944.857462][T10187]  ? clear_bhb_loop+0x40/0x90
[  944.857624][T10187]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  944.857785][T10187] RIP: 0033:0x7ff29a78e9a9
[  944.857895][T10187] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  944.858024][T10187] RSP: 002b:00007ff29b543038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  944.858166][T10187] RAX: ffffffffffffffda RBX: 00007ff29a9b5fa0 RCX: 00007ff29a78e9a9
[  944.858273][T10187] RDX: 0000000000000000 RSI: 0000200000000280 RDI: 0000000000000003
[  944.858367][T10187] RBP: 00007ff29b543090 R08: 0000000000000000 R09: 0000000000000000
[  944.858461][T10187] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  944.858547][T10187] R13: 0000000000000000 R14: 00007ff29a9b5fa0 R15: 00007ffe387a69a8
[  944.858679][T10187]  </TASK>
[  945.407933][T10189] loop3: detected capacity change from 0 to 512
[  945.483692][T10189] EXT4-fs (loop3): couldn't mount as ext3 due to feature incompatibilities
[  945.668176][T10189] overlayfs: invalid origin (00000000d1d3e81a820eee8a94416592a5356da96db48150eae08457fbc30ece5e7e7e318cb2b4b2f8bddb73e65c239a40942f00000000000000000000000000)
[  945.765956][T10196] loop3: detected capacity change from 0 to 128
[  945.793684][T10195] openvswitch: netlink: IP tunnel TTL not specified.
[  945.818680][T10196] msdos: Unknown parameter 'nodot'
[  945.836888][ T1716] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  946.046064][ T1716] usb 5-1: unable to get BOS descriptor or descriptor too short
[  946.074977][ T1716] usb 5-1: config 255 has an invalid interface number: 70 but max is 0
[  946.083972][ T1716] usb 5-1: config 255 has no interface number 0
[  946.091239][ T1716] usb 5-1: config 255 interface 70 altsetting 255 endpoint 0x5 has an invalid bInterval 0, changing to 7
[  946.105553][ T1716] usb 5-1: config 255 interface 70 altsetting 255 endpoint 0x5 has invalid wMaxPacketSize 0
[  946.117131][ T1716] usb 5-1: config 255 interface 70 has no altsetting 0
[  946.156511][T10189] fuse: Unknown parameter '�\ÐN�-t+/���R�b1�d-8�ueg�h>�ĥX�J:zj'
[  946.232853][ T1716] usb 5-1: New USB device found, idVendor=07c0, idProduct=1503, bcdDevice=c9.d1
[  946.245911][ T1716] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  946.255908][ T1716] usb 5-1: Product: syz
[  946.260476][ T1716] usb 5-1: Manufacturer: syz
[  946.265345][ T1716] usb 5-1: SerialNumber: syz
[  946.494024][ T9409] vivid-000: kernel_thread() failed
[  946.670063][ T1716] cdc_acm 5-1:255.70: Zero length descriptor references
[  946.677861][ T1716] cdc_acm 5-1:255.70: probe with driver cdc_acm failed with error -22
[  946.694361][ T1716] iowarrior 5-1:255.70: no interrupt-in endpoint found
[  946.825705][ T1716] usb 5-1: USB disconnect, device number 5
[  946.980855][ T7477] usb 10-1: new high-speed USB device number 18 using dummy_hcd
[  947.149920][ T7477] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  947.161495][ T7477] usb 10-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  947.283690][ T7477] usb 10-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  947.293737][ T7477] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  947.302274][ T7477] usb 10-1: Product: syz
[  947.306798][ T7477] usb 10-1: Manufacturer: syz
[  947.311989][ T7477] usb 10-1: SerialNumber: syz
[  947.466346][ T7477] cdc_acm 10-1:1.0: probe with driver cdc_acm failed with error -22
[  947.756410][T10201] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  947.828558][ T1876] usb 10-1: USB disconnect, device number 18
[  947.868222][T10212] FAULT_INJECTION: forcing a failure.
[  947.868222][T10212] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  947.885618][T10212] CPU: 1 UID: 0 PID: 10212 Comm: syz.0.942 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  947.885778][T10212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  947.885866][T10212] Call Trace:
[  947.885918][T10212]  <TASK>
[  947.885971][T10212]  __dump_stack+0x26/0x30
[  947.886135][T10212]  dump_stack_lvl+0x1df/0x270
[  947.886325][T10212]  dump_stack+0x1e/0x25
[  947.886481][T10212]  should_fail_ex+0x7dc/0x8a0
[  947.886694][T10212]  should_fail+0x2a/0x40
[  947.886879][T10212]  should_fail_usercopy+0x2e/0x40
[  947.887018][T10212]  _copy_from_user+0x33/0x100
[  947.887224][T10212]  vt_ioctl+0x19a3/0x3130
[  947.887408][T10212]  ? do_vfs_ioctl+0x17c3/0x3720
[  947.887557][T10212]  ? vt_ioctl+0x1/0x3130
[  947.887733][T10212]  ? __pfx_vt_ioctl+0x10/0x10
[  947.887921][T10212]  tty_ioctl+0xcbc/0x19e0
[  947.888078][T10212]  ? kmsan_get_metadata+0xfb/0x160
[  947.888253][T10212]  ? __pfx_tty_ioctl+0x10/0x10
[  947.888403][T10212]  __se_sys_ioctl+0x23c/0x400
[  947.888619][T10212]  __x64_sys_ioctl+0x97/0xe0
[  947.888821][T10212]  x64_sys_call+0x1ebe/0x3db0
[  947.889009][T10212]  do_syscall_64+0xd9/0x210
[  947.889164][T10212]  ? irqentry_exit+0x16/0x60
[  947.889310][T10212]  ? clear_bhb_loop+0x40/0x90
[  947.889467][T10212]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  947.889621][T10212] RIP: 0033:0x7fbf4918e9a9
[  947.889730][T10212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  947.889860][T10212] RSP: 002b:00007fbf4a0b5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  947.889995][T10212] RAX: ffffffffffffffda RBX: 00007fbf493b5fa0 RCX: 00007fbf4918e9a9
[  947.890101][T10212] RDX: 0000200000000040 RSI: 0000000000004b67 RDI: 0000000000000003
[  947.890205][T10212] RBP: 00007fbf4a0b5090 R08: 0000000000000000 R09: 0000000000000000
[  947.890292][T10212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  947.890380][T10212] R13: 0000000000000000 R14: 00007fbf493b5fa0 R15: 00007ffe2912a038
[  947.890509][T10212]  </TASK>
[  948.866394][T10213] loop2: detected capacity change from 0 to 4096
[  949.028540][T10226] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  949.129482][T10227] loop9: detected capacity change from 0 to 8
[  949.184163][   T30] audit: type=1800 audit(1753335397.605:27): pid=10213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.943" name="file1" dev="loop2" ino=15 res=0 errno=0
[  949.228825][T10227] unable to read id index table
[  949.583337][T10229] loop3: detected capacity change from 0 to 1024
[  950.278592][T10239] sg_write: data in/out 768/72 bytes for SCSI command 0x0-- guessing data in;
[  950.278592][T10239]    program syz.4.953 not setting count and/or reply_len properly
[  950.299119][T10239] FAULT_INJECTION: forcing a failure.
[  950.299119][T10239] name failslab, interval 1, probability 0, space 0, times 0
[  950.316303][T10239] CPU: 0 UID: 0 PID: 10239 Comm: syz.4.953 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  950.316468][T10239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  950.316554][T10239] Call Trace:
[  950.316608][T10239]  <TASK>
[  950.316658][T10239]  __dump_stack+0x26/0x30
[  950.316840][T10239]  dump_stack_lvl+0x1df/0x270
[  950.317026][T10239]  dump_stack+0x1e/0x25
[  950.317188][T10239]  should_fail_ex+0x7dc/0x8a0
[  950.317420][T10239]  should_failslab+0x15b/0x200
[  950.317587][T10239]  __kmalloc_noprof+0x182/0x1310
[  950.317759][T10239]  ? bio_kmalloc+0x75/0xa0
[  950.317946][T10239]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  950.318180][T10239]  bio_kmalloc+0x75/0xa0
[  950.318364][T10239]  blk_rq_map_user_iov+0xb09/0x3600
[  950.318516][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.318714][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.318901][T10239]  blk_rq_map_user_io+0x2d2/0x490
[  950.319055][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.319219][T10239]  ? kmsan_internal_set_shadow_origin+0x79/0x110
[  950.319441][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.319601][T10239]  sg_common_write+0x19ae/0x1e00
[  950.319850][T10239]  sg_write+0x17c9/0x1ab0
[  950.320049][T10239]  ? common_file_perm+0x33f/0x400
[  950.320258][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.320409][T10239]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  950.320575][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.320730][T10239]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  950.320892][T10239]  ? __pfx_sg_write+0x10/0x10
[  950.321056][T10239]  vfs_writev+0xb31/0x1500
[  950.321246][T10239]  ? __pfx_sg_write+0x10/0x10
[  950.321448][T10239]  ? kmsan_get_metadata+0xfb/0x160
[  950.321599][T10239]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  950.321770][T10239]  do_writev+0x1b5/0x580
[  950.321965][T10239]  __x64_sys_writev+0x99/0xf0
[  950.322137][T10239]  x64_sys_call+0x269a/0x3db0
[  950.322337][T10239]  do_syscall_64+0xd9/0x210
[  950.322493][T10239]  ? irqentry_exit+0x16/0x60
[  950.322629][T10239]  ? clear_bhb_loop+0x40/0x90
[  950.322785][T10239]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  950.322939][T10239] RIP: 0033:0x7f430118e9a9
[  950.323048][T10239] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  950.323177][T10239] RSP: 002b:00007f430205a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[  950.323330][T10239] RAX: ffffffffffffffda RBX: 00007f43013b5fa0 RCX: 00007f430118e9a9
[  950.323437][T10239] RDX: 0000000000000002 RSI: 0000200000000400 RDI: 0000000000000003
[  950.323530][T10239] RBP: 00007f430205a090 R08: 0000000000000000 R09: 0000000000000000
[  950.323622][T10239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  950.323711][T10239] R13: 0000000000000000 R14: 00007f43013b5fa0 R15: 00007ffef3b91d08
[  950.323844][T10239]  </TASK>
[  951.046410][T10241] loop2: detected capacity change from 0 to 1024
[  951.164213][T10249] loop9: detected capacity change from 0 to 24
[  951.248120][T10249] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  951.287338][T10241] FAULT_INJECTION: forcing a failure.
[  951.287338][T10241] name failslab, interval 1, probability 0, space 0, times 0
[  951.304177][T10241] CPU: 0 UID: 0 PID: 10241 Comm: syz.2.952 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  951.304337][T10241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  951.304425][T10241] Call Trace:
[  951.304477][T10241]  <TASK>
[  951.304532][T10241]  __dump_stack+0x26/0x30
[  951.304706][T10241]  dump_stack_lvl+0x1df/0x270
[  951.304877][T10241]  dump_stack+0x1e/0x25
[  951.305028][T10241]  should_fail_ex+0x7dc/0x8a0
[  951.305251][T10241]  should_failslab+0x15b/0x200
[  951.305419][T10241]  __kmalloc_noprof+0x182/0x1310
[  951.305591][T10241]  ? tomoyo_encode+0x626/0xa10
[  951.305788][T10241]  ? prepend_path+0xff2/0x10c0
[  951.305962][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  951.306115][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  951.306289][T10241]  tomoyo_encode+0x626/0xa10
[  951.306522][T10241]  tomoyo_realpath_from_path+0x92e/0x9f0
[  951.306770][T10241]  tomoyo_path_perm+0x249/0x9a0
[  951.307007][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  951.307156][T10241]  ? kmsan_report+0x280/0x320
[  951.307308][T10241]  tomoyo_path_rmdir+0x98/0xe0
[  951.307467][T10241]  security_path_rmdir+0x1f2/0x600
[  951.307623][T10241]  do_rmdir+0x644/0xf30
[  951.307767][T10241]  ? getname_flags+0x5f4/0xac0
[  951.307965][T10241]  __x64_sys_rmdir+0x71/0xb0
[  951.308116][T10241]  x64_sys_call+0x353f/0x3db0
[  951.308305][T10241]  do_syscall_64+0xd9/0x210
[  951.308466][T10241]  ? irqentry_exit+0x16/0x60
[  951.308601][T10241]  ? clear_bhb_loop+0x40/0x90
[  951.308765][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.308931][T10241] RIP: 0033:0x7f2b2098e9a9
[  951.309040][T10241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  951.309171][T10241] RSP: 002b:00007f2b217b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  951.309311][T10241] RAX: ffffffffffffffda RBX: 00007f2b20bb5fa0 RCX: 00007f2b2098e9a9
[  951.309418][T10241] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000240
[  951.309509][T10241] RBP: 00007f2b217b1090 R08: 0000000000000000 R09: 0000000000000000
[  951.309600][T10241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  951.309688][T10241] R13: 0000000000000000 R14: 00007f2b20bb5fa0 R15: 00007ffd6fc1e708
[  951.309819][T10241]  </TASK>
[  951.309930][T10241] ERROR: Out of memory at tomoyo_realpath_from_path.
[  951.605557][T10241] =====================================================
[  951.613060][T10241] BUG: KMSAN: uninit-value in hfsplus_delete_cat+0x1195/0x13d0
[  951.623911][T10241]  hfsplus_delete_cat+0x1195/0x13d0
[  951.629434][T10241]  hfsplus_rmdir+0x13c/0x310
[  951.637183][T10241]  vfs_rmdir+0x5b6/0x800
[  951.642678][T10241]  do_rmdir+0x87b/0xf30
[  951.647119][T10241]  __x64_sys_rmdir+0x71/0xb0
[  951.655076][T10241]  x64_sys_call+0x353f/0x3db0
[  951.660022][T10241]  do_syscall_64+0xd9/0x210
[  951.665399][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.675269][T10241] 
[  951.677737][T10241] Uninit was stored to memory at:
[  951.688277][T10241]  hfsplus_create_cat+0x18fb/0x1910
[  951.704222][T10241]  hfsplus_mknod+0x208/0x560
[  951.709084][T10241]  hfsplus_mkdir+0x5a/0x80
[  951.722324][T10241]  vfs_mkdir+0x4e7/0x850
[  951.726806][T10241]  do_mkdirat+0x41a/0xf30
[  951.731701][T10241]  __x64_sys_mkdirat+0xc1/0x140
[  951.739602][T10241]  x64_sys_call+0x370b/0x3db0
[  951.748514][T10241]  do_syscall_64+0xd9/0x210
[  951.753497][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.759630][T10241] 
[  951.762321][T10241] Uninit was stored to memory at:
[  951.767754][T10241]  hfsplus_create_cat+0x18fb/0x1910
[  951.780025][T10241]  hfsplus_fill_super+0x212e/0x2740
[  951.786931][T10241]  get_tree_bdev_flags+0x6e6/0x920
[  951.792468][T10241]  get_tree_bdev+0x38/0x50
[  951.797195][T10241]  hfsplus_get_tree+0x35/0x40
[  951.805139][T10241]  vfs_get_tree+0xb3/0x5c0
[  951.809789][T10241]  do_new_mount+0x738/0x1610
[  951.814806][T10241]  path_mount+0x6db/0x1e90
[  951.819496][T10241]  __se_sys_mount+0x6eb/0x7d0
[  951.824622][T10241]  __x64_sys_mount+0xe4/0x150
[  951.829600][T10241]  x64_sys_call+0xfa7/0x3db0
[  951.837593][T10241]  do_syscall_64+0xd9/0x210
[  951.845390][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  951.853877][T10241] 
[  951.856356][T10241] Uninit was created at:
[  951.863957][T10241]  __alloc_frozen_pages_noprof+0x689/0xf00
[  951.870004][T10241]  alloc_pages_mpol+0x328/0x860
[  951.878925][T10241]  alloc_frozen_pages_noprof+0xf7/0x200
[  951.886056][T10241]  allocate_slab+0x24d/0x1220
[  951.893963][T10241]  ___slab_alloc+0xfec/0x3480
[  951.899001][T10241]  kmem_cache_alloc_lru_noprof+0x922/0xed0
[  951.905407][T10241]  hfsplus_alloc_inode+0x5a/0xd0
[  951.910730][T10241]  alloc_inode+0x87/0x4a0
[  951.915355][T10241]  iget_locked+0x239/0x12d0
[  951.920098][T10241]  hfsplus_iget+0x5c/0xb80
[  951.927838][T10241]  hfsplus_btree_open+0x134/0x1d00
[  951.933466][T10241]  hfsplus_fill_super+0x1161/0x2740
[  951.941958][T10241]  get_tree_bdev_flags+0x6e6/0x920
[  951.948257][T10241]  get_tree_bdev+0x38/0x50
[  951.956070][T10241]  hfsplus_get_tree+0x35/0x40
[  951.961241][T10241]  vfs_get_tree+0xb3/0x5c0
[  951.965960][T10241]  do_new_mount+0x738/0x1610
[  951.971031][T10241]  path_mount+0x6db/0x1e90
[  951.980891][T10241]  __se_sys_mount+0x6eb/0x7d0
[  951.982001][T10253] netlink: 'syz.9.957': attribute type 21 has an invalid length.
[  951.985767][T10241]  __x64_sys_mount+0xe4/0x150
[  951.985898][T10241]  x64_sys_call+0xfa7/0x3db0
[  951.986051][T10241]  do_syscall_64+0xd9/0x210
[  951.993972][T10253] netlink: 128 bytes leftover after parsing attributes in process `syz.9.957'.
[  951.994411][T10253] netlink: 'syz.9.957': attribute type 4 has an invalid length.
[  951.994499][T10253] netlink: 3 bytes leftover after parsing attributes in process `syz.9.957'.
[  952.044696][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  952.054718][T10241] 
[  952.057232][T10241] CPU: 0 UID: 0 PID: 10241 Comm: syz.2.952 Not tainted 6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  952.069723][T10241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  952.083754][T10241] =====================================================
[  952.095169][T10241] Disabling lock debugging due to kernel taint
[  952.101740][T10241] Kernel panic - not syncing: kmsan.panic set ...
[  952.108378][T10241] CPU: 0 UID: 0 PID: 10241 Comm: syz.2.952 Tainted: G    B               6.16.0-rc7-syzkaller-00018-g01a412d06bc5 #0 PREEMPT(none) 
[  952.122233][T10241] Tainted: [B]=BAD_PAGE
[  952.126532][T10241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/12/2025
[  952.136791][T10241] Call Trace:
[  952.140233][T10241]  <TASK>
[  952.143318][T10241]  __dump_stack+0x26/0x30
[  952.147908][T10241]  dump_stack_lvl+0x53/0x270
[  952.152749][T10241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  952.158797][T10241]  dump_stack+0x1e/0x25
[  952.163169][T10241]  panic+0x4bd/0xd50
[  952.167335][T10241]  kmsan_report+0x31c/0x320
[  952.172041][T10241]  ? __msan_warning+0x1b/0x30
[  952.176914][T10241]  ? hfsplus_delete_cat+0x1195/0x13d0
[  952.182553][T10241]  ? hfsplus_rmdir+0x13c/0x310
[  952.187520][T10241]  ? vfs_rmdir+0x5b6/0x800
[  952.192131][T10241]  ? do_rmdir+0x87b/0xf30
[  952.196648][T10241]  ? __x64_sys_rmdir+0x71/0xb0
[  952.201605][T10241]  ? x64_sys_call+0x353f/0x3db0
[  952.206695][T10241]  ? do_syscall_64+0xd9/0x210
[  952.211579][T10241]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  952.217866][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  952.223180][T10241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  952.229213][T10241]  ? hfsplus_bnode_dump+0x50a/0x560
[  952.234631][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  952.239951][T10241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  952.245991][T10241]  ? hfsplus_brec_remove+0x92f/0xa60
[  952.251540][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  952.256867][T10241]  __msan_warning+0x1b/0x30
[  952.261555][T10241]  hfsplus_delete_cat+0x1195/0x13d0
[  952.267011][T10241]  ? kmsan_get_shadow_origin_ptr+0x4a/0xb0
[  952.273247][T10241]  ? kmsan_get_metadata+0xfb/0x160
[  952.278616][T10241]  hfsplus_rmdir+0x13c/0x310
[  952.283427][T10241]  ? __pfx_hfsplus_rmdir+0x10/0x10
[  952.288761][T10241]  vfs_rmdir+0x5b6/0x800
[  952.293226][T10241]  do_rmdir+0x87b/0xf30
[  952.297604][T10241]  __x64_sys_rmdir+0x71/0xb0
[  952.302391][T10241]  x64_sys_call+0x353f/0x3db0
[  952.307308][T10241]  do_syscall_64+0xd9/0x210
[  952.312019][T10241]  ? irqentry_exit+0x16/0x60
[  952.316807][T10241]  ? clear_bhb_loop+0x40/0x90
[  952.321696][T10241]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  952.327798][T10241] RIP: 0033:0x7f2b2098e9a9
[  952.332377][T10241] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  952.352214][T10241] RSP: 002b:00007f2b217b1038 EFLAGS: 00000246 ORIG_RAX: 0000000000000054
[  952.360850][T10241] RAX: ffffffffffffffda RBX: 00007f2b20bb5fa0 RCX: 00007f2b2098e9a9
[  952.369027][T10241] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000200000000240
[  952.377197][T10241] RBP: 00007f2b217b1090 R08: 0000000000000000 R09: 0000000000000000
[  952.385343][T10241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  952.393500][T10241] R13: 0000000000000000 R14: 00007f2b20bb5fa0 R15: 00007ffd6fc1e708
[  952.401684][T10241]  </TASK>
[  952.405181][T10241] Kernel Offset: disabled
[  952.409605][T10241] Rebooting in 86400 seconds..