last executing test programs:

4m51.422170861s ago: executing program 5 (id=153):
r0 = epoll_create(0x7)
r1 = epoll_create1(0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0x10)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000100))
r3 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r1, &(0x7f0000000680))

4m50.919846953s ago: executing program 5 (id=155):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000000340)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0xfffffffe)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$netlink(r1, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000003e80)=ANY=[], 0x10b8}], 0x1, 0x0, 0x0, 0x2000c040}, 0x20000000)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f00000003c0)={0x0, 0x1}, 0x8)
close(r1)

4m50.323280155s ago: executing program 5 (id=157):
creat(0x0, 0x10)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000640)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_CONNECT(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000005c0)={0x34, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_SSID={0x5, 0x34, @random="8b"}, @NL80211_ATTR_WIPHY_EDMG_CHANNELS={0x5, 0x118, 0x25}, @chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8}]]}, 0x34}}, 0x0)

4m49.799939695s ago: executing program 5 (id=160):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
umount2(&(0x7f0000000040)='./file0/file0\x00', 0x8)

4m49.377819017s ago: executing program 5 (id=162):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000000)={@my=0x0})
r1 = openat$vmci(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f00000002c0)={@local})
ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r1, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1})

4m48.619837194s ago: executing program 5 (id=167):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec96558", 0xe}], 0x1)

4m47.877902748s ago: executing program 32 (id=167):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000500), 0x400, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @link_local})
writev(r0, &(0x7f0000000040)=[{&(0x7f0000000100)="89e7ee2c78dad9b4b473fec96558", 0xe}], 0x1)

4m45.191607447s ago: executing program 4 (id=181):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@nfs_export_on}]})
chdir(&(0x7f00000000c0)='./bus\x00')
r0 = creat(&(0x7f0000000440)='./file0\x00', 0x0)
open_by_handle_at(r0, &(0x7f0000000140)=@OVL_FILEID_V1={0x18, 0x300fb, {'\x00', {0x0, 0xfb, 0xfffffffffffffea5, 0x7, 0x5, "e8371f2efe0868327a31a705ec978547"}}}, 0x40040)

4m44.641410748s ago: executing program 4 (id=184):
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000100)={0xffffffffffffffff, &(0x7f00000005c0)="5eb133b3f92be2177f"}, 0x20)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x3}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB="20010000", @ANYRES16=r1, @ANYBLOB="050000000000000000000f00000008000300", @ANYRES32=r3, @ANYBLOB="47000e00800000000802110000000802110000015050505050500000000000000000000064000000000602020202020204060000000000000602000025030034003c040106b80400080026006c09000008000c006400000008000d0000000000a2000f00329c"], 0x120}, 0x1, 0x0, 0x0, 0x90}, 0x0)

4m43.941309727s ago: executing program 4 (id=185):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0)
r1 = syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee2, 0x0, 0x2, 0xbfdffffc}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f4, 0x0, 0x40, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0xd)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000001ac0)=0x1)

4m42.899675621s ago: executing program 4 (id=188):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x19cc5, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

4m42.547948061s ago: executing program 4 (id=189):
r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r0, &(0x7f0000000100)={0x1f, 0xffff}, 0x6)
setsockopt$bt_hci_HCI_FILTER(r0, 0x0, 0x2, &(0x7f0000000180)={0xfffc, [0x5, 0xffffffff]}, 0x10)
readv(r0, &(0x7f0000000940)=[{&(0x7f0000000200)=""/240, 0xf0}], 0x1)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f00000000c0)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x0)

4m39.062843432s ago: executing program 4 (id=201):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000300)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1, 0x0, 0x3}, 0x18)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, &(0x7f0000000180)=""/74, 0x4a)

4m38.468313413s ago: executing program 33 (id=201):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000012c0)=ANY=[@ANYBLOB="120100001ddf8208c007121522300000000109021b0001000000010904000001faf40d000905820349"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000380)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}}, &(0x7f0000000300)='GPL\x00', 0x5, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7fffffff, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1, 0x0, 0x3}, 0x18)
syz_usb_ep_write$ath9k_ep1(r0, 0x82, 0x0, 0x0)
r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r2, &(0x7f0000000180)=""/74, 0x4a)

2m11.415278488s ago: executing program 2 (id=910):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000080)=0x3)
socket$inet6_sctp(0xa, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r1 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x1a01, 0x0)
ioctl$EVIOCGPROP(r1, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSFLAGS1(r1, 0x80047458, 0x0)

2m10.972529148s ago: executing program 2 (id=912):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0x3)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000040)='syz_tun\x00', 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000280)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0xfffffffb, 0xfffffffe}]}}}}}}}, 0x0)

2m10.63514093s ago: executing program 2 (id=914):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000003c0)={'wlan0\x00', <r1=>0x0})
sendmsg$NL80211_CMD_CHANNEL_SWITCH(r0, 0x0, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
sendmsg$NL80211_CMD_FRAME(r2, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)={0x54, r3, 0x1, 0x70bd2c, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_FRAME={0x33, 0x33, @probe_request={{{0x0, 0x0, 0x4, 0x0, 0x0, 0x1, 0x1, 0x1, 0x1, 0x0, 0x1}, {0x1}, @broadcast, @device_a, @initial, {0x4, 0x9}, @value=@ver_80211n={0x0, 0x9, 0x3, 0x3, 0x0, 0x3, 0x0, 0x0, 0x1}}, @val={0x0, 0x6, @default_ibss_ssid}, @void, @val={0x3, 0x1, 0xc}, @void, @val={0x72, 0x6}}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x4}]}, 0x54}, 0x1, 0x0, 0x0, 0x6a845ecb4f20be71}, 0x24008080)

2m10.32487785s ago: executing program 2 (id=916):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x10000, &(0x7f0000000100)={[{@nobh}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x40}}, {@quota}]}, 0x3, 0x4d5, &(0x7f0000001180)="$eJzs3M9vVNUeAPDvnXZogQevj8fjCaIU0NiY2EJBIcYNJiYuNDHiQpZNWwkygKFdCCFSEoNrEveujTtN3OrSuPIPwIULE0JCDBvA1Zg7c2/nR2emHTplKPP5JNOec++595xz7z13zpwzdwIYWOPpnyTiXxFxOyL+XY02Jhiv/nt4/9rso/vXZmOpXD79V1JJ9yCNZ/LttmeRiUJE4cukaYdVC1eunp8pleYvZ/GpxQufTS1cufrauQszZ+fPzl+cPnny+LGjJ96Yfr37SrXIL63Xg31fXNq/990zt96fHc6Xj2b/6+vR1nB3xRjvsO7l7nb11NtRF05WHqfrT7QwrNlodlkX0/Z/rXToTL8LBDwx5XK5PNJ+9VK52Y0VS4BNK4l+lwDoj/yNPv38m7+eUNfjqXDvVPUDUFrvh9mrumY4ClmaYtPn214aj4iPl/7+Jn1Fp3GIPzaoAADAwPn5VN4TbO7/FWJPXbqd2RzKWET8JyJ2RcR/I2J3RPwvopL2/xHxXHMGSUS5Q/67m+K1/H/IZhEKd9ddyQ7S/t9b2dxWY/8v7/3F2FAW2xGRd5jnj2THZCKKI5+cK80fre3yzs66/W9ZJf/6/l/6SvPP+4JZOe4ONw3Qzc0szqyjyg3u3YjYN9xc/2Q4PXH5NE4SEXsjYl8X+x2rC5979dv9y5FiY7rV619RbjGl1/V8XCvlNyNeqZ7/pWg4/7Uck87zk1OjUZo/MpVeBUda5vHrbzc/aJf/qvX/8c/mTd458dPp9VZ7WXr+t9Vd/5HP39bqP5ZEJMvztQsR5aHu8rj5+1eV/Y4fXrnuca//LclHlXDevj6fWVy8fDRiS/LeyuXTtW3zeJ4+rf/E4dbtf1e2TXokno+I9CJ+ISJejIgDWdkPRsShiGhRtWW/vP3Sp+3W1dV/NCLaXf8bJq3/XMv7X8P5r83XrzGQb5wuGTp/8PajNjePtZ3/45XQRLak9f0vabhFrLWk6zt6AAAAsDkUovLd/8LkcrhQmJysjgHtjm2F0qWFxQMRcXGu+ozAWBQL+UhXdTy4mOTjn2N18emm+LFs3Pjroa2V+OTspdJcvysPA257pc0nK9p/6k6X47zAJtSDeTTgGbXnVr9LAGwU7/8wuOra/1KbJEu+KQPPJu//MLhatf/r8V3HZxfcM2DzK2vLMNC0fxhcw/Hhcrjy2HPLp22BZ5H3fxhI3T7X312gPNJ61Wi0+MWA0Y0pxtYWefUlkPaserjDYkSsLfHWx8ki7wK2/4WHQnc7HImVq4ai01ZJF7/jkAfSo7Jq4rN7en7x57+J0uvL5vtaOy2u8XT3KNCX2xEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDP/RMAAP//QL3Umw==")
open(&(0x7f0000000200)='./bus\x00', 0x14507e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r0 = open(&(0x7f0000000200)='./bus\x00', 0x0, 0x0)
ioctl$BLKROSET(r0, 0x125d, &(0x7f0000000080)=0x3f)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x0, 0x8000c62)

2m8.989838486s ago: executing program 2 (id=920):
r0 = socket(0x10, 0x3, 0x0)
bind$netlink(r0, &(0x7f0000177ff4)={0x10, 0x0, 0x1}, 0xc)
write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26)
connect$netlink(r0, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x1}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4)
write(r0, &(0x7f0000000000)='\"', 0xfdef)
recvfrom$inet_nvme(r0, &(0x7f0000000800)=""/98, 0x62, 0x2f0, &(0x7f0000000e00)=@qipcrtr={0x2a, 0x0, 0x3fff}, 0x80)

2m7.887754779s ago: executing program 2 (id=928):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="02"], 0x10)

2m7.090763939s ago: executing program 34 (id=928):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000e40)=ANY=[@ANYRES32=r0, @ANYRES32=r1, @ANYBLOB="02"], 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000001180)=ANY=[@ANYRES32=r2, @ANYRES32=r3, @ANYBLOB="02"], 0x10)

39.154459741s ago: executing program 0 (id=1410):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r0, &(0x7f0000000440)={0x28, 0x0, 0x2710, @host}, 0x10)
listen(r0, 0x0)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r2 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg(r1, &(0x7f0000000d40)=[{{0x0, 0x0, &(0x7f0000000680)=[{&(0x7f0000000240)="e9a4ea8d24", 0x5}], 0x1}}], 0x1, 0x4008)
recvmsg$kcm(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000500)=""/135, 0x87}], 0x1}, 0x40000000)

38.987836977s ago: executing program 0 (id=1411):
openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/bus/input/devices\x00', 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000600), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000000540)=""/120, 0x0, 0x80a0000})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x0, 0x0, &(0x7f00000000c0)=""/87, 0x0, 0x5000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000380))
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x20000)
ioctl$VHOST_GET_VRING_ENDIAN(r0, 0x4028af11, &(0x7f00000001c0))

38.043540757s ago: executing program 0 (id=1416):
open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x4)
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000400)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000640)=ANY=[@ANYBLOB="a800000000000080e8dec85a44e0f01cf138ee1fe6e1a2ac1fd2be1c2d88"], 0xa8)
mount$9p_fd(0x0, &(0x7f0000000280)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})
chmod(&(0x7f0000000080)='./file0\x00', 0x189)

37.109451841s ago: executing program 0 (id=1418):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000040)='./file0/file0\x00', 0x0, 0x2125099, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000180)='./file0/file0\x00', 0xffffffffffffff9c, &(0x7f00000002c0)='./file0\x00', 0x167)

36.535965272s ago: executing program 0 (id=1421):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r0}, 0x10)
r1 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8924, 0x0)
dup(0xffffffffffffffff)
fsetxattr$system_posix_acl(r1, 0x0, 0x0, 0x0, 0x2)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
utimes(&(0x7f0000000000)='.\x00', 0x0)

35.924782795s ago: executing program 0 (id=1427):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f77fff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
read$rfkill(r2, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180))

35.294267896s ago: executing program 35 (id=1427):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
ioctl$TCSETSW(r0, 0x5403, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xffffffff, 0x0, "ff3f66fa733f1b33e356d25b90c98fe587b88a"})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x0, 0x0, 0x0, "0062ba0700000000ebffffff0000f77fff00"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup3(r1, r0, 0x0)
read$rfkill(r2, &(0x7f00000002c0), 0x8)
ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000180))

12.531193941s ago: executing program 7 (id=1514):
openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x4df, &(0x7f0000000480)={0x0, 0x938c, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1})
io_uring_enter(r2, 0x708, 0x41e3, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000002c0)={0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x0, &(0x7f0000000240)={0x1f, 0x0, 0x0, 0x0, 0x65}, &(0x7f0000000280)={0x0, 0x3938700}, 0x0)

11.668111s ago: executing program 8 (id=1518):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001e80)=ANY=[@ANYBLOB="0b000000080000000c000000ffffffff01"], 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000040), 0x81, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xd, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000010b704000000000000850000000100000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000000c0)={'bridge_slave_0\x00', <r3=>0x0})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000005a40)=ANY=[@ANYBLOB="b400000010000904000000000000000000002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800c00010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES32=r3, @ANYBLOB='\b\x00\n\x00', @ANYRESOCT], 0xb4}}, 0x0)

10.316634688s ago: executing program 7 (id=1523):
mkdir(&(0x7f00000003c0)='./file0\x00', 0x21)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='sysfs\x00', 0x1214050, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000300)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000200)='./bus\x00', 0x10)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chroot(&(0x7f0000000000)='./bus\x00')
openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)

10.222051231s ago: executing program 8 (id=1524):
socket$nl_generic(0x10, 0x3, 0x10)
socket$kcm(0xa, 0x1, 0x0)
r0 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x7737, 0x80, 0x2, 0x34f}, &(0x7f00000000c0)=<r1=>0x0, &(0x7f0000000080)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r0, 0x47bc, 0x0, 0x0, 0x0, 0x0)

9.34486082s ago: executing program 1 (id=1526):
socket$inet6(0xa, 0x3, 0x20)
r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]})
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, &(0x7f0000000280)=""/239, 0xef)
writev(r1, &(0x7f0000000100)=[{&(0x7f0000000180)="b6", 0x1}], 0x1)
syz_usb_disconnect(r0)
ioctl$FS_IOC_GETFSMAP(0xffffffffffffffff, 0xc0205867, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

9.332158861s ago: executing program 7 (id=1527):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000740)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x1001a, &(0x7f0000000280)={[{@quota}, {@nolazytime}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x1, 0x42e, &(0x7f0000000940)="$eJzs20tvG0UcAPD/rpOUvkgo5dEHECiIiEfSpAV64AICiQsSEhzKMSRpFeI2qAkSrSIICHFFlbgjjkh8Ak5wQcAJiSsfAFWqUC4tnIzW3k1sx3k4deKCfz9pk5ndcWb+3hl7dicbQM8azn4kEYci4o+IGKxlGwsM137dXlma+ntlaSqJSuXtv5JquVsrS1NF0eJ1B/PMSBqRfp7EiRb1Lly9NjdZLs9cyfNji5c+GFu4eu352UuTF2cuzlyeOHfu7Jnxl16ceKEjcWZtunX84/mTx9549/qbU+evv/fLd0kRf1McHTK82cGnKpUOV9ddh+vSSV8XG0JbShGRna7+6vgfjFKsnbzBeP2zrjYO2FWVSqVycOPDyxXgfyyJbrcA6I7iiz67/i22PZp63BVuvlK7AMrivp1vtSN9keZl+puubztpOCLOL//zdbbF7tyHAABo8EM2/3mu1fwvjQfryt2brw0NRcR9EXEkIu6PiKMR8UBEtexDEfFwm/U3L5Ksn/+kN3YU2DZl87+X87WtxvlfMfuLoVKeO1yNvz+5MFueOZ2/JyPRvy/Lj29Sx4+v/f7lRsfq53/ZltVfzAXzdtzo29f4munJxck7ibnezU8jjve1ij9ZXQlIIuJYRBzfYR2zz3x7cqNjW8e/iQ6sM1W+iXi6dv6Xoyn+QrL5+uTYPVGeOT1W9Ir1fv3ti7c2qv+O4u+A7PwfaNn/V+MfSurXaxfa+/v7tji+0/4/kLxTTQ/k+z6aXFy8Mh4xMNfYKar7J9bni/JZ/COnWo//I7H2TpyIiKwTPxIRj0bEY3nbH4+IJyLi1CYx/vzqk+/vPP7dlcU/3db5X0sMRPOe1onS3E/fN1Q61E782fk/W02N5Hu28/m3nXa135sBAADgvymNiEORpKOr6TQdHa39v/zROJCW5xcWn70w/+Hl6dozAkPRnxZ3ugbr7oeO55f1RX6iKX8mv2/8VWl/NT86NV+e7nbw0OMObjD+M3+Wut06YNd5Xgt6l/EPvcv4h95l/EPvajH+93ejHcDea/X9/0kX2gHsvabxb9kPeojrf+hdxj/0LuMfetLC/tj6IXkJiXWJSO+KZkjsUqLbn0wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACd8W8AAAD//9Oa5Js=")
symlink(&(0x7f0000000540)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000640)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f0000000d80)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0)
rename(&(0x7f00000003c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000180)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
lseek(r0, 0x3, 0x1)
getdents64(r0, 0x0, 0x31)

9.237592451s ago: executing program 8 (id=1528):
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000100), 0x8000)
r1 = socket$qrtr(0x2a, 0x2, 0x0)
connect$qrtr(r1, &(0x7f0000000040)={0x2a, 0xffffffffffffffff, 0xfffffffe}, 0xc)
r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x4661, 0x400, 0x3, 0x288}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000280)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r1, 0x0, 0x0})
io_uring_enter(r2, 0x40f9, 0x29a7, 0x0, 0x0, 0x0)
close_range(r0, r1, 0x0)

8.125097652s ago: executing program 8 (id=1531):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000240)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r0, r1, 0x2, 0x2, 0x0, @void, @value}, 0x10)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="180000000000000000000000000000006112000000000000950000000000000051fa7824c74186dc02ec0696c37b64e3b24da3180100000005165c0f63cdc2e82818254950ee03568b8809a1ff4c7c4750eabfafcb9531b31e6a86827d1010c5a909ab98e00e19644a88e95ba26d1c9eecddb2d11c541418ceeb29b9b6829c6e433822bdb3cc85244aab60c1aae1314d7381fcfeb970bea672cf1e926f6a51479343144648a07a975bd89dc398712376610f6254f12495b4658319684387f6f3543205d4bc4ce05b8b961103673dff7f158052e62b20f05fd24108d8363d44fcd0f8f3647899762a17282a1914452d11f557c28f396eebdc858558db0276d14f9035f2b5f703e5be7e4acf8b78c2834ae5805fffee38a9a0033d520bcf6b08ede50899d4b9bdf85c71c5de2503dab358f42a2624c7daa9ed44039aab46419496362e54cfad05a0004ac71a003d7b85d07191bed4e5a890826300214146f7ed569985439baa355c2766dd056f5d79e454f3d873095e7a237bc06d035a8d601f21746d886419f38b34a495040000000071c2f0cce8c93cc17e9afa314fcb2ba15d646c66b0f65021829f87d988b4e2d71753b1549fa734f0b2e56dbd21ed2e09d0cddad721971637f384eed3034597c93e1c52f42cad0ed09c395dc6e9703660fefa1c80f467367c006f25caf0cbcefd13d68839893e39c588eb032905f91cafa4996dbf0c9be9654db05fb918086cc8228d02a3092c0830b8f587a5624515298b2d4eb2bde6f9a2eb83d53f717f13fa7552d92c51dbd32ea50c490ecd085d2811a7555c538cffffff7f00000000dd872244bfa64779e0f43a9c277e2910b7ccdc3d6726d34ad2101033a623ca2a49ad344884289130bc71cee2b7de62bf48129ae1af052a2d46a61625735a9eea7f793946b3229e861d8ea49806b3f7d4295f6b000000000000f337b1ceb2d8a65dcdcd895d7ba37098d2593fdaaef445af5bee02019c00000099b13ecda2a5b37de0519e974cba92ebaf0f701611a9b027ce04340bda4594cc9049c3f101629ab028145e004209ebe71a6fe84af50804000000000000004a27213354964e250a98fe357676f94b6947383e320fbb1118f586d5b9b1b977e1e1a4490ff67703a9b5900f8a6f8a805879dd91ec5ff435b219c53680c0ae04dcc4ef69b98fcb0d6b6a03a8b71a66b4e2876dc4b610444bf10000000000b046b6ae5d68156bcbd6d8793ade9a22ac8fc7857e5bbc14adc4e12b08f350c6789283b9990c72e64372a1f79769a8bdc632fc1a0b3417855d8b7d25ca4d404c23631ad3d2f55dcd385371c86170a4bca58c2b2b4eabc365f45bd10bb45b0c5bc354456a52be18d9b44014d20a3c51c8f013dade83562e73278662829e4f5a9ac00fd91178468c737f0872d97d38d11a176be5a0d7294c51eb161eddcfefa8837c7430721851ec2a107af0df6d43e732bbc01e76c66895eb85d36798d61622773591ee21ad9f6a1b73fa9cf3ffeb8a00b63af800a81d0fb8aa29df8b8ad6fbafefb5802a23cbdeeabceda5bfc5ff2fa5c1d61d04a1324794c6ed000696d9f04010c35474e690545c3d9bd836d4cef2585ba616e01c3d000000000000000000470ebc6f3453ecbf3047e4547d7632d3ad21798e730cb5d1da059b5bdb8107815dff995c0788906790406dfb4f8ee9f24ff94233e2e6e581e6e5de33a5f254c9a8b612547473c3001df3928dac9203b744619082421a8da7c00000000000000000000000000000018a73ef40cca690fb7595c6962984f8276677be6f66cbdbccf1896433808c9c84d74ac4a7c186a04a2250972f7acb156b21f9826b6acb7db32c4e3b3ec8b59fd972975edb1da872d81a35e4fda2f5cbde6b40bea20418c6e9dad30b791eea58f53e80fee4dd7fe08373ea2784fcd3a65261de71eb866458d2c22a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000040)={@cgroup=r2, r3, 0x2, 0x2, 0x0, @void, @value}, 0x10)
socketpair(0x2, 0x3, 0x1, &(0x7f0000000300))

7.95758279s ago: executing program 9 (id=1428):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
write$qrtrtun(r0, &(0x7f0000000600)="001a000000000000", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000004c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)
r3 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x1000009, 0x12, r3, 0x0)

7.832223912s ago: executing program 7 (id=1533):
r0 = syz_io_uring_setup(0x24fe, &(0x7f0000000300)={0x0, 0xf36e, 0x10100}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000001c0)=[{0x0}], 0x1)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='<'], 0x38}}, 0x80)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_FALLOCATE={0x11, 0x10, 0x0, @fd_index=0x8, 0xfff, 0x0, 0x6, 0x0, 0x1})
io_uring_enter(r0, 0x2d3e, 0x2936, 0x0, 0x0, 0x0)

7.599857628s ago: executing program 8 (id=1534):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file0\x00', 0x2a08000, &(0x7f0000000140)={[{@mblk_io_submit}, {@resuid={'resuid', 0x3d, 0xee00}}]}, 0xfc, 0x474, &(0x7f00000003c0)="$eJzs3MtrXFUYAPBv7mTSpM/4qNqHGl9YfDRN+rALN4qCCwVBF9VdTNNSm1ppIthSTBSpSym4F5eCf4Er3Yi6EtzqXgpBsml8gFfunXvzfk0yyUTn94MJ59x7Zu75zrlncu65MxNA2+rN/lQidkfEL1k6ybMz0qJQVm566vrQH1PXhyqRpq/9Xsn33Z66PlSWLZ+3u8gcSSKSjytxaInjjl69dnFwZGT4SpHvG7v0bt/o1WtPX7g0eH74/PA7A6dPnzje/8ypgZNNiXNPVteDH1w+fOClN26+MnTm5ls/fNVR1nVBHM3SG73z2nKux5p9sBbbMydd6WhhRWhINSKy7qrl439fVGO28/bFix+1tHLApkrTNN27/O6JFPgfq0SrawC0RvmP/vZUd3Rt0nXwdjb5XP0CKIt7unjU93REUpSpLbi+baauYt3kzMSfn0fe/jvaqv0BgK33TTb/eao+/ykf9T09cc+ccnvz9eBsa8QdEXFnRNwVEXdHxP6IvOy9EXFfg8fvXZBfPP9Mbq0rsDXK5n/PFve25s//itnfP2lPtcjtie7oiVrl3IWR4WNFmxyJ2o4s37/CMb594edPl9vXW8z9ykd2/HIuWNTjVseO+c85Ozg2uLGoZ01+mK8Bji+Of/bOVZY6EBEH1/H62bz5whNfHl5u/+rxr6AJ95nSLyIer/f/RKwQ/8L7k93FvlMDJ/u6YmT4WF95Viz24083Xl3u+BuKvwmy/t+55Pk/E39PZe792tHGj3Hj10+WvaZp4Px/s9ySnf+dldfzdGex7f3BsbEr/RGdlZcXbx+YfbUyX5af3L0/4pGlx3/2HpedY1n8hyIiO4nvj4gHIuLBou4PRcTDkb/EUsanI+L75x99ez3xJ6s1bBNk/X92Xv/HKv3feKJ68buv1xN/Xdb/J/LUkWLLWt7/1lrBjbQdAAAA/Fck+WfgK8nRmXSSHD0asStf292ZjFweHXvy3OX3/jpb/6x8T9SScqWrvh5cXw/tL9aGy/zAgvzxYt34s2p3nt9Z3PsGWmfX3PGfLzjWx3/mt2qLKwdsPt/XgvZl/EP7Mv6hfRn/0L7WOv7TTa4HsPWWGv/jLagHsPXM/6F9Gf/Qvox/aF/GP7SljXyvX2KVxHjDzdsVK5Xp3CZx5YlI8kQ63sJq/F38DMvaCm9efcpfy1i9cK0Yd9uhB1dOtO49CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoJn+DQAA//85XdxN")
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x43, &(0x7f0000000180)=0x2100005, 0x4)
r0 = socket(0x11, 0x3, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000005c0)={'gre0\x00', <r2=>0x0})
bind$packet(r0, &(0x7f0000000040)={0x11, 0x3, r2, 0x1, 0x0, 0x6, @multicast}, 0x14)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000000)=0xe9, 0x4)
sendmsg$netlink(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f00000003c0)=ANY=[@ANYBLOB="020114008cdc18000e3580009f000114600000060600ac141414e0000003808a8972bd0b72e41082b1a3d206"], 0xdd12}], 0x1}, 0x20044051)

7.311718218s ago: executing program 7 (id=1535):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000400)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6e6f757365725f78617474722c636f686572656e63793d66756c6c2c646174613d77726974656261636b2c6c6f63616c616c6c6f633d30303030303030303030303030303030303030312c61636c2c6e6f61636c2c6c6f63616c616c6c6f633d30303030303030303030303030303030302c00a89f6b8d5800aa954e6c8735dcd52921ce08462fb4ce7c1600883251443ac332f4d17b77d29867e4321610916dbc5963e9fb59a032c92e32ebffc3b739951e866d52bff6bd63136a656222062a8eea0cf97480bc8ac6c0e8a2aa38ffa8fa758cd54b9ef39a7f536d7b85173a83c34d78e210ecf4d040817bbe989e9eb015acb84b99b2ed90f71810cd92eeca69f5275cb7b7027d4babf643bd69b0a68134c022fe5dcd03834f547325ac2d1a5d16f074d898946ff71afa90180b317e645dd58a922e5d907462cd50dc23801c48c0d49ab012961d84d2eb85a3730a3f3177da048c3bc991216b11dca020afefc24ae7583b59534a0ab1fca82bf473216141db8e9864f7861d0500a920e1a8d3352d0662f586e743386e87b6c0c5ed6e4d192ef2990b44cedbb708e7a18b20dcd5573b603c4d659992647ffa8210abf4e9d232b52a8ea1dd1c045afd8e472cd1fbb775e89cca49d136a6"], 0x1, 0x442d, &(0x7f0000004480)="$eJzs3c9PHGUfAPBnBvoW+rZ9oW8PfZM3cRObaNQQ6EmliZTSUmixptrGeNkusG3RhW1gMR56wFsTTyYejIdGE2+cGg5e65/gxWM9N9GDFxOTRszuzgIz7IaVsGDr53NgmOc3fGeefeYw+8SJyp25pdzcUq6wkCvP3Fo6k/u4XFqeL4Z4nzTt/9D+9U97OnGdHPS190929fzFd2+cCeH72R+frK+vr4eq7tDU0Jbff/v13szWY0OcqVNtt3lre+WDEMLJbeOq6gohvP9dCFEI4VySNpoce0MIx0I978a9z27m9mg0Dx8Xz+afTt1fGz49ufpgrfXfHoXwVel/r92e//nFruGfXtmj7gEAAAAAAAAAAAAAAAAAeMaNX7t6/Z3BofAoCt2r0fb3dceTY6v3Y9f3zAsh9HX+7wUAAAAAAAAAAAAAAAAAAIC/o833/3PRiSbv/48lx5EW9dff6vwY6ZyJt6+OXRgcSvZ/j7blv54k/XKuK/Q32fc9u//7uUz95vu/b+9ntxrja/TbF6J4IHUexwMDIXyTbPx+KjoSl8pLlVdvlZcXZvdsGM+sdPzru/enopNs6N9u/Ecz7Xd+////bruaquc39+4Se66l49/Vsty3n0Ztxf98pt5+xJ/dS8e/u5bWu7XASH0CqMb/8+6d4z+Wab9T8T8eQshF1bHmUjNAdQ1TTW+1XiEtHf9DtbTU1Jn8I1vd/79n4n8h0/5Bzf8r2Q8imkrH/1+1tJ5Uic37vz/e+f6/mGn/IOJfHf+Kz/+2pON/uJ7YnSpS+0+2O/+PZ9rvVPyvx8k4j0epK2A1qqe3+r460tLx79mWv/n8F7e1/ruUqb9fz3+NfhvPf43p/+Wo/vxHc+n497Ys1+79P5Gp1+n5f6S2/mO30vE/UktLr53rX8rZbvwnM+13Kv61VUlPI/6b88kfh+vpX1v/tSUd/3/XE+OtJVZqP2vrv2jn9f/lTPsHsf6rjn8l7myvz4t0/I+2LFeN/w9tfP5fydTrfPxDGLTW37V0/I+1LFe7/3t2jv9Upl6n4/9SJxsHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeAaMJse+EMUDqfM4HhgI4XxyfiociaYLs/npUnnmo6UQxpL0XDgR3S6Vpwul/NxCebaYL5RK5ZkQLiT5J0NPtFQqV/LzhbsXN9rqje4UC4uV6WKhEkIYT9L/H4412pqeq8wX7oYQLm3k/ScuL969U1jIz84tvjk4ODgYJjbG0B8VP6kUFyr13uu5IUxu1O2Ltgyuln15YyxHow/Ly4sLhVIt/cqWOqXyTKG0pc5UkvdF6I8qi8sLM4VKMV8q3270d5BGkuPYxLX3rl0Z2pZ/M6ofR/d3WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8RY+G3/gyhNBdP4tDCCONX6Jm5R8+Lp7NP526vzZ8enL1wdqTVuUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgT3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwS8coDQRRGIDfjIXaeQyrZbezXVFEC1cET6DH8DB6FC/hHVKkSJsiBJJZCJtd2Capvq95MD8z78E8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYJ6n9+7jrW4iUlxtLiP+vv4Xh/lLqT/34/cvzjAjp/P82j081k3593SU35WjZZt36Xr1/Rkjtfc72JPhPu31fa4n55rat6n5+r43kXIVEW3Jb1POVTXvLQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAtO3AgAAAAAADk/9oIVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVdiBYwEAAAAAYf7WUfRtAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPwKAAD//+UFHyA=")
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
symlink(0x0, &(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r0 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
lseek(r0, 0x7ff, 0x1)
getdents64(r0, 0x0, 0x10)

7.217213623s ago: executing program 9 (id=1536):
syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)={0x54, r3, 0x1, 0x70bd29, 0x25dfdbfc, {0x3}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x25}}}, {0x14, 0x2, @in={0x2, 0xfffc, @empty}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000280)={0x54, r3, 0x4c1dad3e3d6a7499, 0x70bd2b, 0x25dfdbf7, {}, [@TIPC_NLA_BEARER={0x40, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x2c, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @broadcast}}, {0x14, 0x2, @in={0x2, 0x4e20, @private=0xa010100}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x40005}, 0x20000000)

7.029530829s ago: executing program 8 (id=1538):
r0 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000280)={0x24, &(0x7f0000000180)={0x0, 0x1, 0x2, {0x2, 0x1}}, 0x0, 0x0, 0x0}, 0x0)
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1})
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
ioctl$UFFDIO_COPY(r0, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x2})

6.841972947s ago: executing program 6 (id=1539):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001d00)=@newtfilter={0x64, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_vlan={0x30, 0x9, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x64}}, 0x0)

6.180835039s ago: executing program 9 (id=1540):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="9f01000083667d1040206402d14e0102030109021b000100000000090400000190f19c000905f3ed"], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000480)={0x44, &(0x7f0000000180)={0x0, 0xd, 0x1, '/'}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, &(0x7f0000000600)={0x84, &(0x7f0000000340)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

6.164870514s ago: executing program 3 (id=1541):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$RTC_SET_TIME(r1, 0x4024700a, &(0x7f0000000080)={0x3, 0x1, 0x3, 0x2, 0x5, 0x81, 0x6, 0x152, 0xffffffffffffffff})

6.163401332s ago: executing program 6 (id=1542):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r0, 0xfff)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWRULE={0x50, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x24, 0x4, 0x0, 0x1, [{0x20, 0x1, 0x0, 0x1, @ct={{0x7}, @val={0x14, 0x2, 0x0, 0x1, [@NFTA_CT_KEY={0x8, 0x2, 0x1, 0x0, 0xf}, @NFTA_CT_DREG={0x8, 0x1, 0x1, 0x0, 0x2}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x78}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f00000000c0)={@local, @random="cf3cccaf382f", @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000580)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x2}}}}}}, 0x0)

6.007844129s ago: executing program 1 (id=1543):
r0 = userfaultfd(0x801)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x3, 0x200000005c832, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x80001)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
ioctl$UFFDIO_CONTINUE(r1, 0xc020aa08, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}})
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000199000/0x800000)=nil, 0x800000})

4.991565041s ago: executing program 3 (id=1544):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0)
ioctl$RTC_AIE_ON(0xffffffffffffffff, 0x7001)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x2, 0x16, &(0x7f0000000180)=ANY=[@ANYBLOB="611230000000000061134c0000000000bf2000000000000016001000071b48013d030100000000003f02000000000000bc26100000000000bf67200000000000160200000fff07006702000007000000360600000ee600f0bf050000000000000f650000000000006507f4ff02000000070700004c0040001f75000000000000bf54000000000000070500000300f9ffad430100000000009500000000000000050000000000000095000000000000004d9bd591d568253e9988431ec068e3a83683d58719d72183f2cb7f43dd55788be820b236dcb695dbfd737cbf5fe7030586"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48)

4.741560637s ago: executing program 6 (id=1545):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
lstat(&(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, <r1=>0x0})
bind$inet6(r0, &(0x7f0000d84000)={0xa, 0x2, 0x3, @loopback, 0x7}, 0x1c)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000500)=ANY=[@ANYRES16=r1, @ANYRES32, @ANYBLOB="000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000011000000000000000000000000000000000000000000000001000000440105007f000001000000000000000000000000000000003c00000000000000ac1e0001000000000000000000000000000000000000000000000000000000003fffffe8fc000000000000000000000000000000000000003300010000000000ac1414aa0000000000000000000000000000000000000000000000000000000000000000ac1414bb00000000000000000000000000fe00002b00000000000000ac1414aa0000000000000000000000000000000000000000cd0000000000000000000000fe8000000000000000000000040000bb000000006c0000000000000000000000000000000000ffff000000000066c460"], 0x1fc}}, 0x0)
bind$inet(r2, &(0x7f0000000000)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x2c}}, 0x10)
connect$inet(r2, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10)
connect$rds(r2, &(0x7f0000000140)={0x2, 0x4e21, @remote}, 0x10)

4.099842824s ago: executing program 7 (id=1546):
r0 = syz_usb_connect(0x0, 0x2d, &(0x7f00000003c0)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
write$char_usb(r1, &(0x7f0000001300)='7', 0x1)
ioctl$EVIOCGABS2F(0xffffffffffffffff, 0x8018456f, 0x0)
write$char_usb(r1, &(0x7f0000000040)="1d87f4b506be6837be6e0375bcf1e9c5", 0x10)
syz_usb_control_io(r0, &(0x7f0000000500)={0x2c, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x5, 0x60, 0x9, 0x2, 0x3, 0x9, 0x5}}}, &(0x7f0000000980)={0x84, &(0x7f0000000540)={0x0, 0x5, 0x67, "cb94c96b02601ccac81f7a1df42f52d71943a78fb4bbbe7f9521ecb3b55f959878854ffe4df9ea3d92bcc9484634a8ea5cab12b126f604145010bc6c470becfd3076bc5fe9e7c50bb3f9f5a3783e2585a432c626ae240b2143f206646b785b6d06231be96a8f99"}, 0x0, &(0x7f0000000600)={0x0, 0x8, 0x1, 0x7}, &(0x7f0000000640)={0x20, 0x0, 0x4, {0x2}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000880)={0x40, 0x1a, 0x2, 0xff3c}, 0x0, &(0x7f0000000900)={0x40, 0x1e, 0x1, 0x6}, &(0x7f0000000940)={0x40, 0x21, 0x1}})
syz_usb_disconnect(r0)

4.098979609s ago: executing program 1 (id=1558):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000040), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'geneve0\x00'})

3.340920775s ago: executing program 3 (id=1547):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000200), 0x20702, 0x0)
setsockopt$inet_sctp6_SCTP_SET_PEER_PRIMARY_ADDR(0xffffffffffffffff, 0x84, 0x5, 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000080)={'pim6reg1\x00', 0xe511})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0xe, 0x4, 0x4, 0x20006, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000940)={{r2}, 0x0, 0x0}, 0x20)
close(r1)

3.204805158s ago: executing program 6 (id=1548):
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
prctl$PR_SET_IO_FLUSHER(0x43, 0x1)
prctl$PR_SET_IO_FLUSHER(0x43, 0x0)

2.005347907s ago: executing program 6 (id=1549):
syz_open_dev$usbmon(&(0x7f0000000280), 0x80000000000000, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file0'}, 0xb)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0)
r1 = syz_io_uring_setup(0x1b13, &(0x7f0000000240)={0x0, 0x9c0e, 0x10100, 0xfffffffe, 0x220, 0x0, r0}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2df0, 0x0, 0x0, 0x0, 0x0)
syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301)

2.00449238s ago: executing program 1 (id=1562):
r0 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000002640)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000340)="b2", 0x1}], 0x1, &(0x7f0000000140)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x8800}}], 0x1, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

1.665929291s ago: executing program 1 (id=1550):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
read(r2, &(0x7f0000000440)=""/247, 0x26)
ioctl$SNDRV_SEQ_IOCTL_REMOVE_EVENTS(r2, 0x4040534e, &(0x7f0000000080)={0x31, @time={0x0, 0xfffffffd}, 0x0, {0x0, 0x2}, 0x0, 0x2, 0xc})
ioctl$SNDRV_SEQ_IOCTL_CLIENT_ID(r2, 0x80045301, 0x0)
tkill(r1, 0x7)

1.46623538s ago: executing program 3 (id=1551):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000001a40)=""/102392, 0x18ff8)
add_key(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r1 = socket(0x15, 0x5, 0x0)
getsockopt(r1, 0x200000000114, 0x2721, &(0x7f0000c35fff)=""/1, &(0x7f0000000000)=0xf002)

1.158084953s ago: executing program 6 (id=1552):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = syz_open_dev$loop(&(0x7f0000000140), 0x75f, 0xa382)
r2 = memfd_create(&(0x7f0000000880)='C\x13\xfc2\x95WD\xaa\xba^\x90\xfd\x8d\xc2\xb1[\x81\xda\xda\xd6\x8c\xc99\xec\x0e*||\xe4\xb3\xc4\xb6\v\xaa\x15\x86,\xac\x8d\x89cu\x10\xdc\x93\x9b\xb4\x93\xafE*:\xe4\xdd\xa5\xa75\xb8\x1e;7\xb7.V\xdcrw[\r\x98\x93j\x9c\xf6\xf8\x99\xefF_\xcd\xdf!b\xc5\xec\ntb\xff\b\xaaF?!\x9f\a\x1a\x03\f\xe94\x1deU\x06zS\xc90\xb9voI\xa5/\xb4\xa7@\xa1\\B\xc2@\r_b\x9a\xeb\b\x81\x00V\xd6/N\xc5\xc6f\xb1\x95Z\xe5w^\xd8\xe7J\x80\xf7\xae\xafuv\x84\x9eG\xd1\xe7\x9b\xf0_9\xc2\x9b\xfd\xc3\xf3\xe4\x95P\xf1m\xcf\xc2\xe1\xe6\xa6\x8c\x11\xfb\xb8S\x8b\x92\\\asW-Ee\x02\x00\x00\x00\xd0;Q\xc1~\x89\xec\xc8\x9b\x88\a\xf2\x93\x82(\x8b\x00\xd8\xb4T\x80\x95\x93\x9c5\xcf\t\x04\x00\x00\x00\x00\x00\x00v\xef\xee+\xab\x9c\x00^R\xb2n?i=\xbe\x16\x8a\xbf\xe3\xcdB\xed\xe14\xe8\xd0\xb7\xff\xfeQ\x1c\x85n8\x1b\xc1\b\x00\x00\x00\x00\x00\x00\x00\x17\x94\xdfW<GE\xf1\xe9\xf1q\x8c\xf0\xae\x98\x8c\xe0\xc1g}\xaeW\xaa\xa1\x90\x8c\n$\xa6\xbb\x10\xaf\xc7~\x11\x03<v\xe9\xc7K\xf6]\x11)u\xd3\x15\x01}\xe25$\xb0\x86v\x80\r\x9c\xb8\xe6\xd3(\xa0G2s\xa9&\xb3QU~u\x13\x05kKp\xa6&\x8eu\x1d\xb2\xa9!\xc9\xfa\xd0dG5\xcbf<}r\xab\x9c\xd9f6iN\xaa>\x92z\xbe\xb2R)\xf1K\xd7\xaf\x99\xf6d\xe8\xec\xb7\xbd+T3\xa6\xa9\xfaY-1qs\x82\xefn*\x96\xc9\x1e\xf4\xd1\x02Dt\xc0\x19\xf7\x89\x96.D [F\xeeYW\x95\x13\xc7;\x94\x13^\x13\xaf\xf0C\x9c\xabf\x1daCS2\x02\xb0\xef\xc7\x8c\x9e\xed\a\n<V\xaa\xbfZ1\xa82\x85\x99\x0e$U\xb4X\xc7\xfa\f\b\x8f\xc4\xbeIt\xe4\xc51\xba\xb9H\xe8\x96\x94\xd7\xdc\x81\x111\t\xafl\x97\xd8T\xd40\x90ON\xaaFY\xb4\xb3\xf4\xf8JT\xc5:\xc5\aGc\xb5\x12\x90\x7f\x00\x91\xce@\xe5\xd3A\xcc\xd5|\x9f\x8e5\x042\x9a\xc1\xa1\a\xb7\xf5\xbc,\xd1\xd3k8\xc5', 0x1)
pwritev(r2, &(0x7f00000000c0)=[{&(0x7f0000000180)='P', 0x1}], 0x1, 0x800000, 0x0)
ioctl$LOOP_CHANGE_FD(r1, 0x4c00, r2)
sendfile(r1, r1, 0x0, 0x24002de8)
ioctl$LOOP_SET_STATUS(r1, 0x4c02, &(0x7f00000001c0)={0x0, {}, 0x0, {}, 0x2, 0x4, 0xfffffff8, 0x18, "28f5c9007d1ae4be4111ab18d2da69bde58cd7af831de4be3a65a8f0aae06263983f88975435db6f6678000000002038ef270000000000000000964400", "0710000000000000000000000000010000e9cfc11700000000000000ff1c00", [0x1, 0x7]})
ioctl$LOOP_CHANGE_FD(r1, 0x4c06, r0)

1.073360361s ago: executing program 9 (id=1553):
r0 = socket(0x28, 0x5, 0x0)
bind$vsock_stream(r0, &(0x7f0000000040), 0x10)
listen(r0, 0x0)
r1 = socket(0x28, 0x5, 0x0)
connect$vsock_stream(r1, &(0x7f0000000080), 0x10)
sendmmsg(r1, &(0x7f0000000100)=[{{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000000)="1b", 0x40000}], 0x1}}], 0x1, 0x24008094)
r2 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r2, &(0x7f0000000140)=""/263, 0x40000, 0x0, 0x0, 0x0)

1.021979575s ago: executing program 3 (id=1554):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
getsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r1, 0x84, 0x13, &(0x7f0000000280)={0x0, 0xe31c}, &(0x7f00000003c0)=0x8)

882.681762ms ago: executing program 1 (id=1555):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11ffffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newqdisc={0x48, 0x24, 0x5820a61ca228651, 0x0, 0x2, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x7fffffff, 0x1}}]}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000001d00)=@newtfilter={0x64, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xc}, {0xfff2}, {0xfff1, 0x3d}}, [@filter_kind_options=@f_bpf={{0x8}, {0x38, 0x2, [@TCA_BPF_ACT={0x34, 0x1, [@m_vlan={0x30, 0x9, 0x0, 0x0, {{0x9}, {0x4}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0x64}}, 0x0)

0s ago: executing program 3 (id=1556):
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_init_net_socket$ax25(0x3, 0x5, 0xc4)
fremovexattr(0xffffffffffffffff, 0x0)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
syz_emit_vhci(&(0x7f0000000380)=ANY=[@ANYBLOB="040e1a00031000"], 0xf)
socket$nl_netfilter(0x10, 0x3, 0xc)

kernel console output (not intermixed with test programs):

967295 subj=unconfined pid=9598 comm="syz.7.937" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f633058d290 code=0x7ffc0000
[  318.209453][ T5976] usb 7-1: selecting invalid altsetting 0
[  318.228479][ T5976] usbtest 7-1:220.1: probe with driver usbtest failed with error -22
[  318.270546][ T5976] usb 7-1: USB disconnect, device number 7
[  318.395493][ T5982] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.774773][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  319.277095][ T5149] Bluetooth: hci4: unexpected cc 0x042d length: 63 > 7
[  319.285880][ T5149] Bluetooth: hci4: unexpected event for opcode 0x042d
[  319.374146][ T9619] loop1: detected capacity change from 0 to 512
[  319.398256][ T9619] EXT4-fs: Ignoring removed mblk_io_submit option
[  319.461714][ T9619] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  319.610331][ T5149] Bluetooth: hci0: command tx timeout
[  319.816128][ T9629] input: syz0 as /devices/virtual/input/input9
[  319.880733][ T8743] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  319.954352][ T8743] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  320.038314][ T8743] bond0 (unregistering): Released all slaves
[  320.208245][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  320.252979][ T5149] block nbd0: Receive control failed (result -107)
[  320.471015][ T9638] nbd0: detected capacity change from 0 to 8589934592
[  320.574276][ T9639] nbd0: detected capacity change from 8589934592 to 10
[  320.590540][ T6105] block nbd0: Dead connection, failed to find a fallback
[  320.620343][ T6105] block nbd0: shutting down sockets
[  320.641234][ T6105] blk_print_req_error: 138 callbacks suppressed
[  320.641257][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  320.708612][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  320.740505][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  320.775935][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  320.808332][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  320.858597][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  320.906276][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  320.930849][ T9650] netlink: 24 bytes leftover after parsing attributes in process `syz.1.951'.
[  320.970486][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.030659][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  321.093512][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.139474][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  321.202160][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.235183][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  321.274633][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.324087][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  321.331317][ T9654] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  321.350628][ T9654] overlayfs: failed to set xattr on upper
[  321.356374][ T9654] overlayfs: ...falling back to redirect_dir=nofollow.
[  321.372556][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.383551][ T9656] Invalid ELF header magic: != ELF
[  321.407711][ T6105] ldm_validate_partition_table(): Disk read failed.
[  321.434979][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  321.450035][ T9654] overlayfs: ...falling back to index=off.
[  321.476783][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.484588][ T9654] overlayfs: ...falling back to uuid=null.
[  321.500445][ T6105] I/O error, dev nbd0, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  321.509641][ T9654] overlayfs: maximum fs stacking depth exceeded
[  321.516640][ T6105] Buffer I/O error on dev nbd0, logical block 0, async page read
[  321.527231][ T6105] Dev nbd0: unable to read RDB block 0
[  321.534334][ T6105]  nbd0: unable to read partition table
[  321.540540][ T6105] nbd0: partition table beyond EOD, truncated
[  321.550912][ T6105] ldm_validate_partition_table(): Disk read failed.
[  321.558121][ T6105] Dev nbd0: unable to read RDB block 0
[  321.564461][ T6105]  nbd0: unable to read partition table
[  321.622409][ T6105] nbd0: partition table beyond EOD, truncated
[  321.639399][ T9635] loop6: detected capacity change from 0 to 32768
[  321.702903][ T5149] Bluetooth: hci0: command tx timeout
[  321.776182][ T9635] ocfs2: Mounting device (7,6) on (node local, slot 0) with writeback data mode.
[  321.893238][ T8743] hsr_slave_0: left promiscuous mode
[  321.962369][ T8743] hsr_slave_1: left promiscuous mode
[  321.981527][ T8743] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  321.988946][ T8743] batman_adv: batadv0: Removing interface: batadv_slave_0
[  322.048003][ T8743] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  322.065227][ T8743] batman_adv: batadv0: Removing interface: batadv_slave_1
[  322.131149][ T8743] veth1_macvtap: left promiscuous mode
[  322.135171][ T9646] loop3: detected capacity change from 0 to 32768
[  322.151086][ T8743] veth0_macvtap: left promiscuous mode
[  322.176954][ T8743] veth1_vlan: left promiscuous mode
[  322.204785][ T9668] serio: Serial port ptm0
[  322.210494][ T9646] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.953 (9646)
[  322.213594][ T8743] veth0_vlan: left promiscuous mode
[  322.250327][ T5923] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  322.258383][ T6583] ocfs2: Unmounting device (7,6) on (node local)
[  322.332306][ T9646] BTRFS info (device loop3): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  322.390648][ T9646] BTRFS info (device loop3): using sha256 (sha256-x86_64) checksum algorithm
[  322.430382][ T5923] usb 8-1: Using ep0 maxpacket: 16
[  322.464053][ T5923] usb 8-1: too many configurations: 123, using maximum allowed: 8
[  322.482743][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.522717][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.591311][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.619122][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.641227][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.663304][ T9646] BTRFS info (device loop3): rebuilding free space tree
[  322.670975][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.693934][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.748135][ T5923] usb 8-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  322.779556][ T9646] BTRFS info (device loop3): disabling free space tree
[  322.791717][ T5923] usb 8-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  322.819214][ T9646] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  322.832492][ T5923] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  322.859758][ T5923] usb 8-1: SerialNumber: syz
[  322.864476][ T9646] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  322.909788][ T5923] usb 8-1: config 0 descriptor??
[  322.933733][ T5923] input: bcm5974 as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/input/input10
[  323.203271][ T9669] input: syz1 as /devices/virtual/input/input11
[  323.259548][ T5184] bcm5974 8-1:0.0: could not read from device
[  323.297650][ T5149] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  323.307205][ T5149] Bluetooth: hci4: Injecting HCI hardware error event
[  323.315893][ T5853] Bluetooth: hci4: hardware error 0x00
[  323.375807][ T5923] usb 8-1: USB disconnect, device number 5
[  323.635623][ T5836] BTRFS info (device loop3): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  323.774469][ T5149] Bluetooth: hci0: command tx timeout
[  323.846546][ T9702] netlink: 24 bytes leftover after parsing attributes in process `syz.6.964'.
[  324.201581][   T30] kauditd_printk_skb: 16 callbacks suppressed
[  324.201607][   T30] audit: type=1326 audit(1749779214.481:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9709 comm="syz.7.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633058e929 code=0x7fc00000
[  324.270266][   T30] audit: type=1326 audit(1749779214.501:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9709 comm="syz.7.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f633058e929 code=0x7fc00000
[  324.348535][   T30] audit: type=1326 audit(1749779214.521:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9709 comm="syz.7.966" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f633058e929 code=0x7fc00000
[  324.486296][ T8743] team0 (unregistering): Port device team_slave_1 removed
[  324.619969][ T8743] team0 (unregistering): Port device team_slave_0 removed
[  325.186602][ T9726] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  325.195241][ T9726] overlayfs: failed to set xattr on upper
[  325.201050][ T9726] overlayfs: ...falling back to redirect_dir=nofollow.
[  325.207926][ T9726] overlayfs: ...falling back to index=off.
[  325.220169][ T9726] overlayfs: ...falling back to uuid=null.
[  325.227335][ T9726] overlayfs: ...falling back to xino=off.
[  325.242886][ T9726] overlayfs: conflicting lowerdir path
[  325.334737][ T9664] gretap0: entered promiscuous mode
[  325.344860][ T9664] vlan2: entered promiscuous mode
[  325.450320][ T5853] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  325.850351][ T5853] Bluetooth: hci0: command tx timeout
[  326.156237][ T9748] loop3: detected capacity change from 0 to 512
[  326.242025][ T9748] EXT4-fs: Ignoring removed mblk_io_submit option
[  326.248565][ T9748] EXT4-fs: Ignoring removed mblk_io_submit option
[  326.298780][ T9600] chnl_net:caif_netlink_parms(): no params data found
[  326.320926][ T9748] EXT4-fs: Ignoring removed mblk_io_submit option
[  326.330992][ T5923] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  326.352134][ T9748] EXT4-fs (loop3): Test dummy encryption mode enabled
[  326.358928][ T9748] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  326.472799][ T9748] EXT4-fs (loop3): 1 truncate cleaned up
[  326.483344][ T9752] loop1: detected capacity change from 0 to 4096
[  326.497104][ T9748] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  326.528602][ T5923] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[  326.595449][ T5923] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  326.616319][ T9759] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  326.637545][ T9748] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  326.638698][ T5923] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  326.702066][ T5923] usb 1-1: config 220 has no interface number 2
[  326.709695][ T5923] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  326.728987][ T5923] usb 1-1: config 220 interface 0 has no altsetting 0
[  326.748829][ T9752] mkiss: ax0: crc mode is auto.
[  326.810710][ T5923] usb 1-1: config 220 interface 76 has no altsetting 0
[  326.828550][ T5923] usb 1-1: config 220 interface 1 has no altsetting 0
[  326.839357][ T5923] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  326.851905][ T5923] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.862010][ T5923] usb 1-1: Product: syz
[  326.870170][ T5923] usb 1-1: Manufacturer: syz
[  326.880317][ T5923] usb 1-1: SerialNumber: syz
[  326.900082][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  326.906632][ T1298] ieee802154 phy1 wpan1: encryption failed: -22
[  327.092808][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.157102][ T5923] uvcvideo 1-1:220.1: Unknown video format 00000000-0000-0000-0000-000000000000
[  327.202805][ T5923] usb 1-1: Found UVC 7.01 device syz (8086:0b07)
[  327.219432][ T5923] usb 1-1: No valid video chain found.
[  327.239728][ T5923] usb 1-1: selecting invalid altsetting 0
[  327.325025][ T9600] bridge0: port 1(bridge_slave_0) entered blocking state
[  327.332019][ T5923] usb 1-1: selecting invalid altsetting 0
[  327.356269][ T9600] bridge0: port 1(bridge_slave_0) entered disabled state
[  327.379581][ T9600] bridge_slave_0: entered allmulticast mode
[  327.390832][ T5923] usbtest 1-1:220.1: probe with driver usbtest failed with error -22
[  327.405760][ T9769] netlink: 28 bytes leftover after parsing attributes in process `syz.3.981'.
[  327.434030][ T5923] usb 1-1: USB disconnect, device number 6
[  327.446655][ T9600] bridge_slave_0: entered promiscuous mode
[  327.458185][ T9769] netlink: 'syz.3.981': attribute type 7 has an invalid length.
[  327.486225][ T9600] bridge0: port 2(bridge_slave_1) entered blocking state
[  327.520364][ T9600] bridge0: port 2(bridge_slave_1) entered disabled state
[  327.561211][ T9769] netlink: 'syz.3.981': attribute type 8 has an invalid length.
[  327.574956][ T9600] bridge_slave_1: entered allmulticast mode
[  327.592116][ T9769] netlink: 4 bytes leftover after parsing attributes in process `syz.3.981'.
[  327.609452][ T9600] bridge_slave_1: entered promiscuous mode
[  327.888367][ T9600] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.913522][ T9738] loop6: detected capacity change from 0 to 32768
[  327.966429][ T9738] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  328.002059][ T9600] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  328.095532][ T9789] loop0: detected capacity change from 0 to 256
[  328.112230][ T9738] XFS (loop6): Ending clean mount
[  328.206647][ T9789] FAT-fs (loop0): Directory bread(block 64) failed
[  328.250563][ T5149] Bluetooth: hci6: command 0x1003 tx timeout
[  328.258196][ T5853] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  328.259478][ T9789] FAT-fs (loop0): Directory bread(block 65) failed
[  328.307788][ T9789] FAT-fs (loop0): Directory bread(block 66) failed
[  328.314857][ T9789] FAT-fs (loop0): Directory bread(block 67) failed
[  328.349257][ T9789] FAT-fs (loop0): Directory bread(block 68) failed
[  328.391580][ T9789] FAT-fs (loop0): Directory bread(block 69) failed
[  328.417809][ T9600] team0: Port device team_slave_0 added
[  328.434610][ T9789] FAT-fs (loop0): Directory bread(block 70) failed
[  328.458226][ T9600] team0: Port device team_slave_1 added
[  328.480721][ T9789] FAT-fs (loop0): Directory bread(block 71) failed
[  328.489239][ T9789] FAT-fs (loop0): Directory bread(block 72) failed
[  328.526340][ T9789] FAT-fs (loop0): Directory bread(block 73) failed
[  328.551655][ T6583] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  328.750427][ T9796] loop1: detected capacity change from 0 to 512
[  328.795467][ T9796] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  328.799467][ T9600] batman_adv: batadv0: Adding interface: batadv_slave_0
[  328.836197][ T9600] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  328.881444][ T9796] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  328.939066][ T9600] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  328.996043][ T9796] EXT4-fs error (device loop1): ext4_readdir:262: inode #2: block 3: comm syz.1.987: path /170/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  329.065633][ T9600] batman_adv: batadv0: Adding interface: batadv_slave_1
[  329.087445][ T9600] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  329.178917][ T9600] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  329.240472][ T9804] block nbd7: Device being setup by another task
[  329.248973][ T9804] block nbd7: shutting down sockets
[  329.266586][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  329.612684][ T9600] hsr_slave_0: entered promiscuous mode
[  329.646103][ T9600] hsr_slave_1: entered promiscuous mode
[  329.671324][ T9600] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  329.709300][ T9600] Cannot create hsr debugfs directory
[  330.926848][ T9851] loop0: detected capacity change from 0 to 512
[  330.977496][ T9600] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  331.004774][ T9600] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  331.013126][ T9851] EXT4-fs: Ignoring removed bh option
[  331.044919][ T9851] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  331.103316][ T9600] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  331.155645][ T9851] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  331.212504][ T9851] EXT4-fs error (device loop0): ext4_iget_extra_inode:5034: inode #15: comm syz.0.1000: corrupted in-inode xattr: e_value size too large
[  331.280302][ T9600] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  331.365097][ T9851] EXT4-fs error (device loop0): ext4_orphan_get:1396: comm syz.0.1000: couldn't read orphan inode 15 (err -117)
[  331.493227][ T9851] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  331.534973][ T9862] input: syz1 as /devices/virtual/input/input12
[  331.611965][ T5853] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci5/hci5:201'
[  331.622330][ T5853] CPU: 1 UID: 0 PID: 5853 Comm: kworker/u9:7 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  331.622382][ T5853] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  331.622408][ T5853] Workqueue: hci5 hci_rx_work
[  331.622449][ T5853] Call Trace:
[  331.622461][ T5853]  <TASK>
[  331.622476][ T5853]  dump_stack_lvl+0x16c/0x1f0
[  331.622542][ T5853]  sysfs_warn_dup+0x7f/0xa0
[  331.622590][ T5853]  sysfs_create_dir_ns+0x24b/0x2b0
[  331.622638][ T5853]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  331.622682][ T5853]  ? find_held_lock+0x2b/0x80
[  331.622738][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.622785][ T5853]  ? do_raw_spin_unlock+0x172/0x230
[  331.622831][ T5853]  kobject_add_internal+0x2c4/0x9b0
[  331.622884][ T5853]  kobject_add+0x16e/0x240
[  331.622926][ T5853]  ? __pfx_kobject_add+0x10/0x10
[  331.622977][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.623024][ T5853]  ? do_raw_spin_unlock+0x172/0x230
[  331.623065][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.623111][ T5853]  ? kobject_put+0xab/0x5a0
[  331.623154][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.623211][ T5853]  device_add+0x288/0x1a70
[  331.623253][ T5853]  ? __pfx_dev_set_name+0x10/0x10
[  331.623301][ T5853]  ? __pfx_device_add+0x10/0x10
[  331.623342][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.623388][ T5853]  ? mgmt_send_event_skb+0x2fb/0x460
[  331.623468][ T5853]  hci_conn_add_sysfs+0x17e/0x230
[  331.623513][ T5853]  le_conn_complete_evt+0x1075/0x1d70
[  331.623593][ T5853]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  331.623658][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.623722][ T5853]  hci_le_enh_conn_complete_evt+0x23d/0x380
[  331.623791][ T5853]  ? skb_pull_data+0x166/0x210
[  331.623856][ T5853]  hci_le_meta_evt+0x357/0x5e0
[  331.623897][ T5853]  ? __pfx_hci_le_enh_conn_complete_evt+0x10/0x10
[  331.623977][ T5853]  hci_event_packet+0x685/0x11c0
[  331.624043][ T5853]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  331.624087][ T5853]  ? __pfx_hci_event_packet+0x10/0x10
[  331.624153][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.624201][ T5853]  ? kcov_remote_start+0x3c9/0x6d0
[  331.624243][ T5853]  ? lockdep_hardirqs_on+0x7c/0x110
[  331.624304][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.624361][ T5853]  hci_rx_work+0x2c5/0x16b0
[  331.624403][ T5853]  ? rcu_is_watching+0x12/0xc0
[  331.624457][ T5853]  process_one_work+0x9cf/0x1b70
[  331.624515][ T5853]  ? __pfx_process_one_work+0x10/0x10
[  331.624554][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.624612][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.624656][ T5853]  ? assign_work+0x1a0/0x250
[  331.624724][ T5853]  worker_thread+0x6c8/0xf10
[  331.624785][ T5853]  ? __pfx_worker_thread+0x10/0x10
[  331.624824][ T5853]  kthread+0x3c5/0x780
[  331.624887][ T5853]  ? __pfx_kthread+0x10/0x10
[  331.624959][ T5853]  ? srso_alias_return_thunk+0x5/0xfbef5
[  331.625005][ T5853]  ? rcu_is_watching+0x12/0xc0
[  331.625052][ T5853]  ? __pfx_kthread+0x10/0x10
[  331.625116][ T5853]  ret_from_fork+0x5d7/0x6f0
[  331.625170][ T5853]  ? __pfx_kthread+0x10/0x10
[  331.625233][ T5853]  ret_from_fork_asm+0x1a/0x30
[  331.625297][ T5853]  </TASK>
[  331.625330][ T5853] kobject: kobject_add_internal failed for hci5:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  331.955610][ T5853] Bluetooth: hci5: failed to register connection device
[  332.520002][ T5982] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  332.562341][ T9600] 8021q: adding VLAN 0 to HW filter on device bond0
[  332.747163][ T9600] 8021q: adding VLAN 0 to HW filter on device team0
[  332.865133][ T8754] bridge0: port 1(bridge_slave_0) entered blocking state
[  332.872373][ T8754] bridge0: port 1(bridge_slave_0) entered forwarding state
[  332.969554][ T1100] bridge0: port 2(bridge_slave_1) entered blocking state
[  332.976810][ T1100] bridge0: port 2(bridge_slave_1) entered forwarding state
[  333.164784][ T9898] loop6: detected capacity change from 0 to 256
[  333.263683][ T9898] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  333.320393][ T9898] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  333.370460][ T5976] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  333.430358][ T9898] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  333.513662][ T9906] loop7: detected capacity change from 0 to 164
[  333.540343][ T5976] usb 4-1: Using ep0 maxpacket: 32
[  333.555076][ T5976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  333.598845][ T9906] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  333.608279][ T5976] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  333.668457][ T9906] rock: corrupted directory entry. extent=28, offset=0, size=16777216
[  333.673246][ T5976] usb 4-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[  333.738654][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  333.761540][ T9906] iso9660: Corrupted directory entry in block 4 of inode 1792
[  333.795296][ T5976] usb 4-1: config 0 descriptor??
[  333.863199][ T5976] hub 4-1:0.0: USB hub found
[  334.071398][ T5976] hub 4-1:0.0: 1 port detected
[  334.480754][ T9600] 8021q: adding VLAN 0 to HW filter on device batadv0
[  334.684143][   T43] hub 4-1:0.0: activate --> -90
[  334.973497][ T9900] loop1: detected capacity change from 0 to 32768
[  335.020418][ T9900] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.1014 (9900)
[  335.093942][ T5975] usb 4-1: USB disconnect, device number 12
[  335.154121][ T9900] BTRFS info (device loop1): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  335.181757][ T9937] input: syz0 as /devices/virtual/input/input13
[  335.222735][ T9900] BTRFS info (device loop1): using sha256 (sha256-x86_64) checksum algorithm
[  335.527226][ T9900] BTRFS info (device loop1): rebuilding free space tree
[  335.626969][ T9900] BTRFS info (device loop1): disabling free space tree
[  335.669023][ T9900] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  335.725094][ T9900] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  335.989053][ T9600] veth0_vlan: entered promiscuous mode
[  336.075712][ T9600] veth1_vlan: entered promiscuous mode
[  336.127075][ T9923] loop7: detected capacity change from 0 to 32768
[  336.163270][ T9923] XFS: attr2 mount option is deprecated.
[  336.217984][ T9600] veth0_macvtap: entered promiscuous mode
[  336.230016][ T9923] XFS (loop7): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  336.274056][ T5975] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  336.286437][ T9600] veth1_macvtap: entered promiscuous mode
[  336.455026][ T5975] usb 4-1: New USB device found, idVendor=046d, idProduct=0870, bcdDevice=61.47
[  336.486821][ T9923] XFS (loop7): Ending clean mount
[  336.487968][ T9981] loop6: detected capacity change from 0 to 2048
[  336.508641][ T9600] batman_adv: batadv0: Interface activated: batadv_slave_0
[  336.522455][ T5975] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  336.532148][ T9981] udf: Bad value for 'umask'
[  336.557835][ T9923] XFS (loop7): Quotacheck needed: Please wait.
[  336.591083][ T5839] BTRFS info (device loop1): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  336.639903][ T5975] usb 4-1: config 0 descriptor??
[  336.649552][ T9600] batman_adv: batadv0: Interface activated: batadv_slave_1
[  336.686436][ T5975] gspca_main: STV06xx-2.14.0 probing 046d:0870
[  336.761297][ T9600] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  336.770049][ T9600] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  336.800284][ T9600] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  336.816412][ T9923] XFS (loop7): Quotacheck: Done.
[  336.907248][ T9600] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  337.279228][ T6722] XFS (loop7): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  337.409756][ T9995] loop6: detected capacity change from 0 to 512
[  337.425185][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  337.506096][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.667352][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  337.734297][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  337.865475][T10002] sctp: [Deprecated]: syz.0.1031 (pid 10002) Use of struct sctp_assoc_value in delayed_ack socket option.
[  337.865475][T10002] Use struct sctp_sack_info instead
[  337.934681][ T5975] usb 4-1: USB disconnect, device number 13
[  337.952981][ T9995] EXT4-fs (loop6): 1 orphan inode deleted
[  337.980482][ T8743] Quota error (device loop6): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  338.025215][ T9995] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  338.070463][ T8743] EXT4-fs error (device loop6): ext4_release_dquot:6967: comm kworker/u8:11: Failed to release dquot type 1
[  338.115488][ T9995] ext4 filesystem being mounted at /119/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  338.954775][ T6583] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.224174][ T5923] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  340.780403][ T5923] usb 7-1: config 0 has an invalid interface number: 201 but max is 0
[  340.798948][ T5923] usb 7-1: config 0 has no interface number 0
[  340.829314][ T5923] usb 7-1: config 0 interface 201 has no altsetting 0
[  340.849716][ T5923] usb 7-1: New USB device found, idVendor=12d1, idProduct=b9ee, bcdDevice=11.78
[  340.890441][ T5923] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  340.910872][ T5923] usb 7-1: config 0 descriptor??
[  340.962316][ T5923] option 7-1:0.201: GSM modem (1-port) converter detected
[  341.219926][ T5814] usb 7-1: USB disconnect, device number 8
[  341.229485][ T5814] option 7-1:0.201: device disconnected
[  341.324597][T10023] loop3: detected capacity change from 0 to 32768
[  341.351148][T10023] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1035 (10023)
[  341.424794][T10023] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  341.474218][T10023] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  341.528788][T10023] BTRFS info (device loop3): using free-space-tree
[  342.702429][T10099] syz.7.1050: attempt to access beyond end of device
[  342.702429][T10099] nbd7: rw=2048, sector=2, nr_sectors = 1 limit=0
[  342.715590][T10099] hfsplus: unable to find HFS+ superblock
[  342.783684][ T5836] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  342.859527][T10110] netlink: 'syz.1.1054': attribute type 1 has an invalid length.
[  343.104783][T10110] 8021q: adding VLAN 0 to HW filter on device bond2
[  343.816723][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  343.870295][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  343.909024][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  343.969500][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.019078][ T8743] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  344.027896][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.253192][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.365406][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.498244][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.571789][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.608426][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.660236][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.675875][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.710446][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.750359][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.757771][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.840389][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.903567][ T5975] hid-generic 0002:0004:0009.0012: unknown main item tag 0x0
[  344.970732][ T5975] hid-generic 0002:0004:0009.0012: hidraw0: <UNKNOWN> HID v0.04 Device [syz0] on syz0
[  345.435790][T10144] fido_id[10144]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  345.600515][T10158] binder: 10157:10158 ioctl c0306201 200000000640 returned -22
[  345.670347][ T5915] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  345.936329][ T5915] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  346.005577][ T5915] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  346.025400][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  346.078371][ T5915] usb 2-1: Product: syz
[  346.087877][ T5915] usb 2-1: Manufacturer: syz
[  346.100783][ T5915] usb 2-1: SerialNumber: syz
[  346.336473][ T5915] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 11 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  346.390680][ T5976] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  346.572741][ T5976] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  346.599271][    C1] usblp0: nonzero write bulk status received: -71
[  346.608917][ T5975] usb 2-1: USB disconnect, device number 11
[  346.627660][ T5976] usb 4-1: config 0 has no interfaces?
[  346.638856][ T5975] usblp0: removed
[  346.646812][ T5976] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  346.676727][ T5976] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  346.711626][ T5976] usb 4-1: config 0 descriptor??
[  346.975258][T10170] netlink: 'syz.3.1074': attribute type 29 has an invalid length.
[  347.020354][T10170] netlink: 'syz.3.1074': attribute type 29 has an invalid length.
[  347.076969][T10170] netlink: 500 bytes leftover after parsing attributes in process `syz.3.1074'.
[  347.406188][ T5976] usb 4-1: USB disconnect, device number 14
[  347.910123][T10147] loop0: detected capacity change from 0 to 40427
[  348.049291][T10147] F2FS-fs (loop0): invalid crc value
[  348.390442][ T5976] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  348.578541][ T5976] usb 2-1: Using ep0 maxpacket: 16
[  348.587149][T10147] F2FS-fs (loop0): Start checkpoint disabled!
[  348.601681][ T5976] usb 2-1: too many configurations: 123, using maximum allowed: 8
[  348.635060][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.652050][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.690548][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.714830][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.741801][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.781029][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.804350][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.832180][ T5976] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  348.851737][ T5976] usb 2-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  348.865176][ T5976] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=45
[  348.884162][ T5976] usb 2-1: SerialNumber: syz
[  348.905611][ T5976] usb 2-1: config 0 descriptor??
[  348.927391][ T5976] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input14
[  349.169471][T10192] input: syz1 as /devices/virtual/input/input15
[  349.274306][ T5184] bcm5974 2-1:0.0: could not read from device
[  349.316312][T10213] loop8: detected capacity change from 0 to 512
[  349.335435][T10213] EXT4-fs: Ignoring removed orlov option
[  349.350349][ T5976] usb 2-1: USB disconnect, device number 12
[  349.474357][T10213] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.535055][T10213] ext4 filesystem being mounted at /10/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  349.595392][T10214] loop3: detected capacity change from 0 to 4096
[  349.738756][ T9600] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.760742][   T43] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  350.970408][   T43] usb 9-1: Using ep0 maxpacket: 16
[  350.983239][   T43] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 192, changing to 11
[  351.010252][   T43] usb 9-1: config 1 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 8
[  351.057679][   T43] usb 9-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 18
[  351.119892][   T43] usb 9-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  351.157789][   T43] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  351.201932][   T43] usb 9-1: SerialNumber: syz
[  351.242929][T10229] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  351.324224][ T5975] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  351.499126][   T43] cdc_ether 9-1:1.0: probe with driver cdc_ether failed with error -22
[  351.513671][ T5975] usb 2-1: Using ep0 maxpacket: 32
[  351.539005][T10253] netlink: 20 bytes leftover after parsing attributes in process `syz.7.1092'.
[  351.551445][ T5975] usb 2-1: config index 0 descriptor too short (expected 156, got 27)
[  351.570097][ T5975] usb 2-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  351.582031][   T43] usb 9-1: USB disconnect, device number 2
[  351.639390][ T5975] usb 2-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  351.710277][ T5975] usb 2-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  351.744100][ T5975] usb 2-1: config 0 interface 0 has no altsetting 0
[  351.759029][ T5975] usb 2-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  351.801458][ T5975] usb 2-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  351.831211][ T5975] usb 2-1: Product: syz
[  351.835407][ T5975] usb 2-1: Manufacturer: syz
[  351.840819][ T5975] usb 2-1: SerialNumber: syz
[  351.864004][ T5975] usb 2-1: config 0 descriptor??
[  351.896907][ T5975] ldusb 2-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  351.954631][ T5975] ldusb 2-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  352.011517][   T24] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  352.200471][   T24] usb 4-1: Using ep0 maxpacket: 16
[  352.228313][   T24] usb 4-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  352.270306][   T24] usb 4-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  352.290372][   T24] usb 4-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  352.320243][   T24] usb 4-1: config 1 interface 0 has no altsetting 0
[  352.340502][   T24] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  352.351443][T10270] loop6: detected capacity change from 0 to 2048
[  352.368368][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  352.392884][   T24] usb 4-1: Product: syz
[  352.407591][   T24] usb 4-1: Manufacturer: syz
[  352.412398][T10270] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  352.431446][   T24] usb 4-1: SerialNumber: syz
[  352.448981][T10270] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  352.457968][ T5975] usb 2-1: USB disconnect, device number 13
[  352.463962][    C1] ldusb 2-1:0.0: usb_submit_urb failed (-19)
[  352.474251][T10271] ldusb 2-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  352.579070][ T5975] ldusb 2-1:0.0: LD USB Device #0 now disconnected
[  352.746774][   T24] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 15 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  352.995763][   T24] usb 4-1: USB disconnect, device number 15
[  353.002138][T10259] usblp0:failed reading printer status (-71)
[  353.243918][T10258] usblp0: removed
[  353.889890][T10310] block nbd8: shutting down sockets
[  354.112493][T10317] capability: warning: `syz.3.1111' uses 32-bit capabilities (legacy support in use)
[  354.808193][T10336] loop6: detected capacity change from 0 to 16
[  355.003438][T10336] erofs (device loop6): bogus i_mode (0) @ nid 58320
[  355.045679][T10334] loop3: detected capacity change from 0 to 256
[  355.080501][T10343] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  355.490902][ T5976] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  355.576154][T10356] loop6: detected capacity change from 0 to 1024
[  355.674897][ T5976] usb 8-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  355.713923][ T5976] usb 8-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  355.719828][T10356] syz.6.1126: attempt to access beyond end of device
[  355.719828][T10356] loop6: rw=2049, sector=5778, nr_sectors = 2 limit=1024
[  355.748089][T10356] buffer_io_error: 25 callbacks suppressed
[  355.748111][T10356] Buffer I/O error on dev loop6, logical block 2889, lost async page write
[  355.756681][ T5976] usb 8-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  355.797589][ T5976] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  355.828731][T10348] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  355.854128][ T5976] usb 8-1: Quirk or no altset; falling back to MIDI 1.0
[  356.073766][ T5976] usb 8-1: USB disconnect, device number 6
[  356.241764][T10375] serio: Serial port ptm0
[  356.443390][T10369] loop1: detected capacity change from 0 to 8192
[  356.637768][T10369] FAT-fs (loop1): error, clusters badly computed (2 != 1)
[  356.660293][ T5915] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  356.663982][T10369] FAT-fs (loop1): Filesystem has been set read-only
[  356.857224][ T5915] usb 7-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  356.915552][ T5915] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  356.936136][ T5915] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  356.970660][ T5915] usb 7-1: Product: syz
[  356.974856][ T5915] usb 7-1: Manufacturer: syz
[  356.979469][ T5915] usb 7-1: SerialNumber: syz
[  357.254944][ T5915] usblp 7-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  357.478928][ T5915] usb 7-1: USB disconnect, device number 9
[  357.505435][ T5915] usblp0: removed
[  357.794809][T10411] loop8: detected capacity change from 0 to 2048
[  357.884674][T10411] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.070707][ T5853] Bluetooth: hci3: unexpected event for opcode 0x2041
[  358.360409][T10419] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1217: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  358.445424][ T9600] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.809031][T10459] netlink: 'syz.0.1162': attribute type 1 has an invalid length.
[  360.041469][T10459] 8021q: adding VLAN 0 to HW filter on device bond1
[  361.019421][T10481] loop7: detected capacity change from 0 to 256
[  361.045096][T10483] loop6: detected capacity change from 0 to 512
[  361.069226][T10483] EXT4-fs: Ignoring removed nomblk_io_submit option
[  361.099800][T10445] loop8: detected capacity change from 0 to 32768
[  361.167036][T10481] exFAT-fs (loop7): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  361.338552][T10445] XFS (loop8): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  361.347802][T10483] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  361.363068][T10481] exFAT-fs (loop7): error, exfat_alloc_cluster: invalid used clusters(t:15,u:4294967287)
[  361.363068][T10481] 
[  361.400114][T10481] exFAT-fs (loop7): Filesystem has been set read-only
[  361.417113][T10483] ext4 filesystem being mounted at /141/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  361.466708][   T30] audit: type=1800 audit(1749779251.741:74): pid=10483 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1171" name="file1" dev="loop6" ino=15 res=0 errno=0
[  361.536654][T10445] XFS (loop8): Ending clean mount
[  361.872498][ T6583] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  362.012049][ T9600] XFS (loop8): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  362.635460][T10505] loop3: detected capacity change from 0 to 32768
[  362.644410][T10505] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1175 (10505)
[  362.690656][T10505] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  362.700904][T10505] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  362.709736][T10505] BTRFS info (device loop3): disk space caching is enabled
[  362.717295][T10505] BTRFS warning (device loop3): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  362.808282][T10516] loop6: detected capacity change from 0 to 8
[  362.880800][T10510] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  362.985210][T10516] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.040905][T10505] BTRFS info (device loop3): rebuilding free space tree
[  363.060149][T10505] BTRFS info (device loop3): disabling free space tree
[  363.068242][T10505] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  363.078022][T10505] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  363.474691][ T5836] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  363.542322][T10539] netlink: 'syz.8.1180': attribute type 1 has an invalid length.
[  364.450956][ T5915] usb 9-1: new high-speed USB device number 3 using dummy_hcd
[  364.500402][ T5814] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  364.620938][ T5915] usb 9-1: Using ep0 maxpacket: 16
[  364.636302][ T5915] usb 9-1: config 0 has an invalid interface number: 1 but max is 0
[  364.655773][ T5915] usb 9-1: config 0 has no interface number 0
[  364.680885][ T5915] usb 9-1: New USB device found, idVendor=04fc, idProduct=1528, bcdDevice=6d.5d
[  364.720265][ T5814] usb 7-1: Using ep0 maxpacket: 16
[  364.820047][ T5915] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  364.829964][ T5814] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 78, changing to 10
[  364.864362][T10499] loop7: detected capacity change from 0 to 32768
[  364.874478][ T5814] usb 7-1: New USB device found, idVendor=1241, idProduct=5015, bcdDevice= 0.00
[  364.884038][ T5915] usb 9-1: Product: syz
[  364.904004][ T5915] usb 9-1: Manufacturer: syz
[  364.927418][ T5814] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.937874][ T5915] usb 9-1: SerialNumber: syz
[  364.947020][T10499] workqueue: Failed to create a rescuer kthread for wq "xfs-blockgc/loop7": -EINTR
[  364.997931][ T5814] usb 7-1: config 0 descriptor??
[  365.030683][ T5915] usb 9-1: config 0 descriptor??
[  365.073240][ T5915] gspca_main: spca1528-2.14.0 probing 04fc:1528
[  365.336279][ T5814] usbhid 7-1:0.0: can't add hid device: -71
[  365.357055][ T5814] usbhid 7-1:0.0: probe with driver usbhid failed with error -71
[  365.422233][ T5814] usb 7-1: USB disconnect, device number 10
[  366.544297][ T5915] gspca_spca1528: reg_w err -71
[  366.561436][ T5915] spca1528 9-1:0.1: probe with driver spca1528 failed with error -71
[  366.629373][ T5915] usb 9-1: USB disconnect, device number 3
[  366.985063][T10592] loop6: detected capacity change from 0 to 512
[  367.083702][T10592] EXT4-fs: Ignoring removed mblk_io_submit option
[  367.140642][T10592] EXT4-fs (loop6): blocks per group (255) and clusters per group (8192) inconsistent
[  368.206919][T10611] netlink: 'syz.6.1199': attribute type 4 has an invalid length.
[  368.344326][T10613] netlink: 'syz.6.1199': attribute type 4 has an invalid length.
[  369.073685][T10639] netlink: 'syz.3.1208': attribute type 5 has an invalid length.
[  369.161315][T10641] input: syz0 as /devices/virtual/input/input16
[  369.794771][T10658] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input17
[  370.848993][T10690] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1221'.
[  371.278560][T10698] input: syz1 as /devices/virtual/input/input18
[  372.212902][ T5814] usb 4-1: new high-speed USB device number 16 using dummy_hcd
[  372.409083][ T5814] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.456949][ T5814] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  372.470988][ T5814] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  372.512091][ T5814] usb 4-1: Product: syz
[  372.516651][ T5814] usb 4-1: Manufacturer: syz
[  372.521660][ T5814] usb 4-1: SerialNumber: syz
[  373.037969][T10740] binder: 10737:10740 ioctl c0306201 2000000003c0 returned -14
[  373.205626][ T5923] usb 9-1: new high-speed USB device number 4 using dummy_hcd
[  373.452054][ T5923] usb 9-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  373.480257][ T5923] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  373.530477][ T5923] usb 9-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[  373.570687][ T5923] usb 9-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  373.607294][ T5814] cdc_ncm 4-1:1.0: MAC-Address: 42:42:42:42:42:42
[  373.627121][ T5923] usb 9-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  373.649465][ T5814] cdc_ncm 4-1:1.0: dwNtbInMaxSize=16 is too small. Using 2048
[  373.662744][ T5923] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  373.680363][ T5814] cdc_ncm 4-1:1.0: setting rx_max = 2048
[  373.741679][ T5923] usb 9-1: config 0 descriptor??
[  374.023304][ T5814] cdc_ncm 4-1:1.0: setting tx_max = 88
[  374.087739][T10766] netlink: 'syz.0.1241': attribute type 1 has an invalid length.
[  374.132123][ T5814] cdc_ncm 4-1:1.0 usb0: register 'cdc_ncm' at usb-dummy_hcd.3-1, CDC NCM (NO ZLP), 42:42:42:42:42:42
[  374.180076][ T5923] plantronics 0003:047F:FFFF.0013: No inputs registered, leaving
[  374.273972][ T5814] usb 4-1: USB disconnect, device number 16
[  374.308723][ T5814] cdc_ncm 4-1:1.0 usb0: unregister 'cdc_ncm' usb-dummy_hcd.3-1, CDC NCM (NO ZLP)
[  374.322814][ T5923] plantronics 0003:047F:FFFF.0013: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.8-1/input0
[  374.444054][    T9] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  374.640769][    T9] usb 1-1: Using ep0 maxpacket: 8
[  374.661089][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  374.697579][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  374.756703][    T9] usb 1-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00
[  374.787426][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  374.871721][    T9] usb 1-1: config 0 descriptor??
[  375.190928][T10783] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1243'.
[  375.223215][ T5814] usb 9-1: USB disconnect, device number 4
[  375.282512][T10783] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1243'.
[  375.336891][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.384183][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.410665][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.443371][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.484730][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.515904][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.555789][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.599093][ T8745] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  375.631025][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.679290][    T9] hid-rmi 0003:06CB:81A7.0014: unknown main item tag 0x0
[  375.722194][    T9] hid-rmi 0003:06CB:81A7.0014: unbalanced collection at end of report description
[  375.746469][    T9] hid-rmi 0003:06CB:81A7.0014: parse failed
[  375.764487][    T9] hid-rmi 0003:06CB:81A7.0014: probe with driver hid-rmi failed with error -22
[  375.796841][    T9] usb 1-1: USB disconnect, device number 7
[  376.363324][T10802] loop6: detected capacity change from 0 to 512
[  376.380409][ T5975] usb 2-1: new high-speed USB device number 14 using dummy_hcd
[  376.617236][T10802] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  376.620298][ T5975] usb 2-1: Using ep0 maxpacket: 32
[  376.630065][T10802] ext4 filesystem being mounted at /158/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  376.764044][ T5975] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  376.780300][ T5975] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  376.832434][ T5975] usb 2-1: config 0 descriptor??
[  376.889124][ T5975] gspca_main: nw80x-2.14.0 probing 055f:d001
[  377.014634][ T6583] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  377.532965][T10792] loop3: detected capacity change from 0 to 32768
[  377.655980][T10792] XFS (loop3): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  377.715237][T10832] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1256'.
[  377.965482][T10792] XFS (loop3): Ending clean mount
[  378.228681][T10842] loop8: detected capacity change from 0 to 512
[  378.236794][T10842] EXT4-fs: Ignoring removed nomblk_io_submit option
[  378.256571][ T5975] usb 2-1: USB disconnect, device number 14
[  378.453670][T10842] EXT4-fs error (device loop8): ext4_orphan_get:1393: comm syz.8.1258: inode #13: comm syz.8.1258: iget: illegal inode #
[  378.488113][T10842] EXT4-fs error (device loop8): ext4_orphan_get:1396: comm syz.8.1258: couldn't read orphan inode 13 (err -117)
[  378.488338][T10850] [U] 
[  378.573099][T10842] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  378.681130][T10842] EXT4-fs error (device loop8): ext4_resize_begin:60: comm syz.8.1258: resize_inode disabled but reserved GDT blocks non-zero
[  378.706553][ T5836] XFS (loop3): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  378.933447][ T9600] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.666747][ T5930] IPVS: starting estimator thread 0...
[  379.682285][T10873] tipc: Enabled bearer <udp:s>, priority 10
[  379.790442][T10875] IPVS: using max 21 ests per chain, 50400 per kthread
[  380.159610][T10855] loop6: detected capacity change from 0 to 32768
[  380.216737][T10855] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.1260 (10855)
[  380.293286][T10855] BTRFS info (device loop6): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  380.335719][T10855] BTRFS info (device loop6): using crc32c (crc32c-x86_64) checksum algorithm
[  380.396411][T10855] BTRFS info (device loop6): using free-space-tree
[  380.587482][T10913] loop8: detected capacity change from 0 to 128
[  380.714315][T10913] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  381.177837][ T8745] FAT-fs (loop8): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  381.233088][ T6583] BTRFS info (device loop6): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  382.225550][T10954] loop0: detected capacity change from 0 to 128
[  382.253963][T10954] EXT4-fs: Ignoring removed nobh option
[  382.280019][T10954] EXT4-fs: Ignoring removed mblk_io_submit option
[  382.425788][T10954] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  382.465694][T10954] ext4 filesystem being mounted at /242/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  382.542682][ T5930] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  382.631764][ T5982] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  382.734590][ T5930] usb 8-1: config 0 has no interfaces?
[  382.743568][ T5930] usb 8-1: New USB device found, idVendor=0421, idProduct=0007, bcdDevice=b8.51
[  382.783333][ T5930] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  382.810957][ T5930] usb 8-1: Product: syz
[  382.821552][ T5930] usb 8-1: Manufacturer: syz
[  382.846455][ T5930] usb 8-1: SerialNumber: syz
[  382.894552][ T5930] usb 8-1: config 0 descriptor??
[  383.198033][ T5930] usb 8-1: USB disconnect, device number 7
[  383.379954][T10979] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1288'.
[  383.698979][T10985] loop1: detected capacity change from 0 to 512
[  383.724971][T10985] EXT4-fs: Ignoring removed orlov option
[  383.799520][T10985] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.920396][T10985] ext4 filesystem being mounted at /215/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  384.120444][   T24] usb 4-1: new high-speed USB device number 17 using dummy_hcd
[  384.320928][   T24] usb 4-1: Using ep0 maxpacket: 16
[  384.391125][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  384.452305][   T24] usb 4-1: config 0 has no interfaces?
[  384.463734][   T24] usb 4-1: New USB device found, idVendor=0fe6, idProduct=9700, bcdDevice=d1.9a
[  384.483195][ T5839] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.520246][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  384.547486][   T24] usb 4-1: Product: syz
[  384.552029][   T24] usb 4-1: Manufacturer: syz
[  384.556656][   T24] usb 4-1: SerialNumber: syz
[  384.600766][   T24] usb 4-1: config 0 descriptor??
[  384.655623][T11009] batman_adv: batadv0: Removing interface: team0
[  384.734095][T11009] bridge_slave_0: left allmulticast mode
[  384.765523][T11009] bridge_slave_0: left promiscuous mode
[  384.804021][T11009] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.834881][T11018] tipc: Failed to remove unknown binding: 66,1,1/0:2068291277/2068291279
[  384.859505][T10987] loop3: detected capacity change from 0 to 64
[  384.884113][T11009] bridge_slave_1: left allmulticast mode
[  384.890032][T11018] tipc: Failed to remove unknown binding: 66,1,1/0:2068291277/2068291279
[  384.931722][T11009] bridge_slave_1: left promiscuous mode
[  384.978437][T11009] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.081639][T11009] bond0: (slave bond_slave_0): Releasing backup interface
[  385.191278][T11009] bond0: (slave bond_slave_1): Releasing backup interface
[  385.320050][T11009] team0: Port device team_slave_0 removed
[  385.426701][T11009] team0: Port device team_slave_1 removed
[  385.524631][T11009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.581228][T11009] batman_adv: batadv0: Removing interface: batadv_slave_0
[  385.621141][T11029] loop1: detected capacity change from 0 to 40427
[  385.633888][T11029] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  385.641696][T11029] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  385.682711][T11009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.733440][T11009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  385.790919][T11029] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  385.800494][T11029] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  385.905535][   T24] usb 4-1: USB disconnect, device number 17
[  385.927307][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.939890][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.947718][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.955327][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.962959][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.970565][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.978141][T11029] F2FS-fs (loop1): invalid namelen(0), ino:0, run fsck to fix.
[  385.992722][T11021] syz_tun: entered allmulticast mode
[  386.034927][T11026] syz_tun: left allmulticast mode
[  386.074120][T11029] syz.1.1300: attempt to access beyond end of device
[  386.074120][T11029] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  386.609255][T11048] loop8: detected capacity change from 0 to 128
[  386.715386][T11025] loop0: detected capacity change from 0 to 32768
[  386.757793][T11048] syz.8.1305: attempt to access beyond end of device
[  386.757793][T11048] loop8: rw=2049, sector=145, nr_sectors = 16 limit=128
[  386.799724][T11048] syz.8.1305: attempt to access beyond end of device
[  386.799724][T11048] loop8: rw=2049, sector=169, nr_sectors = 16 limit=128
[  386.830121][T11048] syz.8.1305: attempt to access beyond end of device
[  386.830121][T11048] loop8: rw=2049, sector=193, nr_sectors = 8 limit=128
[  386.855327][T11048] syz.8.1305: attempt to access beyond end of device
[  386.855327][T11048] loop8: rw=2049, sector=209, nr_sectors = 8 limit=128
[  386.869592][T11048] syz.8.1305: attempt to access beyond end of device
[  386.869592][T11048] loop8: rw=2049, sector=225, nr_sectors = 8 limit=128
[  386.886509][T11025] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  386.910017][T11048] syz.8.1305: attempt to access beyond end of device
[  386.910017][T11048] loop8: rw=2049, sector=241, nr_sectors = 8 limit=128
[  386.976075][T11056] Bluetooth: MGMT ver 1.23
[  386.982955][T11056] Bluetooth: hci0: service_discovery: too big uuid_count value 65062
[  387.511933][T11068] input: syz0 as /devices/virtual/input/input20
[  387.700948][ T5982] ocfs2: Unmounting device (7,0) on (node local)
[  388.128881][T11081] input: syz1 as /devices/virtual/input/input21
[  388.318608][T11083] loop8: detected capacity change from 0 to 16
[  388.341172][ T1298] ieee802154 phy0 wpan0: encryption failed: -22
[  388.401216][T11083] erofs (device loop8): rootino(nid 36) is not a directory(i_mode 66300)
[  388.793562][T11088] loop3: detected capacity change from 0 to 32768
[  388.812502][T11088] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1317 (11088)
[  388.828003][T11088] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  388.838249][T11088] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  388.847073][T11088] BTRFS info (device loop3): using free-space-tree
[  389.093384][T11088] BTRFS info (device loop3): rebuilding free space tree
[  389.262678][   T30] audit: type=1804 audit(1749779279.521:75): pid=11091 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.1316" name="/newroot/219/bus/bus" dev="overlay" ino=1240 res=1 errno=0
[  389.528870][ T5836] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  389.578819][T11123] loop6: detected capacity change from 0 to 64
[  390.161476][T11130] netlink: 'syz.0.1324': attribute type 3 has an invalid length.
[  390.976690][T11135] loop1: detected capacity change from 0 to 128
[  390.992024][   T30] audit: type=1326 audit(1749779281.241:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fbc7158e929 code=0x7ffc0000
[  391.127947][   T30] audit: type=1326 audit(1749779281.251:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fbc7158e929 code=0x7ffc0000
[  391.170260][   T30] audit: type=1326 audit(1749779281.251:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fbc7158e963 code=0x7ffc0000
[  391.207528][   T30] audit: type=1326 audit(1749779281.251:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fbc7158d3df code=0x7ffc0000
[  391.334495][   T30] audit: type=1326 audit(1749779281.251:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fbc7158e9b7 code=0x7ffc0000
[  391.441816][   T30] audit: type=1326 audit(1749779281.251:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fbc7158d290 code=0x7ffc0000
[  391.478065][T11147] netlink: 'syz.7.1330': attribute type 1 has an invalid length.
[  391.534307][T11147] netlink: 'syz.7.1330': attribute type 4 has an invalid length.
[  391.550542][T11147] netlink: 9462 bytes leftover after parsing attributes in process `syz.7.1330'.
[  391.580322][   T30] audit: type=1326 audit(1749779281.251:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fbc7158e52b code=0x7ffc0000
[  391.635367][T11147] netlink: 'syz.7.1330': attribute type 1 has an invalid length.
[  391.682226][T11147] netlink: 'syz.7.1330': attribute type 4 has an invalid length.
[  391.689981][T11147] netlink: 9462 bytes leftover after parsing attributes in process `syz.7.1330'.
[  391.690258][   T30] audit: type=1326 audit(1749779281.341:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbc7158d58a code=0x7ffc0000
[  391.725096][T11151] loop8: detected capacity change from 0 to 128
[  391.771764][T11151] EXT4-fs: Ignoring removed oldalloc option
[  391.850886][   T30] audit: type=1326 audit(1749779281.341:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11134 comm="syz.1.1326" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fbc7158d58a code=0x7ffc0000
[  391.950081][T11151] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  392.019751][T11151] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  392.299469][T11164] netlink: 2036 bytes leftover after parsing attributes in process `syz.3.1336'.
[  392.349298][T11164] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1336'.
[  392.539363][ T9600] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  392.670032][T11170] loop1: detected capacity change from 0 to 1024
[  392.767345][T11170] hfsplus: xattr search failed
[  392.869340][T11175] loop0: detected capacity change from 0 to 128
[  392.891668][T11175] EXT4-fs: Ignoring removed nobh option
[  392.973829][T11175] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  393.059331][ T5839] hfsplus: node 4:3 still has 1 user(s)!
[  393.113772][T11175] ext4 filesystem being mounted at /252/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  393.349953][T11180] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci0/hci0:200/input22
[  393.540157][ T7581] udevd[7581]: setting owner of /dev/input/event4 to uid=0, gid=104 failed: No such file or directory
[  393.545120][ T5982] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  393.941375][T11190] af_packet: tpacket_rcv: packet too big, clamped from 65512 to 2928. macoff=96
[  394.339672][T11203] loop9: detected capacity change from 0 to 8
[  394.377989][T11203]  loop9: [CUMANA/ADFS] p1 [ADFS] p1
[  394.404127][T11203] loop9: partition table partially beyond EOD, truncated
[  394.440837][T11203] loop9: p1 size 81768186 extends beyond EOD, truncated
[  394.527615][ T7581] Dev loop9: unable to read RDB block 8
[  394.548827][ T7581]  loop9: unable to read partition table
[  394.572482][ T7581] loop9: partition table beyond EOD, truncated
[  394.580297][ T5915] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  394.608242][T11211] Dev loop9: unable to read RDB block 8
[  394.615921][T11211]  loop9: unable to read partition table
[  394.649773][T11211] loop9: partition table beyond EOD, truncated
[  394.676182][T11211] loop_reread_partitions: partition scan of loop9 (þ被xüÿÿÿÿÿÿÿ ) failed (rc=-5)
[  394.734724][ T5915] usb 7-1: Using ep0 maxpacket: 16
[  394.744887][ T5915] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  394.769417][ T5915] usb 7-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  394.793773][ T5915] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  394.823517][ T5915] usb 7-1: Product: syz
[  394.835565][ T5915] usb 7-1: Manufacturer: syz
[  394.848405][ T5915] usb 7-1: SerialNumber: syz
[  394.889167][ T5915] usb 7-1: config 0 descriptor??
[  394.934501][ T5915] em28xx 7-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  394.964251][ T5915] em28xx 7-1:0.0: DVB interface 0 found: bulk
[  395.151728][T11194] loop3: detected capacity change from 0 to 32768
[  395.180729][T11194] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 (7:3) scanned by syz.3.1347 (11194)
[  395.194097][   T24] usb 9-1: new high-speed USB device number 5 using dummy_hcd
[  395.246706][T11194] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  395.276227][T11194] BTRFS info (device loop3): using crc32c (crc32c-x86_64) checksum algorithm
[  395.303050][T11194] BTRFS info (device loop3): using free-space-tree
[  395.391155][   T24] usb 9-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  395.480471][   T24] usb 9-1: New USB device found, idVendor=046d, idProduct=08c1, bcdDevice=ee.8d
[  395.540285][   T24] usb 9-1: New USB device strings: Mfr=32, Product=0, SerialNumber=9
[  395.554747][ T5915] em28xx 7-1:0.0: unknown em28xx chip ID (0)
[  395.609932][   T24] usb 9-1: Manufacturer: syz
[  395.642287][   T24] usb 9-1: SerialNumber: syz
[  395.696102][   T24] usb 9-1: config 0 descriptor??
[  395.806039][ T5923] hid-generic 0000:0000:0000.0015: unknown main item tag 0x0
[  395.876175][ T5923] hid-generic 0000:0000:0000.0015: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  395.910494][    T9] usb 2-1: new high-speed USB device number 15 using dummy_hcd
[  395.947931][   T24] usb 9-1: USB disconnect, device number 5
[  396.075645][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  396.107431][    T9] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  396.147998][    T9] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  396.185023][    T9] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  396.205121][ T5915] em28xx 7-1:0.0: failed to get i2c transfer status from bridge register (error=-5)
[  396.234878][    T9] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  396.255324][ T5915] em28xx 7-1:0.0: board has no eeprom
[  396.281775][    T9] usb 2-1: config 0 descriptor??
[  396.361499][ T5915] em28xx 7-1:0.0: Identified as PCTV tripleStick (292e) (card=94)
[  396.374325][ T5836] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  396.388058][ T5915] em28xx 7-1:0.0: dvb set to bulk mode.
[  396.400372][ T5814] em28xx 7-1:0.0: Binding DVB extension
[  396.458123][ T5915] usb 7-1: USB disconnect, device number 11
[  396.486603][ T5915] em28xx 7-1:0.0: Disconnecting em28xx
[  396.594640][ T5814] em28xx 7-1:0.0: Registering input extension
[  396.602926][ T5915] em28xx 7-1:0.0: Closing input extension
[  396.701624][ T5915] em28xx 7-1:0.0: Freeing device
[  396.769987][    T9] plantronics 0003:047F:FFFF.0016: No inputs registered, leaving
[  396.847579][    T9] plantronics 0003:047F:FFFF.0016: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  397.783135][T11274] block device autoloading is deprecated and will be removed.
[  397.945911][T11255] loop0: detected capacity change from 0 to 32768
[  399.010598][ T5915] usb 2-1: USB disconnect, device number 15
[  399.190264][ T5976] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  399.233506][ T5975] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  399.401389][ T5976] usb 1-1: Using ep0 maxpacket: 16
[  399.420337][ T5975] usb 9-1: Using ep0 maxpacket: 8
[  399.426279][ T5976] usb 1-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  399.439181][ T5976] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  399.458261][ T5975] usb 9-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  399.472349][ T5975] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  399.508533][ T5976] usb 1-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  399.531449][ T5975] usb 9-1: config 0 descriptor??
[  399.544233][ T5976] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  399.575943][ T5976] usb 1-1: Product: syz
[  399.594479][ T5976] usb 1-1: Manufacturer: syz
[  399.609335][ T5976] usb 1-1: SerialNumber: syz
[  399.648353][ T5976] usb 1-1: config 0 descriptor??
[  399.667909][ T5976] em28xx 1-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  399.678719][ T5976] em28xx 1-1:0.0: Audio interface 0 found (Vendor Class)
[  400.080354][ T5915] usb 2-1: new high-speed USB device number 16 using dummy_hcd
[  400.250652][ T5915] usb 2-1: Using ep0 maxpacket: 32
[  400.258637][ T5915] usb 2-1: unable to get BOS descriptor or descriptor too short
[  400.275763][ T5976] em28xx 1-1:0.0: unknown em28xx chip ID (0)
[  400.275792][ T5915] usb 2-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  400.300665][ T5976] em28xx 1-1:0.0: Config register raw data: 0x2f
[  400.318304][ T5915] usb 2-1: config 1 has an invalid interface descriptor of length 2, skipping
[  400.326419][ T5976] em28xx 1-1:0.0: I2S Audio (1 sample rate(s))
[  400.327762][ T5915] usb 2-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  400.362667][ T5915] usb 2-1: config 1 has no interface number 1
[  400.374662][ T5976] em28xx 1-1:0.0: No AC97 audio processor
[  400.376207][ T5915] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  400.398710][ T5915] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  400.528921][ T5915] usb 2-1: Product: syz
[  400.557663][ T5915] usb 2-1: Manufacturer: syz
[  400.575243][ T5915] usb 2-1: SerialNumber: syz
[  400.715281][T11330] loop6: detected capacity change from 0 to 64
[  400.848237][ T5915] usb 2-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  400.960309][ T5915] usb 2-1: found format II with max.bitrate = 6, frame size=2
[  400.968006][ T5915] usb 2-1: 2:1 : unknown format tag 0x3 is detected.  processed as MPEG.
[  401.035903][ T5915] usb 2-1: found format II with max.bitrate = 6, frame size=2
[  401.114756][ T5976] usb 1-1: USB disconnect, device number 8
[  401.179018][ T5915] usb 2-1: USB disconnect, device number 16
[  401.211940][ T5975] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  401.242739][ T5975] asix 9-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  401.280062][ T5975] asix 9-1:0.0: probe with driver asix failed with error -71
[  401.395358][ T7589] udevd[7589]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  401.453850][ T5975] usb 9-1: USB disconnect, device number 6
[  401.776958][T11343] netlink: 'syz.1.1398': attribute type 4 has an invalid length.
[  402.501296][T11336] loop3: detected capacity change from 0 to 32768
[  402.576307][T11336] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  402.633001][T11369] netlink: 4 bytes leftover after parsing attributes in process `syz.8.1408'.
[  403.500306][ T5814] usb 2-1: new high-speed USB device number 17 using dummy_hcd
[  403.653214][ T5836] ocfs2: Unmounting device (7,3) on (node local)
[  403.710640][ T5814] usb 2-1: Using ep0 maxpacket: 32
[  403.790463][ T5814] usb 2-1: config index 0 descriptor too short (expected 35577, got 27)
[  403.860299][ T5814] usb 2-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  403.935951][ T5814] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 92
[  404.000301][ T5814] usb 2-1: config 1 has no interface number 0
[  404.044815][T11375] loop7: detected capacity change from 0 to 131072
[  404.048836][ T5814] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  404.100306][T11375] F2FS-fs (loop7): build fault injection rate: 7
[  404.106708][T11375] F2FS-fs (loop7): build fault injection type: 0x40004
[  404.108109][ T5814] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 58431, setting to 1024
[  404.113646][T11375] F2FS-fs (loop7): QUOTA feature is enabled, so ignore qf_name
[  404.141578][T11375] F2FS-fs (loop7): invalid crc value
[  404.176836][T11375] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of read_compacted_summaries+0x17d/0xd00
[  404.200689][T11375] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_build_segment_manager+0x3b39/0xa540
[  404.213910][T11375] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_build_segment_manager+0x4b2a/0xa540
[  404.234139][T11375] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of __f2fs_build_free_nids+0x207/0xfe0
[  404.244348][ T5814] usb 2-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  404.266198][T11393] loop8: detected capacity change from 0 to 128
[  404.299042][T11375] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_get_meta_folio_retry+0x28/0xb0
[  404.344578][T11375] F2FS-fs (loop7): inject page alloc in f2fs_grab_cache_folio of f2fs_get_meta_folio_retry+0x28/0xb0
[  404.356408][ T5814] usb 2-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  404.370560][T11375] F2FS-fs (loop7): Bad quota inode 2:255
[  404.376228][T11375] F2FS-fs (loop7): Failed to enable quota tracking (type=2, err=-2). Please run fsck to fix.
[  404.386448][T11375] F2FS-fs (loop7): Cannot turn on quotas: error -2
[  404.393029][T11375] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_recover_fsync_data+0x473/0x9780
[  404.393219][T11393] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  404.418798][T11375] F2FS-fs (loop7): Mounted with checkpoint version = 1b41e954
[  404.451510][T11393] ext4 filesystem being mounted at /68/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  404.461576][ T5814] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  404.501178][T11385] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  404.535062][T11375] F2FS-fs (loop7): sanity_check_inode: inode (ino=7) has corrupted i_inline_xattr_size: 0, min: 6, max: 903
[  404.541996][ T5814] snd_usb_pod 2-1:1.1: Line 6 Pocket POD found
[  404.565621][T11375] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_get_node_info+0x49a/0xec0
[  404.600625][T11375] F2FS-fs (loop7): Found FS corruption, run fsck to fix.
[  404.738371][T11385] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  404.745930][ T6722] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x4d6/0x2980
[  404.773753][ T5814] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now attached
[  404.803952][ T6722] F2FS-fs (loop7): invalid blkaddr: 4097, type: 6, run fsck to fix.
[  404.847517][ T6722] F2FS-fs (loop7): inject invalid blkaddr in f2fs_is_valid_blkaddr of f2fs_submit_page_write+0x4d6/0x2980
[  404.920320][ T6722] F2FS-fs (loop7): invalid blkaddr: 512, type: 10, run fsck to fix.
[  404.965323][ T6722] F2FS-fs (loop7): invalid blkaddr: 515, type: 10, run fsck to fix.
[  405.022493][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  405.022515][   T30] audit: type=1804 audit(1749779295.291:96): pid=11401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.1413" name="/newroot/264/file0" dev="tmpfs" ino=1454 res=1 errno=0
[  405.065049][ T3481] F2FS-fs (loop7): invalid blkaddr: 4099, type: 6, run fsck to fix.
[  405.086122][ T5975] usb 2-1: USB disconnect, device number 17
[  405.102564][ T5975] snd_usb_pod 2-1:1.1: Line 6 Pocket POD now disconnected
[  405.125461][ T6722] F2FS-fs (loop7): invalid blkaddr: 1026, type: 10, run fsck to fix.
[  405.174979][ T9600] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  405.222957][ T6722] F2FS-fs (loop7): invalid blkaddr: 512, type: 10, run fsck to fix.
[  405.250664][ T6722] F2FS-fs (loop7): invalid blkaddr: 515, type: 10, run fsck to fix.
[  405.431982][T11407] loop8: detected capacity change from 0 to 1024
[  405.586773][T11410] hfsplus: bad catalog entry type
[  405.801861][T11413] netlink: 2028 bytes leftover after parsing attributes in process `syz.6.1423'.
[  405.836893][   T59] hfsplus: b-tree write err: -5, ino 4
[  405.850232][T11413] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1423'.
[  406.210318][ T5915] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  406.243827][   T59] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.350640][ T5915] usb 2-1: device descriptor read/64, error -71
[  406.447618][   T59] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.602467][ T5915] usb 2-1: new full-speed USB device number 19 using dummy_hcd
[  406.693245][   T59] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  406.791101][ T5915] usb 2-1: device descriptor read/64, error -71
[  406.792853][   T13] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[  406.837903][T11424] netlink: 186232 bytes leftover after parsing attributes in process `syz.6.1430'.
[  406.910670][ T5915] usb usb2-port1: attempt power cycle
[  406.914874][   T59] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.280417][ T5915] usb 2-1: new full-speed USB device number 20 using dummy_hcd
[  407.348128][ T5915] usb 2-1: device descriptor read/8, error -71
[  407.408074][   T59] bridge_slave_1: left allmulticast mode
[  407.430483][   T59] bridge_slave_1: left promiscuous mode
[  407.436294][   T59] bridge0: port 2(bridge_slave_1) entered disabled state
[  407.512285][T11417] loop3: detected capacity change from 0 to 40427
[  407.560375][T11417] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  407.581684][   T59] bridge_slave_0: left allmulticast mode
[  407.587356][   T59] bridge_slave_0: left promiscuous mode
[  407.600949][T11417] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  407.620145][   T59] bridge0: port 1(bridge_slave_0) entered disabled state
[  407.620528][ T5915] usb 2-1: new full-speed USB device number 21 using dummy_hcd
[  407.649695][T11428] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  407.667459][T11417] F2FS-fs (loop3): invalid crc value
[  407.692783][T11428] overlayfs: fs on './file0' does not support file handles, falling back to xino=off.
[  407.705896][ T5915] usb 2-1: device descriptor read/8, error -71
[  407.820767][ T5149] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  407.840010][ T5149] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  407.849175][ T5149] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  407.856934][ T5915] usb usb2-port1: unable to enumerate USB device
[  407.867980][ T5149] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  407.876839][ T5149] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  407.966672][T11422] loop8: detected capacity change from 0 to 32768
[  408.032831][T11422] ocfs2: Mounting device (7,8) on (node local, slot 0) with ordered data mode.
[  408.160438][T11417] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  408.198519][T11417] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  408.466589][ T9600] ocfs2: Unmounting device (7,8) on (node local)
[  409.550477][ T5976] usb 9-1: new low-speed USB device number 7 using dummy_hcd
[  409.704441][ T5976] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  409.720524][ T5976] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 2
[  409.729563][ T5976] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  409.779761][ T5976] usb 9-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  409.804991][ T5976] usb 9-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  409.816637][ T5976] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  409.872139][ T5976] hub 9-1:1.0: bad descriptor, ignoring hub
[  409.882644][ T5976] hub 9-1:1.0: probe with driver hub failed with error -5
[  409.906067][  T801] usb 2-1: new high-speed USB device number 22 using dummy_hcd
[  409.919628][ T5976] cdc_wdm 9-1:1.0: skipping garbage
[  409.934434][ T5853] Bluetooth: hci5: command tx timeout
[  409.938905][ T5976] cdc_wdm 9-1:1.0: skipping garbage
[  409.994641][ T5976] cdc_wdm 9-1:1.0: cdc-wdm0: USB WDM device
[  410.020456][ T5976] cdc_wdm 9-1:1.0: Unknown control protocol
[  410.043172][T11452] cdc_wdm 9-1:1.0: Error submitting int urb - -90
[  410.051350][T11452] cdc_wdm 9-1:1.0: Error submitting int urb - -90
[  410.098508][  T801] usb 2-1: Using ep0 maxpacket: 32
[  410.115178][ T5976] usb 9-1: USB disconnect, device number 7
[  410.129000][  T801] usb 2-1: unable to get BOS descriptor or descriptor too short
[  410.148993][  T801] usb 2-1: no configurations
[  410.191674][  T801] usb 2-1: can't read configurations, error -22
[  410.309442][   T59] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  410.341024][   T59] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  410.452502][   T59] bond0 (unregistering): Released all slaves
[  410.934903][   T59] bond1 (unregistering): Released all slaves
[  411.151165][   T30] audit: type=1804 audit(1749779301.401:97): pid=11463 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.8.1440" name="/newroot/73/bus/file0" dev="overlay" ino=440 res=1 errno=0
[  411.162303][T11466] loop7: detected capacity change from 0 to 16384
[  411.343958][   T59] tipc: Disabling bearer <udp:syz1>
[  411.394961][   T59] tipc: Disabling bearer <udp:s>
[  411.437677][   T59] tipc: Left network mode
[  411.682169][T11470] loop7: detected capacity change from 16384 to 16383
[  411.907180][T11470]  loop7: unable to read partition table
[  411.959715][T11470] loop_reread_partitions: partition scan of loop7 ((õÉ) failed (rc=-5)
[  412.014330][ T5853] Bluetooth: hci5: command tx timeout
[  414.090742][ T5853] Bluetooth: hci5: command tx timeout
[  414.498594][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  414.533250][   T59] batman_adv: batadv0: Removing interface: batadv_slave_0
[  414.541210][T11514] netlink: 156 bytes leftover after parsing attributes in process `syz.1.1453'.
[  414.635514][T11516] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1453'.
[  414.673858][   T59] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  414.740653][   T59] batman_adv: batadv0: Removing interface: batadv_slave_1
[  414.881180][   T59] veth1_macvtap: left promiscuous mode
[  414.917405][   T59] veth0_macvtap: left promiscuous mode
[  414.935408][   T59] veth1_vlan: left promiscuous mode
[  414.951990][   T59] veth0_vlan: left promiscuous mode
[  415.605459][T11519] overlayfs: statfs failed on './file0'
[  416.173171][ T5853] Bluetooth: hci5: command tx timeout
[  416.370967][T11544] loop8: detected capacity change from 0 to 16
[  416.393288][T11544] erofs (device loop8): mounted with root inode @ nid 36.
[  416.419453][T11544] syz.8.1465: attempt to access beyond end of device
[  416.419453][T11544] loop8: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  416.548845][T11546] erofs (device loop8): readahead error at folio 40 @ nid 36
[  416.555276][T11544] erofs (device loop8): read error -5 @ 43 of nid 36
[  416.581806][T11546] erofs (device loop8): readahead error at folio 39 @ nid 36
[  416.627924][T11546] erofs (device loop8): readahead error at folio 38 @ nid 36
[  416.646316][T11545] syz.8.1465: attempt to access beyond end of device
[  416.646316][T11545] loop8: rw=0, sector=14546590680, nr_sectors = 16 limit=16
[  416.667129][T11546] erofs (device loop8): readahead error at folio 34 @ nid 36
[  416.712231][T11545] erofs (device loop8): read error -5 @ 43 of nid 36
[  416.758099][T11546] erofs (device loop8): readahead error at folio 32 @ nid 36
[  416.820443][T11546] erofs (device loop8): readahead error at folio 30 @ nid 36
[  416.861480][T11546] erofs (device loop8): readahead error at folio 27 @ nid 36
[  416.868910][T11546] erofs (device loop8): readahead error at folio 26 @ nid 36
[  416.890991][   T59] team0 (unregistering): Port device team_slave_1 removed
[  416.922358][T11546] erofs (device loop8): readahead error at folio 25 @ nid 36
[  416.931991][T11546] erofs (device loop8): readahead error at folio 24 @ nid 36
[  416.948772][T11546] erofs (device loop8): readahead error at folio 23 @ nid 36
[  416.979688][T11546] erofs (device loop8): readahead error at folio 22 @ nid 36
[  416.988457][   T59] team0 (unregistering): Port device team_slave_0 removed
[  417.015219][T11546] erofs (device loop8): readahead error at folio 21 @ nid 36
[  417.024091][T11546] erofs (device loop8): readahead error at folio 20 @ nid 36
[  417.065357][T11546] erofs (device loop8): readahead error at folio 18 @ nid 36
[  417.119833][T11538] loop6: detected capacity change from 0 to 40427
[  417.129515][T11546] erofs (device loop8): readahead error at folio 12 @ nid 36
[  417.136521][T11538] F2FS-fs (loop6): build fault injection rate: 690
[  417.154431][T11538] F2FS-fs (loop6): heap/no_heap options were deprecated
[  417.173680][T11538] F2FS-fs (loop6): invalid crc value
[  417.180835][T11546] erofs (device loop8): readahead error at folio 10 @ nid 36
[  417.215050][T11546] erofs (device loop8): readahead error at folio 6 @ nid 36
[  417.236540][T11546] erofs (device loop8): readahead error at folio 4 @ nid 36
[  417.254481][T11546] erofs (device loop8): invalid logical cluster 0 at nid 36
[  417.270572][T11546] erofs (device loop8): readahead error at folio 0 @ nid 36
[  417.289826][T11546] syz.8.1465: attempt to access beyond end of device
[  417.289826][T11546] loop8: rw=524288, sector=296, nr_sectors = 16 limit=16
[  417.320495][T11546] syz.8.1465: attempt to access beyond end of device
[  417.320495][T11546] loop8: rw=524288, sector=1049264, nr_sectors = 16 limit=16
[  417.348698][T11546] syz.8.1465: attempt to access beyond end of device
[  417.348698][T11546] loop8: rw=524288, sector=6520, nr_sectors = 16 limit=16
[  417.366084][T11538] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  417.386762][T11546] syz.8.1465: attempt to access beyond end of device
[  417.386762][T11546] loop8: rw=524288, sector=34359736328, nr_sectors = 16 limit=16
[  417.412783][T11546] syz.8.1465: attempt to access beyond end of device
[  417.412783][T11546] loop8: rw=524288, sector=720, nr_sectors = 16 limit=16
[  417.426969][T11546] syz.8.1465: attempt to access beyond end of device
[  417.426969][T11546] loop8: rw=524288, sector=536576856, nr_sectors = 16 limit=16
[  417.445810][T11546] syz.8.1465: attempt to access beyond end of device
[  417.445810][T11546] loop8: rw=524288, sector=13478624032, nr_sectors = 8 limit=16
[  417.461336][T11546] syz.8.1465: attempt to access beyond end of device
[  417.461336][T11546] loop8: rw=524288, sector=13716630376, nr_sectors = 8 limit=16
[  417.491014][T11546] erofs (device loop8): readahead error at folio 86 @ nid 36
[  417.499732][T11546] erofs (device loop8): readahead error at folio 84 @ nid 36
[  417.515247][T11538] CPU: 0 UID: 0 PID: 11538 Comm: syz.6.1462 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  417.515297][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  417.515321][T11538] Call Trace:
[  417.515332][T11538]  <TASK>
[  417.515346][T11538]  dump_stack_lvl+0x16c/0x1f0
[  417.515416][T11538]  f2fs_handle_critical_error+0x621/0x9f0
[  417.515465][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.515512][T11538]  ? f2fs_build_fault_attr+0x53/0x1f0
[  417.515561][T11538]  f2fs_write_end_io+0x785/0xc20
[  417.515614][T11538]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  417.515670][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.515727][T11538]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  417.515776][T11538]  bio_endio+0x70d/0x850
[  417.515819][T11538]  submit_bio_noacct+0x56d/0x1eb0
[  417.515880][T11538]  __submit_merged_bio+0x33c/0x770
[  417.515927][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.515981][T11538]  f2fs_submit_page_write+0x744/0x2980
[  417.516058][T11538]  ? __pfx_f2fs_submit_page_write+0x10/0x10
[  417.516123][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.516172][T11538]  ? __folio_start_writeback+0x3ac/0xbc0
[  417.516236][T11538]  do_write_page+0x349/0xd20
[  417.516287][T11538]  f2fs_outplace_write_data+0x1b1/0x270
[  417.516333][T11538]  ? __pfx_f2fs_outplace_write_data+0x10/0x10
[  417.516379][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.516424][T11538]  ? f2fs_encrypt_one_page+0x123/0x960
[  417.516489][T11538]  f2fs_do_write_data_page+0xcc5/0x1de0
[  417.516557][T11538]  ? __pfx_f2fs_do_write_data_page+0x10/0x10
[  417.516616][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.516681][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.516727][T11538]  ? __lock_acquire+0x622/0x1c90
[  417.516794][T11538]  f2fs_write_single_data_page+0x1138/0x17a0
[  417.516870][T11538]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  417.516954][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.517000][T11538]  ? folio_clear_dirty_for_io+0x112/0x810
[  417.517064][T11538]  f2fs_write_cache_pages+0xd85/0x2570
[  417.517159][T11538]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  417.517230][T11538]  ? __lock_acquire+0x622/0x1c90
[  417.517297][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.517342][T11538]  ? __lock_acquire+0x622/0x1c90
[  417.517503][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.517557][T11538]  f2fs_write_data_pages+0x4ad/0xd90
[  417.517624][T11538]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.517680][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.517737][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.517788][T11538]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.517849][T11538]  do_writepages+0x27a/0x600
[  417.517915][T11538]  ? __pfx_do_writepages+0x10/0x10
[  417.517974][T11538]  ? do_raw_spin_unlock+0x172/0x230
[  417.518015][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.518061][T11538]  ? _raw_spin_unlock+0x28/0x50
[  417.518127][T11538]  filemap_fdatawrite_wbc+0x104/0x160
[  417.518194][T11538]  __filemap_fdatawrite_range+0xb2/0xf0
[  417.518240][T11538]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  417.518286][T11538]  ? check_path.constprop.0+0x24/0x50
[  417.518397][T11538]  ? find_held_lock+0x2b/0x80
[  417.518444][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.518491][T11538]  ? do_raw_spin_unlock+0x172/0x230
[  417.518532][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.518586][T11538]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  417.518669][T11538]  block_operations+0x2a3/0xfd0
[  417.518741][T11538]  ? __pfx_block_operations+0x10/0x10
[  417.518860][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.518906][T11538]  ? down_write+0x14d/0x200
[  417.518947][T11538]  ? __pfx_down_write+0x10/0x10
[  417.518990][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.519036][T11538]  ? rcu_is_watching+0x12/0xc0
[  417.519089][T11538]  f2fs_write_checkpoint+0x2b8/0x4c60
[  417.519162][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.519212][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.519258][T11538]  ? down_write+0x14d/0x200
[  417.519298][T11538]  ? __pfx_down_write+0x10/0x10
[  417.519340][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.519386][T11538]  ? stack_trace_save+0x8e/0xc0
[  417.519444][T11538]  f2fs_issue_checkpoint+0x19e/0x590
[  417.519504][T11538]  ? __lock_acquire+0xb8a/0x1c90
[  417.519565][T11538]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  417.519628][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.519673][T11538]  ? kasan_save_stack+0x42/0x60
[  417.519712][T11538]  ? kasan_save_stack+0x33/0x60
[  417.519749][T11538]  ? kasan_save_track+0x14/0x30
[  417.519789][T11538]  ? __kasan_slab_free+0x51/0x70
[  417.519837][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.519884][T11538]  ? __lock_acquire+0xb8a/0x1c90
[  417.519949][T11538]  ? __lock_acquire+0xb8a/0x1c90
[  417.520025][T11538]  ? find_held_lock+0x2b/0x80
[  417.520072][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520133][T11538]  f2fs_sync_fs+0x22b/0x400
[  417.520199][T11538]  f2fs_do_shutdown+0x18a/0x670
[  417.520251][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520305][T11538]  __f2fs_ioctl+0x4231/0xa460
[  417.520357][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520409][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520454][T11538]  ? find_held_lock+0x2b/0x80
[  417.520502][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520557][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520603][T11538]  ? tomoyo_path_number_perm+0x18d/0x580
[  417.520653][T11538]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  417.520699][T11538]  ? __pfx___f2fs_ioctl+0x10/0x10
[  417.520750][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.520796][T11538]  ? do_vfs_ioctl+0x523/0x1a60
[  417.520860][T11538]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  417.520965][T11538]  f2fs_ioctl+0x1f5/0x700
[  417.521018][T11538]  ? __pfx_f2fs_ioctl+0x10/0x10
[  417.521068][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.521118][T11538]  ? __fget_files+0x20e/0x3c0
[  417.521170][T11538]  ? __pfx_f2fs_ioctl+0x10/0x10
[  417.521224][T11538]  __x64_sys_ioctl+0x18e/0x210
[  417.521290][T11538]  do_syscall_64+0xcd/0x4c0
[  417.521332][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.521370][T11538] RIP: 0033:0x7f456278e929
[  417.521399][T11538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.521437][T11538] RSP: 002b:00007f456351a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  417.521472][T11538] RAX: ffffffffffffffda RBX: 00007f45629b5fa0 RCX: 00007f456278e929
[  417.521497][T11538] RDX: 0000200000000080 RSI: 000000008004587d RDI: 0000000000000004
[  417.521522][T11538] RBP: 00007f4562810b39 R08: 0000000000000000 R09: 0000000000000000
[  417.521546][T11538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  417.521569][T11538] R13: 0000000000000000 R14: 00007f45629b5fa0 R15: 00007fffe35cc4c8
[  417.521620][T11538]  </TASK>
[  417.601193][T11546] erofs (device loop8): readahead error at folio 80 @ nid 36
[  417.624552][T11538] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  417.653364][T11546] erofs (device loop8): readahead error at folio 74 @ nid 36
[  417.667637][T11538] CPU: 0 UID: 0 PID: 11538 Comm: syz.6.1462 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  417.667686][T11538] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  417.667709][T11538] Call Trace:
[  417.667721][T11538]  <TASK>
[  417.667734][T11538]  dump_stack_lvl+0x16c/0x1f0
[  417.667804][T11538]  f2fs_handle_critical_error+0x621/0x9f0
[  417.667850][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.667896][T11538]  ? f2fs_build_fault_attr+0x53/0x1f0
[  417.667944][T11538]  f2fs_write_end_io+0x785/0xc20
[  417.667995][T11538]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  417.668050][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.668110][T11538]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  417.668157][T11538]  bio_endio+0x70d/0x850
[  417.668199][T11538]  submit_bio_noacct+0x56d/0x1eb0
[  417.668259][T11538]  __submit_merged_bio+0x33c/0x770
[  417.668314][T11538]  __submit_merged_write_cond+0x319/0x3f0
[  417.668375][T11538]  f2fs_write_single_data_page+0x13b0/0x17a0
[  417.668449][T11538]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  417.668531][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.668575][T11538]  ? folio_clear_dirty_for_io+0x112/0x810
[  417.668636][T11538]  f2fs_write_cache_pages+0xd85/0x2570
[  417.668724][T11538]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  417.668793][T11538]  ? __lock_acquire+0x622/0x1c90
[  417.668857][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.668901][T11538]  ? __lock_acquire+0x622/0x1c90
[  417.669054][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.669112][T11538]  f2fs_write_data_pages+0x4ad/0xd90
[  417.669177][T11538]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.669230][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.669286][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.669337][T11538]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  417.669396][T11538]  do_writepages+0x27a/0x600
[  417.669461][T11538]  ? __pfx_do_writepages+0x10/0x10
[  417.669517][T11538]  ? do_raw_spin_unlock+0x172/0x230
[  417.669557][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.669601][T11538]  ? _raw_spin_unlock+0x28/0x50
[  417.669660][T11538]  filemap_fdatawrite_wbc+0x104/0x160
[  417.669725][T11538]  __filemap_fdatawrite_range+0xb2/0xf0
[  417.669785][T11538]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  417.669828][T11538]  ? check_path.constprop.0+0x24/0x50
[  417.669936][T11538]  ? find_held_lock+0x2b/0x80
[  417.669982][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670028][T11538]  ? do_raw_spin_unlock+0x172/0x230
[  417.670067][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670123][T11538]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  417.670203][T11538]  block_operations+0x2a3/0xfd0
[  417.670274][T11538]  ? __pfx_block_operations+0x10/0x10
[  417.670389][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670433][T11538]  ? down_write+0x14d/0x200
[  417.670472][T11538]  ? __pfx_down_write+0x10/0x10
[  417.670514][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670558][T11538]  ? rcu_is_watching+0x12/0xc0
[  417.670610][T11538]  f2fs_write_checkpoint+0x2b8/0x4c60
[  417.670673][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670721][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670764][T11538]  ? down_write+0x14d/0x200
[  417.670803][T11538]  ? __pfx_down_write+0x10/0x10
[  417.670844][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.670888][T11538]  ? stack_trace_save+0x8e/0xc0
[  417.670944][T11538]  f2fs_issue_checkpoint+0x19e/0x590
[  417.671002][T11538]  ? __lock_acquire+0xb8a/0x1c90
[  417.671060][T11538]  ? __pfx_f2fs_issue_checkpoint+0x10/0x10
[  417.671124][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.671168][T11538]  ? kasan_save_stack+0x42/0x60
[  417.671206][T11538]  ? kasan_save_stack+0x33/0x60
[  417.671242][T11538]  ? kasan_save_track+0x14/0x30
[  417.671281][T11538]  ? __kasan_slab_free+0x51/0x70
[  417.671327][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.671371][T11538]  ? __lock_acquire+0xb8a/0x1c90
[  417.671433][T11538]  ? __lock_acquire+0xb8a/0x1c90
[  417.671507][T11538]  ? find_held_lock+0x2b/0x80
[  417.671553][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.671607][T11538]  f2fs_sync_fs+0x22b/0x400
[  417.671669][T11538]  f2fs_do_shutdown+0x18a/0x670
[  417.671717][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.671768][T11538]  __f2fs_ioctl+0x4231/0xa460
[  417.671818][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.671867][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.671911][T11538]  ? find_held_lock+0x2b/0x80
[  417.671956][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.672015][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.672063][T11538]  ? tomoyo_path_number_perm+0x18d/0x580
[  417.672121][T11538]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  417.672167][T11538]  ? __pfx___f2fs_ioctl+0x10/0x10
[  417.672217][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.672261][T11538]  ? do_vfs_ioctl+0x523/0x1a60
[  417.672323][T11538]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  417.672425][T11538]  f2fs_ioctl+0x1f5/0x700
[  417.672477][T11538]  ? __pfx_f2fs_ioctl+0x10/0x10
[  417.672525][T11538]  ? srso_alias_return_thunk+0x5/0xfbef5
[  417.672569][T11538]  ? __fget_files+0x20e/0x3c0
[  417.672620][T11538]  ? __pfx_f2fs_ioctl+0x10/0x10
[  417.672672][T11538]  __x64_sys_ioctl+0x18e/0x210
[  417.672736][T11538]  do_syscall_64+0xcd/0x4c0
[  417.672776][T11538]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  417.672813][T11538] RIP: 0033:0x7f456278e929
[  417.672840][T11538] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  417.672877][T11538] RSP: 002b:00007f456351a038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  417.672911][T11538] RAX: ffffffffffffffda RBX: 00007f45629b5fa0 RCX: 00007f456278e929
[  417.672936][T11538] RDX: 0000200000000080 RSI: 000000008004587d RDI: 0000000000000004
[  417.672959][T11538] RBP: 00007f4562810b39 R08: 0000000000000000 R09: 0000000000000000
[  417.672982][T11538] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  417.673005][T11538] R13: 0000000000000000 R14: 00007f45629b5fa0 R15: 00007fffe35cc4c8
[  417.673055][T11538]  </TASK>
[  417.687025][T11538] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  417.689660][T11546] erofs (device loop8): readahead error at folio 72 @ nid 36
[  418.832267][T11546] erofs (device loop8): readahead error at folio 70 @ nid 36
[  418.839824][T11546] erofs (device loop8): bogus lookback distance 1388 @ lcn 62 of nid 36
[  418.848566][T11546] erofs (device loop8): readahead error at folio 63 @ nid 36
[  418.856082][T11546] erofs (device loop8): bogus lookback distance 1388 @ lcn 62 of nid 36
[  418.864938][T11546] erofs (device loop8): readahead error at folio 62 @ nid 36
[  418.876869][T11546] erofs (device loop8): readahead error at folio 58 @ nid 36
[  418.885561][T11546] erofs (device loop8): readahead error at folio 57 @ nid 36
[  418.895293][T11546] erofs (device loop8): readahead error at folio 54 @ nid 36
[  418.902798][T11546] erofs (device loop8): readahead error at folio 53 @ nid 36
[  418.910331][T11546] erofs (device loop8): readahead error at folio 52 @ nid 36
[  418.917791][T11546] erofs (device loop8): readahead error at folio 51 @ nid 36
[  418.970306][T11546] erofs (device loop8): bogus lookback distance 363 @ lcn 50 of nid 36
[  418.990291][T11546] erofs (device loop8): readahead error at folio 50 @ nid 36
[  418.997940][T11546] erofs (device loop8): readahead error at folio 47 @ nid 36
[  419.030444][T11546] erofs (device loop8): readahead error at folio 46 @ nid 36
[  419.756569][T11432] chnl_net:caif_netlink_parms(): no params data found
[  419.787287][T11558] loop7: detected capacity change from 0 to 32768
[  420.269720][T11575] Unknown status report in ack skb
[  420.318394][T11579] netlink: 'syz.3.1472': attribute type 10 has an invalid length.
[  420.644886][T11579] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  420.824196][T11432] bridge0: port 1(bridge_slave_0) entered blocking state
[  420.824446][T11432] bridge0: port 1(bridge_slave_0) entered disabled state
[  420.824612][T11432] bridge_slave_0: entered allmulticast mode
[  420.826710][T11432] bridge_slave_0: entered promiscuous mode
[  420.980703][T11432] bridge0: port 2(bridge_slave_1) entered blocking state
[  420.980831][T11432] bridge0: port 2(bridge_slave_1) entered disabled state
[  420.981056][T11432] bridge_slave_1: entered allmulticast mode
[  420.983152][T11432] bridge_slave_1: entered promiscuous mode
[  421.102046][   T30] audit: type=1326 audit(1749779311.371:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f703832ab19 code=0x7ffc0000
[  421.102134][   T30] audit: type=1326 audit(1749779311.381:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f703838e929 code=0x7ffc0000
[  421.102472][   T30] audit: type=1326 audit(1749779311.381:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f703832ab19 code=0x7ffc0000
[  421.110646][   T30] audit: type=1326 audit(1749779311.381:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f703838e929 code=0x7ffc0000
[  421.129165][   T30] audit: type=1326 audit(1749779311.401:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f703832ab19 code=0x7ffc0000
[  421.129246][   T30] audit: type=1326 audit(1749779311.401:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f703832ab19 code=0x7ffc0000
[  421.129317][   T30] audit: type=1326 audit(1749779311.401:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f703838e929 code=0x7ffc0000
[  421.129389][   T30] audit: type=1326 audit(1749779311.401:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f703838e929 code=0x7ffc0000
[  421.129460][   T30] audit: type=1326 audit(1749779311.401:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f703832ab19 code=0x7ffc0000
[  421.129531][   T30] audit: type=1326 audit(1749779311.401:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11592 comm="syz.8.1476" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f703832ab19 code=0x7ffc0000
[  421.219462][   T59] IPVS: stop unused estimator thread 0...
[  421.232111][T11432] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  421.283810][T11432] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  421.628344][T11432] team0: Port device team_slave_0 added
[  421.656986][T11432] team0: Port device team_slave_1 added
[  421.724656][T11603] loop3: detected capacity change from 0 to 1024
[  421.725829][T11603] EXT4-fs: Ignoring removed orlov option
[  421.725986][T11603] journal_path: Non-blockdev passed as './file1'
[  421.726030][T11603] EXT4-fs: error: could not find journal device path
[  422.195733][T11432] batman_adv: batadv0: Adding interface: batadv_slave_0
[  422.195759][T11432] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.195827][T11432] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  422.198137][T11432] batman_adv: batadv0: Adding interface: batadv_slave_1
[  422.198160][T11432] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  422.198253][T11432] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  423.300538][T11619] vlan2: entered allmulticast mode
[  423.467701][T11432] hsr_slave_0: entered promiscuous mode
[  423.474524][T11432] hsr_slave_1: entered promiscuous mode
[  423.516467][T11432] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  423.516501][T11432] Cannot create hsr debugfs directory
[  424.128861][T11640] loop6: detected capacity change from 0 to 128
[  424.234078][T11640] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  424.306230][T11640] ext4 filesystem being mounted at /203/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  424.945134][ T6583] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  425.003884][T11432] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  425.125698][T11432] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  425.186537][T11432] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  425.403869][T11432] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  425.568048][    T9] usb 4-1: new high-speed USB device number 18 using dummy_hcd
[  425.921263][    T9] usb 4-1: Using ep0 maxpacket: 32
[  425.956492][    T9] usb 4-1: config index 0 descriptor too short (expected 156, got 27)
[  425.985590][    T9] usb 4-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  426.059801][    T9] usb 4-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  426.111271][    T9] usb 4-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  426.179035][    T9] usb 4-1: config 0 interface 0 has no altsetting 0
[  426.218548][    T9] usb 4-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  426.228310][T11432] 8021q: adding VLAN 0 to HW filter on device bond0
[  426.250545][    T9] usb 4-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  426.255888][ T5853] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  426.268911][ T5853] Bluetooth: hci0: Injecting HCI hardware error event
[  426.281109][ T5149] Bluetooth: hci0: hardware error 0x00
[  426.320721][    T9] usb 4-1: Product: syz
[  426.329136][    T9] usb 4-1: Manufacturer: syz
[  426.337651][    T9] usb 4-1: SerialNumber: syz
[  426.361485][    T9] usb 4-1: config 0 descriptor??
[  426.383032][    T9] ldusb 4-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  426.388897][T11432] 8021q: adding VLAN 0 to HW filter on device team0
[  426.405820][    T9] ldusb 4-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  426.442635][ T3481] bridge0: port 1(bridge_slave_0) entered blocking state
[  426.449853][ T3481] bridge0: port 1(bridge_slave_0) entered forwarding state
[  426.529763][T11686] vlan2: entered allmulticast mode
[  426.567552][T11649] loop1: detected capacity change from 0 to 32768
[  426.772799][ T3481] bridge0: port 2(bridge_slave_1) entered blocking state
[  426.780037][ T3481] bridge0: port 2(bridge_slave_1) entered forwarding state
[  427.149748][    T9] usb 4-1: USB disconnect, device number 18
[  427.149876][    C0] ldusb 4-1:0.0: usb_submit_urb failed (-19)
[  427.177258][T11694] ldusb 4-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  427.464782][    T9] ldusb 4-1:0.0: LD USB Device #0 now disconnected
[  428.181307][T11707] wg2: entered allmulticast mode
[  428.212832][T11709] wg2: entered promiscuous mode
[  428.410844][ T5149] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  428.857407][T11432] 8021q: adding VLAN 0 to HW filter on device batadv0
[  430.640919][ T5814] usb 4-1: new high-speed USB device number 19 using dummy_hcd
[  430.654249][T11756] vlan2: entered allmulticast mode
[  430.813734][ T5814] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  430.969943][ T5814] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  430.980769][ T5814] usb 4-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  430.989834][ T5814] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  431.021140][ T5814] usb 4-1: config 0 descriptor??
[  431.474954][ T5814] cp2112 0003:10C4:EA90.0017: unknown main item tag 0x0
[  431.588337][T11432] veth0_vlan: entered promiscuous mode
[  431.636943][ T5814] cp2112 0003:10C4:EA90.0017: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.3-1/input0
[  431.726507][T11432] veth1_vlan: entered promiscuous mode
[  431.778557][T11432] veth0_macvtap: entered promiscuous mode
[  431.794328][T11432] veth1_macvtap: entered promiscuous mode
[  431.815254][ T5814] cp2112 0003:10C4:EA90.0017: Part Number: 0x82 Device Version: 0xFE
[  431.885148][T11432] batman_adv: batadv0: Interface activated: batadv_slave_0
[  432.019252][T11776] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  432.037382][T11432] batman_adv: batadv0: Interface activated: batadv_slave_1
[  432.144733][T11432] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  432.415657][T11753] cp2112 0003:10C4:EA90.0017: Error starting transaction: -38
[  432.450696][T11432] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  432.474089][ T5814] cp2112 0003:10C4:EA90.0017: error reading lock byte: -71
[  432.500533][T11432] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  432.527244][ T5814] usb 4-1: USB disconnect, device number 19
[  432.530377][T11432] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  433.100340][ T5930] usb 2-1: new high-speed USB device number 24 using dummy_hcd
[  433.161291][ T8745] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  433.200743][ T8745] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  433.225279][T11792] loop7: detected capacity change from 0 to 512
[  433.270274][ T5930] usb 2-1: Using ep0 maxpacket: 8
[  433.296827][ T5930] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  433.327381][T11792] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  433.330178][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  433.362501][ T8754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  433.374250][ T5915] usb 7-1: new low-speed USB device number 12 using dummy_hcd
[  433.396960][T11795] tipc: Started in network mode
[  433.405121][T11792] EXT4-fs (loop7): 1 truncate cleaned up
[  433.410960][T11795] tipc: Node identity 4, cluster identity 4711
[  433.420672][ T8754] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  433.446901][T11792] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  433.479972][T11795] tipc: Node number set to 4
[  433.490004][ T5930] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  433.580253][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  433.628391][ T5915] usb 7-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  433.659152][ T5915] usb 7-1: config 1 has 1 interface, different from the descriptor's value: 2
[  433.668729][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  433.743500][ T5915] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  433.775118][ T5930] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  433.818816][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  433.841401][ T5915] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  433.873162][ T5915] usb 7-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00
[  433.890674][ T5930] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  433.970300][ T5915] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  433.980450][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  434.024757][ T5915] hub 7-1:1.0: bad descriptor, ignoring hub
[  434.025529][ T6722] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  434.060671][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  434.072187][ T5915] hub 7-1:1.0: probe with driver hub failed with error -5
[  434.079970][ T5915] cdc_wdm 7-1:1.0: skipping garbage
[  434.188342][ T5930] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  434.218839][ T5915] cdc_wdm 7-1:1.0: skipping garbage
[  434.234671][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  434.275911][ T5915] cdc_wdm 7-1:1.0: cdc-wdm0: USB WDM device
[  434.303866][ T5915] cdc_wdm 7-1:1.0: Unknown control protocol
[  434.310040][ T5930] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  434.344664][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  434.362655][ T5915] usb 7-1: USB disconnect, device number 12
[  434.403151][ T5930] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  434.496338][ T5930] usb 2-1: string descriptor 0 read error: -22
[  434.503092][ T5930] usb 2-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  434.516374][ T5930] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  434.600626][ T5930] adutux 2-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  434.869263][T11820] tipc: Started in network mode
[  434.900463][T11820] tipc: Node identity ac141425, cluster identity 4711
[  434.907514][T11820] tipc: New replicast peer: 0.0.0.0
[  434.920331][T11821] input: syz0 as /devices/virtual/input/input24
[  434.940400][ T5930] usb 2-1: USB disconnect, device number 24
[  434.940919][T11822] usb 2-1: Couldn't submit interrupt_out_urb -19
[  435.012846][T11820] tipc: Enabled bearer <udp:syz2>, priority 10
[  435.030384][T11825] tipc: New replicast peer: 10.1.1.0
[  435.254918][T11830] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1539'.
[  435.804105][T11817] loop7: detected capacity change from 0 to 32768
[  435.970397][ T5975] tipc: Node number set to 2886997029
[  436.050470][    T9] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  436.311591][    T9] usb 10-1: Using ep0 maxpacket: 16
[  436.376440][T11817] ocfs2: Mounting device (7,7) on (node local, slot 0) with writeback data mode.
[  436.500180][    T9] usb 10-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  436.753341][    T9] usb 10-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  436.813452][    T9] usb 10-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  436.879984][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  436.985968][    T9] usb 10-1: Product: syz
[  437.029903][    T9] usb 10-1: Manufacturer: syz
[  437.485128][    T9] usb 10-1: SerialNumber: syz
[  437.586973][    T9] usb 10-1: config 0 descriptor??
[  437.633569][    T9] em28xx 10-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  437.766556][    T9] em28xx 10-1:0.0: Audio interface 0 found (Vendor Class)
[  437.828129][ T6722] ocfs2: Unmounting device (7,7) on (node local)
[  438.686252][    T9] em28xx 10-1:0.0: unknown em28xx chip ID (0)
[  438.704047][    T9] em28xx 10-1:0.0: Config register raw data: 0x2f
[  438.736152][    T9] em28xx 10-1:0.0: I2S Audio (1 sample rate(s))
[  438.760305][    T9] em28xx 10-1:0.0: No AC97 audio processor
[  438.861230][ T5930] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  439.122833][ T5930] usb 8-1: Using ep0 maxpacket: 32
[  439.288772][ T5930] usb 8-1: config index 0 descriptor too short (expected 156, got 27)
[  439.520902][ T5930] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  439.843557][    T9] usb 10-1: USB disconnect, device number 2
[  439.874553][ T5930] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  439.962057][ T5853] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  439.972515][ T5853] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  439.980755][ T5853] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  439.985069][ T5930] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  439.990896][ T5853] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  440.009372][ T5853] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  440.143538][ T5930] usb 8-1: config 0 interface 0 has no altsetting 0
[  440.178874][ T5930] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  440.208570][ T5930] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  440.277112][ T5930] usb 8-1: Product: syz
[  440.302022][ T5930] usb 8-1: Manufacturer: syz
[  440.306648][ T5930] usb 8-1: SerialNumber: syz
[  440.360006][ T5930] usb 8-1: config 0 descriptor??
[  440.378634][ T5930] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  440.411214][ T5930] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  440.797030][T11892] loop7: detected capacity change from 0 to 16384
[  441.392944][T11898] ldusb 8-1:0.0: Couldn't submit HID_REQ_SET_REPORT -71
[  441.401892][ T5930] usb 8-1: USB disconnect, device number 8
[  441.401988][    C1] ldusb 8-1:0.0: usb_submit_urb failed (-19)
[  441.592078][T11904] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1555'.
[  441.619823][ T5930] ldusb 8-1:0.0: LD USB Device #0 now disconnected
[  441.854810][T11899] loop7: detected capacity change from 16384 to 16383
[  441.895753][T11899] 
[  441.898098][T11899] ======================================================
[  441.905117][T11899] WARNING: possible circular locking dependency detected
[  441.912146][T11899] 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 Not tainted
[  441.919256][T11899] ------------------------------------------------------
[  441.926272][T11899] syz.6.1552/11899 is trying to acquire lock:
[  441.932341][T11899] ffffffff908b47a8 (uevent_sock_mutex){+.+.}-{4:4}, at: kobject_uevent_env+0xb36/0x1870
[  441.942151][T11899] 
[  441.942151][T11899] but task is already holding lock:
[  441.949509][T11899] ffff8881427d4ee8 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  441.960804][T11899] 
[  441.960804][T11899] which lock already depends on the new lock.
[  441.960804][T11899] 
[  441.971203][T11899] 
[  441.971203][T11899] the existing dependency chain (in reverse order) is:
[  441.980218][T11899] 
[  441.980218][T11899] -> #2 (&q->q_usage_counter(io)#24){++++}-{0:0}:
[  441.988872][T11899]        blk_alloc_queue+0x619/0x760
[  441.994179][T11899]        blk_mq_alloc_queue+0x175/0x290
[  441.999753][T11899]        __blk_mq_alloc_disk+0x29/0x120
[  442.005358][T11899]        loop_add+0x49e/0xb70
[  442.010053][T11899]        loop_init+0x164/0x270
[  442.014841][T11899]        do_one_initcall+0x123/0x6e0
[  442.020146][T11899]        kernel_init_freeable+0x5c2/0x900
[  442.025903][T11899]        kernel_init+0x1c/0x2b0
[  442.030778][T11899]        ret_from_fork+0x5d7/0x6f0
[  442.035921][T11899]        ret_from_fork_asm+0x1a/0x30
[  442.041220][T11899] 
[  442.041220][T11899] -> #1 (fs_reclaim){+.+.}-{0:0}:
[  442.048468][T11899]        fs_reclaim_acquire+0x102/0x150
[  442.054052][T11899]        kmem_cache_alloc_node_noprof+0x57/0x3b0
[  442.060401][T11899]        __alloc_skb+0x2b2/0x380
[  442.065369][T11899]        alloc_uevent_skb+0x7d/0x210
[  442.070686][T11899]        kobject_uevent_env+0xca4/0x1870
[  442.076337][T11899]        kobject_synth_uevent+0x7d4/0x8a0
[  442.082079][T11899]        bus_uevent_store+0x3d/0x90
[  442.087297][T11899]        bus_attr_store+0x74/0xb0
[  442.092339][T11899]        sysfs_kf_write+0xf2/0x150
[  442.097464][T11899]        kernfs_fop_write_iter+0x354/0x510
[  442.103305][T11899]        vfs_write+0x6c7/0x1150
[  442.108167][T11899]        ksys_write+0x12a/0x250
[  442.113030][T11899]        do_syscall_64+0xcd/0x4c0
[  442.118068][T11899]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.124499][T11899] 
[  442.124499][T11899] -> #0 (uevent_sock_mutex){+.+.}-{4:4}:
[  442.132351][T11899]        __lock_acquire+0x126f/0x1c90
[  442.137753][T11899]        lock_acquire+0x179/0x350
[  442.142806][T11899]        __mutex_lock+0x199/0xb90
[  442.147838][T11899]        kobject_uevent_env+0xb36/0x1870
[  442.153493][T11899]        set_capacity_and_notify+0x1ca/0x240
[  442.159497][T11899]        loop_set_status+0x94c/0xb90
[  442.164801][T11899]        loop_set_status_old+0x162/0x1d0
[  442.170474][T11899]        lo_ioctl+0xb3f/0x2760
[  442.175257][T11899]        blkdev_ioctl+0x277/0x6d0
[  442.180297][T11899]        __x64_sys_ioctl+0x18e/0x210
[  442.185614][T11899]        do_syscall_64+0xcd/0x4c0
[  442.190647][T11899]        entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.197074][T11899] 
[  442.197074][T11899] other info that might help us debug this:
[  442.197074][T11899] 
[  442.207297][T11899] Chain exists of:
[  442.207297][T11899]   uevent_sock_mutex --> fs_reclaim --> &q->q_usage_counter(io)#24
[  442.207297][T11899] 
[  442.221086][T11899]  Possible unsafe locking scenario:
[  442.221086][T11899] 
[  442.228531][T11899]        CPU0                    CPU1
[  442.233897][T11899]        ----                    ----
[  442.239260][T11899]   lock(&q->q_usage_counter(io)#24);
[  442.244664][T11899]                                lock(fs_reclaim);
[  442.251179][T11899]                                lock(&q->q_usage_counter(io)#24);
[  442.259102][T11899]   lock(uevent_sock_mutex);
[  442.263707][T11899] 
[  442.263707][T11899]  *** DEADLOCK ***
[  442.263707][T11899] 
[  442.271848][T11899] 3 locks held by syz.6.1552/11899:
[  442.277046][T11899]  #0: ffff888025fcb400 (&lo->lo_mutex){+.+.}-{4:4}, at: loop_set_status+0x2c/0xb90
[  442.286524][T11899]  #1: ffff8881427d4ee8 (&q->q_usage_counter(io)#24){++++}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  442.298261][T11899]  #2: ffff8881427d4f20 (&q->q_usage_counter(queue)#20){+.+.}-{0:0}, at: blk_mq_freeze_queue_nomemsave+0x15/0x20
[  442.310260][T11899] 
[  442.310260][T11899] stack backtrace:
[  442.316149][T11899] CPU: 1 UID: 0 PID: 11899 Comm: syz.6.1552 Not tainted 6.16.0-rc1-syzkaller-00101-g27605c8c0f69 #0 PREEMPT(full) 
[  442.316192][T11899] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  442.316213][T11899] Call Trace:
[  442.316223][T11899]  <TASK>
[  442.316235][T11899]  dump_stack_lvl+0x116/0x1f0
[  442.316293][T11899]  print_circular_bug+0x275/0x350
[  442.316347][T11899]  check_noncircular+0x14c/0x170
[  442.316405][T11899]  __lock_acquire+0x126f/0x1c90
[  442.316468][T11899]  lock_acquire+0x179/0x350
[  442.316519][T11899]  ? kobject_uevent_env+0xb36/0x1870
[  442.316563][T11899]  ? __pfx___might_resched+0x10/0x10
[  442.316612][T11899]  __mutex_lock+0x199/0xb90
[  442.316642][T11899]  ? kobject_uevent_env+0xb36/0x1870
[  442.316683][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.316727][T11899]  ? kobject_uevent_env+0xb36/0x1870
[  442.316770][T11899]  ? __pfx___mutex_lock+0x10/0x10
[  442.316810][T11899]  ? __asan_memcpy+0x3c/0x60
[  442.316841][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.316881][T11899]  ? kobject_get_path+0x8e/0x2a0
[  442.316923][T11899]  ? kobject_uevent_env+0xb36/0x1870
[  442.316962][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317003][T11899]  kobject_uevent_env+0xb36/0x1870
[  442.317048][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317096][T11899]  set_capacity_and_notify+0x1ca/0x240
[  442.317140][T11899]  ? __pfx_set_capacity_and_notify+0x10/0x10
[  442.317185][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317226][T11899]  ? __asan_memcpy+0x3c/0x60
[  442.317259][T11899]  loop_set_status+0x94c/0xb90
[  442.317306][T11899]  loop_set_status_old+0x162/0x1d0
[  442.317349][T11899]  ? __pfx_loop_set_status_old+0x10/0x10
[  442.317407][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317473][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317514][T11899]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  442.317554][T11899]  lo_ioctl+0xb3f/0x2760
[  442.317593][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317633][T11899]  ? __lock_acquire+0xb8a/0x1c90
[  442.317688][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.317729][T11899]  ? kasan_save_stack+0x42/0x60
[  442.317764][T11899]  ? kasan_save_stack+0x33/0x60
[  442.317797][T11899]  ? kasan_save_track+0x14/0x30
[  442.317832][T11899]  ? kasan_save_free_info+0x3b/0x60
[  442.317883][T11899]  ? __kasan_slab_free+0x51/0x70
[  442.317924][T11899]  ? kfree+0x2b4/0x4d0
[  442.317974][T11899]  ? tomoyo_path_number_perm+0x470/0x580
[  442.318012][T11899]  ? security_file_ioctl+0x9b/0x240
[  442.318052][T11899]  ? __x64_sys_ioctl+0xb7/0x210
[  442.318109][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318149][T11899]  ? __lock_acquire+0xb8a/0x1c90
[  442.318204][T11899]  ? __pfx_lo_ioctl+0x10/0x10
[  442.318244][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318288][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318329][T11899]  ? __lock_acquire+0xb8a/0x1c90
[  442.318385][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318430][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318470][T11899]  ? lock_acquire+0x179/0x350
[  442.318521][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318562][T11899]  ? find_held_lock+0x2b/0x80
[  442.318602][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318645][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318685][T11899]  ? rcu_is_watching+0x12/0xc0
[  442.318726][T11899]  ? finish_task_switch.isra.0+0x221/0xc10
[  442.318768][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318809][T11899]  ? lockdep_hardirqs_on+0x7c/0x110
[  442.318863][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318908][T11899]  ? finish_task_switch.isra.0+0x221/0xc10
[  442.318950][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.318991][T11899]  ? rcu_is_watching+0x12/0xc0
[  442.319032][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319072][T11899]  ? trace_sched_exit_tp+0xde/0x130
[  442.319119][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319159][T11899]  ? __schedule+0x1181/0x5de0
[  442.319208][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319249][T11899]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  442.319287][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319328][T11899]  ? blkdev_common_ioctl+0x1dd/0x2480
[  442.319368][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319408][T11899]  ? __sanitizer_cov_trace_switch+0x54/0x90
[  442.319447][T11899]  ? __pfx_blkdev_common_ioctl+0x10/0x10
[  442.319490][T11899]  ? __pfx_do_vfs_ioctl+0x10/0x10
[  442.319545][T11899]  ? __pfx___schedule+0x10/0x10
[  442.319608][T11899]  ? rcu_is_watching+0x12/0xc0
[  442.319648][T11899]  ? irqentry_exit+0x3b/0x90
[  442.319676][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319716][T11899]  ? lockdep_hardirqs_on+0x7c/0x110
[  442.319770][T11899]  ? srso_alias_return_thunk+0x5/0xfbef5
[  442.319812][T11899]  ? __pfx_lo_ioctl+0x10/0x10
[  442.319853][T11899]  blkdev_ioctl+0x277/0x6d0
[  442.319892][T11899]  ? __pfx_blkdev_ioctl+0x10/0x10
[  442.319936][T11899]  ? security_file_ioctl+0x79/0x240
[  442.319976][T11899]  ? __sanitizer_cov_trace_pc+0x8/0x70
[  442.320019][T11899]  ? __pfx_blkdev_ioctl+0x10/0x10
[  442.320060][T11899]  __x64_sys_ioctl+0x18e/0x210
[  442.320121][T11899]  do_syscall_64+0xcd/0x4c0
[  442.320156][T11899]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  442.320190][T11899] RIP: 0033:0x7f456278e929
[  442.320220][T11899] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  442.320254][T11899] RSP: 002b:00007f45605f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  442.320285][T11899] RAX: ffffffffffffffda RBX: 00007f45629b6080 RCX: 00007f456278e929
[  442.320308][T11899] RDX: 00002000000001c0 RSI: 0000000000004c02 RDI: 0000000000000004
[  442.320330][T11899] RBP: 00007f4562810b39 R08: 0000000000000000 R09: 0000000000000000
[  442.320350][T11899] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  442.320371][T11899] R13: 0000000000000001 R14: 00007f45629b6080 R15: 00007fffe35cc4c8
[  442.320406][T11899]  </TASK>
[  442.919797][ T5853] Bluetooth: hci0: command tx timeout
[  442.948173][T11872] chnl_net:caif_netlink_parms(): no params data found
[  443.359370][T11872] bridge0: port 1(bridge_slave_0) entered blocking state
[  443.372411][T11872] bridge0: port 1(bridge_slave_0) entered disabled state
[  443.379696][T11872] bridge_slave_0: entered allmulticast mode
[  443.391248][T11872] bridge_slave_0: entered promiscuous mode
[  443.401474][T11872] bridge0: port 2(bridge_slave_1) entered blocking state
[  443.408597][T11872] bridge0: port 2(bridge_slave_1) entered disabled state
[  443.415798][T11872] bridge_slave_1: entered allmulticast mode
[  443.422794][T11872] bridge_slave_1: entered promiscuous mode
[  443.456122][T11872] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  443.474353][T11872] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  443.520631][T11872] team0: Port device team_slave_0 added
[  443.528005][T11872] team0: Port device team_slave_1 added
[  443.561781][T11872] batman_adv: batadv0: Adding interface: batadv_slave_0
[  443.568735][T11872] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  443.594975][T11872] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  443.607031][T11872] batman_adv: batadv0: Adding interface: batadv_slave_1
[  443.614137][T11872] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  443.643122][T11872] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  443.691490][T11872] hsr_slave_0: entered promiscuous mode
[  443.697818][T11872] hsr_slave_1: entered promiscuous mode
[  443.706943][T11872] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  443.714564][T11872] Cannot create hsr debugfs directory
[  443.863259][T11872] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  443.940156][T11872] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.003262][T11872] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.060921][T11872] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.169930][T11872] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  444.220783][T11872] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  444.235032][T11872] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  444.246943][T11872] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  444.329531][T11872] 8021q: adding VLAN 0 to HW filter on device bond0
[  444.348119][T11872] 8021q: adding VLAN 0 to HW filter on device team0
[  444.362133][ T8745] bridge0: port 1(bridge_slave_0) entered blocking state
[  444.369242][ T8745] bridge0: port 1(bridge_slave_0) entered forwarding state
[  444.384477][ T8745] bridge0: port 2(bridge_slave_1) entered blocking state
[  444.391589][ T8745] bridge0: port 2(bridge_slave_1) entered forwarding state
[  444.637226][T11872] 8021q: adding VLAN 0 to HW filter on device batadv0
[  444.956339][T11872] veth0_vlan: entered promiscuous mode
[  444.970655][ T5149] Bluetooth: hci0: command tx timeout
[  444.977879][T11872] veth1_vlan: entered promiscuous mode
[  445.012067][T11872] veth0_macvtap: entered promiscuous mode
[  445.023325][T11872] veth1_macvtap: entered promiscuous mode
[  445.046362][T11872] batman_adv: batadv0: Interface activated: batadv_slave_0
[  445.068578][T11872] batman_adv: batadv0: Interface activated: batadv_slave_1
[  445.083164][T11872] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  445.095881][T11872] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  445.106907][T11872] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  445.116372][T11872] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  445.155916][T11872] ieee80211 phy27: Selected rate control algorithm 'minstrel_ht'
[  445.189245][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.191075][T11872] ieee80211 phy28: Selected rate control algorithm 'minstrel_ht'
[  445.209742][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  445.254859][ T8754] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  445.265777][ T8754] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  446.644906][ T8760] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  447.785112][ T8760] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.259206][ T8760] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.315626][ T8760] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  448.489375][ T8760] bridge_slave_1: left allmulticast mode
[  448.507220][ T8760] bridge_slave_1: left promiscuous mode
[  448.517335][ T8760] bridge0: port 2(bridge_slave_1) entered disabled state
[  448.541176][ T8760] bridge_slave_0: left allmulticast mode
[  448.552442][ T8760] bridge_slave_0: left promiscuous mode
[  448.558135][ T8760] bridge0: port 1(bridge_slave_0) entered disabled state
[  448.719565][ T8760] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  448.735245][ T8760] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  448.746367][ T8760] bond0 (unregistering): Released all slaves
[  448.962684][ T8760] hsr_slave_0: left promiscuous mode
[  448.977741][ T8760] hsr_slave_1: left promiscuous mode
[  448.991259][ T8760] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  448.998663][ T8760] batman_adv: batadv0: Removing interface: batadv_slave_0
[  449.023625][ T8760] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  449.040281][ T8760] batman_adv: batadv0: Removing interface: batadv_slave_1
[  449.065989][ T8760] veth1_macvtap: left promiscuous mode
[  449.080401][ T8760] veth0_macvtap: left promiscuous mode
[  449.085987][ T8760] veth1_vlan: left promiscuous mode
[  449.103042][ T8760] veth0_vlan: left promiscuous mode
[  449.400062][ T8760] team0 (unregistering): Port device team_slave_1 removed
[  449.415577][ T8760] team0 (unregistering): Port device team_slave_0 removed
[  449.775342][ T1298] ieee802154 phy0 wpan0: encryption failed: -22