last executing test programs:

6m6.40245459s ago: executing program 4 (id=70):
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_SET_LBT_MODE(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000740)=ANY=[@ANYBLOB="14000000", @ANYRES16=0x0, @ANYBLOB="04"], 0x14}}, 0x0)
syz_genetlink_get_family_id$nfc(&(0x7f0000000cc0), r0)
r1 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f00000012c0), r0)
sendmsg$NLBL_MGMT_C_VERSION(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000680)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="030f00000000000000000800"], 0x2c}}, 0x0)

6m6.167464968s ago: executing program 4 (id=73):
openat$procfs(0xffffffffffffff9c, &(0x7f0000000240)='/proc/keys\x00', 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
bind$can_j1939(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmsg$inet(r2, &(0x7f0000001b00)={0x0, 0x0, 0x0, 0x0, &(0x7f0000001d80)=ANY=[@ANYBLOB="28010000000000000100000001"], 0x128}, 0x0)
recvmsg$unix(r1, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000007000000230001000900"], 0x48)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000003c0)=ANY=[@ANYBLOB="cf9fe76d2b0f7672"], 0x1c}, 0x1, 0x0, 0x0, 0x4000000}, 0x8000)
write$FUSE_NOTIFY_DELETE(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x2f)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e20}, 0x6e)
sendmmsg$unix(r4, 0x0, 0x0, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000002c0)="d8000000140081054e81f782db44b9040a1d080243000000040000a118000200fe80000000000e1208000f0100810401a80016eaa40006400303000806600cfab94dcf5c0461c1d67f6f94007134cf6ee08002a0e408e8d8ef075c0100000000000000cb090000001fb791643a5ee4001b146218a07445d6d930dfe1d9d322fe7d9fd68775730d16a4683f5aeb4edbb57a5025ccca9e00360db70100000040fad956", 0xa2}], 0x1, 0x0, 0x0, 0x7400}, 0x0)

6m4.37834079s ago: executing program 4 (id=79):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f00000002c0)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000100)={@my=0x1, 0x1})
ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r0, 0x7b1, &(0x7f00000001c0)={0x0, 0x1, 0x0, 0x80})

6m4.150689367s ago: executing program 4 (id=80):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000380)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
close(r0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0xa, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
dup3(r1, 0xffffffffffffffff, 0x0)
r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000b80)='./file0\x00', 0x1008002, &(0x7f0000000d00)={[{@grpjquota}]}, 0x3, 0x5ee, &(0x7f0000000280)="$eJzs3c1vVFUbAPDnTj9oKXk7kDcqLqSJMZAoLS1gGuMCtoY0+BE3urDSgkiBhtZo0YSS4MbEuDHGxJUL8b9QIltWunLhxpUhIWpYmjjmztxbOu1Mv2jnEu7vlwxz7zlze86lfeace+acOwGU1lD6TyVif0TMJhGDyeJSXndkmUON193/+5Mz6SOJWu31P5NIsrT89Un2PJAd3BcRP/+UxL6u1eXOLVy9MDkzM30l2x+Zvzg7Mrdw9fD5i5Pnps9NXxp7cWz8+LHj46NHtnRe11qknbrx/oeDn0289d03/ySj3/82kcSJeCV74fLz2C5DMVT/P0lWZw2Mb3dhBenK/k5qtVotT0u6i60TG5f//noi4skYjK548MsbjE9fLbRywI6qJY33bqCMEvEPJZX3A/Jr+5XXwZVCeiVAJ9w72RgAWB3/3Y2xweirjw3svp/E8mGdJCK2NjLXbE9E3Lk9cePs7YkbsUPjcEBri9cj4qlW8Z/U478afVGtx3+lKf7TfsHp7DlNf22L5a8cKhb/0DmN+O9bM/6jTfy/kz5fa8Twu1ssv/pg873+pvjv3+opAQAAAAAAQGndOhkRL7T6/L+yNP8nWsz/GYiIE9tQ/tCK/dWf/1fubkMxQAv3Tka83HL+byWf/VvtWraEtRo9ydnzM9NHIuJ/EXEoenal+6NrlHH4831ft8sbyub/5Y+0/DvZXMCsHne7dzUfMzU5P/kQpwxk7l2PeLrl/N9kqf1PWrT/6TvD7AbL2PfczdPt8taPf2Cn1L6NONiy/X9w14pk7ftzjNT7AyN5r2C1Zz7+4od25W81/t1iAh5e2v7vXjv+q8ny+/XMbb6MowvdtXZ5W+3/9yZv1O8q1JulfTQ5P39lNKI3OdWVpjalj22+zvA4yuMhj5c0/g89u/b4X6v+f39ELK742clfzWuKc0/8O/B7u/ro/0Nx0vif2lT7v/mNsZvVH9uVv7H2/1i9rT+UpRj/g4av8jDtbU5vEY7drbI6XV8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBxUImJPJJXhpe1KZXg4YiAi/h+7KzOX5+afP3v5g0tTaV79+/8r+Tf9Djb2k/z7/6vL9sdW7B+NiL0R8WVXf31/+MzlmamiTx4AAAAAAAAAAAAAAAAAAAAeEQNt1v+n/ugqunbAjusuugJAYVrE/y9F1APoPO0/lJf4h/IS/1Be4h/KS/xDea0d/2+Pd6wiQMdp/6G8xD8AAAAAADxW9h649WsSEYsv9dcfqd4sr6fQmgE7rVJ0BYDCuMUPlJepP1BervGBZJ38vrYHrXfkWmbPPMTBAAAAAAAAAAAAAFA6B/db/w9lZf0/lJf1/1Be+fr/AwXXA+g81/hArLOSv+X6/3WPAgAAAAAAAAAAAAC209zC1QuTMzPTV2y8+WhUo5MbtVrtWvpX8KjUZ/s3kmyGekcKzafCd/5Mezdygvlav4395OLekwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgGb/BQAA//8wviV5")
mount$bind(0x0, &(0x7f0000000100)='.\x00', 0x0, 0x21, 0x0)
r3 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
write$binfmt_register(r3, &(0x7f0000000880)={0x3a, 'syz3', 0x3a, 'M', 0x3a, 0x1, 0x3a, 'usrjquota=\xb9\xc4\xd7A%S\n\x10i\xcf\x84\x93v\x02\xe4y}\xcbV\xbb\xc1\xd5\x06\v\xdc\xd8\\\xc5\xb3\ag\xa6u\xbe\xf4)\xae\xb6\xfe*\x9d?\xb2C\xf0<\xc9\x820M\x92Tzs\xba\xca\x9d\xad\x17\x1b\x84\xbc\xb3\xd8\xad\f\x17\xbe\x17\xb5}.H\x90\xc7\x0e\xb3y\xd0\xc3\xf0c\x04\xe6\fzZ\x02\xfd_W\x9a\xa7\x81\xfcr\xe9B\x95\x13\x9f\x10\'5\xc0\xf9\xb5\xe1\x15Y\x9b$\xa43\xe7F>\xb7\xa1\xb7zw\xac\xc8\x12\x94\xa7\xe5\xcb\xc0g\x865\\\x9e\xca\x8e\xe2\t\xb7\b\x00\x00\x00\x00\x00\x00\x00i7b\xad\x14oVT\xcb\xea\xd3\xad\xa9\x16\xd5\xb2\xa0 \x13^\xf6>\xd4\x8bZzl\x88\xddn\xab\xd6\x12\x1f\x06', 0x3a, '\x00\x03!\f\xee\x998r~\b\x13\x89\xae\xf1\x06hz\xcc\xd6\xbb\xb8\x19\x90\x9e\xdb\xa2F\xfa_F(\x05\b\x13\x82\x12\xad\x0f^\xdc\xf2\xb5', 0x3a, './file2', 0x3a, [0x46]}, 0x113)
r4 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r4, 0x7, 0x0, 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r2, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a})
r5 = io_uring_setup(0x138a, &(0x7f00000006c0)={0x0, 0x40cf, 0x1, 0x40000007, 0x15f})
io_uring_register$IORING_REGISTER_FILES(r5, 0x2, &(0x7f00000001c0), 0x5f)
getuid()
io_uring_register$IORING_REGISTER_FILES_UPDATE(r5, 0x6, &(0x7f0000000040)={0x25, 0x0, 0x0}, 0x0)
io_uring_register$IORING_UNREGISTER_FILES(r5, 0x3, 0x0, 0x0)

6m2.993722807s ago: executing program 4 (id=82):
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0000001f"], 0x50)
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000), 0x8)
r1 = socket$packet(0x11, 0x2, 0x300)
prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x3, &(0x7f0000000540))
shmctl$IPC_INFO(0x0, 0x3, 0x0)
bind$packet(r1, &(0x7f00000001c0)={0x11, 0xf6, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000), 0x8)

6m1.335524125s ago: executing program 4 (id=85):
r0 = socket(0xa, 0x3, 0xff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="340200", @ANYRES16=0x0, @ANYBLOB="00012bbd7000fddbdf25090000000c0007800800020008000000140003a90100010001040000080001000100000004000780a40006804600040067636d28616573290000000000000000000000000000000000000000000000001e00000014134f4273955bba1a28583397fb6c4844f5f28892e8a53d5a27e3113df40000040005004900040067636d28616573290000000000000000000000000000000000000000000000002100000093d33df94300822f6642ff073a379d54ce161e12b2540adbb8b012bacbb4829ef100000008000600070000003000068008000100100000000800060005000000080001000100000008000600820000000400020008000100010400002400068004000500040002000400050008000600030000000800060000000000040005000401018008000300020000002c0002800800010000000000080001001a000000080002000f0000000800020008000000080003000000000014000280080004000300000008000200b5000000140002800800020008000000080002000300000038000400200001000a004e23000003fffe80000000000000000000000000003bff0100001400020002004e24e00000020000000000000000380004001400010002004e23ffffffff0000000000000000200002000a004e2300000002fc0100000000000000000000000000070400000034000280080004004000000008000300ffff0000080002000900000008000400060000000800030068000000080001001f000000"], 0x234}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$inet6(r0, 0x0, 0x20008b88)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0xfffffffffffffdc3, &(0x7f00000000c0)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
mmap(&(0x7f0000608000/0x4000)=nil, 0x4000, 0x2000003, 0x1010, r1, 0x9b3ab000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="280000002a0003050000000000000000180000800c0000000d0000000057"], 0x28}], 0x1}, 0x14008010)
recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x120)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x90012, 0xffffffffffffffff, 0x7f5b9000)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)={0x18, r5, 0x333, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x54)
socket$nl_route(0x10, 0x3, 0x0)

5m59.599529045s ago: executing program 32 (id=85):
r0 = socket(0xa, 0x3, 0xff)
sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f0000000180)={&(0x7f0000000640)=ANY=[@ANYBLOB="340200", @ANYRES16=0x0, @ANYBLOB="00012bbd7000fddbdf25090000000c0007800800020008000000140003a90100010001040000080001000100000004000780a40006804600040067636d28616573290000000000000000000000000000000000000000000000001e00000014134f4273955bba1a28583397fb6c4844f5f28892e8a53d5a27e3113df40000040005004900040067636d28616573290000000000000000000000000000000000000000000000002100000093d33df94300822f6642ff073a379d54ce161e12b2540adbb8b012bacbb4829ef100000008000600070000003000068008000100100000000800060005000000080001000100000008000600820000000400020008000100010400002400068004000500040002000400050008000600030000000800060000000000040005000401018008000300020000002c0002800800010000000000080001001a000000080002000f0000000800020008000000080003000000000014000280080004000300000008000200b5000000140002800800020008000000080002000300000038000400200001000a004e23000003fffe80000000000000000000000000003bff0100001400020002004e24e00000020000000000000000380004001400010002004e23ffffffff0000000000000000200002000a004e2300000002fc0100000000000000000000000000070400000034000280080004004000000008000300ffff0000080002000900000008000400060000000800030068000000080001001f000000"], 0x234}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
sendmsg$inet6(r0, 0x0, 0x20008b88)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000002c0), 0x2, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpgrp(0x0)
sched_setaffinity(r2, 0xfffffffffffffdc3, &(0x7f00000000c0)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x2, 0x0)
mmap(&(0x7f0000608000/0x4000)=nil, 0x4000, 0x2000003, 0x1010, r1, 0x9b3ab000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
sendmsg$netlink(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)=ANY=[@ANYBLOB="280000002a0003050000000000000000180000800c0000000d0000000057"], 0x28}], 0x1}, 0x14008010)
recvmsg(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0}, 0x120)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
mmap(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x8, 0x90012, 0xffffffffffffffff, 0x7f5b9000)
r5 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000040), 0xffffffffffffffff)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_LINKMODES_GET(r6, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000380)={0x18, r5, 0x333, 0x0, 0x0, {0x1c}, [@HEADER={0x4}]}, 0x18}}, 0x54)
socket$nl_route(0x10, 0x3, 0x0)

3m36.865690345s ago: executing program 5 (id=377):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0xfe33)
fchdir(0xffffffffffffffff)
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000080)={0x1}, 0x0)
r2 = syz_clone(0x801a8491, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x100000000001, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
syz_usb_connect(0x4, 0x2d, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf05", 0x29}], 0x1}, 0x48000)
tkill(r2, 0x13)
waitid(0x0, r2, 0x0, 0x2100000a, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000001b40)={'syz0\x00', {0xb8b8}, 0x3, [0x5, 0x96, 0x4000401, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffe, 0xfffffffe, 0x6, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x7, 0x0, 0xe1d5, 0x80000, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffc, 0x0, 0xfffffff6, 0x0, 0x8, 0x800000, 0xfffffffc, 0x101, 0x4, 0x0, 0x4, 0x0, 0x2, 0x0, 0x2, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0xfffffffc], [0x3, 0xfffff41a, 0x0, 0x0, 0x4, 0x40, 0x0, 0xedc0, 0x0, 0x5f1, 0x9, 0x0, 0xe, 0x0, 0x0, 0xfffffffc, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5, 0x209, 0xffff8800, 0x0, 0xfffffff8, 0x4, 0x10000, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x5, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffa, 0xfffff986, 0xffffffff], [0x0, 0x7f, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xfffffffe, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x8000000, 0x0, 0x3, 0xfffffffd, 0x2, 0xfffeffff, 0x10000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, 0x4, 0x1, 0x200000, 0x80000000, 0x2, 0x7fff, 0x0, 0x0, 0x7, 0x3, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4, 0xffffffff], [0x2, 0x0, 0x9, 0x0, 0xfffffffe, 0x4, 0xfffffffe, 0x4, 0xfffdfffc, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x100, 0x0, 0x0, 0x0, 0x401, 0x7, 0x0, 0x400, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xe, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000, 0x0, 0xcf42, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)

3m31.567442106s ago: executing program 5 (id=387):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000c00)=ANY=[], 0x2, 0x6e5, &(0x7f0000000680)="$eJzs3c1vHGcdB/DvrNeON1TBaRMaoSBMIhWkiMSJlUK4YBBCOVSoKoeercRprGySKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnGIelk0s7P27nr9lvgloZ9PNZnnmeeZZ377m2dmvOtaG+AL6+q5NB+myNVzbzwo66srs+3VldkjdXM7SVluJM3uKsWdpHiUzJXtRd+SvvUGHy1eeevTx6ufdWvNeqn6j2213wgj+i7XS6br8aZH7jm+00Ms1+HlpSTX6vWgiZ2ONdCxTNrZeg2HrjOokc7ybnbfzXULPGd6T6ei+9zcYCo5mmSy/jkg9d2hcXAR7qlv9Aq7ussBAADAC+qTu4cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALx4qu//b61VG91NyXSK3vf/T/S21eXn0NyOez7c1zgAAAAAAAAA4GB8/Ume5EGO9eqdovqd/5mqciKfd5Iv5b3cz0Lu5XweZD5LWcq9XEwy1TfQxIP5paV7F9f2LI3e89LIPS8d1CsGAAAAAAAAgP9Lv0pr/ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwPCiSse6qWk7U60yl0cx6W5aTfyWZOOx4d6EYtfHhwccBAAAAz2TyKfb58pM8yYMc69U7RfWe/yvV++XJvJc7WcpiltLOQq7X76HLd/2N1ZXZ9urK7O1yKeuD4/7gP7sKY6IeYayqjTryqapHKzeyWG05n2tVMNfT6B77bHKqF09fXH0+LGMqvl/bYWTNOq3lwf6w2acIe2Lwo4jGFj1b68ElaxmZqWMr9zzezUBRfVCTDGdi+OxsOFhzoDZVdRlfO9LFNNY++TmxDzk/Wq/L1/Pbfc35TvTnYi0TjVSZuNSbfeU1s3Umkm/+7c9v32zfuXXzxv1zh/uSdmFsk+3Dc2K2LxOvvtCZaO6y/0yViZNr9av5cX6ac5nOm7mXxfws81nKQjp1+3w9n8t/p7bO1NxA7c3tIpmoz0v3nO0kpun8qCrN50y177EspsjdXM9CXq/+u5SL+U4u53Ku9J3hk5vGXb226qpvDF/1vTP995HBn/1WXSjvbr9bv8vNbfWKN5ude6V77y/zerwvr91Z/3it1/G+62CmL0sv97IzPnLwp7k3Nr9aF8pj/Hqb58TBmqozUV5AvadEL7pXuploVs+ijfP8j51yv7TvdDo359/dZPzlofpr9bqcVitf2653z+hTsbfK+fJyJus7yeDsKNteWbvL9LV11udyt23wiVvud7JqK4relfqT3K0mwMYrdaL+GW7jSJeqtleH2k7X9/Cy7VRf28DPW7mbdq4fQP4AeBr/fHutOJWjE61/tz5pfdz6Tetm643JHx757pHTExn/x/j3mjNjrzVOF3/Nx/nF+vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6d1//4Nb8+32wr3RhcbmTQOFVoa3bDfyUKGov9BnVJ9b9bcU7GrAQy5MJhnYUn3P0YGH0RoOY0Oh88vkwPPT+xLB0X1+XxaaOzrdcwNb/rJxwA+3j2csQ/NwB9fFPhYaOdiDjmX0BDisOxJwUC4s3X73wv33P/j24u35dxbeWbgzfvnylZkrl1+fvXBjsb0w0/33sKME9sP6Q/+wIwEAAAAAAAAAAAB2atQfBpx5abs/GtlQaCQZ/hsP/2chAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsCeunkvzYYpcnDk/U9ZXV2bb5dIrr/dsJmk0kuLnSfEomUt3yVTfcEX+9CidEcf5aPHKW58+Xv1sfaxmt3/SqNeb27o1yXK9ZDrJWL1+BgPjXXvm8Yr/9l5DmbDPO53O3LPFB3vjfwEAAP//qWztYw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x5}}, 0x14}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)

3m28.24390158s ago: executing program 5 (id=392):
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000000)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x8, &(0x7f0000000380))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
read$FUSE(0xffffffffffffffff, &(0x7f00000040c0)={0x2020}, 0x2020)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0x0, 0x0}, 0x10)
sendto$inet6(r3, 0x0, 0x0, 0x24008000, &(0x7f00000001c0)={0xa, 0x2, 0x20398, @empty, 0xffffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)
shutdown(r3, 0x1)

3m17.544852928s ago: executing program 5 (id=407):
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r3, &(0x7f00000040c0)={0x2020}, 0x2020)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)

3m15.252164236s ago: executing program 5 (id=412):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
socket$kcm(0x10, 0x2, 0x0)
write$cgroup_subtree(r0, &(0x7f00000000c0)=ANY=[@ANYRESHEX], 0xfe33)
fchdir(0xffffffffffffffff)
io_uring_register$IORING_REGISTER_CLOCK(0xffffffffffffffff, 0x1d, &(0x7f0000000080)={0x1}, 0x0)
r2 = syz_clone(0x801a8491, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x100000000001, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
syz_open_dev$MSR(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
syz_usb_connect(0x4, 0x2d, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000300020400bf05000500", 0x2c}], 0x1}, 0x48000)
tkill(r2, 0x13)
waitid(0x0, r2, 0x0, 0x2100000a, 0x0)
r5 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$uinput_user_dev(r5, &(0x7f0000001b40)={'syz0\x00', {0xb8b8}, 0x3, [0x5, 0x96, 0x4000401, 0x8, 0xfffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x9, 0x4, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffe, 0xfffffffe, 0x6, 0xffffffff, 0x0, 0x0, 0x0, 0xffffffff, 0x4, 0x7, 0x0, 0xe1d5, 0x80000, 0xf5b1, 0xffffffff, 0x10000000, 0x99, 0x20000000, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0xfffffffc, 0x0, 0xfffffff6, 0x0, 0x8, 0x800000, 0xfffffffc, 0x101, 0x4, 0x0, 0x4, 0x0, 0x2, 0x0, 0x2, 0x0, 0xffffffff, 0x0, 0x0, 0x1, 0x0, 0xfffffffc], [0x3, 0xfffff41a, 0x0, 0x0, 0x4, 0x40, 0x0, 0xedc0, 0x0, 0x5f1, 0x9, 0x0, 0xe, 0x0, 0x0, 0xfffffffc, 0x0, 0xa0000000, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x5, 0x209, 0xffff8800, 0x0, 0xfffffff8, 0x4, 0x10000, 0x2000079, 0x400, 0x0, 0x0, 0x10000, 0x40000, 0x0, 0xc0800000, 0xffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x81, 0x5, 0x0, 0x0, 0xfffffffc, 0x0, 0xfffffffa, 0xfffff986, 0xffffffff], [0x0, 0x7f, 0x0, 0x1, 0x1, 0x0, 0x3, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xfffffffe, 0x0, 0x4, 0x0, 0x0, 0x0, 0x2, 0x8000000, 0x0, 0x3, 0xfffffffd, 0x2, 0xfffeffff, 0x10000, 0x0, 0x8, 0x0, 0x0, 0x0, 0x2, 0x6, 0x0, 0x0, 0x4, 0x1, 0x200000, 0x80000000, 0x2, 0x7fff, 0x0, 0x0, 0x7, 0x3, 0x0, 0xf, 0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0x0, 0xfffffffc, 0x4, 0xffffffff], [0x2, 0x0, 0x9, 0x0, 0xfffffffe, 0x4, 0xfffffffe, 0x4, 0xfffdfffc, 0x0, 0x0, 0x3, 0xfffffffc, 0x4, 0x800, 0x100, 0x0, 0x0, 0x0, 0x401, 0x7, 0x0, 0x400, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0xffffffff, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0xe, 0x5, 0xfffffffd, 0x0, 0x0, 0x0, 0x8001, 0x80, 0x0, 0x0, 0x0, 0x0, 0x9, 0x4000, 0x0, 0xcf42, 0x0, 0x0, 0x8, 0x0, 0x0, 0x8000000, 0x4, 0x0, 0x0, 0x0, 0xffffe]}, 0x45c)

3m11.966551129s ago: executing program 5 (id=417):
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000000)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x8, &(0x7f0000000380))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
read$FUSE(0xffffffffffffffff, &(0x7f00000040c0)={0x2020}, 0x2020)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0x0, 0x0}, 0x10)
sendto$inet6(r3, 0x0, 0x0, 0x24008000, &(0x7f00000001c0)={0xa, 0x2, 0x20398, @empty, 0xffffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)
shutdown(r3, 0x1)

2m56.593600427s ago: executing program 33 (id=417):
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, &(0x7f0000000000)={'nat\x00', 0x4, [{}, {}, {}, {}]}, 0x68)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x8, &(0x7f0000000380))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
read$FUSE(0xffffffffffffffff, &(0x7f00000040c0)={0x2020}, 0x2020)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r4, 0x0, 0x0}, 0x10)
sendto$inet6(r3, 0x0, 0x0, 0x24008000, &(0x7f00000001c0)={0xa, 0x2, 0x20398, @empty, 0xffffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)
shutdown(r3, 0x1)

23.135921296s ago: executing program 6 (id=695):
socket$packet(0x11, 0x3, 0x300)
r0 = socket$kcm(0x11, 0x3, 0x0)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
r1 = syz_open_dev$vim2m(&(0x7f0000000240), 0x6, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r1, 0xc0145608, 0x0)
socket(0x10, 0x3, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
r2 = syz_io_uring_setup(0x111, 0x0, 0x0, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0, &(0x7f0000000000))
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$FS_IOC_RESVSP(r4, 0x40305828, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x2000000})
creat(&(0x7f0000000e00)='./file0\x00', 0xc)
sendmsg$kcm(r0, &(0x7f0000000200)={&(0x7f0000000100)=@phonet={0x23, 0x0, 0x0, 0x38}, 0x80, &(0x7f00000001c0)=[{&(0x7f0000000000)="27050200d40f00000600002f8847", 0xe}], 0x1}, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000380)='memory.events\x00', 0x26e1, 0x0)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x10, 0x4, 0x4, 0x2, 0x0, 0x1, 0x2a}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000a80)={{r6}, &(0x7f0000000a00), &(0x7f0000000a40)=r5}, 0x20)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000300)=ANY=[@ANYRES32=r3, @ANYRES16=r2, @ANYRESDEC, @ANYRES64=r6], 0x118)
write$RDMA_USER_CM_CMD_CREATE_ID(r5, 0x0, 0x0)
write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000180)={0x7, 0x8, 0xfa00, {0xffffffffffffffff, 0x8b1}}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000900)={{r6}, &(0x7f0000000880), &(0x7f00000008c0)=r5}, 0x20)

20.98442625s ago: executing program 6 (id=696):
socket$nl_route(0x10, 0x3, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000400)={0xf0f000, 0x5})
r1 = socket$unix(0x1, 0x2, 0x0)
r2 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r2, 0x40045532, &(0x7f0000000040))
r3 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r3, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$sock_SIOCSIFBR(r1, 0x8941, &(0x7f0000000280)=@add_del={0x2, &(0x7f0000000240)='vlan0\x00'})
poll(&(0x7f0000000a40)=[{0xffffffffffffffff, 0x1000}], 0x1, 0x1)
setsockopt$SO_TIMESTAMPING(r1, 0x1, 0x25, &(0x7f0000000100), 0x4)
setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f0000000180)={0x80000000}, 0x19a)
bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40e00, 0x5a, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = getpgrp(0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r4, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x0], 0x0, 0x0, 0x1, 0x1, r5}}, 0x40)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x10012, 0xffffffffffffffff, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

19.158102073s ago: executing program 6 (id=699):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r3 = socket$inet6(0xa, 0x80002, 0x0)
fsopen(&(0x7f0000001340)='cgroup2\x00', 0x0)
r4 = openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
write$cgroup_pid(r4, &(0x7f0000001c00), 0x12)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e22, 0x0, @dev, 0x5}, 0x1c)
socket$nl_route(0x10, 0x3, 0x0)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4000000)

18.099786599s ago: executing program 2 (id=702):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1080, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f00000034c0)={0x2020}, 0xcac)

17.247334218s ago: executing program 2 (id=703):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msgctl$MSG_INFO(0x0, 0xc, 0x0)

17.169566071s ago: executing program 6 (id=705):
r0 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='wlan0\x00', 0x10)
bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
connect$inet(r0, &(0x7f0000000000)={0x2, 0xeff7, @local}, 0x10)
sendmmsg$inet(r0, &(0x7f0000000900)=[{{0x0, 0x0, 0x0}}], 0x40000cf, 0x0)

15.968163042s ago: executing program 3 (id=710):
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x8, &(0x7f0000000380))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071102c00000000001d400500000000004704000001ed00000f030000000000002c440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623028271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r3, &(0x7f00000040c0)={0x2020}, 0x2020)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r6, 0x0, 0x0}, 0x10)
sendto$inet6(r5, 0x0, 0x0, 0x24008000, &(0x7f00000001c0)={0xa, 0x2, 0x20398, @empty, 0xffffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)
shutdown(r5, 0x1)

15.74179243s ago: executing program 6 (id=711):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x60db, &(0x7f0000000140)={0x0, 0x7cc, 0x40, 0x3, 0x2c0}, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000000))
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
keyctl$clear(0x7, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
socket$l2tp(0x2, 0x2, 0x73)
r4 = socket(0x15, 0x5, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x48)
r6 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r5, &(0x7f0000000500)="41ffa3e8ef335673da7b7e0212ea1f9dc724e7188e3ba804a2c0d07128ba5c31dc613aa0052f02bdce2a427204121a9773b1ebdbcd1c878d", &(0x7f0000000280)=@tcp6=r6, 0x2}, 0x20)
getsockopt(r4, 0x200000000114, 0x2714, 0x0, &(0x7f0000000000))
close_range(r0, 0xffffffffffffffff, 0x0)

13.478406367s ago: executing program 1 (id=715):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1080, 0x8000000000002})
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x800, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat$binder_debug(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/debug/binder/stats\x00', 0x0, 0x0)
read$FUSE(r2, &(0x7f00000034c0)={0x2020}, 0xcac)

12.862882718s ago: executing program 2 (id=716):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x28)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000480), &(0x7f0000000000))
syz_open_dev$vivid(0x0, 0x3, 0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket(0x1000000000000010, 0x80802, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x1, &(0x7f0000000240)=0x9, 0x4)
r3 = socket(0x11, 0x3, 0x0)
bind$packet(r3, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$packet(r3, &(0x7f00000002c0)="fb57975e267951722b395d37bac8", 0xe, 0x0, 0x0, 0x0)
recvmsg(r3, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x2000)

12.851274899s ago: executing program 3 (id=717):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = syz_io_uring_setup(0x117, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$watch_queue(&(0x7f0000002240), 0x80)
r2 = add_key$user(&(0x7f0000000100), 0x0, &(0x7f0000000180)="8e", 0x1, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000240), 0x80)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x9f)
keyctl$chown(0x4, r2, 0x0, 0xee01)
io_uring_enter(r1, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000800)={{0x12, 0x1, 0x0, 0x96, 0x5d, 0x6, 0x40, 0x133e, 0x815, 0x7e66, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1}}]}}, 0x0)

12.511245541s ago: executing program 1 (id=718):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
setsockopt$IP6T_SO_SET_ADD_COUNTERS(0xffffffffffffffff, 0x29, 0x41, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r3, &(0x7f00000040c0)={0x2020}, 0x2020)
socket$nl_netfilter(0x10, 0x3, 0xc)
setsockopt$inet6_tcp_TCP_CONGESTION(0xffffffffffffffff, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)

10.445646382s ago: executing program 2 (id=719):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000c00)=ANY=[], 0x2, 0x6e5, &(0x7f0000000680)="$eJzs3c1vHGcdB/DvrNeON1TBaRMaoSBMIhWkiMSJlUK4YBBCOVSoKoeercRprGySKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnGIelk0s7P27nr9lvgloZ9PNZnnmeeZZ377m2dmvOtaG+AL6+q5NB+myNVzbzwo66srs+3VldkjdXM7SVluJM3uKsWdpHiUzJXtRd+SvvUGHy1eeevTx6ufdWvNeqn6j2213wgj+i7XS6br8aZH7jm+00Ms1+HlpSTX6vWgiZ2ONdCxTNrZeg2HrjOokc7ybnbfzXULPGd6T6ei+9zcYCo5mmSy/jkg9d2hcXAR7qlv9Aq7ussBAADAC+qTu4cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALx4qu//b61VG91NyXSK3vf/T/S21eXn0NyOez7c1zgAAAAAAAAA4GB8/Ume5EGO9eqdovqd/5mqciKfd5Iv5b3cz0Lu5XweZD5LWcq9XEwy1TfQxIP5paV7F9f2LI3e89LIPS8d1CsGAAAAAAAAgP9Lv0pr/ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwPCiSse6qWk7U60yl0cx6W5aTfyWZOOx4d6EYtfHhwccBAAAAz2TyKfb58pM8yYMc69U7RfWe/yvV++XJvJc7WcpiltLOQq7X76HLd/2N1ZXZ9urK7O1yKeuD4/7gP7sKY6IeYayqjTryqapHKzeyWG05n2tVMNfT6B77bHKqF09fXH0+LGMqvl/bYWTNOq3lwf6w2acIe2Lwo4jGFj1b68ElaxmZqWMr9zzezUBRfVCTDGdi+OxsOFhzoDZVdRlfO9LFNNY++TmxDzk/Wq/L1/Pbfc35TvTnYi0TjVSZuNSbfeU1s3Umkm/+7c9v32zfuXXzxv1zh/uSdmFsk+3Dc2K2LxOvvtCZaO6y/0yViZNr9av5cX6ac5nOm7mXxfws81nKQjp1+3w9n8t/p7bO1NxA7c3tIpmoz0v3nO0kpun8qCrN50y177EspsjdXM9CXq/+u5SL+U4u53Ku9J3hk5vGXb226qpvDF/1vTP995HBn/1WXSjvbr9bv8vNbfWKN5ude6V77y/zerwvr91Z/3it1/G+62CmL0sv97IzPnLwp7k3Nr9aF8pj/Hqb58TBmqozUV5AvadEL7pXuploVs+ijfP8j51yv7TvdDo359/dZPzlofpr9bqcVitf2653z+hTsbfK+fJyJus7yeDsKNteWbvL9LV11udyt23wiVvud7JqK4relfqT3K0mwMYrdaL+GW7jSJeqtleH2k7X9/Cy7VRf28DPW7mbdq4fQP4AeBr/fHutOJWjE61/tz5pfdz6Tetm643JHx757pHTExn/x/j3mjNjrzVOF3/Nx/nF+vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6d1//4Nb8+32wr3RhcbmTQOFVoa3bDfyUKGov9BnVJ9b9bcU7GrAQy5MJhnYUn3P0YGH0RoOY0Oh88vkwPPT+xLB0X1+XxaaOzrdcwNb/rJxwA+3j2csQ/NwB9fFPhYaOdiDjmX0BDisOxJwUC4s3X73wv33P/j24u35dxbeWbgzfvnylZkrl1+fvXBjsb0w0/33sKME9sP6Q/+wIwEAAAAAAAAAAAB2atQfBpx5abs/GtlQaCQZ/hsP/2chAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsCeunkvzYYpcnDk/U9ZXV2bb5dIrr/dsJmk0kuLnSfEomUt3yVTfcEX+9CidEcf5aPHKW58+Xv1sfaxmt3/SqNeb27o1yXK9ZDrJWL1+BgPjXXvm8Yr/9l5DmbDPO53O3LPFB3vjfwEAAP//qWztYw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x5}}, 0x14}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)

9.659758258s ago: executing program 3 (id=720):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000c00)=ANY=[], 0x2, 0x6e5, &(0x7f0000000680)="$eJzs3c1vHGcdB/DvrNeON1TBaRMaoSBMIhWkiMSJlUK4YBBCOVSoKoeercRprGySKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnGIelk0s7P27nr9lvgloZ9PNZnnmeeZZ377m2dmvOtaG+AL6+q5NB+myNVzbzwo66srs+3VldkjdXM7SVluJM3uKsWdpHiUzJXtRd+SvvUGHy1eeevTx6ufdWvNeqn6j2213wgj+i7XS6br8aZH7jm+00Ms1+HlpSTX6vWgiZ2ONdCxTNrZeg2HrjOokc7ybnbfzXULPGd6T6ei+9zcYCo5mmSy/jkg9d2hcXAR7qlv9Aq7ussBAADAC+qTu4cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALx4qu//b61VG91NyXSK3vf/T/S21eXn0NyOez7c1zgAAAAAAAAA4GB8/Ume5EGO9eqdovqd/5mqciKfd5Iv5b3cz0Lu5XweZD5LWcq9XEwy1TfQxIP5paV7F9f2LI3e89LIPS8d1CsGAAAAAAAAgP9Lv0pr/ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwPCiSse6qWk7U60yl0cx6W5aTfyWZOOx4d6EYtfHhwccBAAAAz2TyKfb58pM8yYMc69U7RfWe/yvV++XJvJc7WcpiltLOQq7X76HLd/2N1ZXZ9urK7O1yKeuD4/7gP7sKY6IeYayqjTryqapHKzeyWG05n2tVMNfT6B77bHKqF09fXH0+LGMqvl/bYWTNOq3lwf6w2acIe2Lwo4jGFj1b68ElaxmZqWMr9zzezUBRfVCTDGdi+OxsOFhzoDZVdRlfO9LFNNY++TmxDzk/Wq/L1/Pbfc35TvTnYi0TjVSZuNSbfeU1s3Umkm/+7c9v32zfuXXzxv1zh/uSdmFsk+3Dc2K2LxOvvtCZaO6y/0yViZNr9av5cX6ac5nOm7mXxfws81nKQjp1+3w9n8t/p7bO1NxA7c3tIpmoz0v3nO0kpun8qCrN50y177EspsjdXM9CXq/+u5SL+U4u53Ku9J3hk5vGXb226qpvDF/1vTP995HBn/1WXSjvbr9bv8vNbfWKN5ude6V77y/zerwvr91Z/3it1/G+62CmL0sv97IzPnLwp7k3Nr9aF8pj/Hqb58TBmqozUV5AvadEL7pXuploVs+ijfP8j51yv7TvdDo359/dZPzlofpr9bqcVitf2653z+hTsbfK+fJyJus7yeDsKNteWbvL9LV11udyt23wiVvud7JqK4relfqT3K0mwMYrdaL+GW7jSJeqtleH2k7X9/Cy7VRf28DPW7mbdq4fQP4AeBr/fHutOJWjE61/tz5pfdz6Tetm643JHx757pHTExn/x/j3mjNjrzVOF3/Nx/nF+vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6d1//4Nb8+32wr3RhcbmTQOFVoa3bDfyUKGov9BnVJ9b9bcU7GrAQy5MJhnYUn3P0YGH0RoOY0Oh88vkwPPT+xLB0X1+XxaaOzrdcwNb/rJxwA+3j2csQ/NwB9fFPhYaOdiDjmX0BDisOxJwUC4s3X73wv33P/j24u35dxbeWbgzfvnylZkrl1+fvXBjsb0w0/33sKME9sP6Q/+wIwEAAAAAAAAAAAB2atQfBpx5abs/GtlQaCQZ/hsP/2chAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsCeunkvzYYpcnDk/U9ZXV2bb5dIrr/dsJmk0kuLnSfEomUt3yVTfcEX+9CidEcf5aPHKW58+Xv1sfaxmt3/SqNeb27o1yXK9ZDrJWL1+BgPjXXvm8Yr/9l5DmbDPO53O3LPFB3vjfwEAAP//qWztYw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x5}}, 0x14}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)

9.503154484s ago: executing program 6 (id=722):
recvfrom(0xffffffffffffffff, 0x0, 0x0, 0x2020, &(0x7f0000000100)=@pppol2tpin6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x4, 0x4, 0x0, 0x2, {0xa, 0x4e22, 0x2, @loopback, 0x6}}}, 0x80)
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x7)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)
r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x129001, 0x0)
ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000000)=0xf)
ioctl$TCFLSH(r1, 0x400455c8, 0x4)
ioctl$TIOCSTI(r1, 0x5412, &(0x7f0000000040)=0x33)
ioctl$FS_IOC_GETFSLABEL(r0, 0x400452c8, &(0x7f0000000100))

8.763525059s ago: executing program 0 (id=723):
r0 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
accept4(r0, &(0x7f00000003c0), 0x0, 0x800)
ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000020c0), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
connect$llc(0xffffffffffffffff, &(0x7f0000000000)={0x1a, 0x1, 0x0, 0x0, 0x0, 0x0, @remote}, 0x10)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x0, 0x0)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800006, 0x7000001, 0x6e073, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000bc0000/0x400000)=nil, 0x600000, 0x9)
mkdir(0x0, 0x0)
pwritev(0xffffffffffffffff, 0x0, 0x0, 0x80040000, 0x5)

7.789790713s ago: executing program 3 (id=724):
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_emit_ethernet(0x4a, 0x0, 0x0)
ioctl$UI_DEV_SETUP(0xffffffffffffffff, 0x5501, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = openat$snapshot(0xffffffffffffff9c, &(0x7f00000001c0), 0x3f, 0x0)
ioctl$SNAPSHOT_FREE_SWAP_PAGES(r1, 0x3309)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
syz_genetlink_get_family_id$tipc2(0x0, 0xffffffffffffffff)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000100), 0x0)
ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x40505330, &(0x7f00000001c0)={0x800000, 0x80, 0x7, 0x4, 0x3ffd, 0x7})
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)
setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x4000000000000, 0x40, 0x0, 0x0)

7.515155892s ago: executing program 2 (id=725):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
r3 = socket(0x10, 0x3, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, 0x0, 0x0)
setregid(0xffffffffffffffff, 0x0)
socket$inet6_icmp(0xa, 0x2, 0x3a)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_SPEED(r4, 0xc0045002, 0x0)
fstatfs(0xffffffffffffffff, &(0x7f00000000c0)=""/49)
socket$inet_udp(0x2, 0x2, 0x0)
landlock_restrict_self(0xffffffffffffffff, 0x0)
syz_open_dev$video4linux(&(0x7f0000000000), 0x3, 0x0)

7.477362583s ago: executing program 0 (id=726):
syz_genetlink_get_family_id$wireguard(0x0, 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
brk(0x689d80000003)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000080)=@base={0x9, 0x2, 0x8, 0x40, 0x42, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
r4 = dup(r3)
setsockopt$IPT_SO_SET_REPLACE(r4, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x318, 0x0, 0x6affffff, 0x3403000b, 0x0, 0x7, 0x280, 0x230, 0x230, 0x280, 0x223, 0x3, 0x0, {[{{@uncond, 0x0, 0x160, 0x1a8, 0x0, {0x1000000}, [@common=@unspec=@conntrack3={{0xc8}, {{@ipv6=@dev={0xfe, 0x80, '\x00', 0x44}, [0xffffffff, 0x54691080da52b893, 0xff, 0xffffff00], @ipv4=@initdev={0xac, 0x1e, 0x0, 0x0}, [0xff, 0xff, 0xff, 0xffffff], @ipv6=@private0, [0xffffff00, 0xffffff00, 0xff], @ipv6=@mcast2, [0xffffff00, 0xffffff00, 0xffffff00, 0xffff00], 0xfffffffe, 0x6, 0x1d, 0x4e23, 0x4e21, 0x4e22, 0x4e22, 0xa00, 0x2200}, 0x100, 0x1004, 0x4e22, 0x4e23, 0x4e22, 0x4e23}}, @common=@unspec=@state={{0x28}, {0x8}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x378)

5.991809835s ago: executing program 2 (id=727):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
msgctl$MSG_INFO(0x0, 0xc, 0x0)

5.633321997s ago: executing program 3 (id=728):
fanotify_init(0x4, 0x800)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getrlimit(0x8, &(0x7f0000000380))
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000780)=ANY=[@ANYBLOB="b70000008100003bbfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071102c00000000001d400500000000004704000001ed00000f030000000000002c440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646c0200000000000000020000e35208b0bb0d2cd829e654400e2438ec649dc76128610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda82fc9c4d7ecc7a803bf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714f62ba7a54f0c33d39000d0bfed3a6a59ff616236fd8f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a107464ffffff7f00000000617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce963b0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06fa2e04cfe0649226c697d9e8eaade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00023ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88f15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40fc5d2f55ff07c53147de202ce517b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661061173f359e9052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff26b61aac8aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e26534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c3f000000315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336dfaa6d5d164301190bc2d4c04087729033342045804a28082abc3b47623028271722fb515f31e0dd115a292f1e68481a62cd15ea5460a29c60b1058fb7aa9bf4ee3cbe11b03711a15d730646b72d074dab1e8c429339f3460d324c17a4a8bfc7d7eab45bef00664d6dc82300000"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8}, 0x94)
r3 = openat$sw_sync_info(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
read$FUSE(r3, &(0x7f00000040c0)={0x2020}, 0x2020)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_NEW(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r5, &(0x7f0000000040)={0xa, 0x2, 0x0, @loopback, 0x7}, 0x1c)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x3, 0x8, &(0x7f0000000940)=@framed={{0x18, 0x7}, [@tail_call={{}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x100000}}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000540)={r6, 0x0, 0x0}, 0x10)
sendto$inet6(r5, 0x0, 0x0, 0x24008000, &(0x7f00000001c0)={0xa, 0x2, 0x20398, @empty, 0xffffffff}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000080)='vegas', 0x5)
shutdown(r5, 0x1)

4.939396561s ago: executing program 1 (id=729):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000680)={0x0, 0x0, 0x0, 0x0, 0x6, 0x9}, 0x28)
syz_io_uring_setup(0x239, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000000), &(0x7f0000000480), &(0x7f0000000000))
syz_open_dev$vivid(0x0, 0x3, 0x2)
socket$inet_smc(0x2b, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
socket(0x1000000000000010, 0x80802, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$ax25_int(0xffffffffffffffff, 0x101, 0x1, &(0x7f0000000240)=0x9, 0x4)
r2 = socket(0x11, 0x3, 0x0)
bind$packet(r2, &(0x7f0000000080)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, 0x14)
sendto$packet(r2, &(0x7f00000002c0)="fb57975e267951722b395d37bac8", 0xe, 0x0, 0x0, 0x0)
recvmsg(r2, &(0x7f0000000400)={0x0, 0x0, 0x0}, 0x2000)

4.515784515s ago: executing program 0 (id=730):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f00000001c0), 0x80280, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
socketpair$unix(0x1, 0x5, 0x0, 0x0)
r1 = syz_io_uring_setup(0x117, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$watch_queue(&(0x7f0000002240), 0x80)
r2 = add_key$user(&(0x7f0000000100), 0x0, &(0x7f0000000180)="8e", 0x1, 0xffffffffffffffff)
pipe2$watch_queue(&(0x7f0000000240), 0x80)
pipe2$watch_queue(&(0x7f0000000040)={0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x80)
keyctl$KEYCTL_WATCH_KEY(0x20, r2, r3, 0x9f)
keyctl$chown(0x4, r2, 0x0, 0xee01)
io_uring_enter(r1, 0x47f6, 0x80ffff, 0x0, 0x0, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
syz_usb_connect(0x5, 0x24, &(0x7f0000000800)={{0x12, 0x1, 0x0, 0x96, 0x5d, 0x6, 0x40, 0x133e, 0x815, 0x7e66, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1}}]}}, 0x0)

3.698669083s ago: executing program 1 (id=731):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x300000a, 0x12, r0, 0x852ac000)
r1 = socket$kcm(0x23, 0x2, 0x0)
sendmsg$kcm(r1, &(0x7f0000000140)={&(0x7f0000000000)=@phonet, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000080)="b8", 0x1ff48}], 0x1}, 0x0)

2.845750283s ago: executing program 1 (id=732):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_io_uring_setup(0x60db, &(0x7f0000000140)={0x0, 0x7cc, 0x40, 0x3, 0x2c0}, &(0x7f00000001c0), &(0x7f0000000200), &(0x7f0000000000))
bpf$MAP_UPDATE_CONST_STR(0x2, 0x0, 0x0)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040), 0x4)
r0 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
keyctl$clear(0x7, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
keyctl$set_reqkey_keyring(0xf, 0xfffffffb)
socket$l2tp(0x2, 0x2, 0x73)
r4 = socket(0x15, 0x5, 0x0)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="110000000400000004000000ff"], 0x48)
r6 = socket(0x2c, 0x3, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000540)={r5, &(0x7f0000000500)="41ffa3e8ef335673da7b7e0212ea1f9dc724e7188e3ba804a2c0d07128ba5c31dc613aa0052f02bdce2a427204121a9773b1ebdbcd1c878d", &(0x7f0000000280)=@tcp6=r6, 0x2}, 0x20)
getsockopt(r4, 0x200000000114, 0x2714, 0x0, &(0x7f0000000000))
close_range(r0, 0xffffffffffffffff, 0x0)

1.348453034s ago: executing program 0 (id=733):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$hfs(&(0x7f0000002c80), &(0x7f00000000c0)='./file1\x00', 0x4490, &(0x7f0000002cc0)=ANY=[], 0xfd, 0x297, &(0x7f0000000480)="$eJzs3c1qE18Yx/HfmUyb/P8tdfoignRVLbiSvmzETUFyB25cidpEKIYKWkFdRdfiBbjPLXgBLl2Ja6G7rryA7CLnzBkzSWaSGBonid8PJEw655l5TuZMz3lSSgTgn3Wvet46vLAPI5VUknRXCiRVpFDSVV2rvDo9Ozlr1GvDDlRyEfZhFEeagTbHp/WsUBvnIrzIvgq1mv4ZpqPyQ83tlaKzQNHc3Z8hkMr+7nT7K389s+loFp1AwUxbbb3WWtF5AACK5ef/wM/zq379HgTSrp/24/k/WdXP+QTaLjqBKfsyYn9q/ndVVsfY63vF7erWe+5ih1ryQa3Di0lyWVY8snoWmGZUVelyCf57etKo3z5+3qgFeq8jb6nbbMs91+KhmzhvGVfT2u13g4fe8bXpmPVlUiGP1zrNFVbBku3DQTr/VJPNyz3jaOar+WYemkifVPu9/gs7xl4md6WivisV57+Xf0TXy2W5Vjm9XHcnue7P4A3tZUk5FYmSEbXedwGjnDzDnqiNvqi4d/v5vXNRm5lRByOitvqjuqM5P3LazEfzwOzopz6rmlr/B/bd3tU4d6Zt41r6kTG0P6FrGbn5xM8dze3MlsGkPcIEPuiJ7mjt5Zu3zx43GvUXC7th78QZSGOmNpJBMCv5LOyGfZMLOXsy70x+nPxfHXwsvzi6F/0PAxkEi8Kuu0xc/6XqlT23WLNPUe86vZyO7Yw6eOqI+zm1wYZ7/r+/gsupDYz76GEl46+Lg2ccWnPduCXdHOeMscjnOXuOJgkyVX3XIz7/BwAAAAAAAAAAAAAAAAAAmDeX9y8HFeXtKrqPAAAAAAAAAAAAAAAAAAAAAADMu4zv/y0X+v2/9xW/4vt/gan7FQAA//+pI3MQ")
close_range(r0, 0xffffffffffffffff, 0x0)

1.188385409s ago: executing program 0 (id=734):
syz_mount_image$hfsplus(&(0x7f0000000100), &(0x7f0000002900)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2000010, &(0x7f0000000c00)=ANY=[], 0x2, 0x6e5, &(0x7f0000000680)="$eJzs3c1vHGcdB/DvrNeON1TBaRMaoSBMIhWkiMSJlUK4YBBCOVSoKoeercRprGySKnFRWiFwAcEJiUP/gILkGweExD0oXLiUW68+VkLiEnGIelk0s7P27nr9lvgloZ9PNZnnmeeZZ377m2dmvOtaG+AL6+q5NB+myNVzbzwo66srs+3VldkjdXM7SVluJM3uKsWdpHiUzJXtRd+SvvUGHy1eeevTx6ufdWvNeqn6j2213wgj+i7XS6br8aZH7jm+00Ms1+HlpSTX6vWgiZ2ONdCxTNrZeg2HrjOokc7ybnbfzXULPGd6T6ei+9zcYCo5mmSy/jkg9d2hcXAR7qlv9Aq7ussBAADAC+qTu4cdAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALx4qu//b61VG91NyXSK3vf/T/S21eXn0NyOez7c1zgAAAAAAAAA4GB8/Ume5EGO9eqdovqd/5mqciKfd5Iv5b3cz0Lu5XweZD5LWcq9XEwy1TfQxIP5paV7F9f2LI3e89LIPS8d1CsGAAAAAAAAgP9Lv0pr/ff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwPCiSse6qWk7U60yl0cx6W5aTfyWZOOx4d6EYtfHhwccBAAAAz2TyKfb58pM8yYMc69U7RfWe/yvV++XJvJc7WcpiltLOQq7X76HLd/2N1ZXZ9urK7O1yKeuD4/7gP7sKY6IeYayqjTryqapHKzeyWG05n2tVMNfT6B77bHKqF09fXH0+LGMqvl/bYWTNOq3lwf6w2acIe2Lwo4jGFj1b68ElaxmZqWMr9zzezUBRfVCTDGdi+OxsOFhzoDZVdRlfO9LFNNY++TmxDzk/Wq/L1/Pbfc35TvTnYi0TjVSZuNSbfeU1s3Umkm/+7c9v32zfuXXzxv1zh/uSdmFsk+3Dc2K2LxOvvtCZaO6y/0yViZNr9av5cX6ac5nOm7mXxfws81nKQjp1+3w9n8t/p7bO1NxA7c3tIpmoz0v3nO0kpun8qCrN50y177EspsjdXM9CXq/+u5SL+U4u53Ku9J3hk5vGXb226qpvDF/1vTP995HBn/1WXSjvbr9bv8vNbfWKN5ude6V77y/zerwvr91Z/3it1/G+62CmL0sv97IzPnLwp7k3Nr9aF8pj/Hqb58TBmqozUV5AvadEL7pXuploVs+ijfP8j51yv7TvdDo359/dZPzlofpr9bqcVitf2653z+hTsbfK+fJyJus7yeDsKNteWbvL9LV11udyt23wiVvud7JqK4relfqT3K0mwMYrdaL+GW7jSJeqtleH2k7X9/Cy7VRf28DPW7mbdq4fQP4AeBr/fHutOJWjE61/tz5pfdz6Tetm643JHx757pHTExn/x/j3mjNjrzVOF3/Nx/nF+vt/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg6d1//4Nb8+32wr3RhcbmTQOFVoa3bDfyUKGov9BnVJ9b9bcU7GrAQy5MJhnYUn3P0YGH0RoOY0Oh88vkwPPT+xLB0X1+XxaaOzrdcwNb/rJxwA+3j2csQ/NwB9fFPhYaOdiDjmX0BDisOxJwUC4s3X73wv33P/j24u35dxbeWbgzfvnylZkrl1+fvXBjsb0w0/33sKME9sP6Q/+wIwEAAAAAAAAAAAB2atQfBpx5abs/GtlQaCQZ/hsP/2chAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsCeunkvzYYpcnDk/U9ZXV2bb5dIrr/dsJmk0kuLnSfEomUt3yVTfcEX+9CidEcf5aPHKW58+Xv1sfaxmt3/SqNeb27o1yXK9ZDrJWL1+BgPjXXvm8Yr/9l5DmbDPO53O3LPFB3vjfwEAAP//qWztYw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000000c0)={0x14, 0x3a, 0x301, 0x70bd25, 0xfffffffc, {0x5}}, 0x14}}, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x88040, 0x0)
prctl$PR_SET_PTRACER(0x59616d61, 0xffffffffffffffff)
prctl$PR_SET_PTRACER(0x59616d61, 0x0)
linkat(0xffffffffffffff9c, &(0x7f00000006c0)='./file1\x00', 0xffffffffffffff9c, &(0x7f0000000100)='./file7\x00', 0x1000)

347.847868ms ago: executing program 1 (id=735):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000040)='ns/cgroup\x00')
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeef, 0x8031, 0xffffffffffffffff, 0x215eb000)
writev(r0, 0x0, 0x0)
r1 = socket(0x14, 0x2, 0x4)
getsockopt$inet_pktinfo(r1, 0x0, 0x42020054, 0x0, &(0x7f0000000300))

18.605069ms ago: executing program 0 (id=736):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x3000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r3, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10)
sendmsg$rds(r3, &(0x7f0000000680)={&(0x7f00000000c0)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0xf}}, 0x10, 0x0}, 0x0)

0s ago: executing program 3 (id=737):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
unshare(0x2a020400)
setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000002300)=@raw={'raw\x00', 0xc01, 0x3, 0x2298, 0x1100, 0x5002004a, 0x0, 0x1100, 0x0, 0x2200, 0x3c8, 0x3c8, 0x2200, 0x3c8, 0x3, 0x0, {[{{@uncond, 0x60, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x2, 0x1, 0x7], 0x6, 0x2}, {0x2, [0x0, 0x6, 0x4, 0x9, 0x0, 0x89ce99baffcf6900], 0x1, 0x1}}}}, {{@uncond, 0x0, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x1, 0x1, './cgroup.net/syz1\x00', 0x2, {0x5}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@loopback, [0xffffffff, 0xff000000, 0xff, 0xff0000ff], 0x4e22, 0x4c20, 0x4e24, 0x4e23, 0xc9, 0x0, 0x3b, 0x83, 0x25}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x22f8)

kernel console output (not intermixed with test programs):

uous mode
[  107.544598][ T4578] device hsr_slave_1 entered promiscuous mode
[  107.582186][ T4578] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  107.590053][ T4578] Cannot create hsr debugfs directory
[  108.053692][ T4681] loop3: detected capacity change from 0 to 40427
[  108.332367][ T4681] F2FS-fs (loop3): invalid crc value
[  108.433999][   T21] Bluetooth: hci0: command 0x0419 tx timeout
[  108.512828][ T4681] F2FS-fs (loop3): Found nat_bits in checkpoint
[  108.744825][ T4681] F2FS-fs (loop3): Start checkpoint disabled!
[  108.779838][ T4681] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  110.785746][ T4702] loop0: detected capacity change from 0 to 40427
[  110.857290][ T4702] F2FS-fs (loop0): invalid crc value
[  110.890195][ T4702] F2FS-fs (loop0): Found nat_bits in checkpoint
[  110.954694][ T4702] F2FS-fs (loop0): Start checkpoint disabled!
[  110.955211][ T4381] attempt to access beyond end of device
[  110.955211][ T4381] loop3: rw=2049, want=40984, limit=40427
[  110.995104][ T4702] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  111.004325][ T4268] device hsr_slave_0 left promiscuous mode
[  111.073885][ T4268] device hsr_slave_1 left promiscuous mode
[  111.076039][ T4268] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  111.076109][ T4268] batman_adv: batadv0: Removing interface: batadv_slave_0
[  111.092711][ T4268] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  111.092743][ T4268] batman_adv: batadv0: Removing interface: batadv_slave_1
[  111.141333][ T4268] device bridge_slave_1 left promiscuous mode
[  111.145662][ T4268] bridge0: port 2(bridge_slave_1) entered disabled state
[  114.533942][ T4268] device bridge_slave_0 left promiscuous mode
[  114.540539][ T4268] bridge0: port 1(bridge_slave_0) entered disabled state
[  114.986409][ T4724] loop1: detected capacity change from 0 to 40427
[  115.034683][ T4724] F2FS-fs (loop1): invalid crc value
[  115.037055][ T4726] loop3: detected capacity change from 0 to 1024
[  115.065402][ T4724] F2FS-fs (loop1): Found nat_bits in checkpoint
[  115.081213][ T4268] device veth1_macvtap left promiscuous mode
[  115.099936][ T4268] device veth0_macvtap left promiscuous mode
[  115.121147][ T4268] device veth1_vlan left promiscuous mode
[  115.135440][ T4724] F2FS-fs (loop1): Start checkpoint disabled!
[  115.146353][ T4268] device veth0_vlan left promiscuous mode
[  115.152427][ T4724] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  115.178464][ T4726] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  115.849155][ T4726] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  116.090728][ T4731] binfmt_misc: register: failed to install interpreter file ./file2
[  116.144885][    T9] attempt to access beyond end of device
[  116.144885][    T9] loop0: rw=2049, want=40984, limit=40427
[  116.467069][ T4739] capability: warning: `syz.3.117' uses 32-bit capabilities (legacy support in use)
[  116.615064][ T4686] attempt to access beyond end of device
[  116.615064][ T4686] loop1: rw=2049, want=40976, limit=40427
[  118.116664][ T4268] team0 (unregistering): Port device team_slave_1 removed
[  118.173969][ T4268] team0 (unregistering): Port device team_slave_0 removed
[  118.282662][ T4268] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  118.309911][ T4268] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  119.316417][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  119.316433][   T26] audit: type=1326 audit(1774737535.127:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  119.353013][   T26] audit: type=1326 audit(1774737535.157:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  119.360087][ T4268] bond0 (unregistering): Released all slaves
[  119.375741][    C0] vkms_vblank_simulate: vblank timer overrun
[  119.423130][   T26] audit: type=1326 audit(1774737535.237:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  119.490822][   T26] audit: type=1326 audit(1774737535.267:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  119.552404][   T26] audit: type=1326 audit(1774737535.267:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  119.575911][   T26] audit: type=1326 audit(1774737535.347:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  119.612091][   T26] audit: type=1326 audit(1774737535.347:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  120.387741][   T26] audit: type=1326 audit(1774737535.347:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  120.497825][   T26] audit: type=1326 audit(1774737535.347:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  120.618863][   T26] audit: type=1326 audit(1774737535.357:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4753 comm="syz.0.114" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  121.220704][ T4578] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  121.310834][ T4578] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  121.380682][ T4578] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  121.427597][ T4578] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  121.838811][ T4578] 8021q: adding VLAN 0 to HW filter on device bond0
[  122.020239][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  122.050597][ T1270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  122.339334][ T4578] 8021q: adding VLAN 0 to HW filter on device team0
[  122.401608][ T4787] loop3: detected capacity change from 0 to 40427
[  122.416371][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  122.475062][ T4787] F2FS-fs (loop3): invalid crc value
[  122.484843][ T4787] F2FS-fs (loop3): Found nat_bits in checkpoint
[  122.527759][ T4787] F2FS-fs (loop3): Start checkpoint disabled!
[  122.545096][ T4787] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  122.572837][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  122.815859][ T4342] bridge0: port 1(bridge_slave_0) entered blocking state
[  122.823320][ T4342] bridge0: port 1(bridge_slave_0) entered forwarding state
[  123.003847][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  123.014099][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  123.023502][ T4342] bridge0: port 2(bridge_slave_1) entered blocking state
[  123.030626][ T4342] bridge0: port 2(bridge_slave_1) entered forwarding state
[  123.059719][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  123.129898][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  123.169467][ T4797] loop1: detected capacity change from 0 to 128
[  123.202712][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  123.267561][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  123.318527][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  123.372634][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  123.398805][ T4652] attempt to access beyond end of device
[  123.398805][ T4652] loop3: rw=2049, want=40976, limit=40427
[  123.411629][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  123.448821][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  123.512654][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  123.635662][ T4578] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  123.830496][ T4578] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  124.029590][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  124.128107][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  124.310860][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  124.853515][ T4686] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  124.861433][ T4686] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  124.952079][ T4578] 8021q: adding VLAN 0 to HW filter on device batadv0
[  125.631218][ T4814] loop0: detected capacity change from 0 to 131072
[  125.646749][ T4814] F2FS-fs (loop0): Wrong CP boundary, start(512) end(1536) blocks(0)
[  125.655706][ T4814] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  125.680602][ T4822] loop1: detected capacity change from 0 to 1024
[  125.701281][ T4814] F2FS-fs (loop0): invalid crc value
[  125.857859][ T4814] F2FS-fs (loop0): Found nat_bits in checkpoint
[  126.064417][ T4814] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  126.071515][ T4814] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e4
[  126.084078][ T4822] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  126.482802][ T4811] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  126.724256][ T4835] process 'syz.3.129' launched './file2' with NULL argv: empty string added
[  126.839262][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  126.839278][   T26] audit: type=1800 audit(1774737542.647:147): pid=4814 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.131" name="file1" dev="loop0" ino=5 res=0 errno=0
[  126.943444][ T4822] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  127.787965][ T4578] device veth0_vlan entered promiscuous mode
[  127.844543][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  127.882621][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  127.895823][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  127.919287][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  127.941645][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  127.965909][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  128.044927][ T4578] device veth1_vlan entered promiscuous mode
[  128.181137][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  128.201098][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  128.251540][ T4578] device veth0_macvtap entered promiscuous mode
[  128.286442][ T4578] device veth1_macvtap entered promiscuous mode
[  128.385934][ T4578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.409152][ T4578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.421817][ T4578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.440464][ T4578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.501320][ T4578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  128.547800][ T4578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.676167][ T4863] loop1: detected capacity change from 0 to 256
[  128.715324][ T4578] batman_adv: batadv0: Interface activated: batadv_slave_0
[  128.734903][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  128.792745][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  128.818711][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  128.852660][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  128.856588][ T4863] FAT-fs (loop1): Directory bread(block 64) failed
[  128.873393][ T4578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.892248][ T4863] FAT-fs (loop1): Directory bread(block 65) failed
[  128.899091][ T4863] FAT-fs (loop1): Directory bread(block 66) failed
[  128.907718][ T4578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  128.934583][ T4863] FAT-fs (loop1): Directory bread(block 67) failed
[  128.941252][ T4863] FAT-fs (loop1): Directory bread(block 68) failed
[  128.942892][ T4578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  128.998295][ T4863] FAT-fs (loop1): Directory bread(block 69) failed
[  128.999205][ T4578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.015024][ T4863] FAT-fs (loop1): Directory bread(block 70) failed
[  129.015075][ T4863] FAT-fs (loop1): Directory bread(block 71) failed
[  129.015146][ T4863] FAT-fs (loop1): Directory bread(block 72) failed
[  129.015177][ T4863] FAT-fs (loop1): Directory bread(block 73) failed
[  129.053104][ T4578] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  129.086101][ T4578] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  129.120964][ T4578] batman_adv: batadv0: Interface activated: batadv_slave_1
[  129.155439][ T4865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'.
[  129.181828][ T4865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'.
[  129.243905][ T4865] netlink: 4 bytes leftover after parsing attributes in process `syz.3.139'.
[  129.271915][ T4865] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  129.390863][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  129.417127][ T4868] binder: BINDER_SET_CONTEXT_MGR already set
[  129.469703][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  129.545626][ T4868] binder: 4866:4868 ioctl 4018620d 200000000040 returned -16
[  129.621139][ T4578] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  129.712197][ T4578] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  129.721811][ T4578] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  129.730907][ T4578] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  129.938137][ T4873] loop3: detected capacity change from 0 to 512
[  130.330100][  T155] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.415736][  T155] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.455677][  T155] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  130.473716][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  130.521704][  T155] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  130.624164][ T4342] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  131.768624][ T4904] loop0: detected capacity change from 0 to 1024
[  132.479416][ T4904] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  132.506523][ T4902] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  132.616498][ T4902] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  132.691403][ T4886] loop3: detected capacity change from 0 to 32768
[  132.832117][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  132.838692][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  133.568998][ T4923] loop5: detected capacity change from 0 to 40427
[  133.678005][ T4923] F2FS-fs (loop5): invalid crc value
[  133.699008][ T4923] F2FS-fs (loop5): Found nat_bits in checkpoint
[  133.741912][ T4923] F2FS-fs (loop5): Start checkpoint disabled!
[  133.757372][ T4923] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  135.064913][ T4342] attempt to access beyond end of device
[  135.064913][ T4342] loop5: rw=2049, want=40984, limit=40427
[  136.351679][    C1] sched: RT throttling activated
[  136.805393][ T4964] loop0: detected capacity change from 0 to 1024
[  137.055158][ T4967] loop1: detected capacity change from 0 to 32768
[  137.159132][ T4967] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.160 (4967)
[  137.401929][ T4229] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  139.040341][ T4964] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  139.129227][ T4967] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  139.138824][ T4967] BTRFS error (device loop1): unrecognized mount option 'nolazytime'
[  139.165418][ T4964] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  139.214724][ T4978] loop5: detected capacity change from 0 to 128
[  139.230814][ T4967] BTRFS error (device loop1): open_ctree failed: -22
[  139.274563][ T4964] EXT4-fs (loop0): re-mounted. Opts: (null). Quota mode: writeback.
[  139.358371][ T4978] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  139.410250][ T4300] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by udevd (4300)
[  139.686694][ T4229] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  139.720642][ T4229] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  140.092218][ T4229] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  140.983110][ T4229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  141.119550][ T4229] usb 3-1: Product: syz
[  141.161818][ T4229] usb 3-1: Manufacturer: syz
[  141.183688][ T4229] usb 3-1: SerialNumber: syz
[  141.228557][   T26] audit: type=1326 audit(1774737557.037:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  141.255508][ T4229] usb 3-1: config 0 descriptor??
[  141.288325][ T4229] usb 3-1: can't set config #0, error -71
[  141.398625][   T26] audit: type=1326 audit(1774737557.067:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  141.449495][ T4229] usb 3-1: USB disconnect, device number 2
[  142.823290][   T26] audit: type=1326 audit(1774737557.067:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  142.845974][   T26] audit: type=1326 audit(1774737557.067:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  142.869372][   T26] audit: type=1326 audit(1774737557.067:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  142.894128][   T26] audit: type=1326 audit(1774737557.067:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  142.932064][   T26] audit: type=1326 audit(1774737557.067:154): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  143.031777][   T26] audit: type=1326 audit(1774737557.067:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  143.098640][   T26] audit: type=1326 audit(1774737557.067:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  143.974547][ T5014] loop1: detected capacity change from 0 to 1024
[  144.031947][   T26] audit: type=1326 audit(1774737557.067:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=4999 comm="syz.0.166" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  144.727564][ T5014] hfsplus: found bad thread record in catalog
[  144.774635][ T5021] netlink: 40 bytes leftover after parsing attributes in process `syz.3.173'.
[  145.334225][ T5036] loop3: detected capacity change from 0 to 1024
[  146.514560][  T144] hfsplus: b-tree write err: -5, ino 25
[  146.547100][  T144] hfsplus: b-tree write err: -5, ino 4
[  146.603616][  T144] hfsplus: b-tree write err: -5, ino 2
[  146.643962][  T144] hfsplus: b-tree write err: -5, ino 22
[  146.762775][ T5036] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  146.895354][ T5036] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  147.301275][ T5054] loop5: detected capacity change from 0 to 40427
[  147.348955][ T5054] F2FS-fs (loop5): invalid crc value
[  147.412721][ T5054] F2FS-fs (loop5): Found nat_bits in checkpoint
[  147.482986][ T5054] F2FS-fs (loop5): Start checkpoint disabled!
[  147.538667][ T5054] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  147.672248][    T7] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  148.092293][    T7] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  148.985776][    T7] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  151.622136][    T7] usb 2-1: string descriptor 0 read error: -71
[  151.628596][    T7] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  151.740153][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  152.202857][    T7] usb 2-1: config 0 descriptor??
[  152.282569][    T7] usb 2-1: can't set config #0, error -71
[  152.310712][    T7] usb 2-1: USB disconnect, device number 2
[  152.425837][ T4344] attempt to access beyond end of device
[  152.425837][ T4344] loop5: rw=2049, want=40976, limit=40427
[  153.436772][   T26] kauditd_printk_skb: 20 callbacks suppressed
[  153.436789][   T26] audit: type=1326 audit(2000000008.650:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  153.541215][   T26] audit: type=1326 audit(2000000008.730:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  153.617842][   T26] audit: type=1326 audit(2000000008.730:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  154.714894][   T26] audit: type=1326 audit(2000000008.730:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  155.744291][   T26] audit: type=1326 audit(2000000008.730:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  155.770020][   T26] audit: type=1326 audit(2000000008.730:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  155.808902][   T26] audit: type=1326 audit(2000000008.730:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  156.084592][   T26] audit: type=1326 audit(2000000008.730:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  156.430465][ T5116] loop2: detected capacity change from 0 to 40427
[  156.598635][   T26] audit: type=1326 audit(2000000008.730:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  156.904019][ T5116] F2FS-fs (loop2): invalid crc value
[  156.912054][   T26] audit: type=1326 audit(2000000008.730:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5089 comm="syz.5.182" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f7352d24819 code=0x7ffc0000
[  156.947165][ T5116] F2FS-fs (loop2): Found nat_bits in checkpoint
[  156.961988][ T4715] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  156.987214][ T5116] F2FS-fs (loop2): Start checkpoint disabled!
[  156.999649][ T5116] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  158.742136][ T4715] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  158.830375][ T4715] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  159.145296][ T4715] usb 6-1: string descriptor 0 read error: -71
[  159.209618][ T4715] usb 6-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  159.252344][ T4715] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  159.294482][ T4715] usb 6-1: config 0 descriptor??
[  159.324103][ T4715] usb 6-1: can't set config #0, error -71
[  159.385356][ T4715] usb 6-1: USB disconnect, device number 2
[  159.447589][ T5147] netlink: 8 bytes leftover after parsing attributes in process `syz.3.194'.
[  159.503789][ T4272] attempt to access beyond end of device
[  159.503789][ T4272] loop2: rw=2049, want=40984, limit=40427
[  161.231838][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  161.231854][   T26] audit: type=1326 audit(2000000016.440:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  161.283830][   T26] audit: type=1326 audit(2000000016.480:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  161.355763][   T26] audit: type=1326 audit(2000000016.480:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  161.879363][   T26] audit: type=1326 audit(2000000016.480:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  162.038902][   T26] audit: type=1326 audit(2000000016.490:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  162.061939][   T26] audit: type=1326 audit(2000000016.490:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  162.084605][   T26] audit: type=1326 audit(2000000016.490:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  162.109897][   T26] audit: type=1326 audit(2000000016.490:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  162.132877][   T26] audit: type=1326 audit(2000000016.510:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  162.158231][   T26] audit: type=1326 audit(2000000016.520:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5161 comm="syz.3.200" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f5cdfd66819 code=0x7ffc0000
[  163.496640][ T5196] loop5: detected capacity change from 0 to 64
[  167.875504][ T5231] loop0: detected capacity change from 0 to 32768
[  168.024262][ T5238] loop5: detected capacity change from 0 to 32768
[  168.127710][ T5270] loop1: detected capacity change from 0 to 4096
[  168.539754][ T5266] loop2: detected capacity change from 0 to 131072
[  168.582139][ T5238] (syz.5.219,5238,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  168.673534][ T5231] XFS (loop0): Mounting V5 Filesystem
[  168.681331][ T5238] (syz.5.219,5238,0):ocfs2_fill_super:1177 ERROR: status = -22
[  168.712129][ T5231] XFS (loop0): log mount failed
[  168.719378][ T5279] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  169.001496][ T5266] F2FS-fs (loop2): Test dummy encryption mode enabled
[  169.012514][ T5266] F2FS-fs (loop2): invalid crc value
[  169.232047][ T5266] F2FS-fs (loop2): Found nat_bits in checkpoint
[  169.283528][ T5266] F2FS-fs (loop2): sanity_check_inode: corrupted inode ino=3, run fsck to fix.
[  169.293063][ T5266] F2FS-fs (loop2): Failed to read root inode
[  169.333413][ T5288] syz.1.224 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  171.338099][   T26] kauditd_printk_skb: 39 callbacks suppressed
[  171.338115][   T26] audit: type=1326 audit(2000000026.550:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  171.526779][   T26] audit: type=1326 audit(2000000026.590:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  171.663339][   T26] audit: type=1326 audit(2000000026.590:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  172.580761][   T26] audit: type=1326 audit(2000000026.590:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  172.678777][   T26] audit: type=1326 audit(2000000026.590:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  172.818056][   T26] audit: type=1326 audit(2000000026.600:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  173.089478][   T26] audit: type=1326 audit(2000000026.600:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  173.246213][ T5326] loop3: detected capacity change from 0 to 1024
[  173.329255][ T5335] netlink: 28 bytes leftover after parsing attributes in process `syz.1.235'.
[  173.361787][   T26] audit: type=1326 audit(2000000026.600:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  173.407445][ T5335] device bridge1 entered promiscuous mode
[  173.417363][ T5326] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=continue,jqfmt=vfsv0,auto_da_alloc=0x0000000000000005,max_batch_time=0x0000000000000003,max_batch_time=0x0000000000000009,,errors=continue. Quota mode: none.
[  173.463676][   T26] audit: type=1326 audit(2000000026.600:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  173.491846][   T26] audit: type=1326 audit(2000000026.600:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5302 comm="syz.2.231" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  173.527412][ T5335] team0: Port device bridge1 added
[  173.545045][ T5319] sctp: failed to load transform for md5: -2
[  173.610549][ T5342] bridge0: port 3(team0) entered blocking state
[  173.621031][ T5342] bridge0: port 3(team0) entered disabled state
[  173.684581][ T5342] device team0 entered promiscuous mode
[  173.690520][ T5342] device team_slave_0 entered promiscuous mode
[  173.700343][ T5342] device team_slave_1 entered promiscuous mode
[  173.908568][ T5342] bridge0: port 3(team0) entered blocking state
[  173.915384][ T5342] bridge0: port 3(team0) entered forwarding state
[  174.762708][ T5358] loop0: detected capacity change from 0 to 32768
[  174.823776][ T5358] (syz.0.238,5358,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  174.833747][ T5358] (syz.0.238,5358,1):ocfs2_fill_super:1177 ERROR: status = -22
[  175.090312][ T5365] loop5: detected capacity change from 0 to 40427
[  175.179848][ T5365] F2FS-fs (loop5): invalid crc value
[  175.246933][ T5365] F2FS-fs (loop5): Found nat_bits in checkpoint
[  175.298570][ T5365] F2FS-fs (loop5): Start checkpoint disabled!
[  175.442054][ T5365] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  176.558934][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  176.558952][   T26] audit: type=1326 audit(2000000031.770:266): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  177.256691][   T26] audit: type=1326 audit(2000000031.810:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  177.279987][   T26] audit: type=1326 audit(2000000031.890:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=193 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  177.303185][   T26] audit: type=1326 audit(2000000031.890:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  177.327453][   T26] audit: type=1326 audit(2000000031.890:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  177.351946][   T26] audit: type=1326 audit(2000000031.890:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=425 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  177.384008][   T26] audit: type=1326 audit(2000000031.890:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa5b795c582 code=0x7ffc0000
[  177.502669][   T26] audit: type=1326 audit(2000000031.890:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fa5b795c582 code=0x7ffc0000
[  177.643427][   T26] audit: type=1326 audit(2000000031.890:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  178.321737][ T5400] syz.0.249 uses obsolete (PF_INET,SOCK_PACKET)
[  178.379784][ T5403] loop3: detected capacity change from 0 to 512
[  178.414647][   T26] audit: type=1326 audit(2000000031.900:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5388 comm="syz.2.246" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  178.775398][    T9] attempt to access beyond end of device
[  178.775398][    T9] loop5: rw=2049, want=40984, limit=40427
[  179.160532][ T5403] EXT4-fs warning (device loop3): ext4_xattr_inode_get:492: inode #11: comm syz.3.250: ea_inode file size=6 entry size=0
[  179.317625][ T5419] loop0: detected capacity change from 0 to 64
[  179.324782][ T5403] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2807: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  179.412465][ T5403] EXT4-fs error (device loop3): ext4_xattr_inode_iget:401: inode #11: comm syz.3.250: iget: bad extra_isize 90 (inode size 256)
[  179.438127][ T5403] EXT4-fs error (device loop3): ext4_xattr_inode_iget:406: comm syz.3.250: error while reading EA inode 11 err=-117
[  179.473004][ T5403] EXT4-fs (loop3): 1 orphan inode deleted
[  179.478791][ T5403] EXT4-fs (loop3): mounted filesystem without journal. Opts: errors=continue,user_xattr,debug_want_extra_isize=0x000000000000005a,nouid32,resgid=0x0000000000000000,acl,init_itable=0x0000000000000007,,errors=continue. Quota mode: none.
[  179.595976][ T5403] EXT4-fs (loop3): shut down requested (1)
[  180.023086][ T5429] loop3: detected capacity change from 0 to 32768
[  180.031202][ T5436] xt_CT: You must specify a L4 protocol and not use inversions on it
[  180.072831][ T5429] (syz.3.255,5429,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  180.083163][ T5429] (syz.3.255,5429,1):ocfs2_fill_super:1177 ERROR: status = -22
[  180.253363][ T5435] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  180.982375][ T4230] Bluetooth: hci3: command 0x0406 tx timeout
[  180.982397][ T1108] Bluetooth: hci4: command 0x0406 tx timeout
[  181.024960][ T5445] netlink: 'syz.2.257': attribute type 8 has an invalid length.
[  181.051875][ T4230] Bluetooth: hci2: command 0x0406 tx timeout
[  181.059424][ T4230] Bluetooth: hci1: command 0x0406 tx timeout
[  181.066996][ T5445] Cannot find del_set index 4 as target
[  185.708320][ T4201] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci4/hci4:201'
[  185.719702][ T4201] CPU: 1 PID: 4201 Comm: kworker/u5:5 Not tainted syzkaller #0
[  185.727292][ T4201] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  185.737374][ T4201] Workqueue: hci4 hci_rx_work
[  185.742173][ T4201] Call Trace:
[  185.745468][ T4201]  <TASK>
[  185.748507][ T4201]  dump_stack_lvl+0x188/0x250
[  185.753212][ T4201]  ? show_regs_print_info+0x20/0x20
[  185.758444][ T4201]  ? load_image+0x400/0x400
[  185.762978][ T4201]  sysfs_create_dir_ns+0x26a/0x290
[  185.768122][ T4201]  ? sysfs_warn_dup+0xa0/0xa0
[  185.772814][ T4201]  ? process_one_work+0x85f/0x1010
[  185.778171][ T4201]  ? do_raw_spin_unlock+0x11d/0x230
[  185.783665][ T4201]  kobject_add_internal+0x6e0/0xd90
[  185.789033][ T4201]  kobject_add+0x160/0x230
[  185.793475][ T4201]  ? kobject_init+0x1d0/0x1d0
[  185.798182][ T4201]  ? klist_children_get+0x50/0x50
[  185.803315][ T4201]  ? get_device_parent+0x121/0x3f0
[  185.808446][ T4201]  device_add+0x483/0xfb0
[  185.812813][ T4201]  hci_conn_add_sysfs+0xd1/0x1e0
[  185.817780][ T4201]  le_conn_complete_evt+0xc48/0x15c0
[  185.823108][ T4201]  ? cs_le_create_conn+0x5e0/0x5e0
[  185.828267][ T4201]  ? __mutex_trylock_common+0x155/0x260
[  185.833846][ T4201]  hci_le_meta_evt+0x285/0x3c90
[  185.838734][ T4201]  ? hci_event_packet+0x37b/0x1370
[  185.843962][ T4201]  ? __lock_acquire+0x7d10/0x7d10
[  185.849122][ T4201]  ? hci_remote_host_features_evt+0x280/0x280
[  185.855233][ T4201]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  185.860908][ T4201]  ? mark_lock+0x94/0x320
[  185.865269][ T4201]  ? mutex_unlock+0x10/0x10
[  185.869801][ T4201]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  185.875817][ T4201]  ? lock_chain_count+0x20/0x20
[  185.880695][ T4201]  ? __rwlock_init+0x140/0x140
[  185.885490][ T4201]  hci_event_packet+0xe48/0x1370
[  185.890465][ T4201]  ? lockdep_hardirqs_on+0x94/0x140
[  185.895710][ T4201]  ? rcu_lock_release+0x20/0x20
[  185.900599][ T4201]  ? hci_send_to_monitor+0x9c/0x4a0
[  185.905833][ T4201]  hci_rx_work+0x255/0xa10
[  185.910290][ T4201]  process_one_work+0x85f/0x1010
[  185.915269][ T4201]  ? worker_detach_from_pool+0x240/0x240
[  185.920920][ T4201]  ? lockdep_hardirqs_off+0x70/0x100
[  185.926268][ T4201]  ? _raw_spin_lock_irq+0xb7/0xf0
[  185.931311][ T4201]  ? _raw_spin_lock_irqsave+0x100/0x100
[  185.937050][ T4201]  ? wq_worker_running+0x97/0x170
[  185.942098][ T4201]  worker_thread+0xaa6/0x1290
[  185.946912][ T4201]  kthread+0x436/0x520
[  185.951178][ T4201]  ? rcu_lock_release+0x20/0x20
[  185.956042][ T4201]  ? kthread_blkcg+0xd0/0xd0
[  185.960648][ T4201]  ret_from_fork+0x1f/0x30
[  185.965098][ T4201]  </TASK>
[  185.994415][ T4201] kobject_add_internal failed for hci4:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  186.009930][ T4201] Bluetooth: hci4: failed to register connection device
[  186.072792][ T5479] loop3: detected capacity change from 0 to 2048
[  186.148821][ T5479] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  186.479807][ T5480] loop1: detected capacity change from 0 to 32768
[  186.512551][ T5480] (syz.1.266,5480,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  186.522499][ T5480] (syz.1.266,5480,1):ocfs2_fill_super:1177 ERROR: status = -22
[  189.652085][ T5498] loop0: detected capacity change from 0 to 40427
[  190.267643][ T5498] F2FS-fs (loop0): invalid crc value
[  190.465785][ T5498] F2FS-fs (loop0): Found nat_bits in checkpoint
[  190.622725][ T5498] F2FS-fs (loop0): Start checkpoint disabled!
[  191.261839][ T5498] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  193.695942][ T5527] loop5: detected capacity change from 0 to 32768
[  193.769640][ T5527] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by syz.5.279 (5527)
[  193.989317][ T5527] BTRFS info (device loop5): using crc32c (crc32c-intel) checksum algorithm
[  193.998229][ T5527] BTRFS info (device loop5): turning on sync discard
[  194.005442][ T5527] BTRFS info (device loop5): enabling disk space caching
[  194.012957][ T5527] BTRFS info (device loop5): turning off barriers
[  194.019779][ T5527] BTRFS warning (device loop5): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  194.030578][ T5527] BTRFS info (device loop5): trying to use backup root at mount time
[  194.039086][ T5527] BTRFS info (device loop5): enabling auto defrag
[  194.045597][ T5527] BTRFS info (device loop5): max_inline at 0
[  194.051914][ T5527] BTRFS error (device loop5): cannot disable free space tree
[  194.134290][ T5527] BTRFS error (device loop5): open_ctree failed: -22
[  194.166057][  T145] attempt to access beyond end of device
[  194.166057][  T145] loop0: rw=2049, want=40976, limit=40427
[  194.572273][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  194.689145][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  195.602614][ T5553] netlink: 96 bytes leftover after parsing attributes in process `syz.5.279'.
[  196.341086][   T26] kauditd_printk_skb: 16 callbacks suppressed
[  196.341102][   T26] audit: type=1326 audit(2000000051.550:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  196.524579][ T5563] xt_CT: You must specify a L4 protocol and not use inversions on it
[  197.575769][ T4301] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop5 scanned by udevd (4301)
[  197.796463][   T26] audit: type=1326 audit(2000000051.600:293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  197.963758][   T26] audit: type=1326 audit(2000000051.600:294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.116927][   T26] audit: type=1326 audit(2000000051.600:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.181523][ T5575] loop1: detected capacity change from 0 to 40427
[  198.229152][ T5575] F2FS-fs (loop1): invalid crc value
[  198.266821][   T26] audit: type=1326 audit(2000000051.600:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.312651][ T5575] F2FS-fs (loop1): Found nat_bits in checkpoint
[  198.359373][ T5575] F2FS-fs (loop1): Start checkpoint disabled!
[  198.369312][   T26] audit: type=1326 audit(2000000051.600:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.413519][ T5575] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  198.434771][   T26] audit: type=1326 audit(2000000051.600:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.471110][   T26] audit: type=1326 audit(2000000051.620:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.813972][   T26] audit: type=1326 audit(2000000051.620:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.836685][   T26] audit: type=1326 audit(2000000051.620:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5545 comm="syz.1.283" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  198.934842][ T5593] gfs2: gfs2 mount does not exist
[  199.098711][ T1243] attempt to access beyond end of device
[  199.098711][ T1243] loop1: rw=2049, want=40984, limit=40427
[  199.140679][ T5601] loop5: detected capacity change from 0 to 512
[  199.282263][ T5601] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  199.345769][ T5601] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  199.472550][ T5601] EXT4-fs (loop5): 1 orphan inode deleted
[  199.478342][ T5601] EXT4-fs (loop5): 1 truncate cleaned up
[  199.739148][ T5601] EXT4-fs (loop5): mounted filesystem without journal. Opts: bsdgroups,nodelalloc,nombcache,stripe=0x0000000000000005,jqfmt=vfsv0,quota,,errors=continue. Quota mode: writeback.
[  202.055992][ T5645] loop1: detected capacity change from 0 to 1024
[  203.014153][ T5663] autofs4:pid:5663:autofs_fill_super: called with bogus options
[  203.391835][ T4686] hfsplus: bad catalog folder entry
[  203.410582][ T4686] hfsplus: bad catalog file entry
[  206.916263][   T26] kauditd_printk_skb: 38 callbacks suppressed
[  206.916280][   T26] audit: type=1326 audit(2000000062.130:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  207.627855][   T26] audit: type=1326 audit(2000000062.180:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  208.272347][   T26] audit: type=1326 audit(2000000062.180:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  208.461749][   T26] audit: type=1326 audit(2000000062.180:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  208.488885][   T26] audit: type=1326 audit(2000000062.180:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  208.515022][   T26] audit: type=1326 audit(2000000062.180:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  208.753697][   T26] audit: type=1326 audit(2000000062.180:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  209.351440][   T26] audit: type=1326 audit(2000000062.180:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  209.374878][   T26] audit: type=1326 audit(2000000062.180:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  209.399254][   T26] audit: type=1326 audit(2000000062.180:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5682 comm="syz.1.314" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  210.838634][ T5735] loop1: detected capacity change from 0 to 128
[  210.891837][ T5737] autofs4:pid:5737:autofs_fill_super: called with bogus options
[  211.023505][ T5735] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[  211.234063][ T5735] hpfs: filesystem error: improperly stopped
[  211.355563][ T5735] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[  211.523928][ T5735] hpfs: You really don't want any checks? You are crazy...
[  211.660367][ T5735] hpfs: Code page index out of array
[  212.882144][ T5746] kernel profiling enabled (shift: 6)
[  212.891008][ T5735] hpfs: code page support is disabled
[  212.949380][ T5747] loop0: detected capacity change from 0 to 256
[  214.523504][ T5735] hpfs: hpfs_map_4sectors(): unaligned read
[  214.711825][ T5735] hpfs: hpfs_map_4sectors(): unaligned read
[  214.844857][ T5735] hpfs: filesystem error: unable to find root dir
[  217.131682][ T5767] PKCS8: Unsupported PKCS#8 version
[  219.247217][ T5779] ODEBUG: Out of memory. ODEBUG disabled
[  219.931676][ T4269] Bluetooth: hci0: command 0x0405 tx timeout
[  221.636825][   T26] kauditd_printk_skb: 17 callbacks suppressed
[  221.636843][   T26] audit: type=1326 audit(2000000076.850:367): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  221.805544][ T5791] autofs4:pid:5791:autofs_fill_super: called with bogus options
[  221.843439][   T26] audit: type=1326 audit(2000000076.900:368): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  222.169840][   T26] audit: type=1326 audit(2000000076.900:369): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  222.461331][ T1111] Bluetooth: hci0: command 0x0406 tx timeout
[  222.480320][   T26] audit: type=1326 audit(2000000076.900:370): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  222.503498][   T26] audit: type=1326 audit(2000000076.900:371): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  222.527940][   T26] audit: type=1326 audit(2000000076.900:372): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  222.551951][   T26] audit: type=1326 audit(2000000076.900:373): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  222.888054][   T26] audit: type=1326 audit(2000000076.900:374): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  224.073994][   T26] audit: type=1326 audit(2000000076.900:375): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  225.671245][   T26] audit: type=1326 audit(2000000076.900:376): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5787 comm="syz.1.339" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f856ecd9819 code=0x7ffc0000
[  229.251538][ T5830] loop2: detected capacity change from 0 to 128
[  229.655433][ T5829] FAT-fs (loop2): FAT read failed (blocknr 128)
[  230.171295][ T5844] binder: 5842:5844 ioctl c0306201 2000000004c0 returned -14
[  231.099537][ T5849] device syzkaller1 entered promiscuous mode
[  231.212882][ T5852] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  232.273512][ T5860] loop0: detected capacity change from 0 to 65536
[  232.469687][ T5870] autofs4:pid:5870:autofs_fill_super: called with bogus options
[  232.499085][ T5860] XFS (loop0): Mounting V5 Filesystem
[  232.548891][ T5879] loop5: detected capacity change from 0 to 1024
[  232.583039][ T5860] XFS (loop0): Ending clean mount
[  232.597307][ T5860] XFS (loop0): Quotacheck needed: Please wait.
[  234.051118][ T5890] loop1: detected capacity change from 0 to 64
[  234.097059][ T5888] loop3: detected capacity change from 0 to 1024
[  235.445511][ T5860] XFS (loop0): Quotacheck: Done.
[  235.472000][ T4188] XFS (loop0): Unmounting Filesystem
[  237.192099][ T5895] loop5: detected capacity change from 0 to 32768
[  237.400257][ T5895] 
[  237.400257][ T5895]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  237.400257][ T5895] 
[  237.542227][  T155] ERROR: (device loop5): diWrite: ixpxd invalid
[  237.542227][  T155] 
[  237.821089][  T155] ERROR: (device loop5): txCommit: 
[  237.821089][  T155] 
[  238.132658][  T155] jfs_write_inode: jfs_commit_inode failed!
[  238.138695][ T4578] 
[  238.138695][ T4578]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  238.138695][ T4578] 
[  238.201810][ T4578] 
[  238.201810][ T4578]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  238.201810][ T4578] 
[  239.327941][ T5924] loop5: detected capacity change from 0 to 40427
[  239.518677][ T5924] F2FS-fs (loop5): invalid crc value
[  239.550767][ T5927] loop0: detected capacity change from 0 to 1024
[  239.593317][ T5924] F2FS-fs (loop5): Found nat_bits in checkpoint
[  239.598031][ T5929] loop1: detected capacity change from 0 to 1024
[  239.633707][ T5924] F2FS-fs (loop5): Start checkpoint disabled!
[  239.667525][ T5924] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  241.246023][ T5939] loop1: detected capacity change from 0 to 1024
[  241.322409][  T145] attempt to access beyond end of device
[  241.322409][  T145] loop5: rw=2049, want=40984, limit=40427
[  241.360430][   T26] kauditd_printk_skb: 23 callbacks suppressed
[  241.360447][   T26] audit: type=1326 audit(2000000096.570:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  242.086615][   T26] audit: type=1326 audit(2000000096.590:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  242.330549][ T5947] loop2: detected capacity change from 0 to 256
[  242.367479][ T5954] autofs4:pid:5954:autofs_fill_super: called with bogus options
[  243.360172][   T26] audit: type=1326 audit(2000000096.590:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  243.645291][   T26] audit: type=1326 audit(2000000096.590:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  244.140678][   T26] audit: type=1326 audit(2000000096.590:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  244.632756][   T26] audit: type=1326 audit(2000000096.590:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  245.091442][   T26] audit: type=1326 audit(2000000096.590:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  245.400646][   T26] audit: type=1326 audit(2000000096.600:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  245.424214][   T26] audit: type=1326 audit(2000000096.600:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  245.446851][   T26] audit: type=1326 audit(2000000096.600:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5940 comm="syz.0.379" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  246.606692][ T5983] loop3: detected capacity change from 0 to 40427
[  246.713408][ T5983] F2FS-fs (loop3): invalid crc value
[  246.755045][ T5983] F2FS-fs (loop3): Found nat_bits in checkpoint
[  246.797370][ T5983] F2FS-fs (loop3): Start checkpoint disabled!
[  247.272945][ T5987] loop5: detected capacity change from 0 to 1024
[  247.977550][ T5996] loop2: detected capacity change from 0 to 1024
[  248.006537][ T5983] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  249.738168][ T6000] loop0: detected capacity change from 0 to 1024
[  249.901031][ T6000] attempt to access beyond end of device
[  249.901031][ T6000] loop0: rw=0, want=5780, limit=1024
[  250.154427][ T6000] Buffer I/O error on dev loop0, logical block 2889, async page read
[  250.163991][ T6000] attempt to access beyond end of device
[  250.163991][ T6000] loop0: rw=0, want=393218, limit=1024
[  250.396377][ T6000] Buffer I/O error on dev loop0, logical block 196608, async page read
[  250.482357][ T6000] attempt to access beyond end of device
[  250.482357][ T6000] loop0: rw=0, want=393220, limit=1024
[  250.575125][ T6000] Buffer I/O error on dev loop0, logical block 196609, async page read
[  250.684606][ T6000] attempt to access beyond end of device
[  250.684606][ T6000] loop0: rw=0, want=393222, limit=1024
[  250.747030][ T6021] loop1: detected capacity change from 0 to 128
[  250.755269][ T6000] Buffer I/O error on dev loop0, logical block 196610, async page read
[  250.764741][ T6000] attempt to access beyond end of device
[  250.764741][ T6000] loop0: rw=0, want=393224, limit=1024
[  250.778218][ T6000] Buffer I/O error on dev loop0, logical block 196611, async page read
[  250.792275][ T6000] attempt to access beyond end of device
[  250.792275][ T6000] loop0: rw=0, want=393226, limit=1024
[  250.804686][  T145] attempt to access beyond end of device
[  250.804686][  T145] loop3: rw=2049, want=40984, limit=40427
[  250.811966][ T6000] Buffer I/O error on dev loop0, logical block 196612, async page read
[  250.879433][ T6000] attempt to access beyond end of device
[  250.879433][ T6000] loop0: rw=0, want=393228, limit=1024
[  250.895809][ T6021] attempt to access beyond end of device
[  250.895809][ T6021] loop1: rw=2049, want=250, limit=128
[  250.906738][ T6000] Buffer I/O error on dev loop0, logical block 196613, async page read
[  250.946618][ T6000] attempt to access beyond end of device
[  250.946618][ T6000] loop0: rw=0, want=393230, limit=1024
[  251.003008][ T6000] Buffer I/O error on dev loop0, logical block 196614, async page read
[  251.019155][ T6000] Buffer I/O error on dev loop0, logical block 196615, async page read
[  251.048693][ T6000] Buffer I/O error on dev loop0, logical block 196616, async page read
[  251.725504][ T6034] autofs4:pid:6034:autofs_fill_super: called with bogus options
[  252.143663][ T6041] loop2: detected capacity change from 0 to 256
[  252.653519][ T6041] exFAT-fs (loop2): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x1d73664b, utbl_chksum : 0xe619d30d)
[  255.859497][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  255.865978][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  256.283261][ T6066] loop0: detected capacity change from 0 to 256
[  257.580186][ T6070] loop3: detected capacity change from 0 to 40427
[  257.602016][   T26] kauditd_printk_skb: 44 callbacks suppressed
[  257.602032][   T26] audit: type=1800 audit(2000000112.820:454): pid=6067 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.402" name="file1" dev="loop0" ino=1048603 res=0 errno=0
[  258.071342][ T6074] loop1: detected capacity change from 0 to 40427
[  258.098829][ T6070] F2FS-fs (loop3): invalid crc value
[  258.365722][ T6070] F2FS-fs (loop3): Found nat_bits in checkpoint
[  258.408871][ T6070] F2FS-fs (loop3): Start checkpoint disabled!
[  258.426054][ T6074] F2FS-fs (loop1): invalid crc value
[  258.447997][ T6074] F2FS-fs (loop1): Found nat_bits in checkpoint
[  258.495047][ T6074] F2FS-fs (loop1): Start checkpoint disabled!
[  258.515160][ T6074] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  258.663338][ T6070] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  262.755917][ T6094] autofs4:pid:6094:autofs_fill_super: called with bogus options
[  262.769666][ T4686] handle_bad_sector: 126 callbacks suppressed
[  262.769685][ T4686] attempt to access beyond end of device
[  262.769685][ T4686] loop3: rw=2049, want=40984, limit=40427
[  263.609366][ T1270] attempt to access beyond end of device
[  263.609366][ T1270] loop1: rw=2049, want=40976, limit=40427
[  268.017979][ T6131] loop1: detected capacity change from 0 to 1024
[  272.247233][ T6156] autofs4:pid:6156:autofs_fill_super: called with bogus options
[  274.677518][ T6165] loop0: detected capacity change from 0 to 32768
[  274.712685][ T6165] (syz.0.429,6165,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  274.722482][ T6165] (syz.0.429,6165,0):ocfs2_fill_super:1177 ERROR: status = -22
[  278.112782][ T6178] loop0: detected capacity change from 0 to 40427
[  278.320145][ T6182] loop1: detected capacity change from 0 to 1024
[  278.337393][ T6178] F2FS-fs (loop0): invalid crc value
[  278.349073][ T6178] F2FS-fs (loop0): Found nat_bits in checkpoint
[  278.403473][ T6178] F2FS-fs (loop0): Start checkpoint disabled!
[  278.955796][ T6178] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  281.058795][ T6182] EXT4-fs: failed to create workqueue
[  281.126652][ T6182] EXT4-fs (loop1): mount failed
[  281.637443][ T4272] attempt to access beyond end of device
[  281.637443][ T4272] loop0: rw=2049, want=40984, limit=40427
[  282.847664][ T4231] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  282.895472][ T6207] loop0: detected capacity change from 0 to 32768
[  282.982786][ T6207] (syz.0.441,6207,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  282.993478][ T6207] (syz.0.441,6207,1):ocfs2_fill_super:1177 ERROR: status = -22
[  283.087269][ T4686] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.446759][ T4231] usb 2-1: Using ep0 maxpacket: 16
[  283.481394][ T4686] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  283.769747][ T6219] autofs4:pid:6219:autofs_fill_super: called with bogus options
[  283.842247][ T4231] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  283.888214][ T4231] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  285.794773][ T6230] loop1: detected capacity change from 0 to 40427
[  285.844682][ T6230] F2FS-fs (loop1): invalid crc value
[  285.889881][ T6230] F2FS-fs (loop1): Found nat_bits in checkpoint
[  285.917485][ T6230] F2FS-fs (loop1): Start checkpoint disabled!
[  285.953092][ T6230] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  286.871340][ T4231] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3
[  286.885284][ T4231] usb 2-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00
[  286.894422][ T4231] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  286.904524][ T4231] usb 2-1: config 0 descriptor??
[  286.912466][ T4233] Bluetooth: hci0: command 0x0409 tx timeout
[  286.941755][ T4231] usb 2-1: can't set config #0, error -71
[  286.950483][ T4231] usb 2-1: USB disconnect, device number 3
[  286.987368][ T4686] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.352576][ T4686] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  287.725792][ T4381] attempt to access beyond end of device
[  287.725792][ T4381] loop1: rw=2049, want=40976, limit=40427
[  287.857066][ T6245] loop3: detected capacity change from 0 to 1024
[  288.057043][ T6214] chnl_net:caif_netlink_parms(): no params data found
[  288.241096][ T6249] loop2: detected capacity change from 0 to 40427
[  288.291521][ T6249] F2FS-fs (loop2): invalid crc value
[  288.331336][ T6249] F2FS-fs (loop2): Found nat_bits in checkpoint
[  288.334099][ T6245] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  288.370145][ T6249] F2FS-fs (loop2): Start checkpoint disabled!
[  288.396268][ T6249] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  288.437801][ T6245] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  288.439604][ T6214] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.446163][ T6214] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.473670][ T6214] device bridge_slave_0 entered promiscuous mode
[  289.764610][ T6214] bridge0: port 2(bridge_slave_1) entered blocking state
[  289.776005][ T4231] Bluetooth: hci0: command 0x041b tx timeout
[  289.820033][ T6214] bridge0: port 2(bridge_slave_1) entered disabled state
[  289.828763][ T6214] device bridge_slave_1 entered promiscuous mode
[  290.007418][ T6214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  290.099625][ T6214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  290.371279][ T4268] attempt to access beyond end of device
[  290.371279][ T4268] loop2: rw=2049, want=45112, limit=40427
[  290.657140][ T6214] team0: Port device team_slave_0 added
[  290.727878][ T6214] team0: Port device team_slave_1 added
[  290.916713][ T6214] batman_adv: batadv0: Adding interface: batadv_slave_0
[  290.951941][ T6214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  291.424144][ T6214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.152017][    T7] Bluetooth: hci0: command 0x040f tx timeout
[  292.223640][ T6214] batman_adv: batadv0: Adding interface: batadv_slave_1
[  292.230596][ T6214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.496012][ T6214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  292.805237][ T6286] loop3: detected capacity change from 0 to 32768
[  292.856999][ T6214] device hsr_slave_0 entered promiscuous mode
[  292.879356][ T6214] device hsr_slave_1 entered promiscuous mode
[  292.891504][ T6286] (syz.3.454,6286,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  292.901479][ T6286] (syz.3.454,6286,1):ocfs2_fill_super:1177 ERROR: status = -22
[  293.064204][ T6214] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  293.114213][ T6214] Cannot create hsr debugfs directory
[  294.181694][ T6004] Bluetooth: hci0: command 0x0419 tx timeout
[  295.330638][ T6299] sctp: failed to load transform for md5: -2
[  295.418890][ T6311] loop1: detected capacity change from 0 to 40427
[  295.484747][ T6311] F2FS-fs (loop1): invalid crc value
[  295.513604][ T6311] F2FS-fs (loop1): Found nat_bits in checkpoint
[  295.554475][ T6311] F2FS-fs (loop1): Start checkpoint disabled!
[  295.575620][ T6311] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  298.821082][ T6335] loop3: detected capacity change from 0 to 64
[  299.187821][ T1243] attempt to access beyond end of device
[  299.187821][ T1243] loop1: rw=2049, want=40976, limit=40427
[  299.490563][ T6340] loop0: detected capacity change from 0 to 40427
[  299.523722][ T6214] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  299.548506][ T6340] F2FS-fs (loop0): invalid crc value
[  299.560028][ T6340] F2FS-fs (loop0): Found nat_bits in checkpoint
[  299.639408][ T6340] F2FS-fs (loop0): Start checkpoint disabled!
[  299.731724][ T6214] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  299.766444][ T6340] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  299.804703][ T6214] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  299.851015][ T4686] device hsr_slave_0 left promiscuous mode
[  299.871184][ T6359] xt_CT: You must specify a L4 protocol and not use inversions on it
[  299.885978][ T4686] device hsr_slave_1 left promiscuous mode
[  299.918150][ T4686] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  299.948310][ T4686] batman_adv: batadv0: Removing interface: batadv_slave_0
[  302.346611][ T4686] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  302.412593][ T4686] batman_adv: batadv0: Removing interface: batadv_slave_1
[  302.465252][ T4686] device bridge_slave_1 left promiscuous mode
[  302.471520][ T4686] bridge0: port 2(bridge_slave_1) entered disabled state
[  302.650812][ T4686] device bridge_slave_0 left promiscuous mode
[  302.689119][ T4686] bridge0: port 1(bridge_slave_0) entered disabled state
[  302.827942][ T6375] loop3: detected capacity change from 0 to 1024
[  302.844935][ T4686] device veth1_macvtap left promiscuous mode
[  302.853292][ T4686] device veth0_macvtap left promiscuous mode
[  302.997470][ T4686] device veth1_vlan left promiscuous mode
[  303.009006][ T4686] device veth0_vlan left promiscuous mode
[  303.352595][ T6379] loop1: detected capacity change from 0 to 40427
[  303.981138][ T6379] F2FS-fs (loop1): invalid crc value
[  304.007322][ T6379] F2FS-fs (loop1): Found nat_bits in checkpoint
[  304.039688][ T6379] F2FS-fs (loop1): Start checkpoint disabled!
[  304.062343][ T4270] attempt to access beyond end of device
[  304.062343][ T4270] loop0: rw=2049, want=40976, limit=40427
[  304.082036][ T6379] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  304.627425][ T6387] loop2: detected capacity change from 0 to 40427
[  304.764027][ T6387] F2FS-fs (loop2): invalid crc value
[  304.989325][ T6387] F2FS-fs (loop2): Found nat_bits in checkpoint
[  305.101345][ T6387] F2FS-fs (loop2): Start checkpoint disabled!
[  305.172859][ T6387] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  306.825030][ T4686] team0 (unregistering): Port device team_slave_1 removed
[  306.876351][ T4686] team0 (unregistering): Port device team_slave_0 removed
[  306.932320][ T4686] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  306.990680][ T4686] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  307.155839][ T4686] bond0 (unregistering): Released all slaves
[  307.231477][ T6214] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  307.445247][ T6214] 8021q: adding VLAN 0 to HW filter on device bond0
[  307.504536][ T4344] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  307.524148][ T4344] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  307.577316][ T6214] 8021q: adding VLAN 0 to HW filter on device team0
[  307.617231][ T4344] attempt to access beyond end of device
[  307.617231][ T4344] loop1: rw=2049, want=40976, limit=40427
[  307.630016][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  307.638804][ T4381] attempt to access beyond end of device
[  307.638804][ T4381] loop2: rw=2049, want=40976, limit=40427
[  307.659630][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  307.671895][  T144] bridge0: port 1(bridge_slave_0) entered blocking state
[  307.679126][  T144] bridge0: port 1(bridge_slave_0) entered forwarding state
[  307.696379][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  307.715484][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  307.736465][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  307.767751][ T4381] bridge0: port 2(bridge_slave_1) entered blocking state
[  307.774994][ T4381] bridge0: port 2(bridge_slave_1) entered forwarding state
[  307.812590][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  307.825807][ T6399] loop3: detected capacity change from 0 to 40427
[  307.850590][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  307.929046][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  307.930648][ T6399] F2FS-fs (loop3): invalid crc value
[  307.965411][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  308.019806][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  308.027521][ T6399] F2FS-fs (loop3): Found nat_bits in checkpoint
[  308.047472][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  308.068825][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  308.136982][ T6214] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  308.191915][ T6214] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  308.235907][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  308.244772][ T6399] F2FS-fs (loop3): Start checkpoint disabled!
[  308.253525][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  308.281078][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  308.301776][ T6399] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  308.322381][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  308.352652][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  308.459470][ T6420] loop1: detected capacity change from 0 to 1024
[  308.501976][ T6421] xt_CT: You must specify a L4 protocol and not use inversions on it
[  308.731024][ T4381] attempt to access beyond end of device
[  308.731024][ T4381] loop3: rw=2049, want=40976, limit=40427
[  309.014886][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  309.342805][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  309.375486][ T6214] 8021q: adding VLAN 0 to HW filter on device batadv0
[  310.317686][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  310.340564][ T4381] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  310.447736][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  311.136445][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  311.168579][ T6214] device veth0_vlan entered promiscuous mode
[  311.207423][ T6214] device veth1_vlan entered promiscuous mode
[  311.462857][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  311.938447][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  312.122804][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  312.157498][ T6431] loop2: detected capacity change from 0 to 40427
[  312.257360][ T6462] netlink: 4 bytes leftover after parsing attributes in process `syz.0.484'.
[  312.452043][ T4233] usb 1-1: new full-speed USB device number 2 using dummy_hcd
[  313.100800][ T6431] F2FS-fs (loop2): invalid crc value
[  313.136659][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  313.149874][ T6431] F2FS-fs (loop2): Failed to initialize F2FS segment manager (-4)
[  313.184762][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  313.285246][ T6475] loop3: detected capacity change from 0 to 1024
[  313.332056][ T4233] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  313.379689][ T4233] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  313.508060][ T6473] loop1: detected capacity change from 0 to 40427
[  313.554542][ T6214] device veth0_macvtap entered promiscuous mode
[  313.593029][ T6214] device veth1_macvtap entered promiscuous mode
[  313.630717][ T6473] F2FS-fs (loop1): invalid crc value
[  313.650122][ T6479] loop2: detected capacity change from 0 to 1024
[  313.745120][ T6214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.764939][ T6214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.801294][ T6214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.812673][ T6214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.824337][ T6214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  313.835524][ T6214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.853496][ T6214] batman_adv: batadv0: Interface activated: batadv_slave_0
[  313.878774][ T6214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.890037][ T6214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.900869][ T6214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.913105][ T6214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  313.954103][ T6214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  313.976438][ T6473] F2FS-fs (loop1): Found nat_bits in checkpoint
[  314.035916][ T6473] F2FS-fs (loop1): Start checkpoint disabled!
[  314.067966][ T6473] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  314.127229][ T4272] hfsplus: bad catalog folder entry
[  314.157568][ T4272] hfsplus: bad catalog file entry
[  314.172361][ T6214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  314.229894][ T4233] usb 1-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3
[  314.239208][ T4233] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  314.247329][ T4233] usb 1-1: Product: syz
[  314.256760][ T4233] usb 1-1: Manufacturer: syz
[  314.286555][ T4233] usb 1-1: SerialNumber: syz
[  314.327346][ T4233] usb 1-1: config 0 descriptor??
[  314.394684][ T6214] batman_adv: batadv0: Interface activated: batadv_slave_1
[  314.420929][ T6214] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  314.439409][ T6214] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  314.707570][ T6214] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  314.922887][ T6214] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  315.245385][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  315.285841][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  315.298114][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  315.342657][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  315.442244][ T4270] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  315.484724][ T6497] xt_CT: You must specify a L4 protocol and not use inversions on it
[  315.497247][ T4715] usb 1-1: USB disconnect, device number 2
[  316.163132][ T4272] attempt to access beyond end of device
[  316.163132][ T4272] loop1: rw=2049, want=40976, limit=40427
[  316.221109][ T4270] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.262038][ T4270] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  316.466249][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  316.849625][ T4272] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  316.934792][ T4272] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  317.049946][ T4272] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  317.162485][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  317.168962][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  318.472779][ T6533] loop2: detected capacity change from 0 to 1024
[  319.705592][ T6533] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  319.791772][ T6533] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[  319.925631][ T6533] EXT4-fs (loop2): re-mounted. Opts: (null). Quota mode: writeback.
[  320.180026][ T6548] loop1: detected capacity change from 0 to 40427
[  320.378259][ T6548] F2FS-fs (loop1): invalid crc value
[  320.540282][ T6548] F2FS-fs (loop1): Found nat_bits in checkpoint
[  320.598352][ T6548] F2FS-fs (loop1): Start checkpoint disabled!
[  321.021852][ T6548] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  321.181450][ T6558] netlink: 4 bytes leftover after parsing attributes in process `syz.2.500'.
[  322.176071][   T13] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  324.351752][   T13] usb 3-1: unable to read config index 0 descriptor/start: -71
[  324.360299][   T13] usb 3-1: can't read configurations, error -71
[  326.052096][ T6613] loop3: detected capacity change from 0 to 1024
[  326.529797][ T6620] loop0: detected capacity change from 0 to 40427
[  326.732937][ T6618] loop6: detected capacity change from 0 to 1024
[  326.985075][ T6620] F2FS-fs (loop0): invalid crc value
[  327.035420][ T6620] F2FS-fs (loop0): Found nat_bits in checkpoint
[  327.081410][ T6620] F2FS-fs (loop0): Start checkpoint disabled!
[  327.091943][ T6620] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  329.015912][ T4344] attempt to access beyond end of device
[  329.015912][ T4344] loop0: rw=2049, want=40976, limit=40427
[  334.615264][ T6683] xt_CT: You must specify a L4 protocol and not use inversions on it
[  335.526051][ T6689] loop6: detected capacity change from 0 to 40427
[  335.766474][ T6689] F2FS-fs (loop6): invalid crc value
[  335.784993][ T6689] F2FS-fs (loop6): Found nat_bits in checkpoint
[  335.830736][ T6689] F2FS-fs (loop6): Start checkpoint disabled!
[  335.856083][ T6689] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  335.878388][ T6697] loop0: detected capacity change from 0 to 1024
[  336.821983][    T7] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  336.940325][ T4381] attempt to access beyond end of device
[  336.940325][ T4381] loop6: rw=2049, want=40976, limit=40427
[  337.222248][    T7] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  337.236338][    T7] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  337.430268][   T26] audit: type=1326 audit(2000000192.640:455): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  337.461744][    T7] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  337.481559][    T7] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  337.581047][   T26] audit: type=1326 audit(2000000192.660:456): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  337.882956][   T26] audit: type=1326 audit(2000000192.690:457): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  338.223015][   T26] audit: type=1326 audit(2000000192.690:458): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  338.303961][    T7] usb 3-1: Product: syz
[  338.308775][    T7] usb 3-1: Manufacturer: syz
[  338.313612][    T7] usb 3-1: SerialNumber: syz
[  338.334199][    T7] usb 3-1: config 0 descriptor??
[  338.382303][   T26] audit: type=1326 audit(2000000192.690:459): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  338.404676][    C0] vkms_vblank_simulate: vblank timer overrun
[  338.441666][   T26] audit: type=1326 audit(2000000192.690:460): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  338.534996][ T6733] netlink: 40 bytes leftover after parsing attributes in process `syz.3.532'.
[  338.679405][    T7] usb 3-1: USB disconnect, device number 5
[  338.693061][   T26] audit: type=1326 audit(2000000192.700:461): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  339.627452][   T26] audit: type=1326 audit(2000000192.700:462): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  339.857002][   T26] audit: type=1326 audit(2000000192.700:463): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  339.896092][   T26] audit: type=1326 audit(2000000192.700:464): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6720 comm="syz.6.529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  341.826946][ T6768] loop3: detected capacity change from 0 to 40427
[  341.849795][ T6770] loop2: detected capacity change from 0 to 40427
[  341.911312][ T6770] F2FS-fs (loop2): invalid crc value
[  341.926480][ T6768] F2FS-fs (loop3): invalid crc value
[  341.939978][ T6777] xt_CT: You must specify a L4 protocol and not use inversions on it
[  341.947489][ T6770] F2FS-fs (loop2): Found nat_bits in checkpoint
[  341.993575][ T6770] F2FS-fs (loop2): Start checkpoint disabled!
[  342.001187][ T6768] F2FS-fs (loop3): Found nat_bits in checkpoint
[  342.050053][ T6768] F2FS-fs (loop3): Start checkpoint disabled!
[  342.070181][ T6770] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  342.074723][ T6768] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  344.273657][  T155] attempt to access beyond end of device
[  344.273657][  T155] loop3: rw=2049, want=40976, limit=40427
[  344.286172][  T144] attempt to access beyond end of device
[  344.286172][  T144] loop2: rw=2049, want=40976, limit=40427
[  346.315386][ T6813] autofs4:pid:6813:autofs_fill_super: called with bogus options
[  347.398001][ T6822] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  347.406796][ T6822] batman_adv: batadv0: Removing interface: batadv_slave_0
[  350.342301][ T6835] loop3: detected capacity change from 0 to 40427
[  350.684017][ T6835] F2FS-fs (loop3): invalid crc value
[  350.692117][ T6822] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  350.847931][   T26] kauditd_printk_skb: 18 callbacks suppressed
[  350.847950][   T26] audit: type=1326 audit(2000000012.300:483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  350.945973][ T6839] loop6: detected capacity change from 0 to 40427
[  350.955298][ T6822] batman_adv: batadv0: Removing interface: batadv_slave_1
[  351.263041][ T6839] F2FS-fs (loop6): invalid crc value
[  351.263502][ T6835] F2FS-fs (loop3): Found nat_bits in checkpoint
[  351.301720][ T6839] F2FS-fs (loop6): Found nat_bits in checkpoint
[  351.301870][   T26] audit: type=1326 audit(2000000012.430:484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  351.339796][ T6835] F2FS-fs (loop3): Start checkpoint disabled!
[  351.354586][ T6839] F2FS-fs (loop6): Start checkpoint disabled!
[  351.374547][ T6835] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  351.410307][ T6839] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  351.587459][   T26] audit: type=1326 audit(2000000012.430:485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  351.828445][   T26] audit: type=1326 audit(2000000012.430:486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  353.149426][   T26] audit: type=1326 audit(2000000012.430:487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  353.369551][   T26] audit: type=1326 audit(2000000012.430:488): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  353.824622][   T26] audit: type=1326 audit(2000000012.440:489): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  353.847892][   T26] audit: type=1326 audit(2000000012.440:490): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  353.872310][   T26] audit: type=1326 audit(2000000012.440:491): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  353.899906][   T26] audit: type=1326 audit(2000000012.440:492): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6832 comm="syz.2.545" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  354.331780][ T1111] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  355.710348][ T1111] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  355.768015][ T4268] attempt to access beyond end of device
[  355.768015][ T4268] loop3: rw=2049, want=40976, limit=40427
[  355.844707][ T1111] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  355.958713][ T4381] attempt to access beyond end of device
[  355.958713][ T4381] loop6: rw=2049, want=40976, limit=40427
[  357.011677][ T6885] loop0: detected capacity change from 0 to 32768
[  357.063353][ T6885] (syz.0.566,6885,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  357.076294][ T6885] (syz.0.566,6885,1):ocfs2_fill_super:1177 ERROR: status = -22
[  357.138176][ T1111] usb 2-1: string descriptor 0 read error: -71
[  357.232214][ T1111] usb 2-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  357.241731][ T1111] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  357.450565][ T1111] usb 2-1: config 0 descriptor??
[  357.598031][ T1111] usb 2-1: can't set config #0, error -71
[  358.216658][ T1111] usb 2-1: USB disconnect, device number 4
[  358.318737][ T6897] netlink: 4 bytes leftover after parsing attributes in process `syz.3.561'.
[  358.526812][ T6900] loop6: detected capacity change from 0 to 40427
[  358.650512][   T26] kauditd_printk_skb: 13 callbacks suppressed
[  358.650530][   T26] audit: type=1326 audit(2000000020.100:506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  358.700253][ T6900] F2FS-fs (loop6): invalid crc value
[  358.786644][ T6900] F2FS-fs (loop6): Found nat_bits in checkpoint
[  358.962586][ T6911] loop1: detected capacity change from 0 to 40427
[  359.025956][ T6900] F2FS-fs (loop6): Start checkpoint disabled!
[  359.061230][ T6911] F2FS-fs (loop1): invalid crc value
[  359.126742][ T6911] F2FS-fs (loop1): Found nat_bits in checkpoint
[  359.150948][ T6911] F2FS-fs (loop1): Start checkpoint disabled!
[  359.224752][   T26] audit: type=1326 audit(2000000020.140:507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  359.265535][ T6911] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  359.335791][   T26] audit: type=1326 audit(2000000020.140:508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  359.358664][ T6900] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  359.367759][   T26] audit: type=1326 audit(2000000020.140:509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  359.505371][ T1111] usb 4-1: new full-speed USB device number 3 using dummy_hcd
[  360.968445][   T26] audit: type=1326 audit(2000000020.140:510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  360.969285][   T26] audit: type=1326 audit(2000000020.140:511): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  360.970371][   T26] audit: type=1326 audit(2000000020.140:512): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  361.067538][   T26] audit: type=1326 audit(2000000020.140:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  361.067589][   T26] audit: type=1326 audit(2000000020.140:514): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  361.067622][   T26] audit: type=1326 audit(2000000020.140:515): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6899 comm="syz.2.569" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fa5b795c819 code=0x7ffc0000
[  361.431762][ T1111] usb 4-1: device descriptor read/all, error -71
[  361.589986][ T6931] autofs4:pid:6931:autofs_fill_super: called with bogus options
[  366.064294][ T4268] attempt to access beyond end of device
[  366.064294][ T4268] loop1: rw=2049, want=40984, limit=40427
[  368.308781][ T6960] loop1: detected capacity change from 0 to 40427
[  368.396277][ T6960] F2FS-fs (loop1): invalid crc value
[  368.412818][ T6960] F2FS-fs (loop1): Found nat_bits in checkpoint
[  368.460453][ T6960] F2FS-fs (loop1): Start checkpoint disabled!
[  368.477846][ T6960] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  369.762045][ T6977] loop3: detected capacity change from 0 to 1024
[  369.811446][ T4652] attempt to access beyond end of device
[  369.811446][ T4652] loop1: rw=2049, want=40976, limit=40427
[  369.878413][ T6977] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  369.954405][ T6977] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  369.999868][ T6977] EXT4-fs (loop3): re-mounted. Opts: (null). Quota mode: writeback.
[  370.295700][ T6986] loop1: detected capacity change from 0 to 40427
[  370.379381][ T6986] F2FS-fs (loop1): invalid crc value
[  370.444847][ T6986] F2FS-fs (loop1): Found nat_bits in checkpoint
[  370.486512][ T6986] F2FS-fs (loop1): Start checkpoint disabled!
[  370.522035][ T6986] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  370.685643][ T6993] loop2: detected capacity change from 0 to 40427
[  370.889736][ T6993] F2FS-fs (loop2): invalid crc value
[  371.565466][ T6993] F2FS-fs (loop2): Found nat_bits in checkpoint
[  371.616483][ T6993] F2FS-fs (loop2): Start checkpoint disabled!
[  371.641891][ T6993] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  373.432865][ T1108] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  374.931961][ T1108] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  375.023350][ T1108] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  375.210741][ T4686] attempt to access beyond end of device
[  375.210741][ T4686] loop1: rw=2049, want=40976, limit=40427
[  375.361969][ T1108] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  375.400991][ T6236] attempt to access beyond end of device
[  375.400991][ T6236] loop2: rw=2049, want=40984, limit=40427
[  375.417622][ T1108] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  375.446718][ T1108] usb 4-1: Product: syz
[  375.450952][ T1108] usb 4-1: Manufacturer: syz
[  375.506814][ T1108] usb 4-1: SerialNumber: syz
[  375.523222][ T7026] autofs4:pid:7026:autofs_fill_super: called with bogus options
[  375.554296][ T1108] usb 4-1: config 0 descriptor??
[  375.709156][ T7031] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  375.717333][ T7031] batman_adv: batadv0: Removing interface: batadv_slave_0
[  377.214411][ T4281] usb 4-1: USB disconnect, device number 5
[  378.331613][ T7031] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  378.347040][ T7031] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.682746][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  378.696455][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  380.408431][ T7060] binder: 7057:7060 ioctl 4018620d 0 returned -22
[  380.417078][ T7058] netlink: 40 bytes leftover after parsing attributes in process `syz.2.589'.
[  380.461359][ T7055] loop6: detected capacity change from 0 to 1024
[  380.839328][ T7067] loop3: detected capacity change from 0 to 40427
[  380.990277][ T7075] netlink: 40 bytes leftover after parsing attributes in process `syz.2.599'.
[  381.019677][ T7070] loop1: detected capacity change from 0 to 40427
[  381.037984][ T7055] EXT4-fs (loop6): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  381.059821][ T7067] F2FS-fs (loop3): invalid crc value
[  381.076597][ T7067] F2FS-fs (loop3): Found nat_bits in checkpoint
[  381.096277][ T7070] F2FS-fs (loop1): invalid crc value
[  381.112437][ T7055] EXT4-fs (loop6): re-mounted. Opts: (null). Quota mode: writeback.
[  381.123301][ T7067] F2FS-fs (loop3): Start checkpoint disabled!
[  381.152543][ T7070] F2FS-fs (loop1): Found nat_bits in checkpoint
[  381.186891][ T7067] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  381.203903][ T7070] F2FS-fs (loop1): Start checkpoint disabled!
[  381.243821][ T7055] EXT4-fs (loop6): re-mounted. Opts: (null). Quota mode: writeback.
[  381.298480][ T7070] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  381.488355][ T7079] loop0: detected capacity change from 0 to 40427
[  381.622920][ T7079] F2FS-fs (loop0): invalid crc value
[  382.034796][ T7079] F2FS-fs (loop0): Found nat_bits in checkpoint
[  382.081835][ T7079] F2FS-fs (loop0): Start checkpoint disabled!
[  382.101959][ T7079] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  384.752303][ T4686] attempt to access beyond end of device
[  384.752303][ T4686] loop3: rw=2049, want=40976, limit=40427
[  384.801968][ T7017] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  384.947729][ T4343] attempt to access beyond end of device
[  384.947729][ T4343] loop1: rw=2049, want=40976, limit=40427
[  384.955459][ T7104] loop6: detected capacity change from 0 to 1024
[  385.523105][ T7017] usb 3-1: device not accepting address 6, error -71
[  385.860034][ T4381] attempt to access beyond end of device
[  385.860034][ T4381] loop0: rw=2049, want=40984, limit=40427
[  386.042598][ T4686] hfsplus: bad catalog folder entry
[  386.048384][ T4686] hfsplus: bad catalog file entry
[  386.696780][ T7123] autofs4:pid:7123:autofs_fill_super: called with bogus options
[  388.051226][ T7135] netlink: 40 bytes leftover after parsing attributes in process `syz.0.611'.
[  389.066106][ T7148] loop3: detected capacity change from 0 to 40427
[  389.125949][ T7148] F2FS-fs (loop3): invalid crc value
[  389.296057][ T7148] F2FS-fs (loop3): Found nat_bits in checkpoint
[  389.362134][ T7161] loop0: detected capacity change from 0 to 256
[  389.402856][ T7148] F2FS-fs (loop3): Start checkpoint disabled!
[  389.436434][ T7148] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  390.198131][ T7159] loop6: detected capacity change from 0 to 40427
[  390.341811][ T7159] F2FS-fs (loop6): invalid crc value
[  390.375624][ T7159] F2FS-fs (loop6): Found nat_bits in checkpoint
[  390.498297][ T7159] F2FS-fs (loop6): Start checkpoint disabled!
[  390.583192][ T4268] attempt to access beyond end of device
[  390.583192][ T4268] loop3: rw=2049, want=45104, limit=40427
[  390.623008][ T7159] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  390.676988][ T7169] loop0: detected capacity change from 0 to 40427
[  390.767005][ T7169] F2FS-fs (loop0): invalid crc value
[  390.809674][ T7169] F2FS-fs (loop0): Found nat_bits in checkpoint
[  390.865909][ T7169] F2FS-fs (loop0): Start checkpoint disabled!
[  390.881732][ T7169] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  393.333708][ T6236] attempt to access beyond end of device
[  393.333708][ T6236] loop0: rw=2049, want=40984, limit=40427
[  393.577991][ T1243] attempt to access beyond end of device
[  393.577991][ T1243] loop6: rw=2049, want=40976, limit=40427
[  394.190625][ T1108] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  394.581908][ T1108] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  394.674559][ T1108] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  395.012286][ T1108] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  395.083658][ T1108] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.210879][ T1108] usb 4-1: Product: syz
[  395.283120][ T1108] usb 4-1: Manufacturer: syz
[  395.357868][ T1108] usb 4-1: SerialNumber: syz
[  395.525739][ T1108] usb 4-1: config 0 descriptor??
[  396.964303][ T1108] usb 4-1: USB disconnect, device number 6
[  398.456598][ T7224] loop6: detected capacity change from 0 to 40427
[  398.550300][ T7224] F2FS-fs (loop6): invalid crc value
[  398.627013][ T7224] F2FS-fs (loop6): Found nat_bits in checkpoint
[  398.655994][ T7224] F2FS-fs (loop6): Start checkpoint disabled!
[  398.697201][ T7224] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  401.684152][ T7256] netlink: 'syz.2.629': attribute type 8 has an invalid length.
[  401.788138][ T7256] Cannot find del_set index 4 as target
[  405.581693][ T7017] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  406.142135][ T7017] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  406.565148][ T7017] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  406.687781][ T4281] Bluetooth: hci0: command 0x0406 tx timeout
[  406.941926][ T7017] usb 7-1: string descriptor 0 read error: -71
[  406.955383][ T7017] usb 7-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  406.989717][ T4202] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  407.002192][ T4202] CPU: 0 PID: 4202 Comm: kworker/u5:6 Not tainted syzkaller #0
[  407.009983][ T4202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  407.020340][ T4202] Workqueue: hci1 hci_rx_work
[  407.025326][ T4202] Call Trace:
[  407.028697][ T4202]  <TASK>
[  407.031661][ T4202]  dump_stack_lvl+0x188/0x250
[  407.036371][ T4202]  ? show_regs_print_info+0x20/0x20
[  407.041948][ T4202]  ? load_image+0x400/0x400
[  407.046694][ T4202]  sysfs_create_dir_ns+0x26a/0x290
[  407.051866][ T4202]  ? sysfs_warn_dup+0xa0/0xa0
[  407.056569][ T4202]  ? process_one_work+0x85f/0x1010
[  407.061704][ T4202]  ? do_raw_spin_unlock+0x11d/0x230
[  407.066948][ T4202]  kobject_add_internal+0x6e0/0xd90
[  407.072205][ T4202]  kobject_add+0x160/0x230
[  407.077099][ T4202]  ? kobject_init+0x1d0/0x1d0
[  407.081804][ T4202]  ? klist_children_get+0x50/0x50
[  407.086941][ T4202]  ? get_device_parent+0x121/0x3f0
[  407.092448][ T4202]  device_add+0x483/0xfb0
[  407.096813][ T4202]  hci_conn_add_sysfs+0xd1/0x1e0
[  407.101792][ T4202]  le_conn_complete_evt+0xc48/0x15c0
[  407.107311][ T4202]  ? cs_le_create_conn+0x5e0/0x5e0
[  407.112625][ T4202]  ? __switch_to_asm+0x34/0x60
[  407.117578][ T4202]  ? __mutex_trylock_common+0x155/0x260
[  407.123152][ T4202]  hci_le_meta_evt+0x285/0x3c90
[  407.128199][ T4202]  ? hci_event_packet+0x37b/0x1370
[  407.133614][ T4202]  ? __lock_acquire+0x7d10/0x7d10
[  407.138757][ T4202]  ? mark_lock+0x94/0x320
[  407.143253][ T4202]  ? release_firmware_map_entry+0x190/0x190
[  407.149280][ T4202]  ? hci_remote_host_features_evt+0x280/0x280
[  407.155429][ T4202]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  407.161310][ T4202]  ? mutex_unlock+0x10/0x10
[  407.165933][ T4202]  ? preempt_schedule+0xbc/0xd0
[  407.171945][ T4202]  ? schedule_preempt_disabled+0x20/0x20
[  407.177636][ T4202]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  407.183387][ T4202]  hci_event_packet+0xe48/0x1370
[  407.188633][ T4202]  ? rcu_lock_release+0x20/0x20
[  407.193685][ T4202]  ? hci_send_to_monitor+0x9c/0x4a0
[  407.199123][ T4202]  hci_rx_work+0x255/0xa10
[  407.203645][ T4202]  process_one_work+0x85f/0x1010
[  407.208635][ T4202]  ? worker_detach_from_pool+0x240/0x240
[  407.214389][ T4202]  ? lockdep_hardirqs_off+0x70/0x100
[  407.220161][ T4202]  ? _raw_spin_lock_irq+0xb7/0xf0
[  407.225497][ T4202]  ? _raw_spin_lock_irqsave+0x100/0x100
[  407.231388][ T4202]  ? wq_worker_running+0x97/0x170
[  407.236449][ T4202]  worker_thread+0xaa6/0x1290
[  407.241195][ T4202]  kthread+0x436/0x520
[  407.245314][ T4202]  ? rcu_lock_release+0x20/0x20
[  407.250187][ T4202]  ? kthread_blkcg+0xd0/0xd0
[  407.254839][ T4202]  ret_from_fork+0x1f/0x30
[  407.259379][ T4202]  </TASK>
[  407.287500][ T4202] kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  407.302920][ T4202] Bluetooth: hci1: failed to register connection device
[  407.414610][ T7295] loop2: detected capacity change from 0 to 2048
[  408.432147][ T7295] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  408.478648][ T7017] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  408.771135][ T7017] usb 7-1: config 0 descriptor??
[  408.882141][ T7017] usb 7-1: can't set config #0, error -71
[  409.025127][ T7017] usb 7-1: USB disconnect, device number 2
[  409.083574][ T7297] loop1: detected capacity change from 0 to 1024
[  409.402921][ T7297] EXT4-fs (loop1): mounted filesystem without journal. Opts: grpjquota=,,errors=continue. Quota mode: writeback.
[  409.564184][ T7293] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  409.744209][ T7304] loop6: detected capacity change from 0 to 40427
[  409.828623][ T7306] loop0: detected capacity change from 0 to 40427
[  409.868581][ T7293] EXT4-fs (loop1): re-mounted. Opts: (null). Quota mode: writeback.
[  409.921703][ T7306] F2FS-fs (loop0): invalid crc value
[  409.946786][ T7304] F2FS-fs (loop6): invalid crc value
[  409.960115][ T7306] F2FS-fs (loop0): Found nat_bits in checkpoint
[  409.997391][ T7306] F2FS-fs (loop0): Start checkpoint disabled!
[  410.037530][ T7304] F2FS-fs (loop6): Found nat_bits in checkpoint
[  410.087090][ T7304] F2FS-fs (loop6): Start checkpoint disabled!
[  410.097643][ T7306] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  410.114976][ T7304] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  410.970080][ T7315] xt_CT: You must specify a L4 protocol and not use inversions on it
[  410.982203][ T4343] attempt to access beyond end of device
[  410.982203][ T4343] loop0: rw=2049, want=40976, limit=40427
[  411.797231][  T145] attempt to access beyond end of device
[  411.797231][  T145] loop6: rw=2049, want=40976, limit=40427
[  412.204695][ T7324] loop2: detected capacity change from 0 to 40427
[  412.413478][ T7324] F2FS-fs (loop2): invalid crc value
[  412.461262][ T7328] loop0: detected capacity change from 0 to 32768
[  412.466779][ T7324] F2FS-fs (loop2): Found nat_bits in checkpoint
[  412.512232][ T7324] F2FS-fs (loop2): Start checkpoint disabled!
[  412.539480][ T7324] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  412.552682][ T7328] (syz.0.647,7328,0):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  412.562895][ T7328] (syz.0.647,7328,0):ocfs2_fill_super:1177 ERROR: status = -22
[  413.881650][ T7017] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  414.241880][ T7017] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  414.327753][ T7017] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  414.722002][ T7017] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  414.823129][ T7017] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  414.965795][ T7017] usb 1-1: Product: syz
[  415.034863][ T7017] usb 1-1: Manufacturer: syz
[  415.113295][ T7017] usb 1-1: SerialNumber: syz
[  415.152154][ T4343] attempt to access beyond end of device
[  415.152154][ T4343] loop2: rw=2049, want=40976, limit=40427
[  415.304479][ T7017] usb 1-1: config 0 descriptor??
[  416.653073][   T21] usb 1-1: USB disconnect, device number 3
[  417.112575][ T7353] loop3: detected capacity change from 0 to 256
[  417.946859][ T7358] loop0: detected capacity change from 0 to 1024
[  418.095530][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  418.095548][   T26] audit: type=1800 audit(2000000030.040:531): pid=7358 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.653" name="file1" dev="loop0" ino=20 res=0 errno=0
[  418.139856][ T7358] hfsplus: request for non-existent node 16777216 in B*Tree
[  418.170837][ T7358] hfsplus: request for non-existent node 16777216 in B*Tree
[  418.554092][ T7363] loop3: detected capacity change from 0 to 40427
[  418.665436][ T7363] F2FS-fs (loop3): invalid crc value
[  418.701917][ T7363] F2FS-fs (loop3): Found nat_bits in checkpoint
[  418.820226][ T7363] F2FS-fs (loop3): Start checkpoint disabled!
[  418.900563][ T7363] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  418.978194][ T7373] loop6: detected capacity change from 0 to 32768
[  419.063032][ T7373] (syz.6.659,7373,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  419.072739][ T7373] (syz.6.659,7373,1):ocfs2_fill_super:1177 ERROR: status = -22
[  420.571913][ T4233] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  421.348200][ T4233] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  422.304209][ T4233] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  422.634532][ T4233] usb 3-1: string descriptor 0 read error: -71
[  422.641113][ T4233] usb 3-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  423.135408][ T4233] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  423.178813][ T4381] attempt to access beyond end of device
[  423.178813][ T4381] loop3: rw=2049, want=40976, limit=40427
[  423.209183][ T4233] usb 3-1: config 0 descriptor??
[  423.260866][ T4233] usb 3-1: can't set config #0, error -71
[  423.318580][ T4233] usb 3-1: USB disconnect, device number 8
[  424.434128][ T7408] netlink: 'syz.1.667': attribute type 8 has an invalid length.
[  424.607118][ T7408] Cannot find del_set index 4 as target
[  424.892302][ T7410] binder: 7409:7410 ioctl c0306201 0 returned -14
[  425.405160][ T7415] loop3: detected capacity change from 0 to 40427
[  425.654892][ T7415] F2FS-fs (loop3): invalid crc value
[  425.678163][ T7415] F2FS-fs (loop3): Found nat_bits in checkpoint
[  425.748003][ T7415] F2FS-fs (loop3): Start checkpoint disabled!
[  425.786804][ T7415] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  426.953020][ T7431] loop2: detected capacity change from 0 to 32768
[  427.032874][ T7431] (syz.2.673,7431,1):ocfs2_parse_options:1459 ERROR: Invalid heartbeat mount options
[  427.043054][ T7431] (syz.2.673,7431,1):ocfs2_fill_super:1177 ERROR: status = -22
[  427.156599][ T7433] netlink: 4 bytes leftover after parsing attributes in process `syz.2.675'.
[  427.166111][ T4686] attempt to access beyond end of device
[  427.166111][ T4686] loop3: rw=2049, want=40976, limit=40427
[  427.199771][ T7433] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  427.380683][ T7433] batman_adv: batadv0: Removing interface: batadv_slave_1
[  427.491623][ T4229] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  427.892053][ T4229] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  428.371601][ T4229] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 2
[  428.992303][ T4229] usb 3-1: New USB device found, idVendor=03f0, idProduct=581d, bcdDevice=20.a3
[  429.025465][ T4229] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  429.045876][ T4229] usb 3-1: Product: syz
[  429.050727][ T4229] usb 3-1: Manufacturer: syz
[  429.056426][ T4229] usb 3-1: SerialNumber: syz
[  429.105181][ T4229] usb 3-1: config 0 descriptor??
[  430.081049][ T4194] usb 3-1: USB disconnect, device number 9
[  430.185925][ T7451] binder: 7450:7451 ioctl c0306201 0 returned -14
[  430.336248][ T7449] loop6: detected capacity change from 0 to 40427
[  430.384817][ T7455] loop0: detected capacity change from 0 to 64
[  430.410507][ T7449] F2FS-fs (loop6): invalid crc value
[  430.438846][ T7449] F2FS-fs (loop6): Found nat_bits in checkpoint
[  430.484187][ T7449] F2FS-fs (loop6): Start checkpoint disabled!
[  430.527772][ T7449] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  431.791211][ T4344] attempt to access beyond end of device
[  431.791211][ T4344] loop6: rw=2049, want=40984, limit=40427
[  432.769703][ T7479] xt_CT: You must specify a L4 protocol and not use inversions on it
[  433.099572][ T7486] netlink: 40 bytes leftover after parsing attributes in process `syz.0.690'.
[  433.310399][ T7491] binder: 7490:7491 ioctl c0306201 0 returned -14
[  433.670549][   T26] audit: type=1326 audit(2000000000.560:532): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  433.785740][   T26] audit: type=1326 audit(2000000000.650:533): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.531665][   T26] audit: type=1326 audit(2000000000.650:534): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.555138][   T26] audit: type=1326 audit(2000000000.650:535): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.581849][   T26] audit: type=1326 audit(2000000000.650:536): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.604825][   T26] audit: type=1326 audit(2000000000.650:537): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.627947][   T26] audit: type=1326 audit(2000000000.650:538): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.654636][   T26] audit: type=1326 audit(2000000000.650:539): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.770204][   T26] audit: type=1326 audit(2000000000.710:540): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  434.841939][   T26] audit: type=1326 audit(2000000000.710:541): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7499 comm="syz.6.685" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fab51fab819 code=0x7ffc0000
[  435.195111][ T7509] loop6: detected capacity change from 0 to 40427
[  435.297824][ T7509] F2FS-fs (loop6): invalid crc value
[  435.331812][ T7509] F2FS-fs (loop6): Found nat_bits in checkpoint
[  435.374926][ T7509] F2FS-fs (loop6): Start checkpoint disabled!
[  435.383885][ T7509] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  437.102772][ T4272] attempt to access beyond end of device
[  437.102772][ T4272] loop6: rw=2049, want=45112, limit=40427
[  440.034217][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  440.040962][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.180906][ T7534] netlink: 40 bytes leftover after parsing attributes in process `syz.1.701'.
[  442.475447][ T7553] loop0: detected capacity change from 0 to 32768
[  442.539395][ T7553] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  442.578194][ T7553] BTRFS info (device loop0): allowing degraded mounts
[  442.618647][ T7553] BTRFS info (device loop0): setting nodatasum
[  442.644283][ T7553] BTRFS info (device loop0): disabling tree log
[  442.686795][ T7553] BTRFS info (device loop0): using free space tree
[  442.759626][ T7553] BTRFS info (device loop0): has skinny extents
[  443.720917][ T7553] BTRFS info (device loop0): checking UUID tree
[  444.107212][ T7593] loop1: detected capacity change from 0 to 40427
[  444.171130][ T7593] F2FS-fs (loop1): invalid crc value
[  444.187176][ T7593] F2FS-fs (loop1): Found nat_bits in checkpoint
[  444.255191][ T7593] F2FS-fs (loop1): Start checkpoint disabled!
[  444.271723][ T7593] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  444.707099][  T145] attempt to access beyond end of device
[  444.707099][  T145] loop1: rw=2049, want=40976, limit=40427
[  445.671940][ T7603] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  446.172890][ T7603] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  446.539784][ T7603] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  447.662229][ T7603] usb 4-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  447.770986][ T7603] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  447.932505][ T7603] usb 4-1: Product: syz
[  448.007595][ T7603] usb 4-1: Manufacturer: syz
[  448.090844][ T7603] usb 4-1: SerialNumber: syz
[  448.224648][ T7603] usb 4-1: config 0 descriptor??
[  448.254883][ T7625] loop2: detected capacity change from 0 to 1024
[  448.312026][ T7603] usb 4-1: can't set config #0, error -71
[  448.361304][   T26] kauditd_printk_skb: 12 callbacks suppressed
[  448.361323][   T26] audit: type=1326 audit(2000000008.180:554): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  448.376062][ T7603] usb 4-1: USB disconnect, device number 7
[  448.404512][ T7629] loop3: detected capacity change from 0 to 1024
[  448.452526][   T26] audit: type=1326 audit(2000000008.250:555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  448.748810][   T26] audit: type=1326 audit(2000000008.250:556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  448.970009][   T26] audit: type=1326 audit(2000000008.260:557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  449.111781][ T7634] Bluetooth: received HCILL_WAKE_UP_ACK in state 2
[  449.186195][ T4344] Bluetooth: hci5: Frame reassembly failed (-84)
[  449.229762][   T26] audit: type=1326 audit(2000000008.260:558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  450.371978][   T26] audit: type=1326 audit(2000000008.260:559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  450.442592][ T1270] hfsplus: bad catalog folder entry
[  450.471584][   T26] audit: type=1326 audit(2000000008.260:560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  450.541762][ T1270] hfsplus: bad catalog file entry
[  450.701040][   T26] audit: type=1326 audit(2000000008.260:561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  451.173732][   T26] audit: type=1326 audit(2000000008.260:562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  451.865759][   T26] audit: type=1326 audit(2000000008.260:563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7628 comm="syz.0.721" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f9ecf375819 code=0x7ffc0000
[  452.001429][ T7386] Bluetooth: hci5: command 0x1003 tx timeout
[  452.008210][ T4201] Bluetooth: hci5: sending frame failed (-49)
[  453.771932][ T4233] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  454.254934][ T4231] Bluetooth: hci5: command 0x1001 tx timeout
[  454.332209][ T4201] Bluetooth: hci5: sending frame failed (-49)
[  454.511883][ T4233] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  454.571256][ T4233] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  454.832152][ T4233] usb 1-1: New USB device found, idVendor=133e, idProduct=0815, bcdDevice=7e.66
[  454.877503][ T4233] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  454.965305][ T4233] usb 1-1: Product: syz
[  455.010050][ T4233] usb 1-1: Manufacturer: syz
[  455.067719][ T4233] usb 1-1: SerialNumber: syz
[  455.209995][ T4233] usb 1-1: config 0 descriptor??
[  456.341714][ T4233] Bluetooth: hci5: command 0x1009 tx timeout
[  456.553859][ T7603] usb 1-1: USB disconnect, device number 4
[  456.619932][ T7674] loop0: detected capacity change from 0 to 64
[  456.864266][ T7677] loop0: detected capacity change from 0 to 1024
[  457.962220][ T7684] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1497
[  457.981485][ T7684] in_atomic(): 1, irqs_disabled(): 1, non_block: 0, pid: 7684, name: syz.3.737
[  457.990737][ T7684] 1 lock held by syz.3.737/7684:
[  457.995792][ T7684]  #0: ffffffff8c3443b8 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x26/0x2f0
[  458.005606][ T7684] irq event stamp: 296
[  458.009734][ T7684] hardirqs last  enabled at (295): [<ffffffff89c5d7b2>] _raw_spin_unlock_irqrestore+0x82/0x120
[  458.020340][ T7684] hardirqs last disabled at (296): [<ffffffff89c5d636>] _raw_spin_lock_irq+0x86/0xf0
[  458.030374][ T7684] softirqs last  enabled at (280): [<ffffffff88629eea>] ip_setsockopt+0x58a/0x3130
[  458.039787][ T7684] softirqs last disabled at (278): [<ffffffff87daf5bb>] release_sock+0x2b/0x1b0
[  458.049083][ T7684] Preemption disabled at:
[  458.049093][ T7684] [<0000000000000000>] 0x0
[  458.058004][ T7684] CPU: 0 PID: 7684 Comm: syz.3.737 Not tainted syzkaller #0
[  458.065751][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  458.076164][ T7684] Call Trace:
[  458.079535][ T7684]  <TASK>
[  458.082732][ T7684]  dump_stack_lvl+0x188/0x250
[  458.087718][ T7684]  ? ip_setsockopt+0x58a/0x3130
[  458.092958][ T7684]  ? show_regs_print_info+0x20/0x20
[  458.098263][ T7684]  ? load_image+0x400/0x400
[  458.102876][ T7684]  ___might_sleep+0x493/0x610
[  458.107705][ T7684]  ? __might_sleep+0xf0/0xf0
[  458.112300][ T7684]  down_read+0x20/0x2e0
[  458.116459][ T7684]  kernfs_walk_and_get_ns+0x7e/0x2c0
[  458.121833][ T7684]  ? kernfs_find_ns+0x510/0x510
[  458.126700][ T7684]  ? current_cgns_cgroup_from_root+0x2a9/0x2f0
[  458.132986][ T7684]  cgroup_get_from_path+0x5f/0x2f0
[  458.138110][ T7684]  cgroup_mt_check_v1+0x1ae/0x2c0
[  458.143144][ T7684]  xt_check_match+0x425/0xaf0
[  458.147903][ T7684]  ? xt_check_proc_name+0x240/0x240
[  458.153407][ T7684]  ? pcpu_alloc+0x1121/0x1770
[  458.158108][ T7684]  ? xt_find_match+0x1e1/0x210
[  458.162880][ T7684]  translate_table+0x1551/0x20e0
[  458.168029][ T7684]  ? ipt_register_table+0x800/0x800
[  458.173236][ T7684]  ? __might_fault+0xb7/0x110
[  458.177906][ T7684]  ? __lock_acquire+0x7d10/0x7d10
[  458.183026][ T7684]  ? _copy_from_user+0x111/0x170
[  458.187975][ T7684]  do_ipt_set_ctl+0x964/0xd80
[  458.192684][ T7684]  ? nf_setsockopt+0x218/0x280
[  458.197704][ T7684]  ? ipt_unregister_table_exit+0x220/0x220
[  458.203836][ T7684]  ? __lock_acquire+0x7d10/0x7d10
[  458.208938][ T7684]  ? __mutex_lock_common+0x465/0x2400
[  458.214480][ T7684]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  458.220283][ T7684]  ? mutex_unlock+0x10/0x10
[  458.225211][ T7684]  ? __local_bh_enable_ip+0x136/0x1c0
[  458.230764][ T7684]  ? lockdep_hardirqs_on+0x94/0x140
[  458.236132][ T7684]  ? __local_bh_enable_ip+0x136/0x1c0
[  458.241860][ T7684]  nf_setsockopt+0x25f/0x280
[  458.246441][ T7684]  ip_setsockopt+0x207d/0x3130
[  458.251393][ T7684]  ? ipv4_pktinfo_prepare+0x6f0/0x6f0
[  458.257625][ T7684]  ? do_futex+0xd73/0x12b0
[  458.262062][ T7684]  ? __might_sleep+0xf0/0xf0
[  458.266739][ T7684]  ? ksys_unshare+0x772/0x8b0
[  458.271404][ T7684]  tcp_setsockopt+0x240/0x1e90
[  458.276284][ T7684]  ? aa_sk_perm+0x7dc/0x910
[  458.280878][ T7684]  ? tcp_set_window_clamp+0x1a0/0x1a0
[  458.286237][ T7684]  ? aa_af_perm+0x340/0x340
[  458.290729][ T7684]  ? aa_sock_opt_perm+0x74/0x100
[  458.295764][ T7684]  ? sock_common_setsockopt+0x32/0xb0
[  458.301561][ T7684]  ? sock_common_recvmsg+0x1c0/0x1c0
[  458.306863][ T7684]  __sys_setsockopt+0x2bf/0x3d0
[  458.311799][ T7684]  __x64_sys_setsockopt+0xb1/0xc0
[  458.316925][ T7684]  do_syscall_64+0x4c/0xa0
[  458.321585][ T7684]  ? clear_bhb_loop+0x30/0x80
[  458.326272][ T7684]  ? clear_bhb_loop+0x30/0x80
[  458.331126][ T7684]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  458.337200][ T7684] RIP: 0033:0x7f5cdfd66819
[  458.341959][ T7684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  458.361818][ T7684] RSP: 002b:00007f5cddfc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  458.370311][ T7684] RAX: ffffffffffffffda RBX: 00007f5cdffdffa0 RCX: 00007f5cdfd66819
[  458.378360][ T7684] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  458.386343][ T7684] RBP: 00007f5cdfdfcc91 R08: 00000000000022f8 R09: 0000000000000000
[  458.394332][ T7684] R10: 0000200000002300 R11: 0000000000000246 R12: 0000000000000000
[  458.402484][ T7684] R13: 00007f5cdffe0038 R14: 00007f5cdffdffa0 R15: 00007fff6cda38d8
[  458.411024][ T7684]  </TASK>
[  458.414050][ T7684] 
[  458.416473][ T7684] =============================
[  458.421486][ T7684] [ BUG: Invalid wait context ]
[  458.426323][ T7684] syzkaller #0 Tainted: G        W        
[  458.432232][ T7684] -----------------------------
[  458.437080][ T7684] syz.3.737/7684 is trying to lock:
[  458.442399][ T7684] ffffffff8c44fa10 (kernfs_rwsem){++++}-{3:3}, at: kernfs_walk_and_get_ns+0x7e/0x2c0
[  458.451864][ T7684] other info that might help us debug this:
[  458.457917][ T7684] context-{4:4}
[  458.461650][ T7684] 1 lock held by syz.3.737/7684:
[  458.466848][ T7684]  #0: ffffffff8c3443b8 (css_set_lock){..-.}-{2:2}, at: cgroup_get_from_path+0x26/0x2f0
[  458.477077][ T7684] stack backtrace:
[  458.480888][ T7684] CPU: 0 PID: 7684 Comm: syz.3.737 Tainted: G        W         syzkaller #0
[  458.489839][ T7684] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  458.500493][ T7684] Call Trace:
[  458.503772][ T7684]  <TASK>
[  458.506700][ T7684]  dump_stack_lvl+0x188/0x250
[  458.511469][ T7684]  ? show_regs_print_info+0x20/0x20
[  458.516661][ T7684]  ? load_image+0x400/0x400
[  458.521269][ T7684]  __lock_acquire+0x1bf8/0x7d10
[  458.526126][ T7684]  ? verify_lock_unused+0x140/0x140
[  458.531413][ T7684]  ? __printk_cpu_unlock+0x5f/0x70
[  458.536861][ T7684]  ? dump_stack_lvl+0x1fd/0x250
[  458.541789][ T7684]  ? ip_setsockopt+0x58a/0x3130
[  458.546776][ T7684]  ? show_regs_print_info+0x20/0x20
[  458.552163][ T7684]  ? load_image+0x400/0x400
[  458.556669][ T7684]  lock_acquire+0x19e/0x400
[  458.561519][ T7684]  ? kernfs_walk_and_get_ns+0x7e/0x2c0
[  458.566996][ T7684]  ? __might_sleep+0xf0/0xf0
[  458.571702][ T7684]  ? read_lock_is_recursive+0x10/0x10
[  458.577159][ T7684]  down_read+0x44/0x2e0
[  458.581310][ T7684]  ? kernfs_walk_and_get_ns+0x7e/0x2c0
[  458.587067][ T7684]  kernfs_walk_and_get_ns+0x7e/0x2c0
[  458.592375][ T7684]  ? kernfs_find_ns+0x510/0x510
[  458.597497][ T7684]  ? current_cgns_cgroup_from_root+0x2a9/0x2f0
[  458.603757][ T7684]  cgroup_get_from_path+0x5f/0x2f0
[  458.608945][ T7684]  cgroup_mt_check_v1+0x1ae/0x2c0
[  458.614241][ T7684]  xt_check_match+0x425/0xaf0
[  458.618907][ T7684]  ? xt_check_proc_name+0x240/0x240
[  458.624108][ T7684]  ? pcpu_alloc+0x1121/0x1770
[  458.628781][ T7684]  ? xt_find_match+0x1e1/0x210
[  458.633719][ T7684]  translate_table+0x1551/0x20e0
[  458.638644][ T7684]  ? ipt_register_table+0x800/0x800
[  458.643852][ T7684]  ? __might_fault+0xb7/0x110
[  458.648517][ T7684]  ? __lock_acquire+0x7d10/0x7d10
[  458.653623][ T7684]  ? _copy_from_user+0x111/0x170
[  458.658547][ T7684]  do_ipt_set_ctl+0x964/0xd80
[  458.663310][ T7684]  ? nf_setsockopt+0x218/0x280
[  458.668225][ T7684]  ? ipt_unregister_table_exit+0x220/0x220
[  458.674114][ T7684]  ? __lock_acquire+0x7d10/0x7d10
[  458.679165][ T7684]  ? __mutex_lock_common+0x465/0x2400
[  458.684700][ T7684]  ? __mutex_unlock_slowpath+0x1b0/0x6c0
[  458.690322][ T7684]  ? mutex_unlock+0x10/0x10
[  458.694861][ T7684]  ? __local_bh_enable_ip+0x136/0x1c0
[  458.700748][ T7684]  ? lockdep_hardirqs_on+0x94/0x140
[  458.705934][ T7684]  ? __local_bh_enable_ip+0x136/0x1c0
[  458.711408][ T7684]  nf_setsockopt+0x25f/0x280
[  458.715993][ T7684]  ip_setsockopt+0x207d/0x3130
[  458.721152][ T7684]  ? ipv4_pktinfo_prepare+0x6f0/0x6f0
[  458.726666][ T7684]  ? do_futex+0xd73/0x12b0
[  458.731176][ T7684]  ? __might_sleep+0xf0/0xf0
[  458.735859][ T7684]  ? ksys_unshare+0x772/0x8b0
[  458.742334][ T7684]  tcp_setsockopt+0x240/0x1e90
[  458.747232][ T7684]  ? aa_sk_perm+0x7dc/0x910
[  458.751725][ T7684]  ? tcp_set_window_clamp+0x1a0/0x1a0
[  458.757347][ T7684]  ? aa_af_perm+0x340/0x340
[  458.761953][ T7684]  ? aa_sock_opt_perm+0x74/0x100
[  458.767096][ T7684]  ? sock_common_setsockopt+0x32/0xb0
[  458.772469][ T7684]  ? sock_common_recvmsg+0x1c0/0x1c0
[  458.777755][ T7684]  __sys_setsockopt+0x2bf/0x3d0
[  458.782832][ T7684]  __x64_sys_setsockopt+0xb1/0xc0
[  458.787951][ T7684]  do_syscall_64+0x4c/0xa0
[  458.792540][ T7684]  ? clear_bhb_loop+0x30/0x80
[  458.797238][ T7684]  ? clear_bhb_loop+0x30/0x80
[  458.802104][ T7684]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  458.808259][ T7684] RIP: 0033:0x7f5cdfd66819
[  458.812753][ T7684] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  458.832799][ T7684] RSP: 002b:00007f5cddfc0028 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  458.841234][ T7684] RAX: ffffffffffffffda RBX: 00007f5cdffdffa0 RCX: 00007f5cdfd66819
[  458.849193][ T7684] RDX: 0000000000000040 RSI: 0004000000000000 RDI: 0000000000000003
[  458.857240][ T7684] RBP: 00007f5cdfdfcc91 R08: 00000000000022f8 R09: 0000000000000000
[  458.865388][ T7684] R10: 0000200000002300 R11: 0000000000000246 R12: 0000000000000000
[  458.873353][ T7684] R13: 00007f5cdffe0038 R14: 00007f5cdffdffa0 R15: 00007fff6cda38d8
[  458.881415][ T7684]  </TASK>
[  458.921301][ T7684] xt_cgroup: invalid path, errno=-2