last executing test programs:

17m1.137144077s ago: executing program 3 (id=4):
socket$inet6(0xa, 0x3, 0x1)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, 0x0, 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, 0x0, 0x0)
getpid()
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
accept(r1, 0x0, &(0x7f0000000000))
r2 = socket$key(0xf, 0x3, 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x0, 0x0, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10)
sendmsg$key(r2, &(0x7f00000001c0)={0x40000000, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[@ANYBLOB="02030609100000000000004c9e00fb00020013000200000000000000ff0800ed05000600200000000a0006000000000026b900000000000000001ffeff0001000003f1dc7f7c6e7c02000100000000000040fb020000000005000500000000000a"], 0x80}}, 0x0)

16m56.982539243s ago: executing program 3 (id=8):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000800000006"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
fsopen(&(0x7f0000000280)='ceph\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f00000000c0)='./file4\x00', 0x0, &(0x7f0000000180)={[{@noinline_xattr}, {@four_active_logs}, {@discard}, {@fault_injection={'fault_injection', 0x3d, 0xa0c8}}, {@fault_type={'fault_type', 0x3d, 0x302}}, {@lfs_mode}, {@inline_data}, {@fastboot}, {@fsync_mode_strict}, {@discard_unit_section}]}, 0x21, 0x5548, &(0x7f00000058c0)="$eJzs3E1vG1UXAOBjp2nffrwlQizYdVCFlEi1Vacfgl2BVny2qgosWIFju5Zb2xPFrhu66oIlYsE/QSCxYslvYMGaHWIBYocE8txJoS2VKsWOSfM80vjMvXPnzL2jJNKZiRzAgbWS/f5rJU7G0YhYiogTEcV+pdwKl1J4MSJORUT1H1ul7H/QcTgijkXEyWnylLNSHvryzOT0hV/e+e27H44cOv7Vtz8ubtXAor0cEYPNtH93kGLeTfFW2d+c9Io4OD8pYzowuF228xTvdjaKDHebO+OaRTzXTePzzTujabzZb7amsdu7WfRvDtMFR5PuTp7ihFvNraLd7mwUsTfKi9i9l+a1fS/9bbs3Gqc87TLfp0X6GI93YurvbHfSejZvF7E1HJf9KW/e7mxP46SM5eWilffbxTw2dnOn/9Neeq83vLOdTTpbo14+zC7UG6/UGxdrja283Rl3zteag/bF89lqtz8dVht3moNL3Tzv9jv1Vj5Yy1a7rVat0chWL3c2es3h/Uajfq5+tnZhLUt7Z7I3r32Y9dvZ6jS+3hveGff6o+xmvpWlM9ay9fq5V9ey043s/avXs+s3rly5ev2Djy9/dO21q2+/UQ56bFrZ6vrZ9fVa42xtvbG2uxsw0/Vnc17/Z+WkZ7h+2JXKoicAsP+o/4FFmF/9v3Uj4vH6vzrj+j/U/zOxr+rfg17/z2H9sCvqfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAA+un5a/fKnZWUvt42f//suv5sl2JiGpE/PkvluLwQzmXyjzLTxi//Mgcvq9EkWF6jSPldiwiLpXbH8/N+y4AAADAs+ub+6e+SNV6+lh5qrOOznlW7JH00KZ64pMZ5atExPLKzzPKVp1+vDCjZMXP96HYnlG24gHW/2aULD1yOzSrbE+l+HV/N4UHKylCJYXqo2fMbLUAAMDCLD0U9rYKAQAAYC99/sQjt/d0HuyxSuy8ytx5F1z85/3fL/uOprZXfwAAALB/VRY9AQAAAGDuivrf9/8BAADAsy19/x8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBf7NxNbtpAGAbgz8Yu9E9FVfe9SndwjB6hyy4rDtBLcAR6hV6AM5BdjhBBhMdBISIJxGNQoueR7MGWeT3mZzEz0gcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAECfrurF9N+f73+75qw33eR5GgAAAOCQVb2YNi/G6fhje/5ze+pre1xERBkRh8bug3i3lzloc+pHrq8f9OF/RJOwvcew3T5ExI+0beJL358CAAAAvEnVdreczSdptJ5240v3is5O+A7TpE356WemWxcRUY+vM6WV27xvmcKa33cVvzOlNRNYo0xhacqtypV2lObvvpu1G91ritSUT78/27MDAABnNNhrzjsKAQAA4Jx+XboD9OH9s1cUcbeUuVsKHKZmtBdhsQ8AAABer+LSHQAAAAB614z/T6n/F8fU/6uy1/+LG/X/AAAA4MVS/T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD6tKoX0+VsPumas950k+dpAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALhlf95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN787i//J6bGmWTutbH0PJKsnRpbp8beuXH0h/H1awAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAL/rdL/8npsaZZO60sXQ8kqxdNbauGnsPGkcPxtu/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmf7Q8U1yh4iouBBL3a7ra29iQclePBPEEK6rbFbf7Q52FKEXLxJzr2IHkUEJd76D3jqTWihl3rrYQ8VRPCyMrMz2UkTcGPIzJp8PvDmfXcymfd9MxDynTcJAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURu9M4yTbdCZxXOy79/jWStbff6LP3Nl4sJi1LI7qTPr/4aXqh6jbXCIAAAAcHUlZ34cQHqabS1kfd/L6Py2PyWr+b5+ZxGU9/2TdX/Zl7Z+1X35+9MLWQJ3JONlJL60OB6d3ptI6uFnOt2f/9YhWfuXzZy9JfkPi99efH6X59Yy+vnv33XYeHqsjWwDgvzhV9kVQ/j6U9f0mEwPgyGhVCu+i/v8r6TScFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEANRuvhqTKOQgiLrWmcuf/41spu/Z2NB4tlO3/79kb1nNkp0hDCpdXh4HSNc5l312/cvLI8HA6u1R+8HEJoavS3i+lf+XCGg0No5PocVPD3eDze03cdbz7nfQVxcbNnOLg9Lzk3HzT4QwkAgEMpLVpW1z9MN5eyfdFCCOPvttf/r1XiMGP9/+ij8/eqY1Xr/35tM5x/vbWrn/Wu37j5xurV5cuDy4NP3jzTf6t/9sK5cxd6+bOSnicmAAAA7E+7aNX6P17Yuf5/shKHGev/z7/pfzkd6bd8q/7fabro13QmAAAAR9tzr/z5R7TL/qjdDl8sr61d60+2W5/PTLYNpLpnx4pWrf+ThaazAgAAAOowWo+2rf9frMRhxvX/p79/8cfqOZMQwoli/f/UyqfDi/VNZ67V8efETc8RAACAZp0oWnX9P83f/4+3XnmIQwivvzqJi38DOFP9n7z31Q/VsZLK+/9n65viXIq7k+uR990QWt1tX/61scQAAAA4lI4XLSv2f083lz7+6eQHbe//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANTtnwAAAP//gQBD5A==")
fsetxattr$system_posix_acl(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket(0x10, 0x3, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000280)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x3, 0x2, 0x3, 0x1, 0x0, 0x37}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = socket(0x8, 0x80000, 0x6)
setsockopt$inet_int(r1, 0x0, 0x16, 0x0, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x0, &(0x7f0000000600)={0x2, 0x0, @multicast2}, 0x10)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
fallocate(r2, 0x0, 0x800003d, 0x7ff)
write$binfmt_script(r2, &(0x7f00000000c0), 0xb)
lseek(r2, 0x0, 0x3)

16m50.695617578s ago: executing program 3 (id=16):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x24}}, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), 0x0}, 0x20)
mmap$xdp(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0xf73be4ffb4883c9b, r2, 0x180000000)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000440))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_sigaction(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000002c0))
syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x0, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x2000000000000080, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x200008, 0x8, 0x20000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r6], 0x4c}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2b4}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

16m35.255344888s ago: executing program 32 (id=16):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x20, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18)
socket(0x10, 0x3, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r2 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB], 0x24}}, 0x0)
sendmsg$nl_route(r3, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r4, <r5=>0xffffffffffffffff}, &(0x7f0000000000), 0x0}, 0x20)
mmap$xdp(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x0, 0xf73be4ffb4883c9b, r2, 0x180000000)
fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000440))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x17, 0xc, &(0x7f00000004c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r5}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffffffe}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
rt_sigaction(0x1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0, 0x8, &(0x7f00000002c0))
syz_open_procfs(0x0, &(0x7f0000000000)='stat\x00')
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={0x0}, 0x1, 0x0, 0x0, 0x20004015}, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x0, 0x20000000000000bb, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000756c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb714000008"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x0, 0x2000000000000080, 0x0, 0x0, 0x4, 0x0, 0x0, 0x1f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, &(0x7f0000000340)={0x4, 0x200008, 0x8, 0x20000}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010800000000000000850a600000000000000500000014000500200100000000000000000300000000001c00090008000000", @ANYRES32=r6], 0x4c}}, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000002c0), 0x40000000000009f, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2b4}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0)

14m52.216012237s ago: executing program 5 (id=207):
bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="1b000000000000"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1c, 0xd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
io_setup(0x1, &(0x7f0000000b80))
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r0}, 0x10)
ioctl$KVM_SET_TSS_ADDR(0xffffffffffffffff, 0xae47, 0xd421f70cd2d145b9)
stat(&(0x7f0000000000)='./file0\x00', &(0x7f0000000300))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
r3 = socket$inet(0xa, 0x1, 0x0)
r4 = socket$inet_icmp(0x2, 0x2, 0x1)
recvmmsg(r4, &(0x7f0000001880)=[{{0x0, 0x0, 0x0}, 0x14}], 0x1, 0x40002042, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x0, 0x40, &(0x7f0000000480)=@mangle={'mangle\x00', 0x44, 0x6, 0x418, 0x2b0, 0x2b0, 0x2b0, 0x138, 0x98, 0x380, 0x380, 0x380, 0x380, 0x380, 0x6, 0x0, {[{{@ip={@broadcast, @multicast1=0xe0007600, 0x0, 0x0, 'geneve1\x00', 'ip6gre0\x00'}, 0x0, 0x70, 0x98}, @inet=@DSCP={0x28}}, {{@ip={@initdev={0xac, 0x1e, 0x0, 0x0}, @local, 0x0, 0x0, 'batadv_slave_1\x00', 'veth1_virt_wifi\x00', {}, {}, 0x6}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @local}}}, {{@ip={@broadcast, @multicast2, 0x0, 0x0, 'vlan1\x00', 'nr0\x00'}, 0x0, 0xb0, 0xd8, 0x0, {}, [@common=@unspec=@connlimit={{0x40}}]}, @ECN={0x28}}, {{@ip={@loopback, @multicast2, 0x0, 0x0, 'syzkaller0\x00', 'veth1_to_team\x00'}, 0x0, 0x70, 0xa0}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @empty}}}, {{@ip={@broadcast, @empty, 0x0, 0x0, 'lo\x00', 'batadv_slave_1\x00'}, 0x0, 0xa0, 0xd0, 0x0, {}, [@common=@unspec=@mac={{0x30}, {@multicast}}]}, @TPROXY={0x30, 'TPROXY\x00', 0x0, {0x0, 0x0, @loopback}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28}}}}, 0x478)

14m51.298409424s ago: executing program 5 (id=209):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)={0x0, 0x1c}}, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000440)=[@text64={0x40, &(0x7f0000000180)="66baa000ecc744240011000000c7442402b16e0000ff2c2443f466baf80cb8f2c96789ef66bafc0c66ed0f072e0f01c248b820450000000000000f23d00f21f835000000010f23f8c46289900cabb9f9080000b8c93c0000ba000000000f30c4816857a601000000", 0x68}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

14m50.509589823s ago: executing program 5 (id=213):
creat(&(0x7f0000000040)='./bus\x00', 0x0)
socket$inet(0x2, 0x4000000000000001, 0x0)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b553850000008500"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
socket$vsock_stream(0x28, 0x1, 0x0)
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$tipc(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="fb", 0x1}], 0x1}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

14m49.799142025s ago: executing program 5 (id=215):
socket(0x26, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0xc, 0x0, 0x0, 0x400000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x1, 0x1, 0x7fe2, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18)
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000080)={'syz_tun\x00', <r5=>0x0})
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
sendto$packet(r4, &(0x7f00000000c0)="3f030e03f007120006001e0089e9aaa911d7c2290f0089061327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xb318, 0x0, &(0x7f0000000540)={0x11, 0x0, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

14m46.426002204s ago: executing program 5 (id=221):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0xf, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000020000008500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r1}, 0x10)
bpf$BPF_PROG_QUERY(0x10, &(0x7f0000000480)={@cgroup, 0x1, 0x2000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x40)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10002, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x10)
inotify_init1(0x0)
inotify_init1(0x0)
r7 = fsopen(&(0x7f0000000180)='binder\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r7, 0x6, 0x0, 0x0, 0x0)
r8 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x100, 0x0)
ioctl$LOOP_CTL_REMOVE(r8, 0x4c81, 0x0)

14m44.611907418s ago: executing program 5 (id=224):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0d030000000000000000130000000c00098008000200ffff0000466fc5c28e46e16c41b259d9812aec03f62ceb7467ed25cc833b73bdcdc320d1840ca324d2d4cfa48698cd9c3f8cc06504efa427a9d1df689c3b9cf53cf174f5b31bad2de51ee8695c67c927d2bbb738a3a1c54d9940036fac4d17cdf604464edb08035cd856abfccedac6f48121233e32e0bb97fa2bbe"], 0x20}, 0x1, 0x0, 0x0, 0x14}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0))

14m28.899133898s ago: executing program 33 (id=224):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_NL_MON_PEER_GET(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r6, @ANYBLOB="0d030000000000000000130000000c00098008000200ffff0000466fc5c28e46e16c41b259d9812aec03f62ceb7467ed25cc833b73bdcdc320d1840ca324d2d4cfa48698cd9c3f8cc06504efa427a9d1df689c3b9cf53cf174f5b31bad2de51ee8695c67c927d2bbb738a3a1c54d9940036fac4d17cdf604464edb08035cd856abfccedac6f48121233e32e0bb97fa2bbe"], 0x20}, 0x1, 0x0, 0x0, 0x14}, 0x0)
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r7, 0x400454ca, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000002c0))

13m45.281303169s ago: executing program 6 (id=259):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x31)
ioprio_set$pid(0x2, 0x0, 0x6000)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x26, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

13m29.530238732s ago: executing program 34 (id=259):
creat(&(0x7f0000000000)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
getpid()
sched_setaffinity(0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYRES32, @ANYBLOB='\x00\x00\x00\x00\x00', @ANYRES32, @ANYBLOB], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
write$cgroup_subtree(0xffffffffffffffff, 0x0, 0x31)
ioprio_set$pid(0x2, 0x0, 0x6000)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000300)=@bpf_lsm={0xd, 0x5, &(0x7f0000000040)=@framed={{0x26, 0xa, 0x0, 0x0, 0x0, 0x61, 0x11, 0x9c}, [@initr0]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)

9m6.509520995s ago: executing program 2 (id=914):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001dc0), 0x800, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10)
r7 = creat(0x0, 0xd931d3864d39dcca)
close(r7)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000280)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0xc2a9019e9b3c5d83, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, &(0x7f0000000040))
timer_create(0x0, &(0x7f0000000080)={0x0, 0x4, 0x2, @thr={&(0x7f0000000100)="22472d4ffe970d09f002d0e75b611a429496fc46b3dfbc7964d7aa2257af329defc468f28ad95a3e43f8e7dd6bc696f7291f46b37b24b7de6ae994f538e23f001aebff1cc1b2367121af5b2f36efb170a6252cdb761bb0736cb7e6a301ef1669ba788d86be74aabcc185f8bb9f96bceb73ca6ddad10eefd6eeced925", &(0x7f0000000180)="25e6e3427f0a9fc3908be82cc5929494052c8dc722f5552b50b99fcb21c4e907be24550cb6e4dcf46ecafd4031e4aec139eb9d09caedc7adc5ae21ef6a5a97e0b0"}}, &(0x7f0000000200))

9m0.2072027s ago: executing program 2 (id=930):
ioperm(0x0, 0x6, 0x2da3b9f3)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004}, &(0x7f0000bbdffc))
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mkdir(&(0x7f0000000400)='./file2\x00', 0x0)
mkdir(&(0x7f0000000140)='./file0\x00', 0xe8)
mount(&(0x7f0000000040)=@sr0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0)='virtiofs\x00', 0xd1, 0x0)
r0 = syz_usb_connect$printer(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000000030020f003176c400000000001090224725100000000090400001207010300090501020000000000090582020002"], 0x0)
syz_usb_disconnect(r0)
r1 = syz_usb_connect(0x0, 0x4a, &(0x7f00000000c0)=ANY=[], 0x0)
quotactl$Q_SETINFO(0xffffffff80000600, 0x0, 0x0, &(0x7f0000000240)={0x9dd, 0x0, 0x1, 0x5})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_ep_write$ath9k_ep1(r1, 0x82, 0x88, &(0x7f0000000040)=ANY=[])
syz_open_dev$char_usb(0xc, 0xb4, 0x0)

8m55.265513735s ago: executing program 2 (id=935):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb70300000800"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r2, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001600)=""/78, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000003380))
r3 = eventfd2(0x0, 0x0)
ioctl$VHOST_SET_VRING_ERR(r2, 0x4008af22, &(0x7f00000001c0)={0x0, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0})
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000000)={0x0, r3})
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r2, 0x4008af60, &(0x7f0000000140)={@my=0x1})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10)

8m54.93352803s ago: executing program 2 (id=940):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000001dc0), 0x800, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba7d82000000000000000000f7ffffff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_ATTACH_FILTER(r2, 0x1, 0x1a, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x10, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x18, 0x0, 0x0, 0x0, 0x10, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r6}, 0x10)
r7 = creat(0x0, 0xd931d3864d39dcca)
close(r7)
execve(&(0x7f0000000180)='./file0\x00', 0x0, 0x0)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000280)=0x3)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0x3, 0x0, 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
timer_settime(0x0, 0x1, &(0x7f00000000c0)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0xc2a9019e9b3c5d83, &(0x7f0000000000)={{0x0, 0x3938700}, {0x0, 0x989680}}, &(0x7f0000000040))
timer_create(0x0, &(0x7f0000000080)={0x0, 0x4, 0x2, @thr={&(0x7f0000000100)="22472d4ffe970d09f002d0e75b611a429496fc46b3dfbc7964d7aa2257af329defc468f28ad95a3e43f8e7dd6bc696f7291f46b37b24b7de6ae994f538e23f001aebff1cc1b2367121af5b2f36efb170a6252cdb761bb0736cb7e6a301ef1669ba788d86be74aabcc185f8bb9f96bceb73ca6ddad10eefd6eeced925", &(0x7f0000000180)="25e6e3427f0a9fc3908be82cc5929494052c8dc722f5552b50b99fcb21c4e907be24550cb6e4dcf46ecafd4031e4aec139eb9d09caedc7adc5ae21ef6a5a97e0b0"}}, &(0x7f0000000200))

8m52.432343534s ago: executing program 2 (id=945):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
syz_mount_image$ext4(&(0x7f0000000740)='ext4\x00', &(0x7f0000000780)='./file0\x00', 0x0, &(0x7f0000000b80)={[], [{@fsuuid={'fsuuid', 0x3d, {[0x31, 0x38, 0x65, 0x61, 0xac51d4b55887fa7, 0x64, 0x63, 0x34], 0x2d, [0x65, 0x62, 0x39, 0x30], 0x2d, [0x61, 0x61, 0x61, 0x62], 0x2d, [0x62, 0x37, 0x62, 0x65], 0x2d, [0x36, 0x35, 0x64, 0x31, 0x64, 0x65, 0x61, 0x36]}}}, {@flag='dirsync'}, {@appraise}, {@subj_type={'subj_type', 0x3d, 'cpu\x00\x00\x02\x00\x00\x00\x00\x00\x00\x00e\x1eP\x16i\xbf\x94gE\\\xa1.H:d\xcd\xbel\xe9P\x9eK\xec#<N\xeb\x15\x00\x80\xb8\xb3\xf9\f\xdf\xa7\xd8\v\xd1\x12\xf4\xd6=s\x8b\x1f\xd4\xf4\x9d\x90\xc3\x8b/\x10@\xf9s\x97;\x10j+?:6b\x1an7\xd3\xea\xc6\xbc\xec\x86\xa7\xe0\x1aE\x7f_\x13\x17^\xbf\xc7\x10\x162\x8b\x88\xa3\x1dW,\xaf(;8I\xef\xdd\x0f\xc1\xae^|\x1b\xb8\xe3\x8c?\x83O\x83UBG}L\x1b\x0e\x13\x90\xb0\xd8\xe5\xef\x9c\xce\xe5\xb6\xee\x0f\xeb\xc0\\\xb6c\'3\x11\xe1H!\xf6^\xed}u\xc4cV'}}, {@dont_hash}, {@subj_type={'subj_type', 0x3d, '}$'}}, {@pcr={'pcr', 0x3d, 0x2f}}]}, 0x1, 0x745, &(0x7f00000019c0)="$eJzs3U1rXNUbAPDn3jT/5N9GE6GCuiooVKidNCkVxE3d6CpSKPi2acPkNoZMMiEzqU0ImOpC3LkQFERRFHHl0rXowm8g6kcQigZdJKuROy/pS2aaKU0zmvn94E7OOfcmzzl3MueBOcOcAPrWifwhjXg8Ii4kEaPN9iQiBuulIxHnG9dtb64X8yOJWu3iH0n9mq3N9WLc8ju5YxGxERGPRcQPgxGn0t1xK6tr89OlUrbcrI9XF5bGK6trp+cWpmez2WxxYvK5s8+ePTM5eWbfxvrjp98df+bNF19598bXtZ+e//m3JM7HSPPcrePYT417Mpjfwtu89CCC9VDSrvGNTlcPP9C+0L38pTnQeJXHozEaA/USAHCY1YYiagBAn0nkfwDoM633AbY214ut4yDff7jxQmM5aKu5tri9E/9Ic81suL4OefSv5LaViSQixg6yoxxKG9cj4vLYid3//8muNdt7tefK9cZ9BuC+fZ/PP+fbzX/pzvwTbeaf4dZnJ+5Ta/7b3jX/3Yw/0GH+u9BljHNfvXeuY/zrEU8caRc/2YmfdIh/ucv42VSc7nSu9kXEyWgf/9ZYd/l8yPiVuVLWfGwbY+rLlzveqoHrEUc7xN/YY/xLXY5/9JvPXu30Us/v/9NP3v35bxc/z4kfdBn/tdrb73Q6l8ef6TD+vZ7/z7uM//6vr1/r8lIAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FNKIGIkkLeyU07RQaOzhfTyOpqVypXrqSnllcSbqe2WPxWDa+qbl0UY9yesTze/jb9Un76ifjYhHIuLDof/X64ViuTTT68EDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQNOxO/b//3uosf8/AHDIDfe6AwDAgZP/AaD/yP8A0H/kfwDoP/I/APQf+R8A+o/8DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMABuzA1lR+17c31Yl6fubq6Ml++enomq8wXFlaKhWJ5eakwWy7PlrJCsbyw198rlctLE7G4cm28mlWq45XVtUsL5ZXF6qW5henZ7FI2eCCjAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB7M1I/krQQEWm9nKaFQsRDETEWg8mVuVJ2JiIejohfhgaH8vpErzsNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPussro2P10qZcv/qcK3EfEv6IaCwqEt9HpmAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIN3c9PvXvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHop/T2JiPw4OfrUyJ1n/5dsDdV/RsRbn1z86Np0tbo8kbf/udNe/bjZPtmL/gMAe2nl6VYeBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB2Kqtr89OlUrb8AAu9HiMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPvnnwAAAP//YmDS5g==")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x0)
syz_mount_image$vfat(&(0x7f0000000ec0), &(0x7f0000000180)='./file2\x00', 0x420c, &(0x7f0000003240)=ANY=[], 0x6, 0x36c, &(0x7f0000000800)="$eJzs3c9rK1UUwPGTNMlL8nidLERRkF58G90MbXQtBnkPhIClbcRWEKbtREPGpGRCNSI2XbkV964EF6U7Cy4K2n+gG3e6EcFdN4KLdqGOzK9k8sumMWn09fuBx9x37z0zd3Jvypm0k7l4+/MPqmVbLxtNiaeVxERErkRyEpdQLNjGvXJKotry0v3ff3x+fbOU9ivU48LGy3ml1OLSdx9+kgm6nd6T89y7F7/lfz1/+vzZi7823q/YqmKrWr2pDLVd/7lpbFum2q3YVV2pVcs0bFNVarbZ8Nu/CfZj1ff2Wsqo7T7I7jVM21ZGraWqZks166rZaCnjPaNSU7quqwdZwXVKR2trRmHC4J0pDwYz0mgUjAURyQy0lI7mMiAAADBXkfx/IahqT5T/b8lisfhoTbmdu/n/8QtnzftvnSwG+f9palj+/8pP/r568n/3cqKb/9f964Py9fn/l3KD/H8wI7pbxs3/Lx1fpyI323HhBpZSA1Wxnv+5+X82eP96Dt85XvYK5P8AAAAAAAAAAAAAAAAAAAAAAPwfXDmO5jiOFm6DfyIxSfg9/Lp5jxOzMWL+tXsiknZn32H+n2Trm1uS9m7cc+fY+my/tF/yt0GHMxGxxPzT6eeujfDOI+XKyffWQRB/sF/ybycslKXixsuKaJLz1lMk3nEev1F8tKJ8QXznNqVsND4vmjwVjf/WW51ufL43Pjh+Sl58GInXRZMfdqQulux6kd3jf7qi1OtvFvviM14/Efnl1icFAAAAAIAp01XH0Ot3XR/V7n/LSKHsfUxkyrJo8sfw6/vlodfnCe25xLzPHgAAAACAu8FufVw1JG42vIJlDStkZGTTFAqJnpqkiAztnOqrSf7TnhciZzjueFLiP8Hk357XV+GrepOo8A8p3IF3moInqshk4wnP36uJJSafplhbvAXQjjbFZYzwRP/gl9wKNbTzw5H7OQxOpFMTfmyUGvE6y+rgfuIjV0JCkgMHdWKTLYBnvvj6cnpvkFdPghXw0fWdDy3TOZBxJqWv4B5isCk58x88AAAAAG5dN+kPa16LNkcfJBJ9WA6/uQcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYIpm8pV+fYV5nyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwX/F3AAAA//8Awvp7")
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0xfffffffffffffe32)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
socket$alg(0x26, 0x5, 0x0)
setsockopt$inet6_tcp_TCP_MD5SIG(0xffffffffffffffff, 0x6, 0xe, 0x0, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0)
setresgid(0x0, 0x0, 0xee00)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r2, 0x560a, &(0x7f0000000040)={0x0, 0x1, 0x0, 0x2, 0x3})
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000005c0)=ANY=[@ANYRES32=0x0, @ANYRES32=0xee00], 0xfc}}, 0x0)
ioctl$BINDER_SET_MAX_THREADS(0xffffffffffffffff, 0x40046205, &(0x7f0000000380)=0xb2)
syz_mount_image$fuse(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$cgroup(0x0, 0x0, &(0x7f00000029c0), 0x800000, &(0x7f0000002a00)={[{@cpuset_v2_mode}]})
pwrite64(r0, &(0x7f0000000140), 0x0, 0xfecc)
socket$nl_route(0x10, 0x3, 0x0)

8m52.028354844s ago: executing program 2 (id=948):
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.current\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

8m35.882588436s ago: executing program 35 (id=948):
ioctl$KVM_SET_IRQCHIP(0xffffffffffffffff, 0x8208ae63, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='pids.current\x00', 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x5, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f0000000300)='sched_switch\x00', r4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)

1m23.606768837s ago: executing program 1 (id=1881):
syz_open_dev$vim2m(&(0x7f0000000580), 0x0, 0x2)
mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_dev$sg(0x0, 0x0, 0x401)
rmdir(&(0x7f0000000700)='./cgroup/../file0\x00')

1m22.126764807s ago: executing program 1 (id=1885):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000080)='./file2\x00', 0x404, &(0x7f0000000240)={[{@nogrpid}, {@jqfmt_vfsv0}, {@test_dummy_encryption}, {@errors_remount}, {@nombcache}, {@quota}], [{@smackfsfloor={'smackfsfloor', 0x3d, '}'}}, {@defcontext={'defcontext', 0x3d, 'user_u'}}, {@smackfshat}, {@subj_type={'subj_type', 0x3d, 'dest_du\"V\xe9\xde]\xa2\x81\xdd++\xc4\xbf-~\xfcf1t\a\xdd*y\xee\x88YDQ\xa3J\'\xa2\x90\x17\x82\nX\xb7\xdc?T\x9bLu|w\x99\vA\xb0q\x895\x98\x15\xa4S\xbe\x83A\x17(\xc1\",ff\x0f\xdaj\xa3\x00\x00\x00\x00\x00\x00\x90\x80&6\xb1;\xf1[q\xa6\xcb\xa9r\xc6\x04\x9e\xcd\xa8QSCl\'i\xbe\x81\xb7\x03u\x16\x8b\xdc\xc4\xa3\x1cr=pa\x83\x16R@\"\xcc\xdf[\xc7\x12Uyn>H\xec\xd7.\x02\x9a=\xcb\xd0\xc1\xc9\xe5M\x9eN\x12\x92.\xb4\x99\xfb.\x183Wd\x8d\xd7\a,\x9a\x9dF1!ql0\x16\x8a\xf01{\x1f\xf1\xa2\x89 \xd3B;`\xc2\xcd&q;\xa3l\x84\xc2\xe2\x9fpQ\xd0\xab\x7f\xf4\xcdn\xa8\\\xcc\xac\xadr\xda\xb6 3\xfe\x1e\xe3p5\xbeZ\xb6\x8faa\xfa\xe1+dd\x0eJn\xc0\xfb\xef5\xc8\a+\xd6\xae\xad\xb4\x9b\xf6\x8b+\x938'}}, {@fscontext={'fscontext', 0x3d, 'staff_u'}}, {@appraise_type}, {@fowner_lt={'fowner<', 0xee00}}]}, 0x3, 0x42f, &(0x7f0000000940)="$eJzs289rHFUcAPDvzCat/WViqT+aVo1WMfgjadJae/CiKHhQEPRQjzFJS+y2kSaCLUGjSD1Kwbt4FPwLPOlF1JPgVe9SKJJLq6eV2Z1Jdje7aZJustX9fGCS92be8t53Z97ue/N2AuhZw9mfJGJ/RPweEQO1bGOB4dq/W8uLU38vL04lUam89VdSLXdzeXGqKFq8bl+R6YtIP0viSIt65y9fOT9ZLs9cyvNjCxfeH5u/fOW52QuT52bOzVycOH365InxF05NPN+ROLO4bg59NHf08GvvXHtj6sy1d3/+Ninib4qjQ4bXO/hkpdLh6rrrQF066etiQ9iUUq2bRn+1/w9EKVZP3kC8+mlXGwdsq0qlUnmg/eGlCvA/lkS3WwB0R/FFn81/i22Hhh53hRsv1SZAWdy38q12pC/SvEx/0/y2k4Yj4szSP19lW2zPfQgAgAbfZ+OfZ1uN/9Kovy90b76GMhgR90XEwYg4FRGHIuL+iGrZByPioU3W37xIsnb8k17fUmAblI3/XszXthrHf8XoLwZLee5ANf7+5OxseeZ4/p6MRP/uLD++Th0/vPLbF+2O1Y//si2rvxgL5u243re78TXTkwuTdxJzvRufRAz1tYo/WVkJSCLicEQMbbGO2ae/Odru2O3jX0cH1pkqX0c8VTv/S9EUfyFZf31y7J4ozxwfK66KtX759eqb7eq/o/g7IDv/e1te/yvxDyb167Xzm6/j6h+ft53TbPX635W83bDvw8mFhUvjEbuS12uNrt8/0VRuYrV8Fv/Isdb9/2CsvhNHIiK7iB+OiEci4tG87Y9FxOMRcWyd+H96+Yn3th7/9srin97U+V9N7IrmPa0TpfM/ftdQ6eBm4s/O/8lqaiTfs5HPv420a2tXMwAAAPz3pBGxP5J0dCWdpqOjtd/wH4q9aXlufuGZs3MfXJyuPSMwGP1pcadroO5+6Hg+rS/yE035E/l94y9Le6r50am58nS3g4cet69N/8/8Wep264Bt53kt6F36P/Qu/R96l/4PvatF/9/TjXYAO6/V9//HXWgHsPOa+r9lP+gh5v/Qu/R/6F36P/Sk+T1x+4fkJSTWJCK9K5ohsU2Jbn8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdMa/AQAA//9QOObV")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x1000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x50)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x18, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00', r3}, 0x10)
syz_open_procfs(0x0, &(0x7f0000000040)='net/if_inet6\x00')
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
syz_open_procfs(0x0, &(0x7f0000000240)='pagemap\x00')

1m20.721574061s ago: executing program 1 (id=1889):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x7, 0x6, &(0x7f0000002ec0)=ANY=[@ANYBLOB="b601000000210000bd110000000000008510000002000000850000001900000095000000000000009500a5050000000077d8f3b4000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d75357f21699cdc6751dfb265a0e3ccae669e173a649c1cfd6587d472d64e7cc955d77578f4c35235138d5421f9453559c35da860e8ef14142b2a3e314422b854421eed734ceb1efeecb9c66854c3b3ffe1b4ce25d7c983c005c03bf3a48dfe3e26e7a23129d6606fd28a697a9d552af6d9a9df2c3af333e2008e11bbec0727cb3f647535deb6277f5696833a71011a7d06602e2fd5234712596b696418f163d1a13ed38a682f87925bfa753f541cd027edd68149ee99eebc6f7d6dd4ae59af7588c8e1f4efab57644ccb1973d7879b70a70001040000000000000000d7900a820b63278f4e9a217b98ef7042ad2a923132f208fd8289eaf8cd00000000000009d27d753a300800000000000000a5686f2fccc33e3e34c3969c5ad781302d40e97a8ad10ce0cbe17366d5ac6af2fca2360a15b80400d52040ef7b28d300747877e176fe4c4b8e40dbf260f5a9f7eee30293c1b163b795d0aef4deb851a30000f569dc8f39943f889008e1ec914faa9e6cd0b3b4b3b5db666ebeb49d6a62019d76459e70b459543c4ac42e53b4ad4c77cff373ebd95848f01864e456969cd28000170996016aceb583df5ee4dd722e8c350af489f9a900000000a0dcc36b3d7c734a9cce0439f832a20d7cbdcda5dff3ba92dd66afb9d74aa222038994dcd3e7784dbea1e51a15b0f1a040cc63177f8fafa3192fc8e5552da1a982ab8dfe31ad1a0968faa47c2069d6bf09c3aa4f0fc128cb578d99b08a150b4cc4b22f6a464c6398c952519818a44a1b223ff502df87865c276588ea478e328e8277e811b99ce1acfecaf8e2c55ccc4b8eae0a61635514e99ffd438784060f23ba74c0b30b1180d935832deb686d789ba1d436d116394534e88492a42b8bf050c719661a2dc50b3a1dcfbc871e5c27e3d7260f6fa589e40000b89db451ff994845f6b49c12e89291398bcb3c06ef1289f74e0b0e2cab592d35f82a69e7284223a171c616b1f0fee6c4711d7aecb69746064d2c096554975d605ebebf3d5cf32a9a09915ae3f3d4eb96615d7b237da56cd5e9904a19e145f25b6d98eb2c019967f553b61d0e80d6"], 0x0, 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000000500000002"], 0x48)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x2a5e000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x30, r4, 0x135, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x44040}, 0x40040)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000100500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x0)

1m19.700255287s ago: executing program 1 (id=1890):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpgid(r0)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@ipv4={'\x00', '\xff\xff', @broadcast}, 0x0, 0x1, 0x0, 0x7}, 0x20)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYRES32=r4, @ANYBLOB="0000000000000000b7080000001900007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x4, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
ustat(0x2, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$EVIOCGPHYS(r6, 0x80404507, &(0x7f0000001400)=""/4096)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f00000003c0)={'veth1_vlan\x00', <r8=>0x0})
sendmsg$nl_route(r6, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2000000011000101000000000100000000000000", @ANYRES32=r8, @ANYBLOB], 0x20}}, 0x0)

1m18.275404392s ago: executing program 1 (id=1891):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = add_key$keyring(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, 0x0, 0x0, 0xfffffffffffffffe)
keyctl$set_timeout(0xf, r0, 0x1)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
add_key$user(&(0x7f00000003c0), 0x0, 0x0, 0x0, r0)
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000000))
chdir(&(0x7f00000003c0)='./bus\x00')
syz_mount_image$vfat(&(0x7f00000002c0), &(0x7f0000000040)='./bus\x00', 0x2029c1b, 0x0, 0x1, 0x0, &(0x7f0000000080))
socket$inet6(0xa, 0x400000000001, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000440)={&(0x7f0000000080)='sched_switch\x00'}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000001440), 0xffffffffffffffff)
r4 = fsopen(&(0x7f00000001c0)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
fsmount(r4, 0x0, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='blkio.bfq.dequeue\x00', 0x275a, 0x0)
write$UHID_CREATE2(r5, &(0x7f00000001c0)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r5, 0x0)
fsconfig$FSCONFIG_SET_FLAG(r4, 0x0, &(0x7f0000000180)='silent\x00', 0x0, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)

1m16.625738415s ago: executing program 1 (id=1895):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x70bd2d, 0x0, {0xa}}, 0x14}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140100001000010000000000000000000000000a20000200000003000000000000000000070000000900010073797a30000000001c000000090a010400000000000000000700000008000a4000000003140000001000010000000000000000000084000a"], 0x64}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x34, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}]}, 0x34}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x20008844)

1m0.429648406s ago: executing program 36 (id=1895):
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)={0x14, 0x12, 0xa01, 0x70bd2d, 0x0, {0xa}}, 0x14}}, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0x7)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0xfffffffffffffffe)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="140100001000010000000000000000000000000a20000200000003000000000000000000070000000900010073797a30000000001c000000090a010400000000000000000700000008000a4000000003140000001000010000000000000000000084000a"], 0x64}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000100)=@newqdisc={0x34, 0x24, 0x400, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_fq_pie={{0xb}, {0x4, 0x8002}}]}, 0x34}}, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="500000001000010425bbe5ad600027842cf52300", @ANYRES32=0x0, @ANYBLOB="0000000000008000280012800a00010076786c616e00"], 0x50}}, 0x20008844)

20.08114203s ago: executing program 8 (id=1998):
clock_gettime(0x0, &(0x7f0000000080))
clock_gettime(0x0, &(0x7f0000000100))
setitimer(0x1, &(0x7f0000000180), 0x0)
gettid()
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
pipe2$watch_queue(&(0x7f00000000c0)={<r0=>0xffffffffffffffff}, 0x80)
close_range(r0, r0, 0x2)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
socket(0x11, 0x2, 0xdaac)
tkill(0x0, 0x12)
prlimit64(0x0, 0x9, &(0x7f0000000140)={0x8, 0x6}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x5)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
setsockopt(0xffffffffffffffff, 0x84, 0x80, &(0x7f0000000000)='\x00\x00\x00\x00\t\x00', 0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0xfffe, 0x1, @ipv4={'\x00', '\xff\xff', @local}, 0x7}, 0x1c)
r4 = syz_open_dev$vbi(&(0x7f00000001c0), 0x1, 0x2)
r5 = fcntl$dupfd(r4, 0x0, r4)
write$binfmt_script(r5, &(0x7f0000000100), 0xfffffd9d)
write$binfmt_script(r5, &(0x7f0000001b00), 0xfffffd9d)
r6 = openat$procfs(0xffffffffffffff9c, &(0x7f0000009a80)='/proc/crypto\x00', 0x0, 0x0)
sendfile(r3, r6, 0x0, 0x1000000003fffff)

16.009482132s ago: executing program 8 (id=2002):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socket$rds(0x15, 0x5, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'hash\x00', 0x0, 0x0, 'crc32c\x00'}, 0x58)
syz_open_procfs(0x0, &(0x7f0000000100)='net/route\x00')
r1 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r1, 0x0, 0x3})
r2 = io_uring_setup(0x766a, &(0x7f0000000880)={0x0, 0xd277, 0x0, 0x0, 0x128})
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000080), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000340)={{0x80, 0xfc}, 'port0\x00', 0x76, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x80000008, 0x0, 0x1})
ioctl$SNDRV_SEQ_IOCTL_CREATE_PORT(r3, 0xc0a85320, &(0x7f0000000180)={{0x80, 0x80}, 'port0\x00', 0x17a, 0x0, 0x8000})
close_range(r2, 0xffffffffffffffff, 0x0)

14.255743632s ago: executing program 8 (id=2006):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$can_raw(0x1d, 0x3, 0x1)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x6000, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5}}}]}, 0x48}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000005c0), 0x2, 0x0)

14.139615341s ago: executing program 9 (id=2007):
prlimit64(0x0, 0xe, &(0x7f0000000280)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x2d)
mount$bind(&(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000140), 0x54, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=ANY=[@ANYBLOB="540000001200010000000000000000000a00000000004e2200"/55, @ANYRES32=0x0], 0x54}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

12.823614349s ago: executing program 9 (id=2009):
fsopen(&(0x7f00000000c0)='hugetlbfs\x00', 0x1)
syz_usb_connect(0x0, 0x36, &(0x7f00000001c0)=ANY=[@ANYBLOB="1201100153a48e08f00a71729188010203010902240001060000000904000002ffffff0009050b"], 0x0)

12.823074699s ago: executing program 7 (id=2010):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, 0x0}, 0x30004084)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000300)={r5, 0x0, 0x9, 0x0, 0x0, [<r6=>0x0], [0x9, 0xfffffffd, 0x0, 0x8], [0x3, 0x0, 0x100, 0xd], [0x1000000000000, 0x0, 0xfffffffffffffffd]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

10.676901248s ago: executing program 0 (id=2013):
socket$nl_xfrm(0x10, 0x3, 0x6)
io_setup(0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
personality(0x4000000)
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r2}, 0x8)
syz_emit_ethernet(0x36, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000001e00210000000000000000000700000005f2ff00000000000a0002"], 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'caif0\x00', 0x6132})

10.557577277s ago: executing program 7 (id=2015):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000a00), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000100)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_KEY(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x1c, r1, 0x1, 0x70bd28, 0x25dfdbfc, {{}, {@val={0x8, 0x3, r3}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)

10.320311505s ago: executing program 7 (id=2016):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000780)=ANY=[@ANYBLOB='iocharset=cp850,fmask=000000 0000000000000240,errors=remount-ro,iocharset=cp936,iocharset=iso8859-14,dmask=00000000000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000001,errors=continue,iocharset=iso8859-2,\x00'], 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
eventfd2(0x0, 0x0)
unshare(0x62040200)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0800000004000000040000000700020000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="020000"], 0x50)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000180)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x7f, 0x80, 0xa, [{{0x9, 0x4, 0x0, 0xa, 0x2, 0x7, 0x1, 0x3, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x2, 0x4, 0x7}}}}}]}}]}}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xd, &(0x7f0000000340)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)

9.488763706s ago: executing program 8 (id=2018):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
socket$unix(0x1, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1a37c1, 0x42)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x5, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

9.456052818s ago: executing program 0 (id=2019):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)={0x58, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x28, 0xe, {{{}, {}, @broadcast, @device_a, @from_mac}, 0x0, @default, 0x1, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void, @void}}, @NL80211_ATTR_PROBE_RESP={0x4}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}]}, 0x58}}, 0x0)

9.418469611s ago: executing program 9 (id=2020):
bind$inet(0xffffffffffffffff, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
r1 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_HOPOPTS(r1, 0x29, 0x36, 0x0, 0xc0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000080)={{0x1, 0x1, 0x18, 0xffffffffffffffff, {0xa2, 0x7}}, './file0\x00'})
r4 = syz_open_dev$sg(&(0x7f0000000040), 0x0, 0x2000)
ioctl$SG_GET_VERSION_NUM(r4, 0x2284, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r6 = add_key$keyring(&(0x7f00000003c0), &(0x7f0000000400)={'syz', 0x1}, 0x0, 0x0, 0xfffffffffffffffb)
pipe2$watch_queue(&(0x7f0000000080)={0xffffffffffffffff, <r7=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r6, r7, 0xffffffffffffffff)
getsockopt$sock_cred(r2, 0x1, 0x11, 0x0, &(0x7f0000000680))
setresuid(0x0, 0x0, 0x0)
keyctl$get_persistent(0x16, 0x0, r6)
bind$bt_hci(r5, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6)
write(r5, &(0x7f0000000000)="3b000300010086", 0x7)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000002fc0)=[{{0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000200)="643c87cf2bd21d995e613d73613b1e78334efea0", 0x14}], 0x1, 0x0, 0x0, 0x51}}, {{0x0, 0x0, &(0x7f0000000a00)=[{&(0x7f0000000300)="7dcc2c9d4eaf588822e6a9cc8eec13d9754bb76c0b79128fe7430d6db7d58316f3881e7ed3f82ca511d6b69bd89c06d6071236cc7f4e46c81773cbf2fcf5b11fabc85b2b734169d0eb1397d69a9c9667bf6595689941aeed433c2cb8e31fac7652", 0x61}], 0x1}}], 0x2, 0x0)

9.121618883s ago: executing program 8 (id=2021):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000080)='net/udp\x00')
creat(&(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r1, &(0x7f00000103c0)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_INIT(r1, &(0x7f0000000340)={0x50, 0x0, r2, {0x7, 0x1f, 0x0, 0xffffffffb7040039, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000}}, 0x50)
r3 = syz_init_net_socket$ax25(0x3, 0x2, 0x7)
r4 = socket$netlink(0x10, 0x3, 0x2)
dup2(r4, r3)

8.23070996s ago: executing program 4 (id=2022):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000380), 0x181042, 0x0)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_BINDTODEVICE_wg(r0, 0x1, 0x19, &(0x7f00000000c0)='wg0\x00', 0x4)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x6, @rand_addr=0x64010101}, 0x10)
r1 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x34f}, &(0x7f00000002c0)=<r2=>0x0, &(0x7f0000000080)=<r3=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x0, 0x0}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

7.809505291s ago: executing program 4 (id=2023):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)

7.069556296s ago: executing program 4 (id=2024):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x2a5e000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x30, r4, 0x135, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x44040}, 0x40040)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000100500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x0)

6.962329333s ago: executing program 9 (id=2025):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, 0x0}, 0x30004084)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000300)={r5, 0x0, 0x9, 0x0, 0x0, [<r6=>0x0], [0x9, 0xfffffffd, 0x0, 0x8], [0x3, 0x0, 0x100, 0xd], [0x1000000000000, 0x0, 0xfffffffffffffffd]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

6.207636939s ago: executing program 7 (id=2026):
syz_usb_connect(0x0, 0x52, 0x0, 0x0)
r0 = accept4$unix(0xffffffffffffffff, &(0x7f0000000200), &(0x7f0000000140)=0x6e, 0x80000)
connect$unix(r0, &(0x7f0000000280)=@file={0x1, './file0\x00'}, 0x6e)
socket$tipc(0x1e, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x38, 0x0, 0x0)
r5 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
move_mount(r5, &(0x7f0000000040)='.\x00', r4, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xa, 0x4, 0xffd, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r6, 0x84, 0x6f, &(0x7f0000000000)={<r7=>0x0, 0x10, &(0x7f0000000180)=[@in={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000200)=0x10)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r6, 0x84, 0x1f, &(0x7f0000000040)={r7, @in={{0x2, 0x4e22, @initdev={0xac, 0x1e, 0x0, 0x0}}}}, 0x90)

5.869200295s ago: executing program 9 (id=2027):
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file1\x00', 0x0)
ioctl$TIOCPKT(0xffffffffffffffff, 0x5420, &(0x7f0000000080)=0xfffffffa)
ioctl$TCSETS(0xffffffffffffffff, 0x40045431, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, "00769aff95595915303d74ffdeffff000400"})
r0 = syz_open_pts(0xffffffffffffffff, 0x0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r2 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x1)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='memory.events\x00', 0x275a, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x0, 0x12, r4, 0x0)
getsockopt$bt_hci(r3, 0x84, 0x85, &(0x7f0000001f00)=""/4062, &(0x7f00000004c0)=0x744)
r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet(0xffffffffffffffff, 0x0, 0x0)
r6 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000600), 0x2000, 0x0)
ioctl$SNDCTL_DSP_GETOPTR(r6, 0x800c5012, &(0x7f00000000c0))
ioctl$VT_RESIZE(r1, 0x5609, &(0x7f0000000140)={0x5, 0x4, 0x9fc9})
ioctl$TCFLSH(r0, 0x540b, 0x2)
mount$pvfs2(&(0x7f0000000240), &(0x7f0000000280)='./file1\x00', 0x0, 0x400, 0x0)

5.784972421s ago: executing program 4 (id=2028):
bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r0, 0x107, 0xa, &(0x7f0000000000)=0x2, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x0, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900000000000001000000940000000fad413e850000000700000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
socket$can_raw(0x1d, 0x3, 0x1)
r4 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'lo\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x6000, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r6, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x5}}}]}, 0x48}}, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmmsg(r7, &(0x7f0000000000), 0x4000000000001f2, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
openat$cgroup_freezer_state(0xffffffffffffffff, &(0x7f00000005c0), 0x2, 0x0)

5.725459765s ago: executing program 0 (id=2029):
socket$nl_xfrm(0x10, 0x3, 0x6)
io_setup(0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000005efe2100850000006d00"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
personality(0x4000000)
sched_setscheduler(r0, 0x2, &(0x7f0000000100)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000180)={0x0, r2}, 0x8)
syz_emit_ethernet(0x36, 0x0, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_generic(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="280000001e00210000000000000000000700000005f2ff00000000000a0002"], 0x28}}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x2d)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000140)={'caif0\x00', 0x6132})

2.658490443s ago: executing program 7 (id=2030):
r0 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000e00), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_NEW_INTERFACE(r1, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000280)={0x14, r0, 0x1, 0x70bd2c, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4051}, 0x0)

2.493042755s ago: executing program 0 (id=2031):
munmap(&(0x7f0000002000/0x2000)=nil, 0x2000)
socket$unix(0x1, 0x1, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x1a37c1, 0x42)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SET_IO_FLUSHER(0x39, 0x1)
bpf$MAP_CREATE(0x2000000000000000, &(0x7f0000000140)=@base={0x5, 0x4, 0x8000, 0x5c, 0x0, 0xffffffffffffffff, 0xa, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x2, 0x0, 0x0, @void, @value, @void, @value}, 0x50)

2.492524585s ago: executing program 4 (id=2032):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r5=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r4, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r5, <r6=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r4, 0xc06864ce, &(0x7f0000000300)={r6, 0x0, 0x9, 0x0, 0x0, [<r7=>0x0], [0x9, 0xfffffffd, 0x0, 0x8], [0x3, 0x0, 0x100, 0xd], [0x1000000000000, 0x0, 0xfffffffffffffffd]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r4, 0xc00c642d, &(0x7f0000000080)={r7, 0x0, <r8=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r8, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r9 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r9, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r10 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

2.245518283s ago: executing program 9 (id=2033):
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x20000000ec071, 0xffffffffffffffff, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000380)=@framed, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xf, &(0x7f0000000580)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback=0x1e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f00000000c0)='tlb_flush\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil)

1.439559993s ago: executing program 7 (id=2034):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xe, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x28031, 0xffffffffffffffff, 0x8000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
readv(0xffffffffffffffff, 0x0, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000006c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0, r4}, 0x18)
r5 = socket$nl_xfrm(0x10, 0x3, 0x6)
socket$tipc(0x1e, 0x2, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000280)={'tunl0\x00', 0x0})
sendmsg$nl_xfrm(r5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000240)={[{@nogrpid}, {@dioread_lock}, {@noinit_itable}, {@nodioread_nolock}]}, 0x1, 0x635, &(0x7f0000000bc0)="$eJzs3c9vG1UeAPDv2Pmd3U0arXa3e9iNtNptpd0mTdquqtVKtELiVFXlxwGJC6ZJq1L3h5ogSClqIpULEuLCAYkTB8qB/wEqIXHiH+DAhRMqqhDqBVSB0Thj4yaexA6x3cafj+T6vXmTeW+SfPsmz+/NBNC3ptN/ChH7I+JqEjHVUDYQWeH0+n73v79xNn0lUak8+10SN24mq43HSrL38YhIC36aiOTziJgqbq53aeX6xVK5vHgty88uX7o6u7Ry/dCFS6Xzi+cXL8//d/74saPHjs8dbviqc0+1e377GtKnbr386sRbp1/48P0HydxHX51O4kS90el5tXvs7UzHdFQyjdvT7+vx3a6sR4r135NfJRs3bPRkBxtEW2o/v8GI+HNMRLHhpzkRbz7d08YBHVVJot5HAf0mEf/Qp2rXAbW/7Vv7O3iow1clQDfcOxnxr3r8D0bEevyfmM/GBmOkOjYwdj95aJwniYjDu1B/WscXn52+lb6iQ+NwQHOra8PZEPjG/j+pxuZkjFRzY/cLD8V/IRvGnczGD5/ZupqJvILpDfms/uGdng/QutW1iPhLs+v/7eP/xew93f7SDuvPiX8AAAAAAABgB+6cjIj/NPv8r1Cf/zPUZP7PeESc2IX6t//8r3B3F6oBmrh3MuL/Tef/Fmq7TBaz3O+r8wEGk3MXyouHI+IPEXEwBofT/FzjQT9u+OqIOPT21Ht59TfO/0tfaf21uYBZO+4ObJgNtFBaLu3CqUPfu7cW8deB/Pk/af+fNOn/0/i+2mIdU/+8fSavbPv4Bzql8kHEgab9f1LfJ9n6/hyz1euB2dpVwWZ/e/2dT/LqF//QO2n/P7Z1/A8njffrWWrv+EMRcWRloJJXvtPr/6HkuWI0rER8rbS8fG0uYig5tXn7fHtthsfJSOu7vhER1XioxUsa/wf/sfX4X/36vyEOR7N7fLXiTz+Pf51Xpv+H3knjf2Hr/n/y4f6//cT87clP8+o/01L/f7Tapx/Mthj/g621GqC9bicAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPI4KEfG7SAoz9XShMDMTMR4Rf4yxQvnK0vK/z1155fJCWlZ9/n+h9qTfifV8Unv+/2RDfn5D/khE7IuId4uj1fzM2SvlhV6fPAAAAAAAAAAAAAAAAAAAADwixtffNq3/T31T7GnTgG4YyN7FO/SfgV43AOgZ8Q/9ayfxP9SBdgDdlx//PzyoVHW1OUAXtdr/V252uCFA1+3w738fF8AeYPwP+tVga7uNdLodQC/o/wEAAAAAYE/Z9/c7XyYRsfq/0eorGqb21z8YHO1V64BOKuQVDHe3HUD3mcML/cvUH+hfLU7+BfawpJ76seli//zZ/0lnGgQAAAAAAAAAAAAAbHJgfwvr/4E9KXf9P7DnNVv/n93up9nCHrcLgD3E+n/oX23c5ssT/2GPql3s5z3p3/p/AAAAAAAAAAAAAHgEjFy/WCqXF68trbScuNnOzr898W3kFT1RS6x1oRmV4u4cZ7XUvW/dY54YjIgNRZWJ9V/bi6Xy89Hd9tQipht1DXWxrpxEj/4/AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANvklAAD///ouKM0=")

1.402576856s ago: executing program 4 (id=2035):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mount$tmpfs(0x0, &(0x7f0000000180)='./file1/file4\x00', &(0x7f00000001c0), 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
r0 = landlock_create_ruleset(&(0x7f00000002c0)={0x2001}, 0x18, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0x200000, 0x0)
landlock_add_rule$LANDLOCK_RULE_PATH_BENEATH(r0, 0x1, &(0x7f0000000340)={0x2000, r1}, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)

1.309603883s ago: executing program 8 (id=2036):
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x800, &(0x7f0000000780)=ANY=[@ANYBLOB='iocharset=cp850,fmask=000000 0000000000000240,errors=remount-ro,iocharset=cp936,iocharset=iso8859-14,dmask=00000000000000000000000,gid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000001,errors=continue,iocharset=iso8859-2,\x00'], 0x1, 0x152f, &(0x7f00000037c0)="$eJzs3AucTVX7OPDnWWvtMSSdJrkMa61nc5LLIklySZJLkiRJkltC0iSvJCSG3JKGJCSXIbkMIblMTBr3+/2SkCRNkoTklqz/Z8r81Vvv/33f39svv/9vnu/nsz+znrP2s/ba85yzz977nJlvug6r1aR29UZEBP8R/OVHIgDEAsAgALgGAAIAKB9XPi6zP6fExP9sI+zP9VDKlZ4Bu5K4/tkb1z974/pnb1z/7I3rn71x/bM3rn/2xvVnLDvbMqPgtbxk34Xv/2dn/P7/v0hG6XFfrCt9fTeAmH81hev//z/8D3K5/v9rBf/KSlz/7I3rn13FXukJsP8B+PWfHeT4hz1c/+yN689Ydvbre8GxcOXvR//VC0Sy92cgV/r5xxhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGMsezjrL1MAkNW+0vNijDHGGGOMMcbYn8fnuNIzYIwxxhhjjDHG2H8/BAESFAQQAzkgFnJCLhAAMVn910IcXAd54XrIB/mhABSEeCgEhUGDAQsEIRSBohCFG6AY3AjFoQSUhFLgoDSUgZugLNwM5eAWKA+3QgW4DSpCJagMVeB2qAp3QDW4E6rDXVADakItqA13Qx24B+rCvVAP7oP6cD80gAegITwIjeAhaAwPQxN4BJrCo9AMmkMLaAmt/kv5L0BPeBF6QW9IhD7QF16CftAfBsBAGAQvw2B4BYbAq5AEQ2EYvAbD4XUYAW/ASBgFo+FNGANvwVgYB+NhAiTDRJgEb8NkeAemwFSYBtMhBWbATHgXZsFsmAPvwVx4H+bBfFgACyEVPoBFsBjS4ENYAh9BOiyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBR/DbvgE9sBe2Aefwn747N/MP/N3+d0QEFCgQIUKYzAGYzEWc2EuzI25MQ/mwQhGMA7jMC/mxXyYDwtgAYzHeCyMhdGgQULCIlgEoxjFYlgMi2NxLIkl0aHDMlgGy+LNWA7LYXksjxWwAlbESlgJq2AVrIpVsRpWw+pYHWtgDayFtfBuvBv7YF2si/WwHtbH+lm3p7ARNsLG2BibYBNsik2xGTbDFtgCW2ErbI2tsQ22wXbYDttje+yAHTABE7AjdsRO2Ak7Y2fsgl2wK3bFbtgdu2e8kAPwRXwRe2MN0Qf7Yl/sh0k5BuBAHIgv42B8BV/BVzEJh+IwfA1fw9dxBJ7GkTgKR+NorCrewrE4DklMwGRMxkk4CSfjZJyCU3EqTscUnIEzcSbOwtk4G9/Dufg+vo/zcT4uxFRMxUW4GNMwDZfgGUzHpbgMl+MKXIkrcDWuwdW4DtfjOtyIG3EzbsatuBW343bciTvxY1QA+Anuxb2YhPtxPx7AA3gQD+IhPIQZmIGH8TAewSN4FI/iMTyGx/EEnsQTeApP4Wk8g2fxLJ7H83gBn4v/qvHHJdYmgcikhBIxIkbEiliRS+QSuUVukUfkEREREXEiTuQVeUU+kU8UEAVEvIgXhUVhYYQRJMLMI4WIiqgoJoqJ4qK4KClKCiecKCPKiLKirCgnyony4lZRQdwmKopKoq2rIqqIqqKdqybuFNVFdVFD1BS1RG1RW9QRdURdUVfUE/VEfVFfNBAPiIaiDw7Ah0RmZZqIodhUDMNmormQl45QrcUIbCPainbiCTEKR2IH0doliKdFRzEWO4m/iXH4rOgiJmBX8bzoJrqLHuIF0VO0cb1EbzEF+4i+Yjr2E/3FADFQzMKa4j2cm7OWeFUkiaFimHhNLMTXxQjxhhgpRonR4k0xRrwlxopxYryYIJLFRDFJvC0mi3fEFDFVTBPTRYqYIWaKd8UsMVvMEe+JueJ9MU/MFwvEQpEqPhCLxGKRJj4US8RHIl0sFcvEcrFCrBSrxGqxRqwV68R6sUFsFJvEZrFFbBXbxHaxQ+wUu8THYrf4ROwRe8U+8anYLz4TB8Tn4qD4QhwSX4oM8ZU4LL4WR8Q34qj4VhwT34nj4oQ4Kb4Xp8QP4rQ4I86Kc+K8+FFcED+Ji8ILkCiFlFLJQMbIHDJW5pS55FUytwyyjv8yTl4n88rrZT6ZXxaQBWW8LCQLSy2NtJJkKIvIojIqb5DF5I2yuCwhS8pS0snSsoy8SZaVN8ty8hZZXt4qK8jbZEVZSVaWVeTtsqq8Q0Lkl23UkDVlLVlb3i0T4R5ZV94r68n7ZH15v2wgH5AN5YOykXxINpYPyybyEdlUPiqbyeayhWwpW8nHZGv5uGwj28p28gnZXj4pO8inZIJ8WnaU/tJT5FnZRT4nu8rnZTfZXfaQP8mL0stesreEPiD7ypdkP9lfDpAD5SD5shwsX5FD5KsySQ6Vw+Rrcrh8XY6Qb8iRcpQcLd+UY+RbcqwcJ8fLCTJZTpST5NtysnxHTpFT5TQ5XabIGXLApZHmSPlP89/+g/whP299s9wit8ptcrvcIXfKXfJjuVvulnvkHrlP7pP75X55QB6QB+VBeUgekhkyQx6Wh+UReUQelUflMXlMHpcn5Dn5vTwlf5Cn5Rl5Rp6T5+V5eeHS7wAUKqGkUipQMSqHilU5VS51lcqtrlZ51DUqoq5Vceo6lVddr/Kp/KqAKqjiVSFVWGlllFWkQlVEFVVRdQNeesKokqqUcqq0KqNu+nfyVTF1oyquSvwmP2t+if9gfq1UK9VatVZtVBvVTrVT7VV71UF1UAkqQXVUHVUn1Ul1Vp1VF9VFdVVdVTfVTfVQPVRP1VP1Ur1UokpUfdVLqp/qrwaogWqQellk7sMQNUQlqSQ1TA1Tw9VwNUKNUCPVSDVajVZj1Bg1Vo1V49V4layS1SQ1SU1Wk9UUNUVNU9NUikpRM9VMNUvNUnPUHDVXzVXz1Dy1QC1QqSpVLVKLVJpKU0vUEpWulqqlarlarlaqlWq1Wq3WqrVqvVqvNqqNKl1tUVvUNrVN7VA71C61S+1Wu9UetUftU/vUfrVfHVAH1EF1UB1Sh1SGylCH1WF1RB1RR9VRdUwdU8fVcXVSnVSn1Cl1Wp1WZ9VZdV6dVxfUBXVRXcw87QtEIAIVqCAmiAlig9ggV5AryB3kDvIEeYJIEAnigrggb3B9kC/IHxQICgbxQaGgcKADE9hAXCp6NLghKBbcGBQPSgQlg1KBC0oHZYKbgrLBzUG54JagfHBrUCG4LagYVAoqB1WC24OqwR1BteDOoHpwV1AjqBnUCmoHdwd1gnuCusG9Qb3gvqB+cH/QIHggaBg8GDQKHgoaBw8HTYJHgqbBo0GzoHnQImgZtPpTx/f+dP7HXS/dWyfqPrqvfkn30/31AD1QD9Iv68H6FT1Ev6qT9FA9TL+mh+vX9Qj9hh6pR+nR+k09Rr+lx+pxeryeoJP1RD1Jv60n63f0FD1VT9PTdYqeoWfqd/UsPVvP0e/pufp9PU/P1wv0Qp2qP9CL9GKdpj/US/RHOl0v1cv0cr1Cr9Sr9Gq9Rq/V6/R6vUFv1Jv0Zr1Fb9Xb9Ha9Q+/Uu/THerf+RO/Re/U+/anerz/TB/Tn+qD+Qh/SX+oM/ZU+rL/WR/Q3+qj+Vh/T3+nj+oQ+qb/Xp/QP+rQ+o8/qc/q8/lFf0D/pi9pnntxnvr0bZZSJMTEm1sSaXCaXyW1ymzwmj4mYiIkzcSavyWvymXymgClg4k28KWwKm0xkyBQxRUzURE0xU8wUN8VNSVPSOONMGVPGlDVlTTlTzpQ35U0FU8FUNBVNZVPZ3G5uN3eYO8yd5k5zl7nL1DQ1TW1T29QxdUxdU9fUM/VMfVPfNDANTEPT0DQyjUxj09g0MU1MU9PUNDPNTAvTwrQyrUxr09q0MW1MO9POtDftTQfTwSSYBNPRdDSdTCfT2XQ2XUwX09V0Nd1MN9PD9DA9TU/Ty/QyiSbR9DV9TT/TzwwwA8wgM8gMNoPNEDPEJJkkM8wMM8PNcDPCjDAjzSgzOvNE1bxlxppxZryZYJJNsplkJpnJZrKZYqaYaWaaSTEpZqaZaWaZWWaOmWPmmrlmnplnFpgFJtWkmkVmkUkzaWaJWWLSTbpZZpaZFWaFWWVWmTVmjVln1pkNsMFsMpvMFrPFbDPbzA6zw+wyu8xus9vsMXvMPrPP7Df7zQFzwBw0B80hc8hkmAxz2Bw2R8wRc9QcNcfMMXPcHDcnzUlzypwyp81pc9acNedN/kvvl97E2pw2l73K5rZX2zz2Gvv3cQFb0MbbQraw1Tafzf+b2Fhri9sStqQtZZ0tbcvYm34XV7SVbGVbxd5uq9o7bLXfxXXsPbauvdfWs/fZ2vbu38T17f22gX3ENkQEsM1tY9vSNrGP2Kb2UdvMNrctbEvb3j5pO9inbIJ92na0z/wuXmQX2zV2rV1n19s9dq89a8/ZI/Ybe97+aHvZ3naQfdkOtq/YIfZVm2SH/i4ebd+0Y+xbdqwdZ8fbCb+Lp9npNsXOsDPtu3aWnf27ONV+YOfaNDvPzrcL7MKf48w5pdkP7RL7kU23ASyzy+0Ku9Kusqv/71yX2412k91sd9tP7Da73e6wO+2urBNhu9fus5/a/fYze9h+bQ/aL+whe9Rm2K9+jjP376j91h6z39nj9oQ9ab+3p+wPKis7c9+/tz/Zi9ZbICQgSYoCiqEcFEs5KRddRbnpaspD11CErqU4uo7y0vWUj/JTASpI8VSICpMmQ5aIQipCRSlKN1DW9EpSKXJUmsrQTVSWbqZydAuVp1upAt1GFakSVaYqdDtVpTuoGt1J1ekuqkE1qRbVprupDt1Ddeleqkf3UX26nxrQA9SQHqRG9BA1poepCT1CTelRakbNqQW1pFb0GLWmx6kNtaV29AS1pyepAz1FCfQ0daRnqBP9jTrTs9SFnqOu9Dx1o+7Ug16gnvQi9aLelEh9qC+9RP2oPw2ggTSIXqbB9AoNoVcpiYbSMHqNhtPrNILeoJE0ikbTmzSG3qKxNI7G0wRKpok0id6myfQOTaGpNI2mUwrNoJn0Ls2i2TSH3qO59D7No/m0gBZSKn1Ai2gxpdGHtIQ+onRaSstoOa2glbSKVtMaWkvraD1toI20iTbTFtpK22g77aCdtIs+pt30Ce2hvbSPPqX99BkdoM/pIH1Bh+hLyqCv6DB9TUfoGzpK3/re9B0dpxN0kr6nU/QDnaYzdJbO0Xn6kS7QT3SRPEGIoQhlqMIgjAlzhLFhzjBXeFWYO7w6zBNeE0bCa8O48Lowb3h9mC/MHxYIC4bxYaGwcKhDE9qQwjAsEhYNo+ENYbHwxrB4WCIsGZYKXVg6LBPeFJYNbw7LhbeE5cNbwwrhbWHFsFL4yH1VwtvDquEdYbXwzrB6eFdYI6wZ1gprh3eHdcJ7wrrhvWG98L6wXHh/2CB8IGwYPhg2Ch8KG4cPh03CR8Km4aNhs7B52CJsGbYKHwtbh4+HbcK2YbvwqrB9+GTYIXwqTAifDjuGz/zcf//irP4nftefGPYJ+4YvhS+F3t8rF0QXRlOjH0QXRRdH06IfRpdEP4qmR5dGl0WXR1dEV0ZXRVdH10TXRtdF10c3RDdGN0U3R72vnQMcOuGkUy5wMS6Hi3U5XS53lcvtrnZ53DUu4q51ce46l9dd7/K5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd4Mr5m50xV0JV9KVcs6VdmVcS9fKtXKt3eOujWvr2rkn3BPuSfeke8o95Z52Hd0zrpP7m+vsnnVd3HPuOfe86+a6ux7uBdfTTczzy2sy0fV1fV0/188NcAPcIDfIDXaD3RA3xCW5JDfMDXPD3XA3wo1wI91IN9qNdmPcGDfWjXXj3XiX7JLdJDfJTXaT3RQ3xU1z01yKS3Ez3Uw3y81yVWf/spV5bp5b4Ba4VJfqFrnMc8Y0t8Qtceku3S1zy9wKt8KtcqvcGrfGrXPr3Aa3wW1ym9wWt8Vtc9vcDrfD7XK73G632+3x1/wyqNvvDrgD7qA76A65L12G+8oddl+7I+4bd9R9646579xxd8KddN+7U+4Hd9qdcWfdOXfe/eguuJ/cReddcmRiZFLk7cjkyDuRKZGpkWmR6ZGUyIzIzMi7kVmR2ZE5kfcicyPvR+ZF5kcWRBZGUiMfRBZFFkfSIh9GlkQ+iqRHlkaWRZZHVkRWRrwvtC30RXxRH/U3+GL+Rl/cl/AlfSnvfGlfxt/ky/qbfTl/iy/vb/UV/G2+oq/kK/tHfTPf3LfwLX0r/5hv7R/3bXxb384/4dv7J30H/5RP8E/7jv4Z38n/zXf2z/ou/jnf1T/vu/nuvod/wff0L/pevrdP9H18X/+S7+f7+wF+oB/kX/aD/St+iH/VJ/mhfph/zQ/3r/sR/g0/0o/yo2Pe9GOyLpFhgk/2E/0k/7af7N/xU/xUP81P9yl+hp/p3/Wz/Gw/x7/n5/r3/Tw/3y/wC32q/8Av8ot9mv/QL/Ef+XS/NOumsV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mt/sdfqff5T/2u/0nfo/f6/f5T/1+/5k/4D/3B/0X/pD/0mf4r/xh/7U/4r/xR/23/pj/zh/3J/xJ/70/5X/wp/0Zf9af8+f9j/6C/8lf5L9ZY4wxxhj7l0y83BS/7fnldn6fP8gRv1q5LwBcvb1gxq/7M88oN+T7pd1fxLePAMDTvbs+lLXUqJGYmHhp3XQJQdH5AFmfBGX6+asHl+Kl0A6ehARoC2X/cP79Rffz9E/Gj94KkOtXObFwOb48/ucAmPgH4z/2xOhFFcKzcf+P8ecDFC96OScnXI6XQruf76+0hXL/YP75W/+T+ef8Ihmgza9ycsPl+PL8y8Dj8Awk/GZNxhhjjDHGGGPsF/1F5c5Z159Z3/j8o+vzeHU5Jwdcjv/Z9TljjDHGGGOMMcauvGe793jqsYSEtp3//Ua1/1LWv9xoCv9dI3PjDxveA2Q9ogDgPxwQILMh/8q92PqXbCvp0kvn77tWnPMB/M8o5Z/RuMIHJsYYY4wxxtif7vJJ/28fV1dqQowxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWDb0V/w7sSu9j4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxtiV9n8CAAD//7wUAB0=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
eventfd2(0x0, 0x0)
unshare(0x62040200)
bpf$MAP_CREATE(0x0, &(0x7f0000004440)=ANY=[@ANYBLOB="0800000004000000040000000700020000000000", @ANYRES32, @ANYRES32=0x0, @ANYBLOB="020000"], 0x50)
socket$inet6_udp(0xa, 0x2, 0x0)
syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000180)={{0x12, 0x1, 0x201, 0x0, 0x0, 0x0, 0x10, 0x525, 0xa4a8, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x1, 0x7f, 0x80, 0xa, [{{0x9, 0x4, 0x0, 0xa, 0x2, 0x7, 0x1, 0x3, 0x8, "", {{{0x9, 0x5, 0x1, 0x2, 0x20, 0x2, 0x4, 0x7}}}}}]}}]}}, &(0x7f0000000500)={0x0, 0x0, 0x0, 0x0})
bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x0, 0xd, &(0x7f0000000340)=@raw=[@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x6}}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
syz_open_dev$usbfs(&(0x7f00000000c0), 0x1ff, 0x1501)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)

1.308768983s ago: executing program 0 (id=2037):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000000)={&(0x7f0000000040)={0x2, 0x4001, @dev={0xac, 0x14, 0x14, 0xff}}, 0x10, 0x0}, 0x30004084)
r3 = syz_open_dev$dri(&(0x7f0000000040), 0xd21, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r3, 0xc04064a0, &(0x7f0000000000)={0x0, &(0x7f00000001c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r3, 0xc06864a1, &(0x7f0000000240)={0x0, 0x0, r4, <r5=>0x0})
ioctl$DRM_IOCTL_MODE_GETFB2(r3, 0xc06864ce, &(0x7f0000000300)={r5, 0x0, 0x9, 0x0, 0x0, [<r6=>0x0], [0x9, 0xfffffffd, 0x0, 0x8], [0x3, 0x0, 0x100, 0xd], [0x1000000000000, 0x0, 0xfffffffffffffffd]})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r3, 0xc00c642d, &(0x7f0000000080)={r6, 0x0, <r7=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1000004, 0x13, r7, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r9 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)

0s ago: executing program 0 (id=2038):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0, r0}, 0x18)
sched_setaffinity(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x2a5e000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000002c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_RESET_LINK_STATS(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)={0x30, r4, 0x135, 0x70bd2a, 0x25dfdbfc, {{}, {}, {0x14, 0x14, 'broadcast-link\x00'}}}, 0x30}, 0x1, 0x0, 0x0, 0x44040}, 0x40040)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="4c0000001800010d00000000000000850a000000000000100500000014000500200100000000000000000100000000001c00090008"], 0x4c}}, 0x0)

kernel console output (not intermixed with test programs):

7436][ T8626] loop7: detected capacity change from 0 to 512
[  566.366424][ T8609] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  566.382964][ T8626] EXT4-fs (loop7): feature flags set on rev 0 fs, running e2fsck is recommended
[  566.407790][ T8626] EXT4-fs (loop7): orphan cleanup on readonly fs
[  566.440286][ T8626] EXT4-fs error (device loop7): ext4_quota_enable:6982: comm syz.7.944: Bad quota inum: 64, type: 0
[  566.477981][ T8626] EXT4-fs (loop7): Remounting filesystem read-only
[  566.497345][ T8626] EXT4-fs warning (device loop7): ext4_enable_quotas:7030: Failed to enable quota tracking (type=0, err=-117, ino=64). Please run e2fsck to fix.
[  567.015352][ T8626] EXT4-fs (loop7): Cannot turn on quotas: error -117
[  567.244584][ T8626] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  568.523062][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  568.712131][ T8644] loop7: detected capacity change from 0 to 256
[  568.739794][ T8644] FAT-fs (loop7): Unrecognized mount option "nnonume=winnt" or missing value
[  571.283485][ T8659] loop7: detected capacity change from 0 to 128
[  574.581094][ T8673] netlink: 12 bytes leftover after parsing attributes in process `syz.7.957'.
[  575.657605][ T8677] loop7: detected capacity change from 0 to 2048
[  575.697756][ T8677] ext4: Unknown parameter 'fsuuid'
[  575.747306][ T8677] loop7: detected capacity change from 0 to 128
[  577.904502][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  580.697427][ T8712] loop4: detected capacity change from 0 to 256
[  580.733360][ T8712] exfat: Bad value for 'fmask'
[  582.451877][ T7189] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  583.335411][ T8733] loop7: detected capacity change from 0 to 1024
[  583.570834][ T8733] EXT4-fs (loop7): barriers disabled
[  583.584810][ T8733] JBD2: no valid journal superblock found
[  583.590771][ T8733] EXT4-fs (loop7): error loading journal
[  584.567650][ T4256] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  584.578660][ T4256] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  584.587316][ T4256] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  584.595753][ T4256] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  584.609302][ T4256] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  584.619975][ T4256] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  586.465710][    T9] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.692107][ T4266] Bluetooth: hci5: command 0x0409 tx timeout
[  586.758045][    T9] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  586.879213][    T9] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  587.081545][    T9] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  587.125134][ T8739] chnl_net:caif_netlink_parms(): no params data found
[  588.563117][ T8739] bridge0: port 1(bridge_slave_0) entered blocking state
[  588.593267][ T8739] bridge0: port 1(bridge_slave_0) entered disabled state
[  588.601596][ T8739] device bridge_slave_0 entered promiscuous mode
[  588.654241][ T8739] bridge0: port 2(bridge_slave_1) entered blocking state
[  588.661387][ T8739] bridge0: port 2(bridge_slave_1) entered disabled state
[  588.700619][ T8739] device bridge_slave_1 entered promiscuous mode
[  588.821962][ T4266] Bluetooth: hci5: command 0x041b tx timeout
[  589.455294][ T8739] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  590.834055][ T8739] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  590.943586][ T4256] Bluetooth: hci5: command 0x040f tx timeout
[  591.888969][ T8739] team0: Port device team_slave_0 added
[  591.965935][ T8739] team0: Port device team_slave_1 added
[  592.224767][ T8739] batman_adv: batadv0: Adding interface: batadv_slave_0
[  592.239327][ T8739] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  592.456064][ T8739] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  592.494776][ T8804] loop7: detected capacity change from 0 to 256
[  592.512255][ T8804] FAT-fs (loop7): Unrecognized mount option "nnonume=winnt" or missing value
[  593.022327][ T4256] Bluetooth: hci5: command 0x0419 tx timeout
[  593.398875][ T8811] loop4: detected capacity change from 0 to 512
[  593.847446][ T8811] EXT4-fs error (device loop4): ext4_orphan_get:1400: inode #15: comm syz.4.994: casefold flag without casefold feature
[  593.895411][ T8811] EXT4-fs error (device loop4): ext4_orphan_get:1405: comm syz.4.994: couldn't read orphan inode 15 (err -117)
[  593.915675][ T8739] batman_adv: batadv0: Adding interface: batadv_slave_1
[  593.933179][ T8739] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  593.990871][ T8811] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  594.161010][ T8739] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  595.213424][   T27] audit: type=1326 audit(1739577669.083:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  595.540947][   T27] audit: type=1326 audit(1739577669.143:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  595.791036][   T27] audit: type=1326 audit(1739577669.353:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  596.342750][   T27] audit: type=1326 audit(1739577669.353:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  596.522107][   T27] audit: type=1326 audit(1739577669.403:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  596.566209][   T27] audit: type=1326 audit(1739577669.403:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  597.772969][ T8739] device hsr_slave_0 entered promiscuous mode
[  597.841994][ T8739] device hsr_slave_1 entered promiscuous mode
[  597.858026][   T27] audit: type=1326 audit(1739577669.413:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  597.886820][   T27] audit: type=1326 audit(1739577669.703:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=199 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  597.909855][   T27] audit: type=1326 audit(1739577669.733:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8829 comm="syz.7.996" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f488558cde9 code=0x7ffc0000
[  597.932482][ T8739] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  597.940121][ T8739] Cannot create hsr debugfs directory
[  597.955656][ T8840] loop7: detected capacity change from 0 to 256
[  597.977129][ T8840] exfat: Bad value for 'fmask'
[  598.152535][ T7189] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  598.173232][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  599.208577][ T8850] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1001'.
[  599.267641][ T8850] device bridge_slave_1 left promiscuous mode
[  599.278601][ T8850] bridge0: port 2(bridge_slave_1) entered disabled state
[  599.613082][ T8850] device bridge_slave_0 left promiscuous mode
[  599.773045][ T8850] bridge0: port 1(bridge_slave_0) entered disabled state
[  600.101905][  T952] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  600.382123][ T8861] ptrace attach of "./syz-executor exec"[8862] was attempted by "./syz-executor exec"[8861]
[  600.395990][  T952] usb 8-1: Using ep0 maxpacket: 16
[  600.425275][  T952] usb 8-1: unable to get BOS descriptor or descriptor too short
[  600.442130][  T952] usb 8-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[  600.478056][  T952] usb 8-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  600.551223][  T952] usb 8-1: config 1 interface 0 has no altsetting 0
[  600.753664][  T952] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  600.772116][  T952] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.780343][  T952] usb 8-1: Product: syz
[  600.792061][  T952] usb 8-1: Manufacturer: syz
[  600.796719][  T952] usb 8-1: SerialNumber: syz
[  602.114849][ T8880] xt_bpf: check failed: parse error
[  603.030036][ T8739] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  603.095620][ T8739] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  603.593687][ T8739] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  603.615136][ T8739] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  603.925482][    T9] device hsr_slave_0 left promiscuous mode
[  603.938778][    T9] device hsr_slave_1 left promiscuous mode
[  603.950272][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  603.960170][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  603.969109][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  603.977392][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  604.015841][    T9] device veth1_macvtap left promiscuous mode
[  604.028673][    T9] device veth0_macvtap left promiscuous mode
[  604.653504][ T8907] usb usb9: usbfs: process 8907 (syz.0.1012) did not claim interface 0 before use
[  604.844430][    T9] team0 (unregistering): Port device team_slave_1 removed
[  604.904234][    T9] team0 (unregistering): Port device team_slave_0 removed
[  604.951401][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  605.009423][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  606.062930][  T952] usb 8-1: can't set config #1, error -110
[  606.356869][    T9] bond0 (unregistering): Released all slaves
[  606.423679][ T8911] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1013'.
[  606.575144][ T8739] 8021q: adding VLAN 0 to HW filter on device bond0
[  606.654438][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  606.680039][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  606.710869][ T8739] 8021q: adding VLAN 0 to HW filter on device team0
[  606.769830][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  606.798784][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  606.831521][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[  606.838814][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[  606.882541][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  606.903032][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  606.934026][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  606.966514][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  606.973719][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  607.042272][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  607.094789][  T952] usb 8-1: USB disconnect, device number 2
[  607.139819][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  607.183192][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  607.220722][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  607.252895][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  607.274430][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  607.323182][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  607.352566][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  607.413449][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  607.543671][ T8739] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  607.590643][ T8739] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  607.703595][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  608.039700][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  609.439072][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  609.448385][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  609.472389][ T8960] device pim6reg1 entered promiscuous mode
[  609.490699][ T8739] 8021q: adding VLAN 0 to HW filter on device batadv0
[  610.198487][ T8977] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1023'.
[  611.901297][ T5637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  611.933904][ T5637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  612.077666][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  612.097522][ T4478] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  612.146084][ T8739] device veth0_vlan entered promiscuous mode
[  612.180131][ T8739] device veth1_vlan entered promiscuous mode
[  612.338232][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  612.365803][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  612.464948][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  612.696485][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  613.235909][ T8739] device veth0_macvtap entered promiscuous mode
[  613.757509][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  613.782919][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  613.854723][ T8739] device veth1_macvtap entered promiscuous mode
[  613.898418][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  613.952870][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  614.071159][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  614.131852][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.172527][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  614.379624][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.391038][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  614.401612][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.411693][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  614.430707][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.453706][ T8739] batman_adv: batadv0: Interface activated: batadv_slave_0
[  614.470174][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  614.492944][ T6784] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  614.536800][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  614.564679][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.610143][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  614.624287][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.640345][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  614.651495][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.689481][ T8739] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  614.721920][ T8739] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  614.760527][ T8739] batman_adv: batadv0: Interface activated: batadv_slave_1
[  614.789134][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  614.847028][ T4948] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  614.888219][ T8739] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  614.917925][ T8739] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  614.975507][ T8739] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  615.070096][ T8739] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  616.005531][ T9036] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1034'.
[  616.025511][ T9038] loop4: detected capacity change from 0 to 256
[  616.148416][ T9038] FAT-fs (loop4): bogus sectors per cluster 255
[  616.169160][ T4376] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  616.212499][ T9038] FAT-fs (loop4): Can't find a valid FAT filesystem
[  616.228694][ T4376] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  616.249114][ T8150] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  616.281141][ T8150] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  616.302187][ T4553] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  616.325208][ T9038] loop4: detected capacity change from 0 to 128
[  616.348914][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  616.423343][ T9038] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  616.455622][ T9038] ext4 filesystem being mounted at /201/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  617.002131][ T3582] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  617.253355][ T3582] usb 5-1: config 1 has an invalid descriptor of length 223, skipping remainder of the config
[  617.388754][ T3582] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  617.712171][ T3582] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  617.742246][ T3582] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  617.750302][ T3582] usb 5-1: SerialNumber: syz
[  617.997415][ T9057] loop8: detected capacity change from 0 to 512
[  618.043300][ T9057] ext4: Unknown parameter 'smackfsfloor'
[  618.090449][ T3582] usb 5-1: 0:2 : does not exist
[  618.119008][ T4623] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  618.317966][ T9065] loop7: detected capacity change from 0 to 512
[  618.356757][ T3582] usb 5-1: USB disconnect, device number 7
[  618.560548][ T9065] EXT4-fs (loop7): filesystem is read-only
[  618.892207][ T9065] EXT4-fs (loop7): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  618.986661][ T9065] EXT4-fs (loop7): filesystem is read-only
[  619.031796][ T9065] EXT4-fs (loop7): orphan cleanup on readonly fs
[  619.133624][ T9065] EXT4-fs error (device loop7): ext4_validate_block_bitmap:438: comm syz.7.1041: bg 0: block 64: padding at end of block bitmap is not set
[  619.218052][ T9065] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6170: Corrupt filesystem
[  619.325546][ T9065] EXT4-fs (loop7): 1 orphan inode deleted
[  619.331559][ T9065] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  619.398203][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  619.514601][   T27] audit: type=1326 audit(1739577693.393:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9062 comm="syz.7.1041" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f488558cde9 code=0x0
[  622.512034][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  624.299538][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  624.307961][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  626.150797][ T9155] syz.1.1057[9155] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  626.150914][ T9155] syz.1.1057[9155] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  626.726167][ T9162] 9pnet_fd: Insufficient options for proto=fd
[  629.805311][ T9200] kvm [9197]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  630.724083][ T9183] loop7: detected capacity change from 0 to 40427
[  630.771517][ T9183] F2FS-fs (loop7): Invalid Fs Meta Ino: node(1) meta(2) root(0)
[  630.798496][ T9183] F2FS-fs (loop7): Can't find valid F2FS filesystem in 1th superblock
[  630.836935][ T9217] loop8: detected capacity change from 0 to 128
[  630.866080][ T9183] F2FS-fs (loop7): invalid crc value
[  630.906572][ T9183] F2FS-fs (loop7): Failed to start F2FS issue_checkpoint_thread (-12)
[  631.995523][ T9222] loop4: detected capacity change from 0 to 512
[  632.095063][ T9222] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  632.134787][ T9222] ext4 filesystem being mounted at /208/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  632.164612][ T9227] loop8: detected capacity change from 0 to 256
[  632.201478][ T9227] FAT-fs (loop8): bogus sectors per cluster 223
[  632.217878][ T9227] FAT-fs (loop8): Can't find a valid FAT filesystem
[  632.521251][ T9231] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  632.570927][ T9233] syz.7.1069[9233] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.571038][ T9233] syz.7.1069[9233] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  632.955583][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  638.588303][ T9269] loop7: detected capacity change from 0 to 256
[  638.605540][ T9269] exfat: Unknown parameter 'nameª}t'
[  639.813727][ T9284] syz.1.1081[9284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  639.813837][ T9284] syz.1.1081[9284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  640.318593][ T9305] loop4: detected capacity change from 0 to 512
[  640.477925][ T9300] ipt_CLUSTERIP: Please specify destination IP
[  640.609663][ T9313] loop7: detected capacity change from 0 to 512
[  640.910191][ T9305] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  640.970938][ T9313] EXT4-fs error (device loop7): ext4_do_update_inode:5224: inode #3: comm syz.7.1084: corrupted inode contents
[  640.986131][ T9313] EXT4-fs error (device loop7): ext4_dirty_inode:6089: inode #3: comm syz.7.1084: mark_inode_dirty error
[  641.014255][ T9313] EXT4-fs error (device loop7): ext4_do_update_inode:5224: inode #3: comm syz.7.1084: corrupted inode contents
[  641.028882][ T9313] EXT4-fs error (device loop7): __ext4_ext_dirty:202: inode #3: comm syz.7.1084: mark_inode_dirty error
[  641.059390][ T9313] Quota error (device loop7): write_blk: dquota write failed
[  641.067440][ T9313] Quota error (device loop7): qtree_write_dquot: Error -117 occurred while creating quota
[  641.077848][ T9313] EXT4-fs error (device loop7): ext4_acquire_dquot:6795: comm syz.7.1084: Failed to acquire dquot type 0
[  641.127632][ T9313] EXT4-fs (loop7): 1 orphan inode deleted
[  641.133527][ T9313] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  641.143721][ T9313] ext4 filesystem being mounted at /134/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  641.181963][ T9305] ext4 filesystem being mounted at /212/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  641.211990][ T4447] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  641.468770][ T9318] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  641.484862][ T4447] EXT4-fs error (device loop7): ext4_release_dquot:6818: comm kworker/u4:12: Failed to release dquot type 1
[  641.553528][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  641.722858][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  642.715117][ T9335] loop4: detected capacity change from 0 to 256
[  642.769040][ T9335] exfat: Deprecated parameter 'utf8'
[  642.808672][ T9335] exfat: Deprecated parameter 'namecase'
[  642.879549][ T9335] exfat: Bad value for 'namecase'
[  643.018955][ T9335] netlink: 80 bytes leftover after parsing attributes in process `syz.4.1090'.
[  643.039680][ T9335] loop4: detected capacity change from 0 to 256
[  643.047659][ T9335] FAT-fs (loop4): Unrecognized mount option "uoi_xlate=0" or missing value
[  643.096369][ T7189] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  643.319007][ T9335] loop4: detected capacity change from 0 to 256
[  643.325890][ T9335] exfat: Deprecated parameter 'namecase'
[  643.344529][ T9335] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36dfe6b4, utbl_chksum : 0xe619d30d)
[  644.172741][ T9344] syz.8.1093[9344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  644.172853][ T9344] syz.8.1093[9344] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  644.389745][ T9350] kvm [9346]: vcpu0, guest rIP: 0x1be disabled perfctr wrmsr: 0xc2 data 0x4000
[  646.224672][ T9371] loop4: detected capacity change from 0 to 512
[  646.233100][ T9371] EXT4-fs: Ignoring removed oldalloc option
[  646.277592][ T9371] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  646.407092][ T9371] EXT4-fs (loop4): orphan cleanup on readonly fs
[  646.423099][ T9371] Quota error (device loop4): do_check_range: Getting block 196613 out of range 1-5
[  646.433566][ T9371] Quota error (device loop4): qtree_read_dquot: Can't read quota structure for id 0
[  646.443298][ T9371] EXT4-fs error (device loop4): ext4_acquire_dquot:6795: comm syz.4.1101: Failed to acquire dquot type 1
[  646.677060][ T9371] EXT4-fs (loop4): 1 truncate cleaned up
[  646.869613][ T9371] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  648.952966][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  650.130227][ T9404] binfmt_misc: register: failed to install interpreter file ./file0
[  650.592395][ T9408] syz.1.1107[9408] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  650.592504][ T9408] syz.1.1107[9408] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  656.328910][ T9475] loop4: detected capacity change from 0 to 512
[  656.832428][ T9487] loop7: detected capacity change from 0 to 256
[  656.846227][ T9487] FAT-fs (loop7): Unrecognized mount option "uid=" or missing value
[  657.068316][ T9475] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  657.744677][ T9475] ext4 filesystem being mounted at /222/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  658.133067][ T9491] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  658.877617][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  658.962706][ T9500] syz.8.1125[9500] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  658.962812][ T9500] syz.8.1125[9500] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  660.120422][ T9521] loop8: detected capacity change from 0 to 512
[  660.749730][ T9521] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  661.093076][ T9521] ext4 filesystem being mounted at /14/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  661.854804][ T9521] EXT4-fs (loop8): unmounting filesystem.
[  662.637515][ T9553] loop8: detected capacity change from 0 to 256
[  662.669372][ T9553] exfat: Bad value for 'fmask'
[  663.153186][ T9560] loop7: detected capacity change from 0 to 1024
[  663.189054][ T9560] EXT4-fs (loop7): barriers disabled
[  663.198428][ T9560] JBD2: no valid journal superblock found
[  663.204388][ T9560] EXT4-fs (loop7): error loading journal
[  664.709074][ T9570] syz.7.1140[9570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  664.709195][ T9570] syz.7.1140[9570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  664.893879][ T4296] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  665.131977][ T4296] usb 9-1: Using ep0 maxpacket: 16
[  665.140182][ T4296] usb 9-1: unable to get BOS descriptor or descriptor too short
[  665.169477][ T4296] usb 9-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[  665.203733][ T4296] usb 9-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  665.253991][ T4296] usb 9-1: config 1 interface 0 has no altsetting 0
[  665.325909][ T4296] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  665.358101][ T4296] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  665.389143][ T4296] usb 9-1: Product: syz
[  665.407810][ T4296] usb 9-1: Manufacturer: syz
[  665.429295][ T4296] usb 9-1: SerialNumber: syz
[  665.460693][ T9573] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  666.166223][   T27] audit: type=1326 audit(1739577740.043:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cff8cde9 code=0x7ffc0000
[  666.892527][   T27] audit: type=1326 audit(1739577740.253:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23cff8cde9 code=0x7ffc0000
[  667.005940][   T27] audit: type=1326 audit(1739577740.483:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cff8cde9 code=0x7ffc0000
[  667.029276][   T27] audit: type=1326 audit(1739577740.573:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f23cff8cde9 code=0x7ffc0000
[  667.051986][   T27] audit: type=1326 audit(1739577740.723:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23cff8cde9 code=0x7ffc0000
[  667.075057][   T27] audit: type=1326 audit(1739577740.723:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23cff8b750 code=0x7ffc0000
[  667.111856][   T27] audit: type=1326 audit(1739577740.723:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f23cff8e617 code=0x7ffc0000
[  667.215921][   T27] audit: type=1326 audit(1739577740.723:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f23cff8cde9 code=0x7ffc0000
[  667.305990][   T27] audit: type=1326 audit(1739577740.723:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f23cff8e617 code=0x7ffc0000
[  667.430846][   T27] audit: type=1326 audit(1739577740.723:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9599 comm="syz.4.1146" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f23cff8ba4a code=0x7ffc0000
[  669.398363][ T4296] usb 9-1: can't set config #1, error -71
[  669.420959][ T4296] usb 9-1: USB disconnect, device number 2
[  669.681182][ T9635] syz.7.1154[9635] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  669.681287][ T9635] syz.7.1154[9635] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  671.949759][ T9658] loop7: detected capacity change from 0 to 256
[  673.175885][ T9658] FAT-fs (loop7): Directory bread(block 64) failed
[  673.182735][ T9658] FAT-fs (loop7): Directory bread(block 65) failed
[  673.189369][ T9658] FAT-fs (loop7): Directory bread(block 66) failed
[  673.196002][ T9658] FAT-fs (loop7): Directory bread(block 67) failed
[  673.203204][ T9658] FAT-fs (loop7): Directory bread(block 68) failed
[  673.209868][ T9658] FAT-fs (loop7): Directory bread(block 69) failed
[  673.216976][ T9658] FAT-fs (loop7): Directory bread(block 70) failed
[  673.223653][ T9658] FAT-fs (loop7): Directory bread(block 71) failed
[  673.230750][ T9658] FAT-fs (loop7): Directory bread(block 72) failed
[  673.237557][ T9658] FAT-fs (loop7): Directory bread(block 73) failed
[  675.625404][ T9669] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1161'.
[  675.781918][ T9673] loop7: detected capacity change from 0 to 256
[  675.791987][ T9673] FAT-fs (loop7): bogus sectors per cluster 255
[  675.798283][ T9673] FAT-fs (loop7): Can't find a valid FAT filesystem
[  677.637934][ T9673] loop7: detected capacity change from 0 to 128
[  677.808837][ T9690] loop8: detected capacity change from 0 to 256
[  677.911171][ T9692] syz.0.1167[9692] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  677.911282][ T9692] syz.0.1167[9692] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  677.929888][ T9690] exfat: Bad value for 'fmask'
[  678.043267][ T9673] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  678.097828][ T9673] ext4 filesystem being mounted at /155/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  678.147332][ T9688] loop4: detected capacity change from 0 to 40427
[  678.158072][ T9688] F2FS-fs (loop4): Insane cp_payload (553648128 >= 504)
[  678.165363][ T9688] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  678.178401][ T9688] F2FS-fs (loop4): build fault injection attr: rate: 17008, type: 0x3ffff
[  678.187714][ T9688] F2FS-fs (loop4): build fault injection attr: rate: 0, type: 0x1f8
[  678.196904][ T4623] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  678.199058][ T9688] F2FS-fs (loop4): invalid crc value
[  678.311831][ T9688] F2FS-fs (loop4): Found nat_bits in checkpoint
[  678.368769][ T9688] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  678.376208][ T9688] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  678.522467][  T952] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  678.797589][ T4296] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  678.861086][  T952] usb 8-1: config 1 has an invalid descriptor of length 223, skipping remainder of the config
[  678.947303][  T952] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  679.153533][  T952] usb 8-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  679.162833][  T952] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  679.171001][  T952] usb 8-1: SerialNumber: syz
[  679.176021][ T4296] usb 2-1: Using ep0 maxpacket: 32
[  679.231181][ T4296] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  680.073617][ T4257] syz-executor: attempt to access beyond end of device
[  680.073617][ T4257] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  680.148550][  T952] usb 8-1: can't set config #1, error -71
[  680.154638][ T4296] usb 2-1: config 0 has no interface number 0
[  680.161188][ T4296] usb 2-1: config 0 interface 184 has no altsetting 0
[  680.173461][ T4296] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  680.186776][  T952] usb 8-1: USB disconnect, device number 3
[  680.196230][ T4296] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  680.243038][ T4296] usb 2-1: Product: syz
[  680.247269][ T4296] usb 2-1: Manufacturer: syz
[  680.270700][ T4296] usb 2-1: SerialNumber: syz
[  680.293941][ T4296] usb 2-1: config 0 descriptor??
[  680.311045][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  680.348182][ T4296] smsc75xx v1.0.0
[  680.361933][  T127] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  680.584660][  T127] usb 9-1: Using ep0 maxpacket: 16
[  680.598514][  T127] usb 9-1: unable to get BOS descriptor or descriptor too short
[  680.647812][  T127] usb 9-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[  680.709912][  T127] usb 9-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  680.763621][ T4296] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  680.796209][ T4296] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  680.818902][  T127] usb 9-1: config 1 interface 0 has no altsetting 0
[  680.821766][ T4296] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_bind
[  680.932121][ T4296] smsc75xx: probe of 2-1:0.184 failed with error -71
[  681.497322][ T4296] usb 2-1: USB disconnect, device number 7
[  683.119191][ T9750] loop4: detected capacity change from 0 to 512
[  683.183867][ T9750] ext4: Unknown parameter 'smackfsfloor'
[  683.244967][ T7189] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  683.595714][ T9764] overlayfs: missing 'lowerdir'
[  685.396641][ T9780] syz.1.1179[9780] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  685.396752][ T9780] syz.1.1179[9780] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  685.742116][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  685.760961][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  685.968079][  T127] usb 9-1: string descriptor 0 read error: -71
[  685.987587][  T127] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  686.026180][  T127] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  686.052252][ T9788] loop7: detected capacity change from 0 to 256
[  686.096248][  T127] usb 9-1: can't set config #1, error -71
[  686.144028][  T127] usb 9-1: USB disconnect, device number 3
[  686.169327][ T9788] FAT-fs (loop7): bogus sectors per cluster 255
[  686.215264][ T9788] FAT-fs (loop7): Can't find a valid FAT filesystem
[  686.452379][ T9788] loop7: detected capacity change from 0 to 128
[  686.870425][ T9788] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  687.361563][ T9788] ext4 filesystem being mounted at /158/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  687.529885][ T9805] loop8: detected capacity change from 0 to 1024
[  687.611531][ T9805] EXT4-fs (loop8): barriers disabled
[  687.618726][ T9805] JBD2: no valid journal superblock found
[  687.624875][ T9805] EXT4-fs (loop8): error loading journal
[  688.042050][ T9795] EXT4-fs error (device loop7): ext4_validate_block_bitmap:420: comm ext4lazyinit: bg 0: bad block bitmap checksum
[  688.502710][ T4296] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  689.598456][ T9819] loop8: detected capacity change from 0 to 512
[  689.626410][ T4296] usb 8-1: device descriptor read/all, error -71
[  689.648877][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  689.650646][ T9819] EXT4-fs: Mount option(s) incompatible with ext2
[  689.687455][ T9820] overlayfs: missing 'lowerdir'
[  691.973091][ T9833] syz.4.1192[9833] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  691.973205][ T9833] syz.4.1192[9833] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  694.352139][  T952] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  695.655819][ T9882] loop7: detected capacity change from 0 to 512
[  696.443745][ T9882] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  696.651223][ T9882] EXT4-fs (loop7): orphan cleanup on readonly fs
[  696.662060][ T9882] __quota_error: 3 callbacks suppressed
[  696.662099][ T9882] Quota error (device loop7): do_check_range: Getting block 196613 out of range 1-5
[  696.677527][ T9882] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[  696.687109][ T9882] EXT4-fs error (device loop7): ext4_acquire_dquot:6795: comm syz.7.1204: Failed to acquire dquot type 1
[  696.709633][ T9882] EXT4-fs (loop7): 1 truncate cleaned up
[  700.332845][ T9882] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  700.446454][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  702.402714][ T9903] syz.1.1210[9903] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  702.402829][ T9903] syz.1.1210[9903] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  710.116545][ T4256] Bluetooth: hci5: command 0x0406 tx timeout
[  710.880168][ T9949] loop4: detected capacity change from 0 to 512
[  710.947734][ T9949] ext4: Unknown parameter 'smackfsfloor'
[  711.016968][ T7189] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  711.047572][ T9955] loop7: detected capacity change from 0 to 128
[  711.286096][ T9958] overlayfs: missing 'lowerdir'
[  714.366412][ T9971] syz.7.1225[9971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  714.366521][ T9971] syz.7.1225[9971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  720.088274][T10005] loop7: detected capacity change from 0 to 512
[  720.181369][T10005] ext4: Unknown parameter 'smackfsfloor'
[  720.477004][T10011] loop4: detected capacity change from 0 to 128
[  720.487034][T10010] overlayfs: missing 'lowerdir'
[  723.991084][T10023] syz.4.1240[10023] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  723.991201][T10023] syz.4.1240[10023] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  725.033007][T10040] device vlan0 entered promiscuous mode
[  725.092608][ T4363] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  725.281816][ T4363] usb 9-1: Using ep0 maxpacket: 8
[  725.291177][ T4363] usb 9-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  725.308598][ T4363] usb 9-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  725.331364][ T4363] usb 9-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  725.371488][ T4363] usb 9-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  725.400636][ T4363] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  725.430055][ T4363] usb 9-1: Product: syz
[  725.444166][ T4363] usb 9-1: Manufacturer: syz
[  725.448948][ T4363] usb 9-1: SerialNumber: syz
[  725.508408][ T4363] hso 9-1:6.0: Can't find BULK IN endpoint
[  725.552271][T10061] overlayfs: missing 'lowerdir'
[  725.803150][T10049] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  725.820525][T10049] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  725.898983][ T4363] usb 9-1: USB disconnect, device number 4
[  727.501348][T10078] loop4: detected capacity change from 0 to 512
[  727.574984][T10078] EXT4-fs: quotafile must be on filesystem root
[  728.947685][T10095] loop8: detected capacity change from 0 to 512
[  728.992711][T10095] ext4: Unknown parameter 'smackfsfloor'
[  729.423016][T10102] loop7: detected capacity change from 0 to 512
[  729.430051][T10102] EXT4-fs: Ignoring removed oldalloc option
[  729.601216][T10102] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  729.848242][T10102] EXT4-fs (loop7): orphan cleanup on readonly fs
[  729.860509][T10102] Quota error (device loop7): do_check_range: Getting block 196613 out of range 1-5
[  729.870393][T10102] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[  729.880003][T10102] EXT4-fs error (device loop7): ext4_acquire_dquot:6795: comm syz.7.1261: Failed to acquire dquot type 1
[  729.903877][T10102] EXT4-fs (loop7): 1 truncate cleaned up
[  729.925345][T10102] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  731.429190][T10109] loop4: detected capacity change from 0 to 8192
[  731.943140][T10118] FAT-fs (loop4): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[  731.952122][T10118] FAT-fs (loop4): Filesystem has been set read-only
[  731.959184][T10118] FAT-fs (loop4): error, fat_free: invalid cluster chain (i_pos 2068)
[  732.792876][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  735.676533][T10146] loop7: detected capacity change from 0 to 512
[  735.737637][T10146] ext4: Unknown parameter 'smackfsfloor'
[  736.186238][    T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!!
[  736.256789][T10155] input: syz0 as /devices/virtual/input/input9
[  736.263211][T10155] input: failed to attach handler leds to device input9, error: -6
[  736.442587][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  736.544412][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  736.646810][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  736.878218][T10155] ceph: No mds server is up or the cluster is laggy
[  736.903799][T10156] ax25_connect(): syz.1.1276 uses autobind, please contact jreuter@yaina.de
[  737.064706][ T4363] libceph: connect (1)[c::]:6789 error -101
[  737.092668][ T4363] libceph: mon0 (1)[c::]:6789 connect error
[  737.385676][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  738.463223][T10174] device vlan0 entered promiscuous mode
[  738.669162][T10175] syz.4.1279[10175] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  738.669272][T10175] syz.4.1279[10175] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  739.449700][T10192] loop7: detected capacity change from 0 to 512
[  739.530583][T10192] ext4: Unknown parameter 'smackfsfloor'
[  740.025665][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[  740.034728][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  740.051768][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  740.060087][    T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!!
[  740.068406][    T0] NOHZ tick-stop error: local softirq work is pending, handler #82!!!
[  741.811312][T10219] device vlan2 entered promiscuous mode
[  742.475927][ T4363] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  742.486349][ T4376] Bluetooth: hci1: Frame reassembly failed (-84)
[  743.035419][ T4363] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  743.052534][ T4363] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  743.078131][ T4363] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  743.087558][ T4363] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  744.041530][ T4363] usb 2-1: can't set config #27, error -71
[  744.052079][ T4256] Bluetooth: hci1: Entering manufacturer mode failed (-110)
[  744.056254][ T4363] usb 2-1: USB disconnect, device number 9
[  744.190683][T10241] loop7: detected capacity change from 0 to 512
[  744.445999][T10241] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  744.463114][T10241] ext4 filesystem being mounted at /187/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  745.628253][T10258] EXT4-fs: error -4 creating inode table initialization thread
[  745.636069][T10258] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[  745.764620][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  745.882472][T10261] syz.8.1301[10261] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  745.882582][T10261] syz.8.1301[10261] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  747.116407][T10275] fuse: Bad value for 'fd'
[  747.141750][ T4296] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  747.188084][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  747.194501][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  747.332275][ T4296] usb 2-1: Using ep0 maxpacket: 32
[  750.817402][T10284] netlink: 'syz.0.1313': attribute type 3 has an invalid length.
[  750.957926][ T4296] usb 2-1: device descriptor read/all, error -71
[  751.029604][T10291] loop7: detected capacity change from 0 to 256
[  751.062674][T10291] exfat: Unknown parameter 'nameª}t'
[  751.401982][T10300] loop8: detected capacity change from 0 to 512
[  751.742829][T10306] loop4: detected capacity change from 0 to 512
[  752.303042][T10300] EXT4-fs: quotafile must be on filesystem root
[  752.471355][T10306] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  752.480893][T10306] ext4 filesystem being mounted at /260/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  754.708894][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  758.096801][T10352] loop4: detected capacity change from 0 to 256
[  758.212437][T10359] loop7: detected capacity change from 0 to 128
[  758.447339][T10352] exfat: Unknown parameter 'nameª}t'
[  759.154971][T10356] IPVS: set_ctl: invalid protocol: 244 224.0.0.2:20000
[  759.352782][T10363] syz.0.1328[10363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  759.352907][T10363] syz.0.1328[10363] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  760.890383][T10374] mkiss: ax0: crc mode is auto.
[  768.270438][T10413] loop7: detected capacity change from 0 to 512
[  769.399448][T10413] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  769.418924][T10413] ext4 filesystem being mounted at /198/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  769.466798][T10420] netlink: 256 bytes leftover after parsing attributes in process `syz.1.1346'.
[  769.772080][T10424] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[  770.311161][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  770.742326][T10436] loop7: detected capacity change from 0 to 512
[  770.959063][T10436] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  770.968679][T10436] ext4 filesystem being mounted at /199/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  771.621822][ T4345] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  772.712977][T10444] syz.1.1348[10444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  772.713093][T10444] syz.1.1348[10444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  773.333768][ T4345] usb 5-1: Using ep0 maxpacket: 8
[  773.393617][ T4345] usb 5-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  773.451998][ T4345] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  773.514352][ T4345] usb 5-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  773.558510][T10449] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1353'.
[  773.611948][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  773.738261][ T4345] usb 5-1: string descriptor 0 read error: -71
[  773.749557][ T4345] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  773.781778][ T4345] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  774.157025][ T4345] usb 5-1: can't set config #6, error -71
[  774.234682][ T4345] usb 5-1: USB disconnect, device number 8
[  774.613168][T10461] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  774.641562][T10467] loop8: detected capacity change from 0 to 512
[  774.663100][T10467] EXT4-fs: quotafile must be on filesystem root
[  774.674527][T10462] 8021q: adding VLAN 0 to HW filter on device bond0
[  774.717793][T10462] bond0: (slave rose0): Enslaving as an active interface with an up link
[  774.726451][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  775.569569][T10486] loop7: detected capacity change from 0 to 256
[  775.583210][T10486] exfat: Unknown parameter 'nameª}t'
[  776.622066][  T952] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  776.900883][  T952] usb 9-1: Using ep0 maxpacket: 16
[  776.953323][  T952] usb 9-1: unable to get BOS descriptor or descriptor too short
[  777.211442][  T952] usb 9-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[  777.302752][  T952] usb 9-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  777.341492][  T952] usb 9-1: config 1 interface 0 has no altsetting 0
[  777.487130][  T952] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  777.505465][  T952] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  777.517268][  T952] usb 9-1: Product: syz
[  777.521494][  T952] usb 9-1: Manufacturer: syz
[  777.530110][  T952] usb 9-1: SerialNumber: syz
[  777.557797][T10488] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  777.858645][T10505] syz.7.1366[10505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  777.858761][T10505] syz.7.1366[10505] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  779.067114][   T22] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  779.132495][  T952] usb 9-1: USB disconnect, device number 5
[  779.322055][   T22] usb 5-1: Using ep0 maxpacket: 8
[  779.339062][   T22] usb 5-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  779.394710][   T22] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  779.453566][   T22] usb 5-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  779.477437][   T22] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  779.487693][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  779.506251][   T22] usb 5-1: Product: syz
[  779.525282][   T22] usb 5-1: Manufacturer: syz
[  779.534781][   T22] usb 5-1: SerialNumber: syz
[  779.551534][   T22] hso 5-1:6.0: Can't find BULK IN endpoint
[  779.889702][T10530] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  779.939193][T10530] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  780.044311][ T4363] usb 5-1: USB disconnect, device number 9
[  780.640762][T10538] loop8: detected capacity change from 0 to 512
[  780.687357][T10538] EXT4-fs: quotafile must be on filesystem root
[  783.032524][T10552] loop4: detected capacity change from 0 to 1024
[  783.249273][T10552] EXT4-fs (loop4): barriers disabled
[  783.261052][T10552] JBD2: no valid journal superblock found
[  783.268117][T10552] EXT4-fs (loop4): error loading journal
[  783.678537][T10563] syz.8.1379[10563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  783.678643][T10563] syz.8.1379[10563] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  784.412465][T10555] delete_channel: no stack
[  784.430060][T10555] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  789.085011][T10597] loop7: detected capacity change from 0 to 256
[  789.099128][T10597] FAT-fs (loop7): Unrecognized mount option "nnonume=winnt" or missing value
[  790.936704][T10603] loop8: detected capacity change from 0 to 512
[  791.152548][T10603] EXT4-fs: quotafile must be on filesystem root
[  791.201693][T10611] syz.4.1392[10611] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  791.202102][T10611] syz.4.1392[10611] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  792.247994][T10615] loop4: detected capacity change from 0 to 512
[  792.288934][T10595] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1388'.
[  792.370317][T10615] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  792.586419][T10615] ext4 filesystem being mounted at /275/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  796.895516][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  797.035129][T10681] syz.7.1403[10681] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  797.035241][T10681] syz.7.1403[10681] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  797.391832][   T22] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  797.741776][   T22] usb 2-1: Using ep0 maxpacket: 8
[  797.753360][   T22] usb 2-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  797.974133][   T22] usb 2-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  798.173012][   T22] usb 2-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  798.424442][   T22] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  798.502905][   T22] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  798.591618][   T22] usb 2-1: Product: syz
[  798.596523][   T22] usb 2-1: Manufacturer: syz
[  798.640301][   T22] usb 2-1: SerialNumber: syz
[  798.680891][   T22] hso 2-1:6.0: Can't find BULK IN endpoint
[  798.937213][T10710] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  799.042181][T10710] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  799.113311][ T4296] usb 2-1: USB disconnect, device number 12
[  799.397537][T10718] loop4: detected capacity change from 0 to 256
[  799.416868][T10718] FAT-fs (loop4): Unrecognized mount option "nnonume=winnt" or missing value
[  800.375068][T10726] loop7: detected capacity change from 0 to 512
[  800.470695][T10726] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  800.500156][T10726] ext4 filesystem being mounted at /218/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  801.441573][T10738] EXT4-fs (loop7): re-mounted. Quota mode: writeback.
[  801.629406][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  805.884325][ T6920] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  806.251799][ T6920] usb 8-1: Using ep0 maxpacket: 8
[  806.258703][ T6920] usb 8-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  806.637205][ T6920] usb 8-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  806.880355][T10788] loop8: detected capacity change from 0 to 512
[  806.921561][ T6920] usb 8-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  807.075814][ T6920] usb 8-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  807.122485][T10788] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  807.130100][ T6920] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  807.138781][T10788] ext4 filesystem being mounted at /61/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  807.151862][ T6920] usb 8-1: Product: syz
[  807.160504][ T6920] usb 8-1: Manufacturer: syz
[  807.165379][ T6920] usb 8-1: SerialNumber: syz
[  807.420228][T10797] syz.4.1434[10797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  807.420341][T10797] syz.4.1434[10797] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  807.442820][ T6920] hso 8-1:6.0: Can't find BULK IN endpoint
[  809.486450][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  809.492868][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  809.649282][T10801] EXT4-fs (loop8): re-mounted. Quota mode: writeback.
[  809.802329][ T4363] usb 8-1: USB disconnect, device number 6
[  809.874077][ T8739] EXT4-fs (loop8): unmounting filesystem.
[  812.222915][T10837] loop8: detected capacity change from 0 to 256
[  812.267178][T10837] FAT-fs (loop8): Unrecognized mount option "nnonume=winnt" or missing value
[  813.939471][T10824] loop7: detected capacity change from 0 to 1024
[  814.723609][T10824] EXT4-fs (loop7): barriers disabled
[  814.729216][T10824] JBD2: no valid journal superblock found
[  814.763282][T10824] EXT4-fs (loop7): error loading journal
[  815.562209][T10859] syz.0.1447[10859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  815.562325][T10859] syz.0.1447[10859] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  816.234517][T10867] loop4: detected capacity change from 0 to 512
[  816.570937][T10867] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  816.581971][T10867] ext4 filesystem being mounted at /285/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  817.720162][T10882] EXT4-fs (loop4): re-mounted. Quota mode: writeback.
[  818.315260][ T4257] EXT4-fs (loop4): unmounting filesystem.
[  818.911964][ T4300] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  819.111862][ T4300] usb 8-1: Using ep0 maxpacket: 32
[  819.137778][ T4300] usb 8-1: config 0 interface 0 has no altsetting 0
[  819.166447][ T4300] usb 8-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  819.201852][ T4300] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  819.220168][ T4300] usb 8-1: Product: syz
[  819.231915][ T4300] usb 8-1: Manufacturer: syz
[  819.236562][ T4300] usb 8-1: SerialNumber: syz
[  819.270305][ T4300] usb 8-1: config 0 descriptor??
[  819.720781][ T4300] gs_usb 8-1:0.0: Configuring for 1 interfaces
[  820.150633][ T4300] gs_usb 8-1:0.0: Couldn't get extended bit timing const for channel 0 (-EPROTO)
[  820.153800][ T4300] gs_usb: probe of 8-1:0.0 failed with error -71
[  820.201986][ T4300] usb 8-1: USB disconnect, device number 7
[  820.482325][T10930] syz.4.1460[10930] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  820.482438][T10930] syz.4.1460[10930] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  822.110853][T10939] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1463'.
[  824.370627][T10956] device vlan0 entered promiscuous mode
[  824.702636][ T4300] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  824.726204][T10968] Invalid ELF header len 8
[  825.031853][ T4300] usb 8-1: Using ep0 maxpacket: 8
[  825.038951][ T4300] usb 8-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  825.061745][ T4300] usb 8-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  825.071439][ T4300] usb 8-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  825.093989][ T4300] usb 8-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  825.717137][ T4300] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  825.851679][ T4300] usb 8-1: Product: syz
[  825.855908][ T4300] usb 8-1: Manufacturer: syz
[  825.860580][ T4300] usb 8-1: SerialNumber: syz
[  825.885488][ T4300] hso 8-1:6.0: Can't find BULK IN endpoint
[  826.910275][T10960] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  826.918984][T10960] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  827.005482][T10806] usb 8-1: USB disconnect, device number 8
[  827.727001][T10994] loop8: detected capacity change from 0 to 256
[  827.936748][T10994] FAT-fs (loop8): Directory bread(block 64) failed
[  827.943883][T10994] FAT-fs (loop8): Directory bread(block 65) failed
[  827.951381][T10994] FAT-fs (loop8): Directory bread(block 66) failed
[  827.958360][T10994] FAT-fs (loop8): Directory bread(block 67) failed
[  827.965926][T10994] FAT-fs (loop8): Directory bread(block 68) failed
[  827.973178][T10994] FAT-fs (loop8): Directory bread(block 69) failed
[  827.980564][T10994] FAT-fs (loop8): Directory bread(block 70) failed
[  827.988038][T10994] FAT-fs (loop8): Directory bread(block 71) failed
[  827.995852][T10994] FAT-fs (loop8): Directory bread(block 72) failed
[  828.002952][T10994] FAT-fs (loop8): Directory bread(block 73) failed
[  834.810077][T11053] xt_bpf: check failed: parse error
[  835.135014][ T6920] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  837.141737][ T6920] usb 9-1: Using ep0 maxpacket: 8
[  837.149074][ T6920] usb 9-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  837.269093][ T6920] usb 9-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  837.286627][ T6920] usb 9-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  837.312380][ T6920] usb 9-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  837.326087][T11067] loop4: detected capacity change from 0 to 512
[  837.331826][ T6920] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  837.343000][T11067] ext4: Unknown parameter 'smackfsfloor'
[  837.352952][ T6920] usb 9-1: Product: syz
[  837.357167][ T6920] usb 9-1: Manufacturer: syz
[  837.362453][ T6920] usb 9-1: SerialNumber: syz
[  837.379978][ T6920] hso 9-1:6.0: Can't find BULK IN endpoint
[  837.395207][T10292] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  837.684835][ T6920] usb 9-1: USB disconnect, device number 6
[  837.729121][T11073] overlayfs: missing 'lowerdir'
[  842.542377][ T4300] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  842.838489][ T4300] usb 2-1: config 1 has an invalid descriptor of length 223, skipping remainder of the config
[  843.125663][ T4300] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  843.149238][ T4300] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  843.232365][ T4300] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  843.250632][ T4300] usb 2-1: SerialNumber: syz
[  843.798112][ T4300] usb 2-1: 0:2 : does not exist
[  843.944596][ T4300] usb 2-1: unit 133 not found!
[  844.036643][ T4300] usb 2-1: unit 9 not found!
[  844.354664][ T4300] usb 2-1: USB disconnect, device number 13
[  845.582881][T10314] udevd[10314]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  848.586961][T11163] loop7: detected capacity change from 0 to 512
[  848.594005][T11163] EXT4-fs: Ignoring removed oldalloc option
[  849.974073][ T4256] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  849.983251][ T4256] Bluetooth: hci4: Injecting HCI hardware error event
[  849.994076][ T4266] Bluetooth: hci4: hardware error 0x00
[  850.182062][T11163] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  850.871709][T11163] EXT4-fs: failed to create workqueue
[  850.877191][T11163] EXT4-fs (loop7): mount failed
[  851.796954][T10314] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  853.230361][T11176] loop8: detected capacity change from 0 to 512
[  854.112740][ T4266] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  854.157478][T11176] EXT4-fs (loop8): 1 orphan inode deleted
[  854.202311][T11176] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[  854.232296][   T29] Quota error (device loop8): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  854.256307][T11176] ext4 filesystem being mounted at /85/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  854.311754][   T29] EXT4-fs error (device loop8): ext4_release_dquot:6818: comm kworker/u4:2: Failed to release dquot type 1
[  858.392585][ T8739] EXT4-fs (loop8): unmounting filesystem.
[  858.602528][T11233] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1545'.
[  861.746285][T10806] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  861.962088][T10806] usb 8-1: Using ep0 maxpacket: 8
[  861.978073][T10806] usb 8-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  862.065008][T10806] usb 8-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  862.267617][T10806] usb 8-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  862.509797][T10806] usb 8-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  862.567263][T10806] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  862.609086][T10806] usb 8-1: Product: syz
[  862.645625][T10806] usb 8-1: Manufacturer: syz
[  862.675520][T10806] usb 8-1: SerialNumber: syz
[  862.714149][T10806] hso 8-1:6.0: Can't find BULK IN endpoint
[  862.996192][T10806] usb 8-1: USB disconnect, device number 9
[  867.027016][T11296] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1559'.
[  867.034130][T11300] loop4: detected capacity change from 0 to 256
[  867.036155][T11296] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1559'.
[  867.296730][T11300] exfat: Bad value for 'fmask'
[  867.904286][T11307] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  869.800913][T11323] loop7: detected capacity change from 0 to 512
[  869.812275][ T4363] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  869.912189][T11323] EXT4-fs (loop7): 1 orphan inode deleted
[  869.926925][T11323] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  869.943876][T11323] ext4 filesystem being mounted at /253/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  870.021749][ T4363] usb 5-1: Using ep0 maxpacket: 16
[  870.058152][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  870.064674][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  870.079246][ T7245] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  870.121537][ T7245] EXT4-fs error (device loop7): ext4_release_dquot:6818: comm kworker/u4:24: Failed to release dquot type 1
[  872.515994][ T4363] usb 5-1: device descriptor read/all, error -71
[  875.108174][T11364] loop4: detected capacity change from 0 to 512
[  875.130035][T11364] EXT4-fs: quotafile must be on filesystem root
[  876.168937][T11362] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1576'.
[  876.178336][T11362] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1576'.
[  878.311942][T11380] xt_bpf: check failed: parse error
[  879.078274][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  881.863810][T11408] loop7: detected capacity change from 0 to 512
[  882.077298][T11408] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  882.086819][T11408] ext4 filesystem being mounted at /255/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  883.365876][T11419] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1591'.
[  883.432125][T11419] netlink: 20 bytes leftover after parsing attributes in process `syz.8.1591'.
[  884.124625][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  885.146139][T11432] xt_bpf: check failed: parse error
[  890.949117][T11470] loop7: detected capacity change from 0 to 512
[  890.974143][T11470] EXT4-fs: quotafile must be on filesystem root
[  891.019806][T10314] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  893.766956][T11483] xt_bpf: check failed: parse error
[  894.808288][T11487] dlm: non-version read from control device 36
[  897.128145][T11505] netlink: 'syz.1.1612': attribute type 1 has an invalid length.
[  898.137987][T11505] 8021q: adding VLAN 0 to HW filter on device bond1
[  898.310735][T11505] bond1: (slave ip6erspan0): making interface the new active one
[  898.403976][T11505] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  899.112231][   T22] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  899.234409][ T4400] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  899.601919][   T22] usb 5-1: Using ep0 maxpacket: 8
[  899.607690][T11522] syz.8.1615[11522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  899.607794][T11522] syz.8.1615[11522] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  899.608955][   T22] usb 5-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[  899.659098][   T22] usb 5-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  899.678400][   T22] usb 5-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  899.723369][   T22] usb 5-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[  899.747584][   T22] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  899.767880][   T22] usb 5-1: Product: syz
[  899.779214][   T22] usb 5-1: Manufacturer: syz
[  899.797459][   T22] usb 5-1: SerialNumber: syz
[  899.831503][   T22] hso 5-1:6.0: Can't find BULK IN endpoint
[  900.033317][   T22] usb 5-1: USB disconnect, device number 12
[  901.103464][T11534] input: syz0 as /devices/virtual/input/input13
[  901.344147][T11541] xt_bpf: check failed: parse error
[  902.327808][ T4332] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  902.461221][T11554] loop7: detected capacity change from 0 to 512
[  902.733600][ T4332] usb 2-1: config 1 has an invalid descriptor of length 223, skipping remainder of the config
[  904.022550][ T4332] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  904.080397][T11554] EXT4-fs (loop7): 1 orphan inode deleted
[  904.108075][T11554] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  904.152636][ T4332] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  904.162907][ T4332] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  904.170948][ T4332] usb 2-1: SerialNumber: syz
[  904.190368][T11554] ext4 filesystem being mounted at /265/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  904.201649][   T29] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  904.211505][   T29] EXT4-fs error (device loop7): ext4_release_dquot:6818: comm kworker/u4:2: Failed to release dquot type 1
[  905.346089][ T4332] usb 2-1: 0:2 : does not exist
[  905.365709][ T4332] usb 2-1: USB disconnect, device number 14
[  905.659031][T11572] syz.1.1629[11572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  905.659140][T11572] syz.1.1629[11572] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  906.420177][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  906.453240][T10314] udevd[10314]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  907.082301][T11566] loop8: detected capacity change from 0 to 40427
[  909.041944][T10314] I/O error, dev loop8, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  909.056021][T11595] xt_bpf: check failed: parse error
[  911.051234][T11612] loop7: detected capacity change from 0 to 256
[  911.059798][T11612] FAT-fs (loop7): bogus sectors per cluster 255
[  911.093561][T11615] syz.8.1641[11615] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  911.093769][T11615] syz.8.1641[11615] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  911.222769][T11612] FAT-fs (loop7): Can't find a valid FAT filesystem
[  912.396467][T11612] loop7: detected capacity change from 0 to 128
[  912.501966][T11612] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: none.
[  912.594923][T11612] ext4 filesystem being mounted at /268/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  913.941057][T10806] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  914.125330][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  914.185350][T11635] loop8: detected capacity change from 0 to 512
[  914.256633][T11635] EXT4-fs: quotafile must be on filesystem root
[  914.646851][T11646] xt_bpf: check failed: parse error
[  914.690543][T11644] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1650'.
[  916.471839][T11663] syz.4.1653[11663] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  916.471954][T11663] syz.4.1653[11663] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  916.849020][ T4266] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  916.879360][ T4266] Bluetooth: hci2: Injecting HCI hardware error event
[  917.002109][ T4256] Bluetooth: hci2: hardware error 0x00
[  917.114733][T11668] loop4: detected capacity change from 0 to 512
[  917.122365][T11668] ext4: Unknown parameter 'smackfsfloor'
[  917.354568][T10314] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  919.402442][ T4256] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  919.709023][T11692] loop4: detected capacity change from 0 to 256
[  920.858987][T11692] FAT-fs (loop4): bogus sectors per cluster 255
[  920.884001][T11692] FAT-fs (loop4): Can't find a valid FAT filesystem
[  921.254207][T11704] syz.8.1665[11704] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  921.254314][T11704] syz.8.1665[11704] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  921.799874][   T22] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  922.477540][   T22] usb 5-1: config 1 has an invalid descriptor of length 223, skipping remainder of the config
[  922.498479][   T22] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  922.531736][ T4256] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  922.542588][ T4256] Bluetooth: hci3: Injecting HCI hardware error event
[  922.550929][ T4256] Bluetooth: hci3: hardware error 0x00
[  922.571150][   T22] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  922.590761][   T22] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  922.606208][   T22] usb 5-1: SerialNumber: syz
[  922.637823][T11715] loop7: detected capacity change from 0 to 512
[  922.656491][T11715] ext4: Unknown parameter 'smackfsfloor'
[  922.735434][T10292] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  922.736772][   T22] usb 5-1: 0:2 : does not exist
[  923.818311][   T22] usb 5-1: USB disconnect, device number 13
[  924.249426][T11734] syz.7.1672 sent an empty control message without MSG_MORE.
[  924.382836][T11733] tipc: Started in network mode
[  924.387947][T11733] tipc: Node identity , cluster identity 4711
[  924.394222][T11733] tipc: Failed to obtain node identity
[  924.400188][T11733] tipc: Enabling of bearer <eth:ip6gre0> rejected, failed to enable media
[  924.611902][ T4265] Bluetooth: hci0: command 0x0401 tx timeout
[  924.891313][ T4256] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  925.287080][T10314] udevd[10314]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  925.861907][T11740] sctp: failed to load transform for md5: -2
[  926.365142][T11759] syz.7.1677[11759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  926.365331][T11759] syz.7.1677[11759] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  928.341557][T11770] loop4: detected capacity change from 0 to 512
[  928.420438][T11773] loop8: detected capacity change from 0 to 512
[  928.447247][T11773] EXT4-fs: quotafile must be on filesystem root
[  928.456578][T11770] ext4: Unknown parameter 'smackfsfloor'
[  928.737470][T10314] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  928.747873][T10292] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  931.499872][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  931.615607][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  934.312115][T11815] syz.7.1695[11815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  934.312227][T11815] syz.7.1695[11815] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  935.680443][T11826] loop7: detected capacity change from 0 to 512
[  935.699399][T11826] EXT4-fs: quotafile must be on filesystem root
[  937.595831][T11855] loop8: detected capacity change from 0 to 512
[  937.617196][T11855] ext4: Unknown parameter 'smackfsfloor'
[  938.153490][T11865] syz.0.1709[11865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  938.153597][T11865] syz.0.1709[11865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  938.614366][T11861] input: syz0 as /devices/virtual/input/input14
[  938.632549][T11861] input: failed to attach handler leds to device input14, error: -6
[  940.335329][T11887] loop7: detected capacity change from 0 to 256
[  940.366089][T11887] FAT-fs (loop7): Unrecognized mount option "nnonume=winnt" or missing value
[  943.162154][T11912] syz.4.1723[11912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  943.162261][T11912] syz.4.1723[11912] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  945.699169][T11930] loop4: detected capacity change from 0 to 512
[  945.892937][T11930] EXT4-fs: quotafile must be on filesystem root
[  950.440948][T11984] syz.1.1740[11984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  950.441063][T11984] syz.1.1740[11984] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  952.550444][T10806] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  953.001721][T10806] usb 5-1: Using ep0 maxpacket: 8
[  953.008844][T10806] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  953.049397][T10806] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0x3 has invalid maxpacket 0
[  953.073432][T10806] usb 5-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  953.127796][T10806] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  953.157396][T10806] usb 5-1: Product: syz
[  953.232019][T10806] usb 5-1: Manufacturer: syz
[  953.236829][T10806] usb 5-1: SerialNumber: syz
[  953.390036][T10806] usb 5-1: config 0 descriptor??
[  955.367157][T12036] syz.7.1754[12036] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  955.367263][T12036] syz.7.1754[12036] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  957.663000][T10806] usb 5-1: USB disconnect, device number 14
[  957.746575][T12055] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1761'.
[  957.764784][T12055] 8021q: adding VLAN 0 to HW filter on device batadv1
[  957.772901][T12055] bridge0: port 2(batadv1) entered blocking state
[  957.779635][T12055] bridge0: port 2(batadv1) entered disabled state
[  957.788579][T12055] device batadv1 entered promiscuous mode
[  957.804650][T12055] bridge0: port 2(batadv1) entered blocking state
[  957.811225][T12055] bridge0: port 2(batadv1) entered forwarding state
[  957.912016][ T4300] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  958.131855][ T4300] usb 2-1: Using ep0 maxpacket: 32
[  958.152472][ T4300] usb 2-1: config 0 interface 0 has no altsetting 0
[  958.166653][ T4300] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  958.176575][ T4300] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  958.191778][ T4300] usb 2-1: Product: syz
[  958.196152][ T4300] usb 2-1: Manufacturer: syz
[  958.201332][ T4300] usb 2-1: SerialNumber: syz
[  958.220050][ T4300] usb 2-1: config 0 descriptor??
[  958.274910][ T4300] gs_usb 2-1:0.0: Required endpoints not found
[  958.521069][ T4319] batman_adv: batadv1: No IGMP Querier present - multicast optimizations disabled
[  958.530899][ T4319] batman_adv: batadv1: No MLD Querier present - multicast optimizations disabled
[  958.540023][T12062] loop7: detected capacity change from 0 to 512
[  958.576252][T12062] EXT4-fs: quotafile must be on filesystem root
[  961.568150][ T3582] usb 2-1: USB disconnect, device number 15
[  962.952863][T12103] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1772'.
[  963.170622][T12105] input: syz0 as /devices/virtual/input/input15
[  963.177168][T12105] input: failed to attach handler leds to device input15, error: -6
[  967.275841][T12144] input: syz0 as /devices/virtual/input/input16
[  967.282550][T12144] input: failed to attach handler leds to device input16, error: -6
[  967.366574][T12149] loop7: detected capacity change from 0 to 256
[  967.397037][T12149] FAT-fs (loop7): Unrecognized mount option "nnonume=winnt" or missing value
[  968.722383][T12151] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1786'.
[  968.749234][T12160] 9pnet_fd: Insufficient options for proto=fd
[  970.792277][T12176] loop7: detected capacity change from 0 to 512
[  970.827504][T12176] EXT4-fs: quotafile must be on filesystem root
[  970.898246][T12172] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1791'.
[  971.094108][T10314] I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  972.251518][T12191] input: syz0 as /devices/virtual/input/input17
[  972.258016][T12191] input: failed to attach handler leds to device input17, error: -6
[  972.424257][ T3582] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  972.525807][ T4300] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  972.917732][ T3582] usb 5-1: Using ep0 maxpacket: 8
[  972.925073][ T3582] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  972.973683][ T4300] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  972.995821][ T3582] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 2
[  973.025779][ T4300] usb 8-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  973.056168][ T3582] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[  973.080774][ T4300] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.097786][T12199] loop8: detected capacity change from 0 to 256
[  973.115969][T12198] 9pnet_fd: Insufficient options for proto=fd
[  973.128905][ T3582] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[  973.158174][ T4300] usb 8-1: config 0 descriptor??
[  973.163549][T12199] FAT-fs (loop8): Unrecognized mount option "nnonume=winnt" or missing value
[  973.182296][ T3582] usb 5-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  973.200246][ T4300] pwc: Askey VC010 type 2 USB webcam detected.
[  973.217295][ T3582] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  973.276897][T10314] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  973.302316][ T3582] hub 5-1:1.0: bad descriptor, ignoring hub
[  973.308371][ T3582] hub: probe of 5-1:1.0 failed with error -5
[  973.514811][ T3582] cdc_wdm 5-1:1.0: skipping garbage
[  973.520131][ T3582] cdc_wdm 5-1:1.0: skipping garbage
[  973.548591][ T3582] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device
[  973.554706][ T3582] cdc_wdm 5-1:1.0: Unknown control protocol
[  973.594279][ T3582] usb 5-1: USB disconnect, device number 15
[  973.798951][ T4300] pwc: recv_control_msg error -32 req 02 val 2b00
[  974.035012][ T4300] pwc: recv_control_msg error -32 req 02 val 2700
[  974.269568][ T4300] pwc: recv_control_msg error -32 req 04 val 1000
[  974.286586][ T4300] pwc: recv_control_msg error -32 req 04 val 1300
[  974.303557][ T4300] pwc: recv_control_msg error -32 req 04 val 1400
[  974.310756][ T4300] pwc: recv_control_msg error -32 req 02 val 2000
[  974.321267][ T4300] pwc: recv_control_msg error -32 req 02 val 2100
[  974.321744][ T6920] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  974.329212][ T4300] pwc: recv_control_msg error -32 req 04 val 1500
[  974.343024][ T4300] pwc: recv_control_msg error -32 req 02 val 2500
[  974.555852][ T4300] pwc: recv_control_msg error -71 req 02 val 2600
[  974.582298][ T4300] pwc: recv_control_msg error -71 req 02 val 2900
[  974.618592][ T4300] pwc: recv_control_msg error -71 req 02 val 2800
[  974.783602][ T4300] pwc: recv_control_msg error -71 req 04 val 1100
[  974.818060][ T4300] pwc: recv_control_msg error -71 req 04 val 1200
[  975.039233][ T4300] pwc: Registered as video103.
[  975.138652][ T4300] input: PWC snapshot button as /devices/platform/dummy_hcd.7/usb8/8-1/input/input18
[  975.181660][ T6920] usb 2-1: Using ep0 maxpacket: 32
[  975.189232][ T6920] usb 2-1: config 0 interface 0 has no altsetting 0
[  975.214730][ T6920] usb 2-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  975.243209][ T4300] usb 8-1: USB disconnect, device number 11
[  975.251845][ T6920] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  975.261530][ T6920] usb 2-1: Product: syz
[  975.265924][ T6920] usb 2-1: Manufacturer: syz
[  975.280395][ T6920] usb 2-1: SerialNumber: syz
[  975.307878][ T6920] usb 2-1: config 0 descriptor??
[  975.318752][ T6920] gs_usb 2-1:0.0: Required endpoints not found
[  976.173210][T12217] loop4: detected capacity change from 0 to 512
[  976.183095][T12217] EXT4-fs: quotafile must be on filesystem root
[  976.416344][T10315] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  977.494389][T12223] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1807'.
[  977.616140][ T3582] usb 2-1: USB disconnect, device number 16
[  977.856370][T12241] loop4: detected capacity change from 0 to 256
[  978.052852][T12241] FAT-fs (loop4): Unrecognized mount option "nnonume=winnt" or missing value
[  978.347016][T12244] loop7: detected capacity change from 0 to 256
[  979.193206][T12244] FAT-fs (loop7): Directory bread(block 64) failed
[  979.199963][T12244] FAT-fs (loop7): Directory bread(block 65) failed
[  979.207398][T12244] FAT-fs (loop7): Directory bread(block 66) failed
[  979.214165][T12244] FAT-fs (loop7): Directory bread(block 67) failed
[  979.221466][T12244] FAT-fs (loop7): Directory bread(block 68) failed
[  979.228268][T12244] FAT-fs (loop7): Directory bread(block 69) failed
[  979.239827][T12244] FAT-fs (loop7): Directory bread(block 70) failed
[  979.246711][T12244] FAT-fs (loop7): Directory bread(block 71) failed
[  979.253907][T12244] FAT-fs (loop7): Directory bread(block 72) failed
[  979.260686][T12244] FAT-fs (loop7): Directory bread(block 73) failed
[  980.475384][ T3582] usb 9-1: new high-speed USB device number 7 using dummy_hcd
[  981.282113][ T3582] usb 9-1: Using ep0 maxpacket: 8
[  981.289089][ T3582] usb 9-1: config 0 has an invalid interface number: 52 but max is 0
[  981.523185][ T3582] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  981.547796][ T3582] usb 9-1: config 0 has no interface number 0
[  981.554386][ T3582] usb 9-1: config 0 interface 52 has no altsetting 0
[  981.870085][T12266] overlayfs: missing 'lowerdir'
[  982.464946][ T4553] af_packet: tpacket_rcv: packet too big, clamped from 196 to 4294967272. macoff=96
[  982.491199][ T3582] usb 9-1: string descriptor 0 read error: -71
[  982.497579][ T3582] usb 9-1: New USB device found, idVendor=06cb, idProduct=0007, bcdDevice= 0.00
[  982.507395][ T3582] usb 9-1: New USB device strings: Mfr=0, Product=149, SerialNumber=35
[  983.008069][T12271] loop4: detected capacity change from 0 to 512
[  983.066244][T12271] EXT4-fs: quotafile must be on filesystem root
[  983.202969][ T3582] usb 9-1: config 0 descriptor??
[  983.209635][ T3582] usb 9-1: can't set config #0, error -71
[  983.312745][ T3582] usb 9-1: USB disconnect, device number 7
[  984.833318][T12284] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1821'.
[  987.552330][T12316] overlayfs: missing 'lowerdir'
[  989.834572][T12328] netlink: 48 bytes leftover after parsing attributes in process `syz.7.1836'.
[  990.806613][T12342] loop7: detected capacity change from 0 to 512
[  991.762945][T12342] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[  991.772527][T12342] ext4 filesystem being mounted at /311/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  992.947615][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  992.954599][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  992.974959][T12339] netlink: 20 bytes leftover after parsing attributes in process `syz.0.1839'.
[  993.000568][ T6179] EXT4-fs (loop7): unmounting filesystem.
[  993.218120][T12350] loop4: detected capacity change from 0 to 256
[  993.313537][T12350] FAT-fs (loop4): Directory bread(block 64) failed
[  993.320364][T12350] FAT-fs (loop4): Directory bread(block 65) failed
[  993.327097][T12350] FAT-fs (loop4): Directory bread(block 66) failed
[  993.333831][T12350] FAT-fs (loop4): Directory bread(block 67) failed
[  993.340435][T12350] FAT-fs (loop4): Directory bread(block 68) failed
[  993.347065][T12350] FAT-fs (loop4): Directory bread(block 69) failed
[  993.353711][T12350] FAT-fs (loop4): Directory bread(block 70) failed
[  993.360241][T12350] FAT-fs (loop4): Directory bread(block 71) failed
[  993.367539][T12350] FAT-fs (loop4): Directory bread(block 72) failed
[  993.374267][T12350] FAT-fs (loop4): Directory bread(block 73) failed
[  995.530070][ T6920] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  995.731823][ T6920] usb 5-1: Using ep0 maxpacket: 32
[  995.746703][ T6920] usb 5-1: config 0 interface 0 has no altsetting 0
[  995.759947][ T6920] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[  995.783400][ T6920] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  995.796504][ T6920] usb 5-1: Product: syz
[  995.800711][ T6920] usb 5-1: Manufacturer: syz
[  995.808450][ T6920] usb 5-1: SerialNumber: syz
[  995.836209][ T6920] usb 5-1: config 0 descriptor??
[  995.991737][   T22] usb 8-1: new high-speed USB device number 12 using dummy_hcd
[  996.326413][T12372] overlayfs: missing 'lowerdir'
[  996.381894][   T22] usb 8-1: Using ep0 maxpacket: 32
[  996.396748][   T22] usb 8-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  996.446350][   T22] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  996.515361][   T22] usb 8-1: config 0 descriptor??
[  996.667996][   T22] gspca_main: sunplus-2.14.0 probing 041e:400b
[  996.973121][T12374] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1848'.
[  996.995251][T12374] tmpfs: Unknown parameter 'usrquota'
[  997.064802][ T6920] gs_usb 5-1:0.0: Couldn't get device config: (err=-32)
[  997.081970][ T6920] gs_usb: probe of 5-1:0.0 failed with error -32
[  997.812478][   T22] gspca_sunplus: reg_r err -110
[  997.818456][   T22] sunplus: probe of 8-1:0.0 failed with error -110
[  998.150959][   T22] usb 5-1: USB disconnect, device number 16
[ 1000.189177][ T6920] usb 8-1: USB disconnect, device number 12
[ 1000.746727][T12404] loop7: detected capacity change from 0 to 512
[ 1000.819121][T12404] EXT4-fs: quotafile must be on filesystem root
[ 1002.962014][T12422] overlayfs: missing 'lowerdir'
[ 1005.071781][T10806] usb 5-1: new high-speed USB device number 17 using dummy_hcd
[ 1005.263645][ T4300] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[ 1005.886178][T10806] usb 5-1: Using ep0 maxpacket: 32
[ 1005.913354][T10806] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1005.931645][ T4300] usb 2-1: Using ep0 maxpacket: 8
[ 1005.981613][T12444] syz.8.1868[12444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1005.982729][T12444] syz.8.1868[12444] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[ 1006.781960][ T4300] usb 2-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[ 1006.803783][ T4300] usb 2-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1006.804444][T10806] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1006.830164][ T4300] usb 2-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1006.843491][T10806] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1006.851517][T10806] usb 5-1: Product: syz
[ 1006.858084][T10806] usb 5-1: Manufacturer: syz
[ 1006.863770][ T4300] usb 2-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 1006.874134][T10806] usb 5-1: SerialNumber: syz
[ 1006.879591][ T4300] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1006.892831][T10806] usb 5-1: config 0 descriptor??
[ 1006.897987][ T4300] usb 2-1: Product: syz
[ 1006.905855][ T4300] usb 2-1: Manufacturer: syz
[ 1006.910555][ T4300] usb 2-1: SerialNumber: syz
[ 1007.195675][T12451] loop8: detected capacity change from 0 to 512
[ 1007.202738][T12451] EXT4-fs: Ignoring removed oldalloc option
[ 1008.276105][T12451] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1008.492993][T12451] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1008.517397][T12451] Quota error (device loop8): do_check_range: Getting block 196613 out of range 1-5
[ 1008.528405][T12451] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 1008.538019][T12451] EXT4-fs error (device loop8): ext4_acquire_dquot:6795: comm syz.8.1870: Failed to acquire dquot type 1
[ 1008.576270][T12451] EXT4-fs (loop8): 1 truncate cleaned up
[ 1009.043666][T12451] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1009.162414][T10806] gs_usb 5-1:0.0: Couldn't send data format (err=-110)
[ 1009.170778][T10806] gs_usb: probe of 5-1:0.0 failed with error -110
[ 1009.177606][ T4300] usb 2-1: can't set config #6, error -71
[ 1009.184774][ T4300] usb 2-1: USB disconnect, device number 17
[ 1009.410379][ T4363] usb 5-1: USB disconnect, device number 17
[ 1009.962747][T12460] overlayfs: missing 'lowerdir'
[ 1010.599519][T12463] Bluetooth: MGMT ver 1.22
[ 1011.127369][T12458] device vlan0 entered promiscuous mode
[ 1011.139772][ T8739] EXT4-fs (loop8): unmounting filesystem.
[ 1016.170633][T12503] xt_bpf: check failed: parse error
[ 1016.935853][T12514] overlayfs: missing 'lowerdir'
[ 1016.951824][   T22] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[ 1017.172306][   T22] usb 9-1: config index 0 descriptor too short (expected 23569, got 27)
[ 1017.299029][   T22] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1017.514145][   T22] usb 9-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0
[ 1017.563982][   T22] usb 9-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0
[ 1017.609270][   T22] usb 9-1: Manufacturer: syz
[ 1017.672526][   T22] usb 9-1: config 0 descriptor??
[ 1018.746311][T12525] device vlan0 entered promiscuous mode
[ 1019.309496][   T22] rc_core: IR keymap rc-hauppauge not found
[ 1019.329965][   T22] Registered IR keymap rc-empty
[ 1020.426307][   T22] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0
[ 1020.438149][   T22] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.8/usb9/9-1/9-1:0.0/rc/rc0/input20
[ 1020.686039][ T6920] usb 9-1: USB disconnect, device number 8
[ 1022.128201][T12550] loop4: detected capacity change from 0 to 512
[ 1022.152472][T12550] EXT4-fs: quotafile must be on filesystem root
[ 1022.193042][T12551] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1895'.
[ 1022.245563][T10292] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1022.827725][T12560] loop8: detected capacity change from 0 to 512
[ 1023.538980][T12560] ext4: Unknown parameter 'smackfsfloor'
[ 1023.836835][T10314] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1024.226878][T12572] overlayfs: missing 'lowerdir'
[ 1024.831802][ T6920] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[ 1025.061244][T12577] loop8: detected capacity change from 0 to 512
[ 1025.068445][T12577] EXT4-fs: Ignoring removed oldalloc option
[ 1025.128923][T12577] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1025.139290][ T6920] usb 8-1: Using ep0 maxpacket: 16
[ 1025.152020][ T6920] usb 8-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1025.190208][ T6920] usb 8-1: config 0 interface 0 has no altsetting 0
[ 1026.176342][ T6920] usb 8-1: New USB device found, idVendor=0458, idProduct=0153, bcdDevice= 0.00
[ 1026.186094][ T6920] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1026.801105][ T6920] usb 8-1: config 0 descriptor??
[ 1026.842351][T12577] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1026.856972][T12577] Quota error (device loop8): do_check_range: Getting block 196613 out of range 1-5
[ 1026.866868][T12577] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 1026.876411][T12577] EXT4-fs error (device loop8): ext4_acquire_dquot:6795: comm syz.8.1903: Failed to acquire dquot type 1
[ 1026.896225][T12577] EXT4-fs (loop8): 1 truncate cleaned up
[ 1027.258311][T12577] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1027.619215][ T6920] usbhid 8-1:0.0: can't add hid device: -71
[ 1027.631661][ T6920] usbhid: probe of 8-1:0.0 failed with error -71
[ 1027.687923][ T6920] usb 8-1: USB disconnect, device number 13
[ 1029.348534][ T8739] EXT4-fs (loop8): unmounting filesystem.
[ 1032.429768][T12613] xt_bpf: check failed: parse error
[ 1034.800863][T12618] loop8: detected capacity change from 0 to 512
[ 1034.859975][T12618] ext4: Unknown parameter 'smackfsfloor'
[ 1035.128135][T12625] loop7: detected capacity change from 0 to 512
[ 1035.141865][T12625] EXT4-fs: Ignoring removed oldalloc option
[ 1035.193915][T12625] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1035.613239][T12625] EXT4-fs (loop7): orphan cleanup on readonly fs
[ 1035.620718][T12625] Quota error (device loop7): do_check_range: Getting block 196613 out of range 1-5
[ 1035.630281][T12625] Quota error (device loop7): qtree_read_dquot: Can't read quota structure for id 0
[ 1035.639800][T12625] EXT4-fs error (device loop7): ext4_acquire_dquot:6795: comm syz.7.1915: Failed to acquire dquot type 1
[ 1035.777533][T12625] EXT4-fs (loop7): 1 truncate cleaned up
[ 1035.783650][T12625] EXT4-fs (loop7): mounted filesystem without journal. Quota mode: writeback.
[ 1035.987685][T12634] overlayfs: missing 'lowerdir'
[ 1036.420339][ T6179] EXT4-fs (loop7): unmounting filesystem.
[ 1041.603598][ T4265] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1041.631947][ T4265] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1041.640321][ T4266] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1041.648694][ T4265] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1041.662331][ T4266] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1041.669827][ T4265] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1042.138147][T12679] loop8: detected capacity change from 0 to 512
[ 1042.147601][T12679] EXT4-fs: Ignoring removed oldalloc option
[ 1042.178542][T12679] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1042.310144][T12679] EXT4-fs (loop8): orphan cleanup on readonly fs
[ 1042.329738][T12679] Quota error (device loop8): do_check_range: Getting block 196613 out of range 1-5
[ 1042.339768][T12679] Quota error (device loop8): qtree_read_dquot: Can't read quota structure for id 0
[ 1042.349416][T12679] EXT4-fs error (device loop8): ext4_acquire_dquot:6795: comm syz.8.1928: Failed to acquire dquot type 1
[ 1042.371215][T12679] EXT4-fs (loop8): 1 truncate cleaned up
[ 1042.379346][T12679] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1042.578523][T12663] chnl_net:caif_netlink_parms(): no params data found
[ 1042.899362][T12668] loop7: detected capacity change from 0 to 8192
[ 1043.432728][T12663] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1043.447548][T12684] FAT-fs (loop7): error, fat_get_cluster: invalid cluster chain (i_pos 2068)
[ 1043.456539][T12684] FAT-fs (loop7): Filesystem has been set read-only
[ 1043.463315][T12684] FAT-fs (loop7): error, fat_free: invalid cluster chain (i_pos 2068)
[ 1043.495830][T12663] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1043.510859][T12663] device bridge_slave_0 entered promiscuous mode
[ 1043.552409][T12663] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1043.580102][T12663] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1043.630449][T12663] device bridge_slave_1 entered promiscuous mode
[ 1043.794380][T12663] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1043.842679][T12663] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1043.996660][T12663] team0: Port device team_slave_0 added
[ 1044.032041][T12663] team0: Port device team_slave_1 added
[ 1044.189727][T12663] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1044.207877][T12663] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1044.254479][T12688] loop4: detected capacity change from 0 to 512
[ 1044.301409][T12688] ext4: Unknown parameter 'smackfsfloor'
[ 1044.351249][ T4266] Bluetooth: hci1: command 0x0409 tx timeout
[ 1044.369725][T12663] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1044.382839][T12663] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1044.389823][T12663] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1044.416017][T12663] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1044.584323][ T8739] EXT4-fs (loop8): unmounting filesystem.
[ 1044.691815][T12690] overlayfs: missing 'lowerdir'
[ 1046.086515][T12702] loop4: detected capacity change from 0 to 256
[ 1046.093820][T12702] exfat: Bad value for 'fmask'
[ 1046.146634][T12663] device hsr_slave_0 entered promiscuous mode
[ 1046.178942][T12663] device hsr_slave_1 entered promiscuous mode
[ 1046.415867][T12707] loop8: detected capacity change from 0 to 512
[ 1046.423410][ T4266] Bluetooth: hci1: command 0x041b tx timeout
[ 1048.575949][ T4266] Bluetooth: hci1: command 0x040f tx timeout
[ 1049.000769][T12707] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1049.010261][T12707] ext4 filesystem being mounted at /156/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1049.497768][ T3582] usb 5-1: new high-speed USB device number 18 using dummy_hcd
[ 1050.614020][ T4266] Bluetooth: hci1: command 0x0419 tx timeout
[ 1050.681776][ T3582] usb 5-1: device descriptor read/64, error -71
[ 1050.873122][ T8739] EXT4-fs (loop8): unmounting filesystem.
[ 1051.041828][ T3582] usb 5-1: new high-speed USB device number 19 using dummy_hcd
[ 1051.261906][ T3582] usb 5-1: Using ep0 maxpacket: 32
[ 1051.278857][ T3582] usb 5-1: config 0 interface 0 has no altsetting 0
[ 1051.300290][ T3582] usb 5-1: New USB device found, idVendor=16d0, idProduct=10b8, bcdDevice=de.8e
[ 1051.496976][ T3582] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1051.505944][ T3582] usb 5-1: Product: syz
[ 1051.510158][ T3582] usb 5-1: Manufacturer: syz
[ 1051.515506][ T3582] usb 5-1: SerialNumber: syz
[ 1051.522792][ T3582] usb 5-1: config 0 descriptor??
[ 1051.571506][T12663] netdevsim netdevsim9 netdevsim0: renamed from eth0
[ 1051.605348][T12663] netdevsim netdevsim9 netdevsim1: renamed from eth1
[ 1051.977140][ T3582] gs_usb 5-1:0.0: Couldn't get device config: (err=-121)
[ 1052.013778][ T3582] gs_usb: probe of 5-1:0.0 failed with error -121
[ 1052.324293][T12663] netdevsim netdevsim9 netdevsim2: renamed from eth2
[ 1052.365309][T12663] netdevsim netdevsim9 netdevsim3: renamed from eth3
[ 1052.476801][T12739] loop8: detected capacity change from 0 to 512
[ 1052.489724][T12739] ext4: Unknown parameter 'smackfsfloor'
[ 1052.639294][T10314] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1053.218291][T12743] overlayfs: missing 'lowerdir'
[ 1054.184857][ T4363] usb 5-1: USB disconnect, device number 19
[ 1054.337227][T12753] loop8: detected capacity change from 0 to 256
[ 1054.361168][T12751] mmap: syz.0.1945 (12751) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[ 1054.387906][T12753] exfat: Bad value for 'fmask'
[ 1054.434675][T12663] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1054.498071][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1054.510669][ T4401] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1054.553490][T12663] 8021q: adding VLAN 0 to HW filter on device team0
[ 1054.584813][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1054.600158][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1054.624927][   T29] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1054.632212][   T29] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1054.636296][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.646039][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[ 1054.658119][   T29] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1054.672224][T10292] I/O error, dev loop8, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1054.685409][T12411] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1054.698967][T12411] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1054.708650][T12411] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1054.715859][T12411] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1054.732010][T12759] loop4: detected capacity change from 0 to 512
[ 1054.923963][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1054.987293][T12759] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[ 1054.996987][T12759] ext4 filesystem being mounted at /373/bus supports timestamps until 2038-01-19 (0x7fffffff)
[ 1055.794971][ T4319] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1055.869736][ T4257] EXT4-fs (loop4): unmounting filesystem.
[ 1056.021753][ T3709] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[ 1056.281664][ T3709] usb 9-1: Using ep0 maxpacket: 16
[ 1056.309835][ T3709] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1056.420890][ T3709] usb 9-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[ 1056.574558][ T3709] usb 9-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1056.745905][ T3709] usb 9-1: config 1 interface 0 has no altsetting 0
[ 1058.164010][ T3709] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1058.181622][ T3709] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1058.411288][ T3709] usb 9-1: Product: syz
[ 1058.456724][ T3709] usb 9-1: can't set config #1, error -71
[ 1058.495593][ T3709] usb 9-1: USB disconnect, device number 9
[ 1058.519911][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1058.562942][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1058.653311][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1058.701787][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1058.710602][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1058.719336][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1058.728422][ T4951] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1058.981905][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1059.085357][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1059.119056][T12663] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1059.231665][ T3709] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[ 1060.091977][T12801] overlayfs: missing 'lowerdir'
[ 1060.575119][ T3709] usb 9-1: Using ep0 maxpacket: 8
[ 1060.756987][ T3709] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1060.801703][ T3709] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[ 1060.854474][ T3709] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10
[ 1060.880386][ T3709] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024
[ 1060.901213][ T3709] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[ 1060.919487][ T3709] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1061.184107][ T3709] hub 9-1:1.0: bad descriptor, ignoring hub
[ 1061.202724][ T3709] hub: probe of 9-1:1.0 failed with error -5
[ 1061.870164][ T3709] cdc_wdm 9-1:1.0: skipping garbage
[ 1061.875704][ T3709] cdc_wdm 9-1:1.0: skipping garbage
[ 1061.886873][ T3709] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[ 1061.893038][ T3709] cdc_wdm 9-1:1.0: Unknown control protocol
[ 1062.211323][T12663] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1062.232460][ T3709] usb 9-1: USB disconnect, device number 10
[ 1062.258786][ T9887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1062.276855][ T9887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1062.611831][ T3709] usb 9-1: new full-speed USB device number 11 using dummy_hcd
[ 1062.676106][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1062.686055][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1062.729854][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1062.749272][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1062.771434][T12663] device veth0_vlan entered promiscuous mode
[ 1062.781259][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1062.816538][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1062.847015][T12663] device veth1_vlan entered promiscuous mode
[ 1062.854900][ T3709] usb 9-1: device descriptor read/all, error -71
[ 1062.926528][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1063.174293][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1063.213265][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1063.242911][   T56] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1063.256807][T12831] loop8: detected capacity change from 0 to 256
[ 1063.269540][T12831] exfat: Bad value for 'fmask'
[ 1063.299119][T12663] device veth0_macvtap entered promiscuous mode
[ 1063.629867][T12663] device veth1_macvtap entered promiscuous mode
[ 1064.710056][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1064.841563][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1064.851434][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1064.874271][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1064.890623][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1064.909380][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1064.919624][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1064.938648][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1064.962389][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1064.985313][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.000955][T12663] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1065.029400][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1065.038951][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1065.082249][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1065.101795][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.112002][ T3709] usb 9-1: new high-speed USB device number 12 using dummy_hcd
[ 1065.131651][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1065.142566][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.159109][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1065.169943][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.191063][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1065.210847][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.221155][T12663] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1065.240019][T12663] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1065.263265][T12663] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1065.271081][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1065.300975][ T8490] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1065.301808][ T3709] usb 9-1: Using ep0 maxpacket: 16
[ 1065.323185][T12663] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1065.340256][T12663] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1065.352189][T12663] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1065.361734][T12663] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1065.371666][ T3709] usb 9-1: unable to get BOS descriptor or descriptor too short
[ 1065.391463][ T3709] usb 9-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[ 1065.423336][ T3709] usb 9-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1065.449058][ T3709] usb 9-1: config 1 interface 0 has no altsetting 0
[ 1065.495736][ T3709] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1065.519528][ T3709] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1065.537583][ T3709] usb 9-1: Product: syz
[ 1065.564962][ T3709] usb 9-1: Manufacturer: syz
[ 1065.575117][ T3709] usb 9-1: SerialNumber: syz
[ 1065.599589][T12835] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1065.826959][T12409] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1065.841034][T12409] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.894348][ T4671] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1065.926529][   T29] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1065.943373][   T29] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1065.966462][ T4671] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1066.042255][T12848] loop4: detected capacity change from 0 to 512
[ 1066.056863][T12848] ext4: Unknown parameter 'smackfsfloor'
[ 1066.662067][T12854] overlayfs: missing 'lowerdir'
[ 1068.019722][ T3709] usb 9-1: USB disconnect, device number 12
[ 1068.037032][T12857] bridge0: port 2(batadv1) entered disabled state
[ 1068.043700][T12857] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1068.541797][  T127] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[ 1068.996331][  T127] usb 10-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[ 1069.015987][  T127] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1069.087401][  T127] usb 10-1: config 0 descriptor??
[ 1069.169920][  T127] gspca_main: STV06xx-2.14.0 probing 046d:0870
[ 1070.855521][T12887] loop7: detected capacity change from 0 to 256
[ 1071.429897][T12887] exfat: Bad value for 'fmask'
[ 1074.193563][  T127] usb 10-1: USB disconnect, device number 2
[ 1075.415499][   T27] audit: type=1804 audit(1739578149.293:319): pid=12930 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.1988" name="/newroot/387/bus/file0" dev="overlay" ino=2160 res=1 errno=0
[ 1078.066431][T12960] loop4: detected capacity change from 0 to 256
[ 1078.114581][T12960] exfat: Bad value for 'fmask'
[ 1078.789983][ T4300] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[ 1080.351830][ T4300] usb 5-1: Using ep0 maxpacket: 16
[ 1080.364594][ T4300] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1081.739930][ T4300] usb 5-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[ 1081.808867][ T4300] usb 5-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1081.816651][T12975] vivid-001: kernel_thread() failed
[ 1081.822797][ T4300] usb 5-1: config 1 interface 0 has no altsetting 0
[ 1082.056217][ T4300] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1082.097057][ T4300] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1082.329875][ T4300] usb 5-1: Product: syz
[ 1082.335577][ T4300] usb 5-1: Manufacturer: syz
[ 1082.340374][ T4300] usb 5-1: SerialNumber: syz
[ 1082.386464][T12967] raw-gadget.0 gadget.4: fail, usb_ep_enable returned -22
[ 1084.089155][ T4300] usb 5-1: USB disconnect, device number 20
[ 1085.715981][T13012] ubi31: attaching mtd0
[ 1085.962608][ T4300] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[ 1086.202184][ T4300] usb 10-1: Using ep0 maxpacket: 8
[ 1086.214913][T13012] ubi31: scanning is finished
[ 1086.341034][ T4300] usb 10-1: config 6 has an invalid descriptor of length 0, skipping remainder of the config
[ 1086.387468][T13012] ubi31: empty MTD device detected
[ 1086.607914][ T4300] usb 10-1: config 6 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[ 1086.640907][ T4300] usb 10-1: config 6 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1086.768949][T13012] ubi31: attached mtd0 (name "mtdram test device", size 0 MiB)
[ 1086.781819][T13012] ubi31: PEB size: 4096 bytes (4 KiB), LEB size: 3968 bytes
[ 1086.820203][T13012] ubi31: min./max. I/O unit sizes: 1/64, sub-page size 1
[ 1086.856257][T13012] ubi31: VID header offset: 64 (aligned 64), data offset: 128
[ 1086.877847][T13012] ubi31: good PEBs: 32, bad PEBs: 0, corrupted PEBs: 0
[ 1086.885249][T13012] ubi31: user volume: 0, internal volumes: 1, max. volumes count: 23
[ 1086.895335][T13012] ubi31: max/mean erase counter: 0/0, WL threshold: 4096, image sequence number: 3879814858
[ 1086.906059][T13012] ubi31: available PEBs: 28, total reserved PEBs: 4, PEBs reserved for bad PEB handling: 0
[ 1086.916538][ T4300] usb 10-1: New USB device found, idVendor=0af0, idProduct=7271, bcdDevice=88.91
[ 1086.927087][ T4300] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1086.935851][ T4300] usb 10-1: Product: syz
[ 1086.940284][ T4300] usb 10-1: Manufacturer: syz
[ 1087.138075][ T4300] usb 10-1: SerialNumber: syz
[ 1087.206997][T13025] ubi31: background thread "ubi_bgt31d" started, PID 13025
[ 1087.734802][ T4300] hso 10-1:6.0: Can't find BULK IN endpoint
[ 1087.826237][ T4363] usb 10-1: USB disconnect, device number 3
[ 1088.889884][T13039] loop7: detected capacity change from 0 to 256
[ 1088.961169][T13039] exfat: Bad value for 'fmask'
[ 1090.782427][  T127] usb 8-1: new high-speed USB device number 15 using dummy_hcd
[ 1091.472274][  T127] usb 8-1: Using ep0 maxpacket: 16
[ 1091.482991][  T127] usb 8-1: unable to get BOS descriptor or descriptor too short
[ 1091.523574][  T127] usb 8-1: config 1 interface 0 altsetting 10 bulk endpoint 0x1 has invalid maxpacket 32
[ 1091.570121][  T127] usb 8-1: config 1 interface 0 altsetting 10 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1092.398773][  T127] usb 8-1: config 1 interface 0 has no altsetting 0
[ 1092.701749][  T127] usb 8-1: string descriptor 0 read error: -71
[ 1092.708117][  T127] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[ 1092.765545][  T127] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1092.811720][  T127] usb 8-1: can't set config #1, error -71
[ 1092.840014][  T127] usb 8-1: USB disconnect, device number 15
[ 1097.258578][T13114] loop8: detected capacity change from 0 to 256
[ 1097.375733][T13114] exfat: Bad value for 'fmask'
[ 1097.577606][T13118] loop7: detected capacity change from 0 to 1024
[ 1097.931609][T13118] EXT4-fs (loop7): barriers disabled
[ 1097.954938][T13118] JBD2: no valid journal superblock found
[ 1097.960897][T13118] EXT4-fs (loop7): error loading journal
[ 1098.592976][ T9843] ------------[ cut here ]------------
[ 1098.599122][ T9843] WARNING: CPU: 0 PID: 9843 at io_uring/io_uring.c:2809 io_ring_exit_work+0x31d/0x794
[ 1098.608777][ T9843] Modules linked in:
[ 1098.613015][ T9843] CPU: 0 PID: 9843 Comm: kworker/u4:29 Not tainted 6.1.128-syzkaller #0
[ 1098.621370][ T9843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1098.632118][ T9843] Workqueue: events_unbound io_ring_exit_work
[ 1098.638238][ T9843] RIP: 0010:io_ring_exit_work+0x31d/0x794
[ 1098.644287][ T9843] Code: 78 23 e8 cb 30 db f6 48 8b 7c 24 30 48 8b 74 24 18 e8 1c 19 0a 00 48 85 c0 75 3f e8 b2 30 db f6 e9 f9 fd ff ff e8 a8 30 db f6 <0f> 0b b8 70 17 00 00 48 89 44 24 18 eb cf 48 8b 4c 24 10 80 e1 07
[ 1098.664000][ T9843] RSP: 0018:ffffc900046c7ae0 EFLAGS: 00010293
[ 1098.670108][ T9843] RAX: ffffffff8aaf6248 RBX: 000000010001373c RCX: ffff888030d85940
[ 1098.678154][ T9843] RDX: 0000000000000000 RSI: fffffffffffffff6 RDI: 0000000000000000
[ 1098.686200][ T9843] RBP: ffffc900046c7c50 R08: ffffffff8aaf621b R09: fffff520008d8f4d
[ 1098.694267][ T9843] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000100013746
[ 1098.702305][ T9843] R13: ffff888025a9f260 R14: 1ffff11004b53e4c R15: dffffc0000000000
[ 1098.710389][ T9843] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1098.719408][ T9843] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1098.726059][ T9843] CR2: 00007f323121e270 CR3: 00000000607c8000 CR4: 00000000003506f0
[ 1098.734102][ T9843] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1098.742226][ T9843] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1098.750233][ T9843] Call Trace:
[ 1098.753577][ T9843]  <TASK>
[ 1098.756532][ T9843]  ? __warn+0x15a/0x520
[ 1098.760709][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1098.765933][ T9843]  ? report_bug+0x2af/0x500
[ 1098.770481][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1098.775678][ T9843]  ? handle_bug+0x3d/0x70
[ 1098.780080][ T9843]  ? exc_invalid_op+0x16/0x40
[ 1098.784894][ T9843]  ? asm_exc_invalid_op+0x16/0x20
[ 1098.789959][ T9843]  ? io_ring_exit_work+0x2f0/0x794
[ 1098.795154][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1098.800311][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1098.805513][ T9843]  ? io_ring_ctx_wait_and_kill+0x314/0x314
[ 1098.811368][ T9843]  ? do_raw_spin_unlock+0x137/0x8a0
[ 1098.816649][ T9843]  ? process_one_work+0x806/0x1260
[ 1098.821831][ T9843]  process_one_work+0x917/0x1260
[ 1098.826826][ T9843]  ? worker_detach_from_pool+0x260/0x260
[ 1098.832542][ T9843]  ? _raw_spin_lock_irqsave+0x120/0x120
[ 1098.838128][ T9843]  ? kthread_data+0x4e/0xc0
[ 1098.842732][ T9843]  ? wq_worker_running+0x97/0x190
[ 1098.847785][ T9843]  worker_thread+0xa47/0x1200
[ 1098.852538][ T9843]  ? _raw_spin_unlock+0x40/0x40
[ 1098.857430][ T9843]  ? release_firmware_map_entry+0x18b/0x18b
[ 1098.863398][ T9843]  ? _raw_spin_unlock+0x40/0x40
[ 1098.868299][ T9843]  kthread+0x28d/0x320
[ 1098.872431][ T9843]  ? worker_clr_flags+0x190/0x190
[ 1098.877486][ T9843]  ? kthread_blkcg+0xd0/0xd0
[ 1098.882139][ T9843]  ret_from_fork+0x1f/0x30
[ 1098.886607][ T9843]  </TASK>
[ 1098.889646][ T9843] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1098.896934][ T9843] CPU: 0 PID: 9843 Comm: kworker/u4:29 Not tainted 6.1.128-syzkaller #0
[ 1098.905283][ T9843] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 12/27/2024
[ 1098.915356][ T9843] Workqueue: events_unbound io_ring_exit_work
[ 1098.921460][ T9843] Call Trace:
[ 1098.924753][ T9843]  <TASK>
[ 1098.927698][ T9843]  dump_stack_lvl+0x1e3/0x2cb
[ 1098.932409][ T9843]  ? nf_tcp_handle_invalid+0x642/0x642
[ 1098.937903][ T9843]  ? panic+0x764/0x764
[ 1098.942005][ T9843]  ? 0xffffffffa0000954
[ 1098.946200][ T9843]  ? vscnprintf+0x59/0x80
[ 1098.950560][ T9843]  panic+0x318/0x764
[ 1098.954484][ T9843]  ? __warn+0x169/0x520
[ 1098.958667][ T9843]  ? memcpy_page_flushcache+0xfc/0xfc
[ 1098.964074][ T9843]  ? ret_from_fork+0x1f/0x30
[ 1098.968698][ T9843]  __warn+0x348/0x520
[ 1098.972703][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1098.977849][ T9843]  report_bug+0x2af/0x500
[ 1098.982211][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1098.987361][ T9843]  handle_bug+0x3d/0x70
[ 1098.991556][ T9843]  exc_invalid_op+0x16/0x40
[ 1098.996097][ T9843]  asm_exc_invalid_op+0x16/0x20
[ 1099.000984][ T9843] RIP: 0010:io_ring_exit_work+0x31d/0x794
[ 1099.006730][ T9843] Code: 78 23 e8 cb 30 db f6 48 8b 7c 24 30 48 8b 74 24 18 e8 1c 19 0a 00 48 85 c0 75 3f e8 b2 30 db f6 e9 f9 fd ff ff e8 a8 30 db f6 <0f> 0b b8 70 17 00 00 48 89 44 24 18 eb cf 48 8b 4c 24 10 80 e1 07
[ 1099.026364][ T9843] RSP: 0018:ffffc900046c7ae0 EFLAGS: 00010293
[ 1099.032474][ T9843] RAX: ffffffff8aaf6248 RBX: 000000010001373c RCX: ffff888030d85940
[ 1099.040475][ T9843] RDX: 0000000000000000 RSI: fffffffffffffff6 RDI: 0000000000000000
[ 1099.048473][ T9843] RBP: ffffc900046c7c50 R08: ffffffff8aaf621b R09: fffff520008d8f4d
[ 1099.056476][ T9843] R10: 0000000000000000 R11: dffffc0000000001 R12: 0000000100013746
[ 1099.064479][ T9843] R13: ffff888025a9f260 R14: 1ffff11004b53e4c R15: dffffc0000000000
[ 1099.072501][ T9843]  ? io_ring_exit_work+0x2f0/0x794
[ 1099.077655][ T9843]  ? io_ring_exit_work+0x31d/0x794
[ 1099.082822][ T9843]  ? io_ring_ctx_wait_and_kill+0x314/0x314
[ 1099.088685][ T9843]  ? do_raw_spin_unlock+0x137/0x8a0
[ 1099.093954][ T9843]  ? process_one_work+0x806/0x1260
[ 1099.099099][ T9843]  process_one_work+0x917/0x1260
[ 1099.104099][ T9843]  ? worker_detach_from_pool+0x260/0x260
[ 1099.109770][ T9843]  ? _raw_spin_lock_irqsave+0x120/0x120
[ 1099.115359][ T9843]  ? kthread_data+0x4e/0xc0
[ 1099.119909][ T9843]  ? wq_worker_running+0x97/0x190
[ 1099.124974][ T9843]  worker_thread+0xa47/0x1200
[ 1099.129689][ T9843]  ? _raw_spin_unlock+0x40/0x40
[ 1099.134579][ T9843]  ? release_firmware_map_entry+0x18b/0x18b
[ 1099.140511][ T9843]  ? _raw_spin_unlock+0x40/0x40
[ 1099.145420][ T9843]  kthread+0x28d/0x320
[ 1099.149516][ T9843]  ? worker_clr_flags+0x190/0x190
[ 1099.154576][ T9843]  ? kthread_blkcg+0xd0/0xd0
[ 1099.159198][ T9843]  ret_from_fork+0x1f/0x30
[ 1099.163670][ T9843]  </TASK>
[ 1099.167110][ T9843] Kernel Offset: disabled
[ 1099.171524][ T9843] Rebooting in 86400 seconds..