last executing test programs:

11m33.62240535s ago: executing program 2 (id=38):
openat$dlm_control(0xffffffffffffff9c, 0x0, 0x42042, 0x0)
syz_mount_image$msdos(&(0x7f0000000080), &(0x7f0000000a80)='./file1\x00', 0x0, &(0x7f00000025c0)=ANY=[], 0x2, 0x165, &(0x7f00000007c0)="$eJzs2z/L01AUB+CTt1GrLp3FIeDiVNTJUZEKYkBROuikUF1aKdglOhU/iasfTpBOHYQrGmm1tIh/Ysqb51l64MdtzxluLzeQZ5dfTSfzxcv5w1X0syzyW1HEOotBnEQvassAAE6TdUrxKaWUzi3j/PtIKbXdEQDQNOc/AHTPL8//my01BgA0xv0fALrn8ZOn92+X5ehRUfQjPi6rcTWuP+v87r1ydK34ZrBdtaqqcW+TX6/z4uf8TFz4nt/Ym5+Nq1fq/Gt250G5k1+MSfPjAwAAQCcMi4299/vh8FBeVz88H9i5v+dxKf9vYwAAv2Hx5u30+Wz24nXDRd78T7RTnBxHG10uPqeU/mD5uw/1FjiSKf5tkUXE331P2/9MQNO2m77tTgAAAAAAAAAAAAAAgEOafRup1/Z4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsNeXAAAA//9UM01l")
openat$zero(0xffffffffffffff9c, &(0x7f0000000180), 0xa0000, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000001c0)='ext4\x00', &(0x7f0000000200)='./bus\x00', 0x1400c, &(0x7f0000000680)={[{@test_dummy_encryption}, {@init_itable}, {@noload}]}, 0x3, 0x470, &(0x7f0000001240)="$eJzs3MtvG1UXAPAzkzj98qUloZRXyyNQEBWPpGkLdMECEEgsioQEC1haSVqVpi1qjESrSKQsygohJPaIJf8CK9ggxAqJLexRpQp1Q8vKaOyZxHZsp2nsuMW/n+T23Hn43uOZa9+ZayeAoTWd/ZNE7I6I3yNisl5s3mC6/t+N6yvzN6+vzCdRrb77V1Lb7u/rK/PFpsV+E42FSOJAm3qXL146U15aWryQl2crZz+aXb546YXTZ8unFk8tnjty/Pixo3Mvv3TkxZ7kORFpHr31wVdvn/iiKf+WPHpkutvKp6vVHlc3WHsa4tEBtoOtGcmPV6nW/ydjpOHoTcabn60VPh1QA4G+qVar1YnOq1erwH9YEs1lXR6GRfFBX1z/trsOfrVvo4/Bu/Za/QIoy/tG/qivGV27Y1Bqub7tpemIeH/1n2+yR/TnPgQAQJMfsvHP89loZ2U+G3usjz/SeKBhu3vyuaGpiLg3IvZGxH1xLvZFxP0RtW0fjIiHtlh/6yTJxvFPevW2ErtF2fjvlXxuq3n8V4z+YmokL+2p5V9KTp5eWjycvyaHorQrK891qePHN377stO6xvFf9sjqL8aCeTuuju5q3mehXClvJ+dG1y5H7B9tl3+yNhOQRMTDEbG/3ROkm9dx+tnvHum0bvP8u+jBRFP124hn6sd/NVryLyTd5ydn/xdLi4dni7Nio19+vfJOp/q3lX8PZMf//23P/7X8p5LG+drlrddx5Y/PO17TTJfyYAvn/2q5Uh5L3qvFY/myT8qVyoW5iLHkRL3RjcuPrO9blIvts/wPHWzf//fG+itxICKyk/jRiHgsIh7Pj90TEfFkRBzskv/Prz/1Yeuy8SL/O+D4L2zp+K8HY9G6pH0wcuan75sqnVoP8/xvdn//O1aLDuVLbuX971badXtnMwAAANx90ojYHUk6sxan6cxM/Tv8+yLSpfPLledOnv/43EL9NwJTUUqLO12TDfdD5/LL+nr5ckTUv1pQrD8aae2+8dcj47XyzPz5pYVBJw9DbqJD/8/8OTLo1gF95wdbMLz0fxheXft/aefaAey8Df2/a5/f1de2ADurzef/+CDaAey8duN/f+8HhkNL/zftB0PE/X8YXvo/DC/9H4bS8nhs/iP5rkHxTLe5+2bBZMR2WziYIEp3RDP6FkTa9yrG+ntq9S1I7sI2bwgG954EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQS/8GAAD//3hZ0MA=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)
mknod(&(0x7f0000000140)='./file0\x00', 0x1000, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000a40)='./file0\x00', 0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
sendmsg$inet(r5, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r4, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000140), 0x100}, 0x0)

11m32.492926092s ago: executing program 2 (id=39):
io_uring_setup(0x5, &(0x7f00000002c0))
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
close(r0)
r1 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r1, 0x0)
r2 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r2, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
sendmsg$TEAM_CMD_OPTIONS_SET(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[], 0xfffffdef}}, 0x0)
recvfrom(r2, &(0x7f0000000180)=""/60, 0xfffffffffffffecb, 0x3e8, 0x0, 0x0)

11m32.118236289s ago: executing program 2 (id=41):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(&(0x7f00000000c0)='./file1\x00', 0x14927e, 0x6)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x100000000000001, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x203]})
fallocate(r0, 0x0, 0x0, 0x1001f0)

11m30.951328762s ago: executing program 2 (id=45):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)
io_uring_setup(0x734a, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0xfff7fffc})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000540)={0x18, 0x1, &(0x7f0000000080)=ANY=[@ANYRESHEX=r0], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x48, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x100000}, 0x94)
mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000300)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f0000000000000000850000006d000000850000000800000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r4 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r4, &(0x7f0000000180)={0x1a, 0x0, 0xf9, 0x8, 0xff, 0x0, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x3e}}, 0x10)
sendmmsg(r4, 0x0, 0x0, 0x0)

11m28.090287398s ago: executing program 2 (id=52):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000000, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==")
fsopen(0x0, 0x1)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000300)={0x52, 0x0, 0x8, {0x0, 0x1}, {0x74, 0x2}, @const={0x0, {0x0, 0x3400}}})
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x50}}, 0x20040000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0xc0205826, 0x0)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@known='trusted.overlay.origin\x00')
socket$inet_tcp(0x2, 0x1, 0x0)

11m27.599526958s ago: executing program 32 (id=52):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000000, &(0x7f00000022c0)=ANY=[], 0x1, 0x6ca, &(0x7f0000000500)="$eJzs3c1vHGcdB/DvrNeuN1TBaRMaoSKsRCpIEYkTK4VwwSCEcqhQVQ49W4nTWN0kVeIit0LgAoITEof+AQXJNw4IiXtQuHApt159rITEJeIQ9bJoZmftXXv9lthrBz6faDzPM8/L/OaZZ2a866w2wP+t6xfSfJgi1y+8sVzm11Zn22ursy/Uxe0kZbqRNLurFHeT4lEyV5YXfUv61lt8vHjtrc8er33ezTXrpao/tlO7IYbUXamXTNf9TQ9tOb7XXazU4eXFJDfq9aCJvfY1ULEctPP1Go5cZ4uV/TTfz3ULHDO9p1PRfW5uMZWcSDJZ/x6Q+u7QGF2Eh2NfdzkAAAB4Tn1676gjAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgOdP/f3/Rb006nWmU/S+/3+it61OH0Nze6758FDjAAAAAAAAAIDR+PqTPMlyTvbynaL6m/+5KnM6X3SSL+X9PMhC7udiljOfpSzlfi4nmerraGJ5fmnp/uX1lqXhLa8MbXllVEcMAAAAAAAAAP+TfpnWxt//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgOCiSse6qWk7X60yl0cxGWVaSfyaZOOp496EYtvHh6OMAAACAZzL5FG2+/CRPspyTvXynqF7zf6V6vTyZ93M3S1nMUtpZyM36NXT5qr+xtjrbXludvVMuZX6w3+//e19hTNQ9jFW5YXs+W9Vo5VYWqy0Xc6MK5mYa3X2fT8724umLq89HZUzF92p7jKxZD2u5s99v9y7CgRh8K6KxQ83WRnDJ+ojM1LGVLU91R6Co3qhJNo/ErmenOZCbqnodX9/T5TTW3/k5fQhjfqJel8fzm0Md8/1aH4lGqpG40pt95TWz80gk3/jrn96+3b777u1bDy4cn0Paxdg22zfPidm+kXjluR6J5j7rz1QjcWY9fz0/yk9yIdN5M/ezmJ9mPktZSKcun6/nc/lzaueRmhvIvblbJBP1eemes73ENJ0fVqn5nKvansxiitzLzSzk9erflVzOt3M1V3Ot7wyf2Tbu6tiqq76x+arvnem/DQ3+/DfrRHl3++3GXW5upyPebnYelO69vxzXU33j2p31j9drneq7Dmb6Ruml3uiMD+38ae6Nza/WiXIfv9rlOTFaU/VIlBdQ7ynRi+7l7kg0q2fR1nn+h07ZLu27nc7t+fe26X9lU/61el1Oq9Wv7Va7Z/ipOFjlfHkpk/WdZHB2lGUvr99l+so6G3O5Wzb4xC3bnanKiqJ3pf4496oJsPVKnah/h9va05Wq7JWhZbNV2dm+soHft3Iv7dwcwfgB8DT+8fZ6cionJlr/an3a+qT169bt1huTP3jhOy+8OpHxv49/tzkz9lrj1eIv+SQ/33j9DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPL0HH3z47ny7vXB/eKKxfdFAopXNW3breVOiqL/QZ3+tjm9iMsnAlup7jkYeRmtzGFsSnV8kIx+f3pcIDq/zuzLR3DKjhiXmBrb8eWuHH+0zwmJv18UhJhoZ7U7HMnwCHOFNCRiJS0t33rv04IMPv7V4Z/6dhXcW7o5fvXpt5trV12cv3VpsL8x0fx51lMBh2HjoH3UkAAAAAAAAAAAAwF4N+2DAuRd3+9DInj7j4X8WAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfi+oU0H6bI5ZmLM2V+bXW2XS699EbNZpJGIyl+lhSPkrl0l0z1dVfkj4/SGbKfjxevvfXZ47XPN/pqdusnjXq9vZ1Lk6zUS6aTjNXrZzDQ341n7q/4T+8YygH7otPpzD1bfHAw/hsAAP//msX1EQ==")
fsopen(0x0, 0x1)
socket$inet_mptcp(0x2, 0x1, 0x106)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000300)={0x52, 0x0, 0x8, {0x0, 0x1}, {0x74, 0x2}, @const={0x0, {0x0, 0x3400}}})
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x47bc, 0x0, 0x0, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB], 0x50}}, 0x20040000)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
ioctl$EXT4_IOC_GROUP_ADD(0xffffffffffffffff, 0xc0205826, 0x0)
lremovexattr(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)=@known='trusted.overlay.origin\x00')
socket$inet_tcp(0x2, 0x1, 0x0)

10m53.579104408s ago: executing program 33 (id=77):
r0 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x20042)
socket$kcm(0x10, 0x3, 0x10)
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3})
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r1, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x54)
syz_pidfd_open(0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, 0x0, 0x0)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
preadv(r0, &(0x7f0000000300)=[{&(0x7f0000000500)=""/94, 0x5e}], 0x1, 0x0, 0x0)
ioctl$DRM_IOCTL_WAIT_VBLANK(r0, 0xc018643a, &(0x7f0000000080)={0x4000000, 0x0, 0x3})

9m30.084547142s ago: executing program 34 (id=289):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x10, 0xe, &(0x7f0000001880)=ANY=[@ANYBLOB="b700000028000000bca30000000000003403000040feffff720af1ff0000000071a4f0ff000000001f030000000000002e0a0200000000002604fdffffff000e61144400000000001d430000000000007a0a00fe0000001f61141c0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fd79153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff462c8843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae633d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80eba439772bf60a1db18c472dafc5569adc282928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08acb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdcea26498d26229110b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb7ed9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e2848890522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b6"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)

9m14.170466175s ago: executing program 1 (id=326):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)=@base={0x12, 0x6, 0x8, 0x2}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

9m13.041085747s ago: executing program 1 (id=327):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r3)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = socket$unix(0x1, 0x1, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000026c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r9, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_cbs={{0x8}, {0x1c, 0x2, @TCA_CBS_PARMS={0x18, 0x1, {0x0, '\x00', 0x1, 0x7, 0x100, 0x8}}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2b, 0x80000, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {0x2, 0xb}, {0xffe0, 0xb}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0x10, 0xf, 0x0, 0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x2404c0f1}, 0x4008000)
ioctl$SIOCSIFHWADDR(r3, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

9m11.890211129s ago: executing program 1 (id=328):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xa, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
ftruncate(0xffffffffffffffff, 0x2007ffc)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000380)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/11], 0xf7, 0xedb, &(0x7f0000001940)="$eJzs3U9sHNX9APA3a6/txCZeAz8w8COk0IpAwQ4JUtNbEKhHxKV3UEhohKGooQci/oQeEJUQRUKcKg5UXCiVUqRWAlWqUE9tT6166wn1QqUqlYJ6IVLiKvZ7690XT3c9tme9u5+P9PXzmzc73+94g5k33n0bgLHVWPv68MOLRQjvffbuY688Xfz22ra72nscWvtaxF4rhNDs6BfZ8b6IG65cevnkZm0Rjq59Tf3w+MX2Y2dDCOfDofB5aIWPl1e++uj9Rw9/8sbMLW+fe/bVXTr9tvw8AABgFF3488rf7/vnnx5YuHzh4Ikw3d6ers9bsT8br/uPxAvldL3cCN39oiM6TWX7TcRoZPtNZPtNZnkmS/I1s+M0S/ab6pFvomPbZucJAAAAwyjNa1uhaCx19RuNpaX1ef81X8xPFUvPn1k5fXZAhQIAAACV/ee1tRfdCiGEEEIIIYQQYoRjdX7QdyAAAACAcZOvF3ad8zu7Ulf7aK3+8l98pLH542EH1P3vX/7hyv/h637jAABQ3aheTabzStfRaR2DfB3BiexxW73+b2THmdxinWXrCg7LeoNldeY/172qrP6tPo+DUlZ/vh7mXlVWf75O515VVv90zXVUVVb/TM11VFVW/76a66iqrP79NddRVVn9szXXUVVZ/XM111FVWf031FxHVWX1H6i5jqrK6h+Wl9WW1d+quY6qyupfqLmOqsrqv7HmOqoqq/+mmuuoqqz+m2uuY1DujG36ORzMxjvnz/mcbljmeAAAADDuvrb+nxBCCCGEEEIIMfLx2qBvQAAAAAADl94XkN71vhql8Yke45M9xps9xqd6jE/3GAcAAABC+N2bp297p9h4n/9218NL60al9Ze2uo5Rvh7hVvNvd92z7eYflnXLAAAAGC/F9z6/ev9jH7y4cPnCwRMds9+rcb6b1gGdjPcGPo399LqAuaxfpDn0ie48jZL98vsDN5Qd74ltnigAAACMsTR/b4WisdQx726FRmNpaWM+vhiaxekzK6eOxH76fJY/zjenr21/qOa6AQAAgP5tzPc3n/+nz/FdDFPF0vNnVk6fXe/Ptbc3G533BeY3thed9wVa2fajJduPxX76/M4fzO9b27508ocrT+/0yQMAAMCYOPvSuWefWlk59SPf+MY3fX3TGIv/dgb8iwkAANhxX375bvPHx+Z+v/7+/43179L7/w/Ffiuu7feXuEOaA6X3AVz3fv0nu/PMl+33Qvd+rWy/iRjTWd0zHccJHesNpsctlOVrdR9nqiTfbJZvLsuXr1Mwme2f8h3ItufrE6b95rPt+TqMk1mOIst/dwAAAIByyy8+98Ly2ZfOPXjmuaeeOfXMqeePHT3+3ePHjzz0nYeW117Xv9z56n4AAABgGG286HfQlQAAAAAAAAAAAAAAAAAAAMD4quPjxAZ9jgAAADDu/v1aCOG82JlY3QM1iB2O9Y/AHHwdQgghhBC9Y2IP1CCE2LOxupp/0jwAAADA7rpy6eWTne11zhc7mq99tNZ6czXmTe3cg39buBZpt4uPdN8v2b+j1TDu6v73L/9w5f/w9Z3NP5O+6fv3X6P7ACeq5b13+ZeLnflvn+wzf37+T1TLfzjLf2/oL//qB1n+J6vlvy/Lv7/P/Ned/wvV8t8f8y/G/uF7+s3f/fxPxzadx74+8387O/+nQ7/5s/Nv9Zkw80DMDwDjqDHoAnZJukpI19GzsZ/ON15uhvzVD1u9/m9kx5ncduXdx03XQbfGfrpemsvyJlutfzY73g0V68wNy6tKyurfqedxt5XV36y5jqrK6p+quY6qyuqfrrmOqsrqn6m5jqrK6u93HjpoZfUPy33lsvpna66jqrL652quo6qy+rf6//FBKav/QM11VFVW/3zNdVRVVn/F22q1K6t/oeY6qiqr/8aa66iqrP6baq6jqrL6b665jkG5I7Zl8+E0/5yPY6nfyvrTm/wsR/XeAgAAAAybf1n/TwghxF6KdEN60HUIIYQQdcbXq+v6fszM4GsWQxerqwO+AcFA7e67mQHYq/z+H2+e//Hm+R9vnn/+l/Qa/iLrJxM9xid7jDd7jE9l4/m/1+ke4zdlx4131dp3PW7uMf5/PcYP9Bi/tcf4Yo/x23qM395j/I4e4wAAAIyHW2JrfggAAACj65VfffrWb+598tLC5QsHT4Sp69adPxL70/Fv62/Gfr7ufdKMf/P/Sez/IrZ/iO0/sod5/QkAAADsvvQ5Mf7+DwAAAKMrfU6p+T8AAACMroXYmv8DAADA6Loxtub/AAAAMMKKmc03xzbdF7g7tj3W9QMAhsj/x/bO2B6M7V2x/UZs03XAPbH9Zk31AQA75+ff/+nxd4qN9f6PZeNX4vbUXuf8+p2CotG9kv++2O6P7bf6rCf/PIB+8ycH+syzW/nnt5kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdjbWvDz+6WITw3mfvPvazqbf+em3bXe09Dq19LWKvFUJoth+XRjf6v447Xrn08snO9mpsi3A0FKFobw+PX2xnmg0hnA+HwuehFT5eXvnqo/cfPfzJGzO3vH3u2Vd38UfQdX4AAAAwiv4bAAD//07RIe8=")
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010003f6fdd140402090b975f601020301090224000201005004090400f700c873b808090504105802030d5809042c"], &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0})
prlimit64(r0, 0xd, &(0x7f0000000000)={0x3, 0x1}, 0x0)

9m10.318143601s ago: executing program 35 (id=329):
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2, 0x4c831, 0xffffffffffffffff, 0x1000000)
socketpair$unix(0x1, 0x3, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
r0 = openat$ttynull(0xffffffffffffff9c, &(0x7f00000000c0), 0x88002, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000100)=0xd)
r1 = openat$ttynull(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r2 = dup(r1)
write$UHID_INPUT(r2, &(0x7f0000001040)={0x18, {"a2e3ad21ed6b52f99cfbf4c087f70c9b3e6ee7ff7fc6e5539b9b3b0e8b9b411b5d30091b080d29428f0e1ac6e7049b3468959b4c9a242a9b67f3988f7ef319520200ffe8d178708c523c921b1b25380a169b63d336cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f309f4cff7738596ecae8707ce065cd5b91cd0ae193973735b36d5b1b63e91c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecd03aded6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca5b6bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27afc953854a642c57519544ae15a7e454dea05918b4124351601611c8f11baa500a3621c56cea8d20ff911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a60560a22f1fca567e65d5e880572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5120000008213b704c7fb082ff27590678ef9f190bae979babc7041d860420c5664ba7921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202fd28f28381aab144a5d429a04a689b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2f05dd3318271a1f5f8528f227e79c1388dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eefc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44060bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a7288afe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f48fe4eae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf02b98a269b891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efedfd71af9444e197f47e866101496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615f7084a607a7eceb6243378e0610060f02cca4051c2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c4e15a7b6eb65ca8104e1b4da1fbb77ab2fc043aead87c32ab875ee7c2e7b7019c902cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad948741b2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd73643de50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c1023bf70cc77737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73c497579773767075428067e7f16f4dde374f8211fef42cb468e623daf60b3569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d3414442e863a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae44369ddb4581c55925d0f6f1ba471eba281f259152f85a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b405177548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e05130935e00785ec27e923911fab964c271556527697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9ddbfb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e7027132f2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5336651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee29165895ac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463181f4b87c10772d2b13f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76d57227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f84fad6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b3110b932a4d02da711b757fe43c06d21e35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc238a081ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cb0b3e35cb80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c60edddab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec014508e5247d33ae6c962d35603ff8454c16f8342856935125102bb784ed714887071f3d998efdd9923c954ab6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee658e4cb5e930ed624806c43a006dc9336d07c2b8081c128ad2706f48261f7897084c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da3932ba5c04c24a560ad80a3ce654578376e599aff3565b1d531f30912b99e6619ebe93cc0b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e6491953264d2700c838fa2c7b34252600c9654e502dcea39cb6bc3eb69992e234b4ca7db2f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c6000064b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ff1aa70826ad01a9b03c37b0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x100d}}, 0xfffffdef)

9m8.666854583s ago: executing program 1 (id=332):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(0x0, 0x14927e, 0x6)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x100000000000001, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x203]})
fallocate(r0, 0x0, 0x0, 0x1001f0)

9m8.115473444s ago: executing program 1 (id=334):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)=@base={0x12, 0x6, 0x8, 0x2}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

9m6.916785448s ago: executing program 1 (id=335):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f00000073c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000007480)={0x0, 0x0, &(0x7f0000007440)={&(0x7f0000007400)={0x14, r1, 0x301}, 0x14}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x4001)

9m6.352212239s ago: executing program 36 (id=335):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$gtp(&(0x7f00000073c0), 0xffffffffffffffff)
sendmsg$GTP_CMD_GETPDP(r0, &(0x7f0000007480)={0x0, 0x0, &(0x7f0000007440)={&(0x7f0000007400)={0x14, r1, 0x301}, 0x14}}, 0x0)
sendmsg$GTP_CMD_GETPDP(0xffffffffffffffff, 0x0, 0x4001)

9m6.3015572s ago: executing program 5 (id=337):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mount$9p_virtio(0x0, 0x0, 0x0, 0x8c, 0x0)
syz_io_uring_setup(0x88f, 0x0, 0x0, &(0x7f0000000280))
openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
lseek(0xffffffffffffffff, 0x1, 0x0)
r3 = syz_open_dev$radio(&(0x7f00000003c0), 0x2, 0x2)
read(r3, &(0x7f0000001e80)=""/96, 0x60)
close(0x3)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, &(0x7f0000000380)=0x1)

9m3.120237352s ago: executing program 5 (id=338):
mkdirat(0xffffffffffffff9c, 0x0, 0x150)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000f00000000", @ANYRES32=r3, @ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000040)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$iso9660(&(0x7f0000000140), &(0x7f0000000000)='./file1\x00', 0x2000c12, &(0x7f00000002c0)={[{@map_off}, {@iocharset={'iocharset', 0x3d, 'macturkish'}}, {@nocompress}, {@iocharset={'iocharset', 0x3d, 'cp775'}}, {@check_strict}, {@map_acorn}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {}, {@block={'block', 0x3d, 0x400}}, {@cruft}, {@check_relaxed}, {@uid}]}, 0x1, 0xa00, &(0x7f0000000dc0)="$eJzs3UtsXFf9B/Dv9SNx3SpJ2/z7L1XbTFKSuq1xbIcmRF2UxJ4kLn4g25EasWhK46AQQ6EBqa2QmkqIFRVIIBawq1jBplI3dIO6gx2sWCChrthXrMLK6M6M49eMx3YdO00/n+h67uN3z/nd58mMr+eEz5eF/SumFhZqwxanL/5hBzLmLnZ29JP3P3ivHN69mT3pzPPFn5KeJJWkK8mjSffI6PTURJuCrieXk3ycFEn2pv66IZdT/CIPLE1/nOJ3Zb0t7dloybSzwBfabp9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwNypGRgcHh4o9GZu8+HKlLqmsMTI6PVVkYWHtksV16j6q9fpdfNS23qQoh/T0LHb1/ejBpcWPJKkcyeP1qcdrHZKnJ2/f/8iBFx7u6lhcv1U2n8nejRd74623r786Pz/3RuuQhXfq27A9ud1lzlcnx2amxibOnK9WxmamKqdPnhw8fuHcTOXc2Hh15tLMbHWiMjJdPTM7NV3pG3mmMnT69IlKdeDS1MXJ86MD49XFmae+Mjw4eLLy0sA3q2emZ6Ymj780MDNyYWx8fGzyfC2mXFzGnCpPxG+MzVZmq2cmKpWr1+bnTqzKqXP1zi6DhtptSRk03C5oeHB4eGhoeHjo3Ubv2bdnnHz+9POnBge7BlfJmog7dNJyd7mv9WHe5js4bF1Hvf3Pd8czlslczMupNP03ktFMZyoTLZY3LLb/R49X1613efvfaOW7li1+rPxxJE82JntatP8tctm5fzfyVt7O9bya+cxnLm/sekY7++98qpnMWGYylbFM5ExtTqUxp5LTOZmTGcwruZBDmUkl5zKW8VQzk0uZyWyqtTNqJNOp5kxmM5XpVNKXkTyTSoZyOqdzIpVUM5BLmcrFTOZ8RnOmVsrVXKvt9xPr5Hg7aGgjQcPrBK1uzMtzfXPtf/Ve/Z8gG7b9N3HYooVG+7+nfWjfyE4kBAAAAGy7L/01+w4+9Jd/JUWeqH0uf25svPribqcFAAAAbKPa43qPly/d5dgTPbX3/4O7nRYAAACwjYra39gVSXpzqD62+JdQPgQAAACAe0Tt9/9Ppji0NMP7fwAAALjHtP+O/bYRRf/i1/9WrtRfrzQi6lNF77mx8erAyNT4C0M5VvuWgSRPrC2tMym6a39+8GwO16MO99Zfe5dKLOvsKaOGBl4YyrM50tiQvqfKl6f6mkQO1yOfrkc+vTyyMysiT5SRAHCvO7JOe7zR9v/Z9Ncj+h+rNfldjzVpgwe1rABwt7jdx85/G12aNWn/GxFPtmr/v7rO+/8y4qFcPVR/pGAgr+X1zOdK+tN44uBQs1IXeyOoP4bQ3+bTgN7GIwt/P9WR/jWfB/Tc3tblsXMZTn/TTwSWlVss5nCiHtd5Z44BAOy0I+u2wxtr//vbvP/v9UghANxVbvdgv4mRdzYTPPfGjd3eRgBgJa00AAAAAAAAAAAAAAAAAAAAAAAAAAAAbL8NfYH/344l8/NzyRY6C9jySM9mMlx/pCM7lPOuj3Qm2a3aX8ym1yqP8Weo9I/3NVb/9+7v+XtuZJdvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyIIulsNr8j2ZtkMMnxnc/qzrm52wlsl8qeLa1W3MqtvJl9254PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMAXXOP7/ztSf72/PitdHcnRJJeTfGu3c9xOt3Y7gTujaB/yvXrg0vf/dyTdWSjSVT/sKbpHRqenJsqiir3l8k/e/+C9cmhf9tpeFcoCyhpWdC7RqGHZnO6Vaz1YW6t3dO7G9R+9/oPK6NnaiXl29tz46MT56a8vBT5SfJhUUh8WLeb7k6N//uWy2Y2OEooPyy1tbnW952r1jq6t9/+brd2i3g24Nj83XNY0W3159sffv/bmskUP5XDyVF/St7Km75RDi5oOr96fKxWfFj8r9uU3uVw7/uXeKBaK8hDtr23/fVevzc8NvPb6/JXbOb2zIqcDOZTkStKz8ZwOtT43a2ddR3dZ62AtqPxxsE1561pW4lCL/fpg7ZTp3dQ2VNpcX232eyOjE00z+tUPH86xTR/pY21qbKr4tPhncSH/yE+X9f/RUR7/o2l6dTYpoha57ExZvmzF5dVRj6xt+fDyBa+sLrPlVckd8PN8O1+7ffw7lt3/G8dqZ+5Hy2psfl0km78ufr9/TYuypNYiHVzVIjXuPq3WaeR5sB7VIs//y3P1MjdxR3muXYt9h67/3xZ9+U9u6v8HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4+xVJZ7P5HcnRJAeS7C+nK8nC6pibW6ivo7fYSprbZis5f/4ULTe0uJVbeTP7djojAAAAAAAAAO6Ms6OfvP/Be+VQ+318Z77c0VhSSbqSHCh+3T0yOj010aag7uTy4q/0ezaXw+XyxwNL0x+XU4+2WWl3Hx8AgM+1/wUAAP//p2dujQ==")
openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x12e042, 0x92)
socket(0x10, 0x3, 0x4)
pipe2$9p(&(0x7f0000001900)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff}, 0x0)
r6 = dup(r5)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f00000005c0)={'trans=fd,', {'rfdno', 0x3d, r4}, 0x2c, {'wfdno', 0x3d, r6}, 0x2c, {[], [], 0x6b}})
write(0xffffffffffffffff, &(0x7f0000000140)="480100001a000708ab0925040900070002ab0700a90100001d60369321001d000a800000000000000000000000039815fa2c1ec28656aaa79bb94b46fe000000bc00030026000000140000270400117c22ebc205214000000000008934d073", 0x5f)
r7 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r7, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000480)={&(0x7f00000004c0)=@newtaction={0x6c, 0x30, 0xffffffffffffffff, 0x4, 0x25dfdbfd, {}, [{0x58, 0x1, [@m_bpf={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_ACT_BPF_PARMS={0x18, 0x2, {0x1}}, @TCA_ACT_BPF_FD={0x8}, @TCA_ACT_BPF_OPS_LEN={0x6, 0x3, 0x5}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
r8 = syz_genetlink_get_family_id$smc(&(0x7f0000000000), 0xffffffffffffffff)
r9 = creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
execve(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)
sendmsg$SMC_PNETID_ADD(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)={0x40, r8, 0x300, 0x70bd27, 0x10000, {}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz0\x00'}, @SMC_PNETID_ETHNAME={0x14, 0x2, 'dummy0\x00'}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x40}, 0x1, 0x0, 0x0, 0x88000}, 0x48811)
sendmsg$SMC_PNETID_FLUSH(r7, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x3c, r8, 0x10, 0x70bd25, 0x25dfdbfc, {}, [@SMC_PNETID_ETHNAME={0x14, 0x2, 'veth1_virt_wifi\x00'}, @SMC_PNETID_IBPORT={0x5, 0x4, 0x1}, @SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x8004}, 0x0)

9m0.67872494s ago: executing program 5 (id=339):
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file0\x00', 0xa00004, &(0x7f0000000400)={[{@uid_ignore}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8}, {@uid}, {}, {@iocharset={'iocharset', 0x3d, 'cp852'}}, {@mode={'mode', 0x3d, 0x6}}, {@dmode={'dmode', 0x3d, 0x4}}, {@iocharset={'iocharset', 0x3d, 'cp857'}}, {@uid_forget}, {@lastblock={'lastblock', 0x3d, 0x7}}, {}, {@uid}]}, 0x1, 0xc67, &(0x7f0000000f40)="$eJzs3U9sHNd9B/DfG5LiSm5rJk4VJ42DTVuksmK5+hdTtgp3VdNsA8iyEIq5BeBKpNSFKZIgqUY23JbppYceAhRFDzkRaIUCKRoYTRH0yLQukFx8KHLqiWhhIyh6YIsAAVoEW8zsW3FFkZYskiIlfz429d2deW/mvZnxjCzozQsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIOJ3Xj13/ETaZEXfHjQGAHgoLox99fjJzZ7/AMBj69JW//8PAAAAAAAAAAAAAADsFymKeCpSzF1YSxPV947a+dbAjZvjI6ObVzuYqpp9Vfnyp3bi5KnTX35h+Ew3z7dmPqT+TvtsvD526Vz9ldnrc/NTCwtTk/XxmdaV2cmp+97CdutvdLQ6APXrb9yYvHp1oX7y+VN3rL459MHgE4eHzg4/e+yZbtnxkdHRsfUitd7y/Q/ckI6tRngciCKORYrnvvuT1IyIIrZ/LGoP99xvdLDqxNGqE+Mjo1VHplvNmcVy5cXugSgi6j2VGt1jtPm5iP6Bh9qHrTUilsrmlw0+WnZvbK4537w8PVW/2JxfbC22Zmcupk5ry/7Uo4gzKWI5IlYH797cQBTRHym+/eRaupzf+lEdhy9VA4O3bkexi328D2U76wMRy8UjcM72scEo4rVI8dN3j8SVfJ+p7jVfjHitzO9H3Crz5YhUXhinI97f5Dri0dQfRfxZef7PrqXJ6n7Qva+c/1r9KzNXZ3vKdu8rH/H5cNedYo+eDwc35MOxz+9NtSiiWd3x19KD/2YHAAAAAAAAAAAAAAAAgJ12MIr4TKR49V//oBpXHNW49CfPDv/u0C/2jhl/+h7bKcs+HxFLxf2NyT2QBwZeTBdT2uOxxB9ntSjiD/P4v2/udWMAAAAAAAAAAAAAAAAAAAA+1or4caR46b0jaTl65xRvzVyrX2penu7MCtud+7c7Z3q73W7XUycbOSdyLuVczrmSczVnFLl+zkbOiZxLOZdzruRczRl9uX7ORs6JnEs5l3Ou5FzNGf25fs5GzomcSzmXc67kXM0Z+2TuXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAx0kRRfw8UnzrG2spUkQ0IiaikyuDe906AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA0mIr4XqSo/17j9rL+iEjVvx1Hyl9OR+NAmZ+MxnCZL0fjXM5mlf2Nb+5B+9megVTEjyLFYO2d2yc8n/+Bzrfbl0Hcenv922f7O9nXXTn0weATh588Ozz6+ae3+pw2a8DR862ZGzfr4yOjo2M9i/vz3j/Zs2wo77fYma4TEQtvvvVGc3p6av7BP5SXwANW757Jbez9YX5I/Y9MU33YiQ/Rvy+asTd9v0NtL25O7Lry+f9+pPjN9/6t+8DvPP9r8Qudb7ef8PGzP1p//r+0cUP3+fzv31gvP//LJ8Fmz/+nepa9lH83MtAfUVu8PjdwOKK28OZbx1rXm9emrk3NnD5+/MXh4RdPHR84EFG72pqe6vm0I4cLAAAAAAAAAAAAAAAA4OFJRfx2pGj+aC3VI+JmNV5r6Ozws8ee6Yu+arzVHeO2Xx+7dK7+yuz1ufmphYWpyfr4TOvK7OTU/e6uVg33Gh8Z3ZXO3NPBXW7/wdors3Nvzreu/f7ipusP1c5dXlicb17ZfHUcjCKi0bvkaNXg8ZHRqtHTreZMVfXipoPpP7qBVMS/R4orp+vpC3lZHv+/cYR/3Hr7xdvXwtLGDe3g+P/PH1of//eJnqLlPlMq4meR4jf+/On4QtXOQ3HXMcvl/jpSHD3zuVwuDpTlum3ovFegMzKwLPvfkeLvf35n2e54yKfWy574SAf3EVCe/ycjxff+9Dvxq3nZne9/6D3/68fv0MYN7dL7Hz7Vs+zQHe8r2HbXyef/WKR4+al34teqJf/7oe//6L6x4Uin8Pr7OXbp/P9yz7KhvN9f36nOAwAAAAAAAAAAPMIGUhF/Eyl+MNqfXsjL7ufv/01u3NAu/f2vT/csm9yZ+Yru+WHbBxUAAAAA9omBVMSPI8W1xXduj6G+c/x3z/jP31of/zmSNqyt/pzvl6r3Buzkn//1Gsr7ndh+twEAAAAAAAAAAAAAAAAAAGBfSamIF/J86hPVeP7JLedTX4kUr/7nc7lcOlyW684DP1T9WrswO3Ps3PT0bC0Wm5enp+pjc80rU2XdT0WKtb/6XK5bVPOrd+eb78zxvj4X+3ykGP3bbtnOXOzduck784HX2u2IE2XZT0SK//i7O8vmqanz3NHVdk+WZf8yUnz9Hzcve3i97Kmy7HcixQ+/Xu+WPVSW7b4f9dPrZZ+/MlvswlkBAAAAAAAAAAAAAAAAAADg42YgFfEnkeK/ri/fHsuf5/8f6PlaufV2z3z/G9ys5vkfqub/3+rzg8z/X71XYGmrvQIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOMpRRFvRYq5C2tpZbD83lE735q5cXN8ZHTzagdTVbOvKl/+1E6cPHX6yy8Mn+nmh9ffaZ+J18cunau/Mnt9bn5qYWFqsj4+07oyOzl131vYbv2NjlYHoH79jRuTV68u1E8+f+qO1TeHPhh84vDQ2eFnjz3TLTs+Mjo61lOmf+CB936XtMXyA1HEX0SK5777k/SDwYgitn8s7nHt7LaDVSeOVp0YHxmtOjLdas4slisvdg9EEVHvqdToHqN7nov/a7fbD6srm2hELJXNLxt8tOze2Fxzvnl5eqp+sTm/2Fpszc5cTJ3Wlv2pRxFnUsRyRKwO3r25gSjijUjx7SfX0j8NRvR1j8OXLox99fjJrdtR7GIf70PZzvpAxHJxP+eMrQxGEf8QKX767pH458GI/uj8xBcjXivz+xG3onO+U3lhnI54f5PriEdTfxTxP+X5P7uW3h0s7wfd+8r5r9W/MnN1tqds976yzedDu93+4zL37vnwMO3ze1MtivhhdcdfS//iv2sAAAAAAAAAAAAAAACAfaSIX4kUL713JFXjg2+PKW7NXKtfal6e7gzr6479646Zbrfb7XrqZCPnRM6lnMs5V3Ku5owi18/ZKLPWbk/k70s5l3Ou5FzNGX25fl81XLHdyN8nci7lXM65knM1Z/Tn+jkbOSdyLuVczrmSczVn7JOxewAAAAAAAAAAAAAAAAAAwOOlqP5J8a1vrKX2YGd+6Yno5Ir5QB97/x8AAP//Jhb4VQ==")
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080))
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000040)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x802053, 0x0, 0xfc, 0x0, &(0x7f00000000c0))
openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0)

8m59.69441948s ago: executing program 5 (id=340):
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x200000, &(0x7f0000000100)={[{@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x6}}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xffff}}]}, 0x3, 0x570, &(0x7f0000000c00)="$eJzs3V1rHFUYAOB3Nkm/tSmUoiIS6IWV2k2T+FFBsF6KFgt6X5dkGmo23ZLdlCYW2l7YG2+kCCIWxB/gvZfFP+CvKGihSAl64U1kNrPtNtnN52q2zvPAtOfMzObM2TPv2Xd2dtkACmsk+6cU8WLcjK+TiMNt2wYj3ziyst/So+uT2ZLE8vInfySR5Ota+yf5/wfzygsR8cuXESdLa9utLyzOVKrVdC6vjzZmr4zWFxZPXZqtTKfT6eXxiYkzb06Mv/P2Wz3r62vn//ru43sfnPnq+NK3Pz04cieJs3Eo39bejx242V4ZiZH8ORmKs6t2HOtBY/0k2e0DYFsG8jgfimwOOBwDedQD/383ImIZKKhE/ENBtfKA1rV9j66DnxkP31+5AFrb/8GV90ZiX/Pa6MBS8tSVUXa9O9yD9rM2fv797p1siQ3eh7jRg/YAWm7eiojTg4Nr578kn/+273TzzeP1rW6jaK8/sJvuZfnP653yn9Lj/Cc65D8HO8Tudmwc/6UHPWimqyz/e7dj/vt46hoeyGvPNXO+oeTipWp6OiKej4gTMbQ3q693P+fM0v3lbtva879sydpv5YL5cTwY3Pv0Y6YqjcpO+tzu4a2Il57kv0msmf/3NXPd1eOfPR/nN9nGsfTuK922bdz/dr3PgJd/jHi14/g/uaOVrH9/crR5Poy2zoq1/rx97Ndu7W+t/72Xjf+B9fs/nLTfr61vvY0f9v2ddtu23fN/T/Jps7wnX3et0mjMjUXsST5au378yWNb9db+Wf9PHF9//ut0/u+PiM822f/bR2933bUfxn9qS+O/9cL9D7/4vlv7mxv/N5qlE/mazcx/mz3AnTx3AAAAAAAA0G9KEXEoklL5cblUKpdXPt9xNA6UqrV64+TF2vzlqWh+V3Y4hkqtO92H2z4PMZZ/HrZVH19Vn4iIIxHxzcD+Zr08WatO7XbnAQAAAAAAAAAAAAAAAAAAoE8c7PL9/8xvA7t9dMC/zk9+Q3FtGP+9+KUnoC95/Yfi6hL/pgUoAIEOxSX+objEPxSX+IfiEv9QXOIfAAAAAAAAAAAAAAAAAAAAAAAAAAAAeur8uXPZsrz06PpkVp+6ujA/U7t6aiqtz5Rn5yfLk7W5K+XpWm26mpYna7Mb/b1qrXZlbDzmr4020npjtL6weGG2Nn+5ceHSbGU6vZAO/Se9AgAAAAAAAAAAAAAAAAAAgGdLfWFxplKtpnMKXQvvxW4fxucv7+ThSedRTto6uGJbTQz2yzAp9LSwyxMTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALT5JwAA//821zOC")
r0 = open(0x0, 0x14927e, 0x6)
open(&(0x7f0000000080)='./bus\x00', 0x400141042, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x100000000000001, 0x8005, 0x0, 0x0, 0x19, 0x1c, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x203]})
fallocate(r0, 0x0, 0x0, 0x1001f0)

8m59.271781648s ago: executing program 5 (id=341):
r0 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000000)=@base={0x12, 0x6, 0x8, 0x2}, 0x48)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000140), &(0x7f0000000240)=@udp6=r1}, 0x20)
r2 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r5 = getpid()
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
connect$unix(r6, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, 0x0, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

8m58.215376849s ago: executing program 5 (id=342):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000010000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
msgsnd(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200"], 0x8, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

8m57.857116366s ago: executing program 37 (id=342):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000010000850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x20, '\x00', 0x0, @fallback=0x27, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', r0, 0x0, 0xffffffffffffffff}, 0x18)
msgsnd(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0200"], 0x8, 0x0)
msgctl$IPC_RMID(0x0, 0x0)

7m49.226471727s ago: executing program 8 (id=538):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='cgroup.controllers\x00', 0x275a, 0x0)
setsockopt$TIPC_SRC_DROPPABLE(r0, 0x10f, 0x80, 0x0, 0x0)

7m49.05619094s ago: executing program 8 (id=540):
r0 = syz_init_net_socket$bt_rfcomm(0x1f, 0x1, 0x3)
getsockopt$bt_hci(r0, 0x0, 0x3, 0x0, 0x0)

7m48.845107904s ago: executing program 8 (id=541):
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff, 0x22, 0x0, @void}, 0x10)

7m48.738401847s ago: executing program 8 (id=542):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x0, 0x0})
r2 = openat$dma_heap(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r2, 0xc0184800, &(0x7f0000000100)={0x4, <r3=>r1})
splice(r2, &(0x7f00000002c0)=0x6, r0, &(0x7f0000000300), 0xffff, 0x6)
dup2(r3, r3)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a300000000048000000030a05020000000000000000010000000900030073797a320000000014000480080002400000000008000140000000000900010073797a3000000000080007006e6174003c000000060a"], 0xcc}, 0x1, 0x0, 0x0, 0x880}, 0x0)

7m48.484650311s ago: executing program 8 (id=543):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f0000002780)=@o_path={&(0x7f0000000e00)='./file0\x00', 0x0, 0x8, r1}, 0x18)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000120000002400000008000000850000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8000}, 0x94)
r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f00000005c0)='sched_switch\x00', r2}, 0x18)
bpf$BPF_PROG_QUERY(0x10, &(0x7f00000006c0)={@fallback=r3, 0x2, 0x1, 0x3, &(0x7f0000000480)=[0x0], 0x1, 0x0, &(0x7f0000000600)=[0x0, 0x0, 0x0, 0x0], &(0x7f0000000640)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], &(0x7f0000000680)=[0x0, 0x0, 0x0, 0x0, 0x0], <r4=>0x0}, 0x40)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000001000)={r2, 0xe0, &(0x7f0000000f00)={0x0, <r5=>0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, &(0x7f0000000780)=[0x0, 0x0], ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, 0x0, &(0x7f0000000dc0)=[0x0, 0x0, 0x0, 0x0, 0x0, 0x0], 0x0, 0xa2, &(0x7f0000000e00)=[{}, {}, {}, {}, {}], 0x28, 0x10, &(0x7f0000000e40), &(0x7f0000000e80), 0x8, 0xc1, 0x8, 0x8, &(0x7f0000000ec0)}}, 0x10)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000700)={@map=0x1, r2, 0x7, 0x34, 0x0, @void, @void, @void, @value=r5, r4}, 0x20)
bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f0000002b80)={0xffffffffffffffff}, 0x4)
r6 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r6, 0x3)
r7 = openat$cgroup_int(r1, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
sendfile(r7, r7, 0x0, 0x100000000)
close(0x3)
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r9 = bpf$PROG_LOAD(0x5, &(0x7f0000001140)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000006c0)={0xb, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x29, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r9}, 0x10)
ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000900)={'ip6_vti0\x00', 0x0})
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000a80), &(0x7f0000000ac0)=0x4)
getpeername$packet(0xffffffffffffffff, &(0x7f0000000fc0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @local}, &(0x7f0000001000)=0x14)
sendmmsg$inet(r0, &(0x7f0000002640)=[{{0x0, 0x0, &(0x7f0000000200)}}, {{&(0x7f0000000280)={0x2, 0x4e22, @local}, 0x10, 0x0, 0x0, &(0x7f0000002bc0)=[@ip_retopts={{0x34, 0x0, 0x7, {[@noop, @generic={0x5, 0x3, "89"}, @lsrr={0x83, 0x7, 0xde, [@local]}, @generic={0x44, 0x2}, @rr={0x7, 0xf, 0x5b, [@rand_addr=0x64010102, @private=0xa010100, @remote]}, @end, @generic={0x89, 0x6, "c83d235a"}]}}}, @ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @multicast1, @multicast2}}}, @ip_ttl={{0x14, 0x0, 0x2, 0x3}}, @ip_retopts={{0xd8, 0x0, 0x7, {[@rr={0x7, 0x23, 0xf7, [@rand_addr=0x64010100, @empty, @empty, @loopback, @multicast2, @empty, @multicast2, @empty]}, @lsrr={0x83, 0x1b, 0x9a, [@multicast1, @private=0xa010101, @loopback, @initdev={0xac, 0x1e, 0x0, 0x0}, @initdev={0xac, 0x1e, 0x1, 0x0}, @loopback]}, @timestamp={0x44, 0x4, 0x73}, @timestamp_prespec={0x44, 0x2c, 0xdd, 0x3, 0x3, [{@local}, {@remote, 0xfffffff9}, {@private=0xa010101, 0x9}, {@empty, 0x101}, {@multicast1, 0x5}]}, @generic={0x44, 0x2}, @cipso={0x86, 0x45, 0x0, [{0x2, 0xe, "95e78c8e72a1d722e462ad44"}, {0x0, 0x2}, {0x7, 0x7, "db10f4aed9"}, {0x0, 0x5, "11406e"}, {0x0, 0x2}, {0x7, 0x9, "b8e8efbd7cad9f"}, {0x1, 0xb, "76eb2ae24182c475a4"}, {0x1, 0xd, "bc4a0d5fa0c872fef9f491"}]}, @ssrr={0x89, 0x13, 0xb7, [@empty, @broadcast, @dev={0xac, 0x14, 0x14, 0x1b}, @rand_addr=0x64010100]}]}}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x2}}, @ip_ttl={{0x14, 0x0, 0x2, 0x5}}, @ip_tos_u8={{0x11, 0x0, 0x1, 0x8}}, @ip_tos_int={{0x14, 0x0, 0x1, 0x1}}], 0x1a8}}, {{0x0, 0x0, &(0x7f0000000f80)=[{&(0x7f0000000e40)="5fd1f8c5972bcfc2d70f5e4c5b8a37c1b1639cc1870c1d09f4215161a6170904018215d77be26c2dd93abadf32d36d53272a1767c5a2f7319b3d1ebb76d23eb6d691729f8834598210", 0x49}, {&(0x7f0000000ec0)}], 0x2}}, {{&(0x7f0000001080)={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0xa}}, 0x10, 0x0}}, {{0x0, 0x0, &(0x7f0000000cc0)}}], 0x5, 0x80)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x4}, 0x0, &(0x7f0000000240)={0x3fd, 0x0, 0x0, 0xa, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x6, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x916}, 0x0, 0x0, 0x0, 0x0)

7m46.945879872s ago: executing program 8 (id=547):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
close(r0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)

7m31.82479886s ago: executing program 38 (id=547):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
close(r0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r1, &(0x7f0000000000)={0x1f, 0x0, @any, 0x0, 0x1}, 0xe)
setsockopt$bt_BT_DEFER_SETUP(r1, 0x112, 0xf, &(0x7f0000000080)=0x4, 0x4)
shutdown(r0, 0x0)
recvmmsg(r0, &(0x7f00000055c0), 0x400023c, 0x300, 0x0)

7m16.143171808s ago: executing program 9 (id=643):
syz_mount_image$f2fs(&(0x7f00000001c0), &(0x7f0000001580)='./file0\x00', 0x0, &(0x7f0000000540)=ANY=[], 0x1, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f0000000240)={0x0, 0x18, 0xfa00, {0x3, 0x0, 0x2, 0x5}}, 0x20)
ioctl$FS_IOC_RESVSP(r0, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0xff01, 0x2000003})

7m13.130158407s ago: executing program 9 (id=647):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, 0x0, 0x0)

7m12.113167628s ago: executing program 9 (id=653):
ioctl$PPPIOCNEWUNIT(0xffffffffffffffff, 0xc004743e, &(0x7f0000000100))
ioctl$PPPIOCSACTIVE(0xffffffffffffffff, 0x40107446, &(0x7f0000001000)={0x2, &(0x7f0000000140)=[{0x48, 0x9, 0x0, 0x80000001}, {0x6, 0x1, 0xf7}]})
write(0xffffffffffffffff, &(0x7f0000000080)="3aa0", 0x2)

7m11.818220083s ago: executing program 9 (id=654):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xa, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB='huge=always,mpol=interleave'])
chdir(&(0x7f0000000240)='./file0\x00')
ftruncate(0xffffffffffffffff, 0x2007ffc)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000380)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/11], 0xf7, 0xedb, &(0x7f0000001940)="$eJzs3U9sHNX9APA3a6/txCZeAz8w8COk0IpAwQ4JUtNbEKhHxKV3UEhohKGooQci/oQeEJUQRUKcKg5UXCiVUqRWAlWqUE9tT6166wn1QqUqlYJ6IVLiKvZ7690XT3c9tme9u5+P9PXzmzc73+94g5k33n0bgLHVWPv68MOLRQjvffbuY688Xfz22ra72nscWvtaxF4rhNDs6BfZ8b6IG65cevnkZm0Rjq59Tf3w+MX2Y2dDCOfDofB5aIWPl1e++uj9Rw9/8sbMLW+fe/bVXTr9tvw8AABgFF3488rf7/vnnx5YuHzh4Ikw3d6ers9bsT8br/uPxAvldL3cCN39oiM6TWX7TcRoZPtNZPtNZnkmS/I1s+M0S/ab6pFvomPbZucJAAAAwyjNa1uhaCx19RuNpaX1ef81X8xPFUvPn1k5fXZAhQIAAACV/ee1tRfdCiGEEEIIIYQQYoRjdX7QdyAAAACAcZOvF3ad8zu7Ulf7aK3+8l98pLH542EH1P3vX/7hyv/h637jAABQ3aheTabzStfRaR2DfB3BiexxW73+b2THmdxinWXrCg7LeoNldeY/172qrP6tPo+DUlZ/vh7mXlVWf75O515VVv90zXVUVVb/TM11VFVW/76a66iqrP79NddRVVn9szXXUVVZ/XM111FVWf031FxHVWX1H6i5jqrK6h+Wl9WW1d+quY6qyupfqLmOqsrqv7HmOqoqq/+mmuuoqqz+m2uuY1DujG36ORzMxjvnz/mcbljmeAAAADDuvrb+nxBCCCGEEEIIMfLx2qBvQAAAAAADl94XkN71vhql8Yke45M9xps9xqd6jE/3GAcAAABC+N2bp297p9h4n/9218NL60al9Ze2uo5Rvh7hVvNvd92z7eYflnXLAAAAGC/F9z6/ev9jH7y4cPnCwRMds9+rcb6b1gGdjPcGPo399LqAuaxfpDn0ie48jZL98vsDN5Qd74ltnigAAACMsTR/b4WisdQx726FRmNpaWM+vhiaxekzK6eOxH76fJY/zjenr21/qOa6AQAAgP5tzPc3n/+nz/FdDFPF0vNnVk6fXe/Ptbc3G533BeY3thed9wVa2fajJduPxX76/M4fzO9b27508ocrT+/0yQMAAMCYOPvSuWefWlk59SPf+MY3fX3TGIv/dgb8iwkAANhxX375bvPHx+Z+v/7+/43179L7/w/Ffiuu7feXuEOaA6X3AVz3fv0nu/PMl+33Qvd+rWy/iRjTWd0zHccJHesNpsctlOVrdR9nqiTfbJZvLsuXr1Mwme2f8h3ItufrE6b95rPt+TqMk1mOIst/dwAAAIByyy8+98Ly2ZfOPXjmuaeeOfXMqeePHT3+3ePHjzz0nYeW117Xv9z56n4AAABgGG286HfQlQAAAAAAAAAAAAAAAAAAAMD4quPjxAZ9jgAAADDu/v1aCOG82JlY3QM1iB2O9Y/AHHwdQgghhBC9Y2IP1CCE2LOxupp/0jwAAADA7rpy6eWTne11zhc7mq99tNZ6czXmTe3cg39buBZpt4uPdN8v2b+j1TDu6v73L/9w5f/w9Z3NP5O+6fv3X6P7ACeq5b13+ZeLnflvn+wzf37+T1TLfzjLf2/oL//qB1n+J6vlvy/Lv7/P/Ned/wvV8t8f8y/G/uF7+s3f/fxPxzadx74+8387O/+nQ7/5s/Nv9Zkw80DMDwDjqDHoAnZJukpI19GzsZ/ON15uhvzVD1u9/m9kx5ncduXdx03XQbfGfrpemsvyJlutfzY73g0V68wNy6tKyurfqedxt5XV36y5jqrK6p+quY6qyuqfrrmOqsrqn6m5jqrK6u93HjpoZfUPy33lsvpna66jqrL652quo6qy+rf6//FBKav/QM11VFVW/3zNdVRVVn/F22q1K6t/oeY6qiqr/8aa66iqrP6baq6jqrL6b665jkG5I7Zl8+E0/5yPY6nfyvrTm/wsR/XeAgAAAAybf1n/TwghxF6KdEN60HUIIYQQdcbXq+v6fszM4GsWQxerqwO+AcFA7e67mQHYq/z+H2+e//Hm+R9vnn/+l/Qa/iLrJxM9xid7jDd7jE9l4/m/1+ke4zdlx4131dp3PW7uMf5/PcYP9Bi/tcf4Yo/x23qM395j/I4e4wAAAIyHW2JrfggAAACj65VfffrWb+598tLC5QsHT4Sp69adPxL70/Fv62/Gfr7ufdKMf/P/Sez/IrZ/iO0/sod5/QkAAADsvvQ5Mf7+DwAAAKMrfU6p+T8AAACMroXYmv8DAADA6Loxtub/AAAAMMKKmc03xzbdF7g7tj3W9QMAhsj/x/bO2B6M7V2x/UZs03XAPbH9Zk31AQA75+ff/+nxd4qN9f6PZeNX4vbUXuf8+p2CotG9kv++2O6P7bf6rCf/PIB+8ycH+syzW/nnt5kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdjbWvDz+6WITw3mfvPvazqbf+em3bXe09Dq19LWKvFUJoth+XRjf6v447Xrn08snO9mpsi3A0FKFobw+PX2xnmg0hnA+HwuehFT5eXvnqo/cfPfzJGzO3vH3u2Vd38UfQdX4AAAAwiv4bAAD//07RIe8=")
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010003f6fdd140402090b975f601020301090224000201005004090400f700c873b808090504105802030d5809042c"], &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0})

7m10.546557508s ago: executing program 6 (id=656):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000400)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x4c094)
r3 = socket(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x44, 0x24, 0x5820a61ca228659, 0x0, 0xfffffffe, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x5, 0x7}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_USC={0x10, 0x3, {0x6, 0x2}}}}]}, 0x79}}, 0x800)
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000001700)=@newtfilter={0x44, 0x28, 0xd27, 0x70bd2b, 0x25dfdbfd, {0x0, 0x0, 0x0, r4, {0xffff, 0x9}, {0xb}, {0x2, 0xb}}, [@filter_kind_options=@f_cgroup={{0xb}, {0x14, 0x2, [@TCA_CGROUP_EMATCHES={0x10, 0x3, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x401}}, @TCA_EMATCH_TREE_LIST={0x4}]}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8810}, 0x404c0c0)

7m9.758474924s ago: executing program 6 (id=657):
unshare(0x22020400)
r0 = socket$tipc(0x1e, 0x2, 0x0)
bind$tipc(r0, &(0x7f0000000100)=@nameseq={0x1e, 0x1, 0x1, {0x43, 0x2, 0x1}}, 0x10)

7m9.502354619s ago: executing program 6 (id=659):
socket$nl_netfilter(0x10, 0x3, 0xc)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, 0x0, 0x0, 0x0)
sendmmsg(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x11, 0x8, &(0x7f0000000200)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0ff5b14104fe62cc60e413905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289d01aa27ae8b09e00e79ab20b0b8e1148f49faf2ad0000000000000006fa03c6468972089b302d7bf2364149215108333719acd97cfa107d40224edc5465a93df8513a32ec450bebc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe511195418d605ffff9c4d2ec7c32f2095e63c80aff9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4929330142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da8c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000dd11e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15f2a169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f000010000000000000905ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400bee3dfc8fb24f67c1f001b2cd317902f19e385be9e48dccff729433282830689da6b53b263339863297771429d120000003341b74abaa7c95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb232bbdb9dc33cbd7643866fde41f94290c2a5ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595270fb4021428ce970275d13b78100788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f76dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d2e959efc71f665c4d75cf2458e3322c9062ece84c99a061997a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb5aac518a75f9e7d7101d5e186c489b3a06fb99f0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f4df90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d164118e4cbe02400000000ff0700000000cc9d8046c216c1f895778cb25122a2a998de44aeadea2a40da8daccf080842a4867217373934bbd42dcb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcd62981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba495aea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b60000000000001700d6d5210d7560eb92d6a97a27602b81f76386f1535b1fad6ec9a31137abf9a404abde7750898b1bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294059323e7a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd704e4214de5946932d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854356cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505466ac96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a428f1da1fc8df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1785eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945e20fa26b8471d42645288d7226bbd9c9e9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba891cea599b079b4b4ba686fcdf240430a537a395dc73bda367bf12cb7d81691a5fe8c47be2f5656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed1254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b70ebc660309e1e245b0fd78f9743af932cd6db49a47613808bad959719c0000000000378a921c7f7f6933c2e24c7e800003c9e8095e02985f28de0bbc76d58dd92606b1ef6486c85fa3e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6968d12418a4d2a0d086d8438d415d713acebc5b014e61a543a5a391f03daca80f08f0e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e112645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d624778e1c4cba6e6390a9f302c6eb2df7766411bef0ebb5000000000006065d6735eb7a00e127c000000000000000000000000000000a1c3da144589dcaddb71cf9374843e23f992a237a9040747e0434a8a643990b4059a98411ce867d1af7e8ea89f49e6f564d4dce8a7d6939a9214a7f39e83bd247e03a09dba000000000000000000000000aaf033d47249c8444bc13844cbf1be617d82b269e5ea0c0d525603c0ec543ea581f63893ae414a6683e941fdbdff03cfc5f8744583c0aa766a65321f907927a59d75b47f06895e8471ebc2840ce5bd054df223fb09b9c739ad64cfcfd2d498b0f11056f6c40874cb977c99b6bc1a8732198a17e610082b7ce0365f271b11d4b4a3d4c7d0bb273f406ecd4b26c93151c30f5a269991402d109becb1b9bafcb2b47e940000000000e540d8b0db3774effb7469a21f96e2594b2973ebf7a1bd9ace2ed4d6eb1735f85885be5be74dc2ea5d7d499bd28271b98f187f5879b16b409a04d78175cc8d0f707c822805d7011ed4b22419186dd2b22aadf15828db2ca19d79e1bf2f7989237ee5cb2e1eb7b2bfc92d3aa95a26f060935c4fee8b2d7d0bf3c6d82d04329164bd4ee0b8060183f36762b0440d9082d7c8b06e4c2024f77e1018758d28e7ee290f32a48bfc2aa10b3dba9bff00d2410f3477a8e0df689c880dc9a677cfaa16603527c06625a3363744cea5f2d350224cc0fea76c72ca08507235c67346722f20690fde0790f040f5fd3eff75f9b291cc5e9c686ebaadbe756c6fa039ff441e427ed12578d5cb041ebf729cfaa575cc852fbdb54e60435e6d62b9d270433b220ed9ff1ff042b8d3d866231c460765"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x1f)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r2}, 0x10)
close(0x4)
r3 = syz_init_net_socket$bt_hidp(0x1f, 0x3, 0x6)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0)
connect$bt_l2cap(r4, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x7ff}, 0xe)
ioctl$sock_bt_hidp_HIDPCONNADD(r3, 0x400448c8, &(0x7f0000000280)={r4, r4, 0x1, 0x1, &(0x7f00000000c0)='\x00', 0x48, 0x1, 0x5, 0x8, 0x8, 0x1, 0x2, 'syz0\x00'})
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, 0x0)
ioctl$sock_bt_hidp_HIDPCONNDEL(r3, 0x400448c9, &(0x7f0000000000)={@fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}})

7m8.95042662s ago: executing program 6 (id=661):
r0 = socket(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000004c00)=""/102392, 0x18ff8)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)=ANY=[@ANYBLOB="680000001000ffff25bd7000fddbdf2500000000", @ANYRES32=0x0, @ANYBLOB="1720000021200000400012800c0001006d6163766c616e0030000280080003000300000008000100100000001c0005800a000400aaaaaaaaaa2d00000a0004003426f7b68ed1000008000500", @ANYRES64=r1], 0x68}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0xfc)

7m8.688053235s ago: executing program 9 (id=663):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = openat$rfkill(0xffffffffffffff9c, 0x0, 0x801, 0x0)
r1 = dup(r0)
pipe2$9p(&(0x7f0000000200)={<r2=>0xffffffffffffffff}, 0x80080)
mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000001c0), 0x10, &(0x7f00000002c0)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r1}, 0x2c, {[{@uname={'uname', 0x3d, '/dev/rfkill\x00'}}]}})
write$rfkill(r0, &(0x7f0000000080)={0x0, 0x1, 0x3, 0x1}, 0x8)

7m8.009039288s ago: executing program 6 (id=664):
r0 = socket$inet(0x2, 0x2, 0x1)
sendmsg$SEG6_CMD_SETHMAC(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x14}, 0x4010)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f0000000040)={0x2, 0x2400, @rand_addr=0x64010101}, 0x10, &(0x7f0000000080)=[{&(0x7f0000000640)="080024c0c64cd826", 0x8}], 0x1, &(0x7f0000000100)=ANY=[@ANYBLOB="1c000000000000000000000007000000810b040a0101027f07000100000000001c000000000000000000000008"], 0x40}, 0x0)

7m7.894590551s ago: executing program 9 (id=665):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0xd, 0xd, &(0x7f0000000740)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

7m7.464897159s ago: executing program 39 (id=665):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0xd, 0xd, &(0x7f0000000740)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x6, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)

7m7.43872856s ago: executing program 2 (id=589):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x218}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a00000000000000000000000c00090008000080", @ANYRES32=r2, @ANYBLOB="14000500fe80"], 0x3c}}, 0x0)

7m7.248980863s ago: executing program 40 (id=589):
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x218}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000006c0)=ANY=[@ANYBLOB="3c0000001800010000000000000000000a00000000000000000000000c00090008000080", @ANYRES32=r2, @ANYBLOB="14000500fe80"], 0x3c}}, 0x0)

7m7.190625625s ago: executing program 6 (id=669):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

7m7.098141377s ago: executing program 41 (id=669):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

11.010107043s ago: executing program 3 (id=2730):
socket(0x80000000000000a, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x2000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed8"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0xd, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

10.293726027s ago: executing program 7 (id=2732):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
close(0x3)
bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0xe, 0x16, &(0x7f0000000e00)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000087000003d0301000000000095000000000000006926000000000000bf67000000000000150a00000fff07003506000043fe0000160600000ee60000bf050000000000001f620000000000006507000000000000460700004c0000000f72000000000000bf5400000000000007040000f0fff8ffad420100000000009500000000000000050000000000000095000000000000001c0a7900009d3c2792432a4fa650c512aee994a56462712cb064ecce5e7a9ce0a575a4f7952cb768637e60bd5d2e4b5992de991371274fdf535e001022e25659a7c85615c1b88bc894123c090014e8fb87efecdcb73858479526222b22ff81971ef49b2cb0dcebea6d90e9c1677fbefd35893d883a2c559b7af8db8b2d89fcc8af461b2a74af360eace66cec40d927006bd666c8122217c27902b3933106d0cc5bf6fec345ae9606c3c1a3000c94df67ae600900ffa2f49ec035883e27b1a9e9dff3e8bfc7d1be00f1a0820102b19000000000000000009095601e090012086dee84efd375f0642ed261765d3b9efdfbed9b430bcf04060000bdff1c8bcfc00300000000000000ab5d5f299354997c8bef9ca55841a57eddff9220c67c9e17bee524c3dc74c0271124cf9e4e2d23f7062351edf77c7129eb89085967722da6cb884d1afe82f7f722e38397996271700241094d272dd8b754b2dd36d486e7ffd1bdc198deb495cac0995ca3ef6c1affb693ae366b0f11db6ee4830d87a347d448b0737e852306b4713e5ce6cac6a27e29f164b9f16d6f045271b8e9f172c3db24558d77b8bf18be45c50b3fc005fa7b5e45a209d48d6dc2389d7f34cb9c02cf517c8ee8a9b6159ce895101c2ccff2bde95aa860ed9b8b6d6b8fcab7663d9bd8415e6f90fdb007b8f3e0ffe3a638c4fd88d20d235173720c1df1147c9f5013c82fc98604bd70cd56609a6b73943748a900e1d8cf81bcb1d2620bee688eb0a284040000005cc3ba8bf0b5e0fc018463d03a73fa85429725545128b0e9b550a13d0dd35092250b7d00ff03d5314fa8d37932055bb6d30d0000cad2375a34c7f15c3096f31e6aa6887864f62760ae35214552982bba84d92b1261251330dde4cf97b7cc6b2349e4f7a56003f7303d210fccd2efe6cda2595aacc36db66ff83af576b56dfbd40b15d569244d7d6e1182c4fa829c3f86acd17082bfed73ab9ef37705f9d2734801899e248e1a7155e28f000000000000000fce52263e3953a6f8560f852602ca905b58a9e2dbf16dd0322d0bb3ceb1b01752230bcbbf731701b2b1768aabb9a002090c09ab606e91ad9d88e7205464594add8691b62d55127cd891b8abe4358697e1b5f038773c0aa220cdce78b9346adbd72b293e66ef1a04905aaf6bd31e8d40d425d21232956ee45935d7adb2bf9fb37ff145472c58dbc8db58d0cde99df77d86ed71070000000000006d5cf959fb84c9f8ec46ec9af313d13d1bd85d57f598c00eb7bb8b6b4ff5875a50e2ea3287cf0f838bffdbf985fdce1fb66979b51cc6d6d6661354f33986f7acee499e25e3b70db6f15d7f2bfc0000000000000000ff7f00009eeb78c3d2e83f5e0eaf5cec82f45884cb0394271826ac2d5cc0afc4e784b515c659901c5c6a8573436be7b0f64c6176ef37db239a1ee9839436e951aef4196798d518a4820a241cec1b3e4923dae4c87d460900000000000000de7b13645fc6921a759e2c23153f432a3e5167628a94aacd0f40543049d8ef9787b56006227f143ce5554837675b93eeced66fe71bbe2c055660d23af1c9a83b78d0fde1f9dd526858a320563807a1ef41829913ce0b280010dca0cb3a98a8986e8e656dcaa6ae4ee6717a29e50450688763f1b17c156b860ba0d5a121d00ceac30ef5e104c43d76074c3884cb8fa504ebc94f7c83e90b6cad8d2a02df007bd585f4472cfb004cd9f09995000000000021000002cfceb7feffffffffffffffb1a6c40ac666744ca6c8fbba8452b686fd9b6250edd7d86ebc35898637dd88540e40d5799c11ee9883be26229eeee3941494fcd4389af9b755843126338c346b4d50a5b8684ad74bad46f4ffd86292d72a933fcb7304aef4b4a4bf6e054fea3549e08c0dd2334f485da9382887c16306176f73f029e2f9f8145360cfd5ffd66ae82d51e683ff364981b358a5f48af10059a0716951942eed021e41ba076d486cd095ffcefc3e8b8ead226c5a640b06fc13311826d024248f14b62a7fb0f9b95c9e23e7d29aca69e77db40dd00c0b20e43e300b1a46e243e2a8321dbb1270a22d9a2368de08d625566f253f0760abb44c11583fa5b914ab298ade422e4c0ddc7b17dd2aa8ac94d93d6b590000000000000000000000009b90eb1db265c18521667d305886e9c47ad357a76be0c9ce899bdd80a51a2017190a590d092bc500ea71b338098d1007517c1d6e785d5e0975ca2c2edf221b30377e61fce8bf47e7b93da593d154caca75b1ef1273aa501807005593ba45d219d7c656be0fb900000000004093461ceec5fce099368e07060c21cabb846f2447fc7223731787bda817113489be9925b2f568b15e5d22c8fabbfd3edac460c70a5619a043ada38fea3b104f9c1a473b7820faecfbb40b5e0d3681013c0cb2b8acc1ceb5f790210a3be07b2727c4e5a5d20468b3ed35f9a71519904c6dd76dee5738dcdac1f4358bb65c1aca8eb0a65aacbaaca92cc7cc553b1c5181d81c15ff4eaea3bcbfc4e0d06bd8d2e2"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000040), 0x8, 0x10, &(0x7f0000000000), 0x10}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r2=>0x0}, 0x8)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r2, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r3, r1, 0x0, r0}, 0x10)

10.14340704s ago: executing program 0 (id=2733):
socket$inet_mptcp(0x2, 0x1, 0x106)
syz_usb_connect(0x5, 0x24, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(0xffffffffffffff9c, 0x0, 0x42, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4811}, 0x0)
sendmsg$NFT_BATCH(r3, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWRULE={0x3c, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x1}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_EXPRESSIONS={0x10, 0x4, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, @dup={{0x8}, @void}}]}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x2}}}, 0x64}, 0x1, 0x0, 0x0, 0x4000850}, 0x0)

10.090591301s ago: executing program 7 (id=2734):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000580)='./file0\x00', 0x2c41, 0x0)
pipe2$9p(0x0, 0x0)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000500)=ANY=[@ANYBLOB="1500000065ffff048000000800395032303030"], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_NOTIFY_RETRIEVE(0xffffffffffffffff, &(0x7f00000000c0)={0x14c}, 0x137)
mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000040), 0x0, &(0x7f0000000840)=ANY=[@ANYRESHEX, @ANYBLOB, @ANYRESHEX, @ANYBLOB=',cache=readahead,k'])
read$FUSE(r0, 0x0, 0x0)
r1 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0)
read$FUSE(r1, &(0x7f0000000580)={0x2020, 0x0, <r2=>0x0}, 0x2020)
write$FUSE_DIRENTPLUS(r1, &(0x7f00000029c0)={0x10, 0x0, r2}, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x1)
removexattr(&(0x7f0000000200)='./cgroup\x00', 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, &(0x7f0000000000)={'pimreg0\x00', 0x0})
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
set_mempolicy(0x2, &(0x7f0000000080)=0x51e1, 0x3ff)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x578410eb)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
timer_create(0x0, 0x0, 0x0)

10.058972342s ago: executing program 3 (id=2735):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r2=>0x0}, 0x8)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=r2, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r3, 0x4)

9.796782597s ago: executing program 3 (id=2736):
r0 = openat$6lowpan_control(0xffffffffffffff9c, &(0x7f0000003040), 0x2, 0x0)
write$6lowpan_control(r0, &(0x7f0000003080)='connect aa:aa:aa:aa:aa:11 0', 0x1b)

7.598673981s ago: executing program 7 (id=2737):
io_setup(0x10000, &(0x7f0000000800))
socketpair$unix(0x1, 0x3, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
io_setup(0x9, &(0x7f0000002e40))

7.297428496s ago: executing program 3 (id=2738):
prlimit64(0x0, 0xe, &(0x7f0000000040)={0xa, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000400), 0x0, 0x0)
chdir(&(0x7f0000000240)='./file0\x00')
ftruncate(0xffffffffffffffff, 0x2007ffc)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x800000009)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x1, 0x0)
vmsplice(0xffffffffffffffff, &(0x7f00000005c0)=[{&(0x7f0000000180)="04", 0x1}], 0x1, 0x6)
syz_mount_image$nilfs2(&(0x7f0000000ec0), &(0x7f0000000380)='./file0\x00', 0x2, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'/11], 0xf7, 0xedb, &(0x7f0000001940)="$eJzs3U9sHNX9APA3a6/txCZeAz8w8COk0IpAwQ4JUtNbEKhHxKV3UEhohKGooQci/oQeEJUQRUKcKg5UXCiVUqRWAlWqUE9tT6166wn1QqUqlYJ6IVLiKvZ7690XT3c9tme9u5+P9PXzmzc73+94g5k33n0bgLHVWPv68MOLRQjvffbuY688Xfz22ra72nscWvtaxF4rhNDs6BfZ8b6IG65cevnkZm0Rjq59Tf3w+MX2Y2dDCOfDofB5aIWPl1e++uj9Rw9/8sbMLW+fe/bVXTr9tvw8AABgFF3488rf7/vnnx5YuHzh4Ikw3d6ers9bsT8br/uPxAvldL3cCN39oiM6TWX7TcRoZPtNZPtNZnkmS/I1s+M0S/ab6pFvomPbZucJAAAAwyjNa1uhaCx19RuNpaX1ef81X8xPFUvPn1k5fXZAhQIAAACV/ee1tRfdCiGEEEIIIYQQYoRjdX7QdyAAAACAcZOvF3ad8zu7Ulf7aK3+8l98pLH542EH1P3vX/7hyv/h637jAABQ3aheTabzStfRaR2DfB3BiexxW73+b2THmdxinWXrCg7LeoNldeY/172qrP6tPo+DUlZ/vh7mXlVWf75O515VVv90zXVUVVb/TM11VFVW/76a66iqrP79NddRVVn9szXXUVVZ/XM111FVWf031FxHVWX1H6i5jqrK6h+Wl9WW1d+quY6qyupfqLmOqsrqv7HmOqoqq/+mmuuoqqz+m2uuY1DujG36ORzMxjvnz/mcbljmeAAAADDuvrb+nxBCCCGEEEIIMfLx2qBvQAAAAAADl94XkN71vhql8Yke45M9xps9xqd6jE/3GAcAAABC+N2bp297p9h4n/9218NL60al9Ze2uo5Rvh7hVvNvd92z7eYflnXLAAAAGC/F9z6/ev9jH7y4cPnCwRMds9+rcb6b1gGdjPcGPo399LqAuaxfpDn0ie48jZL98vsDN5Qd74ltnigAAACMsTR/b4WisdQx726FRmNpaWM+vhiaxekzK6eOxH76fJY/zjenr21/qOa6AQAAgP5tzPc3n/+nz/FdDFPF0vNnVk6fXe/Ptbc3G533BeY3thed9wVa2fajJduPxX76/M4fzO9b27508ocrT+/0yQMAAMCYOPvSuWefWlk59SPf+MY3fX3TGIv/dgb8iwkAANhxX375bvPHx+Z+v/7+/43179L7/w/Ffiuu7feXuEOaA6X3AVz3fv0nu/PMl+33Qvd+rWy/iRjTWd0zHccJHesNpsctlOVrdR9nqiTfbJZvLsuXr1Mwme2f8h3ItufrE6b95rPt+TqMk1mOIst/dwAAAIByyy8+98Ly2ZfOPXjmuaeeOfXMqeePHT3+3ePHjzz0nYeW117Xv9z56n4AAABgGG286HfQlQAAAAAAAAAAAAAAAAAAAMD4quPjxAZ9jgAAADDu/v1aCOG82JlY3QM1iB2O9Y/AHHwdQgghhBC9Y2IP1CCE2LOxupp/0jwAAADA7rpy6eWTne11zhc7mq99tNZ6czXmTe3cg39buBZpt4uPdN8v2b+j1TDu6v73L/9w5f/w9Z3NP5O+6fv3X6P7ACeq5b13+ZeLnflvn+wzf37+T1TLfzjLf2/oL//qB1n+J6vlvy/Lv7/P/Ned/wvV8t8f8y/G/uF7+s3f/fxPxzadx74+8387O/+nQ7/5s/Nv9Zkw80DMDwDjqDHoAnZJukpI19GzsZ/ON15uhvzVD1u9/m9kx5ncduXdx03XQbfGfrpemsvyJlutfzY73g0V68wNy6tKyurfqedxt5XV36y5jqrK6p+quY6qyuqfrrmOqsrqn6m5jqrK6u93HjpoZfUPy33lsvpna66jqrL652quo6qy+rf6//FBKav/QM11VFVW/3zNdVRVVn/F22q1K6t/oeY6qiqr/8aa66iqrP6baq6jqrL6b665jkG5I7Zl8+E0/5yPY6nfyvrTm/wsR/XeAgAAAAybf1n/TwghxF6KdEN60HUIIYQQdcbXq+v6fszM4GsWQxerqwO+AcFA7e67mQHYq/z+H2+e//Hm+R9vnn/+l/Qa/iLrJxM9xid7jDd7jE9l4/m/1+ke4zdlx4131dp3PW7uMf5/PcYP9Bi/tcf4Yo/x23qM395j/I4e4wAAAIyHW2JrfggAAACj65VfffrWb+598tLC5QsHT4Sp69adPxL70/Fv62/Gfr7ufdKMf/P/Sez/IrZ/iO0/sod5/QkAAADsvvQ5Mf7+DwAAAKMrfU6p+T8AAACMroXYmv8DAADA6Loxtub/AAAAMMKKmc03xzbdF7g7tj3W9QMAhsj/x/bO2B6M7V2x/UZs03XAPbH9Zk31AQA75+ff/+nxd4qN9f6PZeNX4vbUXuf8+p2CotG9kv++2O6P7bf6rCf/PIB+8ycH+syzW/nnt5kfAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgdjbWvDz+6WITw3mfvPvazqbf+em3bXe09Dq19LWKvFUJoth+XRjf6v447Xrn08snO9mpsi3A0FKFobw+PX2xnmg0hnA+HwuehFT5eXvnqo/cfPfzJGzO3vH3u2Vd38UfQdX4AAAAwiv4bAAD//07RIe8=")
syz_usb_connect(0x3, 0x36, &(0x7f0000000040)=ANY=[@ANYBLOB="12010003f6fdd140402090b975f601020301090224000201005004090400f700c873b808090504105802030d5809042c"], &(0x7f0000000e80)={0x0, 0x0, 0x0, 0x0})
prlimit64(r0, 0xd, &(0x7f0000000000)={0x3, 0x1}, 0x0)

6.60978742s ago: executing program 0 (id=2739):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r3)
openat$audio(0xffffffffffffff9c, 0x0, 0x74200, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x29, 0x0}, 0x2040045)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = io_uring_setup(0x5f41, &(0x7f00000001c0)={0x0, 0x0, 0x2})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r7=>0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r7, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x55c3, 0x10, 0x4, 0x401, 0x100, 0x408, 0x0, 0x52, 0x43, 0xd10a, 0x401, 0x8aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r7], 0x1})
close_range(r5, 0xffffffffffffffff, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x1a80005, 0x0)
recvmsg$inet_nvme(0xffffffffffffffff, 0x0, 0x101)
fsopen(&(0x7f0000000040)='ceph\x00', 0x0)

6.09725692s ago: executing program 7 (id=2741):
syz_emit_ethernet(0x7a, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd60dd690b00442f00fc000000000000000000000000000000ff020000000000000000000000000001242081000000000000000800000086dd080088be81000000100000000100000000000000ff0022eb00000000200000"], 0x0)

5.037232461s ago: executing program 4 (id=2742):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20020008008f}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000500)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2, 0xa}}, 0xffffffffffffffdf)
openat$procfs(0xffffffffffffff9c, &(0x7f0000001300)='/proc/timer_list\x00', 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r4}, 0x38)

4.947340752s ago: executing program 7 (id=2743):
socket(0x80000000000000a, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x2000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed8"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0xd, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

4.906188673s ago: executing program 0 (id=2744):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"/13], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r2=>0x0}, 0x8)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=r2, 0x4)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r4}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r3, 0x4)

4.194460747s ago: executing program 0 (id=2745):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0xffffffb3, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000240)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
r4 = syz_io_uring_setup(0x10d, &(0x7f0000000380)={0x0, 0x25b9, 0x100, 0x3, 0x215}, &(0x7f0000000040)=<r5=>0x0, &(0x7f0000000140)=<r6=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r5, r6, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0x40, 0x0, r3, 0x32, &(0x7f00000000c0)=@un=@abs={0x1, 0x0, 0x4e20}})
io_uring_enter(r4, 0x3516, 0x483, 0x0, 0x0, 0x0)
ioctl$PPPIOCSPASS(0xffffffffffffffff, 0x40107447, 0x0)

3.988979921s ago: executing program 4 (id=2746):
open_tree(0xffffffffffffff9c, &(0x7f0000001700)='./file0\x00', 0x89901)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000780)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000016c0)=[{0x0}], 0x1}, 0x44004)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000300)='rcu_utilization\x00', r3}, 0x10)
syz_open_dev$I2C(0x0, 0x80, 0x14000)
mount(0x0, &(0x7f0000000180)='./file0\x00', 0x0, 0x2014800, 0x0)
socket$inet6_mptcp(0xa, 0x1, 0x106)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$IP6T_SO_SET_REPLACE(r4, 0x29, 0x40, &(0x7f0000000140)=@raw={'raw\x00', 0x8, 0x3, 0x3a0, 0x0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x4c0, 0xffffffff, 0xffffffff, 0x4c0, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0x1a0, 0x1c0, 0x60030000, {0x0, 0xff000000}, [@common=@inet=@recent0={{0xf8}, {0x81, 0x0, 0x24, 0x0, 'syz1\x00'}}]}, @unspec=@TRACE={0x20}}, {{@uncond, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x0, 0x0, 0x0, 0x0, 'syz1\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x400)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r5 = mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x42, 0x0, 0x0)
mq_timedreceive(r5, &(0x7f0000004600)=""/102381, 0xfffffceb, 0x0, 0x0)

3.861387394s ago: executing program 7 (id=2747):
r0 = socket$inet(0xa, 0x801, 0x84)
connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10)
listen(r0, 0x8)
syz_open_dev$vbi(&(0x7f0000000000), 0x1, 0x2)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_TDLS_MGMT(r1, &(0x7f0000000640)={0x0, 0x0, &(0x7f0000000600)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYBLOB, @ANYRES32, @ANYBLOB="05008900060000000500880008000000060048"], 0x38}, 0x1, 0x0, 0x0, 0x4040000}, 0xc000)
r2 = syz_usb_connect(0x3, 0x73, &(0x7f0000000400)=ANY=[@ANYBLOB="12010000396d0940fd101315ce7e0102030109026100010000000009040001"], 0x0)
syz_usb_control_io$printer(r2, 0x0, 0x0)

2.426020392s ago: executing program 3 (id=2748):
ioctl$VIDIOC_G_EXT_CTRLS(0xffffffffffffffff, 0xc0205649, &(0x7f0000000040)={0x0, 0x1, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000080)={0x98f907, 0x0, '\x00', @value=0x6}})
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001180)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r0, 0x8b19, &(0x7f0000000040)={'wlan1\x00', @random="0100"})

2.421404643s ago: executing program 0 (id=2749):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_SWAP(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x34, 0x6, 0x6, 0x201, 0x0, 0x0, {0xa, 0x0, 0x5}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME2={0x9, 0x3, 'syz1\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x34}, 0x1, 0x0, 0x0, 0x4c880}, 0x4044)

2.408789013s ago: executing program 4 (id=2750):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
ioctl$EVIOCGREP(0xffffffffffffffff, 0x80084524, 0x0)
getresgid(0x0, 0x0, &(0x7f00000016c0))
close(0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setaffinity(0x0, 0x0, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$binfmt_register(0xffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000000200)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x8, 0x3a, '/proc/sys/fs/binfmt_misc/register\x00', 0x3a, '/proc/sys/fs/binfmt_misc/register\x00', 0x3a, './file0/../file0', 0x3a, [0x4f, 0x43]}, 0x76)
getpid()
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'sit0\x00', <r4=>0x0})
ioctl$sock_inet6_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, &(0x7f0000000080)={@loopback={0x0, 0x3fc}, 0x0, r4})

1.359029523s ago: executing program 4 (id=2751):
syz_emit_ethernet(0x7a, &(0x7f0000000080)=ANY=[@ANYBLOB="ffffffffffff00000000000086dd60dd690b00442f00fc000000000000000000000000000000ff020000000000000000000000000001242081000000000000000800000086dd080088be81000000100000000100000000000000ff0022eb00000000200000"], 0x0)

1.287789744s ago: executing program 0 (id=2752):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x40, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x3, 0x2, 0x3000, 0x1000, &(0x7f0000feb000/0x1000)=nil})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000000)=[@text64={0x40, 0x0}], 0x1, 0x42, 0x0, 0x0)
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
dup(r3)
openat$audio(0xffffffffffffff9c, 0x0, 0x74200, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, 0x0}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x29, 0x0}, 0x2040045)
process_vm_readv(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r4 = syz_open_dev$sndmidi(0x0, 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r5 = io_uring_setup(0x5f41, &(0x7f00000001c0)={0x0, 0x0, 0x2})
r6 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r6, 0xc04064a0, &(0x7f0000000400)={0x0, &(0x7f0000000140)=[<r7=>0x0], &(0x7f0000000180)=[0x0], 0x0, 0x0, 0x1, 0x1})
ioctl$DRM_IOCTL_MODE_SETCRTC(r6, 0xc06864a2, &(0x7f00000002c0)={0x0, 0x0, r7, 0x0, 0x80, 0x5, 0x9, 0x0, {0x9, 0x1000, 0x55c3, 0x10, 0x4, 0x401, 0x100, 0x408, 0x0, 0x52, 0x43, 0xd10a, 0x401, 0x8aa5, "cb630dab3a0338057401a192419598961f50dc45c87d55a52a28b8f01c0e0e7a"}})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r6, 0xc01864c6, &(0x7f00000003c0)={&(0x7f0000000280)=[r7], 0x1})
close_range(r5, 0xffffffffffffffff, 0x0)
mount$overlay(0x0, 0x0, 0x0, 0x1a80005, 0x0)
recvmsg$inet_nvme(0xffffffffffffffff, 0x0, 0x101)
fsopen(&(0x7f0000000040)='ceph\x00', 0x0)

1.248230615s ago: executing program 4 (id=2753):
r0 = bpf$ITER_CREATE(0xb, &(0x7f0000000100), 0x0)
close(r0)
syz_open_procfs$namespace(0xffffffffffffffff, &(0x7f0000000300)='ns/net\x00')
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f00000003c0)=@bpf_lsm={0x1e, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="1800"/15], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={r1, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r2=>0x0}, 0x8)
r3 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f00000002c0)=r2, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000340)=r3, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000240)=r3, 0x4)

1.166585027s ago: executing program 3 (id=2754):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0x3, 0x1}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0x5, r0}, 0x38)

0s ago: executing program 4 (id=2755):
socket(0x80000000000000a, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x2000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000140)='kmem_cache_free\x00', r2}, 0x10)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262"], &(0x7f0000000080)='GPL\x00', 0x5, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0xd, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

kernel console output (not intermixed with test programs):

tipc: Resetting bearer <eth:syzkaller0>
[  396.692997][ T7921] tipc: Resetting bearer <eth:syzkaller0>
[  396.708632][ T9508] tipc: Resetting bearer <eth:syzkaller0>
[  397.271662][    T8] tipc: Node number set to 388028802
[  397.549422][ T9516] loop7: detected capacity change from 0 to 32768
[  397.577955][ T9516] NILFS (loop7): unrecognized mount option ""
[  401.573203][ T9508] tipc: Disabling bearer <eth:syzkaller0>
[  401.586408][ T9535] netlink: 4 bytes leftover after parsing attributes in process `syz.3.715'.
[  402.608525][ T9551] syzkaller0: entered promiscuous mode
[  402.631647][ T9551] syzkaller0: entered allmulticast mode
[  405.215148][ T9578] netlink: 12 bytes leftover after parsing attributes in process `syz.4.728'.
[  405.236228][ T9578] vlan2: entered promiscuous mode
[  405.245949][ T9578] gretap0: entered promiscuous mode
[  406.352395][ T9584] loop4: detected capacity change from 0 to 32768
[  406.372915][ T9584] NILFS (loop4): unrecognized mount option ""
[  406.532101][ T5798] Bluetooth: hci0: command 0x0c1a tx timeout
[  406.533994][   T50] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  407.550325][ T9606] netlink: 8 bytes leftover after parsing attributes in process `syz.7.739'.
[  409.393610][ T9623] netlink: 28 bytes leftover after parsing attributes in process `syz.0.742'.
[  411.149794][ T9640] netlink: 'syz.4.748': attribute type 11 has an invalid length.
[  411.414918][ T9645] syzkaller0: entered promiscuous mode
[  411.431238][ T9645] syzkaller0: entered allmulticast mode
[  412.326284][ T9655] tipc: Started in network mode
[  412.339178][ T9655] tipc: Node identity 9a87b553dbae, cluster identity 4711
[  412.354416][ T9655] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  412.376998][ T9655] syzkaller0: entered promiscuous mode
[  412.383103][ T9655] syzkaller0: entered allmulticast mode
[  412.498670][ T9654] tipc: Resetting bearer <eth:syzkaller0>
[  412.606004][ T9654] tipc: Disabling bearer <eth:syzkaller0>
[  414.958698][ T9691] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  414.971152][ T9691] syzkaller0: entered promiscuous mode
[  414.977126][ T9691] syzkaller0: entered allmulticast mode
[  415.031708][ T9690] tipc: Resetting bearer <eth:syzkaller0>
[  415.128385][ T9690] tipc: Disabling bearer <eth:syzkaller0>
[  415.565701][ T9701] netlink: 84 bytes leftover after parsing attributes in process `syz.4.769'.
[  415.801303][ T9703] netlink: 'syz.7.770': attribute type 11 has an invalid length.
[  416.038188][ T9709] netlink: 8 bytes leftover after parsing attributes in process `syz.0.774'.
[  416.288459][ T9722] syzkaller0: entered promiscuous mode
[  416.296599][ T9722] syzkaller0: entered allmulticast mode
[  417.400043][ T9737] netlink: 8 bytes leftover after parsing attributes in process `syz.3.784'.
[  417.559523][ T9744] ax25_connect(): syz.3.788 uses autobind, please contact jreuter@yaina.de
[  417.962260][ T9755] netlink: 'syz.4.793': attribute type 11 has an invalid length.
[  418.313258][ T9763] netlink: 4 bytes leftover after parsing attributes in process `syz.0.796'.
[  418.438614][ T9741] loop7: detected capacity change from 0 to 40427
[  418.466898][ T9741] F2FS-fs (loop7): invalid crc value
[  418.486395][ T9741] F2FS-fs (loop7): Found nat_bits in checkpoint
[  418.662132][ T9741] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  418.691208][ T9772] syzkaller0: entered promiscuous mode
[  418.717578][ T9772] syzkaller0: entered allmulticast mode
[  418.876630][ T9778] syz.7.786: attempt to access beyond end of device
[  418.876630][ T9778] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  419.241165][ T9785] netlink: 'syz.4.803': attribute type 11 has an invalid length.
[  420.234124][   T50] Bluetooth: hci3: link tx timeout
[  420.240084][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.252731][   T50] Bluetooth: hci3: link tx timeout
[  420.257884][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.291913][   T50] Bluetooth: hci3: link tx timeout
[  420.297142][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.306818][   T50] Bluetooth: hci3: link tx timeout
[  420.313754][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.322170][   T50] Bluetooth: hci3: link tx timeout
[  420.327342][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.341711][   T50] Bluetooth: hci3: link tx timeout
[  420.347216][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.388346][   T50] Bluetooth: hci3: link tx timeout
[  420.393880][   T50] Bluetooth: hci3: killing stalled connection 11:aa:aa:aa:aa:aa
[  420.531482][ T9810] netlink: 8 bytes leftover after parsing attributes in process `syz.4.810'.
[  421.123485][ T7609] syz-executor: attempt to access beyond end of device
[  421.123485][ T7609] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  421.154761][ T7609] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  421.575560][ T5794] IPVS: starting estimator thread 0...
[  421.703487][ T9834] IPVS: using max 18 ests per chain, 43200 per kthread
[  421.845364][ T9839] syzkaller0: entered promiscuous mode
[  421.850938][ T9839] syzkaller0: entered allmulticast mode
[  422.287912][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  422.880781][ T9879] netlink: 4 bytes leftover after parsing attributes in process `syz.3.829'.
[  423.105390][ T9887] netlink: 128 bytes leftover after parsing attributes in process `syz.4.832'.
[  423.394361][ T9887] syz.4.832 (9887) used greatest stack depth: 17608 bytes left
[  424.102861][ T9905] syzkaller0: entered promiscuous mode
[  424.110577][ T9905] syzkaller0: entered allmulticast mode
[  425.693900][ T9932] netlink: 308 bytes leftover after parsing attributes in process `syz.4.851'.
[  426.019034][ T9939] dvmrp0: entered allmulticast mode
[  426.816811][ T9947] syzkaller0: entered promiscuous mode
[  426.831447][ T9947] syzkaller0: entered allmulticast mode
[  427.473376][ T9961] syzkaller0: entered promiscuous mode
[  427.478949][ T9961] syzkaller0: entered allmulticast mode
[  428.002604][ T9983] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  428.017193][ T9983] syzkaller0: entered promiscuous mode
[  428.022984][ T9983] syzkaller0: entered allmulticast mode
[  428.109020][ T9985] wg1: entered promiscuous mode
[  428.126773][ T9985] wg1: entered allmulticast mode
[  428.358211][ T9998] syzkaller0: entered promiscuous mode
[  428.364347][ T9998] syzkaller0: entered allmulticast mode
[  428.635364][T10006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.878'.
[  428.650286][T10006] 8021q: VLANs not supported on ip6gre0
[  428.988991][T10018] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  429.032086][T10024] syzkaller0: entered promiscuous mode
[  429.046594][T10024] syzkaller0: entered allmulticast mode
[  429.468074][T10032] syzkaller0: entered promiscuous mode
[  429.495112][T10032] syzkaller0: entered allmulticast mode
[  431.360230][T10062] netlink: 16 bytes leftover after parsing attributes in process `syz.0.896'.
[  431.401926][T10068] IPVS: sync thread started: state = BACKUP, mcast_ifn = batadv0, syncid = 0, id = 0
[  432.009348][T10083] loop3: detected capacity change from 0 to 4096
[  432.050100][T10083] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  432.063782][T10083] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  432.073692][T10083] NILFS (loop3): mounting unchecked fs
[  432.119261][T10083] NILFS (loop3): recovery complete
[  432.191888][T10084] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  432.619661][ T5862] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  432.874203][ T5862] usb 4-1: unable to get BOS descriptor or descriptor too short
[  432.904558][ T5862] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  432.916835][T10090] bridge0: port 2(bridge_slave_1) entered disabled state
[  432.922317][ T5862] usb 4-1: config 1 has no interface number 1
[  432.930098][ T5862] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  432.998567][ T5862] usb 4-1: config 1 interface 0 has no altsetting 0
[  433.015235][ T5862] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  433.036341][ T5862] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  433.045212][T10092] syzkaller0: entered promiscuous mode
[  433.063697][T10092] syzkaller0: entered allmulticast mode
[  433.066270][ T5862] usb 4-1: Product: syz
[  433.089494][ T5862] usb 4-1: Manufacturer: syz
[  433.094524][ T5862] usb 4-1: SerialNumber: syz
[  433.441477][    C0] hrtimer: interrupt took 105160 ns
[  434.176155][T10108] netlink: 'syz.4.911': attribute type 10 has an invalid length.
[  434.204610][T10108] netlink: 40 bytes leftover after parsing attributes in process `syz.4.911'.
[  434.236814][T10108] dummy0: entered promiscuous mode
[  434.262713][T10108] batman_adv: batadv0: Interface deactivated: dummy0
[  434.276472][T10108] batman_adv: batadv0: Removing interface: dummy0
[  434.307989][T10108] bridge0: port 3(dummy0) entered blocking state
[  434.325848][T10108] bridge0: port 3(dummy0) entered disabled state
[  434.355820][T10108] dummy0: entered allmulticast mode
[  434.774741][ T5862] smsusb:smsusb_probe: board id=8, interface number 0
[  434.812973][ T5862] smsusb:smsusb_probe: board id=8, interface number 44
[  434.874702][ T5862] usb 4-1: USB disconnect, device number 3
[  435.047247][T10127] syzkaller0: entered promiscuous mode
[  435.056112][T10127] syzkaller0: entered allmulticast mode
[  435.487601][T10138] netlink: 20 bytes leftover after parsing attributes in process `syz.3.921'.
[  436.112857][T10155] loop3: detected capacity change from 0 to 4096
[  436.168124][T10155] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  436.185505][T10155] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  436.195365][T10155] NILFS (loop3): mounting unchecked fs
[  436.241560][T10155] NILFS (loop3): recovery complete
[  436.314998][T10157] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  436.662715][  T966] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  436.960726][  T966] usb 4-1: unable to get BOS descriptor or descriptor too short
[  436.991883][  T966] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  437.000052][  T966] usb 4-1: config 1 has no interface number 1
[  437.040286][  T966] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  437.066707][  T966] usb 4-1: config 1 interface 0 has no altsetting 0
[  437.089886][  T966] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  437.099346][  T966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  437.107709][  T966] usb 4-1: Product: syz
[  437.112079][  T966] usb 4-1: Manufacturer: syz
[  437.116716][  T966] usb 4-1: SerialNumber: syz
[  437.908017][T10174] netlink: 12 bytes leftover after parsing attributes in process `syz.4.931'.
[  438.024899][T10176] netlink: 788 bytes leftover after parsing attributes in process `syz.4.932'.
[  438.511162][T10184] block nbd7: not configured, cannot reconfigure
[  438.838777][  T966] smsusb:smsusb_probe: board id=8, interface number 0
[  438.862080][  T966] smsusb:smsusb_probe: board id=8, interface number 44
[  438.881341][  T966] usb 4-1: USB disconnect, device number 4
[  439.001960][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  439.728179][T10213] loop4: detected capacity change from 0 to 256
[  439.745088][T10213] exfat: Deprecated parameter 'namecase'
[  439.751116][T10213] exfat: Deprecated parameter 'namecase'
[  439.798076][T10213] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  439.849172][T10213] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  440.383487][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  440.391611][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  442.167134][T10254] syzkaller1: entered allmulticast mode
[  442.346236][T10256] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  442.392766][T10256] syzkaller0: entered promiscuous mode
[  442.398402][T10256] syzkaller0: entered allmulticast mode
[  446.703662][T10291] netlink: 8 bytes leftover after parsing attributes in process `syz.4.975'.
[  446.749484][T10291] netlink: 'syz.4.975': attribute type 1 has an invalid length.
[  446.794802][T10291] netlink: 'syz.4.975': attribute type 2 has an invalid length.
[  446.831677][T10297] tipc: Started in network mode
[  446.836985][T10297] tipc: Node identity 12dbef1a0683, cluster identity 4711
[  446.855450][T10297] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  446.886516][T10293] tipc: Resetting bearer <eth:syzkaller0>
[  447.012176][T10292] tipc: Disabling bearer <eth:syzkaller0>
[  447.346670][T10320] netlink: 28 bytes leftover after parsing attributes in process `syz.0.988'.
[  447.356326][T10320] netlink: 28 bytes leftover after parsing attributes in process `syz.0.988'.
[  447.370998][T10320] gretap0: entered promiscuous mode
[  447.378419][T10320] gretap0: left promiscuous mode
[  447.401204][T10319] syzkaller0: entered promiscuous mode
[  447.408365][T10319] syzkaller0: entered allmulticast mode
[  448.279799][T10346] netlink: 28 bytes leftover after parsing attributes in process `syz.0.998'.
[  448.307368][T10346] netlink: 'syz.0.998': attribute type 7 has an invalid length.
[  448.322280][T10346] netlink: 4 bytes leftover after parsing attributes in process `syz.0.998'.
[  448.388978][T10348] Bluetooth: MGMT ver 1.22
[  448.771801][T10363] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  448.793415][T10363] tipc: Resetting bearer <eth:syzkaller0>
[  448.822631][T10362] tipc: Disabling bearer <eth:syzkaller0>
[  449.489292][T10358] loop7: detected capacity change from 0 to 40427
[  449.526517][T10358] F2FS-fs (loop7): invalid crc value
[  449.598189][T10358] F2FS-fs (loop7): Found nat_bits in checkpoint
[  449.807947][T10358] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  449.919678][T10358] syz.7.1004: attempt to access beyond end of device
[  449.919678][T10358] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  450.924672][ T7609] syz-executor: attempt to access beyond end of device
[  450.924672][ T7609] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  450.944765][ T7609] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  451.117298][T10411] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1021'.
[  451.126823][T10411] netlink: 'syz.3.1021': attribute type 7 has an invalid length.
[  451.135202][T10411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1021'.
[  451.250852][T10413] syzkaller0: entered promiscuous mode
[  451.256876][T10413] syzkaller0: entered allmulticast mode
[  452.934653][T10460] netlink: 'syz.4.1037': attribute type 1 has an invalid length.
[  453.025967][T10460] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  453.054363][T10460] 8021q: adding VLAN 0 to HW filter on device bond1
[  453.065801][ T2961] net_ratelimit: 10 callbacks suppressed
[  453.065819][ T2961] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  453.115730][T10460] veth3: entered promiscuous mode
[  453.125606][T10460] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  453.194896][   T11] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  454.079737][T10488] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1047'.
[  454.089829][T10488] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1047'.
[  454.134727][T10489] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1047'.
[  454.171996][T10489] netlink: 24 bytes leftover after parsing attributes in process `syz.0.1047'.
[  454.449952][T10495] bridge1: entered allmulticast mode
[  455.344486][T10525] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -2
[  456.365752][T10541] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1065'.
[  458.516149][T10559] loop4: detected capacity change from 0 to 40427
[  458.547860][T10559] F2FS-fs (loop4): invalid crc value
[  458.584287][T10559] F2FS-fs (loop4): Found nat_bits in checkpoint
[  458.631863][T10569] netlink: 60 bytes leftover after parsing attributes in process `syz.7.1076'.
[  458.728639][T10571] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  458.767613][T10571] tipc: Resetting bearer <eth:syzkaller0>
[  458.805929][T10559] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  458.866819][T10576] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1079'.
[  458.878927][T10570] tipc: Disabling bearer <eth:syzkaller0>
[  458.887192][T10559] syz.4.1073: attempt to access beyond end of device
[  458.887192][T10559] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  458.974278][T10578] syzkaller0: entered promiscuous mode
[  459.004592][T10578] syzkaller0: entered allmulticast mode
[  459.291265][T10590] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1086'.
[  459.300508][T10590] netlink: 'syz.7.1086': attribute type 7 has an invalid length.
[  459.308604][T10590] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1086'.
[  459.325457][T10590] syz_tun: entered promiscuous mode
[  459.333673][T10590] syz_tun: left promiscuous mode
[  459.338069][T10592] netlink: 60 bytes leftover after parsing attributes in process `syz.0.1087'.
[  459.494471][ T9332] syz-executor: attempt to access beyond end of device
[  459.494471][ T9332] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  459.516379][ T9332] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  459.773696][T10601] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1092'.
[  459.790984][T10601] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1092'.
[  459.953687][T10606] loop7: detected capacity change from 0 to 512
[  459.977973][T10606] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  459.992175][T10606] EXT4-fs (loop7): orphan cleanup on readonly fs
[  460.030298][T10606] EXT4-fs warning (device loop7): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  460.044488][T10609] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1095'.
[  460.156936][T10606] EXT4-fs (loop7): Cannot turn on quotas: error -22
[  460.174090][T10606] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #13: comm syz.7.1094: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  460.237496][T10606] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.1094: couldn't read orphan inode 13 (err -117)
[  460.257501][T10613] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1089'.
[  460.278463][T10606] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  460.434496][T10617] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1099'.
[  460.448967][T10617] 8021q: VLANs not supported on ip6gre0
[  460.581671][  T966] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  460.850239][T10625] loop4: detected capacity change from 0 to 4096
[  460.892518][T10625] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  460.906044][T10625] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 4096)
[  460.917875][T10625] NILFS (loop4): mounting unchecked fs
[  460.990005][T10625] NILFS (loop4): recovery complete
[  461.070929][T10626] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  461.381784][  T786] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  461.513745][  T966] usb 8-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  461.541911][  T966] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  461.563278][  T966] usb 8-1: config 0 descriptor??
[  461.614612][T10630] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1103'.
[  461.623953][T10630] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1103'.
[  461.696813][  T786] usb 5-1: unable to get BOS descriptor or descriptor too short
[  461.716459][  T786] usb 5-1: config 1 has an invalid interface number: 44 but max is 1
[  461.751631][  T786] usb 5-1: config 1 has no interface number 1
[  461.772644][  T786] usb 5-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  461.811565][  T786] usb 5-1: config 1 interface 0 has no altsetting 0
[  461.838984][  T786] usb 5-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  461.858506][  T786] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  461.871709][  T786] usb 5-1: Product: syz
[  461.875959][  T786] usb 5-1: Manufacturer: syz
[  461.918435][  T786] usb 5-1: SerialNumber: syz
[  462.076337][T10635] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  462.090680][T10635] tipc: Resetting bearer <eth:syzkaller0>
[  462.318770][T10634] tipc: Disabling bearer <eth:syzkaller0>
[  462.727683][  T966] asus 0003:0B05:19B6.0004: unknown main item tag 0x4
[  462.742831][  T966] asus 0003:0B05:19B6.0004: item fetching failed at offset 6/7
[  462.751716][  T966] asus 0003:0B05:19B6.0004: Asus hid parse failed: -22
[  462.758791][  T966] asus: probe of 0003:0B05:19B6.0004 failed with error -22
[  463.669137][  T786] smsusb:smsusb_probe: board id=8, interface number 0
[  463.761747][  T786] smsusb:smsusb_probe: board id=8, interface number 44
[  463.779362][  T786] usb 5-1: USB disconnect, device number 4
[  464.049976][ T5879] usb 8-1: USB disconnect, device number 2
[  464.092999][ T7609] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  465.011755][T10669] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.175290][T10669] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.350913][T10669] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.521905][  T966] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  465.537122][T10675] loop4: detected capacity change from 0 to 40427
[  465.547549][T10669] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  465.565692][T10675] F2FS-fs (loop4): invalid crc value
[  465.594890][T10675] F2FS-fs (loop4): Found nat_bits in checkpoint
[  465.687814][T10687] loop7: detected capacity change from 0 to 256
[  465.746792][  T966] usb 1-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  465.767659][  T966] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  465.780708][T10687] exfat: Deprecated parameter 'namecase'
[  465.790743][T10687] exfat: Deprecated parameter 'namecase'
[  465.826137][  T966] usb 1-1: config 0 descriptor??
[  465.947679][T10675] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  465.986730][T10669] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  466.039199][T10669] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  466.231107][T10687] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  467.043408][T10669] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  467.052411][T10675] syz.4.1119: attempt to access beyond end of device
[  467.052411][T10675] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  467.148183][T10669] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  467.179110][T10687] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  467.780211][ T9332] syz-executor: attempt to access beyond end of device
[  467.780211][ T9332] loop4: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  467.811620][T10696] __nla_validate_parse: 2 callbacks suppressed
[  467.811638][T10696] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1124'.
[  467.839581][ T9332] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  468.230533][  T966] usbhid 1-1:0.0: can't add hid device: -71
[  468.258926][  T966] usbhid: probe of 1-1:0.0 failed with error -71
[  468.309438][  T966] usb 1-1: USB disconnect, device number 3
[  469.227817][T10730] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1136'.
[  469.449179][T10732] netlink: 32 bytes leftover after parsing attributes in process `syz.0.1137'.
[  469.464936][T10735] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  470.451554][   T50] Bluetooth: hci3: link tx timeout
[  470.456758][   T50] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  470.464670][ T5798] Bluetooth: hci3: link tx timeout
[  470.469838][ T5798] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  470.482702][ T5798] Bluetooth: hci3: link tx timeout
[  470.487896][ T5798] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  470.495861][ T5798] Bluetooth: hci3: link tx timeout
[  470.501015][ T5798] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  470.541660][ T5798] Bluetooth: hci3: link tx timeout
[  470.546942][ T5798] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  470.555080][ T5798] Bluetooth: hci3: link tx timeout
[  470.565052][ T5798] Bluetooth: hci3: killing stalled connection 10:aa:aa:aa:aa:aa
[  470.586162][T10768] netlink: 32 bytes leftover after parsing attributes in process `syz.7.1148'.
[  471.236563][T10791] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1158'.
[  471.249579][T10786] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1155'.
[  471.283158][T10786] 8021q: VLANs not supported on ip6tnl0
[  471.374093][T10794] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  471.388776][T10794] tipc: Resetting bearer <eth:syzkaller0>
[  471.437271][T10793] tipc: Disabling bearer <eth:syzkaller0>
[  472.323725][T10788] loop7: detected capacity change from 0 to 40427
[  472.380562][T10788] F2FS-fs (loop7): invalid crc value
[  472.405279][T10788] F2FS-fs (loop7): Found nat_bits in checkpoint
[  472.522390][ T5798] Bluetooth: hci3: command 0x0406 tx timeout
[  472.773690][T10788] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  472.966925][T10819] syz.7.1156: attempt to access beyond end of device
[  472.966925][T10819] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  473.007541][T10818] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1167'.
[  473.215624][T10821] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1168'.
[  473.231029][T10821] 8021q: VLANs not supported on ip6tnl0
[  473.354773][T10822] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  473.419650][T10825] netlink: 'syz.3.1170': attribute type 11 has an invalid length.
[  473.428055][T10825] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1170'.
[  473.695809][T10829] tipc: Enabled bearer <udp:syz2>, priority 10
[  473.859253][ T7609] syz-executor: attempt to access beyond end of device
[  473.859253][ T7609] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  473.877249][ T7609] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  474.089007][T10834] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1175'.
[  474.098692][T10834] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1175'.
[  474.260628][T10838] loop3: detected capacity change from 0 to 512
[  474.282359][T10838] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  474.296578][T10838] EXT4-fs (loop3): orphan cleanup on readonly fs
[  474.325159][T10838] EXT4-fs warning (device loop3): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  474.349295][T10838] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  474.365169][T10838] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.1177: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  474.428864][T10838] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1177: couldn't read orphan inode 13 (err -117)
[  474.512368][T10838] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  474.597219][T10846] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1178'.
[  474.613701][T10846] 8021q: VLANs not supported on ip6tnl0
[  474.718212][T10848] netlink: 'syz.7.1179': attribute type 11 has an invalid length.
[  474.727820][ T5880] tipc: Node number set to 341372698
[  474.911542][ T9131] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  474.936797][T10857] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1182'.
[  475.103629][ T9131] usb 4-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  475.139893][ T9131] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  475.170272][ T9131] usb 4-1: config 0 descriptor??
[  477.000844][T10877] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  477.011864][T10877] syzkaller0: entered promiscuous mode
[  477.017689][T10877] syzkaller0: entered allmulticast mode
[  477.073497][T10876] tipc: Resetting bearer <eth:syzkaller0>
[  477.139320][T10876] tipc: Disabling bearer <eth:syzkaller0>
[  477.483800][ T9131] usbhid 4-1:0.0: can't add hid device: -71
[  477.489918][ T9131] usbhid: probe of 4-1:0.0 failed with error -71
[  477.505095][ T9131] usb 4-1: USB disconnect, device number 5
[  477.534326][ T9329] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  477.699997][T10882] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1190'.
[  477.736598][T10882] 8021q: VLANs not supported on ip6tnl0
[  477.872505][T10884] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1192'.
[  477.921901][T10886] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1191'.
[  478.070061][T10892] netdevsim netdevsim0 netdevsim0: entered allmulticast mode
[  478.174723][T10896] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  478.192096][T10896] syzkaller0: entered promiscuous mode
[  478.197651][T10896] syzkaller0: entered allmulticast mode
[  478.227636][T10895] tipc: Resetting bearer <eth:syzkaller0>
[  478.246512][T10898] loop7: detected capacity change from 0 to 512
[  478.279347][T10895] tipc: Disabling bearer <eth:syzkaller0>
[  478.294833][T10898] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  478.333572][T10898] EXT4-fs (loop7): orphan cleanup on readonly fs
[  478.397942][T10898] EXT4-fs warning (device loop7): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  478.492816][T10898] EXT4-fs (loop7): Cannot turn on quotas: error -22
[  478.508075][T10898] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #13: comm syz.7.1198: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  478.545221][T10898] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.1198: couldn't read orphan inode 13 (err -117)
[  478.579348][T10898] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  478.638231][T10911] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1201'.
[  478.659757][T10911] 8021q: VLANs not supported on ip6tnl0
[  478.902011][ T5880] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  479.069398][T10918] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1204'.
[  479.107845][ T5880] usb 8-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  479.152942][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  479.186575][ T5880] usb 8-1: config 0 descriptor??
[  479.483067][T10926] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  479.491005][T10926] syzkaller0: entered promiscuous mode
[  479.640192][T10926] syzkaller0: entered allmulticast mode
[  480.527302][T10928] tipc: Resetting bearer <eth:syzkaller0>
[  480.550239][T10925] tipc: Resetting bearer <eth:syzkaller0>
[  480.604911][T10925] tipc: Disabling bearer <eth:syzkaller0>
[  481.345608][T10942] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1212'.
[  481.356488][T10942] 8021q: VLANs not supported on ip6tnl0
[  481.498268][ T5880] usbhid 8-1:0.0: can't add hid device: -71
[  481.505103][ T5880] usbhid: probe of 8-1:0.0 failed with error -71
[  481.519590][ T5880] usb 8-1: USB disconnect, device number 3
[  481.575304][ T7609] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  482.005526][T10961] netlink: 14560 bytes leftover after parsing attributes in process `syz.3.1220'.
[  482.213367][T10966] loop4: detected capacity change from 0 to 512
[  482.245986][T10966] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  482.271823][T10966] EXT4-fs (loop4): orphan cleanup on readonly fs
[  482.296207][T10966] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  482.318658][T10966] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  482.339846][T10966] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.1222: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  482.367649][T10966] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1222: couldn't read orphan inode 13 (err -117)
[  482.427423][T10966] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  482.701439][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  482.711932][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  482.724605][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  482.734029][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  482.743871][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  482.753395][T10981] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1227'.
[  482.832023][ T5794] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  483.035007][ T5794] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  483.044598][ T5794] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  483.062673][ T5794] usb 5-1: config 0 descriptor??
[  484.281493][ T5798] Bluetooth: hci3: command 0x0406 tx timeout
[  484.355928][ T5794] asus 0003:0B05:19B6.0005: unknown main item tag 0x4
[  484.363757][ T5794] asus 0003:0B05:19B6.0005: item fetching failed at offset 6/7
[  484.379809][ T5794] asus 0003:0B05:19B6.0005: Asus hid parse failed: -22
[  484.388272][ T5794] asus: probe of 0003:0B05:19B6.0005 failed with error -22
[  485.448249][ T5879] usb 5-1: USB disconnect, device number 5
[  485.466230][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  485.541326][T10998] loop7: detected capacity change from 0 to 40427
[  485.578098][T10998] F2FS-fs (loop7): invalid crc value
[  485.604565][T10998] F2FS-fs (loop7): Found nat_bits in checkpoint
[  485.630428][T11004] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  485.651915][T11004] syzkaller0: entered promiscuous mode
[  485.657914][T11004] syzkaller0: entered allmulticast mode
[  485.771570][T10998] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e5
[  485.785787][T11004] tipc: Resetting bearer <eth:syzkaller0>
[  485.827198][T11003] tipc: Resetting bearer <eth:syzkaller0>
[  485.892884][T11003] tipc: Disabling bearer <eth:syzkaller0>
[  485.922417][T11012] syz.7.1231: attempt to access beyond end of device
[  485.922417][T11012] loop7: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  486.563311][T11031] smc: net device bond0 applied user defined pnetid SYZ0
[  486.563857][T11033] syzkaller0: entered promiscuous mode
[  486.572587][T11031] smc: net device bond0 erased user defined pnetid SYZ0
[  486.595596][T11033] syzkaller0: entered allmulticast mode
[  486.719038][ T7609] syz-executor: attempt to access beyond end of device
[  486.719038][ T7609] loop7: rw=2049, sector=45104, nr_sectors = 8 limit=40427
[  486.752650][ T7609] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[  486.940097][T11040] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1247'.
[  486.964256][T11040] netlink: 'syz.0.1247': attribute type 1 has an invalid length.
[  486.981499][T11040] netlink: 'syz.0.1247': attribute type 2 has an invalid length.
[  487.415160][T11051] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1245'.
[  487.428200][T11051] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.764456][T11064] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1256'.
[  488.612941][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  488.984276][T11096] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1266'.
[  489.212351][T11098] syzkaller0: entered promiscuous mode
[  489.218815][T11098] syzkaller0: entered allmulticast mode
[  490.423665][T11129] loop4: detected capacity change from 0 to 512
[  490.451285][T11129] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  490.473731][T11129] EXT4-fs (loop4): orphan cleanup on readonly fs
[  490.491996][T11129] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  490.522218][T11129] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  490.537975][T11129] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.1280: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  490.594809][T11129] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1280: couldn't read orphan inode 13 (err -117)
[  490.614583][T11129] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  490.682124][ T5798] Bluetooth: hci3: command 0x0406 tx timeout
[  490.921595][ T9131] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  491.108053][T11142] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1285'.
[  491.114385][ T9131] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  491.138878][ T9131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  491.166696][ T9131] usb 5-1: config 0 descriptor??
[  491.545165][T11146] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1287'.
[  491.583521][T11146] 8021q: VLANs not supported on ip6tnl0
[  492.771502][ T5798] Bluetooth: hci3: command 0x0406 tx timeout
[  493.601919][ T9131] usbhid 5-1:0.0: can't add hid device: -71
[  493.608016][ T9131] usbhid: probe of 5-1:0.0 failed with error -71
[  493.639039][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  493.666201][ T9131] usb 5-1: USB disconnect, device number 6
[  493.808710][T11169] syzkaller0: entered promiscuous mode
[  493.825854][T11169] syzkaller0: entered allmulticast mode
[  494.143281][T11173] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1297'.
[  494.172863][T11173] 8021q: VLANs not supported on ip6tnl0
[  496.396983][T11188] loop7: detected capacity change from 0 to 512
[  496.832561][T11194] loop3: detected capacity change from 0 to 4096
[  497.301469][T11194] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  497.319435][T11194] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  497.329248][T11194] NILFS (loop3): mounting unchecked fs
[  498.494146][T11194] NILFS (loop3): recovery complete
[  498.513619][T11197] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  498.532033][T11188] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  498.540952][T11188] EXT4-fs (loop7): orphan cleanup on readonly fs
[  498.563872][T11188] EXT4-fs warning (device loop7): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  498.596573][T11188] EXT4-fs (loop7): Cannot turn on quotas: error -22
[  498.608870][T11188] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #13: comm syz.7.1302: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  498.652725][T11188] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.1302: couldn't read orphan inode 13 (err -117)
[  498.679705][T11188] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  498.982113][    T8] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  499.201586][ T9131] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  499.311852][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  499.330231][    T8] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  499.360583][    T8] usb 4-1: config 1 has no interface number 1
[  499.370892][    T8] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  499.391315][    T8] usb 4-1: config 1 interface 0 has no altsetting 0
[  499.408083][    T8] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  499.417553][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.445743][    T8] usb 4-1: Product: syz
[  499.449983][    T8] usb 4-1: Manufacturer: syz
[  499.461931][    T8] usb 4-1: SerialNumber: syz
[  499.626101][    T8] smsusb:smsusb_probe: board id=8, interface number 0
[  499.638045][ T9131] usb 8-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  499.651433][ T9131] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  499.689376][    T8] smsusb:smsusb_probe: board id=8, interface number 44
[  499.713331][ T9131] usb 8-1: config 0 descriptor??
[  499.722179][    T8] usb 4-1: USB disconnect, device number 6
[  499.934581][T11208] veth3: entered promiscuous mode
[  499.947865][T11208] bond0: (slave veth3): Enslaving as an active interface with an up link
[  499.958426][ T9131] usbhid 8-1:0.0: can't add hid device: -71
[  499.968730][ T9131] usbhid: probe of 8-1:0.0 failed with error -71
[  499.981995][ T7609] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  499.993181][ T9131] usb 8-1: USB disconnect, device number 4
[  500.517347][T11224] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  500.524180][T11195] Bluetooth: hci2: command 0x0406 tx timeout
[  500.542645][T11224] syzkaller0: entered promiscuous mode
[  500.544475][T11225] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1314'.
[  500.548304][T11224] syzkaller0: entered allmulticast mode
[  500.575003][T11224] tipc: Resetting bearer <eth:syzkaller0>
[  500.593845][T11222] tipc: Resetting bearer <eth:syzkaller0>
[  500.634111][T11222] tipc: Disabling bearer <eth:syzkaller0>
[  500.648778][T11227] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1314'.
[  500.668010][T11227] netlink: 34 bytes leftover after parsing attributes in process `syz.4.1314'.
[  500.802305][T11230] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1316'.
[  500.811863][T11230] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1316'.
[  500.828094][T11230] syz_tun: entered promiscuous mode
[  500.837015][T11230] syz_tun: left promiscuous mode
[  501.810264][ T1282] ieee802154 phy0 wpan0: encryption failed: -22
[  501.816919][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  502.124084][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  502.382808][T11260] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1327'.
[  502.394191][T11260] netlink: 'syz.0.1327': attribute type 1 has an invalid length.
[  502.403448][T11260] netlink: 'syz.0.1327': attribute type 2 has an invalid length.
[  502.615388][T11262] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1326'.
[  502.658979][T11262] 8021q: VLANs not supported on ip6tnl0
[  502.993620][T11272] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1332'.
[  503.021596][T11272] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1332'.
[  503.466078][T11284] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1336'.
[  503.489330][T11284] netlink: 'syz.7.1336': attribute type 1 has an invalid length.
[  503.521511][T11284] netlink: 'syz.7.1336': attribute type 2 has an invalid length.
[  505.329755][T11330] syz_tun: entered promiscuous mode
[  505.510767][T11330] syz_tun: left promiscuous mode
[  506.536192][T11370] __nla_validate_parse: 2 callbacks suppressed
[  506.536211][T11370] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1371'.
[  506.595984][T11373] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1372'.
[  506.606524][T11373] 8021q: VLANs not supported on ip6gre0
[  506.642714][T11370] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1371'.
[  507.722158][T11403] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1383'.
[  507.732246][T11403] 8021q: VLANs not supported on ip6gre0
[  508.050365][T11417] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1390'.
[  508.919153][T11426] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1393'.
[  508.982456][T11426] 8021q: VLANs not supported on ip6gre0
[  509.156728][T11436] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1400'.
[  509.642475][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  509.949713][T11472] ax25_connect(): syz.0.1410 uses autobind, please contact jreuter@yaina.de
[  510.088722][T11477] loop4: detected capacity change from 0 to 256
[  510.215302][T11477] exfat: Deprecated parameter 'namecase'
[  510.221253][T11477] exfat: Deprecated parameter 'namecase'
[  510.672806][T11477] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  511.289072][T11502] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  511.299246][T11502] syzkaller0: entered promiscuous mode
[  511.306474][T11502] syzkaller0: entered allmulticast mode
[  511.350110][T11502] tipc: Resetting bearer <eth:syzkaller0>
[  511.368130][T11504] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1420'.
[  511.386200][T11501] tipc: Resetting bearer <eth:syzkaller0>
[  511.424741][T11501] tipc: Disabling bearer <eth:syzkaller0>
[  511.721753][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  511.758318][T11510] syzkaller0: entered promiscuous mode
[  511.771761][T11510] syzkaller0: entered allmulticast mode
[  512.339237][T11523] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1429'.
[  512.454843][T11525] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  512.523044][T11525] syzkaller0: entered promiscuous mode
[  512.528790][T11525] syzkaller0: entered allmulticast mode
[  512.621931][T11525] tipc: Resetting bearer <eth:syzkaller0>
[  512.844572][T11524] tipc: Resetting bearer <eth:syzkaller0>
[  513.114706][T11524] tipc: Disabling bearer <eth:syzkaller0>
[  513.543163][T11540] syzkaller0: entered promiscuous mode
[  513.549132][T11540] syzkaller0: entered allmulticast mode
[  513.653683][T11543] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1437'.
[  513.994791][T11552] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1441'.
[  514.633282][T11557] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1443'.
[  514.657948][T11548] loop7: detected capacity change from 0 to 32768
[  514.689161][T11557] 8021q: VLANs not supported on ip6gre0
[  514.706031][T11548] NILFS (loop7): unrecognized mount option ""
[  515.909731][T11569] syzkaller0: entered promiscuous mode
[  515.915572][T11569] syzkaller0: entered allmulticast mode
[  515.965562][T11573] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1450'.
[  516.294687][T11584] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1455'.
[  516.323524][T11584] netlink: 'syz.3.1455': attribute type 1 has an invalid length.
[  516.365177][T11584] netlink: 'syz.3.1455': attribute type 2 has an invalid length.
[  516.522694][T11588] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1457'.
[  516.641926][T11588] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.662442][T11592] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1458'.
[  516.675122][T11592] 8021q: VLANs not supported on ip6gre0
[  516.680910][T11595] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1460'.
[  516.775537][T11588] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  516.944714][T11588] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.070681][T11588] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  517.209964][T11615] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1468'.
[  517.232168][T11615] netlink: 'syz.3.1468': attribute type 1 has an invalid length.
[  517.241304][T11615] netlink: 'syz.3.1468': attribute type 2 has an invalid length.
[  517.336734][T11588] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  517.396525][T11588] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  517.448754][T11588] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  517.511748][T11588] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  517.722742][T11624] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1472'.
[  517.742477][T11624] 8021q: VLANs not supported on ip6gre0
[  517.928117][T11633] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1477'.
[  517.941161][T11633] netlink: 'syz.7.1477': attribute type 1 has an invalid length.
[  517.950333][T11633] netlink: 'syz.7.1477': attribute type 2 has an invalid length.
[  518.618026][T11650] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1484'.
[  518.628801][T11650] 8021q: VLANs not supported on ip6gre0
[  519.067207][T11658] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1488'.
[  519.151499][T11658] netlink: 'syz.4.1488': attribute type 1 has an invalid length.
[  519.169662][T11658] netlink: 'syz.4.1488': attribute type 2 has an invalid length.
[  519.609765][T11670] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1493'.
[  519.632947][T11670] 8021q: VLANs not supported on ip6gre0
[  519.653640][T11672] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1495'.
[  519.891653][T11682] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1500'.
[  519.911468][T11682] netlink: 'syz.3.1500': attribute type 1 has an invalid length.
[  519.931508][T11682] netlink: 'syz.3.1500': attribute type 2 has an invalid length.
[  520.559986][T11710] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1507'.
[  520.642503][T11710] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1507'.
[  520.794613][T11717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1510'.
[  520.884274][T11723] loop4: detected capacity change from 0 to 256
[  520.897429][T11723] exfat: Deprecated parameter 'namecase'
[  520.905723][T11723] exfat: Deprecated parameter 'namecase'
[  520.974143][T11723] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  521.222454][T11730] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  522.655618][T11753] validate_nla: 2 callbacks suppressed
[  522.655636][T11753] netlink: 'syz.3.1519': attribute type 1 has an invalid length.
[  522.701574][T11753] netlink: 'syz.3.1519': attribute type 2 has an invalid length.
[  522.993173][T11768] syzkaller0: entered promiscuous mode
[  523.021610][T11768] syzkaller0: entered allmulticast mode
[  523.756797][T11795] __nla_validate_parse: 3 callbacks suppressed
[  523.756821][T11795] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1531'.
[  523.788875][T11795] 8021q: VLANs not supported on ip6gre0
[  523.795494][T11797] loop4: detected capacity change from 0 to 256
[  523.812683][T11797] exfat: Deprecated parameter 'namecase'
[  523.818771][T11797] exfat: Deprecated parameter 'namecase'
[  523.847840][T11797] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  524.099909][T11799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1532'.
[  524.130047][T11797] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  524.145591][T11799] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1532'.
[  524.208657][T11799] syz_tun: entered promiscuous mode
[  524.277064][T11799] syz_tun: left promiscuous mode
[  524.420196][T11804] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  524.449355][T11801] syzkaller0: entered promiscuous mode
[  524.462699][T11801] syzkaller0: entered allmulticast mode
[  524.568290][T11801] tipc: Resetting bearer <eth:syzkaller0>
[  524.596788][T11800] tipc: Resetting bearer <eth:syzkaller0>
[  524.686381][T11800] tipc: Disabling bearer <eth:syzkaller0>
[  524.878871][T11808] loop3: detected capacity change from 0 to 4096
[  525.130219][T11808] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  525.150728][T11808] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  525.160463][T11808] NILFS (loop3): mounting unchecked fs
[  525.201931][T11808] NILFS (loop3): recovery complete
[  525.261712][T11809] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  525.596409][  T966] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  525.814767][  T966] usb 4-1: unable to get BOS descriptor or descriptor too short
[  525.850260][  T966] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  525.867824][  T966] usb 4-1: config 1 has no interface number 1
[  525.878216][T11826] netlink: 'syz.0.1538': attribute type 10 has an invalid length.
[  525.883758][  T966] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  525.913543][  T966] usb 4-1: config 1 interface 0 has no altsetting 0
[  525.948759][  T966] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  525.949036][T11826] 8021q: adding VLAN 0 to HW filter on device team0
[  525.974855][T11828] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1539'.
[  525.984628][  T966] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  525.994329][T11826] bond0: (slave team0): Enslaving as an active interface with an up link
[  526.004124][  T966] usb 4-1: Product: syz
[  526.008356][  T966] usb 4-1: Manufacturer: syz
[  526.030548][  T966] usb 4-1: SerialNumber: syz
[  526.157068][T11832] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1541'.
[  526.172821][T11832] 8021q: VLANs not supported on ip6gre0
[  526.299070][T11836] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1543'.
[  526.327419][T11836] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1543'.
[  526.348876][T11836] syz_tun: entered promiscuous mode
[  526.356303][T11836] syz_tun: left promiscuous mode
[  527.697832][T11860] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1549'.
[  527.773490][  T966] smsusb:smsusb_probe: board id=8, interface number 0
[  527.793472][  T966] smsusb:smsusb_probe: board id=8, interface number 44
[  527.841570][  T966] usb 4-1: USB disconnect, device number 7
[  528.061001][T11864] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1552'.
[  528.119025][T11864] 8021q: VLANs not supported on ip6gre0
[  528.851685][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  528.983105][T11875] loop7: detected capacity change from 0 to 32768
[  529.084640][T11891] loop3: detected capacity change from 0 to 4096
[  529.117791][T11891] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  529.136509][T11891] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  529.146289][T11891] NILFS (loop3): mounting unchecked fs
[  529.371630][T11875] NILFS (loop7): unrecognized mount option ""
[  529.392317][T11891] NILFS (loop3): recovery complete
[  529.416354][T11892] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  529.738591][    T8] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  530.037944][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  530.208048][    T8] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  530.220978][    T8] usb 4-1: config 1 has no interface number 1
[  530.235259][    T8] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  530.257979][    T8] usb 4-1: config 1 interface 0 has no altsetting 0
[  530.319282][    T8] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  530.351612][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  530.377435][    T8] usb 4-1: Product: syz
[  530.382252][    T8] usb 4-1: Manufacturer: syz
[  530.386951][    T8] usb 4-1: SerialNumber: syz
[  530.772560][T11907] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1563'.
[  530.793876][T11907] 8021q: VLANs not supported on ip6gre0
[  530.921755][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  530.989092][T11913] netlink: 'syz.4.1566': attribute type 10 has an invalid length.
[  531.038431][T11913] 8021q: adding VLAN 0 to HW filter on device team0
[  531.069561][T11913] bond0: (slave team0): Enslaving as an active interface with an up link
[  531.437814][T11915] syzkaller0: entered promiscuous mode
[  531.560025][T11915] syzkaller0: entered allmulticast mode
[  532.022286][    T8] smsusb:smsusb_probe: board id=8, interface number 0
[  532.032622][    T8] smsusb:smsusb_probe: board id=8, interface number 44
[  532.059559][    T8] usb 4-1: USB disconnect, device number 8
[  532.364999][T11934] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1572'.
[  532.788201][T11927] loop3: detected capacity change from 0 to 32768
[  532.807258][T11941] netlink: 72 bytes leftover after parsing attributes in process `syz.4.1573'.
[  532.880056][T11927] NILFS (loop3): unrecognized mount option ""
[  533.034729][T11927] loop3: detected capacity change from 0 to 2048
[  533.715506][T11947] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1574'.
[  533.765988][T11947] 8021q: VLANs not supported on ip6gre0
[  533.915564][T11951] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1575'.
[  534.201541][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  534.236358][T11960] netlink: 'syz.3.1578': attribute type 10 has an invalid length.
[  535.235969][T11960] 8021q: adding VLAN 0 to HW filter on device team0
[  535.262398][T11960] bond0: (slave team0): Enslaving as an active interface with an up link
[  535.884752][T11984] syzkaller0: entered promiscuous mode
[  535.893253][T11984] syzkaller0: entered allmulticast mode
[  535.965197][T11988] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1587'.
[  536.209983][T11996] sch_fq: defrate 0 ignored.
[  536.842779][T12014] loop3: detected capacity change from 0 to 256
[  536.896233][T12014] exfat: Deprecated parameter 'namecase'
[  536.931713][T12014] exfat: Deprecated parameter 'namecase'
[  537.007316][T12014] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  537.058177][T12014] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  537.586464][T12022] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  537.721944][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  538.008483][T12029] syzkaller1: entered promiscuous mode
[  538.016529][T12029] syzkaller1: entered allmulticast mode
[  538.035981][T12031] loop7: detected capacity change from 0 to 4096
[  538.070722][T12031] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  538.081411][T12031] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 4096)
[  538.091024][T12031] NILFS (loop7): mounting unchecked fs
[  538.105305][T12031] NILFS (loop7): recovery complete
[  538.112679][T12032] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  538.409752][  T966] usb 8-1: new high-speed USB device number 5 using dummy_hcd
[  538.624577][  T966] usb 8-1: unable to get BOS descriptor or descriptor too short
[  538.645360][  T966] usb 8-1: config 1 has an invalid interface number: 44 but max is 1
[  538.671556][  T966] usb 8-1: config 1 has no interface number 1
[  538.677837][  T966] usb 8-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  538.698212][  T966] usb 8-1: config 1 interface 0 has no altsetting 0
[  538.715602][  T966] usb 8-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  538.728204][  T966] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  538.736981][  T966] usb 8-1: Product: syz
[  538.746773][  T966] usb 8-1: Manufacturer: syz
[  538.753481][  T966] usb 8-1: SerialNumber: syz
[  538.874026][T12055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1611'.
[  538.883089][T12055] netlink: del zone limit has 8 unknown bytes
[  538.988705][  T966] smsusb:smsusb_probe: board id=8, interface number 0
[  539.006458][  T966] smsusb:smsusb_probe: board id=8, interface number 44
[  539.019779][  T966] usb 8-1: USB disconnect, device number 5
[  539.952815][T12066] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1615'.
[  539.972251][T12066] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1615'.
[  539.996470][T12066] syz_tun: entered promiscuous mode
[  540.036916][T12066] syz_tun: left promiscuous mode
[  540.490677][T12082] netlink: 'syz.7.1621': attribute type 15 has an invalid length.
[  541.001837][T12096] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  541.042473][T12096] syzkaller0: entered promiscuous mode
[  541.066624][T12096] syzkaller0: entered allmulticast mode
[  541.144123][T12096] tipc: Resetting bearer <eth:syzkaller0>
[  541.154944][T12095] tipc: Resetting bearer <eth:syzkaller0>
[  541.243070][T12095] tipc: Disabling bearer <eth:syzkaller0>
[  541.268800][T12111] syzkaller0: entered promiscuous mode
[  541.274555][T12111] syzkaller0: entered allmulticast mode
[  544.753946][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  545.425102][T12166] netlink: 200 bytes leftover after parsing attributes in process `syz.7.1650'.
[  545.928398][T12182] netlink: 72 bytes leftover after parsing attributes in process `syz.7.1656'.
[  546.230878][T12194] 8021q: adding VLAN 0 to HW filter on device bond2
[  546.310536][T12198] netlink: 200 bytes leftover after parsing attributes in process `syz.4.1663'.
[  547.946112][T12173] loop3: detected capacity change from 0 to 40427
[  549.162024][T12173] F2FS-fs (loop3): invalid crc value
[  549.167731][T12173] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-4)
[  549.569578][T12222] tipc: Enabling of bearer <eth:syzk> rejected, failed to enable media
[  549.603276][T12226] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1672'.
[  549.622549][T12222] syzkaller0: entered promiscuous mode
[  549.641497][T12222] syzkaller0: entered allmulticast mode
[  550.598741][T12252] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.640567][T12256] netlink: 200 bytes leftover after parsing attributes in process `syz.3.1683'.
[  550.780947][T12252] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.805818][T12236] loop4: detected capacity change from 0 to 40427
[  550.835723][T12236] F2FS-fs (loop4): invalid crc value
[  550.876297][T12236] F2FS-fs (loop4): Found nat_bits in checkpoint
[  550.945025][T12252] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  550.989801][T12267] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  551.007184][T12261] syzkaller0: entered promiscuous mode
[  551.023848][T12236] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  551.040328][T12261] syzkaller0: entered allmulticast mode
[  551.130444][T12252] netdevsim netdevsim7 netdevsim0 (unregistering): left allmulticast mode
[  551.206229][T12252] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  551.482571][T12252] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  551.539114][T12252] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  551.589965][T12252] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  551.609433][T12279] tipc: Enabling of bearer <eth:syzkaller> rejected, failed to enable media
[  551.666679][T12252] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  551.686265][T12279] syzkaller0: entered promiscuous mode
[  551.711009][T12279] syzkaller0: entered allmulticast mode
[  552.140504][T12290] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1694'.
[  552.170087][T12291] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1693'.
[  552.427728][T12293] netlink: 'syz.3.1695': attribute type 10 has an invalid length.
[  552.732293][T12304] syzkaller1: entered promiscuous mode
[  552.747629][T12304] syzkaller1: entered allmulticast mode
[  552.895395][ T9332] syz-executor: attempt to access beyond end of device
[  552.895395][ T9332] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  552.914459][ T9332] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  553.232707][T12314] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1704'.
[  555.680521][T12371] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1721'.
[  555.737462][T12371] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1721'.
[  555.773033][T12373] loop7: detected capacity change from 0 to 4096
[  555.782922][T12373] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  555.816431][T12373] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 4096)
[  555.826292][T12373] NILFS (loop7): mounting unchecked fs
[  555.855558][T12371] syz_tun: entered promiscuous mode
[  555.872285][T12373] NILFS (loop7): recovery complete
[  555.894491][T12379] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  555.949761][T12371] syz_tun: left promiscuous mode
[  556.189279][T12378] tipc: Enabling of bearer <eth:syzkall> rejected, failed to enable media
[  556.221873][  T786] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  556.495949][  T786] usb 8-1: unable to get BOS descriptor or descriptor too short
[  556.559708][  T786] usb 8-1: config 1 has an invalid interface number: 44 but max is 1
[  556.624334][  T786] usb 8-1: config 1 has no interface number 1
[  557.105898][  T786] usb 8-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  557.146132][  T786] usb 8-1: config 1 interface 0 has no altsetting 0
[  557.159982][  T786] usb 8-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  557.169443][  T786] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  557.177676][  T786] usb 8-1: Product: syz
[  557.181973][  T786] usb 8-1: Manufacturer: syz
[  557.186591][  T786] usb 8-1: SerialNumber: syz
[  558.596238][T12415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1730'.
[  558.621541][T12415] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1730'.
[  558.664987][T12415] syz_tun: entered promiscuous mode
[  558.693397][T12415] syz_tun: left promiscuous mode
[  559.738697][  T786] smsusb:smsusb_probe: board id=8, interface number 0
[  559.777342][  T786] smsusb:smsusb_probe: board id=8, interface number 44
[  559.824828][  T786] usb 8-1: USB disconnect, device number 6
[  559.949526][T12421] loop4: detected capacity change from 0 to 40427
[  559.975905][T12421] F2FS-fs (loop4): invalid crc value
[  560.013509][T12421] F2FS-fs (loop4): Found nat_bits in checkpoint
[  560.128612][T12421] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  561.876403][ T9332] syz-executor: attempt to access beyond end of device
[  561.876403][ T9332] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  561.891246][ T9332] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  563.248535][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  565.561552][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  566.521029][T12608] netlink: 'syz.3.1785': attribute type 4 has an invalid length.
[  567.228892][T12601] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  567.256626][T12632] loop7: detected capacity change from 0 to 256
[  567.278527][T12632] exfat: Deprecated parameter 'namecase'
[  567.291811][T12632] exfat: Deprecated parameter 'namecase'
[  567.496962][T12632] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  567.641558][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  567.716743][T12632] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  569.189621][T12685] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1809'.
[  569.232398][T12685] netlink: 'syz.4.1809': attribute type 1 has an invalid length.
[  569.266698][T12685] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1809'.
[  569.721616][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  569.875163][T12715] syzkaller1: entered promiscuous mode
[  569.887603][T12715] syzkaller1: entered allmulticast mode
[  570.406691][T12729] IPVS: Scheduler module ip_vs_sip not found
[  571.027868][T12756] loop7: detected capacity change from 0 to 4096
[  571.045257][T12756] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  571.056194][T12756] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 4096)
[  571.068929][T12756] NILFS (loop7): mounting unchecked fs
[  571.094816][T12756] NILFS (loop7): recovery complete
[  571.103826][T12760] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  571.411456][  T786] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  571.495445][T12763] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  571.578676][T12763] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98
[  571.618464][  T786] usb 8-1: unable to get BOS descriptor or descriptor too short
[  571.647071][  T786] usb 8-1: config 1 has an invalid interface number: 44 but max is 1
[  571.675642][  T786] usb 8-1: config 1 has no interface number 1
[  571.720847][  T786] usb 8-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  571.801513][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  571.804479][  T786] usb 8-1: config 1 interface 0 has no altsetting 0
[  571.869886][  T786] usb 8-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  571.917542][  T786] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  571.965296][  T786] usb 8-1: Product: syz
[  571.981432][  T786] usb 8-1: Manufacturer: syz
[  571.986108][  T786] usb 8-1: SerialNumber: syz
[  572.171646][T12774] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1832'.
[  573.813142][T12806] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1843'.
[  573.881512][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  574.390059][T12822] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1852'.
[  574.503327][T12824] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  574.581943][  T786] smsusb:smsusb_probe: board id=8, interface number 0
[  574.605911][  T786] smsusb:smsusb_probe: board id=8, interface number 44
[  574.619970][  T786] usb 8-1: USB disconnect, device number 7
[  574.640454][T12824] syzkaller0: entered promiscuous mode
[  574.659438][T12824] syzkaller0: entered allmulticast mode
[  574.667889][T12824] tipc: Resetting bearer <eth:syzkaller0>
[  574.697507][T12830] syzkaller0: entered promiscuous mode
[  574.707076][T12830] syzkaller0: entered allmulticast mode
[  574.724496][T12828] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1854'.
[  574.741499][T12828] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1854'.
[  574.766918][T12828] syz_tun: entered promiscuous mode
[  574.775620][T12828] syz_tun: left promiscuous mode
[  574.795650][T12823] tipc: Resetting bearer <eth:syzkaller0>
[  574.799749][T12833] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1855'.
[  575.505686][  T966] tipc: Node number set to 1093252435
[  575.970901][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  577.515385][T12823] tipc: Disabling bearer <eth:syzkaller0>
[  578.006045][T12848] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1862'.
[  578.085328][T12853] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1864'.
[  578.271681][T12859] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1866'.
[  578.324906][T12863] netlink: 'syz.3.1867': attribute type 10 has an invalid length.
[  578.695257][T12876] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1874'.
[  578.770415][T12880] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1876'.
[  578.833701][T12878] syzkaller0: entered promiscuous mode
[  578.858978][T12878] syzkaller0: entered allmulticast mode
[  578.923048][T12882] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1877'.
[  579.351728][T12893] netlink: 'syz.7.1880': attribute type 10 has an invalid length.
[  579.462830][    T8] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  579.491260][T12893] 8021q: adding VLAN 0 to HW filter on device team0
[  579.512623][T12893] bond0: (slave team0): Enslaving as an active interface with an up link
[  579.684916][    T8] usb 1-1: unable to get BOS descriptor or descriptor too short
[  579.723493][    T8] usb 1-1: config 1 has an invalid interface number: 44 but max is 1
[  579.745967][    T8] usb 1-1: config 1 has no interface number 1
[  579.772828][    T8] usb 1-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  579.811569][    T8] usb 1-1: config 1 interface 0 has no altsetting 0
[  579.826453][    T8] usb 1-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  579.851489][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  579.859654][    T8] usb 1-1: Product: syz
[  579.874627][    T8] usb 1-1: Manufacturer: syz
[  579.879329][    T8] usb 1-1: SerialNumber: syz
[  580.306019][T12906] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1886'.
[  582.094730][    T8] smsusb:smsusb_probe: board id=8, interface number 0
[  582.119823][    T8] smsusb:smsusb_probe: board id=8, interface number 44
[  582.132709][    T8] usb 1-1: USB disconnect, device number 4
[  582.997339][T12975] loop7: detected capacity change from 0 to 4096
[  583.026760][T12975] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  583.049136][T12975] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 4096)
[  583.059299][T12975] NILFS (loop7): mounting unchecked fs
[  583.097032][T12975] NILFS (loop7): recovery complete
[  583.130872][T12978] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  583.260634][T12981] netlink: 'syz.0.1906': attribute type 10 has an invalid length.
[  583.461842][ T5791] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  583.667708][ T5791] usb 8-1: unable to get BOS descriptor or descriptor too short
[  583.788002][ T5791] usb 8-1: config 1 has an invalid interface number: 44 but max is 1
[  583.827914][ T5791] usb 8-1: config 1 has no interface number 1
[  583.856563][ T5791] usb 8-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  583.874026][ T5791] usb 8-1: config 1 interface 0 has no altsetting 0
[  583.892136][ T5791] usb 8-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  583.901583][ T5791] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  583.909726][ T5791] usb 8-1: Product: syz
[  583.915202][ T5791] usb 8-1: Manufacturer: syz
[  583.920037][ T5791] usb 8-1: SerialNumber: syz
[  584.642607][T12997] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1912'.
[  584.848898][T13006] loop3: detected capacity change from 0 to 256
[  584.859663][T13006] exfat: Deprecated parameter 'namecase'
[  584.866758][T13006] exfat: Deprecated parameter 'namecase'
[  584.975498][T13006] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  585.017319][T13008] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1915'.
[  585.027033][T13008] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1915'.
[  585.043370][T13008] syz_tun: entered promiscuous mode
[  585.052258][T13008] syz_tun: left promiscuous mode
[  585.145112][T13006] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  585.928777][ T5791] smsusb:smsusb_probe: board id=8, interface number 0
[  585.961263][ T5791] smsusb:smsusb_probe: board id=8, interface number 44
[  586.004676][ T5791] usb 8-1: USB disconnect, device number 8
[  586.244098][T13029] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1919'.
[  586.289121][T13029] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1919'.
[  587.101683][T13039] netlink: 'syz.0.1925': attribute type 10 has an invalid length.
[  587.532796][T13028] loop4: detected capacity change from 0 to 40427
[  587.570224][T13028] F2FS-fs (loop4): invalid crc value
[  587.596970][T13028] F2FS-fs (loop4): Found nat_bits in checkpoint
[  587.766304][T13028] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  588.052421][T13060] loop3: detected capacity change from 0 to 4096
[  588.144028][T13060] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  588.231868][T13060] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  588.274543][T13060] NILFS (loop3): mounting unchecked fs
[  588.391527][T13060] NILFS (loop3): recovery complete
[  588.468195][T13072] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  588.781598][ T5794] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  588.950134][T13074] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1931'.
[  588.989004][ T5794] usb 4-1: unable to get BOS descriptor or descriptor too short
[  588.993398][T13074] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1931'.
[  589.009621][ T5794] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  589.035521][ T5794] usb 4-1: config 1 has no interface number 1
[  589.051842][ T5794] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  589.091766][ T5794] usb 4-1: config 1 interface 0 has no altsetting 0
[  589.114335][ T5794] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  589.138405][ T5794] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  589.148453][ T5794] usb 4-1: Product: syz
[  589.153046][ T5794] usb 4-1: Manufacturer: syz
[  589.170907][ T5794] usb 4-1: SerialNumber: syz
[  589.217488][T13078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1933'.
[  589.234787][T13078] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1933'.
[  589.278052][T13078] syz_tun: entered promiscuous mode
[  589.300119][T13078] syz_tun: left promiscuous mode
[  592.735525][ T9332] syz-executor: attempt to access beyond end of device
[  592.735525][ T9332] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  592.764069][ T9332] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  593.114177][ T5794] smsusb:smsusb_probe: board id=8, interface number 0
[  593.182060][ T5794] smsusb:smsusb_probe: board id=8, interface number 44
[  593.220987][ T5794] usb 4-1: USB disconnect, device number 9
[  593.776565][T13105] netlink: 'syz.7.1941': attribute type 10 has an invalid length.
[  593.953546][T13111] netlink: 56 bytes leftover after parsing attributes in process `syz.3.1942'.
[  593.999057][T13111] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1942'.
[  594.195606][T13118] syzkaller1: entered promiscuous mode
[  594.201274][T13118] syzkaller1: entered allmulticast mode
[  594.342789][T13124] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1948'.
[  594.362128][T13124] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1948'.
[  594.411988][T13124] syz_tun: entered promiscuous mode
[  594.431274][T13124] syz_tun: left promiscuous mode
[  594.869736][T13113] loop4: detected capacity change from 0 to 40427
[  594.887306][T13140] netlink: 596 bytes leftover after parsing attributes in process `syz.0.1951'.
[  594.909797][T13113] F2FS-fs (loop4): invalid crc value
[  594.930077][T13113] F2FS-fs (loop4): Found nat_bits in checkpoint
[  595.030799][T13113] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  595.163581][T13151] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1954'.
[  595.209203][T13151] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1954'.
[  595.517078][T13156] netlink: 28 bytes leftover after parsing attributes in process `syz.7.1955'.
[  595.793887][T13162] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1955'.
[  596.098567][T13158] syzkaller1: entered promiscuous mode
[  596.105554][T13158] syzkaller1: entered allmulticast mode
[  596.122717][T13165] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1955'.
[  596.566905][T13171] syzkaller0: entered promiscuous mode
[  596.572735][T13171] syzkaller0: entered allmulticast mode
[  597.418200][ T9332] syz-executor: attempt to access beyond end of device
[  597.418200][ T9332] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  597.451491][ T9332] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  600.202302][T13194] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  600.265047][T13194] syzkaller0: entered promiscuous mode
[  600.270786][T13194] syzkaller0: entered allmulticast mode
[  600.322510][T13193] tipc: Resetting bearer <eth:syzkaller0>
[  600.388871][T13193] tipc: Disabling bearer <eth:syzkaller0>
[  601.293389][T13214] __nla_validate_parse: 2 callbacks suppressed
[  601.293409][T13214] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1972'.
[  601.325742][T13214] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1972'.
[  601.344824][T13216] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1973'.
[  601.367558][T13216] netlink: 8 bytes leftover after parsing attributes in process `syz.7.1973'.
[  601.383379][T13214] bond3: entered promiscuous mode
[  601.388505][T13214] bond3: entered allmulticast mode
[  601.398606][T13214] 8021q: adding VLAN 0 to HW filter on device bond3
[  601.406466][T13220] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1974'.
[  601.416573][T13220] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1974'.
[  601.431600][T13220] syz_tun: entered promiscuous mode
[  601.438408][T13220] syz_tun: left promiscuous mode
[  601.599677][T13223] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1975'.
[  601.915999][T13225] syzkaller0: entered promiscuous mode
[  601.922305][T13225] syzkaller0: entered allmulticast mode
[  602.189293][T13246] netlink: 56 bytes leftover after parsing attributes in process `syz.7.1983'.
[  604.685177][T13232] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  604.705037][T13235] syzkaller0: entered promiscuous mode
[  604.710681][T13235] syzkaller0: entered allmulticast mode
[  604.767945][T13247] tipc: Resetting bearer <eth:syzkaller0>
[  604.794996][T13228] tipc: Resetting bearer <eth:syzkaller0>
[  604.852725][T13228] tipc: Disabling bearer <eth:syzkaller0>
[  604.895681][T13256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1985'.
[  604.931436][T13256] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1985'.
[  604.968382][T13256] syz_tun: entered promiscuous mode
[  604.981076][T13258] loop7: detected capacity change from 0 to 256
[  604.990575][T13258] exfat: Deprecated parameter 'namecase'
[  604.997853][T13258] exfat: Deprecated parameter 'namecase'
[  605.029212][T13256] syz_tun: left promiscuous mode
[  605.090566][T13258] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  605.256152][T13258] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  606.054789][T13276] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  606.063977][T13276] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  606.072481][T13276] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  606.080757][T13276] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  606.380255][T13278] syzkaller0: entered promiscuous mode
[  606.390475][T13278] syzkaller0: entered allmulticast mode
[  610.100614][T13282] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  610.108613][T13283] syzkaller0: entered promiscuous mode
[  610.114268][T13283] syzkaller0: entered allmulticast mode
[  610.125821][T13286] tipc: Resetting bearer <eth:syzkaller0>
[  610.133121][T13280] tipc: Resetting bearer <eth:syzkaller0>
[  610.159619][T13280] tipc: Disabling bearer <eth:syzkaller0>
[  610.969238][T13320] syzkaller0: entered promiscuous mode
[  610.975264][T13320] syzkaller0: entered allmulticast mode
[  614.665210][T13332] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  615.204933][T13366] netlink: 'syz.4.2026': attribute type 29 has an invalid length.
[  615.223790][T13366] netlink: 'syz.4.2026': attribute type 29 has an invalid length.
[  615.246655][T13366] netlink: 'syz.4.2026': attribute type 29 has an invalid length.
[  615.283804][T13366] netlink: 'syz.4.2026': attribute type 29 has an invalid length.
[  615.330253][T13366] netlink: 'syz.4.2026': attribute type 29 has an invalid length.
[  615.361421][T13368] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  615.525455][T13368] syzkaller0: entered promiscuous mode
[  615.543431][T13368] syzkaller0: entered allmulticast mode
[  615.561258][T13368] tipc: Resetting bearer <eth:syzkaller0>
[  615.593529][T13373] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  615.612266][T13375] syzkaller0: entered promiscuous mode
[  615.617823][T13375] syzkaller0: entered allmulticast mode
[  615.666753][T13367] tipc: Resetting bearer <eth:syzkaller0>
[  619.324727][T13367] tipc: Disabling bearer <eth:syzkaller0>
[  619.351058][T13373] tipc: Resetting bearer <eth:syzkaller0>
[  619.358731][T13370] tipc: Resetting bearer <eth:syzkaller0>
[  619.392590][T13370] tipc: Disabling bearer <eth:syzkaller0>
[  620.004608][T13408] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  620.068887][T13408] syzkaller0: entered promiscuous mode
[  620.075075][T13408] syzkaller0: entered allmulticast mode
[  620.082054][T13408] tipc: Resetting bearer <eth:syzkaller0>
[  620.095964][T13406] tipc: Resetting bearer <eth:syzkaller0>
[  623.443591][T13406] tipc: Disabling bearer <eth:syzkaller0>
[  623.541101][T13425] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  624.166683][T13459] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  624.300843][T13459] syzkaller0: entered promiscuous mode
[  624.306587][T13459] syzkaller0: entered allmulticast mode
[  624.313427][T13459] tipc: Resetting bearer <eth:syzkaller0>
[  624.329534][T13467] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  624.340896][T13458] tipc: Resetting bearer <eth:syzkaller0>
[  624.703169][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  627.620022][T13458] tipc: Disabling bearer <eth:syzkaller0>
[  627.629128][T13464] syzkaller0: entered promiscuous mode
[  627.634748][T13464] syzkaller0: entered allmulticast mode
[  627.646750][T13470] tipc: Resetting bearer <eth:syzkaller0>
[  627.658510][T13483] __nla_validate_parse: 3 callbacks suppressed
[  627.658525][T13483] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2068'.
[  627.675599][T13483] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2068'.
[  627.690475][T13483] workqueue: Failed to create a rescuer kthread for wq "bond1": -EINTR
[  627.790028][T13463] tipc: Resetting bearer <eth:syzkaller0>
[  627.848616][T13463] tipc: Disabling bearer <eth:syzkaller0>
[  628.513844][T13516] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  628.532618][T13516] syzkaller0: entered promiscuous mode
[  628.538665][T13516] syzkaller0: entered allmulticast mode
[  628.568546][T13516] tipc: Resetting bearer <eth:syzkaller0>
[  628.598495][T13514] tipc: Resetting bearer <eth:syzkaller0>
[  628.663976][T13514] tipc: Disabling bearer <eth:syzkaller0>
[  628.741039][T13522] netlink: 92 bytes leftover after parsing attributes in process `syz.4.2083'.
[  628.981570][T13529] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2086'.
[  629.631547][T13553] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2098'.
[  629.641233][T13558] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2099'.
[  629.650801][T13558] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2099'.
[  629.671916][T13561] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2100'.
[  629.686345][T13558] bond1: entered promiscuous mode
[  629.691960][T13558] bond1: entered allmulticast mode
[  629.697562][T13558] 8021q: adding VLAN 0 to HW filter on device bond1
[  629.708478][T13561] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2100'.
[  629.719482][T13555] netlink: 60 bytes leftover after parsing attributes in process `syz.7.2100'.
[  630.026240][T13571] loop4: detected capacity change from 0 to 512
[  630.118672][T13571] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  630.132046][T13571] EXT4-fs (loop4): orphan cleanup on readonly fs
[  630.175515][T13571] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  630.243184][T13571] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  630.250313][T13571] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.2105: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  630.269719][T13571] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2105: couldn't read orphan inode 13 (err -117)
[  630.282044][T13577] 8021q: VLANs not supported on ip6gre0
[  630.299299][T13571] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  630.601809][ T5880] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  630.793384][ T5880] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  630.822522][ T5880] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  630.869717][ T5880] usb 5-1: config 0 descriptor??
[  631.271156][T13608] 8021q: VLANs not supported on ip6gre0
[  631.379330][T13611] bond2: entered promiscuous mode
[  631.384571][T13611] bond2: entered allmulticast mode
[  631.390171][T13611] 8021q: adding VLAN 0 to HW filter on device bond2
[  631.516962][T13618] sock: sock_timestamping_bind_phc: sock not bind to device
[  631.774705][ T5880] asus 0003:0B05:19B6.0006: unknown main item tag 0x4
[  631.834423][ T5880] asus 0003:0B05:19B6.0006: item fetching failed at offset 6/7
[  631.885402][ T5880] asus 0003:0B05:19B6.0006: Asus hid parse failed: -22
[  631.934431][ T5880] asus: probe of 0003:0B05:19B6.0006 failed with error -22
[  632.838859][T13643] bond1: entered promiscuous mode
[  632.880338][T13643] bond1: entered allmulticast mode
[  632.897362][T13643] 8021q: adding VLAN 0 to HW filter on device bond1
[  633.156347][T13654] __nla_validate_parse: 11 callbacks suppressed
[  633.156364][T13654] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2136'.
[  633.594951][  T786] usb 5-1: USB disconnect, device number 7
[  633.860482][T13676] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2145'.
[  633.869892][T13676] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2145'.
[  633.882916][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  633.988109][T13676] bond3: entered promiscuous mode
[  634.000889][T13676] bond3: entered allmulticast mode
[  634.017561][T13676] 8021q: adding VLAN 0 to HW filter on device bond3
[  634.047322][T13680] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2146'.
[  634.775600][ T5880] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  634.836832][T13707] loop7: detected capacity change from 0 to 4096
[  634.851610][T13707] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 1024)
[  634.862973][T13707] NILFS (loop7): broken superblock, retrying with spare superblock (blocksize = 4096)
[  634.873045][T13707] NILFS (loop7): mounting unchecked fs
[  634.898326][T13707] NILFS (loop7): recovery complete
[  634.907907][T13711] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  634.918703][T13712] netlink: 'syz.3.2158': attribute type 29 has an invalid length.
[  634.957569][T13712] netlink: 'syz.3.2158': attribute type 29 has an invalid length.
[  634.984125][ T5880] usb 1-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  635.011397][ T5880] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  635.034268][ T5880] usb 1-1: config 0 descriptor??
[  635.073215][T13712] netlink: 'syz.3.2158': attribute type 29 has an invalid length.
[  635.241655][    T8] usb 8-1: new high-speed USB device number 9 using dummy_hcd
[  635.434632][    T8] usb 8-1: unable to get BOS descriptor or descriptor too short
[  635.464864][    T8] usb 8-1: config 1 has an invalid interface number: 44 but max is 1
[  635.488089][    T8] usb 8-1: config 1 has no interface number 1
[  635.514521][    T8] usb 8-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  635.575033][    T8] usb 8-1: config 1 interface 0 has no altsetting 0
[  635.621843][    T8] usb 8-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  635.652754][    T8] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  635.683700][    T8] usb 8-1: Product: syz
[  635.699868][    T8] usb 8-1: Manufacturer: syz
[  635.718780][    T8] usb 8-1: SerialNumber: syz
[  635.907839][ T5880] asus 0003:0B05:19B6.0007: unknown main item tag 0x4
[  635.925451][ T5880] asus 0003:0B05:19B6.0007: item fetching failed at offset 6/7
[  635.948669][ T5880] asus 0003:0B05:19B6.0007: Asus hid parse failed: -22
[  635.973274][ T5880] asus: probe of 0003:0B05:19B6.0007 failed with error -22
[  636.099424][T13716] netlink: 'syz.3.2158': attribute type 29 has an invalid length.
[  636.439703][T13722] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2162'.
[  637.954462][T13738] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  637.979282][T13738] syzkaller0: entered promiscuous mode
[  637.991550][T13738] syzkaller0: entered allmulticast mode
[  638.022639][T13738] tipc: Resetting bearer <eth:syzkaller0>
[  638.051816][T13737] tipc: Resetting bearer <eth:syzkaller0>
[  638.086638][ T5880] usb 1-1: USB disconnect, device number 5
[  638.156201][T13737] tipc: Disabling bearer <eth:syzkaller0>
[  638.468567][    T8] smsusb:smsusb_probe: board id=8, interface number 0
[  638.473428][T13745] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2172'.
[  638.484723][    T8] smsusb:smsusb_probe: board id=8, interface number 44
[  638.487532][    T8] usb 8-1: USB disconnect, device number 9
[  639.851582][T13762] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  639.862714][T13761] IPVS: stopping backup sync thread 13762 ...
[  639.885603][T13759] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  639.913434][T13757] tipc: Disabling bearer <eth:syzkaller0>
[  640.166172][T13771] loop4: detected capacity change from 0 to 512
[  640.191573][T13771] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  640.224344][T13771] EXT4-fs (loop4): orphan cleanup on readonly fs
[  640.242852][T13771] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  640.307459][T13771] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  640.340231][T13771] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.2181: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  640.392711][T13777] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2185'.
[  640.407944][T13771] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2181: couldn't read orphan inode 13 (err -117)
[  640.444253][T13771] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  640.778994][T13787] IPVS: stopping backup sync thread 10068 ...
[  640.785719][  T786] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  640.990128][  T786] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  640.999427][  T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  641.045012][  T786] usb 5-1: config 0 descriptor??
[  641.882477][  T786] asus 0003:0B05:19B6.0008: unknown main item tag 0x4
[  641.889375][  T786] asus 0003:0B05:19B6.0008: item fetching failed at offset 6/7
[  641.900504][  T786] asus 0003:0B05:19B6.0008: Asus hid parse failed: -22
[  641.908121][  T786] asus: probe of 0003:0B05:19B6.0008 failed with error -22
[  643.228897][    T8] usb 5-1: USB disconnect, device number 8
[  643.372390][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  644.790842][T13790] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  645.197480][T13809] netlink: 100 bytes leftover after parsing attributes in process `syz.3.2196'.
[  645.300926][T13818] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  645.312294][T13817] IPVS: stopping backup sync thread 13818 ...
[  645.548110][T13827] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  645.642818][ T5791] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  645.865486][ T5791] usb 1-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  645.880810][ T5791] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  645.915400][ T5791] usb 1-1: config 0 descriptor??
[  646.743773][ T5791] asus 0003:0B05:19B6.0009: unknown main item tag 0x4
[  646.772616][ T5791] asus 0003:0B05:19B6.0009: item fetching failed at offset 6/7
[  646.781031][ T5791] asus 0003:0B05:19B6.0009: Asus hid parse failed: -22
[  646.820803][ T5791] asus: probe of 0003:0B05:19B6.0009 failed with error -22
[  648.130918][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  648.426669][ T5880] usb 1-1: USB disconnect, device number 6
[  649.955923][T13846] netlink: 100 bytes leftover after parsing attributes in process `syz.0.2209'.
[  650.442130][T13864] netlink: 'syz.4.2215': attribute type 6 has an invalid length.
[  650.450037][T13864] netlink: 'syz.4.2215': attribute type 7 has an invalid length.
[  650.459477][T13864] netlink: 12886 bytes leftover after parsing attributes in process `syz.4.2215'.
[  650.602526][T13868] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  650.612083][T13867] loop3: detected capacity change from 0 to 512
[  650.657907][T13867] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  650.703608][T13867] EXT4-fs (loop3): orphan cleanup on readonly fs
[  650.722868][T13867] EXT4-fs warning (device loop3): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  650.769509][T13867] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  650.778997][T13867] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.2217: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  650.805439][T13867] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2217: couldn't read orphan inode 13 (err -117)
[  650.824465][T13867] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  651.161491][ T5794] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  651.374265][ T5794] usb 4-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  651.399191][ T5794] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  651.432885][ T5794] usb 4-1: config 0 descriptor??
[  651.463172][T13898] siw: device registration error -23
[  651.975134][T13910] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2236'.
[  652.453171][ T5794] asus 0003:0B05:19B6.000A: unknown main item tag 0x4
[  652.460272][ T5794] asus 0003:0B05:19B6.000A: item fetching failed at offset 6/7
[  652.469250][ T5794] asus 0003:0B05:19B6.000A: Asus hid parse failed: -22
[  652.476741][ T5794] asus: probe of 0003:0B05:19B6.000A failed with error -22
[  653.652101][T13936] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2246'.
[  654.018711][T13943] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  654.041659][T13944] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2249'.
[  654.042091][   T50] Bluetooth: hci3: command 0x0406 tx timeout
[  654.964391][T13960] netlink: 16410 bytes leftover after parsing attributes in process `syz.0.2255'.
[  655.110572][ T5880] usb 4-1: USB disconnect, device number 10
[  655.670194][T13962] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2256'.
[  656.772930][ T9329] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  657.099375][T13980] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  659.293772][T13997] loop3: detected capacity change from 0 to 512
[  659.380412][T13997] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  659.416435][T13997] EXT4-fs (loop3): orphan cleanup on readonly fs
[  659.435029][T13997] EXT4-fs warning (device loop3): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  659.488338][T13997] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  659.587252][T13997] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.2267: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  659.644190][T13997] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2267: couldn't read orphan inode 13 (err -117)
[  659.683050][T13997] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  660.041482][    T8] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  660.259555][    T8] usb 4-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  660.269347][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  660.290222][    T8] usb 4-1: config 0 descriptor??
[  661.077413][T14017] syz.4.2275 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  663.722904][   T50] Bluetooth: hci4: Opcode 0x1003 failed: -110
[  664.039369][    T8] asus 0003:0B05:19B6.000B: unknown main item tag 0x4
[  664.046318][    T8] asus 0003:0B05:19B6.000B: item fetching failed at offset 6/7
[  664.054801][    T8] asus 0003:0B05:19B6.000B: Asus hid parse failed: -22
[  664.061845][    T8] asus: probe of 0003:0B05:19B6.000B failed with error -22
[  664.256604][T14041] comedi comedi3: rti802: I/O port conflict (0x40404f26,4)
[  665.621757][  T786] usb 4-1: USB disconnect, device number 11
[  665.913852][ T9329] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  668.410245][T14089] loop4: detected capacity change from 0 to 512
[  668.554779][T14089] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  668.618396][T14089] EXT4-fs (loop4): orphan cleanup on readonly fs
[  668.628860][T14089] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  668.761905][T14089] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  668.812094][T14089] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.2297: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  669.143437][T14089] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2297: couldn't read orphan inode 13 (err -117)
[  669.281794][T14089] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  669.751757][  T786] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  669.986673][  T786] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  670.006725][  T786] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  670.220973][  T786] usb 5-1: config 0 descriptor??
[  672.445156][  T786] usbhid 5-1:0.0: can't add hid device: -71
[  672.451176][  T786] usbhid: probe of 5-1:0.0 failed with error -71
[  672.504665][  T786] usb 5-1: USB disconnect, device number 9
[  672.771590][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  674.620577][T14159] loop4: detected capacity change from 0 to 512
[  674.682729][T14159] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  674.722722][T14159] EXT4-fs (loop4): orphan cleanup on readonly fs
[  674.781543][T14159] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  674.847967][T14159] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  674.903172][T14159] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.2318: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  674.923600][T14159] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2318: couldn't read orphan inode 13 (err -117)
[  674.950641][T14159] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  675.436263][ T9131] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  675.738165][ T9131] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  675.761499][ T9131] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  675.782612][ T9131] usb 5-1: config 0 descriptor??
[  680.589359][ T9131] usbhid 5-1:0.0: can't add hid device: -71
[  680.595521][ T9131] usbhid: probe of 5-1:0.0 failed with error -71
[  680.604810][ T9131] usb 5-1: USB disconnect, device number 10
[  684.872912][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  684.967128][T14261] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2349'.
[  684.999721][T14261] 8021q: VLANs not supported on ip6gre0
[  686.833337][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  689.357059][T14301] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2361'.
[  689.421909][T14301] 8021q: VLANs not supported on ip6gre0
[  692.598841][T14320] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2370'.
[  692.920730][T14326] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2373'.
[  692.947188][T14326] 8021q: VLANs not supported on ip6gre0
[  693.371224][   T28] audit: type=1326 audit(1758386811.442:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14335 comm="syz.4.2377" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f74ae58ec29 code=0x0
[  697.604084][T14356] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2384'.
[  697.631635][T14356] 8021q: VLANs not supported on ip6gre0
[  698.143047][T14375] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2393'.
[  700.115901][T14384] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2396'.
[  700.144563][T14384] 8021q: VLANs not supported on ip6gre0
[  700.312870][ T9131] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  700.541749][ T9131] usb 1-1: Using ep0 maxpacket: 8
[  700.549193][ T9131] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  700.564318][ T9131] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  700.573880][ T9131] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  700.598319][ T9131] usb 1-1: config 0 descriptor??
[  700.889097][ T9131] iowarrior 1-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[  701.376488][ T9131] usb 1-1: USB disconnect, device number 7
[  701.593041][T14414] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2409'.
[  701.618346][T14414] 8021q: VLANs not supported on ip6gre0
[  702.131499][ T9131] usb 8-1: new high-speed USB device number 10 using dummy_hcd
[  702.331957][ T9131] usb 8-1: Using ep0 maxpacket: 8
[  702.340940][ T9131] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  702.361834][ T9131] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  702.397280][ T9131] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  702.417991][ T9131] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  702.432070][ T9131] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  702.441173][ T9131] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  702.687721][ T9131] usb 8-1: GET_CAPABILITIES returned 0
[  702.695311][ T9131] usbtmc 8-1:16.0: can't read capabilities
[  703.117673][    C0] usbtmc 8-1:16.0: usbtmc_write_bulk_cb - nonzero write bulk status received: -71
[  703.131944][T14422] usbtmc 8-1:16.0: Unable to send data, error -71
[  703.148391][    T8] usb 8-1: USB disconnect, device number 10
[  705.916201][T14469] loop4: detected capacity change from 0 to 256
[  705.948746][T14469] exfat: Deprecated parameter 'namecase'
[  706.037557][T14469] exfat: Deprecated parameter 'namecase'
[  706.048792][T14475] IPVS: stopping backup sync thread 14476 ...
[  706.059025][T14476] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  706.343033][T14469] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  706.440758][T14469] overlayfs: missing 'lowerdir'
[  709.526745][T14511] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  709.542869][T14508] IPVS: stopping backup sync thread 14511 ...
[  710.235079][T14521] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  710.264310][T14521] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  712.814503][T14533] Process accounting resumed
[  713.268198][T14544] IPVS: sync thread started: state = BACKUP, mcast_ifn = veth1_to_bridge, syncid = 512, id = 0
[  713.281805][T14543] IPVS: stopping backup sync thread 14544 ...
[  722.006186][T14648] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2484'.
[  724.267694][ T5791] hid-generic 0000:0000:0000.000C: unknown main item tag 0x0
[  724.329842][ T5791] hid-generic 0000:0000:0000.000C: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  724.596216][T14692] fido_id[14692]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  724.691423][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  725.331023][T14713] ISOFS: Unable to identify CD-ROM format.
[  727.343250][T14753] loop4: detected capacity change from 0 to 512
[  727.359674][T14753] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  727.369812][T14753] EXT4-fs (loop4): orphan cleanup on readonly fs
[  727.376705][ T5880] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  727.409649][T14753] EXT4-fs warning (device loop4): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  727.434167][T14753] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  727.458677][T14753] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #13: comm syz.4.2517: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  727.509859][T14753] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.2517: couldn't read orphan inode 13 (err -117)
[  727.527670][T14753] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  727.613895][ T5880] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[  727.622720][ T5880] usb 4-1: config 0 has no interface number 0
[  727.629264][ T5880] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  727.639672][ T5880] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  727.658725][ T5880] usb 4-1: config 0 descriptor??
[  727.673788][ T5880] cp210x 4-1:0.1: cp210x converter detected
[  727.841702][T14127] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  728.113314][T14127] usb 5-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  728.128742][ T5880] cp210x 4-1:0.1: failed to get vendor val 0x000e size 3: -32
[  728.131377][T14127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  728.199909][T14127] usb 5-1: config 0 descriptor??
[  728.357777][ T5880] cp210x 4-1:0.1: failed to get vendor val 0x370c size 15: -121
[  728.403630][ T5880] cp210x 4-1:0.1: GPIO initialisation failed: -121
[  728.429811][ T5880] usb 4-1: cp210x converter now attached to ttyUSB0
[  728.471368][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  728.678540][ T5880] usb 4-1: USB disconnect, device number 12
[  728.777117][ T5880] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  728.839875][ T5880] cp210x 4-1:0.1: device disconnected
[  730.713592][T14127] usbhid 5-1:0.0: can't add hid device: -71
[  730.720031][T14127] usbhid: probe of 5-1:0.0 failed with error -71
[  730.734369][T14127] usb 5-1: USB disconnect, device number 11
[  730.771489][ T9332] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  731.651411][T14127] usb 5-1: new high-speed USB device number 12 using dummy_hcd
[  731.841580][T14127] usb 5-1: Using ep0 maxpacket: 32
[  731.851981][T14127] usb 5-1: config 0 has no interfaces?
[  731.873632][T14127] usb 5-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  731.926093][T14127] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  732.020523][T14127] usb 5-1: config 0 descriptor??
[  732.355895][T14808] loop7: detected capacity change from 0 to 512
[  732.392427][T14808] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  732.436727][T14808] EXT4-fs (loop7): orphan cleanup on readonly fs
[  732.504182][T14808] EXT4-fs warning (device loop7): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  732.585162][T14808] EXT4-fs (loop7): Cannot turn on quotas: error -22
[  732.594730][T14808] EXT4-fs error (device loop7): ext4_ext_check_inode:520: inode #13: comm syz.7.2533: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  732.621475][T14808] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.2533: couldn't read orphan inode 13 (err -117)
[  732.642959][T14808] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  732.673116][ T5880] usb 5-1: USB disconnect, device number 12
[  733.015021][T14127] usb 8-1: new high-speed USB device number 11 using dummy_hcd
[  733.174601][T14827] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -2
[  733.218873][T14127] usb 8-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  733.233888][T14127] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  733.263582][T14127] usb 8-1: config 0 descriptor??
[  735.674182][T14127] usbhid 8-1:0.0: can't add hid device: -71
[  735.691621][T14127] usbhid: probe of 8-1:0.0 failed with error -71
[  735.699323][ T7609] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  735.724874][T14127] usb 8-1: USB disconnect, device number 11
[  737.139206][T14871] loop3: detected capacity change from 0 to 512
[  737.171610][T14871] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=8856c01c, mo2=0002]
[  737.192561][T14871] EXT4-fs (loop3): orphan cleanup on readonly fs
[  737.206445][T14871] EXT4-fs warning (device loop3): ext4_enable_quotas:7175: Failed to enable quota tracking (type=2, err=-22, ino=15). Please run e2fsck to fix.
[  737.226447][T14871] EXT4-fs (loop3): Cannot turn on quotas: error -22
[  737.233723][T14871] EXT4-fs error (device loop3): ext4_ext_check_inode:520: inode #13: comm syz.3.2553: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[  737.271428][T14871] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.2553: couldn't read orphan inode 13 (err -117)
[  737.317788][T14871] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  737.644808][ T5880] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  737.876654][ T5880] usb 4-1: New USB device found, idVendor=0b05, idProduct=19b6, bcdDevice= 0.00
[  737.893549][ T5880] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  738.014923][ T5880] usb 4-1: config 0 descriptor??
[  738.030809][T14880] netlink: 32 bytes leftover after parsing attributes in process `syz.7.2558'.
[  738.071093][T14884] loop4: detected capacity change from 0 to 256
[  738.083275][T14884] exfat: Deprecated parameter 'namecase'
[  738.109824][T14884] exfat: Deprecated parameter 'namecase'
[  738.144766][T14884] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf6e0d861, utbl_chksum : 0xe619d30d)
[  739.631990][T14884] overlayfs: failed to resolve 'w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8/': -22
[  740.673846][ T5880] usbhid 4-1:0.0: can't add hid device: -71
[  740.679932][ T5880] usbhid: probe of 4-1:0.0 failed with error -71
[  740.745953][ T9329] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  740.901838][ T5880] usb 4-1: USB disconnect, device number 13
[  744.823442][T14949] binder_alloc: 14946: binder_alloc_buf, no vma
[  747.568923][ T1282] ieee802154 phy1 wpan1: encryption failed: -22
[  748.775613][T14995] libceph: resolve 'c' (ret=-3): failed
[  755.591578][T15042] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  755.600083][T15042] llcp: nfc_llcp_send_ui_frame: Could not allocate PDU (error=-512)
[  758.017191][T14127] usb 8-1: new full-speed USB device number 12 using dummy_hcd
[  759.056542][T14127] usb 8-1: unable to get BOS descriptor or descriptor too short
[  759.072243][T14127] usb 8-1: not running at top speed; connect to a high speed hub
[  759.086031][T14127] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  759.100363][T14127] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 3
[  759.116844][T14127] usb 8-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  759.145353][T14127] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  759.171379][T14127] usb 8-1: Product: syz
[  759.175622][T14127] usb 8-1: Manufacturer: syz
[  759.180253][T14127] usb 8-1: SerialNumber: syz
[  759.571894][T14127] usb 8-1: 0:2 : does not exist
[  759.699339][T14127] usb 8-1: USB disconnect, device number 12
[  759.992782][T15094] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2631'.
[  760.282926][T13713] udevd[13713]: error opening ATTR{/sys/devices/platform/dummy_hcd.7/usb8/8-1/8-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  764.671530][T15137] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2647'.
[  766.802610][T15165] netlink: 20 bytes leftover after parsing attributes in process `syz.7.2660'.
[  769.949074][T15197] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2670'.
[  772.551415][T14127] usb 8-1: new high-speed USB device number 13 using dummy_hcd
[  772.711462][T15217] libceph: resolve 'c' (ret=-3): failed
[  773.222312][T14127] usb 8-1: too many endpoints for config 0 interface 0 altsetting 0: 253, using maximum allowed: 30
[  773.241534][T14127] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  773.257749][T14127] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  773.275317][T14127] usb 8-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 253
[  773.291159][T14127] usb 8-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40
[  773.308932][T14127] usb 8-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0
[  773.363488][T14127] usb 8-1: Manufacturer: syz
[  773.387799][T14127] usb 8-1: config 0 descriptor??
[  773.689620][T15227] syz.0.2680 (15227): /proc/15220/oom_adj is deprecated, please use /proc/15220/oom_score_adj instead.
[  775.345180][T14127] appleir 0003:05AC:8243.000D: unknown main item tag 0x0
[  775.354369][T14127] appleir 0003:05AC:8243.000D: No inputs registered, leaving
[  776.187988][T14127] appleir 0003:05AC:8243.000D: hiddev0,hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.7-1/input0
[  776.260709][T14127] usb 8-1: USB disconnect, device number 13
[  776.452530][T15242] fido_id[15242]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.7/usb8/report_descriptor': No such file or directory
[  777.781301][T15255] libceph: resolve 'c' (ret=-3): failed
[  779.349435][T15271] netlink: 15670 bytes leftover after parsing attributes in process `syz.7.2695'.
[  780.822525][T15280] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2699'.
[  780.832681][T15280] nlmon0: Master is either lo or non-ether device
[  780.898603][T15287] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2700'.
[  781.797839][T15288] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2701'.
[  781.807135][T15288] 8021q: VLANs not supported on ip6gre0
[  784.741892][T15318] netlink: 15670 bytes leftover after parsing attributes in process `syz.0.2709'.
[  785.196920][T15327] netlink: 12 bytes leftover after parsing attributes in process `syz.7.2714'.
[  785.243713][T15327] vlan0: entered promiscuous mode
[  785.248957][T15327] syz_tun: entered promiscuous mode
[  787.982850][T15363] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2727'.
[  788.014072][T15364] netlink: 15670 bytes leftover after parsing attributes in process `syz.7.2725'.
[  788.031044][T15363] vlan2: entered promiscuous mode
[  788.036645][T15363] syz_tun: entered promiscuous mode
[  792.196520][T15397] loop3: detected capacity change from 0 to 4096
[  792.280575][T15397] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 1024)
[  792.294705][T15397] NILFS (loop3): broken superblock, retrying with spare superblock (blocksize = 4096)
[  792.304804][T15397] NILFS (loop3): mounting unchecked fs
[  792.353723][T15397] NILFS (loop3): recovery complete
[  792.735077][T15399] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  793.155275][ T9131] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  793.780564][ T9131] usb 4-1: unable to get BOS descriptor or descriptor too short
[  793.793523][ T9131] usb 4-1: config 1 has an invalid interface number: 44 but max is 1
[  793.802195][ T9131] usb 4-1: config 1 has no interface number 1
[  793.808601][ T9131] usb 4-1: config 1 interface 0 altsetting 247 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  793.851350][ T9131] usb 4-1: config 1 interface 0 has no altsetting 0
[  793.911411][T11195] Bluetooth: hci3: command 0x0406 tx timeout
[  794.147852][ T9131] usb 4-1: New USB device found, idVendor=2040, idProduct=b990, bcdDevice=f6.75
[  794.191436][ T9131] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  794.209915][ T9131] usb 4-1: Product: syz
[  794.225372][ T9131] usb 4-1: Manufacturer: syz
[  794.230059][ T9131] usb 4-1: SerialNumber: syz
[  796.703333][ T9131] smsusb:smsusb_probe: board id=8, interface number 0
[  796.756560][ T9131] smsusb:smsusb_probe: board id=8, interface number 44
[  796.833197][ T9131] usb 4-1: USB disconnect, device number 14
[  797.851656][ T5880] usb 8-1: new high-speed USB device number 14 using dummy_hcd
[  904.171211][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  904.178249][    C1] rcu: 	Tasks blocked on level-0 rcu_node (CPUs 0-1): P15429/1:b..l P11/1:b..l
[  904.187843][    C1] rcu: 	(detected by 1, t=10502 jiffies, g=99805, q=181 ncpus=2)
[  904.195576][    C1] task:kworker/u4:0    state:R  running task     stack:22072 pid:11    ppid:2      flags:0x00004000
[  904.207849][    C1] Workqueue: bat_events batadv_nc_worker
[  904.213526][    C1] Call Trace:
[  904.216810][    C1]  <TASK>
[  904.219847][    C1]  __schedule+0x14d2/0x44d0
[  904.224386][    C1]  ? asan.module_dtor+0x20/0x20
[  904.229247][    C1]  ? mark_lock+0x94/0x320
[  904.233609][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  904.239605][    C1]  ? preempt_schedule_irq+0xaa/0x140
[  904.244924][    C1]  preempt_schedule_irq+0xb5/0x140
[  904.250050][    C1]  ? preempt_schedule_notrace+0x110/0x110
[  904.255787][    C1]  ? rcu_irq_exit_check_preempt+0xdf/0x210
[  904.261628][    C1]  irqentry_exit+0x67/0x70
[  904.266058][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  904.272050][    C1] RIP: 0010:batadv_nc_worker+0x216/0x610
[  904.277700][    C1] Code: fe 4e f7 e8 5c b6 37 00 89 c3 31 ff 89 c6 e8 11 02 4f f7 85 db 74 15 e8 18 08 39 f7 84 c0 74 18 e8 4f fe 4e f7 48 8b 5c 24 08 <eb> 65 e8 43 fe 4e f7 48 8b 5c 24 08 eb 59 e8 27 b6 37 00 89 c3 31
[  904.297406][    C1] RSP: 0018:ffffc90000107b60 EFLAGS: 00000293
[  904.303484][    C1] RAX: ffffffff8a369951 RBX: ffff88802620f580 RCX: ffff888019e7bc00
[  904.311468][    C1] RDX: 0000000000000000 RSI: ffffffff8afc71a0 RDI: ffffffff8afc7160
[  904.319454][    C1] RBP: fffffffffffffe38 R08: dffffc0000000000 R09: 1ffffffff21b4ea0
[  904.327461][    C1] R10: dffffc0000000000 R11: fffffbfff21b4ea1 R12: dffffc0000000000
[  904.335439][    C1] R13: ffffffff8a369812 R14: ffff88805fae4c80 R15: 000000000000006e
[  904.343427][    C1]  ? batadv_nc_worker+0xd2/0x610
[  904.348419][    C1]  ? batadv_nc_worker+0x211/0x610
[  904.353475][    C1]  ? process_scheduled_works+0x957/0x15b0
[  904.359208][    C1]  process_scheduled_works+0xa45/0x15b0
[  904.364784][    C1]  ? assign_work+0x400/0x400
[  904.369390][    C1]  ? assign_work+0x39e/0x400
[  904.373992][    C1]  worker_thread+0xa55/0xfc0
[  904.378617][    C1]  kthread+0x2fa/0x390
[  904.382715][    C1]  ? pr_cont_work+0x560/0x560
[  904.387402][    C1]  ? kthread_blkcg+0xd0/0xd0
[  904.392002][    C1]  ret_from_fork+0x48/0x80
[  904.396428][    C1]  ? kthread_blkcg+0xd0/0xd0
[  904.401054][    C1]  ret_from_fork_asm+0x11/0x20
[  904.405841][    C1]  </TASK>
[  904.408866][    C1] task:syz.7.2747      state:R  running task     stack:27432 pid:15429 ppid:7609   flags:0x00004004
[  904.419653][    C1] Call Trace:
[  904.422938][    C1]  <TASK>
[  904.425877][    C1]  __schedule+0x14d2/0x44d0
[  904.430411][    C1]  ? asan.module_dtor+0x20/0x20
[  904.435283][    C1]  ? lock_acquire+0x1f2/0x410
[  904.439976][    C1]  ? preempt_schedule+0xab/0xc0
[  904.444837][    C1]  preempt_schedule_common+0x82/0xc0
[  904.450222][    C1]  preempt_schedule+0xab/0xc0
[  904.454910][    C1]  ? schedule_preempt_disabled+0x20/0x20
[  904.460553][    C1]  ? __lock_acquire+0x7c80/0x7c80
[  904.465592][    C1]  preempt_schedule_thunk+0x1a/0x30
[  904.470809][    C1]  _raw_spin_unlock+0x3a/0x40
[  904.475513][    C1]  unmap_page_range+0x236f/0x2fe0
[  904.480575][    C1]  ? copy_page_range+0x3600/0x3600
[  904.485700][    C1]  ? unmap_single_vma+0x1b0/0x2a0
[  904.490741][    C1]  unmap_vmas+0x25e/0x3a0
[  904.495087][    C1]  ? unmap_page_range+0x2fe0/0x2fe0
[  904.500309][    C1]  ? __lock_acquire+0x7c80/0x7c80
[  904.505354][    C1]  exit_mmap+0x200/0xb50
[  904.509607][    C1]  ? exit_mm_release+0x1a/0x30
[  904.514381][    C1]  ? vm_brk+0x30/0x30
[  904.518372][    C1]  ? __mutex_unlock_slowpath+0x1a2/0x6a0
[  904.524038][    C1]  ? uprobe_clear_state+0x278/0x290
[  904.529249][    C1]  ? mm_update_next_owner+0x562/0x6c0
[  904.534695][    C1]  __mmput+0x118/0x3c0
[  904.538792][    C1]  exit_mm+0x1da/0x2c0
[  904.542879][    C1]  ? do_exit+0x23c0/0x23c0
[  904.547307][    C1]  ? taskstats_exit+0x35e/0x9e0
[  904.552179][    C1]  do_exit+0x88e/0x23c0
[  904.556363][    C1]  ? put_task_struct+0xc0/0xc0
[  904.561244][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  904.567328][    C1]  ? get_signal+0x1068/0x1400
[  904.572022][    C1]  ? lock_chain_count+0x20/0x20
[  904.576881][    C1]  ? _raw_spin_lock_irq+0xaf/0xe0
[  904.581914][    C1]  do_group_exit+0x21b/0x2d0
[  904.586519][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  904.591736][    C1]  get_signal+0x12fc/0x1400
[  904.596272][    C1]  arch_do_signal_or_restart+0x96/0x780
[  904.601835][    C1]  ? get_sigframe_size+0x20/0x20
[  904.606792][    C1]  ? exit_to_user_mode_loop+0x3b/0x110
[  904.612261][    C1]  exit_to_user_mode_loop+0x70/0x110
[  904.617561][    C1]  exit_to_user_mode_prepare+0xf6/0x180
[  904.623120][    C1]  syscall_exit_to_user_mode+0x1a/0x50
[  904.628595][    C1]  do_syscall_64+0x61/0xb0
[  904.633033][    C1]  ? clear_bhb_loop+0x40/0x90
[  904.637714][    C1]  ? clear_bhb_loop+0x40/0x90
[  904.642398][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  904.648306][    C1] RIP: 0033:0x7f7b4618e82b
[  904.652724][    C1] RSP: 002b:00007f7b47105f10 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  904.661150][    C1] RAX: 0000000000000000 RBX: 0000000000000006 RCX: 00007f7b4618e82b
[  904.669133][    C1] RDX: 00007f7b47106fe0 RSI: 0000000080085502 RDI: 0000000000000006
[  904.677127][    C1] RBP: 00007f7b47106fe0 R08: 0000000000000080 R09: 00007f7b47105fd8
[  904.685107][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000080085502
[  904.693085][    C1] R13: 0000000800000000 R14: 0000000000000012 R15: 00007f7b4621d3bd
[  904.701072][    C1]  </TASK>
[  904.704096][    C1] rcu: rcu_preempt kthread starved for 10552 jiffies! g99805 f0x0 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=0
[  904.715312][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  904.725373][    C1] rcu: RCU grace-period kthread stack dump:
[  904.731320][    C1] task:rcu_preempt     state:R  running task     stack:27088 pid:17    ppid:2      flags:0x00004000
[  904.742200][    C1] Call Trace:
[  904.745482][    C1]  <TASK>
[  904.748426][    C1]  __schedule+0x14d2/0x44d0
[  904.752988][    C1]  ? _raw_spin_lock_bh+0x50/0x50
[  904.757933][    C1]  ? _raw_spin_unlock_irqrestore+0xae/0x110
[  904.763834][    C1]  ? asan.module_dtor+0x20/0x20
[  904.768697][    C1]  ? enqueue_timer+0x225/0x530
[  904.773470][    C1]  ? __mod_timer+0x984/0xdb0
[  904.778081][    C1]  schedule+0xbd/0x170
[  904.782174][    C1]  schedule_timeout+0x160/0x280
[  904.787040][    C1]  ? console_conditional_schedule+0x40/0x40
[  904.792950][    C1]  ? update_process_times+0x1b0/0x1b0
[  904.798390][    C1]  ? prepare_to_swait_event+0x339/0x360
[  904.803952][    C1]  rcu_gp_fqs_loop+0x302/0x1560
[  904.808817][    C1]  ? rcu_gp_init+0x110e/0x1510
[  904.813619][    C1]  ? rcu_gp_kthread+0x380/0x380
[  904.818501][    C1]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  904.824505][    C1]  ? rcu_gp_init+0x1510/0x1510
[  904.829285][    C1]  ? rcu_gp_cleanup+0xb4c/0xca0
[  904.834156][    C1]  ? _raw_spin_unlock_irq+0x23/0x50
[  904.839363][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  904.844575][    C1]  rcu_gp_kthread+0x99/0x380
[  904.849192][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  904.854423][    C1]  ? __kthread_parkme+0x7a/0x1c0
[  904.859373][    C1]  ? __kthread_parkme+0x162/0x1c0
[  904.864418][    C1]  kthread+0x2fa/0x390
[  904.868493][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  904.873661][    C1]  ? kthread_blkcg+0xd0/0xd0
[  904.878256][    C1]  ret_from_fork+0x48/0x80
[  904.882688][    C1]  ? kthread_blkcg+0xd0/0xd0
[  904.887284][    C1]  ret_from_fork_asm+0x11/0x20
[  904.892080][    C1]  </TASK>
[  904.895139][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  904.901551][    C1] Sending NMI from CPU 1 to CPUs 0:
[  904.906794][    C0] NMI backtrace for cpu 0
[  904.906813][    C0] CPU: 0 PID: 0 Comm: swapper/0 Not tainted syzkaller #0
[  904.906828][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  904.906838][    C0] RIP: 0010:pv_native_safe_halt+0x13/0x20
[  904.906867][    C0] Code: cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d a3 e8 39 00 f3 0f 1e fa fb f4 <c3> cc cc cc cc cc cc cc cc cc cc cc cc 66 0f 1f 00 55 41 57 41 56
[  904.906882][    C0] RSP: 0018:ffffffff8ca07d80 EFLAGS: 000002c2
[  904.906897][    C0] RAX: b7786fdf5d747700 RBX: ffffffff8161925b RCX: b7786fdf5d747700
[  904.906909][    C0] RDX: 0000000000000001 RSI: ffffffff8aaabca0 RDI: ffffffff8afc71c0
[  904.906921][    C0] RBP: ffffffff8ca07eb8 R08: ffff8880b8e36b2b R09: 1ffff110171c6d65
[  904.906933][    C0] R10: dffffc0000000000 R11: ffffed10171c6d66 R12: ffffffff8e4a91a8
[  904.906946][    C0] R13: 0000000000000000 R14: 0000000000000000 R15: 1ffffffff1952670
[  904.906957][    C0] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  904.906972][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  904.906983][    C0] CR2: 00007f74ae7a12f8 CR3: 000000002e77f000 CR4: 00000000003526f0
[  904.906997][    C0] Call Trace:
[  904.907004][    C0]  <TASK>
[  904.907009][    C0]  default_idle+0x13/0x20
[  904.907025][    C0]  default_idle_call+0x6c/0xa0
[  904.907041][    C0]  do_idle+0x1eb/0x510
[  904.907063][    C0]  ? idle_inject_timer_fn+0x60/0x60
[  904.907083][    C0]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  904.907109][    C0]  cpu_startup_entry+0x43/0x60
[  904.907128][    C0]  rest_init+0x2e2/0x300
[  904.907143][    C0]  ? time_init+0x40/0x40
[  904.907161][    C0]  arch_call_rest_init+0xe/0x10
[  904.907180][    C0]  start_kernel+0x459/0x4e0
[  904.907200][    C0]  x86_64_start_reservations+0x2a/0x30
[  904.907227][    C0]  x86_64_start_kernel+0x60/0x60
[  904.907253][    C0]  secondary_startup_64_no_verify+0x179/0x17b
[  904.907285][    C0]  </TASK>