last executing test programs:

12m11.119971562s ago: executing program 32 (id=67):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getpriority(0x0, r1)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
msgrcv(0x0, 0x0, 0xfffffffffffffeac, 0x1, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x110)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_open_procfs$pagemap(0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

11m45.602696047s ago: executing program 1 (id=104):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
ioctl$KVM_SET_MSRS(r2, 0xc048aeca, &(0x7f0000000580)={0x4, 0x0, [{0x9bf, 0x0, 0x2}, {0xa5c, 0x0, 0x8}, {0x327, 0x0, 0x8}, {0xb3e, 0x0, 0x1ff}]})

11m45.072303909s ago: executing program 1 (id=105):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r2)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, r3, 0x1, 0xfffffffd, 0x25dfdbfd, {0x34}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ptrace$ARCH_MAP_VDSO_32(0x1e, r1, 0x5, 0x2002)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
socket$inet6(0xa, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

11m43.438081298s ago: executing program 1 (id=108):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$DEVLINK_CMD_RATE_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, 0x0, 0x1, 0xfffffffd, 0x25dfdbfd, {0x34}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)

11m34.650607188s ago: executing program 1 (id=115):
io_setup(0x239f, 0x0)
syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x6c0d, 0x0, 0x2, 0x2}, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
ioperm(0x0, 0x9, 0x5)
syz_emit_ethernet(0x46, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$TIOCGSID(r2, 0x5429, 0x0)
ptrace$setregs(0xf, r0, 0x7, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xcb}, 0xfffffffffffffe5c, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f00000002c0), &(0x7f0000000480)="8d15820b6e2f2c30db6fddaf76fc0900000031d22cc0ad6e1f4390de3943bb4bdac4a9c0ae49bfb8ea36cb9764465270b956f3144d02c596c57dc962ad0512b9b3e8655b45b33adb3b0ceef76306aa6c714818c9c222c054c208ae17a554fbbf6b21b155feb1fb211356dcdc327305a95eb3163cc874905834507c6bf287f65c1680", 0x82, 0xfffffffffffffffe)

11m28.243334758s ago: executing program 1 (id=120):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, 0x0, 0x1, 0xfffffffd, 0x25dfdbfd, {0x34}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

11m22.846513735s ago: executing program 1 (id=123):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, 0x0, 0x1, 0xfffffffd, 0x25dfdbfd, {0x34}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

11m7.713458952s ago: executing program 33 (id=123):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$DEVLINK_CMD_RATE_GET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, 0x0, 0x1, 0xfffffffd, 0x25dfdbfd, {0x34}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
setsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

10m19.194446434s ago: executing program 5 (id=191):
io_setup(0x239f, 0x0)
syz_io_uring_setup(0xf00, &(0x7f0000000080)={0x0, 0x6c0d, 0x0, 0x2, 0x2}, 0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
ioperm(0x0, 0x9, 0x5)
syz_emit_ethernet(0x46, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x200, 0x0)
ioctl$TIOCGSID(r3, 0x5429, 0x0)
ptrace$setregs(0xf, r0, 0x7, &(0x7f0000000200))
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xcb}, 0xfffffffffffffe5c, 0xfffffffffffffff9)
add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f00000002c0), &(0x7f0000000480)="8d15820b6e2f2c30db6fddaf76fc0900000031d22cc0ad6e1f4390de3943bb4bdac4a9c0ae49bfb8ea36cb9764465270b956f3144d02c596c57dc962ad0512b9b3e8655b45b33adb3b0ceef76306aa6c714818c9c222c054c208ae17a554fbbf6b21b155feb1fb211356dcdc327305a95eb3163cc874905834507c6bf287f65c1680", 0x82, 0xfffffffffffffffe)

10m12.508873105s ago: executing program 5 (id=195):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x804e20}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
mprotect(&(0x7f0000ffa000/0x3000)=nil, 0x3000, 0x1000000)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$unix(0x1, 0x2, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$TCSETSW(r4, 0x5403, &(0x7f00000000c0)={0xc, 0x8, 0x40, 0x7, 0x13, "71feaf33c32ed6fe90107884be157e88b3e578"})
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{0x0}, {0x0}], 0x2}, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb, 0x0, 0x0, 0xe, 0x0, 0x0, 0x2, 0x0, 0x9b}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000240)=@bpf_lsm={0x16, 0x7, &(0x7f0000000180)=@raw=[@func={0x85, 0x0, 0x1, 0x0, 0x4}, @exit, @initr0, @exit, @func={0x85, 0x0, 0x1, 0x0, 0xfffffffffffffffc}, @exit], &(0x7f00000000c0)='GPL\x00'}, 0x78)

10m11.081066145s ago: executing program 5 (id=197):
openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$radio(0x0, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
ioprio_get$pid(0x1, 0x0)
mount(&(0x7f0000000440)=@nullb, 0x0, &(0x7f00000001c0)='hfs\x00', 0x200480, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ef6a1b10c016df0571b001000001090212000104000000090476020003000000"], 0x0)

10m6.990578618s ago: executing program 5 (id=200):
openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$radio(0x0, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
epoll_create1(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x4, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x800}, {0x2, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x4, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {}, {}, {0xffffffff}, {}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0xfffffffc, 0x200}, {}, {0x0, 0x0, 0x0, 0x3}, {0x7}, {}, {}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {0x2}, {}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x2}, {0x2, 0x9, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffe}, {0x2d}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800}, {}, {0x0, 0x0, 0x0, 0x0, 0xd}, {0x0, 0x0, 0x0, 0x1}], [{}, {}, {}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x1}, {}, {}, {}, {}, {}, {0x7}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000080)={0x84, @private=0xa010100, 0x15, 0x3, 'lblcr\x00', 0x25, 0x5, 0x72}, 0x2c)
mount(&(0x7f0000000440)=@nullb, &(0x7f0000000300)='./cgroup\x00', &(0x7f00000001c0)='hfs\x00', 0x200480, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB="12010000ef6a1b10c016df0571b001000001090212000104000000090476020003000000"], 0x0)

10m2.399107381s ago: executing program 5 (id=203):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000240), r2)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x30, r3, 0x1, 0xfffffffd, 0x25dfdbfd, {0x34}, [@handle=@pci={{0x8}, {0x11}}]}, 0x30}}, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r5 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r5, 0x1, 0x0)
r6 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
ptrace$ARCH_MAP_VDSO_32(0x1e, r1, 0x5, 0x2002)
read$msr(r6, &(0x7f0000019680)=""/102392, 0x18ff8)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6(0xa, 0x2, 0x0)
setsockopt$inet6_mreq(r7, 0x29, 0x1b, &(0x7f0000000100)={@remote}, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x6}, {0x66, 0x0, 0x0, 0x25702020}}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x1, 0x5, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0xffffffff}, {0x56}}], {{0x4, 0x1, 0x2, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000040)='GPL\x00', 0x3, 0x0, 0x0, 0x0, 0x4a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

9m56.240312821s ago: executing program 5 (id=207):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
msgrcv(0x0, 0x0, 0xfffffffffffffeac, 0x1, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x110)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_open_procfs$pagemap(0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

9m40.782749841s ago: executing program 34 (id=207):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000, '\x00', 0x0, 0x0}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
msgrcv(0x0, 0x0, 0xfffffffffffffeac, 0x1, 0x0)
sendmsg$IPCTNL_MSG_TIMEOUT_GET(0xffffffffffffffff, 0x0, 0x110)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
syz_open_procfs$pagemap(0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)

9m15.949451296s ago: executing program 4 (id=238):
r0 = getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x48)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, 0x0, 0x0)
bind$bt_hci(r1, 0x0, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = epoll_create1(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)
epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1, 0x7ff)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f00000000c0)={0x10000011})

9m11.416705137s ago: executing program 4 (id=241):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r3, &(0x7f0000000d00)={0x0, 0x0, &(0x7f0000001e80)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594011d24fc60", 0x14}], 0x1}, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r7 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

9m9.671740241s ago: executing program 4 (id=242):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$kcm(0x10, 0x3, 0x10)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r6}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r7 = dup(r4)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r3}, 0x2c, {'wfdno', 0x3d, r7}, 0x2c, {[], [], 0x6b}})

9m7.447971814s ago: executing program 4 (id=246):
r0 = getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x48)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
bind$bt_hci(r1, &(0x7f0000000200)={0x1f, 0x3, 0x2}, 0xffffffffffffffd9)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000a00)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYRES64=r5, @ANYRES16=0x0, @ANYBLOB="010028bd7000fddbdf2518000000080003007b77f86469825961e0fffaa0b4139b599dc14c916fb5dc0e68d11cf925b9cc5a33c59a0ca4fc0ce0d61706c44e838f13b51fb23054333094681b2a9e44484ec2aa802368e6e724f2b919b9233118adafb5271e1df609255d36ce203686ecf6b8d191", @ANYRES32=r5, @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
syz_emit_ethernet(0xde, 0x0, 0x0)
fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(0xffffffffffffffff, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)

9m4.395846763s ago: executing program 4 (id=249):
r0 = getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x48)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
bind$bt_hci(r1, &(0x7f0000000200)={0x1f, 0x3, 0x2}, 0xffffffffffffffd9)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYRES64, @ANYRES16=0x0, @ANYBLOB="010028bd7000fddbdf2518000000080003007b77f86469825961e0fffaa0b4139b599dc14c916fb5dc0e68d11cf925b9cc5a33c59a0ca4fc0ce0d61706c44e838f13b51fb23054333094681b2a9e44484ec2aa802368e6e724f2b919b9233118adafb5271e1df609255d36ce203686ecf6b8d191", @ANYRES32, @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
syz_emit_ethernet(0xde, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)

9m2.024270843s ago: executing program 4 (id=251):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r6 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})

8m46.847420582s ago: executing program 35 (id=251):
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r5}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r6 = dup(r3)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})

7m24.495840288s ago: executing program 7 (id=363):
r0 = getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x48)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = epoll_create1(0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)
epoll_wait(r4, &(0x7f0000000000)=[{}], 0x1, 0x7ff)
r5 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder1\x00', 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r5, &(0x7f00000000c0)={0x10000011})

7m22.748447192s ago: executing program 7 (id=365):
r0 = getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x48)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000200)={0x1f, 0x3, 0x2}, 0xffffffffffffffd9)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=ANY=[@ANYRES64, @ANYRES16=0x0, @ANYBLOB="010028bd7000fddbdf2518000000080003007b77f86469825961e0fffaa0b4139b599dc14c916fb5dc0e68d11cf925b9cc5a33c59a0ca4fc0ce0d61706c44e838f13b51fb23054333094681b2a9e44484ec2aa802368e6e724f2b919b9233118adafb5271e1df609255d36ce203686ecf6b8d191", @ANYRES32, @ANYRES8=r3], 0x1c}, 0x1, 0x0, 0x0, 0x40000}, 0x4000)
syz_emit_ethernet(0xde, 0x0, 0x0)
r5 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
r6 = fsmount(r5, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r6}}, 0x58)

7m13.850239686s ago: executing program 7 (id=372):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x8000000000, 0x2)
ioctl$vim2m_VIDIOC_CREATE_BUFS(r0, 0xc100565c, &(0x7f0000000140)={0x0, 0x40, 0x4, {0x2, @raw_data="3d924b8271394fa4ec01eb92492ff84715d1a004d08b012a7cafe27a5f313d31bbdae50511ca5be6bfe92437ed0d21b5180e375be56b3b9306d7dbb26bf9f22de7ac7681cca450055250217bdf1113b4258293ba4efed33147bda8454dd115bd5ba066ba06f2854cc96db9a98055cbde9fd084a1223ada91ed2e832907a01ab5ee65f997b617f73d1aa5a6dfc47acdc5eb834f8e448469d235e4380cbcc3310200970349a3c1374ffec96177b67caa0656f9664277cadb8597e7d911ad1da457ef9744b0993c57a7"}})
ioctl$vim2m_VIDIOC_PREPARE_BUF(r0, 0xc058565d, &(0x7f00000003c0)=@fd={0x0, 0x2, 0x4, 0x0, 0x0, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "f06e4b56"}, 0x5, 0x4, {}, 0x5c000000})

7m11.678888708s ago: executing program 7 (id=375):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, 0x0, 0x0, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

7m11.251345946s ago: executing program 7 (id=376):
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000080)={0x7}, 0x8)
sched_setaffinity(0x0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6_tcp(0xa, 0x1, 0x0)
getdents(0xffffffffffffffff, 0x0, 0x0)
setpriority(0x0, 0x1, 0xa7a8)

7m7.927485086s ago: executing program 7 (id=379):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x3c, 0x0, 0x1, 0x70bd20, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x90)

6m50.796635407s ago: executing program 36 (id=379):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKINFO_SET(r0, &(0x7f0000000500)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000340)={0x3c, 0x0, 0x1, 0x70bd20, 0x25dfdbfc, {}, [@ETHTOOL_A_LINKINFO_TP_MDIX_CTRL={0x5}, @ETHTOOL_A_LINKINFO_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'veth0_to_bridge\x00'}]}, @ETHTOOL_A_LINKINFO_PORT={0x5, 0x2, 0x4}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20009005}, 0x90)

2m53.788680154s ago: executing program 6 (id=757):
setsockopt$MRT6_DONE(0xffffffffffffffff, 0x29, 0xc9, 0x0, 0x0)
syz_emit_ethernet(0x4a, &(0x7f00000003c0)=ANY=[@ANYBLOB="ffffffffffffaaaaaaaaaabb86dd6012000800143afffe8000000000000000000000000000bbff0200000000000000000000000000018600907800000000fdffffff00000000000000008dc65292115c36e21ef846347334e8fe79e5e917e0e3888bce231f646088f30bf727c3f6caa276b2d289aff21f6a8a3a866050ee4da4eb5497f76fc3ad899931d3ba1654f1b7d4461e0342fe60efd92f238b01d333f062687b7cdba8bbf7449d96656d07c583cfd2eca08d7f28a8621138ddc8cb9be5f6dd7df66447de6f46aad24b6ac9934b31215ab01ecb19c873f678051bdaee7109765f2f28e6f2ee9435e0d26f112a4974"], 0x0)
syz_emit_ethernet(0x5e, &(0x7f0000001340)={@broadcast, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x28, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_redir={0x89, 0x0, 0x0, '\x00', @remote, @private1}}}}}}, 0x0)
r0 = getpid()
syz_pidfd_open(r0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000340)=@file={0x0, './file2\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
socket(0xa, 0x3, 0x3a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_RECVNXTINFO(r3, 0x84, 0x21, &(0x7f0000000040), 0x4)
getsockopt$inet_sctp6_SCTP_GET_ASSOC_ID_LIST(r3, 0x84, 0x1d, &(0x7f0000000080)={0x2, [0x0, 0x0]}, &(0x7f00000000c0)=0xc)
r4 = getpgrp(0x0)
sched_setaffinity(r4, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r6 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r6, 0x1, 0x0)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)

2m50.79130415s ago: executing program 6 (id=760):
r0 = socket$xdp(0x2c, 0x3, 0x0)
gettid()
timer_create(0x9, 0x0, &(0x7f00000000c0)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000200)={{}, {0x77359400}}, &(0x7f0000000240))
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f0000000040)={&(0x7f0000000000)=""/5, 0x1c000, 0x800, 0x8, 0x2}, 0x1c)
setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00'})
r3 = socket$pppoe(0x18, 0x1, 0x0)
connect$pppoe(r3, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000340)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdirat(0xffffffffffffff9c, 0x0, 0x62)
r6 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mkdir(&(0x7f0000000040)='./file0\x00', 0x1)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', 0x0, 0x200021, 0x0)
socket$nl_rdma(0x10, 0x3, 0x14)
write$RDMA_USER_CM_CMD_LISTEN(r6, &(0x7f0000000140)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0xdf}}, 0x10)
sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001000ff0000000000", @ANYRES32=0x0], 0x30}, 0x1, 0x0, 0x0, 0x4}, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r0, 0x11b, 0x5, &(0x7f00000000c0)=0x100, 0x4)
setsockopt$XDP_UMEM_COMPLETION_RING(r0, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4)

2m45.34354005s ago: executing program 6 (id=767):
r0 = socket$kcm(0xa, 0x1, 0x106)
shutdown(r0, 0x1)
r1 = syz_io_uring_setup(0x239, &(0x7f0000000600)={0x0, 0x5dfe, 0x10180, 0x0, 0x2}, &(0x7f0000000180)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x2def, 0x7f000000, 0x0, 0x0, 0x0)

2m45.08854301s ago: executing program 6 (id=771):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x2410010, &(0x7f0000000100), 0xfe, 0x1103, &(0x7f0000002240)="$eJzs2T+L1EAYBvBnkvUPNpFcHwQtLOS4Y/0CVyhsa6uNyFVedVsp+m38OHqV/XG9Fgv2kbibXZEVwV0V5PeDkDcPeWcy5UwCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg0nyqSQHVdKOWZWkJF13MbtK0o357fd1lZInp7P5o/Pp43mS+tvr5WlShq6hLe3x3ZvttJ22x+3Dg5N7H+avXr98fnZ2er4apqTL5WKvq7g1zl3vdVgAAAD4P/Q7a/7x/AAAAMCv7O0gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA39c2mbseiSlKSrruYXSXptvRd+0vfBwAAAOyupMqzZlu+PAbYeJCPTVnnw/1LGeqjvNvSDwAAAPxUf2NVfP9/vVzf7MfvZ7Lelw/ZnUxyeLh8frvKP58kdZKjHwa/XLx5MV6lr//0WgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrIDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAYK8AAAD//+0M1yg=")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x80800)
socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, &(0x7f00000012c0), 0xfe, 0x244, &(0x7f0000000400)="$eJzs3T9oJFUcB/DvzO565m6RUxtB/AMiooFwdoJNbBQCEoKIoEJExEZJhJhgl1jZWGitksomiJ3RUtIEG0WwipoiNoIGC4OFFiu7k0hMVqNu3Dkynw9MZibz3vzesPN9u83sBmisq0mmk7SSTCbpJCmON7i7Wq4e7q5PbM8nvd4TPxWDdtV+5ajflSRrSR5KslUWeamdrGw+s/fLzmP3vbncuff9zacnxnqRh/b3dh8/eG/2jY9mHlz54qsfZotMp/un6zp/xZD/tYvklv+j2HWiaNc9Av6Judc+/Lqf+1uT3DPIfydlqhfvraUbtjp54N2/6vv2j1/ePs6xAuev1+v03wPXekDjlEm6KcqpJNV2WU5NVZ/hv2ldLl9eXHp18sXF5YUX6p6pgPPSTXYf/eTSx1dO5P/7VpV/4OLq5//JuY1v+9sHrbpHA4zFHdWqn//J51bvj/xD48g/NJf8Q3PJPzSX/ENzyT80l/zDBdb5+8PyD80l/9Bc8g/NdTz/AECz9C7V/QQyUJe65x8AAAAAAAAAAAAAAAAAAOC09Ynt+aNlXDU/eyfZfyRJe1j91uD3iJMbB38v/1z0m/2hqLqN5Nm7RjzBiD6o+enrm76rt/7nd9Zbf3UhWXs9ybV2+/T9Vxzef//dzWcc7zw/YoF/qTix//BT461/0m8b9daf2Uk+7c8/14bNP2VuG6yHzz/ds79i+Uyv/DriCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABib3wMAAP//+kBtTA==")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x42, 0x1fe)
fallocate(r2, 0x10, 0x3, 0x7ffd)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
ioctl$FS_IOC_GETFSMAP(r3, 0xc0c0583b, &(0x7f00000000c0)={0x0, 0x2904c, 0x0, 0x10003, '\x00', [{0x0, 0xfffffffc, 0x0, 0x2000000000000}, {0xffffffff, 0x0, 0x0, 0x1, 0x0, 0x1}]})
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
epoll_create1(0x80000)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0xa, 0x0, 0x3, 0x8000000000, 0x1}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x0, 0x7fffffff, 0x6}, 0x0, 0x0)
sendmsg$key(r1, &(0x7f0000000fc0)={0x0, 0x0, &(0x7f0000000f80)={&(0x7f0000000100)={0x2, 0x16, 0x2, 0x5, 0x2, 0x0, 0x70bd2c, 0x25dfdbfe}, 0x10}}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$NS_GET_OWNER_UID(r5, 0xb704, &(0x7f0000000180))

2m43.1969982s ago: executing program 6 (id=773):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r2, 0xc048aeca, &(0x7f0000000580)={0x4, 0x0, [{0x9bf, 0x0, 0x2}, {0xa5c, 0x0, 0x8}, {0x327, 0x0, 0x8}, {0xb3e, 0x0, 0x1ff}]})

2m41.413051125s ago: executing program 6 (id=776):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

2m37.616583805s ago: executing program 8 (id=778):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
setxattr$trusted_overlay_origin(&(0x7f0000000180)='./file0\x00', &(0x7f0000000000), &(0x7f0000000040), 0x7323, 0x0)
sync()
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
mount$overlay(0x1000000, &(0x7f0000000100)='./bus\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

2m36.233927983s ago: executing program 8 (id=781):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = creat(0x0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000600)=r1)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = open$dir(0x0, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_COMPAT={0x44, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x21}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x84}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x890d}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x3b}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x4}]}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0xa840}, 0x600c0)
r6 = creat(0x0, 0x0)
r7 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001900010000000000fbdbdf251d010900100012800c008080080022000e000000"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
r8 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0), 0x82002, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(r6, 0xc02054a5, &(0x7f0000000340)={0x1ff, r5, 'id1\x00'})
io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$SNDCTL_DSP_SETFMT(r8, 0xc0045005, &(0x7f0000000080)=0x40000)

2m33.334408355s ago: executing program 8 (id=783):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000003980)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f00000025c0)=ANY=[@ANYBLOB='time_offset=0x0000000000000010,discard,gid=', @ANYRESHEX=0x0, @ANYBLOB=',iocharset=cp932,dmask=00000000000000000070707,gid=', @ANYRESHEX=0x0, @ANYBLOB="0000000010", @ANYRESHEX=0x0, @ANYRES16, @ANYRESHEX=0x0, @ANYBLOB=',fmask=00000000000000000000005,\x00'], 0x1, 0x1524, &(0x7f0000008940)="$eJzs3AuYTlXbOPD7XmvtMSbpaZLDsNa6N09yWCZJckiSQ5IkSZJTQtIkryQkhpyShiQkhyE5DCE5TEwa5/P5kJAkTZKE5JSs/yX8vb31fu/7fm/f67u+uX/XtS/rfva+1773cz+HvbeZ+a7zkBqNalZtQETwb8GL/yQDQCwADACA6wAgAICy8WXjL6zPKTH539sJ+3M9kna1K2BXE/c/e+P+Z2/c/+yN+5+9cf+zN+5/9sb9z964/4xlZ5umFbiel+y78P3/7Iy///8PySo15qs1pW7sAhDzz6Zw/7M37v//WcE/sxH3P3vj/mdXsVe7APa/AL//s4Mcf3cN9z974/4zlp1d7fvPV3uBSPZ+Dq72648xxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGWPZw2l+hAODy+GrXxRhjjDHGGGOMsT+Pz3G1K2CMMcYYY4wxxtj/PAQBEhQEEAM5IBZyQhwIALgWcsN1EIHrIR5ugDxwI+SFfJAfCkACFIRCoMGABYIQCkMRiMJNUBRuhmJQHEpASXBQChLhFigNt0IZuA3Kwu1QDu6A8lABKkIluBMqw11QBe6GqnAPVIPqUANqwr1QC+6D2nA/1IEHoC48CPXgIagPD0MDeAQawqPQCB6DxvA4NIGm0AyaQ4v/Vv5L0B1ehh7QE5KhF/SGV6AP9IV+0B8GwKswEF6DQfA6pMBgGAJvwFB4E4bBWzAcRsBIeBtGwTswGsbAWBgHqTAeJsC7MBHeg0kwGabAVEiDaTAd3ocZMBNmwQcwGz6EOTAX5sF8SIePYAEshAz4GBbBJ5AJi2EJLIVlsBxWwEpYBathDayFdbAeNsBG2ASbYQtshW2wHXbAp7ATPoNdsBv2wOewF774F/NP/U1+FwQEFChQocIYjMFYjMU4jMNcmAtzY26MYATjMR7zYB7Mi3kxP+bHBEzAQlgIDRokJCyMhTGKUSyKRbEYFsMSWAIdOkzERCyNt2IZLINlsSyWw3JYHitgBayElbAyVsYqWAWrYlWshtWwBtbAe/Fe7IW1sTbWwTpYF+tevj2FDbABNsSG2AgbYWNsjE2wCTbDZtgCW2BLbImtsBW2wTbYFttiO2yHSZiE7bE9dsAO2BE7YifshJ2xM3bBrtg166UcgC/jy9gTq4le2Bt7Yx9MydEP+2N/fBUH4mv4Gr6OKTgYh+Ab+Aa+icPwJA7HETgSR2Jl8Q6OxjFIYhymYipOwAk4ESfiJJyMk3EqpuE0nI7TcQbOxJn4Ac7GD/FDnItzcT6mYzouwIWYgRm4CE9hJi7GJbgUl+FyXIYrcRWuxDW4FtfgelyPG3EjbsbNuBW34nbcjp+iAsDPcDfuxhTci3txH+7D/bgfD+ABzMIsPIgH8RAewsN4GI/gETyKx/A4HsMTeAJP4ik8jafxLJ7Fc/hCwjcNPy2+OgXEBUooESNiRKyIFXEiTuQSuURukVtERETEi3iRR+QReUVekV/kFwkiQRQShYQRRpAIYwBAREVUFBVFRTFRTJQQJYQTTiSKRFFalBZlRBlRVtwuyok7RHlRQbR2lUQlUVm0cVXE3aKqqCqqieqihqgpaopaopaoLWqLOqKOqCvqinriIVFf9MJ++Ii40JlGYjA2FkOwiWgq5KVPsJZiGLYSrUUb8ZQYgcOxnWjpksSzor0YjR3EX8QYfF50EuOws3hRdBFdRTfxkuguWrkeoqeYhL1EbzEV+4i+op/oL2ZgdfEBzs5ZQ7wuUsRgMUS8Iebjm2KYeEsMFyPESPG2GCXeEaPFGDFWjBOpYryYIN4VE8V7YpKYLKaIqSJNTBPTxftihpgpZokPxGzxoZgj5op5Yr5IFx+JBWKhyBAfi0XiE5EpFoslYqlYJpaLFWKlWCVWizVirVgn1osNYqPYJDaLLWKr2Ca2ix3iU7FTfCZ2id1ij/hc7BVfiH3iS7FffCUOiK9FlvhGHBTfikPiO3FYfC+OiB/EUXFMHBc/ihPiJ3FSnBKnxRlxVvwszolfxHnhBUiUQkqpZCBjZA4ZK3PKOHmNzCWDS8/u9TJe3iDzyBtlXplP5pcFZIIsKAtJLY20kmQoC8siMipvkkXlzbKYLC5LyJLSyVIyUd4iS8tbZRl5mywrb5fl5B2yvKwgK8pK8k5ZWd4lIXJxH9VkdVlD1pT3ymS4T9aW98s68gFZVz4o68mHZH35sGwgH5EN5aOykXxMNpaPyyayqWwmm8sW8gnZUj4pW8nWso18SraVT8t28hmZJJ+V7aW/9BJ5XnaSL8jO8kXZRXaV3eQv8rz0sofsKaEXyN7yFdlH9pX9ZH85QL4qB8rX5CD5ukyRg+UQ+YYcKt+Uw+RbcrgcIUfKt+Uo+Y4cLcfIsXKcTJXj5QT5rpwo35OT5GQ5RU6VaXKa7HdppllS/sP8d/8gf9Cve98oN8nNcovcKrfJ7XKH/FTulDvlLrlL7pF75F65V+6T++R+uV8ekAdklsySB+VBeUgekoflYXlEHpFH5TF5Rv4oT8if5El5Sp6SZ+RZeVaeu/QcgEIllFRKBSpG5VCxKqeKU9eoXOpalVtdpyLqehWvblB51I0qr8qn8qsCKkEVVIWUVkZZRSpUhVURFVU34aUXjCqhSiqnSqlEdcu/kq+KqptVMVX8N/mX60v+O/W1UC1US9VStVKtVBvVRrVVbVU71U4lqSTVXrVXHVQH1VF1VJ1UJ9VZdVZdVBfVTXVT3VV31UP1UMkqWfVWr6g+qq/qp/qrAepVNVANVIPUIJWiUtQQNUQNVUPVMDVMDVfD1Ug1Uo1So9RoNVqNVWNVqkpVE9QENVFNVJPUJDVFTVFpKk1NV9PVDDVDzVKz1Gw1W81Rc9Q8NU+lq3S1QC1QGSpDLVKLVKZarBarpWqpWq6Wq5VqpVqtVqu1aq1ar9arTLVJbVJb1Ba1TW1TO9QOtVPtVLvULrVH7VF71V61T+1T+9V+dUAdUFkqSx1UB9UhdUgdVofVEXVEHVVH1XF1XJ1QJ9RJdVKdVqfVWXVWnVPn1Hl1/sJpXyACEahABTFBTBAbxAZxQVyQK8gV5A5yB5EgEsQH8UGe4MYgb5AvyB8UCBKCgkGhQAcmsIG41PRocFNQNLg5KBYUD0oEJQMXlAoSg1uC0sGtQZngtqBscHtQLrgjKB9UCCoGlYI7g8rBXUGV4O6ganBPUC2oHtQIagb3BrWC+4Lawf1BneCBoG7wYFAveCioHzwcNAgeCRoGjwaNgseCxsHjQZOgadAsaB60+FPn9/5kviddD91TJ+teurd+RffRfXU/3V8P0K/qgfo1PUi/rlP0YD1Ev6GH6jf1MP2WHq5H6JH6bT1Kv6NH6zF6rB6nU/V4PUG/qyfq9/QkPVlP0VN1mp6mp+v39Qw9U8/SH+jZ+kM9R8/V8/R8na4/0gv0Qp2hP9aL9Cc6Uy/WS/RSvUwv1yv0Sr1Kr9Zr9Fq9Tq/XG/RGvUlv1lv0Vr1Nb9c79Kd6p/5M79K79R79ud6rv9D79Jd6v/5KH9Bf6yz9jT6ov9WH9Hf6sP5eH9E/6KP6mD6uf9Qn9E/6pD6lT+sz+qz+WZ/Tv+jz2l84ub/w9W6UUSbGxJhYE2viTJzJZXKZ3Ca3iZiIiTfxJo/JY/KavCa/yW8STIIpZAqZC8iQKWwKm6iJmqKmqClmipkSpoRxxplEk2hKm9KmjCljypqyppwpZ8qb8qaiqWjuNHeau8xd5m5zt7nH3GOqm+qmpqlpaplaprapbeqYOqauqWvqmXqmvqlvGpgGpqFpaBqZRqaxaWyamCammWlmWpgWpqVpaVqZVqaNaWPamramnWlnkkySaW/amw6mg+loOppOppPpbDqbLqaL6Wa6me6mu+lhephkk2x6m96mj+lj+pl+ZoAZYAaagWaQGWRSTIoZYoaYoWaoGWaGmeFmhBl54UTVvGNGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbBWaByTAZZpFZZDJNpllilphlZplZYVaYVWaVWWPWmHWwzmwwG8wms8lsMVvMNrPN7DA7zE6z0+wyu8wes8fsNXvNPrPP7Df7zQFzwGSZLHPQHDSHzCFz2Bw2R8wRc9QcNcfNcXPCnDAnzUlz2pw2Z02+S9+X3sTanDbOXmNz2Wttbnud/ds4vy1gE2xBW8hqm9fm+01srLXFbHFbwpa0zpayifaW38XlbQVb0Vayd9rK9i5b5XdxLXufrW3vt3XsA7amvfc3cV37oK1nH7P1EQFsU9vQNreN7GO2sX3cNrFNbTPb3La1T9t29hmbZJ+17e1zv4sX2IV2lV1t19i1dpfdbU/bM/aQ/c6etT/bHranHWBftQPta3aQfd2m2MG/i0fat+0o+44dbcfYsXbc7+IpdqpNs9PsdPu+nWFn/i5Otx/Z2TbDzrFz7Tw7/9f4Qk0Z9mO7yH5iM20AS+xSu8wutyvsyv9f61K73m6wG+1O+5ndYrfabXa73XH5RNjutnvs53av/cIetN/a/fYre8Aetln2m1/jC8d32H5vj9gf7FF7zB63P9oT9id1OfvCsf9of7HnrbdASECSFAUUQzkolnJSHF1Duehayk3XUYSup3i6gfLQjZSX8lF+KkAJVJAKkSZDlohCKkxFKEo30eXySlBJclSKEukWKk23Uhm6jcrS7VSO7qDyVIEqUiW6kyrTXVSF7qaqdA9Vo+pUg2rSvVSL7qPadD/VoQeoLj1I9eghqk8PUwN6hBrSo9SIHqPG9Dg1oabUjJpTC3qCWtKT1IpaUxt6itrS09SOnqEkepba03PUgf5CHel56kQvUGd6kbpQV+pGL1F3epl6UE9Kpl7Um16hPtSX+lF/GkCv0kB6jQbR65RCg2kIvUFD6U0aRm/RcBpBI+ltGkXv0GgaQ2NpHKXSeJpA79JEeo8m0WSaQlMpjabRdHqfZtBMmkUf0Gz6kObQXJpH8ymdPqIFtJAy6GNaRJ9QJi2mJbSUltFyWkEraRWtpjW0ltbRetpAG2kTbaYttJW20XbaQZ/STvqMdtFu2kOf0176gvbRl7SfvqID9DVl0Td0kL6lQ/QdHabvfU/6gY7SMTpOP9IJ+olO0ik6TWfoLP1M5+gXOk+eIMRQhDJUYRDGhDnC2DBnGBdeE+YKrw1zh9eFkfD6MD68IcwT3hjmDfOF+cMCYUJYMCwU6tCENqQwDAuHRcJoeFNYNLw5LBYWD0uEJUMXlgoTw1vC0uGtYZnwtrBseHtYLrwjLB9WCB97oFJ4Z1g5vCusEt4dVg3vCauF1cMaYc3w3rBWeF9YO7w/rBM+EJYJHwzrhQ+F9cOHwwbhI2HD8NGwUfhY2Dh8PGwSNg2bhc3DFuETYcvwybBV2DpsEz4Vtg2fDtuFz4RJ4bNh+/C5X9c/uPDvr08Oe4W9w1fCV0Lv75fzovOj6dGPoguiC6MZ0Y+ji6KfRDOji6NLokujy6LLoyuiK6Oroquja6Jro+ui66Mbohuj3tfMAQ6dcNIpF7gYl8PFupwuzl3jcrlrXW53nYu46128u8HlcTe6vC6fy+8KuARX0BVy2hlnHbnQFXZFXNTd5Iq6m10xV9yVcCWdc6VcomvuWrgWrqV70rVyrV0b95R7yj3tnnbPuGfcs669e851cH9xHd3zrpN7wb3gXnRdXFfXzb3kurvxuS++J5Ndb9fb9XF9XD/Xzw1wA9xAN9ANcoNciktxQ9wQN9QNdcPcMDfcDXcj3Ug3yo1yo91oN9aNdaku1U1wE9xEN9FNcpPcFDfFpbk0N91NdzPcDFd55sW9zHFz3Dw3z6W7dLfAXThnzHCL3CKX6TLdErfELXPL3Aq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29wOt8PtdDvdLn/dxUndXrfP7XP73X53wH3tstw37qD71h1y37nD7nt3xP3gjrpj7rj70Z1wP7mT7pQ77c64s+5nd8794s4771Ij4yMTIu9GJkbei0yKTI5MiUyNpEWmRaZH3o/MiMyMzIp8EJkd+TAyJzI3Mi8yP5Ie+SiyILIwkhH5OLIo8kkkM7I4siSyNLIssjzifcEtoS/si/iov8kX9Tf7Yr64L+FLeudL+UR/iy/tb/Vl/G2+rL/dl/N3+PK+gq/oH/dNfFPfzDf3LfwTvqV/0rfyrX0b/5Rv65/27fwzPsk/69v753wH/xff0T/vO/kXfGf/ou/iu/pu/iXf3b/se/iePtn38r39K76P7+v7+f5+gH/VD/Sv+UH+dZ/iB/sh/g0/1L/ph/m3/HA/wo+MeduPunyJDON8qh/vJ/h3/UT/np/kJ/spfqpP89P8dP++n+Fn+ln+Az/bf+jn+Ll+np/v0/1HfoFf6DP8x36R/8Rn+sWXbyr7FX6lX+VX+zV+rV/n1/sNfqPf5Df7LX6r3+a3+x3+U7/Tf+Z3+d1+j//c7/Vf+H3+S7/ff+UP+K99lv/GH/Tf+kP+O3/Yf++P+B/8UX/MH/c/+hP+J3/Sn/Kn/Rl/1v/sz/lf/Hn+nTXGGGOMsX/K+CtD8ds1F2/n9/qDHPFXG/cGgGu3Fsj66/UXzijX5b047isS2kYA4NmenR+5vFSrlpycfGnbTAlBkbkAl/8n6IIYuBIvhjbwNCRBayj9h/X3FV3P0j+YP3o7QNxf5cTClfjK/F8CYPIfzP/EUyMXlAtPx/8X888FKFbkSk5OuBIvhja/3l9pDWX+Tv35Wv6D+nN+lQrQ6q9ycsGV+Er9ifAkPAdJv9mSMcYYY4wxxhi7qK+o2PHy9efln/j8o+vzBHUlJwdcif/R9TljjDHGGGOMMcauvue7dnvmiaSk1h3/9UGV/1bWPz1oDP9TM/PgDwfeA1x+RAHAvzkhwIWB/E8exeb/yL5SLr11/nbVsjM+gP8drfwzBlf5g4kxxhhjjDH2p7ty0v/bx9XVKogxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGMuG/hN/TuxqHyNjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDF2tf2/AAAA//9IVQM5")
r0 = socket$inet6(0xa, 0x800, 0x1)
sendto$inet6(r0, &(0x7f0000000000)="5522601eb6a841b3f25b1f84", 0xc, 0x48000, &(0x7f0000000080)={0xa, 0x4e20, 0x2529, @rand_addr=' \x01\x00', 0x6}, 0x1c)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002080)='./file0\x00', &(0x7f00000020c0), 0x0, &(0x7f0000002100)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket$inet(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, 0x0, 0x0)
removexattr(&(0x7f0000000100)='./file0\x00', &(0x7f0000000140)=@known='trusted.syz\x00')

2m31.971353493s ago: executing program 8 (id=785):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da", 0x33}], 0x1}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

2m30.157577099s ago: executing program 8 (id=787):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_LOOKUP_ELEM(0x1, &(0x7f0000000040)={r0, &(0x7f00000000c0)="9e48cb885ff74c2b3ff744831765b7f5c07b76b8d7b0251de4a4ae1a501514fca1e8f0415d83fd9a0f8b32d293bafdb54abac846a299322c759511ccfe703e9de743977adc4d810d7104b6b2bc52f270e720d4ab57dafdbfc3c8cebc370c90f884b5e968372e9b3c2ad524015344c49694414243279a172b2fa8b732855df43bb6665e2bc001e32aab39c9b508ec", &(0x7f0000000200)=""/4096}, 0x20)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r1, &(0x7f0000000100)={0xa, 0x400, 0x0, @private1, 0x200000}, 0x1c)
shutdown(r1, 0x1)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r1, 0x84, 0x7b, &(0x7f0000000080)={0x0, 0x4}, 0x8)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000040)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xffffffffffffff61, 0x24, 0x9, [@enum64={0x4, 0x2, 0x0, 0x13, 0x1, 0x1, [{0x7, 0x1, 0x7fffffff}, {0x1, 0x40010002, 0x5}]}]}, {0x0, [0x61, 0x5f, 0x5f, 0x2e, 0x5f, 0x61, 0x0]}}, 0x0, 0x45}, 0x28)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
clock_nanosleep(0x8, 0x1, &(0x7f0000000080), 0x0)

2m28.576389526s ago: executing program 8 (id=789):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
sync()
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi0\x00', 0x103840, 0x0)
r1 = socket$kcm(0xa, 0x6, 0x0)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x4e21, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2fd9}], 0x1c)
ioctl$COMEDI_SUBDINFO(r0, 0x80486402, &(0x7f0000001940))
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000002980)={&(0x7f00000018c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4040000}, 0x24040004)
accept4$unix(0xffffffffffffffff, &(0x7f00000010c0), &(0x7f0000001180)=0x6e, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYRESHEX], 0x44}, 0x1, 0x0, 0x0, 0x10004893}, 0x40005)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x248, 0xffffffff, 0xffffffff, 0x248, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff], [0x0, 0xff, 0xff000000], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x2c8c}}}, {{@ipv6={@remote, @mcast2, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x11, 0x2f, 0x6, 0x50}, 0x0, 0x148, 0x178, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x1, 0x5, [0x4e23, 0x4e24, 0x4e21, 0x4e24, 0x4e23, 0x4e22, 0x4e21, 0x4e21, 0x4e20, 0x4e22, 0x4e24, 0x4e24, 0x4e24, 0x4e21, 0x4e24], [0x0, 0x0, 0x0, 0x1, 0x59, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1]}}, @common=@inet=@set4={{0x50}, {{0x3, 0x4, 0x2}, {{0x100000000}, 0xe}, {{0xffffffffffffffff}, 0x9}, 0x81}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x378)
r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r6, 0xc040565e, &(0x7f0000000380)={0x1, 0x100, 0x4, {0x4, 0x7, 0x780000, 0xfcad}})
arch_prctl$ARCH_SHSTK_ENABLE(0x1003, 0xf0ff1f00000000)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000180)=[@in={0x2, 0x4e22, @multicast1}, @in6={0xa, 0x4e22, 0x80, @remote, 0x10001}, @in6={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xa}, @in6={0xa, 0x4e24, 0x9, @mcast2, 0x2}, @in={0x2, 0x4e23, @multicast2}, @in6={0xa, 0x4e22, 0x8, @local, 0x70a}], 0x90)
add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, 0x0, 0x0, 0x4, 0x1019, &(0x7f0000000880)=""/4121}, 0x94)
unshare(0x2040400)
r8 = socket(0x0, 0x3, 0xfffffff9)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r8, &(0x7f0000000000), 0x400000000000235, 0x0)
open(0x0, 0x20000, 0x0)

2m25.61923672s ago: executing program 37 (id=776):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x4)
r1 = getpid()
sched_setscheduler(r1, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

2m12.131963788s ago: executing program 38 (id=789):
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000440)='./file0\x00', 0x0, &(0x7f0000000480), 0x1, 0x3e8, &(0x7f00000004c0)="$eJzs3M9rHFUcAPDvTH71p0k0/qj1EPFgQEyaNNYKIuYiInqyRw/G/Kilm0aSFWwIqCjeevPqQfHg3+BJwf9AEE+epRAkLehxZXZn4prspt1u1sHs5wNT3ps3y3sz333zmjfzNoC+NRkRn0TEcESsRsRovj/Jt3i1sWXH3d3dXsq2JGq1t/9I6uV3dreXoukzmdPZP2nEVBqRfh5xvkW9mze3ri9WKisbeX6muvbBzObNreevrS1eXbm6cmPu4ouz85fmLs2+cGTneuv85Zeenn/j11uvfbP0y5Xv3svaeyYvaz6PozKZXbW0ddmFo66sZGfKbgAPJPt6DkTEYL3/j8ZAPdUwGh+/U2rjAICeqNVqA/vyAMCxlxjzAaDPFH/339ndXiq2UiYiKMXOQkScaMS/eL7bKBncexI01MPne5MR8X76/US2RY+ewwIAAAD0sx8WIuJyq/m/NJ5qOu5sRDyUrw8Yi4jxiHg4Ih7psv7JffmD8z/p7S6r4BA7CxEvN63tuNsU/9zYQJ47W4/9ULJ6rbJyIf8+TMXQSJafPaSOP7euf9GurHn+L9uy+ou5wLwdtwdH/v2Z5cXqYjfnzD92Po14crBV/JO9+d8kIia6qOPH8bWv2pXdO/70Uu3riGdb9v9k75jk8PVZM/X7wUxxVzjorZ8+e7dd/eJfrqz/nzo8/mNJ83q9zc7rePzcbxvtyh70/j+cXKk3cDjf99FitboxGzGcvHlw/1znbT6uiutRXK8s/lPPtB7/iyBkF/TRiHgsi2VEPBER5zqo89vxv062K9P/y5XFf7mj/t954pWJ139uV//99f/5emOm8j3+/3dv9xugstsJAAAAAAAAwNFI62u7k3R6L52m09ON3/CeiFNpZX2z+tzq+oc3lhtrwMdiKC3e9Bpteh90Nn8vuMjP7ctfzN8Z/nLkZD0/vbReWS775AGgT51uM/5nfh8pu3UAQM+cKLsBAMB/zvgPAP3H+A8A/cf4DwD9x/gPAP3H+A8AfaWb3/WXkJA4romy70wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/b38HAAD//78JzGY=")
sync()
r0 = openat$comedi(0xffffffffffffff9c, &(0x7f0000000000)='/dev/comedi0\x00', 0x103840, 0x0)
r1 = socket$kcm(0xa, 0x6, 0x0)
recvmsg(r1, &(0x7f0000000340)={0x0, 0x0, 0x0}, 0x0)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r2, 0x84, 0x6e, &(0x7f0000000080)=[@in6={0xa, 0x4e21, 0x3, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x2fd9}], 0x1c)
ioctl$COMEDI_SUBDINFO(r0, 0x80486402, &(0x7f0000001940))
syz_mount_image$exfat(0x0, &(0x7f0000000100)='./bus\x00', 0x4800, 0x0, 0x0, 0x0, &(0x7f0000000240))
r3 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f00000029c0)={0x0, 0x0, &(0x7f0000002980)={&(0x7f00000018c0)=ANY=[], 0x28}, 0x1, 0x0, 0x0, 0x4040000}, 0x24040004)
accept4$unix(0xffffffffffffffff, &(0x7f00000010c0), &(0x7f0000001180)=0x6e, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000040)=ANY=[@ANYRESHEX], 0x44}, 0x1, 0x0, 0x0, 0x10004893}, 0x40005)
r5 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000900)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0xd0, 0xffffffff, 0xffffffff, 0xd0, 0xffffffff, 0x248, 0xffffffff, 0xffffffff, 0x248, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @private2={0xfc, 0x2, '\x00', 0x1}, [0xff], [0x0, 0xff, 0xff000000], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28, 'NFQUEUE\x00', 0x0, {0x2c8c}}}, {{@ipv6={@remote, @mcast2, [], [], 'wg1\x00', 'gre0\x00', {}, {}, 0x11, 0x2f, 0x6, 0x50}, 0x0, 0x148, 0x178, 0x0, {}, [@common=@inet=@multiport={{0x50}, {0x1, 0x5, [0x4e23, 0x4e24, 0x4e21, 0x4e24, 0x4e23, 0x4e22, 0x4e21, 0x4e21, 0x4e20, 0x4e22, 0x4e24, 0x4e24, 0x4e24, 0x4e21, 0x4e24], [0x0, 0x0, 0x0, 0x1, 0x59, 0x0, 0x1, 0x1, 0x0, 0x0, 0x1, 0x0, 0x1, 0x1, 0x1]}}, @common=@inet=@set4={{0x50}, {{0x3, 0x4, 0x2}, {{0x100000000}, 0xe}, {{0xffffffffffffffff}, 0x9}, 0x81}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x378)
r6 = openat$vimc2(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$VIDIOC_G_SELECTION(r6, 0xc040565e, &(0x7f0000000380)={0x1, 0x100, 0x4, {0x4, 0x7, 0x780000, 0xfcad}})
arch_prctl$ARCH_SHSTK_ENABLE(0x1003, 0xf0ff1f00000000)
r7 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX(r7, 0x84, 0x6e, &(0x7f0000000180)=[@in={0x2, 0x4e22, @multicast1}, @in6={0xa, 0x4e22, 0x80, @remote, 0x10001}, @in6={0xa, 0x4e24, 0x3, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0xa}, @in6={0xa, 0x4e24, 0x9, @mcast2, 0x2}, @in={0x2, 0x4e23, @multicast2}, @in6={0xa, 0x4e22, 0x8, @local, 0x70a}], 0x90)
add_key$keyring(&(0x7f0000000340), &(0x7f00000002c0)={'syz', 0x2}, 0x0, 0x0, 0xfffffffffffffffe)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, 0x0, 0x0, 0x4, 0x1019, &(0x7f0000000880)=""/4121}, 0x94)
unshare(0x2040400)
r8 = socket(0x0, 0x3, 0xfffffff9)
r9 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth1\x00', <r10=>0x0})
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000340)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r10, {0x0, 0xffff}, {0xffff, 0xffff}, {0x1}}, [@qdisc_kind_options=@q_codel={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x4}, 0x0)
sendmmsg(r8, &(0x7f0000000000), 0x400000000000235, 0x0)
open(0x0, 0x20000, 0x0)

26.60768948s ago: executing program 2 (id=946):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(twofish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db394", 0x23}], 0x2}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

26.35117123s ago: executing program 2 (id=948):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x40}, 0x94)
ioctl$KVM_SET_MSRS(r2, 0xc048aeca, &(0x7f0000000580)={0x3, 0x0, [{0xa0f, 0x0, 0x8000000000000000}, {0x9bf, 0x0, 0x2}, {0x327, 0x0, 0x8}]})

24.784254707s ago: executing program 2 (id=952):
openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$radio(0x0, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
epoll_create1(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x4, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x800}, {0x2, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x4, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {}, {}, {0xffffffff}, {}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0xfffffffc, 0x200}, {}, {0x0, 0x0, 0x0, 0x3}, {0x7}, {}, {}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {0x2}, {}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x2}, {0x2, 0x9, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffe}, {0x2d}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800}, {}, {0x0, 0x0, 0x0, 0x0, 0xd}, {0x0, 0x0, 0x0, 0x1}], [{}, {}, {}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x1}, {}, {}, {}, {}, {}, {0x7}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000080)={0x84, @private=0xa010100, 0x15, 0x3, 'lblcr\x00', 0x25, 0x5, 0x72}, 0x2c)
mount(&(0x7f0000000440)=@nullb, &(0x7f0000000300)='./cgroup\x00', &(0x7f00000001c0)='hfs\x00', 0x200480, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000200)=ANY=[], 0x0)

21.488373336s ago: executing program 2 (id=959):
r0 = getpgrp(0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYRES16=r0], 0x48)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000280)={0x1f, 0xffff, 0x3}, 0x6)
bind$bt_hci(0xffffffffffffffff, 0x0, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NL80211_CMD_DEL_MPATH(0xffffffffffffffff, 0x0, 0x4000)
syz_emit_ethernet(0xde, 0x0, 0x0)
r4 = fsopen(&(0x7f0000000140)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
r5 = fsmount(r4, 0x0, 0x0)
syz_clone3(&(0x7f0000000340)={0x201800000, 0x0, 0x0, 0x0, {0x2d}, 0x0, 0x0, 0x0, 0x0, 0x0, {r5}}, 0x58)

18.927596673s ago: executing program 2 (id=963):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
r1 = socket(0x1d, 0x2, 0x6)
setsockopt$sock_attach_bpf(r1, 0x6a, 0x6e, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
r5 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r5, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
r6 = memfd_create(&(0x7f00000005c0)='-B\xd5NI\xc5j\x9a\b\x00\x00\x00\b\x84\xa2{\x00\v\x18\x004\x03\x96\x00\x00\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xc83\x12\xd7\xdb\x93\xcc]x\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x81\x01\xe5\x98\r\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00\x00\xa9\xf0I{\xf0:\xd7\x802\xf3\r|\x86\x82\xf1\xb2\x06\xb0\x06\xbe\xb1\x0f\xa2\xa6\xedA\xb7\x0f\xda\x9d<\xd6l\xbcF\xcb\xec\x83#?\xf4\x81\x16+\x14\xd0\xb8\x88`W\xa9\xef\'\xe1\xd9[\xac^', 0x1)
r7 = dup(r6)
r8 = fanotify_init(0x40, 0x2)
fanotify_mark(r8, 0x1, 0x10, r7, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x66960000)
pipe(&(0x7f0000000d00)={<r9=>0xffffffffffffffff, <r10=>0xffffffffffffffff})
r11 = socket$inet_udp(0x2, 0x2, 0x0)
close(r11)
ioctl$PTP_PEROUT_REQUEST(r9, 0x40383d03, 0x0)
r12 = openat$vcsu(0xffffffffffffff9c, 0x0, 0x381480, 0x0)
fgetxattr(r12, 0x0, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000001540)='./file0\x00', 0x2000004c, &(0x7f00000003c0)=ANY=[@ANYBLOB='iocharset=ascii,discard,dmask=00000000000000000000007,uid=', @ANYRESHEX=0x0, @ANYBLOB=',dmask=00000000000000000000152,iocharset=iso8859-1,gid=', @ANYRESHEX=0x0, @ANYBLOB="2c616c6c6f775f7574696d653d30303030303030303030303030303030303030303030372c646973636172642c00214b3cf244ea5fb7437f2c69f67a093e240a6e978fa4cd2d"], 0x1, 0x14f5, &(0x7f0000001580)="$eJzs3AuYjlXXOPC99t43Y5r0NMlh2GuvmycNtkmSHBJySJIkSXJKSJokSUgMOSUNSchxkhyGkBymMWmcz4eckyavNEkSklPY/0vv+33e9+v9vr7v//b/u65v1u+69jV7zf2s9ax71lzz3PdzXfP80HNUvRb1azcjIvEvgb9+SRFCxAghhgkhbhBCBEKISvGV4q8cL6Ag5V97EvbnejT9WnfAriWef97G88/beP55G88/b+P55208/7yN55+38fwZy8u2zyl2I6+8u/j9/7yMX///F8ktP/mbjeVv7vU/SOH55208/7yN55+38fzzNp5/3sbz/9+v1n9xjOeft/H8GcvLrvX7z7yu7brWv3+MMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxvKGc/4qLYT4t/217osxxhhjjDHGGGN/Hp//WnfAGGOMMcYYY4yx//dASKGEFoHIJ/KLGFFAxIrrRJy4XhQUN4iIuFHEi5tEIXGzKCyKiKKimEgQxUUJYQQKK0iEoqQoJaLiFlFa3CoSRRlRVpQTTpQXSeI2UUHcLiqKO0QlcaeoLO4SVURVUU1UF3eLGuIeUVPUErXFvaKOqCvqifriPtFA3C8aigdEI/GgaCweEk3Ew6KpeEQ0E4+K5uIx0UI8LlqKJ0Qr0Vq0EW1Fu/+r/FdEX/Gq6Cf6ixQxQAwUr4lBYrAYIoaKYeJ1MVy8IUaIN0WqGClGibfEaPG2GCPeEWPFODFevCsmiIlikpgspoipIk28J6aJ98V08YGYIWaKWWK2SBdzxFzxoZgn5osF4iOxUHwsFonFYolYKjLEJyJTLBNZ4lOxXHwmssUKsVKsEqvFGrFWrBPrxQaxUWwSm8UWsVVsE9vF52KH2Cl2id1ij9gr9okvxH7xpTggvhI54uv/Yf7Z/5DfCwQIkCBBg4Z8kA9iIAZiIRbiIA4KQkGIQATiIR4KQSEoDIWhKBSFBEiAElACEBAICEpCSYhCFEpDaUiERCgLZcGBgyRIggpwO1SEilAJKkFlqAxVoCpUhepQHWpADagJNaE21IY6UAfqQT24D+6D+6EhNIRG0AgaQ2NoAk2gKTSFZtAMmkNzaAEtoCW0hFbQCtpAG2gH7aA9tIcO0AE6QSfoDJ2hC3SBZEiGrtAVukE36A7doQf0gJ7QE3pBb+gNr8Ar8Cq8Cv2hjhwAA2EgDIJBMASGwlB4HYbDG/AGvAmpMBJGwVvwFrwNY+AMjIVxMB7GQw05ESbBZCA5FdIgDabBNJgO02EGzISZMBvSYQ7MhbkwD+bDfPgIFsLH8DEshsWwFDIgAzJhGWRBFiyHs5ANK2AlrILVsAZWwzpYD+tgI2yCjbAFtsA22Aafw+ewE3bCbtgNe2EvfAFfwJfwJaRCDuTAQTgIh+AQHIbDkAu5cASOwFE4CsfgGByH43ACTsIpOAmn4TScgbNwDs7BBbgAF+GlhO+a7y2zIVXIK7TUMp/MJ2NkjIyVsTJOxsmCsqCMyIiMl/GykCwkC8vCsqgsKhNkgiwhS0iUKEmGsqQsKaMyKkvL0jJRJsqysqx00skkmSQryAqyoqwoK8k7ZWV5l6wiq8qOrrqsLmvITq6mrCVry9qyjqwr68n6sr5sIBvIhrKhbCQbycaysWwiH5ZN5QAYAo/KK5NpIUdCSzkKWsnWso1sK9+GJ2V7OQY6yI6yk3xajoOx0EW2d8nyOdlVToJu8gU5GV6UPeRU6Clflr1kb9lHviL7yg6un+wvZ8AAOVDOhkFysBwih8p5UFdemVg9+aZMlSPlKPmWXApvyzHyHTlWjpPj5btygpwoJ8nJcoqcKtPke3KafF9Olx/IGXKmnCVny3Q5R86VH8p5cr5cID+SC+XHcpFcLJfIpTJDfiIz5TKZJT+Vy+VnMluukCvlKrlarpFr5Tq5Xm6QG+UmuVlukVvlNrldfi53yJ1yl9wt98i9cp/8Qu6XX8oD8iuZI7+WB+Vf5CH5jTwsv5W58jt5RH4vj8of5DH5ozwuf5In5El5Sv4sT8tf5Bl5Vp6T5+UF+au8KC/Jy9JLoUBJpZRWgcqn8qsYVUDFqutUnLpeFVQ3qIi6UcWrm1QhdbMqrIqooqqYSlDFVQllFCqrSIWqpCqlouoWVVrdqhJVGVVWlVNOlVdJ6jZVQd2uKqo7VCV1p6qs7lJVVFVVTVVXd6sa6h5VU9VStdW9qo6qq+qp+uo+1UDdrxqqB1Qj9aBqrB5STdTDqql6RDVTj6rm6jHVQj2uWqonVCvVWrVRbVU79aRqr55SHVRH1Uk9rTqrZ1QX9axKVs+prup51U29oLqrF1UP9ZLqqV5WvVRv1UddUpeVV/1Uf5WiBqiB6jU1SA1WQ9RQNUy9roarN9QI9aZKVSPVKPWWGq3eVmPUO2qsGqfGq3fVBDVRTVKT1RQ1VaWp99Q09b6arj5QM9RMNUvNVulqjhryt0oL/hv57/+T/BG/Pfs2tV19rnaonWqX2q32qL1qn9qn9qv96oA6oHJUjjqoDqpD6pA6rA6rXJWrjqgj6qg6qo6pY+q4Oq5OqJPqvPpZnVa/qDPqrDqrzqsL6oK6+LefgdCgpVZa60Dn0/l1jC6gY/V1Ok5frwvqG3RE36jj9U26kL5ZF9ZFdFFdTCfo4rqENhq11aRDXVKX0lF9iy6tb9WJuowuq8tpp8vrJH3bv5z/R/210+10e91ed9AddCfdSXfWnXUX3UUn62TdVXfV3XQ33V131z10D91T99S9dC/dR/fRfXVf3U/30yk6RQ/Ur+lBerAeoofqYfp1PVwP1yP0CJ2qU/UoPUqP1qP1GD1Gj9Vj9Xg9Xk/QE/QkPUlP0VN0mk7T0/Q0PV1P1zP0DD1Lz9LpOl3P1XP1PD1PL9AL9EK9UC/Si/QSvURn6AydqTN1ls7Sy/Vyna1X6BV6lV6l1+g1ep1epzfoDXqT3qS36C06W2/X2/UOvUPv0rv0Hr1H79P79H69Xx/QB3SOztEH9UF9SB/Sh/Vhnatz9RF9RB/VR/UxfUwf18f1CX1Cn9Kn9Gl9Wp/RZ/Q5fU5f0Bf0RX1RX9aXr1z2BTKQgQ50kC/IF8QEMUFsEBvEBXFBwaBgEAkiQXwQHxQKbg4KB0WCokGxICEoHpQITICBDSgIg5JBqSAa3BKUDm4NEoMyQdmgXOCC8kFScFtQIbg9qBjcEVQK7gwqB3cFVYKqQbWgenB3UCO4J6gZ1ApqB/cGdYK6Qb2gfnBf0CC4P2gYPBA0Ch4MGgcPBU2Ch4OmwSNBs+DRoHnwWNAieDxoGTwRtApaB22CtkG7P7W+92eKPOX6mf4mxQwwA81rZpAZbIaYoWaYed0MN2+YEeZNk2pGmlHmLTPavG3GmHfMWDPOjDfvmglmoplkJpspZqpJM++ZaeZ9M918YGaYmWaWmW3SzRwz13xo5pn5ZoH5yCw0H5tFZrFZYpaaDPOJyTTLTJb51Cw3n5lss8KsNKvMarPGrDXrzHqzwWw0m8xms8VsNdvMdvO52WF2ml1mt9lj9pp95guz33xpDpivTI752hw0fzGHzDfmsPnW5JrvzBHzvTlqfjDHzI/muPnJnDAnzSnzszltfjFnzFlzzpw3F8yv5qK5ZC4bf+Xi/srLO2rUmA/zYQzGYCzGYhzGYUEsiBGMYDzGYyEshIWxMBbFopiACVgCS+AVhIQlsSRGMYqlsTQmYiKWxbLo0GESJmEFrIAVsSJWwkpYGStjFayC1bAa3o134z14D9bCWngv3ot1sS7Wx/rYABtgQ2yIjbARNsbG2ASbYFNsis2wGTbH5tgCW2BLbImtsBW2wTbYDtthe2yPHbADdsJO2Bk7YxfsgsmYjF2xK3bDbtgdu2MP7IE9sSf2wl7YB/tgX+yL/bAfpmAKDsSBOAgH4RAcgsNwGA7H4TgCR2AqpuIoHIWjcTSOwTE4FsfheHwXJ+BEnISTcQpOxTRMw2k4DafjdJyBM3AWzsJ0TMe5OBfn4TxcgAtwIS7ERbgIl+ASzMAMzMRMzMIsXI7LMRuzcSWuxNW4GtfiWlyP63EjbsTNuBm34lbcjttxB+7AXbgL9+Ae3If7cD/uxwN4AHMwBw/iQTyEh/AwHsZczMUjeASP4lE8hsfwOB7HE3gCT+EpPI2n8QyewXN4Di/gr3gRL+Fl9BhjpYi119k4e70taG+wMbaA/fu4qC1mE2xxW8IaW9gW+YcYrbWJtowta8tZZ8vbJHvb7+IqtqqtZqvbu20Ne4+t+bu4gb3fNrQP2Eb2QVvf3vcPcWP7kG1iH7dN7RO2mW1tm9u2toV93La0T9hWtrVtY9vazvYZ28U+a5Ptc7arff53caZdZtfbDXaj3WT32y/tOXveHrU/2Av2V9vP9rfD7Ot2uH3DjrBv2lQ78nfxePuunWAn2kl2sp1ip/4unmVn23Q7x861H9p5dv7v4gz7iV1os+wiu9gusUt/i6/0lGU/tcvtZzbbrrAr7Sq72q6xa+26f+91ld1it9ptdp/9wu6wO+0uu9vusXt/i6+cxwH7lc2xX9sj9nt7yH5jD9tjNtd+91t85fyO2R/tcfuTPWFP2lP2Z3va/mLP2LO/nf+Vc//ZXrKXrbeCgCQp0hRQPspPMVSAYuk6iqPrqSDdQBG6keLpJipEN1NhKkJFqRglUHEqQYaQLBGFVJJKUZRuodJ0KyVSGSpL5chReUqi26gC3U4V6Q6qRHdSZbqLqlBVqkbV6W6qQfdQTapFteleqkN1qR7Vp/uoAd1PDekBakQPUmN6iJrQw9SUHqFm9Cg1p8eoBT1OLekJakWtqQ21pXb0JLWnp6gDdaRO9DR1pmeoCz1LyfQcdaXnqRu9QN3pRepBL1FPepl6UW/qQ69QX3qV+lF/SqEBNJBeo0E0mIbQUBpGr9NweoNG0JuUSiNpFL1Fo+ltGkPv0FgaR+PpXZpAE2kSTaYpNJXS6D2aRu/TdPqAZtBMmkWzKZ3m0Fz6kObRfFpAH9FC+pgW0WJaQkspgz6hTFpGWfQpLafPKJtW0EpaRatpDa2ldbSeNtBG2kSbaQttpW20nT6nHbSTdtFu2kN7aR99QfvpSzpAX1EOfU0H6S90iL6hw/Qt5dJ3dIS+p6P0Ax2jH+k4/UQn6CSdop/pNP1CZ+gsnaPzdIF+pYt0iS6TJxFCKEMV6jAI84X5w5iwQBgbXhfGhdeHBcMbwkh4Yxgf3hQWCm8OC4dFwqJhsTAhLB6WCE2IoQ0pDMOSYakwGt4Slg5vDRPDMmHZsFzowvJhUnhbWCG8PawY3hFWCu8MK4d3hVXCquHjD1YP7w5rhPeENcNaYe3w3rBOWDesF9YP7wsbhPeHDcMHwkbhg2HF8KGwSfhw2DR8JGwWPho2Dx8LW4SPhy3DJ8JWYeuwTdg2bBc+GbYPnwo7hB3DTuHTYefwmbBL+GyYHD4Xdg2f/8PjKeGAcGD4Wvha6P0Dakl0aTQj+kk0M7osmhX9NLo8+lk0O7oiujK6Kro6uia6Nrouuj66Iboxuim6ObolujW6Lep9/fzCgZNOOe0Cl8/ldzGugIt117k4d70r6G5wEXeji3c3uULuZlfYFXFFXTGX4Iq7Es44dNaRC11JV8pF3S2utLvVJboyrqwr55wr75JcW9fOtXPt3VOug+voOrmn3dPuGfeMe9Y9655zXd3zrpt7wXV3L7oe7iX3knvZ9XK9XR/3iuvrXnX9XH+X4lLcQDfQDXKD3BA3xA1zw9xwN9yNcCNcqkt1o9woN9qNdmPcGDfWjXXj3Xg3wU1wk9wkN8VNcWkuzU1z09x0N93NcDPcLDfLpbt0N9fNdfPcPLfALXALExe6RW6RW+KWuAyX4TJdpstyWW65W+6yXbZb6Va61W61W+vWuvVuvdvoNrrNbrPb6ra67W672+F2uF1ul9vj9rh9bp/b7/a7A+6Ay3E57qA76A65Q+6w+9bluu/cEfe9O+p+cMfcj+64+8mdcCfdKfezO+1+cWfcWXfOnXcX3K/uorvkLjvv0iLvRaZF3o9Mj3wQmRGZGZkVmR1Jj8yJzI18GJkXmR9ZEPkosjDycWRRZHFkSWRpJCPySSQzsiySFfk0sjzyWSQ7siKyMrIqsjqyJuJ98R2hL+lL+ai/xZf2t/pEX8aX9eW88+V9kr/NV/C3+4r+Dl/J3+kr+7t8FV/VV/NP+Fa+tW/j2/p2/knf3j/lO/iOvpN/2nf2z/gu/lmf7J/zXf3zvpt/wXf3L/oe/iXf07/se/nevo9/xff1r/p+vr9P8QP8QP+aH+QH+yF+qB/mX/fD/Rt+hH/Tp/qRfpR/y4/2b/sx/h0/1o/z4/27foKf6Cf5yX6Kn+rT/Ht+mn/fT/cf+Bl+pp/lZ/t0P8fP9R/6eX6+X+A/8gv9x36RX+yX+KU+w3/iM/0yn+U/9cv9Zz7br/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Ta/3X/ud/idfpff7ff4vX6f/8Lv91/6A/4rn+O/9gf9X/wh/40/7L/1uf47f8R/74/6H/wx/6M/7n/yJ/xJf8r/7E/7X/wZf9af8+f9Bf+rv+gv+cv8P2uMMcYYY/8t6g+OD/gn35N/W1cMFEJcv7NY7n+subnwX/eDZULniBDiuf49H/23VadOSkrK3x6brURQarEQInI1P5+4Gq8QncQzIll0FBX+aX+DZe8L9Af1o3cKEft3OTHiany1/u3/Sf0nnx6fWTk8F/9f1F8sRGKpqzkFxNX4av2K/0n9Iu3/oP8C36QJ0eHvcuLE1fhq/STxlHheJP/DIxljjDHGGGOMsb8aLKt1/6P75yv35wn6ak5+cTX+o/tzxhhjjDHGGGOMXXsv9u7z7JPJyR2784Y3vOHNv2+u9V8mxhhjjDHG2J/t6kX/te6EMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhjLu/5/fJzYtT5HxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhj7Fr7PwEAAP//SOc8Mw==")
write$binfmt_misc(r10, &(0x7f0000000000), 0xfffffecc)

17.33129116s ago: executing program 2 (id=965):
unshare(0x62040200)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
syz_usb_connect(0x3, 0x56, &(0x7f00000007c0)=ANY=[@ANYRESDEC=r1, @ANYBLOB="f065023002fd151cf1d32c2fcf976684c6c8ff934c62e0c8efa695b81b8c106afeb9f6d613c9be141c6066a9d0748c22de635874f1b4f1243f4f04f1b00355d032d140f8ef8d6f91d0131a6000aa010cb8f7a60e734997a98f14fc6b2ccb5d6ef5c34dc590c096f7cc9e190f928d7ca0bc3076607142096685e62e024cb1f7c3c5be7e734b1db33db6108dac0bda5504087c8b020f110d210766fe16a5d2ce7300da7485b8e2a4986031b9482cd780bf56a58415a06c46aa2eaed9795f47b5d767c9e75fb379e9cce2d04e42c4b1b26c9b132c31f49601af856da78c83b21cc4d4ec9a543636c14bc896d76e2ef0626f8eba7af3124172d13fdc6e5f4073e03dc22b53eccc5a615adeb152f991e5343295d7ba5a9daa56af03f677f4cc61fff079b5f186484c17e13c39bc9b6b8552c6bd60f51924ead758533e4211b1586dc6e36b7c85f31072cb0a4b83d20ac6deb305196aa5ef8c0f1ead984d546252ce244ad9778be295e544cf601e8b84a9462c56606b49ff91580ccf3e9fa6a89335d22792c04f8c6973b1d910bf88fad55c63df2fdb125272040012cfe5d4b8a701503659178085a2a35cf70fb5cb5af511e67ad50b91634572499392e0049e07077aed85154825605805af839320ddad3cf0376b2f98c7c32e4e2e627596eb06a1b7102776a82a17fa80ad4e42457d9f0bcd37a43f0ac1ff672835bc022681e16a97b6b545304cada6ad6148a053f2d3a48ea5d6f2f0ccc1a03371260bdcab4d12daaf436198614286ad4f752927e0e16d98b4d7c97cc3b1b176150ba78e07b340a16717aef090aabe42a18cb1cfb20fbf6a6c0775e86da7ffa01abf3933f3ec39ce18074a6da205a800f2dac81debc8d694ed4a6cc3eec25ed4eb64193a18941345e54d367e13bea5746c35e7701a34b514357f06b1047d8eb201dd026f8c50a58f341f28caa0c104d5132c2fe67ebab3b947dc688ac91d4b3271f47ae296b86406aac89a9b51fa3c3ee8aca273911aa8c4ab63e6868a2fc7ddebdd86dfd1d57102afb6df7ab67b00e55fbb0e8170400aaa339c2a86b9373801e7ac65e7184b120ba7ab2af8ed6697c75aee052efe01a1c13d3acae69c9358d55b3bc1ff9ba7ab0c578d36a569b58d8204bf69cf8e5eb9aeeddb75552f62f10c1bf702acd9fca642844f2cffb284fc7a0cec7ad67e6a23cf5ce20bc132027cfd1e10ebf242934c8295bff44243ce01de516cb9cb18271fcfa6d362e817f9b4abf66acf947eeab9504aded0b51005a49a0da80084bf6a5bd1a6da675b69ea17f9b3af4699c888fb9880b204fac1774999fd84b00d356a03aba99fc41756afdfb16d618192384ddffd92bf684a1faf611a929080ff8bdde5ba6715119a2daa060c7d87534a06c7edcf566bb372f0fee1a0eeaa6681b42e3851328bc931edba7b12b44490c728729040034a1caf285d9430119c77c0dd29328ce1b23d8d3d5faf2b5a3bf2a336057b8f475283f046f4980759ef5c9fadd798e3788726fd689703bce47a5554d53015cad564849f6c29e39f5b5d3d804ce5c9dee7c459edfe19ac31360e12fbb7e902d984a112586ed9b0de46bf64dec5e721f25987afc003e40273055d4865182a02cf13076cc42a9ea603211f91af76ec836e28135b9366c27bb9a5b5360837000cc2e954cbf705272db985657ff9a888f267a0f69b72a1c117635937b7a3fa6f381cb3f40c671cffb0d18c357e6c5b0fe2cc48ff82560c7d844d7eaccb98949f23cb089e932459d21f734165f76e7fbbdc234f5c1db8f07eb0e27ef119f2d15abe6d715a5669f3f18f8e3fe42a0e82db2bd81c6bd4e6cc739006248b7e0e794130dc547c4e8f887a9e97d8fdae84bedec927f32dd80e1f0ed283e5dfce2d751fd948995702dc79697c6278f3fbc694e0da496600ea3ed7a52aca4bc04555cc5ef1718a11bc465396e107203c3d10fc59aa3f144f88aeebc7ae0b1907beff8571f3797f902d1975916607326e2dd7c4d2d8efab885d9b271caac1fb24cc6aac1c2e07bd54130d17633d88a51f8bb5725bcf68a4f415fdfa82254bc97157c28cf50b88279438df40a3a069cf1202d0cb193edff016dc2461d0aba73c5bcafd5714602cab18b4935cb01892f57f308a03ef70c9a66ff9fc0f71ccd22387fec0f67a545cd55457df2f3a17ae672ffe4f5cd506680c3671ad19d2a3fdf0c176635c62d9be9785b6f4952e8e2396a48b09eb5efc97f166177b3a8e861b1f2b48b54cacae2092a6a0c90c01afc02e4b60835cae710cd36289ef97f47c31a708ba23382521de9483af129b6cd53b67c380227ffeead224c79ff9a603c13c4212df741678e8f1919740cfa284cf07fa76a76cd71e546b00a58e95b1784d4a8188c20307da9dae542f28c9c40abb051f39a4185075fa16cb17421227c4957397b71b439e7435540ab74d84d6aa606b0a2e4f1da9ade76510d7543cc34316a5c618781bfacde851e65cda06c308d4ccc6cd0a41e9da83884006ac1b56d869be472c87688a0fb25a1d7167fe243c2a5237a280a749e9e2f55370c6f8a1469d70e61ed3f8be95f2b95c199e8daccaa42f336f2dd1733e2e21bd1adbc272197b0dcf613d1fa90e290435858a704e5902c781179ac77128cffe7db05e9147bde32db1483e32de1b1be26629cc7ce12783bc15d1173dff64fe3d4a68697b862b72fac7e6d1fa63afda3f4f72572774449b9939f0979e52df9fdb1e6aa660dd7508b4e7c9a41c8bb166edc3028207ff2ddbc63e7c4f57e3e22304ae3e6d006fefd507c6648e707741e68428875e96a808cbb5b0d4c8179c48b349a39265384b85b67a73c92dd58e9c2766f53df0cacd294b4913f4f03ceed3bd93da44f801226dc9d0f19338b65e18e140dd5314c47e93600fded3e1f9c35a77574f336f61814988f4c38e640c9c55710a898b50079b41af6d83e8ee9e12fc74e2cf393eff5e5771e08afe6c85e6d36bda3a72ae37738bab718cffec400f19d7cf732e829ae21a2b254f7fd79142c585a552d48f8ecb5f6c4a5db0979b07e4832819d7d6e64e8425737d8c35739fd82395c3005dffaa144e099f53f0bd586046cca566ee91b6fa60bbc581a5e34a01003282bf33b2618c353600484d00cafdbd3a504cf219fb7b5f82cef9a0887c04c0b7875d51096c452b3dca47870d6f61130b4cc781049a6a440dc88f48de90853a45e1e46108bd1a8cb1f01a3604f3e308270c83d3a1421b74ccd1d6f7f7168b8111c3020dbd0cde73e90996ac882c592ead5820653b891307f7c7f917806ef8ae810e9cb7460ce1b5932213ac0dba83ba81e1dec7134bb2e67686fb03e96cfa4e5b3fa9400107322438ae953f555f695cabe1e78d040fdd49f39d1368774fc174f541da2da6d70c6c63c7cf27217a25bad81619cd30d469d0526930a95530f99ee042b76583b0f3b458e3ab5ea8b2cefae1b09ec3cf1826211e6bdc7299cc82647c5130d63ceab8c2e1d26049170b19007de3e0507a6f45bae77e3f7a2b1ce6df23631dc8d3417e387454e5369fed7a420b20f1d9d734df3ff3239c41ebbd4aa1627da4eff54835037dfe5f2e9bbe306058af87443e7dc5cf747a9437c2b55ad1cb298f8ad2cf1ee1b249212ddbda3a8f2f5030037dace2e5394d970723c913de5635b6b60e4354c8b7cc8f10b3c82242521474d503cbc25c285d4fe93baae1eab0bed1a8943c96fbfa6a7638f2bc2a8e289f37ab636fd10315cce64c9e6e41aa39fff5ab0b9770ec27c77f0d2bd2c718c329b13caef0600030f22cdcc376ec2f44636620697284d6533a58cfbb52a4dc6d1981b6c4da22d43f574f30447c1ea835535fd6365ac497ae1d581d82b3a452d8aad3cab85616dd1160a9f18bdc91be5251736f1bdadc90179815da82109f0ff9fb3a03175866f2b5018959d6781010060c7ef083ec83e9df4613599a4b031646c96b35a6f0a9f0c9ffa442789dbe63e217e23aa6cab3fbcfbcc89502bf729421181ba9864e2ea0b0abe9a9aadf9bf2178da1396fc2d81fb080d4a57685dd1e2b1eb7bb507888629047156ea13902672337757c921d58734d439354dc1eb209f7349272ebb0b062cdd0616e4e7d3d3b512badf4b741e3ba0cab786e78f79cee035a6530341f9e67b320deff7b248049265fe1f84890a6f323449e399747306d10232a796b1b58fa5d4f3e423cb6a0001b175a83bef7ff5b82d497a48faed8c9891ce063e613a4b835c186cf6c43279994b3d87aa1c5c379a5e088ca6bb09769d56c1ea34384aa2ef948416b0a7cae8051b060beb40b0cbfd5615f320ca473f1c1a4cf4e08aa0ea154bcb9ac251caf7f6776a0a7205eb28ac22948bb4e929d3b46c3685daaeb859b7a0e36f3b1e89f96f83fe1efea0586a3f496e288962422a6130866786e4f01cb424cc1bf62c026409bcf0eac04867c0661ef75b02cd1995b16ab7bb4fa57edcdeee27b550a37ef7e3386be6441099163aceefe3d48890d6d8b822e2aa199271c07a4b29b388cd5f324b910737489e85633433192c89d66d35d9a34e4c30bedcf50732dd9e47931e12ce2cbbfb502165365d48730fe6645c89f53c3bdf38ffa152768203512d05812c97fc7ecfb5600cb7fb4ceb1a1345ceac345ef866a01c6f46bd1bd4b4158e0dbcd3b8c8716c75bfe685217fcbdaf581c9ad3672598d7df4b162591a3ae2a4da844207b06a9cd41bcbfacd93b5fc96f882a3b4159fe373cc3eb6c1ad498df51f08db9328337867b9c3390e8b80351f898913242f84850f83ca47eefb801a63528b291f8ea65f138e11255a55b0a66d66c090705b49cad7645050532ed4eea347c73f8e5217fae53bd89b7777d147ccb11964f2f45b370aa410e9597a81de37b25fa2dbb9eec79b8d79ddc49292015aa0012db7561ecfceb789d48b1d2cbcb048a0ad317c7021c7f3a12e4c70af797822915be54b76f6665e424c743d6ae3ca196f34d487afed64906c09fd7992dafbf5b6c2eaffc0c9abeb4ec5db44ad6227d834aa43d381710f5e9390a0b559371c5f1fef7b4f8a36ec2b94da79454b35daf7433f456251c98326120adca205187f4d6c42583611a4d86777d457c467f8663033b02b6e31ec2b1e2a4733786842f48265cac5d7608e1b475e474fbf335b2d14948f2f0f7045510ce9d03b0fc5c7497f6cd82df019473938d9dcb02cb78bae63ee3a9af26134e37396e4dc18080eb267a3fdb558f0d0449cdcbbfaa2866b312c350783e1a4a3a139ed8f01e2dcd3f8a8e2d61a52aedee45fb235f9cace9465546d0208779e768024d6812f9dda464271a358687121eefe96e1c8d39d141e716b5afd42396c101c911d222048b5fbca92d192277e91425f251aa733a0f2603a3e3157da22485f4f0f1f71df07ce73df6db1e7f88014304df465c66e3f0cec453f2d3cab76afabac2278dd5d893baf8264fc7f6b149b416ad59ca41e3ddf1aa9abd558c127fb81a19052c4cf71e7adb7126482b8920e5e5b71db461bf78de650b1561e934733e64e01dc7fc71b9a28dce6b1cb01789cfe3a026f32fa75f26a91cdc16498988cfd62f533976076195e743107a2402ae5d501223a68921595fd1dcb434725f8c1688a07d5eb478ae7a5e4ca3f69370866b4377b71dc7a820d402683d20264b0a1c26cf5751c9bba712c0b35f4ed5d524265eae08529a0048c8d9e09a131ba807c171ac7325940b4e4e0df8ac04df19d6066b43d8a769cb216fdbe1a45ad4c06463cdfc902df49c5b25d004b5bf8ade8f20716d8e3aa9f0bb48ecc700ae", @ANYRESDEC=r1, @ANYRES32=r0], 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
getsockopt$IPT_SO_GET_INFO(r2, 0x0, 0x40, &(0x7f00000000c0)={'filter\x00', 0x0, [0x8, 0x0, 0x7, 0x4, 0x8b32]}, &(0x7f0000000200)=0x54)
r3 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d3000000010902120001000000000904"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000700)={0x84, &(0x7f00000002c0)=ANY=[@ANYBLOB="201e010000002e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

10.92226314s ago: executing program 0 (id=979):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x84}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x18, 0x71, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000002000000bfa30000000000007603000028feffff7a0af0fff8ffffff61a4f0ff000000005d040000000000007f000000000000002704000001ed0a0025000000170000003e040000000000007b0300fe000000002d03000000000000c600f9ffffff00009500000000000000023bc065b7a379d17cf9333379fc9e84af69912435f1b6a693002e7f3be361917adef6ee1c8a2b4f8ef1e50b91f32050e436fe275daf51efd601b6482a0800000098efd2a102ee010400006e7a1de4a21f379dbf01de00b1b564fef3bef7054803d0d600c095199fe3ff3128e599b0eaebbdbd7359a48f5b0afc532ef58de3c1b7646cb7798b3e6440c2fbdb00a3e35208b0bbf12cd8dff095edc710e4000000000000009fbe4b61a615c6c57a2b649dc74a1a610643b08d9ec21ead2ed51b104d4d91af25b8123deda8a3658d42ecbf28bf6d8e8afcb913466aaa7f6df70252e79166d85827513acd02b5a655a314d31a76e42f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f08050ec6850600000000000000d5f728d236619074d6ebdf098bc808f50ae728a40f9411fe7226a4040b96e37c4f46010400000000c3da29faf75ddd1aa96960bca97af133824b881cc1f62c0f8f8f0e8d76b86f9c45636614786f5a2cb77230a874640dcbe0b20bb77c022d4cab080078fce8c5c81b7037181fc2f18f781aaa6e2957d7e39cc1baddcb7ec6667e699f24e41697ee7ea23e4b29a8b6cc9a1f5a7b3caae05f13792292cb949b3aab06b1e042ff2164d80c605532b18ab1c156b97e5889685a96949e4cb40df77b8bb84b0e733a63784ccc214d930cbb7e090df9a2867b3acec439c163fcd7071b53ac29df826f8ae6d6e18c1eacf5bf8707f0d5217e9bb5a05d9e22ce67f1231bd236ed200073826593c4e1a0f50a74bb482e486727d970acc546087acbf30f2f8165b47ba56dfadd14b306e9978931485747292c6fe6e188750cf4f87cce2aa7d67c6133a9f05954cde298a35ea6d715ba80aee63300000000000000000000000000000000000040000000000000000386000000b854adb4f8080064e8407c6bdb37114c80fbaa4a0ec5aaf4b0ac6f2128668279eb6fc1caa80e64461c9a1be8fa0061ea9d55ee4716bea8e1cebf9ed39325ab4c5530dd6ee9fffc00000000000000d7c5af73c683625aaad5fea5004a76c9f8975ed4c5e4eb3e77e9885f69754932609f19e2f615a01cb6d17fbf5cb539403cb0572534f054d5514ad8264f7b029b2bdf2ca4958a62a6e744f9a4c1e646e1dd2ca19583f0f8b0dc53debd7d44f334e6ed7445a9580f970e483b307c4b3c018bc194b23d37e6a2e52d8288e5aab6fec586d52386e8c07a88c88e8faec5f1b16b2014f6952ce7d6be12c6bdb9651ca6fc907061be311d1354e6295698594a73136237bee068d3819400e43544830a3f74b7942f22336953978a5b2032da4238cc61162c04c1297395b73e18c9387615a2bc87d9e2445f3d323d3fac347926a4bac694c55fe9d145906d410f58f1951405d10504efe402cae085afef5dbd617e87dd4a50d7eb8e327fb5db12cbd6a9efe8e671c4f251cabdfe3400a670d14b9b3cd8d86e492997a0168c022ef3536bd1dc731f4f9f8cb6c3857fb8aaaa95024f8da775f72950212b84fc6133ae14d1429cd4905dabb52e43af7e65acf97b4951fa1e967d16a5ed642efc855a4a46b85cd079934ad3188276efae9387eaa232697526e24b5d4fded86c3811ccd00520150b16000080122965558074956da5e4c3bbefcb64aa8be4456ed2caf0f467b6bbf3aa4371f5e76ab3f60afea80bb066aafb7517f787b090f419a20278a3c779e03afd9a6af6fd518e5dce030f88ec5a5cb7601a161da0f8089322d84ac523040d13e1f1300c2c6555bce60d95dd3288e53435713f03add23f14c8db5555c62de4f6260a483632a2ab447f88dd6efec73a0271a19ca3aa860aa4dcaeebe3d53040b853a7c02a5fcc08b3a572969bbe91c921ac1476027772c87d172ab29967e38ba49e3e57fafea83e495a6a1d1a4ebf83434986091dd66ffe3ffed0c39552a312e2db596d9c827e02f6fc13c8ddbb50bfd7dd8aa2f35f259fc83e007fe79d2d25e30830b92fca00a292dd3b856faa4b7e66e1b64505f65900839df71a97d4d07d37f7ecf8ed9a22da26ae674bba16c204f6b2f8f74fc56b7126d7c11ece6e88ec41192aaee75415c58d264a2b6adae02c821b62428902aad499825ab85a3486383803d12e61dbde5c47056f0a20b4e2a2328d5db5cfe56557a129e6be231acf5f57995c60d9fca5f63a0dfd18054717120bda46b022719ca77a4e0a66b4708f791d849a5e2aaa0074a9560ede2600df5a5c41392fe9460080fcb1e65233fb8dbeec4c86dbcf6a0673e38d2d3615e5bfbde44afe0fa7564231fff7e7f1f3ad68492dd2ccb1decb15b5d7d3e37e8b7d28921c4b9280979521173f522df408d9818b6cc400098abb869921911480a876fbba698802000000000000005137bdaa075fdd88d22230592a790000000000000000000000003527dfd01b47caf6a82d608b73e0beb4caaa000000000000000000000000000000000000000000000000000000000000000000000000000000000000002f316aa0886c174b73decb46c1c85edf50d8fcbac5ff76b365611666da86a8e65b308706bd7c000000000000003f7c54d5cb9076b81b7741ec03877afb520400000000000000c3ae49f88c462ea2050acf2d9a97d3be29a5614d1eba2c98cf0236401e02d7c445e50f76419ab4f78f67a09e63dd4faa2e7b59399fa5ee0b41e14a6fe6894e901a523fcbadfeff535f2514bc834e876810d9a6a78e70a9e22860c36a724770b4185de44db6bf21fef32a8d5b36d9014fa841061e63d40f4e536314beda5738fee012365f963b2a85e7d8075c333475b9f0284405e30700000041285fbe0bdd37220e31d4731614a50c16c6a41744c3d24eab511317f97b7b4a1c2ec33fedc46e9bf0fa640eebd3d58f0ebdb7cb8ccffd6d6ab7e0e843591d2618e2d2cdc7081c8fafffe8c350a5c554a387de4ee7aac6478d99de7dd82bef044a6d33c789d566c90c46ad581aa22f910547a77d55e26bf19f1d4661550b177ef53933a305e69b8a95119dcf5bda599d625054776151b2cd1fcde238bdc527594a6c17aa9728af24e2bb7a3830e7092b01b119ea4e7e7f0e21527d622cc29c9f0c8720195368f8374337ab4d130619d93c5ef37e7ddd0b2da147e6e513455b88753452de959a6cbfa1ffbc7ad5d8c3b48017fd31dcf72f337b639253f44cb27a12174bc4c191e21015d0c431a71906eb9c6a14c8a060459ef26787ce3d1cbfd5cc459f0048b5d06f6cbd3e9b34c89f3fb2f951ae81d7fcc8bc0000000000000000000000000000000000000000009231feef3117197c7963c2ba910969f776c8b2ea3970f358107945d9e74e9bdfa58e68b65a9201bc4b73b431df96d49f363917f90e3fa1eaf553db1c761dd9b634a9c4d7c21da4fe6d953ed9438cad0f8dfe03e5e2f73019352f1fb682a5a6ebbf24ebc49e3d7058e696ebc2ab3f4b642f36c9006c0067e24a64aa8c53df824a4ee271e35ed90000800847683c08bfda74a143c855030ae004ac797c575c202d8091eb77565212548ead770d68ad9fa2b2528798df1c36fc438d9c98f168490b41e158bb2e2d8ed19d44b9cce67c9c522b5136be09ed1b97ea3d5b317508df23e92c56fc2eb74d27d3861d91745b8fb9f6cc20e9f8b174000c62c4a2b212332a073fc5d0be7347e41454cb27e081c43e92ae7f9f046600db85d945a4666b588629ce0809d5c8506308688db21ec04d365497bf900600000000000000000000000000000000000000000000000000000000004d40e462913e1f28cf0819a2fde0e45205"], &(0x7f00000001c0)='GPL\x00', 0xe50, 0x0, 0x0, 0x40f00}, 0x94)

10.579374205s ago: executing program 9 (id=980):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x40}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10)
ioctl$KVM_SET_MSRS(r2, 0xc048aeca, &(0x7f0000000580)={0x3, 0x0, [{0x9bf, 0x0, 0x2}, {0xa5c, 0x0, 0x8}, {0x327, 0x0, 0x8}]})

9.864548344s ago: executing program 0 (id=981):
socket$inet_udp(0x2, 0x2, 0x0)
r0 = creat(0x0, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
ioctl$TIOCSPGRP(r0, 0x5410, &(0x7f0000000600)=r1)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWRULE={0x70, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_COMPAT={0x44, 0x5, 0x0, 0x1, [@NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x21}, @NFTA_RULE_COMPAT_PROTO_IPV4={0x8, 0x1, 0x1, 0x0, 0x84}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_RULE_COMPAT_PROTO_BRIDGE={0x8, 0x1, 0x1, 0x0, 0x890d}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_PROTO_IPV6={0x8, 0x1, 0x1, 0x0, 0x3b}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x3}, @NFTA_RULE_COMPAT_FLAGS={0x8, 0x2, 0x1, 0x0, 0x4}]}]}], {0x14}}, 0x98}, 0x1, 0x0, 0x0, 0xa840}, 0x600c0)
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_generic(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000400)=ANY=[@ANYBLOB="240000001900010000000000fbdbdf251d010900100012800c008080080022000e000000"], 0x24}, 0x1, 0x0, 0x0, 0x4001}, 0x0)
r6 = openat$adsp1(0xffffffffffffff9c, &(0x7f00000001c0), 0x82002, 0x0)
ioctl$SNDRV_TIMER_IOCTL_CREATE(0xffffffffffffffff, 0xc02054a5, &(0x7f0000000340)={0x1ff, 0xffffffffffffffff, 'id1\x00'})
sendmsg$key(0xffffffffffffffff, &(0x7f0000000000)={0x270, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)=ANY=[@ANYBLOB="02"], 0x10}}, 0x0)
io_submit(0x0, 0x1, &(0x7f0000000200)=[&(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0}])
syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$SNDCTL_DSP_SETFMT(r6, 0xc0045005, &(0x7f0000000080)=0x40000)

9.607910705s ago: executing program 9 (id=982):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0x3000003, 0x8c4b815a5465c2b1, 0xffffffffffffffff, 0x0)
pipe(&(0x7f0000000440)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
vmsplice(r2, &(0x7f00000003c0)=[{&(0x7f0000001800)='\x00', 0x1}], 0x1, 0x2)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000280)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0x8}}, 0x20)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000340)={<r3=>0xffffffffffffffff})
splice(r1, 0x0, r3, 0x0, 0x25a5, 0x4)
close_range(r0, 0xffffffffffffffff, 0x100000)

7.935171476s ago: executing program 0 (id=984):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x2002c810)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setaffinity(r1, 0x8, &(0x7f0000000180)=0x1)
r2 = socket$inet(0x2, 0x3, 0x8)
setsockopt$IPT_SO_SET_REPLACE(r2, 0x0, 0x40, &(0x7f0000001a40)=@raw={'raw\x00', 0x8, 0x3, 0x310, 0x0, 0xe138, 0x198, 0x0, 0x198, 0x278, 0x358, 0x358, 0x278, 0x358, 0x3, 0x0, {[{{@ip={@broadcast, @loopback, 0x0, 0x0, 'netdevsim0\x00', 'veth0_to_bond\x00'}, 0x0, 0x130, 0x198, 0x0, {}, [@common=@unspec=@string={{0xc0}, {0x0, 0x0, 'fsm\x00', "0d0080ff0000050000000404fff0cf81dfd28c89544e14cd3e01dd24289831867846c88621039b284c3ff45c42995560a99952bed40cf5a8c1df6cdbdb7e2378d5afd35f4c16827f55b3af494e39e8fb330200000000000032b6a99a8d87298e88a94cb519f5c17631af916a0002000000000000000000000000000000000049", 0x4}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'snmp_trap\x00', 'syz0\x00'}}}, {{@uncond, 0x0, 0x98, 0xe0, 0x0, {}, [@inet=@rpfilter={{0x28}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'syz0\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x370)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x707cb000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2000000000002)
bind$netlink(0xffffffffffffffff, &(0x7f0000000500)={0x10, 0x0, 0x25dfdbfc, 0x2000000}, 0xc)
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='environ\x00')
preadv(r5, &(0x7f0000001400), 0x0, 0xc002a0, 0x0)
syz_io_uring_setup(0x18d7, &(0x7f0000000040)={0x0, 0x0, 0x2, 0x0, 0x25b}, &(0x7f0000ffe000), &(0x7f0000ffe000))
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e20, @broadcast}, 0x10)
sendto$inet(r0, &(0x7f0000000140), 0xffffffffffffff58, 0x20008005, &(0x7f0000000100)={0x2, 0x4e20}, 0x10)
shutdown(r0, 0x1)
recvfrom(r0, &(0x7f0000000480)=""/110, 0x168f6f3d, 0x734, 0x0, 0xfffffffffffffecb)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$AUDIT_GET_FEATURE(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1080141}, 0xc, &(0x7f0000000080)={&(0x7f0000000040)={0x10, 0x3fb, 0x20, 0x70bd2d, 0x25dfdbfe, "", ["", "", "", "", "", "", "", ""]}, 0x10}, 0x1, 0x0, 0x0, 0x800}, 0x44000)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="2c0000001a00010000000000fcdbdf250a802000000000000000000008001d000000000308001900", @ANYRES32], 0x2c}, 0x1, 0x0, 0x0, 0x45}, 0x4)

6.706957128s ago: executing program 9 (id=986):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x2410010, &(0x7f0000000100), 0xfe, 0x1103, &(0x7f0000002240)="$eJzs2T+L1EAYBvBnkvUPNpFcHwQtLOS4Y/0CVyhsa6uNyFVedVsp+m38OHqV/XG9Fgv2kbibXZEVwV0V5PeDkDcPeWcy5UwCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg0nyqSQHVdKOWZWkJF13MbtK0o357fd1lZInp7P5o/Pp43mS+tvr5WlShq6hLe3x3ZvttJ22x+3Dg5N7H+avXr98fnZ2er4apqTL5WKvq7g1zl3vdVgAAAD4P/Q7a/7x/AAAAMCv7O0gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA39c2mbseiSlKSrruYXSXptvRd+0vfBwAAAOyupMqzZlu+PAbYeJCPTVnnw/1LGeqjvNvSDwAAAPxUf2NVfP9/vVzf7MfvZ7Lelw/ZnUxyeLh8frvKP58kdZKjHwa/XLx5MV6lr//0WgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrIDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAYK8AAAD//+0M1yg=")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
accept4(r0, 0x0, 0x0, 0x80800)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
ftruncate(r1, 0x3af001)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000180))

6.159272061s ago: executing program 3 (id=988):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x80b00, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = syz_usb_connect(0x0, 0x24, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000034709d405f0530c6acb60102030109021200fd000000000904"], 0x0)
syz_usb_control_io$hid(r4, 0x0, &(0x7f0000000380)={0x2c, &(0x7f0000000400)={0x20, 0x1, 0x1, "af"}, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$uac1(r4, 0x0, &(0x7f0000000000)={0x44, &(0x7f0000000640)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r4, 0x0, &(0x7f00000003c0)={0x34, &(0x7f0000001800)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$printer(r4, 0x0, &(0x7f0000000480)={0x34, &(0x7f0000000d00)={0x60, 0xa}, 0x0, 0x0, 0x0, 0x0, 0x0})
r5 = socket$inet6(0x10, 0x80002, 0x6)
setuid(0xee01)
setsockopt$SO_ATTACH_FILTER(r5, 0x1, 0x1a, &(0x7f0000000000)={0x1, &(0x7f0000000040)=[{0x16, 0x0, 0x2}]}, 0x10)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000440)=@newtaction={0x98, 0x30, 0x871a15abc695fb3d, 0x0, 0x25dfdbfe, {}, [{0x84, 0x1, [@m_tunnel_key={0x80, 0x1, 0x0, 0x0, {{0xf}, {0x50, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x2}, 0x1}}, @TCA_TUNNEL_KEY_ENC_IPV4_SRC={0x8, 0xc, @local}, @TCA_TUNNEL_KEY_ENC_IPV6_DST={0x14, 0x6, @local}, @TCA_TUNNEL_KEY_ENC_IPV6_SRC={0x14, 0x5, @loopback}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x98}}, 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r7, 0x5423, &(0x7f00000001c0)=0x7)
r8 = fcntl$dupfd(r7, 0x0, r7)
ioctl$TIOCSETD(r8, 0x5412, &(0x7f0000000140)=0xffffffc0)
ioctl$SIOCX25GCAUSEDIAG(r8, 0x89e6, &(0x7f0000000100)={0x80, 0x40})
ioctl$KVM_RUN(r8, 0xae80, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_X86_SETUP_MCE(r9, 0x4008ae9c, &(0x7f0000000080)={0x1, 0x5, 0x5})
ioctl$KVM_X86_SETUP_MCE(r9, 0x4008ae9c, &(0x7f00000000c0)={0xa, 0x1, 0x4})
syz_emit_ethernet(0x88, &(0x7f0000000500)=ANY=[@ANYBLOB="aaaaaaaaaaaabbbbbbbbbbbb86dd6100040000522fc776eb55000000000000000000000000bbfe8000001e00000000000000000000aa0c2088be00060001bf3f030b7d2b9f9fc6e73978fa4f7c8cc5c3bc5c0b27010086dd0076c6846abe000000031c4885100100ca7507817498a6d4b0003f4aaf5f6c000000007b40080015eb0000000223022309020000000002000500ebb41b08006558000000001b689c438f405c8c0cac65b1b58fa7d007fd0fe3a2eea85880fae006169528d423e98c0ca32516be84a4892cef0bf5d0fbf8ef99120bcd2cec93bb77d5903a3c58c0b3dc3573a5b58772abf7e7b9b884a126a2b96fa275b2321c98a9b513471deb85e13fd76cef44ac796d2967a8c74c92e31b3e90dd9536aa4e2c69c4ee94b7573e9e1b7b77f76c45a89b014c341f34c820975e008a0f60730decdbf752a2cab97bab31b253eca8954378f372bb0b612d7093b35da92fa45c36ecd3754f6631754878c1ad9fdcfb37a207fa9b7fea926f004df0c464d382af17b92a51abd95ff6a7cad9def75d5543b4b84f28ea92e22143a76a65d99664d27d3e8ebf0c5fbf61a6fa552aa3156444e0b765fa700fb1542e3e97d0c162fd0c36282bfcdf4197c6ffdf75541e3e8f3f69e5e66b6369c002879c988d436518e45c0631ad56f24bd0069a34a447743e701e1ae3295a548a59ae804fcf78c00748e2548f2e7dedbc991341ef89816547ab0f4268d15c82be126e9ea3d43b9da98ffe629c16baf141b2bab20df640dca1255237e72400cc3223948ceeb296f65bcf07a4194c0a77990526df5b52c5a5a6c85cd8c7d2244135f5a55d"], 0x0)

5.361319654s ago: executing program 9 (id=989):
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r5 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

4.664683984s ago: executing program 9 (id=990):
r0 = dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x80000)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0)
r2 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r3 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000003200)=@newsa={0x15c, 0x10, 0x1, 0xfffffffe, 0x100, {{@in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x714, 0x4e23, 0x5, 0x0, 0x0, 0x0, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in=@loopback, {0x0, 0x192, 0x6, 0xffff, 0x8251c, 0x2, 0xfffffffffffffff8}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0x2, 0xfffffffc}, 0x70bd2a, 0x3504, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @lifetime_val={0x24, 0x9, {0xf, 0x81, 0x9, 0x100}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x8801}, 0x0)
r4 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000740)=@newsa={0x140, 0x1a, 0x1, 0xfffffffe, 0x100, {{@in=@multicast2, @in6=@private1={0xfc, 0x1, '\x00', 0x1}, 0x1, 0x71c, 0x4e23, 0x5, 0xa, 0x0, 0x20, 0x3a}, {@in6=@mcast2, 0x4d4, 0x6c}, @in6=@private2={0xfc, 0x2, '\x00', 0x1}, {0xfe, 0x1000000000000192, 0x9ba3, 0xffff, 0x8251c, 0x5, 0xfffffffffffffffc}, {0xffffffffffffffff, 0x0, 0x1f, 0xfffffffffffffffe}, {0xfffffffe, 0x3fc}, 0x80, 0x3505, 0x2, 0x1, 0x0, 0x20}, [@algo_comp={0x48, 0x3, {{'deflate\x00'}}}, @XFRMA_SET_MARK={0x8, 0x1d, 0xfffffeff}]}, 0x140}}, 0x844)
bind$bt_l2cap(r2, &(0x7f0000000080)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0xb}, 0xe)
r6 = getpid()
unshare(0x22020400)
r7 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_IOEVENTFD(r8, 0x4040ae79, &(0x7f00000003c0)={0xb03, 0x3000, 0x0, 0xffffffffffffffff, 0x4})
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x7)
fcntl$lock(r5, 0x5, &(0x7f0000000040)={0x0, 0x2, 0x6, 0x9, r6})
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @none, 0x0, 0x1}, 0xe)
timerfd_create(0x0, 0x0)
syz_mount_image$jfs(&(0x7f0000000080), &(0x7f00000000c0)='./file0\x00', 0x2010880, &(0x7f0000006440)=ANY=[@ANYBLOB='iocharset=cp869,discard=0x0000000000000009,gid=', @ANYRESHEX=0x0, @ANYBLOB=',integrity,errors=continue,discard,errors=remount-ro\x00iocharset=cp737,grpquota,usrquota,gid=', @ANYRESHEX=r0, @ANYBLOB="2c71030074612c6700003d", @ANYRES8, @ANYRES32, @ANYBLOB="10aa1731f1adc87d46d7b8f27bd201ba21fcf874a63cbcdd0caa1f403ec3c755332279374332b2931bfb39b360e3bb68657f7a5d4bde39ff21bdbaea4230e4649bd4a0fe88984e87d7d391477ed0f81cc22ecbf8cd7e1ee60c73e0cbb6122a125256557dc574f2db28bc68b4277b0211c6335ae8b0103c5d47524959f61c19a53c415dc52c6d86e0d4e4dd8f9d93b3ffb71cccec7eab8a07867f1dfdb21beb087de30614e460", @ANYRESOCT, @ANYRESDEC=0x0, @ANYBLOB="2c000100000000000000"], 0x5, 0x6177, &(0x7f00000002c0)="$eJzs3b2PHGcdB/Dfvt5LiHNKEQULoYsTXkKIX4MxBEhSQEGTArlFti6XyMIBZBvkRBY+dA0FFX8BCIkSIUpEwR+QgpaOiopINhIoFYPm7nl8s+td75nz7ezd8/lI65nfPLO7z9x3Z1+8M/sEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDf/c73znUi4spP04K1iE9FL6IbsVLX6xGxsr6W1+9HxPOx0xzPRcRgKaK+/s4/z0S8FhEfnYi4d//ORr34/D778e0//O2333/q7b/+fnDmP3+81Xt92nq3b//y33+6e7BtBgAAgNJUVVV10sf8k+nzfbftTgEAc5Ff/6skL1+YuntIt/+rf7z950XYPrVarVar51g3VZPdbRYRsdW8Tv2ewdfxAHDEbMUnbXeBFsm/aP2IeKrtTgALrdN2BzgU9+7f2eikfDvN14P13fZ8LMhI/ludB+d3TJvOMn6MybweX9vRi2en9GdlTn1YJDn/7nj+V3bbh2m9w85/XqblP9w99ak4Of/eeP5jjk/+3Yn5lyrn33+s/HvyBwAAAACABZb//3+t5e9/lw6+KfvyqO9/1+fUBwAAAAAAAAB40g46/t8Dxv8DAACAhVV/Vq/9+sTesmm/xVYvv9yJeHpsfaAw6WSZ1bb7AQAAAAAAAAAAAAAl6e8ew3u5EzGIiKdXV6uqqi9N4/XjOuj1j7rStx9K1vaTPAAA7ProxNi5/J2I5Yi4nH7rb7C6ulpVyyur1Wq1spTfzw6XlquVxufaPK2XLQ338Ya4P6zqG1tuXK9p1uflWe3jt1ff17Dq7aNjT8gg/TWnNLcUNgAku69G97wiHTNV9cy0Nx8wwv5//Nj/2Y+2H6cAAADA4auqquqkn/M+mb7z77bdKQBgLvLr//j3AodSRxzu7avVarVarX5k3VRNdrdZRMRW8zr1ewbD8QPAEbMVn7TdBVok/6L1I+L5tjsBLLRO2x3gUNy7f2ejk/LtNF8P0vju+ViQkfy3OjvXy9efNJ1l/BiTeT2+tqMXz07pz3Nz6sMiyfl3x/O/sts+TOsddv7zMi3/ejvXWuhP23L+vfH8xxyf/LsT8y9Vzr//WPn35A8AAAAAAAss////mu9/8yYDAAAAAAAAwJFz7/6djXzea/7+/zMT1nP+5/GU8+/Iv0g5/+5Y/l8cW6/XmP/4rb38/3X/zsbvbv3z03m63/yX8kwnPbI66RHRSffU6afpQbbuYduD3rC+p0Gn2+unY36qwbtxLa7HZpwdWbeb/h577edG2uueDkbaz4+09x9qvzDSPki/O1Ct5PbTsRE/iuvxzk573bY0Y/uXZ7RXM9pz/j37f5Fy/v3Gpc5/NbV3xqbR2DWb+31zOul+3rz22V+cPeRt2Y/t6D3YtqZ6+0610J+dv8lTw/jJzc0bp29fvXXrxrlIk5Gl5yNNnrCc/2DnsrT3/P/ibnt+3m/urx//fPjQ8/6s/BfFdvSn5v9iY77e3pfn3Lc25PyH6ZLzfye1T9r/j3b+0/f/V1roDwAAAAAAAAAAAAAAADxKVVU7p4i+GREX0/k/bZ2bCQDMV379r5K8XK1Wq9Vq9fGrm6rJ3mgWEfGX5nXq9ww/m3RjAMAi+29E/L3tTtAa+Rcs/95fPX2p7c4Ac3Xzgw9/cPX69c0bN9vuCQAAAAAAAADw/8rjf643xn9+KSLWxtYbGf/1rVg/6Pif/TzzYIDRJzzQ9xTb3WGv2xhu/IXYGZ/79LTxv0/Fo8f/7s+4v8GM9uGM9qUZ7csTl+6lNfFEj4ac/wuN8c7r/E+ODb9ewviv42PelyDnf6rxeK7z/8LYes38q98sXP5b+11xO7oj+Z+59f6Pz9z84MNXr71/9b3N9zZ/eOHcubMXLl68dOnSmXevXd88u/vv4fR6AeT889jXjgMtS84/Zy7/suT8P5dq+Zcl5//5VMu/LDn//H5P/mXJ+efPPvIvS87/5VTLvyw5/y+lWv5lyfm/kmr5lyXn/+VUy78sOf9XUy3/suT8T6da/mXJ+Z9J9T7y9/Pwx0jOP3/DZf8vS84/H9kg/7Lk/M+nWv5lyflfSLX8y5Lzfy3V8i9Lzv8rqZZ/WXL+F1Mt/7Lk/L+aavmXJed/KdXyL0vO/2upln9Zcv5fT7X8y5Lzfz3V8i9Lzv8bqZZ/WXL+30y1/MuS8/9WquVflpz/G6mWf1n2fv/fjBkzZvJM289MAAAAAAAAAAAAAMC4eRxO3PY2AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuNUaus74f+Jm92GuHEAMhOPkbsklMCMmSXduJL/zrYsK1AUqBhEIv2K53bRZ8w2uXQJFsGiiRMCqqqJq+oAWE2khVhVVRiVaU5kXVy6vSvqBvKqpKSI2qgAISUktptpo5z/N4ZnZ2zq49Xs+e5/OR4p935sycM2fOzO53ne8cAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaHfHG+Y+0yiKovlf648tRfGC5t83TW5pXfba672FAAAAwNX639afz92ULjiwghu1LfN3r/jHry8uLi4W7xv93fEvLC6mKyaLYnxjUbSuiy79+/sb7csEjxcTjZG2r0cqVj9acf1YxfXjFddvqLh+Y8X1ExXXL9kBS2wqfx/TurPtrb9uKXdpcXMx3rpue49bPd7YODISf5fT0mjdZnH8aDFfHC/mipmO5ctlG63lv3lHc11vLeK6RtrWta15hPzwE0fiNjTCPt7esa7L9xl9//XF5I9++Ikjf3T22Vt7zcrd0HF/5Xbec2dzOz8VLim3tVFsTPskbudI23Zu6/GcjHZsZ6N1u+bfu7fzuRVu5+jlzVxT3c/5RDHS+vu3W/tprP3Xemk/bQuX/dddRVFcuLzZ3cssWVcxUmzuuGTk8vMzUR6RzftoHkovLsZWdZzesYLjtDlnt3cep92vifj83xFuN7bMNrQ/Td//5IYlz/tqj9Oo+aiXe610H4ODfq0MyzEYj4tvtx70Ez2Pwe3h8X/i7uWPwZ7HTo9jMD3utmPwzqpjcGTDaGub05PQaN3m8jG4o2P50daaGq35zN39j8HpsydOTy987OOvmT9x+NjcsbmTu3bsmNm1e/fevXunj84fn5sp/7zCvT38Nhcj6TVwZ9h38TXwqq5l2w/VxS8P7nU40ed1uKVr2UG/Dse6H1xjbV6QS4/p8rXxSHOnT1wcKZZ5jbWen3uv/nWYHnfb63Cs7XXY83tKj9fh2Apeh81lTt+7sp9Zxtr+67UN1+p7wZa2Y7D755HuY3DQP48MyzE4EY6Lf713+e8F28L2PjG12p9HRpccg+nhhvee5iXp5/2Jva3R67i8rXnFDRuKcwtzZ+5/7PDZs2d2FGGsiZe0HSvdx+vmtsdULDleR1Z9vB6Yf8UTt/W4fEvYVxOvaf4xsexz1Vzmgfv7P1et726992fHpTuLMAZsrfdnr+/mzf2ZsmSf/dlc5lPTV/+zeMqlbe+/48u8/8bc/3y5vnRXj4+Oj5Wv39G0d8Y73o87n6qx1ntXo7Xu56ZX9n48Hv5b6/fjm/u8H2/tWnbQ78fj3Q8uvh83qn7bcXW6n8+JcJwcn+n/ftxcZuvO1R6TY33fj+8KsxH2/6tDUki5qO3YWe64TesaGxsPj2ssrqHzON3Vsfx4yGbNdT2188qO03vuKu9rND26y9bqOJ3sWnbQx2l6v1ruOG1U/fbtynQ/nxPhuLh5V//jtLnM0w9c/XvnpvjXtvfODVXH4PjohuY2j6eDsHy/X9wUj8H7iyPFqeJ4Mdu6dkPreGq01jX14MqOwQ3hv7V+r9za5xi8p2vZQR+D6fvYcsdeY2zpgx+A7udzIhwXTz7Y/xhsLvPGPYP92fWecElapu1n1+7fry33O6/bunbTtfydV3M7/2ZP/9/NNpc5vne1ObP/frovXHJDj/3U/fpd7jU1W6zNftoatvPZvcvvp+b2NJf5wr4VHk8HiqI4/5GHWr/vDf++8mfnvvP1jn936fVvOuc/8tAPbjz6t6vZfgDWv+fLsbn8Xtf2L1Mr+fd/AAAAYF2IuX8kzET+BwAAgNqIuT/+X+GJ/A8AAAC1EXP/WJhJJvl/6xufnX/+fJGa+YtBvD7thofL5WLHdSZ8Pbl4WfPyh7469+O/PL+ydY8URfHTh3+j5/JbH47bVZoM23npTZ2XL73h+RWt/9Cjl5dr769/Kdx/fDz9DoP2zzHrVcGdKYrimzd9rrWeyfdfbM2nHz7Umu++8MTjzWWe21d+HW//zEvK5b8Yyr8Hjh7uuP0zYT98L8yZt/XeH/F2X7v46m173nt5ffF2jTtf2HrYT36gvN/4OTmff7xcPu7n5bb/rz771Neayz/2yt7bf36k9/Y/Fe73q2H+98vL5dufg+bX8XafDtsf1xdvd/9XvtVz+y99plz+9JvL5Q6FGdd/T/h6+5ufnW/fX481Dnc8ruIt5XJx/TPf+e3W9fH+4v13b//EwYsd+6P7+Hj6n8v7me5aPl4e1xP9Rdf6m/fTfnzG9T/1W4c69nPV+i+9+5mXN++3e/33dS032nX77k9s+oNPf67n+uL2HPjT0x2P58C7wus4rP/JD4TjMVz/k0uf61hvdOhdne8/cfkvbTnf8Xiit/6oXP+l1x1rzf+Y/PHv3/CCG1944fbmviuKb7+nvL+q9R/7w1Md2//lW+5tPR/x+tjR717/cuL6z3x06uSphXPzs217tfXZOW8vt2fjxKbNze29Kby3dn998NTZD86dmZyZnCmKyfp+hN4V+0qYPyjHhdXe/t5Hw/N52+99c/Pd//TZePm/PFJefvFt5fetV4XlPh8u31I+f4uNq1z/k3fc0np9N54uv+7osQ/Atu3/uXdFC4bH3/1zQTzeT7/0g6390Lyu9X0jvq6vcvu/O1vezzfCfl0Mn8x85y2X19e+fPxshIvvKV/vV73/wttcfF7/ODzf7/heef9xu+Lj/W74OeZbWzvf7+Lx8Y3zI9333/oUjwvh/aS4UF4fl4r7++Jzt/TcvPg5JMWFW1tf/066n1tX9TCXs/Cxhenj8yfPPTZ9dm7h7PTCxz5+8MSpcyfPHmx9lufBD1Xd/vL70+bW+9Ps3O4HiplNRVGcKmbW4A3r2mx/828r2/7Tjx6Z3TNz9+zc0cPnjp599PTcmWNHFhaOzM0u3H346NG5j1bdfn52/46d+3bt2Tl1bH52/959+3btm5o/eaq5GeVGVdg98+Gpk2cOtm6ysP+BfTsefPCBmakTp2bn9u+ZmZk6V3X71vemqeatf33qzNzxw2fnT8xNLcx/fG7/jn27d++s/DTAE6ePLkxOnzl3cvrcwtyZ6fKxTJ5tXdz83ld1e+pp4d/Kn2e7NcoP4iveed/u9PmsTV/95LJ3VS7S9QGiz4bPovmHF53eu5KvY+4fDzPJJP8DAABADmLu3xBmIv8DAABAbcTcvzHMRP4HAACA2oi5fyLMJJP8r/9/5f3/dvXv/5fX6//n1f8//ZGyVxpv39ViXTf9/9if1//Pw3Xu/1/1+vX/9f/r1/9feX9+vW+//r/+P0sNW/8/5v5NRZFl/gcAAIAcxNy/OcxE/gcAAIDaiLn/hjAT+R8AAABqI+b+F4SZZJL/9f9X1P/fWVW4qn//3/n/9f+L9Xn+//jk6P9nY9X9+/c+0vGl/n+g/6//r/+v/6//z1UbX/aa69X/j7n/xjCTTPI/AAAA5CDm/heGmcj/AAAAUBsx998UZiL/AwAAQG3E3L8lzCST/K//7/z/+v/6/7Xu/1/t+f/bNkb/f31w/v/+evT/b++5oP7/Kvv/E/r/67H/Pz7Y7R/u/n/l5uv/c00M2/n/Y+5/UZhJJvkfAAAAchBz/4vDTOR/AAAAqI2Y+18SZiL/AwAAQG3E3H9zmEkm+V//X/9f/1//X/+/9/qrz/9f/k3/f7jo//fn/P8VnP8/r/7/gLd/uPv/gz7///ibum+v/08vw9b/j7n/pWEmmeR/AAAAyEHM/beEmcj/AAAAUBsx978szET+BwAAgNqIuX9rmEkm+V//X/9f/1//X/+/9/qr+/8l/f/hov/f36D7/6Ndl+v/l/T/9f9r3//v8cOv/j+9DFv/P+b+W8NMMsn/AAAAkIOY+28LM5H/AQAAoDZi7v9/YSbyPwAAANRGzP3bwkwyyf/6//r/+v959f/v26D/r/9fb/r//Tn/fwX9f/1//f8Vnv9/qdX0/zdW3Rm1MWz9/5j7Xx5mkkn+BwAAgBzE3P+KMJMV5/+5L16DzQIAAAAGKOb+28NM/Ps/AAAA1EbM/ZNhJpnkf/3/evX//+Svn7y90P/X/69Yf037//Ew0P/PnP5/f/r/FfT/9f/1/9ek/08+hq3/H3P/HWEmmeR/AAAAyEHM/XeGmcj/AAAAUBsx998VZiL/AwAAQG3E3L89zCST/K//X6/+f6T/r//fb/3Xpv+/KV3u/P+96f+vDf3/HtreFPT/K+j/6/9n3/+PP/3q/zMYw9b/j7n/lWEmmeR/AAAAyEHM/XeHmcj/AAAAUBsx978qzET+BwAAgNqIuf+eMJNM8r/+v/6//r/+f03O/5/o/+dN/78//f8K+v/6/9n3/53/n8Eatv5/zP2vDjPJJP8DAABADmLuvzfMRP4HAACA2oj//2b5/73K/wAAAFBHMfdPhZlkkv/1//X/c+r/N/T/9f/1/2tP/78//f8K+v/6//r/+v8M1LD1/2Puf02YSSb5HwAAAHIQc//9YSbyPwAAANRGzP3TYSbyPwAAANRGzP0zYSaZ5H/9f/3/nPr/zv/f0f+fKAr9f/3/+tH/70//v4L+v/5/3fr/RaH/z3U1bP3/mPt3hJlkkv8BAAAgBzH37wwzkf8BAACgNmLu3xVmIv8DAABAbcTc/0CYSSb5X/9f/1//P9v+v/P/6//Xkv5/f/r/FfT/9f/r1v93/n+us2Hr/8fc/2CYSSb5HwAAAHIQc//uMBP5HwAAAGoj5v49YSbyPwAAANRGzP17w0wyyf/6/zXp///m33esW/9f/7/f+gfT/9+k/x+m/v9wqWn/v/tlccX0/yvo/+v/6//r/zNQw9b/j7l/X5hJJvkfAAAAchBz/2vDTOR/AAAAqI2Y+/9/mIn8DwAAALURc//PhJlkkv/1/2vS/++i/6//32/9zv+v/19nNe3/D4z+fwX9f/1//X/9fwbq2vf/499W1v+PuX9/mEkm+R8AAAByEHP/z4aZyP8AAABQGzH3vy7MRP4HAACA2oi5/0CYSSb5X/9f/1//X///2vT/X1d0G8b+f/Pg0f+vF/3//vT/K+j/6//r/+v/M1DDdv7/mPtfH2aSSf4HAACAHMTc/1CYifwPAAAAtRFz/xvCTOR/AAAAWM82tX8Rc/8bw0wyyf/6//r/+v/6/9X9/3gPzv+v/z/89P/70/+voP+v/6//r//PQA1b/z/m/jeFmWSS/wEAACAHMfe/OcxE/gcAAIDaiLn/LWEm8j8AAADURsz9bw0zyST/6//r/+v/6/9fm/P/17H/v/g/zdvr/w83/f/+9P8r6P/r/+v/6/8zUMPW/4+5/+fCTDLJ/wAAAJCDmPsfDjOR/wEAAKA2Yu5/W5iJ/A8AAAC1EXP/28NMMsn/+v/6//r/+v/6/73X7/z/65P+f3/6/xWGoP/f/J6m/78+t1//X/+fpYat/x9z/zvCTDLJ/wAAAJCDmPt/PsxE/gcAAIDaiLn/nWEm8j8AAADURsz9vxBmkkn+1//X/9f/1//Pov/fvJH+fxb0//vT/29309KLevT/Nzr/v/6//r/+P1ds2Pr/Mfe/K8wkk/wPAAAAOYi5/91hJvI/AAAA1EbM/e8JM5H/AQAAoDZi7n8kzCST/K//n2X/Pz1k/f+S/n8G/X/n/8+G/n9/+v8VhuD8//r/63f79f/1/1lq2Pr/Mfc/GmaSSf4HAACAHMTc/94wE/kfAAAAaiPm/l8MM5H/AQAAoDZi7n9fmEkm+b8G/f+fdBT79P87buf8/9e7/z/WcXzk1P+faHs+03Gp/6//vwb0//vT/6+g/6//P8z9/3A0b1rm9vr/DKNh6//H3P/+MJNM8j8AAADkIOb+Xwozkf8BAACgNmLu/+UwE/kfAAAAaiPm/l8JM8kk/9eg/991Q/3/Qv9/iPr/ncdHTv1/5/9fSv9/bej/96f/X0H/X/9/mPv/FfT/GUbD1v+Puf9Xw0wyyf8AAACQg5j7PxBmIv8DAABAbcTcfzDMRP4HAACA2oi5/1CYSSb5X/+/u/8fz6iq/6//r/+v/6//vx4Nrv//shuLYkX9/z9vXq//r/+v/6//r/+v/89Sw9b/j7n/cJhJJvkfAAAAchBz/6+Fmcj/AAAAUBsx9x8JM5H/AQAAoDZi7p8NM8kk/+v/O///oPr/P9X/1/8P9P970/9fG87/35/+fwX9f/1//X/9fwZq2Pr/MffPhZlkkv8BAACgxtKvg2PuPxpmIv8DAABAbcTcfyzMRP4HAACA2oi5/4NhJpnkf/1//X/n/78e/f+xjuX1/0v6//r/g6D/35/+fwX9f/1//X/9fwZq2Pr/MffPh5lkkv8BAAAgBzH3fyjMRP4HAACA2oi5/8NhJvI/AAAA1EbM/cfDTDLJ//r/+v+59/8bRXHB+f/1/3utX/9/fdL/70//v4L+v/6//r/+PwM1bP3/mPtPhJlkkv8BAAAgBzH3nwwzkf8BAACgNv6PvftosvOu8jh+7bItqWYx8xJmPatZzqxmXgJbdlSxpkgmB2NyBpNzMMFkTDA5mJxzzibnaKKhShTd5xypu6+ea6mv+z7P/3w+m0Or1NzbViP0s+pbT+7+u8ct9j8AAAAMI3f/PeKWJvtf/9+t//83/f8snv9/8Ofr//fp//X/23Ckv7/i4j7/gv3/f//P1XfR/+v/9f+T9P/6f/0/h82t/8/df8+4pcn+BwAAgA5y998rbrH/AQAAYBi5++8dt9j/AAAAMIzc/VfHLU32v/6/W//v+f/6/w39/836f/3/snn+/zT9/wb6f/2//l//z1bNrf/P3X+fuKXJ/gcAAIAOcvffN26x/wEAAGAYufvvF7fY/wAAADCM3P33j1ua7H/9v/5f/6//9/z/9a+v/18m/f80/f8G+n/9v/5f/89Wza3/z93/gLilyf4HAACADnL3PzBusf8BAABgGLn7HxS32P8AAAAwjNz9D45bmux//b/+X/+v/9f/r399/f8yXb8693uC/v8o/f8GG/r/1Ur/P+V29/Prv7zlvP8L0P/r/zlqbv1/7v6HxC1N9j8AAAB0kLv/oXGL/Q8AAADDyN1/Tdxi/wMAAMAwcvc/LG5psv/1//p//b/+X/+//vX1/8vk+f/Tjt///9d/3O2ufft/z/+f5vn/+n/9P4fNrf/P3X9t3NJk/wMAAEAHufsfHrfY/wAAADCM3P2PiFvsfwAAABhG7v5Hxi1N9r/+v03/v1e76P/1//p//f/o9P/TPP9/g73f5s7Uh/p//b/+X//P8cyt/8/d/6i4pcn+BwAAgA5y9z86brH/AQAAYBi5+x8Tt9j/AAAAMIzc/Y+NW5rsf/1/m/7f8//1//p//X8L+v9p+v8NRnn+/yV+1+y6nz+uXb9//b/+n6Pm1v/n7n9c3NJk/wMAAEAHufsfH7fY/wAAADCM3P1PiFvsfwAAABhG7v4nxi1N9r/+X/+/jP4/X0H/r//X/+v/p+n/p+n/Nxil/79Eu+7nl/7+9f/6f46aW/+fu/9JcUuT/Q8AAAAd5O5/ctxi/wMAAMAwcvc/JW6x/wEAAGAYufufGrc02f/6f/3/Mvp/z//X/+v/9f+3j/5/mv5/A/2//l//r/9nq+bW/+fuvy5uabL/AQAAoIPc/U+LW+x/AAAAGEbu/qfHLfY/AAAADCN3/zPilib7X/+v/9f/6//1/+tfX/+/TPr/afr/DfT/+n/9v/6frZpR/3/eZ51ePTNuabL/AQAAoIPc/c+KW+x/AAAAGEbu/mfHLfY/AAAADCN3/3PilsH3/2WRT+j/Z9P/7+V8Y/X/Z1arlf5/1bT/P3Per2d9X+r/9f8nQP8/Tf+/gf5f/6//1/+zVTPq//c+zt3/3Lhl8P0PAAAAneTuf17cYv8DAADAMHL3Pz9usf8BAABgGLn7XxC3NNn/+v/Z9P97xur/Pf//8PdHp/7f8/+P0v+fDP3/NP3/Bvp//b/+X//PVs2t/8/d/8K46aorL/lLBAAAAGYmd/+L4pYmf/8PAAAAHeTuf3HcYv8DAADAQl135Edy978kbmmy//X/2+3/rzrvx/T/+v/D3x/6f/2//v+Op/+fpv/fQP+v/9f/6//Zqrn1/7n7Xxq3NNn/AAAA0EHu/uvjFvsfAAAAhpG7/2Vxi/0PAAAAw8jd//K4pcn+1/97/r/+X/+v/1//+vr/ZdL/T5t3/3+2fjvR/+v/l/j+t9D/nzr3H/X/jOEi+v+zZ89ec4f3/7n7XxG3NNn/AAAA0EHu/lfGLfY/AAAADCN3/w1xi/0PAAAAw8jd/6q4pcn+1/837f/zW13/v0f/r/9f9/r6/2XS/0+bd//v+f/6/2W/f8//1/9z1Nye/5+7/9VxS5P9DwAAAB3k7n9N3GL/AwAAwDBy9782brH/AQAAYBi5+18XtzTZ//r/pv2/5//r//X/J93/37ba1P9fvtL/b8Ei+v8zF379uff/1+r/9f8T2vX/d/rfAx/q//X/HDW3/j93/+vjlib7HwAAADrI3f+GuMX+BwAAgGHk7n9j3GL/AwAAwDBy998YN13RZP/r//X/+n/9v/5//euf8PP/r1qt9P/bsIj+f8Lc+3/P/9f/T2nX/x+i/9f/c9Tc+v/c/W+KW5rsfwAAAOggd/+b4xb7HwAAAIaRu/8tcYv9DwAAAMPI3f/WuKXJ/tf/6//1//r/4fv/axfR/69W0Y/r/49H/z9N/7+B/l//r//X/3MidtX/5+6/KW5psv8BAACgg9z9b4tb7H8AAAAYRu7+t8ct9j8AAAAMI3f/O+KWJvtf/6//1//r/0/Nrv8/feC/r8nz//X/W7LD/v//V/p//X/Q/+v/F9z/X6f/Z5vm9vz/3P3vjFua7H8AAADoIHf/u+LWv7q1/wEAAGAYufvfHbfY/wAAADCM3P3viVua7H/9v/5f/6//H/75//r/Vjz/f5r+fwP9v/5f/+/5/2zV3Pr/3P3vjVua7H8AAADoIHf/++IW+x8AAACGkbv//XGL/Q8AAADDyN1/c9zSZP/r//X/+n/9v/5//9dQ/z8G/f+0k+n/z+j/9f/Vz18W/yvQ/+v/N30+Y5pb/5+7/wNxS5P9DwAAAB3k7v9g3GL/AwAAwDBy938obrH/AQAAYJGuWPNjufs/HLc02f/6f/2//l//r/9f//r6/2XS/0/z/P8N9P8X2c//54GPlvb8/8P//6X/1/+zfbvv//f/xJYf5+7/SNzSZP8DAABAB7n7Pxq32P8AAAAwjNz9H4tb7H8AAAAYRu7+j8ctTfa//l//r//X/+v/17++/n+Z9P/T9P8b6P93+vz8pb9//b/+n6N23/8f/Dh3/yfilib7HwAAADrI3f/JuMX+BwAAgGHk7v9U3GL/AwAAwDD2dn/GZQ33v/5f/6//1//r/9e/vv5/mfT/0/T/G+j/9f/6f/0/WzW3/v/Te591evWZuKXJ/gcAAIAOcvd/Nm6x/wEAAGAYufs/F7fY/wAAADCM3P2fj1ua7P8G/f+pdT9N/7+0/v/s2bPX6P/1/we/nnP9/y36f4r+f5r+fwP9v/5f/6//Z6vm1v/n7v9C3NJk/wMAAEAHufu/GLfY/wAAADCM3P1filvsfwAAABhG7v4vxy1N9n+D/n+tWfX/p/X/nv+v/195/r/+f0v0/9P0/xuM2P+fvv1f/q77+ePa9fvX/+v/OWpu/X/u/q/ELU32PwAAAHSQu/+rcYv9DwAAAMPI3f+1uMX+BwAAgGHk7v963NJk/+v/T67//9c/uy7P/z+zWv/+9f/6f/2//v+Opv+fpv/fYMT+/yLsup9f+vvX/+v/OWpu/X/u/m/ELU32PwAAAHSQu/+bcYv9DwAAAMPI3f+tuMX+BwAAgGHk7v923NJk/+v/Z/D8/wH7f8//X//9of+fdf9/uf5/DAvq/w9/q+/R/19k/3/D/tX/6//n8P71/+f3//ndrP/vbm79f+7+78QtTfY/AAAAdJC7/7txi/0PAAAAw8jd/724xf4HAACAYeTuvyVuOW//r2u7R6H/1//r//X/+v/1r6//X6YF9f9rzaX/P7U6Xv+fPP9f/6//79r/e/4/++bW/+fu/37c4u//AQAAYHGuvMCP5+7/Qdxi/wMAAMAwcvf/MG6x/wEAAGAYuft/FLfcevmu3tKJ0v/r//X/+n/9//rX1/8vk/5/2nDP/4+r/59V//9/+v8x+v/VSv/P8c2t/8/d/+O4xd//AwAAwDBy9/8kbrH/AQAAYBi5+38at9j/AAAAMIzc/T+LW5rsf/2//v+Y/f9emqn/36f/36f/X0//fzL0/9P0/xvo/z3/X//v+f9s1dz6/9z9P49bmux/AAAA6CB3/y/iFvsfAAAAhpG7/5dxi/0PAAAAw8jd/6u4pcn+31n/H/+o9f+L7/89/1//r//X/8+K/n+a/n8D/b/+X/+v/2er5tb/5+7/ddzSZP8DAABAB7n7fxO32P8AAAAwjNz9v41b7H8AAAAYRu7+38UtTfa/5//r/2fU/99046H3r//X/6/0//r/i6T/n6b/X69+ofT/+n/9v/6frZpb/5+7//dxS5P9DwAAAB3k7v9D3GL/AwAAwDBy998at9j/AAAAMIzc/X+MW5rs/+X0//vvRP8/dP+/x/P/z32e/n/fmv5/r4HU/+v/19H/T9tl/3/nf9/8sp7/v/P+P9+C/l//r/9nK+bW/+fu/1Pc0mT/AwAAQAe5+/8ct9j/AAAAMIzc/X+JW+x/AAAAGEbu/r/GLU32/4b+/1T9xJ33/57/r//X/+v/V2dWnv+v/99A/z+ty/P/b7zy0l5f/+/5//p//T/btfv+f++Pj/Vx7v6/xS1N9j8AAAB0kLv/trjF/gcAAIBh5O7/e9xi/wMAAMAwcvf/I25psv+X8/x//b/+X/+v/z/49ej/9f/r6P+nden/Pf//0uy6n1/6+9f/6/85avf9/8GPc/f/MwAA//9A7lFR")
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x1c0000000000000, 0x7ff, &(0x7f0000006680))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x9)

4.303311829s ago: executing program 0 (id=991):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setaffinity(0x0, 0x11, &(0x7f0000000180)=0x1400200bce)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SIOCGETNODEID(r1, 0x89e1, 0x0)
r2 = timerfd_create(0x1000000, 0x0)
ioctl$TFD_IOC_SET_TICKS(r2, 0x40085400, 0x0)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x410281, 0x0)
r4 = fanotify_init(0x200, 0x0)
fanotify_mark(r4, 0x1, 0x4800003e, r3, 0x0)
dup2(r4, r3)
r5 = syz_open_dev$usbfs(&(0x7f0000000040), 0x76, 0x301002)
ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r6, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r6, 0x0, 0x11, &(0x7f00000012c0)={{{@in=@broadcast, @in6=@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0x4e21, 0x1, 0x4e22, 0x9, 0x2, 0x20, 0x10, 0x2b}, {0x8000, 0x9, 0x0, 0x3ff, 0xff, 0x4, 0xe, 0x400}, {0x1, 0x7f, 0x726, 0xffff}, 0x2, 0x0, 0x0, 0x0, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x32}, 0x4d6, 0x33}, 0x2, @in6=@mcast2, 0x3503, 0x0, 0x0, 0x5, 0x5, 0x4, 0x6}}, 0xe8)
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x3938700}}, 0x0)
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, 0x0)
timer_create(0x7, &(0x7f0000000180)={0x0, 0x13, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000240)=<r7=>0x0)
timer_settime(r7, 0x0, &(0x7f0000000340)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
poll(0x0, 0x0, 0xffffffffffbffff8)

2.813115191s ago: executing program 3 (id=992):
set_mempolicy(0x3, &(0x7f0000000080)=0x7, 0x2)
r0 = socket$rds(0x15, 0x5, 0x0)
r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0x12400)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_INFO(r1, 0x40bc5311, &(0x7f00000000c0)={0x9, 0x0, 'client0\x00', 0x0, "9145f58a071e6e53", "9a8a3b0589b2a71601cb5b6cd82abec8e5227a1e80b38bb11f6df4aa6d8230f6", 0xfffffff9, 0x5})
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x2010008, &(0x7f00000001c0), 0xff, 0x53b, &(0x7f0000000b80)="$eJzs3cFvHFcZAPBvNl7HSZzaBQ5QqaWiRUkF2Y1r2locSpEQnCohyj0Ye2NZWXste93GVgXrvwAJIUDiBBcuSPwBSCgSF44IKRKcQSoCIUhBggN00OzO2mY9a2/SjTde/37SZN6b2Znvexu/2Zmdp9kAzq3nI+KNiPggTdOXImImX17Kp2h1pux17z94dymbkkjTt/6WRJIv6+4ryedX8s2mIuJrX4n4ZnI07tbO7p3Fer22mderzbWN6tbO7o3VtcWV2kptfX5+7tWF1xZeWbg5lHZejYjXv/Sn73/np19+/ZeffeePt/5y/VtZWtP5+sPteEgTx63sNL18capng81HDPYkytpT7lYuDbbN3mPMBwCA/rJz/I9ExKci4qWYiQvHn84CAAAAZ1D6hen4TxKRFpvssxwAAAA4Q0rtMbBJqZKPBZiOUqlS6Yzh/VhcLtUbW83P3G5sry93xsrORrl0e7Veu5mPFZ6NcpLV59rlg/rLPfX5iHg6Ir43c6ldryw16suj/vIDAAAAzokrPdf//5zpXP8DAAAAY2Z21AkAAAAAj53rfwAAABh/rv8BAABgrH31zTezKe3+/vXy2zvbdxpv31iubd2prG0vVZYamxuVlUZjpf3MvrWT9ldvNDY+F+vbd6vN2lazenVn99ZaY3u9eWs1pk6lQQAAAMART3/y3u+TiGh9/lJ7ykyOOingVEzsl5J8XtD7//BUZ/7eKSUFnIoLA7zmvYvFy50nwNk20bugT18Hxk951AkAI5ecsL7v4J3fdGalIecDAAAM37VPFN//P/l8vuWUH844nRjOr577/+nMqBIBTl37/v+gA3mcLMBYKQ80AhAYZx/2/v/J0vShEgIAAIZuuj0lpUr+9d50lEqVSsTV9s8ClJPbq/XazYh4KiJ+N1O+mNXn2lsmJ14zAAAAAAAAAAAAAAAAAAAAAAAAAAAdaZpECgAAAIy1iNKfk191nuV/bebF6d7vByaTf7d/EngyIt750Vs/uLvYbG7OZcv/vr+8+cN8+cuj+AYDAAAA6NW9Tm/P/zXqbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYN+8/eHepOw3w8kvDivvXL0bEbFH8iZhqz6eiHBGX/5HExKHtkoi4MIT4rb2I+HhR/CRLaz9kUfxhvAmtvaSVthXGj9n8XSiKf2UI8eE8u5cdf94o6v+leL49L+5/ExH/V39U/Y9/sX/8u9Cn/18dMMYz939e7Rt/L+KZieLjXzd+0if+CwPG/8bXd3f7rUt/HHGt+/nTPuIdjnBQqjbXNqpbO7s3VtcWV2ortfX5+blXF15beGXhZvX2ar2W/1sY47vP/uKD49p/ufDzL8mz6d/+Fwv2V/SZ9N/7dx98tFtpHY1//YWC+L/+Sf6Ko/FLeZxP5+Vs/bVuudUpH/bcz3773HHtXz5of/lh/v+v99tpryMd5dlB/3QAgMdga2f3zmK9Xtsc20J2lf4EpPEohcl4ItIY38K3s8L9Ye0wTdM061MFq+5FxCD7SWLILS0V53NQ6HsEGPWRCQAAGLaDk/5RZwIAAAAAAAAAAAAAAAAAAADn12k8Za035sEjkJNhPEIbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAo/hcAAP//Yw3Xfw==")
quotactl$Q_GETNEXTQUOTA(0xffffffff80000901, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
bind$rds(r0, &(0x7f0000000840)={0x2, 0x0, @loopback}, 0x10)
sendmsg$rds(r0, &(0x7f0000000180)={&(0x7f0000000080)={0x2, 0x0, @remote}, 0x10, &(0x7f0000000440)=[{&(0x7f0000001880)=""/4096, 0x1000}], 0x1, 0x0, 0x0, 0x20000800}, 0x0)
signalfd4(r1, &(0x7f0000000040)={[0xfffffffffffffffe]}, 0x8, 0x80800)

2.216842856s ago: executing program 39 (id=965):
unshare(0x62040200)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff})
mount$9p_fd(0x0, &(0x7f0000000200)='./file0\x00', &(0x7f0000000480), 0x84, &(0x7f0000000180)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r1])
syz_usb_connect(0x3, 0x56, &(0x7f00000007c0)=ANY=[@ANYRESDEC=r1, @ANYBLOB="f065023002fd151cf1d32c2fcf976684c6c8ff934c62e0c8efa695b81b8c106afeb9f6d613c9be141c6066a9d0748c22de635874f1b4f1243f4f04f1b00355d032d140f8ef8d6f91d0131a6000aa010cb8f7a60e734997a98f14fc6b2ccb5d6ef5c34dc590c096f7cc9e190f928d7ca0bc3076607142096685e62e024cb1f7c3c5be7e734b1db33db6108dac0bda5504087c8b020f110d210766fe16a5d2ce7300da7485b8e2a4986031b9482cd780bf56a58415a06c46aa2eaed9795f47b5d767c9e75fb379e9cce2d04e42c4b1b26c9b132c31f49601af856da78c83b21cc4d4ec9a543636c14bc896d76e2ef0626f8eba7af3124172d13fdc6e5f4073e03dc22b53eccc5a615adeb152f991e5343295d7ba5a9daa56af03f677f4cc61fff079b5f186484c17e13c39bc9b6b8552c6bd60f51924ead758533e4211b1586dc6e36b7c85f31072cb0a4b83d20ac6deb305196aa5ef8c0f1ead984d546252ce244ad9778be295e544cf601e8b84a9462c56606b49ff91580ccf3e9fa6a89335d22792c04f8c6973b1d910bf88fad55c63df2fdb125272040012cfe5d4b8a701503659178085a2a35cf70fb5cb5af511e67ad50b91634572499392e0049e07077aed85154825605805af839320ddad3cf0376b2f98c7c32e4e2e627596eb06a1b7102776a82a17fa80ad4e42457d9f0bcd37a43f0ac1ff672835bc022681e16a97b6b545304cada6ad6148a053f2d3a48ea5d6f2f0ccc1a03371260bdcab4d12daaf436198614286ad4f752927e0e16d98b4d7c97cc3b1b176150ba78e07b340a16717aef090aabe42a18cb1cfb20fbf6a6c0775e86da7ffa01abf3933f3ec39ce18074a6da205a800f2dac81debc8d694ed4a6cc3eec25ed4eb64193a18941345e54d367e13bea5746c35e7701a34b514357f06b1047d8eb201dd026f8c50a58f341f28caa0c104d5132c2fe67ebab3b947dc688ac91d4b3271f47ae296b86406aac89a9b51fa3c3ee8aca273911aa8c4ab63e6868a2fc7ddebdd86dfd1d57102afb6df7ab67b00e55fbb0e8170400aaa339c2a86b9373801e7ac65e7184b120ba7ab2af8ed6697c75aee052efe01a1c13d3acae69c9358d55b3bc1ff9ba7ab0c578d36a569b58d8204bf69cf8e5eb9aeeddb75552f62f10c1bf702acd9fca642844f2cffb284fc7a0cec7ad67e6a23cf5ce20bc132027cfd1e10ebf242934c8295bff44243ce01de516cb9cb18271fcfa6d362e817f9b4abf66acf947eeab9504aded0b51005a49a0da80084bf6a5bd1a6da675b69ea17f9b3af4699c888fb9880b204fac1774999fd84b00d356a03aba99fc41756afdfb16d618192384ddffd92bf684a1faf611a929080ff8bdde5ba6715119a2daa060c7d87534a06c7edcf566bb372f0fee1a0eeaa6681b42e3851328bc931edba7b12b44490c728729040034a1caf285d9430119c77c0dd29328ce1b23d8d3d5faf2b5a3bf2a336057b8f475283f046f4980759ef5c9fadd798e3788726fd689703bce47a5554d53015cad564849f6c29e39f5b5d3d804ce5c9dee7c459edfe19ac31360e12fbb7e902d984a112586ed9b0de46bf64dec5e721f25987afc003e40273055d4865182a02cf13076cc42a9ea603211f91af76ec836e28135b9366c27bb9a5b5360837000cc2e954cbf705272db985657ff9a888f267a0f69b72a1c117635937b7a3fa6f381cb3f40c671cffb0d18c357e6c5b0fe2cc48ff82560c7d844d7eaccb98949f23cb089e932459d21f734165f76e7fbbdc234f5c1db8f07eb0e27ef119f2d15abe6d715a5669f3f18f8e3fe42a0e82db2bd81c6bd4e6cc739006248b7e0e794130dc547c4e8f887a9e97d8fdae84bedec927f32dd80e1f0ed283e5dfce2d751fd948995702dc79697c6278f3fbc694e0da496600ea3ed7a52aca4bc04555cc5ef1718a11bc465396e107203c3d10fc59aa3f144f88aeebc7ae0b1907beff8571f3797f902d1975916607326e2dd7c4d2d8efab885d9b271caac1fb24cc6aac1c2e07bd54130d17633d88a51f8bb5725bcf68a4f415fdfa82254bc97157c28cf50b88279438df40a3a069cf1202d0cb193edff016dc2461d0aba73c5bcafd5714602cab18b4935cb01892f57f308a03ef70c9a66ff9fc0f71ccd22387fec0f67a545cd55457df2f3a17ae672ffe4f5cd506680c3671ad19d2a3fdf0c176635c62d9be9785b6f4952e8e2396a48b09eb5efc97f166177b3a8e861b1f2b48b54cacae2092a6a0c90c01afc02e4b60835cae710cd36289ef97f47c31a708ba23382521de9483af129b6cd53b67c380227ffeead224c79ff9a603c13c4212df741678e8f1919740cfa284cf07fa76a76cd71e546b00a58e95b1784d4a8188c20307da9dae542f28c9c40abb051f39a4185075fa16cb17421227c4957397b71b439e7435540ab74d84d6aa606b0a2e4f1da9ade76510d7543cc34316a5c618781bfacde851e65cda06c308d4ccc6cd0a41e9da83884006ac1b56d869be472c87688a0fb25a1d7167fe243c2a5237a280a749e9e2f55370c6f8a1469d70e61ed3f8be95f2b95c199e8daccaa42f336f2dd1733e2e21bd1adbc272197b0dcf613d1fa90e290435858a704e5902c781179ac77128cffe7db05e9147bde32db1483e32de1b1be26629cc7ce12783bc15d1173dff64fe3d4a68697b862b72fac7e6d1fa63afda3f4f72572774449b9939f0979e52df9fdb1e6aa660dd7508b4e7c9a41c8bb166edc3028207ff2ddbc63e7c4f57e3e22304ae3e6d006fefd507c6648e707741e68428875e96a808cbb5b0d4c8179c48b349a39265384b85b67a73c92dd58e9c2766f53df0cacd294b4913f4f03ceed3bd93da44f801226dc9d0f19338b65e18e140dd5314c47e93600fded3e1f9c35a77574f336f61814988f4c38e640c9c55710a898b50079b41af6d83e8ee9e12fc74e2cf393eff5e5771e08afe6c85e6d36bda3a72ae37738bab718cffec400f19d7cf732e829ae21a2b254f7fd79142c585a552d48f8ecb5f6c4a5db0979b07e4832819d7d6e64e8425737d8c35739fd82395c3005dffaa144e099f53f0bd586046cca566ee91b6fa60bbc581a5e34a01003282bf33b2618c353600484d00cafdbd3a504cf219fb7b5f82cef9a0887c04c0b7875d51096c452b3dca47870d6f61130b4cc781049a6a440dc88f48de90853a45e1e46108bd1a8cb1f01a3604f3e308270c83d3a1421b74ccd1d6f7f7168b8111c3020dbd0cde73e90996ac882c592ead5820653b891307f7c7f917806ef8ae810e9cb7460ce1b5932213ac0dba83ba81e1dec7134bb2e67686fb03e96cfa4e5b3fa9400107322438ae953f555f695cabe1e78d040fdd49f39d1368774fc174f541da2da6d70c6c63c7cf27217a25bad81619cd30d469d0526930a95530f99ee042b76583b0f3b458e3ab5ea8b2cefae1b09ec3cf1826211e6bdc7299cc82647c5130d63ceab8c2e1d26049170b19007de3e0507a6f45bae77e3f7a2b1ce6df23631dc8d3417e387454e5369fed7a420b20f1d9d734df3ff3239c41ebbd4aa1627da4eff54835037dfe5f2e9bbe306058af87443e7dc5cf747a9437c2b55ad1cb298f8ad2cf1ee1b249212ddbda3a8f2f5030037dace2e5394d970723c913de5635b6b60e4354c8b7cc8f10b3c82242521474d503cbc25c285d4fe93baae1eab0bed1a8943c96fbfa6a7638f2bc2a8e289f37ab636fd10315cce64c9e6e41aa39fff5ab0b9770ec27c77f0d2bd2c718c329b13caef0600030f22cdcc376ec2f44636620697284d6533a58cfbb52a4dc6d1981b6c4da22d43f574f30447c1ea835535fd6365ac497ae1d581d82b3a452d8aad3cab85616dd1160a9f18bdc91be5251736f1bdadc90179815da82109f0ff9fb3a03175866f2b5018959d6781010060c7ef083ec83e9df4613599a4b031646c96b35a6f0a9f0c9ffa442789dbe63e217e23aa6cab3fbcfbcc89502bf729421181ba9864e2ea0b0abe9a9aadf9bf2178da1396fc2d81fb080d4a57685dd1e2b1eb7bb507888629047156ea13902672337757c921d58734d439354dc1eb209f7349272ebb0b062cdd0616e4e7d3d3b512badf4b741e3ba0cab786e78f79cee035a6530341f9e67b320deff7b248049265fe1f84890a6f323449e399747306d10232a796b1b58fa5d4f3e423cb6a0001b175a83bef7ff5b82d497a48faed8c9891ce063e613a4b835c186cf6c43279994b3d87aa1c5c379a5e088ca6bb09769d56c1ea34384aa2ef948416b0a7cae8051b060beb40b0cbfd5615f320ca473f1c1a4cf4e08aa0ea154bcb9ac251caf7f6776a0a7205eb28ac22948bb4e929d3b46c3685daaeb859b7a0e36f3b1e89f96f83fe1efea0586a3f496e288962422a6130866786e4f01cb424cc1bf62c026409bcf0eac04867c0661ef75b02cd1995b16ab7bb4fa57edcdeee27b550a37ef7e3386be6441099163aceefe3d48890d6d8b822e2aa199271c07a4b29b388cd5f324b910737489e85633433192c89d66d35d9a34e4c30bedcf50732dd9e47931e12ce2cbbfb502165365d48730fe6645c89f53c3bdf38ffa152768203512d05812c97fc7ecfb5600cb7fb4ceb1a1345ceac345ef866a01c6f46bd1bd4b4158e0dbcd3b8c8716c75bfe685217fcbdaf581c9ad3672598d7df4b162591a3ae2a4da844207b06a9cd41bcbfacd93b5fc96f882a3b4159fe373cc3eb6c1ad498df51f08db9328337867b9c3390e8b80351f898913242f84850f83ca47eefb801a63528b291f8ea65f138e11255a55b0a66d66c090705b49cad7645050532ed4eea347c73f8e5217fae53bd89b7777d147ccb11964f2f45b370aa410e9597a81de37b25fa2dbb9eec79b8d79ddc49292015aa0012db7561ecfceb789d48b1d2cbcb048a0ad317c7021c7f3a12e4c70af797822915be54b76f6665e424c743d6ae3ca196f34d487afed64906c09fd7992dafbf5b6c2eaffc0c9abeb4ec5db44ad6227d834aa43d381710f5e9390a0b559371c5f1fef7b4f8a36ec2b94da79454b35daf7433f456251c98326120adca205187f4d6c42583611a4d86777d457c467f8663033b02b6e31ec2b1e2a4733786842f48265cac5d7608e1b475e474fbf335b2d14948f2f0f7045510ce9d03b0fc5c7497f6cd82df019473938d9dcb02cb78bae63ee3a9af26134e37396e4dc18080eb267a3fdb558f0d0449cdcbbfaa2866b312c350783e1a4a3a139ed8f01e2dcd3f8a8e2d61a52aedee45fb235f9cace9465546d0208779e768024d6812f9dda464271a358687121eefe96e1c8d39d141e716b5afd42396c101c911d222048b5fbca92d192277e91425f251aa733a0f2603a3e3157da22485f4f0f1f71df07ce73df6db1e7f88014304df465c66e3f0cec453f2d3cab76afabac2278dd5d893baf8264fc7f6b149b416ad59ca41e3ddf1aa9abd558c127fb81a19052c4cf71e7adb7126482b8920e5e5b71db461bf78de650b1561e934733e64e01dc7fc71b9a28dce6b1cb01789cfe3a026f32fa75f26a91cdc16498988cfd62f533976076195e743107a2402ae5d501223a68921595fd1dcb434725f8c1688a07d5eb478ae7a5e4ca3f69370866b4377b71dc7a820d402683d20264b0a1c26cf5751c9bba712c0b35f4ed5d524265eae08529a0048c8d9e09a131ba807c171ac7325940b4e4e0df8ac04df19d6066b43d8a769cb216fdbe1a45ad4c06463cdfc902df49c5b25d004b5bf8ade8f20716d8e3aa9f0bb48ecc700ae", @ANYRESDEC=r1, @ANYRES32=r0], 0x0)
r2 = socket$inet(0xa, 0x801, 0x84)
getsockopt$IPT_SO_GET_INFO(r2, 0x0, 0x40, &(0x7f00000000c0)={'filter\x00', 0x0, [0x8, 0x0, 0x7, 0x4, 0x8b32]}, &(0x7f0000000200)=0x54)
r3 = syz_usb_connect(0x2, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="1201000059770c40c009030243d3000000010902120001000000000904"], 0x0)
syz_usb_control_io(r3, 0x0, &(0x7f0000000700)={0x84, &(0x7f00000002c0)=ANY=[@ANYBLOB="201e010000002e"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})

2.200635427s ago: executing program 3 (id=994):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="4000000066001fff0000000000000000", @ANYRES64], 0x40}}, 0x4000800) (async)
sendmsg$nl_route(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)=ANY=[@ANYBLOB="4000000066001fff0000000000000000", @ANYRES64], 0x40}}, 0x4000800)

1.926909279s ago: executing program 9 (id=995):
openat$kvm(0xffffffffffffff9c, 0x0, 0x20040, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_open_dev$radio(0x0, 0x1, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
getpid()
epoll_create1(0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000003c0)=@newtaction={0xe68, 0x30, 0x871a15abc695fa3d, 0x70bd27, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{{}, 0x93}, [{0x0, 0x0, 0x0, 0x4, 0xfffffffd}, {}, {0x1, 0x0, 0x0, 0x4000000, 0x7, 0x80000}, {0x8, 0x5, 0x0, 0xfffffffc, 0x5}, {}, {0x0, 0x0, 0x800000, 0x0, 0x6}, {0x0, 0xc3}, {0x0, 0x5}, {0x5}, {}, {0x0, 0x10}, {0x0, 0x4, 0x0, 0x8000000}, {0x0, 0x0, 0x0, 0x0, 0x800}, {0x2, 0x0, 0x0, 0x0, 0x6}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, {0x0, 0x0, 0x0, 0x8000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x20}, {}, {}, {0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {0x0, 0x7, 0x0, 0x0, 0xffffffff}, {0x0, 0x0, 0x0, 0x2, 0x0, 0x3}, {0x4, 0x0, 0x0, 0x0, 0x5}, {0xffffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {0xffffffff, 0x9}, {0x0, 0x0, 0x0, 0x0, 0xfffff800}, {}, {}, {0xffffffff}, {}, {}, {0x0, 0x9, 0x0, 0x0, 0x0, 0x2}, {}, {0x80}, {0x80}, {0x0, 0x0, 0x0, 0x5, 0x5}, {}, {0x0, 0x0, 0x8}, {0x0, 0x0, 0x0, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {0x0, 0x0, 0x0, 0x8510}, {0xffff}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, {}, {}, {0x0, 0xfffefffd}, {0x0, 0x0, 0x0, 0x1}, {}, {0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8000000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x400000}, {0x0, 0xfffffffc, 0x200}, {}, {0x0, 0x0, 0x0, 0x3}, {0x7}, {}, {}, {}, {0x0, 0x101, 0x0, 0x0, 0x0, 0xffffffff}, {0x2}, {}, {0x0, 0x0, 0x0, 0x4, 0x9}, {}, {0x0, 0x0, 0x0, 0x0, 0x1}, {0x0, 0x2}, {}, {}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x56}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {0x0, 0xfffffffd}, {0x6}, {0x7f}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {0x0, 0x2, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x2}, {0x2, 0x9, 0x20000000}, {}, {0x0, 0x0, 0x0, 0x3}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x292}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {0x0, 0x0, 0xe600, 0x0, 0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x101}, {0x0, 0x5, 0x0, 0x7, 0x1}, {0x0, 0x5}, {0x0, 0x0, 0x0, 0x0, 0x80}, {0x10000000, 0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x8}, {}, {}, {}, {0xfffffffb, 0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x0, 0x0, 0x3, 0xfffffffe}, {0x2d}, {}, {0x0, 0x8000}, {0x0, 0x0, 0x10000}, {0x0, 0x80000000, 0x0, 0x7fff800}, {}, {0x0, 0x0, 0x0, 0x0, 0xd}, {0x0, 0x0, 0x0, 0x1}], [{}, {}, {}, {0x1}, {}, {0x3}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {0x4}, {0x3}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x4}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {0x0, 0x1}, {0x1}, {}, {}, {}, {}, {}, {0x7}, {0x0, 0x1}, {}, {}, {}, {0x0, 0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x1}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {0x2, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {0x2}, {}, {}, {0x4}, {0x3}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB], 0x0, 0x2, 0x0, 0x0, 0x0, 0x20, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
r2 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r2, 0x0, 0x482, &(0x7f0000000080)={0x84, @private=0xa010100, 0x15, 0x3, 'lblcr\x00', 0x25, 0x5, 0x72}, 0x2c)
mount(&(0x7f0000000440)=@nullb, &(0x7f0000000300)='./cgroup\x00', &(0x7f00000001c0)='hfs\x00', 0x200480, 0x0)
syz_usb_connect(0x2, 0x24, &(0x7f0000000200)=ANY=[@ANYBLOB], 0x0)

1.248749857s ago: executing program 3 (id=996):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{0x0}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed", 0x39}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef45", 0xb7}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

1.195659569s ago: executing program 0 (id=997):
syz_mount_image$reiserfs(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x2410010, &(0x7f0000000100), 0xfe, 0x1103, &(0x7f0000002240)="$eJzs2T+L1EAYBvBnkvUPNpFcHwQtLOS4Y/0CVyhsa6uNyFVedVsp+m38OHqV/XG9Fgv2kbibXZEVwV0V5PeDkDcPeWcy5UwCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAg0nyqSQHVdKOWZWkJF13MbtK0o357fd1lZInp7P5o/Pp43mS+tvr5WlShq6hLe3x3ZvttJ22x+3Dg5N7H+avXr98fnZ2er4apqTL5WKvq7g1zl3vdVgAAAD4P/Q7a/7x/AAAAMCv7O0gAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA39c2mbseiSlKSrruYXSXptvRd+0vfBwAAAOyupMqzZlu+PAbYeJCPTVnnw/1LGeqjvNvSDwAAAPxUf2NVfP9/vVzf7MfvZ7Lelw/ZnUxyeLh8frvKP58kdZKjHwa/XLx5MV6lr//0WgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvrIDxwIAAAAAwvyt0+jYAAAAAAAAAAAAAAAAAAAAYK8AAAD//+0M1yg=")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_service_bytes\x00', 0x275a, 0x0)
ftruncate(r1, 0x3af001)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
ioctl$NS_GET_OWNER_UID(r1, 0xb704, &(0x7f0000000180))

1.018191307s ago: executing program 3 (id=998):
lsetxattr$security_ima(0x0, 0x0, 0x0, 0x6, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000001900)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x7, 0x10001, 0x8, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='writeback_bdi_register\x00', r4}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20)
r5 = dup(r2)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r5}, 0x2c, {[], [], 0x6b}})

501.151409ms ago: executing program 3 (id=999):
r0 = gettid()
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r1, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x47)
setsockopt$inet_tcp_int(r1, 0x6, 0x210000000013, &(0x7f00000000c0)=0x100000001, 0x4)
setsockopt$inet_tcp_TCP_REPAIR_QUEUE(r1, 0x6, 0x14, &(0x7f0000000140)=0x2, 0x4)
connect$inet(r1, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto(r1, 0x0, 0x0, 0x8080, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f04ebbeee, 0xa031, 0xffffffffffffffff, 0xeb92e000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r5, 0x41009432, 0xfffffffffffffffe)
ioctl$SNDRV_RAWMIDI_IOCTL_STATUS64(r5, 0xc0385720, &(0x7f0000000100))
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r6, &(0x7f0000001200)=[{&(0x7f0000000080)="580000001400add427323b472545b45602117fffffff81004e230e227f000001925aa80020007b00090080007f000001e809000000ff0000f03ac71002000000", 0x40}], 0x1)
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r1, 0x6, 0x16, &(0x7f0000000340)=[@timestamp, @window={0x3, 0x6, 0x7}, @mss={0x2, 0x7}, @window={0x3, 0x0, 0x4}, @window={0x3, 0x8, 0x6}, @timestamp, @window={0x3, 0xfffe}, @sack_perm], 0x2000000000000061)
setsockopt$sock_int(r1, 0x1, 0x8, &(0x7f0000000080)=0xc6, 0x4)
sendto$inet(r1, &(0x7f0000000200)='\x00', 0x1, 0x4048015, 0x0, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r1, 0x6, 0x13, &(0x7f00000001c0), 0x4)
sendto$inet(r1, &(0x7f00000004c0)='<', 0x381, 0x805, 0x0, 0x0)
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
pipe2(&(0x7f0000000040), 0x0)

0s ago: executing program 0 (id=1000):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000240)={0x2, &(0x7f0000000300)=[{0x15, 0x1, 0x5, 0x104a}, {0x6, 0xf2, 0x8, 0x1}]})

kernel console output (not intermixed with test programs):

to 64
[  533.217734][ T8278] hfs: unable to load codepage "aiochara¹Ýͼñ�csŸt=macgaelic"
[  533.246929][ T8278] hfs: unable to parse mount options
[  536.080202][ T8293] netlink: 12 bytes leftover after parsing attributes in process `syz.6.423'.
[  536.097852][   T42] bond0 (unregistering): Released all slaves
[  538.247323][ T5782] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  540.055488][ T5782] usb 7-1: device descriptor read/64, error -71
[  540.320613][ T8159] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  540.361883][ T8159] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  540.391950][ T8159] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  540.537609][ T8159] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  542.620861][ T8159] 8021q: adding VLAN 0 to HW filter on device bond0
[  542.681915][ T8159] 8021q: adding VLAN 0 to HW filter on device team0
[  542.715583][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state
[  542.722841][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state
[  542.784213][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[  542.791610][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  543.506338][ T8159] 8021q: adding VLAN 0 to HW filter on device batadv0
[  543.866562][ T8340] syzkaller1: entered promiscuous mode
[  543.874996][ T8340] syzkaller1: entered allmulticast mode
[  546.357724][ T8159] veth0_vlan: entered promiscuous mode
[  546.383445][ T8159] veth1_vlan: entered promiscuous mode
[  547.043485][ T8159] veth0_macvtap: entered promiscuous mode
[  547.093526][ T8159] veth1_macvtap: entered promiscuous mode
[  547.240976][ T8159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  547.279475][ T8159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  547.302594][ T8159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  547.313478][ T8159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  549.043824][ T8159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  549.067323][ T8159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  549.100056][ T8159] batman_adv: batadv0: Interface activated: batadv_slave_0
[  549.169900][ T8159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  549.217183][ T8159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  549.247193][ T8159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  549.267216][ T8159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  549.297164][ T8159] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  549.317060][ T8159] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  549.342651][ T8159] batman_adv: batadv0: Interface activated: batadv_slave_1
[  549.401577][ T8159] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  549.437149][ T8159] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  549.445956][ T8159] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  549.477184][ T8159] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  550.573703][ T4311] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  550.609057][ T4311] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  550.760018][ T3468] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  550.826569][ T3468] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  552.608268][ T7762] IPVS: starting estimator thread 0...
[  552.633308][ T8402] hfs: can't find a HFS filesystem on dev nullb0
[  552.737206][ T8404] IPVS: using max 17 ests per chain, 40800 per kthread
[  552.917709][ T8391] usb 9-1: new full-speed USB device number 2 using dummy_hcd
[  553.133483][ T8391] usb 9-1: config 4 has an invalid interface number: 118 but max is 0
[  553.157867][ T8391] usb 9-1: config 4 has no interface number 0
[  553.189634][ T8391] usb 9-1: config 4 interface 118 has no altsetting 0
[  553.207607][ T8391] usb 9-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  553.227733][ T8391] usb 9-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  553.235804][ T8391] usb 9-1: Manufacturer: syz
[  553.830474][ T7903] usb 9-1: USB disconnect, device number 2
[  554.185246][ T8410] loop2: detected capacity change from 0 to 32768
[  554.273243][ T8193] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  557.670269][   T28] audit: type=1326 audit(1764860112.144:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8454 comm="syz.2.463" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc121f8f749 code=0x0
[  559.203104][ T8491] loop6: detected capacity change from 0 to 1024
[  559.615810][ T8491] EXT4-fs (loop6): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  559.626962][ T8491] EXT4-fs (loop6): ext4_check_descriptors: Checksum for group 0 failed (12914!=20869)
[  559.637844][ T8491] EXT4-fs (loop6): filesystem has both journal inode and journal device!
[  559.679950][ T8487] fuse: Bad value for 'fd'
[  562.042156][ T8507] loop6: detected capacity change from 0 to 32768
[  563.031170][ T8507] XFS (loop6): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  563.287566][ T8507] XFS (loop6): Ending clean mount
[  563.325490][ T8507] XFS (loop6): Quotacheck needed: Please wait.
[  563.494321][ T8507] XFS (loop6): Quotacheck: Done.
[  564.226684][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  564.236676][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  564.281512][ T7109] XFS (loop6): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  564.395060][ T8543] loop3: detected capacity change from 0 to 2048
[  564.609377][ T8546] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  564.703060][ T8548] (unnamed net_device) (uninitialized): option fail_over_mac: invalid value (4)
[  564.945220][ T8548] loop8: detected capacity change from 0 to 2
[  565.001001][ T8548] jffs2: rp_size unrepresentable
[  567.449233][ T8543] syz.3.474 (8543) used greatest stack depth: 19440 bytes left
[  573.543563][ T8642] fuse: Bad value for 'fd'
[  573.933246][ T8641] sctp: failed to load transform for md5: -4
[  574.958034][ T8656] hfs: can't find a HFS filesystem on dev nullb0
[  575.118891][ T8675] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  575.247181][ T8391] usb 9-1: new full-speed USB device number 3 using dummy_hcd
[  575.336248][ T8675] damon-dbgfs: DAMON debugfs interface is deprecated, so users should move to DAMON_SYSFS. If you cannot, please report your usecase to damon@lists.linux.dev and linux-mm@kvack.org.
[  575.586212][ T8681] trusted_key: encrypted_key: master key parameter '' is invalid
[  577.236533][ T8391] usb 9-1: device descriptor read/all, error -71
[  579.692168][ T8695] hfs: can't find a HFS filesystem on dev nullb0
[  580.267100][ T7903] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  580.514735][ T7903] usb 4-1: config 4 has an invalid interface number: 118 but max is 0
[  580.534177][ T7903] usb 4-1: config 4 has no interface number 0
[  580.581041][ T7903] usb 4-1: config 4 interface 118 has no altsetting 0
[  581.448039][ T7903] usb 4-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  581.507398][ T7903] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  581.557287][ T7903] usb 4-1: can't set config #4, error -71
[  581.591350][ T7903] usb 4-1: USB disconnect, device number 15
[  584.138160][ T8736] hfs: can't find a HFS filesystem on dev nullb0
[  584.224256][ T8743] netlink: 4 bytes leftover after parsing attributes in process `syz.2.497'.
[  584.247196][ T7762] usb 4-1: new full-speed USB device number 16 using dummy_hcd
[  584.297743][ T8742] 8021q: adding VLAN 0 to HW filter on device bond0
[  584.440009][ T8746] trusted_key: encrypted_key: master key parameter '' is invalid
[  584.498816][ T7762] usb 4-1: config 4 has an invalid interface number: 118 but max is 0
[  584.517192][ T7762] usb 4-1: config 4 has no interface number 0
[  584.572200][ T7762] usb 4-1: config 4 interface 118 has no altsetting 0
[  584.599939][ T8748] loop8: detected capacity change from 0 to 4096
[  584.618578][ T7762] usb 4-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  584.667512][ T7762] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  584.703046][ T7762] usb 4-1: Manufacturer: syz
[  585.008852][ T7762] usb 4-1: USB disconnect, device number 16
[  587.934351][ T8782] Illegal XDP return value 4291411968 on prog  (id 134) dev N/A, expect packet loss!
[  599.227496][ T5782] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  599.417052][ T5782] usb 7-1: Using ep0 maxpacket: 32
[  599.434504][ T5782] usb 7-1: config 0 has an invalid interface number: 132 but max is 0
[  599.454793][ T5782] usb 7-1: config 0 has no interface number 0
[  599.618213][ T8861] loop2: detected capacity change from 0 to 16
[  599.669154][ T8861] erofs: (device loop2): erofs_superblock_csum_verify: invalid checksum 0x143da34e, 0xc32427af expected
[  599.684082][ T5782] usb 7-1: config 0 interface 132 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  599.776599][ T5782] usb 7-1: New USB device found, idVendor=0413, idProduct=6023, bcdDevice=ec.e5
[  599.823329][ T5782] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  599.867420][ T5782] usb 7-1: Product: syz
[  599.907045][ T5782] usb 7-1: Manufacturer: syz
[  599.911719][ T5782] usb 7-1: SerialNumber: syz
[  599.976773][ T5782] usb 7-1: config 0 descriptor??
[  600.011282][ T5782] em28xx 7-1:0.132: New device syz syz @ 480 Mbps (0413:6023, interface 132, class 132)
[  600.104355][ T5782] em28xx 7-1:0.132: Video interface 132 found:
[  600.465127][ T5782] em28xx 7-1:0.132: unknown em28xx chip ID (0)
[  600.728841][ T5782] em28xx 7-1:0.132: failed to trigger read from i2c address 0xa0 (error=-5)
[  600.807249][ T5782] em28xx 7-1:0.132: board has no eeprom
[  600.917433][ T5782] em28xx 7-1:0.132: Identified as Leadtek Winfast USB II (card=7)
[  600.959891][ T5782] em28xx 7-1:0.132: analog set to bulk mode.
[  600.966551][   T23] em28xx 7-1:0.132: Registering V4L2 extension
[  601.085771][ T5782] usb 7-1: USB disconnect, device number 7
[  601.108257][ T5782] em28xx 7-1:0.132: Disconnecting em28xx
[  601.157166][ T8818] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  603.557309][   T23] em28xx 7-1:0.132: Config register raw data: 0xffffffed
[  603.607227][   T23] em28xx 7-1:0.132: AC97 chip type couldn't be determined
[  603.670046][   T23] em28xx 7-1:0.132: No AC97 audio processor
[  603.792159][   T23] usb 7-1: Decoder not found
[  603.821351][   T23] em28xx 7-1:0.132: failed to create media graph
[  603.907040][   T23] em28xx 7-1:0.132: V4L2 device video103 deregistered
[  604.016605][   T23] em28xx 7-1:0.132: Remote control support is not available for this card.
[  604.036334][ T5782] em28xx 7-1:0.132: Closing input extension
[  604.222024][ T8898] hfs: can't find a HFS filesystem on dev nullb0
[  604.526005][ T8896] hfs: can't find a HFS filesystem on dev nullb0
[  604.584537][ T5782] em28xx 7-1:0.132: Freeing device
[  604.927050][ T5844] usb 9-1: new full-speed USB device number 5 using dummy_hcd
[  605.018420][ T5782] usb 7-1: new full-speed USB device number 8 using dummy_hcd
[  605.129516][ T5844] usb 9-1: config 4 has an invalid interface number: 118 but max is 0
[  605.143763][ T5844] usb 9-1: config 4 has no interface number 0
[  605.162062][ T5844] usb 9-1: config 4 interface 118 has no altsetting 0
[  605.197369][ T5844] usb 9-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  605.222337][ T5844] usb 9-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  605.242629][ T5844] usb 9-1: Manufacturer: syz
[  605.280105][ T5782] usb 7-1: config 4 has an invalid interface number: 118 but max is 0
[  605.310606][ T5782] usb 7-1: config 4 has no interface number 0
[  605.316745][ T5782] usb 7-1: config 4 interface 118 has no altsetting 0
[  605.405712][ T5782] usb 7-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  605.437089][ T5782] usb 7-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  605.445167][ T5782] usb 7-1: Manufacturer: syz
[  605.522368][ T1190] usb 9-1: USB disconnect, device number 5
[  606.067870][ T1190] usb 7-1: USB disconnect, device number 8
[  607.465265][ T8931] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[  612.342538][ T8952] trusted_key: encrypted_key: master key parameter '' is invalid
[  613.540576][ T8958] FAULT_INJECTION: forcing a failure.
[  613.540576][ T8958] name failslab, interval 1, probability 0, space 0, times 0
[  613.596089][ T8958] CPU: 1 PID: 8958 Comm: syz.2.551 Not tainted syzkaller #0
[  613.603473][ T8958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  613.613579][ T8958] Call Trace:
[  613.616902][ T8958]  <TASK>
[  613.619877][ T8958]  dump_stack_lvl+0x16c/0x230
[  613.624720][ T8958]  ? show_regs_print_info+0x20/0x20
[  613.629970][ T8958]  ? load_image+0x3b0/0x3b0
[  613.634581][ T8958]  ? __lock_acquire+0x7c80/0x7c80
[  613.639654][ T8958]  ? __mutex_trylock_common+0x153/0x250
[  613.645535][ T8958]  should_fail_ex+0x39d/0x4d0
[  613.650278][ T8958]  should_failslab+0x9/0x20
[  613.654835][ T8958]  slab_pre_alloc_hook+0x59/0x310
[  613.659914][ T8958]  ? __mutex_lock+0x304/0xcc0
[  613.664644][ T8958]  ? tcf_chain_create+0xad/0x300
[  613.669638][ T8958]  __kmem_cache_alloc_node+0x53/0x260
[  613.675081][ T8958]  ? tcf_chain_create+0xad/0x300
[  613.680096][ T8958]  kmalloc_trace+0x2a/0xe0
[  613.684569][ T8958]  tcf_chain_create+0xad/0x300
[  613.689472][ T8958]  __tcf_chain_get+0x10c/0x3a0
[  613.694267][ T8958]  tc_new_tfilter+0x74d/0x1610
[  613.699083][ T8958]  ? tcf_proto_signal_destroying+0x240/0x240
[  613.705100][ T8958]  ? rcu_read_unlock+0x8c/0xa0
[  613.709910][ T8958]  ? tcf_proto_signal_destroying+0x240/0x240
[  613.715923][ T8958]  rtnetlink_rcv_msg+0x81a/0xf10
[  613.720887][ T8958]  ? rtnetlink_rcv_msg+0x1eb/0xf10
[  613.726102][ T8958]  ? lockdep_hardirqs_on+0x98/0x150
[  613.731324][ T8958]  ? rtnetlink_bind+0x80/0x80
[  613.736542][ T8958]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  613.742572][ T8958]  ? __dev_queue_xmit+0x245/0x35a0
[  613.747706][ T8958]  ? lock_chain_count+0x20/0x20
[  613.752597][ T8958]  ? __local_bh_enable_ip+0x12e/0x1c0
[  613.758000][ T8958]  ? lockdep_hardirqs_on+0x98/0x150
[  613.763227][ T8958]  ? __local_bh_enable_ip+0x12e/0x1c0
[  613.768624][ T8958]  ? _local_bh_enable+0xa0/0xa0
[  613.773596][ T8958]  ? __dev_queue_xmit+0x245/0x35a0
[  613.778732][ T8958]  ? __dev_queue_xmit+0x1449/0x35a0
[  613.783961][ T8958]  ? __dev_queue_xmit+0x245/0x35a0
[  613.789095][ T8958]  ? ref_tracker_free+0x634/0x7d0
[  613.794134][ T8958]  ? __copy_skb_header+0xa7/0x550
[  613.799290][ T8958]  netlink_rcv_skb+0x216/0x480
[  613.804188][ T8958]  ? rtnetlink_bind+0x80/0x80
[  613.808903][ T8958]  ? netlink_ack+0x1110/0x1110
[  613.813707][ T8958]  ? __lock_acquire+0x7c80/0x7c80
[  613.818754][ T8958]  ? netlink_deliver_tap+0x2e/0x1b0
[  613.823974][ T8958]  netlink_unicast+0x751/0x8d0
[  613.828833][ T8958]  netlink_sendmsg+0x8c1/0xbe0
[  613.834149][ T8958]  ? netlink_getsockopt+0x580/0x580
[  613.839369][ T8958]  ? aa_sock_msg_perm+0x94/0x150
[  613.844440][ T8958]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  613.849945][ T8958]  ? security_socket_sendmsg+0x80/0xa0
[  613.855786][ T8958]  ? netlink_getsockopt+0x580/0x580
[  613.861018][ T8958]  ____sys_sendmsg+0x5bf/0x950
[  613.866019][ T8958]  ? __asan_memset+0x22/0x40
[  613.870654][ T8958]  ? __sys_sendmsg_sock+0x30/0x30
[  613.875780][ T8958]  ? __import_iovec+0x5f2/0x860
[  613.880770][ T8958]  ? import_iovec+0x73/0xa0
[  613.885307][ T8958]  ___sys_sendmsg+0x220/0x290
[  613.890023][ T8958]  ? __sys_sendmsg+0x270/0x270
[  613.894833][ T8958]  ? __lock_acquire+0x7c80/0x7c80
[  613.899935][ T8958]  __se_sys_sendmsg+0x1a5/0x270
[  613.904826][ T8958]  ? __x64_sys_sendmsg+0x80/0x80
[  613.909808][ T8958]  ? lockdep_hardirqs_on+0x98/0x150
[  613.915034][ T8958]  do_syscall_64+0x55/0xb0
[  613.919472][ T8958]  ? clear_bhb_loop+0x40/0x90
[  613.924302][ T8958]  ? clear_bhb_loop+0x40/0x90
[  613.929025][ T8958]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  613.934947][ T8958] RIP: 0033:0x7fc121f8f749
[  613.939387][ T8958] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  613.959192][ T8958] RSP: 002b:00007fc122e2a038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  613.967720][ T8958] RAX: ffffffffffffffda RBX: 00007fc1221e5fa0 RCX: 00007fc121f8f749
[  613.975704][ T8958] RDX: 0000000000000000 RSI: 00002000000000c0 RDI: 0000000000000006
[  613.983708][ T8958] RBP: 00007fc122e2a090 R08: 0000000000000000 R09: 0000000000000000
[  613.991782][ T8958] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  613.999768][ T8958] R13: 00007fc1221e6038 R14: 00007fc1221e5fa0 R15: 00007ffe64c9df28
[  614.007771][ T8958]  </TASK>
[  615.161589][ T8981] loop2: detected capacity change from 0 to 256
[  615.320140][ T8981] FAT-fs (loop2): Directory bread(block 64) failed
[  615.337674][ T8981] FAT-fs (loop2): Directory bread(block 65) failed
[  615.373281][ T8981] FAT-fs (loop2): Directory bread(block 66) failed
[  615.404499][ T8981] FAT-fs (loop2): Directory bread(block 67) failed
[  615.422940][ T8981] FAT-fs (loop2): Directory bread(block 68) failed
[  615.450437][ T8981] FAT-fs (loop2): Directory bread(block 69) failed
[  615.460633][ T5794] Bluetooth: hci3: unexpected event for opcode 0x2041
[  615.481461][ T8981] FAT-fs (loop2): Directory bread(block 70) failed
[  615.490074][ T8981] FAT-fs (loop2): Directory bread(block 71) failed
[  615.500306][ T8981] FAT-fs (loop2): Directory bread(block 72) failed
[  615.506886][ T8981] FAT-fs (loop2): Directory bread(block 73) failed
[  615.591303][ T8987] loop3: detected capacity change from 0 to 2048
[  615.622013][ T8987] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  615.700454][ T8995] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  616.124258][ T8972] loop8: detected capacity change from 0 to 40427
[  616.217618][ T8972] F2FS-fs (loop8): invalid crc value
[  616.237990][ T8972] F2FS-fs (loop8): Found nat_bits in checkpoint
[  616.412854][ T8972] F2FS-fs (loop8): Start checkpoint disabled!
[  616.449754][ T8972] F2FS-fs (loop8): Mounted with checkpoint version = 48b305e6
[  616.688662][ T8972] syz.8.544: attempt to access beyond end of device
[  616.688662][ T8972] loop8: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  617.037413][ T5782] usb 9-1: new high-speed USB device number 6 using dummy_hcd
[  618.717052][ T5782] usb 9-1: Using ep0 maxpacket: 16
[  618.805288][ T5782] usb 9-1: device descriptor read/all, error -71
[  619.074484][   T28] audit: type=1326 audit(1764860173.554:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.140479][ T7181] kworker/u4:13: attempt to access beyond end of device
[  619.140479][ T7181] loop8: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  619.144428][   T28] audit: type=1326 audit(1764860173.554:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.179397][ T7181] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  619.207342][ T7181] F2FS-fs (loop8): Stopped filesystem due to reason: 3
[  619.237068][   T28] audit: type=1326 audit(1764860173.554:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.307127][   T28] audit: type=1326 audit(1764860173.554:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.408085][ T5794] Bluetooth: hci2: unexpected event for opcode 0x2041
[  619.412987][   T28] audit: type=1326 audit(1764860173.554:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.461738][ T9044] loop6: detected capacity change from 0 to 2048
[  619.519364][ T9044] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  619.564421][   T28] audit: type=1326 audit(1764860173.554:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.627288][ T9050] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  619.648656][   T28] audit: type=1326 audit(1764860173.554:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.757281][   T28] audit: type=1326 audit(1764860173.554:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  619.843112][   T28] audit: type=1326 audit(1764860173.554:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  620.025211][   T28] audit: type=1326 audit(1764860173.584:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9037 comm="syz.6.568" exe="/root/syz-executor" sig=0 arch=c000003e syscall=143 compat=0 ip=0x7f3fa618f749 code=0x7ffc0000
[  620.301898][ T9058] loop6: detected capacity change from 0 to 256
[  620.629888][ T9058] exFAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  620.877321][ T9058] exFAT-fs (loop6): Medium has reported failures. Some data may be lost.
[  621.095749][ T9058] exFAT-fs (loop6): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  621.189300][ T9065] tmpfs: Bad value for 'grpquota_inode_hardlimit'
[  621.660299][ T9062] hfs: can't find a HFS filesystem on dev nullb0
[  621.749599][ T9060] netlink: 'syz.8.567': attribute type 2 has an invalid length.
[  621.975293][ T5782] usb 3-1: new full-speed USB device number 16 using dummy_hcd
[  621.996353][ T9058] xt_TCPMSS: Only works on TCP SYN packets
[  622.881938][ T5782] usb 3-1: config 4 has an invalid interface number: 118 but max is 0
[  622.897203][ T5782] usb 3-1: config 4 has no interface number 0
[  622.920871][ T5782] usb 3-1: config 4 interface 118 has no altsetting 0
[  624.079661][ T5782] usb 3-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  624.102311][ T5782] usb 3-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  624.116122][ T5782] usb 3-1: Manufacturer: syz
[  624.363499][ T5782] usb 3-1: can't set config #4, error -71
[  624.406019][ T5782] usb 3-1: USB disconnect, device number 16
[  625.737597][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  625.743970][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  626.506775][ T9092] hfs: can't find a HFS filesystem on dev nullb0
[  626.788473][   T23] usb 4-1: new full-speed USB device number 17 using dummy_hcd
[  626.993347][   T23] usb 4-1: config 4 has an invalid interface number: 118 but max is 0
[  627.032511][   T23] usb 4-1: config 4 has no interface number 0
[  627.057119][   T23] usb 4-1: config 4 interface 118 has no altsetting 0
[  627.104943][   T23] usb 4-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  627.153120][   T23] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  627.172026][   T23] usb 4-1: Manufacturer: syz
[  627.435886][   T23] usb 4-1: USB disconnect, device number 17
[  627.830199][ T9089] Bluetooth: hci1: command 0x0406 tx timeout
[  628.036110][ T9119] loop6: detected capacity change from 0 to 256
[  629.083588][ T9135] FAULT_INJECTION: forcing a failure.
[  629.083588][ T9135] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  629.096943][ T9135] CPU: 1 PID: 9135 Comm: syz.8.585 Not tainted syzkaller #0
[  629.104279][ T9135] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  629.114569][ T9135] Call Trace:
[  629.117882][ T9135]  <TASK>
[  629.120960][ T9135]  dump_stack_lvl+0x16c/0x230
[  629.125694][ T9135]  ? show_regs_print_info+0x20/0x20
[  629.130939][ T9135]  ? load_image+0x3b0/0x3b0
[  629.135493][ T9135]  ? __might_fault+0xaa/0x120
[  629.140208][ T9135]  ? __lock_acquire+0x7c80/0x7c80
[  629.145276][ T9135]  should_fail_ex+0x39d/0x4d0
[  629.150268][ T9135]  _copy_from_user+0x2f/0xe0
[  629.154898][ T9135]  __se_sys_memfd_create+0x295/0x660
[  629.160229][ T9135]  do_syscall_64+0x55/0xb0
[  629.164691][ T9135]  ? clear_bhb_loop+0x40/0x90
[  629.169408][ T9135]  ? clear_bhb_loop+0x40/0x90
[  629.174140][ T9135]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  629.180156][ T9135] RIP: 0033:0x7f32f498f749
[  629.184609][ T9135] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  629.204354][ T9135] RSP: 002b:00007f32f587fe18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  629.212821][ T9135] RAX: ffffffffffffffda RBX: 0000000000000a2f RCX: 00007f32f498f749
[  629.220854][ T9135] RDX: 00007f32f587fef0 RSI: 0000000000000000 RDI: 00007f32f4a14960
[  629.228954][ T9135] RBP: 0000200000001580 R08: 00007f32f587fbb7 R09: 00007f32f587fe40
[  629.236964][ T9135] R10: 000000000000000a R11: 0000000000000202 R12: 0000200000000040
[  629.245078][ T9135] R13: 00007f32f587fef0 R14: 00007f32f587feb0 R15: 0000200000000140
[  629.253205][ T9135]  </TASK>
[  632.625017][ T9150] loop8: detected capacity change from 0 to 1764
[  632.986550][ T9155] loop3: detected capacity change from 0 to 8192
[  633.148006][ T9155] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  633.237123][ T9155] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  633.258539][ T9155] REISERFS (device loop3): using ordered data mode
[  633.265223][ T9155] reiserfs: using flush barriers
[  633.303872][ T9155] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  633.364312][ T9155] REISERFS (device loop3): checking transaction log (loop3)
[  633.385808][ T9155] REISERFS (device loop3): Using r5 hash to sort names
[  633.394003][ T9155] REISERFS (device loop3): using 3.5.x disk format
[  633.424812][ T9155] REISERFS warning (device loop3): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  633.451775][ T9155] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  635.467731][ T9155] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  635.494019][ T9155] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  635.612637][ T9155] REISERFS (device loop3): Remounting filesystem read-only
[  635.652864][ T9155] REISERFS error (device loop3): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  637.087138][ T1190] usb 7-1: new high-speed USB device number 9 using dummy_hcd
[  638.907167][ T1190] usb 7-1: device descriptor read/64, error -71
[  639.178081][ T1190] usb 7-1: new high-speed USB device number 10 using dummy_hcd
[  639.357266][ T1190] usb 7-1: device descriptor read/64, error -71
[  639.477635][ T1190] usb usb7-port1: attempt power cycle
[  640.767103][ T1190] usb 7-1: new high-speed USB device number 11 using dummy_hcd
[  641.117001][ T1190] usb 7-1: device not accepting address 11, error -71
[  641.862933][ T9233] loop6: detected capacity change from 0 to 8192
[  641.925349][ T9233] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  641.938667][ T9233] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  641.948394][ T9233] REISERFS (device loop6): using ordered data mode
[  641.955045][ T9233] reiserfs: using flush barriers
[  641.966432][ T9233] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  643.097150][ T9233] REISERFS (device loop6): checking transaction log (loop6)
[  643.107733][ T9233] REISERFS (device loop6): Using r5 hash to sort names
[  643.114669][ T9233] REISERFS (device loop6): using 3.5.x disk format
[  643.121590][ T9233] REISERFS warning (device loop6): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  643.135673][ T9233] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  643.250405][ T9233] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  643.297619][ T9233] REISERFS error (device loop6): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  643.337028][ T9233] REISERFS (device loop6): Remounting filesystem read-only
[  643.365453][ T9233] REISERFS error (device loop6): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  647.633805][ T9269] loop6: detected capacity change from 0 to 2048
[  647.717113][ T9269] NILFS (loop6): broken superblock, retrying with spare superblock (blocksize = 1024)
[  647.767200][ T9275] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  647.802016][ T8818] udevd[8818]: incorrect nilfs2 checksum on /dev/loop6
[  647.818376][ T9269] ip6_tunnel: non-ECT from fe80:0000:0000:0000:0000:0000:0000:00bb with DS=0x1f
[  650.897587][ T7762] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  651.107126][ T7762] usb 3-1: Using ep0 maxpacket: 32
[  651.126021][ T7762] usb 3-1: New USB device found, idVendor=0fd9, idProduct=0025, bcdDevice=29.40
[  651.157098][ T7762] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.182552][ T7762] usb 3-1: config 0 descriptor??
[  651.291201][ T7762] usb 3-1: can't set config #0, error -71
[  651.337104][ T7762] usb 3-1: USB disconnect, device number 17
[  651.991358][ T9317] loop2: detected capacity change from 0 to 1024
[  651.999555][ T9317] EXT4-fs: Ignoring removed nomblk_io_submit option
[  652.006391][ T9317] EXT4-fs: Ignoring removed bh option
[  652.068319][ T9317] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  652.098667][   T28] kauditd_printk_skb: 18 callbacks suppressed
[  652.098683][   T28] audit: type=1800 audit(1764860206.584:33): pid=9317 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.622" name="file1" dev="loop2" ino=15 res=0 errno=0
[  652.364923][ T9329] loop6: detected capacity change from 0 to 128
[  652.372716][ T9329] FAT-fs (loop6): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  652.462330][ T9329] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  652.484096][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  654.778606][ T7109] FAT-fs (loop6): error, invalid access to FAT (entry 0xffff0000)
[  654.796988][ T7109] FAT-fs (loop6): Filesystem has been set read-only
[  654.858001][ T7109] FAT-fs (loop6): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  656.549826][ T9365] loop8: detected capacity change from 0 to 2048
[  656.637282][ T9365] UDF-fs: error (device loop8): udf_process_sequence: Primary Volume Descriptor not found!
[  656.668608][ T9365] UDF-fs: error (device loop8): udf_process_sequence: Primary Volume Descriptor not found!
[  656.736747][ T9365] UDF-fs: Scanning with blocksize 512 failed
[  656.859699][ T9365] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  656.887065][ T9365] UDF-fs: Scanning with blocksize 1024 failed
[  656.953168][ T9365] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  656.961368][ T9365] UDF-fs: Scanning with blocksize 2048 failed
[  656.987783][ T9365] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=385, location=385
[  657.027115][ T9365] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[  657.034845][ T9365] UDF-fs: Scanning with blocksize 4096 failed
[  657.067002][ T9365] UDF-fs: warning (device loop8): udf_fill_super: No partition found (1)
[  657.067230][ T5907] usb 3-1: new full-speed USB device number 18 using dummy_hcd
[  657.200795][ T9365] netlink: 68 bytes leftover after parsing attributes in process `syz.8.629'.
[  657.296975][ T5907] usb 3-1: config 0 has an invalid interface number: 133 but max is 0
[  657.330910][ T5907] usb 3-1: config 0 has no interface number 0
[  657.357130][ T5907] usb 3-1: config 0 interface 133 altsetting 0 endpoint 0x82 has invalid maxpacket 40736, setting to 64
[  657.394859][ T5907] usb 3-1: New USB device found, idVendor=06cd, idProduct=0121, bcdDevice=dd.3d
[  657.404254][ T5907] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.652673][ T5907] usb 3-1: Product: syz
[  658.665860][ T5907] usb 3-1: Manufacturer: syz
[  659.800074][ T5907] usb 3-1: SerialNumber: syz
[  659.818719][ T5907] usb 3-1: config 0 descriptor??
[  659.905036][ T5907] usb 3-1: can't set config #0, error -71
[  659.935158][ T5907] usb 3-1: USB disconnect, device number 18
[  661.439829][ T9407] netlink: 4 bytes leftover after parsing attributes in process `syz.2.636'.
[  661.484490][ T9407] batadv0: entered promiscuous mode
[  661.501863][ T9407] macvtap1: entered promiscuous mode
[  661.537364][ T9407] macvtap1: entered allmulticast mode
[  661.542830][ T9407] batadv0: entered allmulticast mode
[  661.596799][ T9407] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  661.653683][ T9411] batadv0: left allmulticast mode
[  661.671415][ T9411] batadv0: left promiscuous mode
[  665.242920][ T9425] loop3: detected capacity change from 0 to 8192
[  665.320012][ T9425] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  665.386817][ T9425] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  665.440925][ T9425] REISERFS (device loop3): using ordered data mode
[  665.482491][   T28] audit: type=1326 audit(1764860219.964:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  665.487802][ T9425] reiserfs: using flush barriers
[  665.505234][    C0] vkms_vblank_simulate: vblank timer overrun
[  665.544219][   T28] audit: type=1326 audit(1764860219.994:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  665.596995][ T9425] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  665.642797][ T9425] REISERFS (device loop3): checking transaction log (loop3)
[  665.652982][   T28] audit: type=1326 audit(1764860219.994:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  665.727223][ T9425] REISERFS (device loop3): Using r5 hash to sort names
[  665.734275][ T9425] REISERFS (device loop3): using 3.5.x disk format
[  665.749601][   T28] audit: type=1326 audit(1764860219.994:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  665.783692][ T9425] REISERFS warning (device loop3): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  665.822919][   T28] audit: type=1326 audit(1764860219.994:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  665.857529][ T9425] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  665.896983][   T28] audit: type=1326 audit(1764860219.994:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=20 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  665.969324][ T9425] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  666.007030][   T28] audit: type=1326 audit(1764860219.994:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  666.049088][ T9425] REISERFS error (device loop3): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  666.087476][   T28] audit: type=1326 audit(1764860219.994:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  666.110477][ T9425] REISERFS (device loop3): Remounting filesystem read-only
[  666.137025][ T9425] REISERFS error (device loop3): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  666.186996][   T28] audit: type=1326 audit(1764860219.994:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  666.287321][   T28] audit: type=1326 audit(1764860219.994:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9427 comm="syz.8.642" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f32f498f749 code=0x7ffc0000
[  666.391342][ T9447] loop8: detected capacity change from 0 to 16
[  666.460407][ T9447] erofs: (device loop8): mounted with root inode @ nid 36.
[  667.729372][ T9471] loop3: detected capacity change from 0 to 128
[  669.042321][ T9471] syz.3.647: attempt to access beyond end of device
[  669.042321][ T9471] loop3: rw=1, sector=145, nr_sectors = 77 limit=128
[  669.992634][ T9480] trusted_key: encrypted_key: master key parameter '' is invalid
[  671.031191][ T9484] loop8: detected capacity change from 0 to 8
[  672.773622][ T9484] SQUASHFS error: zstd decompression failed, data probably corrupt
[  672.783308][ T9484] SQUASHFS error: Failed to read block 0x4ec: -5
[  672.790575][ T9484] SQUASHFS error: Unable to read metadata cache entry [4ea]
[  672.798312][ T9484] SQUASHFS error: Unable to read inode 0x2011f
[  673.417024][   T23] usb 9-1: new high-speed USB device number 8 using dummy_hcd
[  673.607358][   T23] usb 9-1: Using ep0 maxpacket: 32
[  673.620115][   T23] usb 9-1: config 0 has an invalid interface number: 51 but max is 0
[  673.647022][   T23] usb 9-1: config 0 has no interface number 0
[  673.679093][   T23] usb 9-1: New USB device found, idVendor=061d, idProduct=c150, bcdDevice=ce.6f
[  673.697119][   T23] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  673.717441][   T23] usb 9-1: Product: syz
[  673.721688][   T23] usb 9-1: Manufacturer: syz
[  673.726335][   T23] usb 9-1: SerialNumber: syz
[  673.783264][   T23] usb 9-1: config 0 descriptor??
[  673.810995][   T23] quatech2 9-1:0.51: Quatech 2nd gen USB to Serial Driver converter detected
[  675.377424][   T23] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB0
[  675.452871][   T23] usb 9-1: Quatech 2nd gen USB to Serial Driver converter now attached to ttyUSB1
[  675.597175][ T9497] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  675.606488][ T9497] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  675.907979][ T9513] loop6: detected capacity change from 0 to 8192
[  675.940691][ T9513] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  675.963369][    C1] usb 9-1: qt2_read_bulk_callback - non-zero urb status: -71
[  675.967192][    T9] usb 9-1: USB disconnect, device number 8
[  675.983129][ T9513] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  676.047350][ T9513] REISERFS (device loop6): using ordered data mode
[  676.053938][ T9513] reiserfs: using flush barriers
[  676.079752][    T9] quatech-serial ttyUSB0: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB0
[  676.120277][ T9513] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  676.165735][ T9513] REISERFS (device loop6): checking transaction log (loop6)
[  676.167775][    T9] quatech-serial ttyUSB1: Quatech 2nd gen USB to Serial Driver converter now disconnected from ttyUSB1
[  676.202702][ T9513] REISERFS (device loop6): Using r5 hash to sort names
[  676.217071][ T9513] REISERFS (device loop6): using 3.5.x disk format
[  676.235714][ T9513] REISERFS warning (device loop6): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  676.250288][    T9] quatech2 9-1:0.51: device disconnected
[  676.279653][ T9513] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  677.573061][ T9534] trusted_key: encrypted_key: master key parameter '' is invalid
[  680.378234][ T9552] loop2: detected capacity change from 0 to 8192
[  680.432054][ T9552] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  680.497062][ T9552] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  680.551330][ T9552] REISERFS (device loop2): using ordered data mode
[  680.604798][ T9552] reiserfs: using flush barriers
[  680.650661][ T9552] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  680.730557][ T9552] REISERFS (device loop2): checking transaction log (loop2)
[  680.800876][ T9552] REISERFS (device loop2): Using r5 hash to sort names
[  680.837039][ T9552] REISERFS (device loop2): using 3.5.x disk format
[  680.844520][ T9552] REISERFS warning (device loop2): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  680.891829][ T9552] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  682.302159][ T9578] loop8: detected capacity change from 0 to 2048
[  682.573099][ T9578] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  683.178278][ T9588] netlink: 8 bytes leftover after parsing attributes in process `syz.6.662'.
[  683.220550][ T9588] netlink: 8 bytes leftover after parsing attributes in process `syz.6.662'.
[  684.700578][    T9] usb 9-1: new high-speed USB device number 9 using dummy_hcd
[  684.710582][ T9589] trusted_key: encrypted_key: master key parameter '' is invalid
[  685.198367][    T9] usb 9-1: Using ep0 maxpacket: 8
[  685.341537][    T9] usb 9-1: unable to get BOS descriptor or descriptor too short
[  685.368706][    T9] usb 9-1: config 12 interface 0 altsetting 7 endpoint 0x3 has invalid maxpacket 65535, setting to 1024
[  685.397512][    T9] usb 9-1: config 12 interface 0 altsetting 7 bulk endpoint 0x3 has invalid maxpacket 1024
[  685.427372][    T9] usb 9-1: config 12 interface 0 has no altsetting 0
[  685.449228][    T9] usb 9-1: New USB device found, idVendor=07fd, idProduct=0001, bcdDevice=6a.e5
[  685.480164][    T9] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  685.505510][    T9] usb 9-1: Product: syz
[  685.515883][    T9] usb 9-1: Manufacturer: syz
[  685.531357][    T9] usb 9-1: SerialNumber: syz
[  685.553967][ T9593] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[  685.831386][    T9] usb 9-1: Quirk or no altest; falling back to MIDI 1.0
[  685.865456][    T9] usb 9-1: selecting invalid altsetting 0
[  686.027463][    T9] usb 9-1: USB disconnect, device number 9
[  686.884176][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  686.890866][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  687.628581][ T9619] loop3: detected capacity change from 0 to 8192
[  687.695529][ T9619] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  687.763666][ T9619] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  687.841484][ T9619] REISERFS (device loop3): using ordered data mode
[  687.967674][ T9619] reiserfs: using flush barriers
[  688.193219][ T9619] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  688.288699][ T9619] REISERFS (device loop3): checking transaction log (loop3)
[  688.339247][ T9619] REISERFS (device loop3): Using r5 hash to sort names
[  688.346197][ T9619] REISERFS (device loop3): using 3.5.x disk format
[  688.391823][ T9619] REISERFS warning (device loop3): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  688.407865][ T9619] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  689.567269][ T9640] trusted_key: encrypted_key: master key parameter '' is invalid
[  689.739157][ T9637] loop6: detected capacity change from 0 to 2048
[  689.929084][ T5907] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  689.952819][ T5161]  loop6: p1 < > p2 p3 < p5 p6 > p4
[  689.971105][ T5161] loop6: partition table partially beyond EOD, truncated
[  690.005225][ T5161] loop6: p1 start 4278190080 is beyond EOD, truncated
[  690.019394][ T5907] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  690.042847][ T5161] loop6: p2 start 16908800 is beyond EOD, truncated
[  690.076862][ T5161] loop6: p5 start 16908800 is beyond EOD, truncated
[  690.206778][ T9613] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  690.395890][ T8866] udevd[8866]: inotify_add_watch(7, /dev/loop6p6, 10) failed: No such file or directory
[  690.423233][ T9613] udevd[9613]: inotify_add_watch(7, /dev/loop6p3, 10) failed: No such file or directory
[  690.468215][ T8875] udevd[8875]: inotify_add_watch(7, /dev/loop6p4, 10) failed: No such file or directory
[  693.887724][ T9690] loop8: detected capacity change from 0 to 8192
[  694.054286][ T9690] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  694.147097][ T9690] REISERFS (device loop8): found reiserfs format "3.5" with non-standard journal
[  694.205509][ T9690] REISERFS (device loop8): using ordered data mode
[  694.276973][ T9690] reiserfs: using flush barriers
[  694.307662][ T9690] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  694.378821][ T9690] REISERFS (device loop8): checking transaction log (loop8)
[  694.417321][ T9690] REISERFS (device loop8): Using r5 hash to sort names
[  694.424354][ T9690] REISERFS (device loop8): using 3.5.x disk format
[  694.473313][ T9690] REISERFS warning (device loop8): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  694.543217][ T9690] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  695.537218][ T9703] trusted_key: encrypted_key: master key parameter '' is invalid
[  695.867344][ T9690] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  695.913761][ T9690] REISERFS error (device loop8): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  696.037085][ T9690] REISERFS (device loop8): Remounting filesystem read-only
[  696.077224][ T9690] REISERFS error (device loop8): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  696.621542][ T5794] Bluetooth: hci2: Malformed MSFT vendor event: 0x02
[  697.226759][ T9714] loop3: detected capacity change from 0 to 32768
[  697.340513][ T9714] fuse: Bad value for 'user_id'
[  698.017955][ T9720] loop6: detected capacity change from 0 to 32768
[  698.203060][ T9720] XFS (loop6): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  698.449164][ T9720] XFS (loop6): Ending clean mount
[  698.494183][ T9720] XFS (loop6): Quotacheck needed: Please wait.
[  698.759415][ T9720] XFS (loop6): Quotacheck: Done.
[  699.767226][ T9757] trusted_key: encrypted_key: master key parameter '' is invalid
[  701.993669][ T7109] XFS (loop6): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  703.404464][ T9790] tipc: Started in network mode
[  703.454563][ T9787] loop6: detected capacity change from 0 to 8192
[  703.457232][ T9790] tipc: Node identity 5e52b703bbf4, cluster identity 4711
[  703.544499][ T9787] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  703.587049][ T9787] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  703.620601][ T9790] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  703.667374][ T9787] REISERFS (device loop6): using ordered data mode
[  703.684196][ T9787] reiserfs: using flush barriers
[  703.718824][ T9787] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  703.780721][ T9795] syzkaller0: entered promiscuous mode
[  703.828479][ T9787] REISERFS (device loop6): checking transaction log (loop6)
[  703.839372][ T9795] syzkaller0: entered allmulticast mode
[  703.865993][ T9787] REISERFS (device loop6): Using r5 hash to sort names
[  703.933147][ T9787] REISERFS (device loop6): using 3.5.x disk format
[  703.964017][ T9787] REISERFS warning (device loop6): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  704.037350][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.055262][ T9787] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  704.056128][ T9798] tipc: Resetting bearer <eth:syzkaller0>
[  704.711659][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.720407][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.728616][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.736829][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.745179][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.753642][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  704.761803][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  705.875587][ T9798] wg2: entered promiscuous mode
[  705.880712][ T9798] wg2: entered allmulticast mode
[  705.942971][ T9800] wg2: left promiscuous mode
[  705.948898][ T9787] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  705.996797][ T9787] REISERFS error (device loop6): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  706.008504][ T9800] wg2: left allmulticast mode
[  706.028361][ T9787] REISERFS (device loop6): Remounting filesystem read-only
[  706.066484][ T9787] REISERFS error (device loop6): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  706.182928][   T23] tipc: Node number set to 3852908291
[  706.244154][ T9788] tipc: Resetting bearer <eth:syzkaller0>
[  706.467911][ T9788] tipc: Disabling bearer <eth:syzkaller0>
[  706.751638][ T9816] comedi comedi3: driver 'ni_daq_700' does not support attach using comedi_config
[  707.958326][ T9820] trusted_key: encrypted_key: master key parameter '' is invalid
[  708.886835][ T9814] loop3: detected capacity change from 0 to 32768
[  709.104297][ T9814] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  709.320857][ T9814] XFS (loop3): Ending clean mount
[  709.489222][ T9814] netlink: 68 bytes leftover after parsing attributes in process `syz.3.709'.
[  709.910956][ T5800] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  716.208683][ T9886] loop2: detected capacity change from 0 to 64
[  719.300564][ T9922] loop2: detected capacity change from 0 to 512
[  720.082195][   T28] kauditd_printk_skb: 12 callbacks suppressed
[  720.082212][   T28] audit: type=1800 audit(1764860274.564:56): pid=9922 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.726" name="file1" dev="loop2" ino=1048638 res=0 errno=0
[  720.124025][ T9918] loop8: detected capacity change from 0 to 8192
[  720.221544][ T9918] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  720.238195][ T9918] REISERFS (device loop8): found reiserfs format "3.5" with non-standard journal
[  720.267888][ T9918] REISERFS (device loop8): using ordered data mode
[  720.275299][ T9918] reiserfs: using flush barriers
[  720.282837][ T9918] REISERFS (device loop8): journal params: device loop8, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  720.323897][ T9918] REISERFS (device loop8): checking transaction log (loop8)
[  720.353064][ T9918] REISERFS (device loop8): Using r5 hash to sort names
[  720.372384][ T9918] REISERFS (device loop8): using 3.5.x disk format
[  720.392985][ T9918] REISERFS warning (device loop8): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  720.437174][ T9918] REISERFS (device loop8): Created .reiserfs_priv - reserved for xattr storage.
[  720.594478][ T9936] loop3: detected capacity change from 0 to 16
[  720.637574][ T9936] erofs: (device loop3): mounted with root inode @ nid 36.
[  720.684753][ T9918] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  720.708876][ T9918] REISERFS error (device loop8): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  720.729719][ T9918] REISERFS (device loop8): Remounting filesystem read-only
[  720.742990][ T9936] erofs: (device loop3): z_erofs_read_folio: read error -95 @ 8200 of nid 36
[  720.757295][ T9918] REISERFS error (device loop8): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  720.781215][ T9936] erofs: (device loop3): z_erofs_read_folio: read error -95 @ 8200 of nid 36
[  720.858178][ T7181] FAT-fs (loop2): error, invalid FAT chain (i_pos 2306, last_block 8)
[  720.866850][ T7181] FAT-fs (loop2): Filesystem has been set read-only
[  720.927099][ T7181] FAT-fs (loop2): error, corrupted file size (i_pos 2306, 2058)
[  721.494399][ T9953] loop3: detected capacity change from 0 to 2048
[  721.546476][ T9949] loop2: detected capacity change from 0 to 4096
[  723.449713][ T8818] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  723.769976][   T28] audit: type=1326 audit(1764860278.254:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9965 comm="syz.3.737" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe73db8f749 code=0x0
[  723.828745][ T9963] loop8: detected capacity change from 0 to 512
[  723.888504][ T9963] EXT4-fs (loop8): feature flags set on rev 0 fs, running e2fsck is recommended
[  724.307915][ T9963] EXT4-fs warning (device loop8): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  724.328004][ T9963] EXT4-fs error (device loop8): ext4_validate_block_bitmap:439: comm syz.8.735: bg 0: block 248: padding at end of block bitmap is not set
[  724.346327][ T9963] Quota error (device loop8): write_blk: dquota write failed
[  724.353990][ T9963] Quota error (device loop8): qtree_write_dquot: Error -117 occurred while creating quota
[  724.364305][ T9963] EXT4-fs error (device loop8): ext4_acquire_dquot:6933: comm syz.8.735: Failed to acquire dquot type 1
[  724.417925][ T9963] EXT4-fs (loop8): 1 truncate cleaned up
[  724.425059][ T9963] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  724.678956][ T9969] loop3: detected capacity change from 0 to 8192
[  724.868986][ T8159] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  726.476013][ T9979] loop2: detected capacity change from 0 to 32768
[  726.490153][ T9979] XFS: attr2 mount option is deprecated.
[  726.652533][ T9979] XFS (loop2): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  727.311148][ T9979] XFS (loop2): Ending clean mount
[  727.373845][ T9979] XFS (loop2): Quotacheck needed: Please wait.
[  727.446215][ T8165] usb 9-1: new high-speed USB device number 10 using dummy_hcd
[  727.560515][ T9979] XFS (loop2): Quotacheck: Done.
[  727.627166][ T8165] usb 9-1: Using ep0 maxpacket: 16
[  727.651178][ T8165] usb 9-1: config 3 has an invalid interface number: 155 but max is 0
[  727.687198][ T8165] usb 9-1: config 3 has an invalid interface association descriptor of length 3, skipping
[  728.892375][ T8165] usb 9-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  728.903438][ T8165] usb 9-1: config 3 has no interface number 0
[  728.910075][ T8165] usb 9-1: config 3 interface 155 has no altsetting 0
[  728.926080][ T8165] usb 9-1: New USB device found, idVendor=05a9, idProduct=264a, bcdDevice=e5.4c
[  728.957009][ T8165] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  728.989149][ T8165] usb 9-1: Product: syz
[  728.993483][ T8165] usb 9-1: Manufacturer: syz
[  729.011080][ T8165] usb 9-1: SerialNumber: syz
[  731.377258][ T8165] uvcvideo 9-1:3.155: Found Unit with invalid ID 0
[  731.384358][ T8165] usb 9-1: Found UVC 0.00 device syz (05a9:264a)
[  731.417235][ T5791] XFS (loop2): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  731.437523][ T8165] usb 9-1: No valid video chain found.
[  731.457589][ T8165] usb 9-1: USB disconnect, device number 10
[  732.490500][T10047] loop2: detected capacity change from 0 to 8192
[  732.554997][T10047] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  732.617242][T10047] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  734.449843][T10047] REISERFS (device loop2): using ordered data mode
[  734.456698][T10047] reiserfs: using flush barriers
[  734.462983][T10042] loop8: detected capacity change from 0 to 40427
[  734.474498][T10042] F2FS-fs (loop8): Image doesn't support compression
[  734.482951][T10047] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  734.500662][T10047] REISERFS (device loop2): checking transaction log (loop2)
[  734.543985][T10047] REISERFS (device loop2): Using r5 hash to sort names
[  734.556998][T10047] REISERFS (device loop2): using 3.5.x disk format
[  734.603388][T10047] REISERFS warning (device loop2): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  734.612432][ T8818] I/O error, dev loop8, sector 40192 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  734.658476][T10047] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  734.853893][T10047] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 5 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  734.936623][T10047] REISERFS error (device loop2): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  734.986741][T10047] REISERFS (device loop2): Remounting filesystem read-only
[  735.009126][T10047] REISERFS error (device loop2): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 5 0x0 SD] stat data
[  735.458012][T10069] loop2: detected capacity change from 0 to 256
[  735.485910][T10069] exfat: Deprecated parameter 'namecase'
[  735.697256][T10069] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x6d1bf2c1, utbl_chksum : 0xe619d30d)
[  737.872174][T10060] loop6: detected capacity change from 0 to 32768
[  738.174717][ T9613] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop6 scanned by udevd (9613)
[  741.066661][T10108] loop3: detected capacity change from 0 to 8192
[  741.146155][T10108] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  741.260678][T10108] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[  741.340430][T10108] REISERFS (device loop3): using ordered data mode
[  741.407640][T10108] reiserfs: using flush barriers
[  741.482214][T10108] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  741.564301][T10108] REISERFS (device loop3): checking transaction log (loop3)
[  741.584236][T10108] REISERFS (device loop3): Using r5 hash to sort names
[  741.613876][T10108] REISERFS (device loop3): using 3.5.x disk format
[  743.288109][T10108] REISERFS warning (device loop3): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  743.357101][T10108] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[  744.309749][T10116] loop8: detected capacity change from 0 to 32768
[  745.967134][T10158] input: syz1 as /devices/virtual/input/input6
[  746.407658][T10150] netlink: 16 bytes leftover after parsing attributes in process `syz.6.760'.
[  746.495048][T10166] loop2: detected capacity change from 0 to 64
[  747.185708][T10176] loop6: detected capacity change from 0 to 8192
[  747.224421][T10176] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  747.254791][T10176] REISERFS (device loop6): found reiserfs format "3.5" with non-standard journal
[  747.267358][T10176] REISERFS (device loop6): using ordered data mode
[  747.469156][T10178] loop3: detected capacity change from 0 to 32768
[  747.559807][T10176] reiserfs: using flush barriers
[  747.630394][T10176] REISERFS (device loop6): journal params: device loop6, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  747.673711][T10178] ocfs2: Mounting device (7,3) on (node local, slot 0) with writeback data mode.
[  747.718300][T10176] REISERFS (device loop6): checking transaction log (loop6)
[  747.781441][   T28] audit: type=1800 audit(1764860302.264:58): pid=10178 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.772" name="file1" dev="loop3" ino=17058 res=0 errno=0
[  747.801278][T10176] REISERFS (device loop6): Using r5 hash to sort names
[  747.832778][T10176] REISERFS (device loop6): using 3.5.x disk format
[  747.867702][T10176] REISERFS warning (device loop6): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  747.899362][T10176] REISERFS (device loop6): Created .reiserfs_priv - reserved for xattr storage.
[  748.331323][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  748.339411][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  748.783290][T10172] loop8: detected capacity change from 0 to 32768
[  748.965398][T10186] jfs_lookup: dtSearch returned -5
[  749.004075][T10171] loop2: detected capacity change from 0 to 32768
[  749.145976][T10171] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  749.159459][T10171] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  749.332638][T10171] gfs2: fsid=syz:syz.0: journal 0 mapped with 13 extents in 0ms
[  749.397780][T10171] gfs2: fsid=syz:syz.0: can't find per_node directory: -2
[  749.420613][ T5800] ocfs2: Unmounting device (7,3) on (node local)
[  751.389369][T10202] hfs: can't find a HFS filesystem on dev nullb0
[  751.607100][T10197] loop8: detected capacity change from 0 to 32768
[  751.653725][T10197] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  751.681422][T10197] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  751.738286][ T8391] usb 4-1: new full-speed USB device number 18 using dummy_hcd
[  751.777799][T10197] gfs2: fsid=syz:syz.0: gfs2_check_dirent: gfs2_dirent too small (not first in block)
[  751.810295][T10197] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  751.810295][T10197]   inode = 3 4149
[  751.810295][T10197]   function = gfs2_dirent_scan, file = fs/gfs2/dir.c, line = 602
[  751.888145][T10197] gfs2: fsid=syz:syz.0: G:  s:EX n:2/1035 f:qob t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  751.942415][T10197] gfs2: fsid=syz:syz.0:  H: s:SH f:H e:0 p:10197 [syz.8.775] init_inodes+0xdb/0x320
[  751.956548][ T8391] usb 4-1: config 4 has an invalid interface number: 118 but max is 0
[  751.975563][ T8391] usb 4-1: config 4 has no interface number 0
[  751.983150][ T8391] usb 4-1: config 4 interface 118 has no altsetting 0
[  751.993374][T10197] gfs2: fsid=syz:syz.0:  I: n:3/4149 t:4 f:0x00 d:0x00000201 s:1816 p:0
[  752.004900][ T8391] usb 4-1: New USB device found, idVendor=16c0, idProduct=05df, bcdDevice=b0.71
[  752.015634][T10197] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  752.025325][ T8391] usb 4-1: New USB device strings: Mfr=1, Product=0, SerialNumber=0
[  752.042904][ T8391] usb 4-1: Manufacturer: syz
[  752.048341][T10197] gfs2: fsid=syz:syz.0: File system withdrawn
[  752.067853][T10197] CPU: 1 PID: 10197 Comm: syz.8.775 Not tainted syzkaller #0
[  752.075301][T10197] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  752.085388][T10197] Call Trace:
[  752.088765][T10197]  <TASK>
[  752.091751][T10197]  dump_stack_lvl+0x16c/0x230
[  752.096451][T10197]  ? kobject_uevent_env+0x363/0x8c0
[  752.101667][T10197]  ? show_regs_print_info+0x20/0x20
[  752.106905][T10197]  ? load_image+0x3b0/0x3b0
[  752.111519][T10197]  ? kobject_uevent_env+0x363/0x8c0
[  752.116792][T10197]  gfs2_withdraw+0xe50/0x13b0
[  752.121594][T10197]  ? gfs2_lm+0x220/0x220
[  752.125967][T10197]  ? load_image+0x3b0/0x3b0
[  752.130516][T10197]  ? gfs2_consist_inode_i+0xf5/0x110
[  752.135844][T10197]  gfs2_dirent_scan+0x525/0x650
[  752.140733][T10197]  ? gfs2_dirent_search+0x7e0/0x7e0
[  752.145956][T10197]  ? gfs2_dirent_search+0x7e0/0x7e0
[  752.151169][T10197]  gfs2_dirent_search+0x2e1/0x7e0
[  752.156205][T10197]  ? sprintf+0xda/0x120
[  752.160374][T10197]  ? gfs2_dir_search+0x220/0x220
[  752.165332][T10197]  ? vsprintf+0x30/0x30
[  752.169506][T10197]  gfs2_dir_check+0x4b/0x240
[  752.174108][T10197]  init_journal+0x378/0x2260
[  752.178718][T10197]  ? init_inodes+0xdb/0x320
[  752.183324][T10197]  ? _compound_head+0x120/0x120
[  752.188185][T10197]  ? vsnprintf+0x1957/0x1a40
[  752.192790][T10197]  ? snprintf+0xdb/0x120
[  752.197044][T10197]  ? init_inodes+0xdb/0x320
[  752.201600][T10197]  ? vscnprintf+0x80/0x80
[  752.205943][T10197]  ? gfs2_glock_nq_num+0x183/0x1c0
[  752.211180][T10197]  init_inodes+0xdb/0x320
[  752.215536][T10197]  gfs2_fill_super+0x1815/0x1f80
[  752.220601][T10197]  ? gfs2_reconfigure+0xb10/0xb10
[  752.225670][T10197]  ? init_locking+0xb8/0x200
[  752.230300][T10197]  ? setup_bdev_super+0x56b/0x660
[  752.235432][T10197]  get_tree_bdev+0x3e4/0x510
[  752.240043][T10197]  ? end_current_label_crit_section+0x170/0x170
[  752.246315][T10197]  ? gfs2_reconfigure+0xb10/0xb10
[  752.251364][T10197]  ? setup_bdev_super+0x660/0x660
[  752.256411][T10197]  gfs2_get_tree+0x51/0x1e0
[  752.260944][T10197]  vfs_get_tree+0x8c/0x280
[  752.265383][T10197]  do_new_mount+0x24b/0xa40
[  752.269911][T10197]  __se_sys_mount+0x2da/0x3c0
[  752.274613][T10197]  ? __x64_sys_mount+0xc0/0xc0
[  752.279394][T10197]  ? lockdep_hardirqs_on+0x98/0x150
[  752.284601][T10197]  ? __x64_sys_mount+0x20/0xc0
[  752.289460][T10197]  do_syscall_64+0x55/0xb0
[  752.293888][T10197]  ? clear_bhb_loop+0x40/0x90
[  752.298707][T10197]  ? clear_bhb_loop+0x40/0x90
[  752.303483][T10197]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  752.309405][T10197] RIP: 0033:0x7f32f4990eea
[  752.314093][T10197] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  752.334163][T10197] RSP: 002b:00007f32f58a0e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  752.342699][T10197] RAX: ffffffffffffffda RBX: 00007f32f58a0ef0 RCX: 00007f32f4990eea
[  752.350852][T10197] RDX: 000020000001f680 RSI: 0000200000000000 RDI: 00007f32f58a0eb0
[  752.358996][T10197] RBP: 000020000001f680 R08: 00007f32f58a0ef0 R09: 0000000000000084
[  752.367004][T10197] R10: 0000000000000084 R11: 0000000000000246 R12: 0000200000000000
[  752.374992][T10197] R13: 00007f32f58a0eb0 R14: 000000000001f806 R15: 0000200000000180
[  752.383075][T10197]  </TASK>
[  752.417008][T10197] gfs2: fsid=syz:syz.0: can't read journal index: -5
[  754.015838][ T8391] usb 4-1: USB disconnect, device number 18
[  754.885296][T10230] loop8: detected capacity change from 0 to 512
[  754.975181][T10230] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  755.503038][T10240] loop3: detected capacity change from 0 to 512
[  755.591001][T10240] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  756.053542][T10249] loop2: detected capacity change from 0 to 1024
[  756.060801][T10249] EXT4-fs: Ignoring removed orlov option
[  756.091657][ T8159] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  756.111501][T10235] FAT-fs (loop3): error, fat_get_cluster: invalid start cluster (i_pos 0, start 22000003)
[  756.542251][T10249] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  758.967288][T10271] nbd0: detected capacity change from 0 to 8589934655
[  759.061846][ T5794] block nbd0: Receive control failed (result -104)
[  759.552508][T10273] loop8: detected capacity change from 0 to 256
[  759.595609][T10273] exFAT-fs (loop8): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  759.718056][T10275] fuse: Unknown parameter 'user_i00000000000000000000'
[  760.210222][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  760.378877][ T5794] Bluetooth: hci0: SCO packet for unknown connection handle 1
[  763.407331][T10313] loop8: detected capacity change from 0 to 512
[  763.509965][T10313] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  768.644498][ T9089] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  768.657311][ T9089] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  768.665409][ T9089] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  768.738184][ T9089] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  768.747181][ T9089] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  768.754582][ T9089] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  768.980810][ T9089] Bluetooth: hci0: unexpected event for opcode 0x040d
[  769.036345][T10346] loop2: detected capacity change from 0 to 4096
[  769.044241][T10346] ntfs3: Unknown parameter 'L‹�ÖMvœ^€Â+k›9{'
[  769.102439][ T8818] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  770.302718][T10347] chnl_net:caif_netlink_parms(): no params data found
[  770.761291][T10347] bridge0: port 1(bridge_slave_0) entered blocking state
[  770.768594][T10347] bridge0: port 1(bridge_slave_0) entered disabled state
[  770.775804][T10347] bridge_slave_0: entered allmulticast mode
[  770.784132][T10347] bridge_slave_0: entered promiscuous mode
[  770.791290][ T9089] Bluetooth: hci4: command tx timeout
[  770.800428][T10347] bridge0: port 2(bridge_slave_1) entered blocking state
[  770.808298][T10347] bridge0: port 2(bridge_slave_1) entered disabled state
[  770.815551][T10347] bridge_slave_1: entered allmulticast mode
[  770.823193][T10347] bridge_slave_1: entered promiscuous mode
[  770.853438][T10347] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  770.865342][T10347] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  770.877904][   T23] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  771.162911][   T23] usb 3-1: unable to get BOS descriptor or descriptor too short
[  771.179043][   T23] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  771.202750][   T23] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 16
[  771.233065][   T23] usb 3-1: config 1 interface 1 altsetting 1 bulk endpoint 0x3 has invalid maxpacket 88
[  771.259836][   T23] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  771.277301][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  771.297287][   T23] usb 3-1: Product: syz
[  771.301513][   T23] usb 3-1: Manufacturer: ��䪇綡쟼镶쑗�釗倿酦◇�購耫㱿闶瓌乊㸃똮톙◬ꂰ�틟�鸡繱콅򖵎
[  771.324382][   T23] usb 3-1: SerialNumber: syz
[  771.575303][T10375] loop2: detected capacity change from 0 to 64
[  771.668987][   T23] cdc_ncm 3-1:1.0: bind() failure
[  771.690965][   T23] cdc_ncm 3-1:1.1: CDC Union missing and no IAD found
[  771.707082][   T23] cdc_ncm 3-1:1.1: bind() failure
[  771.732564][   T23] usb 3-1: USB disconnect, device number 19
[  773.593550][ T9089] Bluetooth: hci4: command tx timeout
[  773.756094][T10347] team0: Port device team_slave_0 added
[  773.843027][T10347] team0: Port device team_slave_1 added
[  775.668949][ T9089] Bluetooth: hci4: command tx timeout
[  775.893003][T10412] Bluetooth: MGMT ver 1.22
[  775.911494][T10412] Bluetooth: hci0: unsupported parameter 28692
[  775.924552][T10412] Bluetooth: hci0: invalid length 0, exp 2 for type 0
[  776.173239][T10347] batman_adv: batadv0: Adding interface: batadv_slave_0
[  776.187060][T10347] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  776.229104][T10347] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  776.286645][T10347] batman_adv: batadv0: Adding interface: batadv_slave_1
[  776.294883][T10347] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  776.354056][T10347] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  776.429339][ T3468] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.399904][ T3468] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  777.464537][T10347] hsr_slave_0: entered promiscuous mode
[  777.541329][T10347] hsr_slave_1: entered promiscuous mode
[  777.592861][T10430] loop3: detected capacity change from 0 to 512
[  777.607235][T10347] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  777.627145][T10347] Cannot create hsr debugfs directory
[  777.747242][ T9089] Bluetooth: hci4: command tx timeout
[  777.914072][ T3468] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  780.305403][ T3468] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  780.707858][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  780.725268][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  780.734240][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  780.744283][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  780.757384][ T5794] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  780.764849][ T5794] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  782.576124][T10347] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  782.926980][T10347] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  782.958184][ T5794] Bluetooth: hci2: command tx timeout
[  783.251263][T10478] loop3: detected capacity change from 0 to 128
[  783.375707][T10347] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  783.436223][T10347] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  783.465521][T10478] hpfs: filesystem error: invalid number of hotfixes: 256, used: 2066844985; already mounted read-only
[  785.041533][ T5794] Bluetooth: hci2: command tx timeout
[  785.128633][T10478] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  785.166583][T10478] hpfs: You really don't want any checks? You are crazy...
[  785.207209][T10478] hpfs: hpfs_map_sector(): read error
[  785.212750][T10478] hpfs: code page support is disabled
[  785.455294][T10478] hpfs: hpfs_map_4sectors(): unaligned read
[  785.470665][T10478] hpfs: hpfs_map_4sectors(): unaligned read
[  785.476625][T10478] hpfs: filesystem error: unable to find root dir
[  785.693239][T10449] chnl_net:caif_netlink_parms(): no params data found
[  786.773572][T10449] bridge0: port 1(bridge_slave_0) entered blocking state
[  786.807621][T10449] bridge0: port 1(bridge_slave_0) entered disabled state
[  786.814960][T10449] bridge_slave_0: entered allmulticast mode
[  786.856240][T10449] bridge_slave_0: entered promiscuous mode
[  787.115361][ T5794] Bluetooth: hci2: command tx timeout
[  787.167546][T10449] bridge0: port 2(bridge_slave_1) entered blocking state
[  787.174960][T10449] bridge0: port 2(bridge_slave_1) entered disabled state
[  787.267261][T10449] bridge_slave_1: entered allmulticast mode
[  787.275028][T10449] bridge_slave_1: entered promiscuous mode
[  787.513291][T10449] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  787.786356][T10449] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  787.950827][T10518] loop2: detected capacity change from 0 to 1024
[  788.299305][   T11] hfsplus: b-tree write err: -5, ino 4
[  788.329581][T10449] team0: Port device team_slave_0 added
[  788.362080][T10449] team0: Port device team_slave_1 added
[  789.042539][T10530] FAULT_INJECTION: forcing a failure.
[  789.042539][T10530] name failslab, interval 1, probability 0, space 0, times 0
[  789.055345][T10530] CPU: 0 PID: 10530 Comm: syz.2.817 Not tainted syzkaller #0
[  789.062846][T10530] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  789.073023][T10530] Call Trace:
[  789.076336][T10530]  <TASK>
[  789.079304][T10530]  dump_stack_lvl+0x16c/0x230
[  789.084046][T10530]  ? show_regs_print_info+0x20/0x20
[  789.089549][T10530]  ? load_image+0x3b0/0x3b0
[  789.094086][T10530]  ? rcu_preempt_deferred_qs_irqrestore+0x86a/0xcc0
[  789.100721][T10530]  ? verify_lock_unused+0x140/0x140
[  789.105963][T10530]  should_fail_ex+0x39d/0x4d0
[  789.110694][T10530]  should_failslab+0x9/0x20
[  789.115247][T10530]  slab_pre_alloc_hook+0x59/0x310
[  789.120320][T10530]  kmem_cache_alloc+0x5a/0x2e0
[  789.125395][T10530]  ? skb_clone+0x1eb/0x370
[  789.129939][T10530]  skb_clone+0x1eb/0x370
[  789.134218][T10530]  __netlink_deliver_tap+0x41c/0x830
[  789.139732][T10530]  ? netlink_deliver_tap+0x2e/0x1b0
[  789.144969][T10530]  netlink_deliver_tap+0x19c/0x1b0
[  789.150119][T10530]  netlink_unicast+0x72c/0x8d0
[  789.154929][T10530]  netlink_sendmsg+0x8c1/0xbe0
[  789.159753][T10530]  ? netlink_getsockopt+0x580/0x580
[  789.164996][T10530]  ? aa_sock_msg_perm+0x94/0x150
[  789.169972][T10530]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  789.175293][T10530]  ? security_socket_sendmsg+0x80/0xa0
[  789.180794][T10530]  sock_write_iter+0x2bb/0x3f0
[  789.185597][T10530]  ? sock_read_iter+0x3b0/0x3b0
[  789.190571][T10530]  ? lockdep_hardirqs_on+0x98/0x150
[  789.195844][T10530]  vfs_write+0x43b/0x940
[  789.200219][T10530]  ? file_end_write+0x250/0x250
[  789.205201][T10530]  ? __fget_files+0x44a/0x4d0
[  789.209924][T10530]  ? __fdget_pos+0x1d8/0x330
[  789.214547][T10530]  ? ksys_write+0x75/0x250
[  789.219008][T10530]  ksys_write+0x147/0x250
[  789.223402][T10530]  ? __ia32_sys_read+0x90/0x90
[  789.228206][T10530]  ? lockdep_hardirqs_on+0x98/0x150
[  789.233523][T10530]  do_syscall_64+0x55/0xb0
[  789.237974][T10530]  ? clear_bhb_loop+0x40/0x90
[  789.242692][T10530]  ? clear_bhb_loop+0x40/0x90
[  789.247403][T10530]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  789.253326][T10530] RIP: 0033:0x7fc121f8f749
[  789.257818][T10530] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  789.277674][T10530] RSP: 002b:00007fc122de8038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  789.286136][T10530] RAX: ffffffffffffffda RBX: 00007fc1221e6180 RCX: 00007fc121f8f749
[  789.294143][T10530] RDX: 0000000000000024 RSI: 0000200000000080 RDI: 0000000000000006
[  789.302169][T10530] RBP: 00007fc122de8090 R08: 0000000000000000 R09: 0000000000000000
[  789.310181][T10530] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  789.318191][T10530] R13: 00007fc1221e6218 R14: 00007fc1221e6180 R15: 00007ffe64c9df28
[  789.326226][T10530]  </TASK>
[  789.341235][ T5794] Bluetooth: hci2: command tx timeout
[  789.492683][   T96] block nbd0: Possible stuck request ffff888021c00000: control (read@0,1024B). Runtime 30 seconds
[  789.515063][   T96] block nbd0: Possible stuck request ffff888021c00200: control (read@1024,1024B). Runtime 30 seconds
[  789.530593][   T96] block nbd0: Possible stuck request ffff888021c00400: control (read@2048,1024B). Runtime 30 seconds
[  789.541913][   T96] block nbd0: Possible stuck request ffff888021c00600: control (read@3072,1024B). Runtime 30 seconds
[  789.636038][T10347] 8021q: adding VLAN 0 to HW filter on device bond0
[  789.748594][T10449] batman_adv: batadv0: Adding interface: batadv_slave_0
[  789.755621][T10449] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  789.812885][T10449] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  789.847091][T10449] batman_adv: batadv0: Adding interface: batadv_slave_1
[  789.874041][T10449] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  789.973008][T10449] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  790.238769][ T3468] hsr_slave_0: left promiscuous mode
[  790.263251][ T3468] hsr_slave_1: left promiscuous mode
[  790.288734][ T3468] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  790.306540][ T3468] batman_adv: batadv0: Removing interface: batadv_slave_0
[  790.399592][ T3468] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  790.537406][ T3468] batman_adv: batadv0: Removing interface: batadv_slave_1
[  790.714676][ T3468] bridge_slave_1: left allmulticast mode
[  790.774667][ T3468] bridge_slave_1: left promiscuous mode
[  790.917186][ T3468] bridge0: port 2(bridge_slave_1) entered disabled state
[  791.023103][ T3468] bridge_slave_0: left allmulticast mode
[  791.067073][ T3468] bridge_slave_0: left promiscuous mode
[  791.072949][ T3468] bridge0: port 1(bridge_slave_0) entered disabled state
[  791.145670][ T3468] veth1_macvtap: left promiscuous mode
[  791.183703][ T3468] veth0_macvtap: left promiscuous mode
[  791.207573][ T3468] veth1_vlan: left promiscuous mode
[  791.237379][ T3468] veth0_vlan: left promiscuous mode
[  794.042211][ T3468] team0 (unregistering): Port device team_slave_1 removed
[  794.104541][ T3468] team0 (unregistering): Port device team_slave_0 removed
[  794.162975][ T3468] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  794.225422][ T3468] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  794.898409][ T3468] bond0 (unregistering): Released all slaves
[  795.131644][T10449] hsr_slave_0: entered promiscuous mode
[  795.148069][T10449] hsr_slave_1: entered promiscuous mode
[  795.163803][T10449] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  795.171959][T10449] Cannot create hsr debugfs directory
[  795.284124][T10347] 8021q: adding VLAN 0 to HW filter on device team0
[  795.359308][ T3440] bridge0: port 1(bridge_slave_0) entered blocking state
[  795.366534][ T3440] bridge0: port 1(bridge_slave_0) entered forwarding state
[  795.558395][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state
[  795.565699][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state
[  795.796720][ T3468] IPVS: stop unused estimator thread 0...
[  797.023749][T10347] 8021q: adding VLAN 0 to HW filter on device batadv0
[  797.137195][ T7903] usb 3-1: new high-speed USB device number 20 using dummy_hcd
[  797.347866][ T7903] usb 3-1: Using ep0 maxpacket: 8
[  797.403010][ T7903] usb 3-1: config index 0 descriptor too short (expected 30, got 18)
[  797.420622][ T7903] usb 3-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  797.437305][ T7903] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.445647][ T7903] usb 3-1: Product: syz
[  797.450996][ T7903] usb 3-1: Manufacturer: syz
[  797.455767][ T7903] usb 3-1: SerialNumber: syz
[  797.469692][T10449] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  797.478489][ T7903] usb 3-1: config 0 descriptor??
[  797.510838][T10583] loop3: detected capacity change from 0 to 2048
[  797.511400][ T7903] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  797.527125][ T7903] usb 3-1: setting power ON
[  797.532689][ T7903] dvb-usb: bulk message failed: -22 (2/0)
[  797.548495][ T7903] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  797.562858][T10449] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  797.591576][ T7903] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  797.618760][T10449] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  797.671771][T10583] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  797.691227][ T7903] usb 3-1: media controller created
[  797.719238][T10575] dvb-usb: bulk message failed: -22 (3/0)
[  797.721054][T10449] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  797.727454][T10575] cxusb: i2c wr: len=80 is too big!
[  797.727454][T10575] 
[  797.747516][ T7903] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  797.811374][ T7903] usb 3-1: selecting invalid altsetting 6
[  797.836369][ T7903] usb 3-1: digital interface selection failed (-22)
[  797.873571][ T7903] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  797.946525][ T7903] usb 3-1: setting power OFF
[  798.129565][ T7903] dvb-usb: bulk message failed: -22 (2/0)
[  798.135829][ T7903] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  798.145973][ T7903] (NULL device *): no alternate interface
[  798.332127][T10600] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  798.348211][T10600] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  798.371900][T10600] loop2: detected capacity change from 0 to 128
[  798.394497][T10600] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  798.408812][T10600] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  798.416782][T10600] hpfs: You really don't want any checks? You are crazy...
[  798.425500][T10600] hpfs: hpfs_map_sector(): read error
[  798.431746][T10600] hpfs: code page support is disabled
[  798.438930][T10600] hpfs: hpfs_map_4sectors(): unaligned read
[  798.445289][T10600] hpfs: hpfs_map_4sectors(): unaligned read
[  798.451368][T10600] hpfs: filesystem error: unable to find root dir
[  798.646743][T10449] 8021q: adding VLAN 0 to HW filter on device bond0
[  798.758315][T10605] loop3: detected capacity change from 0 to 2048
[  798.763227][T10449] 8021q: adding VLAN 0 to HW filter on device team0
[  798.783353][T10605] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  798.797543][T10605] NILFS (loop3): mounting unchecked fs
[  798.871111][T10347] veth0_vlan: entered promiscuous mode
[  798.925127][T10347] veth1_vlan: entered promiscuous mode
[  798.939523][ T8818] udevd[8818]: incorrect nilfs2 checksum on /dev/loop3
[  798.954565][T10605] NILFS (loop3): recovery complete
[  798.978340][ T1127] bridge0: port 1(bridge_slave_0) entered blocking state
[  798.985608][ T1127] bridge0: port 1(bridge_slave_0) entered forwarding state
[  799.033687][T10608] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  799.110627][ T3468] bridge0: port 2(bridge_slave_1) entered blocking state
[  799.117989][ T3468] bridge0: port 2(bridge_slave_1) entered forwarding state
[  799.719512][T10347] veth0_macvtap: entered promiscuous mode
[  799.838994][T10347] veth1_macvtap: entered promiscuous mode
[  799.965845][T10347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  799.980750][T10347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  799.992559][T10347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.008516][T10347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.021062][T10347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  800.043221][T10347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.069076][T10347] batman_adv: batadv0: Interface activated: batadv_slave_0
[  800.095264][T10347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.118335][T10347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.142777][T10347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.156483][T10347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.169898][T10347] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  800.181714][T10347] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  800.195058][T10347] batman_adv: batadv0: Interface activated: batadv_slave_1
[  800.312455][T10347] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  800.364042][T10347] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  800.387140][T10347] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  800.396020][T10347] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  802.681494][ T3468] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  802.704124][ T3468] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  802.746765][ T7903] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  802.808246][ T7903] usb 3-1: USB disconnect, device number 20
[  802.821385][T10449] 8021q: adding VLAN 0 to HW filter on device batadv0
[  802.929242][ T1120] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  802.956695][ T1120] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  803.076257][T10449] veth0_vlan: entered promiscuous mode
[  803.151072][T10449] veth1_vlan: entered promiscuous mode
[  803.299754][T10449] veth0_macvtap: entered promiscuous mode
[  803.346626][T10449] veth1_macvtap: entered promiscuous mode
[  805.025966][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  805.040992][   T28] audit: type=1326 audit(1764860359.524:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc121f8f749 code=0x7ffc0000
[  805.093914][T10635] loop2: detected capacity change from 0 to 512
[  805.210661][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.277081][   T28] audit: type=1326 audit(1764860359.524:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc121f8f749 code=0x7ffc0000
[  805.300564][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  805.347733][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.389436][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  805.400658][   T28] audit: type=1326 audit(1764860359.554:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fc121f8f749 code=0x7ffc0000
[  805.400715][   T28] audit: type=1326 audit(1764860359.554:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fc121f8f783 code=0x7ffc0000
[  805.400761][   T28] audit: type=1326 audit(1764860359.554:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc121f8e1ff code=0x7ffc0000
[  805.400804][   T28] audit: type=1326 audit(1764860359.564:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fc121f8f7d7 code=0x7ffc0000
[  805.400864][   T28] audit: type=1326 audit(1764860359.574:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc121f8df90 code=0x7ffc0000
[  805.400908][   T28] audit: type=1326 audit(1764860359.574:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fc121f8f34b code=0x7ffc0000
[  805.400954][   T28] audit: type=1326 audit(1764860359.704:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc121f8e3aa code=0x7ffc0000
[  805.400999][   T28] audit: type=1326 audit(1764860359.704:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10634 comm="syz.2.829" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fc121f8e3aa code=0x7ffc0000
[  805.624170][T10635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  805.647144][T10635] ext4 filesystem being mounted at /240/file3 supports timestamps until 2038-01-19 (0x7fffffff)
[  805.661235][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.692695][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  805.731424][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.779228][T10449] batman_adv: batadv0: Interface activated: batadv_slave_0
[  805.865680][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  805.932182][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  805.968520][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  805.983226][T10654] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #4: comm syz.2.829: corrupted inode contents
[  806.017108][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  806.052730][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  806.066878][T10654] EXT4-fs error (device loop2): ext4_dirty_inode:6120: inode #4: comm syz.2.829: mark_inode_dirty error
[  806.089925][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  806.111958][T10654] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #4: comm syz.2.829: corrupted inode contents
[  806.134297][T10449] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  806.157230][T10449] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  806.177038][T10654] EXT4-fs error (device loop2): __ext4_ext_dirty:202: inode #4: comm syz.2.829: mark_inode_dirty error
[  806.192166][T10449] batman_adv: batadv0: Interface activated: batadv_slave_1
[  806.227338][T10654] EXT4-fs error (device loop2): ext4_acquire_dquot:6933: comm syz.2.829: Failed to acquire dquot type 1
[  806.278088][T10449] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  806.321736][T10449] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  806.376053][T10449] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  806.406891][T10449] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  806.506739][ T5791] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  806.968754][ T3468] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  806.976732][ T3468] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  807.719026][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  807.764226][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  807.962118][T10657] loop3: detected capacity change from 0 to 32768
[  809.754537][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  809.766552][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  811.535280][T10690] bridge0: adding interface bridge0 with same address as a received packet (addr:aa:aa:aa:aa:aa:1b, vlan:0)
[  811.594410][T10690] bridge0: port 2(bridge_slave_1) entered disabled state
[  811.604838][T10690] bridge0: port 1(bridge_slave_0) entered disabled state
[  811.742960][T10690] A link change request failed with some changes committed already. Interface bridge0 may have been left with an inconsistent configuration, please check.
[  811.954921][T10695] loop3: detected capacity change from 0 to 128
[  812.104358][T10695] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  812.161969][T10695] ext4 filesystem being mounted at /252/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  812.499411][ T5800] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  814.090063][T10730] loop9: detected capacity change from 0 to 1024
[  815.360885][T10730] syz.9.839: attempt to access beyond end of device
[  815.360885][T10730] loop9: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  815.377121][T10730] Buffer I/O error on dev loop9, logical block 100663296, async page read
[  815.390721][T10730] syz.9.839: attempt to access beyond end of device
[  815.390721][T10730] loop9: rw=0, sector=201326592, nr_sectors = 2 limit=1024
[  815.405442][T10730] Buffer I/O error on dev loop9, logical block 100663296, async page read
[  819.920516][T10765] loop9: detected capacity change from 0 to 128
[  819.997119][   T96] block nbd0: Possible stuck request ffff888021c00000: control (read@0,1024B). Runtime 60 seconds
[  820.019000][   T96] block nbd0: Possible stuck request ffff888021c00200: control (read@1024,1024B). Runtime 60 seconds
[  820.033640][   T96] block nbd0: Possible stuck request ffff888021c00400: control (read@2048,1024B). Runtime 60 seconds
[  820.045165][   T96] block nbd0: Possible stuck request ffff888021c00600: control (read@3072,1024B). Runtime 60 seconds
[  823.799067][T10788] loop3: detected capacity change from 0 to 4096
[  823.886734][T10792] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  826.923776][T10797] loop2: detected capacity change from 0 to 4096
[  827.328178][T10817] loop0: detected capacity change from 0 to 16
[  827.430773][T10817] erofs: (device loop0): mounted with root inode @ nid 36.
[  829.859342][T10835] loop2: detected capacity change from 0 to 1024
[  829.946397][T10835] hfsplus: unable to parse mount options
[  830.409182][T10844] xt_TPROXY: Can be used only with -p tcp or -p udp
[  833.510257][T10870] loop0: detected capacity change from 0 to 764
[  833.543975][T10866] loop2: detected capacity change from 0 to 4096
[  833.769264][T10870] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  836.017912][T10894] loop3: detected capacity change from 0 to 8
[  836.037645][T10894] Page size > filesystem block size (3769).  This is currently not supported!
[  836.666455][T10898] loop2: detected capacity change from 0 to 32768
[  836.825014][T10898] ocfs2: Slot 0 on device (7,2) was already allocated to this node!
[  836.942687][T10898] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  837.195610][T10902] loop9: detected capacity change from 0 to 512
[  838.105355][T10910] (syz.2.869,10910,0):ocfs2_remount:623 ERROR: Cannot change heartbeat mode on remount
[  838.227040][T10902] EXT4-fs (loop9): encrypted files will use data=ordered instead of data journaling mode
[  838.367141][ T5791] ocfs2: Unmounting device (7,2) on (node local)
[  838.400650][T10902] EXT4-fs error (device loop9): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  838.529312][T10902] EXT4-fs warning (device loop9): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  838.627171][T10902] EXT4-fs (loop9): 1 truncate cleaned up
[  838.633957][T10902] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  839.000371][T10923] netlink: 'syz.3.872': attribute type 10 has an invalid length.
[  839.602037][T10923] bridge0: port 2(bridge_slave_1) entered disabled state
[  839.609554][T10923] bridge0: port 1(bridge_slave_0) entered disabled state
[  839.858420][T10923] bridge0: port 2(bridge_slave_1) entered blocking state
[  839.865997][T10923] bridge0: port 2(bridge_slave_1) entered forwarding state
[  839.874726][T10923] bridge0: port 1(bridge_slave_0) entered blocking state
[  839.882562][T10923] bridge0: port 1(bridge_slave_0) entered forwarding state
[  840.056175][T10923] team0: Port device bridge0 added
[  840.355246][T10914] loop0: detected capacity change from 0 to 32768
[  840.825664][ T8818] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by udevd (8818)
[  843.420630][T10347] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  843.855394][T10947] loop3: detected capacity change from 0 to 512
[  843.953053][T10947] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  844.420343][T10955] loop2: detected capacity change from 0 to 2048
[  844.537850][T10955] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  845.186574][   T28] kauditd_printk_skb: 64 callbacks suppressed
[  845.186616][   T28] audit: type=1326 audit(1764860399.664:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10953 comm="syz.2.878" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fc121f8f749 code=0x0
[  846.314222][T10945] loop9: detected capacity change from 0 to 32768
[  850.667779][   T96] block nbd0: Possible stuck request ffff888021c00000: control (read@0,1024B). Runtime 90 seconds
[  850.679557][   T96] block nbd0: Possible stuck request ffff888021c00200: control (read@1024,1024B). Runtime 90 seconds
[  850.690822][   T96] block nbd0: Possible stuck request ffff888021c00400: control (read@2048,1024B). Runtime 90 seconds
[  850.702174][   T96] block nbd0: Possible stuck request ffff888021c00600: control (read@3072,1024B). Runtime 90 seconds
[  850.973163][T10986] loop0: detected capacity change from 0 to 32768
[  851.208524][T10986] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  851.804009][T10449] (syz-executor,10449,1):ocfs2_inode_is_valid_to_delete:872 ERROR: Skipping delete of system file 72
[  851.991487][T10449] ocfs2: Unmounting device (7,0) on (node local)
[  854.334777][T11048] netlink: 16 bytes leftover after parsing attributes in process `syz.2.889'.
[  854.386838][    C1] hrtimer: interrupt took 109580 ns
[  854.495836][T11032] loop0: detected capacity change from 0 to 32768
[  854.528005][T11032] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.887 (11032)
[  854.628040][ T7903] usb 4-1: new low-speed USB device number 19 using dummy_hcd
[  854.648241][T11032] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  854.685242][T11032] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  854.697899][T11032] BTRFS info (device loop0): enabling auto defrag
[  854.715175][T11032] BTRFS info (device loop0): using free space tree
[  854.830034][ T7903] usb 4-1: config index 0 descriptor too short (expected 1307, got 27)
[  854.838615][ T7903] usb 4-1: config 0 has an invalid interface number: 0 but max is -1
[  854.845361][T11032] BTRFS info (device loop0): enabling ssd optimizations
[  854.849974][ T7903] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 0
[  854.864496][ T7903] usb 4-1: too many endpoints for config 0 interface 0 altsetting 0: 246, using maximum allowed: 30
[  854.877243][ T7903] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x84 has invalid wMaxPacketSize 0
[  854.888310][ T7903] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 246
[  854.902020][T11032] BTRFS info (device loop0): auto enabling async discard
[  854.918857][ T7903] usb 4-1: string descriptor 0 read error: -22
[  854.926255][ T7903] usb 4-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice=e2.de
[  854.946214][ T7903] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  854.965951][ T7903] usb 4-1: config 0 descriptor??
[  854.989398][ T7903] hub 4-1:0.0: bad descriptor, ignoring hub
[  855.011734][ T7903] hub: probe of 4-1:0.0 failed with error -5
[  855.553413][T10449] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  855.577988][ T7762] usb 4-1: USB disconnect, device number 19
[  859.358491][ T5161] udevd[5161]: worker [9613] /devices/virtual/block/nbd0 is taking a long time
[  861.304021][T11132] loop9: detected capacity change from 0 to 64
[  866.006062][    T9] usb 10-1: new high-speed USB device number 2 using dummy_hcd
[  866.210860][    T9] usb 10-1: Using ep0 maxpacket: 32
[  866.233373][    T9] usb 10-1: config 0 has an invalid interface number: 255 but max is 0
[  866.257774][    T9] usb 10-1: config 0 has no interface number 0
[  866.278082][    T9] usb 10-1: config 0 interface 255 altsetting 128 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  866.329732][    T9] usb 10-1: config 0 interface 255 altsetting 128 endpoint 0x81 has invalid wMaxPacketSize 0
[  866.371442][    T9] usb 10-1: config 0 interface 255 altsetting 128 has 1 endpoint descriptor, different from the interface descriptor's value: 6
[  866.416072][    T9] usb 10-1: config 0 interface 255 has no altsetting 0
[  866.447316][    T9] usb 10-1: New USB device found, idVendor=28bd, idProduct=1903, bcdDevice= 0.00
[  866.456533][    T9] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  866.488201][    T9] usb 10-1: config 0 descriptor??
[  866.556915][ T7903] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  866.748937][ T7903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  866.771668][ T7903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  866.792654][ T7903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  866.824631][ T7903] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0
[  866.850179][ T7903] usb 1-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  866.870921][ T7903] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  866.906932][ T7903] usb 1-1: Product: syz
[  866.931557][ T7903] usb 1-1: Manufacturer: syz
[  866.951876][ T7903] usb 1-1: SerialNumber: syz
[  866.965943][ T7903] usb 1-1: config 0 descriptor??
[  867.608783][ T7903] adutux 1-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  867.693661][    T9] usbhid 10-1:0.255: can't add hid device: -71
[  867.724043][    T9] usbhid: probe of 10-1:0.255 failed with error -71
[  867.773704][    T9] usb 10-1: USB disconnect, device number 2
[  867.918265][T11182] loop0: detected capacity change from 0 to 64
[  868.084093][ T8165] usb 1-1: USB disconnect, device number 4
[  870.337905][T11202] loop3: detected capacity change from 0 to 32768
[  870.382246][T11202] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.915 (11202)
[  870.478088][T11202] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  870.529631][T11202] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  870.552706][T11202] BTRFS info (device loop3): setting nodatacow, compression disabled
[  870.594750][T11202] BTRFS info (device loop3): enabling auto defrag
[  870.612435][T11202] BTRFS info (device loop3): max_inline at 0
[  870.643903][T11202] BTRFS info (device loop3): using free space tree
[  870.727282][T11202] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  870.756990][    T9] usb 10-1: new high-speed USB device number 3 using dummy_hcd
[  870.881023][T11202] BTRFS error (device loop3): open_ctree failed: -12
[  871.169259][    T9] usb 10-1: Using ep0 maxpacket: 16
[  871.193906][    T9] usb 10-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  871.195135][ T1288] ieee802154 phy0 wpan0: encryption failed: -22
[  871.214207][ T1288] ieee802154 phy1 wpan1: encryption failed: -22
[  871.237649][    T9] usb 10-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  871.286899][    T9] usb 10-1: config 1 has 1 interface, different from the descriptor's value: 3
[  871.334611][    T9] usb 10-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  871.384486][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  871.403761][    T9] usb 10-1: Product: syz
[  871.427223][    T9] usb 10-1: Manufacturer: syz
[  871.431983][    T9] usb 10-1: SerialNumber: syz
[  871.892533][    T9] usb 10-1: 0:2 : does not exist
[  872.634792][T11218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  872.791293][T11218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  875.290793][    T9] usb 10-1: 1:0: failed to get current value for ch 0 (-22)
[  877.055510][    T9] usb 10-1: USB disconnect, device number 3
[  877.181973][ T8818] udevd[8818]: error opening ATTR{/sys/devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  880.681628][T11321] FAULT_INJECTION: forcing a failure.
[  880.681628][T11321] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  880.696025][T11321] CPU: 1 PID: 11321 Comm: syz.2.927 Not tainted syzkaller #0
[  880.703471][T11321] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  880.713579][T11321] Call Trace:
[  880.716888][T11321]  <TASK>
[  880.719945][T11321]  dump_stack_lvl+0x16c/0x230
[  880.724856][T11321]  ? show_regs_print_info+0x20/0x20
[  880.730155][T11321]  ? load_image+0x3b0/0x3b0
[  880.734711][T11321]  ? __lock_acquire+0x7c80/0x7c80
[  880.739785][T11321]  ? snprintf+0xdb/0x120
[  880.744077][T11321]  should_fail_ex+0x39d/0x4d0
[  880.748818][T11321]  _copy_to_user+0x2f/0xa0
[  880.753282][T11321]  simple_read_from_buffer+0xe7/0x150
[  880.758800][T11321]  proc_fail_nth_read+0x1e3/0x250
[  880.764015][T11321]  ? proc_fault_inject_write+0x340/0x340
[  880.769701][T11321]  ? fsnotify_perm+0x271/0x5e0
[  880.774523][T11321]  ? proc_fault_inject_write+0x340/0x340
[  880.780209][T11321]  vfs_read+0x27e/0x920
[  880.784421][T11321]  ? kernel_read+0x1e0/0x1e0
[  880.789070][T11321]  ? __fget_files+0x28/0x4d0
[  880.793737][T11321]  ? __fget_files+0x44a/0x4d0
[  880.798825][T11321]  ? __fdget_pos+0x2a3/0x330
[  880.803588][T11321]  ? ksys_read+0x75/0x250
[  880.808139][T11321]  ksys_read+0x147/0x250
[  880.812432][T11321]  ? vfs_write+0x940/0x940
[  880.816989][T11321]  ? lockdep_hardirqs_on+0x98/0x150
[  880.822227][T11321]  do_syscall_64+0x55/0xb0
[  880.826716][T11321]  ? clear_bhb_loop+0x40/0x90
[  880.831445][T11321]  ? clear_bhb_loop+0x40/0x90
[  880.836278][T11321]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  880.842306][T11321] RIP: 0033:0x7fc121f8e15c
[  880.846759][T11321] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  880.866492][T11321] RSP: 002b:00007fc122e2a030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  880.874927][T11321] RAX: ffffffffffffffda RBX: 00007fc1221e5fa0 RCX: 00007fc121f8e15c
[  880.882935][T11321] RDX: 000000000000000f RSI: 00007fc122e2a0a0 RDI: 0000000000000004
[  880.890930][T11321] RBP: 00007fc122e2a090 R08: 0000000000000000 R09: 0000000000000000
[  880.899106][T11321] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  880.907090][T11321] R13: 00007fc1221e6038 R14: 00007fc1221e5fa0 R15: 00007ffe64c9df28
[  880.915173][T11321]  </TASK>
[  880.968593][   T96] block nbd0: Possible stuck request ffff888021c00000: control (read@0,1024B). Runtime 120 seconds
[  880.979736][   T96] block nbd0: Possible stuck request ffff888021c00200: control (read@1024,1024B). Runtime 120 seconds
[  880.990874][   T96] block nbd0: Possible stuck request ffff888021c00400: control (read@2048,1024B). Runtime 120 seconds
[  881.002083][   T96] block nbd0: Possible stuck request ffff888021c00600: control (read@3072,1024B). Runtime 120 seconds
[  881.110368][T11325] input: Bluetooth HID Boot Protocol Device as /devices/virtual/bluetooth/hci2/hci2:200/input7
[  882.044286][T11349] process 'syz.2.939' launched './file0' with NULL argv: empty string added
[  884.016266][T11375] capability: warning: `syz.9.943' uses deprecated v2 capabilities in a way that may be insecure
[  887.257067][T11412] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[  887.957932][T11415] hfs: can't find a HFS filesystem on dev nullb0
[  888.303056][T11426] loop9: detected capacity change from 0 to 2048
[  888.347033][ T7903] usb 3-1: new full-speed USB device number 21 using dummy_hcd
[  888.417633][T11426] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  888.503578][T11426] ext4 filesystem being mounted at /33/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  888.536910][ T7903] usb 3-1: device descriptor read/64, error -71
[  888.558981][T11428] netlink: 168 bytes leftover after parsing attributes in process `syz.3.954'.
[  888.587466][T11428] netlink: 160 bytes leftover after parsing attributes in process `syz.3.954'.
[  888.837227][ T7903] usb 3-1: new full-speed USB device number 22 using dummy_hcd
[  889.017062][ T7903] usb 3-1: device descriptor read/64, error -71
[  889.150312][ T7903] usb usb3-port1: attempt power cycle
[  889.737062][ T7903] usb 3-1: new full-speed USB device number 23 using dummy_hcd
[  889.952858][ T7903] usb 3-1: device descriptor read/8, error -71
[  890.233853][T10347] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  890.247140][ T7903] usb 3-1: new full-speed USB device number 24 using dummy_hcd
[  890.362551][ T7903] usb 3-1: device descriptor read/8, error -71
[  890.578335][ T7903] usb usb3-port1: unable to enumerate USB device
[  894.394820][ T5794] Bluetooth: hci4: command 0x0406 tx timeout
[  894.569622][T11486] loop9: detected capacity change from 0 to 2048
[  894.677513][T11486] NILFS (loop9): broken superblock, retrying with spare superblock (blocksize = 1024)
[  894.710032][T11491] NILFS (loop9): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  899.538522][    T9] usb 10-1: new high-speed USB device number 4 using dummy_hcd
[  900.067125][    T9] usb 10-1: Using ep0 maxpacket: 8
[  900.095105][    T9] usb 10-1: config 1 interface 0 altsetting 111 endpoint 0x81 has an invalid bInterval 247, changing to 11
[  900.138040][    T9] usb 10-1: config 1 interface 0 has no altsetting 0
[  900.189928][    T9] usb 10-1: New USB device found, idVendor=05ac, idProduct=024d, bcdDevice= 0.40
[  900.206911][    T9] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  900.236929][    T9] usb 10-1: Product: syz
[  900.257340][    T9] usb 10-1: Manufacturer: syz
[  900.262157][    T9] usb 10-1: SerialNumber: syz
[  900.571890][    T9] input: bcm5974 as /devices/platform/dummy_hcd.9/usb10/10-1/10-1:1.0/input/input8
[  900.615970][ T5146] bcm5974 10-1:1.0: could not read from device
[  900.657387][ T5146] bcm5974 10-1:1.0: could not read from device
[  900.667350][    T9] usb 10-1: USB disconnect, device number 4
[  901.117083][ T8165] usb 3-1: new high-speed USB device number 25 using dummy_hcd
[  901.579242][ T8165] usb 3-1: device descriptor read/64, error -71
[  902.107240][ T8165] usb 3-1: new high-speed USB device number 26 using dummy_hcd
[  903.946879][ T8165] usb 3-1: device descriptor read/64, error -71
[  903.993416][T11555] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  904.097178][ T8165] usb usb3-port1: attempt power cycle
[  904.114871][T11555] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  904.556976][ T8165] usb 3-1: new high-speed USB device number 27 using dummy_hcd
[  904.694638][ T8165] usb 3-1: device descriptor read/8, error -71
[  905.021525][ T8165] usb 3-1: new high-speed USB device number 28 using dummy_hcd
[  905.117960][ T8165] usb 3-1: device descriptor read/8, error -71
[  905.265630][ T8165] usb usb3-port1: unable to enumerate USB device
[  905.690230][T11599] loop9: detected capacity change from 0 to 8192
[  905.787276][T11599] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  905.801633][T11599] REISERFS (device loop9): found reiserfs format "3.5" with non-standard journal
[  905.811834][T11599] REISERFS (device loop9): using ordered data mode
[  905.819021][T11599] reiserfs: using flush barriers
[  905.827031][T11599] REISERFS (device loop9): journal params: device loop9, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  905.873820][T11599] REISERFS (device loop9): checking transaction log (loop9)
[  905.920582][T11599] REISERFS (device loop9): Using r5 hash to sort names
[  905.954526][T11599] REISERFS (device loop9): using 3.5.x disk format
[  905.962119][T11599] REISERFS warning (device loop9): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  905.997071][T11599] REISERFS (device loop9): Created .reiserfs_priv - reserved for xattr storage.
[  906.052685][T11599] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  906.137542][T11599] REISERFS error (device loop9): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  906.210472][T11599] REISERFS (device loop9): Remounting filesystem read-only
[  906.223855][T11599] REISERFS error (device loop9): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data
[  906.238134][  T966] usb 4-1: new high-speed USB device number 20 using dummy_hcd
[  906.599162][  T966] usb 4-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  906.629774][  T966] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 253
[  906.662337][  T966] usb 4-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  906.684322][  T966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  906.733650][T11622] netlink: 'syz.0.984': attribute type 29 has an invalid length.
[  906.758772][  T966] usb 4-1: Product: syz
[  906.763021][  T966] usb 4-1: Manufacturer: syz
[  906.776985][  T966] usb 4-1: SerialNumber: syz
[  906.800804][  T966] usb 4-1: config 0 descriptor??
[  906.818704][  T966] gspca_main: sunplus-2.14.0 probing 055f:c630
[  907.896494][  T966] gspca_sunplus: reg_r err -71
[  907.935893][  T966] sunplus: probe of 4-1:0.0 failed with error -71
[  907.964268][  T966] usb 4-1: USB disconnect, device number 20
[  908.600201][T11632] loop9: detected capacity change from 0 to 32768
[  909.200380][T11656] loop3: detected capacity change from 0 to 512
[  909.277286][T11656] EXT4-fs error (device loop3): ext4_validate_block_bitmap:439: comm syz.3.992: bg 0: block 248: padding at end of block bitmap is not set
[  909.345987][T11656] Quota error (device loop3): write_blk: dquota write failed
[  909.355356][T11656] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  909.366931][T11656] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.992: Failed to acquire dquot type 1
[  909.397164][T11656] EXT4-fs (loop3): 1 truncate cleaned up
[  909.408338][T11656] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  909.423802][T11656] ext4 filesystem being mounted at /300/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  909.445382][T11656] Quota error (device loop3): find_tree_dqentry: Cycle in quota tree detected: block 2 index 2
[  909.459616][T11656] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 131074
[  909.473018][T11656] EXT4-fs error (device loop3): ext4_acquire_dquot:6933: comm syz.3.992: Failed to acquire dquot type 1
[  909.675368][ T5800] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  909.958949][T11672] netlink: 28 bytes leftover after parsing attributes in process `syz.3.994'.
[  909.987793][T11673] netlink: 28 bytes leftover after parsing attributes in process `syz.3.994'.
[  910.598343][T11678] hfs: can't find a HFS filesystem on dev nullb0
[  910.667238][  T966] IPVS: starting estimator thread 0...
[  910.777004][T11681] IPVS: using max 18 ests per chain, 43200 per kthread
[  910.897067][ T8165] usb 10-1: new full-speed USB device number 5 using dummy_hcd
[  911.004173][T11685] loop0: detected capacity change from 0 to 8192
[  911.026342][T11685] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  911.040224][T11685] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  911.050432][T11685] REISERFS (device loop0): using ordered data mode
[  911.057745][T11685] reiserfs: using flush barriers
[  911.098586][ T5794] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  911.107634][ T8165] usb 10-1: device descriptor read/64, error -71
[  911.118549][ T5794] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  911.127873][ T5794] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  911.136350][ T5794] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  911.146073][ T5794] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  911.154060][ T5794] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  911.209539][T11685] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  911.315446][T11685] REISERFS (device loop0): checking transaction log (loop0)
[  911.362406][T11685] REISERFS (device loop0): Using r5 hash to sort names
[  911.370276][T11685] REISERFS (device loop0): using 3.5.x disk format
[  911.385111][T11685] REISERFS warning (device loop0): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  911.403585][T11685] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  911.427131][ T8165] usb 10-1: new full-speed USB device number 6 using dummy_hcd
[  911.446343][T11685] REISERFS warning: reiserfs-5093 is_leaf: item entry count seems wrong *3.5*[2 3 0(1) DIR], item_len 35, item_location 253, free_space(entry_count) 2
[  911.499176][T11685] REISERFS error (device loop0): vs-5150 search_by_key: invalid format found in block 532. Fsck?
[  911.520267][   T96] block nbd0: Possible stuck request ffff888021c00000: control (read@0,1024B). Runtime 150 seconds
[  911.520485][T11685] REISERFS (device loop0): Remounting filesystem read-only
[  911.531231][   T96] block nbd0: Possible stuck request ffff888021c00200: control (read@1024,1024B). Runtime 150 seconds
[  911.531322][   T96] block nbd0: Possible stuck request ffff888021c00400: control (read@2048,1024B). Runtime 150 seconds
[  911.531353][   T96] block nbd0: Possible stuck request ffff888021c00600: control (read@3072,1024B). Runtime 150 seconds
[  911.597595][T11685] REISERFS error (device loop0): vs-13050 reiserfs_update_sd_size: i/o failure occurred trying to update [2 3 0x0 SD] stat data
[  911.611304][ T8165] usb 10-1: device descriptor read/64, error -71
[  911.751620][ T8165] usb usb10-port1: attempt power cycle
[  912.161694][   T29] INFO: task syz.8.789:10313 blocked for more than 143 seconds.
[  912.177313][   T29]       Not tainted syzkaller #0
[  912.199949][   T29] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  912.227452][ T8165] usb 10-1: new full-speed USB device number 7 using dummy_hcd
[  912.254462][   T29] task:syz.8.789       state:D stack:25672 pid:10313 ppid:8159   flags:0x00004004
[  912.321363][   T29] Call Trace:
[  912.496952][   T29]  <TASK>
[  912.521431][   T29]  __schedule+0x14d2/0x44d0
[  912.526125][   T29]  ? asan.module_dtor+0x20/0x20
[  912.541576][ T8165] usb 10-1: device descriptor read/8, error -71
[  912.607005][   T29]  ? __mutex_lock+0x6b2/0xcc0
[  912.611895][   T29]  ? __mutex_trylock_common+0x84/0x250
[  912.666864][   T29]  ? trace_raw_output_contention_end+0xd0/0xd0
[  912.673139][   T29]  schedule+0xbd/0x170
[  912.713362][   T29]  schedule_preempt_disabled+0x13/0x20
[  912.727057][   T29]  __mutex_lock+0x6b7/0xcc0
[  912.731668][   T29]  ? __mutex_lock+0x4e8/0xcc0
[  912.736422][   T29]  ? sync_bdevs+0x1af/0x330
[  912.786393][   T29]  ? mutex_lock_nested+0x20/0x20
[  912.794502][   T29]  ? _atomic_dec_and_lock+0x93/0x120
[  912.805868][   T29]  ? do_raw_spin_unlock+0x121/0x230
[  912.812924][   T29]  sync_bdevs+0x1af/0x330
[  912.817695][   T29]  ksys_sync+0xba/0x150
[  912.821926][   T29]  ? sync_filesystem+0x220/0x220
[  912.827214][   T29]  ? syscall_enter_from_user_mode+0x25/0x80
[  912.833216][   T29]  ? lockdep_hardirqs_on+0x98/0x150
[  912.838770][   T29]  __ia32_sys_sync+0xe/0x20
[  912.843349][   T29]  do_syscall_64+0x55/0xb0
[  912.848218][ T8165] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  912.856200][   T29]  ? clear_bhb_loop+0x40/0x90
[  912.861489][   T29]  ? clear_bhb_loop+0x40/0x90
[  912.866317][   T29]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  912.873378][   T29] RIP: 0033:0x7f32f498f749
[  912.878364][   T29] RSP: 002b:00007f32f58a1038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a2
[  912.887520][   T29] RAX: ffffffffffffffda RBX: 00007f32f4be5fa0 RCX: 00007f32f498f749
[  912.895614][   T29] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  912.904301][   T29] RBP: 00007f32f4be5fa0 R08: 0000000000000000 R09: 0000000000000000
[  912.920483][   T29] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  912.934469][   T29] R13: 00007f32f4be6038 R14: 00007f32f4be5fa0 R15: 00007fffb6be75c8
[  912.948778][   T29]  </TASK>
[  912.975827][   T29] 
[  912.975827][   T29] Showing all locks held in the system:
[  913.038884][   T29] 1 lock held by khungtaskd/29:
[  913.044083][   T29]  #0: ffffffff8cd2ff20 (rcu_read_lock){....}-{1:2}, at: debug_show_all_locks+0x55/0x290
[  913.106908][   T29] 2 locks held by getty/5555:
[  913.111714][   T29]  #0: ffff88802d50a0a0 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x25/0x70
[  913.157021][   T29]  #1: ffffc9000326e2f0 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x425/0x1380
[  913.196875][   T29] 5 locks held by kworker/1:5/8165:
[  913.202202][   T29]  #0: ffff8880196cd138 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  913.254096][   T29]  #1: ffffc90003777d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_scheduled_works+0x957/0x15b0
[  913.277201][ T9089] Bluetooth: hci5: command tx timeout
[  913.336884][   T29]  #2: ffff8881423d7190 (&dev->mutex){....}-{3:3}, at: hub_event+0x185/0x49c0
[  913.345986][   T29]  #3: ffff8881423ea508 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x21ab/0x49c0
[  913.476861][   T29]  #4: ffff888142396468 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x21d3/0x49c0
[  913.486761][   T29] 1 lock held by udevd/9613:
[  913.531826][   T29]  #0: ffff888021a454c8 (&disk->open_mutex){+.+.}-{3:3}, at: blkdev_get_by_dev+0x121/0x600
[  913.588597][   T29] 1 lock held by syz.8.789/10313:
[  913.593927][   T29]  #0: ffff888021a454c8 (&disk->open_mutex){+.+.}-{3:3}, at: sync_bdevs+0x1af/0x330
[  913.656884][   T29] 1 lock held by syz-executor/10449:
[  913.675578][   T29] 1 lock held by syz.3.947/11402:
[  913.697031][   T29] 4 locks held by syz.9.995/11674:
[  913.702357][   T29]  #0: ffff88802fd44e70 (&hdev->req_lock){+.+.}-{3:3}, at: hci_unregister_dev+0x212/0x510
[  913.747237][   T29]  #1: ffff88802fd440b8 (&hdev->lock){+.+.}-{3:3}, at: hci_dev_close_sync+0x4c9/0xfb0
[  913.777016][   T29]  #2: ffffffff8e129888 (hci_cb_list_lock){+.+.}-{3:3}, at: hci_conn_hash_flush+0xa1/0x220
[  913.807054][   T29]  #3: ffff88803115b338 (&conn->lock#2){+.+.}-{3:3}, at: l2cap_conn_del+0x70/0x660
[  913.816608][   T29] 1 lock held by syz-executor/11690:
[  913.842074][   T29] 2 locks held by dhcpcd/11711:
[  913.867956][   T29]  #0: ffff88805f86a130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcc0
[  913.877992][   T29]  #1: ffffffff8cd358f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x448/0x830
[  913.890080][   T29] 2 locks held by dhcpcd/11712:
[  913.895069][   T29]  #0: ffff888030af0130 (sk_lock-AF_PACKET){+.+.}-{0:0}, at: packet_do_bind+0x32/0xcc0
[  913.905379][   T29]  #1: ffffffff8cd358f8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x360/0x830
[  913.918827][   T29] 
[  913.921280][   T29] =============================================
[  913.921280][   T29] 
[  913.932864][   T29] NMI backtrace for cpu 1
[  913.937290][   T29] CPU: 1 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  913.944527][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  913.954619][   T29] Call Trace:
[  913.958112][   T29]  <TASK>
[  913.961233][   T29]  dump_stack_lvl+0x16c/0x230
[  913.965944][   T29]  ? show_regs_print_info+0x20/0x20
[  913.971165][   T29]  ? load_image+0x3b0/0x3b0
[  913.975780][   T29]  nmi_cpu_backtrace+0x39b/0x3d0
[  913.980757][   T29]  ? nmi_trigger_cpumask_backtrace+0x2f0/0x2f0
[  913.986957][   T29]  ? _printk+0xd0/0x110
[  913.991149][   T29]  ? load_image+0x3b0/0x3b0
[  913.995758][   T29]  ? load_image+0x3b0/0x3b0
[  914.000285][   T29]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  914.006379][   T29]  nmi_trigger_cpumask_backtrace+0x17a/0x2f0
[  914.012383][   T29]  watchdog+0xf41/0xf80
[  914.016560][   T29]  ? watchdog+0x1e1/0xf80
[  914.020917][   T29]  kthread+0x2fa/0x390
[  914.025015][   T29]  ? hungtask_pm_notify+0x90/0x90
[  914.030057][   T29]  ? kthread_blkcg+0xd0/0xd0
[  914.034663][   T29]  ret_from_fork+0x48/0x80
[  914.039102][   T29]  ? kthread_blkcg+0xd0/0xd0
[  914.043710][   T29]  ret_from_fork_asm+0x11/0x20
[  914.048513][   T29]  </TASK>
[  914.052978][   T29] Sending NMI from CPU 1 to CPUs 0:
[  914.058800][    C0] NMI backtrace for cpu 0
[  914.058811][    C0] CPU: 0 PID: 4311 Comm: kworker/u4:12 Not tainted syzkaller #0
[  914.058828][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  914.058839][    C0] Workqueue: events_unbound nsim_dev_trap_report_work
[  914.058891][    C0] RIP: 0010:__lock_acquire+0x718/0x7c80
[  914.058913][    C0] Code: 45 8d 77 01 49 ff cf 44 89 f0 83 c0 fe 0f 88 70 01 00 00 44 89 fb 81 e3 ff ff ff 7f 83 f8 31 73 43 48 8d 04 9b 49 8d 5c c5 00 <48> 89 d8 48 c1 e8 03 42 0f b6 04 00 84 c0 75 45 8b 1b 48 8b 44 24
[  914.058928][    C0] RSP: 0018:ffffc9000e4e74e0 EFLAGS: 00000097
[  914.058942][    C0] RAX: 0000000000000000 RBX: ffff88802fe54700 RCX: 0000000000000002
[  914.058954][    C0] RDX: 0000000000000000 RSI: 0000000000000008 RDI: ffffffff90da9500
[  914.058965][    C0] RBP: ffffc9000e4e7728 R08: dffffc0000000000 R09: 1ffffffff21b52a0
[  914.058977][    C0] R10: dffffc0000000000 R11: fffffbfff21b52a1 R12: 0000000000000000
[  914.058989][    C0] R13: ffff88802fe54700 R14: 0000000000000002 R15: 0000000000000000
[  914.059000][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  914.059014][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  914.059025][    C0] CR2: 000055e8c22c9168 CR3: 0000000030b2a000 CR4: 00000000003506f0
[  914.059041][    C0] Call Trace:
[  914.059046][    C0]  <TASK>
[  914.059055][    C0]  ? chacha_permute+0x4e4/0xef0
[  914.059089][    C0]  ? verify_lock_unused+0x140/0x140
[  914.059111][    C0]  ? chacha_block_generic+0xae/0xda0
[  914.059132][    C0]  ? ret_from_fork_asm+0x11/0x20
[  914.059156][    C0]  ? __crypto_xor+0x1760/0x1760
[  914.059182][    C0]  lock_acquire+0x197/0x410
[  914.059198][    C0]  ? crng_make_state+0x13b/0x700
[  914.059226][    C0]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  914.059245][    C0]  ? read_lock_is_recursive+0x20/0x20
[  914.059263][    C0]  ? lock_chain_count+0x20/0x20
[  914.059283][    C0]  crng_make_state+0x158/0x700
[  914.059306][    C0]  ? crng_make_state+0x13b/0x700
[  914.059330][    C0]  ? crng_make_state+0x13b/0x700
[  914.059353][    C0]  ? urandom_read_iter+0x150/0x150
[  914.059383][    C0]  _get_random_bytes+0xd6/0x210
[  914.059406][    C0]  ? get_random_bytes+0x20/0x20
[  914.059436][    C0]  ? skb_put+0x11b/0x210
[  914.059454][    C0]  nsim_dev_trap_report_work+0x368/0xb00
[  914.059481][    C0]  ? process_scheduled_works+0x957/0x15b0
[  914.059502][    C0]  process_scheduled_works+0xa45/0x15b0
[  914.059535][    C0]  ? assign_work+0x400/0x400
[  914.059556][    C0]  ? assign_work+0x39e/0x400
[  914.059578][    C0]  worker_thread+0xa55/0xfc0
[  914.059597][    C0]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  914.059638][    C0]  ? _raw_spin_unlock+0x40/0x40
[  914.059656][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x110
[  914.059683][    C0]  kthread+0x2fa/0x390
[  914.059698][    C0]  ? pr_cont_work+0x560/0x560
[  914.059717][    C0]  ? kthread_blkcg+0xd0/0xd0
[  914.059732][    C0]  ret_from_fork+0x48/0x80
[  914.059751][    C0]  ? kthread_blkcg+0xd0/0xd0
[  914.059766][    C0]  ret_from_fork_asm+0x11/0x20
[  914.059795][    C0]  </TASK>
[  914.364639][   T29] Kernel panic - not syncing: hung_task: blocked tasks
[  914.371554][   T29] CPU: 0 PID: 29 Comm: khungtaskd Not tainted syzkaller #0
[  914.378968][   T29] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  914.389504][   T29] Call Trace:
[  914.392977][   T29]  <TASK>
[  914.395949][   T29]  dump_stack_lvl+0x16c/0x230
[  914.400760][   T29]  ? show_regs_print_info+0x20/0x20
[  914.406435][   T29]  ? load_image+0x3b0/0x3b0
[  914.410983][   T29]  panic+0x2c0/0x710
[  914.414898][   T29]  ? schedule_preempt_disabled+0x20/0x20
[  914.420649][   T29]  ? bpf_jit_dump+0xd0/0xd0
[  914.425165][   T29]  ? __irq_work_queue_local+0x13a/0x3b0
[  914.430742][   T29]  ? nmi_trigger_cpumask_backtrace+0x2a4/0x2f0
[  914.437026][   T29]  watchdog+0xf80/0xf80
[  914.441211][   T29]  ? watchdog+0x1e1/0xf80
[  914.445576][   T29]  kthread+0x2fa/0x390
[  914.449676][   T29]  ? hungtask_pm_notify+0x90/0x90
[  914.454740][   T29]  ? kthread_blkcg+0xd0/0xd0
[  914.459367][   T29]  ret_from_fork+0x48/0x80
[  914.463899][   T29]  ? kthread_blkcg+0xd0/0xd0
[  914.468687][   T29]  ret_from_fork_asm+0x11/0x20
[  914.473571][   T29]  </TASK>
[  914.476912][   T29] Kernel Offset: disabled
[  914.481347][   T29] Rebooting in 86400 seconds..