last executing test programs:

11.408263602s ago: executing program 2 (id=304):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000002c0)={'bridge_slave_0\x00'})
setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, &(0x7f0000000040)=ANY=[@ANYBLOB="ac1e007f0000010000000001000000e0000002"], 0x14)
syz_emit_ethernet(0x3f, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffff0180c200000e0007424203"], 0x0)
r1 = syz_usb_connect(0x0, 0x24, &(0x7f0000000280)={{0x12, 0x1, 0x0, 0xe3, 0xdd, 0xef, 0x20, 0x1d50, 0x60a1, 0xa14f, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x14, 0x4e}}]}}]}}, 0x0)
syz_usb_control_io$cdc_ecm(r1, 0x0, &(0x7f0000000240)={0x1c, &(0x7f0000000140), 0x0, 0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'bridge_slave_1\x00', <r4=>0x0})
sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x40000, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="5400000010000104000000000200000000000000", @ANYRES32=r4, @ANYBLOB="0000faffffff000034001280110001006272696467655f736c617665000000001c000580050021000000000006001f0000000000080022"], 0x54}}, 0x0)
r5 = socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xd, &(0x7f0000000140)={0x200000000005, 0x8000000000200003}, 0x0)
setpriority(0x2, 0x0, 0xffffffffffffffcd)
r6 = syz_open_procfs(0x0, &(0x7f00000004c0)='stat\x00')
r7 = io_uring_setup(0x6db7, &(0x7f0000000180)={0x0, 0xfffffffe, 0x20, 0x80000, 0x27e})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='rxrpc_local\x00', r8}, 0x10)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000300)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r6}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x4bb9}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x2}}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x8}], &(0x7f0000000580)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000440)='rxrpc_local\x00', r9}, 0x10)
r10 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r10, &(0x7f0000000400)=@in6={0x21, 0x0, 0x2, 0x1c, {0x2, 0x0, 0x0, @private1, 0x80000000}}, 0x24)
close_range(r7, 0xffffffffffffffff, 0x0)
preadv(r6, &(0x7f0000000280)=[{&(0x7f0000000ac0)=""/100, 0x64}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000c80)={'lo\x00'})
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, 0x0, 0x0, 0x0, 0x0)
r11 = open_tree(0xffffffffffffff9c, &(0x7f0000000400)='./file0/file0\x00', 0x81901)
move_mount(r11, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x100)

9.435470892s ago: executing program 0 (id=318):
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x2102086, &(0x7f0000000340))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x375, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000040000000e200000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000300)='pwc_handler_exit\x00', r3}, 0x10)
sched_setscheduler(0x0, 0x0, 0x0)
syz_open_dev$loop(&(0x7f00000001c0), 0x4, 0x103382)
r4 = memfd_create(&(0x7f0000000480)='\x17\xaa\xc6P\xe8\x1b\xc6\x14:', 0x4)
mount$overlay(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x125001, &(0x7f00000006c0)={[{@default_permissions}, {@xino_off}, {@index_on}, {@metacopy_off}, {@xino_on}, {@nfs_export_on}, {@default_permissions}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@redirect_dir={'redirect_dir', 0x3d, './file0'}}]})
ftruncate(r4, 0xb939)
pwritev(r4, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0)
r5 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r5, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @dev}], 0x10)

7.566588054s ago: executing program 2 (id=325):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000002000), 0x0, 0x0)
r1 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r1, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
dup3(0xffffffffffffffff, r0, 0x80000)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f00000000c0)={0x0, 0x1000}, 0x4)
setsockopt$packet_rx_ring(r1, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a}, 0x1c)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000040)='veth1_virt_wifi\x00', 0x10)
r3 = dup(r2)
sendmsg$inet(r3, &(0x7f0000000780)={&(0x7f0000000100)={0x2, 0x0, @multicast1}, 0x10, &(0x7f0000001600)=[{&(0x7f0000000000)="be39", 0xffeb}], 0x1, &(0x7f0000000c80)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @local, @private}}}], 0xf}, 0x0)
openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0))
pselect6(0x40, &(0x7f00000003c0)={0x0, 0x0, 0xfffffffffffffffb}, 0x0, &(0x7f0000000080)={0x3ff}, 0x0, 0x0)
ioctl$KVM_GET_REG_LIST(0xffffffffffffffff, 0xc008aeb0, 0x0)
r4 = socket$inet6_tcp(0xa, 0x1, 0x0)
connect$inet6(r4, &(0x7f0000000180)={0xa, 0x4001, 0x0, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, 0x0, 0x0)
pipe(&(0x7f0000000580)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0xd0, &(0x7f0000000000)=ANY=[@ANYBLOB="0180c20000008e25900ee8d386dd601646b085a2009a2f00ff020000000000000000000000000001fc010000000000000000000000000000000000000000000005020000000000000420880b00460000670c12d787bc48454ad5ab0dbcd795bf5fb1f628b38949083230f6690fa256ac9e09b06b584ba6ff6075c5d0d2ffd9"], 0x0)
r8 = openat$tun(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
ioctl$TUNSETIFF(r8, 0x400454ca, &(0x7f0000000080)={'\x00', 0x8411})
ioctl$TUNSETOFFLOAD(r8, 0x400454c9, 0x9)
ioctl$TUNGETIFF(r8, 0x800454d2, &(0x7f0000000180)={'gre0\x00'})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a010100000100000000000200fffc0900010073797a30000000000800024000000001cc000000030a01020000000000000000020000000900010073797a3000000000aa000300"], 0x1e4}}, 0x0)
write$binfmt_misc(r6, &(0x7f0000000000)=ANY=[], 0xfffffecc)
splice(r5, 0x0, r7, 0x0, 0x7fff, 0x0)
socket$alg(0x26, 0x5, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f0000000fc0)=[{{&(0x7f0000000240)=@can, 0x80, &(0x7f0000000140)=[{&(0x7f00000002c0)=""/251, 0xfb}, {&(0x7f0000000400)=""/88, 0x58}], 0x2, &(0x7f0000000500)=""/125, 0x7d}, 0x5}, {{0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000005c0)=""/69, 0x45}, {&(0x7f0000002040)=""/4096, 0x1000}], 0x2, &(0x7f0000000640)=""/209, 0xd1}, 0x9}, {{&(0x7f00000007c0)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, 0x80, &(0x7f0000000480)=[{&(0x7f0000000840)=""/230, 0xe6}], 0x1, &(0x7f0000000940)=""/219, 0xdb}, 0x7}, {{&(0x7f0000000a40)=@ll={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x80, &(0x7f0000000f40)=[{&(0x7f0000000ac0)=""/162, 0xa2}, {&(0x7f0000000740)}, {&(0x7f0000000b80)=""/80, 0x50}, {&(0x7f0000000c00)=""/52, 0x34}, {&(0x7f0000000cc0)=""/88, 0x58}, {&(0x7f0000000d40)=""/143, 0x8f}, {&(0x7f0000000e00)=""/182, 0xb6}, {&(0x7f00000010c0)=""/132, 0x84}], 0x8, &(0x7f0000000c40)=""/14, 0xe}, 0x8}], 0x4, 0x40012140, 0x0)

7.513327219s ago: executing program 0 (id=327):
r0 = syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x1001, &(0x7f0000000000), 0x5, 0x513, &(0x7f00000010c0)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOt7rW1aSpOmNOk6LYt28T8QQcEnn3wR/AOEZR78A2RgQF/EB1FRRGf0QVDnSpIbp5Mmbd1pm07z+cBpzrn35n7PuSEn98fpvQGMrRci4o2ImIiIlyOimE9P87TYLux3l7t/753ldkoiy976axJJPq23rnZ5MiKud98SUxHxtS9HfDM5HLe5u7exVKtVt/NypVXfqjR3926u15fWqmvVzfn5udcWXl94dWE2yz1WO0u9zE++9Pn3Pv2t3y3++ca329X63EeiEH3tOE3dphc626KnvY22zyLYCEzk7SmMuiIAAJxIex//gxHxic7+fzEmOntzfSZGUTMAAADgtGRfmI5/JxEZAAAAcGmlETEdSVrOxwJMR5peyc8NfDiupbVGs/Wp1cbO5kp7XkQpCunqeq06m48VLkUhaZfn8jG2vfIrfeX5iHgmIr5fvNopl5cbtZURn/sAAACAcXG97/j/H8W0kz/egP8TAAAAAC6u0tACAAAAcFk45AcAAIDLr//4/70R1QMAAAA4E1958812ynrPv155e3dno/H2zZVqc6Nc31kuLze2t8prjcZa55599ePWV2s0tj4Tmzu3Kq1qs1Vp7u4t1hs7m63F9UcegQ0AAACco2c+fvvXSUTsf/ZqJ0V+H0CAR/xh1BUATtPEqCsAjIy7eMP4Koy6AsDIJcfMN3gHAACefDMfPXz9v/f8f+cG4HIz1gcAxo/r/zC+CkYAwlhLI+ID3exTw5YZev3/lyeNkmURd4oHpzi/CAAA52u6k5K0nB8HTEealssRT0ekpSgkq+u16mx+fPCrYuGpdnmu887k2DHDAAAAAAAAAAAAAAAAAAAAAAAAAEBXliWRAQAAAJdaRPqnpHM3/4iZ4kvT/ecHriT/LMYf88KP3vrBraVWa3uuPf1vnWd5XYmI1g/z6a8MfXwYAAAAcNqS/aGzusfp+evcudYKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgDFw/947y710nnH/8sWIKA2KPxlTndepKETEtb8nMXngfUlETJxC/P13I+LZQfGTeJBlWSmvxaD4V884fqmzaQbHTyPi+inEh3F2u93/vDHo+5fGC53Xwd+/yTw9ruH9X5pHfrbTzw3qf54+tLb6wBjP3f1ZZWj8dyOemxzc//T632RI/BcPre1fWZYdjvGNr+/tDYuf/ThiZuDvT/JIrEqrvlVp7u7dXK8vrVXXqpvz83OvLby+8OrCbGV1vVbN/w6M8b2P/fzBUe2/NiD+b3/T7X+Pav9Lw1ba5z93b937UDdbGBT/xosDf3+nYkj8NP/t+2Seb8+f6eX3u/mDnv/pneePav/KkO1/3Od/44Ttf/mr3/39CRcFAM5Bc3dvY6lWq24fkZk6wTJPYuYXUxeiGv9nJvtO95O7KPV5v5n23urDKb1WXYCKHchk5xZrIi5Ik/+XGWm3BAAAnIGHO/2jrgkAAAAAAAAAAAAAAAAAAACMr/O4nVh/zP3RNBUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Ej/DQAA///M/t/r")
r1 = open(&(0x7f0000000040)='./bus\x00', 0x1ed37e, 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000180)={r2, r1, 0x34, 0x0, @void}, 0x10)
mmap(&(0x7f0000a70000/0x3000)=nil, 0x3000, 0x100000e, 0x4001017, r0, 0x266f4000)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000280)={0xa, 0x2, 0x0, @loopback}, 0x1c)
r4 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$FBIOPUT_VSCREENINFO(r4, 0x4601, &(0x7f0000000040)={0x60, 0xa0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, {0x10, 0x8}})
sendto$inet6(r3, &(0x7f00000000c0)="044aac2f202c5feda71e039a57a93088fdcce4afe28aac61837792741a190670ccbe1a2b00aa77a87d56a3f12c7920ad02928a5dac14e5b896f000fcf6521928480be9af82613a5c661f4110adba358afd8b5b4ef1702051e393ede2698112a1f1bdf1d0f568546ed322ab4c53545bd2cd6e48522f0c154cb3c6864dc30ae921db100f1ee97a234503338f8fdf356472da0c7ab62f274f34", 0xadf29f33fb903ae1, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
shutdown(r3, 0x1)
recvmsg(r3, &(0x7f00000008c0)={0x0, 0x4, &(0x7f0000000840)=[{&(0x7f0000000040)=""/50, 0xfffffe72}, {&(0x7f0000000240)=""/52, 0x34}, {&(0x7f0000000780)=""/129, 0x80}, {&(0x7f0000000300)=""/68, 0x44}, {&(0x7f0000000380)=""/121, 0x79}, {&(0x7f0000000400)=""/183, 0xb7}], 0x6}, 0x40000110)

7.191450545s ago: executing program 4 (id=329):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mkdir(&(0x7f0000000180)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000000)=ANY=[@ANYBLOB="1500000065ffff"], 0x15)
r2 = dup(r1)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000240), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2])
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000000280)=ANY=[@ANYBLOB="b0"], 0xb0)
write$FUSE_NOTIFY_RETRIEVE(r2, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000000180)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
chdir(&(0x7f0000000000)='./file0\x00')
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000380)=ANY=[@ANYBLOB='-rcma '], 0x6)
r5 = socket$inet(0x2, 0x3, 0x9)
sendmmsg$inet(r5, &(0x7f0000000c80)=[{{&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}}, {{&(0x7f00000001c0)={0x2, 0x0, @rand_addr=0x64010101}, 0x10, 0x0, 0x0, &(0x7f0000000140)=ANY=[], 0x20}}], 0x2, 0x0)
ioctl$sock_FIOGETOWN(r5, 0x8903, &(0x7f0000000040))

7.119011841s ago: executing program 1 (id=330):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x30, 0x10, 0x0, 0x70bd2c, 0x0, {0x0, 0xcf, 0x0, 0x0, 0x100}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @gtp={{0x8}, {0x4}}}]}, 0x30}}, 0x0)
r0 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[@ANYRESOCT=r1, @ANYRES32=r2, @ANYRES32=0x0], 0x34}}, 0x4004015)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x20081e, &(0x7f0000000040)={[{@nodelalloc}, {@grpid}, {}]}, 0x1, 0x506, &(0x7f00000008c0)="$eJzs3U9vI2cZAPBnvPnjhLRJSw+AgC6lsKDVOom3jaoeoJwQQpUQPYK0DYk3imLHUeyUJuwh/Q5IVOIERz4A5564c0Fw41IOSPyJippKHAbNeJK6WXtjNokdxb+fNJp5Zxw/z7vZed/4Sew3gLF1OyIOI2IqIt6OiPnifFJs8UZnyx738dGjteOjR2tJpOlb/0ry69m56PqazOeK5yxHxI+/H/Gz5PG4rf2DrdV6vbbbac4sths7i639g3ubjdWN2kZtu1pdWV5Zeu3+q9VL6+uLjani6Csf/vHw27/I0porznT34zJ1uj55GiczERE/vIpgI3Cr6M/UqBPhqZQi4vmIeCm//+fjVv7dBABusjSdj3S+uz2QjwZ8HABwDZXyGlhSqhS1gLkolSqVTg3vhZgt1Zut9t2Hzb3t9U6tbCEmSw8367Wlola4EJNJ1l7Ojz9tV8+070fEcxHxy+mZvF1Za9bXR/mDDwCMsWyen0vidP7/z3Rn/gcAbrjyqBMAAIbO/A8A48f8DwDj52nm/5kryAMAGB6v/wFg/Jj/AWD8mP8BYKz86M03sy09Lj7/ev2d/b2t5jv31mutrUpjb62y1tzdqWw0mxv5Z/Y0znu+erO5s/xK7L278J2dVnuxtX/woNHc224/yD/X+0Ftcii9AgCe5LkXP/hLEhGHr8/kW3St5WCuhputNOoEgJG5NeoEgJGx2heMrwu8xlcegBuixxK9n1Hu9ZbfNE3Tq0sJuGJ3vqj+D+Oqq/7vr4BhzKj/w/hS/4fxlabJoGv+x6APBACuNzV+oM/v/58v9r8rfjnw0/Wzj3j/KrMCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA6+1k/d9KsRb4XJRKlUrEMxGxEJPJw816bSkino2IP09PTmft5RHnDABcVOnvSbH+1535l+fOXp1KPpnO9xHx81+/9at3V9vt3T9l5/99er79fnG+Oor8AYDznMzT+b7rhfzHR4/WTrZh5vOP70VEuRP/+Ggqjk/jT8REvi/HZETMfpQU7Y6kq3ZxEYfvRcQXevU/ibm8BtJZ+fRs/Cz2M0ONX/pM/FJ+rbPP/i0+fwm5wLj5IBt/3uh1/5Xidr7vff+X8xHq4orxL3uqteN8DPw0/sn4d6vP+Hd70Biv/OEHnaOZx6+9F/GliYiT2Mdd489J/KRP/JcHjP/XL3/1pX7X0t9E3Ine8btjLbYbO4ut/YN7m43VjdpGbbtaXVleWXrt/qvVxbxGvdh/Nvjn63ef7Xct6/9sn/jlc/r/jQH7/9v/vv2Trz0h/re+3it+KV54QvxsTvzmgPFXZ39f7ncti7/ep//nff/vDhj/w78dPLZsOAAwOq39g63Ver22O8yDkx8khhr0ag7iME2vQRrjcpD9r7kGafQ8+O6wYk3F//VVafpUsfqNGJdRdQOug9ObPiI+GXUyAAAAAAAAAAAAAABAT8N4x9Ko+wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDN9b8AAAD///pdz6I=")
r3 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x0, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0x40086602, &(0x7f0000000080)={@desc={0x4000, 0x0, @auto="b8f92416074d3848"}})
r4 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
fchdir(r4)
syz_mount_image$hfsplus(&(0x7f00000000c0), &(0x7f0000000980)='./file1\x00', 0x2, &(0x7f00000007c0)={[{@nls={'nls', 0x3d, 'cp864'}}, {@nobarrier}, {@creator={'creator', 0x3d, "bd3c66f5"}}, {@force}, {@force}, {@uid}]}, 0x2, 0x6ab, &(0x7f00000009c0)="$eJzs3U+InGcdB/DvO9nM7kRIt22aRhG6NFC0wWQ3Q00EoVFEcggS9NLrkmyaJZO0bLaSFjETtQqePEkPHioSDz2JiFBPYj0LghdPuQe8echBXXnfeWd2dmey2U2ymU37+cC7z/PO8z7P83t/ff/MvNMwAT6zzr6R/d0UOXvs3I1y/c7tdufO7fbVfj3JdJJGMtUrUrSS4pPkTHpLPl++WA9X3G+e1+5+XEx98FG7tzZVL9X2ja36jRi7ZTeZGazsSzLXq/5n28OOjFct1TgX1sd7SMUg7jJhR/uJg0lbG9Fdb2w8sPv2z1tgz7rZu2+OmE0OpHd3Ld8HpL46PPjKMHlbXpu6Ty4OAAAA2C1jP8sPe+Ze7uVGDj6ZcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODpt6/3Y/l1US2Nfn0uRf/3/5tDv6nfnHDIj+j9S1Xx3WcmHQgAAAAAAAAAPJKX7uVebuRgf32tqL7zf7laOVT9/VzeyfUsZSXHcyOLWc1qVrKQZHZooOaNxdXVlYXRnr9M2XNtbe1m3fPkaM+Z1ZWTG+Pqbg503P9pMLIRAAAAAAAAAHxm/Shn17//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAvaBI9vWKajnUr8+mMZVkJkmzmBts3pxosI/BnycdAAAAAOy+Vl0eLP7Xq6wV1Wf+w9Xn/pm8k2tZzXJW08lSLlbPAnqf+ht/77Y7d263r5bL6MDf+NeO4qhGTO/Zw/iZ56stXhj0OJtv53s5lrmcz0qW8/0sZjVLmcu3qtpiiszWTy9m79xupR/raLxnNqyd3xzbS0P1Mr4jVSStXMpyFdvxXGj2Q2/U2x0Zmu2PzWTTjLfK7BSv17aZo4t1We7RL+pyb5it9nz/ICPzde7LbDw7nPfR3O/wONk800Iag2dQh9ZnKVc3z/RQOT9Ql2Wuf7q7Od/ho7SNmej+vFzrH32Ht8558uV//OX85ca1K5cvXT+2dw6jh7T5mGgPZeLFbWWiU2ai+wiZmHmU+B+fZp2N3lV0Z1fLl6u+B7Oc7+StXMxSTmU+Czmd+XwtJ9POyaG8vrB1XqtzrbGzc+3ol+pKeU/62dC96YmZvl9Dmddnh/I6fKWbrdqGX1nP0nPbyFLRzPgs/XNsKFNfqCvlHD8euuNM3uZMLAxl4vmtM/Hr/64lud65dmXl8uLb25zvlbosT9v3N16bf/NYdmjn6t0tj5fnyv9Y6d02ho+Osu35ftumfDXrb1ym6sE2tDVTnc+9tgedqeVIh2+NG6nX9uLYWdpV25Ghtg3vcvJWOoN3IQDsYQdePdBs3W39rfVh6yety61zM9+cPj39xWb2/3XqT/t+1/ht4+vFq/kwP8zBSUcKAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfBtfffe/KYqeztLIHK2k85gFvjW3qp6L3SnNv7PvTWpne6oj6fZItujcnEXMryZ5IXabucxY8zrmmM6bp3OCVVtIYxJPkyh75gTtgN5xYvfr2ievvvveV5auLby69uXTt5OlTr59qf3Xh5olLy52l+d7fSUcJ7Ib1twGTjgQAAAAAAAAAAADYrifxzxvGTFt0J7CvAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwNPp7BvZ302Rhfnj8+X6ndvtTrn06+tbTiVpJCl+kBSfJGfSWzI7NFxxv3leu/vxr1754KP2+lhT/e0bm/r94d9razvci269ZC7Jvrp8sOltjXdhaLzuDgPrKQZ7WCbsaD9xMGn/DwAA//91ygb6")
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r3, 0x40086602, &(0x7f0000000200)={@desc={0x80000, 0x0, @desc2}})
ioctl$SIOCGETSGCNT(r3, 0x89e1, &(0x7f0000000100)={@multicast2, @rand_addr=0x64010102})
sendmsg$BATADV_CMD_SET_HARDIF(r3, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f00000002c0)={&(0x7f0000000280)={0x24, 0x0, 0x200, 0x70bd2c, 0x25dfdbfe, {}, [@BATADV_ATTR_BONDING_ENABLED={0x5}, @BATADV_ATTR_MULTICAST_FORCEFLOOD_ENABLED={0x5}]}, 0x24}, 0x1, 0x0, 0x0, 0x40}, 0x24008011)

7.118410241s ago: executing program 2 (id=331):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000100)='./bus\x00', 0x600a840, &(0x7f0000000280)={[{}, {@noacl}, {@ref_verify}, {@noautodefrag}, {@noautodefrag}, {@discard}, {@compress}, {@compress_algo={'compress', 0x3d, 'zlib'}}, {@ref_verify}], [{@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@subj_role={'subj_role', 0x3d, '^:(+*/\'*m..}+'}}]}, 0x3, 0x55a3, &(0x7f0000005680)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000e40)={0x34, 0x38, 0x9, 0x0, 0x0, {0x1}, [@nested={0xc, 0x0, 0x0, 0x1, [@typed={0x8, 0x5, 0x0, 0x0, @u32=0x8}]}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x0, 0x0, 0x0, @str='\b\x00'}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}]}, 0x34}}, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.stat\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000040), 0xfea7)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x7) (async)
setfsuid(0xee00) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x28011, r2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) (async)
socket$can_j1939(0x1d, 0x2, 0x7) (async)
r3 = socket$nl_route(0x10, 0x3, 0x0) (async, rerun: 64)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="180000000000000000000000000000009500160000000000e2bac15d3b6641a215f099e26603a050337b2ccc70a9f9289a3c529bb6e7365e7e246317380f5884d79663e7fcaa89795d7b10e88378c33265a7af06040e3d0bbc6a5864dfa023c6ac1da574242785bbb4ece12b11da52496875e1e384042aad63a3564bf3bc0e40a79960f9f1610940e67e3061030073d1e6cb9c4cce44c999c49ff52a6400192fd021d7158438d7686a6f66778022c93c544189b684754e7e0f77a4f498609e53104c8aa70632fcc58c757bbc06f6472622dce2729d7296959ce003ec84acd015e352484c42fc29e5aea62fb7977813f7254fd6f62fec638abf292e6c33925b29"], &(0x7f0000000000)='syzkaller\x00'}, 0x80) (rerun: 64)
r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000001c0)='sched_process_wait\x00', r4}, 0x10)
r6 = bpf$ITER_CREATE(0xb, &(0x7f0000000100)={r5}, 0x8)
close(r6) (async)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f00000000c0)='ext4_collapse_range\x00', r4}, 0x10) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x1, 0x4, 0xffd, 0x3}, 0x48) (async)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
rename(&(0x7f00000004c0)='./bus\x00', &(0x7f0000000500)='./bus\x00')
r8 = syz_open_dev$vim2m(&(0x7f0000000000), 0xc74, 0x2)
ioctl$vim2m_VIDIOC_TRY_FMT(r8, 0xc0205647, &(0x7f0000000940)={0xf010000, @pix={0x0, 0x8}}) (async)
r9 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1801000000002000000000000000000018190000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x90)
r10 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000540)=ANY=[@ANYRES64=0x0, @ANYBLOB="6c427df31d1a455f77ed1e791e238073fecb8492a9b5f1bee3a9785b86197ee589febb4a768e1cdd44be0e75d8dc6ed789a10f023805bd5f70f31ec28ce0dd1e31ed84af1a3555ca4421cc7ac909ff27ae393ebc869042542635b5e9d8ac5a5bd6249ad9b1164355bbedf0a78cde6d9814456c", @ANYRES8=r3, @ANYRES8=r9, @ANYRES16=r0, @ANYBLOB="7edfc3fe0c51ceca9940e4f9d6d2c883", @ANYRESHEX=r1, @ANYRESHEX=r9], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r11 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r11, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r10}, 0x10)
r12 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r12}, 0x10)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x8031, 0xffffffffffffffff, 0x0)

6.945065475s ago: executing program 4 (id=332):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x6, 0xfef, 0x7}, 0x48)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000200)={{r0, <r1=>0xffffffffffffffff}, &(0x7f0000001080), &(0x7f00000010c0)='%pI4   \x00'}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000380)={{r1, <r2=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000300)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000067dfb4a518110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000060000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000280)='kfree\x00', r3}, 0x10)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000003c40)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0)
openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x482321cb74c946b6, 0x80000000000)

6.840605483s ago: executing program 4 (id=333):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/pm_wakeup_irq', 0x0, 0x0)
r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='cmdline\x00')
ioctl$NS_GET_OWNER_UID(r1, 0x5421, &(0x7f0000000040)=<r2=>0x0)
setuid(r2)
r3 = memfd_create(&(0x7f0000000740)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\bI\xd7\'\xe0\xc0\n|\xd3\x1fC\xd5I1\xe0\xc2(UB9\xf7\x86', 0x0)
write(r3, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
r4 = dup3(r0, r3, 0x0)
fchdir(r4)
fchownat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xffffffffffffffff, 0x0, 0x0)

6.794299327s ago: executing program 4 (id=334):
syz_mount_image$squashfs(&(0x7f00000001c0), &(0x7f0000000200)='./file0\x00', 0x40, &(0x7f0000000000)=ANY=[@ANYBLOB="003b09b765b040ae4b42889f00ae139228801d870bdc53e3b6c7000000d5000000000000", @ANYRES32], 0x1, 0x1a0, &(0x7f0000000280)="$eJzs0L9rE2Ecx/H397knPypUiYpDBRuweF6oJndVB6fgFCEHDi6CQUMam2KippfBlha6SEGq/Rd0qqMKOokgOBcHwUHOpZs0Q3AQB4lc8kTwb/B5Dfe574fjnodvK+pGGeD3YL1BmRGHw3xC0MCsjDulxvnWzN9N7oyDK2beNvnC5Ey0una33m43V/KX8+T+KYAfo+5vFb3ihKIvlJEvg/VGXW6HDMt01GJIrkrhCU6NrveUGT3N8Vs4DN1triq64lbhSLHXeVCMVtfOLXfqS82l5r0gWLhUulAqXQyKd5bbzdIbxHssimds4IVkQqa8DVI1Hu3pQ8wL4rVU7EihT77Gzp5z9vR8H+UdMBQNbp+MSCuvrnOG7M3k8hWOCc9xQuaqTCk0o4MqyDX1Wnz9Wf9MKbKbjnO+cb+9uHVDya/0blkOsuLvk3J9goLPQrIajvKBrZi5mErMbsz+N2blXXLKZK96M3m+NNNJTkGah/Veb8VPw0fRIYEbEuRgGvMV1eQP7800Kb9OXizLsizLsizLsqz/wJ8AAAD//36IYTA=")
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
socket$nl_route(0x10, 0x3, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x401c2, 0x0)
ftruncate(r1, 0x8800000)
r2 = socket$inet6_udplite(0xa, 0x2, 0x88)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0xa0000, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8924, &(0x7f00000001c0)={'bond_slave_0\x00', @dev={'\xaa\xaa\xaa\xaa\xaa', 0x14}})
setsockopt$inet6_udp_int(r2, 0x11, 0x1, &(0x7f0000000200)=0x6, 0x4)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0)
sendfile(r2, r1, 0x0, 0x4)
syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="04090300c900eb41aaa897c41b4811040dba08e67fc39c81b5c42f57c58241d846c9920bee6f49231b00121879bf9a47e3eeda083b935564"], 0x6)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'bond0\x00', <r4=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=@newqdisc={0x44, 0x24, 0x3fe3aa0262d8c583, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x14, 0x2, [@TCA_CAKE_MPU={0x3}, @TCA_CAKE_RAW={0x8, 0xc, 0x1}]}}]}, 0x44}}, 0x0)
r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r5, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
open_tree(r5, &(0x7f0000000640)='\x00', 0x81901)
r6 = open_tree(r5, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r6, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f00000001c0)='./file0\x00', 0x0)
r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TCSETS(r7, 0x40045431, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "00000000000000000000279600"})
r8 = syz_open_pts(r7, 0x0)
r9 = dup(r8)
ioctl$TIOCSSOFTCAR(r9, 0x5433, 0x0)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000540)={{r1, <r10=>0xffffffffffffffff}, &(0x7f00000004c0), &(0x7f0000000500)='%-010d \x00'}, 0x20)
r11 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000580), 0x400000, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x27, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000ff0f0000000000000100010018110000", @ANYRES32=r1, @ANYBLOB="000000000800ebffb602000014000000b7030000000000008500000083000000bf09000000000000360900000000000018100000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000b708000001feffff7b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b70500000800000085000000a500000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000bd86ffff7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000020000008500000082000000bf91000000000000b7020000010000008500000085000000b7000000000000009500000000000000"], &(0x7f00000003c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x2f, '\x00', r4, 0x25, r1, 0x8, &(0x7f0000000400)={0x5, 0x1}, 0x8, 0x10, &(0x7f0000000440)={0x3, 0x6, 0x80000001, 0xc8}, 0x10, 0x0, 0x0, 0xa, &(0x7f00000005c0)=[r1, r6, r1, r9, r10, r1, r1, r1, r11, r1], &(0x7f00000006c0)=[{0x3, 0x3, 0x2, 0x1}, {0x3, 0x3, 0x1, 0xc62460ee9d3c7728}, {0x4, 0x2, 0x0, 0x9}, {0x5, 0x5, 0x9, 0x9}, {0x4, 0x1, 0x10, 0x4}, {0x3, 0x5, 0x6, 0x6}, {0x5, 0x5, 0x4, 0x4}, {0x0, 0x2, 0x5, 0xa}, {0x0, 0x5, 0x8, 0x4}, {0x3, 0x2, 0x6, 0x1}], 0x10, 0x7}, 0x90)
syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="04300304c900"], 0x6)

6.686979276s ago: executing program 0 (id=335):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = inotify_init()
syz_usb_connect(0x0, 0x36, &(0x7f0000000200)=ANY=[@ANYRESOCT=r1], 0x0)
syz_open_dev$midi(&(0x7f0000000080), 0x3, 0x8000)
openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000000000), r0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280), 0x0, 0x0)
r2 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r2, &(0x7f0000000140)='./file0\x00', 0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0)
openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
syz_io_uring_setup(0x65b4, &(0x7f0000000440)={0x0, 0x0, 0x40, 0x1, 0x257}, 0x0, 0x0)
syz_open_dev$sg(&(0x7f0000000180), 0x0, 0x0)
r3 = syz_open_dev$vcsa(&(0x7f0000000100), 0x7, 0x543402)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000300)="c99bfa00180133070000000f0000bd30", 0x10)
r5 = accept4(r3, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f0000001ec0)=[{{0x0, 0x0, &(0x7f0000001680)=[{&(0x7f00000002c0)=""/30, 0x1e}, {&(0x7f0000003980)=""/4103, 0x1007}], 0x2}}], 0x1, 0x0, 0x0)
sendmsg$nl_route_sched_retired(r5, &(0x7f0000000500)={0x0, 0x0, &(0x7f0000000400)={&(0x7f00000049c0)=@newchain={0xe8c, 0x64, 0x0, 0x0, 0x0, {}, [@f_rsvp6={{0xa}, {0xe5c, 0x2, [@TCA_RSVP_POLICE={0x4}, @TCA_RSVP_ACT={0xe54, 0x6, [@m_pedit={0xe50, 0x0, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS={0xe20, 0x2, {{}, [{}, {0x0, 0x0, 0x0, 0x0, 0x7f1}, {}, {}, {0x0, 0x0, 0x81}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x2000000}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x2}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x7ff, 0x0, 0xffffffff}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x40, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffa}], [{}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}}]}, 0xe8c}}, 0x0)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000600), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
pwritev(0xffffffffffffffff, &(0x7f00000003c0)=[{&(0x7f0000000380)="e809b37a33c9d575f6731dec80ae7acc9698e6b0529ff5", 0x17}], 0x1, 0x0, 0x0)
write$binfmt_script(r8, &(0x7f0000000340), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r8, 0x0)
preadv(r8, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x1, 0x0, 0x0)
r9 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r9, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0)

6.465626363s ago: executing program 1 (id=336):
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000002000)=ANY=[@ANYBLOB], &(0x7f0000000240)='GPL\x00', 0x0, 0xc3, &(0x7f0000000280)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$inet6(0xffffffffffffffff, 0x0, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x50032, 0xffffffffffffffff, 0x0)
r3 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
dup(r3)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000002380)='./file0/file0\x00', 0x808401, &(0x7f00000002c0)=ANY=[@ANYBLOB="646d6f64653d3078666666666666666666666666323931662c757466382c636865636b3d7374726963742c756e686964652c6f76657272696465726f636b7065726d2c6e6f636f6d70726573732c7362736563746f723d3001000000303030303030303030303030322c6d6f64653d3078303030303030303030303030303130312c646d6f64653d3078303030303030303030303021303030312c2c63afedd723f2e3b016d4f8fe9a9f35484f233b9b5b06b9e707fa6cfbb889fc7868"], 0xff, 0x9a9, &(0x7f0000000400)="$eJzs3c9vHOX9B/D3+Efir0EhQL40RUA2oQEDqbN2SmjEpYm9Tpb6R2U7ElFVEUqSKopVKmglQD2kUtVTUXuoeqA3jj0hcYFLlVv7F/RQqeJfQD1FPXSrmV3HNvZ6ncixTfp6WeP59Znn+Tye2Xnk2d2Z8HXWarWq4R7nL/55J5Nl7zk3+cXHn3xYDr+6mX3pz8vFZ8lQkloykORwMjgxOT8306OgG8nlJLeSIsn+tMdbcjnF7/LwyvytFH8q661cvMeGsSUt/qft9vEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB7UTExWa+PFZluzl58vdZd9Qjwbiv7Vsr7vHrqd/F5z3qTohwyNLT8qO/Dh1ZWP1H+Opan2nNPVQ8kz1A+eOiJg68+PtC3vP0mCd+N/3QehnzXG777/gc33lxauvrONiXydXO+MdtcmGvOnD3fqDUX5mpnTp+un7wwtVCbak43Fi4tLDZmahPzjbOLc/O1kYkXamNnzpyqNUYvzV2cPT85Ot1YXvjKt8fr9dO110Z/0Dg7vzA3e/K10YWJC83p6ebs+SqmXF3GvFIeiN9vLtYWG2dnarVr15eunlqT0QaHRBk01qslZdB4r6Dx+vj42Nj4+Njpl8+8/Eq9PrCyoD/VgvpXZN0m23bQsqd81LfVyG0+g8O96+v0/5lOM7O5mNdT2/BnIpOZz1xmuqzvWO7/j59sbFrv6v5/uZc/vLL6yVT9/zPtuWe69f9dctm5n3fzfj7IjbyZpSzlat5Zs3b/PZTYau1+q7b+cz6NzKaZhcylmZmcrZbUOktqOZPTOZ163siFTGUhtUylmek0spBLWchiGtURNZH5NHI2iwPljq5lJBN5IbWM5UzO5FRqaWQ0lzKXi5nN+UzmbFXKtVyv/u6nNsnxTtDYVoLGNwnapP/vLND/08t9OIvDvWl1+v99vUNHJnYiIQAAAGDbffNvOXDosb/+MxnM09U1dgAAAOBBU31c76lyNFhOPZ1iqjndqO92WgAAAMA2Kqrv2BVJhnOkPbX8TSgXAQAAAOABUb3//0w5Gi6njqTw/z8AAAA8aHrfY79nRHFi+fa/tSvt8ZVOROc+v8NTzenG6MTc9Ktjea66y0D1TYN1pfXnYFJ9/eDFHG1HHR1uj4fXljhURo2NvjqWoRzrNGTk2XL07MgGkeNl5It5vh35/HLkUNZFniojAeBBd2yT/nir/f+LOdGOOPFkdfv2gSc36IPrelYA2Ct6P2OnZ0TxnR7//z+Wa0faHykYzVt5O0u5khPVtw2qTxx0Ss2tIiulDq/6GMKJHlcDhlc94eXE8vWAIw9veD1geNWDXk6suyLQLfbUDuwJANg5x9b1w5v0/61We2rd9f/N//8f9pFCANhT7jzB/j5O7HYbAYC17qmX7r+PCQEAAAAAAAAAAAAAAAAAAAAAAAAAAMADYCfu/2/CxG5NDO3MEf6jfcleafI2Tez2mQkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICdUCT9Gy3vS/YnA/UkJ3c+q/vn5m4nsMuK27md93Jgt/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjQdO7/35f2+KH2ogz0JceTXE7yw93OcTvd3u0Edtmq+/+X+zytIgPt3Z5icGJyfm6m3P3ZX67/4uNPPiyHe6mnLKCsYc3DJTo1dN/q0Wqr4cmr7974+ds/q02eq5I8tzg1PTlzfv57K4FPFJ8mtbSHZcv5/rLoHMVrW/5p2dKt1TtV1Tu5vt5vbLT1nXqP/+X33du2YiWN60tXx8uaFhuvL/7ip9ffWxX0WI4mz44kI2tr+kk5dKnpaAY3q7f4svhNcSB/zOVq/5dpFK2i3EWPVO3/v2vXl66OvvX20pUuOR3MkSRXkqGt53Rk/Z5YVh11fYNlrfUqqPx1qEd5m3qo/0Cr1S5xrEsbHq0OmeG7akOtexsqPf7unTae6pLR43nurvf0cz1q7Ph3q609V3xZ/KO4kL/n16ue/9FX7v/j2cqrs4ypIlcdKd3bfHyl5eOrV7zx1ciur0rug9/mx/nunf3ft+r839lXO3M+WlXjfXtdFO1eqKOaPvSVHqlz9umWZSfPQ+2oLnn+f15av12PPF/qcUbZptf/WsWXxUfFSP6Vm57/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7H1F0r/R8r7keJKDSR4p52tJazvq6xsutqOYLdq3bsnNHax97+i7M1Xczu28lwO7mg4AAAAAAAAA2+bc5Bcff/JhOVTvx/fnW8VnyVD7nf6BJAeLPwxOTM7PzfQoaDC5nORWOT10dzmU2+Xhlflb5dzhu28LALA1/w0AAP//Xfh4MA==")
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r4 = socket$packet(0x11, 0x2, 0x300)
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000000)=[{0x20, 0x0, 0x0, 0xfffff010}, {0x6}]}, 0x10)
r5 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x1c1842, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="f0000000d0d3e59dac1414aa00"/30], 0xf0}}, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101})
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500))
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @broadcast})
write$cgroup_devices(r5, &(0x7f0000000640)=ANY=[@ANYBLOB="0100000000000000288563"], 0xffdd)
syz_fuse_handle_req(0xffffffffffffffff, &(0x7f0000000000)="b635a23a2016a72187bea6f49af69fc50e62be9b91036831bdeecb48c13bb131c346c3e92f08dc3e906534c965dc3029c871de321968e3788fa100e23ffcf4070c9b5731c9e315676713c5668adcb232058a72dd3f9dcc3393a54b66f68e5013e2e74bea3da949fc18e58f7df102ad2f65aa31a773ef5c353b7f3c623a575938ff845618fd087df36099d5ca1d7d6f038c546fb310bb3178bc9a693e6cac76ca27f8afec8f31c9a8d5bca4a31a7ae7dc0cb36afe6165ec1206172879c342d63c402f7e40b6a80dfed8b53b37c7c6dd80d3032019c28cbfb59a2f9def205c9ae2523de159bf7e367b1dbdf3876a29c6dab82b439251424cfb62e9cc83178036852558af1ce423a4e05f196e061d5a25a83571b7165033e1f383acd2d854ee70ed2510a3e48f318bebe7381415a12697523e93a617b0946dfaed978c334f15b5a3453e69cf879a8c655f2066fc4bbe5ac4453118bab0be6f6130d1a1e152be82c67e9e79b51308d6a11b6b0a28d0683f4cee3a515d094f34cd7e265de644974c75598d69d42c23d6287bde741cc04419c95262e4857feb0961a04a05815bc39a36f44f5af86927075ba9770afc6d292077bab454e333c2071c7c3cbec060b9a1971de44fe264dbcdf855c6ccdd0e352dcb6829c0bca7944a71ba92290ab85d19c0da056cb03a5cfe64961a8009b29881a19e5875df770af2e8a01c83aaa6987102bf4333d47ef6163f4dd459de363c2fe2a45b1c7b884a058aa78aa24bda266734dda02c483484658f2be92b2a62f9c670415d710e10a6abc8545a84e7f63ee8b1bb030abdd2f25089c57a014b67f0c769d18f3339eddd70289ce779b374c7f811fae76c38d057e0f71fd7c53bd8f18491293c390ab97c3a9490e6b3cc64829975c014e738c0833d109c66c97cc1b318b44b2664aa94ae689452707465b08f5d0df59fc1662c9a96365a9a01f5de018abe3c035e069e928d7dbf1f010cb9b0c30ee806414e8cc3d2c010087892280735686d2c4fbf42bec52487ab0a8f5c46882860a51549b97c6c6cd5bafe0059ecb52963a89a4e45041041b2c7a544c09e258d757db52942943a6a091d57764d1c200c787012229bd224964ade40e3c26a11b8a73b38fdb9efd4f43affbec9d94b86fddb18ad22b70600000000000000ee10bd19a0ddff955c001eeeb27391fd19cc9e75ecc281ab175c92becf420aee960e99702d83b1fdbd6cb14b64a3f2b01a2949dfaaa2cd21c83b456721cda5fc55f2fbd4d79739c9d515d4e17a5cbee63fd7781806525107471dca76fb8630780d71737890587d64446dd8f683423047024ee0d4743d3a1c40a36dd775050b1eae69ca0b2a3eb064a8e1c24a3d465ef3fd470f844294ab23b8e6a8e88ce7ecafe84c4e31c08f3444c1a9cf8527f50f11b809235e54f4704222a473c87e3209fdc615d5a01d5dee3178c7175d2f0464042157c6249261050ca66f07635ee324535c524ed7e199d2df42666f07047069ee7bc72a788140a4aef44bd258d01a3ed28be4089f797022022f3a7e30c2e50af2888782bfd8e410d41452165e3c86cc703455fb811947defd3462621c665ae555c9bc75ce4dcdaffa3241d140774dce1d1213f0b9200813db37f6e70dbb7c518cf393daad90dba2f79bc8665da6f55e0a4e309fe2ea95868af4258df212e3ffe3ecd56a847378c4b6349c4ecf165b07521ff4d272fdb07745d5bcdd02685cb9d7833002cd9edb6331ca8f6f877df03621b67308246b7a552e61c9820fb108a9a0c89c9774956a23e2ad56fc40fa8da59f6fc6ffc21fba200ad858fe0ec974100a878552d9ff24fb80bef586375e3bbd15c72f40cd66e1eec9de67800fdcf00b2b88c4c07b27a0db91a467ee1a1294cdb077a327cf8ecafa211b60208d56d1732b87b448b039c7b5271270ed46d507a6a81716fdff750127a50e7f5b34b5b3d4e99140ce6b933be3b021cbad405d4a1d50668163b1064b879fcf267cd1ff40261aa410ee086643bf43687992b094045e409db0ad7b8b9070fef8b9b618d138f377d6eca58ba46b419ee787e35d351dd196f18645970724768122e6e7b272080b217c68d47d14cbd240811a23fecf0d580eca7e05da64d8a438479f70eae43cd676f92f8b0e77bd829c4b2b3f7e96e180b6113b1528cc13ce684f864d808210d4a8ed4f9a73005ad761ad46307413d493bf7452907c17af88a4628040c37ebd2fbb5cd7b382621105a7af874f0cf7c99ff478d7f5800b5be59d3b74ec160f22a586ba9a017cc4fe0c1cc58e289fc060ce3a415d55660e28f92eee2ace1c4b3a0cc700de3b8f617b0ece1415e2b917d906303ce018af05661a261690d3b2b1c738981791f9e5f2abf97beaa27e4deb3e12b2ffacaf68798945ee7ee7a955969ef6e7c71f6f85609c6485500e18f39f9ea927ccd26dbfd28269750149a44ab81a739a5367549364b71ea8c3f4275e0041261e356c21f58527a704af6828df7a209a4ba2a42c96b506d04000adfd16df424624a6981276a4fe4777c2d91e516195c56c8b7cbf88a091c903049d5563db8a62f39cc0c29824779fac1d8a4899d1cdac16f076202f587ae05333d208bdb3b4dfe52e65fb1ffdb740667032960114a06967910f4c8bea2e3d93f438b4e6a3b5c1144cb95d2137e508e575c49cf114d06a56bf9336548a09a8b82374622d58084fd4f740aca1704f44ec359525bfaa23058ff4fc5c3f50e1f7bf8d05abe5467f77b03c3f6188afeccc15dc0b2fd51e5f699a67475de8302fb1585f6b2e7e5c3c470efdc51fe58787417304ab43cda673883b689b3e00fab6328b40af8a0194d56ad91bb7195bdeec56eece40c5269f275bca2e23748838446a0f7d4219bce3d96038fc4f20b7272604c8f9b7c6ce4fd2b91d104c23b6e2e59c2efea536536f332cb7f2d113c7ad1613ebe9ec50c86be7acde5c703dd663f6b821c7408917a62adb7795f6508408fdb327f2a3bcecf9892bd815ba7373dd80548b92afb12ce395577ba3a638189eb9978d1941b836f7785dae64e62c5d7b0e46b62ba639b0c6a790dfa850104e0413ae0b386438e0eb87c4acababc30eb376f6f47485a11c884a187d67ea7d679a367e32337a1bbb07ec05324a3dbc2586bc0991a304aaf035ec99abf8bcad6b10295d9f832d8879b9690447ed3854806095565689e7655ba7ada3c41b814b436615dd491b13613cc8cd6e826b159c0b07d86841904d8db164b2d95b77dd8cee127e33e9f72697af5bdac028586bd580548bab55d712aa656cf9fa86f07e0bf6394b5b9e78a2f0ee6de2ce7f1f4764787fccbfd7df104b50099205e14a7e65c2fe0afa688aef20043841767e1cc18c058bd83db3d5efba9c2f40aed1712730177124f71664b00112c2a801e3f7632fd9aa67bc9b2b6fa494c1596cf96f277f50d51bba6441733f0a7d73bd8055c88068c8e566e1dd4121ec95ca6df211a7cac1c6f3dc67270b86b6bdf1b2a98db3756796d8ca726be861bf70c90151eba75ff30b8fa17e5640f6bec0a042593f2f113875b9e18114e55be082083dfb8799d9c5d0a5828cebaea60f7fad3c98c078c09c245ed56a4fc7f9a7bb407daac2cc9d4bf8d3ed454cc022ab10ce4d41a2d4c6bc1ec3d6925426a5f4eca2e9bded77515c0896ffb0001adf51d9f43462222f7e06ad6cd69c4d02a384c4d8bce93638a24364d6ba8d17a537ea78655c3305bf069e07691a78aaa3ac03dd987972cd3c79b32b90a0376b9bbe0a6fe95ebe1e95de12fd0e53f5bc9b047146ef5ff4b40a2bdcf0bd53a6887b37107b6d37c86aacfee3478d3d81a5ca8be63559ea5276a64d88657c0d59859a2d1b76c0a382ad851ba8411a7e6e17d838694b156c5550c5cc14212e65e3b3231e5837cd7866381705db015245cc258ff1bd66517feaaa4f7d154b24c51ae54dc5466846b5e9a64ba88d3bc799f6118dcb2e5a972aa3823ddf5bd2a39109e56b820194c172c7e87ef1240701659149f7b05897aa7945fe5040d7e67c635ac0dca05e5ef0e9d6f542f8b1f15fec8897667587fe7db94fe36d73e51c8ab6f2b0ae3f6c51325b27ffd344a91bcd174adaa4569b9d52c0d31191ad191c3a52129e425307dd9ec1d1dea3bccd3fd7e5774915012b0369704f3d298c175d58accb97ac897153146e7f3b1982aaa9af9433b7d3cc40a2804e8246d06ffcee41f5c771c5cfc327acd8061303acd961a22fe2483f375d5c249214aadd9c8ccc3831e31f19ebfb124df863b9809f767cdec9905257b8dfb1a4c7e78db768daf6bbb6863f649a6f3023d1d5b32bb746fab105a25b07395b10d539c691719b6f80182ec0029844881f0d41b856f8a576339d16fcf1462af2ca95125d6f4771fdb3a880bbd240b671f9d904b8740f88b691c8fd783f1bbd22679beb7170cf07c85773ebd8363e75f4343b1579c7a40a9744f1f505b9a956faaccedc1df39d1e3c7d0912640afd4f666aea9363a8d84eccdcf3cda738443640aac65baf492fffc5643e87e6922867db2037cc927ebb30398334f4f9ce3b304d4a0ffda5b7de5ce781633dabd8eebe44a6feb454414d6e766608ba9f6b1ec8ac5ca11ea6438db7d86902d99b7d0749a646bbe3b0a988ef9a9a1f2ded7e238a31ea7241ad6de45d8f33d084520c8a68334de96c32948b9baf68333d5b51ca4bd0c91b75487c00b41dc2070b8b3d8923af1bb358e64bac194e8aff8645993b018f9e8c63917d220cc7a49980c920109e62c042fc4b757422724ff875a54bc3fd1cc278c4ae08f225d4da56e2e3c5056126681c8592bd195c438ff06afd66026cd08c5ede98b7a700dd3bd5fada703baaebbb1f96c49ce5c1263de39a5c5cbb56e610e43091b4e8af3448404d8d84d9a29430949d51f141e1f12451c71f4c07af6558d987b000f1a14cc33adfd842a98fa786be36fd78fb8878b498ae174f2e8a5b9666d2c6e6ef678bb1b81b58e1bf26a64a1d73fd49005bf6b04f7a22b17f324c10b60a20da359f4df247ebc59a0895dd4559f17dc6f08e063ec8033b25d8cb0ab49c6bb302038889f15dfbaf21208e737ca121894b29d915bff2ea53ca74e67fd4adc802c3e839e586bbe2a65e843614dd96ef1c121d9989a56e2ad321d8ef5006882a8a03de4f192e057fb40ae6332e40934e78dabf392085dff93eebfe6072fca2e31603c988dd5bbdb16d95aa8a8cddcd1635905d1e347a51d2ec219b2e7581ce7d060c0de274cfbd9e6d9d132c4fc0149ca5a13c9e41fc46b88da841fb0a301c050d21f80938651029fd5dc2fce4a06e524f540a89e53eb93fe04dff0853505cc3299a97370581c7fdb8159f95f44629ca7a9e34bb447f7e5f549c18ffd06da6ccbc2d48c5bf3537360c4b185a5284dd4988dc0a6f2381e640b900cb56e0ec43ffa95b23d70f6a7b73dc29e41c710968f0ad01717aee92abfd67cde9cdea149b47641602014318998d675a141a2d3ab75e718ab382d305b4a961c9e8b621861e435d006faccc5929c0365d890b3d3973babe159e8db74d6c61d07f55b6fc49b5dcca788eddfb28916a36c80eae7c2554882ec31d1813dce2034ba8973a2919405e94589c24c3cdfa1bf2fcc0feefb87d1af27a2f80316d4462ea309a30eec785c3a597c6107897df297d930a686426b6afc2277e3c9929d00d9000ca9388427f060af654e8c4bb3993b01cf8eac473e7215f0e5cbe75e91c245a746b86a6d876bb7e624e690384cc0be32d3fad30640af8befe0f39ea10fc578214fb7db22b0b8d4a797d56335da88ae9c7a74dd685234178a4e49b8ca81893c30bb33fb3d8db2ed69c69fc2ba7ad04df26f49018088798906471f9b29392bc3fe78d612be345d838a72a00741af079446a5fc6fc7b779c0a4d8f75eb945c65e60f2894bfd9a526bdc29e277f15481b82f10dc8329d6b3f27f352a49dee12e435aaaf8e832aed574b17fc029ecfbf8862d0dfab18bf095d70b1f226c932f8ce3ccaec100477e2071dd1ca48af36ecf96cd063c9708216fd9d65d0e69658911e157cf47c64060acdb28cb05b9757db3da23b8a57705559b59667158862168d25b44b4b6e6b92f0ed2d6df1d08e328889c16da0bb46bb751b5cbb008f66493d5ab425284ade4d6a181ab708489efa3afab44511df1e217e5ae255026394ec9d89d8e8cffb9e32494ddb0fdcea1c53a6d1a962a0a886dca255cd0b58ad7ba90701a1f826c4febfd444c5d92a302fe9c99f085741dfe5082dcdb442174e825b5baa790fc03fb23f7a20f82d259fdf6708398fca2c9a9d28c953282e3c8db90b12afe96cbef7ddcde5d0552af596bc367c7a3f4ac5dcc93b885fe2ff9ad008527820524b8601313703665de05ebe7ff3f22e2cc6d6294a7732a11dbc0800951c97bc78c2875f12265ee0762c42cc0e27c3c7e6242b70a2b98e3990d0a4c337795a26e63976b470b1b4ee0e338bd8565d317f21744a3a26e8ade2685cee223dd29472ba5b9e8e83cc7e1ab322cb79274573bbedbe8d8d7194fc2d4098f3a1716e07cafa7fd89a229e278851373dc71ecd7f4ea6d1d2936e8553a95c37ce51d33878004515e84780fd9720b71c745c3248b4ea2fe1a5572908b79242d41314412b414cb303d5f30af096774632994aac2be64472215c96c5d680f3c5dcc8b148f7facc44420adf727857a0ef912b6834672ff2d6ddfcd6ff64667635c724a7294ff3bb61ccabf1c00e13c1070d000febf9ccbd8bb111827ca9d30db4ec554953db59d93e555a9502f09eef63bbe4de97de381aad868bb9fd7d6586d4c8d0dfbb200cf87295b3ae9a8f10da508dd34392f601bcf7c6e58e737a0e25a00059550b4e2b6d490d854eb209f0cbb332a59e582acc01431d250e1199c91c7f840962d1b8648938e23bf1937b61afbaf0f38af84dacaa0585d749ef7c53bef067c09fddacf3349af13f3d265e7281164d085c845bc2396ee5d02f02f619f4dbb8acdaa66fa36910582b83a49421d1494b1cb20f7b26f692c4e3f314884b79cc49962e364ab5be2d411cfbc90e235c03a2c6e505eec9a42fe5eb90bb14cd24ab483ea7113b69d1eafca2fa96d4a92c4f5ff75391f3eefb12a2ac90faeddbc8041e5c836a46a345cc4bf0c4c2f7c9cb5c15e8a36aeff8becc43c71ea0499e09aa8e21866c7e6887e24ebab1ca5f8d16389a4c4238727cea23eff3daeb5ddb960b1754087dc716c576e06c05febfd949fd7d57342036cfc6e4aa0d8712b53abaf0e644c4ca7d3734707a3f49c251178a94804aad6352ddaa22b4f27f5fb42b03537493e37c3948fba46a61f27b4017fc0e2b14a8e42b6526d341dade056f462f19cd7c950c7453fb8110cc16a731d3201a2a91279de59c18a1c1626a3dec8e21164521756b5e05913c119cb10910b4fbb6985b8fffd58b801db77f94d1f49a1e7def0eb9182c6b8e5335854020a570f0c62698b28f54cc034d67ec016374387ed340a1fee896b681916522fa9d6808af508b156629e2b59a43ea8fa8038bd42dab28592bae496170156d335949087d05399c64ff83437ecded598382d57288dc09f3fb19ee29328bfde4f600dafa49d462c8a305190044bf998495585b4812b5a2d7bbad8fb539bf65d40ec96bf14d19f20b94cb4f837bb59af74e0819a10d38978df3e06112ed6dbbfd057f52a24622050f6b59c90aadc20aca0a624cd14b65287c75222e32de6f169ef50d83a3c870fb1a119aba1b86ecc49e90511f0a038c85a36273638f791779517b525ec7e5dccec04ba74db44e81e5fb010371a9ee60eeea324ccf3dfce9f29ececc9c2e78f5e0b65ef38a472f61a747103decfb4be0932f36f1dd13f960251fb1371d1583b4a5c9d266e1dbab3fcd0a316c90cc9f52640fb8578324acc4bda0ed316ee891c2f64f573f163f05753e39197b97f119b96f0a8761a27ed952761aa9e37928037cca04069ec57f232067c6e8155c5e648f78a795eff6ddc33b8964bf6fe490f86fca8a7a269c877406032df2ae120afbf8a714910049b70b5e0355a81967a7b745d3e3d02b52ddfc105caed8f0dd2e38523a5918e920dfd024a276d00921251a48e380b09559fdf9c21a242608c2be5eb95740dfdb17f150f66704e752a23794980dcf51c6c5403a9ccb6cd1da068acb385061a4c7e195b0f3eb47ed7d4388a5fc8c039316783563d02bcd7cd33be35d91c35c4c6a68dd43b072735eb86fc01c650a2457d4d77a2c9a21878aee24ac379af9c73f3dc5e76de7516abb3b7d45c755ebbf9eb72d0ea4c97b3c34bf2609060fb20409706b82cd59aac37a392008e1e0df08bd17b56e8127ba631b0c57b2a7d6bc6c03ee347c00b4858ac0867d650db51b8e0ebed1ac770726190cc2fbb8bea49824b5286ffdf7897336863cb7900f34950c141444c784f9b787d77e8bf083c138cffdbe548569faf553aeb2ea26039a1bdd5e31ea649f69a838cf2c5134dabd1f9f2d3f4b92bd5f9728ed92fa10d750c4eb0b2e5f93a7eaeeb50c01f3af6f2b2500b0b2d8b3adf59ad0ec247d4dacd048bbba6dd28e57babef6a93a4e8eeece780225c14956a47a6f21db0077045359acd4f60686eeca084f02c57ec2724da1096c97ba635091a5ec9ddae8b60988055a456e8cf2146852e3526e2de46ba6b63f1d0c6df52af897674a09d1ed9efee6c510f893b79ae374a1bb0167356ce9741015f99b2aaecea7476c9a3922da674da08ed3e5cadfbccebfb7f651521db771c4d3e692e37d7035a7134a7baa8c7bb4f3f063cc67757236c38cb11e2ed1497e3f1c6db6921d19fb13606a51a78f6c4ec63f6dc23d77a5d1c0de680b104fb67b42b0cc550eada029cd67a7b4bd4aa4a5479ac5c9c7bf98c08c8ad7009cf5087e6556ec54e66af1ab3f96ce74a8abf5420ff52b0390d5c40aa372c1ca53b5a0e72960a4db4da2b2fa318effcb6069d7e74f29977fbf4219be9e95299dbed57f76eb35b00ef8d6e5310c365568b5570b5a715a325dfb9eed5d12be78e0728141d866ff0c4f21a2085499d1cfb1b68a6733bad33384a258fa2465e41e45b44a2fc243127b6070fb4b56e8ff73702751d1f39967ead0155649ef2fd15abee559756014dfcb99cd37c70d387af273971a72a230638b13a18847ec72dbd27084b19b2db9fc60ce4e35ce1df93dc6d2270fb12887fd3323241444d45e2e6dc1044e6528bbc92da13f3e2c2b5b8165e6701d05d10a516f9e0186b4c642da2aa36d7bee3cc9fdc335c6bf490cf612c78e90ac299d8b796a301c6b64a932161559642b6c2d110cb37f89facfb95d5225abf15650bbc488918f40ec0b5b3200bb51ff3b26f7717c69e3117da1b1e78b2723ad96268196a5b90fa19fc0d3e7193749182582305b220d0b10a893882efee2f52e1f518a9421430b1e40a458e035e0957cdb47d2694540e5954908a3db963a18014f3b039a59ad7e36e375f2da6030224e21a7fc368d09b911c86e5ed0a6826bbead358aaa5fa6a8d6de3ed1b2c03cd1803e9a20af367badbf0f8398613eb18f176932a970d8faa5fb3e1084c13e80985ed2f2bc8b40f9678f9c6b9c06b78eaff781fb0cebe251d3b803288fc9a5f0e3521c72bb5bda8d56d42fe82fe22c2cca2bab39f50c98a830f55fd92a69b9f82ffd4d3666770a9d67bce8d17a336c7fcef0f72ecb9098c55d36fba7d1926b91dda03ce015d9c2dab5789ba4e06e92374631a2aa3e2d3bbe8cc418b5158bd782fa9f7a934b006ab68ddff40d68912686259ee1d4b237faefc836abce067bea39fcba0190728e554a0e6b871876a70acd5f54bff40570ff6fdea36b07b23d66464810d7346c0fd1ae15338deecf6435938e1dec0e050ff405237b2f585e6046718c86f4c174d938be859454c0620a3e45db73b9120013b588916f4c6bcc4d10031d292850aeb51be2eb5d9bb84de911ccb0e583277c2f49084466d4c56bd276cbbf2d300484da635e2d37adfedb86cb16e8df8cfb18607a56ef4a5e7b57051102b166ec1c5312920ac5a5775e6b0b4ef935fd9a210d2e245a2611fdacce530079dbe3da30df27f1a758b4ed7d22f38ae0a96b556c0df0ebb7353f034d1c704252a00442b2160ade3c7d167f10f20b613a7a9dda06ae98b08e108a209bba8cfb8aca037cc83ca78ceca58f109c0ea7ae10e82474b071d261a5edfc27928c3a928949e32056eab09808542908f72d59101f2b86439e9fc67f97330dd7fb184be394dbe63c92b005be7cd567874e9903b927a76c1b709cbbaba204c679ea0a6aae1adc158cba623c1650e13fed834f411feb644e4c767255b25270f417ac80bb48e172335041d5b2b9f468eb0eaba4a9a4288bfcfeb1421efa1394a9e46c0d5e1e2d549a6ea4644b09ea2feaef5aba678ad24032ff4bee46ce1e4bbe0d06fbd7a754b1c4ac92a3093b103c78e4b5aff6e3c91fccc72d4c51e24d81e50ac1ac0b236c0cd635801746e5f84fde70f8adf69bac0c983440004c7155461a7e3cf9c38594a7f96ccafedd634126d6e85696625e8ef65ce11c051dbd66af7f448837b2871ca21f6aa5521c108ee1ab88ebab414f1e60cbddc0d07dfb98720ab7e8ec3bc1a145b1ace1807379b79123d60da7e7525f7f15e2f71341774dd11f76f3d6b179613174cb703091c11ca173a41d56111deb81235e9c9297a82621905521103d11a421f7dc6a62815ac14675de433e8a030db12505dda28b3cdd7098436c0bea1b30ae7fbd728a7bdd7fa7e96946774ca3f9a00eac6fb71ad49b597c55bca7ca6ba7fc6883ad000a29ba7be6765af00da3573a34eb29c1ec117f76103d508825c1a2f74fd04b07b0af10842fe3e54778220b4b98d14ee1919dd542ae59c7febef84d13f8b58853935736fbbd79ea4747bdbb91421a7af922378a522382b6aa96db3a72d18cc144f6c5151a9cfc677cc2933188f78c78953ed345cee4f9a55bee94ef23a37ef4caafba79aff21aa9f34d753b3f1fb85a7a30028a41b1be9099a2711c62fbdd1f9fa02d1ddde2bc859a84c26285a5243d429136ae19c9053057e99a66cfa279484d2a9ffd4f2a87837a215d3c2a64967b30e2188ecf1e71f78f221fdef3eeb7b6e260071144f7e6dc6fc511c29dc9f05a2e351de14520d474b12566800f2cc80eabcd6ab6da47ffa4fee7b6cff648dff503b25c99ae9293f71638ef158b8b75c1dc7ae07a6a85bce1f92c4e4c9ff501136a01c444b9699bf04466a577a6ba3d3699eb7bcdbf3209142f8891387f1243a3cf22b1a2f509c475c1ee9c6e7f3ed4bd833432740237d932ac8d60fa0639fed912264347fb255da9729f2e9fb41c78a4be7b3723233edda69bf69aa08857e47f413c0500942e2e136d79e21d35abeab638dd7128602a0854f2f73167794418e33d5d07dc9c226bf43822a16481f04a77595220185aa2b4b172a607fb31ac624ac648c31207071274be3cc2a2eed64516efaa9aaab1a62b18dfe1819ef4d6e6cbf75aaed931bbebbc8ee9264337693a20ebef52bf54ea3d2a86ce11e8a36d00", 0x2000, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x0)

6.452751195s ago: executing program 4 (id=337):
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
setsockopt$inet_tcp_int(r1, 0x6, 0x8, &(0x7f0000000280), 0x4)
renameat2(r1, &(0x7f0000000000)='./file0\x00', r0, &(0x7f0000000040)='./file0\x00', 0x8)
syz_usb_connect$uac1(0x0, 0xa4, &(0x7f0000000080)=ANY=[@ANYBLOB="2a01000020000040b708000000000000030109029200030172e5000904000000010100000a24010000000201020c0d2407000005000000000000000c240000e9fffff5ffffffff092403f3ff00000502", @ANYRES8=r0, @ANYRESHEX, @ANYRESOCT=0x0, @ANYRESHEX=r0, @ANYRESDEC=r0, @ANYRESOCT], 0x0)

5.478692514s ago: executing program 4 (id=338):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0xe, &(0x7f0000000200), 0x3, 0x440, &(0x7f00000006c0)="$eJzs28tvG8UfAPDvrpP019cvoZRHH0CgICIeSZMW6IEDIJA4FAkJDnCMkrQqdRvUBIlWFRSEygkhJO6II/8CJ7ggxAmJK9xRpQr10paT0dq7ie3YbuLaNcWfj7TtzO5sZr7eHXtmxw5gaE1m/yQRuyLi94gYr2UbC0zW/rtx7eLCzWsXF5KoVN76K6mWu37t4kJRtDhvZ56ZSiPSz5I40KLelfMXTs+Xy0vn8vzM6pn3Z1bOX3j21Jn5k0snl87OHTt29MjsC8/PPdeTOLM2Xd//0fLBfa+/+9Ubx79oiL8pjh6Z7HTwiUqlx9UN1u66dDIywIawJaWIyC7XaLX/j0cp1i/eeLz26UAbB/RVpVKp7Gx/+FIF+A9LojGvy8OwKD7os/lvsTUPAl7q3/Bj4K6+XJsAZXHfyLfakZFI8zKjTfPbXpqMiHcu/f1NtkV/nkMAADT4IRv/PNNq/JfG/XXl/p+vDU1ExD0RsSci7o2IvRFxX0S17AMR8eAW629eJNk4/kmvdBXYJmXjvxfzta3G8V8x+ouJUp7bXY1/NDlxqrx0OH9NpmJ0W5af7VDHj6/+9mW7Y/Xjv2zL6i/Ggnk7roxsazxncX51/nZirnf1k4j9I63iT9ZWApKI2BcR+7us49RT3x1sd+zW8XfQg3WmyrcRT9au/6Voir+QdF6fnPlflJcOzxR3xUa//Hr5zXb131b8PZBd/x0t7/+1+CeS+vXala3XcfmPz9vOabq9/8eSt6vpsXzfh/Orq+dmI8aS47VG1++fWz+3yBfls/inDrXu/3ti/ZU4EBHZTfxQRDwcEY/kbX80Ih6LiEMd4v/5lcff6z7+/sriX9zS9V9PjEXzntaJ0umfvm+odGJD/Dc7X/+j1dRUvmcz73+baVd3dzMAAADcfdKI2BVJOr2WTtPp6dr35ffGjrS8vLL69InlD84u1n4jMBGjafGka7zueehsPq0v8nNR+2pBkT+SPzf+urS9mp9eWC4vDjp4GHI72/T/zJ+lQbcO6Du/14Lhpf/D8NL/YXjp/zC8WvT/7YNoB3Dntfr8/3gA7QDuvKb+b9kPhoj5Pwwv/R+Gl/4PQ2lle9z6R/IdE8Vf6vJ0ibs0Eem/ohkSfUoM9n0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgV/4JAAD//3sE4iY=")
r0 = open(&(0x7f0000000340)='./bus\x00', 0x143142, 0x0)
ioctl$AUTOFS_DEV_IOCTL_VERSION(r0, 0xc0189371, &(0x7f0000000000)={{0x1, 0x1, 0x18, <r1=>r0}, './bus\x00'})
ioctl$VIDIOC_S_AUDIO(r1, 0x40345622, &(0x7f0000000180)={0x2, "213cca5f4dd9be49bce3240d4903b7c1c7395a1a3ba58a823a5d4e1cfbf9ebe7", 0x0, 0x1})
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1000, 0x0)
r2 = open(&(0x7f0000000100)='./bus\x00', 0x14113e, 0x0)
chdir(&(0x7f0000000540)='./file0\x00')
creat(&(0x7f00000000c0)='./file0\x00', 0x0)
write$binfmt_script(r2, &(0x7f0000000080), 0x208e24b)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
fsync(r3)

5.361698964s ago: executing program 1 (id=340):
syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)=ANY=[@ANYBLOB="12010000000000406a05bb010000000000010902"], 0x0)
syz_usb_connect$cdc_ecm(0x0, 0x4d, &(0x7f0000000100)=ANY=[], 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000380))
fanotify_init(0x0, 0x40000)
syz_open_procfs(0x0, &(0x7f0000000000)='net/ip_tables_matches\x00')
eventfd(0x0)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
socket$packet(0x11, 0x3, 0x300)
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$RTC_WKALM_SET(0xffffffffffffffff, 0x4028700f, 0x0)
socketpair$unix(0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r1}, 0x10)
ppoll(&(0x7f0000000180)=[{}, {r0}], 0x2, 0x0, 0x0, 0x0)
ioctl$DRM_IOCTL_GET_CLIENT(0xffffffffffffffff, 0xc0286405, 0x0)
sched_setscheduler(0x0, 0x0, 0x0)
open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
unshare(0x0)
openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
dup(r2)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)
syz_emit_ethernet(0x0, 0x0, 0x0)

5.224046165s ago: executing program 2 (id=341):
r0 = syz_open_dev$amidi(&(0x7f00000000c0), 0x48, 0x2)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x6, 0x4, 0x40fff, 0x80000007}, 0x48)
write$midi(r0, &(0x7f0000000100)='/', 0x1)

5.079514016s ago: executing program 2 (id=342):
r0 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x0)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f00000003c0)=ANY=[@ANYRES64=r2, @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r2, &(0x7f000000c3c0)={0x2020}, 0x2020) (async)
read$FUSE(r2, &(0x7f000000c3c0)={0x2020, 0x0, 0x0, 0x0, <r3=>0x0}, 0x2020)
utimes(&(0x7f0000000080)='./file0\x00', 0x0) (async)
utimes(&(0x7f0000000080)='./file0\x00', 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66643dbb503628005d9bc2d1b79cd1b02b3bd0dcff7a49dc4c3d789deed209cc8bbea0", @ANYBLOB="5044df77fb9b60eb438a7ce63a4b4e90f2cb2aca911984259b1def096410a097ad6d5e0716e96a325ebc9b65e367c8ffbcd14525bff8a5d0bda4a544e85760d195c9a56cf3a6ee3fd16664a1e548f5f519db1fcf40635ab8c25c725e99208cd2322b69cfdc957f93b533aea5096201ca4c42df00aff50b8250bdfdbc935a0f39ca7f5582f6a2ab307aa2304434d63f5f7291ac8dbffdfef8c5781a9182fc98f96d6b92619bf628da72c05d2cb369cc4d051581d6f48d3d5e892d621658d3e943395941ef41abb7105ccde6f141d873b7c3bf708e9c", @ANYBLOB="fb5d03008d79642c726f6f746d6f64653d3030f3907100000000f53030303030233070343030d92d06c68e4dbaa4ff54", @ANYRES32=r3, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) (async)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000600)=ANY=[@ANYBLOB="66643dbb503628005d9bc2d1b79cd1b02b3bd0dcff7a49dc4c3d789deed209cc8bbea0", @ANYBLOB="5044df77fb9b60eb438a7ce63a4b4e90f2cb2aca911984259b1def096410a097ad6d5e0716e96a325ebc9b65e367c8ffbcd14525bff8a5d0bda4a544e85760d195c9a56cf3a6ee3fd16664a1e548f5f519db1fcf40635ab8c25c725e99208cd2322b69cfdc957f93b533aea5096201ca4c42df00aff50b8250bdfdbc935a0f39ca7f5582f6a2ab307aa2304434d63f5f7291ac8dbffdfef8c5781a9182fc98f96d6b92619bf628da72c05d2cb369cc4d051581d6f48d3d5e892d621658d3e943395941ef41abb7105ccde6f141d873b7c3bf708e9c", @ANYBLOB="fb5d03008d79642c726f6f746d6f64653d3030f3907100000000f53030303030233070343030d92d06c68e4dbaa4ff54", @ANYRES32=r3, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00'])
read$FUSE(0xffffffffffffffff, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f00000000c0)={0x50, 0x0, r4, {0x7, 0x1f}}, 0x50)
r5 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000009c0), 0x0, 0x0)
ioctl$TCSETS2(r5, 0x402c542b, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0xd5fa, 0x0, "8700865187b8c601d54af6a637903184033c67"}) (async)
ioctl$TCSETS2(r5, 0x402c542b, &(0x7f0000000a00)={0x0, 0x0, 0x0, 0xd5fa, 0x0, "8700865187b8c601d54af6a637903184033c67"})
ioctl$TIOCSTI(r5, 0x5412, &(0x7f0000001c00)=0xa6)
r6 = syz_usb_connect(0x2, 0x24, &(0x7f0000000380)={{0x12, 0x1, 0x0, 0xdc, 0x3f, 0x6e, 0x40, 0x813, 0x1, 0x3a08, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0x9d, 0x26, 0x9b}}]}}]}}, 0x0)
syz_usb_control_io(r6, 0x0, 0x0)
syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000240)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="00000100006a62c720f0f5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) (async)
syz_usb_control_io$uac1(r6, 0x0, &(0x7f0000000240)={0x44, &(0x7f0000000300)=ANY=[@ANYBLOB="00000100006a62c720f0f5"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_fuse_handle_req(r2, &(0x7f0000010400)="61ddaf21c1282a5a6352f350c2f614ede5b0c406f5488574ed6fcb609ce20f648ee274c8dfeaa625b1fd332f70f776ae0b6e3f959c24f3876756c20e05c82079387520764f2446820d53242898a90e51c5b68297e39b7fcf558b450e9608326c3dc6704a054216a8c6f0d689e5eb6b8564854376910eff147682d2378b9c5b95a626493ce628b1bb6b524ed7e90ebe6eb0246399eac6d624dcf4e824be2de9c1d5d06eab13f2770577304eb676106fd9868a030192067ac009482e03a817f1abd909a94702479fe30b2594ca60b4acc37148cf04e8c0e76dd69e29d243596f8174129ac6ab9dbb79ace8f0fae14234845725102a027d4163f97f3971d207500defeaa2c7318f7e82e591701f9d3f78592ea7ec28806a53278a35a20251eeb2735fa9f37bf0045b5e6faf5f751c7ad31d8426be7b09027b2092f49247159a33b580d2691ebf00797962168bdc368f57282ce5b8526eacb80952ffba771626c0016b8a010546f0b4daf470814cee0ea418b76331c34616cea0459dbd1f196364c99e4a47bcdd64b518ef51833e6f8041fbbbe86e808bdbade7009885f2c4d7ffd76a0e7dc7d542bdee1d136d2096dfa997f98ac83c6341b306a3a8cf81642566d7777480d4dc61b0182f0d418ce95d74c9aadb182326d6671412a1f0c62c93a0ba873ff5daa4ece4b2fc73ed5b02b60890374acc0cd25cbf1707016a542fafd6af098f9737304c726712c8243dcd5eb15c0996e9e03dd741d519cb3e86ea214e20408c2cc5ea607585f1bfd268ba3084ffa69425512571d263fd1ae49b488b2964bd3e78943122006489cc22191dec2900a7fdf798c9f683461f2a7b940f4112b805dc077a7b99071b5b454f7c6d2b13a6b23091f74ecc65a24ac0d11e2ffd7332fb2b2b11aeec3c809d78cc2e168f126f38dddfe3e1d0ec1c6fb25f880690f97a70dc5fbea5d25dba3b24c01d9bd228c58deca660625511127a62220429c94be65d6ad4ce7e79e97af67931b46ccfabca5dbaea11e2dc76279b0244cc2845f31beff418fe4bd892d3676079d9d4eb0251dfead9e0a07a11c0a7e597ac89ec77de60a5f6e0ff4a62374856b8e1659e885d3a0d90293daa0c7bb041cbcd54bf098b66b2ddec28dcba4cfbad969e3b97e4bf680f901485d1cd4b231a9115c22ab2f911415ad0efe0eb7f4bee15c6de7d0f818acd687a117286f9e3c33df5206df918ea4ac52927487968d88f4a18d4889a4060f20487e4cec19250fe48a16b1f9f7250a6ab81fbaa2ad451a936ee98021bf859b9a635132a0dcf7530c0e2c84a459241a1fc9fe45b4a4f32fa8e95185db92660292ece6b5ddbb0b9f69bd7435cd4944f8ff2ed51172f0683fbae1013cde202498f2e1be54d1a2e17b3984b17d1994915a477c87697f465781e41b44c6a40ae035e75a4d9f9c0926bec533db0d4c26d605cb1ae225e692ed315062e8c3283716929e25a22b25105e018d81c07cb7600d1bae16d8beec33c88f1cdb52ac988b4677ed604c28ff1cdeeeb74c332dc526cff5ee935016984cabf117694cccabae944de4d2d2daff8f281b6434475b52c1910210598c684da99c108000a53d2ca03afd42b0200691d92341616353a22a8dacd8cb7eee85953b251236603d2ef1e450675f8d0f3cd0e28ef36457f79c267d836d14ed758148e979b9749ddcef14aec903939c69567a1697aae8f9ed72a16be0267a3a967727937f609720802570287c4e08641b9b7b979c6541add0e8600dd2d75a1dc0822ceb7a7e4e1afda2940d127f488589963b46417d7a7474545e5b08a621c1a7637b3fcb62b0aee10d999505907bd14033370e391f6192ff7d718e1db3ef861d30b2d477f11cd45ecb296d4babcccc34901165e3fcdbef6fa1ee478a97f7d21dc5562582d67c448ae352d3157d83e8ab0122a2bb056bdff8043a91b8f3abe4d788fe741483997a8e3fe126626a14b4243d3ff8ada8dd555c95d5e30b68cc053dfbbb61940cbb552cc1fe211ea5ea13cbfb6a577cde339282d84e92f866145e7b1de4d5a1705fc24fc8843f1a69f4c604adf0d715ad88c6a4ac80a35375662610e0ed07af9c4c76326716a77b106ef87782804ca353eaade28a1ca522d706282ebe48c0b23fd42b2e0297f5997d3aab40615f143e868c6aaf920bc827224946db3e3b3e65ea66dbfa5fe6c45dab930877852e86df251024e4ae46ee8e04cf40f2b3239f4df40062cfddada61700959deaeed3a44fb185ce51685fcab793184435b3e668e7d80820a613acde8d61e24571b9de7ce4581a4751d70a28e8d098660e81941fe40b6844a3204b512457194e100c995c75921569f735afee321080ed6310610887ca842001f5112c5af8c9083e3d088a404b48ee82e1e8be16fd493a2a643816488447706f3e86d2d0ed48f7397aad0cf105a4a71d928a15413ab3813e42478cf7a5be2e03d15ccb90a625863cb2ca1059110f90186cf4c370469f4d7e1ccda56ed9c427cce46e7d1c82641554ffa0c7c42697cbc754702b62be5ab03c995ac8cda3145959c440c4dbcacea29d4554d2d95ed4444e9bcbd6ead7d6398faf189de77645a05a54d6c33c9678daec6e5ac0048f91e15b2fdb808d712e662007da5e228ddc7370f575723a0018a1da70fa27e6624c8c75047eb584bf3399a8fce999df94f6fb54fb6c1fc954b1d899459fcd2f459e57c214ae590513ed268ed2d1114d8276642510a2eb99feecb58d8476550553a9f3d1f04c9bb442dae6dd84628b60cc9fd3c1e5c4fe3b9ad5f43b5d06e31ba4644f7499c03fd68cd2207027eeb1908a8022d70eb8fc8f55fee7be7e3af525d4fb1ab3e9b458246cbb5371e8145e1d04762c62068e03795a5a6b48d8643a83927c47000b7766e320e0ef2339d5423813e8d7845b939a9567745f6e2d6070764669c905ea77943a31f0df838a5d046f25d516bb654336f759c05dcc0febbbf1d214382a76fa09aa32be9799252f1d0fd8bacfe3f32574fdc82c6ed77f1c08d4aef88c157cbdac947346e3e015af60125d3e36ec6bd8dc5127c7ab1ed773c8beffc9dba99bd9fa1498a5a49bcce4ddb13fb85e256fcac569aab1c815527710d2c350c7cc84db5a7eb243227973fd5e2d1d8450077ececa0d96884c90ac0146d37b13f1aacc1eaddec3f0d475df6ceafe73f9076fcfeaf496efcae22d09745453a5e4776876ecfb1d004361f82f76b2bfba050d0fd5060f50fd74f9908a62649955e2f90e4ac4a4f0b29484cf80eebcbecb12db8586ee58443c181a59c046c657ecbb067a1e70d4c548e8b291a5aa681624747d9a52a6184a5fc82d824d9ab6156ec5fd73a038b38d86974e7a89b55a95b609e12c98f4168c0e48139749fce33397948224641e9823588858f82247d9abf8f84250564189676325e43944e888cef6918cd2b842b3a42751475a37656b3f04a02430705f16908d638212f69cf96d5311038e00e048468810d1cfefb0a9aeaf46d1bd31f7156a97542d9373abd3c069aa096486244389312031398a35e0ebca6668ed06dbe80290ac9a2a15ac9c208cdbcb2c1e18f008741649b4fe2ac1e6ca0a19980b6276fa09c5c0e67e748c1669add6fd4c70ba522be4428df305c3313929a4eec348f03fc6a6dfd1d6740a61230a977555b6b4d5165c98323871d750e80f9205231af03ab430a720dcaad03d113f38574ebada74f5b34a05a6abb7ba9b8b280401a3a21dd7e1e026deb438ed020d09fc93ffd7376ced7b5d6c9c35072c7f28ddb7fea3ffa7b7e6766892be2015c20e2cc7fa8bcb5832b97e964947ae940d5ce215ff3a0d74851d5735f3573d533cca9b3a89f9494f150cb732139cc2282304f6a375ee1062f6f850ebf89548973b6c5e7aee8b98b18b443332d3be20fea086653d52756b40ec4f08ad52f4d0a5a61004c700f070b83548670ef36dcbd8daf13ae6d382aaba3c3bac3c1efd953781d69e7365e1393d2c3f34d3dc91999ab9a545bc167e50ea6874fe8f49e93e452ad4710d7127c430ab2caf3ec1627e6a2a6a57604a5da490087991b68cd58d456f6818f22e38007e1628c6a78f6a8a321e3f0d5d5e1bc7f9ef53c4780b451dad949962c8a6a464b25cb161159b72f40fed8280daec34135f77373b9432f411b232e9374e9cb3fcd85a599c20d0b8e294835c60c2e034eb8385c507095c6eb6748180fd1ad97cb0a4b2ffa70c90891d373459538f4106078162bc46b425572466aa4769153b994698bbff1a98b5948e40d98bb2900445eebe95c4892bcb92b4c28b734ea7e106accc9836767e0881f970c9d69063dd918de44a484ef3f860b0dcec58f22b3f1a0abb9c0c2b6cd5bdacdc194f188588c0888d6abfa2d0b79d0b33a41e3b6a0f9fbf811ba20f346025b3a4be17eb5ce583b860cad5424bcaf1ef4a255678706052c1cae9cd77cc78639f975f07737b791831c64f0c974b23a5c428091b8b8e17a037ac3c6d56da4b4c7e4752736cbbc8d67b1b823e87d51ffc95fe9752e8479fc15a6fe7b96fbd7b93dc2144381c424ec7782d7f8b2637010dca11ccdaab1bad652a9ecd8b6ba2c116fa419c8582a0ccf754a294d9de5b457d9b1a4120fd53667862e50cb028e2f92c73a38f77ff57c93b410e7f3257bd56e5aa504f0643bd2bcfae2168046ad2737a36b21f6d993de1fe7b31e9ef7c79d545e5364b65011a6d26e0a2f1018a5280ca88d3d1e30c68195f8cf1a3ece813f22e44d83867c9f711218203d1adf2869ed89babca094b8def7ae0abd0245f522930db59c4b2eeec4d564bfdb931d435a986daba4b604d5bf30b1cfdf6960986ba0dab216dfd7ad95ca2555e0573d073dccd407ddd5ed7920c788aa0213aec90b38981a91bc370ede38d171648316d59478e66c068eec33295345162e9896ffc82f8d94b995d3a3a7a4f459e564632b5918b4fd850da380937655f19e2820376e7deb48edb0f5e295521a9a153f5ef69de397d88acc20be99779d7ea2c38445bd70aeeb68cc6c68c1bc603ab580b632866497a3dbcbfd933e2074323f66f1db73129eec8331c8872aa92a33e2180fc0cf2e28d198faef4421064b8435f37b5bfb9b531332b3b0838015fe848f0ce859db8706f2e53fb07ce4d0fd017d85ac9ce2943ab172f08b13c948c3778d2469257d412b1a5305526cc8dcb4a8645f825cca66a63b7134d8b7c760db6a8fa21f2df3456e9b460867303a9d53fb01db8548800d800e49c08c8d731bbf9a642206f4cc6673e4fc0f7106661abfde1eb8a8d384b26d88c16d15f238556ff4b205145d860228038430cd8a342bc15849afd81666b55b358e3ec584fa96f119b77495c4ec36616070237bb170fc04d3befebdaff66643814eb8519abaaf1e9bf939bf5bfefa33c32fe9909055393e383268e426436305b370867db76991ca600bf6211dece3b6b7b4dc5cd4569ff4538080fec318a9e0cce4a8cf26aca8359b503781aaedc2d58b0bb1a82c163425e678b488bdc7362d0be24a7a8238deb31482c332d4d385005ca84c836933b0fce21685ec067adb9490d1a416f83e36e6e3b87d05ab6973f4e359a1fb5a4dbf2ff6a85d235e50d893f222c2a7d84252be9015e104ee3609c83cafdd796a8422257c9ca9172888d91c0f2f2afe36dccada9a713cfc026cf25e113fc543d522e9254f5e129d7ffd61b43ee25bdd63545a81a2b086b616e23abd380a7bb8e54b8341f42c663da1fc8451f21da7315aea416e6856d4d45128dcd34a0f3aeb7aed00c54c348f38888b8c8fec59028d38344a92249c95943d3ff8608bc11406102ebe8269892b2e909bd82ba467aabef127713a0993df779ba7b0816a990566699e4926d75fd47c3f1b9cae3e58771a6ae8776fdb672ee70f215fd908d6dfddb8a2ad10f27b749fa6e67171848d70d3ae135ee3defb2546bb35a3ad2d8ac0e838ff8abb1cd733d80047bc8626960a257b704b43bf0390b7fee656ca7831d23e8ba940533c16c17de68270bb3b2d3bf142b34899b3a106cf9569b4f46f148297c61390733ff9f399c669122dd045187d0a35fe54b4f17e4090c56cfcfa47498b1701a855827d35cf3624624906f997092b010b1da616325a090770694d028fae9874a91f8d21fea85804956594b8252c24d05df5775148ecbf8ab38f131c268cc263f6a2dcd375acfbf39a2defc9869801a720d83add1ff01ac7fc389bc7e35c2eee2b44f808508e6e02ea31cf23ea9f2118bce520101e307b394e5fdd28e90870a327b0a1444b552b7227134a8e5397474a6c0e1ce89d918c899d292660ea44294e07b1645ff9e85f65156f92d55ae795e134250b5359dec6c31d4892d83f363cb09632bb738c4e7f351361adc3ab54776a5c55d6ff4895516c82cc6387b1a424f3af2bb0398d0d4a71fe44c5132b7ad5fdfa732bbcff9f02395df587714072caca65f5fc1215dc9068585e1fbcee22cd69c0386a6482230540ec9ff8e373018e4e2788b9502e5be3e3247f997800c68a634e4490c91d01144a63a7a55afbfa4f0ef5ad538aeec8ea203ef2716ff989e11ce4985263898b8e36b0d3386b816ce484e81404a01ac0ed9f18ef5643f93d46705c949acddca2b74ad53441090f658d22dd081aaf49a7bb07c93ab8dfb5213cba354b4d37d9899423d3b3d45e9463c506ccd69747162d2d64b54291d11fdc6c9b89114543d6948f10e68008973cc485df080b84e0d098f962715ba009f2aa1fb41f7199ea5b9b70df0e1c378da164f7257b4ed04a9fee7cc2de065ad35a60b882d78e26d5804942ed1f2bcf85fc63795fb9164a5f94ffe6bfbf838c9197bce2160d24f88dca14c3e733d18ff1fb7acb0ebdfc4e2ce268a676fb27cc34d4b6b5d7e8db29c020c4c498d793931b0fc7d91ad68d3d8463e36a267833edbdd7062f4d62aa9fd1cb7f8e561d3939bbfa118b897167168832c0aff17fb6cdcf75ad6ef0a18e2b37fb24c85d0866f2e5f191b2ef8fe9b5997635a74cb06aec67363435eb175559629c09316f96dc56de6c7785335d121fc2e4d47c2f50c37c5bf7950ae5de07b3b73830f4299d5009742d4eca98df821a95d244967a42b5a4f3375edc41c5281ca3104bd247c14e838912634d4764c1b6e440860d98f258aa8a24e8af643497366edc2b781aec0567451884aec0343ced1fbddfae585db1012a6d9245ad85c56aa33d5bc30307515bccc8d36d7848c99884db4a49d748e1953b4673e4286393fc97c233d529435faf7ed9f9aa64029814b7cd6a36c3dd9ca7be95e5c4d48e024a3d23651cc81c00a52e2fa2d094435ebdb4ae5be8e6b53cf628ddc87a4bc2dccc98ac38019c91789a40d103fb95785bde5992de08ecdca1dff2ab7cf5013420b3d29b8a7f0af455c4e86285422b986bdf482b87297061084b50684e936acbb075a84e720a2d03892efec7dc1af2fae2a7ce7725cf0d19f39403b273be262c7a4ff638898f6caf84bfb358c580ba4adfd8664bcc539b82792e39ab4f1d8393b1f98f6dd5aae14bc6b73feeeaef7c3accde4d9b098f2d5c7ed68621851f37d27980c4b44df095d865493eeef2724db90aa53a3c37bd345ea75b4e76e8878deae1b4f3204c2957f3806e36a03e995f7633de9b863ff6b3309d330ade917c82f3286d9500105755efac22a4220f457debd861df3c0925dc4ba8913cea12b8deb93cec87c972421bb8442ef2a2a9d638471108ae0152aefdc45eac6ff786dae370a21bfe1e5777df8070bcefba8596cb8f71a516b505b1f83de1129cee91d3a4d6383daac7b9de46a99bc34661f3d805d2e138a769fd6489e4d058a3ab35ccbc81251aa2f23f83d7740bd8869465634e10e114c62bdfd640d69cebf6e78eb0970fa442746f7c3bea77d8589ab131827a95b274dd63ea04fba4c822aed4f8d0cd83ed83177d90332c7e66f103d4eb1dffb9ec0f52094bc7324a7c59819dca343776d6adb6850e7e7e83e2316db1c32feb4ea1c6f47a2ee41bb09d0a931f4fa3cdf7ada2bac7fe5ae2b997e24b8f8c52b0bee1482b74af68b407f0d78f3767bdcb42557c9f3aff0c2c2ea7745a0f588b00a751c1c8d2124a8bfd4d7f756587d239cc43a8cae1d67cf15c73dc8569a1ebdd7b8559e969541a547c272e52d57e5924ced9afc87cd2cdcdf8e30f423ebe26170393ecec06afa093839fc3a10fdc3f9ae19e79e4df6a9af6027e1129a7a6cb4517607eac80fa2b5f7853fe84028a66976ec4b4af50abe9ca959b844d7b2ab94903efec6dfc99ed9df2c329c0e8449b4d2a0a5bc2506d170884d2c6ea8aefebcaaf2abbfa3c4d9e4d201369a47792124a7909e247dc98b777b60a30b1461d857f164e3df983d9a900f8b11bddbdcf47c29d483033c9250f30e268ddf97e0ecbdd99d6fb3dc4562bb75f8f1e03d1aec424293fa5fc786444411a512fc582a9b577d5e88fb9d6f7346bd489f6eb4296e576e25c45e114fb6a3d0b6b831fb4ffe7486daadf2f0ad78aad8f8f7eba17e524de06e81a5af9c1aa09019fcc51611afc45fd30b8ecd2a2ae19758a1ffa55f79cdf53ef1bb55e49cb58d8b291664be61586ace94c7b378d685e54aeee09af828a3ce7335f9d03f8daabcf3543b8099956f60913db6ab401a427aca83772df4fce9081409ab426dae09739b50a8ab4c04a6d2e63b2c4c0b5f7fbd9dc76722057ab6cefc9ccae3abf251259f999fe09dbe1232b8ecf0e26b3d88d13a1001840f6b5942359c3ac75bfc321d9504bcc0e3f4add741125941ece20b4f90416b1f14edb4ecb1ced79cef883aa1d5193f3efeeae7e103891ae4840978fbe74d2cc90b7e02b4d839f15c75576b74e05f7a8af71823317a851bf0ff9171bdb16ffa36f57ccdef61065a62d64ba434571db0d476995e2bf4f148f0a6276b2fad82f03b91fe53f9a7acff3ecdfcedcc1eae42e52e1f7443114b8edc8a9d5c8a55727f7ee1d20e1ca55b42e51b47fc4d2313458ab9a5f05c1411dc8f11e4c57d3fe87183763bd24cfb8dc583c82ce9c0abbeb76310666d2236e2ca164c66e6336fd571967f35b2b0ba847922f5aabf97aea061d19eb9cc3cd6e764da9651f9e66577d9c8870734fe8e03d20ba107e6e2997ef7c42f940b88410c6bf46635cb5e402113411a98c75e8cfd3760235d7a486bfeea1a1dc188b7886172ac66d45a4bd87f60b8502382888f3806e47ffb74d9aef2519e91536f7798b7c22ee70566e686ae2b577f6341f7c47dc1ae41f2af983b80f7db23a3466b4f14e2afd591b19d36375acbc0c8ebf21654c8cf44ea49103299eb1ac6e96bb282a33a6ea204aa266b7d627c53757daa176f6cde932e7e0342977dbf7d5668e8ba984bf05dc610e5450eb4c3dcf7965eedc9b168a9c274ef6a050e93234a9bb5488a5aefaea9c442729b5416dcee6bac23f238bea2f1f4615c863a3ff7c7a081558237f2097b9ffa869f4b69fa32784f62c0b7a458411efd3a9108735de667c63c34af2225e382a17600acecc118ac1f81ec5ed9a26fa966bee8dc6f55c17bbd89a94932bf930b081fd310ef94c490855453551e9eb809e9d568500e6662564b65701a721208dcbef9a07650f9faa5a503d37f2e1b1912fbfb437f1f4c2d4a830a2dcfae905d323fe9a6a01cc8d88ff82a26a1c228103396b6756659b6a8a9ff8b31494cd8bde6205d6f62e698d9ae43ec740fafc60d798a85e5f8598486b6e82f23506c6004ec2f733cde633c3b45d9ef14fb223c020a67f305e33b5d3b239b5026ca679004e212725a4090818734435247b918dc9c65d2f0c580722651217ce7a2dec34c0f8c49e3dc051c01f5d445dca8675339f5c8b30ddc19f51ffa9e9c513f5fc9892dbe5ee5bc148ebf3033635401c8675f0fb43e503d73cd432e3ae2f25bf29b4088a3193c208f5ba51882364202dc3eed6f3ab9a871b4afa960f1776cc92deb7098ae6f61af30e715ab60d44f378bbb79f8fb663de164a5f4f582e6a17fd7e553e677632d1e8489a8138bc780418de30c0a95ae3ec3b0cdee51901869acc318a6725c0c06273dc67d393129278225b9384d978512befdf449f85146fbbe92e6b52cf40028b13d77ccc68e7b65e0c1a25f1f9d17b06b17f216729684fec1b4c0c3fdaf40af5dd1a3f4492d49e018f60f41d91524bc5d750789fd39b6e69cb66b1d86b2c1405331e3e793fb38dc447161f1ba02cee1519b72727aee9ede2898c5195adb0dc1c29fe6eca6598c5612a7f98bfe0d1853e44f47c94ae57bfdaee16711135226c9b44440abbeca5ed53b0aa58d34fa0faf766087135599d7b88a04d5ba7d69c148f3ebaee211a06438146d762c9f85d9007a228edd7d71ad18fe69a1af0caa6176eade25bea11504c2f0498a450d4d265bf97dea5b23c10560c9844d761702a5814fb355827ed6f46bcebb61d0a06c21746625a438c38496a941f447c2150c9125990ff7feef9d551a7adcbe0fd828ef4397c0799507599899259f61ff914f76be6077d0daa67ac0ab9093ecd0f78455b605a7885cae38a88b2955cecd37f972841f440de12831263ae64c7c78970138a738bcc66aae8c1a5c3ca0e166dde9860bbfc4c7bdb854cdb3d94ad4c723b2de03a50dfd120041a9b3107a480e7e108f729484d0df0d8e47c3a6b7ce0376e642ec5a267a91dd2bb1f1b3fe56a5097edddba482627cf79b66801fdd4ecb733067ad52e8fb9970be01a397ede6a3eaee6b8524f8e1cf00e0c5aed165b8b1533afaaeeaa82153f9840760b58b8a12e8168956db4522f2dd5a13183cf861acb0c0bb2735ff5cb683f633bd99ba2bfa7f1fcdd0a54d3b4fa9a7d3de250d7e40bd7b3a829a4f04fd71c64ed4f2503094773b45fdd821688d10ced9da17089b7c954f7e4a7f3e56226abee46d7eb93a6f3d039a7cf3dc14c18dd7502aa0e29e1c54bd1c2182138e06326f3cd4cddcf1997c9739f9e4a0899ce919f20b2def0ff103e5a9e123a1db4a544d438f789a0ed26664523bd55902364f4a21b2a92fcc111392dcdcf7ac0ece18c474d47a11d544b64836a62e3e1e0e9d15f8066315f000b7d8603f772704ed5b96798f28e4f699a671023a4d49c5a1e30d14145b9179e4b0f3424fd46cc22ca48cde74904876cc037a04aee32b53d02e4869427b6b18bf0ce7b5ffb75268788ca5029d2d12b2df068219af12d4e17e56f83e581b0fd6cb7048204803342ab8b146b0c237d6ac7aeb2ee21550c00da60286994f1e7ca53de19d874f7bb27c8c5e263fa35e548ea28f4ac0cdfdc4c0d5096f2ab328d089dacb5e87f0a29814e8461470a22ee8a4a318f5e2b5317a027da39789b7b17bdcc9b26bdad1ba5e4580f671a3179a9fde91408aa41a68f47c71c524f8e413557b0656cc2a67e36da5a07ee7c55b0877ecf41a8616ec20f59d370f3eff6b10e68a6c55feff6f52f498bc9ab77224a7548ccdfa3de41ff44ee4bd32295a42d9fdac1a4c8484a7383a6bd5e39cb0249e939fe7f53075d6d4a54bcfbaec50853c5e4bfda256665ed56dcd20fbd04a1d40c200223ddac36a7229df6003f335227a6bde261f7e2f7c980e7e522c68abc63601b3b1a9ebdd4530e4f33b9986f5823", 0x2000, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000940)={0x78, 0x0, 0x0, {0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8001}}}, 0x0, 0x0, 0x0, 0x0, 0x0})
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x64, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}]}, 0x64}}, 0x0) (async)
sendmsg$IPSET_CMD_CREATE(r7, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)={0x64, 0x2, 0x6, 0x201, 0x0, 0x0, {}, [@IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_TYPENAME={0x10, 0x3, 'bitmap:port\x00'}, @IPSET_ATTR_DATA={0x1c, 0x7, 0x0, 0x1, [@IPSET_ATTR_PORT_TO={0x6}, @IPSET_ATTR_PORT={0x6}, @IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x0}]}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_REVISION={0x5}]}, 0x64}}, 0x0)
r8 = fanotify_init(0x200, 0x0)
r9 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xacva}knh#\xcf)\x0f\xc8\xc0:\x9cc\x10d\xee\xa9\x8b\x066\xb8G\xd1c\xe1$\xff\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\x8f~\xb90a\xa9\xb2\x04K\x98\x93=\xabQ\xf7\x05\x1d\xa1\xce\x8b\x19\xea\xef\xe3', 0x0)
dup(r9) (async)
r10 = dup(r9)
fanotify_mark(r8, 0x1, 0x4800105a, r10, 0x0)
dup3(r10, r0, 0x0)
write$tcp_congestion(r10, &(0x7f0000000000)='cdg\x00', 0x4) (async)
write$tcp_congestion(r10, &(0x7f0000000000)='cdg\x00', 0x4)
openat$cgroup_ro(r10, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0) (async)
openat$cgroup_ro(r10, &(0x7f0000000040)='hugetlb.1GB.rsvd.usage_in_bytes\x00', 0x0, 0x0)
getpid() (async)
r11 = getpid()
sched_setscheduler(r11, 0x2, &(0x7f0000000340))
pipe2$watch_queue(&(0x7f0000002240), 0x80)
add_key$keyring(&(0x7f00000001c0), &(0x7f0000000200)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffe)

3.569501179s ago: executing program 0 (id=344):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000200)='/sys/power/resume_offset', 0x10a000, 0x0)
syz_open_procfs(0x0, &(0x7f0000000280)='personality\x00')
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='cmdline\x00')
ioctl$NS_GET_OWNER_UID(r0, 0x5421, &(0x7f0000000040)=<r1=>0x0)
setuid(r1)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$MAP_LOOKUP_ELEM(0x1, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{0xffffffffffffffff, <r2=>0xffffffffffffffff}, &(0x7f00000009c0), &(0x7f0000000340)}, 0x20)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r3, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)
r4 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r4, 0x10e, 0xc, &(0x7f0000000980)={0x802}, 0x10)
sendmsg$nl_generic(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000003bc0)=ANY=[@ANYBLOB="180000001600f1fff8ffffffffff00000a00000323000000"], 0x18}}, 0x0)
setsockopt$netrom_NETROM_T2(r4, 0x103, 0x2, &(0x7f00000003c0)=0x400, 0x4)
r5 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r5, &(0x7f0000000180)={0x4000000, 0x0, &(0x7f00000000c0)={&(0x7f0000000380)=ANY=[@ANYBLOB="021000000a0000000000000000000000080012"], 0x50}}, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f00000000c0)=ANY=[@ANYBLOB="1400000010000100000000000000000a68000000060a01040000000000000000020000003c00048038"], 0x90}}, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f00000002c0)={&(0x7f00000004c0)="58c1f663ccb55a0cc024fb37f20b0c38a32033e55aa62a8f9e892ac760ebf8207922f0ad88acef4f322348b9c772c2cdbc263fdf30bdfd5b6dcff2536f1d73d72c15711b6de0abbf30c341a6e56836df7ef6c9f9468e0384f1dc50482294cce007c800db9ff181e13f61dee4160f3bd10023d1447a098989371fa40ab699ae24fc8c5e619e8c8a540130169ef7f264a32b86d8d88e7dd2cf46194b0d82339a896773600052", &(0x7f0000000280), &(0x7f0000000580)="2ee2093fb661b64339a39fc7dba129e5dc802ff07126871beaae627a015e0a3cbf9abf6811cd7418fd048d5f6922f9dd3deb9a743fc63dbdc86ce11af0f9a80b04eb8121565460b013167dc1a042ec48d600dd172d0cda25998c4aa2c4ff175c6774515a630459820fc862f87542098e2b23444c91c022ada1f0c701e6466ac39660e7361694ff60fb3d342aff626be833a350e8778dbd3dc25765a5176b9be737d484dd53756754c42becbe6a", &(0x7f0000000640)="ea57cbb03710ba8ec62c8c84afa8196c02182bc024a318ffe5f08d7368ededd9d36348c298736e98f2fbe7a829357e340313a90f354c99eefe604f908f42734836a5871b1a9a17df93d75ef155e662ecb36d6e25c7aa50d071e85fe0e221011e1e93ff5a5ac1d0e6f6a6c2553b54bf80ff7406f2a1be8dae164da10931cad8af875592a6b56224079a0d0d99ae26665f7d6bcadd55083468cbb4e3f734d835eac1fee7a4f16e99fb0705b576485fe5f3d6321c9cef439304b6136ce3cd0f4ce00d59560115c4f513b5ab55e82a51c94f8b9682e7978dd3e33cd78678964b664bdd552d07", 0x4c4c, r2}, 0x38)
r6 = socket$inet6(0xa, 0x3, 0x3)
bind$inet6(r6, &(0x7f0000f5dfe4)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r6, 0x29, 0x3, &(0x7f0000004240)=0x40000006, 0x4)
recvmmsg(r6, &(0x7f0000000040), 0x400000000000284, 0x2, 0x0)
setsockopt$inet6_int(r6, 0x29, 0x8, &(0x7f0000000000)=0x7f, 0x4)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xb, 0x4, &(0x7f0000000840)=ANY=[@ANYBLOB="180000000200000000000000000000006110800000000000a4000000000000008623c1bc53796e962f20755e73f424efd099a7ed554b1bc0e06d0c2dfcdda023c357adb2ca544414b5a4f07edba26a58ee4f541384"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xf}, 0x90)
sendto$inet6(r6, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e20, 0x0, @mcast1}, 0x1c)
r7 = memfd_create(&(0x7f0000000740)='D\xa3\xd5Wj\x00\x00x0\xc1\xac\x1a\x1a\vG\xa9~vB\xbc\t\x00\x00\x00VoA\xaa\xbc\xee[\xe1\xa2\xe0\xff\x04\x00\x00\x00\\i\xcf\t\xb0\xa9 +H/\x1a\xe7\x95\xce\"\"\xbd\xf9!\xfd\xa4\xcaN\x84\xadS\x8bqE\x99\x01t\xb1\x1f|\x99PL\x92\x8f\xc2\xf9\xcd\x8cj\x03X\x05\x17mwI\xf0\x01\xe5z\xcdJ)\xc7\xfa)\xaa}\xef\xbb\xf5\xcd\xb1o5\x18\xd6\v\x85q\x98\x9bB\xb9\xea\xe7\xff\x7f\x00\x00T\xc0\xd2\t?\bpBl\xf4*8\xc6\xe5\x06P\xc11\f^\x7f\x8e\xc1\xd1Wra\x19)\xe3\x8f\xd9\x9f\x15\x1e\xf2\x18\r\xad\b\xe0\x96NH\x85\r+\xfc\xb3\xdd\xddhg \x03\xa7\x92\xff\x00+h\xb7@#K\x9cMY\xd3\x9b\b-G\xb1\xdaS\x81\xb2\x93\xb83\x8a\x94*\x8d\\\b\xff/\xa1\xc0\xf9&\xd3M\xf6\n\xff\x83k\xe6\rDa\x16\xbd\x1a\xb2w\bI\xd7\'\xe0\xc0\n|\xd3\x1fC\xd5I1\xe0\xc2(UB9\xf7\x86', 0x0)
write(r7, &(0x7f00000000c0)="6963e64243ea486da3a74e3deec6fc5bb9650b5de56946c568f95d22467190ba406d59a5958d6f156c9c8a2ac4677b00000000000000000000200000f8bf54da33", 0x41)
mmap(&(0x7f0000000000/0x2000)=nil, 0x2000, 0x1, 0x11, r7, 0x0)

3.508175024s ago: executing program 3 (id=345):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
ioctl$UI_DEV_SETUP(r0, 0x405c5503, &(0x7f0000000180)={{0x0, 0x0, 0x0, 0x7b}, 'syz1\x00', 0x20057})
ioctl$UI_DEV_CREATE(r0, 0x5501)
ioctl$UI_DEV_DESTROY(r0, 0x5502)
syz_clone3(&(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

3.395307733s ago: executing program 3 (id=346):
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
write$FUSE_INIT(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00', <r1=>0x0})
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000680), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_PAUSE_GET(r2, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000001a80)={&(0x7f00000005c0)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01000000000000000000210000000c00018008000100", @ANYRES32=r1], 0x20}}, 0x0)

2.765731935s ago: executing program 2 (id=347):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000002c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073"], 0x7c}}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r2=>0x0})
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000000000000003f00000008000300", @ANYRES32=r2, @ANYBLOB="18005e80080002000000000008"], 0x34}}, 0x0)
r4 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc222, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0xb}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r4, 0x0, 0x0)
syz_usb_control_io(r4, &(0x7f0000000280)={0x2c, &(0x7f00000000c0)={0x0, 0x0, 0xb, {0xb, 0x0, "0a8bfc704475d63503"}}, 0x0, 0x0, 0x0, 0x0}, 0x0)
syz_usb_connect$hid(0x1, 0x3f, &(0x7f0000000000)={{0x12, 0x1, 0x100, 0x0, 0x0, 0x0, 0x40, 0x1e71, 0x2010, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x8, 0x20, 0x7, [{{0x9, 0x4, 0x0, 0x1, 0x1, 0x3, 0x1, 0x0, 0x7, {0x9, 0x21, 0x3, 0x5, 0x1, {0x22, 0x80d}}, {{{0x9, 0x5, 0x81, 0x3, 0x3ff, 0x81, 0x8, 0xb}}, [{{0x9, 0x5, 0x2, 0x3, 0x20, 0x64, 0x35, 0x7}}]}}}]}}]}}, &(0x7f00000002c0)={0xa, &(0x7f0000000040)={0xa, 0x6, 0x200, 0x4, 0x80, 0x4, 0x20, 0x1}, 0x4b, &(0x7f0000000100)={0x5, 0xf, 0x4b, 0x4, [@ssp_cap={0x10, 0x10, 0xa, 0x7, 0x1, 0x2a, 0xff00, 0x2, [0x0]}, @wireless={0xb, 0x10, 0x1, 0x2, 0x34, 0xc, 0x54, 0x1, 0xff}, @ssp_cap={0x24, 0x10, 0xa, 0x1, 0x6, 0x100, 0x880, 0x1ff, [0x30, 0x0, 0xff3fcf, 0xc01e, 0xffc0, 0x3fcf]}, @ext_cap={0x7, 0x10, 0x2, 0x1a, 0x3, 0x2, 0x1}]}, 0x3, [{0x4, &(0x7f0000000180)=@lang_id={0x4, 0x3, 0x3409}}, {0x4, &(0x7f00000001c0)=@lang_id={0x4, 0x3, 0x419}}, {0x6a, &(0x7f0000000200)=@string={0x6a, 0x3, "83a42c162528c0fb70f2ed6d3b3acc984e7d61c3d9f6e0b6dcb67e8466b2d9928f44e8dbeb483ebb18114855f4d1a65143a739c44e0ffd7c63ed16f227907fe927f096fc1e31be411b2c25a34cd5b2131c9f052ab5556fe650497a11c1f96ece01a9e38bea8c9c98"}}]})

2.57900554s ago: executing program 0 (id=348):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000700), 0x0, 0x0)
syz_mount_image$nilfs2(&(0x7f0000000000), &(0x7f0000000380)='./file1\x00', 0x100080, &(0x7f0000000440)=ANY=[@ANYRES16=0x0, @ANYRES32=0x0, @ANYRESDEC, @ANYRES8=0x0, @ANYRES8=0x0, @ANYRESDEC=r0, @ANYRESOCT=0x0, @ANYRES8=r0, @ANYRESDEC=r0], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000240)='.\x00', 0x200480, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = getpid()
process_vm_readv(r3, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
mknodat$null(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xb0a54e68b1cd2fdb, 0x103)
mlock2(&(0x7f0000ffb000/0x4000)=nil, 0x4000, 0x1)
mbind(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x4000, &(0x7f00000002c0), 0x7f, 0x0)
mlock2(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0)
openat$cgroup_ro(r1, &(0x7f0000000840)='blkio.bfq.io_wait_time\x00', 0x275a, 0x0)
ftruncate(0xffffffffffffffff, 0x2000009)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000800)='devices.list\x00', 0x275a, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f0000000280)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={0x0, 0x48}}, 0x0)
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000000140), 0x4924b68, 0x0)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={0x24, 0x39, 0x107, 0x0, 0x0, {0x4}, [@typed={0x4}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x128, 0x3fff, 0x0, 0x0, @pid}]}]}, 0x24}}, 0x0)
write$binfmt_script(r4, &(0x7f0000000140), 0x208e24b)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x5c, 0x2, 0x6, 0x3, 0x0, 0x0, {}, [@IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5}, @IPSET_ATTR_DATA={0x14, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8}, @IPSET_ATTR_SIZE={0x8}]}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'list:set\x00'}]}, 0x5c}}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x0, 0x50, r4, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={0x0}, 0x10)
syz_init_net_socket$rose(0xb, 0x5, 0x0)

2.557931491s ago: executing program 3 (id=349):
pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000000)='fd\x00')
r2 = dup3(r1, r0, 0x0)
fchdir(r2)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(0xffffffffffffffff, 0x89f2, &(0x7f0000000080)={'syztnl0\x00', &(0x7f0000000100)={'syztnl2\x00', <r3=>0x0, 0x720, 0x8, 0xa050, 0xf, {{0x10, 0x4, 0x1, 0x14, 0x40, 0x66, 0x0, 0xc, 0x4, 0x0, @loopback, @multicast2, {[@lsrr={0x83, 0x7, 0xca, [@loopback]}, @rr={0x7, 0x23, 0xce, [@local, @empty, @rand_addr=0x64010101, @multicast2, @rand_addr=0x64010100, @local, @dev={0xac, 0x14, 0x14, 0x2b}, @multicast1]}]}}}}})
r4 = accept4$alg(0xffffffffffffffff, 0x0, 0x0, 0x81000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000180)={0xffffffffffffffff, <r5=>0xffffffffffffffff})
r6 = socket$alg(0x26, 0x5, 0x0)
r7 = socket$caif_seqpacket(0x25, 0x5, 0x4)
sendmsg$nl_route_sched_retired(r2, &(0x7f00000003c0)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x1000000}, 0xc, &(0x7f0000000380)={&(0x7f00000001c0)=@deltclass={0x194, 0x29, 0x0, 0x70bd26, 0x25dfdbfd, {0x0, 0x0, 0x0, r3, {0x3, 0xb}, {0x3, 0xffe0}, {0x2}}, [@c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x5, 0x5, 0x7}}}, @c_dsmark={{0xb}, {0xc, 0x2, @TCA_DSMARK_VALUE={0x5, 0x5, 0x5}}}, @c_cbq={{0x8}, {0x3c, 0x2, [@TCA_CBQ_WRROPT={0x10, 0x2, {0x81, 0x1, 0x1, 0x3, 0x7, 0x8}}, @TCA_CBQ_FOPT={0x10, 0x3, {{0xf, 0xa}, 0x10000, 0xc}}, @TCA_CBQ_LSSOPT={0x18, 0x1, {0x13, 0x3, 0x1b, 0xff, 0xc, 0x1, 0x1502000, 0x3ff}}]}}, @c_atm={{0x8}, {0x6c, 0x2, [@TCA_ATM_FD={0x8, 0x1, r4}, @TCA_ATM_HDR={0x2f, 0x3, "f2178018f5acbffd2dd5ffa2cf1eee0383afac23d9a52a42505289abc9d27e19c103344f06998a61b6f53d"}, @TCA_ATM_EXCESS={0x8, 0x4, {0x6, 0xd}}, @TCA_ATM_FD={0x8, 0x1, r5}, @TCA_ATM_EXCESS={0x8, 0x4, {0x2, 0xf}}, @TCA_ATM_HDR={0x18, 0x3, "a2f7d14115e3f53513b9eed903131a0054f2f735"}]}}, @c_atm={{0x8}, {0x6c, 0x2, [@TCA_ATM_FD={0x8}, @TCA_ATM_HDR={0x14, 0x3, "174faf98046608ffd591a4b2628eb098"}, @TCA_ATM_FD={0x8}, @TCA_ATM_EXCESS={0x8, 0x4, {0xd}}, @TCA_ATM_FD={0x8, 0x1, r6}, @TCA_ATM_HDR={0x29, 0x3, "a5eb3814ccde2f48033f94b16992b9884e175bbb5cc66a6ea307452d25d81414eb7e2fec37"}, @TCA_ATM_EXCESS={0x8, 0x4, {0xe, 0xb}}]}}, @c_atm={{0x8}, {0xc, 0x2, [@TCA_ATM_FD={0x8, 0x1, r7}]}}]}, 0x194}, 0x1, 0x0, 0x0, 0x20040000}, 0x24004881)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000640)={[{@iocharset={'iocharset', 0x3d, 'maciceland'}}, {@umask={'umask', 0x3d, 0x5}}, {@gid}, {@errors_continue}, {@iocharset={'iocharset', 0x3d, 'maccenteuro'}}, {@errors_continue}, {@gid}, {@errors_remount}, {@errors_continue}, {@errors_continue}]}, 0x1, 0x1526, &(0x7f0000000740)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJckmSS5IkSZJbQtIkRxISQ25JQxKSy5BchpBcJiaN+/1+SUiSJklCckvW/6P4OZ06/9P5nc5xPr95vp/P/rzrefdeaz/7ffb7vnuvuXzTeUiNRjWrNiAi+JfgLw/JABALAAMA4BoACACgbHzZ+Avrc0pM/td2wv5cD6Vd6QzYlcT1z964/tkb1z974/pnb1z/7I3rn71x/bM3rj9j2dmmaQWu5SX7Lv/e+f+ePP//X42////vEFmlxnyxptT1XQBi/mgfrn/2xvX/Pyv4Ixtx/bM3rn92FXulE2D/Bfj9nx3k+LtruP7ZG9efsezsSs8/X+kFItn7NbjS5x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsezhtL9MAcCFxxjv/ZXOizHGGGOMMcYYY38en+NKZ8AYY4wxxhhjjLF/PwQBEhQEEAM5IBZyQhwIALgacsM1EIFrIR6ugzxwPeSFfJAfCkACFIRCoMGABYIQCkMRiMINUBRuhGJQHEpASXBQChLhJigNN0MZuAXKwq1QDm6D8lABKkIluB0qwx1QBe6EqnAXVIPqUANqwt1QC+6B2nAv1IH7oC7cD/XgAagPD0IDeAgawsPQCB6BxvAoNIGm0AyaQ4v/Vf8XoDu8CD2gJyRDL+gNL0Ef6Av9oD8MgJdhILwCg+BVSIHBMAReg6HwOgyDN2A4jICR8CaMgrdgNIyBsTAOUmE8TIC3YSK8A5NgMkyBqZAG02A6vAszYCbMgvdgNrwPc2AuzIP5kA4fwAJYCBnwISyCjyATFsMSWArLYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCttgO+yAj2EnfAK7YDfsgU9hL3z2T/Y/9Tf9uyAgoECBChXGYAzGYizGYRzmwlyYG3NjBCMYj/GYB/NgXsyL+TE/JmACFsJCaNAgIWFhLIxRjGJRLIrFsBiWwBLo0GEiJmJpvBnLYBksi2WxHJbD8lgBK2AlrISVsTJWwSpYFatiNayGNbAG3o13Yy+sjbWxDtbBulj30vQUNsAG2BAbYiNshI2xMTbBJtgMm2ELbIEtsSW2wlbYBttgW2yL7bAdJmEStsf22AE7YEfsiJ2wE3bGztgFu2LXrBdyAL6IL2JPrCZ6YW/sjX0wJUc/7I/98WUciK/gK/gqpuBgHIKv4Wv4Og7DkzgcR+BIHImVxVs4GscgiXGYiqk4ASfgRJyIk3AyTsapmIbTcDpOxxk4E2fiezgb38f3cS7OxfmYjum4ABdiBmbgIjyFmbgYl+BSXIbLcRmuxFW4EtfgWlyD63E9bsSNuBk341bcittxO36MCgA/wd24G1NwL+7FfbgP9+N+PIAHMAuz8CAexEN4CA/jYTyCR/AoHsPjeAxP4Ak8iafwNJ7Gs3gWz+FzCV81/Lj46hQQFyihRIyIEbEiVsSJOJFL5BK5RW4RERERL+JFHpFH5BV5RX6RXySIBFFIFBJGGEEijAEAERVRUVQUFcVEMVFClBBOOJEoEkVpUVqUEWVEWXGrKCduE+VFBdHaVRKVRGXRxlURd4qqoqqoJqqLGqKmqClqiVqitqgt6og6oq6oK+qJB0R90Qv74UPiQmUaicHYWAzBJqKpkBc/wVqKYdhKtBZtxBNiBA7HdqKlSxJPi/ZiNHYQfxFj8FnRSYzDzuJ50UV0Fd3EC6K7aOV6iJ5iEvYSvcVU7CP6in6iv5iB1cV7ODtnDfGqSBGDxRDxmpiPr4th4g0xXIwQI8WbYpR4S4wWY8RYMU6kivFignhbTBTviElispgipoo0MU1MF++KGWKmmCXeE7PF+2KOmCvmifkiXXwgFoiFIkN8KBaJj0SmWCyWiKVimVguVoiVYpVYLdaItWKdWC82iI1ik9gstoitYpvYLnaIj8VO8YnYJXaLPeJTsVd8JvaJz8V+8YU4IL4UWeIrcVB8LQ6Jb8Rh8a04Ir4TR8UxcVx8L06IH8RJcUqcFmfEWfGjOCd+EueFFyBRCimlkoGMkTlkrMwp4+RVMpcMLr6618p4eZ3MI6+XeWU+mV8WkAmyoCwktTTSSpKhLCyLyKi8QRaVN8pisrgsIUtKJ0vJRHmTLC1vlmXkLbKsvFWWk7fJ8rKCrCgrydtlZXmHhMgv+6gmq8sasqa8WybDPbK2vFfWkffJuvJ+WU8+IOvLB2UD+ZBsKB+WjeQjsrF8VDaRTWUz2Vy2kI/JlvJx2Uq2lm3kE7KtfFK2k0/JJPm0bC/9xVPkWdlJPic7y+dlF9lVdpM/yfPSyx6yp4ReIHvLl2Qf2Vf2k/3lAPmyHChfkYPkqzJFDpZD5GtyqHxdDpNvyOFyhBwp35Sj5FtytBwjx8pxMlWOlxPk23KifEdOkpPlFDlVpslpst/FkWZJ+Q/7v/07/Qf9vPeNcpPcLLfIrXKb3C53yI/lTrlT7pK75B65R+6Ve+U+uU/ul/vlAXlAZskseVAelIfkIXlYHpZH5BF5VB6TZ+T38oT8QZ6Up+QpeUaelWfluYuvAShUQkmlVKBiVA4Vq3KqOHWVyqWuVrnVNSqirlXx6jqVR12v8qp8Kr8qoBJUQVVIaWWUVaRCVVgVUVF1A148YVQJVVI5VUolqpv+mf6qqLpRFVPFf9X/Un7Jfye/FqqFaqlaqlaqlWqj2qi2qq1qp9qpJJWk2qv2qoPqoDqqjqqT6qQ6q86qi+qiuqluqrvqrnqoHipZJave6iXVR/VV/VR/NUC9rAaqgWqQGqRSVIoaooaooWqoGqaGqeFquBqpRqpRapQarUarsWqsSlWpaoKaoCaqiWqSmqSmqCkqTaWp6Wq6mqFmqFlqlpqtZqs5ao6ap+apdJWuFqgFKkNlqEVqkcpUi9VitVQtVcvVcrVSrVSr1Wq1Vq1V69V6lak2qU1qi9qitqltaofaoXaqnWqX2qX2qD1qr9qr9ql9ar/arw6oAypLZamD6qA6pA6pw+qwOqKOqKPqqDqujqsT6oQ6qU6q0+q0OqvOqnPqnDqvzl+47AtEIAIVqCAmiAlig9ggLogLcgW5gtxB7iASRIL4ID7IE1wf5A3yBfmDAkFCUDAoFOjABDYQF4seDW4IigY3BsWC4kGJoGTgglJBYnBTUDq4OSgT3BKUDW4NygW3BeWDCkHFoFJwe1A5uCOoEtwZVA3uCqoF1YMaQc3g7qBWcE9QO7g3qBPcF9QN7g/qBQ8E9YMHgwbBQ0HD4OGgUfBI0Dh4NGgSNA2aBc2DFn/q+N6fzPe466F76mTdS/fWL+k+uq/up/vrAfplPVC/ogfpV3WKHqyH6Nf0UP26Hqbf0MP1CD1Sv6lH6bf0aD1Gj9XjdKoeryfot/VE/Y6epCfrKXqqTtPT9HT9rp6hZ+pZ+j09W7+v5+i5ep6er9P1B3qBXqgz9Id6kf5IZ+rFeoleqpfp5XqFXqlX6dV6jV6r1+n1eoPeqDfpzXqL3qq36e16h/5Y79Sf6F16t96jP9V79Wd6n/5c79df6AP6S52lv9IH9df6kP5GH9bf6iP6O31UH9PH9ff6hP5Bn9Sn9Gl9Rp/VP+pz+id9XvsLF/cXvt6NMsrEmBgTa2JNnIkzuUwuk9vkNhETMfEm3uQxeUxek9fkN/lNgkkwhUwhcwEZMoVNYRM1UVPUFDXFTDFTwpQwzjiTaBJNaVPalDFlTFlT1pQz5Ux5U95UNBXN7eZ2c4e5w9xp7jR3mbtMdVPd1DQ1TS1Ty9Q2tU0dU8fUNXVNPVPP1Df1TQPTwDQ0DU0j08ioi+diM9PMtDAtTEvT0rQyrUwb08a0NW1NO9POJJkk0960Nx1MB9PRdDSdTCfT2XQ2XUwX0810M91Nd9PD9DDJJtn0Nr1NH9PH9DP9zAAzwAw0A80gM8ikmBQzxAwxQ81QM8wMM8PNCDPywoWqecuMNmPMWDPOpJpUM8FMMBPNRDPJTDJTzBSTZtLMdDPdzDAzzCwzy8w2s80cM8fMM/NMukk3C8wCk2EyzCKzyGSaTLPELDHLzDKzwqwwq8wqs8asMetgndlgNphNZpPZYraYbWab2WF2mJ1mp9lldpk9Zo/Za/aafWaf2W/2mwPmgMkyWeagOWgOmUPmsDlsjpgj5qg5ao6b4+aEOWFOmpPmtDltzpp8F78vvYm1OW2cvcrmslfb3PYa+7dxflvAJtiCtpDVNq/N96vYWGuL2eK2hC1pnS1lE+1Nv4nL2wq2oq1kb7eV7R22ym/iWvYeW9vea+vY+2xNe/ev4rr2flvPPmLrIwLYprahbW4b2UdsY/uobWKb2ma2uW1rn7Tt7FM2yT5t29tnfhMvsAvtKrvarrFr7S672562Z+wh+409a3+0PWxPO8C+bAfaV+wg+6pNsYN/E4+0b9pR9i072o6xY+2438RT7FSbZqfZ6fZdO8PO/E2cbj+ws22GnWPn2nl2/s/xhZwy7Id2kf3IZtoAltildpldblfYlf+T61K73m6wG+1O+4ndYrfabXa73XHpQtjutnvsp3av/cwetF/b/fYLe8Aetln2q5/jC8d32H5rj9jv7FF7zB6339sT9odLb5ufj/17+5M9b70FQgKSpCigGMpBsZST4ugqykVXU266hiJ0LcXTdZSHrqe8lI/yUwFKoIJUiDQZskQUUmEqQlG6gS6lV4JKkqNSlEg3UWm6mcrQLVSWbqVydBuVpwpUkSrR7VSZ7qAqdCdVpbuoGlWnGlST7qZadA/VpnupDt1Hdel+qkcPUH16kBrQQ9SQHqZG9Ag1pkepCTWlZtScWtBj1JIep1bUmtrQE9SWnqR29BQl0dPUnp6hDvQX6kjPUid6jjrT89SFulI3eoG604vUg3pSMvWi3vQS9aG+1I/60wB6mQbSKzSIXqUUGkxD6DUaSq/TMHqDhtMIGklv0ih6i0bTGBpL4yiVxtMEepsm0js0iSbTFJpKaTSNptO7NINm0ix6j2bT+zSH5tI8mk/p9AEtoIWUQR/SIvqIMmkxLaGltIyW0wpaSatoNa2htbSO1tMG2kibaDNtoa20jbbTDvqYdtIntIt20x76lPbSZ7SPPqf99AUdoC8p638q8A0dpm99T/qOjtIxOk7f0wn6gU7SKTpNZ+gs/Ujn6Cc6T54gxFCEMlRhEMaEOcLYMGcYF14V5gqvDnOH14SR8NowPrwuzBNeH+YN84X5wwJhQlgwLBTq0IQ2pDAMC4dFwmh4Q1g0vDEsFhYPS4QlQxeWChPDm8LS4c1hmfCWsGx4a1guvC0sH1YIH7mvUnh7WDm8I6wS3hlWDe8Kq4XVwxphzfDusFZ4T1g7vDesE94XlgnvD+uFD4T1wwfDBuFDYcPw4bBR+EjYOHw0bBI2DZuFzcMW4WNhy/DxsFXYOmwTPhG2DZ8M24VPhUnh02H78Jmf19+/8O+vTw57hb3Dl8KXQu/vlfOi86Pp0Q+iC6ILoxnRD6OLoh9FM6OLo0uiS6PLosujK6Iro6uiq6Nromuj66LroxuiG6Pe18wBDp1w0ikXuBiXw8W6nC7OXeVyuatdbneNi7hrXby7zuVx17u8Lp/L7wq4BFfQFXLaGWcdudAVdkVc1N3girobXTFX3JVwJZ1zpVyia+5auBaupXvctXKtXRv3hHvCPemedE+5p9zTrr17xnVwf3Ed3bOuk3vOPeeed11cV9fNveC6u/G5fzkjkl1v19v1cX1cP9fPDXAD3EA30A1yg1yKS3FD3BA31A11w9wwN9wNdyPdSDfKjXKj3Wg31o11qS7VTXAT3EQ30U1yk9wUN8WluTQ33U13M9wMV3nmL3uZ4+a4eW6eS3fpboG7cM2Y4Ra5RS7TZbolbolb5pa5FW6FW+VWuTVujVvn1rkNboPb5Da5LW6L2+a2uR1uh9vpdrpd/ppfBnV73T63z+13+90B96XLcl+5g+5rd8h94w67b90R95076o654+57d8L94E66U+60O+POuh/dOfeTO++8S42Mj0yIvB2ZGHknMikyOTIlMjWSFpkWmR55NzIjMjMyK/JeZHbk/cicyNzIvMj8SHrkg8iCyMJIRuTDyKLIR5HMyOLIksjSyLLI8oj3BbeEvrAv4qP+Bl/U3+iL+eK+hC/pnS/lE/1NvrS/2Zfxt/iy/lZfzt/my/sKvqJ/1DfxTX0z39y38I/5lv5x38q39m38E76tf9K380/5JP+0b++f8R38X3xH/6zv5J/znf3zvovv6rv5F3x3/6Lv4Xv6ZN/L9/Yv+T6+r+/n+/sB/mU/0L/iB/lXfYof7If41/xQ/7of5t/ww/0IPzLmTT/q0i0yjPOpfryf4N/2E/07fpKf7Kf4qT7NT/PT/bt+hp/pZ/n3/Gz/vp/j5/p5fr5P9x/4BX6hz/Af+kX+I5/pF1+aVPYr/Eq/yq/2a/xav86v9xv8Rr/Jb/Zb/Fa/zW/3O/zHfqf/xO/yu/0e/6nf6z/z+/znfr//wh/wX/os/5U/6L/2h/w3/rD/1h/x3/mj/pg/7r/3J/wP/qQ/5U/7M/6s/9Gf8z/58/w3a4wxxhhjf8j4y03x6zW/TOf3+p0+4q827g0AV28tkPXX6y9cUa7L+0u7r0hoGwGAp3t2fujSUq1acnLyxW0zJQRF5gJc+knQBTFwOV4MbeBJSILWUPp38+8rup6lfzB+9FaAuL/qEwuX48vjfw6Ayb8z/mNPjFxQLjwd//8Zfy5AsSKX++SEy/FiaPPz/EprKPN38s/X8h/kn/OLVIBWf9UnF1yOL+efCI/DM5D0qy0ZY4wxxhhjjLFf9BUVO166/7z0G5+/d3+eoC73yQGX4390f84YY4wxxhhjjLEr79mu3Z56LCmpdcd/vlHlf9XrDzcaw79rZG78bsN7gEvPKAD4FwcEuNCQ/8mj2Pwf2VfKxbfO365adsYH8N9Ryj+jcYU/mBhjjDHGGGN/ussX/b9+Xl2phBhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsWzoP/HvxK70MTLGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGNX2v8LAAD//3ja/LM=")

2.349490938s ago: executing program 3 (id=350):
r0 = openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
r2 = socket$packet(0x11, 0x0, 0x300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
close_range(r2, r1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_open_dev$usbfs(0x0, 0x0, 0x0)
syz_open_dev$audion(0x0, 0x30, 0x0)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_buf(r6, 0x29, 0x0, &(0x7f00000000c0), 0x0)
bind$alg(r1, &(0x7f0000001580)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(camellia)\x00'}, 0x58)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
sendmsg$inet(r8, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[], 0x128}, 0x0)
recvmsg$unix(r7, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)
openat$ubi_ctrl(0xffffffffffffff9c, 0x0, 0x0, 0x0)
getsockopt$inet_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x6, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xe, 0x4, 0x4, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4}, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
fcntl$notify(r0, 0x402, 0x8000002d)
openat$procfs(0xffffffffffffff9c, &(0x7f000000c380)='/proc/keys\x00', 0x0, 0x0)
r9 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCETHTOOL(r9, 0x8946, &(0x7f00000002c0)={'veth0_to_team\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x1, 0x0, 0x2, 0x2}})

2.20723323s ago: executing program 1 (id=351):
unshare(0x60600) (async)
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff})
close(r0) (async, rerun: 32)
syz_open_dev$tty1(0xc, 0x4, 0x1) (async, rerun: 32)
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) (async, rerun: 64)
syz_io_uring_setup(0xd19, &(0x7f0000000300)={0x0, 0x0, 0x80, 0x2, 0x2a2}, 0x0, 0x0) (rerun: 64)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
connect$inet6(r1, &(0x7f0000000080), 0x1c) (async)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000002c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000b80)=@gcm_128={{0x303}, "cfc85eb51b0ace6a", "4617a9f6040839230fb7fead776dd8dc", "3f4051c4", "a44a889722b66244"}, 0x28) (async)
shutdown(r1, 0x0)
pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, &(0x7f0000000300)={0x0, 0x3938700}, 0x0)
setreuid(0xee01, 0x0) (async, rerun: 64)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) (async, rerun: 64)
syz_mount_image$squashfs(&(0x7f0000000940), &(0x7f0000000200)='./file0\x00', 0x0, &(0x7f0000000500)=ANY=[], 0x9, 0x1a2, &(0x7f0000000340)="$eJzs0L9r1GAcx/H390nul1DlVBwq2AOLMUe1yVUdnA6nEy7g4CJ46HGNvWKqtLnBlha6SEGq/Rd0kDqqoJOI/gPFQXDQuHST3lAcxEFOkntO8G/o84Lkk+8Hknx5uvFiXAD+7K92qJOxOMwnBBuYkGGn1DDf6vmHzq1hcEXPmzpf6ByPl1futqMoXKpcrlD+rwB+Zt2/Kn7FCUVJqCNf9lc7bbkdMKizoGYDyk2qj7FaLLpPGLfHOH4Li4GzyVVFXpwmHJnuFZmOl1fOzS+058K58F6tNnPJu+B5F9P9o9B7g7iPRPGUNdyAQkDJXSPX4uGOfYgpQdyuSiyp9sm32Nqxzp6e6qPcPQYIH5w+hW92t6Kuc4bizXT5BseEZ1gBk01KCps781HoNZBr6rX49mf7V05RXLes85370ezGDSW/89t12SuKv0vO8alVfWbSo+EoH9lImExoJGwn7H5nQt6lfxmdq72e3l/q6SSneJ7nQbvXW/JzgDgBtfQqw1j2OZXtVYb3+h0dfB09GIZhGIZhGIZhGAfA3wAAAP//TeRgpg==") (async, rerun: 64)
semget(0x1, 0x0, 0x0) (rerun: 64)
ioctl$sock_inet_SIOCADDRT(0xffffffffffffffff, 0x890b, 0x0)
ioctl$F2FS_IOC_START_ATOMIC_WRITE(0xffffffffffffffff, 0xf501, 0x0)
ioctl$BTRFS_IOC_BALANCE(0xffffffffffffffff, 0x40045201, 0x0) (async)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) (async)
ioctl$KVM_NMI(r4, 0xae9a)
ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2004c8]})
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e"], 0x7c}}, 0x0) (async, rerun: 32)
ioctl$KVM_RUN(r4, 0xae80, 0x0) (rerun: 32)

1.8354362s ago: executing program 1 (id=352):
mount(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x0, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x2102086, &(0x7f0000000340))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x375, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000040000000e200000850000002a00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000300)='pwc_handler_exit\x00', r3}, 0x10)
sched_setscheduler(0x0, 0x0, 0x0)
r4 = syz_open_dev$loop(&(0x7f00000001c0), 0x4, 0x103382)
r5 = memfd_create(&(0x7f0000000480)='\x17\xaa\xc6P\xe8\x1b\xc6\x14:', 0x4)
mount$overlay(0x0, &(0x7f0000000400)='./file0\x00', &(0x7f0000000440), 0x125001, &(0x7f00000006c0)={[{@default_permissions}, {@xino_off}, {@index_on}, {@metacopy_off}, {@xino_on}, {@nfs_export_on}, {@default_permissions}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@redirect_dir={'redirect_dir', 0x3d, './file0'}}]})
ftruncate(r5, 0xb939)
pwritev(r5, &(0x7f0000000540)=[{&(0x7f0000000580)='?', 0x1}], 0x1, 0x81806, 0x0)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r6, 0x84, 0x6e, &(0x7f00000000c0)=[@in={0x2, 0x0, @dev}], 0x10)
setsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000240)=0x2, 0x4)
getsockopt$inet_sctp6_SCTP_AUTO_ASCONF(r6, 0x84, 0x1e, &(0x7f0000000000), &(0x7f0000000080)=0x4)
ioctl$LOOP_CHANGE_FD(r4, 0x4c00, r5)
openat$full(0xffffffffffffff9c, &(0x7f00000058c0), 0x4000, 0x0)
r7 = socket(0x10, 0x2, 0x0)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r7, 0x89f1, &(0x7f00000000c0)={'ip6tnl0\x00', &(0x7f0000000000)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x18, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast2={0xff, 0x3}, 0x0, 0x0, 0xfffffffe, 0xffffffff}})
ioctl$sock_ipv6_tunnel_SIOCDELTUNNEL(r7, 0x89f2, &(0x7f0000000480)={'syztnl0\x00', 0x0})
ioctl$sock_ipv6_tunnel_SIOCDEL6RD(r7, 0x89fa, &(0x7f0000000500)={'sit0\x00', &(0x7f00000004c0)={@initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x2, 0x12}})

1.693616652s ago: executing program 0 (id=353):
sched_setaffinity(0x0, 0x8, &(0x7f00000001c0)=0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
syz_mount_image$vfat(&(0x7f0000000180), &(0x7f0000000100)='./file0\x00', 0xfb36b7c5edb7f4c7, 0x0, 0x1, 0x0, &(0x7f0000000000))
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0100d9eab5e38e9e074d928a76c1e9"])
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
syz_mount_image$reiserfs(&(0x7f0000000540), &(0x7f0000000140)='./file0\x00', 0x10, &(0x7f0000000280), 0xfb, 0x1117, &(0x7f00000024c0)="$eJzs2cFq1FAUBuD/JqPtbiTug6ALF1JaxgewC4XZutWNSEGwqw4Iiq/hG/gWvoJ25b50r4uCSyESM3GqDKh0KgjfB8k9OcnJyV3emwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBvknwqyfUqacZclaQkbXs8P03Sjvlr7+sqJQ8P5ov7R7MHiyT198fLo6T0VX1Zmr2b282smTV7zd17+7c+LF6+ev7k8PDgaPmakjYnZxudRRlP9flc2WgPAAAA+G91FzbNmxd/0unqJfUHAAAAfmfT+wkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAf6ubruJmDKokJWnb4/lpknZN3ZV/9H0AAADAxZVUeTxdlx+2AVbu5OO0/Mj345fSx7t5u6YeAAAAWHn27qfLbmsZnP+//rUb9Ovu25kM6/Lt4d6NTLKzM8TLIZ/3kzrJ7i+9Ts5ePx2P0tXJ1uXMCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBv7MABCQAAAICg/6/bESgAAAAAAAAAAAAAAAAAAAAAAAAAFwUAAP//YwzhLg==")
r5 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
ioctl$FITRIM(r5, 0x80087601, &(0x7f0000000080))
r6 = socket(0x10, 0x803, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000000c0)=@IORING_OP_CONNECT={0x10, 0x1e, 0x0, r6, 0x0, 0x0})
io_uring_register$IORING_REGISTER_PERSONALITY(r1, 0x9, 0x0, 0x0)
add_key$fscrypt_provisioning(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff)
r7 = socket$nl_generic(0x10, 0x3, 0x10)
socket$inet6_udp(0xa, 0x2, 0x0)
getsockopt$SO_COOKIE(r7, 0x1, 0x28, 0x0, &(0x7f00000012c0))
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r8 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r8, &(0x7f0000019680)=""/102392, 0x18ff8)

965.893921ms ago: executing program 3 (id=354):
openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x40000000000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x0, &(0x7f0000000200)=0x100004)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080))
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x14)
r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$VIDIOC_SUBDEV_S_DV_TIMINGS(r4, 0xc0845657, &(0x7f0000000100)={0x0, @bt={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, {}, 0x1f}})

882.278758ms ago: executing program 1 (id=355):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=ANY=[@ANYBLOB="4400000010004b0400000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000240012800b0001006272695e67650000140002800800080088a8ffff0600270000000000efd21ecaf4db435d75eda710ae56dc7f90c30189cd9f3105f6c68495432ce286dacd24f0e061c15472a5afad26aabe44f6c2bf09c2f832096b78b65e50c5296c1eda79f30d45d0b0caaec571970f6c01f68d42d60e104c1864427c0e346938001a760b74e9be97ad8a717b7ffbf7571d6d0909fe70086104162d7e9f"], 0x44}}, 0x0)
r1 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000001780)=ANY=[@ANYBLOB="6c0100001900010000000000fbdbdf251d01000008000500000800001e010600010000fc00c87b656e285d281181111413f0081ddc21c51ffc7e9526ed8503c2aa9a5e0a96d01a3ad6c30d6baa1bdf0f6c4db0f4286fccba8944cee7e579a8dc8b3cde07b51c0a437334c8c52b2cc9301fdc5a473aaf13fbd5536aa0c719f9e37d63f8e40ae29ee94ccd6deef4750b5d9d6e8dc3967a4a5190ce4bc0dc8fac276a4270ec73d98334dbb9a2c0797698e4386e2c1872d2a04e6904ccd29d2a7b59082689da3602b982a9a619fa91f33a33723f92930f8a430d10ca1d979db27615a77556811503f3e6f300770b42f29d54f7f5f2fbe93144d1ee8a63e74d5f84c61acf20e8931d09f7559048edbaff2ea4b29242fd9eec8082002947c4fa12d0fbffe2c4befd005bf6ad242712a110e69439657a806d000000000000001500040000000000010000002d2fd7ac2612dea20100000015000300040000e004000000bd524f342bcefd0307"], 0x16c}}, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
syz_init_net_socket$x25(0x3, 0x5, 0x3)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000100))
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, &(0x7f0000000640)={0x10, 0x0, &(0x7f00000004c0)=[@clear_death], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(0xffffffffffffffff, 0xc0306201, 0x0)
ioctl$I2C_PEC(r1, 0x708, 0xffffffffffffffff)
ioctl$I2C_SMBUS(r1, 0x720, &(0x7f00000000c0)={0x1, 0x0, 0x1, &(0x7f00000001c0)={0x0, "eae17f94f9fcffffffffffffff919eaa841fa56fdf14604dfd00003d83b11e467a"}})
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000600)={'team0\x00', <r4=>0x0})
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000000)=@newqdisc={0x2c, 0x24, 0x8, 0xffffffff, 0x25dfdbfd, {0x0, 0x0, 0x12, r4, {}, {0xfff1, 0xffff}, {0xffff}}, [@TCA_INGRESS_BLOCK={0x8, 0xd, 0x7ff}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8004}, 0x804)
socket$inet_udplite(0x2, 0x2, 0x88)
r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0)
r7 = ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0)
r8 = ioctl$KVM_CREATE_VCPU(r7, 0xae41, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x7, 0x13, r8, 0x0)
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000540)=@filter={'filter\x00', 0xe, 0x1, 0x1a8, [], 0x0, 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000ddbb59600000000000000000000000000f5ff0000000000000000000000000000feffffff00002000000000000000000000000000000000000200000000dfff0000000000000000180000000000000000ffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff010000001500000000000000100073397a5f74756e00001000000000000079615330000000000000000000000000b76fb8645f736c61e4df8dd63f4316ed73697430000000002000000000000000aaaaaaaaaa0000000000feff0080c20000000000000000000000e8000000e8000000180100006c696d6974004000000000800000000002000000000000000000000000000000200000000000000000f9ff210000009400000000000000003830"]}, 0x1b2)
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r9}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0x0, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x6)
r10 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r10, 0x2, &(0x7f0000000200)=0x4)

0s ago: executing program 3 (id=356):
r0 = openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000280)=ANY=[@ANYRESDEC=r0], 0x1, 0xc54, &(0x7f0000004440)="$eJzs3U9sHNd9B/DfGy3FldJWTJwqThoHm7ZIZcVy9S+iYhXuqqbZBpBlIhRzC8CVSKkLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBAhQIWMzsW3FJkbYskiIlfz42+d2deW/mvZn1DE3wzQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOL3Xr58+kzaYsWhfWgMAPBIXB396umzW93/AYAn1rXt/v8fAAAAAAAAAAAAAAA4KFIU8VSkmL26msar9x31K+2+O3fHhoa3rnYkVTUPVeXLr/qZs+fOf+nC4MVuXmlPv0/93faZeHX02uXGSzO3Z+cm5+cnJxpj0+0bMxOTD7yFndbf7GR1ABq3X7szcfPmfOPs8+c2rL478F7/x44PXBp89tQz3bJjQ8PDo+tF6r3law/dkI7tRngcjiJORYrnvvfT1IqIInZ+LOqP9txvdqTqxMmqE2NDw1VHptqt6YVy5Uj3QBQRjZ5Kze4x2vpcRK3vkfZhe82IxbL5ZYNPlt0bnW3Nta5PTTZGWnML7YX2zPRI6rS27E8jiriYIpYiYqX//s31RRG1SPGdY6vpen7qR3UcvlgNDN6+HcUe9vEBlO1s9EUsFY/BOTvA+qOIVyLFz94+ETfydaa61nwh4pUyfxDxZpkvRqTyg3E+4t0tPkc8nmpRxJ+X5//Sapqorgfd68qVrzW+Mn1zpqds97ryIe8P910p9un+cGRTPhoH/NpUjyJa1RV/NT38DzsAAAAAAAAAAAAAAAAA7LYjUcSnI8XL//ZH1bjiqMalH7s0+PsDv9w7ZvzpD9hOWfb5iFgsHmxM7uE8MHAkjaS0z2OJP8rqUcQf5/F/39rvxgAAAAAAAAAAAAAAAAAAAHykFfGTSPHCOyfSUvTOKd6evtW41ro+1ZkVtjv3b3fO9LW1tbVG6mQz53jOxZxLOZdzrqQ8v3C3fpHr5xzPuZhzKedyzpWccSjXz9nMOZ5zMedSzuWcKzmjluvnbOYcz7mYcynncs6VnHFA5u4FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHiSFFHELyLFt7+xmiJFRDNiPDq53L/frQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASv2piO9HisYfNO8tq0VEqv7tOFF+Ox/Nw2V+IpqDZb4Yzcs5W1XWmt/ah/azM32piB9Hiv76W/dOeD7/fZ139z4G8eY31999ptbJQ92VA+/1f+z4sUuDw597ervXaasGnLzSnr5ztzE2NDw82rO4lvf+iZ5lA3m/xe50nYiYf/2N11pTU5NzD/+i/Ag8ZPXumdzB3h/li1R7bJq6Ky+idiCasX8vonYgmrE/fd+gvh8XJ/Zcef9/N1L89jv/3r3hd+7/9filzrt7d/j4+Z+s3/9f2LyhB7z/1zbXy/f/8k6w1f3/qZ5lL+SfRvpqEfWF27N9xyPq86+/cap9u3Vr8tbk9PnTp788OPjlc6f7DkfUb7anJnte7crhAgAAAAAAAAAAAAAAAHh0UhG/GylaP15NjYi4W43XGrg0+OypZw7FoWq81YZx26+OXrvceGnm9uzc5Pz85ERjbLp9Y2Zi8kF3V6+Ge40NDe9JZz7QkT1u/5H6SzOzr8+1b/3hwpbrj9YvX59fmGvd2Hp1HIkiotm75GTV4LGh4arRU+3WdFV1ZMvB9B9eXyriPyLFjfON9Pm8LI//3zzCf8P4/8XNG9rF8f+fO7o+/u/jPUXLfaZUxM8jxW/9xdPx+aqdR+O+Y5bL/U2kOHnxs7lcHC7LddvQea5AZ2RgWfZ/IsU//GJj2e54yKfWy575UAf3MVCe/2OR4vt/9t349bxs4/Mftj7/RzdvaI+e//DJnmVHNzyvYMddJ5//U5Hixafeit+olvzf+z7/o/vEhhOdwuvP59ij8/+rPcsG8n5/c7c6DwAAAAAAAAAA8BjrS0X8baT44XAtXcjLHuTv/yY2b2iP/v7rUz3LJnZnvqIPnvYGAAAAAJ4QfamIn0SKWwtv3RtDvXH8d8/4z99ZH/85lDatrX7P9yvVcwN28/d/vQbyfsd33m0AAAAAAAAAAAAAAAAAAAA4UFIq4kKeT328Gs8/se186suR4uX/ei6XS8fLct154Aeq7/Wra9OnLk9NzdRjoXV9arIxOtu6MVnW/WSkWP3rz+a6RTW/ene++c4c7+tzsc9FiuG/65btzMXenZu8Mx94fW0t4kxZ9uOR4j//fmPZPDV1nju62u7ZsuxfRYqv/9PWZY+vlz1Xlv1upPjR1xvdskfLshfyw1A/tV72+Rszxd6cGAAAAAAAAAAAAAAAAAAAAD5S+lIRfxop/vv20r2x/Hn+/76et5U3v9kz3/8md6t5/geq+f+3e/0w8/9XzxVY3G6vAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwZEpRxBuRYvbqalruL9931K+0p+/cHRsa3rrakVTVPFSVL7/qZ86eO/+lC4MXu/n+9Xfbp+PV0WuXGy/N3J6dm5yfn5xojE23b8xMTD7wFnZaf7OT1QFo3H7tzsTNm/ONs8+f27D67sB7/R87PnBp8NlTz3TLjg0ND4/2lKn1PfTe75O2WX44ivjLSPHc936aftgfUcTOj8UHfHb22pGqEyerTowNDVcdmWq3phfKlSPdA1FENHoqNbvH6BGcix1pRiyWzS8bfLLs3uhsa651fWqyMdKaW2gvtGemR1KntWV/GlHExRSxFBEr/fdvri+KeC1SfOfYavrn/ohD3ePwxaujXz19dvt2FHvYxwdQtrPRF7FUPAbn7ADrjyL+MVL87O0T8S/9EbXofMUXIl4p8wcRb0bnfKfyg3E+4t0tPkc8nmpRxP+W5//Sanq7v7wedK8rV77W+Mr0zZmest3rymN/f3iUDvi1qR5F/Ki64q+mf/XfNQAAAAAAAAAAAAAAAMABUsSvRYoX3jmRqvHB98YUt6dvNa61rk91hvV1x/51x0yvra2tNVInmznHcy7mXMq5nHMlZxS5fs5mmfW1tfH8fjHnUs7lnCs541Cun7OZczznYs6lnMs5V3JGLdfP2cw5nnMx51LO5ZwrOeOAjN0DAAAAAAAAAAAAAAAAAACeLEX1T4pvf2M1rfV35pcej04umw/0iff/AQAA//+M5PG4")
ioctl$SNDRV_TIMER_IOCTL_GINFO(0xffffffffffffffff, 0xc0f85403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbee5, 0x2010, r1, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) (async)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY_NETNS(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000180), 0xc, &(0x7f00000002c0)={&(0x7f00000001c0)={0x34, 0x0, 0x1, 0x70bd27, 0x25dfdbfd, {{}, {@void, @void, @val={0xc, 0x99, {0x0, 0x35}}}}, [@NL80211_ATTR_WIPHY={0x8, 0x1, 0x1b}, @NL80211_ATTR_WDEV={0xc, 0x99, {0x80000000, 0xe}}]}, 0x34}, 0x1, 0x0, 0x0, 0x80}, 0x4008000) (async, rerun: 32)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async, rerun: 32)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
socket$nl_netfilter(0x10, 0x3, 0xc) (async)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) (async, rerun: 32)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000600)='./bus\x00', 0x1c14744, &(0x7f0000000140), 0xff, 0x490, &(0x7f0000000f40)="$eJzs3M9vFFUcAPDvTLf8VFoRf4AkVtHY+KOlBZSDHjSaeNBEowc81rYQZKGG1kQI0WIMHg2Jd+PRxL/Akyejnky8eNC7ISFKTAAvrpndmba77lT6cxf380kW3tt5M+99++btvr632wB61lD2TxJxR0T8EhEDjWxzgaHGfzeuXZi8ee3CZBK12hu/J/Vy169dmCyKFuftzDPDaUT6cZJX0mz23PlTE9Xq9Nk8Pzp3+t3R2XPnnzp5euLE9InpM+NHjx4+NPbM0+NHms47sso4s/iu7/tgZv/el9+6/Orksctvf/9V1t40P740jvUylAX+R62u9dij611Zh/1dW4wzqXS6NdyqvojIuqu/Pv4Hoi8WO28gXvqoo40DNlT2mr21/PB8DfgfS6LTLQA6o3ijz37/zR/9mzT16ApXn2/8ApTFfiN/NI5UFtYGNvIHMhQRx+b/+jx7RMs6RK3NugEAwFp9k81/nmya/+XzjzTuXVJuV743NBgRd0XE7oi4OyL2RMQ9EfWy90XE/Susv3Vr6N/7MOmVVQV2i7L537P53lbz/K+Y/cVgX567sx5/f3L8ZHX6YP4zGY7+rVl+rN3Fi0u8+NOnZfUvnf9lj6z+Yi6YX+RKpWWBbmpibmK9JqVXL0bsq7SLP1nYCUgiYm9E7FvZpXcViZOPf7m/rNB/x7+Mddhnqn0R8Vij/+ejJf5Csvz+5Oi2qE4fHG3cFX1t6vjhx0uvldW/pvjXQdb/O5rv/5YSA38mS/drZ1dex6VfPyndW62s8v7fkrxZ39Pdkj/3/sTc3NmxiC3JK/V80/Pji+cW+aJ8Fv/wgfbjf3d+Thb/AxGxP+LnYtg9mPfdQxHxcEQcWCb+71545J2yY93Q/1NtX/8W7v/B5v5feaLv1Ldfl9XfGn+S5xdLZP1/uJ4azp+pv/7ltpdct7w52/ISq72bAQAA4PaT1j8bn6QjC+k0HRlpfIZ/T+xIqzOzc08cn3nvzFTjM/SD0Z8W658DS9ZDx5L5/IqN/Hi+VlwcP5SvG3/Wtz1Jojo9MjlTnepw7NDrdpaM/8xv7RazI+K5TW0hsKF8Xwt6V+v4TzvUDmDzef+H3mX8Q+8y/qF3FeP/9SXPfdhSpmQvALjNef+H3mX8Q+9aGP8XO9sOYPN5/4ee1O5L8sXfOFjDV/7XlKgs8+39Lk0Uq6Pd0p5TSURsbBWRdkekpYnI/4hFt7Rn5YmbtVWeXllmdN9qojOvRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOvtnwAAAP//aP7lHQ==") (async, rerun: 32)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f0000000000)='./bus\x00', 0x0, &(0x7f0000002800)=ANY=[@ANYBLOB="73686f727461642c756e64656c6574652c73657373696f6e3d30303030000800003030303030303030303139302c6d6f64653d30303030303030303030303030303030303030303030352c726f6f746469723d30303030303030303030303030303030303030352c646d6f64653d30303030303030303030303030303030303030303030362c696f636861727365743d6370313235312c696f636861727365743d6b6f69382d722c6e6f7672732c0084f5b23d82aacbefd1de1daab7394a9b4696461da9ab46f2d71c895d8c"], 0xfc, 0xc41, &(0x7f0000001b80)="$eJzs3U9sHNd9B/DfG5Hi0m4rxnYUJ42LTVuksmK5+hdTsQp3VdNsA8gyEYq5BeCKpNSFKZIgqUY20oLupYceAhRFDzkRaI0CKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAOQUMZvatuKRJmzb/iLI+H5v67s68N/PezHJGIvjmBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQ8QcvXTl7Lt3vVgAAh+na6NfOnnf/B4CHynX//gcAAAAAAAAAAAAAgKMuRRGPR4q5a2tpvHrfVrva6r1zd2xoePtq/amqeawqX37Vzp2/cPHLzw1e6uTV1swH1N9vn4tXRq9fqb84e3tufmphYWqyPjbTmpidnNr1FvZaf6vT1QGo3371zuTNmwv1889e2LT67sB7fY+eHLg8+PSZpzplx4aGh0c3itS6y/d87Ia07TTC43gUcSZSPPO9n6ZmRBSx92NRO9xzv1V/1YnTVSfGhoarjky3mjOL5cqRzoEoIupdlRqdY7T9uYie3kPtw84aEUtl88sGny67NzrXnG/emJ6qjzTnF1uLrdmZkdRubdmfehRxKUUsR8Rq3/s31xtF9ESK75xYSzci4ljnOHypGhi8czuKA+zjLpTtrPdGLBcPwDk7wvqiiJcjxc/ePhUT+TpTXWu+GPFymT+IeLPMFyJS+cG4GPHuNp8jHkw9UcRfluf/8lqarK4HnevK1a/Xvzpzc7arbOe68hHvD++7Utyn+0P/ljwcR/zaVIsimtUVfy19/L/sAAAAAAAAAAAAAAAAALDf+qOIz0aKl/7jT6pxxVGNSz9xefAPB361e8z4kx+ynbLssxGxVOxuTO7xPDBwJI2kdJ/HEj/MalHEn+bxf2/c78YAAAAAAAAAAAAAAAAAAAA81Ir4SaR4/p1TaTm65xRvzdyqX2/emG7PCtuZ+7czZ/r6+vp6PbWzkXM851LO5ZwrOVdzRpHr52zkHM+5lHM550rO1ZxxLNfP2cg5nnMp53LOlZyrOaMn18/ZyDmecynncs6VnKs544jM3QsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8ElSRBG/iBTf/uZaihQRjYjxaOdK3/1uHQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABQ6ktFfD9S1P+ocW9ZT0Sk6v+2U+UfF6NxvMzHojFY5gvRuJKzWWVP44370H72pjcV8eNI0Vd7K1JPe1k+/73td/c+BvHmtzbefS6XPdZZOfBe36MnT1weHP6NJ3d6nbZrwOmrrZk7d+tjQ8PDo12Le/LeH+taNpD3W+xT34lYeO31V5vT01PzH/9F+RHYQ/UH6EX5DXIEmuHFYb2IniPRjPvTdx4C5f3/3Ujxu+/8Z+eG377/1+JX2u/u3eHj53+2cf9/fuuGdnn/79laL9//y3v6dvf/x7uWPZ//NtLbE1FbvD3XezKitvDa62dat5u3pm5NzVw8e/Yrg4NfuXC293hE7WZreqrr1b4cLgAAAAAAAAAAAAAAAIDDk4r4/UjR/PFaqkfE3Wq81sDlwafPPHUsjlXjrTaN235l9PqV+ouzt+fmpxYWpibrYzOtidnJqd3urlYN9xobGj6Qznyo/gNuf3/txdm51+Zbt/54cdv1j9Su3FhYnG9ObL86+qOIaHQvOV01eGxouGr0dKs5U1Ud2XYw/UfXm4r4r0gxcbGevpCX5fH/W0f4bxr/v7R1Qwc0/v9TXcvKfaZUxM8jxe/81ZPxhaqdj8T7jlku93eR4vSlz+dycbws12nDY9VDBNojA8uy/xcp/ukXm8t2xkO2xyBWZc/t/sg+GMrzfyJSfP8vvhu/mZdtfv7D9uf/ka0bOqDz/0TXskc2Pa9gz10nn/8zkeKFx9+K38rLPuj5H51nb5zKhe89n+OAzv+nu5YN5P3+9v50HQAAAAAAAAAA4IHWm4r4+0jxw+Ge9Fxetpvf/5vcuqED+v2vz3Qtm9yf+Yo+9MWeDyoAAAAAHBG9qYifRIpbi2/dG0O9efx31/jP39sY/zmUtqytfs73a9VzA/bz53/dBvJ+x/febQAAAAAAAAAAAAAAAAAAADhSUiriuTyf+ng1nn9yx/nUVyLFS//zTC6XTpblOvPAD1R/1q7Nzpy5Mj09O9FcbN6YnqqPzjUnpsq6T0SKtb/9fK5bVPOrd+abb8/xvjEX+3ykGP6HTtn2XOyducmf2Ch7riz7qUjx3/+Yy66vV2U781h/eqPs+bLs30SKb/zL5u12yp7cKHuhLPvdSPGjb9Q7ZR8py3aej/qZjbLPTswWB3BWAAAAAAAAAAAAAAAAAAAAeNj0piL+PFL87+3le2P58/z/vV1vK29+q2u+/y3uVvP8D1Tz/+/0+uPM/189V2Bpp70CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAnU4oiXo8Uc9fW0kpf+b6tdrU1c+fu2NDw9tX6U1XzWFW+/KqdO3/h4pefG7zUyQ+uv98+G6+MXr9Sf3H29tz81MLC1GR9bKY1MTs5test7LX+VqerA1C//eqdyZs3F+rnn72wafXdgff6Hj05cHnw6TNPdcqODQ0Pj3aV6en9qDt9Y8c1aYflx6OIv44Uz3zvp+mHfRFF7P1YbPvZ6dt9L/aov+rE6aoTY0PDVUemW82ZxXLlSOdAFBH1rkqNzjHat3NxQBoRS2XzywafLrs3Otecb96YnqqPNOcXW4ut2ZmR1G5t2Z96FHEpRSxHxOo256A3ing1UnznxFr6176IY53j8KVro187e37ndhQH2MddKNtZ741YLh6Ac3aE9UUR/xwpfvb2qfi3voieaH/FFyNeLvMHEW9G+3yn8oNxMeLdw/te5oD1RBH/X57/y2vp7b7yetC5rlz9ev2rMzdnu8p2risHcn84PP2Hurcjfm2qRRE/qq74a+nffV8DAAAAAAAAAAAAAAAAHCFF/HqkeP6dU6kaH3xvTHFr5lb9evPGdHtYX2fsX2fM9Pr6+no9tbORczznUs7lnCs5V3NGkevnbJRZW18fz++Xci7nXMm5mjOO5fo5GznHcy7lXM65knM1Z/Tk+jkbOcdzLuVczrmSczVnHJGxewAAAAAAAAAAAAAAAAAAwCdLUf2X4tvfXEvrfe35pcejnSvmA/3E+2UAAAD//xtt+zc=") (async, rerun: 64)
r6 = open(&(0x7f0000000040)='./bus\x00', 0x185542, 0x0) (rerun: 64)
ftruncate(0xffffffffffffffff, 0x0) (async)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)) (async)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async)
r7 = getpid()
sched_setscheduler(r7, 0x2, &(0x7f0000000200)=0x4) (async)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x20010, r5, 0x0) (async, rerun: 64)
read$FUSE(r6, &(0x7f0000002900)={0x2020}, 0x2020) (async, rerun: 64)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r8=>0xffffffffffffffff})
connect$unix(r8, &(0x7f000057eff8)=@abs, 0x6e)

kernel console output (not intermixed with test programs):

 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   73.580077][ T4157] x_tables: duplicate underflow at hook 1
[   73.602011][ T3899] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   73.705746][ T4158] loop0: detected capacity change from 0 to 2048
[   73.744303][ T3772] usbhid 1-1:0.0: can't add hid device: -71
[   73.760392][ T3772] usbhid: probe of 1-1:0.0 failed with error -71
[   73.774933][ T4115] loop2: detected capacity change from 0 to 8192
[   73.778505][ T3772] usb 1-1: USB disconnect, device number 3
[   73.821523][ T4115] REISERFS warning (device loop2): super-6506 reiserfs_getopt: bad value "continue" for option "errors"
[   73.821523][ T4115] 
[   73.829039][ T4162] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   73.869674][ T1133] device hsr_slave_0 left promiscuous mode
[   73.903683][ T1133] device hsr_slave_1 left promiscuous mode
[   73.916622][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   73.948860][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0
[   73.984974][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   74.008841][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1
[   74.021509][ T1133] device bridge_slave_1 left promiscuous mode
[   74.039993][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.083904][ T1133] device bridge_slave_0 left promiscuous mode
[   74.090857][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.113397][ T1133] device hsr_slave_0 left promiscuous mode
[   74.120659][ T1133] device hsr_slave_1 left promiscuous mode
[   74.129650][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   74.137929][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_0
[   74.148768][ T1133] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   74.179975][ T1133] batman_adv: batadv0: Removing interface: batadv_slave_1
[   74.191872][ T1133] device bridge_slave_1 left promiscuous mode
[   74.206983][ T1133] bridge0: port 2(bridge_slave_1) entered disabled state
[   74.240317][ T1133] device bridge_slave_0 left promiscuous mode
[   74.246910][ T1133] bridge0: port 1(bridge_slave_0) entered disabled state
[   74.291791][ T1133] device veth1_macvtap left promiscuous mode
[   74.297928][ T1133] device veth0_macvtap left promiscuous mode
[   74.315926][ T1133] device veth1_vlan left promiscuous mode
[   74.321774][ T1133] device veth0_vlan left promiscuous mode
[   74.336268][ T1133] device veth1_macvtap left promiscuous mode
[   74.342319][ T1133] device veth0_macvtap left promiscuous mode
[   74.356177][ T1133] device veth1_vlan left promiscuous mode
[   74.367096][ T1133] device veth0_vlan left promiscuous mode
[   74.584416][ T4169] loop4: detected capacity change from 0 to 40427
[   74.942614][ T1133] team0 (unregistering): Port device team_slave_1 removed
[   74.966297][ T4169] loop4: detected capacity change from 0 to 32768
[   74.978641][ T1133] team0 (unregistering): Port device team_slave_0 removed
[   74.991837][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   75.009747][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   75.113412][ T1133] bond0 (unregistering): Released all slaves
[   75.257515][ T1133] team0 (unregistering): Port device team_slave_1 removed
[   75.280518][ T1133] team0 (unregistering): Port device team_slave_0 removed
[   75.292820][ T1133] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   75.306386][ T1133] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   75.366788][ T1133] bond0 (unregistering): Released all slaves
[   75.502516][ T4098] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.551853][ T4098] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.613449][ T4180] input: syz0 as /devices/virtual/input/input7
[   75.617799][ T4043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.620676][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   75.642109][ T4043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.719334][ T3042] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   75.821758][ T4184] netlink: 12 bytes leftover after parsing attributes in process `syz.1.83'.
[   75.832695][ T4184] netlink: 31 bytes leftover after parsing attributes in process `syz.1.83'.
[   75.855522][ T4184] netlink: 'syz.1.83': attribute type 2 has an invalid length.
[   75.864965][ T4184] netlink: 'syz.1.83': attribute type 2 has an invalid length.
[   75.875030][ T4184] netlink: 31 bytes leftover after parsing attributes in process `syz.1.83'.
[   76.174070][ T3042] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   76.388285][   T21] cfg80211: failed to load regulatory.db
[   76.424041][ T3042] usb 3-1: Using ep0 maxpacket: 8
[   76.554274][ T3042] usb 3-1: config 1 has an invalid interface association descriptor of length 3, skipping
[   76.582738][ T3042] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   76.621513][ T3042] usb 3-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[   76.770016][ T4183] loop0: detected capacity change from 0 to 32768
[   76.814267][ T3042] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[   76.831058][ T3042] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   76.860675][ T3042] usb 3-1: Product: syz
[   76.872305][ T3042] usb 3-1: Manufacturer: syz
[   76.896325][ T4183] gfs2: fsid=_dev_net_tun: Trying to join cluster "lock_nolock", "_dev_net_tun"
[   76.918883][ T3042] usb 3-1: SerialNumber: syz
[   76.930623][ T4183] gfs2: fsid=_dev_net_tun: Now mounting FS (format 1801)...
[   76.948106][ T4199] netlink: 'syz.1.88': attribute type 10 has an invalid length.
[   77.017929][ T4199] 8021q: adding VLAN 0 to HW filter on device team0
[   77.048458][ T4183] gfs2: fsid=_dev_net_tun.0: journal 0 mapped with 16 extents in 0ms
[   77.074863][   T21] gfs2: fsid=_dev_net_tun.0: jid=0, already locked for use
[   77.079166][ T4199] bond0: (slave team0): Enslaving as an active interface with an up link
[   77.082996][   T21] gfs2: fsid=_dev_net_tun.0: jid=0: Looking at journal...
[   77.223357][ T4187] process 'syz.2.85' launched '/dev/fd/3' with NULL argv: empty string added
[   77.283358][   T21] gfs2: fsid=_dev_net_tun.0: jid=0: Journal head lookup took 200ms
[   77.289820][ T4203] netlink: 16 bytes leftover after parsing attributes in process `syz.1.89'.
[   77.318789][   T21] gfs2: fsid=_dev_net_tun.0: jid=0: Done
[   77.337263][ T3042] usb 3-1: USB disconnect, device number 2
[   77.349591][ T4183] gfs2: fsid=_dev_net_tun.0: first mount done, others may mount
[   77.835605][ T3769] usb 2-1: new full-speed USB device number 6 using dummy_hcd
[   77.987052][ T4212] FAULT_INJECTION: forcing a failure.
[   77.987052][ T4212] name failslab, interval 1, probability 0, space 0, times 1
[   78.021188][ T4212] CPU: 1 PID: 4212 Comm: syz.3.94 Not tainted 5.15.164-syzkaller #0
[   78.029204][ T4212] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   78.039267][ T4212] Call Trace:
[   78.042545][ T4212]  <TASK>
[   78.045473][ T4212]  dump_stack_lvl+0x1e3/0x2d0
[   78.050176][ T4212]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   78.055808][ T4212]  ? panic+0x860/0x860
[   78.059880][ T4212]  ? __might_sleep+0xc0/0xc0
[   78.064467][ T4212]  should_fail+0x38a/0x4c0
[   78.068882][ T4212]  should_failslab+0x5/0x20
[   78.073377][ T4212]  slab_pre_alloc_hook+0x53/0xc0
[   78.078310][ T4212]  kmem_cache_alloc_trace+0x49/0x290
[   78.083598][ T4212]  ? io_drain_req+0x43e/0x970
[   78.088278][ T4212]  io_drain_req+0x43e/0x970
[   78.092784][ T4212]  io_submit_sqes+0x722e/0xa350
[   78.097663][ T4212]  ? io_uring_del_tctx_node+0x2b0/0x2b0
[   78.103203][ T4212]  ? __io_cqring_overflow_flush+0x6d0/0x6d0
[   78.109097][ T4212]  __se_sys_io_uring_enter+0x293/0x23d0
[   78.114687][ T4212]  ? __x64_sys_io_uring_enter+0xf0/0xf0
[   78.120240][ T4212]  ? __context_tracking_exit+0x4c/0x80
[   78.125699][ T4212]  ? __lock_acquire+0x1ff0/0x1ff0
[   78.130740][ T4212]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[   78.136727][ T4212]  ? print_irqtrace_events+0x210/0x210
[   78.142180][ T4212]  ? vtime_user_exit+0x2d1/0x400
[   78.147123][ T4212]  ? syscall_enter_from_user_mode+0x2e/0x240
[   78.153105][ T4212]  ? lockdep_hardirqs_on+0x94/0x130
[   78.158306][ T4212]  ? __x64_sys_io_uring_enter+0x1d/0xf0
[   78.163849][ T4212]  do_syscall_64+0x3b/0xb0
[   78.168256][ T4212]  ? clear_bhb_loop+0x15/0x70
[   78.172926][ T4212]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   78.178827][ T4212] RIP: 0033:0x7f364e10b299
[   78.183249][ T4212] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   78.202848][ T4212] RSP: 002b:00007f364c58a048 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[   78.211261][ T4212] RAX: ffffffffffffffda RBX: 00007f364e299f80 RCX: 00007f364e10b299
[   78.219331][ T4212] RDX: 0000000000000000 RSI: 0000000000000316 RDI: 0000000000000004
[   78.227297][ T4212] RBP: 00007f364c58a0a0 R08: 0000000000000000 R09: fffffffffffffffd
[   78.235264][ T4212] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   78.243234][ T4212] R13: 000000000000000b R14: 00007f364e299f80 R15: 00007fff61caa6a8
[   78.251210][ T4212]  </TASK>
[   78.404318][ T3769] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   78.429201][ T3769] usb 2-1: config 1 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[   78.504131][ T4217] netlink: 12 bytes leftover after parsing attributes in process `syz.3.96'.
[   78.520579][ T4217] netlink: 31 bytes leftover after parsing attributes in process `syz.3.96'.
[   78.535219][ T4217] netlink: 'syz.3.96': attribute type 2 has an invalid length.
[   78.555738][ T4217] netlink: 'syz.3.96': attribute type 2 has an invalid length.
[   78.568450][ T4217] netlink: 31 bytes leftover after parsing attributes in process `syz.3.96'.
[   78.577904][ T3769] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a5, bcdDevice= 0.40
[   78.595111][ T3769] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[   78.617413][ T3769] usb 2-1: SerialNumber: syz
[   78.634151][ T3766] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   78.687137][ T3769] cdc_ether: probe of 2-1:1.0 failed with error -22
[   78.699976][ T3769] usb-storage 2-1:1.0: USB Mass Storage device detected
[   78.730079][ T3769] usb-storage 2-1:1.0: Quirks match for vid 0525 pid a4a5: 10000
[   79.004571][ T3766] usb 3-1: config 0 interface 0 has no altsetting 0
[   79.014441][ T3766] usb 3-1: New USB device found, idVendor=046d, idProduct=0a0e, bcdDevice=94.75
[   79.063677][ T3766] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   79.101871][ T3766] usb 3-1: config 0 descriptor??
[   79.153294][ T4233] loop0: detected capacity change from 0 to 1024
[   79.386997][ T4239] loop4: detected capacity change from 0 to 2048
[   79.423792][ T3769] usb 2-1: USB disconnect, device number 6
[   79.510762][ T4239] UDF-fs: error (device loop4): udf_process_sequence: Primary Volume Descriptor not found!
[   79.600759][ T4239] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   79.736759][ T4239] FAULT_INJECTION: forcing a failure.
[   79.736759][ T4239] name fail_usercopy, interval 1, probability 0, space 0, times 1
[   79.800453][ T4239] CPU: 0 PID: 4239 Comm: syz.4.102 Not tainted 5.15.164-syzkaller #0
[   79.808642][ T4239] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   79.818856][ T4239] Call Trace:
[   79.822137][ T4239]  <TASK>
[   79.825063][ T4239]  dump_stack_lvl+0x1e3/0x2d0
[   79.829741][ T4239]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   79.835379][ T4239]  ? panic+0x860/0x860
[   79.839473][ T4239]  ? snprintf+0xd6/0x120
[   79.843820][ T4239]  should_fail+0x38a/0x4c0
[   79.848250][ T4239]  _copy_to_user+0x2d/0x130
[   79.852772][ T4239]  simple_read_from_buffer+0xc6/0x150
[   79.858158][ T4239]  proc_fail_nth_read+0x1a3/0x210
[   79.863185][ T4239]  ? proc_fault_inject_write+0x390/0x390
[   79.868825][ T4239]  ? fsnotify_perm+0x442/0x590
[   79.873611][ T4239]  ? proc_fault_inject_write+0x390/0x390
[   79.879255][ T4239]  vfs_read+0x2fc/0xe10
[   79.883415][ T4239]  ? kernel_read+0x1f0/0x1f0
[   79.888234][ T4239]  ? __fget_files+0x413/0x480
[   79.892936][ T4239]  ? mutex_lock_nested+0x17/0x20
[   79.897961][ T4239]  ? __fdget_pos+0x2cb/0x380
[   79.902558][ T4239]  ? ksys_read+0x77/0x2c0
[   79.906900][ T4239]  ksys_read+0x1a2/0x2c0
[   79.911147][ T4239]  ? print_irqtrace_events+0x210/0x210
[   79.916725][ T4239]  ? vfs_write+0xe50/0xe50
[   79.921136][ T4239]  ? syscall_enter_from_user_mode+0x2e/0x240
[   79.927100][ T4239]  ? lockdep_hardirqs_on+0x94/0x130
[   79.932291][ T4239]  ? syscall_enter_from_user_mode+0x2e/0x240
[   79.938255][ T4239]  do_syscall_64+0x3b/0xb0
[   79.942655][ T4239]  ? clear_bhb_loop+0x15/0x70
[   79.947317][ T4239]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   79.953184][ T4239] RIP: 0033:0x7f692254bd7c
[   79.957577][ T4239] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   79.977167][ T4239] RSP: 002b:00007f69209cc040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   79.985563][ T4239] RAX: ffffffffffffffda RBX: 00007f69226dbf80 RCX: 00007f692254bd7c
[   79.993518][ T4239] RDX: 000000000000000f RSI: 00007f69209cc0b0 RDI: 0000000000000007
[   80.001463][ T4239] RBP: 00007f69209cc0a0 R08: 0000000000000000 R09: 0000000000000000
[   80.009411][ T4239] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   80.017361][ T4239] R13: 000000000000000b R14: 00007f69226dbf80 R15: 00007fffda765e78
[   80.025327][ T4239]  </TASK>
[   80.318600][ T4237] loop3: detected capacity change from 0 to 32768
[   80.422088][ T4237] gfs2: fsid=_dev_net_tun: Trying to join cluster "lock_nolock", "_dev_net_tun"
[   80.485070][ T4237] gfs2: fsid=_dev_net_tun: Now mounting FS (format 1801)...
[   80.506049][ T4253] loop1: detected capacity change from 0 to 64
[   80.531771][ T4237] gfs2: fsid=_dev_net_tun.0: journal 0 mapped with 16 extents in 0ms
[   80.542822][ T4242] loop2: detected capacity change from 0 to 64
[   80.560229][ T3751] gfs2: fsid=_dev_net_tun.0: jid=0, already locked for use
[   80.577860][ T3751] gfs2: fsid=_dev_net_tun.0: jid=0: Looking at journal...
[   80.589392][ T4242] hfs: unable to parse mount options
[   80.672159][ T3751] gfs2: fsid=_dev_net_tun.0: jid=0: Journal head lookup took 94ms
[   80.710678][ T3751] gfs2: fsid=_dev_net_tun.0: jid=0: Done
[   80.722646][ T4242] netlink: 'syz.2.95': attribute type 4 has an invalid length.
[   80.729993][ T4237] gfs2: fsid=_dev_net_tun.0: first mount done, others may mount
[   80.762783][ T4242] netlink: 17 bytes leftover after parsing attributes in process `syz.2.95'.
[   80.795284][ T3766] video4linux radio32: keene_cmd_set failed (-71)
[   80.809520][ T3766] radio-keene 3-1:0.0: V4L2 device registered as radio32
[   80.849792][ T4261] loop4: detected capacity change from 0 to 4096
[   80.869799][ T3766] usb 3-1: USB disconnect, device number 3
[   80.914878][ T4261] ntfs3: Bad value for 'uid'
[   81.124066][ T3751] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[   81.219541][ T4276] loop3: detected capacity change from 0 to 2048
[   81.220662][ T4278] loop4: detected capacity change from 0 to 256
[   81.261148][ T4281] netlink: 12 bytes leftover after parsing attributes in process `syz.0.112'.
[   81.282307][ T4281] netlink: 31 bytes leftover after parsing attributes in process `syz.0.112'.
[   81.325955][ T4281] netlink: 'syz.0.112': attribute type 2 has an invalid length.
[   81.345908][ T4276] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[   81.402118][ T4281] netlink: 'syz.0.112': attribute type 2 has an invalid length.
[   81.404172][ T3751] usb 2-1: Using ep0 maxpacket: 32
[   81.411479][ T4276] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   81.457519][ T4281] netlink: 31 bytes leftover after parsing attributes in process `syz.0.112'.
[   81.562613][ T4286] netlink: 40 bytes leftover after parsing attributes in process `syz.3.109'.
[   81.584413][ T3751] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[   81.594737][ T3751] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   81.619458][ T4288] loop7: detected capacity change from 0 to 16384
[   81.660440][ T3751] usb 2-1: config 0 descriptor??
[   81.715852][ T3751] gspca_main: nw80x-2.14.0 probing 055f:d001
[   81.731186][ T4289] PM: Enabling pm_trace changes system date and time during resume.
[   81.731186][ T4289] PM: Correct system time has to be restored manually after resume.
[   81.747051][ T4285] netlink: 24 bytes leftover after parsing attributes in process `syz.2.115'.
[   81.907963][ T4288] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[   81.949438][ T4288] Buffer I/O error on dev loop7, logical block 0, async page read
[   81.969680][ T4288] ldm_validate_partition_table(): Disk read failed.
[   81.987547][ T4288] Dev loop7: unable to read RDB block 0
[   82.000488][ T4288]  loop7: unable to read partition table
[   82.006872][ T4288] loop7: partition table beyond EOD, truncated
[   82.025917][ T4288] loop_reread_partitions: partition scan of loop7 () failed (rc=-5)
[   82.132031][ T4297] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[   82.215629][ T4297] netlink: 52 bytes leftover after parsing attributes in process `syz.3.116'.
[   82.301299][ T4308] FAULT_INJECTION: forcing a failure.
[   82.301299][ T4308] name failslab, interval 1, probability 0, space 0, times 0
[   82.315030][ T4308] CPU: 1 PID: 4308 Comm: syz.4.119 Not tainted 5.15.164-syzkaller #0
[   82.323114][ T4308] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   82.333167][ T4308] Call Trace:
[   82.336450][ T4308]  <TASK>
[   82.339377][ T4308]  dump_stack_lvl+0x1e3/0x2d0
[   82.344066][ T4308]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   82.349697][ T4308]  ? panic+0x860/0x860
[   82.353772][ T4308]  ? __might_sleep+0xc0/0xc0
[   82.358373][ T4308]  should_fail+0x38a/0x4c0
[   82.362805][ T4308]  should_failslab+0x5/0x20
[   82.367307][ T4308]  slab_pre_alloc_hook+0x53/0xc0
[   82.372248][ T4308]  __kmalloc_node_track_caller+0x6b/0x390
[   82.377968][ T4308]  ? netlink_sendmsg+0x6f8/0xd60
[   82.382904][ T4308]  ? kmem_cache_alloc_node+0x154/0x2c0
[   82.388452][ T4308]  ? __alloc_skb+0xdd/0x590
[   82.392969][ T4308]  ? netlink_sendmsg+0x6f8/0xd60
[   82.397993][ T4308]  __alloc_skb+0x12c/0x590
[   82.402420][ T4308]  netlink_sendmsg+0x6f8/0xd60
[   82.407191][ T4308]  ? netlink_getsockopt+0x5b0/0x5b0
[   82.412391][ T4308]  ? aa_sock_msg_perm+0x91/0x150
[   82.417341][ T4308]  ? bpf_lsm_socket_sendmsg+0x5/0x10
[   82.422713][ T4308]  ? security_socket_sendmsg+0x7d/0xa0
[   82.428180][ T4308]  ? netlink_getsockopt+0x5b0/0x5b0
[   82.433386][ T4308]  ____sys_sendmsg+0x59e/0x8f0
[   82.438157][ T4308]  ? iovec_from_user+0x300/0x390
[   82.443103][ T4308]  ? __sys_sendmsg_sock+0x30/0x30
[   82.448142][ T4308]  ___sys_sendmsg+0x252/0x2e0
[   82.452826][ T4308]  ? __sys_sendmsg+0x260/0x260
[   82.457625][ T4308]  ? __fdget+0x191/0x220
[   82.461875][ T4308]  __se_sys_sendmsg+0x19a/0x260
[   82.466746][ T4308]  ? __x64_sys_sendmsg+0x80/0x80
[   82.471703][ T4308]  ? syscall_enter_from_user_mode+0x2e/0x240
[   82.477687][ T4308]  ? lockdep_hardirqs_on+0x94/0x130
[   82.482895][ T4308]  ? syscall_enter_from_user_mode+0x2e/0x240
[   82.488887][ T4308]  do_syscall_64+0x3b/0xb0
[   82.493406][ T4308]  ? clear_bhb_loop+0x15/0x70
[   82.498089][ T4308]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   82.503992][ T4308] RIP: 0033:0x7f692254d299
[   82.508412][ T4308] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   82.528023][ T4308] RSP: 002b:00007f69209cc048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[   82.536446][ T4308] RAX: ffffffffffffffda RBX: 00007f69226dbf80 RCX: 00007f692254d299
[   82.544429][ T4308] RDX: 0000000000000000 RSI: 00000000200001c0 RDI: 0000000000000003
[   82.552421][ T4308] RBP: 00007f69209cc0a0 R08: 0000000000000000 R09: 0000000000000000
[   82.559831][ T4295] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   82.560397][ T4308] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   82.560414][ T4308] R13: 000000000000000b R14: 00007f69226dbf80 R15: 00007fffda765e78
[   82.560437][ T4308]  </TASK>
[   82.725394][ T4320] loop0: detected capacity change from 0 to 512
[   82.907682][ T4320] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   82.919678][ T4329] loop4: detected capacity change from 0 to 512
[   82.926533][ T4320] ext4 filesystem being mounted at /31/file0 supports timestamps until 2038 (0x7fffffff)
[   82.971504][ T4331] loop2: detected capacity change from 0 to 47
[   82.998321][ T4332] FAULT_INJECTION: forcing a failure.
[   82.998321][ T4332] name failslab, interval 1, probability 0, space 0, times 0
[   83.040817][ T4332] CPU: 1 PID: 4332 Comm: syz.0.122 Not tainted 5.15.164-syzkaller #0
[   83.048910][ T4332] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   83.058963][ T4332] Call Trace:
[   83.062240][ T4332]  <TASK>
[   83.065169][ T4332]  dump_stack_lvl+0x1e3/0x2d0
[   83.069855][ T4332]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   83.075489][ T4332]  ? panic+0x860/0x860
[   83.079560][ T4332]  ? __might_sleep+0xc0/0xc0
[   83.084153][ T4332]  should_fail+0x38a/0x4c0
[   83.088570][ T4332]  should_failslab+0x5/0x20
[   83.093067][ T4332]  slab_pre_alloc_hook+0x53/0xc0
[   83.098007][ T4332]  ? security_file_alloc+0x24/0x120
[   83.103296][ T4332]  kmem_cache_alloc+0x3f/0x280
[   83.108072][ T4332]  security_file_alloc+0x24/0x120
[   83.113103][ T4332]  __alloc_file+0xc3/0x240
[   83.117527][ T4332]  alloc_empty_file+0x92/0x180
[   83.122296][ T4332]  path_openat+0xfc/0x2f20
[   83.126721][ T4332]  ? stack_trace_snprint+0xe0/0xe0
[   83.131833][ T4332]  ? validate_chain+0x112/0x5930
[   83.136772][ T4332]  ? mark_lock+0x98/0x340
[   83.141113][ T4332]  ? __lock_acquire+0x1295/0x1ff0
[   83.146140][ T4332]  ? mark_lock+0x98/0x340
[   83.150474][ T4332]  ? __lock_acquire+0x1295/0x1ff0
[   83.155494][ T4332]  ? do_filp_open+0x460/0x460
[   83.160190][ T4332]  do_filp_open+0x21c/0x460
[   83.164695][ T4332]  ? vfs_tmpfile+0x2e0/0x2e0
[   83.169303][ T4332]  ? _raw_spin_unlock+0x24/0x40
[   83.174150][ T4332]  ? alloc_fd+0x598/0x630
[   83.178488][ T4332]  do_sys_openat2+0x13b/0x4f0
[   83.183173][ T4332]  ? do_sys_open+0x220/0x220
[   83.187777][ T4332]  __x64_sys_openat+0x243/0x290
[   83.192671][ T4332]  ? __ia32_sys_open+0x270/0x270
[   83.197630][ T4332]  ? syscall_enter_from_user_mode+0x2e/0x240
[   83.203715][ T4332]  ? lockdep_hardirqs_on+0x94/0x130
[   83.208917][ T4332]  ? syscall_enter_from_user_mode+0x2e/0x240
[   83.215040][ T4332]  do_syscall_64+0x3b/0xb0
[   83.219462][ T4332]  ? clear_bhb_loop+0x15/0x70
[   83.224139][ T4332]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   83.230044][ T4332] RIP: 0033:0x7f94af1b2299
[   83.234463][ T4332] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   83.254070][ T4332] RSP: 002b:00007f94ad610048 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   83.262583][ T4332] RAX: ffffffffffffffda RBX: 00007f94af341058 RCX: 00007f94af1b2299
[   83.269341][ T4322] loop3: detected capacity change from 0 to 32768
[   83.270556][ T4332] RDX: 000000000000275a RSI: 0000000020000040 RDI: ffffffffffffff9c
[   83.284902][ T4332] RBP: 00007f94ad6100a0 R08: 0000000000000000 R09: 0000000000000000
[   83.292878][ T4332] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   83.300853][ T4332] R13: 000000000000006e R14: 00007f94af341058 R15: 00007ffda28ded08
[   83.308849][ T4332]  </TASK>
[   83.316143][ T3751] gspca_nw80x: reg_w err -71
[   83.320939][ T3751] nw80x: probe of 2-1:0.0 failed with error -71
[   83.346887][ T4329] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   83.357744][ T3751] usb 2-1: USB disconnect, device number 7
[   83.373393][ T4331] netlink: 'syz.2.126': attribute type 1 has an invalid length.
[   83.395084][ T4322] XFS (loop3): Mounting V5 Filesystem
[   83.409498][ T4329] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038 (0x7fffffff)
[   83.524377][ T4322] XFS (loop3): Ending clean mount
[   83.626943][   T25] kauditd_printk_skb: 51 callbacks suppressed
[   83.626957][   T25] audit: type=1800 audit(1722194077.633:67): pid=4322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="bus" dev="loop3" ino=4427 res=0 errno=0
[   83.668545][ T4329] EXT4-fs error (device loop4): ext4_do_update_inode:5160: inode #2: comm syz.4.124: corrupted inode contents
[   83.669328][   T25] audit: type=1800 audit(1722194077.633:68): pid=4322 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.123" name="file0" dev="loop3" ino=4428 res=0 errno=0
[   83.716164][ T4322] XFS (loop3): Unmounting Filesystem
[   83.741637][ T4329] EXT4-fs error (device loop4): ext4_dirty_inode:5993: inode #2: comm syz.4.124: mark_inode_dirty error
[   83.758978][ T4329] EXT4-fs error (device loop4): ext4_do_update_inode:5160: inode #2: comm syz.4.124: corrupted inode contents
[   83.773050][ T4329] EXT4-fs error (device loop4): __ext4_ext_dirty:183: inode #2: comm syz.4.124: mark_inode_dirty error
[   83.841294][ T4344] device hsr_slave_0 left promiscuous mode
[   84.031428][ T4353] netlink: 12 bytes leftover after parsing attributes in process `syz.0.127'.
[   84.071290][ T4353] netlink: 31 bytes leftover after parsing attributes in process `syz.0.127'.
[   84.111443][ T4353] netlink: 'syz.0.127': attribute type 2 has an invalid length.
[   84.122139][ T4353] netlink: 'syz.0.127': attribute type 2 has an invalid length.
[   84.140497][ T4353] netlink: 31 bytes leftover after parsing attributes in process `syz.0.127'.
[   84.346499][ T4348] loop1: detected capacity change from 0 to 32768
[   84.501573][ T4359] loop2: detected capacity change from 0 to 256
[   85.061305][ T4357] loop3: detected capacity change from 0 to 32768
[   85.135936][ T4357] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.131 (4357)
[   85.154062][ T3751] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   85.201033][ T4357] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[   85.229981][ T4357] BTRFS info (device loop3): doing ref verification
[   85.250680][ T4357] BTRFS info (device loop3): using default commit interval 30s
[   85.273253][ T4357] BTRFS info (device loop3): enabling ssd optimizations
[   85.299711][ T4357] BTRFS info (device loop3): turning on sync discard
[   85.323728][ T4357] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[   85.363726][ T4357] BTRFS info (device loop3): use zstd compression, level 3
[   85.386987][ T4357] BTRFS warning (device loop3): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[   85.444089][ T4357] BTRFS info (device loop3): trying to use backup root at mount time
[   85.462477][ T4357] BTRFS info (device loop3): using free space tree
[   85.476084][ T3853] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 3: comm syz-executor: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=12, inode=514, rec_len=0, size=2048 fake=0
[   85.487388][ T3751] usb 3-1: Using ep0 maxpacket: 16
[   85.532753][ T4357] BTRFS info (device loop3): has skinny extents
[   85.554802][ T3853] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 12: comm syz-executor: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[   85.637726][ T3853] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 13: comm syz-executor: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[   85.664930][ T3853] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 14: comm syz-executor: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[   85.719980][ T3853] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 15: comm syz-executor: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[   85.741084][ T4369] loop0: detected capacity change from 0 to 40427
[   85.770926][ T4382] Zero length message leads to an empty skb
[   85.803878][ T3853] EXT4-fs error (device loop4): ext4_readdir:260: inode #2: block 16: comm syz-executor: path /16/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[   85.823412][ T4369] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[   85.844186][ T3751] usb 3-1: New USB device found, idVendor=054c, idProduct=0038, bcdDevice=16.f5
[   85.863558][ T3751] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   85.881959][ T3751] usb 3-1: Product: syz
[   85.886221][ T3751] usb 3-1: Manufacturer: syz
[   85.890822][ T3751] usb 3-1: SerialNumber: syz
[   85.908458][ T3751] usb 3-1: config 0 descriptor??
[   85.934068][ T4369] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[   85.970705][ T3751] visor 3-1:0.0: Sony Clie 3.5 converter detected
[   86.017588][ T4391] loop1: detected capacity change from 0 to 4096
[   86.041061][ T4369] F2FS-fs (loop0): Found nat_bits in checkpoint
[   86.130105][ T4391] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[   86.201623][ T4391] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[   86.214247][ T3751] usb 3-1: clie_3_5_startup: get config number failed: -71
[   86.221818][ T3751] visor: probe of 3-1:0.0 failed with error -71
[   86.236710][ T4369] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[   86.245791][ T4369] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[   86.277664][ T3751] usb 3-1: USB disconnect, device number 4
[   86.592556][ T4407] attempt to access beyond end of device
[   86.592556][ T4407] loop0: rw=2049, want=45224, limit=40427
[   86.638175][ T1133] ntfs3: loop1: ino=1e, failed to open parent directory r=30005 to update
[   86.664335][ T1133] ntfs3: loop1: ino=1e, Internal error
[   86.668221][   T25] audit: type=1804 audit(1722194080.673:69): pid=4407 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.135" name="/newroot/34/bus/bus" dev="loop0" ino=10 res=1 errno=0
[   86.680236][ T1133] ntfs3: loop1: ntfs3_write_inode r=1e failed, -22.
[   86.766269][ T3580] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[   87.256174][ T4429] netlink: 12 bytes leftover after parsing attributes in process `syz.1.145'.
[   87.308866][ T4414] loop3: detected capacity change from 0 to 32768
[   87.434376][ T4414] XFS (loop3): Mounting V5 Filesystem
[   87.501518][ T4429] loop1: detected capacity change from 0 to 4096
[   87.517462][ T4414] XFS (loop3): Ending clean mount
[   87.555031][ T4429] ntfs3: Unknown parameter 'syz$'
[   87.579058][   T25] audit: type=1800 audit(1722194081.583:70): pid=4414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.140" name="bus" dev="loop3" ino=4427 res=0 errno=0
[   87.600822][   T25] audit: type=1800 audit(1722194081.603:71): pid=4414 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.140" name="file0" dev="loop3" ino=4428 res=0 errno=0
[   87.687013][ T4414] XFS (loop3): Unmounting Filesystem
[   88.693518][ T4443] loop0: detected capacity change from 0 to 32768
[   88.777164][ T4456] loop3: detected capacity change from 0 to 4096
[   88.849802][ T4456] ntfs3: Bad value for 'uid'
[   89.047178][ T4465] loop3: detected capacity change from 0 to 164
[   89.478524][ T4474] loop1: detected capacity change from 0 to 8192
[   89.563153][ T4474] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[   89.572415][ T3768] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[   89.588980][ T4474] REISERFS (device loop1): using ordered data mode
[   89.596348][ T4474] reiserfs: using flush barriers
[   89.607637][ T4474] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   89.675886][ T4474] REISERFS (device loop1): checking transaction log (loop1)
[   89.910226][ T4470] loop2: detected capacity change from 0 to 32768
[   89.964123][ T3768] usb 1-1: New USB device found, idVendor=1c34, idProduct=07f6, bcdDevice=52.19
[   89.977163][ T3768] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   89.977750][ T4474] REISERFS (device loop1): Using tea hash to sort names
[   90.018755][ T3768] usb 1-1: config 0 descriptor??
[   90.035978][ T4474] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[   90.045609][ T4470] XFS (loop2): Mounting V5 Filesystem
[   90.159323][ T4470] XFS (loop2): Ending clean mount
[   90.188958][   T25] audit: type=1800 audit(1722194084.193:72): pid=4470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.157" name="bus" dev="loop2" ino=4427 res=0 errno=0
[   90.209192][    C0] vkms_vblank_simulate: vblank timer overrun
[   90.326778][   T25] audit: type=1800 audit(1722194084.223:73): pid=4470 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.157" name="file0" dev="loop2" ino=4428 res=0 errno=0
[   90.357407][ T4474] REISERFS warning (device loop1): super-6502 reiserfs_getopt: unknown mount option "01777777777777777777777�00000000000000000000000���X�c�v�:�Q���"��C���o��"���'ή���_��0��-�%��+�t��6P���'�k�;/|�%�T�9i�(��%Z��@�G~��ͱ�\�����������%S:U�VT����OvO7MfO�Jj�N��"��Bn�]��XZ
[   90.357407][ T4474] �o�*��e�4�b��L����*�"
[   90.752362][ T4470] XFS (loop2): Unmounting Filesystem
[   90.802087][ T4409] usb 1-1: USB disconnect, device number 4
[   90.848813][ T3751] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[   91.214324][ T3751] usb 4-1: config 8 has an invalid interface number: 64 but max is 1
[   91.234102][ T3751] usb 4-1: config 8 has an invalid interface number: 123 but max is 1
[   91.242369][ T3751] usb 4-1: config 8 has no interface number 0
[   91.274016][ T3751] usb 4-1: config 8 has no interface number 1
[   91.294112][ T3751] usb 4-1: config 8 interface 64 altsetting 79 endpoint 0x3 has invalid maxpacket 10494, setting to 64
[   91.334887][ T3751] usb 4-1: config 8 interface 123 altsetting 0 endpoint 0x6 has invalid maxpacket 512, setting to 64
[   91.366204][ T3751] usb 4-1: config 8 interface 123 altsetting 0 endpoint 0xA has invalid maxpacket 991, setting to 64
[   91.424401][ T3751] usb 4-1: config 8 interface 123 altsetting 0 endpoint 0xF has invalid maxpacket 9096, setting to 64
[   91.452326][ T3751] usb 4-1: config 8 interface 123 altsetting 0 endpoint 0x7 has invalid maxpacket 512, setting to 64
[   91.494032][ T3751] usb 4-1: config 8 interface 123 altsetting 0 has a duplicate endpoint with address 0xA, skipping
[   91.513985][ T3751] usb 4-1: config 8 interface 123 altsetting 0 has an invalid endpoint with address 0x80, skipping
[   91.542345][ T3751] usb 4-1: config 8 interface 123 altsetting 0 has a duplicate endpoint with address 0xF, skipping
[   91.571207][ T4494] loop0: detected capacity change from 0 to 32768
[   91.581058][ T3751] usb 4-1: config 8 interface 123 altsetting 0 endpoint 0xB has invalid maxpacket 1023, setting to 64
[   91.614034][ T3751] usb 4-1: config 8 interface 123 altsetting 0 has an invalid endpoint with address 0x80, skipping
[   91.635799][ T3751] usb 4-1: config 8 interface 123 altsetting 0 endpoint 0x1 has invalid maxpacket 1023, setting to 64
[   91.699404][ T3751] usb 4-1: config 8 interface 64 has no altsetting 0
[   91.802148][ T4496] loop1: detected capacity change from 0 to 32768
[   91.854847][ T4496] jfs: Unrecognized mount option "jfs" or missing value
[   91.884316][ T3751] usb 4-1: New USB device found, idVendor=1b3d, idProduct=01f7, bcdDevice=94.95
[   91.893382][ T3751] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   91.924915][ T3751] usb 4-1: Product: syz
[   91.929100][ T3751] usb 4-1: Manufacturer: syz
[   91.933684][ T3751] usb 4-1: SerialNumber: syz
[   92.032789][ T3751] usb 4-1: rejected 1 configuration due to insufficient available bus power
[   92.164080][ T4507] dlm: no local IP address has been set
[   92.169962][ T4507] dlm: cannot start dlm midcomms -107
[   92.518451][ T3751] usb 4-1: no configuration chosen from 1 choice
[   92.547263][ T4506] loop2: detected capacity change from 0 to 4096
[   92.615880][ T4506] ntfs3: Bad value for 'uid'
[   93.323653][ T4510] loop2: detected capacity change from 0 to 4096
[   93.386070][ T4510] ntfs: (device loop2): parse_options(): Unrecognized mount option show_sys_�<.
[   93.430836][ T4516] loop0: detected capacity change from 0 to 256
[   93.562815][ T4145] usb 4-1: USB disconnect, device number 3
[   93.663299][ T4518] FAULT_INJECTION: forcing a failure.
[   93.663299][ T4518] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   93.749658][ T4518] CPU: 1 PID: 4518 Comm: syz.3.173 Not tainted 5.15.164-syzkaller #0
[   93.757772][ T4518] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   93.765724][ T4521] netlink: 28 bytes leftover after parsing attributes in process `syz.0.174'.
[   93.767829][ T4518] Call Trace:
[   93.767840][ T4518]  <TASK>
[   93.767847][ T4518]  dump_stack_lvl+0x1e3/0x2d0
[   93.767872][ T4518]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   93.767890][ T4518]  ? panic+0x860/0x860
[   93.767982][ T4518]  should_fail+0x38a/0x4c0
[   93.802077][ T4518]  strncpy_from_user+0x32/0x370
[   93.807070][ T4518]  bpf_prog_load+0x185/0x1b60
[   93.811768][ T4518]  ? map_freeze+0x360/0x360
[   93.816282][ T4518]  ? __might_fault+0xb8/0x110
[   93.820981][ T4518]  ? __might_fault+0xb4/0x110
[   93.825660][ T4518]  ? bpf_lsm_bpf+0x5/0x10
[   93.830000][ T4518]  ? security_bpf+0x7d/0xa0
[   93.834598][ T4518]  __sys_bpf+0x343/0x670
[   93.838848][ T4518]  ? bpf_link_show_fdinfo+0x2d0/0x2d0
[   93.844233][ T4518]  ? syscall_enter_from_user_mode+0x2e/0x240
[   93.850218][ T4518]  ? lockdep_hardirqs_on+0x94/0x130
[   93.855427][ T4518]  __x64_sys_bpf+0x78/0x90
[   93.859850][ T4518]  do_syscall_64+0x3b/0xb0
[   93.864282][ T4518]  ? clear_bhb_loop+0x15/0x70
[   93.869050][ T4518]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   93.874940][ T4518] RIP: 0033:0x7f364e10b299
[   93.879358][ T4518] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[   93.898961][ T4518] RSP: 002b:00007f364c58a048 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[   93.907382][ T4518] RAX: ffffffffffffffda RBX: 00007f364e299f80 RCX: 00007f364e10b299
[   93.915537][ T4518] RDX: 0000000000000048 RSI: 000000002000e000 RDI: 0000000000000005
[   93.923510][ T4518] RBP: 00007f364c58a0a0 R08: 0000000000000000 R09: 0000000000000000
[   93.931480][ T4518] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   93.939451][ T4518] R13: 000000000000000b R14: 00007f364e299f80 R15: 00007fff61caa6a8
[   93.947428][ T4518]  </TASK>
[   94.330245][ T4528] kvm: emulating exchange as write
[   94.363274][ T4524] loop0: detected capacity change from 0 to 32768
[   94.386516][ T4528] overlayfs: upper fs does not support RENAME_WHITEOUT.
[   94.411149][ T4528] overlayfs: failed to set xattr on upper
[   94.425586][ T4528] overlayfs: ...falling back to index=off,metacopy=off.
[   94.432599][ T4528] overlayfs: maximum fs stacking depth exceeded
[   94.509149][ T4524] XFS (loop0): Mounting V5 Filesystem
[   94.582322][ T4548] loop1: detected capacity change from 0 to 1024
[   94.619235][ T4524] XFS (loop0): Ending clean mount
[   94.647367][   T25] audit: type=1800 audit(1722194088.653:74): pid=4524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.175" name="bus" dev="loop0" ino=4427 res=0 errno=0
[   94.669648][   T25] audit: type=1800 audit(1722194088.673:75): pid=4524 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.175" name="file0" dev="loop0" ino=4428 res=0 errno=0
[   94.924022][ T4145] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[   94.991154][ T4098] hfsplus: b-tree write err: -5, ino 4
[   95.027225][ T4524] XFS (loop0): Unmounting Filesystem
[   95.144026][ T4145] usb 4-1: device descriptor read/64, error -71
[   95.160965][ T4556] loop1: detected capacity change from 0 to 128
[   95.203132][   T25] audit: type=1326 audit(1722194089.203:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4557 comm="syz.2.182" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7ff3dd160299 code=0x0
[   95.258164][ T4556] UDF-fs: error (device loop1): udf_read_tagged: read failed, block=256, location=256
[   95.305828][ T4559] loop2: detected capacity change from 0 to 128
[   95.427011][ T4559] FAT-fs (loop2): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   95.445508][ T4145] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[   95.664070][ T4145] usb 4-1: device descriptor read/64, error -71
[   95.797191][ T4145] usb usb4-port1: attempt power cycle
[   95.845872][  T144] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.657381][  T144] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.794111][ T4145] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[   96.858358][  T144] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   96.884150][ T4576] loop0: detected capacity change from 0 to 256
[   96.896650][ T4145] usb 4-1: device descriptor read/8, error -71
[   96.989376][  T144] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   97.184453][ T4145] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   97.210527][ T4571] loop2: detected capacity change from 0 to 32768
[   97.262490][ T4571] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.188 (4571)
[   97.304256][ T4145] usb 4-1: device descriptor read/8, error -71
[   97.388884][ T4566] chnl_net:caif_netlink_parms(): no params data found
[   97.406820][ T4571] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[   97.415952][ T4571] BTRFS info (device loop2): using free space tree
[   97.432310][ T4571] BTRFS info (device loop2): has skinny extents
[   97.439263][ T4145] usb usb4-port1: unable to enumerate USB device
[   97.443842][ T4580] chnl_net:caif_netlink_parms(): no params data found
[   97.598351][ T4571] BTRFS info (device loop2): enabling ssd optimizations
[   97.775836][ T4629] FAULT_INJECTION: forcing a failure.
[   97.775836][ T4629] name fail_usercopy, interval 1, probability 0, space 0, times 0
[   97.789791][ T4629] CPU: 0 PID: 4629 Comm: syz.3.194 Not tainted 5.15.164-syzkaller #0
[   97.797874][ T4629] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[   97.807929][ T4629] Call Trace:
[   97.811206][ T4629]  <TASK>
[   97.814136][ T4629]  dump_stack_lvl+0x1e3/0x2d0
[   97.818848][ T4629]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[   97.824478][ T4629]  ? panic+0x860/0x860
[   97.828532][ T4629]  ? snprintf+0xd6/0x120
[   97.832756][ T4629]  should_fail+0x38a/0x4c0
[   97.837164][ T4629]  _copy_to_user+0x2d/0x130
[   97.841666][ T4629]  simple_read_from_buffer+0xc6/0x150
[   97.847043][ T4629]  proc_fail_nth_read+0x1a3/0x210
[   97.852054][ T4629]  ? proc_fault_inject_write+0x390/0x390
[   97.857675][ T4629]  ? fsnotify_perm+0x442/0x590
[   97.862440][ T4629]  ? proc_fault_inject_write+0x390/0x390
[   97.868054][ T4629]  vfs_read+0x2fc/0xe10
[   97.872225][ T4629]  ? kernel_read+0x1f0/0x1f0
[   97.876809][ T4629]  ? __fget_files+0x413/0x480
[   97.881487][ T4629]  ? mutex_lock_nested+0x17/0x20
[   97.886405][ T4629]  ? __fdget_pos+0x2cb/0x380
[   97.891008][ T4629]  ? ksys_read+0x77/0x2c0
[   97.895330][ T4629]  ksys_read+0x1a2/0x2c0
[   97.899572][ T4629]  ? print_irqtrace_events+0x210/0x210
[   97.905037][ T4629]  ? vfs_write+0xe50/0xe50
[   97.909448][ T4629]  ? syscall_enter_from_user_mode+0x2e/0x240
[   97.915423][ T4629]  ? lockdep_hardirqs_on+0x94/0x130
[   97.920637][ T4629]  ? syscall_enter_from_user_mode+0x2e/0x240
[   97.926630][ T4629]  do_syscall_64+0x3b/0xb0
[   97.931031][ T4629]  ? clear_bhb_loop+0x15/0x70
[   97.935706][ T4629]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[   97.941597][ T4629] RIP: 0033:0x7f364e109d7c
[   97.946088][ T4629] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 c9 8c 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 1f 8d 02 00 48
[   97.965680][ T4629] RSP: 002b:00007f364c58a040 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   97.974084][ T4629] RAX: ffffffffffffffda RBX: 00007f364e299f80 RCX: 00007f364e109d7c
[   97.982069][ T4629] RDX: 000000000000000f RSI: 00007f364c58a0b0 RDI: 0000000000000004
[   97.990045][ T4629] RBP: 00007f364c58a0a0 R08: 0000000000000000 R09: 0000000000000000
[   97.998005][ T4629] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[   98.005972][ T4629] R13: 000000000000000b R14: 00007f364e299f80 R15: 00007fff61caa6a8
[   98.013943][ T4629]  </TASK>
[   98.144724][   T25] audit: type=1326 audit(1722194092.133:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4635 comm="syz.3.196" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f364e10b299 code=0x0
[   98.229910][ T4637] loop3: detected capacity change from 0 to 128
[   98.239543][ T4580] bridge0: port 1(bridge_slave_0) entered blocking state
[   98.256927][ T4580] bridge0: port 1(bridge_slave_0) entered disabled state
[   98.280820][ T4580] device bridge_slave_0 entered promiscuous mode
[   98.334477][ T4637] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[   98.440052][ T4580] bridge0: port 2(bridge_slave_1) entered blocking state
[   98.581156][ T4580] bridge0: port 2(bridge_slave_1) entered disabled state
[   98.770835][ T4580] device bridge_slave_1 entered promiscuous mode
[   98.925150][ T4145] Bluetooth: hci2: command 0x0409 tx timeout
[   98.953675][ T3747] Bluetooth: hci4: command 0x0409 tx timeout
[   99.160634][ T4566] bridge0: port 1(bridge_slave_0) entered blocking state
[   99.182152][ T4566] bridge0: port 1(bridge_slave_0) entered disabled state
[   99.191556][ T4566] device bridge_slave_0 entered promiscuous mode
[   99.880905][ T4566] bridge0: port 2(bridge_slave_1) entered blocking state
[   99.894752][ T4566] bridge0: port 2(bridge_slave_1) entered disabled state
[   99.924608][ T4566] device bridge_slave_1 entered promiscuous mode
[   99.957804][ T4580] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   99.991037][ T4580] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.008012][ T4650] loop0: detected capacity change from 0 to 8192
[  100.016400][ T4652] loop3: detected capacity change from 0 to 4096
[  100.038864][ T4566] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  100.093637][ T4566] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  100.109962][ T4650] Dev loop0: RDB in block 1 has bad checksum
[  100.158766][ T4652] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  100.165348][ T4580] team0: Port device team_slave_0 added
[  100.176461][ T4652] ntfs3: loop3: Failed to load $Secure.
[  100.183540][ T4580] team0: Port device team_slave_1 added
[  100.240713][ T4566] team0: Port device team_slave_0 added
[  100.347421][ T4566] team0: Port device team_slave_1 added
[  100.358734][ T4580] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.371420][ T4675] loop0: detected capacity change from 0 to 164
[  100.379773][ T4580] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.414168][ T4580] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.443780][ T4580] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.455235][ T4580] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.486690][ T4580] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.563131][ T4678] Bluetooth: hci3: invalid length 0, exp 2 for type 29
[  100.588968][ T4566] batman_adv: batadv0: Adding interface: batadv_slave_0
[  100.607037][ T4566] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.652030][ T4566] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  100.733161][ T4566] batman_adv: batadv0: Adding interface: batadv_slave_1
[  100.740630][ T4566] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  100.774568][ T4566] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  100.863276][ T4580] device hsr_slave_0 entered promiscuous mode
[  100.875554][ T4580] device hsr_slave_1 entered promiscuous mode
[  100.944054][ T4145] Bluetooth: hci2: command 0x041b tx timeout
[  101.026747][ T3751] Bluetooth: hci4: command 0x041b tx timeout
[  101.074552][ T4566] device hsr_slave_0 entered promiscuous mode
[  101.082421][ T4566] device hsr_slave_1 entered promiscuous mode
[  101.092789][ T4566] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  101.104835][ T4566] Cannot create hsr debugfs directory
[  101.893220][  T144] device hsr_slave_0 left promiscuous mode
[  101.914349][  T144] device hsr_slave_1 left promiscuous mode
[  101.949923][ T4700] loop2: detected capacity change from 0 to 16
[  102.114893][ T4700] erofs: Unknown parameter '��v�@l
��Jp���Hʫ��P��X��m���ʦ'
[  102.142128][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  102.153583][ T4698] loop0: detected capacity change from 0 to 8192
[  102.160260][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  102.168256][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  102.176507][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  102.184633][  T144] device bridge_slave_1 left promiscuous mode
[  102.191350][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  102.218968][  T144] device bridge_slave_0 left promiscuous mode
[  102.279447][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  102.318690][ T4698] Dev loop0: RDB in block 1 has bad checksum
[  102.612148][  T144] device veth1_macvtap left promiscuous mode
[  102.678847][  T144] device veth0_macvtap left promiscuous mode
[  102.685631][ T4145] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  102.768086][  T144] device veth1_vlan left promiscuous mode
[  102.774067][  T144] device veth0_vlan left promiscuous mode
[  102.811140][ T3026] Dev loop0: RDB in block 1 has bad checksum
[  103.004062][ T4145] usb 3-1: Using ep0 maxpacket: 16
[  103.025281][ T3621] Bluetooth: hci2: command 0x040f tx timeout
[  103.104233][ T3621] Bluetooth: hci4: command 0x040f tx timeout
[  103.164602][ T4145] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x89 has invalid maxpacket 33032, setting to 1024
[  103.182373][ T4145] usb 3-1: New USB device found, idVendor=0158, idProduct=0100, bcdDevice= 0.00
[  103.202993][  T144] team0 (unregistering): Port device team_slave_1 removed
[  103.210871][ T4145] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.222175][  T144] team0 (unregistering): Port device team_slave_0 removed
[  103.244285][ T4145] usb 3-1: config 0 descriptor??
[  103.251771][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  103.290618][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  103.303142][ T4716] loop3: detected capacity change from 0 to 512
[  103.347300][  T144] bond0 (unregistering): (slave team0): Releasing backup interface
[  103.369807][ T4716] EXT4-fs warning (device loop3): ext4_multi_mount_protect:300: Invalid MMP block in superblock
[  103.389148][  T144] bond0 (unregistering): Released all slaves
[  103.473302][ T4718] loop3: detected capacity change from 0 to 128
[  103.615735][ T4719] FAULT_INJECTION: forcing a failure.
[  103.615735][ T4719] name failslab, interval 1, probability 0, space 0, times 0
[  103.694235][ T4719] CPU: 1 PID: 4719 Comm: syz.3.212 Not tainted 5.15.164-syzkaller #0
[  103.702426][ T4719] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  103.712486][ T4719] Call Trace:
[  103.715773][ T4719]  <TASK>
[  103.718709][ T4719]  dump_stack_lvl+0x1e3/0x2d0
[  103.723400][ T4719]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  103.729043][ T4719]  ? panic+0x860/0x860
[  103.733183][ T4719]  should_fail+0x38a/0x4c0
[  103.737609][ T4719]  should_failslab+0x5/0x20
[  103.742129][ T4719]  slab_pre_alloc_hook+0x53/0xc0
[  103.747084][ T4719]  kmem_cache_alloc_node+0x49/0x2c0
[  103.752289][ T4719]  ? create_task_io_context+0x2c/0x400
[  103.757760][ T4719]  create_task_io_context+0x2c/0x400
[  103.763059][ T4719]  submit_bio_checks+0x11b5/0x1940
[  103.768197][ T4719]  ? migrate_pages+0x1fa1/0x3470
[  103.773139][ T4719]  ? __submit_bio+0x850/0x850
[  103.777816][ T4719]  ? blk_try_enter_queue+0x38e/0x4e0
[  103.783109][ T4719]  __submit_bio+0x5a1/0x850
[  103.787632][ T4719]  ? rcu_lock_release+0x20/0x20
[  103.792522][ T4719]  submit_bio_noacct+0x955/0xb30
[  103.797472][ T4719]  ? __lock_acquire+0x1ff0/0x1ff0
[  103.802509][ T4719]  ? rcu_lock_release+0x5/0x20
[  103.807285][ T4719]  ? blk_put_request+0x20/0x20
[  103.812078][ T4719]  submit_bio+0x2dd/0x560
[  103.816413][ T4719]  ? submit_bio_noacct+0xb30/0xb30
[  103.821528][ T4719]  ? submit_bh_wbc+0x5ba/0x690
[  103.826311][ T4719]  __block_write_full_page+0x8ab/0x1090
[  103.831869][ T4719]  ? mark_buffer_write_io_error+0x360/0x360
[  103.837768][ T4719]  ? fat_block_truncate_page+0x50/0x50
[  103.843266][ T4719]  move_to_new_page+0x8bc/0xde0
[  103.848147][ T4719]  ? rcu_lock_release+0x20/0x20
[  103.853011][ T4719]  ? remove_migration_ptes+0x150/0x150
[  103.858499][ T4719]  ? alloc_pages_vma+0x3df/0x800
[  103.863459][ T4719]  migrate_pages+0x1fa1/0x3470
[  103.868375][ T4719]  ? get_nodes+0x4e0/0x4e0
[  103.872800][ T4719]  ? next_demotion_node+0x190/0x190
[  103.878005][ T4719]  ? walk_page_range+0x5cc/0x680
[  103.883135][ T4719]  ? page_mapped_in_vma+0x6c0/0x6c0
[  103.888228][ T4700] udc-core: couldn't find an available UDC or it's busy
[  103.888345][ T4719]  __se_sys_mbind+0x10d0/0x1400
[  103.900272][ T4719]  ? __lock_acquire+0x1ff0/0x1ff0
[  103.902415][ T4700] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  103.905298][ T4719]  ? __x64_sys_mbind+0xf0/0xf0
[  103.917486][ T4719]  ? syscall_enter_from_user_mode+0x2e/0x240
[  103.923478][ T4719]  ? lockdep_hardirqs_on+0x94/0x130
[  103.928692][ T4719]  ? __x64_sys_mbind+0x1d/0xf0
[  103.933460][ T4719]  do_syscall_64+0x3b/0xb0
[  103.937876][ T4719]  ? clear_bhb_loop+0x15/0x70
[  103.942554][ T4719]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  103.948449][ T4719] RIP: 0033:0x7f364e10b299
[  103.952868][ T4719] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  103.963196][ T4145] hid (null): report_id 2838798905 is invalid
[  103.972474][ T4719] RSP: 002b:00007f364c569048 EFLAGS: 00000246 ORIG_RAX: 00000000000000ed
[  103.972502][ T4719] RAX: ffffffffffffffda RBX: 00007f364e29a058 RCX: 00007f364e10b299
[  103.972513][ T4719] RDX: 0000000000000000 RSI: 0000000000800000 RDI: 0000000020001000
[  103.972523][ T4719] RBP: 00007f364c5690a0 R08: 0000000000000000 R09: 0000000000000002
[  103.972533][ T4719] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  103.972543][ T4719] R13: 000000000000006e R14: 00007f364e29a058 R15: 00007fff61caa6a8
[  103.972567][ T4719]  </TASK>
[  103.990112][ T4145] hid (null): unknown global tag 0xc
[  104.037058][ T4145] hid (null): global environment stack underflow
[  104.041291][ T4719] attempt to access beyond end of device
[  104.041291][ T4719] loop3: rw=1, want=129, limit=128
[  104.048119][ T4145] hid-generic 0003:0158:0100.0001: unexpected long global item
[  104.062886][ T4145] hid-generic: probe of 0003:0158:0100.0001 failed with error -22
[  104.074586][ T4719] Buffer I/O error on dev loop3, logical block 128, lost async page write
[  104.090116][ T4719] attempt to access beyond end of device
[  104.090116][ T4719] loop3: rw=1, want=146, limit=128
[  104.106990][ T4719] Buffer I/O error on dev loop3, logical block 145, lost async page write
[  104.115865][ T4719] attempt to access beyond end of device
[  104.115865][ T4719] loop3: rw=1, want=147, limit=128
[  104.141430][ T4719] Buffer I/O error on dev loop3, logical block 146, lost async page write
[  104.150858][ T4719] attempt to access beyond end of device
[  104.150858][ T4719] loop3: rw=1, want=148, limit=128
[  104.175857][ T4719] Buffer I/O error on dev loop3, logical block 147, lost async page write
[  104.186056][ T4719] attempt to access beyond end of device
[  104.186056][ T4719] loop3: rw=1, want=149, limit=128
[  104.253097][ T2692] attempt to access beyond end of device
[  104.253097][ T2692] loop3: rw=1, want=985, limit=128
[  104.270526][ T4719] Buffer I/O error on dev loop3, logical block 148, lost async page write
[  104.282243][ T4719] attempt to access beyond end of device
[  104.282243][ T4719] loop3: rw=1, want=150, limit=128
[  104.293894][ T4719] Buffer I/O error on dev loop3, logical block 149, lost async page write
[  104.326730][ T4719] attempt to access beyond end of device
[  104.326730][ T4719] loop3: rw=1, want=151, limit=128
[  104.339406][ T4719] Buffer I/O error on dev loop3, logical block 150, lost async page write
[  104.348531][ T4719] attempt to access beyond end of device
[  104.348531][ T4719] loop3: rw=1, want=152, limit=128
[  104.364175][ T4719] Buffer I/O error on dev loop3, logical block 151, lost async page write
[  104.383219][ T4719] attempt to access beyond end of device
[  104.383219][ T4719] loop3: rw=1, want=153, limit=128
[  104.402354][ T4719] Buffer I/O error on dev loop3, logical block 152, lost async page write
[  104.768938][ T4566] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.104261][ T3747] Bluetooth: hci2: command 0x0419 tx timeout
[  105.188347][ T3747] Bluetooth: hci4: command 0x0419 tx timeout
[  105.511140][ T3747] usb 3-1: USB disconnect, device number 5
[  105.651498][ T4566] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.702738][ T4742] loop0: detected capacity change from 0 to 32768
[  105.757992][ T4566] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.790209][ T4742] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.215 (4742)
[  105.822081][ T4742] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  105.851816][ T4742] BTRFS error (device loop0): unrecognized mount option 'smackfstransmute=!'
[  105.868749][ T4566] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  105.883241][ T4742] BTRFS error (device loop0): open_ctree failed
[  105.974278][ T3747] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  106.097162][ T4580] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  106.158492][ T4580] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  106.191540][ T4580] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  106.231872][ T4580] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  106.260980][ T4566] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  106.300840][ T4566] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  106.335440][ T3747] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  106.338787][ T4566] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  106.364097][ T3747] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  106.410469][ T3747] usb 3-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  106.437717][ T4566] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  106.454913][ T3747] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  106.579203][ T4580] 8021q: adding VLAN 0 to HW filter on device bond0
[  106.655589][ T3747] usb 3-1: config 0 descriptor??
[  106.661956][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  106.691505][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  106.797753][ T4580] 8021q: adding VLAN 0 to HW filter on device team0
[  107.054767][ T4580] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  107.095764][ T4580] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  107.188423][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  107.198877][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  107.238690][ T3770] bridge0: port 1(bridge_slave_0) entered blocking state
[  107.245837][ T3770] bridge0: port 1(bridge_slave_0) entered forwarding state
[  107.284033][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  107.286182][ T3747] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  107.293237][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  107.314056][ T3747] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  107.334353][ T3747] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  107.354683][ T3770] bridge0: port 2(bridge_slave_1) entered blocking state
[  107.361824][ T3770] bridge0: port 2(bridge_slave_1) entered forwarding state
[  107.369530][ T3747] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  107.384003][ T3747] cm6533_jd 0003:0D8C:0022.0002: unknown main item tag 0x0
[  107.390064][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  107.395381][ T3747] cm6533_jd 0003:0D8C:0022.0002: No inputs registered, leaving
[  107.409436][ T4799] FAULT_INJECTION: forcing a failure.
[  107.409436][ T4799] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  107.424733][ T4775] loop0: detected capacity change from 0 to 32768
[  107.432831][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  107.451169][ T4799] CPU: 1 PID: 4799 Comm: syz.3.223 Not tainted 5.15.164-syzkaller #0
[  107.453045][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  107.459353][ T4799] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  107.459366][ T4799] Call Trace:
[  107.459371][ T4799]  <TASK>
[  107.459379][ T4799]  dump_stack_lvl+0x1e3/0x2d0
[  107.459404][ T4799]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  107.459421][ T4799]  ? panic+0x860/0x860
[  107.459438][ T4799]  ? validate_chain+0x112/0x5930
[  107.459457][ T4799]  ? validate_chain+0x112/0x5930
[  107.459481][ T4799]  should_fail+0x38a/0x4c0
[  107.459504][ T4799]  _copy_from_user+0x2d/0x170
[  107.459522][ T4799]  iovec_from_user+0x13b/0x390
[  107.459543][ T4799]  __import_iovec+0x72/0x4b0
[  107.459558][ T4799]  ? __ia32_sys_shutdown+0x60/0x60
[  107.492997][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  107.494027][ T4799]  import_iovec+0xe6/0x120
[  107.494061][ T4799]  ___sys_sendmsg+0x215/0x2e0
[  107.502949][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  107.503020][ T4799]  ? __sys_sendmsg+0x260/0x260
[  107.525410][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  107.526284][ T4799]  ? __fdget+0x191/0x220
[  107.541823][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  107.543502][ T4799]  __se_sys_sendmsg+0x19a/0x260
[  107.555620][ T4763] udc-core: couldn't find an available UDC or it's busy
[  107.556014][ T4799]  ? __x64_sys_sendmsg+0x80/0x80
[  107.567128][ T4763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  107.568641][ T4799]  ? syscall_enter_from_user_mode+0x2e/0x240
[  107.573518][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  107.580629][ T4799]  ? lockdep_hardirqs_on+0x94/0x130
[  107.580654][ T4799]  ? syscall_enter_from_user_mode+0x2e/0x240
[  107.580673][ T4799]  do_syscall_64+0x3b/0xb0
[  107.580689][ T4799]  ? clear_bhb_loop+0x15/0x70
[  107.580707][ T4799]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  107.595608][ T4763] udc-core: couldn't find an available UDC or it's busy
[  107.597355][ T4799] RIP: 0033:0x7f364e10b299
[  107.597376][ T4799] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  107.597390][ T4799] RSP: 002b:00007f364c569048 EFLAGS: 00000246
[  107.616242][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  107.618459][ T4799]  ORIG_RAX: 000000000000002e
[  107.633990][ T4763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  107.638647][ T4799] RAX: ffffffffffffffda RBX: 00007f364e29a058 RCX: 00007f364e10b299
[  107.646040][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  107.651428][ T4799] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000005
[  107.677113][ T4763] udc-core: couldn't find an available UDC or it's busy
[  107.681444][ T4799] RBP: 00007f364c5690a0 R08: 0000000000000000 R09: 0000000000000000
[  107.692447][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  107.694044][ T4799] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  107.694059][ T4799] R13: 000000000000006e R14: 00007f364e29a058 R15: 00007fff61caa6a8
[  107.694082][ T4799]  </TASK>
[  107.706636][ T3747] cm6533_jd 0003:0D8C:0022.0002: hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.2-1/input0
[  107.735013][ T4763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  107.746351][ T4775] gfs2: fsid=statfs_quantum: Trying to join cluster "lock_nolock", "statfs_quantum"
[  107.767853][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  107.817735][ T4775] gfs2: fsid=statfs_quantum: Now mounting FS (format 1801)...
[  107.868433][ T4775] gfs2: fsid=statfs_quantum.s: journal 0 mapped with 16 extents in 0ms
[  107.872680][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  107.984970][ T4566] 8021q: adding VLAN 0 to HW filter on device bond0
[  108.006374][ T4763] udc-core: couldn't find an available UDC or it's busy
[  108.022270][ T4775] gfs2: fsid=statfs_quantum.s: first mount done, others may mount
[  108.032825][ T4763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  108.046963][ T4580] 8021q: adding VLAN 0 to HW filter on device batadv0
[  108.063682][ T4763] udc-core: couldn't find an available UDC or it's busy
[  108.076490][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  108.084378][ T4763] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  108.117314][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  108.158264][ T4566] 8021q: adding VLAN 0 to HW filter on device team0
[  108.199647][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  108.222914][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  108.242299][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  108.272749][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  108.288343][ T3747] bridge0: port 1(bridge_slave_0) entered blocking state
[  108.295524][ T3747] bridge0: port 1(bridge_slave_0) entered forwarding state
[  108.341443][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  108.372318][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  108.383500][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  108.403214][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  108.420516][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  108.452394][ T3751] bridge0: port 2(bridge_slave_1) entered blocking state
[  108.459561][ T3751] bridge0: port 2(bridge_slave_1) entered forwarding state
[  108.531081][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  108.545030][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  108.553347][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  108.619870][ T4580] device veth0_vlan entered promiscuous mode
[  108.652314][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  108.664937][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  108.727934][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  108.750422][ T4821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.226'.
[  108.766412][ T4821] netlink: 31 bytes leftover after parsing attributes in process `syz.3.226'.
[  108.778416][ T4821] netlink: 'syz.3.226': attribute type 2 has an invalid length.
[  108.784082][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  108.794722][ T4821] netlink: 'syz.3.226': attribute type 2 has an invalid length.
[  108.804210][ T4821] netlink: 31 bytes leftover after parsing attributes in process `syz.3.226'.
[  108.815809][ T4824] loop2: detected capacity change from 0 to 64
[  108.826038][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  108.846809][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  108.871529][ T3768] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  108.889515][ T3770] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  108.908223][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  108.925669][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  108.939515][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  108.954666][ T3766] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  108.976715][ T4824] netlink: 12 bytes leftover after parsing attributes in process `syz.2.227'.
[  108.987383][ T4580] device veth1_vlan entered promiscuous mode
[  108.991458][ T4824] afs: Unknown parameter '��dyn'
[  109.003572][ T4824] Trying to free block not in datazone
[  109.108938][ T4566] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  109.316433][ T3764] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  109.574196][ T3764] usb 1-1: Using ep0 maxpacket: 16
[  109.768479][ T3747] usb 3-1: USB disconnect, device number 6
[  109.799211][ T3764] usb 1-1: config 0 has no interfaces?
[  109.862960][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  109.886912][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  109.923458][ T4580] device veth0_macvtap entered promiscuous mode
[  109.964935][ T4580] device veth1_macvtap entered promiscuous mode
[  110.010886][ T3764] usb 1-1: New USB device found, idVendor=17ef, idProduct=721e, bcdDevice=de.06
[  110.037539][ T3764] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.041442][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.071757][ T3764] usb 1-1: Product: syz
[  110.089395][ T3764] usb 1-1: Manufacturer: syz
[  110.098606][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.120538][ T3764] usb 1-1: SerialNumber: syz
[  110.134029][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.152304][ T3764] r8152-cfgselector 1-1: config 0 descriptor??
[  110.163519][ T4852] cifs: Unknown parameter 'no9� ��P��G!8�����E�8-�� ����Ŗ�Eeլ'
[  110.173549][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.201443][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.218010][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.238159][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  110.259115][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.276654][ T4580] batman_adv: batadv0: Interface activated: batadv_slave_0
[  110.298229][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.320011][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.333105][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.348050][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.368636][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.389338][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.402586][ T4580] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  110.418205][ T4580] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  110.439460][ T3764] usbip-host 1-1: 1-1 is not in match_busid table... skip!
[  110.444282][ T4580] batman_adv: batadv0: Interface activated: batadv_slave_1
[  110.480304][ T4566] 8021q: adding VLAN 0 to HW filter on device batadv0
[  110.491212][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  110.531425][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  110.551791][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  110.579989][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  110.596440][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  110.640509][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  110.657797][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  110.666734][ T4827] loop0: detected capacity change from 0 to 2048
[  110.689514][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  110.713204][ T4580] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  110.721765][ T4875] loop3: detected capacity change from 0 to 4096
[  110.729388][ T4580] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  110.742177][ T4827] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  110.764475][ T4580] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  110.776954][ T4580] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  110.827013][ T4875] ntfs3: Bad value for 'uid'
[  110.989974][ T4887] loop3: detected capacity change from 0 to 512
[  111.040923][ T3747] usb 1-1: USB disconnect, device number 5
[  111.130699][ T4887] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  111.146814][ T4887] ext4 filesystem being mounted at /41/file0 supports timestamps until 2038 (0x7fffffff)
[  111.157470][ T4043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.187102][ T4043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.241070][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  111.242134][ T4043] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  111.283228][ T4043] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  111.291833][ T3765] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  111.327697][ T3765] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  111.382761][ T3765] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  111.414200][ T3772] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  111.422813][ T3772] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  111.440894][ T4566] device veth0_vlan entered promiscuous mode
[  111.469102][ T3764] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  111.481852][ T3764] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  111.538057][ T4566] device veth1_vlan entered promiscuous mode
[  111.758531][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  111.784563][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  111.816167][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  111.842337][ T3751] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  111.859895][ T4920] syz.0.235 uses obsolete (PF_INET,SOCK_PACKET)
[  111.878897][ T4566] device veth0_macvtap entered promiscuous mode
[  111.915916][ T4566] device veth1_macvtap entered promiscuous mode
[  112.002242][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.061359][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.120337][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.165549][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.181302][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.213898][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.263593][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.316671][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.381237][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  112.421266][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.435784][ T4566] batman_adv: batadv0: Interface activated: batadv_slave_0
[  112.450069][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  112.463693][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  112.506821][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  112.543858][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  112.584658][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.622561][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.640351][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.653748][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.670943][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.693983][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.712928][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.734143][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.771808][ T4918] loop2: detected capacity change from 0 to 32768
[  112.774001][ T4566] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  112.800574][ T4566] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  112.822906][ T4566] batman_adv: batadv0: Interface activated: batadv_slave_1
[  112.940059][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  112.959672][ T3621] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  113.008088][ T4566] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  113.019787][ T4566] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  113.035021][ T4566] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  113.044589][ T4566] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  113.055222][ T4942] netlink: 12 bytes leftover after parsing attributes in process `syz.1.237'.
[  113.064670][ T4942] netlink: 31 bytes leftover after parsing attributes in process `syz.1.237'.
[  113.077485][ T4942] netlink: 'syz.1.237': attribute type 2 has an invalid length.
[  113.085892][ T4942] netlink: 'syz.1.237': attribute type 2 has an invalid length.
[  113.093540][ T4942] netlink: 31 bytes leftover after parsing attributes in process `syz.1.237'.
[  113.139147][ T4918] XFS (loop2): Mounting V5 Filesystem
[  113.328423][ T4918] XFS (loop2): Ending clean mount
[  113.420488][   T25] audit: type=1800 audit(1722194107.423:78): pid=4918 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.236" name="bus" dev="loop2" ino=4427 res=0 errno=0
[  113.440728][    C1] vkms_vblank_simulate: vblank timer overrun
[  113.484459][ T4043] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.510650][ T4957] loop0: detected capacity change from 0 to 512
[  113.512061][ T4043] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.581360][ T4044] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  113.599562][ T3747] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  113.609215][ T4044] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  113.622901][ T4957] EXT4-fs (loop0): Mount option "nojournal_checksum" incompatible with ext3
[  113.696593][ T4145] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  113.778456][  T144] device hsr_slave_0 left promiscuous mode
[  113.828999][  T144] device hsr_slave_1 left promiscuous mode
[  113.849635][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  113.885209][  T144] batman_adv: batadv0: Removing interface: batadv_slave_0
[  113.910711][  T144] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  113.960751][  T144] batman_adv: batadv0: Removing interface: batadv_slave_1
[  113.983876][ T4961] loop1: detected capacity change from 0 to 1764
[  114.004027][  T144] device bridge_slave_1 left promiscuous mode
[  114.039359][  T144] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.072880][ T4963] loop4: detected capacity change from 0 to 4096
[  114.080818][  T144] device bridge_slave_0 left promiscuous mode
[  114.105357][  T144] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.128658][ T4963] ntfs3: Bad value for 'uid'
[  114.195578][  T144] device veth1_macvtap left promiscuous mode
[  114.212448][  T144] device veth0_macvtap left promiscuous mode
[  114.222622][  T144] device veth1_vlan left promiscuous mode
[  114.240376][  T144] device veth0_vlan left promiscuous mode
[  114.283360][ T4968] loop3: detected capacity change from 0 to 2048
[  114.315846][ T4918] XFS (loop2): Unmounting Filesystem
[  114.389616][ T4971] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  114.455514][ T4968] EXT4-fs (loop3): Mount option "nouser_xattr" will be removed by 3.5
[  114.455514][ T4968] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  114.455514][ T4968] 
[  114.491159][ T4973] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  114.557904][ T4968] EXT4-fs (loop3): mounted filesystem without journal. Opts: nouser_xattr,,errors=continue. Quota mode: none.
[  114.569790][ T4968] ext4 filesystem being mounted at /44/file0 supports timestamps until 2038 (0x7fffffff)
[  114.726556][   T25] audit: type=1326 audit(1722194108.663:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4976 comm="syz.4.246" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f25d5ccf299 code=0x0
[  114.762531][ T4980] loop4: detected capacity change from 0 to 128
[  114.850087][ T4980] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  114.971357][ T4983] 9pnet: Could not find request transport: fd
�h��R0x0000000000000009
[  115.032087][  T144] team0 (unregistering): Port device team_slave_1 removed
[  115.058410][  T144] team0 (unregistering): Port device team_slave_0 removed
[  115.116570][  T144] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  115.151029][  T144] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  115.152532][ T4987] loop2: detected capacity change from 0 to 512
[  115.239488][ T4987] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  115.262474][ T4987] ext4 filesystem being mounted at /39/file0 supports timestamps until 2038 (0x7fffffff)
[  115.297124][  T144] bond0 (unregistering): Released all slaves
[  115.475481][ T4972] netlink: 8 bytes leftover after parsing attributes in process `syz.1.244'.
[  115.571147][ T4995] "syz.1.252" (4995) uses obsolete ecb(arc4) skcipher
[  115.603856][ T4998] netlink: 12 bytes leftover after parsing attributes in process `syz.4.251'.
[  115.613400][ T4998] netlink: 31 bytes leftover after parsing attributes in process `syz.4.251'.
[  115.692364][ T4997] netlink: 16 bytes leftover after parsing attributes in process `syz.1.252'.
[  115.712927][ T4998] netlink: 'syz.4.251': attribute type 2 has an invalid length.
[  115.757021][ T4998] netlink: 'syz.4.251': attribute type 2 has an invalid length.
[  115.766618][ T4998] netlink: 31 bytes leftover after parsing attributes in process `syz.4.251'.
[  116.045095][ T5004] kvm: pic: non byte read
[  116.082885][ T5004] kvm: pic: level sensitive irq not supported
[  116.101271][ T5004] kvm: pic: non byte read
[  116.189774][ T5004] kvm: pic: non byte read
[  116.231777][ T5004] kvm: pic: single mode not supported
[  116.231799][ T5004] kvm: pic: level sensitive irq not supported
[  116.263604][ T5004] kvm: pic: non byte read
[  116.326282][ T5004] kvm: pic: non byte read
[  116.345542][ T5004] kvm: pic: non byte read
[  116.368758][ T5004] kvm: pic: single mode not supported
[  116.368818][ T5004] kvm: pic: non byte read
[  116.389104][ T5004] kvm: pic: level sensitive irq not supported
[  116.389165][ T5004] kvm: pic: non byte read
[  116.396531][ T5012] loop1: detected capacity change from 0 to 512
[  116.420695][ T5004] kvm: pic: non byte read
[  116.523462][ T5012] EXT4-fs (loop1): error: could not find journal device path: error -2
[  116.632819][ T5015] loop4: detected capacity change from 0 to 512
[  116.807978][ T5012] loop1: detected capacity change from 0 to 128
[  116.830893][ T5017] loop0: detected capacity change from 0 to 512
[  116.891241][ T5015] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  116.909632][ T5015] ext4 filesystem being mounted at /5/file0 supports timestamps until 2038 (0x7fffffff)
[  117.143445][   T25] audit: type=1804 audit(1722194111.143:80): pid=5014 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.255" name="/newroot/5/file0/bus" dev="loop4" ino=18 res=1 errno=0
[  117.173859][ T5021] loop2: detected capacity change from 0 to 2048
[  117.286522][ T5021] UDF-fs: error (device loop2): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  117.315667][ T5021] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  117.336382][ T5027] netlink: 120 bytes leftover after parsing attributes in process `syz.3.260'.
[  117.499531][ T3770] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  117.507198][ T3764] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  117.595807][ T5021] IPVS: set_ctl: invalid protocol: 0 0.0.0.0:0
[  117.655603][   T25] audit: type=1800 audit(1722194111.603:81): pid=5021 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.257" name=17CFA7E8FDFEFFD4C06FEC4F8D39DDD176CE6CA617DC6B1C4432 dev="loop2" ino=1369 res=0 errno=0
[  117.824269][ T3770] usb 1-1: Using ep0 maxpacket: 32
[  117.829773][ T3764] usb 5-1: Using ep0 maxpacket: 16
[  117.969716][ T3770] usb 1-1: config 1 interface 0 altsetting 5 endpoint 0x2 has an invalid bInterval 127, changing to 10
[  117.981228][ T3764] usb 5-1: config 1 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 0
[  118.004071][ T5025] loop1: detected capacity change from 0 to 32768
[  118.009735][ T3770] usb 1-1: config 1 interface 0 altsetting 5 endpoint 0x2 has invalid maxpacket 1568, setting to 1024
[  118.041962][ T3770] usb 1-1: config 1 interface 0 has no altsetting 0
[  118.143776][ T5025] XFS (loop1): Mounting V5 Filesystem
[  118.206195][ T3764] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  118.217351][ T5041] netlink: 12 bytes leftover after parsing attributes in process `syz.3.265'.
[  118.232422][ T5041] netlink: 31 bytes leftover after parsing attributes in process `syz.3.265'.
[  118.252036][ T3764] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.260742][ T3770] usb 1-1: New USB device found, idVendor=044f, idProduct=b654, bcdDevice= 0.40
[  118.282072][ T3770] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  118.300723][ T3764] usb 5-1: Product: syz
[  118.310849][ T3770] usb 1-1: Product: 㸯蛞鶆籩ஞᨉ溲德彀鏬뤜㾴冻Ⴞ䝁隞⚱∞綍汔꽝똢赥曢ዖㄑ見᭬缲扫㿱跪䊢┹蔞뻘䞄墝澞䐡玗間᤯茪Ậ侢씶癆掻ܡ楆ึꄱ♋ﳎ⬰柳釴놇封欔즧⊧沧奨䎽奅䠑ꣅ覅壓ຟ机箖➃鷓ʻ銰ꄴ⎶呧꜄젃牘ௌޘ忍ﺙꝚ㣢
[  118.354029][ T3764] usb 5-1: Manufacturer: syz
[  118.358651][ T3764] usb 5-1: SerialNumber: syz
[  118.374961][ T5041] netlink: 'syz.3.265': attribute type 2 has an invalid length.
[  118.393599][ T5041] netlink: 'syz.3.265': attribute type 2 has an invalid length.
[  118.414333][ T5014] raw-gadget.1 gadget: fail, usb_ep_enable returned -22
[  118.427270][ T5041] netlink: 31 bytes leftover after parsing attributes in process `syz.3.265'.
[  118.436484][ T3770] usb 1-1: Manufacturer: 겒酄睮涡Ì籐㎻䖥瘂ᷠﵤ㹯し೿屲렕佊ꗉ淌릩ఘ︀嫋泴玲ѽ鿃꛾⿗鈻篬Ṿ㳢룞ᒑ阦ꀷ쥳琹祧ጦퟕ혇踕謺ՙ䌓ጽዘ豩瑫范蓳絤㠑맔湳ﭶꎓ３僑몍혛ﲢ胴ү䘂慳禗진流뮓ェ∴쪵앬숙ॉ䁰⚗䆋鷞쒓㇍ﶳ톁ꮀ牫皜遣⯥
[  118.469436][ T3764] cdc_ether: probe of 5-1:1.0 failed with error -22
[  118.492407][ T5038] loop2: detected capacity change from 0 to 32768
[  118.502180][ T3770] usb 1-1: SerialNumber: 띱ᒗ䘛壢钢Ⴌ經嘂砀蹜劈⠅駆⎨밙䈣℧듢胻竈¥ﭑࡒ춄䱷ꑗȐ疚ᛑ躘䐧ꕁ껝蘽ᇏꇕ슇
[  118.522192][ T5025] XFS (loop1): Ending clean mount
[  118.564435][ T5017] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  118.632585][ T5038] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.264 (5038)
[  118.677482][ T5038] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  118.679878][ T3769] usb 5-1: USB disconnect, device number 3
[  118.763420][ T5038] BTRFS info (device loop2): using free space tree
[  118.784121][ T5038] BTRFS info (device loop2): has skinny extents
[  119.014073][ T5038] BTRFS info (device loop2): enabling ssd optimizations
[  119.056104][ T5077] overlayfs: unrecognized mount option "appraise" or missing value
[  119.095840][ T5060] kvm: pic: non byte read
[  119.100308][ T5060] kvm: pic: level sensitive irq not supported
[  119.100600][ T5060] kvm: pic: single mode not supported
[  119.107069][ T5060] kvm: pic: level sensitive irq not supported
[  119.138534][ T5060] kvm: pic: single mode not supported
[  119.161874][ T5060] kvm: pic: level sensitive irq not supported
[  119.354423][ T3770] usbhid 1-1:1.0: can't add hid device: -71
[  119.368741][ T3770] usbhid: probe of 1-1:1.0 failed with error -71
[  119.401741][ T3770] usb 1-1: USB disconnect, device number 6
[  119.680881][ T5089] netlink: 194236 bytes leftover after parsing attributes in process `syz.2.267'.
[  119.690435][ T5089] netlink: zone id is out of range
[  119.695636][ T5089] netlink: zone id is out of range
[  119.701927][ T5089] netlink: zone id is out of range
[  119.708353][ T5089] netlink: get zone limit has 8 unknown bytes
[  120.364602][ T5090] loop3: detected capacity change from 0 to 512
[  120.553020][ T5025] XFS (loop1): Unmounting Filesystem
[  120.785647][ T5090] EXT4-fs (loop3): Ignoring removed bh option
[  120.793048][ T5090] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  120.793048][ T5090] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  120.793048][ T5090] 
[  120.811380][ T5090] EXT4-fs (loop3): can't mount with data=, fs mounted w/o journal
[  120.892017][ T5094] loop2: detected capacity change from 0 to 256
[  120.904027][ T4002] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  120.941998][ T5097] input: syz1 as /devices/virtual/input/input10
[  121.089345][ T5102] FAULT_INJECTION: forcing a failure.
[  121.089345][ T5102] name failslab, interval 1, probability 0, space 0, times 0
[  121.144098][ T5102] CPU: 1 PID: 5102 Comm: syz.0.274 Not tainted 5.15.164-syzkaller #0
[  121.152201][ T5102] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  121.162264][ T5102] Call Trace:
[  121.165630][ T5102]  <TASK>
[  121.168554][ T5102]  dump_stack_lvl+0x1e3/0x2d0
[  121.173230][ T5102]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  121.178863][ T5102]  ? panic+0x860/0x860
[  121.182931][ T5102]  ? validate_chain+0x112/0x5930
[  121.187867][ T5102]  ? arch_stack_walk+0xf3/0x140
[  121.192726][ T5102]  should_fail+0x38a/0x4c0
[  121.197150][ T5102]  should_failslab+0x5/0x20
[  121.201655][ T5102]  slab_pre_alloc_hook+0x53/0xc0
[  121.206595][ T5102]  ? vm_area_alloc+0x20/0xe0
[  121.211182][ T5102]  kmem_cache_alloc+0x3f/0x280
[  121.215955][ T5102]  vm_area_alloc+0x20/0xe0
[  121.220375][ T5102]  mmap_region+0xad4/0x1670
[  121.224894][ T5102]  ? file_mmap_ok+0x150/0x150
[  121.229567][ T5102]  ? cap_mmap_addr+0x15e/0x2d0
[  121.234334][ T5102]  ? bpf_lsm_mmap_addr+0x5/0x10
[  121.239193][ T5102]  ? get_unmapped_area+0x317/0x380
[  121.244301][ T5102]  do_mmap+0x78d/0xe00
[  121.248364][ T5102]  vm_mmap_pgoff+0x1ca/0x2d0
[  121.252947][ T5102]  ? account_locked_vm+0xe0/0xe0
[  121.257869][ T5102]  ? __lock_acquire+0x1ff0/0x1ff0
[  121.262877][ T5102]  ksys_mmap_pgoff+0x13e/0x780
[  121.267633][ T5102]  ? print_irqtrace_events+0x210/0x210
[  121.273070][ T5102]  ? mmap_region+0x1670/0x1670
[  121.277811][ T5102]  ? syscall_enter_from_user_mode+0x2e/0x240
[  121.283768][ T5102]  ? lockdep_hardirqs_on+0x94/0x130
[  121.288956][ T5102]  do_syscall_64+0x3b/0xb0
[  121.293433][ T5102]  ? clear_bhb_loop+0x15/0x70
[  121.298086][ T5102]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  121.303955][ T5102] RIP: 0033:0x7f94af1b22d3
[  121.308354][ T5102] Code: f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 00 41 89 ca 41 f7 c1 ff 0f 00 00 75 14 b8 09 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 25 c3 0f 1f 40 00 48 c7 c0 a8 ff ff ff 64 c7
[  121.327938][ T5102] RSP: 002b:00007f94ad630e28 EFLAGS: 00000246 ORIG_RAX: 0000000000000009
[  121.336451][ T5102] RAX: ffffffffffffffda RBX: 000000000000049f RCX: 00007f94af1b22d3
[  121.344398][ T5102] RDX: 0000000000000003 RSI: 0000000008400000 RDI: 0000000000000000
[  121.352343][ T5102] RBP: 000000002001fc42 R08: 00000000ffffffff R09: 0000000000000000
[  121.360290][ T5102] R10: 0000000000000022 R11: 0000000000000246 R12: 0000000000000004
[  121.368248][ T5102] R13: 00007f94ad630f00 R14: 00007f94ad630ec0 R15: 000000002001f9c0
[  121.376301][ T5102]  </TASK>
[  121.387862][ T4002] usb 5-1: Using ep0 maxpacket: 16
[  121.408955][ T5119] loop2: detected capacity change from 0 to 8
[  121.534117][ T4002] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  121.561729][ T4002] usb 5-1: config 0 interface 0 altsetting 1 endpoint 0x81 has invalid wMaxPacketSize 0
[  121.591126][ T4002] usb 5-1: config 0 interface 0 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  121.614890][ T4002] usb 5-1: config 0 interface 0 has no altsetting 0
[  121.626105][ T5123] loop0: detected capacity change from 0 to 8192
[  121.626714][ T4002] usb 5-1: New USB device found, idVendor=045e, idProduct=05da, bcdDevice= 0.00
[  121.643110][ T4002] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  121.658841][ T4002] usb 5-1: config 0 descriptor??
[  121.691672][ T5123] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  121.712170][ T5123] REISERFS (device loop0): using ordered data mode
[  121.719992][ T5123] reiserfs: using flush barriers
[  121.731348][ T5123] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  121.748570][ T5123] REISERFS (device loop0): checking transaction log (loop0)
[  121.760678][ T5123] REISERFS (device loop0): Using r5 hash to sort names
[  121.780108][ T5123] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  121.826502][ T3765] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  121.895784][ T5132] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  121.921959][ T5087] udc-core: couldn't find an available UDC or it's busy
[  121.939417][ T5087] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  121.974929][ T5135] loop2: detected capacity change from 0 to 512
[  121.982292][ T5087] netlink: 924 bytes leftover after parsing attributes in process `syz.4.268'.
[  122.043487][ T5135] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  122.056371][ T5135] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038 (0x7fffffff)
[  122.094085][ T4002] usbhid 5-1:0.0: can't add hid device: -71
[  122.100344][ T4002] usbhid: probe of 5-1:0.0 failed with error -71
[  122.117878][ T4002] usb 5-1: USB disconnect, device number 4
[  122.124114][ T3765] usb 2-1: Using ep0 maxpacket: 32
[  122.304194][ T3770] usb 4-1: new full-speed USB device number 8 using dummy_hcd
[  122.334474][ T5140] loop2: detected capacity change from 0 to 256
[  122.349928][   T25] audit: type=1326 audit(1722194116.353:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5143 comm="syz.0.286" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f94af1b2299 code=0x0
[  122.444201][ T3765] usb 2-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  122.453690][ T3765] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  122.456742][ T5145] loop0: detected capacity change from 0 to 128
[  122.462773][ T3765] usb 2-1: Product: syz
[  122.472555][ T3765] usb 2-1: Manufacturer: syz
[  122.494083][ T3765] usb 2-1: SerialNumber: syz
[  122.503443][ T3765] usb 2-1: config 0 descriptor??
[  122.505498][ T5147] loop2: detected capacity change from 0 to 512
[  122.556413][ T5147] EXT4-fs error (device loop2): ext4_orphan_get:1423: comm syz.2.287: bad orphan inode 17
[  122.578915][ T5147] ext4_test_bit(bit=16, block=4) = 1
[  122.589463][ T5145] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  122.616793][ T5147] is_bad_inode(inode)=0
[  122.622094][ T5147] NEXT_ORPHAN(inode)=0
[  122.632266][ T5147] max_ino=32
[  122.636156][ T5147] i_nlink=1
[  122.639557][ T5147] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  122.642052][ T5149] loop4: detected capacity change from 0 to 8192
[  122.658858][ T5147] Bluetooth: hci3: too big key_count value 28022
[  122.681250][ T5147] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.287: bg 0: block 7: invalid block bitmap
[  122.698636][ T5147] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2809: Unable to expand inode 12. Delete some EAs or run e2fsck.
[  122.715535][ T5149] Dev loop4: RDB in block 1 has bad checksum
[  122.774341][ T3770] usb 4-1: not running at top speed; connect to a high speed hub
[  122.884170][ T3770] usb 4-1: config 5 has an invalid interface number: 135 but max is 1
[  122.895503][ T3770] usb 4-1: config 5 has an invalid interface number: 121 but max is 1
[  122.904743][ T3770] usb 4-1: config 5 has no interface number 0
[  122.910827][ T3770] usb 4-1: config 5 has no interface number 1
[  122.917062][ T3770] usb 4-1: config 5 interface 135 altsetting 8 endpoint 0x2 has invalid maxpacket 512, setting to 64
[  122.927990][ T3770] usb 4-1: config 5 interface 135 altsetting 8 has an invalid endpoint with address 0x80, skipping
[  122.932505][ T5155] bridge0: port 3(vlan2) entered blocking state
[  122.938720][ T3770] usb 4-1: config 5 interface 135 altsetting 8 has an invalid endpoint with address 0x80, skipping
[  122.938748][ T3770] usb 4-1: config 5 interface 135 altsetting 8 endpoint 0x4 has invalid maxpacket 1024, setting to 64
[  122.938784][ T3770] usb 4-1: config 5 interface 121 altsetting 7 has an invalid endpoint with address 0x0, skipping
[  122.938805][ T3770] usb 4-1: config 5 interface 121 altsetting 7 endpoint 0xF has an invalid bInterval 155, changing to 4
[  122.938827][ T3770] usb 4-1: config 5 interface 121 altsetting 7 has a duplicate endpoint with address 0x2, skipping
[  122.938848][ T3770] usb 4-1: config 5 interface 121 altsetting 7 has an invalid endpoint with address 0x80, skipping
[  122.938868][ T3770] usb 4-1: config 5 interface 121 altsetting 7 has a duplicate endpoint with address 0x2, skipping
[  122.938888][ T3770] usb 4-1: config 5 interface 135 has no altsetting 0
[  122.951560][ T5155] bridge0: port 3(vlan2) entered disabled state
[  122.956107][ T3770] usb 4-1: config 5 interface 121 has no altsetting 0
[  123.027544][ T3026] Dev loop4: RDB in block 1 has bad checksum
[  123.062583][ T5125] bridge0: port 2(bridge_slave_1) entered disabled state
[  123.164919][ T3765] airspy 2-1:0.0: usb_control_msg() failed -71 request 0a
[  123.172081][ T3765] airspy 2-1:0.0: Could not detect board
[  123.199941][ T3765] airspy: probe of 2-1:0.0 failed with error -71
[  123.241473][ T3765] usb 2-1: USB disconnect, device number 8
[  123.248215][ T3770] usb 4-1: New USB device found, idVendor=0db0, idProduct=5580, bcdDevice=8b.12
[  123.275493][ T3770] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  123.283603][ T3770] usb 4-1: Product: syz
[  123.300789][ T3770] usb 4-1: Manufacturer: ࠾
[  123.312304][ T3770] usb 4-1: SerialNumber: syz
[  123.334654][ T5132] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  123.422473][ T5165] loop0: detected capacity change from 0 to 512
[  123.437458][ T5161] capability: warning: `syz.2.291' uses 32-bit capabilities (legacy support in use)
[  123.542720][ T5165] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  123.558180][ T5165] ext4 filesystem being mounted at /73/file0 supports timestamps until 2038 (0x7fffffff)
[  123.608704][ T5165] FAULT_INJECTION: forcing a failure.
[  123.608704][ T5165] name failslab, interval 1, probability 0, space 0, times 0
[  123.625219][ T5165] CPU: 1 PID: 5165 Comm: syz.0.292 Not tainted 5.15.164-syzkaller #0
[  123.633317][ T5165] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  123.643376][ T5165] Call Trace:
[  123.646657][ T5165]  <TASK>
[  123.649585][ T5165]  dump_stack_lvl+0x1e3/0x2d0
[  123.654319][ T5165]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  123.659972][ T5165]  ? panic+0x860/0x860
[  123.664056][ T5165]  ? __might_sleep+0xc0/0xc0
[  123.668659][ T5165]  should_fail+0x38a/0x4c0
[  123.673086][ T5165]  should_failslab+0x5/0x20
[  123.677590][ T5165]  slab_pre_alloc_hook+0x53/0xc0
[  123.682541][ T5165]  __kmalloc+0x6e/0x300
[  123.686703][ T5165]  ? tomoyo_realpath_from_path+0xd8/0x5e0
[  123.692445][ T5165]  tomoyo_realpath_from_path+0xd8/0x5e0
[  123.697996][ T5165]  ? print_irqtrace_events+0x210/0x210
[  123.703460][ T5165]  tomoyo_path_number_perm+0x225/0x810
[  123.709015][ T5165]  ? is_dynamic_key+0x1f0/0x1f0
[  123.713853][ T5165]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  123.719755][ T5165]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  123.725213][ T5165]  ? __lock_acquire+0x1295/0x1ff0
[  123.730279][ T5165]  ? make_kgid+0x6f0/0x6f0
[  123.734705][ T5165]  ? rwsem_write_trylock+0x166/0x210
[  123.739993][ T5165]  ? clear_nonspinnable+0x60/0x60
[  123.745035][ T5165]  security_path_chown+0xd9/0x130
[  123.750050][ T5165]  chown_common+0x52b/0x890
[  123.754547][ T5165]  ? __ia32_sys_chmod+0x180/0x180
[  123.759563][ T5165]  ? rcu_read_lock_any_held+0xb3/0x160
[  123.765126][ T5165]  ? __mnt_want_write+0x1e6/0x260
[  123.770139][ T5165]  do_fchownat+0x169/0x240
[  123.774541][ T5165]  ? chown_common+0x890/0x890
[  123.779202][ T5165]  ? syscall_enter_from_user_mode+0x2e/0x240
[  123.785177][ T5165]  ? lockdep_hardirqs_on+0x94/0x130
[  123.790380][ T5165]  __x64_sys_lchown+0x81/0x90
[  123.795051][ T5165]  do_syscall_64+0x3b/0xb0
[  123.799446][ T5165]  ? clear_bhb_loop+0x15/0x70
[  123.804145][ T5165]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  123.810022][ T5165] RIP: 0033:0x7f94af1b2299
[  123.814420][ T5165] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  123.834016][ T5165] RSP: 002b:00007f94ad631048 EFLAGS: 00000246 ORIG_RAX: 000000000000005e
[  123.842438][ T5165] RAX: ffffffffffffffda RBX: 00007f94af340f80 RCX: 00007f94af1b2299
[  123.850412][ T5165] RDX: 0000000000000000 RSI: ffffffffffffffff RDI: 0000000020000100
[  123.858367][ T5165] RBP: 00007f94ad6310a0 R08: 0000000000000000 R09: 0000000000000000
[  123.866320][ T5165] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  123.874389][ T5165] R13: 000000000000000b R14: 00007f94af340f80 R15: 00007ffda28ded08
[  123.882391][ T5165]  </TASK>
[  123.948668][ T5169] loop1: detected capacity change from 0 to 512
[  123.994013][ T5165] ERROR: Out of memory at tomoyo_realpath_from_path.
[  124.162808][ T5176] FAULT_INJECTION: forcing a failure.
[  124.162808][ T5176] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  124.188131][ T5176] CPU: 0 PID: 5176 Comm: syz.1.296 Not tainted 5.15.164-syzkaller #0
[  124.196227][ T5176] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  124.206408][ T5176] Call Trace:
[  124.209695][ T5176]  <TASK>
[  124.212627][ T5176]  dump_stack_lvl+0x1e3/0x2d0
[  124.217312][ T5176]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  124.222954][ T5176]  ? panic+0x860/0x860
[  124.227028][ T5176]  ? validate_chain+0x112/0x5930
[  124.231561][ T5180] loop0: detected capacity change from 0 to 512
[  124.231991][ T5176]  ? validate_chain+0x112/0x5930
[  124.232018][ T5176]  should_fail+0x38a/0x4c0
[  124.232042][ T5176]  _copy_from_user+0x2d/0x170
[  124.232060][ T5176]  iovec_from_user+0x13b/0x390
[  124.232083][ T5176]  __import_iovec+0x72/0x4b0
[  124.232099][ T5176]  ? __ia32_sys_shutdown+0x60/0x60
[  124.232124][ T5176]  import_iovec+0xe6/0x120
[  124.232146][ T5176]  ___sys_sendmsg+0x215/0x2e0
[  124.232169][ T5176]  ? __sys_sendmsg+0x260/0x260
[  124.232221][ T5176]  ? __fdget+0x191/0x220
[  124.232240][ T5176]  __se_sys_sendmsg+0x19a/0x260
[  124.232257][ T5176]  ? __x64_sys_sendmsg+0x80/0x80
[  124.232280][ T5176]  ? syscall_enter_from_user_mode+0x2e/0x240
[  124.232299][ T5176]  ? lockdep_hardirqs_on+0x94/0x130
[  124.232318][ T5176]  ? syscall_enter_from_user_mode+0x2e/0x240
[  124.232339][ T5176]  do_syscall_64+0x3b/0xb0
[  124.232354][ T5176]  ? clear_bhb_loop+0x15/0x70
[  124.232373][ T5176]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  124.232391][ T5176] RIP: 0033:0x7faf5bc3a299
[  124.232408][ T5176] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  124.232422][ T5176] RSP: 002b:00007faf5a0b9048 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  124.232443][ T5176] RAX: ffffffffffffffda RBX: 00007faf5bdc8f80 RCX: 00007faf5bc3a299
[  124.232456][ T5176] RDX: 0000000000000000 RSI: 0000000020000300 RDI: 0000000000000005
[  124.232467][ T5176] RBP: 00007faf5a0b90a0 R08: 0000000000000000 R09: 0000000000000000
[  124.232478][ T5176] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  124.232489][ T5176] R13: 000000000000000b R14: 00007faf5bdc8f80 R15: 00007fff5fa48ba8
[  124.232513][ T5176]  </TASK>
[  124.263627][ T3770] usb 4-1: USB disconnect, device number 8
[  124.268576][ T5174] loop2: detected capacity change from 0 to 4096
[  124.460013][ T5174] ntfs3: loop2: Different NTFS' sector size (4096) and media sector size (512)
[  124.515717][ T5180] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  124.595880][ T5174] ntfs3: loop2: Mark volume as dirty due to NTFS errors
[  124.613415][ T5180] ext4 filesystem being mounted at /74/file0 supports timestamps until 2038 (0x7fffffff)
[  124.709158][ T5187] loop1: detected capacity change from 0 to 4096
[  124.768817][   T25] audit: type=1800 audit(1722194118.773:83): pid=5190 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.294" name="bus" dev="loop2" ino=33 res=0 errno=0
[  124.820977][ T5187] ntfs3: loop1: Different NTFS' sector size (2048) and media sector size (512)
[  124.896489][ T5187] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  124.980790][ T5196] netlink: 4 bytes leftover after parsing attributes in process `syz.0.302'.
[  125.018207][ T5194] loop3: detected capacity change from 0 to 128
[  125.062904][ T5192] loop4: detected capacity change from 0 to 8192
[  125.075342][ T5194] EXT4-fs (loop3): VFS: Found ext4 filesystem with invalid superblock checksum.  Run e2fsck?
[  125.171114][ T3651] ntfs3: loop1: ntfs3_write_inode r=5 failed, -22.
[  125.194574][ T4580] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  125.363874][ T5208] netlink: 4 bytes leftover after parsing attributes in process `syz.1.308'.
[  125.514361][ T1073] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  125.614495][ T3765] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  125.764228][ T1073] usb 5-1: Using ep0 maxpacket: 16
[  125.884138][ T3765] usb 3-1: Using ep0 maxpacket: 32
[  125.884254][ T1073] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[  125.911124][ T1073] usb 5-1: config 1 interface 1 altsetting 1 endpoint 0x1 has invalid wMaxPacketSize 0
[  125.923729][ T1073] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  125.940579][ T1073] usb 5-1: config 1 interface 2 altsetting 1 endpoint 0x82 has invalid wMaxPacketSize 0
[  126.105192][ T5214] loop0: detected capacity change from 0 to 40427
[  126.105388][ T1073] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  126.148323][ T1073] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.168769][ T1073] usb 5-1: Product: syz
[  126.172963][ T1073] usb 5-1: Manufacturer: syz
[  126.195493][ T1073] usb 5-1: SerialNumber: syz
[  126.214259][ T5214] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  126.222009][ T5214] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  126.284339][ T3765] usb 3-1: New USB device found, idVendor=1d50, idProduct=60a1, bcdDevice=a1.4f
[  126.294443][ T3765] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  126.303238][ T5214] F2FS-fs (loop0): Found nat_bits in checkpoint
[  126.324086][ T3765] usb 3-1: Product: syz
[  126.334299][ T3765] usb 3-1: Manufacturer: syz
[  126.348940][ T3765] usb 3-1: SerialNumber: syz
[  126.366926][ T3765] usb 3-1: config 0 descriptor??
[  126.388011][ T5214] F2FS-fs (loop0): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  126.438010][ T5214] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  126.445626][ T5214] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  126.466590][ T5223] picdev_read: 8 callbacks suppressed
[  126.466609][ T5223] kvm: pic: non byte read
[  126.503685][ T5223] kvm: pic: level sensitive irq not supported
[  126.503755][ T5223] kvm: pic: non byte read
[  126.525488][ T5223] kvm: pic: non byte read
[  126.530368][ T5223] kvm: pic: single mode not supported
[  126.530384][ T5223] kvm: pic: level sensitive irq not supported
[  126.536933][ T5223] kvm: pic: non byte read
[  126.561254][ T5234] loop1: detected capacity change from 0 to 64
[  126.561748][ T5223] kvm: pic: non byte read
[  126.573291][ T5223] kvm: pic: non byte read
[  126.578069][ T5223] kvm: pic: single mode not supported
[  126.578127][ T5223] kvm: pic: non byte read
[  126.590405][ T5223] kvm: pic: level sensitive irq not supported
[  126.590446][ T5223] kvm: pic: non byte read
[  126.601273][ T5223] kvm: pic: non byte read
[  126.671594][ T5234] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[  126.699381][ T1073] usb 5-1: USB disconnect, device number 5
[  126.748529][ T5236] loop3: detected capacity change from 0 to 512
[  126.762537][ T3663] udevd[3663]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  126.822252][ T5236] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  126.843634][ T5202] bridge0: port 2(bridge_slave_1) entered disabled state
[  126.853415][ T5236] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  126.879631][ T5236] EXT4-fs (loop3): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,usrjquota=,jqfmt=vfsold,,errors=continue. Quota mode: writeback.
[  126.897464][ T5236] ext4 filesystem being mounted at /59/file0 supports timestamps until 2038 (0x7fffffff)
[  126.980028][ T3765] airspy 3-1:0.0: usb_control_msg() failed -71 request 0a
[  126.996030][ T3765] airspy 3-1:0.0: Could not detect board
[  127.008052][ T5243] tipc: Started in network mode
[  127.013476][ T5243] tipc: Node identity fc, cluster identity 4711
[  127.021058][ T3765] airspy: probe of 3-1:0.0 failed with error -71
[  127.034666][ T5243] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[  127.060116][ T3765] usb 3-1: USB disconnect, device number 7
[  128.911835][ T4044] af_packet: tpacket_rcv: packet too big, clamped from 7212 to 3952. macoff=96
[  128.944139][ T5270] tun0: tun_chr_ioctl cmd 2147767506
[  129.040536][ T5275] loop0: detected capacity change from 0 to 512
[  129.097853][ T5270] syz.2.325 (5270) used greatest stack depth: 18744 bytes left
[  129.195196][ T5278] Unknown options in mask 5
[  129.231542][ T5272] kvm: pic: non byte read
[  129.439997][ T5300] loop1: detected capacity change from 0 to 512
[  129.684421][ T5300] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodelalloc,grpid,bsddf,,errors=continue. Quota mode: writeback.
[  129.698715][ T5312] loop4: detected capacity change from 0 to 8
[  129.742872][ T5312] SQUASHFS error: lzo decompression failed, data probably corrupt
[  129.758971][ T5312] SQUASHFS error: Failed to read block 0x91: -5
[  129.764173][ T5300] ext4 filesystem being mounted at /25/file0 supports timestamps until 2038 (0x7fffffff)
[  129.768095][ T5312] SQUASHFS error: Unable to read metadata cache entry [8f]
[  129.783002][ T5312] SQUASHFS error: Unable to read inode 0x11f
[  130.152463][ T3765] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  130.242232][ T5298] loop2: detected capacity change from 0 to 32768
[  130.516938][ T5319] loop1: detected capacity change from 0 to 1764
[  130.825992][ T5319] device syzkaller0 entered promiscuous mode
[  130.892179][ T3765] usb 1-1: device descriptor read/64, error -71
[  131.023426][ T2692] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.161906][ T2692] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.204135][ T3765] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  131.226560][ T5298] device  entered promiscuous mode
[  131.257690][ T2692] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.363764][ T2692] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  131.419493][ T3770] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  131.444183][ T3765] usb 1-1: device descriptor read/64, error -71
[  131.472703][ T5318] loop3: detected capacity change from 0 to 40427
[  131.494025][ T5331] fuse: Unknown parameter ''
[  131.502503][ T5318] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  131.521862][ T5331] fuse: Bad value for 'fd'
[  131.530009][ T5318] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  131.561688][ T5332] fuse: Bad value for 'fd'
[  131.584447][ T3765] usb usb1-port1: attempt power cycle
[  131.613547][ T5318] F2FS-fs (loop3): Found nat_bits in checkpoint
[  131.650306][ T5318] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  131.690504][ T5318] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  131.694512][ T5326] chnl_net:caif_netlink_parms(): no params data found
[  131.704801][ T5318] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  131.827012][ T5326] bridge0: port 1(bridge_slave_0) entered blocking state
[  131.839427][ T5326] bridge0: port 1(bridge_slave_0) entered disabled state
[  131.846596][ T4002] usb 3-1: new full-speed USB device number 8 using dummy_hcd
[  131.854208][ T3770] usb 2-1: config 0 has no interfaces?
[  131.855082][ T5326] device bridge_slave_0 entered promiscuous mode
[  131.859681][ T3770] usb 2-1: New USB device found, idVendor=056a, idProduct=01bb, bcdDevice= 0.00
[  131.881323][ T5326] bridge0: port 2(bridge_slave_1) entered blocking state
[  131.882212][ T3770] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  131.901476][ T5326] bridge0: port 2(bridge_slave_1) entered disabled state
[  131.909927][ T3770] usb 2-1: config 0 descriptor??
[  131.921478][ T5326] device bridge_slave_1 entered promiscuous mode
[  131.967378][ T5326] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  131.983538][ T5326] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  132.024181][ T3765] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  132.050904][ T5326] team0: Port device team_slave_0 added
[  132.091944][ T5326] team0: Port device team_slave_1 added
[  132.111663][ T5326] batman_adv: batadv0: Adding interface: batadv_slave_0
[  132.121071][ T5326] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.147618][ T5326] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  132.147731][ T3765] usb 1-1: device descriptor read/8, error -71
[  132.174517][ T5326] batman_adv: batadv0: Adding interface: batadv_slave_1
[  132.181706][ T5326] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  132.199498][ T5322] udc-core: couldn't find an available UDC or it's busy
[  132.210652][ T5326] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  132.218845][ T5322] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  132.269981][ T4002] usb 3-1: New USB device found, idVendor=0813, idProduct=0001, bcdDevice=3a.08
[  132.289927][ T4002] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  132.346957][ T4002] usb 3-1: config 0 descriptor??
[  132.371285][ T5326] device hsr_slave_0 entered promiscuous mode
[  132.399803][ T4002] gspca_main: cpia1-2.14.0 probing 0813:0001
[  132.414727][ T5326] device hsr_slave_1 entered promiscuous mode
[  132.444220][ T3765] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  132.446501][ T5326] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  132.488141][ T5326] Cannot create hsr debugfs directory
[  132.554235][ T3765] usb 1-1: device descriptor read/8, error -71
[  132.694090][ T3765] usb usb1-port1: unable to enumerate USB device
[  132.707994][ T1388] ieee802154 phy0 wpan0: encryption failed: -22
[  132.714420][ T1388] ieee802154 phy1 wpan1: encryption failed: -22
[  132.838376][ T4002] cpia1 3-1:0.0: unexpected state after lo power cmd: 00
[  133.012825][ T5379] input input15: cannot allocate more than FF_MAX_EFFECTS effects
[  133.030527][ T2692] device hsr_slave_0 left promiscuous mode
[  133.060588][ T2692] device hsr_slave_1 left promiscuous mode
[  133.088234][ T2692] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  133.133264][ T2692] batman_adv: batadv0: Removing interface: batadv_slave_0
[  133.150348][ T5330] [U] �
[  133.165189][ T4002] gspca_cpia1: usb_control_msg 02, error -71
[  133.171698][ T4002] cpia1 3-1:0.0: only firmware version 1 is supported (got: 0)
[  133.181033][ T2692] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  133.196965][ T2692] batman_adv: batadv0: Removing interface: batadv_slave_1
[  133.204901][ T4002] usb 3-1: USB disconnect, device number 8
[  133.226190][ T2692] device bridge_slave_1 left promiscuous mode
[  133.232502][ T2692] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.251138][ T2692] device bridge_slave_0 left promiscuous mode
[  133.257899][ T2692] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.282234][ T2692] device veth1_macvtap left promiscuous mode
[  133.293320][ T2692] device veth0_macvtap left promiscuous mode
[  133.302529][ T2692] device veth1_vlan left promiscuous mode
[  133.313338][ T2692] device veth0_vlan left promiscuous mode
[  133.345035][ T1073] Bluetooth: hci2: command 0x0409 tx timeout
[  133.691662][ T2692] team0 (unregistering): Port device team_slave_1 removed
[  133.718123][ T2692] team0 (unregistering): Port device team_slave_0 removed
[  133.739452][ T2692] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  133.758328][ T2692] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  133.839708][ T2692] bond0 (unregistering): Released all slaves
[  133.894029][ T5401] netlink: 4 bytes leftover after parsing attributes in process `syz.2.347'.
[  133.989887][ T5407] loop3: detected capacity change from 0 to 256
[  134.021552][ T5405] loop0: detected capacity change from 0 to 4096
[  134.084178][ T1073] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  134.269390][ T3764] usb 2-1: USB disconnect, device number 9
[  134.301704][ T5326] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  134.339272][ T5413] netlink: 'syz.0.348': attribute type 1 has an invalid length.
[  134.355859][ T5326] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  134.390814][ T5326] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  134.441791][ T5326] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  134.494231][ T1073] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  134.603131][ T1073] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  134.675071][ T1073] usb 3-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  134.733887][ T1073] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  134.783300][ T1073] usb 3-1: config 0 descriptor??
[  135.472054][ T3042] Bluetooth: hci2: command 0x041b tx timeout
[  135.616404][ T5449] tmpfs: Unknown parameter '
'
[  135.675113][ T5451] netlink: 36 bytes leftover after parsing attributes in process `syz.1.355'.
[  135.733758][ T5452] loop0: detected capacity change from 0 to 8192
[  135.746908][ T1073] lg-g15 0003:046D:C222.0003: unknown main item tag 0x7
[  135.770107][ T1073] lg-g15 0003:046D:C222.0003: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.2-1/input0
[  135.781241][ T5326] 8021q: adding VLAN 0 to HW filter on device bond0
[  136.098527][ T5401] udc-core: couldn't find an available UDC or it's busy
[  136.138286][ T5401] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  136.276560][   T21] usb 3-1: USB disconnect, device number 9
[  136.373840][ T5326] 8021q: adding VLAN 0 to HW filter on device team0
[  136.396095][ T5452] REISERFS (device loop0): found reiserfs format "3.5" with non-standard journal
[  136.405664][ T5452] REISERFS (device loop0): using ordered data mode
[  136.412201][ T5452] reiserfs: using flush barriers
[  136.456819][ T5452] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  136.473849][ T5452] REISERFS (device loop0): checking transaction log (loop0)
[  136.484580][ T4001] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  136.497329][ T4001] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  136.505194][ T5452] REISERFS (device loop0): Using r5 hash to sort names
[  136.512135][ T5452] REISERFS (device loop0): using 3.5.x disk format
[  136.520385][ T5452] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[  136.524246][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  136.532653][ T5452] 
[  136.538306][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  136.539807][ T5452] ======================================================
[  136.539815][ T5452] WARNING: possible circular locking dependency detected
[  136.539821][ T5452] 5.15.164-syzkaller #0 Not tainted
[  136.539830][ T5452] ------------------------------------------------------
[  136.539836][ T5452] syz.0.353/5452 is trying to acquire lock:
[  136.553230][ T3749] bridge0: port 1(bridge_slave_0) entered blocking state
[  136.554779][ T5452] ffff888074dbc028 (&mm->mmap_lock){++++}-{3:3}, at: __might_fault+0x91/0x110
[  136.561858][ T3749] bridge0: port 1(bridge_slave_0) entered forwarding state
[  136.567061][ T5452] 
[  136.567061][ T5452] but task is already holding lock:
[  136.567068][ T5452] ffff888076517090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x76/0xd0
[  136.589234][ T5461] loop3: detected capacity change from 0 to 2048
[  136.595849][ T5452] 
[  136.595849][ T5452] which lock already depends on the new lock.
[  136.595849][ T5452] 
[  136.595856][ T5452] 
[  136.595856][ T5452] the existing dependency chain (in reverse order) is:
[  136.595861][ T5452] 
[  136.595861][ T5452] -> #2 (&sbi->lock){+.+.}-{3:3}:
[  136.595886][ T5452]        lock_acquire+0x1db/0x4f0
[  136.595905][ T5452]        __mutex_lock_common+0x1da/0x25a0
[  136.595920][ T5452]        mutex_lock_nested+0x17/0x20
[  136.595933][ T5452]        reiserfs_write_lock+0x76/0xd0
[  136.595950][ T5452]        reiserfs_dirty_inode+0xee/0x240
[  136.595967][ T5452]        __mark_inode_dirty+0x2fd/0xd60
[  136.595983][ T5452]        generic_update_time+0x1cb/0x1e0
[  136.595998][ T5452]        file_update_time+0x3eb/0x460
[  136.596010][ T5452]        filemap_page_mkwrite+0x222/0x650
[  136.701684][ T5452]        do_page_mkwrite+0x1a9/0x440
[  136.707051][ T5452]        wp_page_shared+0x179/0x690
[  136.712244][ T5452]        handle_mm_fault+0x2a3d/0x5950
[  136.717699][ T5452]        exc_page_fault+0x271/0x700
[  136.722991][ T5452]        asm_exc_page_fault+0x22/0x30
[  136.728349][ T5452] 
[  136.728349][ T5452] -> #1 (sb_pagefaults#3){.+.+}-{0:0}:
[  136.735996][ T5452]        lock_acquire+0x1db/0x4f0
[  136.741000][ T5452]        filemap_page_mkwrite+0x11b/0x650
[  136.746760][ T5452]        do_page_mkwrite+0x1a9/0x440
[  136.752200][ T5452]        handle_mm_fault+0x2803/0x5950
[  136.757650][ T5452]        exc_page_fault+0x271/0x700
[  136.762917][ T5452]        asm_exc_page_fault+0x22/0x30
[  136.768288][ T5452] 
[  136.768288][ T5452] -> #0 (&mm->mmap_lock){++++}-{3:3}:
[  136.775829][ T5452]        validate_chain+0x1649/0x5930
[  136.781286][ T5452]        __lock_acquire+0x1295/0x1ff0
[  136.786632][ T5452]        lock_acquire+0x1db/0x4f0
[  136.791638][ T5452]        __might_fault+0xb4/0x110
[  136.796640][ T5452]        reiserfs_ioctl+0x11d/0x340
[  136.801814][ T5452]        __se_sys_ioctl+0xf1/0x160
[  136.806901][ T5452]        do_syscall_64+0x3b/0xb0
[  136.811814][ T5452]        entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  136.818207][ T5452] 
[  136.818207][ T5452] other info that might help us debug this:
[  136.818207][ T5452] 
[  136.828408][ T5452] Chain exists of:
[  136.828408][ T5452]   &mm->mmap_lock --> sb_pagefaults#3 --> &sbi->lock
[  136.828408][ T5452] 
[  136.840895][ T5452]  Possible unsafe locking scenario:
[  136.840895][ T5452] 
[  136.848928][ T5452]        CPU0                    CPU1
[  136.854265][ T5452]        ----                    ----
[  136.859691][ T5452]   lock(&sbi->lock);
[  136.863649][ T5452]                                lock(sb_pagefaults#3);
[  136.870618][ T5452]                                lock(&sbi->lock);
[  136.877090][ T5452]   lock(&mm->mmap_lock);
[  136.881397][ T5452] 
[  136.881397][ T5452]  *** DEADLOCK ***
[  136.881397][ T5452] 
[  136.890033][ T5452] 1 lock held by syz.0.353/5452:
[  136.894942][ T5452]  #0: ffff888076517090 (&sbi->lock){+.+.}-{3:3}, at: reiserfs_write_lock+0x76/0xd0
[  136.904322][ T5452] 
[  136.904322][ T5452] stack backtrace:
[  136.910217][ T5452] CPU: 0 PID: 5452 Comm: syz.0.353 Not tainted 5.15.164-syzkaller #0
[  136.918271][ T5452] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/27/2024
[  136.928307][ T5452] Call Trace:
[  136.931578][ T5452]  <TASK>
[  136.934486][ T5452]  dump_stack_lvl+0x1e3/0x2d0
[  136.939151][ T5452]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  136.944762][ T5452]  ? print_circular_bug+0x12b/0x1a0
[  136.949934][ T5452]  check_noncircular+0x2f8/0x3b0
[  136.954848][ T5452]  ? add_chain_block+0x850/0x850
[  136.959774][ T5452]  ? lockdep_lock+0x11f/0x2a0
[  136.964440][ T5452]  ? tomoyo_path_number_perm+0x648/0x810
[  136.970061][ T5452]  ? reacquire_held_locks+0x660/0x660
[  136.975446][ T5452]  ? entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  136.981508][ T5452]  validate_chain+0x1649/0x5930
[  136.986435][ T5452]  ? mark_lock+0x98/0x340
[  136.990753][ T5452]  ? reacquire_held_locks+0x660/0x660
[  136.996116][ T5452]  ? __lock_acquire+0x1295/0x1ff0
[  137.001224][ T5452]  ? mark_lock+0x98/0x340
[  137.005591][ T5452]  __lock_acquire+0x1295/0x1ff0
[  137.010433][ T5452]  lock_acquire+0x1db/0x4f0
[  137.014984][ T5452]  ? __might_fault+0x91/0x110
[  137.019643][ T5452]  ? read_lock_is_recursive+0x10/0x10
[  137.025082][ T5452]  ? __might_sleep+0xc0/0xc0
[  137.029654][ T5452]  ? __fget_files+0x413/0x480
[  137.034325][ T5452]  __might_fault+0xb4/0x110
[  137.038890][ T5452]  ? __might_fault+0x91/0x110
[  137.043563][ T5452]  reiserfs_ioctl+0x11d/0x340
[  137.048217][ T5452]  ? __se_sys_ioctl+0xe6/0x160
[  137.052960][ T5452]  ? reiserfs_unpack+0x5a0/0x5a0
[  137.057962][ T5452]  __se_sys_ioctl+0xf1/0x160
[  137.062545][ T5452]  do_syscall_64+0x3b/0xb0
[  137.066939][ T5452]  ? clear_bhb_loop+0x15/0x70
[  137.071591][ T5452]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  137.077460][ T5452] RIP: 0033:0x7f94af1b2299
[  137.081850][ T5452] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  137.101428][ T5452] RSP: 002b:00007f94ad610048 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  137.109819][ T5452] RAX: ffffffffffffffda RBX: 00007f94af341058 RCX: 00007f94af1b2299
[  137.117765][ T5452] RDX: 0000000020000080 RSI: 0000000080087601 RDI: 0000000000000009
[  137.125713][ T5452] RBP: 00007f94af21f8e6 R08: 0000000000000000 R09: 0000000000000000
[  137.133662][ T5452] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  137.141604][ T5452] R13: 000000000000006e R14: 00007f94af341058 R15: 00007ffda28ded08
[  137.149573][ T5452]  </TASK>
[  137.267312][ T5461] UDF-fs: bad mount option "18446744073709551615" or missing value
[  137.404609][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  137.413221][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  137.427996][ T3749] bridge0: port 2(bridge_slave_1) entered blocking state
[  137.435093][ T3749] bridge0: port 2(bridge_slave_1) entered forwarding state
[  137.469161][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  137.477438][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  137.496832][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  137.550262][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  137.561738][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  137.573548][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  137.586203][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  137.595721][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  137.606382][   T21] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  137.622164][ T5326] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  137.632826][ T3042] Bluetooth: hci2: command 0x040f tx timeout
[  137.650811][ T5326] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  137.667626][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  137.676577][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  137.685953][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  137.760488][ T5326] 8021q: adding VLAN 0 to HW filter on device batadv0
[  137.771391][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  137.779663][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  137.887958][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  137.896974][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  137.917463][ T3764] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  137.925678][ T3764] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  137.936312][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  137.944728][ T3769] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  137.953166][ T5326] device veth0_vlan entered promiscuous mode
[  137.968185][ T5326] device veth1_vlan entered promiscuous mode
[  137.993150][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  138.001848][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  138.011373][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  138.021932][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  138.033863][ T5326] device veth0_macvtap entered promiscuous mode
[  138.046721][ T5326] device veth1_macvtap entered promiscuous mode
[  138.060723][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  138.072191][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.082089][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  138.092562][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.103673][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  138.114680][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.124536][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  138.134956][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.145771][ T5326] batman_adv: batadv0: Interface activated: batadv_slave_0
[  138.153288][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  138.162127][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  138.170576][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  138.179064][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  138.188546][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.199462][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.210665][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.221411][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.231478][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.242306][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.252180][ T5326] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  138.263083][ T5326] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  138.273721][ T5326] batman_adv: batadv0: Interface activated: batadv_slave_1
[  138.281832][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  138.290904][ T3749] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  138.300880][ T5326] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  138.310298][ T5326] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  138.320206][ T5326] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  138.329561][ T5326] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  138.351062][ T5326] ieee80211 phy23: Selected rate control algorithm 'minstrel_ht'
[  138.367573][ T3651] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.368496][ T5326] ieee80211 phy24: Selected rate control algorithm 'minstrel_ht'
[  138.390427][ T3651] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.395393][ T2692] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  138.398168][ T3764] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  138.406186][ T2692] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  138.421565][ T1073] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  139.664851][ T1073] Bluetooth: hci2: command 0x0419 tx timeout