last executing test programs:

8.68162037s ago: executing program 1 (id=1748):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x13, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000080000000000000000001801000020786c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d0000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1}, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000180)={r1, &(0x7f00000006c0), &(0x7f0000000000), 0x2}, 0x20)

8.533012283s ago: executing program 1 (id=1750):
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x1, 0x4, &(0x7f0000000900)=ANY=[@ANYBLOB="b40000000000000069109a0000000000040000000000000095000000000000007220abb1b364768c328613d20a4d2451a69f9642"], &(0x7f0000000080)='GPL\x00', 0x2, 0x3f7, &(0x7f000000cf3d)=""/195}, 0x48)

8.337517638s ago: executing program 1 (id=1751):
socket$unix(0x1, 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000080)=ANY=[], &(0x7f0000000100)='GPL\x00', 0xb, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$xdp(0x2c, 0x3, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$inet6_int(r2, 0x29, 0x0, &(0x7f0000000180), 0x4)
connect$inet6(r2, 0x0, 0x0)
madvise(&(0x7f0000ac2000/0x1000)=nil, 0x1000, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)
madvise(&(0x7f000018e000/0x3000)=nil, 0x3000, 0x1)
r3 = io_uring_setup(0x344f, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r3, 0x0, 0x0, 0x0)
ioctl$TIOCGPGRP(0xffffffffffffffff, 0x540f, &(0x7f0000000040))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = openat$nullb(0xffffffffffffff9c, &(0x7f0000001000), 0x0, 0x0)
r6 = dup(r5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x6, 0x12, r6, 0x0)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
syz_open_dev$mouse(&(0x7f0000000000), 0x0, 0x4000)
ioctl$BLKZEROOUT(0xffffffffffffffff, 0x127f, &(0x7f0000000240)={0x0, 0x1000000})
bpf$BPF_GET_MAP_INFO(0x3, &(0x7f0000000100)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800}, 0x20)
socket(0x10, 0x3, 0x0)

7.313559732s ago: executing program 3 (id=1758):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x4, &(0x7f0000000600)=ANY=[@ANYBLOB="850000002e000000350000000000ba000700000008000000950000000000000064f1c09faf5d6806f8a1572b41a141d524581835d80532cb457f454698165b61a3cf5fc6dd8442230e35230163cf094949fc8b0a9114f43d1b6538f5976be4adc07e8c97d76b1895c322a1ef1f83dd6c1023158a1086f7d0f9dce435554bc34e6bdea4217cfaa9a1f8ad1087c697acd9a7ab696922c9e35f0aee6156c599c7b297de0019b27d67bfb3fe241454a04080bf7f8ce021879c820f9b80fe04be5b11cc7bf16c8a029df573db051357c71be1f5e8ce8db0f96ee1d8a312e9671e652bd6f32c7a458f129a8d8bc9a5d905441c0785d333135a04001bb4cd5b295b9add7a0247cada056be3a9e29f9d4b57ddd4130ccbbbcd6e000000000000004102d74c391acc0880312cc8a8c51c7bddd3698f620a69f46984c2a2e742fadecf0e18c91f1715450ff0e09b7e52fd66a7c81b7e62ca8c3572c3dc46dc7579c100010000000000001af7d2149c8ab5ef187087f74b65a6c7da154853894437ffcb5cc3a2b13759c42b350b09a639a8f257d81204e7e61b7f7230db061fabbdc611df1129695265a3426e02f9b24ebc243a8b7ab50e4279be8594af30231a567d1f0ac5297daa6e9e82eb90c602adffc6a3de64b1db82ac547a6a4b78a323aebbf4917450e54b989c6065aeafe708ed91d86ee0ea4ad86715a9bad226f1eda090456f50863060f074c0469fb82752e4aacbf6ab830391cdb628b5f371ce3b1431b2726cbd8b933f3ce2d452d46d56a8cc49e160581b4a23e881264d498b4b6e7c2f9bc962da260e699aa50d2da32c555047ca"], &(0x7f0000001040)='GPL\x00', 0x0, 0x6b, &(0x7f00000004c0)=""/153, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x5d}, 0x15)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f00000002c0)=r0, 0x4)
sendmsg$unix(r2, &(0x7f0000000e80)={0x0, 0x0, 0x0}, 0x0)

7.277422315s ago: executing program 0 (id=1759):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003f0000000000000008000f0001000000", 0x24)

7.185097713s ago: executing program 3 (id=1761):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRES64=0x0, @ANYRES8=0x0], 0x1, 0xc3c, &(0x7f0000000d00)="$eJzs3V1sXGdaB/DnnWMndsqyU9qmXbpIsxSxaZoE56OtUVrkbIy1K0VtVMcLNyCP40kY1V+1nVVawSpIwA0Igoq0Ai7IDRIXXOQGCa0QirhZJECKQJUWgUSgabQSAmYFCysqYXRm3rHHbtK4+bLT/H5t/J8585w575n2OT4TzXsmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICIL/30saGDaatHAQA8SK+NvzF02O9/AHiknPL+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA20tRxFuR4r2xVpps3+8YONGcO3d+YnTs5qsNpkhRiaJdX/4ZOHjo8JEXX3p5uJsfv/699rl4ffzUsdrx+dmFxcbSUmO6NjHXPD0/3dj0M9zt+hvtbb8Atdk3z02fObNUO3Tg8LqHz1dv7Hxsd/Xo8LP7nu/WToyOjY331PT13/HWPyLdu6fiU2RHFPHlSPGt/d9J9YioxN33wm2OHffbYPSV/dfeiYnRsfaOzDTrc8vlg6mSq/oiqj0rjXR75AH04l0ZibhQ/ncqB7y33L3xhfpifWqmUTtZX1xuLjfn51KlM9pyf6pRieEUsRARrWKrB8920x9FvBopbnzYSlMRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTx25Hi3cmhOJ37qt021yO+WOYrEW+VeSXFxXw/lQeI4Yjv+n0CD7W+KOJvIsV8aqXpbu+3zytPfLX2lbkz8z213fPKh/79wYPk3IRtbCCKmGqf8bfSnf9lFwAAAAAAAAAAAADwYBTxzUhxeXZPWojeOaXNubO1U/Wpmc6ngruf/a/ltVZWVlaqqZO1nEM5R3KezDmZcyHnhZwXc17KeTnnlZxXc17L2coZlbz9nLWcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhnmPQEAAAAAAAAAAAAAAAAAAHCPDUYRvxEp/v33v9b+Xulofy/9Z48OHz/xmd7vjH/mNs9T1h6IiG/G5r6Td0f+rvFUKf+59/sF3N5AFPH1/P1/v7zVgwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALaFShTxK5HiG99rpUgRMRIxGZ28Vmz16AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA0s5UxKuR4md/d2R1WV9EpPa/HXvKH0dipMj5RJmvxMjBdlZGjpU5EHFgC8YP3Lmlt995sz4z01h0ww033Fi9sdVHJgAAAAAAAAAAAAAAAAB4hKUi/j5S/OTvtVI1Is5Xb+x8bHf16PCz+54vomhfBCD11r8+fupY7fj87MJiY2mpMV2bmGuenp9ubHZzAyeac+fOT4yO3Zedua3B+zz+wYHj8wtvLzbP/sLyTR/fNXBsaml5sX765g/HYPRFDPUu2dse8MToWHvQM836XHvVVLnFAPsiapvdGR55u1IR/xsp3tv/7Xg8L8vX/+jv3Fvr/j/8xbV7P9y3Plf/d2wfPz57dPj4ruc2czttdqB7241XNsLYeM/ivjzKH+pZVs3j2vRzwyOq7P8XIsXP/1GRuj2U+/8HOveK1dr/+fpaTx3dkKu2qP+f6Fl2NB+1+vsiBpZnF/qfjhhYevud/c3Z+tnG2cbckUMvvzR85OUXj7zUvyNi4ExzpjG0dmvTrx0AAAAAAAAAAAAAAAAA3C/9qYgvRYpf+ru/XJ03nuf/faZzb23+X+/83z0bnqf3ugG3un3TuX63mdfXq9xmSkU8FSme/bNn2uNNscucd7hDu1IR3y/7afrL6Qt5We7/PLP/5v1/YUOu2qL5v4/3LLuQjxP/ESke/4Nn4gs9x4mNs3vLur+IFFM/8vlcFzvKuu7zdeZEdyYGl7VfixTvn1xf2503/cRa7cHN7hZspbL/ZyPFP/zW38aP5mXrr/9x8/7ftSFXbVH/P9m7TxGx9PY7b9ZnZhqLS5t+KeCRU/b/r0eKv/6Tb8dzednHXf+ne52fPc+tz8Fu0Rb1/1M9y6p5XD/2CV8LAAAAAAAAAAAAeFjsSkX8U6T48z/dl/bnZZv5/O/0hly1RZ//e7pn2fS6z//evxubfpEBAGCb6E9F/ESk+OPp66k7N/aW839fWZv/M7rxxL19Tv+D7Xn+n+hc/xPM/y+3mVIR/5fn9Q7dZl7vj0eKX/upfbku7S7rRrrDbf8ceG1+bv+xmZn50/Xl+tRMoza+UD/dKNfdGyn+9d8+n9ettOf5dudHd+YGr80J/p1I8XMfdGs7c4K7cymfXKs9WNbujxTff399bXfe1VNrtYfK2t+MFGP/ffPa3Wu1h8vaf4wU//lurVu7q6ztvp97eq32wOn5mY+8ZQMAAAAAAAAAAAAAAAAAAGDr9aciUqS48jOXVufGr7/+V/c6AOuv/7XR/fr+/+q92U0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeCikKOK/IsV7Y610rSjvdwycaM6dOz8xOnbz1QZTpKhE0a4v/wwcPHT4yIsvvTzczY9f/177XLw+fupY7fj87MJiY2mpMV2bmGuenp9ubPoZ7nb9jfa2X4Da7Jvnps+cWaodOnB43cPnqzd2Pra7enT42X3Pd2snRsfGxntq+vrveOsfke7dU/EpsiOK+KtI8a3930n/XERU4u574TbHjvttMPrK/mvvxMToWHtHZpr1ueXywVTJVX0R1Z6VRro98gB68a6MRFyIiEo54L3l7o0v1BfrUzON2sn64nJzuTk/lyqd0Zb7U41KDKeIhYhoFVs9eLab/ijiSqS48WEr/UsRUXT74IXXxt8YOnzrFfse4CBvsflqEXE1HoKehW1qZxTxZKR4d3Io3i86fdVum+sRXyzzlYi3yryS4mK+n8oDxHDEd/0+gYdaXxRxMlLMp1a6XuTeb59Xnvhq7StzZ+Z7arvnlQ/9+4MHybkJ29hAFPFB+4y/lT7w+xwAAAAAAAAAAAAAtrkiXo0Ul2f3pPb80NU5pc25s7VT9amZzsf6u5/9r+W1VlZWVqqpk7WcQzlHcp7MOZlzIeeFnBdzXsp5OeeVnFdzXsvZyhmVvP2ctZxDOUdynsw5mXMh54WcF3Neynk555WcV3Ney9nKGT4nDQAAAAAAAAAAAAAAAADAfVKJIn41Unzje620UnS+X3YyOnnNPFf4VPv/AAAA//84/iOE")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
r2 = socket(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r2, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r2, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r2, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write(r2, &(0x7f0000000000)='\"', 0x1)
recvmmsg(r2, &(0x7f0000000780), 0x3ffffffffffff81, 0x2, 0x0)

6.989031769s ago: executing program 4 (id=1762):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0xc0701, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

5.725749212s ago: executing program 0 (id=1764):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$sock_int(r0, 0x1, 0x5, &(0x7f00000000c0)=0x1, 0x4)
sendto$inet(r0, 0x0, 0x0, 0x44000, &(0x7f0000000180)={0x2, 0x4e21, @empty}, 0x10)

4.954617705s ago: executing program 3 (id=1765):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x8, 0xf}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r1}, 0x10)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
close(r3)
recvmsg$unix(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x0)

4.002610023s ago: executing program 0 (id=1767):
socket$kcm(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0xffffffffffffffca, &(0x7f0000000040)=0x10001)
r0 = openat$hwrng(0xffffffffffffff9c, &(0x7f0000000540), 0x0, 0x0)
preadv(r0, &(0x7f0000000240)=[{&(0x7f0000033a80)=""/102386, 0xfffffd6e}], 0x1, 0x0, 0x0)
syz_usb_connect(0x0, 0x24, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'ipvlan1\x00', <r3=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="340000001400230300000000000000000a000000", @ANYRES32=r3], 0x34}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f0000000000)={'team0\x00', <r5=>0x0})
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006970766c616e3100000000000000000008000a00", @ANYRES32=r5], 0x3c}}, 0x0)

4.002426163s ago: executing program 4 (id=1768):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0xc, &(0x7f0000000140)=ANY=[@ANYBLOB="18020000040000000000000000000000850000009b000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r0, 0x0, 0xe, 0x0, &(0x7f00000000c0)="e0b9547ed387dbe9abc86a457991", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

3.90978977s ago: executing program 3 (id=1770):
syz_mount_image$ext4(&(0x7f0000000580)='ext4\x00', &(0x7f00000005c0)='./file0\x00', 0x1008002, &(0x7f0000000180)={[{@grpquota}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x88}}, {@resuid}, {@max_batch_time={'max_batch_time', 0x3d, 0x3}}, {@resgid}, {@usrquota}, {@data_err_abort}, {@data_err_abort}]}, 0x1, 0x5d8, &(0x7f0000001200)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
quotactl$Q_SETQUOTA(0xffffffff80000800, &(0x7f0000000040)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)

3.781755181s ago: executing program 4 (id=1771):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
readv(0xffffffffffffffff, 0x0, 0x0)
syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000040), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f0000000000)='devices.allow\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000680)=ANY=[@ANYBLOB="61202a322a942072776d0080526170670b574ffb2f3630ac4f5ce88736e6f615bac8314c7845079564a77081fca97cc3b9034ab2bbfe7a1381a84b1b64daf713d8e2a18568a1a1e6969453aef2cd2ac15035a7ea9077a992771d99d4ec02b742b54a1b784140ce9f2a03e35eebd2b17d27d0"], 0xa)

3.261842803s ago: executing program 3 (id=1773):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x0, &(0x7f0000000280), 0x1, 0x787, &(0x7f0000001000)="$eJzs3ctrXNUfAPDvnSRNk/b3SwRB6yogaKB0YmpsFVxUXIhgoaBr22EyDTWTTMlMShMCtojgRlBxIeimax9159bHVv8LF9JSNS1WXEjkzqOdNjPppM3MBPL5wMmcc++dnPOdcx/nzr3MDWDPmkj/ZCIORcRHScRYfXoSEUPV3GDEidpyt9fX8mlKYmPjzT+S6jK31tfy0fSe1IF64cmI+PH9iMOZzfWWV1bnc8ViYalenqosnJ8qr6weObeQmyvMFRaPTc/MHD3+wvFjOxfrX7+sHrz+8WvPfnPin/eeuPrhT0mciIP1ec1x7JSJmKh/JkPpR3iPV3e6sj5L+t0AHkq6aQ7UtvI4FGMxUM21MdLLlgEA3fJuRGwAAHtM4vgPAHtM43uAW+tr+Ubq7zcSvXXjlYjYX4u/cX2zNmewfs1uf/U66Oit5J4rI0lEjO9A/RMR8cV3b3+Vpqj3g2tpQC9cuhwRZ8YnNu//k033LGzXc1vN3BiuvkzcN3mvHX+gn75Pxz8vthr/Ze6Mf6LF+Ge4xbb7MB68/Weu7UA1baXjv5eb7m273RR/3fhAvfS/6phvKDl7rlhI923/j4jJGBpOy9PVRVuP3CZv/nuzXf3N478/P3nny7T+9PXuEplrg8P3vmc2V8k9atwNNy5HPDXYKv7kTv8nbca/pzqs4/WXPvi83bw0/jTeRtocf3dtXIl4pmX/3+3LZMv7E6eqq8NUY6Vo4dtfPxttV39z/6cprb9xLtALaf+Pbh3/eNJ8v2Z5+3X8fGXsh3bzHhx/6/V/X/JWNb+vPu1irlJZmo7Yl7yxefrRu+9tlBvLp/FPPt16+69V23r9T88Jz3QY/+D1379++Pi7K41/dlv9v/3M1dvzA+3q76z/Z6q5yfqUTvZ/nTbwUT47AAAAAAAAAAAAAAAAAAAAAAAAAOhUJiIORpLJ3slnMtls7Rnej8doplgqVw6fLS0vzkb1WdnjMZRp/NTlWNPvoU7Xfw+/UT56X/n5iHgsIj4dHqmWs/lScbbfwQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA3YE2z/9P/Tbc79YBAF2zv98NAAB6zvEfAPae7R3/R7rWDgCgd5z/A8De0/Hx/0x32wEA9I7zfwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALrs1MmTadr4e30tn5ZnL6wsz5cuHJktlOezC8v5bL60dD47VyrNFQvZfGmh7T+6VHsplkrnZ2Jx+eJUpVCuTJVXVk8vlJYXK6fPLeTmCqcLQz2LDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6V15Znc8Vi4UlmS0zI7ujGbsmMxi7ohkyXcs07yVG+reDAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjl/gsAAP//IIYqoQ==")
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x7a44, 0x1700)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='memory.events\x00', 0x100002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000040)='./file0\x00', 0x300001a, &(0x7f0000001080)=ANY=[@ANYBLOB="7379735f696d6d757461626c652c666d61736b3d30313737373737373737373737373737373737373737332c73686f72746e616d653d6c6f7765722c636865636b3d7374726963742c2c756e695f786c6174653d302c726f6469722c726f6469722c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d312c6572726f72733d636f6e74696e75652c74696d655f6f66667365743d3078303030303030303030303030303465302c757466383d302c0077b5b28056fc4549cab55cccc917ad315c8ea56f5a89c104f92d058b92f5881e69e06002f5914c03fefbeb09121733eaf5ded73df976fbd4cfcb8b70b0bf44da1b46bc3935431d5e60a641f9e4ebbf71c77fc9a810ce726b8c6d6295a5f2e2b069b95ba8ecce52ded99b82923228c37d5e1ec11cdbcabb8a89cbf2cf2771d69e3cf0e6760094145e542e426bceaab9b2cf261046247bce0565db3ac5888b74efd48bc9f455e60f49496ca8137aba85fe39756814fda1f0624b33a2025792a477ccfff09befb1d0cf1599d272628028b9786e1fbfb3d637c2561421488c9d0000000094bf13ac582f6b67de0cad933631794271b2259fe5d73a74ad7da615c31505c7c0c168052d38e5b64c4bb7d0599e5dcf0000000000000000000000000000002790cf17418aa278cfc0c9d1c81c63e58b877706a4b7eed8a5aff253298db2939adc0efdab4745ab0e09ef8beaaf04e5374c2e7e4672e47fe5a25502919954242f8d779d84091f20646210edf871d3f20ad66fcf4b816323b8abb307381d4ada887dcc71e35f364baa1b992ced893ab946472440b53fc08cc41403e167b1f2605e04d5f0c16ed49969b59d650d88642b10c7893fe9b664421a40f4822ffcc284dfe9aea76e4a04293c970f2dae776decf07b085e16511b0bd365b0f86c7fcd8df00a87f4dbbf8e6255a2e5cd64402a4de537bf113fc7370099e4faebe3f8803d000000004c5f9b205ce1bbc8c0002a19457e05a210d9e9820bc7f318ebfdfcc22f83150503b2000000000000000000000000632ff0fa874ac0769142daca624cb4e0206734b6ed975359c4c61af929e56449437f109207ab97933bfa547d54f09f318a621c0180844af3362417ea3266d51c40f1f6abeaa2e90ce22d20600e22cd20de", @ANYBLOB="d23c17f6ec95b3b885b061be4d1d842e4a63ec77a88347691f71d1e41301cf3df73c16fd088806b677d36dfdfecb4a080900060031622d37a921b1c072bdbff76ef2fed6da828ab4e0f87928c18c0380050249fb6a2be8b8ea56db5b017149cfa27eb8080778c490a639625353dde9d1c6d1e69c8f629356c70f7c3b140340ce0d51592813652003977d21460538702c7a359af24a7cd83ee44c1c69a7abd35b7d27fe6f33ed371b3db09d05553843a2ae2fc8b1246690dd9db1b67e10fbeea0f8a5045a9f351faac4ffcb8f9a57b03f295c9517551310dda73d40c81eabda5628dc79bf012d0b37b49a05b0d275d46b97c4d8b237341491a2de17488a4fb9b18bf56c96c4ee499a69841d03c75e5837b20cdd1400d9d6d6fb17f88178adc14763fab9740607eccb9a03dee8abf7639e2f9530593b41172f8261bca7a34acd8eff67d25e03ac7532262f5c1256b5ba7bbb5a9966aaf4dddcf9000000000000"], 0xf, 0x2a6, &(0x7f0000000740)="$eJzs3c9qK2UUAPAz+deoiwRxowgO6MJVuXXrplGuIHalRFAXGrz3giThwi0ErGDsqk/g0vfwEdy48Q0Et4K7dlEZmcxMk9CkrTWm0Pv7rQ7zzTlz8n0lXeXMV6+Ph4+eJnF8+nu020nU9mM/zpLoRi0qP0QjAID74yzL4q/sNpmN2ua7AQC2ofj/X7jrXgCA7fjks88/6h0cPPw4Tdvxaudk0k8iYnwy6RfrvSfxTYzicTyITpxHZBeK+IMPDx5GI811463xdNLPM8df/lrW7/0ZMcvfi050V+fvpYWF/Omk34wXI43ek2bVaideWZ3/zor86Lfi7TcX+t+NTvz2dTyNUTyKPHee//1emr6f/Xj63Rf5Y/L8pBb9ndl9c1l9m+cCAAAAAAAAAAAAAAAAAAAAAMD9tpumSTG+Zza/J79Uzt+pn8/Wd9NKd3k+T5GfVIWK+UBZlCN6pln8VM3XeZCmaVbeOM9vxGsNLxYAAAAAAAAAAAAAAAAAAACA3OG3R8PBaPT42UaCahpA9bP+29bZX7jyRhwNB/X1BXdu/qzFaQN5r1feHI1GbGhbrgteyPvZeOWd+eF+GkVQHcy/L9hcn/Xye0XRo+EgLZeqTR4Okuue1a4O7ufFpVb8103IZn8S59nymbYvWl3Oam1o51svrVz6O8uym9V594/ijMoryWzExs2e3iyDlR8wD9qXz+KX9QXXfmXUN/LFAwAAAAAAAAAAAAAAAAAAXDL/0e+KxeMrU2v/W1MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGXz9/9XQTsilq9cCqZl8lX3lEErnh3e8UcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOfBPAAAA//8s7E5o")
r4 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700)
write$cgroup_int(r4, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240), 0xfecc)

3.261070223s ago: executing program 2 (id=1783):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$hwrng(0xffffffffffffff9c, 0x0, 0x200, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
getpeername$l2tp6(r0, &(0x7f0000000040)={0xa, 0x0, 0x0, @initdev}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r1, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000005c0)=ANY=[@ANYBLOB="14000000100001ff00000000000000000000000a2c000000050a01020000000000000000020000000900030073797a32000000000900010073797a300000000014000000020a031747d21400000000000000000014000000110001"], 0x68}}, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0xec, &(0x7f0000000100)={&(0x7f0000000540)=ANY=[@ANYBLOB="14000000100001000b000000000000000000000a20000000000a03000000000000000000010000000900010073797a300000000044000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a3000000000080005400000001f08000340000000045c0000000c0a01020000000000000000010000000900020073797a32000000000900010073797a3000000000300003802c00008028000180230001"], 0xe8}}, 0x0)

3.128532364s ago: executing program 4 (id=1774):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001c40)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2ed0300000000000000af99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14008c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f0000100000006da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c4159b364a4fd7013f34db173a4fdacf15229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3ab60fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4978ea8e4aa37014191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be867a28f09c5877fc2355ecdc9c30dcb2d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff3a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4e064c98e494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb357b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88cf573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50265a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867857ed13a4fa4ae033a09673866cd77f4bcdaaa05207166b19a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d9a0e06da200481cde8bf475bc3e1fe9c0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a00"/3590], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x2e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000540)='rcu_utilization\x00', r0}, 0x10)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000380)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioprio_get$uid(0x3, 0x0)
recvmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x100, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
setpriority(0x2, 0x0, 0xffffffff00000001)
socket$nl_route(0x10, 0x3, 0x0)

3.06172782s ago: executing program 2 (id=1775):
r0 = socket(0x10, 0x3, 0x0)
write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003f0000000000000008000f0001000000", 0x24)

2.835826718s ago: executing program 1 (id=1776):
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, &(0x7f0000000340)}, 0x20000014)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
unshare(0x2c040000)
r4 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$sock_int(r4, 0x1, 0x25, 0x0, 0x0)
unshare(0xe020600)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0xf, 0x0, 0x18)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f00000014c0)=[{{&(0x7f0000000c40)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, 0x0}}, {{&(0x7f0000000f80)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000e80)=ANY=[], 0x18}}], 0x2, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, 0x0)

1.992474387s ago: executing program 4 (id=1777):
io_setup(0x7, &(0x7f0000000280)=<r0=>0x0)
r1 = openat$sysfs(0xffffff9c, &(0x7f00000000c0)='/sys/kernel/fscaps', 0x0, 0x0)
io_submit(r0, 0x1, &(0x7f0000000880)=[&(0x7f0000000040)={0x0, 0x4000, 0x0, 0x5, 0x0, r1, 0x0}])

1.846411589s ago: executing program 4 (id=1778):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
syz_mount_image$hfsplus(&(0x7f0000007340), &(0x7f0000000000)='./file1\x00', 0x1600008, &(0x7f0000000100)=ANY=[@ANYRES16=0x0], 0x3, 0x632, &(0x7f0000001840)="$eJzs3UtsG2kdAPD/OI4TB9TN7qa7Ba1EtJUWRESbh7IQLpSHUA4rtFoOnKPWbay6aZW4KK0QCi9x4MKh4lwOuXFC6j1SOcMF9ZpjJVAvPaDcjGY8dpy386qd7e8Xjb/v8zfzzX/+9jzsyJoA3lrzE1HciCTmJz5bTdub6zO1zfWZoby7FhFpvRBRbBaRLEUkz5vdN9KHr6VP5vMnB63nSXXuixevN182W8XWwkkprQ0fvNxRmguu5VOMR8RAXu412O2oO8a7eeB4+/nvn/YPshlous1XW4mDXmvssXacxU+83wL9I2meN/cYjRjJztDN64DIjw6FNxvd2TvWUQ4AAAAuqHe2Ymut0Wj0Og4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4SPL7/yf5VGjVxyNp3f+/1DF7qYehnomNXgcAAAAAAAAAACfSGOhsfWMrtmI1LrV7k+x//h9njbHs8SvxMFaiEstxLVZjIepRj+WYiojRjoFKqwv1+vJUF0tO77vk9LluNAAAAAAAAAB82f025rf//w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP0giRhoFtk01qqPRqEYEcMRUUrnW4v4V6t+kW30OgAAAAB4A97Ziq1YjUutdiPJPvN/kH3uH46HsRT1qEY9alGJW9l3Ac1P/YXN9Zna5vrMvXTaO+5f/tfIdBlGNmI0v3vYf81XsjnKcTuq2TPX4mbcj1q5c5QrrXj2j+s3r9Kxf5DrMrJbeZlu+Z/zsj+MZhkZbGdkMo8tzeO7h2fih69OtaapKLS/+Rk7h5yP5GWyq+y93ZmYjkKW79QHh2ci4pvP/vaLxdrS3cXbKxP9s0kn1MxEo9HMxFDWamXiw7cqE5PZtl9ut+fjp/HzmIjx+DyWoxq/jIWoRyXG4ydZbSF/P6ePo7syVdg59I0drc+PiqSUvy7No+jxYvo4W/ZSVONncT9uRSU+zf6mYyq+G7MxG3Mdr/DlLvb6wvH2+qvfyivpIf2Pedkf0ry+25HXzmPuaNbX+cx2lt47+2Nj8et5JV3H7yLix2e4naezOxPpWeLZV5t97x+eib9m1wkrtaW7y4sLD7pc3yd5me5Hf+irs0T6fnkvfbGy1s53R9r3/r59U1nfWLuvsKfvcrvvqD21lF/D7R1pOuv7cN++mazvSkffnuut9vUQAH1s5NsjpfJ/yv8sPy3/vrxY/mz4R0PfG/qoFIP/GPx+cXLgk8JHyd/jafx6+/M/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwciuPHt9dqNUqy0dWkuzm/xFdzdxRad3O6fCZk/xGPscZWaVWqwxHX4RxrErt3xEdzyS9jqcfKkP99ubv7XEJOH/X6/ceXF959Pg71XsLdyp3KkuDs7Nzk3Ozn85cv12tDUT6WJnsdZTAedg+6fc6EgAAAAAAAAAAAKBbh/8MYDCf63Q/J+jxJgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX3PxEFDciianJa5Npe3N9ppZOrfr2nMWIKERE8quI5HnEjWhOMdoxXHLQep5U57548Xrz5fZYxdb8hcOW685aPsV4RAzk5VmNd/PU4yXtLUwTdrV0uuDgzPw/AAD//4oVCL4=")
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='kfree\x00', r0}, 0x10)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f0000000400)='./file1\x00', 0xa08800, &(0x7f0000000140)=ANY=[], 0x1, 0x67c, &(0x7f0000000440)="$eJzs3c1rHOcdB/DvrFay5IKjJLaTlkBFDGmpqS1ZKK16idtD0SGU4B5CoRdhy7HwWgmSUpRQWvX92kP+gPSgQ6GXFno3pNBT21voTfRQAoVectLNZWZnpZX1kl1Z0lrN52Nm95l5Xue3M89odjET4HNr7mqaD1Nk7urra+X65sZ0a3Nj+lyd3UpSphtJs/2WYikpPkpupr3ki+XGunxxUD8fLM7e+vjTzU/aa816qco3DqvXm/V6yUSSofp9r+EjtXf7wPYON7+dKrb3sAzYlU7gYNAe7bHeT/UnPG+Bp0HRvm7uMZ6cTzJa/x2QenZonO7ojl9fsxwAAACcUc9sZStruTDocQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMBZUj//v6iXRic9kaLz/P+Relvq9K3GgMf8JB4OegAAAAAAAAAAcAy+vJWtrOVC6h/3H7V/2X+5er1YvX4h72YlC1nOtaxlPqtZzXKmkox3NTSyNr+6ujzVQ80b+9a8cbTx//Fo1QAAAAAAAADg/83PM9f+/R8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ4WRTLUfquWi530eBrNJKNJRspy68k/Oukzothv48PTHwcAAAA8kdEj1HlmK1tZy4XO+qOiuue/XN0vj+bdLGU1i1lNKwu5U99Dl3f9jc2N6dbmxvSDzY3pquMfPmprt/Pt//Y1jKrFtL972L/nF6sSY7mbxWrLtdyuBnMnjapm6cV6PNvL7k5+Vo5p7LVajyO7U7+Xnf32oG8RjkOj3wrjVaXh7YhM1mMrG3r28Eh85qfTPLSnqTS2v/m5eEhPnV0q+oz5+U69JL9+LOav/fv3P+ixmROwHYlGqkjc6Dr6Lh8e8+Qrf/7Dm/daS/fv3V25emKH0Wl5/JiY7orEC2c6Es0+y09Wkbi0vT6X7+b7uZqJvJHlLOZHmc9qFlLPjJmvj+fydbwrSsmeSN3ctfbGZ41kpP5c2rNoL2OayLkqNZ+Xq7oXspgib+dOFvJq9e9GpvKNzGQms12f8KUDP+Fq36qZttHfWX/lq9k51X9TztS91Uv+2mvB/rUvqWVcn+2Ka/ecO17ldW/ZidJzPVyP+pwbm1+qE2UfvzjKZePEPB6Jqa5IPH94JH5XnRsrraX7y/fm3zmg/fXH1l8Z3kn/6iSvzH0rj5fnMlrPJLuPjjLv+e1ZZne8RupfXNp5jT15l6q8ouicqd/b50wtIz5blb68b0s3qrwX9uYN1SP/57+68nb9vZW3/zaYeALQp/NfOz8y9p+xv499OPbLsXtjr49+59w3z700kuG/DH+rOTn0SuOl4k/5MD/Zuf8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACObuW99+/Pt1oLy/snGgdnHW+iqB/kc1CZZsZyCsM4zUSRrB97yxn8fvWQ6DxE8EnbefPmU7E7ZzoxlKTe8tNk5/ipP6KjPFwUOBOurz545/rKe+9/ffHB/FsLby0sDc/MzE7Ozrw6ff3uYmthsv066FECJ2Hn74FBjwQAAAAAAAAAAADo1Wn8T4Ou7iYGuKsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGTV3Nc3hFJmavDZZrm9uTLfKpZPeKdlM0mgkxY+T4qPkZtpLxruaKw7q54PF2Vsff7r5yU5bzU75xmH1erNeL5lIMlS/7zFytPZuH9Rez4rtPSwDdqUTOBi0/wUAAP//6PAGzw==")
setxattr$trusted_overlay_upper(&(0x7f0000000b00)='./file0\x00', &(0x7f00000003c0), 0x0, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000000c0)='ext2\x00', &(0x7f0000000100)='./file0\x00', 0x2000000, &(0x7f0000000180), 0x1, 0x520, &(0x7f00000010c0)="$eJzs3d1rLGcZAPBnNtmer+iu2otaaHuwlZyiZzdpbBu8aCuIdwWl3h9Dsgkhm2zIbupJKJqD9woi2tteeSMI3grS/0BRCnovKkrRUwV7oY7M7OTkZLub5JD9oMnvB2/mnZmdeZ53kn3n85wJ4NK6GRGvRcRURDwfEZVieqkocdAt2ec+uP/WclaSSNM3/p5EUkzLPpYUJXOjWOxqd5D7d3o8bntvf2Op2WzsFOP1zuZ2vb23f3t9c2mtsdbYWliYf2nx5cUXF+eG0s6sXa989S8//sFPv/bKr7747T/e+dut72T5zhTzD9sxbN1tUs62xQPTEbEzimATMFW0pzzpRAAAOJPsGP/TEfG5/Pi/ElP50dzZJCPNDAAAABiW9NWZ+E8SkQIAAAAXVil/BjYp1YpnAWaiVKrVus/wPh7XS81Wu/OF1dbu1kr3WdlqlEur683GXPFMbTXKSTY+n9ePxl94MJ4cPHy94UeVa/n82nKruTK5yx4AAABwqdzoOf//V6V7/n+Ce2NLDgAAABie6lE1rUwyEQAAAGBkqh+Z8s5E8gAAAABG56Pn/wAAAMAF8vXXX89Kmr//uhqx8ube7kbrzdsrjfZGbXN3ubbc2tmurbVaa830SsTmaetrtlrbX4qt3bv1TqPdqbf39u9stna3OnfWj70CGwAAABijTz3z7h+SiDj48rW8ZB7LfkwNWMCzAnBhlB7lw38eXR7A+A3azQMX3/SkEwAmptwdJJPOA5ic0zqAgQ/v/Gb4uQAAAKMx+9n+9/+nj64NABfUI93/By4U9//h8nL/Hy6vsiMAuPRGf/8/TU9dFwAAMFIzeUlKteJe4EyUPky7ohrlZHW92ZiLiE9GxO8r5SvZ+Hy+ZOIfDQAAAAAAAAAAAAAAAAAAAAAAAADAGaVpEikAAABwoUWU/poU7/+arTw303t94LHkw0o+zN8O8MZP7i51Ojvz2fR/FNMjOm8X0194lCsP3jwOAAAAo3J4nn54Hg8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw/TB/beWD8vxOaWRxn3/KxFR7Rd/Oq7mw6tRjojr/0xi+nChZyKSiJgaQvyDexHxRL/4SZZWVIssjsUvtsq1PIuRx38qTdPv9ot/49zR4XJ7N+t/Xuv3/SvFzXzY//s/XZTzGtz/lR70f1N94mc9zyfOsP4rEfHkez+vD54b8eR0//7nMH4yIP6z/VbZZ6N865v7+4PyS9+JmD3a/3z/eISjWr2zuV1v7+3fXt9cWmusNbYWFuZfWnx58cXFufrqerNR/Owb44dP/fJ/g+K/fy/iet/9X7f/faj9S73tfy6rlAet+ch/37t7/zN5rZL2rCKPf+vZ/r//J47HP7Zps7+Jzxf7gWz+7GH9oFt/2NM/++3TJ7V/ZUD7T/v93+pZ16D98fPf+N6fTtxAAMBYtff2N5aazcbOyCtvp2k6plj5gci42nXuyuMfn1Tbe7/4Xbfyau+smye0Ir0y7j82lXNXenuKX4+/cwIAAIbq6KB/0pkAAAAAAAAAAAAAAAAAAADA5TWO/06sN+bBZJoKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCi/wcAAP//rgHbtw==")
creat(0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000002c0)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x275a, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
fsopen(&(0x7f0000000000)='debugfs\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
ioctl$TUNDETACHFILTER(0xffffffffffffffff, 0x401054d6, 0x0)
r1 = syz_open_dev$MSR(&(0x7f0000000140), 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = creat(&(0x7f0000000080)='./file1\x00', 0x0)
write$binfmt_script(r2, &(0x7f00000038c0)={'#! ', './file0'}, 0xb)

1.845724549s ago: executing program 2 (id=1779):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000380)=ANY=[@ANYBLOB="000a06000000b1bad858db018ffe0a000000000000000000100000000000000000000000000000000500000000000000000000000000000000010720000000000602000200000000080000000000000000000000f6"], 0x60)

1.601669569s ago: executing program 2 (id=1780):
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
shutdown(r0, 0x2)
ioctl$sock_inet6_tcp_SIOCOUTQNSD(r0, 0x894b, &(0x7f0000000280))

767.945937ms ago: executing program 3 (id=1781):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x13, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000380)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000580)={0x11, 0xf, &(0x7f00000003c0)=ANY=[@ANYBLOB="18000000000000000000000000000086aa6cfa6336587b0003110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(r5, &(0x7f0000000900)={&(0x7f00000000c0)={0xa, 0x4e24, 0x0, @dev}, 0x1c, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB="180200002900ff000000000000007655bcfcfa299eb6826e476640d5a9ddae4cb34521666569b31efc5c"], 0x18}, 0x0)
openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
r6 = socket(0x10, 0x3, 0x0)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = socket(0x10, 0x803, 0x0)
r9 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), r9)
getsockname$packet(r9, &(0x7f0000000080)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r10, @ANYBLOB="00000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r8, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000440)=@newtfilter={0x64, 0x2c, 0xd27, 0x0, 0x3, {0x0, 0x0, 0x0, r10, {}, {}, {0x7}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x4}, {0x24, 0x5, [{0x2, 0x5, 0x6, 0x8}, {0x8, 0x3, 0x2, 0x1ff}, {0x81, 0x51, 0x3, 0x178}, {0x8, 0xc9, 0xf, 0x7}]}}, @TCA_BPF_FLAGS={0x8}]}}]}, 0x64}}, 0x0)
r11 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000240)='/sys/kernel/debug/binder/transactions\x00', 0x0, 0x0)
lseek(r11, 0x851, 0x0)
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000680)='./file2\x00', 0x800000, &(0x7f00000007c0)=ANY=[@ANYBLOB="6e6f757365725f78617474722c666c7573685f6d657267652c6673796e635f6d6f64653d706f7369782c64697361626c655f6578745f6964656e746966792c6261636b67726f756e645f67633d73796e632c6673796e635f6d6f64653d7374726963742c6e6f626172726965722c6e6f696e6c696e655f646174612c6e6f626172726965722c71756f74612c6261636b67726f756e645f67633d6f66662c6e6f61636c2c6e6f657874656e745f63616368652c6e6f646973636172642c6163746976655f6c6f67733d342c00e62bc03000c35169ed09803fa1bee488c680f339e530b5e8ad120a2b4f078093a8e0ba2b3d1b5fe99356b80a454c1ec2f8e12392bbffe9fae2fa05e18a6b61f5eded2e484f574d2757a5fe762c770477aa3460313ee54451c6a6159eca600d6c85a8c09cef9996dc851a5f5edf1a4a22576c6dfe6b9e8dade2d3a8e6a8c7710733c1f69aabd8880291"], 0x1, 0x5504, &(0x7f000000c0c0)="$eJzs3M1rI2UYAPB32u1+uxbx4G0HFqGFTWj6seit6i5+YJey6sGTpsk0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJl3qls/QGma2O3vB5Nn5p03zzxvKIVnJiQA59Z8+vOPSbgRroQQZkMI10Mo9pNyK6zH8Fx5buaxLSnHfx+4GEK4GkK4MUoecyblqU9vD2+t/fDGT199c+nCtc++/HZ6qwam7fkQQncn7u93Y8xbMT4sx+vDdhG7q8MyxhPdR+VxHuN+tlVk2K8fzasXcaUV5+c7e/1R3O7UG6PYam8X4zu9eMH+sHWUp3jDw/pucdzMtorY7udFbB3Gug4O4/+2w/4g5mmW+T4o0ofB4CjG8ewgi+vZeVTERm9Qjse8eTM7GMVhGcvLhUbeaRZ1bJ3kk/5/e7Pd2ztIh9luv5330rVq7YVq7U6ltps3s0G2Wql3m3dW04VWZzStMsjq3fVWnrc6WbWRdxfThVajUanV0oW72Va73ktrtepKdamytlju3U5fvf9O2mmmC6P4cru3N2h3+ul2vpvGdyymy9WVFxfTW7X0rY3NdPPBvXsbm2+/d/fd+y9tvP5KOekvZaULy0vLy5XaUmW5tniO1v9RWfQY1w8nkky7AICz57/2/zf1/8AYnF7/v/sghNPv/4P+fyzOVP973vv/U1g/nIj+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg3Ppu7vPXip35eHytHH+qHHqmPE5CCDMhhF//xmy4eCznbJln7h/mz/2phq+TUGQYXeNSuV0NIayX2y9Pn/anAAAAAE+uLz68+Uns1uPL/LQLYpLiTZuZ6++PKV8SQpib/35M2WZGL8+OKVnx930hHIwpW3ED6/KYksVbbhfGle1fmT0WLj8WkhhmJloOAAAwEcc7gcl2IQAAAEzSx9MugOlIwtGjzKNnwcU37/94IHjl2BEAAABwBiXTLgAAAAA4dUX/7/f/AAAA4MkWf/8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAH5j535yUgfiOID/WuiD9y+PvLj3Ku7gGB7BpUvDAbwER8AreAHPgDuPYMDQqUQU3XRKI/l8kjJMQ77MELqY3yQDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHTpsVrO7m7Ob9vmrDft5JkNAAAAcMiqWs7qN5PU/93c/9vc+t/0i4goI+LQ2n0QP/YyB01O9cnnq3djuI+oE7bfMWquXxFx0VzP/7r+FQAAAOB0PcwX07RaTy+TvgfEMaWiTfnnMlNeERHV5ClTWrnNO8sUVv+/h3GdKa0uYI0zhaWS2zBX2kcHouvHfVe1G79pitSUX0dmmzsAAHBEg72mw1UIAAAAPbvqewD0o4jXrczdVuAoNc323s+9HgAAAPANFX0PAAAAAOhcvf53/h8AAACctnT+HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF1aVctZNV9M2+asN+3kmQ0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALywP+8oEAJhEAZ713cmc//DSoOmpiZVIHz8jcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMX+vKRACARBFMwZ/zvp+x9WEvQMIkRAw6OKWjQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMXO/bzGUcUBAP/uzs7WVsUYJYeIKHjQi023tbU38aAED/4JQki3NXbrjzYHW4qQizfJuRfRo4igxFv/h55b6KXeesihghcvlTc/kmkMuFo7s20+H3jzvjsZ3vu+GQj5zkwWAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNr2u7txljZzZdyv9t28d3U19bf29Mn1zduLqaW412bSj4eXmx96C90lAgAAwMGR1fV9RNzJt5ZT358r6v+8PibV/N89W8Z1Pb+37q/7uvZP7ddf7r64M9FcOU8a9OzaZHzs76kMHt0qZ9tz/3jEoDjzxb2XrLgg/Q82XtjOi/PZ++bGjfeGRXiojWwBgP/iaN1XQf33UOpHXSYGwIExaBTedf2fzXWbEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAbtjfi6TruRcTiYDdObt27urpff33z9mLdTl27ttkcMw2RR8TZtcn4WItrmXWXLl85vzKZjC+2H7wSEV3N/k61/PMfTXFwRCfnR/A/Bf3qYs9KPg8T5NVaHv1cHf1CAgDgiZVXLdX1d/Kt5bSvNx9x//sH6//XG3FMWf/f/fjUzeZczfp/1NoKZ9/S+oXPly5dvvLm2oWVc+Nz40/fOj56e3Ti9MmTp5eKeyVL7pgAAADwcIZVa9b/wz3HpJ8dacQxZf3/xbejr5rjZOr/fe0+9Os6EwAAgIPt+Vf/+L23z/7ecBhfrqyvXxyV253Px8ttB6n+a4eq1qz/s/muswIAAADasL3Re+D9/zONOKZ8/v/MDy/91Bwzi4jD1fP/o6ufTc60t5yZ1sa/Lne9RgAAALp1uGrN5//5fKr/+zuvPPQj4o3Xyrj6GsCp6v/s/a9/bM7VfP//RHtLnEn9hfJ8FP1CxGCh64wAAAB4Uv15P+KpKFsq9n/Lt5Y/+fnIh0Pv/wMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC07a8AAAD//3npOno=")

765.524547ms ago: executing program 2 (id=1782):
setsockopt$packet_int(0xffffffffffffffff, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0xd, &(0x7f0000000040)=@assoc_value={<r2=>0x0}, &(0x7f00000000c0)=0x8)
getsockopt$inet_sctp6_SCTP_PR_ASSOC_STATUS(r0, 0x84, 0x74, &(0x7f0000000100)={r2, 0x0, 0x20}, &(0x7f0000002380)=0x18)

652.535986ms ago: executing program 0 (id=1784):
r0 = socket$inet6_udplite(0xa, 0x2, 0x88)
setsockopt$inet6_opts(r0, 0x29, 0x40, &(0x7f0000000380)=ANY=[@ANYBLOB="000a06000000b1bad858db018ffe0a000000000000000000100000000000000000000000000000000500000000000000000000000000000000010720000000000602000200000000080000000000000000000000f678326f"], 0x60)

583.994232ms ago: executing program 1 (id=1785):
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
gettid()
timer_settime(0x0, 0x0, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88))
msgsnd(0x0, &(0x7f0000010000)=ANY=[@ANYBLOB="03"], 0x0, 0x0)

565.199503ms ago: executing program 2 (id=1786):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000040)={0x4, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, &(0x7f0000000100)={0x3, &(0x7f0000000080)=[{0x28, 0x0, 0x0, 0xfffff030}, {0x48, 0xc5}, {0x6}]}, 0x10)
r1 = socket(0x200000100000011, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x1e000000, &(0x7f0000000780)={&(0x7f0000000f00)=ANY=[@ANYBLOB="300000001800dd8d0000000000000000020000000000000900000000060015000a0000000c00168008000100bc"], 0x30}}, 0x0)
r3 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'xfrm0\x00', <r4=>0x0})
socket$pppl2tp(0x18, 0x1, 0x1)
sendto$packet(r1, &(0x7f0000000100)="4dcdc7d96a760000000600050000000000060000", 0x54, 0x0, &(0x7f0000000000)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @link_local}, 0x14)
r5 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)}], 0x1}, 0x0)
shutdown(r5, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r7 = socket$nl_route(0x10, 0x3, 0x0)
r8 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r9 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x10, 0x1c, &(0x7f0000000040)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x41}, {{0x18, 0x1, 0x1, 0x0, r9}, {}, {}, {0x85, 0x0, 0x0, 0x5}, {0x4, 0x1, 0xb, 0x9, 0xa}}, {{0x5, 0x0, 0x3}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x0, 0xb, 0x9, 0x0, 0x2, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff8, 0xf1}, {0x7, 0x1, 0xb, 0x2, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {0x7, 0x0, 0x0, 0x9}, {0x7, 0x0, 0xc}, {0x18, 0x2, 0x2, 0x0, r8}, {}, {0x46, 0x8, 0xfff1, 0x76}}], {{0x7, 0x1, 0xb, 0x8}, {0x6, 0x0, 0x5, 0x8}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r10, &(0x7f00000003c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r10, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
close(r10)
accept4(r10, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r7, 0x8933, &(0x7f0000000540)={'wlan0\x00'})
sendmsg$NL80211_CMD_RELOAD_REGDB(0xffffffffffffffff, &(0x7f0000000200)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x4000000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000140)={0x14, r6, 0x800, 0x70bd26, 0x25dfdbfc, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x40}, 0xc010)

477.438531ms ago: executing program 0 (id=1787):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$batadv(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000100)={'batadv0\x00', <r2=>0x0})
bind$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r6}, 0x10)
r7 = socket$phonet_pipe(0x23, 0x5, 0x2)
setsockopt$SO_BINDTODEVICE(r7, 0x1, 0x19, &(0x7f0000000300)='ipvlan1\x00', 0x10)
ioctl$SIOCPNENABLEPIPE(r7, 0x89ed, 0x500)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.bfq.time\x00', 0x275a, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x12, 0x4, &(0x7f0000001300)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x2, 0x1, 0x1c}]}, &(0x7f0000000040)='syzkaller\x00', 0xa9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xa}, 0x90)
sendmsg$BATADV_CMD_SET_MESH(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000140)={0x24, r1, 0x801, 0x0, 0x0, {}, [@BATADV_ATTR_NETWORK_CODING_ENABLED={0x5}, @BATADV_ATTR_MESH_IFINDEX={0x8, 0x3, r2}]}, 0x24}}, 0x0)

459.349852ms ago: executing program 1 (id=1788):
r0 = socket(0x1e, 0x2, 0x0)
setsockopt$TIPC_DEST_DROPPABLE(r0, 0x10f, 0x81, &(0x7f0000000480), 0x4)
sendmsg$tipc(r0, &(0x7f0000000200)={&(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x0, 0x4}}, 0x10, &(0x7f0000000340)}, 0x20000014)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x200000, &(0x7f00000005c0)={[{@noblock_validity}, {}, {@sysvgroups}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@orlov}, {@nogrpid}, {@noauto_da_alloc}, {@nomblk_io_submit}]}, 0x3, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
openat$ppp(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket(0x10, 0x3, 0x0)
fadvise64(0xffffffffffffffff, 0xfffffffffffffffc, 0xf, 0x4)
unshare(0x8000000)
semget$private(0x0, 0x4000, 0x0)
semtimedop(0x0, &(0x7f0000000280)=[{0x0, 0x0, 0x1000}], 0x1, 0x0)
unshare(0x2c040000)
r4 = socket$igmp(0x2, 0x3, 0x2)
getsockopt$sock_int(r4, 0x1, 0x25, 0x0, &(0x7f00000001c0))
pipe2(&(0x7f0000000000), 0x0)
unshare(0xe020600)
io_uring_enter(0xffffffffffffffff, 0x0, 0x0, 0xf, 0x0, 0x18)
openat$nvram(0xffffffffffffff9c, &(0x7f0000000080), 0x101000, 0x0)
r5 = socket$inet_udplite(0x2, 0x2, 0x88)
sendmmsg$inet(r5, &(0x7f00000014c0)=[{{&(0x7f0000000c40)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x18}}, 0x10, 0x0}}, {{&(0x7f0000000f80)={0x2, 0x4e23}, 0x10, 0x0, 0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="18000000000000000000000007000000860800000003"], 0x18}}], 0x2, 0x0)
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f00000000c0))

0s ago: executing program 0 (id=1789):
unshare(0x400)
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
setsockopt$SO_J1939_ERRQUEUE(r0, 0x6b, 0x4, &(0x7f00000000c0)=0x1, 0x4)

kernel console output (not intermixed with test programs):

point 0x81 has invalid wMaxPacketSize 0
[  281.549795][ T3646] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  281.575135][ T3646] usb 5-1: New USB device found, idVendor=04fc, idProduct=05d8, bcdDevice= 0.00
[  281.592527][ T3646] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  281.631553][ T3646] usb 5-1: config 0 descriptor??
[  281.697869][    T7] usb 1-1: USB disconnect, device number 13
[  281.784565][ T6914] smc: net device lo applied user defined pnetid SYZ2
[  281.803118][ T6914] smc: net device lo erased user defined pnetid SYZ2
[  282.654096][ T3646] usbhid 5-1:0.0: can't add hid device: -71
[  282.660694][ T3646] usbhid: probe of 5-1:0.0 failed with error -71
[  282.705029][ T3646] usb 5-1: USB disconnect, device number 19
[  282.719985][ T6938] netlink: 16 bytes leftover after parsing attributes in process `syz.2.902'.
[  282.751005][ T6932] device syz_tun entered promiscuous mode
[  282.753761][    T7] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  282.792251][ T6932] device macsec1 entered promiscuous mode
[  282.854198][ T6932] device syz_tun left promiscuous mode
[  283.003799][    T7] usb 1-1: Using ep0 maxpacket: 32
[  283.124027][    T7] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  283.138076][    T7] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xDB, skipping
[  283.150861][    T7] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  283.163250][    T7] usb 1-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  283.313861][ T3646] usb 5-1: new high-speed USB device number 20 using dummy_hcd
[  283.343958][    T7] usb 1-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27
[  283.357782][    T7] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.367739][    T7] usb 1-1: Product: syz
[  283.380386][    T7] usb 1-1: Manufacturer: syz
[  283.388715][    T7] usb 1-1: SerialNumber: syz
[  283.424043][    T7] usb 1-1: config 0 descriptor??
[  283.454125][ T6918] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  283.472774][ T6918] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  283.498949][    T7] vmk80xx 1-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[  283.553779][ T3646] usb 5-1: Using ep0 maxpacket: 8
[  283.783969][ T1967] usb 1-1: USB disconnect, device number 14
[  283.834208][ T3646] usb 5-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3
[  283.858650][ T3646] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.868491][ T3646] usb 5-1: Product: syz
[  283.874168][ T3646] usb 5-1: Manufacturer: syz
[  283.879214][ T3646] usb 5-1: SerialNumber: syz
[  283.910507][ T3646] usb 5-1: config 0 descriptor??
[  284.043931][ T3646] msi2500 5-1:0.0: Registered as swradio16
[  284.052064][ T3646] msi2500 5-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  284.281726][ T6968] kvm: emulating exchange as write
[  284.513852][ T3646] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  284.571584][ T6975] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  284.904997][ T3646] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x7 has invalid wMaxPacketSize 0
[  284.909561][    C1] hrtimer: interrupt took 250892 ns
[  284.924473][ T3646] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid wMaxPacketSize 0
[  284.938559][ T3646] usb 3-1: New USB device found, idVendor=2040, idProduct=4900, bcdDevice=4d.8b
[  284.951448][ T3646] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  284.994785][ T3646] usb 3-1: config 0 descriptor??
[  285.046852][ T3646] hdpvr 3-1:0.0: Could not find bulk-in endpoint
[  285.056367][ T3646] hdpvr: probe of 3-1:0.0 failed with error -12
[  285.252035][ T3646] usb 3-1: USB disconnect, device number 11
[  285.888459][ T7002] device syz_tun entered promiscuous mode
[  285.902785][ T7002] device macsec1 entered promiscuous mode
[  285.944072][ T7002] device syz_tun left promiscuous mode
[  286.043822][ T7007] device wlan0 entered promiscuous mode
[  286.127273][ T7007] device wlan0 left promiscuous mode
[  286.158785][ T1967] usb 5-1: USB disconnect, device number 20
[  287.803158][ T7043] device wlan0 entered promiscuous mode
[  287.812666][ T7043] device wlan0 left promiscuous mode
[  288.093732][ T1967] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  288.364129][ T1967] usb 2-1: Using ep0 maxpacket: 8
[  288.654342][ T1967] usb 2-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3
[  288.668112][ T1967] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  288.684726][ T1967] usb 2-1: Product: syz
[  288.696322][ T1967] usb 2-1: Manufacturer: syz
[  288.704718][ T1967] usb 2-1: SerialNumber: syz
[  288.726467][ T1967] usb 2-1: config 0 descriptor??
[  288.934791][ T1967] msi2500 2-1:0.0: Registered as swradio16
[  288.941010][ T1967] msi2500 2-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  289.342640][ T7087] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  289.439073][ T7105] device wlan0 entered promiscuous mode
[  289.657733][ T7105] device wlan0 left promiscuous mode
[  289.683849][ T1967] Bluetooth: hci1: command 0x0406 tx timeout
[  289.691649][ T1967] Bluetooth: hci4: command 0x0406 tx timeout
[  290.304694][ T7119] device pim6reg1 entered promiscuous mode
[  290.551782][ T7130] netlink: 24 bytes leftover after parsing attributes in process `syz.2.965'.
[  290.942089][ T3616] usb 2-1: USB disconnect, device number 15
[  291.083441][ T7144] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  291.234263][ T7147] netlink: 8 bytes leftover after parsing attributes in process `syz.1.970'.
[  291.253932][ T1967] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  291.470903][ T7154] device syzkaller0 entered promiscuous mode
[  291.482560][ T7157] device wlan0 entered promiscuous mode
[  291.493308][ T7157] device wlan0 left promiscuous mode
[  291.533842][ T3619] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  291.638122][ T7163] usb usb9: usbfs: process 7163 (syz.4.977) did not claim interface 0 before use
[  291.677420][ T1967] usb 3-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  291.691110][ T1967] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.703958][ T1967] usb 3-1: config 0 descriptor??
[  291.745791][ T1967] gspca_main: spca508-2.14.0 probing 8086:0110
[  291.783750][ T3619] usb 1-1: Using ep0 maxpacket: 8
[  291.973936][ T1967] gspca_spca508: reg_read err -32
[  292.024093][ T1967] gspca_spca508: reg_read err -32
[  292.063868][ T3619] usb 1-1: New USB device found, idVendor=2770, idProduct=930c, bcdDevice=8d.6a
[  292.065247][ T1967] gspca_spca508: reg_read err -32
[  292.078168][ T3619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.086360][ T3619] usb 1-1: Product: syz
[  292.090521][ T3619] usb 1-1: Manufacturer: syz
[  292.098654][ T3619] usb 1-1: SerialNumber: syz
[  292.106081][ T3619] usb 1-1: config 0 descriptor??
[  292.133783][ T1967] gspca_spca508: reg_read err -32
[  292.146523][ T3619] gspca_main: sq930x-2.14.0 probing 2770:930c
[  292.348598][ T7149] udc-core: couldn't find an available UDC or it's busy
[  292.355691][ T7149] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  292.373797][ T3619] gspca_sq930x: reg_r 001f failed -71
[  292.379750][ T3619] sq930x: probe of 1-1:0.0 failed with error -71
[  292.389833][ T3619] usb 1-1: USB disconnect, device number 15
[  292.393952][ T1967] gspca_spca508: reg write: error -71
[  292.406254][ T1967] spca508: probe of 3-1:0.0 failed with error -71
[  292.416538][ T1967] usb 3-1: USB disconnect, device number 12
[  292.773821][ T3646] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  293.023729][ T3646] usb 4-1: Using ep0 maxpacket: 8
[  293.047329][ T7181] sctp: [Deprecated]: syz.4.981 (pid 7181) Use of struct sctp_assoc_value in delayed_ack socket option.
[  293.047329][ T7181] Use struct sctp_sack_info instead
[  293.303957][ T3646] usb 4-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3
[  293.313777][ T3646] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  293.326790][ T3646] usb 4-1: Product: syz
[  293.333324][ T3646] usb 4-1: Manufacturer: syz
[  293.398915][ T3646] usb 4-1: SerialNumber: syz
[  293.426125][ T3646] usb 4-1: config 0 descriptor??
[  293.582848][ T3646] msi2500 4-1:0.0: Registered as swradio16
[  293.596880][ T3646] msi2500 4-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  294.197064][ T7199] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  294.220695][ T7211] device wlan0 entered promiscuous mode
[  294.327173][ T7211] device wlan0 left promiscuous mode
[  294.765754][ T7227] netlink: 52 bytes leftover after parsing attributes in process `syz.1.997'.
[  295.666343][ T7239] binder: transaction release 6 bad object at offset 36, size 72
[  295.948960][ T3619] usb 4-1: USB disconnect, device number 19
[  297.259396][ T3621] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  297.926614][ T7270] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1014'.
[  298.004983][ T3621] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  298.105323][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.122062][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.141588][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  298.224035][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.247144][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.339640][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  298.454399][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.470058][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.482027][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  298.588072][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.656282][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.695987][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  298.803875][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.813373][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.843799][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  298.903088][ T7288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1022'.
[  298.939828][ T7288] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1022'.
[  298.974054][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  298.987948][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  298.999764][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  299.844047][   T23] Bluetooth: hci0: command 0x0406 tx timeout
[  299.851243][ T3621] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  299.861505][ T3621] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  299.872731][ T3621] usb 1-1: config 0 interface 0 has no altsetting 0
[  299.903802][ T3625] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[  299.973760][ T3621] usb 1-1: unable to read config index 7 descriptor/start: -71
[  299.991843][ T3621] usb 1-1: can't read configurations, error -71
[  300.078440][ T7316] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1031'.
[  300.083764][ T3646] usb 5-1: new high-speed USB device number 21 using dummy_hcd
[  300.126699][ T3616] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  300.174846][ T3625] usb 3-1: Using ep0 maxpacket: 8
[  300.463879][ T3646] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[  300.486241][ T3646] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.524194][ T3625] usb 3-1: New USB device found, idVendor=2040, idProduct=d300, bcdDevice=32.a3
[  300.533341][ T3616] usb 2-1: New USB device found, idVendor=8086, idProduct=0110, bcdDevice=bf.ad
[  300.556611][ T3625] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  300.568302][ T3616] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.571166][ T3646] usb 5-1: config 0 descriptor??
[  300.605855][ T3625] usb 3-1: Product: syz
[  300.612897][ T3616] usb 2-1: config 0 descriptor??
[  300.633439][ T3625] usb 3-1: Manufacturer: syz
[  300.660295][ T3646] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  300.671727][ T3625] usb 3-1: SerialNumber: syz
[  300.682914][ T3625] usb 3-1: config 0 descriptor??
[  300.695065][ T3616] gspca_main: spca508-2.14.0 probing 8086:0110
[  300.866665][ T3646] gspca_sonixj: reg_w1 err -71
[  300.893908][ T3646] sonixj: probe of 5-1:0.0 failed with error -71
[  300.913857][ T3616] gspca_spca508: reg_read err -32
[  300.925697][ T3625] msi2500 3-1:0.0: Registered as swradio16
[  300.931503][ T3625] msi2500 3-1:0.0: SDR API is still slightly experimental and functionality changes may follow
[  300.954131][ T3616] gspca_spca508: reg_read err -32
[  301.003286][ T3646] usb 5-1: USB disconnect, device number 21
[  301.013900][ T3616] gspca_spca508: reg_read err -32
[  301.073758][ T3616] gspca_spca508: reg_read err -32
[  301.113953][ T3616] gspca_spca508: reg_read err -32
[  301.374891][ T3616] gspca_spca508: reg write: error -71
[  301.380863][ T3616] spca508: probe of 2-1:0.0 failed with error -71
[  301.429858][ T3616] usb 2-1: USB disconnect, device number 16
[  301.551763][ T7324] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  303.375837][ T7360] dccp_check_seqno: Step 6 failed for RESET packet, (LSWL(71150611640163) <= P.seqno(0) <= S.SWH(71150611640237)) and (P.ackno exists or LAWL(141264886084524) <= P.ackno(141264886084527) <= S.AWH(141264886084527), sending SYNC...
[  303.725281][ T7363] netlink: 52 bytes leftover after parsing attributes in process `syz.4.1043'.
[  303.909553][ T3627] usb 3-1: USB disconnect, device number 13
[  304.987917][ T3627] Bluetooth: hci2: command 0x0406 tx timeout
[  305.543328][ T7404] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1060'.
[  306.513910][ T3619] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[  306.903769][ T3619] usb 5-1: Using ep0 maxpacket: 8
[  307.034058][ T3619] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  307.050446][ T3619] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  307.060857][ T3619] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  307.071218][ T3619] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  307.085806][ T3619] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  307.129718][ T3619] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  307.434022][ T3619] usb 5-1: GET_CAPABILITIES returned 0
[  307.439529][ T3619] usbtmc 5-1:16.0: can't read capabilities
[  307.693809][    C1] usbtmc 5-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71
[  307.953400][ T7436] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1066'.
[  309.503522][ T3559] usb 5-1: USB disconnect, device number 22
[  312.346653][ T7480] ptrace attach of "./syz-executor exec"[7483] was attempted by ""[7480]
[  312.510387][ T7486] device vlan2 entered promiscuous mode
[  312.516544][ T7486] bond0: (slave vlan2): Error -34 calling dev_set_mtu
[  318.244548][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  318.250937][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  319.193436][ T7564] netlink: 'syz.4.1116': attribute type 10 has an invalid length.
[  319.222056][ T7564] netlink: 55 bytes leftover after parsing attributes in process `syz.4.1116'.
[  319.253796][ T1967] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  319.923706][ T3559] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  320.077995][ T1967] usb 4-1: Using ep0 maxpacket: 8
[  320.213993][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  320.225880][ T3559] usb 3-1: Using ep0 maxpacket: 32
[  320.247438][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  320.258752][ T1967] usb 4-1: New USB device found, idVendor=056a, idProduct=0028, bcdDevice= 0.00
[  320.268179][ T1967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.306394][ T1967] usb 4-1: config 0 descriptor??
[  320.343794][ T3627] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  320.365224][ T3559] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  320.384759][ T3559] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint descriptor of length 2, skipping
[  320.396454][ T3559] usb 3-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 1
[  320.573982][ T3559] usb 3-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27
[  320.590942][ T3559] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.599599][ T3559] usb 3-1: Product: syz
[  320.607681][ T3559] usb 3-1: Manufacturer: syz
[  320.613119][ T3559] usb 3-1: SerialNumber: syz
[  320.623734][ T3627] usb 5-1: Using ep0 maxpacket: 32
[  320.628652][ T3559] usb 3-1: config 0 descriptor??
[  320.683993][ T1967] usbhid 4-1:0.0: can't add hid device: -71
[  320.692315][ T1967] usbhid: probe of 4-1:0.0 failed with error -71
[  320.744506][ T3627] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  320.749961][ T3559] vmk80xx 3-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[  320.767233][ T1967] usb 4-1: USB disconnect, device number 20
[  320.787793][ T3627] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  320.810378][ T3627] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  320.820213][ T3627] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  320.885275][ T3627] hub 5-1:4.0: USB hub found
[  320.901285][ T3619] usb 3-1: USB disconnect, device number 14
[  321.109944][ T3627] hub 5-1:4.0: 2 ports detected
[  327.612177][ T1967] usb 5-1: USB disconnect, device number 23
[  327.692673][ T3627] hub 5-1:4.0: hub_ext_port_status failed (err = -71)
[  328.272894][ T7629] netlink: 16 bytes leftover after parsing attributes in process `syz.1.1135'.
[  328.783854][ T1967] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  329.194059][ T1967] usb 5-1: New USB device found, idVendor=0c45, idProduct=614a, bcdDevice=e6.af
[  329.203121][ T1967] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  329.216185][ T1967] usb 5-1: config 0 descriptor??
[  329.279049][ T1967] gspca_main: sonixj-2.14.0 probing 0c45:614a
[  329.923857][ T1967] gspca_sonixj: reg_w1 err -71
[  329.928739][ T1967] sonixj: probe of 5-1:0.0 failed with error -71
[  329.938980][ T1967] usb 5-1: USB disconnect, device number 24
[  330.843902][ T1967] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  332.063827][ T1967] usb 2-1: too many configurations: 9, using maximum allowed: 8
[  332.144032][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.170135][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.181780][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.263948][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.272876][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.286976][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.373989][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.382989][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.393909][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.473811][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.482822][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.493766][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.574011][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.583054][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.597154][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.683774][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.692703][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.704742][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.783880][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.792815][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.807859][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  332.893927][ T1967] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 9
[  332.902835][ T1967] usb 2-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  332.914667][ T1967] usb 2-1: config 0 interface 0 has no altsetting 0
[  333.074001][ T1967] usb 2-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  333.083102][ T1967] usb 2-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  333.091639][ T1967] usb 2-1: Product: syz
[  333.095864][ T1967] usb 2-1: Manufacturer: syz
[  333.100461][ T1967] usb 2-1: SerialNumber: syz
[  333.107702][ T1967] usb 2-1: config 0 descriptor??
[  333.148414][ T1967] yurex 2-1:0.0: USB YUREX device now attached to Yurex #0
[  333.350508][ T1967] usb 2-1: USB disconnect, device number 17
[  333.364623][ T1967] yurex 2-1:0.0: USB YUREX #0 now disconnected
[  334.394217][ T3619] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  334.753009][ T3619] usb 1-1: too many configurations: 9, using maximum allowed: 8
[  335.014391][ T3619] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  335.023291][ T3619] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  335.724074][ T3619] usb 1-1: config 0 interface 0 has no altsetting 0
[  335.731682][ T7698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1156'.
[  335.833932][ T3619] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  335.853100][ T3619] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  335.854093][ T7701] bond0: (slave netdevsim0): Releasing backup interface
[  335.873685][ T3619] usb 1-1: config 0 interface 0 has no altsetting 0
[  335.908288][ T7701] batman_adv: batadv1: Adding interface: netdevsim0
[  335.915720][ T7701] batman_adv: batadv1: The MTU of interface netdevsim0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  335.943014][ T7701] batman_adv: batadv1: Not using interface netdevsim0 (retrying later): interface not active
[  336.028600][ T3619] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 9
[  336.645729][ T7698] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1156'.
[  336.662417][ T3619] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  336.724710][ T7698] batman_adv: batadv1: Removing interface: netdevsim0
[  336.731575][   T26] kauditd_printk_skb: 1 callbacks suppressed
[  336.731646][   T26] audit: type=1326 audit(1723767958.239:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7705 comm="syz.2.1161" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fa64b7089b9 code=0x0
[  336.876034][ T3619] usb 1-1: config 0 interface 0 has no altsetting 0
[  338.226140][ T3619] usb 1-1: unable to read config index 3 descriptor/all
[  338.239365][ T3619] usb 1-1: can't read configurations, error -71
[  338.673804][ T3619] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  338.863300][ T1075] usb 2-1: new high-speed USB device number 18 using dummy_hcd
[  339.074115][ T3619] usb 1-1: Using ep0 maxpacket: 8
[  339.134788][ T1075] usb 2-1: Using ep0 maxpacket: 32
[  339.218339][ T1967] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  339.230808][ T1967] Bluetooth: hci4: Injecting HCI hardware error event
[  339.239970][ T3587] Bluetooth: hci4: hardware error 0x00
[  339.244297][ T3619] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  339.263328][ T3619] usb 1-1: config 0 has no interface number 0
[  339.271211][ T1075] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  339.363182][ T3619] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  339.374989][ T3619] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  339.384395][ T3619] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.398765][ T3619] usb 1-1: config 0 descriptor??
[  339.545014][ T1075] usb 2-1: New USB device found, idVendor=04da, idProduct=390d, bcdDevice=93.a8
[  339.563758][ T7748] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  339.726060][ T3619] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  339.736542][ T1075] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  339.744890][ T1075] usb 2-1: Product: syz
[  339.750802][ T1075] usb 2-1: Manufacturer: syz
[  339.848675][ T7748] usb 3-1: too many configurations: 9, using maximum allowed: 8
[  339.858137][ T3619] usb 1-1: USB disconnect, device number 19
[  339.868771][ T1075] usb 2-1: SerialNumber: syz
[  339.956502][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  339.987511][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.060651][ T3619] iowarrior 1-1:0.1: I/O-Warror #0 now disconnected
[  340.118525][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.151217][ T1075] usb 2-1: config 0 descriptor??
[  340.244115][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.254477][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.341949][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.422874][ T1967] usb 2-1: USB disconnect, device number 18
[  340.423844][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.441857][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.454303][ T3638] usb 4-1: new high-speed USB device number 21 using dummy_hcd
[  340.465003][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.543830][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.552813][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.567124][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.654047][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.663172][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.674622][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.753989][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.763765][ T3625] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  340.764413][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.785155][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.823856][ T3638] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  340.873892][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.883063][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  340.894183][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  340.933890][ T3619] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  340.974156][ T7748] usb 3-1: config 0 has 1 interface, different from the descriptor's value: 9
[  340.988916][ T7748] usb 3-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  341.000994][ T3638] usb 4-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d
[  341.010353][ T7748] usb 3-1: config 0 interface 0 has no altsetting 0
[  341.017527][ T3638] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.026105][ T3638] usb 4-1: Product: syz
[  341.037230][ T3638] usb 4-1: Manufacturer: syz
[  341.037440][ T3625] usb 5-1: Using ep0 maxpacket: 32
[  341.046215][ T3638] usb 4-1: SerialNumber: syz
[  341.067678][ T3638] usb 4-1: config 0 descriptor??
[  341.184732][ T7748] usb 3-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  341.188936][ T3625] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  341.193909][ T3619] usb 1-1: Using ep0 maxpacket: 16
[  341.209911][ T7748] usb 3-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  341.219073][ T7748] usb 3-1: Product: syz
[  341.223377][ T7748] usb 3-1: Manufacturer: syz
[  341.223620][ T3625] usb 5-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xDB, skipping
[  341.228493][ T7748] usb 3-1: SerialNumber: syz
[  341.249095][ T3625] usb 5-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 1023
[  341.254532][ T7748] usb 3-1: config 0 descriptor??
[  341.269628][ T3625] usb 5-1: config 0 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  341.309035][ T3638] usb 4-1: USB disconnect, device number 21
[  341.335804][ T7748] yurex 3-1:0.0: USB YUREX device now attached to Yurex #0
[  341.453820][ T3625] usb 5-1: New USB device found, idVendor=10cf, idProduct=8067, bcdDevice=2c.27
[  341.469213][ T3625] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.479081][ T3625] usb 5-1: Product: syz
[  341.489579][ T3625] usb 5-1: Manufacturer: syz
[  341.494083][ T3619] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  341.494331][ T3625] usb 5-1: SerialNumber: syz
[  341.503212][ T3619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  341.503238][ T3619] usb 1-1: Product: syz
[  341.503253][ T3619] usb 1-1: Manufacturer: syz
[  341.503266][ T3619] usb 1-1: SerialNumber: syz
[  341.543783][ T3619] r8152-cfgselector 1-1: config 0 descriptor??
[  341.545113][ T3625] usb 5-1: config 0 descriptor??
[  341.579627][ T7763] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  341.589145][ T7763] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  341.604890][ T3638] usb 3-1: USB disconnect, device number 15
[  341.630274][ T3638] yurex 3-1:0.0: USB YUREX #0 now disconnected
[  341.633785][ T3625] vmk80xx 5-1:0.0: driver 'vmk80xx' failed to auto-configure device.
[  341.868848][ T3619] r8152-cfgselector 1-1: Unknown version 0x0000
[  341.877598][ T3625] usb 5-1: USB disconnect, device number 25
[  341.903852][ T3619] r8152-cfgselector 1-1: Unknown version 0x0000
[  341.911138][ T3619] r8152-cfgselector 1-1: bad CDC descriptors
[  341.954756][ T3619] r8152-cfgselector 1-1: Unknown version 0x0000
[  341.991837][ T3619] r8152-cfgselector 1-1: USB disconnect, device number 20
[  342.231002][ T7790] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  342.848601][ T7803] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1197'.
[  343.076295][ T1967] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  343.109342][ T7803] device batadv0 entered promiscuous mode
[  343.126126][ T7803] device macvtap1 entered promiscuous mode
[  347.125495][ T7803] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  347.150884][ T7807] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1197'.
[  347.252013][ T7807] device batadv0 left promiscuous mode
[  347.493899][ T1967] usb 5-1: device not accepting address 26, error -71
[  348.490473][ T7848] device gretap0 entered promiscuous mode
[  348.508976][ T7848] device macsec1 entered promiscuous mode
[  348.539812][ T7848] device gretap0 left promiscuous mode
[  348.782716][ T1967] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  348.844147][ T3619] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  349.132299][ T1967] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  349.254227][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  349.292779][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  349.323861][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  349.437060][ T3619] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  349.474312][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  349.483249][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  349.546973][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  349.652005][ T7859] print_req_error: 19 callbacks suppressed
[  349.652039][ T7859] blk_update_request: I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  349.668492][ T3619] usb 1-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d
[  349.670962][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  349.689252][ T3619] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  349.699659][ T3619] usb 1-1: Product: syz
[  349.709078][ T3619] usb 1-1: Manufacturer: syz
[  349.722219][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  349.727699][ T3619] usb 1-1: SerialNumber: syz
[  349.748419][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  349.786652][ T3619] usb 1-1: config 0 descriptor??
[  349.893955][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  349.910080][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  349.922491][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  350.003861][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.021751][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.060993][ T7875] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1219'.
[  350.094308][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  350.132151][ T3625] usb 1-1: USB disconnect, device number 21
[  350.223916][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.233062][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.245124][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  350.289092][ T7882] device gretap0 entered promiscuous mode
[  350.295878][ T7882] device macsec1 entered promiscuous mode
[  350.304640][ T7882] device gretap0 left promiscuous mode
[  350.323971][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.343771][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.363739][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  350.445933][ T1967] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  350.457684][ T1967] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  350.463689][ T3619] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  350.471788][ T1967] usb 5-1: config 0 interface 0 has no altsetting 0
[  350.664579][ T1967] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  350.685168][ T1967] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  350.703677][ T1967] usb 5-1: Product: syz
[  350.707942][ T1967] usb 5-1: Manufacturer: syz
[  350.712571][ T1967] usb 5-1: SerialNumber: syz
[  350.713834][ T3619] usb 2-1: Using ep0 maxpacket: 32
[  350.734786][ T1967] usb 5-1: config 0 descriptor??
[  350.790177][ T1967] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  350.928564][ T7897] fuse: Bad value for 'fd'
[  350.959637][ T3619] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  351.004383][ T3619] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.034392][ T3619] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  351.121933][ T3619] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  351.367445][ T3619] hub 2-1:4.0: USB hub found
[  351.374339][ T1967] usb 5-1: USB disconnect, device number 28
[  351.399838][ T1967] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  351.496523][ T3619] hub 2-1:4.0: 2 ports detected
[  352.700748][ T7918] device gretap0 entered promiscuous mode
[  352.714795][ T7918] device macsec1 entered promiscuous mode
[  352.733112][ T7918] device gretap0 left promiscuous mode
[  352.808924][ T3619] hub 2-1:4.0: activate --> -90
[  353.260743][ T3559] usb 2-1: USB disconnect, device number 19
[  353.274874][ T3619] hub 2-1:4.0: hub_ext_port_status failed (err = -71)
[  353.295115][ T3619] usb 2-1-port1: attempt power cycle
[  353.835423][ T7928] device gretap0 entered promiscuous mode
[  353.841858][ T7928] device macsec1 entered promiscuous mode
[  353.917195][ T7928] device gretap0 left promiscuous mode
[  354.218517][ T7945] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  354.294302][ T3559] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  354.694599][ T3559] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  354.883963][ T3559] usb 2-1: New USB device found, idVendor=468c, idProduct=90ea, bcdDevice=99.6d
[  354.897559][ T3559] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  354.916325][ T3559] usb 2-1: Product: syz
[  354.926380][ T3559] usb 2-1: Manufacturer: syz
[  354.936487][ T3559] usb 2-1: SerialNumber: syz
[  354.950740][ T3559] usb 2-1: config 0 descriptor??
[  355.228784][ T3619] usb 2-1: USB disconnect, device number 24
[  355.488395][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  356.317285][ T7967] loop2: detected capacity change from 0 to 32768
[  356.335600][ T7978] netlink: 'syz.3.1257': attribute type 29 has an invalid length.
[  356.355303][ T7978] netlink: 'syz.3.1257': attribute type 29 has an invalid length.
[  356.387383][ T7979] netlink: 'syz.3.1257': attribute type 29 has an invalid length.
[  356.396016][ T7967] Dev loop2 SGI disklabel: csum bad, label corrupted
[  356.424146][ T3027] Dev loop2 SGI disklabel: csum bad, label corrupted
[  357.293948][ T3559] usb 2-1: new high-speed USB device number 25 using dummy_hcd
[  357.723314][ T3559] usb 2-1: Using ep0 maxpacket: 32
[  357.872724][ T7996] syz.2.1264 sent an empty control message without MSG_MORE.
[  358.105101][ T3559] usb 2-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  358.177809][ T3559] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  358.356423][ T3559] usb 2-1: Product: syz
[  358.483889][ T3559] usb 2-1: Manufacturer: syz
[  358.488523][ T3559] usb 2-1: SerialNumber: syz
[  358.499264][ T3559] usb 2-1: config 0 descriptor??
[  359.622090][ T7988] loop3: detected capacity change from 0 to 32768
[  359.711313][ T3559] usb 2-1: USB disconnect, device number 25
[  359.784705][ T7988] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  359.793542][ T7988] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  359.917223][ T7988] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 0ms
[  359.960237][ T7748] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  359.969181][ T7748] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  360.125446][ T3559] bridge0: port 2(bridge_slave_1) entered disabled state
[  360.142556][ T8012] loop4: detected capacity change from 0 to 2048
[  360.169830][ T7748] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 200ms
[  360.211651][ T7748] gfs2: fsid=syz:syz.0: jid=0: Done
[  360.230088][ T7988] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  360.291615][ T7988] gfs2: fsid=syz:syz.0: can't start logd thread: -4
[  360.465007][ T8025] netlink: 32 bytes leftover after parsing attributes in process `syz.2.1272'.
[  361.022093][ T8012] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsv0,errors=remount-ro,. Quota mode: none.
[  361.085820][   T26] audit: type=1800 audit(1723767982.609:213): pid=8012 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1265" name="bus" dev="loop4" ino=18 res=0 errno=0
[  361.339747][ T8035] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  361.339846][ T8040] loop2: detected capacity change from 0 to 512
[  361.371864][ T8035] EXT4-fs (loop4): Remounting filesystem read-only
[  361.382233][ T8035] EXT4-fs error (device loop4) in ext4_evict_inode:257: Readonly filesystem
[  361.410081][ T8035] EXT4-fs error (device loop4) in ext4_evict_inode:257: Readonly filesystem
[  362.195724][ T8048] loop3: detected capacity change from 0 to 512
[  362.254739][ T8040] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  362.301545][ T8040] ext4 filesystem being mounted at /174/file0 supports timestamps until 2038 (0x7fffffff)
[  362.333936][ T8048] EXT4-fs (loop3): orphan cleanup on readonly fs
[  362.351030][ T8048] EXT4-fs error (device loop3): ext4_quota_enable:6383: comm syz.3.1275: Bad quota inum: 11, type: 1
[  362.410474][ T8048] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=11). Please run e2fsck to fix.
[  362.481100][ T8048] EXT4-fs (loop3): Cannot turn on quotas: error -117
[  362.537313][ T8048] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  362.564194][ T3616] usb 1-1: new high-speed USB device number 22 using dummy_hcd
[  362.669112][ T8054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  362.708985][ T8054] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  362.745079][ T8054] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  362.833938][ T3616] usb 1-1: Using ep0 maxpacket: 32
[  364.004235][ T3616] usb 1-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  364.013321][ T3616] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.138649][ T8079] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1287'.
[  364.145076][ T3616] usb 1-1: Product: syz
[  364.158768][ T3616] usb 1-1: Manufacturer: syz
[  364.179218][ T3616] usb 1-1: SerialNumber: syz
[  364.252384][ T3616] usb 1-1: config 0 descriptor??
[  364.914766][ T8093] loop2: detected capacity change from 0 to 512
[  365.463113][ T8093] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  365.954005][ T8093] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038 (0x7fffffff)
[  366.368470][ T3616] usb 1-1: USB disconnect, device number 22
[  366.653763][ T8118] kvm: vcpu 0: requested 16 ns lapic timer period limited to 200000 ns
[  367.310907][ T8134] loop3: detected capacity change from 0 to 2048
[  367.419836][ T8140] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1305'.
[  367.590212][ T8140] device bridge_slave_0 left promiscuous mode
[  367.604291][ T8140] bridge0: port 1(bridge_slave_0) entered disabled state
[  368.696195][ T8149] loop1: detected capacity change from 0 to 2048
[  369.070770][ T8134] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  369.265654][   T26] audit: type=1800 audit(1723767990.789:214): pid=8134 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1303" name="memory.events" dev="loop3" ino=18 res=0 errno=0
[  369.344330][ T8149] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  369.355226][ T8149] ext4 filesystem being mounted at /195/bus supports timestamps until 2038 (0x7fffffff)
[  369.817869][   T26] audit: type=1804 audit(1723767991.129:215): pid=8155 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1303" name="/newroot/159/file1/memory.events" dev="loop3" ino=18 res=1 errno=0
[  371.365573][ T3621] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[  371.401742][ T8174] loop0: detected capacity change from 0 to 132
[  371.686415][ T3621] usb 4-1: Using ep0 maxpacket: 32
[  371.994336][ T3621] usb 4-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  372.019692][ T3621] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.085352][ T3621] usb 4-1: Product: syz
[  372.108649][ T3621] usb 4-1: Manufacturer: syz
[  372.135120][ T3621] usb 4-1: SerialNumber: syz
[  372.208500][ T3621] usb 4-1: config 0 descriptor??
[  372.607919][ T8181] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  372.721041][ T8181] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  372.943736][ T8191] loop0: detected capacity change from 0 to 512
[  373.012849][ T8191] EXT4-fs (loop0): feature flags set on rev 0 fs, running e2fsck is recommended
[  373.218984][ T8194] loop2: detected capacity change from 0 to 2048
[  373.264156][ T8191] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  374.186727][ T3621] usb 4-1: USB disconnect, device number 22
[  374.223103][ T8194] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  374.234494][ T8194] ext4 filesystem being mounted at /187/bus supports timestamps until 2038 (0x7fffffff)
[  374.254068][ T8191] EXT4-fs (loop0): warning: checktime reached, running e2fsck is recommended
[  374.468155][ T8191] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  374.476452][ T8191] System zones: 0-2, 18-18, 34-34
[  374.493334][ T8191] EXT4-fs warning (device loop0): ext4_update_dynamic_rev:1061: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  375.149765][ T8191] EXT4-fs (loop0): 1 truncate cleaned up
[  375.164673][ T8209] vivid-004: disconnect
[  375.223208][ T8191] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  375.249147][ T8208] vivid-004: reconnect
[  375.309658][ T8191] EXT4-fs error (device loop0): ext4_generic_delete_entry:2680: inode #12: block 13: comm syz.0.1315: bad entry in directory: rec_len is too small for name_len - offset=0, inode=12, rec_len=12, size=4096 fake=0
[  375.508711][   T26] audit: type=1326 audit(1723767997.029:216): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  375.580486][ T8222] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1324'.
[  375.593455][ T8191] EXT4-fs error (device loop0) in ext4_delete_entry:2751: Corrupt filesystem
[  375.730296][   T26] audit: type=1326 audit(1723767997.039:217): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.224079][   T26] audit: type=1326 audit(1723767997.039:218): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.373779][   T26] audit: type=1326 audit(1723767997.039:219): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.435133][   T26] audit: type=1326 audit(1723767997.119:220): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.490007][   T26] audit: type=1326 audit(1723767998.009:221): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.513099][   T26] audit: type=1326 audit(1723767998.029:222): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.642032][   T26] audit: type=1326 audit(1723767998.159:223): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7f00916319b9 code=0x7ffc0000
[  376.710119][   T26] audit: type=1326 audit(1723767998.189:224): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8218 comm="syz.3.1325" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f00916319b9 code=0x0
[  377.621318][ T8242] loop1: detected capacity change from 0 to 2048
[  378.375557][ T8242] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  378.386246][ T8242] ext4 filesystem being mounted at /198/bus supports timestamps until 2038 (0x7fffffff)
[  378.398368][ T3621] usb 5-1: new high-speed USB device number 29 using dummy_hcd
[  378.554535][ T8224] loop2: detected capacity change from 0 to 40427
[  378.603651][ T4786] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  378.670268][ T8224] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  378.683533][ T8224] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  378.743717][ T3621] usb 5-1: Using ep0 maxpacket: 32
[  378.750626][ T8224] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  378.832452][ T8224] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  378.853706][ T4786] usb 1-1: Using ep0 maxpacket: 8
[  378.854908][ T8224] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  378.879361][ T3587] Bluetooth: hci1: Dropping invalid advertising data
[  378.974060][ T4786] usb 1-1: config index 0 descriptor too short (expected 301, got 45)
[  378.992720][ T4786] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  379.042595][ T4786] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  379.060805][ T4786] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  379.081757][ T4786] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  379.497878][ T4786] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  379.508016][ T4786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  379.678306][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  379.697967][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  379.738162][ T3621] usb 5-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  379.806482][ T5273] attempt to access beyond end of device
[  379.806482][ T5273] loop2: rw=2049, want=45104, limit=40427
[  379.952730][ T3621] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  379.973773][ T3621] usb 5-1: Product: syz
[  379.983794][ T4786] usb 1-1: usb_control_msg returned -32
[  379.989318][ T3621] usb 5-1: Manufacturer: syz
[  379.989387][ T4786] usbtmc 1-1:16.0: can't read capabilities
[  380.008750][ T3621] usb 5-1: SerialNumber: syz
[  380.061312][ T3621] usb 5-1: config 0 descriptor??
[  380.109259][ T3621] usb 5-1: can't set config #0, error -71
[  380.129111][ T3621] usb 5-1: USB disconnect, device number 29
[  381.599243][ T8284] loop3: detected capacity change from 0 to 512
[  381.607940][ T8285] loop4: detected capacity change from 0 to 2048
[  381.941843][ T3627] usb 1-1: USB disconnect, device number 23
[  382.023153][ T8284] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  382.056023][ T8285] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  382.068299][ T8285] ext4 filesystem being mounted at /190/bus supports timestamps until 2038 (0x7fffffff)
[  382.095521][ T8284] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=c802e12c, mo2=0002]
[  382.104573][ T8284] EXT4-fs (loop3): orphan cleanup on readonly fs
[  382.116795][ T8284] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1347: bg 0: block 361: padding at end of block bitmap is not set
[  382.139270][ T8284] EXT4-fs (loop3): Remounting filesystem read-only
[  382.145833][ T8284] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6186: Corrupt filesystem
[  382.157276][ T8284] EXT4-fs error (device loop3): ext4_clear_blocks:883: inode #11: comm syz.3.1347: attempt to clear invalid blocks 33619980 len 1
[  382.181246][ T8284] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1347: invalid indirect mapped block 1811939328 (level 0)
[  382.195827][ T8284] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #11: comm syz.3.1347: invalid indirect mapped block 2185560079 (level 1)
[  382.302903][ T8284] EXT4-fs (loop3): 1 truncate cleaned up
[  382.308731][ T8284] EXT4-fs (loop3): mounted filesystem without journal. Opts: noload,noblock_validity,discard,errors=remount-ro,inode_readahead_blks=0x0000000000000000. Quota mode: none.
[  383.267456][ T8310] devpts: called with bogus options
[  383.499916][ T8288] loop1: detected capacity change from 0 to 512
[  383.619518][ T8288] EXT4-fs (loop1): mounted filesystem without journal. Opts: quota,barrier=0x0000000000001000,grpjquota=,norecovery,dioread_lock,,errors=continue. Quota mode: writeback.
[  383.663063][ T8288] ext4 filesystem being mounted at /204/file1 supports timestamps until 2038 (0x7fffffff)
[  383.784421][ T8288] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  384.055342][ T8309] loop4: detected capacity change from 0 to 40427
[  384.109072][ T8309] F2FS-fs (loop4): Invalid SB checksum offset: 0
[  384.123231][ T8309] F2FS-fs (loop4): Can't find valid F2FS filesystem in 2th superblock
[  384.207723][ T8309] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  384.288581][ T8309] F2FS-fs (loop4): Try to recover 2th superblock, ret: 0
[  384.295752][ T8309] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  385.092255][ T4786] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  385.372813][ T5221] attempt to access beyond end of device
[  385.372813][ T5221] loop4: rw=2049, want=45104, limit=40427
[  385.393801][ T4786] usb 3-1: Using ep0 maxpacket: 32
[  386.260199][ T8345] loop0: detected capacity change from 0 to 2048
[  386.424435][ T4786] usb 3-1: New USB device found, idVendor=0cde, idProduct=0023, bcdDevice=21.32
[  386.477471][ T4786] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  386.592838][ T4786] usb 3-1: Product: syz
[  386.633247][ T4786] usb 3-1: Manufacturer: syz
[  386.677683][ T4786] usb 3-1: SerialNumber: syz
[  386.791595][ T4786] usb 3-1: config 0 descriptor??
[  386.924862][ T8345] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  386.935710][ T8345] ext4 filesystem being mounted at /287/bus supports timestamps until 2038 (0x7fffffff)
[  387.040807][ T8353] netlink: 'syz.4.1360': attribute type 2 has an invalid length.
[  387.043043][ T8351] loop1: detected capacity change from 0 to 1024
[  387.050887][ T8353] netlink: 'syz.4.1360': attribute type 1 has an invalid length.
[  387.067385][ T8353] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1360'.
[  387.213527][ T8351] EXT4-fs (loop1): Ignoring removed orlov option
[  387.224812][ T8351] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  387.266887][ T8351] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  388.437633][ T4786] usb 3-1: USB disconnect, device number 16
[  388.804187][ T8386] loop4: detected capacity change from 0 to 2048
[  391.475707][ T8386] EXT4-fs warning (device loop4): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop4.
[  391.813847][ T8405] dccp_invalid_packet: P.Data Offset(0) too small
[  391.815050][ T8396] loop4: detected capacity change from 0 to 512
[  391.849258][ T8405] tipc: Enabled bearer <udp:syz2>, priority 10
[  392.046731][ T8409] loop3: detected capacity change from 0 to 2048
[  392.512912][ T8396] [EXT4 FS bs=4096, gc=1, bpg=71, ipg=32, mo=a003c019, mo2=0000]
[  392.580615][ T8396] System zones: 0-2, 18-18, 34-34
[  392.584262][ T8409] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  392.596656][ T8409] ext4 filesystem being mounted at /177/bus supports timestamps until 2038 (0x7fffffff)
[  392.677068][ T8396] EXT4-fs error (device loop4): mb_free_blocks:1865: group 0, inode 16: block 41:freeing already freed block (bit 41); block bitmap corrupt.
[  392.702436][ T8396] EXT4-fs (loop4): 1 orphan inode deleted
[  392.718997][ T8396] EXT4-fs (loop4): mounted filesystem without journal. Opts: barrier,sysvgroups,dioread_lock,debug,noauto_da_alloc,resgid=0x0000000000000000,barrier,nodelalloc,nombcache,,errors=continue. Quota mode: writeback.
[  392.788369][ T8396] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038 (0x7fffffff)
[  394.915040][ T8457] dccp_invalid_packet: P.Data Offset(0) too small
[  395.712604][ T8457] tipc: Started in network mode
[  395.868798][ T8464] loop4: detected capacity change from 0 to 1024
[  395.913952][ T8457] tipc: Node identity ac1414aa, cluster identity 4711
[  395.955127][ T8457] tipc: Enabled bearer <udp:syz2>, priority 10
[  396.090775][ T8464] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #4: comm syz.4.1394: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  396.140561][ T8464] EXT4-fs error (device loop4): ext4_quota_enable:6390: comm syz.4.1394: Bad quota inode: 4, type: 1
[  396.194125][ T8464] EXT4-fs warning (device loop4): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  396.312183][ T8464] EXT4-fs (loop4): mount failed
[  396.610895][ T8464] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1394'.
[  396.699684][ T8483] loop2: detected capacity change from 0 to 256
[  397.205471][    T7] tipc: Node number set to 2886997162
[  398.946252][   T26] audit: type=1326 audit(1723768020.469:225): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8508 comm="syz.1.1410" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x0
[  398.985945][ T8507] capability: warning: `syz.3.1411' uses deprecated v2 capabilities in a way that may be insecure
[  398.986999][ T8502] dccp_invalid_packet: P.Data Offset(0) too small
[  399.131612][ T8502] tipc: Started in network mode
[  399.137903][ T8516] loop2: detected capacity change from 0 to 1024
[  399.151274][ T8502] tipc: Node identity ac1414aa, cluster identity 4711
[  399.200757][ T8522] loop3: detected capacity change from 0 to 256
[  399.214160][ T8502] tipc: Enabled bearer <udp:syz2>, priority 10
[  399.260214][ T8516] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #4: comm syz.2.1413: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  399.271875][ T8525] loop1: detected capacity change from 0 to 512
[  399.282140][ T8516] EXT4-fs error (device loop2): ext4_quota_enable:6390: comm syz.2.1413: Bad quota inode: 4, type: 1
[  399.313844][ T8516] EXT4-fs warning (device loop2): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  399.355001][ T8516] EXT4-fs (loop2): mount failed
[  399.507020][ T8525] EXT4-fs error (device loop1): ext4_orphan_get:1397: inode #15: comm syz.1.1416: casefold flag without casefold feature
[  399.729965][ T8528] loop4: detected capacity change from 0 to 2048
[  399.900532][ T8525] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: inode #12: comm syz.1.1416: missing EA_INODE flag
[  399.968235][ T8525] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.1416: error while reading EA inode 12 err=-117
[  400.253808][ T4786] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[  400.324407][ T3621] tipc: Node number set to 2886997162
[  400.476859][ T8525] EXT4-fs (loop1): 1 orphan inode deleted
[  400.504821][ T8528] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  400.533994][ T8525] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  400.598505][   T26] audit: type=1800 audit(1723768022.119:226): pid=8528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1417" name="memory.events" dev="loop4" ino=18 res=0 errno=0
[  400.623715][ T8516] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1413'.
[  400.852110][   T26] audit: type=1804 audit(1723768022.199:227): pid=8547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1417" name="/newroot/204/file1/memory.events" dev="loop4" ino=18 res=1 errno=0
[  400.879185][ T8528] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  400.895927][ T8528] EXT4-fs (loop4): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  400.908971][ T8528] EXT4-fs (loop4): This should not happen!! Data will be lost
[  400.908971][ T8528] 
[  400.918673][ T8528] EXT4-fs (loop4): Total free blocks count 0
[  400.924700][ T8528] EXT4-fs (loop4): Free/Dirty block details
[  400.930600][ T8528] EXT4-fs (loop4): free_blocks=2415919104
[  400.936370][ T8528] EXT4-fs (loop4): dirty_blocks=32
[  400.941487][ T8528] EXT4-fs (loop4): Block reservation details
[  400.947488][ T8528] EXT4-fs (loop4): i_reserved_data_blocks=2
[  400.958275][   T26] audit: type=1804 audit(1723768022.399:228): pid=8528 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1417" name="/newroot/204/file1/memory.events" dev="loop4" ino=18 res=1 errno=0
[  401.123908][ T4786] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  401.143781][ T4786] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  401.243791][ T4786] usb 4-1: New USB device found, idVendor=0458, idProduct=0138, bcdDevice= 0.00
[  401.290891][ T4786] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  401.343318][ T4786] usb 4-1: config 0 descriptor??
[  401.405314][ T4786] usbhid 4-1:0.0: couldn't find an input interrupt endpoint
[  401.529795][ T8560] input: syz0 as /devices/virtual/input/input8
[  401.589076][ T8563] input: syz0 as /devices/virtual/input/input9
[  401.835605][ T8567] loop3: detected capacity change from 0 to 1024
[  403.058819][ T8574] loop1: detected capacity change from 0 to 256
[  403.069977][ T8578] dccp_invalid_packet: P.Data Offset(0) too small
[  403.092626][ T8578] tipc: Started in network mode
[  403.097815][ T8578] tipc: Node identity ac1414aa, cluster identity 4711
[  403.106430][ T8578] tipc: Enabled bearer <udp:syz2>, priority 10
[  405.472741][    T7] tipc: Node number set to 2886997162
[  405.601316][ T3627] usb 4-1: USB disconnect, device number 23
[  405.692950][ T8591] loop1: detected capacity change from 0 to 1024
[  405.830794][ T8591] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #4: comm syz.1.1434: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  405.909374][ T8605] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1439'.
[  405.957289][ T8591] EXT4-fs error (device loop1): ext4_quota_enable:6390: comm syz.1.1434: Bad quota inode: 4, type: 1
[  405.989573][ T8605] 8021q: VLANs not supported on ipvlan1
[  406.049265][ T8591] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  406.127593][ T8591] EXT4-fs (loop1): mount failed
[  406.250525][ T8607] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  407.029253][ T8631] loop3: detected capacity change from 0 to 1024
[  407.056497][ T8635] loop4: detected capacity change from 0 to 256
[  407.189985][ T8631] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #4: comm syz.3.1457: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  407.242113][ T8642] loop2: detected capacity change from 0 to 256
[  407.450442][ T8631] EXT4-fs error (device loop3): ext4_quota_enable:6390: comm syz.3.1457: Bad quota inode: 4, type: 1
[  407.478484][ T8631] EXT4-fs warning (device loop3): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  408.730480][ T8651] loop1: detected capacity change from 0 to 2048
[  409.215370][ T8631] EXT4-fs (loop3): mount failed
[  409.373203][ T8651] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  409.384043][ T8651] ext4 filesystem being mounted at /222/bus supports timestamps until 2038 (0x7fffffff)
[  413.999462][ T8688] vivid-002: disconnect
[  414.023411][ T8687] vivid-002: reconnect
[  414.253748][ T3627] usb 4-1: new full-speed USB device number 24 using dummy_hcd
[  415.068968][ T8702] vivid-000: disconnect
[  415.076697][ T8701] vivid-000: reconnect
[  415.178926][ T8708] loop0: detected capacity change from 0 to 512
[  415.231232][ T8712] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1473'.
[  415.373910][ T3627] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  415.509905][ T8708] EXT4-fs (loop0): Ignoring removed oldalloc option
[  416.032255][ T3627] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 2
[  416.042595][ T8708] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1470: Parent and EA inode have the same ino 15
[  416.125468][ T3627] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  416.136985][ T3627] usb 4-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  416.146321][ T3627] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  416.173451][ T8708] EXT4-fs error (device loop0): ext4_xattr_inode_iget:400: comm syz.0.1470: Parent and EA inode have the same ino 15
[  416.192839][ T8708] EXT4-fs (loop0): 1 orphan inode deleted
[  416.201069][ T3627] hub 4-1:1.0: bad descriptor, ignoring hub
[  416.207680][ T3627] hub: probe of 4-1:1.0 failed with error -5
[  416.215594][ T3627] cdc_wdm 4-1:1.0: skipping garbage
[  416.221725][ T8708] EXT4-fs (loop0): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,usrjquota=,,errors=continue. Quota mode: none.
[  416.254124][ T3627] cdc_wdm 4-1:1.0: skipping garbage
[  416.259539][ T3627] cdc_wdm: probe of 4-1:1.0 failed with error -22
[  416.459173][ T8730] vivid-002: disconnect
[  416.465053][ T8729] vivid-002: reconnect
[  416.468804][ T8728] smc: net device vxcan1 applied user defined pnetid SYZ1
[  416.612221][ T3627] usb 4-1: USB disconnect, device number 24
[  418.785478][ T8751] netlink: 116 bytes leftover after parsing attributes in process `syz.4.1485'.
[  418.857733][ T8757] loop1: detected capacity change from 0 to 512
[  418.948194][ T8757] EXT4-fs (loop1): Ignoring removed oldalloc option
[  419.017398][ T8757] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.1491: Parent and EA inode have the same ino 15
[  419.041048][ T8757] EXT4-fs error (device loop1): ext4_xattr_inode_iget:400: comm syz.1.1491: Parent and EA inode have the same ino 15
[  419.090530][ T8757] EXT4-fs (loop1): 1 orphan inode deleted
[  419.184955][ T8757] EXT4-fs (loop1): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,usrjquota=,,errors=continue. Quota mode: none.
[  420.039191][ T8773] vivid-008: disconnect
[  420.062549][ T8772] vivid-008: reconnect
[  421.017068][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length.
[  421.026378][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length.
[  421.198877][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length.
[  421.249670][ T8786] netlink: 'syz.1.1499': attribute type 29 has an invalid length.
[  421.408554][ T8787] loop4: detected capacity change from 0 to 2048
[  421.445996][ T8782] netlink: 'syz.1.1499': attribute type 29 has an invalid length.
[  421.743518][ T8787] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  421.755056][ T8787] ext4 filesystem being mounted at /224/bus supports timestamps until 2038 (0x7fffffff)
[  421.918459][ T8762] loop2: detected capacity change from 0 to 40427
[  421.941959][ T8760] loop3: detected capacity change from 0 to 40427
[  423.217522][ T8807] loop4: detected capacity change from 0 to 512
[  423.383193][ T8811] loop2: detected capacity change from 0 to 2048
[  423.869092][ T3627] usb 2-1: new high-speed USB device number 26 using dummy_hcd
[  426.183396][ T3627] usb 2-1: Using ep0 maxpacket: 8
[  426.261491][ T8807] EXT4-fs (loop4): Ignoring removed oldalloc option
[  426.298977][ T8807] EXT4-fs: failed to create workqueue
[  426.331341][ T8811] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  426.343898][ T8807] EXT4-fs (loop4): mount failed
[  426.343921][ T3627] usb 2-1: device descriptor read/all, error -71
[  427.480378][ T8827] loop1: detected capacity change from 0 to 512
[  427.482992][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length.
[  427.498474][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length.
[  427.516409][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length.
[  427.526082][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length.
[  427.535456][ T8830] netlink: 'syz.0.1513': attribute type 29 has an invalid length.
[  427.682083][ T8827] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  427.704084][ T8827] ext4 filesystem being mounted at /236/file1 supports timestamps until 2038 (0x7fffffff)
[  427.732295][   T26] audit: type=1326 audit(1723768049.249:229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  427.794746][   T26] audit: type=1326 audit(1723768049.249:230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  427.818317][   T26] audit: type=1326 audit(1723768049.249:231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  427.842637][   T26] audit: type=1326 audit(1723768049.249:232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=295 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  427.865641][   T26] audit: type=1326 audit(1723768049.249:233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  427.896830][   T26] audit: type=1326 audit(1723768049.249:234): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  427.924644][   T26] audit: type=1326 audit(1723768049.249:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  428.001805][   T26] audit: type=1326 audit(1723768049.249:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  428.039899][ T8849] loop3: detected capacity change from 0 to 512
[  428.052922][   T26] audit: type=1326 audit(1723768049.249:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  428.077299][   T26] audit: type=1326 audit(1723768049.249:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8826 comm="syz.1.1514" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0d7de6d9b9 code=0x7ffc0000
[  428.102496][ T8852] loop2: detected capacity change from 0 to 512
[  428.174080][ T8849] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  428.191182][ T8849] ext4 filesystem being mounted at /197/file0 supports timestamps until 2038 (0x7fffffff)
[  428.210221][ T8852] EXT4-fs (loop2): Ignoring removed oldalloc option
[  428.348455][ T8852] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1523: Parent and EA inode have the same ino 15
[  428.378126][ T8852] EXT4-fs error (device loop2): ext4_xattr_inode_iget:400: comm syz.2.1523: Parent and EA inode have the same ino 15
[  428.395509][ T8852] EXT4-fs (loop2): 1 orphan inode deleted
[  428.401265][ T8852] EXT4-fs (loop2): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000005,bsdgroups,debug_want_extra_isize=0x000000000000005c,noauto_da_alloc,bsdgroups,oldalloc,usrjquota=,,errors=continue. Quota mode: none.
[  429.212163][ T8867] loop0: detected capacity change from 0 to 256
[  429.611846][ T8876] netlink: 'syz.3.1528': attribute type 29 has an invalid length.
[  429.678535][ T8876] netlink: 'syz.3.1528': attribute type 29 has an invalid length.
[  430.117413][ T8876] netlink: 'syz.3.1528': attribute type 29 has an invalid length.
[  430.186046][ T8879] netlink: 'syz.3.1528': attribute type 29 has an invalid length.
[  430.249568][ T8881] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1530'.
[  430.342105][ T8882] netlink: 'syz.3.1528': attribute type 29 has an invalid length.
[  430.358809][ T8886] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1532'.
[  430.398551][    C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  430.449781][ T8886] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1532'.
[  430.813942][ T8898] loop3: detected capacity change from 0 to 1024
[  430.844346][ T8897] loop0: detected capacity change from 0 to 512
[  431.017502][ T8898] EXT4-fs (loop3): mounted filesystem without journal. Opts: resgid=0x0000000000000000,debug_want_extra_isize=0x0000000000000082,bsddf,max_batch_time=0x0000000000000003,data=ordered,grpjquota=,usrquota,init_itable,,errors=continue. Quota mode: writeback.
[  431.053194][ T8911] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1541'.
[  431.227712][ T8897] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  431.253229][ T8897] ext4 filesystem being mounted at /323/file0 supports timestamps until 2038 (0x7fffffff)
[  432.633805][ T3614] usb 2-1: new high-speed USB device number 28 using dummy_hcd
[  432.936973][ T3614] usb 2-1: Using ep0 maxpacket: 32
[  433.012382][ T8957] tipc: Enabling of bearer <udp:syz2> rejected, already enabled
[  433.044836][ T8957] tipc: Disabling bearer <udp:syz2>
[  433.076868][ T3614] usb 2-1: config 0 has an invalid interface number: 111 but max is 1
[  433.093873][ T3614] usb 2-1: config 0 has no interface number 1
[  433.109280][ T1967] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[  433.117817][ T3614] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  433.149119][ T8946] loop4: detected capacity change from 0 to 32768
[  433.224700][ T8946] XFS: attr2 mount option is deprecated.
[  433.230791][ T8946] XFS: ikeep mount option is deprecated.
[  433.243983][ T8946] XFS: noikeep mount option is deprecated.
[  433.313023][ T8946] XFS (loop4): Mounting V5 Filesystem
[  433.333948][ T3614] usb 2-1: New USB device found, idVendor=0ccd, idProduct=0080, bcdDevice=4a.83
[  433.343752][ T3614] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.351803][ T3614] usb 2-1: Product: syz
[  433.357168][ T3614] usb 2-1: Manufacturer: syz
[  433.362647][ T3614] usb 2-1: SerialNumber: syz
[  433.374329][ T3614] usb 2-1: config 0 descriptor??
[  433.393765][ T1967] usb 4-1: Using ep0 maxpacket: 16
[  433.399704][ T8946] XFS (loop4): Ending clean mount
[  433.432027][ T8946] XFS (loop4): Quotacheck needed: Please wait.
[  433.529290][ T8946] XFS (loop4): Quotacheck: Done.
[  433.534891][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  433.554293][ T1967] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.565366][ T1967] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  433.579373][ T1967] usb 4-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  433.588817][ T1967] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.600338][ T1967] usb 4-1: config 0 descriptor??
[  433.624136][ T3614] snd-usb-6fire 2-1:0.111: unable to receive device firmware state.
[  433.639670][ T3614] snd-usb-6fire: probe of 2-1:0.111 failed with error -71
[  433.658816][ T3614] usb 2-1: USB disconnect, device number 28
[  433.699157][ T5221] XFS (loop4): Unmounting Filesystem
[  434.128549][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.135867][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.143126][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.151039][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.158654][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.166420][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.173719][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.182002][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.312015][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.517263][ T1967] microsoft 0003:045E:07DA.0005: unknown main item tag 0x0
[  434.924616][ T1967] input: HID 045e:07da as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:045E:07DA.0005/input/input10
[  434.952025][ T8994] loop4: detected capacity change from 0 to 512
[  434.977315][ T8993] loop0: detected capacity change from 0 to 2048
[  435.036506][ T8993] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  435.052060][ T8993] UDF-fs: error (device loop0): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  435.071312][ T8993] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  435.072598][ T1967] microsoft 0003:045E:07DA.0005: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.3-1/input0
[  435.079231][ T8993] UDF-fs: Scanning with blocksize 512 failed
[  435.111922][ T8994] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  435.131651][ T8994] ext4 filesystem being mounted at /239/file0 supports timestamps until 2038 (0x7fffffff)
[  435.133946][ T1967] usb 4-1: USB disconnect, device number 25
[  435.157023][ T8993] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  436.149127][ T9009] loop3: detected capacity change from 0 to 512
[  436.184453][ T9010] syz.1.1575 uses old SIOCAX25GETINFO
[  436.251493][ T9016] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1565'.
[  436.276563][ T9009] EXT4-fs error (device loop3): ext4_orphan_get:1397: inode #15: comm syz.3.1566: casefold flag without casefold feature
[  436.339110][ T9016] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1565'.
[  436.406992][ T9009] EXT4-fs error (device loop3): ext4_xattr_inode_iget:404: inode #12: comm syz.3.1566: missing EA_INODE flag
[  436.453035][ T9009] EXT4-fs error (device loop3): ext4_xattr_inode_iget:409: comm syz.3.1566: error while reading EA inode 12 err=-117
[  436.472463][ T9022] loop1: detected capacity change from 0 to 2048
[  436.480404][ T9009] EXT4-fs (loop3): 1 orphan inode deleted
[  436.613146][ T9009] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  437.137155][ T9022] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  437.165963][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  437.165981][   T26] audit: type=1800 audit(1723768058.689:252): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.1570" name="memory.events" dev="loop1" ino=18 res=0 errno=0
[  437.365913][   T26] audit: type=1804 audit(1723768058.719:253): pid=9022 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1570" name="/newroot/246/file1/memory.events" dev="loop1" ino=18 res=1 errno=0
[  437.997798][ T9039] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  438.013115][ T9039] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  438.025554][ T9039] EXT4-fs (loop1): This should not happen!! Data will be lost
[  438.025554][ T9039] 
[  438.035503][ T9039] EXT4-fs (loop1): Total free blocks count 0
[  438.041532][ T9039] EXT4-fs (loop1): Free/Dirty block details
[  438.047713][ T9039] EXT4-fs (loop1): free_blocks=2415919104
[  438.053487][ T9039] EXT4-fs (loop1): dirty_blocks=32
[  438.058695][ T9039] EXT4-fs (loop1): Block reservation details
[  438.064880][ T9039] EXT4-fs (loop1): i_reserved_data_blocks=2
[  438.254526][   T26] audit: type=1804 audit(1723768059.509:254): pid=9039 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.1570" name="/newroot/246/file1/memory.events" dev="loop1" ino=18 res=1 errno=0
[  439.210135][ T9051] ip6_tunnel: non-ECT from fc00:0000:0000:0000:0000:0000:0000:0000 with DS=0xd
[  439.248372][ T9052] loop2: detected capacity change from 0 to 512
[  439.463706][ T9054] loop4: detected capacity change from 0 to 1024
[  440.473940][ T9054] EXT4-fs (loop4): Test dummy encryption mode enabled
[  440.480833][ T9054] EXT4-fs (loop4): Ignoring removed orlov option
[  440.581031][ T9054] EXT4-fs (loop4): mounted filesystem without journal. Opts: test_dummy_encryption,debug_want_extra_isize=0x0000000000000084,stripe=0x0000000000000007,commit=0x0000000000000005,orlov,barrier=0x0000000000000005,max_batch_time=0x0000000000000000,data_err=abort,,errors=continue. Quota mode: writeback.
[  440.630198][ T9052] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  440.678716][ T9052] ext4 filesystem being mounted at /240/file0 supports timestamps until 2038 (0x7fffffff)
[  441.206822][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  441.214446][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  443.560089][ T9096] loop3: detected capacity change from 0 to 256
[  445.224785][ T9100] binder: BINDER_SET_CONTEXT_MGR already set
[  445.231402][ T9100] binder: 9085:9100 ioctl 4018620d 20000040 returned -16
[  445.243613][ T9100] binder: 9085:9100 ioctl c0306201 0 returned -14
[  446.034293][ T9104] loop2: detected capacity change from 0 to 512
[  446.178248][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  446.188996][ T9095] FAT-fs (loop3): Filesystem has been set read-only
[  446.195923][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  446.207977][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  446.218731][   T26] audit: type=1800 audit(1723768067.739:255): pid=9095 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.1587" name="file1" dev="loop3" ino=1048635 res=0 errno=0
[  446.239724][ T9095] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  448.018380][ T9123] IPv6: Can't replace route, no match found
[  448.051910][ T9123] loop0: detected capacity change from 0 to 1764
[  448.936109][ T9104] EXT4-fs warning (device loop2): ext4_multi_mount_protect:403: Unable to create kmmpd thread for loop2.
[  450.028075][ T9126] loop1: detected capacity change from 0 to 512
[  450.178680][ T9126] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  450.306580][ T9126] ext4 filesystem being mounted at /253/file0 supports timestamps until 2038 (0x7fffffff)
[  454.363810][ T1313] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  455.223628][ T1313] usb 5-1: Using ep0 maxpacket: 16
[  455.343977][ T1313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  455.376050][ T1313] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  455.399836][ T1313] usb 5-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  455.422741][ T1313] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  455.465193][ T1313] usb 5-1: config 0 descriptor??
[  456.263784][ T3627] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  456.621563][ T9202] loop0: detected capacity change from 0 to 2048
[  456.624040][ T1313] usbhid 5-1:0.0: can't add hid device: -71
[  456.802634][ T1313] usbhid: probe of 5-1:0.0 failed with error -71
[  456.811942][ T1313] usb 5-1: USB disconnect, device number 30
[  457.756544][ T9202] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  457.785762][ T9202] ext4 filesystem being mounted at /341/file0 supports timestamps until 2038 (0x7fffffff)
[  457.933851][ T3627] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  457.953973][ T3627] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  457.971078][ T3627] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  457.991294][ T3627] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  458.363770][ T3627] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  459.383289][ T3627] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  459.413251][ T3627] usb 4-1: Product: syz
[  460.284296][ T3627] usb 4-1: can't set config #1, error -71
[  460.336218][ T3627] usb 4-1: USB disconnect, device number 26
[  461.382362][ T9248] loop2: detected capacity change from 0 to 512
[  462.458770][ T9248] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.1628: bg 0: block 97: padding at end of block bitmap is not set
[  462.604237][ T9248] Quota error (device loop2): write_blk: dquota write failed
[  462.612418][ T9248] Quota error (device loop2): qtree_write_dquot: Error -117 occurred while creating quota
[  462.673004][ T9248] EXT4-fs error (device loop2): ext4_acquire_dquot:6196: comm syz.2.1628: Failed to acquire dquot type 0
[  462.681976][ T9264] loop3: detected capacity change from 0 to 1024
[  462.700112][ T9248] EXT4-fs error (device loop2): ext4_xattr_delete_inode:2925: inode #15: comm syz.2.1628: corrupted xattr block 19
[  462.714109][ T9248] EXT4-fs warning (device loop2): ext4_evict_inode:302: xattr delete (err -117)
[  462.727043][ T9248] EXT4-fs (loop2): 1 orphan inode deleted
[  462.732825][ T9248] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  462.744739][ T3695] Quota error (device loop2): remove_tree: Getting block too big (0 >= 6)
[  462.747130][ T9248] ext4 filesystem being mounted at /251/file0 supports timestamps until 2038 (0x7fffffff)
[  462.770526][ T1313] usb 2-1: new high-speed USB device number 29 using dummy_hcd
[  462.777443][ T3695] EXT4-fs error (device loop2): ext4_release_dquot:6219: comm kworker/u4:8: Failed to release dquot type 0
[  462.914845][ T3695] hfsplus: b-tree write err: -5, ino 4
[  465.873820][ T1313] usb 2-1: unable to read config index 0 descriptor/all
[  465.887751][ T1313] usb 2-1: can't read configurations, error -71
[  466.991684][ T9293] loop4: detected capacity change from 0 to 4096
[  467.158998][ T9293] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  467.207833][ T9307] TCP: request_sock_subflow_v6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  467.578690][ T9314] netlink: 76 bytes leftover after parsing attributes in process `syz.1.1647'.
[  468.690085][ T9324] "syz.1.1649" (9324) uses obsolete ecb(arc4) skcipher
[  470.946965][ T9332] loop0: detected capacity change from 0 to 4096
[  470.996748][ T9337] "syz.2.1663" (9337) uses obsolete ecb(arc4) skcipher
[  471.727606][ T9332] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[  473.655998][ T3625] usb 5-1: new high-speed USB device number 31 using dummy_hcd
[  474.593911][ T3625] usb 5-1: config 0 has an invalid interface number: 18 but max is 0
[  474.608346][ T3625] usb 5-1: config 0 has no interface number 0
[  474.655568][ T3625] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  475.929448][ T3625] usb 5-1: config 0 interface 18 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  476.204343][ T3625] usb 5-1: New USB device found, idVendor=054c, idProduct=03d5, bcdDevice= 0.10
[  476.232440][ T9370] netlink: 168 bytes leftover after parsing attributes in process `syz.0.1659'.
[  476.287021][ T3625] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  476.350820][ T3625] usb 5-1: Manufacturer: syz
[  476.401988][ T3625] usb 5-1: config 0 descriptor??
[  476.446451][ T3625] usb 5-1: can't set config #0, error -71
[  476.474589][ T3625] usb 5-1: USB disconnect, device number 31
[  476.971153][ T3616] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  477.891667][ T3616] usb 1-1: Using ep0 maxpacket: 8
[  478.774048][ T3616] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 13
[  478.784082][ T9384] chnl_net:caif_netlink_parms(): no params data found
[  478.922072][ T9384] bridge0: port 1(bridge_slave_0) entered blocking state
[  478.930260][ T9384] bridge0: port 1(bridge_slave_0) entered disabled state
[  478.939693][ T9384] device bridge_slave_0 entered promiscuous mode
[  478.949211][ T9384] bridge0: port 2(bridge_slave_1) entered blocking state
[  478.953803][ T1313] Bluetooth: hci5: command 0x0409 tx timeout
[  478.957546][ T3616] usb 1-1: New USB device found, idVendor=046d, idProduct=08ae, bcdDevice=11.58
[  478.972140][ T9384] bridge0: port 2(bridge_slave_1) entered disabled state
[  478.981380][ T3616] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  478.996978][ T9384] device bridge_slave_1 entered promiscuous mode
[  479.011405][ T3616] usb 1-1: Product: syz
[  479.019344][ T3616] usb 1-1: Manufacturer: syz
[  479.024457][ T3616] usb 1-1: SerialNumber: syz
[  479.031016][ T3616] usb 1-1: config 0 descriptor??
[  479.047562][ T9384] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  479.060454][ T9384] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  479.089272][ T3616] gspca_main: gspca_zc3xx-2.14.0 probing 046d:08ae
[  479.127578][ T9384] team0: Port device team_slave_0 added
[  479.139589][ T9384] team0: Port device team_slave_1 added
[  479.178784][ T9384] batman_adv: batadv0: Adding interface: batadv_slave_0
[  479.192530][ T9384] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.227317][ T9384] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  479.245269][ T9384] batman_adv: batadv0: Adding interface: batadv_slave_1
[  479.252291][ T9384] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  479.278733][ T9384] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  479.334608][ T9384] device hsr_slave_0 entered promiscuous mode
[  479.342511][ T9384] device hsr_slave_1 entered promiscuous mode
[  479.350286][ T9384] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  479.358530][ T9384] Cannot create hsr debugfs directory
[  479.458948][ T9384] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.519856][ T9384] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.585688][ T9384] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.672702][ T9384] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  479.782573][ T9384] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  479.796563][ T9384] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  479.805902][ T9384] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  479.814937][ T9384] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  479.898945][ T9384] 8021q: adding VLAN 0 to HW filter on device bond0
[  479.916684][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  479.925504][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  479.935835][ T9384] 8021q: adding VLAN 0 to HW filter on device team0
[  479.946747][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  479.956060][ T3614] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  479.965953][ T3614] bridge0: port 1(bridge_slave_0) entered blocking state
[  479.973007][ T3614] bridge0: port 1(bridge_slave_0) entered forwarding state
[  479.985849][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  479.994868][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  480.003475][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  480.012056][ T3625] bridge0: port 2(bridge_slave_1) entered blocking state
[  480.019120][ T3625] bridge0: port 2(bridge_slave_1) entered forwarding state
[  480.037246][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  480.053789][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  480.063365][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  480.074325][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  480.083361][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  480.106183][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  480.116130][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  480.125056][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  480.133484][ T3627] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  480.154781][ T9384] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  480.166501][ T9384] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  480.175242][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  480.183835][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  480.299181][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  480.306805][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  480.322970][ T9384] 8021q: adding VLAN 0 to HW filter on device batadv0
[  480.365642][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  480.374892][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  480.389591][    T9] device hsr_slave_0 left promiscuous mode
[  480.398571][    T9] device hsr_slave_1 left promiscuous mode
[  480.405649][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  480.413147][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[  480.421417][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  480.431520][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[  480.439731][    T9] device bridge_slave_0 left promiscuous mode
[  480.446210][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[  480.458922][    T9] device veth1_macvtap left promiscuous mode
[  480.465682][    T9] device veth0_macvtap left promiscuous mode
[  480.471751][    T9] device veth1_vlan left promiscuous mode
[  480.477720][    T9] device veth0_vlan left promiscuous mode
[  480.633287][    T9] team0 (unregistering): Port device team_slave_1 removed
[  480.652386][    T9] team0 (unregistering): Port device team_slave_0 removed
[  480.670040][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  480.684197][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  480.749404][    T9] bond0 (unregistering): Released all slaves
[  480.794103][ T3616] gspca_zc3xx: reg_w_i err -71
[  480.831276][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  480.840055][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  480.850823][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  480.859096][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  480.867252][ T9384] device veth0_vlan entered promiscuous mode
[  480.887245][ T9384] device veth1_vlan entered promiscuous mode
[  480.914764][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  480.923449][ T3618] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  480.938965][ T9384] device veth0_macvtap entered promiscuous mode
[  480.950291][ T9384] device veth1_macvtap entered promiscuous mode
[  480.967809][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  480.979763][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  480.989664][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  481.000750][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.010924][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  481.021799][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.034532][ T3618] Bluetooth: hci5: command 0x041b tx timeout
[  481.036799][ T9384] batman_adv: batadv0: Interface activated: batadv_slave_0
[  481.048667][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  481.057612][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  481.066019][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  481.075279][ T4786] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  481.087622][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  481.098203][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.108815][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  481.119917][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.132153][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  481.144290][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.154217][ T9384] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  481.164753][ T9384] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  481.176462][ T9384] batman_adv: batadv0: Interface activated: batadv_slave_1
[  481.201344][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  481.210505][ T3625] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  481.222101][ T9384] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  481.231514][ T9384] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  481.240730][ T9384] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  481.249824][ T9384] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  481.360052][ T3693] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  481.372925][ T3693] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  481.395101][ T3695] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  481.403296][ T3695] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  481.410414][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  481.422495][    T7] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  481.476353][ T3616] gspca_zc3xx: Unknown sensor - set to TAS5130C
[  481.482696][ T3616] gspca_zc3xx: probe of 1-1:0.0 failed with error -71
[  481.495109][ T3616] usb 1-1: USB disconnect, device number 24
[  482.779948][ T9425] "syz.0.1679" (9425) uses obsolete ecb(arc4) skcipher
[  483.636598][ T3618] Bluetooth: hci5: command 0x040f tx timeout
[  484.664173][ T9438] "syz.4.1684" (9438) uses obsolete ecb(arc4) skcipher
[  485.757969][ T3614] Bluetooth: hci5: command 0x0419 tx timeout
[  485.983292][ T9432] loop2: detected capacity change from 0 to 4096
[  489.850114][ T9456] loop3: detected capacity change from 0 to 512
[  489.862129][ T9460] loop2: detected capacity change from 0 to 512
[  489.902813][ T9462] device vlan2 entered promiscuous mode
[  489.948235][ T9456] EXT4-fs (loop3): Unrecognized mount option "euid>00000000000000000000" or missing value
[  489.969379][ T9462] device gretap0 entered promiscuous mode
[  490.016734][ T9462] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  490.096133][ T9460] EXT4-fs (loop2): 1 orphan inode deleted
[  490.101900][ T9460] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  490.203761][ T9460] ext4 filesystem being mounted at /258/file1 supports timestamps until 2038 (0x7fffffff)
[  490.417413][ T9462] device gretap0 left promiscuous mode
[  491.011097][ T9483] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1687'.
[  491.032247][ T9487] loop0: detected capacity change from 0 to 512
[  491.144848][ T9497] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1687'.
[  491.170161][ T9489] device vlan0 entered promiscuous mode
[  491.200728][ T9489] device gretap0 entered promiscuous mode
[  491.209326][ T9489] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  491.246646][ T9489] device gretap0 left promiscuous mode
[  491.297282][ T9487] EXT4-fs (loop0): 1 orphan inode deleted
[  491.311138][ T9487] EXT4-fs (loop0): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  491.335201][ T9487] ext4 filesystem being mounted at /358/file1 supports timestamps until 2038 (0x7fffffff)
[  491.347241][ T9501] loop3: detected capacity change from 0 to 2048
[  491.478491][ T9495] loop1: detected capacity change from 0 to 4096
[  491.560852][ T9501] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  492.251986][ T9501] EXT4-fs (loop3): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  492.300156][ T9495] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  492.483705][ T9483] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10)
[  492.490341][ T9483] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  492.524287][ T9483] vhci_hcd vhci_hcd.0: Device attached
[  492.539545][ T9518] vhci_hcd: connection closed
[  492.543089][ T5113] vhci_hcd: stop threads
[  492.560113][ T5113] vhci_hcd: release socket
[  492.564966][ T5113] vhci_hcd: disconnect device
[  493.153775][ T9526] device vlan2 entered promiscuous mode
[  493.180763][ T9526] device gretap0 entered promiscuous mode
[  493.189746][ T9526] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  493.208285][ T9526] device gretap0 left promiscuous mode
[  493.374373][ T9525] validate_nla: 5 callbacks suppressed
[  493.374393][ T9525] netlink: 'syz.4.1690': attribute type 10 has an invalid length.
[  493.699952][ T9525] team0: Port device netdevsim0 added
[  494.211639][ T9546] device vlan2 entered promiscuous mode
[  494.228350][ T9546] device gretap0 entered promiscuous mode
[  494.255448][ T9546] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  494.306918][ T9558] loop4: detected capacity change from 0 to 512
[  494.319555][ T9546] device gretap0 left promiscuous mode
[  494.444438][    T7] usb 3-1: new full-speed USB device number 17 using dummy_hcd
[  494.857511][ T9558] EXT4-fs (loop4): 1 orphan inode deleted
[  494.864681][    T7] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  494.943791][ T9558] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  494.955582][    T7] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  494.974675][    T7] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24948, setting to 64
[  494.986471][    T7] usb 3-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  494.996032][    T7] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  495.034642][ T9547] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  495.052673][ T9558] ext4 filesystem being mounted at /266/file1 supports timestamps until 2038 (0x7fffffff)
[  495.074883][    T7] hub 3-1:1.0: bad descriptor, ignoring hub
[  495.080844][    T7] hub: probe of 3-1:1.0 failed with error -5
[  495.099940][    T7] cdc_wdm 3-1:1.0: skipping garbage
[  495.105588][    T7] cdc_wdm 3-1:1.0: skipping garbage
[  495.151546][ T9567] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1703'.
[  495.165059][    T7] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  495.199983][    T7] cdc_wdm 3-1:1.0: Unknown control protocol
[  495.265956][ T9567] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1703'.
[  495.995780][ T9567] loop0: detected capacity change from 0 to 2048
[  496.024528][ T9580] netlink: 'syz.1.1708': attribute type 10 has an invalid length.
[  496.094117][ T9567] EXT4-fs (loop0): Ignoring removed mblk_io_submit option
[  496.131982][    T7] usb 3-1: USB disconnect, device number 17
[  496.195129][ T9580] team0: Port device netdevsim0 added
[  496.315420][ T9567] EXT4-fs (loop0): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  496.836106][ T9567] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(10)
[  496.842739][ T9567] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  496.843629][    T7] usb 3-1: new low-speed USB device number 18 using dummy_hcd
[  496.856983][ T9567] vhci_hcd vhci_hcd.0: Device attached
[  496.906006][ T9596] vhci_hcd: connection closed
[  496.908675][ T3696] vhci_hcd: stop threads
[  496.940944][ T3696] vhci_hcd: release socket
[  496.969555][ T3696] vhci_hcd: disconnect device
[  497.233745][ T9613] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1712'.
[  497.313720][    T7] usb 3-1: device not accepting address 18, error -71
[  497.350477][ T9613] team0: Device ipvlan1 failed to register rx_handler
[  499.463690][ T1313] usb 5-1: new high-speed USB device number 32 using dummy_hcd
[  499.692577][ T9640] device vlan2 entered promiscuous mode
[  499.699547][ T9640] device gretap0 entered promiscuous mode
[  499.709927][ T9640] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  499.731649][ T9640] device gretap0 left promiscuous mode
[  499.754747][ T1313] usb 5-1: too many configurations: 9, using maximum allowed: 8
[  499.843872][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  499.858949][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  499.875092][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0
[  499.963927][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  499.965707][ T9646] loop3: detected capacity change from 0 to 512
[  499.982777][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.002536][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0
[  500.093695][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.109356][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.134835][ T9646] EXT4-fs (loop3): 1 orphan inode deleted
[  500.141858][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0
[  500.142952][ T9646] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  500.174003][ T9646] ext4 filesystem being mounted at /9/file1 supports timestamps until 2038 (0x7fffffff)
[  500.235783][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.262258][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.293011][ T9651] netlink: 'syz.2.1721': attribute type 10 has an invalid length.
[  500.306668][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0
[  500.371263][ T9651] team0: Port device netdevsim0 added
[  500.400293][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  500.418670][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  500.490496][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0
[  501.173924][ T9657] loop2: detected capacity change from 0 to 2048
[  501.214292][ T9662] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1726'.
[  501.224049][ T1313] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  501.233048][ T1313] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  501.248868][ T9662] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1726'.
[  501.263793][ T1313] usb 5-1: config 0 interface 0 has no altsetting 0
[  501.286370][ T9662] loop1: detected capacity change from 0 to 2048
[  501.316442][ T9657] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  501.338512][ T9662] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  501.382917][   T26] audit: type=1800 audit(1723768122.899:256): pid=9657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1723" name="memory.events" dev="loop2" ino=18 res=0 errno=0
[  501.424837][ T1313] usb 5-1: unable to read config index 6 descriptor/all
[  501.443673][ T9670] loop0: detected capacity change from 0 to 4096
[  501.470681][ T1313] usb 5-1: can't read configurations, error -71
[  501.553744][ T9670] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[  501.582451][ T9662] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  501.617868][   T26] audit: type=1804 audit(1723768122.939:257): pid=9657 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1723" name="/newroot/264/file1/memory.events" dev="loop2" ino=18 res=1 errno=0
[  501.838250][ T9679] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  501.856115][ T9679] EXT4-fs (loop2): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  501.869391][ T9679] EXT4-fs (loop2): This should not happen!! Data will be lost
[  501.869391][ T9679] 
[  501.879270][ T9679] EXT4-fs (loop2): Total free blocks count 0
[  501.885356][ T9679] EXT4-fs (loop2): Free/Dirty block details
[  501.891321][ T9679] EXT4-fs (loop2): free_blocks=2415919104
[  501.897148][ T9679] EXT4-fs (loop2): dirty_blocks=32
[  501.902304][ T9679] EXT4-fs (loop2): Block reservation details
[  501.908371][ T9679] EXT4-fs (loop2): i_reserved_data_blocks=2
[  502.117216][ T1059] block nbd4: Attempted send on invalid socket
[  502.125535][ T1059] blk_update_request: I/O error, dev nbd4, sector 2 op 0x0:(READ) flags 0x800 phys_seg 1 prio class 0
[  502.170565][ T9681] hfsplus: unable to find HFS+ superblock
[  502.242649][ T9662] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(10)
[  502.249286][ T9662] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  502.259550][ T9662] vhci_hcd vhci_hcd.0: Device attached
[  502.269650][ T9682] vhci_hcd: connection closed
[  502.273914][ T3696] vhci_hcd: stop threads
[  502.283133][ T3696] vhci_hcd: release socket
[  502.361723][ T3696] vhci_hcd: disconnect device
[  502.421403][ T9688] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1732'.
[  502.451796][ T9691] team0: Device ipvlan1 failed to register rx_handler
[  502.555119][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  502.569070][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  502.932117][ T4786] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  503.183682][ T4786] usb 1-1: Using ep0 maxpacket: 8
[  503.214389][ T9695] loop1: detected capacity change from 0 to 1024
[  503.303911][ T4786] usb 1-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  503.312985][ T4786] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  503.327814][ T9695] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #4: comm syz.1.1734: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  503.364776][ T9695] EXT4-fs error (device loop1): ext4_quota_enable:6390: comm syz.1.1734: Bad quota inode: 4, type: 1
[  503.386462][ T9695] EXT4-fs warning (device loop1): ext4_enable_quotas:6431: Failed to enable quota tracking (type=1, err=-117, ino=4). Please run e2fsck to fix.
[  503.407137][ T9695] EXT4-fs (loop1): mount failed
[  503.446826][ T4786] usb 1-1: config 0 descriptor??
[  503.520748][ T4786] usb 1-1: bad CDC descriptors
[  503.546552][ T4786] usb 1-1: bad CDC descriptors
[  503.566550][ T4786] cdc_acm 1-1:0.0: Zero length descriptor references
[  503.597578][ T4786] cdc_acm: probe of 1-1:0.0 failed with error -22
[  503.769452][ T9704] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1734'.
[  504.236689][ T1313] usb 1-1: USB disconnect, device number 25
[  504.306188][ T9708] netlink: 'syz.3.1735': attribute type 10 has an invalid length.
[  504.379857][ T9708] team0: Port device netdevsim0 added
[  504.545151][ T9713] loop1: detected capacity change from 0 to 512
[  505.168753][ T9713] EXT4-fs (loop1): 1 orphan inode deleted
[  505.185844][ T9713] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  505.263407][ T9713] ext4 filesystem being mounted at /289/file1 supports timestamps until 2038 (0x7fffffff)
[  505.311901][ T9720] loop3: detected capacity change from 0 to 2048
[  505.382526][ T9723] loop2: detected capacity change from 0 to 256
[  505.439799][ T9720] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  505.562577][   T26] audit: type=1800 audit(1723768127.079:258): pid=9720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1740" name="memory.events" dev="loop3" ino=18 res=0 errno=0
[  506.277899][ T9728] loop4: detected capacity change from 0 to 2048
[  506.338660][ T9733] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  506.353641][ T9733] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  506.365918][ T9733] EXT4-fs (loop3): This should not happen!! Data will be lost
[  506.365918][ T9733] 
[  506.375855][ T9733] EXT4-fs (loop3): Total free blocks count 0
[  506.381823][ T9733] EXT4-fs (loop3): Free/Dirty block details
[  506.387719][ T9733] EXT4-fs (loop3): free_blocks=2415919104
[  506.393415][ T9733] EXT4-fs (loop3): dirty_blocks=32
[  506.398786][ T9733] EXT4-fs (loop3): Block reservation details
[  506.404772][ T9733] EXT4-fs (loop3): i_reserved_data_blocks=2
[  506.479357][ T9723] FAT-fs (loop2): Directory bread(block 64) failed
[  506.514041][ T9723] FAT-fs (loop2): Directory bread(block 65) failed
[  506.593828][ T9723] FAT-fs (loop2): Directory bread(block 66) failed
[  506.602420][   T26] audit: type=1804 audit(1723768127.079:259): pid=9720 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1740" name="/newroot/14/file1/memory.events" dev="loop3" ino=18 res=1 errno=0
[  506.608644][ T9723] FAT-fs (loop2): Directory bread(block 67) failed
[  506.636971][ T9736] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1743'.
[  506.665957][ T9723] FAT-fs (loop2): Directory bread(block 68) failed
[  506.672812][ T9723] FAT-fs (loop2): Directory bread(block 69) failed
[  506.681474][ T9728] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  506.693462][ T9723] FAT-fs (loop2): Directory bread(block 70) failed
[  506.700352][ T9723] FAT-fs (loop2): Directory bread(block 71) failed
[  506.709824][ T9723] FAT-fs (loop2): Directory bread(block 72) failed
[  506.717636][ T9723] FAT-fs (loop2): Directory bread(block 73) failed
[  506.730018][ T9741] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1754'.
[  506.964478][   T26] audit: type=1800 audit(1723768128.299:260): pid=9728 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1742" name="memory.events" dev="loop4" ino=18 res=0 errno=0
[  506.998269][ T9741] team0: Device ipvlan1 failed to register rx_handler
[  507.760962][ T9751] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1744'.
[  508.437182][ T9751] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1744'.
[  508.577891][ T9747] loop0: detected capacity change from 0 to 4096
[  508.612992][ T9754] loop2: detected capacity change from 0 to 2048
[  508.709360][ T9754] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  508.773899][ T9754] EXT4-fs (loop2): mounted filesystem without journal. Opts: nombcache,usrjquota=,errors=remount-ro,norecovery,abort,mblk_io_submit,nouid32,barrier=0x0000000000000000,grpjquota=,bsddf,. Quota mode: none.
[  509.190464][ T9751] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(10)
[  509.197072][ T9751] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  509.238995][ T9769] netlink: 'syz.0.1752': attribute type 10 has an invalid length.
[  509.293849][ T9751] vhci_hcd vhci_hcd.0: Device attached
[  509.401862][ T9770] vhci_hcd: connection closed
[  509.402343][ T3695] vhci_hcd: stop threads
[  509.476788][ T9769] team0: Port device netdevsim0 added
[  509.499519][ T3695] vhci_hcd: release socket
[  509.573752][ T4786] usb 13-1: new high-speed USB device number 2 using vhci_hcd
[  509.581588][ T3695] vhci_hcd: disconnect device
[  510.232818][ T9785] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1759'.
[  510.384659][ T9788] loop3: detected capacity change from 0 to 2048
[  510.414009][ T9785] device veth0_macvtap left promiscuous mode
[  510.761709][ T9788] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  510.815906][ T9788] UDF-fs: Scanning with blocksize 512 failed
[  510.921704][ T9788] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  513.279506][    C0] TCP: request_sock_TCP: Possible SYN flooding on port 2. Sending cookies.  Check SNMP counters.
[  513.547299][ T9811] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1767'.
[  513.630919][ T9813] loop3: detected capacity change from 0 to 1024
[  513.691974][ T9814] team0: Device ipvlan1 failed to register rx_handler
[  513.889707][ T9813] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,debug_want_extra_isize=0x0000000000000088,resuid=0x0000000000000000,max_batch_time=0x0000000000000003,resgid=0x0000000000000000,usrquota,data_err=abort,data_err=abort,,errors=continue. Quota mode: writeback.
[  513.915978][    C0] vkms_vblank_simulate: vblank timer overrun
[  514.409755][ T9828] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1775'.
[  514.563291][ T9828] device veth0_macvtap left promiscuous mode
[  514.565703][ T9824] loop3: detected capacity change from 0 to 2048
[  514.764233][ T4786] vhci_hcd: vhci_device speed not set
[  515.320770][ T9830] loop1: detected capacity change from 0 to 1024
[  515.491247][ T9830] EXT4-fs (loop1): Ignoring removed orlov option
[  515.528270][ T9830] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  515.580990][ T9830] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.
[  515.602437][ T9840] loop4: detected capacity change from 0 to 1024
[  515.614230][ T9824] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  515.693806][   T26] audit: type=1800 audit(1723768137.209:261): pid=9824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1773" name="memory.events" dev="loop3" ino=18 res=0 errno=0
[  515.732872][   T26] audit: type=1804 audit(1723768137.249:262): pid=9824 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1773" name="/newroot/21/file1/memory.events" dev="loop3" ino=18 res=1 errno=0
[  516.107678][ T9846] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  516.123223][ T9846] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 32 with error 28
[  516.135588][ T9846] EXT4-fs (loop3): This should not happen!! Data will be lost
[  516.135588][ T9846] 
[  516.145379][ T9846] EXT4-fs (loop3): Total free blocks count 0
[  516.151420][ T9846] EXT4-fs (loop3): Free/Dirty block details
[  516.157505][ T9846] EXT4-fs (loop3): free_blocks=2415919104
[  516.163298][ T9846] EXT4-fs (loop3): dirty_blocks=32
[  516.168483][ T9846] EXT4-fs (loop3): Block reservation details
[  516.174529][ T9846] EXT4-fs (loop3): i_reserved_data_blocks=2
[  516.957055][ T9863] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1781'.
[  517.372410][ T9863] loop3: detected capacity change from 0 to 40427
[  517.413637][ T9863] F2FS-fs (loop3): Small segment_count (9 < 1 * 24)
[  517.420282][ T9863] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  517.672705][ T9863] F2FS-fs (loop3): Found nat_bits in checkpoint
[  517.820634][ T9863] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  517.838715][ T9863] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  517.927468][ T9840] attempt to access beyond end of device
[  517.927468][ T9840] loop4: rw=0, want=201326594, limit=1024
[  517.939641][ T9840] buffer_io_error: 19 callbacks suppressed
[  517.940396][ T9840] Buffer I/O error on dev loop4, logical block 100663296, async page read
[  517.959339][ T9840] hfsplus: unable to mark blocks free: error -5
[  517.967773][ T9840] hfsplus: can't free extent
[  517.975116][ T9840] 
[  517.977459][ T9840] ======================================================
[  517.984464][ T9840] WARNING: possible circular locking dependency detected
[  517.991496][ T9840] 5.15.164-syzkaller #0 Not tainted
[  517.996663][ T9840] ------------------------------------------------------
[  518.003648][ T9840] syz.4.1778/9840 is trying to acquire lock:
[  518.010123][ T9840] ffff8880642be0b0 (&tree->tree_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x864/0xb80
[  518.020063][ T9840] 
[  518.020063][ T9840] but task is already holding lock:
[  518.027403][ T9840] ffff888073aeb048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2e1/0xb80
[  518.038510][ T9840] 
[  518.038510][ T9840] which lock already depends on the new lock.
[  518.038510][ T9840] 
[  518.048887][ T9840] 
[  518.048887][ T9840] the existing dependency chain (in reverse order) is:
[  518.057889][ T9840] 
[  518.057889][ T9840] -> #1 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}:
[  518.067101][ T9840]        lock_acquire+0x1db/0x4f0
[  518.072185][ T9840]        __mutex_lock_common+0x1da/0x25a0
[  518.077938][ T9840]        mutex_lock_nested+0x17/0x20
[  518.083197][ T9840]        hfsplus_file_extend+0x1d2/0x1b10
[  518.088931][ T9840]        hfsplus_bmap_reserve+0x101/0x4e0
[  518.094624][ T9840]        hfsplus_create_cat+0x1a9/0x1ba0
[  518.100230][ T9840]        hfsplus_fill_super+0x13e6/0x1c90
[  518.105925][ T9840]        mount_bdev+0x2c9/0x3f0
[  518.110769][ T9840]        legacy_get_tree+0xeb/0x180
[  518.115987][ T9840]        vfs_get_tree+0x88/0x270
[  518.120912][ T9840]        do_new_mount+0x2ba/0xb40
[  518.126003][ T9840]        __se_sys_mount+0x2d5/0x3c0
[  518.131185][ T9840]        do_syscall_64+0x3b/0xb0
[  518.136242][ T9840]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  518.142678][ T9840] 
[  518.142678][ T9840] -> #0 (&tree->tree_lock){+.+.}-{3:3}:
[  518.150430][ T9840]        validate_chain+0x1649/0x5930
[  518.155791][ T9840]        __lock_acquire+0x1295/0x1ff0
[  518.161142][ T9840]        lock_acquire+0x1db/0x4f0
[  518.166140][ T9840]        __mutex_lock_common+0x1da/0x25a0
[  518.171840][ T9840]        mutex_lock_nested+0x17/0x20
[  518.177098][ T9840]        hfsplus_file_truncate+0x864/0xb80
[  518.182880][ T9840]        hfsplus_setattr+0x1b9/0x280
[  518.188139][ T9840]        notify_change+0xc6d/0xf50
[  518.193282][ T9840]        do_truncate+0x21c/0x300
[  518.198238][ T9840]        path_openat+0x28a3/0x2f20
[  518.203329][ T9840]        do_filp_open+0x21c/0x460
[  518.208335][ T9840]        do_sys_openat2+0x13b/0x4f0
[  518.213507][ T9840]        __x64_sys_creat+0x11f/0x160
[  518.218808][ T9840]        do_syscall_64+0x3b/0xb0
[  518.223723][ T9840]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  518.230158][ T9840] 
[  518.230158][ T9840] other info that might help us debug this:
[  518.230158][ T9840] 
[  518.240364][ T9840]  Possible unsafe locking scenario:
[  518.240364][ T9840] 
[  518.247789][ T9840]        CPU0                    CPU1
[  518.253134][ T9840]        ----                    ----
[  518.258471][ T9840]   lock(&HFSPLUS_I(inode)->extents_lock);
[  518.264253][ T9840]                                lock(&tree->tree_lock);
[  518.271421][ T9840]                                lock(&HFSPLUS_I(inode)->extents_lock);
[  518.279721][ T9840]   lock(&tree->tree_lock);
[  518.284204][ T9840] 
[  518.284204][ T9840]  *** DEADLOCK ***
[  518.284204][ T9840] 
[  518.292316][ T9840] 3 locks held by syz.4.1778/9840:
[  518.297427][ T9840]  #0: ffff88801f50a460 (sb_writers#25){.+.+}-{0:0}, at: mnt_want_write+0x3b/0x80
[  518.306635][ T9840]  #1: ffff888073aeb240 (&sb->s_type->i_mutex_key#28){+.+.}-{3:3}, at: do_truncate+0x208/0x300
[  518.317058][ T9840]  #2: ffff888073aeb048 (&HFSPLUS_I(inode)->extents_lock){+.+.}-{3:3}, at: hfsplus_file_truncate+0x2e1/0xb80
[  518.328607][ T9840] 
[  518.328607][ T9840] stack backtrace:
[  518.334542][ T9840] CPU: 0 PID: 9840 Comm: syz.4.1778 Not tainted 5.15.164-syzkaller #0
[  518.342792][ T9840] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  518.352988][ T9840] Call Trace:
[  518.356319][ T9840]  <TASK>
[  518.359228][ T9840]  dump_stack_lvl+0x1e3/0x2d0
[  518.363924][ T9840]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  518.369619][ T9840]  ? print_circular_bug+0x12b/0x1a0
[  518.375235][ T9840]  check_noncircular+0x2f8/0x3b0
[  518.380153][ T9840]  ? add_chain_block+0x850/0x850
[  518.385064][ T9840]  ? lockdep_lock+0x11f/0x2a0
[  518.389715][ T9840]  validate_chain+0x1649/0x5930
[  518.394545][ T9840]  ? mark_lock+0x98/0x340
[  518.398851][ T9840]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  518.404805][ T9840]  ? reacquire_held_locks+0x660/0x660
[  518.410154][ T9840]  ? print_irqtrace_events+0x210/0x210
[  518.415592][ T9840]  ? do_raw_spin_unlock+0x137/0x8b0
[  518.420765][ T9840]  ? raw_spin_rq_unlock_irq+0x17/0x80
[  518.426187][ T9840]  ? look_up_lock_class+0x77/0x120
[  518.431290][ T9840]  ? register_lock_class+0x100/0x9a0
[  518.436564][ T9840]  ? __schedule+0x1462/0x45b0
[  518.441217][ T9840]  ? is_dynamic_key+0x1f0/0x1f0
[  518.446049][ T9840]  ? mark_lock+0x98/0x340
[  518.450353][ T9840]  __lock_acquire+0x1295/0x1ff0
[  518.455185][ T9840]  lock_acquire+0x1db/0x4f0
[  518.459674][ T9840]  ? hfsplus_file_truncate+0x864/0xb80
[  518.465119][ T9840]  ? read_lock_is_recursive+0x10/0x10
[  518.470476][ T9840]  ? preempt_schedule+0xd9/0xe0
[  518.475306][ T9840]  ? __might_sleep+0xc0/0xc0
[  518.480412][ T9840]  ? vprintk_emit+0x141/0x150
[  518.485099][ T9840]  __mutex_lock_common+0x1da/0x25a0
[  518.490279][ T9840]  ? hfsplus_file_truncate+0x864/0xb80
[  518.495770][ T9840]  ? hfsplus_free_extents+0x186/0xae0
[  518.501120][ T9840]  ? hfsplus_file_truncate+0x864/0xb80
[  518.506550][ T9840]  ? panic+0x860/0x860
[  518.510644][ T9840]  ? mutex_lock_io_nested+0x60/0x60
[  518.515817][ T9840]  ? hfsplus_free_extents+0xd3/0xae0
[  518.521078][ T9840]  ? hfsplus_free_extents+0x47e/0xae0
[  518.526427][ T9840]  mutex_lock_nested+0x17/0x20
[  518.531174][ T9840]  hfsplus_file_truncate+0x864/0xb80
[  518.536433][ T9840]  ? print_irqtrace_events+0x210/0x210
[  518.541863][ T9840]  ? hfsplus_add_extent+0x880/0x880
[  518.547033][ T9840]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  518.552737][ T9840]  hfsplus_setattr+0x1b9/0x280
[  518.557482][ T9840]  ? hfsplus_write_failed+0x90/0x90
[  518.562657][ T9840]  notify_change+0xc6d/0xf50
[  518.567230][ T9840]  do_truncate+0x21c/0x300
[  518.571620][ T9840]  ? rcu_lock_release+0x20/0x20
[  518.576446][ T9840]  ? ima_bprm_check+0x2b0/0x2b0
[  518.581336][ T9840]  ? bpf_lsm_path_truncate+0x5/0x10
[  518.586544][ T9840]  path_openat+0x28a3/0x2f20
[  518.591298][ T9840]  ? do_filp_open+0x460/0x460
[  518.595957][ T9840]  do_filp_open+0x21c/0x460
[  518.600436][ T9840]  ? vfs_tmpfile+0x2e0/0x2e0
[  518.604999][ T9840]  ? _raw_spin_unlock+0x24/0x40
[  518.609829][ T9840]  ? alloc_fd+0x598/0x630
[  518.614137][ T9840]  do_sys_openat2+0x13b/0x4f0
[  518.618787][ T9840]  ? read_lock_is_recursive+0x10/0x10
[  518.624133][ T9840]  ? do_sys_open+0x220/0x220
[  518.628712][ T9840]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  518.635090][ T9840]  __x64_sys_creat+0x11f/0x160
[  518.639932][ T9840]  ? __x64_compat_sys_openat+0x290/0x290
[  518.645633][ T9840]  ? syscall_enter_from_user_mode+0x2e/0x240
[  518.651707][ T9840]  ? lockdep_hardirqs_on+0x94/0x130
[  518.656984][ T9840]  ? syscall_enter_from_user_mode+0x2e/0x240
[  518.662947][ T9840]  do_syscall_64+0x3b/0xb0
[  518.667349][ T9840]  ? clear_bhb_loop+0x15/0x70
[  518.672012][ T9840]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  518.677937][ T9840] RIP: 0033:0x7f67a142d9b9
[  518.682339][ T9840] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  518.703268][ T9840] RSP: 002b:00007f679f8aa038 EFLAGS: 00000246 ORIG_RAX: 0000000000000055
[  518.711671][ T9840] RAX: ffffffffffffffda RBX: 00007f67a15c9f80 RCX: 00007f67a142d9b9
[  518.720057][ T9840] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000020000080
[  518.728007][ T9840] RBP: 00007f67a149b8d8 R08: 0000000000000000 R09: 0000000000000000
[  518.735953][ T9840] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  518.743992][ T9840] R13: 0000000000000000 R14: 00007f67a15c9f80 R15: 00007ffe03bf99f8
[  518.752080][ T9840]  </TASK>
[  518.886977][ T9875] loop1: detected capacity change from 0 to 1024
[  519.049137][ T9875] EXT4-fs (loop1): Ignoring removed orlov option
[  519.064029][ T9875] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  519.076066][ T9875] EXT4-fs (loop1): mounted filesystem without journal. Opts: noblock_validity,bsddf,sysvgroups,norecovery,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,nomblk_io_submit,,errors=continue. Quota mode: none.