last executing test programs:

3m49.053817533s ago: executing program 1 (id=492):
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
pipe2$9p(&(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000000)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0)
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r3, @ANYBLOB=',rootmode=00000000000000000100000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r3, &(0x7f00000021c0)={0x2020, 0x0, <r4=>0x0}, 0x2020)
write$FUSE_INIT(r2, &(0x7f0000000200)={0x50, 0x0, r4, {0x7, 0x29, 0x20200}}, 0x50)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}})
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)

3m48.557445677s ago: executing program 1 (id=495):
r0 = socket$kcm(0x23, 0x2, 0x0)
ioctl$sock_kcm_SIOCKCMATTACH(r0, 0x89ef, &(0x7f0000000000)={r0})
r1 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8924, &(0x7f0000000140)={'veth1_to_team\x00', @link_local})
r2 = socket$kcm(0x10, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000240)={r3, &(0x7f0000000140), &(0x7f0000000000)=""/6, 0x2}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000000c0)={r3, &(0x7f0000000100), 0x0, 0x2}, 0x20)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000011008108090f9becdb4cb92e264831371900000069bd6efb2502eaf60d002700020400bf050005001201", 0x2e}], 0x1}, 0x0)

3m45.20225189s ago: executing program 1 (id=500):
flock(0xffffffffffffffff, 0xa422928b49da8f69)

3m44.168427151s ago: executing program 1 (id=504):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x2000, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200)
ioctl$FIDEDUPERANGE(0xffffffffffffffff, 0xc0189436, &(0x7f0000000040)={0x2})
ioctl$KVM_GET_MSRS(r2, 0xc008ae88, &(0x7f0000000040))

3m43.413994615s ago: executing program 1 (id=511):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_procs(r0, &(0x7f0000000200)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r1, &(0x7f0000000c40), 0x12)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
r2 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r3 = openat$cgroup_procs(r2, &(0x7f0000000840)='tasks\x00', 0x2, 0x0)
write$cgroup_pid(r3, &(0x7f0000000880), 0x12)

3m42.182371378s ago: executing program 1 (id=515):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1})
gettid()
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffff0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x124, 0x124, 0x5, [@volatile={0x3, 0x0, 0x0, 0x9, 0x3}, @struct={0xf, 0x3, 0x0, 0x4, 0x0, 0xd, [{0xa, 0x5}, {0x0, 0x3, 0x6}, {0x9, 0x0, 0x8}]}, @union={0x7, 0x2, 0x0, 0x5, 0x0, 0x7, [{0x0, 0x0, 0x9}, {0x8, 0x3, 0x8}]}, @var={0x10, 0x0, 0x0, 0xe, 0x3}, @ptr={0x9, 0x0, 0x0, 0x2, 0x3}, @func={0x1, 0x0, 0x0, 0xc, 0x1}, @enum64={0x4, 0x1, 0x0, 0x13, 0x1, 0x9, [{0x10, 0x5, 0x14}]}, @typedef={0x1, 0x0, 0x0, 0x8, 0x5}, @union={0x5, 0x9, 0x0, 0x5, 0x1, 0xa04f, [{0x2, 0x3, 0x1}, {0x10, 0x0, 0x8}, {0x6, 0x5, 0x233c}, {0xe, 0x3, 0x1}, {0x7, 0x3, 0xa2}, {0xa, 0x4, 0x4}, {0x10, 0x0, 0x100}, {0x1, 0x4, 0x7}, {0x10, 0x1, 0x5}]}]}, {0x0, [0x5f, 0x30, 0x0]}}, &(0x7f0000000500)=""/208, 0x141, 0xd0, 0x0, 0x3, 0x10000, @value}, 0x28)

3m26.767427212s ago: executing program 32 (id=515):
r0 = syz_open_dev$vim2m(&(0x7f0000000100), 0x2, 0x2)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f00000000c0)={0x10002, 0x1, 0x1})
gettid()
ioctl$vim2m_VIDIOC_STREAMOFF(r1, 0x40045612, &(0x7f0000000040))
timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000100)=ANY=[], 0x32600)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r2, 0x0)
bpf$ITER_CREATE(0x21, &(0x7f0000000040), 0x8)
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000080)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0xfffffff0, '\x00', 0x0, 0xffffffffffffffff, 0x3, 0x2, 0x4, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000600)={&(0x7f0000000380)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x124, 0x124, 0x5, [@volatile={0x3, 0x0, 0x0, 0x9, 0x3}, @struct={0xf, 0x3, 0x0, 0x4, 0x0, 0xd, [{0xa, 0x5}, {0x0, 0x3, 0x6}, {0x9, 0x0, 0x8}]}, @union={0x7, 0x2, 0x0, 0x5, 0x0, 0x7, [{0x0, 0x0, 0x9}, {0x8, 0x3, 0x8}]}, @var={0x10, 0x0, 0x0, 0xe, 0x3}, @ptr={0x9, 0x0, 0x0, 0x2, 0x3}, @func={0x1, 0x0, 0x0, 0xc, 0x1}, @enum64={0x4, 0x1, 0x0, 0x13, 0x1, 0x9, [{0x10, 0x5, 0x14}]}, @typedef={0x1, 0x0, 0x0, 0x8, 0x5}, @union={0x5, 0x9, 0x0, 0x5, 0x1, 0xa04f, [{0x2, 0x3, 0x1}, {0x10, 0x0, 0x8}, {0x6, 0x5, 0x233c}, {0xe, 0x3, 0x1}, {0x7, 0x3, 0xa2}, {0xa, 0x4, 0x4}, {0x10, 0x0, 0x100}, {0x1, 0x4, 0x7}, {0x10, 0x1, 0x5}]}]}, {0x0, [0x5f, 0x30, 0x0]}}, &(0x7f0000000500)=""/208, 0x141, 0xd0, 0x0, 0x3, 0x10000, @value}, 0x28)

9.812876774s ago: executing program 5 (id=1210):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000000c0)={[{@errors_remount}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {}, {@stripe={'stripe', 0x3d, 0x51}}, {@acl}, {@resgid}], [{@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'user_u'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@obj_role={'obj_role', 0x3d, '}{\x00'}}, {@context={'context', 0x3d, 'user_u'}}], 0x3d}, 0x1, 0x521, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oX98QsRceXk4eFCe6d1/nk17/grxDPtdf7xV4y4L/+wep//Yu/8N9Lj/PP4MWM89e7PKj3j34p4qph//unGT3rEfzavwp9/+0DR1766s9Mrfvp2xFTu509yX6xKc22j0tjeub6yNr9cXa6uz87OvDj30twLc9OVpZVaNfubG+O7H/3FncP6f7lH/Mkj+v9cTn2jOWX/f/fm7Q92kqW8+FefzYn/6x9nWxyMX8g++z6ZpVuvT3XTu530vZ7+6W+fPqz/iz36f9T//2qvSve59uVv/emYmwIAA9DY3lmdr9Wqm2cj8XL0vebWCH/o/Xr0Ev9Nz0QzTjfxzb5WmKZp2jqmTlBPEoN7E5LDmzrsMxMAANBvd7/0D7slAAAAAAAAAAAAAAAAAAAAcHEN4k5j+2Pu7qWSftxCGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgL94PAAD//9Lu4AM=")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b00000000"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

9.596421628s ago: executing program 3 (id=1211):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)
socket(0x0, 0x0, 0x0)
ioctl$SECCOMP_IOCTL_NOTIF_RECV(r0, 0xc0502100, &(0x7f0000000680))
r1 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x4089, 0x80}, &(0x7f0000000240)=<r2=>0x0, &(0x7f0000000040)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0})
io_uring_enter(r1, 0x47f6, 0xb277, 0x0, 0x0, 0x0)
msgctl$IPC_SET(0x0, 0x1, &(0x7f0000258f88))
msgsnd(0x0, &(0x7f0000000480)={0x2}, 0x8, 0x2000000)

7.766231658s ago: executing program 5 (id=1214):
r0 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f00000002c0)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
rt_sigqueueinfo(0x0, 0x0, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
mkdir(&(0x7f0000000500)='./file0\x00', 0x0)
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
chdir(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40)
setuid(0xee01)
r2 = open$dir(&(0x7f0000001240)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x180)
renameat(0xffffffffffffff9c, &(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f0308000300000000e2ffca1b1f0000001104c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f20900f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
socket$kcm(0x11, 0x7, 0x300)
r5 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}, 0x0, 0x1}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x20000014)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x418100, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x38, 0x38, 0x9, 0x0, 0x0, {0x1}, [@typed={0x8, 0x0, 0x0, 0x0, @fd=r7}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x4, 0x0, 0x0, @u32=0x2}]}, 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000061000000280012800e000100697036040004000000060010004e2100000a000100aaaaaaaaaa00"/60], 0x54}}, 0x0)

7.456781805s ago: executing program 3 (id=1217):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="38000000200001000000000000000000020000000000000000000000140011007665746031000000000000000000000008000a00"], 0x38}, 0x1, 0x0, 0x0, 0x4040084}, 0x0)
ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x4}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xa, 0x1, 'AUDIT\x00'}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0)
sendmsg$NFT_MSG_GETSET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, 0xa, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x5, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, [@call={0x85, 0x0, 0x0, 0xa0}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r5, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000007c0)={r4, 0x0, 0x29, 0x4, @void}, 0x10)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
truncate(&(0x7f0000000280)='./file2\x00', 0x7)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xcc, 0x6e, 0xcf, 0x20, 0x8086, 0xb5c, 0x3943, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x8, 0x33, 0x40, 0x7, [{{0x9, 0x4, 0x64, 0xee, 0x1, 0xe, 0x1, 0x0, 0x6, [], [{{0x9, 0x5, 0xd, 0x3, 0x10, 0x1c, 0x9, 0x4}}]}}]}}]}}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0})

6.802793062s ago: executing program 2 (id=1220):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000580)="430f2e8d83807d074332a3a9742d3c7a8a59e6929bb7aee2bc079f39ed58c53ed3150b36baa830b60885ce66575a30784bf502105a5ee2dca64c33b66ae42c1407e38f5018f48200e2922279c196283533383b77ab6eb3214c11e86ec990c51cf89e2c3157a12969a487710b3b5ba05fcfca0fba2a130578cf08e5a8c53175d2f09f6493a3c189bfb89cd82e4aa82b4a12c00e6890a8209a4995fbaa21bfd498ab879765013e2c2d746c9ae5cf24b32de583095db19cd80fbd74828aa6237ce0cd14887a361baaf8806d1e83e833599310be6bdee78be3f41954", 0xda}], 0x1}}], 0x1, 0x80004)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f0000000540)={[{}, {@codepage={'codepage', 0x3d, 'koi8-u'}}, {@umask={'umask', 0x3d, 0xffffffffffffffc0}}, {}, {@part={'part', 0x3d, 0x5}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x9)
write$binfmt_script(r1, &(0x7f00000008c0), 0xfecc)
socket$key(0xf, 0x3, 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
creat(&(0x7f0000001180)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r2 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x0, 0x0, 0x0)
mq_getsetattr(r2, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xa03e, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$radio(&(0x7f0000000400), 0x2, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r3, 0xc0405665, &(0x7f0000000080)={0x8000, 0x1})
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000340)={0x1, &(0x7f0000000180)=[{0x0, 0x2, 0x9}]}, 0x10)
quotactl$Q_GETFMT(0xffffffff80000401, &(0x7f0000003180)=@nullb, 0x0, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r4, &(0x7f0000000100)={{0x3, @default}, [@null={0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x2}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r0, @ANYRES16, @ANYBLOB='G\r\x00\x00\x00'], 0x1c}, 0x1, 0x0, 0x0, 0x24000888}, 0x24000)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e06006220"], 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)

6.412451414s ago: executing program 5 (id=1221):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
r1 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r1, 0x10e, 0xc, &(0x7f0000000040)={0xffb}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000100)={{0x1, 0x1, 0x18, r0, {0x5, 0x10}}, './file0\x00'})
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000001c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r4}, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x11, &(0x7f00000003c0)=ANY=[@ANYBLOB="18080000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r4, @ANYBLOB="0000000000000000b70500000000000085000000a5000000850000000800000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$unix(r3, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
write(r1, &(0x7f0000000180)="2000000012005f0214f9f4070000fbe40afd03000000", 0x41d)
setsockopt$inet_sctp6_SCTP_MAXSEG(r0, 0x84, 0xd, &(0x7f0000000000)=@assoc_value={0x0, 0xe154}, 0x8)
r6 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$netlink(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f0000000080)=ANY=[@ANYBLOB="18000000560001ffffff7f00000000000700000000003d00"], 0x18}], 0x1}, 0x0)
bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0x4, 0x1}, 0x6)

5.574154258s ago: executing program 5 (id=1223):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = fcntl$getown(r1, 0x9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'veth0_to_bond\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0xffe0}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000002400)=@gettfilter={0x4c, 0x2e, 0x200, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xffe0, 0x9}, {0x0, 0x3}, {0xfff9, 0x6}}, [{0x8, 0xb, 0x1}, {0x8}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x3}]}, 0x4c}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r2, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000000c0)='/dev/kvm\x00'}, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000280)={0x0, 0x0, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r9, 0x8918, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x18, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb0100180000000000000020000000200000000a000000000000000100000d0a00000004000000000400000000000000000006040000000000305f5f2e"], &(0x7f0000002fc0)=""/4093, 0x42, 0xffd, 0x8, 0x0, 0x0, @void, @value}, 0x28)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000010ac0544020000000000010902240001000000000904000000030002"], 0x0)
r11 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc)=<r12=>0x0)
timer_settime(r12, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r10, 0x4068aea3, &(0x7f0000002340)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

5.035233928s ago: executing program 2 (id=1224):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000000c0)={[{@errors_remount}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {}, {@stripe={'stripe', 0x3d, 0x51}}, {@acl}, {@resgid}], [{@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'user_u'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@obj_role={'obj_role', 0x3d, '}{\x00'}}, {@context={'context', 0x3d, 'user_u'}}], 0x3d}, 0x1, 0x521, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oX98QsRceXk4eFCe6d1/nk17/grxDPtdf7xV4y4L/+wep//Yu/8N9Lj/PP4MWM89e7PKj3j34p4qph//unGT3rEfzavwp9/+0DR1766s9Mrfvp2xFTu509yX6xKc22j0tjeub6yNr9cXa6uz87OvDj30twLc9OVpZVaNfubG+O7H/3FncP6f7lH/Mkj+v9cTn2jOWX/f/fm7Q92kqW8+FefzYn/6x9nWxyMX8g++z6ZpVuvT3XTu530vZ7+6W+fPqz/iz36f9T//2qvSve59uVv/emYmwIAA9DY3lmdr9Wqm2cj8XL0vebWCH/o/Xr0Ev9Nz0QzTjfxzb5WmKZp2jqmTlBPEoN7E5LDmzrsMxMAANBvd7/0D7slAAAAAAAAAAAAAAAAAAAAcHEN4k5j+2Pu7qWSftxCGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgL94PAAD//9Lu4AM=")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b00000000"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

4.246857651s ago: executing program 3 (id=1226):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000a40)=@base={0xe, 0x4, 0x8, 0x8, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000087b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r1}, 0x10)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000ab4000000060a01040000000000000000020000280900010073797a30000000000900020073797a320000000088000480100001800c000100636f756e7465720014000180090001006d617371"], 0xdc}}, 0x0) (fail_nth: 5)

3.610026679s ago: executing program 0 (id=1227):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$BATADV_CMD_GET_MESH(r1, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={0x0, 0x32}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
getsockname$packet(r1, &(0x7f0000000340)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x6b)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x28c2, 0x0)
close_range(r4, 0xffffffffffffffff, 0x0)
getsockopt$MRT6(r4, 0x29, 0x1f, 0x0, &(0x7f0000000080))
syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), r4)
sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f00000007c0)=ANY=[@ANYBLOB="3800000010000507000000000004000000000000", @ANYRES32=r2, @ANYBLOB="03000016010000001800120008000100736974000c0002000800030036"], 0x38}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000800)=@newlink={0x34, 0x10, 0x439, 0x70bd27, 0xffffffe9, {0x0, 0x0, 0xe403, r3}, [@IFLA_LINKINFO={0x10, 0x12, 0x0, 0x1, @sit={{0x8}, {0x4}}}, @IFLA_AF_SPEC={0x4}]}, 0x34}, 0x1, 0x0, 0x0, 0x80c1}, 0x4008040)

3.609828709s ago: executing program 4 (id=1228):
r0 = socket(0x2b, 0x1, 0x0)
listen(r0, 0x0)
recvmsg(r0, &(0x7f0000000380)={0x0, 0x0, 0x0}, 0x101)
r1 = syz_open_dev$sndctrl(&(0x7f0000000600), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_UNLOCK(r1, 0x40405515, &(0x7f0000000640)={0x7, 0x1, 0x8, 0x3, 'syz1\x00', 0x9})

3.400251053s ago: executing program 2 (id=1229):
syz_clone(0x81000, &(0x7f00000000c0)="e51cc75ba5421d821b5f58687e5b7682be2a378566c1654ad8c37126a7208a27b4a030c696cc92244404609135b555ce94ea80183f72884408492a2b6be346678b3ce94c4c20ef2e0d3203bf625255a0a49ccb7c225e0d4e8f6b0e51e8b3f639b2efa303b2eb9175db22cd0468975eac10ca69fae90e47b6a080c6547d5e5297b5b2f249e8d35887ef51aac969f28a053e31db454996a463d1f811d31f43ee05ebe55ec91924f5c49cad7e51e6acc768ae842d773d5b484596f18fe3a9df07eb9fbe6b98fc67a61c3c8485e390a2a8894cb8b698c2d09939cb5c1fdc7667106b5971aaf7b49ee59d8d653459b901e39fe93c01a19588744b6bad3a", 0xfb, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}}, 0x0)

3.217921631s ago: executing program 4 (id=1230):
r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
fcntl$getown(r0, 0x9)
ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0)
ioctl$KVM_SET_CLOCK(r0, 0x4030ae7b, &(0x7f0000000040)={0x2309, 0xe, 0x3, 0xda2, 0xa1})

3.090045906s ago: executing program 3 (id=1231):
r0 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f00000002c0)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
rt_sigqueueinfo(0x0, 0x0, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
mkdir(&(0x7f0000000500)='./file0\x00', 0x0)
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
chdir(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40)
setuid(0xee01)
r2 = open$dir(&(0x7f0000001240)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x180)
renameat(0xffffffffffffff9c, &(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f0308000300000000e2ffca1b1f0000001104c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f20900f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
socket$kcm(0x11, 0x7, 0x300)
r5 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}, 0x0, 0x1}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x20000014)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x418100, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x38, 0x38, 0x9, 0x0, 0x0, {0x1}, [@typed={0x8, 0x0, 0x0, 0x0, @fd=r7}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x4, 0x0, 0x0, @u32=0x2}]}, 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000061000000280012800e000100697036040004000000060010004e2100000a000100aaaaaaaaaa00"/60], 0x54}}, 0x0)

3.004434988s ago: executing program 0 (id=1232):
r0 = socket$key(0xf, 0x3, 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
set_mempolicy(0x1, 0x0, 0x8)
set_mempolicy(0x2, &(0x7f0000000740)=0x15b, 0x2)
syz_mount_image$exfat(&(0x7f0000001500), &(0x7f0000001540)='./file0\x00', 0x0, &(0x7f0000001580), 0x1, 0x14db, &(0x7f0000002ac0)="$eJzs3AlwVUX2MPA+3X0hxIjPiOx9+lx4YoAmIiKyiIgsIiIiAiK7CIgYERERESEgm4iAiICsEZElREBkCRAx7Psiu4CRQURERDbZBPqrOM7HzN+Z8vvm7//PVOX8qrrSJ/edc7tzKnn33qq8H7qPqNW0dvVGRCT+HepvE/jrl2QhRIwQYrAQ4iYhRCCEKB9fPj77eB4Fyf/WSdj/kMap13sF7Hri/uds3P+cjfufs3H/czbuf87G/c/ZuP85G/efsRwtrdDNPHLu4Of/ORm//+ds3P+cjfufs3H/czbuf87G/c/ZuP85G/c/Z+P+M5aj/Qc8g+ZxHQdjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMfa/4IK/Rgsh/ja/3utijDHGGGOMMcbYn8fnvt4rYIwxxhhjjDHG2P88EFIooUUgconcIkbkEbHiBhEnbhR5xU0iIm4W8eIWkU/cKvKLAqKgKCQKiyKiqDAChRUkQlFMFBdRcZsoIW4XCaKkKCVKCyfKiERxhygr7hTlxF2ivLhbVBD3iIqikqgsqoh7RVVxn6gm7hfVxQOihqgpaona4kFRRzwk6oqHRT3xiKgvHhUNxGOioXhcNBKNRRPxhGgqnhTNRHPRQrQUrURr0ebfyn9N9BKvi96ij0gWfUU/8YboLwaIgWKQGCzeFEPEW2KoeFsME8PFCPGOGCneFaPEe2K0GCPGivfFODFeTBATxSQxWaSID8QU8aGYKj4S08R0MUPMFKlilkgTH4vZYo6YKz4R88SnYr5YIBaKRSJdLBZLxFKRIT4Ty8TnIlMsFyvESrFKrBZrxFqxTqwXG8RGsUlsFlvEVrFNfCG2ix1ip9gldos9Yq/4UuwT+8UB8ZXIEl//f+af/y/5PUCAAAkSNGjIBbkgBmIgFmIhDuIgL+SFCEQgHuIhH+SD/JAfCkJBKAyFoSgUBQQEAoJiUAyiEIUSUAISIAFKQSlw4CAREqEs3AnloByUh/JQASpARagElaAKVIGqUBWqQTWoDtWhBtSAWlALHoQH4SGoC3WhHtSD+lAfGkADaAgNoRE0gibQBJpCU2gGzaAFtIBW0AraQBtoC22hHbSDDtABOkJH6ASdIAmSoDN0hi7QBbpCV+gG3aA7dIce8Cq8Cq/Ba/A6vA59oIbsC/2gH/SH/jAQBsEgeBOGwFvwFrwNw2A4jIB34B14F0bBORgNY2AsjIWqcjxMgIlAcjKkQApMgSkwFabCNJgO02EmpMIsSIM0mA1zYA58AvPgU/gUFsACWATpkA5LYClkQAYsg/OQCcthBayEVbAaVsFaWAdrYQNshA2wGTbDVtgKX8AXsAN2wC7YBXtgD3wJX8J+2A/DIAuy4CAchENwCA7DYTgCR+AoHIVjcAyOw3E4ASfgJJyC03AKzsJZOAfn4QJcgEtwCS7DZbgKV7N/+WU2LbXMJXPJGBkjY2WsjJNxMq/MKyMyIuNlvMwn88n8Mr8sKAvKwrKwLCqLSpQoSYaymCwmozIqS8gSMkEmyFKylHTSyUSZKMvKsrKcLCfLy7tlBXmPrCgryfauiqwiq8oOrpq8X1aX1WUNWVPWkrVlbVlH1pF1ZV1ZT9aT9WV92UA+JhvKvjAQGsvszjSVw6GZHAEtZEvZSraW78JTsq0cBe1ke9lBPiPHwGjoJNu6JPm87CwnQBf5opwIL8lucjJ0l6/IHvJV2VO+JnvJdq637COnQV/ZT86E/nKAHCgHydlQU2Z3rJZ8Ww6Tw+UI+Y5cBO/KUfI9OVqOkWPl+3KcHC8nyIlykpwsU+QHcor8UE6VH8lpcrqcIWfKVDlLpsmP5Ww5R86Vn8h58lM5Xy6QC+UimS4XyyVyqcyQn8ll8nOZKZfLFXKlXCVXyzVyrVwn18sNcqPcJDfLLXKr3Ca/kNvlDrlT7pK75R65V34p98n98oD8SmbJr+VB+Rd5SH4jD8tv5RH5nTwqv5fH5A/yuPxRnpA/yZPylDwtz8iz8md5Tp6XF+RFeUn+Ii/LK/Kq9FIoUFIppVWgcqncKkblUbHqBhWnblR51U0qom5W8eoWlU/dqvKrAqqgKqQKqyKqqDIKlVWkQlVMFVdRdZsqoW5XCaqkKqVKK6fKqER1hyqr7lTl1F2qvLpbVVD3qIqqkqqsqqh7VVV1n6qm7lfV1QOqhqqpaqna6kFVRz2k6qqHVT31iKqvHlUN1GOqoXpcNVKNVRP1hGqqnlTNVHPVQrVUrVRr1UY9pdqqp1U71V51UM+ojupZ1Uk9p5LU86qzekF1US+qruol1U29rLqrV1QP9arqqa6oq8qr3qqPSlZ9VT/1huqvBqiBapAarN5UQ9Rbaqh6Ww1Tw9UI9Y4aqd5Vo9R7arQao8aq99U4NV5NUBPVJDVZpagP1BT1oZqqPlLT1HQ1Q81UqWqWGvhbpbn/D/kf/pP8ob+efavapr5Q29UOtVPtUrvVHrVX7VX71D51QB1QWSpLHVQH1SF1SB1Wh9URdUQdVUfVMXVMHVfH1Ql1Qp1Up9RFdUadVT+rc+q8Oq8uqkvqkrr8289AaNBSK611oHPp3DpG59Gx+gYdp2/UefVNOqJv1vH6Fp1P36rz6wK6oC6kC+siuqg2GrXVpENdTBfXUX2bLqFv1wm6pC6lS2uny+hEfcd/O/+P1tdGt9FtdVvdTrfTHXQH3VF31J10J52kk3Rn3Vl30V10V91Vd9PddHfdXffQPXRP3VP30r10b91bJ+tk3U+/ofvrAXqgHqQH6zf1ED1ED9VD9TA9TI/QI/RIPVKP0qP0aD1aj9Vj9Tg9Tk/QE/QkPUmn6BQ9RU/RU/VUPU1P0zP0DJ2qU3WaTtOz9Ww9V8/V8/Q8PV/P1wv1Qp2u0/USvURn6Ay9TC/TmXq5Xq5X6pV6tV6t1+q1er1erzfqjXqz3qwz9Ta9TW/X2/VOvVPv1rv1Xr1X79P79AF9QGfpLH1QH9SH9CF9WB/WR/QRfVQf1cf0MX1cH9cn9Al9Up/Up/VpfVaf1ef0OX1BX9CX9CV9WV/WV/XV7Mu+QAYy0IEOcgW5gpggJogNYoO4IC7IG+QNIkEkiA/ig3zBrUH+oEBQMCgUFA6KBEUDE2BgAwrCoFhQPIgGtwUlgtuDhKBkUCooHbigTJAY3BGUDe4MygV3BeWDu4MKwT1BxaBSUDmoEtwbVA3uC6oF9wfVgweCGkHNoFZQO3gwqBM8FNQNHg7qBY8E9YNHgwbBY0HD4PGgUdA4aBI8ETQNngyaBc2DFkHLoFXQOmjzp9b3/lyBp11v08ckm76mn3nD9DcDzEAzyAw2b5oh5i0z1LxthpnhZoR5x4w075pR5j0z2owxY837ZpwZbyaYiWaSmWxSzAdmivnQTDUfmWlmuplhZppUM8ukmY/NbDPHzDWfmHnmUzPfLDALzSKTbhabJWapyTCfmWXmc5NplpsVZqVZZVabNWatWWfWmw1mo9lkNpstZqvZZr4w280Os9PsMrvNHrPXfGn2mf3mgPnKZJmvzUHzF3PIfGMOm2/NEfOdOWq+N8fMD+a4+dGcMD+Zk+aUOW3OmLPmZ3POnDcXzEVzyfxiLpsr5qrx2Rf32W/vqFFjLsyFMRiDsRiLcRiHeTEvRjCC8RiP+TAf5sf8WBALYmEsjEWxKGYjJCyGxTCKUSyBJTABE7AUlkKHDhMxEctiWSyH5bA8lscKWAErYkWsjJXxXrwX78P78H68Hx/AB7Am1sTaWBvrYB2si3WxHtbD+lgfG2ADbIgNsRE2wibYBJtiU2yGzbAFtsBW2ArbYBtsi22xHbbDDtgBO2JH7ISdMAmTsDN2xi7YBbtiV+yG3bA7dsce2AN7Yk/shb2wN/bGZEzGftgP+2N/HIgDcTAOxiE4BIfiUByGw3AEjsCROBJH4SgcjWNwLL6P43A8TsCJOAknYwqm4BScglNxKk7DaTgDZ2AqpmIapuFsnI1zcS7Ow3k4H+fjQlyI6ZiOS3AJZmAGLsNlmImZuAJX4CpchWtwDa7DdbgBN+Am3IRbcAtuw224HbfjTtyJu3E37sW9uA/34QE8gFmYhQfxIB7CQ3gYD+MRPIJH8Sgew2N4HI/jCTyBJ/EknsbTeBbP4jk8hxfwAl7CX/AyXsGr6DHG5rGx9gYbZ2+0ee1N9r/GBW0hW9gWsUWtsfltgX+I0VqbYEvaUra0dbaMTbR3/C6uaCvZyraKvddWtffZar+L69iHbF37sK1nH7G17YP/ENe3j9oG9knb0Da3jWxL28S2tk3tk7aZbW5b2Ja2lW1tO9pnbSf7nE2yz9vO9oXfxUvsUrvOrrcb7Ea7z+63F+xFe8z+YC/ZX2xv28cOtm/aIfYtO9S+bYfZ4b+Lx9r37Tg73k6wE+0kO/l38Qw706baWTbNfmxn2zm/i9PtYjvPZtj5doFdaBf9GmevKcN+ZpfZz22mXW5X2JV2lV1t19i1/3etK+1mu8VutXvtl3a73WF32l12t93za5y9jwP2K5tlv7ZH7ff2kP3GHrbH7RH73a9x9v6O2x/tCfuTPWlP2dP2jD1rf7bn7Plf95+99zP2ir1qvRUEJEmRpoByUW6KoTwUSzdQHN1IeekmitDNFE+3UD66lfJTASpIhagwFaGiZAjJElFIxag4Rek2KkG3UwKVpFJUmhyVoUS6g8rSnVSO7qLydDdVoHuoIlWiylSF7qWqdB9Vo/upOj1ANagm1aLa9CDVoYeoLj1M9egRqk+PUgN6jBrS49SIGlMTeoKa0pPUjJrTIGpJrag1taGnqC09Te2oPXWgZ6gjPUud6DlKouepM71AXehF6kovUTd6mbrTK9SDXqWe9Br1otepN/WhZOpL/egN6k8DaCANosH0Jg2ht2govU3DaDiNoHdoJL1Lo+g9Gk1jaCy9T+NoPE2giTSJJlMKfUBT6EOaSh/RNJpOM2gmpdIsSqOPaTbNobn0Cc2jT2k+LaCFtIjSaTEtoaWUQZ/RMvqcMmk5raCVtIpW0xpaS+toPW2gjbSJNtMW2krb6AvaTjtoJ+2i3bSH9tKXtI/20wH6irLoazpIf6FD9A0dpm/pCH1HR+l7OkY/0HH6kU7QT3SSTtFpOkNn6Wc6R+fpAl2kS/QLXaYrdJU8iRBCGapQh0GYK8wdxoR5wtjwhjAuvDHMG94URsKbw/jwljBfeGuYPywQFgwLhYXDImHR0IQY2pDCMCwWFg+j4W1hifD2MCEsGZYKS4cuLBMmhneEZcM7w3LhXWH58O6wQnhPWDGsFFYOq4T3hlXD+8Jq4f1h9fCBsEZYM6wV1g4fDOuED4V1w4fDeuEjYbnw0bBB+FjYMHw8bBQ2DpuET4RNwyfDZmHzsEXYMmwVtg7bhE+FbcOnw3Zh+7BD+EzYMXw27BQ+FyaFz4edwxf+8Hhy2DfsF74RvhF6/7BaGF0UTY8uji6JLo1mRD+LLot+Hs2MLo+uiK6Mroqujq6Jro2ui66PbohuzPPbY7Wo97VzCwdOOuW0C1wul9vFuDwu1t3g4tyNLq+7yUXczS7e3eLyuVtdflfAFXSFXGFXxBV1xqGzjlzoirniLupucyXc7S7BlXSlXGnnXBmX6Fq7Nq6Na+uedu1ce9fBPeOecc+6Z91z7jn3vOvsXnBd3Iuuq3vJdXMvu5fdK66He9X1dK+5Xu5119v1ccku2fVz/Vx/198NdAPdYDfYDXFD3FA31A1zw9wIN8KNdCPdKDfKjXaj3Vg31o1z49wEN8FNcpNciktxU9wUN9VNddPcNDfDzXCpLtWluTQ32812c91cN8/Nc/PdfLfQLXTpLt0tcUtchstwy9wyl+ky3Qq3wq1yq9wat8atc+vcBrfBbXKb3Ba3xW1z29x2t93tdDvdbrfb7XV73T63zx1wB1yWy3IH3UF3yB1yh9237oj7zh1137tj7gd33P3oTrif3El3yp12Z9xZ97M75867C+6iu+R+cZfdFXfVeZcS+SAyJfJhZGrko8i0yPTIjMjMSGpkViQt8nFkdmROZG7kk8i8yKeR+ZEFkYWRRZH0yOLIksjSSEbks8iyyOeRzMjyyIrIysiqyOqI90W2h76YL+6j/jZfwt/uE3xJX8qX9s6X8Yn+Dl/W3+nL+bt8eX+3r+Dv8RV9JV/ZN/ctfEvfyrf2bfxTvq1/2rfz7X0H/4zv6J/1nfxzPsk/7zv7F3wX/6Lv6l/y3fzLvrt/xffwr/qe/jXfy7/ue/s+Ptn39f38G76/H+AH+kF+sH/TD/Fv+aH+bT/MD/cj/Dt+pH/Xj/Lv+dF+jB/r3/fj/Hg/wU/0k/xkn+I/8FP8h36q/8hP89P9DD/Tp/pZPs1/7Gf7OX6u/8TP85/6+X6BX+gX+XS/2C/xS32G/8wv85/7TL/cr/Ar/Sq/2q/xa/06v95v8Bv9Jr/Zb/Fb/Tb/hd/ud/idfpff7ff4vf5Lv8/v9wf8Vz7Lf+0P+r/4Q/4bf9h/64/47/xR/70/5n/wx/2P/oT/yZ/0p/xpf8af9T/7c/68v+Av+kv+F3/ZX/FX+X/WGGOMMcb+FH3/yffkbyNbPyHEjTsKHfn740oIsSn/X+cD5L7OESHE8326N/7baNw4OTn5t9dmKhEUXyCEiFzLzyWuxctFB/GsSBLtRdl/ur4BsjLQH9SP3i1E7N/lxIhr8bX6d/6L+s0X/2H9BUIkFL+Wk30L+Lf4Wv1y/6L+no5/UD/PNylCtPu7nDhxLb5WP1E8LV4QSf/wSsYYY4wxxhhj7K8GyEs9/uj+Nvv+vLC+lpNbXIv/6P6cMcYYY4wxxhhj199Lr/Z87qmkpPZdecITnvznT0qL/6VzXe+/TIwxxhhjjLE/27WL/uu9EsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjLOf6lx8DJoX4sz5p7HrvkTHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGLve/k8AAAD//7usYeg=")
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
mincore(&(0x7f0000000000/0x400000)=nil, 0x400023, &(0x7f00000012c0)=""/91)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000008000)={0x1, 0x3, &(0x7f00000000c0)=ANY=[@ANYRES32=r0], &(0x7f0000003ff6)='syzkaller\x00', 0x1, 0xc3, &(0x7f00000002c0)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000040)={0x2, <r2=>0x0}, 0x8)
bpf$BPF_PROG_DETACH(0x9, &(0x7f0000000080)={@ifindex, r1, 0x36, 0x2024, 0x0, @void, @void, @value=r2}, 0x20)
r3 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
connect$inet6(r3, 0x0, 0x0)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)

2.826288979s ago: executing program 2 (id=1233):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
r2 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000a00)={'wlan0\x00', <r3=>0x0})
sendmsg$NL80211_CMD_SET_MCAST_RATE(r0, &(0x7f0000001180)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000840)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010026bd7000fbdbdf255c00000008000300", @ANYRES32=r3, @ANYBLOB='\b\x00k'], 0x24}, 0x1, 0x0, 0x0, 0x80c0}, 0x20000000)
syz_mount_image$vfat(&(0x7f0000003880), &(0x7f0000000e80)='./file0\x00', 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="726f6469722c64656275672c6572726f72733d72656d6f756e742d726f2c636f6465706167653d3836332c6e6f6e756d7461696c3d302c73686f72746e616d653d77696e6e742c756e695f786c6174653d312c756e695f786c6174653d312c6e6f6e756d7461696c3d302c757466383d312c696f636861727365743d63703835372c73686f72746e616d653d77696e6e742c757466383d302c636865636b3d7374726963742c696f636861727365743d6d6163696e7569742c756e695f786c6174653d312c005205e1703b26f6042fb8b961806898b4355c2d073185dfdf9cb42e28ed429a65da1416893a087910ac31c6b9352e3f22a052231c8d6f8df6ef27ec2400363c368cbafe4ed6c71119c6fbfa8722c80816a06989db49fdede9664eaac0bd91ed2c1068c21c3569aafbceedb5961b236be89b68b6843ee2ed60eb3b2545608944f15f5d"], 0x2, 0x2a8, &(0x7f00000002c0)="$eJzs3c9qK1UcB/DfpGkSdZEsXInigC5cXW7vE6RIL1zMSslCXah4b0GaILRQ8A/GrgRXblz6BILQnS/hxjfwAQR3dlE4MslMk9Q07UDT+ufz2fT0nPOd8zuTaUsXOfnw5fHB0zz2T778LTqdLBr96MdZFr1oROXrWNL/LgCAf7OzlOKPNFMnl0VEZ3NlAQAbVPvv/+nGSwIANuydd997a3cw2Hs7zzvxePzN8bD4z774Ohvf3Y9PYhTP4mF04zwiXZi1H6eUJs280IvXx5PjYZEcf/BLef3d3yOm+Z3oRm/atZx/MtjbyWcW8pOijufL9ftF/lF048UV6z8Z7D1akY9hK954baH+B9GNXz+OT2MUT6dFzPNf7eT5m+n7P794vyivyGeT42F7Om8ubd3xSwMAAAAAAAAAAAAAAAAAAAAAwH/Yg/LsnHZMz+8pusrzd7bOi2+2I6/0ls/nmeWz6kKXzgeapPihOl/nYZ7nqZw4zzfjpWY072fXAAAAAAAAAAAAAAAAAAAA8M9y9NnnBx+NRs8Ob6VRnQZQva2//nVOp6n+Qs+rsT7Vnq/VKJtrloitak4WsbaeYhO3dFuuazx3Vc0//lT3gp3r52wXa3VucRfVy73QE1VPtvoeti8md6qH5OeqJ6WUWnHD1VtXDaVaj19r5VC39t1ovTBtTNbMieyqwr59Zf5zWQ5ll3fRWrrPS43tsrEQv/Rs1Hqe//67InNaBwAAAAAAAAAAAAAAAAAAbNT8Tb8rBk/WRhupvbGyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBOzT//v0ZjUoZvMLkVh0f3vEUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD+B/4KAAD//+KpXP8=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)

2.814220409s ago: executing program 5 (id=1234):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000000b00)=[{{0x0, 0x0, &(0x7f0000000500)=[{&(0x7f0000000580)="430f2e8d83807d074332a3a9742d3c7a8a59e6929bb7aee2bc079f39ed58c53ed3150b36baa830b60885ce66575a30784bf502105a5ee2dca64c33b66ae42c1407e38f5018f48200e2922279c196283533383b77ab6eb3214c11e86ec990c51cf89e2c3157a12969a487710b3b5ba05fcfca0fba2a130578cf08e5a8c53175d2f09f6493a3c189bfb89cd82e4aa82b4a12c00e6890a8209a4995fbaa21bfd498ab879765013e2c2d746c9ae5cf24b32de583095db19cd80fbd74828aa6237ce0cd14887a361baaf8806d1e83e833599310be6bdee78be3f41954", 0xda}], 0x1}}], 0x1, 0x80004)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = syz_genetlink_get_family_id$tipc(&(0x7f00000001c0), 0xffffffffffffffff)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x30008c0, &(0x7f0000000540)={[{}, {@codepage={'codepage', 0x3d, 'koi8-u'}}, {@umask={'umask', 0x3d, 0xffffffffffffffc0}}, {}, {@part={'part', 0x3d, 0x5}}]}, 0x11, 0x2b6, &(0x7f0000000200)="$eJzs3U9rE0EYx/HfbNI22lK3tiJ4rBb0Ilov4iUieRGeRG0iFENFrfjnVMWTiN69+xZ8EV4U34CePPkC6mllZifZJLvZTUOTber3Aw2b7D47z2T/zDyBsgLw37rV+Pn52m/7Z6SKKtK7G1IgqSZVJZ3R2dqznd3t3Xarmbejiouwf0ZxpElts7XTygq1cS7CC+27qpZ6P8NkRFF081fZSaB07urPEEgL/up062tTzyzf6zHj9g45j1lj9rWvF1ouOw8AQLn8+B/4cX7Jz9+DQNrww/6RHP/HtV92AhMX5a7tGf9dlRUZe3xPuVVJvedKOLs+6FSJo7Q8N/B+XvGZ1TfBNEVVpcslOPFgu926vPWo3Qz0RnWvZ7M199qMT92OgmzXM2rTHCP03WTPKBddH+ZsHzbj/J9L6st/dcwWx2a+mu/mjgn1Sc3u/K8aGXuY3JEKB45UnP+V4Xt0vQztVvK3jXq9HvRtsuIaOedb8Ap6WcuuSNQ5o1bU/wNBWJSnizo9EBX37mpB1Gpm1Gbn3ZCotb4o25vu2Ty8vUkzH8xts64/+qJGz/w/sPltKPfKTK4asxEPBe4bj/szn91c1e0zTI0c6cul+y0uDEv9b/49DQfwXvd1XctPX756WGm3W0/swr2MhcdL3U/m3kqZ25S8oL3kkwVFTmrjzqA0zcQuHeoO7f2jcGN7lR2Jg3KsFxrfpnsilbFQ8v0JU5Ec9LIzQUnsvMvE9V9Sr1TjyZ59CTPn6SP+EOD3GNk5dreCS2KjeEYu6eSBKrjF4RVcuuZK1Yyu5jp/Uboweouhz/OYMA390F1+/wcAAAAAAAAAAAAAAAAAAJg10/h3grL7CAAAAAAAAAAAAAAAAAAAAADArOs+/1ed5/9qtOf/Dj6K5TCf//txRzz/F5i8fwEAAP//FZd8vg==")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='rdma.current\x00', 0x275a, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000140)='./file4\x00', 0x0, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x0, 0x9)
write$binfmt_script(r1, &(0x7f00000008c0), 0xfecc)
socket$key(0xf, 0x3, 0x2)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
creat(&(0x7f0000001180)='./file0\x00', 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x0, 0x0})
r2 = mq_open(&(0x7f0000000080)='m$\x00\xdc\xb7\xb8\xd0>,\xb0\x13\x8b3z>K\x84\x05\x00\x00\x00\x9c\x81\xed\xc2\x00', 0x0, 0x0, 0x0)
mq_getsetattr(r2, 0x0, 0x0)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0xa03e, 0x0, &(0x7f0000006680))
r3 = syz_open_dev$radio(&(0x7f0000000400), 0x2, 0x2)
ioctl$VIDIOC_ENUM_FREQ_BANDS(r3, 0xc0405665, &(0x7f0000000080)={0x8000, 0x1})
setsockopt$packet_fanout_data(0xffffffffffffffff, 0x107, 0x16, &(0x7f0000000340)={0x1, &(0x7f0000000180)=[{0x0, 0x2, 0x9}]}, 0x10)
quotactl$Q_GETFMT(0xffffffff80000401, &(0x7f0000003180)=@nullb, 0x0, 0x0)
r4 = syz_init_net_socket$ax25(0x3, 0x2, 0x0)
bind$ax25(r4, &(0x7f0000000100)={{0x3, @default}, [@null={0x40, 0x40, 0x40, 0x40, 0x40, 0x40, 0x2}, @null, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null]}, 0x48)
openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
sendmsg$ETHTOOL_MSG_WOL_SET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r0, @ANYRES16, @ANYBLOB='G\r\x00\x00\x00'], 0x1c}, 0x1, 0x0, 0x0, 0x24000888}, 0x24000)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e06006220"], 0x9)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)

2.649997387s ago: executing program 4 (id=1235):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000006900840000000001000000940001000000fc13c40000000f00000095"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='netlink_extack\x00', r0}, 0x10)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'bridge_slave_0\x00', <r3=>0x0})
sendmsg$nl_xfrm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000c80)=ANY=[@ANYBLOB="34010000170001000000000000000000ff020000000000000000000000000001000000003c00000020010000000000000000000000000002ac1414bb000000000000000000000000fc00000000000000000000000000000000000000000300000000006000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="fc020000000000000000000000000000fc02000000000000000000000000000100000000000000000a000000ff000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000000000000000000000000000000000000000000000ffffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000001000000000000000000000000000000000000000000000000000000000000010001000000000000000000000000000000000000000000000c00", @ANYRES32=r3, @ANYBLOB="04"], 0x134}, 0x1, 0x0, 0x0, 0x40044}, 0x0)

2.584423879s ago: executing program 2 (id=1236):
r0 = openat$ptp0(0xffffffffffffff9c, &(0x7f0000000140), 0x8800, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000b40)={0x0, 0x0, &(0x7f0000000b00)={&(0x7f0000000a80)=ANY=[@ANYBLOB="38000000200001000000000000000000020000000000000000000000140011007665746031000000000000000000000008000a00"], 0x38}, 0x1, 0x0, 0x0, 0x4040084}, 0x0)
ioctl$PTP_PEROUT_REQUEST(r0, 0x40383d03, 0x0)
io_uring_register$IORING_REGISTER_BUFFERS_UPDATE(0xffffffffffffffff, 0x10, 0x0, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x3, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWSET={0x68, 0x9, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_SET_ID={0x8}, @NFTA_SET_NAME={0x9, 0x2, 'syz2\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x21}, @NFTA_SET_EXPR={0x2c, 0x11, 0x0, 0x1, @target={{0xb}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_TARGET_INFO={0x4}, @NFTA_TARGET_REV={0x8}, @NFTA_TARGET_NAME={0xa, 0x1, 'AUDIT\x00'}]}}}]}], {0x14, 0x10}}, 0xb0}}, 0x0)
sendmsg$NFT_MSG_GETSET(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x20, 0xa, 0xa, 0x301, 0x0, 0x0, {0x1}, [@NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}]}, 0x20}}, 0x0)
r3 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r3, &(0x7f0000000080)={&(0x7f0000000000)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x0, @remote}}, 0x80, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000240)={0x5, 0x3, &(0x7f00000000c0)=@framed, &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000000)=@framed={{0x18, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000}, [@call={0x85, 0x0, 0x0, 0xa0}, @call={0x85, 0x0, 0x0, 0x50}]}, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r4, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
recvmsg$kcm(r3, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000340)=""/41, 0x29}, 0x0)
syz_mount_image$vfat(&(0x7f0000000240), &(0x7f0000000000)='./file0\x00', 0x400, &(0x7f0000000180)=ANY=[@ANYBLOB="6572726f72733d72656d6f756e742d726f2c757466383d302c757365667265652c646973636172642c757466383d312c756e695f786c6174653d302c73686f72746e616d653d77696e39352c756e695f786c6174653d302c756e695f786c6174653d302c0008442895b66131b4e4d54b2ba6ae54da0e13047e9f62fbb85ccc774b3ec4c81a1a985232d16d0d934460e920a59172e764c68194b9d9d0be76c595bac1fc5a0a8256a7b77e071e9bdd6100f9ae"], 0xfd, 0x274, &(0x7f0000000500)="$eJzs3MGLG1UYAPDPbNvdbmmzBxEUxIde9BLa9S8I0oK4oKyNqAdh6mY17JgsmbgSEdubV/+O4tGboP4De/HmXbwsguClBzHSJONm10BbaZzV/H4Q5su8+fLeTGbCNwN5R29/+dHebtHYzQZRW0tRi7gT9yI27kdTT0yXtXF8IWbdiZcu/fbjs2++8+5rza2t69sp3WjefHkzpXTluW8/+eyr578fXHrr6yvfrMbhxntHv27+dPjU4dNHf9wsP703SFm61esNslt5O+10ir1GSm/k7axop063aPdPtO/mvf39Ycq6O5fX9/vtokhZd5j22sM06KVBf5iyD7JONzUajXR5PZbNyiNntO5ub2fNhQyGKlyct7Lfb2Yrcxtbd/+NQQEAZ0tV9f+HnSJ1itR9UP1fC/X/4qj/l8H9+n99ev2epP4HAAAAAAAAAAAAAID/gnujUX00GtXLZflajYi1iCjfVz1OFsP3v9xm/ri3FpF/cdA6aE2Wk/bmbnQij3ZcPR/x+/h8mJrEN17dun41jW3Ed/ntaf7tg9ZKrJb5pY35+dcm+elk/vlYn+1/M+rx5Pz8zbn5F+LFF2byG1GPH96PXuSxMz6vj/M/v5bSK69vncq/ON4OAAAA/g8a6S9/u38ftzdSOW3IqfbJyuPnA1F/wPOBU/fX5+KZc9XtNwAAACyTYvjpXpbn7b7g0QKHbuFBLSIq6v2XiDgbB+GxBj9/PLnqH2bjqn+ZAACAx+246K96JAAAAAAAAAAAAAAAAAAAALC8HnbysHL7fzL32Ex3K9XsJQAAAAAAAAAAAAAAAAAAAAAAAJwNfwYAAP//xsMhSw==")
truncate(&(0x7f0000000280)='./file2\x00', 0x7)
syz_usb_connect(0x0, 0x2d, &(0x7f0000000040)={{0x12, 0x1, 0x201, 0xcc, 0x6e, 0xcf, 0x20, 0x8086, 0xb5c, 0x3943, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x1b, 0x1, 0x8, 0x33, 0x40, 0x7, [{{0x9, 0x4, 0x64, 0xee, 0x1, 0xe, 0x1, 0x0, 0x6, [], [{{0x9, 0x5, 0xd, 0x3, 0x10, 0x1c, 0x9, 0x4}}]}}]}}]}}, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0})

1.554867355s ago: executing program 3 (id=1237):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10)
r1 = accept4(r0, 0x0, 0x0, 0x0)
sendmsg$alg(r1, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)
recvmmsg(r1, &(0x7f0000001b40)=[{{0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000}, 0x4}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000940)=""/218, 0xda}], 0x1}}], 0x2, 0x10002, 0x0)

1.405102218s ago: executing program 4 (id=1238):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x14, 0x4, 0x4, 0x22, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000040)=0xe5, 0x4)
listen(r1, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000840)={r0, &(0x7f0000000240), &(0x7f0000000080)=@tcp=r1}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000900)={r0, &(0x7f00000008c0)}, 0x20)

1.090496704s ago: executing program 5 (id=1239):
bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, 0x0, &(0x7f0000000340)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./bus\x00', 0x41, &(0x7f00000000c0)={[{@errors_remount}, {@noload}, {@bh}, {@noquota}, {@noblock_validity}, {}, {@stripe={'stripe', 0x3d, 0x51}}, {@acl}, {@resgid}], [{@context={'context', 0x3d, 'sysadm_u'}}, {@context={'context', 0x3d, 'user_u'}}, {@fscontext={'fscontext', 0x3d, 'sysadm_u'}}, {@rootcontext={'rootcontext', 0x3d, 'unconfined_u'}}, {@obj_role={'obj_role', 0x3d, '}{\x00'}}, {@context={'context', 0x3d, 'user_u'}}], 0x3d}, 0x1, 0x521, &(0x7f00000007c0)="$eJzs3UFsI1cZAOB/HDvd7KZNChygEqXQouwK1k4a2kY9lCIhOFUCyn0JiRNFceIodtpNVEFWHDgiIQRInMqFCxInTkioEheOCKkSnEGAQAi2cEACdirb4+xuMk6yG8fOJt8nTea955n3v+doxn7jp5kALqxnIuLViLiTpum1iJjIygvZErudpbXde7ffWmgtSaTp6/9IIsnKunWlbY/FlWy3SxHxlS9GfD05GLexvbM6X6tVN7N8pbm2UWls71xfWZtfri5X12dnZ16ce2nuhbnpvvRzPCJe+fxfvv+dn3zhlV9++s0/3vjb1W8kWXns68cDKh72YqfrpfZ7ce8Omw8Z7CwqtnuYGcvbYuRAya1TbhMAAL19ICI+ERHXYiJGDv86CwAAADyC0s+Ox/+S7m93B4z2KAcAAAAeIYX2HNikUM7m+45HoVAuR3sO74ficqFWbzQ/tVTfWl/szJWdjFJhaaVWnc7mCk9GKWnlZ9rpu/nn9+VnI+LJiPjexFg7X16o1xaHffEDAAAALogr+8b//57ojP8BAACAc2Zy2A0AAAAATp3xPwAAAJx/xv8AAABwrn3ptddaS9p9/vXiG9tbq/U3ri9WG6vlta2F8kJ9c6O8XK8vt+/Zt3ZUfbV6feMzsb51s9KsNpqVxvbOjbX61nrzxsp9j8AGAAAABujJj73z+yQidl8eay8to8fb9ZibAWdVcS+VZOucw/oPT3TWfx5Qo4CBGBl2A4ChKQ67AcDQlIbdAGDokiNe7zl55zfZ+uP9bQ8AANB/Ux/J//3/6OuCu4UBNA84RQ5iALh42t/zjzuT15cFOFdKZgDChXfi3/+PlKYP1CAAAKDvxttLUihnl/fGo1AolyMebz8WoJQsrdSq0xHxRET8bqL0WCs/094zOXLMAAAAAAAAAAAAAAAAAAAAAAAAAAB0pGkSKQAAAHCuRRT+mvyqcy//qYnnxvdfHxhN/jMR2SNC3/zR6z+4Od9sbs60yv+5V978YVb+/DCuYAAAAMCFUHyQjbvj9O44HgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD66b3bby10l0HG/fvnImIyL34xLrXXl6IUEZf/lUTxnv2SiBjpQ/yx1p8P58VPWs3aC5kXf+ztk8ffvXVo/JjM3oX98QsRceXk4eFCe6d1/nk17/grxDPtdf7xV4y4L/+wep//Yu/8N9Lj/PP4MWM89e7PKj3j34p4qph//unGT3rEfzavwp9/+0DR1766s9Mrfvp2xFTu509yX6xKc22j0tjeub6yNr9cXa6uz87OvDj30twLc9OVpZVaNfubG+O7H/3FncP6f7lH/Mkj+v9cTn2jOWX/f/fm7Q92kqW8+FefzYn/6x9nWxyMX8g++z6ZpVuvT3XTu530vZ7+6W+fPqz/iz36f9T//2qvSve59uVv/emYmwIAA9DY3lmdr9Wqm2cj8XL0vebWCH/o/Xr0Ev9Nz0QzTjfxzb5WmKZp2jqmTlBPEoN7E5LDmzrsMxMAANBvd7/0D7slAAAAAAAAAAAAAAAAAAAAcHEN4k5j+2Pu7qWSftxCGwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACgL94PAAD//9Lu4AM=")
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe3000/0x18000)=nil, &(0x7f0000000080)=[@textreal={0x8, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000200)=ANY=[@ANYBLOB="0100000000000000034d564b00000000"])
ioctl$KVM_RUN(r2, 0xae80, 0x0)

1.086685631s ago: executing program 0 (id=1240):
r0 = syz_open_dev$I2C(&(0x7f0000000000), 0x0, 0x0)
ioctl$I2C_SMBUS(r0, 0x720, &(0x7f00000002c0)={0x1, 0x0, 0x3, &(0x7f0000000040)={0x1, "01a8f2fc7c144d2213b59e688cab162931144d94d93fafbf44d7308e451c0747ff"}})

924.991782ms ago: executing program 0 (id=1241):
r0 = creat(&(0x7f0000000380)='./file0\x00', 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x300000b, 0x4031, 0xffffffffffffffff, 0x0)
vmsplice(r1, &(0x7f0000000240)=[{&(0x7f0000001340)="e6", 0xfffffeff}], 0x1, 0x0)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
r4 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1900000004000000080000000800000000000000", @ANYRES32, @ANYBLOB="000000ffffffff000000002bc2ecd311c7910000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x10, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000002000000850000008600000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r7 = syz_open_dev$media(&(0x7f0000000040), 0x2, 0x0)
ioctl$MEDIA_IOC_G_TOPOLOGY(r7, 0xc0487c04, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000001100)=[{}], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r8 = socket$nl_netfilter(0x10, 0x3, 0xc)
r9 = socket$inet6_udplite(0xa, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000880)={'geneve1\x00', <r10=>0x0})
sendmsg$inet(r9, &(0x7f0000000040)={&(0x7f0000000000)={0x2, 0x4e21, @multicast2}, 0x10, 0x0, 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000007000000890704e0faf16a001c000000000000000000000008000000", @ANYRES32=r10], 0x38}, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r6, r3, 0x25, 0x2, @val=@tcx={@void, @value}}, 0x40)
setsockopt$inet_IP_IPSEC_POLICY(r0, 0x0, 0x10, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='ramfs\x00', 0x0, 0x0)
chdir(&(0x7f0000000180)='./file0\x00')
r11 = open(&(0x7f00009e1000)='./file0\x00', 0x8060, 0x20)
fcntl$setlease(r11, 0x400, 0x0)
link(&(0x7f0000000040)='./file0\x00', &(0x7f0000000100)='./file1\x00')
close_range(r0, 0xffffffffffffffff, 0x0)

831.605781ms ago: executing program 4 (id=1242):
syz_mount_image$hfsplus(&(0x7f0000000380), &(0x7f0000000640)='./file0\x00', 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="000b9240c8aee6631ad071808fe5ec25c497c626f69d02a71d1d27602d048db08101209e5e4cce0e9628b0636f3baa"], 0x1, 0x5f5, &(0x7f0000000f40)="$eJzs3T1vHMcdB+DfHl9EKoBE25LtBAnCSEUCC5F4PFtmESRKEAQsjMBAGjcuCImyCJ1ogzwHtBEEUl7bfAM7BVWnShGkEODU+QoEUrgIkJ6dgt3bI08iRR0pUXeEngeYm5md3ZnZv26Ht3siGOCltfhBJh6kyOKl9zbK+tZmq7212brTKyc5laSRjHezFKtJ8VVyLd2Ub5Yb6+6KJ43z4RfvLnzdvH+vWxuvU7V/46DjBnO3TplNMlbnz6u/68/cX7FzhmXALvYCB8P2cI+7hzn8Ga9bYBQU3Z+be8wkp5NM1Z8DUq8OjRc7u+fvUKscAAAAnFBnt7OdjZwZ9jwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgJKn//n9Rp0avPJui9/f/J+ttqcsn2oNhTwAAAAAAAAAAnoPvbmc7GznTqz8squ/8L1SVc9XrN/Jp1rOctVzORpbSSSdraSaZ6etocmOp01lrDnDk/L5Hznf/cwEAAAAAAAAAcCS/y+Lu9/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAKimSsm1XpXK88k8Z4kqkkk+V+d5N/9son2YNhTwAAAABegLPb2c5GzvTqD4vqnv/16r5/Kp9mNZ2spJN2lnOjehbQvetvbG222lubrTtl2tvvT/93qGlUPab77GH/keeqPc7vHLGYX+RXuZTZvJ+1rOTXWUony5lNpqbSyVKKzNRPL2Z689x/vtceqb3/tLm+Wc1kOjezUs3tcq7n47RzI43qHKp9Dh7xXhmd4ie1AWN0o87LM/pLnY+GmSoiEzsRmatjX0bjlYMjccj3yeMjNdPYeQZ17hhifrrOy1j/aaRjPt/37nv94EgkF/7znb/faq/evnVz/dLonNIRPR6JVl8k3nipIjFZR6O7ig62Wv68Ki3lQnXsmazkl/k4N7Kcd7KQdzKft/N25rKQq31xPT/AtdY43LV28Qd1YTrJn+t8NJRxfaUvrv0r3UzV1r9lN0qvPv8VafxbdaEc4/d1Phoej0SzLxKvHRyJvz4sX9fbq7fXbi19MuB436/z8rL941HX5mP5AqPs9NXyH6uqPfruKNte27etWbWd22lr7Gk7v9P2tCt1sv4Mt7en+artjX3bWlXbm31t+33KAWDknX7r9OT0f6f/Pf3l9B+mb02/N/WzUwunvj2ZiX+N/2Psb437jR8Vb+XL/Hb3/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADi69c8+v73Ubi+vKTxaOJVHt0xkRCam8PIVvjeEQYe9MgHH7UrnzidX1j/7/Icrd5Y+Wv5oebXVal6dX7i6MH/1ys2V9vJc93XY0wSOwe4P/d1tY8OcEAAAAAAAAAAAAPBUL+LXCYZ9jgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDJtvhBJh6kSHPu8lxZ39pstcvUK+/uOZ6kkaT4TVJ8lVxLN2Wmr7viSeN8+MW7C18379/b7Wu8t3/joOMGc7dOmU0yVud7/fjsUfq7/sT+BlXsnGEZsIu9wMGw/T8AAP//BqYMIQ==")
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
r0 = syz_mount_image$erofs(&(0x7f0000000340), &(0x7f0000000180)='./file2\x00', 0x200008, &(0x7f0000000080)=ANY=[], 0x1, 0x238, &(0x7f0000003280)="$eJzsmDGLE0EUx/8z2WwSEdHmChsFD4zoJZc9lGvCeYJgZXMnaqXBW48zexdJVjABwcPGRjsLwcbCL2BxxdV2fgFBCxUEC1NY2Igw8nZndyducln27O79iuE/897MvPd29xULhmEOLF+//Pr87NLi6jkAhzGLkl7/XgCECLU0/D+9fHD2RfPyq7cf37zbOvJo99/zaItSf5S5UN7jfgtAdbkAP75JRXt/k5jVk1WUYn0NEme0vg6Bmta3IYvRuS4Ebmp9z9Ad8q/V7m54bu1Ox1sjMU9DgwaHhpF8Kb7htsCaniullDDsvf6g3fI8t2sIS9vGmHKJ+LL2TKp+RdgYLks0dbQUH8V/4+mTbVqJajMPGdevAYmGTmIBAit6fRGlqDZhSYz8j1tJ/oXkenq07ZY3NltyJcO0JMue5xZ6/ebP/1IsUxyby7e9SulcTJuOIk8YSHYtwe0WkZiokqPOJzOfXAGQ4dUJhGU8HYx3XtJPNEeCV1NZTBDPM8W8f5Eri0jMDHffp03fpm1XYvoVYuT9sfdyLmeNOfoS81esgkFb7qdikwL7sBP2D/Va4LTRPy2jf9X9zfv1Xn8wt7HZWnfX3S3HWbgggMfnnXrQiMIx1feS/lwJ+tMh4/ziBF9b2njY8v1uIxxtYaMC3+86wdwxPpuVnc6PW3qbjysAToUTapt2fGIhdYewQx8Z+JKqpp0YhmEYhmEYhmEYhmEYhmGyMvLD8wRE8Bd0Ck7o/TcAAP//KaZe1w==")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101091, 0x0)
socket(0x8000000010, 0x2, 0x0)
socket$inet6(0xa, 0x6, 0xfffffffb)
openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket$packet(0x11, 0x3, 0x300)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x10, 0x2, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0x14)
r4 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000400)=ANY=[@ANYBLOB="440000001000030400000000fcffffff00000000", @ANYRES32=0x0, @ANYBLOB="7fff0000ef0000a6980012800b0001006d616373656302000400028008000500", @ANYRES32=r3, @ANYBLOB="d19b41ff9a5c7fbf856b4e3ac2ad454de6", @ANYRES32=r3, @ANYRESDEC=r1], 0x44}}, 0x0)
mount$overlay(0x0, &(0x7f0000000300)='\xe9\x1fq\x89Y\x1e\x923aK\x00', &(0x7f00000003c0), 0x4411, &(0x7f0000000280)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
chdir(&(0x7f0000000080)='./file0\x00')
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r5 = open(&(0x7f0000022ff6)='./control\x00', 0x0, 0x0)
fchdir(r5)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./control\x00', 0x0)
r6 = socket$unix(0x1, 0x2, 0x0)
bind$unix(r6, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
getdents64(r0, &(0x7f0000000180)=""/76, 0x4c)
unlinkat(r5, &(0x7f0000000140)='./control\x00', 0x200)

614.120138ms ago: executing program 0 (id=1243):
syz_clone(0x81000, &(0x7f00000000c0)="e51cc75ba5421d821b5f58687e5b7682be2a378566c1654ad8c37126a7208a27b4a030c696cc92244404609135b555ce94ea80183f72884408492a2b6be346678b3ce94c4c20ef2e0d3203bf625255a0a49ccb7c225e0d4e8f6b0e51e8b3f639b2efa303b2eb9175db22cd0468975eac10ca69fae90e47b6a080c6547d5e5297b5b2f249e8d35887ef51aac969f28a053e31db454996a463d1f811d31f43ee05ebe55ec91924f5c49cad7e51e6acc768ae842d773d5b484596f18fe3a9df07eb9fbe6b98fc67a61c3c8485e390a2a8894cb8b698c2d09939cb5c1fdc7667106b5971aaf7b49ee59d8d653459b901e39fe93c01a19588744b6bad3a", 0xfb, 0x0, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYRES32=r2, @ANYBLOB="1f003300d000000008021100000108021100000050505050505000001502"], 0x3c}}, 0x0)

469.080508ms ago: executing program 2 (id=1244):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = fcntl$getown(r1, 0x9)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000200)={'veth0_to_bond\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0xfff3}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}, @TCA_INGRESS_BLOCK={0x8, 0xd, 0x8}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x8}]}, 0x40}}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
r7 = socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000040)={'lo\x00', <r8=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r8, {0xffe0}, {0xffff, 0xffff}}}, 0x24}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000002f80)={0x0, 0x0, &(0x7f0000002f40)={&(0x7f0000002400)=@gettfilter={0x4c, 0x2e, 0x200, 0x70bd26, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0xffe0, 0x9}, {0x0, 0x3}, {0xfff9, 0x6}}, [{0x8, 0xb, 0x1}, {0x8}, {0x8, 0xb, 0x4}, {0x8, 0xb, 0x5}, {0x8, 0xb, 0x3}]}, 0x4c}}, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000100)={r2, 0xffffffffffffffff, 0x0, 0x9, &(0x7f00000000c0)='/dev/kvm\x00'}, 0x30)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000280)={0x0, 0x0, 0x3000, 0x2000, &(0x7f0000000000/0x2000)=nil})
r9 = syz_init_net_socket$x25(0x9, 0x5, 0x0)
ioctl$SIOCX25SFACILITIES(r9, 0x8918, 0x0)
r10 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r10, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000140)=[@text16={0x10, 0x0}], 0x1, 0x18, 0x0, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000000c0)={&(0x7f0000000300)=ANY=[@ANYBLOB="9feb0100180000000000000020000000200000000a000000000000000100000d0a00000004000000000400000000000000000006040000000000305f5f2e"], &(0x7f0000002fc0)=""/4093, 0x42, 0xffd, 0x8, 0x0, 0x0, @void, @value}, 0x28)
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000010ac0544020000000000010902240001000000000904000000030002"], 0x0)
r11 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r11}, &(0x7f0000bbdffc)=<r12=>0x0)
timer_settime(r12, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
openat$procfs(0xffffffffffffff9c, &(0x7f0000000080)='/proc/bus/input/devices\x00', 0x0, 0x0)
ioctl$KVM_RUN(r10, 0xae80, 0x0)
ioctl$KVM_CAP_ENFORCE_PV_FEATURE_CPUID(r10, 0x4068aea3, &(0x7f0000002340)={0xbe, 0x0, 0x1})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x1, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})

73.467233ms ago: executing program 3 (id=1245):
r0 = epoll_create1(0x0)
r1 = eventfd2(0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000b80))
ppoll(&(0x7f0000000000)=[{r0, 0x1003}, {r0, 0x1019}], 0x2, 0x0, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r0, 0x3, r1, &(0x7f0000000180)={0x20000005})
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)={{0x14}, [@NFT_MSG_NEWCHAIN={0x14, 0x3, 0xa, 0x201, 0x0, 0x0, {0x1}}], {0x14}}, 0x3c}, 0x1, 0x0, 0x0, 0x5090}, 0x0)

304.425µs ago: executing program 4 (id=1246):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = syz_io_uring_setup(0xf39, &(0x7f0000000480)={0x0, 0x0, 0x2, 0x0, 0xffffffff}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000540))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0x77, 0x0, 0x4)
io_uring_enter(r0, 0x88d, 0x2000, 0x5, 0x0, 0x0)
io_uring_enter(r0, 0x3bea, 0x9f55, 0x3, 0x0, 0x0)
sched_setscheduler(0x0, 0x3, &(0x7f0000000000)=0x7)
r2 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/schedstat\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f0000006140)={0x2020, 0x0, 0x0, <r3=>0x0, <r4=>0x0}, 0x2020)
syz_mount_image$exfat(&(0x7f00000000c0), &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x800, &(0x7f0000000100)={[{@fmask={'fmask', 0x3d, 0x9}}, {@discard}, {@gid={'gid', 0x3d, r4}}, {@iocharset={'iocharset', 0x3d, 'cp874'}}, {@allow_utime={'allow_utime', 0x3d, 0x801}}, {@dmask={'dmask', 0x3d, 0x8}}, {@errors_continue}, {@uid={'uid', 0x3d, r3}}, {@iocharset={'iocharset', 0x3d, 'cp860'}}, {@discard}]}, 0x3, 0x1510, &(0x7f0000003640)="$eJzs3Am4TlX7MPD7Xmvt45D0dJLhsNa6N08yLCdJMiTJkCRJkmRKSDrJKwmJQ6akQxKS4ZAMh5AMJ0465nkekyTpJEmmTMn6rlN83t7qe//v/+17/a//uX/Xta9n3c/a99prP/czrL0N33UZWrNxrWoNiQj+LfjrQxIAxALAQAC4DgACACgXVy4uqz+nxKR/7yDsr/VI6tWeAbuauP7ZG9c/e+P6Z29c/+yN65+9cf2zN65/9sb1Zyw72zy94PW8Zd+N7/9nZ/z7/79IZumxX60tfWPXfyGF65+9cf3/1wr+Kztx/bM3rn/2xvXP3rj+2UGOP+3h+mdvXH/GsrOrff+Zt6u7Xe33H2OMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4yx7OGsv0IBwOX21Z4XY4wxxhhjjDHG/jo+x9WeAWOMMcYYY4wxxv7/QxAgQUEAMZADYiEn5AIBANdCHrgOInA9xMENkBduhHyQHwpAQYiHQlAYNBiwQBBCESgKUbgJisHNUBxKQEkoBQ5KQwLcAmXgVigLt0E5uB3Kwx1QASpCJagMd0IVuAuqwt1QDe6B6lADakItuBdqw31QB+6HuvAA1IMHoT48BA3gYWgIj0AjeBQaw2PQBB6HptAMmkMLaPnfyn8JesDL0BN6QRL0hj7wCvSFftAfBsBAeBUGwWswGF6HZBgCQ+ENGAZvwnB4C0bASBgFb8NoeAfGwFgYB+MhBSbARHgXJsF7MBmmwFSYBqkwHWbA+zATZsFs+ADmwIcwF+bBfFgAafARLIRFkA4fw2L4BDJgCSyFZbAcVsBKWAWrYQ2shXWwHjbARtgEm2ELbIVtsB12wE7YBbvhU9gDn8Fe+Bz2wRf/Yv6Zf8jvioCAAgUqVBiDMRiLsZgLc2FuzI15MA9GMIJxGId5MS/mw3xYAAtgPMZjYSyMBg0SEhbBIhjFKBbDYlgci2NJLIkOHSZgApbBW7EslsVyWA7LY3msgBWxIlbGylgFq2BVrIrVsBpWx+pYE2vivXgv9sY6WAfrYl2sh/Uu357ChtgQG2EjbIyNsQk2wabYFJtjc2yJLbEVtsLW2BrbYltsh+2wPbbHREzEDtgBO2JH7ISdsDN2xi7YBbtiN+yGL+UAfBlfxl5YXfTGPtgH+2Jyjv44AAfgqzgIX8PX8HVMxiE4FN/AN/BNHI6ncQSOxFE4CquId3AMjkUS4zEFU3AiTsRJOAkn4xScgtMwFafjDJyBM3EWzsIPcA5+iB/iPJyHCzAN03AhLsJ0TMfFeAYzcAkuxWW4HFfgclyFq3EVrsV1uBY34AbchJtwC27BbbgNd+AO3IUKAD/Fz/AzTMZ9uA/34348gAfwIB7ETMzEQ3gID+NhPIJH8CgexWN4HE/gcTyFp/A0nsGzeBbP43m8gC/Ef9NoV4k1ySCyKKFEjIgRsSJW5BK5RG6RW+QReURERESciBN5RV6RT+QTBUQBES/iRWFRWBhhBIkwBgBEVERFMVFMFBfFRUlRUjjhRIJIEGVEGVFWlBXlxO2ivLhDVBAVRRtXWVQWVURbV1XcLaqJaqK6qCFqilqilqgtaos6oo6oK+qKeqKeqC8eEg1Eb+yPj4isyjQWQ7CJGIpNRTMhL32DtRLDsbVoI9qKp8RIHIHtRSuXKJ4VHcQY7Cj+Jsbi86KzGI9dxIuiq+gmuouXRA/R2vUUvcRk7C36iGnYV/QT/cUAMRNriA9wTs6a4nWRLIaIoeINsQDfFMPFW2KEGClGibfFaPGOGCPGinFivEgRE8RE8a6YJN4Tk8UUMVVME6liupgh3hczxSwxW3wg5ogPxVwxT8wXC0Sa+EgsFItEuvhYLBafiAyxRCwVy8RysUKsFKvEarFGrBXrxHqxQWwUm8RmsUVsFdvEdrFD7BS7xG7xqdgjPhN7xedin/hC7BdfigPiK3FQfC0yxTfikPhWHBbfiSPie3FU/CCOiePihDgpTokfxWlxRpwV58R58ZO4IH4WF4UXIFEKKaWSgYyROWSszClzyWtkbhlcenWvl3HyBplX3ijzyfyygCwo42UhWVhqaaSVJENZRBaVUXmTLCZvlsVlCVlSlpJOlpYJ8hZZRt4qy8rbZDl5uywv75AVZEVZSVaWd8oq8i4JkV+PUV3WkDVlLXmvrC3vk3Xk/bKufEDWkw/K+vIh2UA+LBvKR2Qj+ahsLB+TTeTjsqlsJpvLFrKlfEK2kk/K1rKNbCufku3k07K9fEYmymdlB+kvvUWel53lC7KLfFF2ld1kd/mzvCi97Cl7SYDeso98RfaV/WR/OUAOlK/KQfI1OVi+LpPlEDlUviGHyTflcPmWHCFHylHybTlaviPHyLFynBwvU+QEOVG+KyfJ9+RkOUVOldNkqpwu+18aabaU/zT/3T/IH/zL0TfJzXKL3Cq3ye1yh9wpd8ndcrfcI/fIvXKv3Cf3yf1yvzwgD8iD8qDMlJnykDwkD8vD8og8Io/Ko/KYPC7PyZPylPxRnpZn5Bl5Tp6X5+WFS68BKFRCSaVUoGJUDhWrcqpc6hqVW12r8qjrVERdr+LUDSqvulHlU/lVAVVQxatCqrDSyiirSIWqiCqqouomvPSGUSVVKeVUaZWgbvlX8lUxdbMqrkr8Jv/y/JL+ZH4tVUvVSrVSrVVr1Va1Ve1UO9VetVeJKlF1UB1UR9VRdVKdVGfVWXVRXVRX1VV1V91VD9VD9VQ9VZJKUn3UK6qv6qf6qwFqoHpVDVKD1GA1WCWrZDVUDVXD1DA1XA1XI9QINUqNUqPVaDVGjVHj1DiVolLURDVRTVKT1GQ1WU1VU1WqSlUz1Aw1U81Us9VsNUfNUXPVXDVfzVdpKk0tVAtVukpXi9VilaGWqCVqmVqmVqgVapVapdaoNWqdWqc2qA0qQ21Wm9VWtVVtV9vVTrVT7Va71R61R+1Ve9U+tU/tV/vVAXVAHVQHVabKVIfUIXVYHVZH1BF1VB1Vx9QxdUKdUKfUKXVanVZn1Vl1Xp1XF9QFdVFdzFr2BSIQgQpUEBPEBLFBbJAryBXkDnIHeYI8QSSIBHFBXJA3uDHIF+QPCgQFg/igUFA40IEJbCAuFT0a3BQUC24OigclgpJBqcAFpYOE4JagTHBrUDa4LSgX3B6UD+4IKgQVg0pB5eDOoEpwV1A1uDuoFtwTVA9qBDWDWsG9Qe3gvqBOcH9QN3ggqBc8GNQPHgoaBA8HDYNHgkbBo0Hj4LGgSfB40DRoFjQPWgQt/9LxvT+d/0nXU/fSSbq37qNf0X11P91fD9AD9at6kH5ND9av62Q9RA/Vb+hh+k09XL+lR+iRepR+W4/W7+gxeqwep8frFD1BT9Tv6kn6PT1ZT9FT9TSdqqfrGfp9PVPP0rP1B3qO/lDP1fP0fL1Ap+mP9EK9SKfrj/Vi/YnO0Ev0Ur1ML9cr9Eq9Sq/Wa/RavU6v1xv0Rr1Jb9Zb9Fa9TW/XO/ROvUvv1p/qPfozvVd/rvfpL/R+/aU+oL/SB/XXOlN/ow/pb/Vh/Z0+or/XR/UP+pg+rk/ok/qU/lGf1mf0WX1On9c/6Qv6Z31R+6zFfdbPu1FGmRgTY2JNrMllcpncJrfJY/KYiImYOBNn8pq8Jp/JZwqYAibexJvCprDJQoZMEVPERE3UFDPFTHFT3JQ0JY0zziSYBFPGlDFlTVlTzpQz5U15U8FUMJVMJXOnudPcZe4yd5u7zT3mHlPD1DC1TC1T29Q2dUwdU9fUNfVMPVPf1DcNTAPT0DQ0jUwj09g0Nk1ME9PUNDXNTXPT0rQ0rUwr09q0Nm1NW9POtDPtTXuTaBJNB9PBdDQdTSfTyXQ2nU0X08V0NV1Nd9Pd9DA9TE/T0ySZJNPH9DF9TV/T3/Q3A81AM8gMMoPNYJNsks1QM9QMM8PMcDPcjDAjzaishap5x4wxY804M96kmBQz0Uw0k8wkM9lMNlPNVJNqUs0MM8PMNDPNbDPbzDFzzFwz18w3802aSTMLzUKTbtLNYrPYZJgMs9QsNcvNcrPSrDSrzWqz1qw162G92Wg2ms1ms9lqtprtZrvZaXaa3Wa32WP2mL1mr9ln9pn9Zr85YA6Yg+agyTSZ5pA5ZA6bw+aIOWKOmqPmmDlmTpgT5pQ5ZU6b0+asOWvOm/yXfi+9ibU5bS57jc1tr7V57HX2H+MCtqCNt4VsYattPpv/N7Gx1ha3JWxJW8o6W9om2Ft+F1ewFW0lW9neaavYu2zV38W17X22jr3f1rUP2Fr23t/E9eyDtr59zDZABLDNbCPbwja2j9km9nHb1DazzW0L284+bdvbZ2yifdZ2sM/9Ll5oF9nVdo1da9fZPfYze9aes4ftd/a8/cn2tL3sQPuqHWRfs4Pt6zbZDvldPMq+bUfbd+wYO9aOs+N/F0+102yqnW5n2PftTDvrd3Ga/cjOsel2rp1n59sFv8RZc0q3H9vF9hObYZfYpXaZXW5X2JV21f+d6zK7wW60m+xu+6ndarfZ7XaH3Wl3/RJnncde+7ndZ7+wh+y39oD9yh60R2ym/eaXOOv8jtjv7VH7gz1mj9sT9qQ9ZX+0p+2ZX84/69xP2p/tRestEBKQJEUBxVAOiqWclIuuodx0LeWh6yhC11Mc3UB56UbKR/mpABWkeCpEhUmTIUtEIRWhohSlm+jyOr0klSJHpSmBbqEydCuVpduoHN1O5ekOqkAVqRJVpjupCt1FVeluqkb3UHWqQTWpFt1Ltek+qkP3U116gOrRg1SfHqIG9DA1pEeoET1KjekxakKPU1NqRs2pBbWkJ6gVPUmtqQ21paeoHT1N7ekZSqRnqQM9Rx3pb9SJnqfO9AJ1oRepK3Wj7vQS9aCXqSf1oiTqTX3oFepL/ag/DaCB9CoNotdoML1OyTSEhtIbNIzepOH0Fo2gkTSK3qbR9A6NobE0jsZTCk2gifQuTaL3aDJNoak0jVJpOs2g92kmzaLZ9AHNoQ9pLs2j+bSA0ugjWkiLKJ0+psX0CWXQElpKy2g5raCVtIpW0xpaS+toPW2gjbSJNtMW2krbaDvtoJ20i3bTp7SHPqO99Dntoy9oP31JB+grOkhfUyZ9Q4foWzpM39ER+t73oh/oGB2nE3SSTtGPdJrO0Fk6R+fpJ7pAP9NF8gQhhiKUoQqDMCbMEcaGOcNc4TVh7vDaME94XRgJrw/jwhvCvOGNYb4wf1ggLBjGh4XCwqEOTWhDCsOwSFg0jIY3hcXCm8PiYYmwZFgqdGHpMCG8JSwT3hqWDW8Ly4W3h+XDO8IKYcXwsQcqh3eGVcK7wqrh3WG18J6welgjrBnWCu8Na4f3hXXC+8O64QNh2fDBsH74UNggfDhsGD4SNgofDRuHj4VNwsfDpmGzsHnYImwZPhG2Cp8MW4dtwrbhU2G78OmwffhMmBg+G3YIn/ul/8FFf96fFPYO+4SvhK+E3t8v50cXRNOiH0UXRhdF06MfRxdHP4lmRJdEl0aXRZdHV0RXRldFV0fXRNdG10XXRzdEN0Y3Rb2vlQMcOuGkUy5wMS6Hi3U5XS53jcvtrnV53HUu4q53ce4Gl9fd6PK5/K6AK+jiXSFX2GlnnHXkQlfEFXVRd5Mr5m52xV0JV9KVcs6VdgmuhWvpWrpW7knX2rVxbd1T7in3tHvaPeOecc+6Du4519H9zXVyz7vO7gX3gnvRdXXdXHf3kuvhJuT59TOZ5Pq4Pq6v6+v6u/5uoBvoBrlBbrAb7JJdshvqhrphbpgb7oa7EW6EG+VGudFutBvjxrhxbpxLcSluopvoJrlJbrKb7Ka6qS7VpboZboab6Wa6KrN+PcpcN9fNd/NdmktzC13WmjHdLXaLXYbLcEvdUrfcLXcr3Uq32q12a91at96tdxvdRrfZbXZb3Va33W13O91Ot9vtdnv8db8O6va5/W6/O+AOuIPua5fpvnGH3LfusPvOHXHfu6PuB3fMHXcn3El3yv3oTrsz7qw75867n9wF97O76LxLiUyITIy8G5kUeS8yOTIlMjUyLZIamR6ZEXk/MjMyKzI78kFkTuTDyNzIvMj8yIJIWuSjyMLIokh65OPI4sgnkYzIksjSyLLI8siKiPeFtoa+iC/qo/4mX8zf7Iv7Er6kL+WdL+0T/C2+jL/Vl/W3+XL+dl/e3+Er+Iq+kn/cN/XNfHPfwrf0T/hW/knf2rfxbf1Tvp1/2rf3z/hE/6zv4J/zHf3ffCf/vO/sX/Bd/Iu+q+/mu/uXfA//su/pe/kk39v38a/4vr6f7+8H+IH+VT/Iv+YH+9d9sh/ih/o3/DD/ph/u3/Ij/Eg/KuZtP/ryJTKM9yl+gp/o3/WT/Ht+sp/ip/ppPtVP9zP8+36mn+Vn+w/8HP+hn+vn+fl+gU/zH/mFfpFP9x/7xf4Tn+GXXL6p7Ff6VX61X+PX+nV+vd/gN/pNfrPf4rf6bX673+F3+l1+t//U7/Gf+b3+c7/Pf+H3+y/9Af+VP+i/9pn+G3/If+sP++/8Ef+9P+p/8Mf8cX/Cn/Sn/I/+tD/jz/pz/rz/yV/wP/uL/G/WGGOMMcb+SyZcaYo/6u/9B8+Jv9u5DwBcu61g5t/3Z60o1+f7td1PxLeLAMCzvbo8cnmrXj0pKenSvhkSgqLzAC7/SVCWGLgSL4G28DQkQhso84fz7ye6nad/Mn70doBcf5cTC1fiK+N/+SfjP/HUqIXlw7Nx/4/x5wEUL3olJydciZdAW5X12AbK/sn4+Vv9k/nn/CoFoPXf5eSGK/GV+SfAk/AcJP5mT8YYY4wxxhhj7Ff9RKVOl68/L/+Nzz+6Po9XV3JywJX4n12fM8YYY4wxxhhj7Op7vlv3Z55ITGzT6V9vVP1vZXHjf2rDe4DLzygA+DcHBPiPn8WW/8ixki99dP6xa/k5H8D/jFL+FY2r/MXEGGOMMcYY+8tdWfT/9nl1tSbEGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4xlQ/+J/07sap8jY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxdrX9nwAAAP//geYOMQ==")
utime(&(0x7f0000001f00)='./file0\x00', &(0x7f0000001f40))
ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000080)=<r5=>0x0)
prlimit64(r5, 0x6, &(0x7f00000000c0)={0x9, 0x2}, &(0x7f00000001c0))
getrlimit(0xd, &(0x7f0000000200))
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x4441, &(0x7f0000004480)="$eJzs3b9vFFceAPA3Y3PYHHA2R8FJJ91Kh3Snu5NlU92dkc4Yg7HBR0QCitIsa3sBJ2svstdRCgqnQ0oVKVKiFCiR0rlCLtKSPyFNSlIjJUWaSJFINtrdWXtn7JU3ltcO5PMpPMz7vfudefumGF6cqNxbWMktrOQKS7ny3J2Vc7m3y6XVxWKID8iO/R85uP7pTDeuk8O+9n7Lrl+8/OqtcyF8Mf/Vs2q1Wg01vaFF9LxabeSMtKR+/92DudZjUxzSau2GrnojhHB627hqekIIr38eQhRCuJCkjSfH/hDCidDIu/Xgvdu5fRrN46fF8/nnMw83Rs9Orz/aaP/ZoxA+Lv3pX3cXv/lrz+jX/9in7gEAAAAAAAAAAAAAAAAAeMFN3rh+85XhkfAkCr3r0fb3dSeTY7v3Y6v75i/d/7AAAAAAAAAAAAAAAAAAAADwK7X1/n8uOrX1/v+PzfyJ5DjWpn71f3vo9MO9jZX9N/X/6xOXhkeS/d+jbfn/TpK+vdATBnfY9z27//uFTP2d93/f3s9eNcfX7HcgRPFQ6jyOh4ZC+DTZ+P1MdCwulVcq/7xTXl2a37dhvLDS8W/s3p+KTrKhf6fxH8+03/39//+47Wqqnd/ev0vspZaOf0/bcp+9G3UU/4uZegcRf/YuHf/eelp/a4GxxgRQi//7vbvHfyLTfrfifzKEkItqY82lZoDaGqaW3m69Qlo6/kfqaampM/ki293/P2TifynT/mHN/2vZHyJ2lI7/7+ppfakSW/f/YLz7/X850/5hxL82/jW//x1Jx/9oI7E3VaT+TXY6/09m2u9W/G/GyThPRqkrYD1qpLf7/+pIS8e/b1v+1vNf3NH670qm/kE9/zX7bT7/Naf/v0eN5z92lo5/f9tynd7/U5l63Z7/x+rrP/YqHf9j9bT02nmg/rfT+E9n2u9W/Ourkr5m/Lfmk5+ONtI/sf7rSDr+v28kxq0l1up/6+u/aPf1/9VM+4ex/quNfy3ubq8vi3T8j7ctV4v/l424N7/uHe//a5l63Y9/CMPW+nuWjv+JtuXq93/f7vP/TKZet+P/t242DgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPACGE+OAyGKh1LncTw0FMLF5PxMOBbNFubzs6Xy3FsrIUwk6blwKrpbKs8WSvmFpfJ8MV8olcpzIVxK8k+HvmilVK7kFwv3L2+21R/dKxaWK7PFQiWEMJmk/zmcaLY1u1BZLNwPIVxJ8srhD3F5+f69wlJ+fmH5v8PDw8NhanMMg1HxnUpxqdLovZEbwvRmuwNRy+Dq2Vc3x3I8erO8urxUKNXTr7XUKZXnCqWWOjNJ3gdhMKosry7NFSrFfKl8t9nfYRpLjhNTN167cW1kW/7tqHEcP9hhAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPALPRn9z0chhN7GWRxCGGv+I9qp/OOnxfP55zMPN0bPTq8/2njWrhwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8zA4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV26RglYigIA/C8Z6FWegyrkHS2EUW0MCJ4Aj2Gh9GjeAnvYGFhu8WysPsCIZtAmt3q+5qB/Exm4A0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACwzP1L9/pcNxEpztanEd/vP7/D/LHUz5vp/pMj7MjhPDx1t3d1U9497eXX5dNfm7fp6v/jLSZq72t0J+N72unnnM/uNXdvc/v1cy8j5Soi2pJfpZyratBwsey/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsGEHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBQAAP//1B4lOA==")

0s ago: executing program 0 (id=1247):
r0 = socket$inet6(0xa, 0x805, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000080)={0x0, 0x1c, &(0x7f0000000000)=[@in6={0xa, 0x0, 0x0, @private1}]}, &(0x7f00000002c0)=0x10)
getsockopt$bt_hci(r0, 0x84, 0x82, &(0x7f0000000080)=""/4076, &(0x7f0000000040)=0xfec)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680))
rt_sigqueueinfo(0x0, 0x0, 0x0)
prctl$PR_GET_SPECULATION_CTRL(0x35, 0x0, 0x8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='status\x00')
mkdir(&(0x7f0000000500)='./file0\x00', 0x0)
chmod(&(0x7f0000000180)='./file0\x00', 0x23f)
chdir(&(0x7f00000001c0)='./file0\x00')
mkdir(&(0x7f0000000700)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x40)
setuid(0xee01)
r2 = open$dir(&(0x7f0000001240)='.\x00', 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x180)
renameat(0xffffffffffffff9c, &(0x7f0000000600)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r2, &(0x7f0000000240)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
preadv(r1, &(0x7f00000001c0)=[{&(0x7f0000001140)=""/4096, 0x1000}], 0x1, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x0)
r4 = socket$kcm(0x10, 0x2, 0x4)
sendmsg$kcm(r4, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000280)="89000000120081ae08060cdc030ec0007f0308000300000000e2ffca1b1f0000001104c00e72f750375ed08a56331dbf9ed7815e381ad6e747033a0093b837dc6cc01e32efaec8c7a6ec08120800030006010000bdad446b9bbc7a46e3988285dcdf12f20900f868fece01955fed0009d78f0a947ee2b49e33538afa8af92347514f0b56a20ff27fff", 0x89}], 0x1}, 0x0)
socket$kcm(0x11, 0x7, 0x300)
r5 = socket$kcm(0xa, 0x1, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback={0x0, 0xac14140c}, 0x0, 0x1}, 0x80, 0x0, 0x0, 0x0, 0x0, 0x900}, 0x20000014)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = openat$nullb(0xffffffffffffff9c, &(0x7f00000000c0), 0x418100, 0x0)
sendmsg$nl_generic(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)={0x38, 0x38, 0x9, 0x0, 0x0, {0x1}, [@typed={0x8, 0x0, 0x0, 0x0, @fd=r7}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x8, 0x0, 0x0, 0x0, @uid}]}, @typed={0x8, 0x2, 0x0, 0x0, @pid=0xffffffffffffffff}, @typed={0x8, 0x4, 0x0, 0x0, @u32=0x2}]}, 0x38}}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000400)=ANY=[@ANYBLOB="540000001000210400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="0000000061000000280012800e000100697036040004000000060010004e2100000a000100aaaaaaaaaa00"/60], 0x54}}, 0x0)

kernel console output (not intermixed with test programs):

68603][ T2037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  541.578845][ T2037] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  541.588966][ T2037] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0x11, changing to 0x1
[  541.600871][ T2037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  541.611090][ T2037] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  541.618275][   T25] usb 3-1: USB disconnect, device number 9
[  541.621278][ T2037] usb 6-1: config 0 interface 0 altsetting 0 has 5 endpoint descriptors, different from the interface descriptor's value: 4
[  542.399019][ T2037] usb 6-1: New USB device found, idVendor=0572, idProduct=cafe, bcdDevice=55.01
[  542.409134][ T2037] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  542.417659][ T2037] usb 6-1: Product: syz
[  542.422078][ T2037] usb 6-1: Manufacturer: syz
[  542.427665][ T2037] usb 6-1: SerialNumber: syz
[  542.517928][ T2037] usb 6-1: config 0 descriptor??
[  542.527217][ T8767] raw-gadget.1 gadget.5: fail, usb_ep_enable returned -22
[  543.127562][ T2037] cxacru 6-1:0.0: submit of read urb for cm 0x90 failed (-8)
[  543.135460][ T2037] cxacru 6-1:0.0: usbatm_usb_probe: invalid endpoint 02!
[  543.143871][ T2037] cxacru 6-1:0.0: probe with driver cxacru failed with error -22
[  543.276052][ T2037] usb 6-1: USB disconnect, device number 6
[  543.391177][ T8790] netlink: 8 bytes leftover after parsing attributes in process `syz.4.858'.
[  543.800289][ T8796] xt_CT: No such helper "pptp"
[  544.253725][ T8808] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  544.551059][ T8810] loop0: detected capacity change from 0 to 512
[  544.566734][ T8818] loop5: detected capacity change from 0 to 64
[  544.599586][ T8810] EXT4-fs: Ignoring removed bh option
[  544.606082][ T8810] ext4: Unknown parameter 'context'
[  544.637158][ T2037] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  544.807081][ T2037] usb 5-1: Using ep0 maxpacket: 16
[  544.889721][ T2037] usb 5-1: config 0 interface 0 altsetting 15 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  544.901304][ T2037] usb 5-1: config 0 interface 0 altsetting 15 endpoint 0x81 has invalid wMaxPacketSize 0
[  544.911718][ T2037] usb 5-1: config 0 interface 0 has no altsetting 0
[  544.918775][ T2037] usb 5-1: New USB device found, idVendor=0458, idProduct=500f, bcdDevice= 0.00
[  544.928758][ T2037] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  545.066109][ T8825] FAULT_INJECTION: forcing a failure.
[  545.066109][ T8825] name failslab, interval 1, probability 0, space 0, times 0
[  545.079526][ T8825] CPU: 0 UID: 0 PID: 8825 Comm: syz.2.867 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  545.090441][ T8825] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  545.100763][ T8825] Call Trace:
[  545.104246][ T8825]  <TASK>
[  545.107374][ T8825]  dump_stack_lvl+0x216/0x2d0
[  545.112415][ T8825]  dump_stack+0x1e/0x30
[  545.116885][ T8825]  should_fail_ex+0x748/0x7f0
[  545.121891][ T8825]  should_failslab+0x17f/0x210
[  545.126944][ T8825]  kmem_cache_alloc_noprof+0xe2/0xb20
[  545.132659][ T8825]  ? skb_clone+0x303/0x550
[  545.137406][ T8825]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  545.143530][ T8825]  skb_clone+0x303/0x550
[  545.148113][ T8825]  dev_queue_xmit_nit+0x4d0/0x12a0
[  545.153537][ T8825]  ? __dev_queue_xmit+0x40de/0x56d0
[  545.159061][ T8825]  ? kmsan_get_metadata+0x13e/0x1c0
[  545.164559][ T8825]  dev_hard_start_xmit+0x17d/0xa20
[  545.170001][ T8825]  __dev_queue_xmit+0x3562/0x56d0
[  545.175341][ T8825]  ? kmsan_get_metadata+0x13e/0x1c0
[  545.181098][ T8825]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  545.188037][ T8825]  ? kmsan_get_metadata+0x13e/0x1c0
[  545.193531][ T8825]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  545.199644][ T8825]  ? __dev_queue_xmit+0x355/0x56d0
[  545.205100][ T8825]  __netlink_deliver_tap+0x84c/0xc90
[  545.210728][ T8825]  ? kmsan_get_metadata+0x13e/0x1c0
[  545.216219][ T8825]  netlink_unicast+0x1103/0x1260
[  545.221501][ T8825]  netlink_sendmsg+0x10da/0x11e0
[  545.226816][ T8825]  ? __pfx_netlink_sendmsg+0x10/0x10
[  545.232459][ T8825]  ? __pfx_netlink_sendmsg+0x10/0x10
[  545.238090][ T8825]  __sock_sendmsg+0x30f/0x380
[  545.243068][ T8825]  ____sys_sendmsg+0x877/0xb60
[  545.248174][ T8825]  ___sys_sendmsg+0x28d/0x3c0
[  545.253164][ T8825]  ? kmsan_get_metadata+0x13e/0x1c0
[  545.258674][ T8825]  ? __rcu_read_unlock+0x7b/0xe0
[  545.263939][ T8825]  ? __fget_files+0x4f5/0x5c0
[  545.268912][ T8825]  ? kmsan_get_metadata+0x13e/0x1c0
[  545.274367][ T8825]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  545.280447][ T8825]  __x64_sys_sendmsg+0x300/0x4a0
[  545.285689][ T8825]  ? perf_mmap+0x1420/0x28d0
[  545.290611][ T8825]  x64_sys_call+0x2da0/0x3ba0
[  545.295589][ T8825]  do_syscall_64+0xcd/0x1e0
[  545.300394][ T8825]  ? clear_bhb_loop+0x25/0x80
[  545.305353][ T8825]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  545.311527][ T8825] RIP: 0033:0x7f78a917e719
[  545.316168][ T8825] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  545.336057][ T8825] RSP: 002b:00007f78a9e90038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  545.344772][ T8825] RAX: ffffffffffffffda RBX: 00007f78a9335f80 RCX: 00007f78a917e719
[  545.352997][ T8825] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000003
[  545.361190][ T8825] RBP: 00007f78a9e90090 R08: 0000000000000000 R09: 0000000000000000
[  545.369386][ T8825] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  545.377585][ T8825] R13: 0000000000000000 R14: 00007f78a9335f80 R15: 00007ffda81d9b68
[  545.385808][ T8825]  </TASK>
[  545.441517][ T2037] usb 5-1: config 0 descriptor??
[  545.686814][ T8815] netlink: 'syz.4.864': attribute type 5 has an invalid length.
[  546.104592][ T2037] usbhid 5-1:0.0: can't add hid device: -71
[  546.111702][ T2037] usbhid 5-1:0.0: probe with driver usbhid failed with error -71
[  546.178394][ T2037] usb 5-1: USB disconnect, device number 6
[  546.232967][ T8836] loop2: detected capacity change from 0 to 64
[  546.885731][ T8849] netlink: 8 bytes leftover after parsing attributes in process `syz.3.874'.
[  547.117215][ T2037] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  547.344072][ T8849] xt_CT: No such helper "pptp"
[  547.366745][ T2037] usb 1-1: Using ep0 maxpacket: 32
[  547.421356][ T2037] usb 1-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[  547.431100][ T2037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  547.561666][ T2037] usb 1-1: config 0 descriptor??
[  547.674654][ T2037] gspca_main: nw80x-2.14.0 probing 055f:d001
[  548.146691][   T44] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  548.320022][   T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  548.331799][   T44] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  548.343064][   T44] usb 6-1: New USB device found, idVendor=5543, idProduct=0042, bcdDevice= 0.00
[  548.353490][   T44] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  548.382260][   T44] usb 6-1: config 0 descriptor??
[  548.604664][ T8850] loop0: detected capacity change from 0 to 256
[  548.642608][ T8875] loop3: detected capacity change from 0 to 512
[  548.690999][ T8875] EXT4-fs: Ignoring removed bh option
[  548.698027][ T8875] ext4: Unknown parameter 'context'
[  548.877966][ T2037] gspca_nw80x: reg_r err -110
[  548.883257][ T2037] nw80x 1-1:0.0: probe with driver nw80x failed with error -110
[  548.901993][ T8850] exFAT-fs (loop0): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  548.944945][   T44] uclogic 0003:5543:0042.0004: No inputs registered, leaving
[  549.042724][   T44] uclogic 0003:5543:0042.0004: hidraw0: USB HID v0.00 Device [HID 5543:0042] on usb-dummy_hcd.5-1/input0
[  549.050941][ T8850] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  549.064218][ T8850] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  549.135882][ T8856] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  549.145869][ T8856] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  549.159214][ T5809] Bluetooth: hci5: Controller not accepting commands anymore: ncmd = 0
[  549.168896][ T5809] Bluetooth: hci5: Injecting HCI hardware error event
[  549.177756][ T5809] Bluetooth: hci5: hardware error 0x00
[  549.554378][ T2037] usb 6-1: USB disconnect, device number 7
[  549.627894][    T8] usb 1-1: USB disconnect, device number 8
[  549.997990][ T8892] loop3: detected capacity change from 0 to 64
[  550.014606][ T8884] netlink: 8 bytes leftover after parsing attributes in process `syz.2.880'.
[  551.267686][ T5809] Bluetooth: hci5: Opcode 0x0c03 failed: -110
[  551.426769][    T8] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  551.449385][ T8910] loop5: detected capacity change from 0 to 512
[  551.541688][ T8914] netlink: 8 bytes leftover after parsing attributes in process `syz.0.888'.
[  551.580929][ T8910] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  551.600728][ T8910] ext4 filesystem being mounted at /40/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  551.615374][    T8] usb 3-1: Using ep0 maxpacket: 16
[  551.630723][ T8920] netlink: 12 bytes leftover after parsing attributes in process `syz.3.889'.
[  551.654439][ T8920] vlan2: entered promiscuous mode
[  551.660023][ T8920] bond0: entered promiscuous mode
[  551.665274][ T8920] bond_slave_0: entered promiscuous mode
[  551.675898][ T8920] bond_slave_1: entered promiscuous mode
[  551.743463][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  551.755118][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  551.765437][    T8] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.40
[  551.774942][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  551.891245][ T8920] bond0: left promiscuous mode
[  551.901962][ T8920] bond_slave_0: left promiscuous mode
[  551.912442][ T8920] bond_slave_1: left promiscuous mode
[  551.959397][   T29] audit: type=1800 audit(1731474943.198:31): pid=8910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.886" name="file1" dev="loop5" ino=15 res=0 errno=0
[  552.061616][    T8] usb 3-1: config 0 descriptor??
[  552.198633][ T8914] xt_CT: No such helper "pptp"
[  552.562871][    T8] cp2112 0003:10C4:EA90.0005: unbalanced collection at end of report description
[  552.572658][   T29] audit: type=1800 audit(1731474943.828:32): pid=8910 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.886" name="file2" dev="loop5" ino=16 res=0 errno=0
[  552.590769][    T8] cp2112 0003:10C4:EA90.0005: parse failed
[  552.600544][    T8] cp2112 0003:10C4:EA90.0005: probe with driver cp2112 failed with error -22
[  553.086136][ T7694] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  553.263259][ T8936] loop3: detected capacity change from 0 to 512
[  553.339391][ T8936] EXT4-fs: Ignoring removed bh option
[  553.345719][ T8936] ext4: Unknown parameter 'context'
[  553.450255][ T8943] FAULT_INJECTION: forcing a failure.
[  553.450255][ T8943] name failslab, interval 1, probability 0, space 0, times 0
[  553.464140][ T8943] CPU: 0 UID: 0 PID: 8943 Comm: syz.0.894 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  553.475049][ T8943] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  553.485499][ T8943] Call Trace:
[  553.488954][ T8943]  <TASK>
[  553.492071][ T8943]  dump_stack_lvl+0x216/0x2d0
[  553.497064][ T8943]  dump_stack+0x1e/0x30
[  553.501503][ T8943]  should_fail_ex+0x748/0x7f0
[  553.506506][ T8943]  should_failslab+0x17f/0x210
[  553.511531][ T8943]  __kmalloc_cache_noprof+0xbf/0xb00
[  553.517135][ T8943]  ? __memcg_slab_free_hook+0x195/0x570
[  553.522968][ T8943]  ? rtnl_newlink+0x7a/0x4200
[  553.527941][ T8943]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  553.534053][ T8943]  rtnl_newlink+0x7a/0x4200
[  553.538897][ T8943]  ? kmem_cache_free+0x401/0xdf0
[  553.544148][ T8943]  ? __kfree_skb+0x1f6/0x250
[  553.549066][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.554516][ T8943]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  553.561153][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.566610][ T8943]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  553.573263][ T8943]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  553.579631][ T8943]  ? apparmor_capable+0x355/0x400
[  553.584937][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.590386][ T8943]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  553.596455][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.601902][ T8943]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  553.608711][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.614183][ T8943]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  553.620249][ T8943]  ? __pfx_rtnl_newlink+0x10/0x10
[  553.625550][ T8943]  ? __pfx_rtnl_newlink+0x10/0x10
[  553.630851][ T8943]  rtnetlink_rcv_msg+0x12fc/0x1410
[  553.636270][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.641764][ T8943]  netlink_rcv_skb+0x375/0x650
[  553.646851][ T8943]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  553.652646][ T8943]  ? __pfx_rtnetlink_rcv+0x10/0x10
[  553.658054][ T8943]  rtnetlink_rcv+0x34/0x40
[  553.662803][ T8943]  netlink_unicast+0xf52/0x1260
[  553.667981][ T8943]  netlink_sendmsg+0x10da/0x11e0
[  553.673240][ T8943]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.678821][ T8943]  ? __pfx_netlink_sendmsg+0x10/0x10
[  553.684402][ T8943]  __sock_sendmsg+0x30f/0x380
[  553.689345][ T8943]  ____sys_sendmsg+0x877/0xb60
[  553.694416][ T8943]  ___sys_sendmsg+0x28d/0x3c0
[  553.699372][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.704855][ T8943]  ? __rcu_read_unlock+0x7b/0xe0
[  553.710088][ T8943]  ? __fget_files+0x4f5/0x5c0
[  553.715066][ T8943]  ? kmsan_get_metadata+0x13e/0x1c0
[  553.720563][ T8943]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  553.726659][ T8943]  __x64_sys_sendmsg+0x300/0x4a0
[  553.731896][ T8943]  ? perf_mmap+0x1420/0x28d0
[  553.736780][ T8943]  x64_sys_call+0x2da0/0x3ba0
[  553.741764][ T8943]  do_syscall_64+0xcd/0x1e0
[  553.746582][ T8943]  ? clear_bhb_loop+0x25/0x80
[  553.751558][ T8943]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  553.757747][ T8943] RIP: 0033:0x7f156dd7e719
[  553.762392][ T8943] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  553.782291][ T8943] RSP: 002b:00007f156c1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  553.791020][ T8943] RAX: ffffffffffffffda RBX: 00007f156df35f80 RCX: 00007f156dd7e719
[  553.799264][ T8943] RDX: 0000000000000000 RSI: 0000000020000280 RDI: 0000000000000003
[  553.807474][ T8943] RBP: 00007f156c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  553.815673][ T8943] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  553.823872][ T8943] R13: 0000000000000000 R14: 00007f156df35f80 R15: 00007fff1ef6c3f8
[  553.832113][ T8943]  </TASK>
[  554.496511][    T8] usb 3-1: USB disconnect, device number 10
[  554.751185][ T8945] FAULT_INJECTION: forcing a failure.
[  554.751185][ T8945] name fail_futex, interval 1, probability 0, space 0, times 1
[  554.769823][ T8945] CPU: 0 UID: 0 PID: 8945 Comm: syz.5.893 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  554.780763][ T8945] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  554.791055][ T8945] Call Trace:
[  554.794518][ T8945]  <TASK>
[  554.797621][ T8945]  dump_stack_lvl+0x216/0x2d0
[  554.802619][ T8945]  dump_stack+0x1e/0x30
[  554.807064][ T8945]  should_fail_ex+0x748/0x7f0
[  554.812042][ T8945]  should_fail+0x2a/0x40
[  554.816562][ T8945]  get_futex_key+0xcef/0x12a0
[  554.821532][ T8945]  futex_wake+0xfe/0x8f0
[  554.826075][ T8945]  ? kmsan_get_metadata+0x13e/0x1c0
[  554.831550][ T8945]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  554.837641][ T8945]  do_futex+0x380/0x4a0
[  554.842079][ T8945]  mm_release+0x18e/0x3a0
[  554.846715][ T8945]  exit_mm_release+0x2e/0x40
[  554.851598][ T8945]  exit_mm+0x5d/0x360
[  554.855831][ T8945]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  554.861906][ T8945]  do_exit+0xddb/0x4330
[  554.866349][ T8945]  do_group_exit+0x2fe/0x390
[  554.871219][ T8945]  get_signal+0x27c3/0x2d00
[  554.876005][ T8945]  ? filter_irq_stacks+0x164/0x1a0
[  554.881467][ T8945]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  554.888164][ T8945]  arch_do_signal_or_restart+0x53/0xcb0
[  554.894033][ T8945]  ? ksys_read+0x416/0x4c0
[  554.898736][ T8945]  ? __x64_sys_read+0x93/0xe0
[  554.903697][ T8945]  syscall_exit_to_user_mode+0x5d/0x170
[  554.909541][ T8945]  do_syscall_64+0xda/0x1e0
[  554.914339][ T8945]  ? clear_bhb_loop+0x25/0x80
[  554.919327][ T8945]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  554.925535][ T8945] RIP: 0033:0x7f5332f7e719
[  554.930181][ T8945] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  554.950078][ T8945] RSP: 002b:00007f5333e0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  554.958782][ T8945] RAX: fffffffffffffe00 RBX: 00007f5333135f80 RCX: 00007f5332f7e719
[  554.967011][ T8945] RDX: 0000000000000008 RSI: 0000000020000040 RDI: 0000000000000003
[  554.975217][ T8945] RBP: 00007f5333e0f090 R08: 0000000000000000 R09: 0000000000000000
[  554.983424][ T8945] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  554.991652][ T8945] R13: 0000000000000000 R14: 00007f5333135f80 R15: 00007ffd596f3698
[  554.999895][ T8945]  </TASK>
[  555.138691][ T8955] FAULT_INJECTION: forcing a failure.
[  555.138691][ T8955] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  555.152448][ T8955] CPU: 0 UID: 0 PID: 8955 Comm: syz.0.896 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  555.163367][ T8955] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  555.173689][ T8955] Call Trace:
[  555.177167][ T8955]  <TASK>
[  555.180290][ T8955]  dump_stack_lvl+0x216/0x2d0
[  555.185359][ T8955]  dump_stack+0x1e/0x30
[  555.189943][ T8955]  should_fail_ex+0x748/0x7f0
[  555.195010][ T8955]  should_fail+0x2a/0x40
[  555.199595][ T8955]  should_fail_usercopy+0x2e/0x40
[  555.204965][ T8955]  _copy_from_iter+0x1d8/0x2b00
[  555.210146][ T8955]  ? kmsan_alloc_page+0x182/0x220
[  555.215472][ T8955]  ? __alloc_pages_noprof+0x9a7/0xe00
[  555.221198][ T8955]  ? kmsan_get_metadata+0x13e/0x1c0
[  555.226693][ T8955]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  555.232808][ T8955]  copy_page_from_iter+0x3c8/0x7e0
[  555.238286][ T8955]  pipe_write+0xd23/0x2a10
[  555.243031][ T8955]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  555.249172][ T8955]  ? vfs_write+0x53b/0x1540
[  555.254022][ T8955]  vfs_write+0xb2b/0x1540
[  555.258760][ T8955]  ? __pfx_pipe_write+0x10/0x10
[  555.263936][ T8955]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  555.270043][ T8955]  ksys_write+0x24f/0x4c0
[  555.274687][ T8955]  __x64_sys_write+0x93/0xe0
[  555.279591][ T8955]  x64_sys_call+0x306a/0x3ba0
[  555.284599][ T8955]  do_syscall_64+0xcd/0x1e0
[  555.289440][ T8955]  ? clear_bhb_loop+0x25/0x80
[  555.294447][ T8955]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  555.300684][ T8955] RIP: 0033:0x7f156dd7e719
[  555.305360][ T8955] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  555.325284][ T8955] RSP: 002b:00007f156c1f6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  555.332392][ T8961] pim6reg9: entered allmulticast mode
[  555.333918][ T8955] RAX: ffffffffffffffda RBX: 00007f156df35f80 RCX: 00007f156dd7e719
[  555.347617][ T8955] RDX: 00000000fffffecc RSI: 0000000020000000 RDI: 0000000000000004
[  555.355860][ T8955] RBP: 00007f156c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  555.364098][ T8955] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  555.372304][ T8955] R13: 0000000000000000 R14: 00007f156df35f80 R15: 00007fff1ef6c3f8
[  555.380526][ T8955]  </TASK>
[  555.746718][ T8963] netlink: 32 bytes leftover after parsing attributes in process `syz.3.899'.
[  555.850406][ T8961] loop2: detected capacity change from 0 to 512
[  555.900634][ T8969] netlink: 8 bytes leftover after parsing attributes in process `syz.5.900'.
[  555.917246][ T8961] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  555.968666][ T8971] loop0: detected capacity change from 0 to 512
[  556.026797][    T8] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  556.063521][ T8961] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.897: invalid indirect mapped block 4294967295 (level 0)
[  556.154344][ T8971] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  556.168239][ T8971] ext4 filesystem being mounted at /185/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  556.173636][ T8961] EXT4-fs error (device loop2): ext4_free_branches:1023: inode #16: comm syz.2.897: invalid indirect mapped block 4294967295 (level 1)
[  556.187471][ T8973] xt_CT: No such helper "pptp"
[  556.247535][    T8] usb 5-1: New USB device found, idVendor=056e, idProduct=4010, bcdDevice=20.1c
[  556.257986][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  556.336016][    T8] usb 5-1: config 0 descriptor??
[  556.362058][ T8961] EXT4-fs (loop2): 1 orphan inode deleted
[  556.369205][ T8961] EXT4-fs (loop2): 1 truncate cleaned up
[  556.377795][ T8961] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  556.436758][   T29] audit: type=1800 audit(1731474947.648:33): pid=8971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.901" name="file1" dev="loop0" ino=15 res=0 errno=0
[  556.473068][   T29] audit: type=1800 audit(1731474947.748:34): pid=8971 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.901" name="file2" dev="loop0" ino=16 res=0 errno=0
[  556.510516][ T8961] EXT4-fs error (device loop2): htree_dirblock_to_tree:1112: inode #2: block 13: comm syz.2.897: bad entry in directory: rec_len is too small for name_len - offset=12, inode=2, rec_len=12, size=1024 fake=0
[  557.114555][ T5792] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.470879][ T8990] fuse: Unknown parameter 'user_i00000000000000000000'
[  557.637091][ T8976] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 191 vs 220 free clusters
[  557.838960][ T2037] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  557.857591][    T8] pegasus 5-1:0.0: probe with driver pegasus failed with error -32
[  557.901649][ T8991] batadv_slave_0: entered promiscuous mode
[  558.051264][ T2037] usb 6-1: Using ep0 maxpacket: 16
[  558.076804][ T2037] usb 6-1: config 0 has no interfaces?
[  558.082757][ T2037] usb 6-1: New USB device found, idVendor=09da, idProduct=0229, bcdDevice= 0.00
[  558.092563][ T2037] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  558.120770][ T2037] usb 6-1: config 0 descriptor??
[  558.167204][    T8] usb 3-1: new high-speed USB device number 11 using dummy_hcd
[  558.372902][    T8] usb 3-1: unable to get BOS descriptor or descriptor too short
[  558.390891][ T2037] usb 6-1: USB disconnect, device number 8
[  558.444068][    T8] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  558.459822][    T8] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 2
[  558.470803][    T8] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  558.496052][    T8] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  558.509161][    T8] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  558.518188][    T8] usb 3-1: Product: syz
[  558.522698][    T8] usb 3-1: Manufacturer: syz
[  558.527863][    T8] usb 3-1: SerialNumber: syz
[  558.764962][ T9007] loop0: detected capacity change from 0 to 2048
[  559.126643][   T44] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  559.284871][   T25] usb 5-1: USB disconnect, device number 7
[  559.378585][   T44] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  559.389418][   T44] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  559.399081][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  559.531635][   T44] usb 1-1: config 0 descriptor??
[  559.581454][   T44] pwc: Askey VC010 type 2 USB webcam detected.
[  560.140725][   T44] pwc: send_video_command error -71
[  560.147318][   T44] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  560.155417][   T44] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  560.250234][   T44] usb 1-1: USB disconnect, device number 9
[  560.776655][   T44] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  560.843429][ T9019] loop5: detected capacity change from 0 to 512
[  560.864742][ T9019] EXT4-fs: Ignoring removed bh option
[  560.887580][ T9019] ext4: Unknown parameter 'context'
[  561.015671][   T44] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  561.026346][   T44] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  561.028468][    T8] cdc_ncm 3-1:1.0: CDC Union missing and no IAD found
[  561.035626][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  561.051583][    T8] cdc_ncm 3-1:1.0: bind() failure
[  561.161939][   T44] usb 1-1: config 0 descriptor??
[  561.239807][   T44] pwc: Askey VC010 type 2 USB webcam detected.
[  561.258675][    T8] usb 3-1: USB disconnect, device number 11
[  561.677125][   T44] pwc: send_video_command error -71
[  561.682589][   T44] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  561.690931][   T44] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  561.856025][   T44] usb 1-1: USB disconnect, device number 10
[  562.426111][ T9030] netlink: 8 bytes leftover after parsing attributes in process `syz.4.914'.
[  562.893596][ T9038] netlink: 4 bytes leftover after parsing attributes in process `syz.2.915'.
[  562.989707][ T9030] xt_CT: No such helper "pptp"
[  564.409190][ T9042] FAULT_INJECTION: forcing a failure.
[  564.409190][ T9042] name failslab, interval 1, probability 0, space 0, times 0
[  564.422262][ T9042] CPU: 1 UID: 0 PID: 9042 Comm: syz.4.916 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  564.433191][ T9042] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  564.443505][ T9042] Call Trace:
[  564.446938][ T9042]  <TASK>
[  564.450000][ T9042]  dump_stack_lvl+0x216/0x2d0
[  564.454932][ T9042]  dump_stack+0x1e/0x30
[  564.459367][ T9042]  should_fail_ex+0x748/0x7f0
[  564.464292][ T9042]  should_failslab+0x17f/0x210
[  564.469302][ T9042]  __kmalloc_noprof+0x175/0xf30
[  564.474407][ T9042]  ? tomoyo_realpath_from_path+0x104/0xaa0
[  564.480486][ T9042]  ? kmsan_get_metadata+0x13e/0x1c0
[  564.485913][ T9042]  tomoyo_realpath_from_path+0x104/0xaa0
[  564.491885][ T9042]  ? __srcu_read_lock+0x76/0xd0
[  564.497036][ T9042]  tomoyo_path_number_perm+0x1d9/0x8f0
[  564.502699][ T9042]  ? kmsan_get_metadata+0x13e/0x1c0
[  564.508077][ T9042]  ? kmsan_get_metadata+0x13e/0x1c0
[  564.513432][ T9042]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  564.519473][ T9042]  tomoyo_file_ioctl+0x3f/0x50
[  564.524549][ T9042]  security_file_ioctl+0x145/0x590
[  564.530007][ T9042]  __se_sys_ioctl+0xd3/0x450
[  564.534914][ T9042]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  564.541034][ T9042]  __x64_sys_ioctl+0x96/0xe0
[  564.545950][ T9042]  x64_sys_call+0x18bf/0x3ba0
[  564.550950][ T9042]  do_syscall_64+0xcd/0x1e0
[  564.555792][ T9042]  ? clear_bhb_loop+0x25/0x80
[  564.560788][ T9042]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  564.567002][ T9042] RIP: 0033:0x7f4b0497e719
[  564.571663][ T9042] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  564.591612][ T9042] RSP: 002b:00007f4b0582d038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  564.600390][ T9042] RAX: ffffffffffffffda RBX: 00007f4b04b35f80 RCX: 00007f4b0497e719
[  564.608660][ T9042] RDX: 0000000020000080 RSI: 0000000000004b70 RDI: 0000000000000004
[  564.616861][ T9042] RBP: 00007f4b0582d090 R08: 0000000000000000 R09: 0000000000000000
[  564.625031][ T9042] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  564.633279][ T9042] R13: 0000000000000000 R14: 00007f4b04b35f80 R15: 00007ffefd73a918
[  564.641549][ T9042]  </TASK>
[  564.647193][ T9042] ERROR: Out of memory at tomoyo_realpath_from_path.
[  564.738957][ T9044] fuse: Unknown parameter 'user_id00000000000000000000'
[  565.217292][    T8] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[  565.406885][    T8] usb 3-1: Using ep0 maxpacket: 16
[  565.424971][    T8] usb 3-1: config 0 has no interfaces?
[  565.431106][    T8] usb 3-1: New USB device found, idVendor=09da, idProduct=0229, bcdDevice= 0.00
[  565.440803][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  565.511904][    T8] usb 3-1: config 0 descriptor??
[  565.737255][    T8] usb 3-1: USB disconnect, device number 12
[  566.155849][ T9055] loop4: detected capacity change from 0 to 512
[  566.164912][ T9055] EXT4-fs: Ignoring removed bh option
[  566.171247][ T9055] ext4: Unknown parameter 'context'
[  566.469660][ T9058] loop3: detected capacity change from 0 to 2048
[  566.484492][ T9058] EXT4-fs: Ignoring removed mblk_io_submit option
[  566.563038][ T9065] netlink: 8 bytes leftover after parsing attributes in process `syz.5.926'.
[  566.667488][ T9058] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  566.715101][ T9058] FAULT_INJECTION: forcing a failure.
[  566.715101][ T9058] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  566.729233][ T9058] CPU: 0 UID: 0 PID: 9058 Comm: syz.3.923 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  566.740153][ T9058] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  566.750471][ T9058] Call Trace:
[  566.753950][ T9058]  <TASK>
[  566.757074][ T9058]  dump_stack_lvl+0x216/0x2d0
[  566.762089][ T9058]  dump_stack+0x1e/0x30
[  566.766548][ T9058]  should_fail_ex+0x748/0x7f0
[  566.771534][ T9058]  should_fail+0x2a/0x40
[  566.776057][ T9058]  should_fail_usercopy+0x2e/0x40
[  566.781384][ T9058]  _copy_from_user+0x35/0x110
[  566.786360][ T9058]  memdup_user+0xc1/0x1b0
[  566.790955][ T9058]  strndup_user+0x100/0x1c0
[  566.795715][ T9058]  __se_sys_mount+0x6c/0x810
[  566.800595][ T9058]  ? fput+0x286/0x320
[  566.804827][ T9058]  ? ksys_write+0x405/0x4c0
[  566.809608][ T9058]  ? kmsan_get_metadata+0x13e/0x1c0
[  566.815059][ T9058]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  566.821130][ T9058]  __x64_sys_mount+0xe4/0x150
[  566.826093][ T9058]  x64_sys_call+0x255a/0x3ba0
[  566.831058][ T9058]  do_syscall_64+0xcd/0x1e0
[  566.835855][ T9058]  ? clear_bhb_loop+0x25/0x80
[  566.840807][ T9058]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  566.846992][ T9058] RIP: 0033:0x7fd8ab17e719
[  566.851637][ T9058] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  566.871538][ T9058] RSP: 002b:00007fd8ac01c038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  566.880247][ T9058] RAX: ffffffffffffffda RBX: 00007fd8ab335f80 RCX: 00007fd8ab17e719
[  566.888455][ T9058] RDX: 0000000020000340 RSI: 00000000200000c0 RDI: 0000000000000000
[  566.896658][ T9058] RBP: 00007fd8ac01c090 R08: 0000000020000000 R09: 0000000000000000
[  566.904857][ T9058] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  566.913044][ T9058] R13: 0000000000000000 R14: 00007fd8ab335f80 R15: 00007ffc9ab8cde8
[  566.921260][ T9058]  </TASK>
[  566.929997][    T8] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  566.952419][ T9065] xt_CT: No such helper "pptp"
[  567.158813][    T8] usb 1-1: Using ep0 maxpacket: 16
[  567.188629][    T8] usb 1-1: config index 0 descriptor too short (expected 16456, got 72)
[  567.197737][    T8] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  567.206396][    T8] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  567.214848][    T8] usb 1-1: config 0 has an invalid interface number: 125 but max is 1
[  567.223528][    T8] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  567.232972][    T8] usb 1-1: config 0 has no interface number 0
[  567.239462][    T8] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x4 has invalid maxpacket 21760, setting to 64
[  567.251005][    T8] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0xB has invalid wMaxPacketSize 0
[  567.267552][    T8] usb 1-1: config 0 interface 125 altsetting 4 endpoint 0x2 has invalid wMaxPacketSize 0
[  567.277912][    T8] usb 1-1: config 0 interface 125 altsetting 1 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  567.291594][    T8] usb 1-1: config 0 interface 125 has no altsetting 0
[  567.298765][    T8] usb 1-1: config 0 interface 125 has no altsetting 2
[  567.312002][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  567.383278][ T9074] FAULT_INJECTION: forcing a failure.
[  567.383278][ T9074] name failslab, interval 1, probability 0, space 0, times 0
[  567.397938][ T9074] CPU: 0 UID: 0 PID: 9074 Comm: syz.4.928 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  567.408853][ T9074] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  567.419166][ T9074] Call Trace:
[  567.422641][ T9074]  <TASK>
[  567.425761][ T9074]  dump_stack_lvl+0x216/0x2d0
[  567.430786][ T9074]  dump_stack+0x1e/0x30
[  567.435249][ T9074]  should_fail_ex+0x748/0x7f0
[  567.440259][ T9074]  should_failslab+0x17f/0x210
[  567.445292][ T9074]  __kmalloc_noprof+0x175/0xf30
[  567.450429][ T9074]  ? __rcu_read_unlock+0x7b/0xe0
[  567.455643][ T9074]  ? io_cqring_event_overflow+0xca/0x880
[  567.461574][ T9074]  ? kmsan_get_metadata+0x13e/0x1c0
[  567.467039][ T9074]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  567.473129][ T9074]  io_cqring_event_overflow+0xca/0x880
[  567.478894][ T9074]  io_req_cqe_overflow+0x122/0x1c0
[  567.484305][ T9074]  __io_submit_flush_completions+0x7eb/0x1be0
[  567.490707][ T9074]  io_submit_sqes+0x2b4d/0x2f30
[  567.495886][ T9074]  __se_sys_io_uring_enter+0x406/0x41c0
[  567.501732][ T9074]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  567.508106][ T9074]  ? kmsan_get_metadata+0x13e/0x1c0
[  567.513566][ T9074]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  567.519634][ T9074]  ? vfs_write+0xf40/0x1540
[  567.524407][ T9074]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  567.531042][ T9074]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  567.537425][ T9074]  __x64_sys_io_uring_enter+0x11f/0x1a0
[  567.543283][ T9074]  x64_sys_call+0x2b54/0x3ba0
[  567.548283][ T9074]  do_syscall_64+0xcd/0x1e0
[  567.553127][ T9074]  ? clear_bhb_loop+0x25/0x80
[  567.558088][ T9074]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  567.564277][ T9074] RIP: 0033:0x7f4b0497e719
[  567.568921][ T9074] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  567.588829][ T9074] RSP: 002b:00007f4b0582d038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[  567.597542][ T9074] RAX: ffffffffffffffda RBX: 00007f4b04b35f80 RCX: 00007f4b0497e719
[  567.605754][ T9074] RDX: 0000000000000000 RSI: 0000000000002d3e RDI: 0000000000000004
[  567.613950][ T9074] RBP: 00007f4b0582d090 R08: 0000000000000000 R09: 0000000000000000
[  567.622142][ T9074] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  567.630347][ T9074] R13: 0000000000000000 R14: 00007f4b04b35f80 R15: 00007ffefd73a918
[  567.638570][ T9074]  </TASK>
[  567.797730][    T8] usb 1-1: New USB device found, idVendor=050d, idProduct=0002, bcdDevice=23.27
[  567.807275][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  567.815567][    T8] usb 1-1: Product: syz
[  567.820187][    T8] usb 1-1: Manufacturer: syz
[  567.825040][    T8] usb 1-1: SerialNumber: syz
[  567.890824][    T8] usb 1-1: config 0 descriptor??
[  567.917782][    T8] usb 1-1: selecting invalid altsetting 2
[  567.937099][ T9082] Cannot find add_set index 0 as target
[  568.241834][ T9089] ieee802154 phy0 wpan0: encryption failed: -22
[  568.342395][ T9091] overlay: Unknown parameter '/'
[  568.376860][ T9091] loop5: detected capacity change from 0 to 8
[  568.512285][ T9063] input: syz0 as /devices/virtual/input/input6
[  568.885109][ T9099] loop5: detected capacity change from 0 to 512
[  568.920792][ T9099] EXT4-fs: Ignoring removed bh option
[  568.927553][ T9099] ext4: Unknown parameter 'context'
[  568.946778][    T8] get_1284_register timeout
[  568.951870][    C0] usb 1-1: async_complete: urb error -104
[  568.958348][    C0] usb 1-1: async_complete: urb error -104
[  568.964783][    C0] usb 1-1: async_complete: urb error -104
[  568.971052][    T8] uss720 1-1:0.125: probe with driver uss720 failed with error -5
[  569.237921][    T8] usb 1-1: USB disconnect, device number 11
[  569.336893][ T9107] loop0: detected capacity change from 0 to 64
[  569.525649][ T5809] Bluetooth: hci1: unexpected event for opcode 0x2062
[  569.559198][ T9110] netlink: 4 bytes leftover after parsing attributes in process `syz.2.941'.
[  569.630902][ T9112] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  570.299002][ T9121] FAULT_INJECTION: forcing a failure.
[  570.299002][ T9121] name failslab, interval 1, probability 0, space 0, times 0
[  570.312705][ T9121] CPU: 1 UID: 0 PID: 9121 Comm: syz.5.947 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  570.323627][ T9121] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  570.333939][ T9121] Call Trace:
[  570.337425][ T9121]  <TASK>
[  570.340547][ T9121]  dump_stack_lvl+0x216/0x2d0
[  570.345569][ T9121]  dump_stack+0x1e/0x30
[  570.350055][ T9121]  should_fail_ex+0x748/0x7f0
[  570.355071][ T9121]  should_failslab+0x17f/0x210
[  570.360136][ T9121]  __kmalloc_cache_noprof+0xbf/0xb00
[  570.365771][ T9121]  ? __memcg_slab_free_hook+0x195/0x570
[  570.371627][ T9121]  ? rtnl_newlink+0x7a/0x4200
[  570.376638][ T9121]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  570.382763][ T9121]  rtnl_newlink+0x7a/0x4200
[  570.387553][ T9121]  ? kmem_cache_free+0x401/0xdf0
[  570.392784][ T9121]  ? __kfree_skb+0x1f6/0x250
[  570.397649][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.403102][ T9121]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  570.409742][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.415194][ T9121]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  570.421831][ T9121]  ? kmsan_internal_unpoison_memory+0x14/0x20
[  570.428209][ T9121]  ? apparmor_capable+0x355/0x400
[  570.433529][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.438985][ T9121]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  570.445058][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.450510][ T9121]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  570.457145][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.462596][ T9121]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  570.468664][ T9121]  ? __pfx_rtnl_newlink+0x10/0x10
[  570.473962][ T9121]  ? __pfx_rtnl_newlink+0x10/0x10
[  570.479261][ T9121]  rtnetlink_rcv_msg+0x12fc/0x1410
[  570.484674][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.490151][ T9121]  netlink_rcv_skb+0x375/0x650
[  570.495230][ T9121]  ? __pfx_rtnetlink_rcv_msg+0x10/0x10
[  570.500998][ T9121]  ? __pfx_rtnetlink_rcv+0x10/0x10
[  570.506409][ T9121]  rtnetlink_rcv+0x34/0x40
[  570.511110][ T9121]  netlink_unicast+0xf52/0x1260
[  570.516293][ T9121]  netlink_sendmsg+0x10da/0x11e0
[  570.521603][ T9121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  570.527195][ T9121]  ? __pfx_netlink_sendmsg+0x10/0x10
[  570.532813][ T9121]  __sock_sendmsg+0x30f/0x380
[  570.537792][ T9121]  ____sys_sendmsg+0x877/0xb60
[  570.542878][ T9121]  ___sys_sendmsg+0x28d/0x3c0
[  570.547837][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.553309][ T9121]  ? __rcu_read_unlock+0x7b/0xe0
[  570.558565][ T9121]  ? __fget_files+0x4f5/0x5c0
[  570.563558][ T9121]  ? kmsan_get_metadata+0x13e/0x1c0
[  570.569009][ T9121]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  570.575082][ T9121]  __x64_sys_sendmsg+0x300/0x4a0
[  570.580317][ T9121]  ? perf_mmap+0x1420/0x28d0
[  570.585203][ T9121]  x64_sys_call+0x2da0/0x3ba0
[  570.590199][ T9121]  do_syscall_64+0xcd/0x1e0
[  570.595012][ T9121]  ? clear_bhb_loop+0x25/0x80
[  570.599974][ T9121]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  570.606145][ T9121] RIP: 0033:0x7f5332f7e719
[  570.610794][ T9121] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  570.630690][ T9121] RSP: 002b:00007f5333e0f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  570.639407][ T9121] RAX: ffffffffffffffda RBX: 00007f5333135f80 RCX: 00007f5332f7e719
[  570.647631][ T9121] RDX: 0000000000000000 RSI: 0000000020000040 RDI: 0000000000000005
[  570.655834][ T9121] RBP: 00007f5333e0f090 R08: 0000000000000000 R09: 0000000000000000
[  570.664044][ T9121] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  570.672246][ T9121] R13: 0000000000000000 R14: 00007f5333135f80 R15: 00007ffd596f3698
[  570.680478][ T9121]  </TASK>
[  571.120917][ T9135] netlink: 32 bytes leftover after parsing attributes in process `syz.5.952'.
[  571.637166][ T9138] netlink: 'syz.3.954': attribute type 1 has an invalid length.
[  571.828238][ T9150] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  572.040010][ T9138] loop3: detected capacity change from 0 to 1024
[  572.060134][ T9157] FAULT_INJECTION: forcing a failure.
[  572.060134][ T9157] name failslab, interval 1, probability 0, space 0, times 0
[  572.076936][ T9157] CPU: 1 UID: 0 PID: 9157 Comm: syz.0.962 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  572.087870][ T9157] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  572.098185][ T9157] Call Trace:
[  572.101646][ T9157]  <TASK>
[  572.104762][ T9157]  dump_stack_lvl+0x216/0x2d0
[  572.109779][ T9157]  dump_stack+0x1e/0x30
[  572.114284][ T9157]  should_fail_ex+0x748/0x7f0
[  572.119300][ T9157]  should_failslab+0x17f/0x210
[  572.124349][ T9157]  __kmalloc_noprof+0x175/0xf30
[  572.129535][ T9157]  ? filter_irq_stacks+0x60/0x1a0
[  572.134907][ T9157]  ? genl_family_rcv_msg_attrs_parse+0x114/0x430
[  572.141574][ T9157]  ? kmsan_get_metadata+0x13e/0x1c0
[  572.147075][ T9157]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  572.153194][ T9157]  genl_family_rcv_msg_attrs_parse+0x114/0x430
[  572.159695][ T9157]  ? genl_rcv_msg+0xc4e/0x12c0
[  572.164773][ T9157]  genl_rcv_msg+0xc83/0x12c0
[  572.169670][ T9157]  ? filter_irq_stacks+0x164/0x1a0
[  572.175146][ T9157]  ? __pfx_ethnl_default_set_doit+0x10/0x10
[  572.181474][ T9157]  ? kmsan_get_metadata+0x13e/0x1c0
[  572.186994][ T9157]  netlink_rcv_skb+0x375/0x650
[  572.192123][ T9157]  ? __pfx_genl_rcv_msg+0x10/0x10
[  572.197463][ T9157]  ? __pfx_genl_rcv+0x10/0x10
[  572.202424][ T9157]  genl_rcv+0x40/0x60
[  572.206694][ T9157]  netlink_unicast+0xf52/0x1260
[  572.211874][ T9157]  netlink_sendmsg+0x10da/0x11e0
[  572.217165][ T9157]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.222798][ T9157]  ? __pfx_netlink_sendmsg+0x10/0x10
[  572.228446][ T9157]  __sock_sendmsg+0x30f/0x380
[  572.233415][ T9157]  ____sys_sendmsg+0x877/0xb60
[  572.238529][ T9157]  ___sys_sendmsg+0x28d/0x3c0
[  572.243520][ T9157]  ? kmsan_get_metadata+0x13e/0x1c0
[  572.249030][ T9157]  ? __rcu_read_unlock+0x7b/0xe0
[  572.254272][ T9157]  ? __fget_files+0x4f5/0x5c0
[  572.259295][ T9157]  ? kmsan_get_metadata+0x13e/0x1c0
[  572.264775][ T9157]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  572.270865][ T9157]  __x64_sys_sendmsg+0x300/0x4a0
[  572.276118][ T9157]  ? perf_mmap+0x1420/0x28d0
[  572.281003][ T9157]  x64_sys_call+0x2da0/0x3ba0
[  572.285985][ T9157]  do_syscall_64+0xcd/0x1e0
[  572.290790][ T9157]  ? clear_bhb_loop+0x25/0x80
[  572.295750][ T9157]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  572.301921][ T9157] RIP: 0033:0x7f156dd7e719
[  572.306564][ T9157] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  572.326453][ T9157] RSP: 002b:00007f156c1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  572.335169][ T9157] RAX: ffffffffffffffda RBX: 00007f156df35f80 RCX: 00007f156dd7e719
[  572.343378][ T9157] RDX: 0000000000000000 RSI: 00000000200004c0 RDI: 0000000000000003
[  572.351570][ T9157] RBP: 00007f156c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  572.359764][ T9157] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  572.368014][ T9157] R13: 0000000000000000 R14: 00007f156df35f80 R15: 00007fff1ef6c3f8
[  572.376264][ T9157]  </TASK>
[  572.856532][ T9165] loop4: detected capacity change from 0 to 512
[  572.884729][ T9164] netlink: 808 bytes leftover after parsing attributes in process `syz.5.964'.
[  573.026583][   T44] usb 1-1: new high-speed USB device number 12 using dummy_hcd
[  573.207835][   T44] usb 1-1: Using ep0 maxpacket: 32
[  573.225667][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  573.237302][   T44] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  573.248559][   T44] usb 1-1: New USB device found, idVendor=0e8f, idProduct=0012, bcdDevice= 0.00
[  573.258250][   T44] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  573.275484][   T44] usb 1-1: config 0 descriptor??
[  573.426791][   T25] usb 6-1: new full-speed USB device number 9 using dummy_hcd
[  573.452652][ T5809] Bluetooth: hci2: Malformed HCI Event: 0x22
[  573.587349][ T5809] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  573.596746][ T5809] Bluetooth: hci1: Injecting HCI hardware error event
[  573.612958][ T5809] Bluetooth: hci1: hardware error 0x00
[  573.791829][ T9160] loop0: detected capacity change from 0 to 64
[  574.046109][ T9160] loop0: detected capacity change from 0 to 256
[  574.682079][   T25] usb 6-1: unable to get BOS descriptor or descriptor too short
[  574.776607][   T25] usb 6-1: not running at top speed; connect to a high speed hub
[  574.861077][   T25] usb 6-1: config 129 has an invalid interface number: 135 but max is 0
[  574.870184][   T25] usb 6-1: config 129 descriptor has 1 excess byte, ignoring
[  574.878279][   T25] usb 6-1: config 129 has 2 interfaces, different from the descriptor's value: 1
[  574.887916][   T25] usb 6-1: config 129 has no interface number 1
[  574.894607][   T25] usb 6-1: config 129 interface 135 altsetting 6 has 0 endpoint descriptors, different from the interface descriptor's value: 9
[  574.908451][   T25] usb 6-1: config 129 interface 135 has no altsetting 0
[  575.299912][   T44] greenasia 0003:0E8F:0012.0006: item fetching failed at offset 0/3
[  575.359591][   T44] greenasia 0003:0E8F:0012.0006: parse failed
[  575.366917][   T44] greenasia 0003:0E8F:0012.0006: probe with driver greenasia failed with error -22
[  575.408233][   T25] usb 6-1: New USB device found, idVendor=2040, idProduct=721f, bcdDevice=f2.62
[  575.418177][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  575.426659][   T25] usb 6-1: Product: syz
[  575.431081][   T25] usb 6-1: Manufacturer: syz
[  575.435110][ T9188] netlink: 48 bytes leftover after parsing attributes in process `syz.4.974'.
[  575.435833][   T25] usb 6-1: SerialNumber: syz
[  575.587835][ T9188] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  575.629946][   T44] usb 1-1: USB disconnect, device number 12
[  575.817385][ T5809] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  576.791112][ T9193] FAULT_INJECTION: forcing a failure.
[  576.791112][ T9193] name failslab, interval 1, probability 0, space 0, times 0
[  576.804506][ T9193] CPU: 0 UID: 0 PID: 9193 Comm: syz.3.976 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  576.816374][ T9193] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  576.826694][ T9193] Call Trace:
[  576.830171][ T9193]  <TASK>
[  576.833290][ T9193]  dump_stack_lvl+0x216/0x2d0
[  576.838289][ T9193]  dump_stack+0x1e/0x30
[  576.842736][ T9193]  should_fail_ex+0x748/0x7f0
[  576.847781][ T9193]  should_failslab+0x17f/0x210
[  576.852822][ T9193]  __kmalloc_noprof+0x175/0xf30
[  576.857987][ T9193]  ? tomoyo_realpath_from_path+0x104/0xaa0
[  576.864083][ T9193]  ? kmsan_get_metadata+0x13e/0x1c0
[  576.869563][ T9193]  tomoyo_realpath_from_path+0x104/0xaa0
[  576.875504][ T9193]  ? __srcu_read_lock+0x76/0xd0
[  576.880752][ T9193]  tomoyo_path_number_perm+0x1d9/0x8f0
[  576.886580][ T9193]  ? kmsan_get_metadata+0x13e/0x1c0
[  576.892076][ T9193]  ? kmsan_get_metadata+0x13e/0x1c0
[  576.897560][ T9193]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  576.903671][ T9193]  tomoyo_file_ioctl+0x3f/0x50
[  576.908737][ T9193]  security_file_ioctl+0x145/0x590
[  576.914181][ T9193]  __se_sys_ioctl+0xd3/0x450
[  576.919056][ T9193]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  576.925139][ T9193]  __x64_sys_ioctl+0x96/0xe0
[  576.930020][ T9193]  x64_sys_call+0x18bf/0x3ba0
[  576.935026][ T9193]  do_syscall_64+0xcd/0x1e0
[  576.939860][ T9193]  ? clear_bhb_loop+0x25/0x80
[  576.944830][ T9193]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  576.951050][ T9193] RIP: 0033:0x7fd8ab17e719
[  576.955714][ T9193] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  576.975634][ T9193] RSP: 002b:00007fd8ac01c038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  576.984364][ T9193] RAX: ffffffffffffffda RBX: 00007fd8ab335f80 RCX: 00007fd8ab17e719
[  576.992589][ T9193] RDX: 0000000000000000 RSI: 00000000c008561c RDI: 0000000000000004
[  577.000821][ T9193] RBP: 00007fd8ac01c090 R08: 0000000000000000 R09: 0000000000000000
[  577.009063][ T9193] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  577.017285][ T9193] R13: 0000000000000000 R14: 00007fd8ab335f80 R15: 00007ffc9ab8cde8
[  577.025543][ T9193]  </TASK>
[  577.034640][ T9193] ERROR: Out of memory at tomoyo_realpath_from_path.
[  577.645019][   T25] au0828: au0828: Device initialization failed.
[  577.651646][   T25] au0828: au0828: Device must be connected to a high-speed USB 2.0 port.
[  577.722346][   T25] usb 6-1: USB disconnect, device number 9
[  578.241500][ T9216] netlink: 32 bytes leftover after parsing attributes in process `syz.5.983'.
[  578.612372][ T9222] netlink: 48 bytes leftover after parsing attributes in process `syz.4.987'.
[  578.690498][ T9224] FAULT_INJECTION: forcing a failure.
[  578.690498][ T9224] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  578.704770][ T9224] CPU: 1 UID: 0 PID: 9224 Comm: syz.5.988 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  578.715684][ T9224] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  578.717812][    T8] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  578.725891][ T9224] Call Trace:
[  578.725948][ T9224]  <TASK>
[  578.726002][ T9224]  dump_stack_lvl+0x216/0x2d0
[  578.726200][ T9224]  dump_stack+0x1e/0x30
[  578.726372][ T9224]  should_fail_ex+0x748/0x7f0
[  578.726564][ T9224]  should_fail+0x2a/0x40
[  578.726728][ T9224]  should_fail_usercopy+0x2e/0x40
[  578.726915][ T9224]  strncpy_from_user+0x39/0x550
[  578.727082][ T9224]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  578.727238][ T9224]  getname_flags+0x187/0xa30
[  578.727378][ T9224]  ? kmsan_get_metadata+0x13e/0x1c0
[  578.727518][ T9224]  user_path_at+0x45/0x390
[  578.727669][ T9224]  ? __se_sys_mount+0x644/0x810
[  578.727834][ T9224]  ? __x64_sys_mount+0xe4/0x150
[  578.727993][ T9224]  ? _copy_from_user+0xce/0x110
[  578.728173][ T9224]  __se_sys_mount+0x668/0x810
[  578.728346][ T9224]  ? ksys_write+0x405/0x4c0
[  578.728520][ T9224]  __x64_sys_mount+0xe4/0x150
[  578.728692][ T9224]  x64_sys_call+0x255a/0x3ba0
[  578.728867][ T9224]  do_syscall_64+0xcd/0x1e0
[  578.729044][ T9224]  ? clear_bhb_loop+0x25/0x80
[  578.729225][ T9224]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  578.729395][ T9224] RIP: 0033:0x7f5332f7e719
[  578.729504][ T9224] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  578.729636][ T9224] RSP: 002b:00007f5333e0f038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  578.729781][ T9224] RAX: ffffffffffffffda RBX: 00007f5333135f80 RCX: 00007f5332f7e719
[  578.729891][ T9224] RDX: 0000000020000180 RSI: 0000000020000000 RDI: 0000000000000000
[  578.729989][ T9224] RBP: 00007f5333e0f090 R08: 00000000200004c0 R09: 0000000000000000
[  578.730090][ T9224] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  578.730182][ T9224] R13: 0000000000000000 R14: 00007f5333135f80 R15: 00007ffd596f3698
[  578.730304][ T9224]  </TASK>
[  578.778923][ T9225] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  579.096805][    T8] usb 4-1: Using ep0 maxpacket: 16
[  579.172129][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  579.184070][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  579.194511][    T8] usb 4-1: New USB device found, idVendor=056a, idProduct=5000, bcdDevice= 0.00
[  579.204272][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  579.217293][ T9205] overlayfs: failed to resolve './file0': -2
[  579.337312][    T8] usb 4-1: config 0 descriptor??
[  579.533123][ T2037] usb 3-1: new full-speed USB device number 13 using dummy_hcd
[  580.194610][ T9221] loop0: detected capacity change from 0 to 4096
[  580.318274][ T9218] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  580.327666][ T9218] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  580.871155][    T8] usbhid 4-1:0.0: can't add hid device: -71
[  580.871717][    T8] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[  580.883587][    T8] usb 4-1: USB disconnect, device number 7
[  581.101702][ T9221] ntfs3(loop0): Failed to load $Extend (-22).
[  581.101830][ T9221] ntfs3(loop0): Failed to initialize $Extend.
[  582.357958][   T25] usb 1-1: new high-speed USB device number 13 using dummy_hcd
[  582.482134][ T9256] netlink: 32 bytes leftover after parsing attributes in process `syz.2.997'.
[  582.536970][   T25] usb 1-1: Using ep0 maxpacket: 16
[  582.574366][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  582.585940][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  582.596990][   T25] usb 1-1: New USB device found, idVendor=054c, idProduct=05c4, bcdDevice= 0.00
[  582.606493][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  582.714932][   T25] usb 1-1: config 0 descriptor??
[  583.014812][ T9261] netlink: 48 bytes leftover after parsing attributes in process `syz.3.1000'.
[  583.072633][ T9261] openvswitch: netlink: IP tunnel attribute has 4 unknown bytes.
[  583.170731][   T25] playstation 0003:054C:05C4.0007: hidraw0: USB HID v0.00 Device [HID 054c:05c4] on usb-dummy_hcd.0-1/input0
[  583.210696][ T9266] netlink: 32 bytes leftover after parsing attributes in process `syz.5.998'.
[  583.268191][ T9268] loop4: detected capacity change from 0 to 64
[  583.361134][ T9268] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop4
[  583.413301][   T25] playstation 0003:054C:05C4.0007: Invalid reportID received, expected 18 got 0
[  583.423193][   T25] playstation 0003:054C:05C4.0007: Failed to retrieve DualShock4 pairing info: -22
[  583.438233][   T25] playstation 0003:054C:05C4.0007: Failed to get MAC address from DualShock4
[  583.448821][   T25] playstation 0003:054C:05C4.0007: Failed to create dualshock4.
[  583.530105][   T25] playstation 0003:054C:05C4.0007: probe with driver playstation failed with error -22
[  583.609263][   T25] usb 1-1: USB disconnect, device number 13
[  583.958296][ T9277] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1003'.
[  584.083387][ T5809] Bluetooth: hci2: Malformed HCI Event: 0x22
[  584.496831][   T25] usb 1-1: new high-speed USB device number 14 using dummy_hcd
[  584.735716][   T25] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  584.747498][   T25] usb 1-1: New USB device found, idVendor=145f, idProduct=0212, bcdDevice= 0.00
[  584.764935][   T25] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  585.622983][ T9291] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1009'.
[  585.737478][   T25] usb 1-1: config 0 descriptor??
[  586.754423][   T25] uclogic 0003:145F:0212.0008: interface is invalid, ignoring
[  586.958207][ T2037] usb 1-1: USB disconnect, device number 14
[  587.775769][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  587.783148][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  587.828607][ T9305] loop4: detected capacity change from 0 to 2048
[  588.021594][ T9320] team0: Port device macvlan1 added
[  588.064744][ T9323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  588.090332][ T9305] team0: entered promiscuous mode
[  588.095676][ T9305] team_slave_0: entered promiscuous mode
[  588.102969][ T9305] team_slave_1: entered promiscuous mode
[  588.109795][ T9305] macvlan1: entered promiscuous mode
[  588.153900][ T9320] macvlan1: left promiscuous mode
[  588.184222][ T9320] team0: Port device macvlan1 removed
[  588.208418][ T9324] loop0: detected capacity change from 0 to 1024
[  588.231045][ T9324] EXT4-fs (loop0): blocks per group (131072) and clusters per group (8192) inconsistent
[  588.295151][ T9323] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  588.316055][ T9324] capability: warning: `syz.0.1019' uses 32-bit capabilities (legacy support in use)
[  588.317136][ T9304] team0: left promiscuous mode
[  588.331352][ T9304] team_slave_0: left promiscuous mode
[  588.337978][ T9304] team_slave_1: left promiscuous mode
[  589.031400][ T9330] netlink: 32 bytes leftover after parsing attributes in process `syz.4.1021'.
[  589.276529][ T2037] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  589.685544][ T5809] Bluetooth: hci4: Malformed HCI Event: 0x22
[  590.259246][ T9324] loop0: detected capacity change from 0 to 32768
[  590.918491][ T2037] usb 4-1: config 29 has an invalid descriptor of length 0, skipping remainder of the config
[  591.086820][ T2037] usb 4-1: New USB device found, idVendor=22b8, idProduct=4b48, bcdDevice=3f.f0
[  591.098049][ T2037] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  591.107670][ T2037] usb 4-1: Product: syz
[  591.112084][ T2037] usb 4-1: Manufacturer: syz
[  591.122493][ T2037] usb 4-1: SerialNumber: syz
[  591.733408][ T2037] usb 4-1: can't set config #29, error -71
[  591.806079][ T2037] usb 4-1: USB disconnect, device number 8
[  592.165428][ T9344] vlan2: entered promiscuous mode
[  592.170969][ T9344] net veth1_virt_wifi virt_wifi0: entered promiscuous mode
[  592.179680][ T9344] vlan2: entered allmulticast mode
[  592.185045][ T9344] net veth1_virt_wifi virt_wifi0: entered allmulticast mode
[  592.662039][ T9344] loop3: detected capacity change from 0 to 64
[  592.875218][ T9349] loop5: detected capacity change from 0 to 512
[  593.076883][ T5809] Bluetooth: hci2: Malformed HCI Event: 0x22
[  593.314783][ T9360] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1033'.
[  593.422088][ T9357] loop0: detected capacity change from 0 to 128
[  593.448646][ T9363] loop5: detected capacity change from 0 to 1024
[  593.640169][ T9363] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1034'.
[  593.859497][ T9363] sp0: Synchronizing with TNC
[  594.070405][ T2037] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[  594.236696][ T2037] usb 1-1: Using ep0 maxpacket: 32
[  594.274702][ T2037] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  594.286646][ T2037] usb 1-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  594.303734][ T2037] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  594.313408][ T2037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  594.525861][ T9380] loop5: detected capacity change from 0 to 256
[  594.602474][ T9380] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  594.756834][ T9380] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=512, location=512
[  594.767089][ T9380] UDF-fs: warning (device loop5): udf_load_vrs: No anchor found
[  594.775042][ T9380] UDF-fs: Scanning with blocksize 512 failed
[  594.884981][ T9380] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  595.032825][ T2037] hub 1-1:4.0: USB hub found
[  595.084334][ T9380] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  595.709318][ T2037] hub 1-1:4.0: 10 ports detected
[  595.715774][ T2037] hub 1-1:4.0: insufficient power available to use all downstream ports
[  595.794014][ T9388] loop4: detected capacity change from 0 to 64
[  596.397637][ T9368] loop0: detected capacity change from 0 to 512
[  596.497118][ T5809] Bluetooth: hci4: unexpected event for opcode 0x2062
[  596.786104][ T9368] EXT4-fs (loop0): 1 orphan inode deleted
[  596.794974][ T9368] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  597.278034][ T9368] EXT4-fs error (device loop0): ext4_add_entry:2437: inode #2: comm syz.0.1037: Directory hole found for htree leaf block 0
[  597.380551][ T9397] EXT4-fs error (device loop0): ext4_add_entry:2437: inode #2: comm syz.0.1037: Directory hole found for htree leaf block 0
[  597.583716][ T2037] hub 1-1:4.0: set hub depth failed
[  597.702441][ T2037] usb 1-1: USB disconnect, device number 15
[  597.751798][ T9401] loop3: detected capacity change from 0 to 128
[  598.040033][ T9413] loop3: detected capacity change from 0 to 64
[  598.060467][ T9413] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop3
[  598.068951][ T9411] loop5: detected capacity change from 0 to 1024
[  598.431480][ T5792] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  598.914561][ T5809] Bluetooth: hci2: Malformed HCI Event: 0x22
[  599.176723][ T2037] usb 4-1: new full-speed USB device number 9 using dummy_hcd
[  599.354098][ T2037] usb 4-1: config 0 has an invalid interface number: 124 but max is 0
[  599.363156][ T2037] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  599.373854][ T2037] usb 4-1: config 0 has no interface number 0
[  599.380544][ T2037] usb 4-1: config 0 interface 124 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  599.391881][ T2037] usb 4-1: config 0 interface 124 altsetting 0 endpoint 0xC has invalid maxpacket 512, setting to 64
[  599.403221][ T2037] usb 4-1: config 0 interface 124 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  599.600776][ T9432] loop0: detected capacity change from 0 to 256
[  599.924477][ T9427] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1055'.
[  600.047895][ T9427] netlink: 'syz.0.1055': attribute type 29 has an invalid length.
[  600.076551][ T9436] loop4: detected capacity change from 0 to 64
[  600.191406][ T9427] netlink: 'syz.0.1055': attribute type 29 has an invalid length.
[  600.568799][ T5809] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[  600.577716][ T5809] Bluetooth: hci4: Injecting HCI hardware error event
[  600.585670][ T5809] Bluetooth: hci4: hardware error 0x00
[  600.598319][ T2037] usb 4-1: New USB device found, idVendor=058f, idProduct=9720, bcdDevice=ec.28
[  600.608303][ T2037] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  600.616764][ T2037] usb 4-1: Product: syz
[  600.621229][ T2037] usb 4-1: Manufacturer: syz
[  600.626083][ T2037] usb 4-1: SerialNumber: syz
[  601.587853][ T2037] usb 4-1: config 0 descriptor??
[  601.624192][ T9425] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  601.712977][ T9425] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  601.790965][ T9446] loop0: detected capacity change from 0 to 64
[  601.885765][ T9446] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop0
[  601.893390][ T2037] pl2303 4-1:0.124: required endpoints missing
[  601.928317][ T9448] loop4: detected capacity change from 0 to 128
[  602.005110][ T2037] usb 4-1: USB disconnect, device number 9
[  602.357219][   T25] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  602.386796][ T2037] usb 4-1: new high-speed USB device number 10 using dummy_hcd
[  602.544172][   T25] usb 5-1: Using ep0 maxpacket: 32
[  602.566479][ T2037] usb 4-1: Using ep0 maxpacket: 32
[  602.602070][   T25] usb 5-1: unable to get BOS descriptor or descriptor too short
[  602.612639][ T2037] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  602.618933][   T25] usb 5-1: config 8 has an invalid interface number: 100 but max is 0
[  602.624281][ T2037] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  602.632863][   T25] usb 5-1: config 8 has no interface number 0
[  602.642781][ T2037] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  602.648520][   T25] usb 5-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  602.648698][   T25] usb 5-1: config 8 interface 100 has no altsetting 0
[  602.677597][ T2037] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  602.721069][ T5809] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[  602.730870][   T25] usb 5-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  602.741039][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  602.749529][   T25] usb 5-1: Product: syz
[  602.753952][   T25] usb 5-1: Manufacturer: syz
[  602.758942][   T25] usb 5-1: SerialNumber: syz
[  602.777380][ T2037] hub 4-1:4.0: USB hub found
[  602.970230][ T2037] hub 4-1:4.0: 10 ports detected
[  602.977397][ T2037] hub 4-1:4.0: insufficient power available to use all downstream ports
[  603.135869][ T9467] loop0: detected capacity change from 0 to 256
[  603.167882][   T25] usb 5-1: Found UVC 0.00 device syz (8086:0b5c)
[  603.174999][   T25] usb 5-1: No valid video chain found.
[  603.187715][   T25] usb 5-1: USB disconnect, device number 8
[  603.526519][ T9452] loop3: detected capacity change from 0 to 512
[  603.533897][ T9011] usb 3-1: new high-speed USB device number 14 using dummy_hcd
[  603.552906][ T9474] loop5: detected capacity change from 0 to 64
[  603.588771][ T9467] FAT-fs (loop0): Directory bread(block 64) failed
[  603.595786][ T9467] FAT-fs (loop0): Directory bread(block 65) failed
[  603.603294][ T9467] FAT-fs (loop0): Directory bread(block 66) failed
[  603.615776][ T9467] FAT-fs (loop0): Directory bread(block 67) failed
[  603.624645][ T9467] FAT-fs (loop0): Directory bread(block 68) failed
[  603.631799][ T9467] FAT-fs (loop0): Directory bread(block 69) failed
[  603.639111][ T9467] FAT-fs (loop0): Directory bread(block 70) failed
[  603.646086][ T9467] FAT-fs (loop0): Directory bread(block 71) failed
[  603.653533][ T9467] FAT-fs (loop0): Directory bread(block 72) failed
[  603.660627][ T9467] FAT-fs (loop0): Directory bread(block 73) failed
[  603.706918][ T9011] usb 3-1: Using ep0 maxpacket: 8
[  603.730527][ T9452] EXT4-fs (loop3): 1 orphan inode deleted
[  603.738601][ T9452] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  603.798603][ T9011] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  603.813721][ T9011] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  603.825233][ T9011] usb 3-1: New USB device found, idVendor=046a, idProduct=0027, bcdDevice= 0.00
[  603.834835][ T9011] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  603.985252][ T9011] usb 3-1: config 0 descriptor??
[  604.034782][ T9452] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.1065: Directory hole found for htree leaf block 0
[  604.263258][ T9452] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.1065: Directory hole found for htree leaf block 0
[  604.513611][ T9011] cherry 0003:046A:0027.0009: unknown main item tag 0x0
[  604.521136][ T9011] cherry 0003:046A:0027.0009: unknown main item tag 0xe
[  604.533954][ T9011] cherry 0003:046A:0027.0009: unknown main item tag 0x5
[  604.542750][ T9011] cherry 0003:046A:0027.0009: unknown main item tag 0x4
[  604.550262][ T9011] cherry 0003:046A:0027.0009: ignoring exceeding usage max
[  604.567227][ T9011] cherry 0003:046A:0027.0009: usage index exceeded
[  604.574065][ T9011] cherry 0003:046A:0027.0009: item 0 0 2 0 parsing failed
[  604.586493][ T9011] cherry 0003:046A:0027.0009: probe with driver cherry failed with error -22
[  604.904130][ T2037] hub 4-1:4.0: set hub depth failed
[  604.972862][ T2037] usb 4-1: USB disconnect, device number 10
[  605.072808][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  605.430083][ T9488] loop4: detected capacity change from 0 to 64
[  605.528414][ T9488] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop4
[  605.800263][ T9495] loop3: detected capacity change from 0 to 1024
[  605.815366][ T9495] EXT4-fs: Ignoring removed oldalloc option
[  605.898513][ T9495] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  606.115699][ T9011] usb 3-1: USB disconnect, device number 14
[  606.301146][ T9500] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1078'.
[  606.947600][ T9491] loop5: detected capacity change from 0 to 4096
[  607.136426][ T9491] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  607.364757][ T9491] netlink: 48 bytes leftover after parsing attributes in process `syz.5.1077'.
[  607.456673][ T9011] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[  607.700656][ T9011] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  607.715741][ T9011] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  607.727075][ T9011] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  607.740666][ T9011] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  607.752210][ T9011] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  607.827146][   T25] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  607.996519][   T25] usb 6-1: device descriptor read/64, error -71
[  608.077967][ T9011] usb 3-1: config 0 descriptor??
[  608.306811][   T25] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[  608.509699][ T9011] plantronics 0003:047F:FFFF.000A: unknown main item tag 0x0
[  608.534299][ T9011] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  608.551295][ T9011] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.2-1/input0
[  608.569077][   T25] usb 6-1: device descriptor read/64, error -71
[  608.738461][   T25] usb usb6-port1: attempt power cycle
[  608.755716][ T7694] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  608.769704][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.144719][ T9518] loop5: detected capacity change from 0 to 512
[  610.295306][ T9518] EXT4-fs (loop5): 1 orphan inode deleted
[  610.303532][ T9518] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  610.361908][ T9520] loop3: detected capacity change from 0 to 128
[  610.546814][   T25] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  610.592395][ T7694] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  610.657478][ T9011] usb 3-1: USB disconnect, device number 15
[  610.787019][   T44] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  610.824380][   T25] usb 5-1: Using ep0 maxpacket: 32
[  610.843759][ T9529] loop5: detected capacity change from 0 to 64
[  610.865474][   T25] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  610.880606][   T25] usb 5-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  610.891873][   T25] usb 5-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  610.901438][   T25] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  610.924133][   T25] hub 5-1:4.0: USB hub found
[  610.986728][   T44] usb 4-1: Using ep0 maxpacket: 32
[  611.024603][   T44] usb 4-1: unable to get BOS descriptor or descriptor too short
[  611.039677][   T44] usb 4-1: config 8 has an invalid interface number: 100 but max is 0
[  611.048613][   T44] usb 4-1: config 8 has no interface number 0
[  611.055158][   T44] usb 4-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  611.067206][   T44] usb 4-1: config 8 interface 100 has no altsetting 0
[  611.121525][   T44] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  611.131513][   T44] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  611.140477][   T44] usb 4-1: Product: syz
[  611.144919][   T44] usb 4-1: Manufacturer: syz
[  611.150083][   T44] usb 4-1: SerialNumber: syz
[  611.172431][   T25] hub 5-1:4.0: 10 ports detected
[  611.180322][   T25] hub 5-1:4.0: insufficient power available to use all downstream ports
[  611.401604][ T9011] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[  611.465284][   T44] usb 4-1: Found UVC 0.00 device syz (8086:0b5c)
[  611.473782][   T44] usb 4-1: No valid video chain found.
[  611.524631][   T44] usb 4-1: USB disconnect, device number 11
[  611.650833][ T9516] loop4: detected capacity change from 0 to 512
[  611.681094][ T9011] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  611.692604][ T9011] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  611.705381][ T9011] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  611.750348][ T9011] usb 1-1: config 0 descriptor??
[  611.782353][ T9011] pwc: Askey VC010 type 2 USB webcam detected.
[  611.921791][ T9516] EXT4-fs (loop4): 1 orphan inode deleted
[  611.930493][ T9516] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  612.013514][ T9516] EXT4-fs error (device loop4): ext4_add_entry:2437: inode #2: comm syz.4.1085: Directory hole found for htree leaf block 0
[  612.054141][ T9516] EXT4-fs error (device loop4): ext4_add_entry:2437: inode #2: comm syz.4.1085: Directory hole found for htree leaf block 0
[  612.123335][ T9011] pwc: send_video_command error -71
[  612.129061][ T9011] pwc: Failed to set video mode CIF@30 fps; return code = -71
[  612.137654][ T9011] Philips webcam 1-1:0.0: probe with driver Philips webcam failed with error -71
[  612.152334][ T9011] usb 1-1: USB disconnect, device number 16
[  612.167444][   T25] hub 5-1:4.0: set hub depth failed
[  612.188540][   T25] usb 5-1: USB disconnect, device number 9
[  612.482127][ T9542] loop5: detected capacity change from 0 to 256
[  612.491633][ T9542] exfat: Bad value for 'umask'
[  612.656915][ T2037] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[  612.892876][ T2037] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  612.903760][ T2037] usb 1-1: New USB device found, idVendor=0471, idProduct=0304, bcdDevice=e4.df
[  612.913371][ T2037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  612.932801][ T2037] usb 1-1: config 0 descriptor??
[  612.982353][ T2037] pwc: Askey VC010 type 2 USB webcam detected.
[  613.123360][ T5797] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  613.293885][   T29] audit: type=1107 audit(1731475004.568:35): pid=9551 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg='ß'
[  613.355024][ T2037] pwc: recv_control_msg error -32 req 02 val 2b00
[  613.366102][ T2037] pwc: recv_control_msg error -32 req 02 val 2700
[  613.408599][ T9554] nfs4: Unknown parameter '
–€zfëª&àŠ•€$å(x·o'
[  613.434608][ T2037] pwc: recv_control_msg error -32 req 02 val 2c00
[  613.497315][ T2037] pwc: recv_control_msg error -32 req 04 val 1000
[  613.547339][ T2037] pwc: recv_control_msg error -32 req 04 val 1300
[  613.759590][ T9550] loop5: detected capacity change from 0 to 4096
[  613.817422][ T9550] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  614.098749][ T2037] pwc: recv_control_msg error -32 req 04 val 1400
[  614.170608][ T9550] ntfs3(loop5): Mark volume as dirty due to NTFS errors
[  614.207001][ T2037] pwc: recv_control_msg error -32 req 02 val 2000
[  614.236025][ T9550] ntfs3(loop5): Failed to load $BadClus (-22).
[  614.265014][ T2037] pwc: recv_control_msg error -32 req 02 val 2100
[  614.301780][ T2037] pwc: recv_control_msg error -32 req 04 val 1500
[  614.327374][ T2037] pwc: recv_control_msg error -32 req 02 val 2500
[  614.945183][ T9563] loop3: detected capacity change from 0 to 64
[  614.948378][ T2037] pwc: recv_control_msg error -71 req 02 val 2600
[  614.960082][ T2037] pwc: recv_control_msg error -71 req 02 val 2900
[  614.969523][ T2037] pwc: recv_control_msg error -71 req 02 val 2800
[  614.987559][ T2037] pwc: recv_control_msg error -71 req 04 val 1100
[  614.996121][ T2037] pwc: recv_control_msg error -71 req 04 val 1200
[  615.006847][ T2037] pwc: Registered as video103.
[  615.013937][ T2037] input: PWC snapshot button as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9
[  615.027112][ T9563] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop3
[  615.052197][ T2037] usb 1-1: USB disconnect, device number 17
[  615.885977][ T9569] loop3: detected capacity change from 0 to 128
[  615.900020][ T9569] vfat: Unknown parameter 'Ó'
[  616.296641][ T9567] loop0: detected capacity change from 0 to 128
[  616.617716][ T2037] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[  616.789134][ T2037] usb 1-1: Using ep0 maxpacket: 32
[  616.869443][ T2037] usb 1-1: unable to get BOS descriptor or descriptor too short
[  616.910878][ T2037] usb 1-1: config 8 has an invalid interface number: 100 but max is 0
[  616.924161][ T2037] usb 1-1: config 8 has no interface number 0
[  616.932290][ T2037] usb 1-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  616.944012][ T2037] usb 1-1: config 8 interface 100 has no altsetting 0
[  617.079441][ T2037] usb 1-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  617.089281][ T2037] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  617.097895][ T2037] usb 1-1: Product: syz
[  617.102305][ T2037] usb 1-1: Manufacturer: syz
[  617.107580][ T2037] usb 1-1: SerialNumber: syz
[  617.421000][ T2037] usb 1-1: Found UVC 0.00 device syz (8086:0b5c)
[  617.428662][ T2037] usb 1-1: No valid video chain found.
[  617.477587][ T2037] usb 1-1: USB disconnect, device number 18
[  617.816636][   T25] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  617.989056][   T25] usb 4-1: Using ep0 maxpacket: 32
[  618.026834][   T25] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  618.038425][   T25] usb 4-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  618.051734][   T25] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  618.062341][   T25] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  618.181455][   T25] hub 4-1:4.0: USB hub found
[  618.242245][ T9590] loop0: detected capacity change from 0 to 64
[  618.287201][ T9590] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop0
[  618.333605][ T9590] FAULT_INJECTION: forcing a failure.
[  618.333605][ T9590] name failslab, interval 1, probability 0, space 0, times 0
[  618.347411][ T9590] CPU: 1 UID: 0 PID: 9590 Comm: syz.0.1108 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  618.358429][ T9590] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  618.368746][ T9590] Call Trace:
[  618.372220][ T9590]  <TASK>
[  618.375367][ T9590]  dump_stack_lvl+0x216/0x2d0
[  618.380417][ T9590]  dump_stack+0x1e/0x30
[  618.384896][ T9590]  should_fail_ex+0x748/0x7f0
[  618.389914][ T9590]  should_failslab+0x17f/0x210
[  618.395054][ T9590]  kmem_cache_alloc_noprof+0xe2/0xb20
[  618.400752][ T9590]  ? security_file_alloc+0x75/0x6d0
[  618.406272][ T9590]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  618.412367][ T9590]  security_file_alloc+0x75/0x6d0
[  618.417723][ T9590]  alloc_empty_file+0x296/0x7b0
[  618.422873][ T9590]  alloc_file_pseudo+0x1db/0x340
[  618.428125][ T9590]  __shmem_file_setup+0x3bf/0x4d0
[  618.433476][ T9590]  shmem_file_setup+0x61/0x80
[  618.438480][ T9590]  __se_sys_memfd_create+0x8a3/0x1260
[  618.444192][ T9590]  ? ksys_write+0x416/0x4c0
[  618.449012][ T9590]  ? kmsan_get_metadata+0x13e/0x1c0
[  618.454520][ T9590]  __x64_sys_memfd_create+0x6c/0xa0
[  618.460050][ T9590]  x64_sys_call+0x31cf/0x3ba0
[  618.465055][ T9590]  do_syscall_64+0xcd/0x1e0
[  618.469876][ T9590]  ? clear_bhb_loop+0x25/0x80
[  618.474849][ T9590]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  618.481030][ T9590] RIP: 0033:0x7f156dd7e719
[  618.485671][ T9590] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  618.505610][ T9590] RSP: 002b:00007f156c1f5e18 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[  618.514330][ T9590] RAX: ffffffffffffffda RBX: 000000000000020a RCX: 00007f156dd7e719
[  618.522536][ T9590] RDX: 00007f156c1f5ef0 RSI: 0000000000000000 RDI: 00007f156ddf1e82
[  618.530740][ T9590] RBP: 00000000200010c0 R08: 00007f156c1f5bb7 R09: 00007f156c1f5e40
[  618.538952][ T9590] R10: 000000000000000a R11: 0000000000000202 R12: 0000000020000000
[  618.547147][ T9590] R13: 00007f156c1f5ef0 R14: 00007f156c1f5eb0 R15: 0000000020000140
[  618.555403][ T9590]  </TASK>
[  618.622431][   T25] hub 4-1:4.0: 10 ports detected
[  618.636777][   T25] hub 4-1:4.0: insufficient power available to use all downstream ports
[  619.144173][ T9584] loop3: detected capacity change from 0 to 512
[  619.303663][ T9590] loop0: detected capacity change from 0 to 256
[  619.645228][ T9590] FAT-fs (loop0): Directory bread(block 64) failed
[  619.652530][ T9590] FAT-fs (loop0): Directory bread(block 65) failed
[  619.660435][ T9590] FAT-fs (loop0): Directory bread(block 66) failed
[  619.667671][ T9590] FAT-fs (loop0): Directory bread(block 67) failed
[  619.674862][ T9590] FAT-fs (loop0): Directory bread(block 68) failed
[  619.686409][ T9590] FAT-fs (loop0): Directory bread(block 69) failed
[  619.693364][ T9590] FAT-fs (loop0): Directory bread(block 70) failed
[  619.702199][ T9590] FAT-fs (loop0): Directory bread(block 71) failed
[  619.709528][ T9590] FAT-fs (loop0): Directory bread(block 72) failed
[  619.716681][ T9590] FAT-fs (loop0): Directory bread(block 73) failed
[  620.167698][ T9584] EXT4-fs (loop3): 1 orphan inode deleted
[  620.177335][ T9584] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  620.590813][ T9584] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.1106: Directory hole found for htree leaf block 0
[  620.885322][ T9584] EXT4-fs error (device loop3): ext4_add_entry:2437: inode #2: comm syz.3.1106: Directory hole found for htree leaf block 0
[  621.019987][   T25] hub 4-1:4.0: set hub depth failed
[  621.174829][   T25] usb 4-1: USB disconnect, device number 12
[  621.457158][ T2037] usb 1-1: new high-speed USB device number 19 using dummy_hcd
[  621.639696][ T2037] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  621.651770][ T2037] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  621.662314][ T2037] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  621.672264][ T2037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  621.694618][ T2037] usb 1-1: config 0 descriptor??
[  621.725778][ T5791] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  622.166517][   T25] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  622.192441][ T2037] stadia 0003:18D1:9400.000B: unbalanced collection at end of report description
[  622.207066][ T2037] stadia 0003:18D1:9400.000B: parse failed
[  622.213421][ T2037] stadia 0003:18D1:9400.000B: probe with driver stadia failed with error -22
[  622.286971][ T9619] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1120'.
[  622.376505][   T25] usb 4-1: Using ep0 maxpacket: 32
[  622.412447][ T9605] loop0: detected capacity change from 0 to 128
[  622.569662][ T9623] loop4: detected capacity change from 0 to 256
[  622.579269][ T9623] exfat: Deprecated parameter 'namecase'
[  622.587019][ T9605] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  622.599197][   T25] usb 4-1: unable to get BOS descriptor or descriptor too short
[  622.616652][   T25] usb 4-1: config 8 has an invalid interface number: 100 but max is 0
[  622.625309][   T25] usb 4-1: config 8 has no interface number 0
[  622.631910][   T25] usb 4-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  622.634889][ T9621] loop5: detected capacity change from 0 to 1764
[  622.643452][   T25] usb 4-1: config 8 interface 100 has no altsetting 0
[  622.690558][   T25] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  622.700067][   T25] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  622.711584][   T25] usb 4-1: Product: syz
[  622.716012][   T25] usb 4-1: Manufacturer: syz
[  622.721772][   T25] usb 4-1: SerialNumber: syz
[  622.740694][ T9605] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  622.830971][ T9011] usb 1-1: USB disconnect, device number 19
[  622.855783][ T9623] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  623.036510][   T25] usb 4-1: Found UVC 0.00 device syz (8086:0b5c)
[  623.039226][ T2037] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[  623.043112][   T25] usb 4-1: No valid video chain found.
[  623.052478][   T25] usb 4-1: USB disconnect, device number 13
[  624.117662][ T2037] usb 6-1: Using ep0 maxpacket: 32
[  625.258009][ T2037] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 32
[  625.301623][ T2037] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c
[  625.311219][ T2037] usb 6-1: New USB device strings: Mfr=7, Product=0, SerialNumber=3
[  625.324186][ T2037] usb 6-1: Manufacturer: syz
[  625.330685][ T2037] usb 6-1: SerialNumber: syz
[  626.087601][ T2037] usb 6-1: config 0 descriptor??
[  626.094090][ T2037] usb 6-1: can't set config #0, error -71
[  626.105684][ T2037] usb 6-1: USB disconnect, device number 13
[  627.446498][ T2037] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[  627.612564][ T2037] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  627.624161][ T2037] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  627.632087][ T9654] FAULT_INJECTION: forcing a failure.
[  627.632087][ T9654] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  627.634654][ T2037] usb 3-1: New USB device found, idVendor=172f, idProduct=0501, bcdDevice= 0.00
[  627.648073][ T9654] CPU: 1 UID: 0 PID: 9654 Comm: syz.5.1131 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  627.656615][ T2037] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  627.667243][ T9654] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  627.667329][ T9654] Call Trace:
[  627.667379][ T9654]  <TASK>
[  627.667430][ T9654]  dump_stack_lvl+0x216/0x2d0
[  627.697280][ T9654]  dump_stack+0x1e/0x30
[  627.701767][ T9654]  should_fail_ex+0x748/0x7f0
[  627.706785][ T9654]  should_fail+0x2a/0x40
[  627.711319][ T9654]  should_fail_usercopy+0x2e/0x40
[  627.716660][ T9654]  _copy_to_iter+0x621/0x2b30
[  627.721639][ T9654]  ? kmsan_get_metadata+0x13e/0x1c0
[  627.727153][ T9654]  seq_read_iter+0x18b9/0x20e0
[  627.732206][ T9654]  ? __pfx_ping_seq_stop+0x10/0x10
[  627.737595][ T9654]  seq_read+0x4ef/0x5d0
[  627.741982][ T9654]  ? gfs2_rbm_find+0x1161/0x4cc0
[  627.747197][ T9654]  ? kmsan_get_metadata+0x13e/0x1c0
[  627.752690][ T9654]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  627.758797][ T9654]  ? __pfx_seq_read+0x10/0x10
[  627.763746][ T9654]  ? __pfx_seq_read+0x10/0x10
[  627.768696][ T9654]  proc_reg_read+0x261/0x4b0
[  627.773753][ T9654]  vfs_readv+0x935/0xee0
[  627.778304][ T9654]  ? __pfx_proc_reg_read+0x10/0x10
[  627.783793][ T9654]  ? kmsan_get_metadata+0x13e/0x1c0
[  627.789298][ T9654]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  627.795405][ T9654]  __x64_sys_preadv+0x2e5/0x500
[  627.800596][ T9654]  x64_sys_call+0x21c9/0x3ba0
[  627.805598][ T9654]  do_syscall_64+0xcd/0x1e0
[  627.810438][ T9654]  ? clear_bhb_loop+0x25/0x80
[  627.811311][ T2037] usb 3-1: config 0 descriptor??
[  627.815322][ T9654]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  627.826467][ T9654] RIP: 0033:0x7f5332f7e719
[  627.831149][ T9654] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  627.851086][ T9654] RSP: 002b:00007f5333e0f038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  627.859840][ T9654] RAX: ffffffffffffffda RBX: 00007f5333135f80 RCX: 00007f5332f7e719
[  627.868087][ T9654] RDX: 0000000000000001 RSI: 0000000020000080 RDI: 0000000000000005
[  627.876307][ T9654] RBP: 00007f5333e0f090 R08: 0000000000000000 R09: 0000000000000000
[  627.884546][ T9654] R10: 00000000000000a3 R11: 0000000000000246 R12: 0000000000000001
[  627.892807][ T9654] R13: 0000000000000000 R14: 00007f5333135f80 R15: 00007ffd596f3698
[  627.901071][ T9654]  </TASK>
[  628.298582][ T9656] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1132'.
[  628.423182][ T9659] FAULT_INJECTION: forcing a failure.
[  628.423182][ T9659] name failslab, interval 1, probability 0, space 0, times 0
[  628.436773][ T9659] CPU: 0 UID: 0 PID: 9659 Comm: syz.0.1133 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  628.447772][ T9659] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  628.458081][ T9659] Call Trace:
[  628.461553][ T9659]  <TASK>
[  628.464683][ T9659]  dump_stack_lvl+0x216/0x2d0
[  628.469711][ T9659]  dump_stack+0x1e/0x30
[  628.474179][ T9659]  should_fail_ex+0x748/0x7f0
[  628.479191][ T9659]  should_failslab+0x17f/0x210
[  628.484255][ T9659]  __kmalloc_noprof+0x175/0xf30
[  628.489439][ T9659]  ? filter_irq_stacks+0x60/0x1a0
[  628.494810][ T9659]  ? genl_family_rcv_msg_attrs_parse+0x114/0x430
[  628.501485][ T9659]  ? kmsan_get_metadata+0x13e/0x1c0
[  628.506973][ T9659]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  628.513086][ T9659]  genl_family_rcv_msg_attrs_parse+0x114/0x430
[  628.519569][ T9659]  ? genl_rcv_msg+0xc4e/0x12c0
[  628.524653][ T9659]  genl_rcv_msg+0xc83/0x12c0
[  628.529538][ T9659]  ? filter_irq_stacks+0x164/0x1a0
[  628.535003][ T9659]  ? __pfx_nl80211_pre_doit+0x10/0x10
[  628.540713][ T9659]  ? __pfx_nl80211_trigger_scan+0x10/0x10
[  628.546761][ T9659]  ? __pfx_nl80211_post_doit+0x10/0x10
[  628.552571][ T9659]  ? kmsan_get_metadata+0x13e/0x1c0
[  628.558118][ T9659]  netlink_rcv_skb+0x375/0x650
[  628.563241][ T9659]  ? __pfx_genl_rcv_msg+0x10/0x10
[  628.568595][ T9659]  ? __pfx_genl_rcv+0x10/0x10
[  628.573571][ T9659]  genl_rcv+0x40/0x60
[  628.577852][ T9659]  netlink_unicast+0xf52/0x1260
[  628.583053][ T9659]  netlink_sendmsg+0x10da/0x11e0
[  628.588342][ T9659]  ? __pfx_netlink_sendmsg+0x10/0x10
[  628.593959][ T9659]  ? __pfx_netlink_sendmsg+0x10/0x10
[  628.599601][ T9659]  __sock_sendmsg+0x30f/0x380
[  628.604678][ T9659]  ____sys_sendmsg+0x877/0xb60
[  628.609776][ T9659]  ___sys_sendmsg+0x28d/0x3c0
[  628.614770][ T9659]  ? kmsan_get_metadata+0x13e/0x1c0
[  628.620276][ T9659]  ? __rcu_read_unlock+0x7b/0xe0
[  628.625555][ T9659]  ? __fget_files+0x4f5/0x5c0
[  628.630590][ T9659]  ? kmsan_get_metadata+0x13e/0x1c0
[  628.636111][ T9659]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  628.642245][ T9659]  __x64_sys_sendmsg+0x300/0x4a0
[  628.647516][ T9659]  ? perf_mmap+0x1420/0x28d0
[  628.652422][ T9659]  x64_sys_call+0x2da0/0x3ba0
[  628.657415][ T9659]  do_syscall_64+0xcd/0x1e0
[  628.662251][ T9659]  ? clear_bhb_loop+0x25/0x80
[  628.667233][ T9659]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  628.673443][ T9659] RIP: 0033:0x7f156dd7e719
[  628.678138][ T9659] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  628.698073][ T9659] RSP: 002b:00007f156c1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  628.706811][ T9659] RAX: ffffffffffffffda RBX: 00007f156df35f80 RCX: 00007f156dd7e719
[  628.715096][ T9659] RDX: 0000000000000000 RSI: 0000000020000340 RDI: 0000000000000003
[  628.723331][ T9659] RBP: 00007f156c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  628.731577][ T9659] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  628.739807][ T9659] R13: 0000000000000000 R14: 00007f156df35f80 R15: 00007fff1ef6c3f8
[  628.748084][ T9659]  </TASK>
[  629.499112][   T25] usb 6-1: new high-speed USB device number 14 using dummy_hcd
[  629.726857][   T25] usb 6-1: Using ep0 maxpacket: 32
[  629.782469][   T25] usb 6-1: unable to get BOS descriptor or descriptor too short
[  629.858517][   T25] usb 6-1: config 8 has an invalid interface number: 100 but max is 0
[  629.867531][   T25] usb 6-1: config 8 has no interface number 0
[  629.874042][   T25] usb 6-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  629.885819][   T25] usb 6-1: config 8 interface 100 has no altsetting 0
[  630.141770][   T25] usb 6-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  630.151739][   T25] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  630.162142][   T25] usb 6-1: Product: syz
[  630.163222][ T2037] usbhid 3-1:0.0: can't add hid device: -71
[  630.166963][   T25] usb 6-1: Manufacturer: syz
[  630.174541][ T2037] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  630.177599][   T25] usb 6-1: SerialNumber: syz
[  630.189928][ T2037] usb 3-1: USB disconnect, device number 16
[  630.396852][ T9677] loop3: detected capacity change from 0 to 64
[  630.724257][   T25] usb 6-1: Found UVC 0.00 device syz (8086:0b5c)
[  630.731260][   T25] usb 6-1: No valid video chain found.
[  630.810734][   T25] usb 6-1: USB disconnect, device number 14
[  631.373965][   T25] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[  631.519100][ T9694] FAULT_INJECTION: forcing a failure.
[  631.519100][ T9694] name failslab, interval 1, probability 0, space 0, times 0
[  631.532341][ T9694] CPU: 1 UID: 0 PID: 9694 Comm: syz.5.1144 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  631.543338][ T9694] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  631.553648][ T9694] Call Trace:
[  631.557111][ T9694]  <TASK>
[  631.560213][ T9694]  dump_stack_lvl+0x216/0x2d0
[  631.565217][ T9694]  dump_stack+0x1e/0x30
[  631.569685][ T9694]  should_fail_ex+0x748/0x7f0
[  631.574692][ T9694]  should_failslab+0x17f/0x210
[  631.579739][ T9694]  kmem_cache_alloc_noprof+0xe2/0xb20
[  631.585406][ T9694]  ? dup_fd+0x62/0x1400
[  631.589841][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  631.595918][ T9694]  dup_fd+0x62/0x1400
[  631.600161][ T9694]  ? kmsan_internal_memmove_metadata+0x91/0x230
[  631.606716][ T9694]  ? kmsan_get_metadata+0x13e/0x1c0
[  631.612200][ T9694]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  631.618837][ T9694]  ? kmsan_get_metadata+0x13e/0x1c0
[  631.624300][ T9694]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  631.630376][ T9694]  copy_files+0x11a/0x250
[  631.635008][ T9694]  copy_process+0x243d/0x5c20
[  631.639990][ T9694]  ? stack_trace_save_user+0x100/0x140
[  631.645776][ T9694]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  631.652428][ T9694]  kernel_clone+0x401/0x1040
[  631.657280][ T9694]  ? kmsan_get_metadata+0x13e/0x1c0
[  631.662737][ T9694]  ? kmsan_get_metadata+0x13e/0x1c0
[  631.668211][ T9694]  ? __msan_memset+0xf5/0x1b0
[  631.673195][ T9694]  __x64_sys_clone+0x25c/0x360
[  631.678261][ T9694]  x64_sys_call+0x3b29/0x3ba0
[  631.683284][ T9694]  do_syscall_64+0xcd/0x1e0
[  631.688091][ T9694]  ? clear_bhb_loop+0x25/0x80
[  631.693047][ T9694]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  631.699218][ T9694] RIP: 0033:0x7f5332f7e719
[  631.703861][ T9694] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  631.723757][ T9694] RSP: 002b:00007f5333e0efe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  631.732465][ T9694] RAX: ffffffffffffffda RBX: 00007f5333135f80 RCX: 00007f5332f7e719
[  631.740802][ T9694] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00000000640c7000
[  631.749006][ T9694] RBP: 00007f5333e0f090 R08: 0000000000000000 R09: 0000000000000000
[  631.757205][ T9694] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  631.765404][ T9694] R13: 0000000000000000 R14: 00007f5333135f80 R15: 00007ffd596f3698
[  631.773640][ T9694]  </TASK>
[  631.816871][   T25] usb 1-1: device descriptor read/64, error -71
[  632.067789][   T25] usb 1-1: new high-speed USB device number 21 using dummy_hcd
[  632.249769][ T9697] tipc: Started in network mode
[  632.255126][ T9697] tipc: Node identity ac1414aa, cluster identity 4711
[  632.270122][ T9697] tipc: Enabled bearer <udp:s>, priority 10
[  632.367610][   T25] usb 1-1: device descriptor read/64, error -71
[  632.485594][ T9700] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1148'.
[  633.283170][ T9706] loop4: detected capacity change from 0 to 512
[  633.447142][ T9011] tipc: Node number set to 2886997162
[  633.453860][   T25] usb usb1-port1: attempt power cycle
[  633.627219][ T9706] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  633.719633][ T9706] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1149: invalid indirect mapped block 4278190080 (level 0)
[  633.809230][ T9706] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #11: comm syz.4.1149: invalid indirect mapped block 1 (level 1)
[  633.936440][ T9706] EXT4-fs (loop4): 1 truncate cleaned up
[  633.944201][ T9706] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  634.483007][ T9706] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  635.379952][ T9732] loop3: detected capacity change from 0 to 64
[  635.438313][ T9738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1161'.
[  635.666693][   T25] usb 3-1: new high-speed USB device number 17 using dummy_hcd
[  635.847895][   T25] usb 3-1: Using ep0 maxpacket: 32
[  635.873031][   T25] usb 3-1: unable to get BOS descriptor or descriptor too short
[  635.899105][   T25] usb 3-1: config 8 has an invalid interface number: 100 but max is 0
[  635.908049][   T25] usb 3-1: config 8 has no interface number 0
[  635.914406][   T25] usb 3-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  635.926074][ T9743] FAULT_INJECTION: forcing a failure.
[  635.926074][ T9743] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  635.926241][   T25] usb 3-1: config 8 interface 100 has no altsetting 0
[  635.947251][ T9743] CPU: 0 UID: 0 PID: 9743 Comm: syz.0.1162 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  635.958265][ T9743] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  635.968593][ T9743] Call Trace:
[  635.972100][ T9743]  <TASK>
[  635.975227][ T9743]  dump_stack_lvl+0x216/0x2d0
[  635.980262][ T9743]  dump_stack+0x1e/0x30
[  635.984753][ T9743]  should_fail_ex+0x748/0x7f0
[  635.989742][ T9743]  should_fail+0x2a/0x40
[  635.994266][ T9743]  should_fail_usercopy+0x2e/0x40
[  635.999593][ T9743]  _copy_from_iter+0x1d8/0x2b00
[  636.004750][ T9743]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  636.010822][ T9743]  ? kmsan_get_metadata+0x13e/0x1c0
[  636.016287][ T9743]  ? skb_put+0x189/0x230
[  636.020852][ T9743]  netlink_sendmsg+0xc1d/0x11e0
[  636.026020][ T9743]  ? __pfx_netlink_sendmsg+0x10/0x10
[  636.031600][ T9743]  ? __pfx_netlink_sendmsg+0x10/0x10
[  636.037192][ T9743]  __sock_sendmsg+0x30f/0x380
[  636.042138][ T9743]  ____sys_sendmsg+0x877/0xb60
[  636.047215][ T9743]  ___sys_sendmsg+0x28d/0x3c0
[  636.052179][ T9743]  ? kmsan_get_metadata+0x13e/0x1c0
[  636.057648][ T9743]  ? __rcu_read_unlock+0x7b/0xe0
[  636.062856][ T9743]  ? __fget_files+0x4f5/0x5c0
[  636.067829][ T9743]  ? kmsan_get_metadata+0x13e/0x1c0
[  636.073289][ T9743]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  636.079378][ T9743]  __x64_sys_sendmsg+0x300/0x4a0
[  636.084612][ T9743]  ? perf_mmap+0x1420/0x28d0
[  636.089488][ T9743]  x64_sys_call+0x2da0/0x3ba0
[  636.094452][ T9743]  do_syscall_64+0xcd/0x1e0
[  636.099256][ T9743]  ? clear_bhb_loop+0x25/0x80
[  636.104216][ T9743]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.110401][ T9743] RIP: 0033:0x7f156dd7e719
[  636.115044][ T9743] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.134932][ T9743] RSP: 002b:00007f156c1f6038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  636.143653][ T9743] RAX: ffffffffffffffda RBX: 00007f156df35f80 RCX: 00007f156dd7e719
[  636.151871][ T9743] RDX: 0000000000000000 RSI: 0000000020000100 RDI: 0000000000000004
[  636.160082][ T9743] RBP: 00007f156c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  636.168295][ T9743] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  636.176507][ T9743] R13: 0000000000000000 R14: 00007f156df35f80 R15: 00007fff1ef6c3f8
[  636.184742][ T9743]  </TASK>
[  636.196120][   T25] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  636.206425][   T25] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  636.219975][   T25] usb 3-1: Product: syz
[  636.224422][   T25] usb 3-1: Manufacturer: syz
[  636.229665][   T25] usb 3-1: SerialNumber: syz
[  636.583768][   T25] usb 3-1: Found UVC 0.00 device syz (8086:0b5c)
[  636.592024][   T25] usb 3-1: No valid video chain found.
[  636.612001][   T25] usb 3-1: USB disconnect, device number 17
[  636.675649][ T9750] FAULT_INJECTION: forcing a failure.
[  636.675649][ T9750] name failslab, interval 1, probability 0, space 0, times 0
[  636.691985][ T9750] CPU: 1 UID: 0 PID: 9750 Comm: syz.0.1165 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  636.703001][ T9750] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  636.713281][ T9750] Call Trace:
[  636.716732][ T9750]  <TASK>
[  636.719840][ T9750]  dump_stack_lvl+0x216/0x2d0
[  636.724837][ T9750]  dump_stack+0x1e/0x30
[  636.729282][ T9750]  should_fail_ex+0x748/0x7f0
[  636.734267][ T9750]  should_failslab+0x17f/0x210
[  636.739291][ T9750]  __kmalloc_noprof+0x175/0xf30
[  636.744429][ T9750]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  636.750494][ T9750]  ? security_prepare_creds+0xae/0x720
[  636.756268][ T9750]  ? kmsan_get_metadata+0x13e/0x1c0
[  636.761727][ T9750]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  636.767803][ T9750]  security_prepare_creds+0xae/0x720
[  636.773403][ T9750]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  636.779475][ T9750]  prepare_creds+0x8cb/0xc50
[  636.784385][ T9750]  copy_creds+0x11e/0xcf0
[  636.789032][ T9750]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  636.795682][ T9750]  copy_process+0x1069/0x5c20
[  636.800693][ T9750]  ? kernel_clone+0x59/0x1040
[  636.805633][ T9750]  ? stack_trace_save_user+0x101/0x140
[  636.811412][ T9750]  ? kmsan_internal_set_shadow_origin+0x69/0x100
[  636.818071][ T9750]  kernel_clone+0x401/0x1040
[  636.822916][ T9750]  ? kmsan_get_metadata+0x13e/0x1c0
[  636.828380][ T9750]  ? kmsan_get_metadata+0x13e/0x1c0
[  636.833838][ T9750]  ? __msan_memset+0xf5/0x1b0
[  636.838810][ T9750]  __x64_sys_clone+0x25c/0x360
[  636.843881][ T9750]  x64_sys_call+0x3b29/0x3ba0
[  636.848854][ T9750]  do_syscall_64+0xcd/0x1e0
[  636.853662][ T9750]  ? clear_bhb_loop+0x25/0x80
[  636.858620][ T9750]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  636.864799][ T9750] RIP: 0033:0x7f156dd7e719
[  636.869444][ T9750] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  636.889346][ T9750] RSP: 002b:00007f156c1f5fe8 EFLAGS: 00000206 ORIG_RAX: 0000000000000038
[  636.898074][ T9750] RAX: ffffffffffffffda RBX: 00007f156df35f80 RCX: 00007f156dd7e719
[  636.906283][ T9750] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 000000002b044000
[  636.914567][ T9750] RBP: 00007f156c1f6090 R08: 0000000000000000 R09: 0000000000000000
[  636.922763][ T9750] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000000000001
[  636.930967][ T9750] R13: 0000000000000000 R14: 00007f156df35f80 R15: 00007fff1ef6c3f8
[  636.939184][ T9750]  </TASK>
[  637.927700][   T29] audit: type=1326 audit(1731475029.118:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9759 comm="syz.3.1167" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd8ab17e719 code=0x0
[  638.233339][ T9766] loop5: detected capacity change from 0 to 256
[  638.257890][ T9766] vfat: Unknown parameter ''
[  638.341616][ T2037] usb 3-1: new high-speed USB device number 18 using dummy_hcd
[  638.536817][ T2037] usb 3-1: New USB device found, idVendor=0681, idProduct=0010, bcdDevice=6d.59
[  638.547190][ T2037] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  638.618822][ T2037] usb 3-1: config 0 descriptor??
[  638.897741][   T25] usb 3-1: USB disconnect, device number 18
[  638.988231][ T9783] warning: `syz.5.1176' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  639.136691][ T9783] netlink: 'syz.5.1176': attribute type 4 has an invalid length.
[  639.413672][ T9785] loop0: detected capacity change from 0 to 64
[  639.844605][ T9791] loop4: detected capacity change from 0 to 128
[  640.114729][ T9794] loop3: detected capacity change from 0 to 512
[  640.117479][ T9794] ext4: Unknown parameter 'smackfsfloor'
[  640.181367][   T25] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  640.357603][   T25] usb 5-1: Using ep0 maxpacket: 32
[  640.407641][   T25] usb 5-1: unable to get BOS descriptor or descriptor too short
[  640.422594][   T25] usb 5-1: config 8 has an invalid interface number: 100 but max is 0
[  640.422749][   T25] usb 5-1: config 8 has no interface number 0
[  640.422871][   T25] usb 5-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  640.423045][   T25] usb 5-1: config 8 interface 100 has no altsetting 0
[  640.435813][ T9800] loop5: detected capacity change from 0 to 512
[  640.448370][   T25] usb 5-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  640.448543][   T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  640.448690][   T25] usb 5-1: Product: syz
[  640.448798][   T25] usb 5-1: Manufacturer: syz
[  640.448906][   T25] usb 5-1: SerialNumber: syz
[  640.498786][ T9800] EXT4-fs: Ignoring removed bh option
[  640.499605][ T9800] ext4: Unknown parameter 'context'
[  640.737579][   T25] usb 5-1: Found UVC 0.00 device syz (8086:0b5c)
[  640.737779][   T25] usb 5-1: No valid video chain found.
[  640.745100][   T25] usb 5-1: USB disconnect, device number 10
[  641.470172][ T9808] netlink: 'syz.5.1184': attribute type 30 has an invalid length.
[  643.935524][ T9816] loop5: detected capacity change from 0 to 32768
[  644.067308][ T9816] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[  644.097076][   T25] usb 3-1: new high-speed USB device number 19 using dummy_hcd
[  644.134853][   T29] audit: type=1800 audit(1731475035.408:37): pid=9816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1187" name="bus" dev="loop5" ino=17058 res=0 errno=0
[  644.947440][   T25] usb 3-1: Using ep0 maxpacket: 16
[  646.325690][   T25] usb 3-1: device descriptor read/all, error -71
[  646.597418][ T7694] ocfs2: Unmounting device (7,5) on (node local)
[  646.687049][ T9011] usb 1-1: new high-speed USB device number 23 using dummy_hcd
[  646.904564][ T9011] usb 1-1: New USB device found, idVendor=18ec, idProduct=3290, bcdDevice=c4.47
[  646.915112][ T9011] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.048762][ T9011] usb 1-1: config 0 descriptor??
[  647.154540][   T44] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  647.357988][ T9011] usb 1-1: string descriptor 0 read error: -71
[  647.364586][ T9011] usb 1-1: Found UVC 0.00 device <unnamed> (18ec:3290)
[  647.372209][ T9011] usb 1-1: No valid video chain found.
[  647.438176][   T44] usb 5-1: Using ep0 maxpacket: 8
[  647.479044][   T44] usb 5-1: config index 0 descriptor too short (expected 301, got 45)
[  647.487932][   T44] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  647.498345][   T44] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  647.508651][   T44] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  647.519033][   T44] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  647.532816][   T44] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  647.545432][   T44] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  647.663884][ T9011] usb 1-1: USB disconnect, device number 23
[  647.775291][ T5809] Bluetooth: hci2: unexpected event for opcode 0x2062
[  648.527230][   T44] usb 5-1: usb_control_msg returned -32
[  648.533289][   T44] usbtmc 5-1:16.0: can't read capabilities
[  648.855859][ T9833] loop3: detected capacity change from 0 to 512
[  649.034784][ T9833] EXT4-fs: Ignoring removed bh option
[  649.041243][ T9833] ext4: Unknown parameter 'context'
[  649.241410][ T1276] ieee802154 phy0 wpan0: encryption failed: -22
[  649.249019][ T1276] ieee802154 phy1 wpan1: encryption failed: -22
[  649.462925][ T9844] loop0: detected capacity change from 0 to 64
[  649.518085][ T9844] hfs: walked past end of dir
[  650.166949][ T2037] usb 3-1: new high-speed USB device number 21 using dummy_hcd
[  650.337257][ T2037] usb 3-1: Using ep0 maxpacket: 32
[  650.386706][ T2037] usb 3-1: unable to get BOS descriptor or descriptor too short
[  650.464198][ T2037] usb 3-1: config 8 has an invalid interface number: 100 but max is 0
[  650.473115][ T2037] usb 3-1: config 8 has no interface number 0
[  650.479797][ T2037] usb 3-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  650.491615][ T2037] usb 3-1: config 8 interface 100 has no altsetting 0
[  650.765496][ T2037] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  650.775444][ T2037] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  650.784070][ T2037] usb 3-1: Product: syz
[  650.788736][ T2037] usb 3-1: Manufacturer: syz
[  650.793595][ T2037] usb 3-1: SerialNumber: syz
[  650.846983][    T8] usb 5-1: USB disconnect, device number 11
[  651.168949][ T9855] loop5: detected capacity change from 0 to 2048
[  651.180291][ T9855] EXT4-fs: Ignoring removed mblk_io_submit option
[  651.215183][ T2037] usb 3-1: Found UVC 0.00 device syz (8086:0b5c)
[  651.230290][ T2037] usb 3-1: No valid video chain found.
[  651.252301][ T2037] usb 3-1: USB disconnect, device number 21
[  651.365801][ T9855] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  651.510791][ T9868] loop4: detected capacity change from 0 to 256
[  651.572987][ T9868] exFAT-fs (loop4): failed to load alloc-bitmap
[  651.579734][ T9868] exFAT-fs (loop4): failed to recognize exfat type
[  651.724657][ T9871] loop3: detected capacity change from 0 to 128
[  651.776865][ T2037] usb 1-1: new high-speed USB device number 24 using dummy_hcd
[  651.791985][ T9871] hpfs: bad mount options.
[  651.865950][ T5809] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  651.874793][ T5809] Bluetooth: hci2: Injecting HCI hardware error event
[  651.882714][ T5809] Bluetooth: hci2: hardware error 0x00
[  651.911325][ T7694] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  651.966721][ T2037] usb 1-1: Using ep0 maxpacket: 16
[  651.999408][ T2037] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  652.010253][ T2037] usb 1-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  652.019938][ T2037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.086649][    T8] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  652.139894][ T2037] usb 1-1: config 0 descriptor??
[  652.211142][ T2037] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input13
[  652.309360][    T8] usb 4-1: New USB device found, idVendor=05ac, idProduct=0253, bcdDevice=65.5a
[  652.319030][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  652.385021][    T8] usb 4-1: config 0 descriptor??
[  652.471905][    T8] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input14
[  652.486592][ T9876] loop5: detected capacity change from 0 to 64
[  652.791090][ T9878] FAULT_INJECTION: forcing a failure.
[  652.791090][ T9878] name failslab, interval 1, probability 0, space 0, times 0
[  652.804843][ T9878] CPU: 0 UID: 0 PID: 9878 Comm: syz.2.1208 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  652.815850][ T9878] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  652.826169][ T9878] Call Trace:
[  652.829637][ T9878]  <TASK>
[  652.832751][ T9878]  dump_stack_lvl+0x216/0x2d0
[  652.837772][ T9878]  dump_stack+0x1e/0x30
[  652.842254][ T9878]  should_fail_ex+0x748/0x7f0
[  652.847297][ T9878]  should_failslab+0x17f/0x210
[  652.852386][ T9878]  __kmalloc_cache_noprof+0xbf/0xb00
[  652.858012][ T9878]  ? input_allocate_device+0x5e/0x540
[  652.863697][ T9878]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  652.869816][ T9878]  input_allocate_device+0x5e/0x540
[  652.875321][ T9878]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  652.881442][ T9878]  uinput_ioctl_handler+0x15c/0x1e80
[  652.887108][ T9878]  uinput_ioctl+0x42/0x50
[  652.891759][ T9878]  ? __pfx_uinput_ioctl+0x10/0x10
[  652.897104][ T9878]  __se_sys_ioctl+0x25e/0x450
[  652.902090][ T9878]  __x64_sys_ioctl+0x96/0xe0
[  652.906999][ T9878]  x64_sys_call+0x18bf/0x3ba0
[  652.912001][ T9878]  do_syscall_64+0xcd/0x1e0
[  652.916829][ T9878]  ? clear_bhb_loop+0x25/0x80
[  652.921812][ T9878]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  652.928025][ T9878] RIP: 0033:0x7f78a917e719
[  652.932688][ T9878] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  652.952711][ T9878] RSP: 002b:00007f78a9e90038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  652.961468][ T9878] RAX: ffffffffffffffda RBX: 00007f78a9335f80 RCX: 00007f78a917e719
[  652.969720][ T9878] RDX: 0000000020000340 RSI: 00000000401c5504 RDI: 0000000000000003
[  652.977954][ T9878] RBP: 00007f78a9e90090 R08: 0000000000000000 R09: 0000000000000000
[  652.986182][ T9878] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  652.994399][ T9878] R13: 0000000000000000 R14: 00007f78a9335f80 R15: 00007ffda81d9b68
[  653.002667][ T9878]  </TASK>
[  654.077653][ T5809] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  654.597583][ T5137] bcm5974 1-1:0.0: could not read from device
[  654.635957][ T5137] bcm5974 1-1:0.0: could not read from device
[  654.648879][ T9883] loop5: detected capacity change from 0 to 512
[  654.657794][ T9883] EXT4-fs: Ignoring removed bh option
[  654.662506][ T2037] usb 1-1: USB disconnect, device number 24
[  654.663874][ T9883] ext4: Unknown parameter 'context'
[  654.780971][ T5137] bcm5974 4-1:0.0: could not read from device
[  654.823310][ T5137] bcm5974 4-1:0.0: could not read from device
[  654.919878][ T5137] bcm5974 4-1:0.0: could not read from device
[  654.991406][ T5137] bcm5974 4-1:0.0: could not read from device
[  655.090665][    T8] usb 4-1: USB disconnect, device number 14
[  656.098980][ T9908] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1214'.
[  656.535056][ T9916] loop0: detected capacity change from 0 to 512
[  656.544956][ T9916] EXT4-fs: Ignoring removed mblk_io_submit option
[  656.585400][ T9916] EXT4-fs (loop0): mounting ext3 file system using the ext4 subsystem
[  656.603114][ T9910] loop3: detected capacity change from 0 to 128
[  656.677086][ T9916] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a042c118, mo2=0002]
[  656.701667][ T9905] syz.5.1214 (9905) used greatest stack depth: 5112 bytes left
[  656.731351][ T9916] System zones: 1-12
[  656.796797][ T9916] EXT4-fs error (device loop0): ext4_xattr_ibody_find:2240: inode #15: comm syz.0.1219: corrupted in-inode xattr: e_value size too large
[  656.866764][ T9916] EXT4-fs error (device loop0): ext4_orphan_get:1393: comm syz.0.1219: couldn't read orphan inode 15 (err -117)
[  656.913191][ T9916] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  657.149339][    T8] usb 4-1: new high-speed USB device number 15 using dummy_hcd
[  657.246629][ T2037] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  657.378159][    T8] usb 4-1: Using ep0 maxpacket: 32
[  657.476981][    T8] usb 4-1: unable to get BOS descriptor or descriptor too short
[  657.497240][    T8] usb 4-1: config 8 has an invalid interface number: 100 but max is 0
[  657.505930][    T8] usb 4-1: config 8 has no interface number 0
[  657.512815][    T8] usb 4-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  657.524737][    T8] usb 4-1: config 8 interface 100 has no altsetting 0
[  657.686796][ T2037] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 97, changing to 10
[  657.698469][ T2037] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24929, setting to 1024
[  657.710686][ T2037] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  657.720205][ T2037] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  657.908398][ T2037] usb 1-1: config 0 descriptor??
[  658.020109][    T8] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  658.030155][    T8] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  658.038878][    T8] usb 4-1: Product: syz
[  658.044016][    T8] usb 4-1: Manufacturer: syz
[  658.049213][    T8] usb 4-1: SerialNumber: syz
[  658.194647][ T9929] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1222'.
[  658.365274][    T8] usb 4-1: Found UVC 0.00 device syz (8086:0b5c)
[  658.372607][    T8] usb 4-1: No valid video chain found.
[  658.419345][    T8] usb 4-1: USB disconnect, device number 15
[  658.464896][ T2037] lg-g15 0003:046D:C222.000C: unknown main item tag 0x0
[  658.472765][ T2037] lg-g15 0003:046D:C222.000C: unknown main item tag 0x0
[  658.482028][ T2037] lg-g15 0003:046D:C222.000C: unknown main item tag 0x0
[  658.501332][ T2037] lg-g15 0003:046D:C222.000C: unknown main item tag 0x0
[  658.512546][ T8996] usb 6-1: new high-speed USB device number 15 using dummy_hcd
[  658.541817][ T2037] lg-g15 0003:046D:C222.000C: hidraw0: USB HID v0.00 Device [HID 046d:c222] on usb-dummy_hcd.0-1/input0
[  658.695692][ T2037] usb 1-1: USB disconnect, device number 25
[  658.713700][ T8996] usb 6-1: Using ep0 maxpacket: 16
[  658.761803][ T8996] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  658.772672][ T8996] usb 6-1: New USB device found, idVendor=05ac, idProduct=0244, bcdDevice= 0.00
[  658.783189][ T8996] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  658.829131][ T8996] usb 6-1: config 0 descriptor??
[  658.848300][ T8996] input: bcm5974 as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/input/input15
[  659.097125][ T5137] bcm5974 6-1:0.0: could not read from device
[  659.234206][ T8996] usb 6-1: USB disconnect, device number 15
[  659.274801][ T9939] FAULT_INJECTION: forcing a failure.
[  659.274801][ T9939] name failslab, interval 1, probability 0, space 0, times 0
[  659.288294][ T9939] CPU: 1 UID: 0 PID: 9939 Comm: syz.3.1226 Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  659.299326][ T9939] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  659.309641][ T9939] Call Trace:
[  659.313107][ T9939]  <TASK>
[  659.316253][ T9939]  dump_stack_lvl+0x216/0x2d0
[  659.321262][ T9939]  dump_stack+0x1e/0x30
[  659.325711][ T9939]  should_fail_ex+0x748/0x7f0
[  659.330700][ T9939]  should_failslab+0x17f/0x210
[  659.335734][ T9939]  kmem_cache_alloc_noprof+0xe2/0xb20
[  659.341403][ T9939]  ? skb_clone+0x303/0x550
[  659.346110][ T9939]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  659.352194][ T9939]  skb_clone+0x303/0x550
[  659.356721][ T9939]  __netlink_deliver_tap+0x607/0xc90
[  659.362318][ T9939]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  659.368380][ T9939]  ? kmsan_get_metadata+0x13e/0x1c0
[  659.373832][ T9939]  netlink_unicast+0x1103/0x1260
[  659.379074][ T9939]  netlink_sendmsg+0x10da/0x11e0
[  659.384333][ T9939]  ? __pfx_netlink_sendmsg+0x10/0x10
[  659.389913][ T9939]  ? __pfx_netlink_sendmsg+0x10/0x10
[  659.395510][ T9939]  __sock_sendmsg+0x30f/0x380
[  659.400717][ T9939]  ____sys_sendmsg+0x877/0xb60
[  659.405787][ T9939]  ___sys_sendmsg+0x28d/0x3c0
[  659.410743][ T9939]  ? kmsan_get_metadata+0x13e/0x1c0
[  659.416216][ T9939]  ? __rcu_read_unlock+0x7b/0xe0
[  659.421442][ T9939]  ? __fget_files+0x4f5/0x5c0
[  659.426423][ T9939]  ? kmsan_get_metadata+0x13e/0x1c0
[  659.431884][ T9939]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  659.437955][ T9939]  __x64_sys_sendmsg+0x300/0x4a0
[  659.443205][ T9939]  ? perf_mmap+0x1420/0x28d0
[  659.448075][ T9939]  x64_sys_call+0x2da0/0x3ba0
[  659.453055][ T9939]  do_syscall_64+0xcd/0x1e0
[  659.457856][ T9939]  ? clear_bhb_loop+0x25/0x80
[  659.462809][ T9939]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.468978][ T9939] RIP: 0033:0x7fd8ab17e719
[  659.473616][ T9939] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  659.493524][ T9939] RSP: 002b:00007fd8ac01c038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  659.502232][ T9939] RAX: ffffffffffffffda RBX: 00007fd8ab335f80 RCX: 00007fd8ab17e719
[  659.510465][ T9939] RDX: 0000000000000000 RSI: 0000000020000000 RDI: 0000000000000006
[  659.518692][ T9939] RBP: 00007fd8ac01c090 R08: 0000000000000000 R09: 0000000000000000
[  659.526915][ T9939] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  659.535122][ T9939] R13: 0000000000000000 R14: 00007fd8ab335f80 R15: 00007ffc9ab8cde8
[  659.543343][ T9939]  </TASK>
[  659.552537][ T9939] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1226'.
[  659.563657][ T9939] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1226'.
[  659.757002][ T5792] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  660.885035][ T9954] loop0: detected capacity change from 0 to 256
[  660.941821][ T9954] exFAT-fs (loop0): failed to load alloc-bitmap
[  660.949071][ T9954] exFAT-fs (loop0): failed to recognize exfat type
[  660.993526][ T9962] loop5: detected capacity change from 0 to 64
[  661.436430][   T44] usb 3-1: new high-speed USB device number 22 using dummy_hcd
[  661.646867][   T44] usb 3-1: Using ep0 maxpacket: 32
[  661.695131][   T44] usb 3-1: unable to get BOS descriptor or descriptor too short
[  661.729079][   T44] usb 3-1: config 8 has an invalid interface number: 100 but max is 0
[  661.737806][   T44] usb 3-1: config 8 has no interface number 0
[  661.744176][   T44] usb 3-1: config 8 interface 100 altsetting 238 endpoint 0xD has an invalid bInterval 28, changing to 8
[  661.756027][   T44] usb 3-1: config 8 interface 100 has no altsetting 0
[  661.869595][   T44] usb 3-1: New USB device found, idVendor=8086, idProduct=0b5c, bcdDevice=39.43
[  661.882338][   T44] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  661.892368][   T44] usb 3-1: Product: syz
[  661.898331][   T44] usb 3-1: Manufacturer: syz
[  661.903320][   T44] usb 3-1: SerialNumber: syz
[  662.317235][   T44] usb 3-1: Found UVC 0.00 device syz (8086:0b5c)
[  662.323940][   T44] usb 3-1: No valid video chain found.
[  662.466650][   T44] usb 3-1: USB disconnect, device number 22
[  662.720090][ T9983] loop5: detected capacity change from 0 to 512
[  662.778151][ T9983] EXT4-fs: Ignoring removed bh option
[  662.784476][ T9983] ext4: Unknown parameter 'context'
[  662.811327][ T9980] loop4: detected capacity change from 0 to 1024
[  662.973157][ T9980] netlink: 36 bytes leftover after parsing attributes in process `syz.4.1242'.
[  662.997105][ T9980] overlay: filesystem on ./file0 not supported
[  663.362011][ T5797] =====================================================
[  663.370156][ T5797] BUG: KMSAN: uninit-value in hfsplus_delete_cat+0x10f0/0x1340
[  663.378676][ T5797]  hfsplus_delete_cat+0x10f0/0x1340
[  663.387243][ T5797]  hfsplus_rmdir+0x140/0x2e0
[  663.393657][ T5797]  vfs_rmdir+0x5bf/0x800
[  663.398574][ T5797]  do_rmdir+0x630/0x8b0
[  663.402953][ T5797]  __x64_sys_unlinkat+0x1ba/0x220
[  663.411715][ T5797]  x64_sys_call+0x2c7a/0x3ba0
[  663.417703][ T5797]  do_syscall_64+0xcd/0x1e0
[  663.422441][ T5797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.429333][ T5797] 
[  663.431772][ T5797] Uninit was stored to memory at:
[  663.437212][ T5797]  hfsplus_create_cat+0x17f6/0x1800
[  663.442605][ T5797]  hfsplus_mknod+0x201/0x560
[  663.447547][ T5797]  hfsplus_mkdir+0x58/0x70
[  663.452139][ T5797]  vfs_mkdir+0x4a0/0x780
[  663.456818][ T5797]  do_mkdirat+0x529/0x810
[  663.461360][ T5797]  __x64_sys_mkdir+0x9f/0xe0
[  663.466143][ T5797]  x64_sys_call+0x2ef0/0x3ba0
[  663.471229][ T5797]  do_syscall_64+0xcd/0x1e0
[  663.475968][ T5797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.483646][ T5797] 
[  663.486083][ T5797] Uninit was stored to memory at:
[  663.491721][ T5797]  hfsplus_create_cat+0x17f6/0x1800
[  663.497323][ T5797]  hfsplus_fill_super+0x227f/0x2700
[  663.502827][ T5797]  mount_bdev+0x39a/0x520
[  663.507536][ T5797]  hfsplus_mount+0x4d/0x60
[  663.515630][ T5797]  legacy_get_tree+0x114/0x290
[  663.521906][ T5797]  vfs_get_tree+0xb1/0x5a0
[  663.526847][ T5797]  do_new_mount+0x71f/0x15e0
[  663.531646][ T5797]  path_mount+0x742/0x1f10
[  663.536491][ T5797]  __se_sys_mount+0x722/0x810
[  663.541387][ T5797]  __x64_sys_mount+0xe4/0x150
[  663.546436][ T5797]  x64_sys_call+0x255a/0x3ba0
[  663.551332][ T5797]  do_syscall_64+0xcd/0x1e0
[  663.556068][ T5797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.562371][ T5797] 
[  663.564806][ T5797] Uninit was created at:
[  663.569406][ T5797]  __alloc_pages_noprof+0x9a7/0xe00
[  663.574804][ T5797]  alloc_pages_mpol_noprof+0x299/0x990
[  663.580558][ T5797]  alloc_pages_noprof+0x1bf/0x1e0
[  663.585771][ T5797]  allocate_slab+0x320/0x12e0
[  663.591202][ T5797]  ___slab_alloc+0x12ef/0x35e0
[  663.596295][ T5797]  kmem_cache_alloc_lru_noprof+0x584/0xb30
[  663.602330][ T5797]  hfsplus_alloc_inode+0x5a/0xd0
[  663.607669][ T5797]  alloc_inode+0x86/0x460
[  663.615436][ T5797]  iget_locked+0x250/0x1290
[  663.621354][ T5797]  hfsplus_iget+0x59/0xae0
[  663.626002][ T5797]  hfsplus_btree_open+0x13e/0x1d00
[  663.631440][ T5797]  hfsplus_fill_super+0x1113/0x2700
[  663.637005][ T5797]  mount_bdev+0x39a/0x520
[  663.641549][ T5797]  hfsplus_mount+0x4d/0x60
[  663.646302][ T5797]  legacy_get_tree+0x114/0x290
[  663.651293][ T5797]  vfs_get_tree+0xb1/0x5a0
[  663.655929][ T5797]  do_new_mount+0x71f/0x15e0
[  663.660882][ T5797]  path_mount+0x742/0x1f10
[  663.665530][ T5797]  __se_sys_mount+0x722/0x810
[  663.670525][ T5797]  __x64_sys_mount+0xe4/0x150
[  663.675420][ T5797]  x64_sys_call+0x255a/0x3ba0
[  663.675964][ T2037] usb 3-1: new high-speed USB device number 23 using dummy_hcd
[  663.680715][ T5797]  do_syscall_64+0xcd/0x1e0
[  663.692838][ T5797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.699070][ T5797] 
[  663.701511][ T5797] CPU: 1 UID: 0 PID: 5797 Comm: syz-executor Not tainted 6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  663.712779][ T5797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  663.726415][ T5797] =====================================================
[  663.733504][ T5797] Disabling lock debugging due to kernel taint
[  663.740997][ T5797] Kernel panic - not syncing: kmsan.panic set ...
[  663.747594][ T5797] CPU: 1 UID: 0 PID: 5797 Comm: syz-executor Tainted: G    B              6.12.0-rc7-syzkaller-00012-g3022e9d00ebe #0
[  663.760160][ T5797] Tainted: [B]=BAD_PAGE
[  663.764441][ T5797] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/30/2024
[  663.774662][ T5797] Call Trace:
[  663.778053][ T5797]  <TASK>
[  663.781089][ T5797]  dump_stack_lvl+0x216/0x2d0
[  663.785998][ T5797]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  663.791987][ T5797]  dump_stack+0x1e/0x30
[  663.796334][ T5797]  panic+0x4e2/0xcf0
[  663.800440][ T5797]  ? kmsan_get_metadata+0x111/0x1c0
[  663.805813][ T5797]  kmsan_report+0x2c7/0x2d0
[  663.810483][ T5797]  ? __msan_warning+0x95/0x120
[  663.815448][ T5797]  ? hfsplus_delete_cat+0x10f0/0x1340
[  663.820997][ T5797]  ? hfsplus_rmdir+0x140/0x2e0
[  663.825931][ T5797]  ? vfs_rmdir+0x5bf/0x800
[  663.830527][ T5797]  ? do_rmdir+0x630/0x8b0
[  663.835073][ T5797]  ? __x64_sys_unlinkat+0x1ba/0x220
[  663.840473][ T5797]  ? x64_sys_call+0x2c7a/0x3ba0
[  663.845516][ T5797]  ? do_syscall_64+0xcd/0x1e0
[  663.850397][ T5797]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.856661][ T5797]  ? hfsplus_bnode_dump+0xca0/0xcd0
[  663.862067][ T5797]  ? kmsan_get_metadata+0x13e/0x1c0
[  663.867434][ T5797]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  663.873419][ T5797]  ? hfsplus_brec_remove+0x91d/0x9d0
[  663.878912][ T5797]  ? kmsan_get_metadata+0x13e/0x1c0
[  663.884267][ T5797]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  663.890248][ T5797]  __msan_warning+0x95/0x120
[  663.895036][ T5797]  hfsplus_delete_cat+0x10f0/0x1340
[  663.900415][ T5797]  ? kmsan_get_shadow_origin_ptr+0x4d/0xb0
[  663.906396][ T5797]  ? kmsan_get_metadata+0x13e/0x1c0
[  663.911784][ T5797]  hfsplus_rmdir+0x140/0x2e0
[  663.916551][ T5797]  ? __pfx_hfsplus_rmdir+0x10/0x10
[  663.921842][ T5797]  vfs_rmdir+0x5bf/0x800
[  663.926284][ T5797]  do_rmdir+0x630/0x8b0
[  663.930642][ T5797]  __x64_sys_unlinkat+0x1ba/0x220
[  663.935873][ T5797]  x64_sys_call+0x2c7a/0x3ba0
[  663.940746][ T5797]  do_syscall_64+0xcd/0x1e0
[  663.945451][ T5797]  ? clear_bhb_loop+0x25/0x80
[  663.950312][ T5797]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  663.956398][ T5797] RIP: 0033:0x7f4b0497dcf7
[  663.960946][ T5797] Code: 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 b8 07 01 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  663.980747][ T5797] RSP: 002b:00007ffefd7379d8 EFLAGS: 00000207 ORIG_RAX: 0000000000000107
[  663.989340][ T5797] RAX: ffffffffffffffda RBX: 0000000000000065 RCX: 00007f4b0497dcf7
[  663.997465][ T5797] RDX: 0000000000000200 RSI: 00007ffefd738b80 RDI: 00000000ffffff9c
[  664.005580][ T5797] RBP: 00007f4b049f14b4 R08: 000055558cba666b R09: 0000000000000000
[  664.013700][ T5797] R10: 0000000000001000 R11: 0000000000000207 R12: 00007ffefd738b80
[  664.021817][ T5797] R13: 00007f4b049f14b4 R14: 00000000000a1c48 R15: 00007ffefd73ad30
[  664.029960][ T5797]  </TASK>
[  664.033420][ T5797] Kernel Offset: disabled
[  664.037811][ T5797] Rebooting in 86400 seconds..