last executing test programs:

9.702788442s ago: executing program 4 (id=1346):
ioctl$TIOCMBIC(0xffffffffffffffff, 0x5417, 0x0)
ioctl$TUNSETLINK(0xffffffffffffffff, 0x400454cd, 0x339)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180500000000c80000000000"], &(0x7f0000000480)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), r0)
sendmsg$NL80211_CMD_SET_TID_CONFIG(0xffffffffffffffff, 0x0, 0x40)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f00000004c0), &(0x7f0000000040)='./bus\x00', 0x2008410, &(0x7f0000000500)=ANY=[@ANYBLOB="66617374626f6f742c71756f7461000000000000003b814e50a959736d65720f73ecea54b5e5be45ace9a88f723cb005aeff24212c651baef614d442ae89412ad3dcd0b7586d02002a6d6d65cacd4fc5002207ce994dda65c4b1d23a9bd5ba0f4ce5c2b5a5718c6aa918080002223d2753a5cac974110144cd0a1e368652324a41b31e1eb3b32dccbdf8f68bd96a45a75427a5f789d267fd92f6a5540200b81d5b9fa9b40fe4d7fbd50a6afc3a989c6d60045663c59cbdc4c700000000bc7f6b22df0191acf5912afdcc1c061835177068c40f757dd123d2600b1c544f1525aa8d00000000000000000000002e8b5c733d362417c17f527c0bfebec112d57fc69fabb9b31ef97b2147931ff60cdf666c25244218b1f1a6010000000100000020563b835d0e8e9a09070ef1691fcb2f37bda5d4e3d9d7a2d0ac82b45a53001057f321acc45d5e065a461de90100000077d200000000000040b78f0dd3836f5ab2f6a1a5b798bb7752f192c6b48e568973a59cd9c74bd9a14721856c5499cd8f93f8beaa9cf76718ce7244c8426803000000005c000208886b313bd01a22d576e414011a4f0a897515329f86d4585fa0ea17068f8af349696da4a2b3e24310ca52ec51bc23b57897cb55a2d513e6a00765ee3f58b471c54dd57f0af584afe4a21f92b515d7f2fa6fbb273ca0f751e684584320534667aea39ad7222c8ef531f514939177a47395e94c1723abb3fd44fd64fde4b45cc2f55f4ae05ff48648a4c998257856bcdcf2fa02010000001f54fb936570450e91c8d55abad76a7b7a000016f81ec9da9ccc1191c211632266d907e4d9b23496ae19bac24dc23c43f514f1b4af19988bbe61ee29a368a999435d6872d01b79c7821e875859dfbf3c57e4f1fb0be46cb5f7a0fa13516c0926d19dd2d5862085e1e4cb8279be17cba17ee4d06ad97b4ca282e73ea142b01b4a742fa11c0927ba811dd60903d575db449d775021b542db617086b3ed42e6e60fe043cff79b0c067c584bbf82657974c3736912b4b522052b9467d0da116ccc1652d861a420f09aaf67d3e9f6160100000001000000ae6335ad9896abd3cc00413638cb9bc62ab8054325d72e9144cf4f88702f586507e3147198e0bc4060a7c8f4dce73b653177ecf8228e6e6fae02510000000000000000000000000000f43739fdd2d24e50e0233acfe1c8639070fe00f40b0d01f8a0a35fcfe3ea10faf9c24b8488ed4ed83fb06a9a7c57442ede9e1fc2853b8f4d2241cff61d0125b7750e3fdae6a4ab9c776a191ed8098a780ea2bbaa64978cd3a6458fcc6b949bcbca0dceb7361f66e46731eba4f3aed335e7c8c541e82453218a19d39489e1525466ac93759787e767f601931d94c9c426489b741a6bc8abf475e4bf859e1ce7f7227069e9f51e25fa3d1b18dc565180a1af464a1dd697db85e2b27b90f6bd7cf1b6bc0bcd8ba552ced3d3cfbf9c9bc04f65b6f83cb40173b4bdc393d47e5da95b63a40ac18daf11e8d0706b47795fbe2b56d0ea7ffc5a59ede88621a08b25ca6ebe041317b62373a60951af33eb7954a9731aaa125add0913ed2435a207439e9122512d77096747a4b404459cebc8faff8f7a31758e630c75a1ff90402754d339dc21cf6b8e04e1aedf14df0b4aaf0e03194df3eb41ba066bc343b323a3162d7e7ba687633c2faa8f28b42364b72e3a457476fd6b2a54e670ba798172c44c4390f73fdab743a4cac88b2bd0545b8483f2e2f9846b138a4d8a7332978da70e9050417087c5ae034a735e8b448dd9701404", @ANYRES16], 0x1, 0x553b, &(0x7f000000ac00)="$eJzs3EtvG1UUAOA7TtPSJxFiwa4jVUiJVFt12lSwC9CKh0gV8ViwAsd2LLe2J4odJ2SFBEvEgn+CQGLFkt/AgjU7xALEDgnkuWNKKI9WduKk/T5pfGbujM+cO7ISnRnLAXhiLaS//pyES+FsCGEuhHAhCfl6Uiy51RieCyFcDiGU/rIkxfifA6dDCOdCCJdGyWPOpNj1+dXhlZWf3vjlm+/OnDr/xdffz27WwKw9H0LobsX13W6MWSvGu8V4bdjOY/fGsIhxR/desZ3FuNvcyDPs1sbH1fJ4vRWPz7Z2+qO42anVR7HV3szHt3rxhP1ha5wnf8Pd2na+3Whu5LHdz/LY2o917e3Hv237/UHM0yjyfZinD4PBOMbx5l4zzmfrXh7rvUExHvNmjebeKA6LWJwu1LNOI69jY5Irfby92e7t7KXD5na/nfXSlUr1hUr1Zrm6nTWag+aNcq3buHkjXWx1RoeVB81ad7WVZa1Os1LPukvpYqteL1er6eKt5ka71kur1cr1yrXyylKxdjV99c67aaeRLo7iy+3ezul2p59uZttpfMdSuly5/uJSeqWavr22nq6/dfv22vo77996785La6+/Uhz0QFnp4vK15eVy9Vp5ubp0DOY/+r/7kPMfTDL/T4qiH2H+yWSXB/6bDxjAI3ug/w/6f+DwnfT+P0yz/x+1VPr//+9/S5P3/xP1v8e1/z/B84eJ6P8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJ5YP8x/+Vq+shC3zxfjF4uhZ4rtJIRQCiH8/g/mwukDOeeKPPP/cvz832r4Ngl5htE5zhTLuRDCarH89vRhXwUAAAB4fH310eXPYrceXxZmXRBHKd60KV34YEr5khDC/MKPU8pWGr08O6Vk+ef7VNibUrb8BtZTU0oWb7mdmla2hzI3Dh9fvD+YTyiJoXSk5QAAAEdi7kA42i4EAACAo/TprAtgNpIwfpQ5fhacf/P+/qPNswf2AQAAACdQMusCAAAAgEOX9/9+/w8AAAAeb/H3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4g537uU0ciOIA/GwwsP+0aLX3bWVvUEZKyDHHQAFpghJIC2mAGsgtJUQQYY+QHIEUiXGsoO+TPM7Y0W9mgMsbSwYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJztZ4/3v97uDRnt79MntUAAAAAp2yr9bz+Y9r0f6Trv9KlP6lfREQZEadq90GMWpmDlFOd+f/q3RyeIuqEwxjjdHyPiP/peP3d9acAAAAA12uzXM2aar1ppn1PiM/UbNqUP28y5RURUU1fMqWVh+ZvprD69z2Mu0xp9QbWJFNYs+U2PH1vlGuQtkHrlFYyWdRfYt0ruxkXAADoU7sSOFOFAAAAcAVu+54A/SiOzfE547g5pQeC31o9AAAA4Asq+p4AAAAA0Lm6/vf+PwAAALhuzfv/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NK2Ws83y9Xs3P3FB3N2+8vkWxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwBv7844CIRAGYbB3fWcy9z+sNGhobFIFwsffGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAm9/95f/E1DiTzL02lp5HkrVTY+vU2Ds3jv4wvn4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzPSwqEQBBEwZzxv5O+/2ElQc8gQgQ0PKqoRQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPBFv/vl/8TUOJPMnTaWjkeStavG1lVj70Hj6MF4+zcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXOzcP28cRRQA8Hd7t5c/gDAGuTCgIFFAQ+xLSEgJBcii4CMgWc45GC4EEhckskBuoEKu0yAoEUICmS7fIXUspQldChdGogbt3u5lkxhyiszuEv9+0uy8Pa9m3uydLD/P2gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAafedeCkp4m52mBnH5Wu39jZWsn7ngT5zY+v2fNayuPOoib55++CTb7eXqycn5ionX9WfDAAAAIdDt6zvI+JOur2U9clMXv+n5TVZzf/9M+O4rOcfrPt39jaOFl+aL+v/3369+8JkopnxPNmgq2uj4eLDqfT+oyW23rOPvKKX3/n8dy/d/A1J3t98fjfN72fn25s33+3n4ZE6sgUAHsfJsi+C8uehrB80mRgAh0avUniX9X93ptmcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOqwuxlPlXEnIuZ79+LMzt7Gyn79ja3b82U7e/36VnXMbIg0IlbXRsO0xrW03ZWr1z5ZHo2Gl+sPTkREc7MXwYdTXBPx79cUH89obhX/HHTakUajQVK8P23J5yCD8rN38CM39A0JAIAnVlq0rK6/k24vZa91ZiP++uH++v+1ShxT1v93Pzp7qzpXtf4f1LbC9ltYv/jZwpWr195Yu7h8YXhh+OmbpwZvDU6fO3Pm3EJ2rxYXViMZLjadJgAAAP9j/aJV6/9k9uH9/+OVOKas/z//bvBlda6u+n9f9zb9ms4EAADgMOpPoude+fOPzj5XdPr9+GJ5ff3yYHycnJ8aH2tN9zEdKVq1/u/ONp0VAAAAUIfdzc59+//nK3FMuf//9I8v/lwdsxsRxyIuRcTw5Mql0fn6ltNqdfyhcj5Rv+mVAgAA0JRjRavu/6f58//J5JGHJCJef3Ucl//rapr6v/ve1z9V56o+/3+6viW2UjI3vh95PxfRm2s6IwAAAJ5kR4uWFfu/p9tLH/9y/IO+5/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6vZ3AAAA//+pzDYD")
mkdir(&(0x7f0000000300)='./bus\x00', 0x106)
open(&(0x7f0000000200)='./file0\x00', 0x4008040, 0x0)
link(&(0x7f0000001240)='./file0\x00', &(0x7f0000000bc0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
creat(&(0x7f00000008c0)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x81000)
symlinkat(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', r1, &(0x7f0000000340)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')

6.142898262s ago: executing program 4 (id=1367):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket(0x2c, 0x3, 0x0)

5.922432341s ago: executing program 3 (id=1370):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000280)='./file0\x00', 0x2800000, &(0x7f0000000380)={[{@debug}, {@delalloc}, {@journal_ioprio}, {@test_dummy_encryption}, {@nodiscard}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}, {@acl}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x40}}]}, 0x1, 0xbb4, &(0x7f00000017c0)="$eJzs3M1rXOUaAPDnnHy2zb2TXi6X27tpLpdLC+I0raTYIthKxY0LQbdCQzopIdMPkkhNmsVE/wFR14IbQS1KF3bdjYJbN1q3FhdCkdgoiGjkzEeSJjNJ2k5yYvL7wZvzvvOcOe/z5DBzzgszE8CeNZD9SSMORcT5JKJQfzyNiO5qrzeiUttvYX525Jf52ZEkFhdf/jGJJCLuz8+ONI6V1LcH6oPeiPjquST+8ebaeSenZ8aHy+XSRH18bOrS1WOT0zNPjl0avli6WLp8/OTTQyeGTg6eGmpbrb9+d+bWz/994fvKbx/9fuOndz5I4kz01WMr66hX/dgGYmDpf7JSZ0QMt+H4O0FHvZ6VdSadGzwp3eKkAABoKV1xD/evKERHLN+8FeLzr3NNDgAAAGiLxY6IRQAAAGCXS6z/AQAAYJdrfA7g/vzsSKPl+4mE7XXvbET01+pfqLdapDMq1W1vdEXE/vtJrPxaa1J72mMbiIi73576NGvR5HvIW60yFxH/bnb+k2r9/fVvQq+uP42IwTbMP7Bq/Feq/0wb5s+7fgD2pttnaxeytde/dOn+J5pc/zqbXLseRd7Xv8b938Ka+7/l+jta3P+9tMk5rn/43rVWsaz+Z249/0mjZfNn28cq6iHcm4v4T2ez+pOl+pMW9Z/f5ByFP66VWsXyrn/x/Ygj0bz+hmT93yc6NjpWLg3W/jadY+7LoY9bzZ93/dn539+i/o3O/9UHjtT6R31ePXfuZqvYxvWnP3Qnr1R73fVHXh+empo4HtGdvLj28RPr19vYp3GMrP6j/1v/9d+s/uw9oVL/P2SVz9W32fiNVXM+e+P6Z+vVn6398jz/Fx7x/L+1yTn+/8XbR1vFVq5/s5bNfzeprYUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoCGNiL5I0mJEJNV+mhaLEQci4p+xPy1fmZx6YvTKa5cvZLGI/uhKR8fKpcGIKNTGSTY+Xu0vj0+sGj8VEQcj4t3Cvuq4OHKlfCHv4gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFhyICL6IkmLEZFGxEIhTYvFvLMCAAAA2q4/7wQAAACALWf9DwAAALuf9T8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABb7ODh23eSiKic3ldtme56rCvXzICtluadAJCbjrwTAHLTmXcCQG4eco3vdgF2oWSDeG/LSE/bcwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg5zpy6PadJCIqp/dVW6a7Hutq+ozD25gdsJXSvBMActOxXrBz+/IAtp+XOOxdzdf4wF6SbBDvXd6n8mCkZ8tyAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDn6au2JC1GRFrtp2mxGPG3iOiPrmR0rFwajIi/R8Q3ha6ebNyTd9IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC03eT0zPhwuVya0NHRybeT7Iw0ap2835kAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMjD5PTM+HC5XJqYzDsTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIG+T0zPjw+VyaWITnZsPs/OKTt41AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQnz8DAAD//9b4DfQ=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000059"], 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r0}, 0x0, &(0x7f00000002c0)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f0000000300)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
pipe2(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bind$inet6(r2, &(0x7f0000000400)={0xa, 0x2, 0x13, @loopback, 0x9}, 0x1c)
setsockopt$inet6_tcp_int(r2, 0x6, 0xa, 0x0, 0x0)
sendto$inet6(r2, &(0x7f0000f6f000), 0xfffffffffffffea7, 0x20000004, &(0x7f0000b63fe4)={0xa, 0x2}, 0x1c)
r6 = socket(0x10, 0x3, 0x9)
connect$netlink(r6, &(0x7f00000014c0)=@proc={0x10, 0x0, 0x25dfdbfc}, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000001c0)={&(0x7f0000000080), 0xc, &(0x7f0000000180)={&(0x7f0000000b00)=ANY=[@ANYBLOB="140000"], 0x28}}, 0x0)
creat(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x122)
syz_emit_ethernet(0x6c, &(0x7f0000000300)={@local, @local, @void, {@ipv6={0x86dd, @generic={0x0, 0x6, '\x00', 0x10, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0xd}}, @remote, {[@hopopts={0x2f, 0x1, '\x00', [@calipso={0x7, 0x0, {0x2, 0x0, 0x2, 0x2, [0x3, 0x0, 0x6, 0xa1, 0x7fffffff, 0xffffffff80000001]}}, @ra={0x5, 0x2, 0x80}]}]}}}}}, 0x0)

4.955901091s ago: executing program 1 (id=1372):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x3000000}, 0x240040d4)

4.817484197s ago: executing program 0 (id=1374):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r4}, 0x18)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002ac0)={0x1a, 0x3, &(0x7f0000000180)=@framed, &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x18, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x2008}, 0x80)

4.799169368s ago: executing program 1 (id=1375):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x75, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, 0x0, 0x800)
sendmsg$NFT_BATCH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14}}, 0x70}}, 0x24040884)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340), 0x1, 0x538, &(0x7f0000002140)="$eJzs3c9vI1cdAPDvTOLd7G6KXUCorUSpaNFuRdfeNLSNEIJygVMloByRlpB4oyh2HMVO2UQVpOI/QEggceLEBYk/AKnqgRMnVKkSXAAJBAiEYAsHxI8O8nisbhw7SXcde0k+H+nF741n3ve9sf08M57MBHBuPRERL0bETEQ8HRHlYnpapNjvpe58b995daWbksiyl/+axKViWr+ubh2zEXGlWGwuIr70+YivJYfjtnf3NpYbjfp2Ua51mlu19u7e9fXm8lp9rb65uLjw/NILS88t3cgK99XPSj/zw899+vVnvv67m3++9o1usz71oSjFQD/Gqdf1Ur4u+rrraPu3P/v1M6cRcML6r3lp2g0BAOBEutv474+Ij+bb/+WYybfmBsxMo2UAAADAuGSfmY//JBEZAAAAcGalETEfSVotzgWYjzS9UBwb+GBcThutdufjt1o7m6vd5yIqUUpvrTfqN4pzhStRSrrlheIc23752YHyYkQ8HBHfKV/Ky9WVVmN1ysc+AAAA4Ly4MrD//49ymuePN+T/BAAAAIAHV2VkAQAAADgr7PIDAADA2Te4///6lNoBAAAAnIovvPRSN2X9+1+vvrK7s9F65fpqvb1Rbe6sVFda21vVtVZrLb9mX/O4+hqt1tYnYnPndq1Tb3dq7d29m83Wzmbn5vqBW2ADAAAAE/TwR974ZRIR+5+8lKcorgMIcMAfpt0AYJxm7m2xC+NuBzB5ruIN51dp2g0Api455nkn7wAAwP+/q48e/v2/f3DfsQE4244712d1Qu0AACbH7/9wfpXu9QxA4ExII+J9vezFUfOM/P3/5yeNkmURb5bvnuL4IgAATNZ8npK0WuwHzEeaVqsRD0WklSglt9Yb9RvF/sEvyqWL3fJCvmRy7DnDAAAAAAAAAAAAAAAAAAAAAAAAAEBPliWRAQAAAGdalOJPSX41/4ir5afmB48PXEj+WY4/FoXvv/zd28udzvZCd/rf8nt5XYiIzveK6c+OvH0YAAAAMG7Jfn4vv2F6++nF48KE2wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAmff2nVdX+mmScf/y2YioDIs/G3P541yUIuLy35OYvWu5JCJmxhB//7WIeGRY/CTeybKsUrRiMH4aEZdOOX4lXzWj418ZQ3w4z97ojj8vDvv8pfFE/jj88zdbpPs1evxLi8iP5OPcsPHvoUO1NYfGeOytH9dGxn8t4rHZ4eNPf/xNRsR/8lBt/86y7HCMr355b29U/OwHEVeHfv8kB2LVOs2tWnt37/p6c3mtvlbfXFxceH7phaXnlm7Ubq036sXfoTG+/eGfvHNU/y8Pif+bX/XG36P6/9SoSgf8963bdz7Qy5aGxb/25NDv37kYET8tvvs+VuS7z1/t5/d7+bs9/qM3H4+vPDqy/6sj1v9xr/+1E/b/6S9+6/cnnBUAmID27t7GcqNR3z4iM3eCeYZnkkjivS81qcxP5x6IZrzHTPbN3is3rWb8a0z1dLdW353S79XJ67l4wnfv/WSyia3VmXgA3loHMlMdlgAAgFPw7kb/tFsCAAAAAAAAAAAAAAAAAAAA59ckLic2GHN/Ol0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjS/wIAAP//QCvhCA==")
request_key(0x0, &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0)

2.686693297s ago: executing program 0 (id=1376):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r0, 0xc02064b2, &(0x7f0000000040)={0x3, 0x6576, 0xd, 0x0, <r1=>0x0})
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$rds(0x15, 0x5, 0x0)
bind$rds(r4, &(0x7f0000000040)={0x2, 0x2, @loopback}, 0x10)
sendmsg$rds(r4, &(0x7f0000001600)={&(0x7f0000000000)={0x2, 0x0, @remote}, 0x10, 0x0}, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x18)
r6 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000080)={0x40000101, &(0x7f0000001e80)=[{0x0, 0x1000}]})
r7 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
ioctl$BTRFS_IOC_GET_SUPPORTED_FEATURES(r7, 0x4001af84, 0x0)
ioctl$VHOST_SET_OWNER(r7, 0xaf01, 0x0)
mmap(&(0x7f0000001000/0x4000)=nil, 0x4000, 0x4, 0x11, r0, 0x100000000)
ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r0, 0xc00464b4, &(0x7f00000006c0)={r1})
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x2800001, 0xc3072, 0xffffffffffffffff, 0x0)

2.674034878s ago: executing program 1 (id=1377):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0b00000007000000080000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000100000000000000fe0018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000002c0)={r0, &(0x7f0000000080), &(0x7f0000000280)=@udp}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
io_setup(0x9, &(0x7f0000000b80)=<r2=>0x0)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x3, 0x0, 0x7ff}]})
io_getevents(0x0, 0x0, 0x0, 0x0, 0x0)
io_submit(r2, 0x1, &(0x7f00000000c0)=[&(0x7f0000000000)={0x0, 0x0, 0x0, 0x5, 0x0, r3, 0x0}])

2.509900645s ago: executing program 4 (id=1378):
r0 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000080), 0x6a542, 0x0)
r1 = ioctl$LOOP_CTL_ADD(0xffffffffffffffff, 0x4c80, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r2, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
setsockopt$netlink_NETLINK_ADD_MEMBERSHIP(0xffffffffffffffff, 0x10e, 0x1, &(0x7f0000000400)=0x1, 0x4)
r7 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000840)=ANY=[@ANYBLOB="fc0000001900010000000000fcdbdf2500000000000000000000000000000000fe8000000002000000000000000000bb00000000000000000200000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="00000000000000000400000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000100000000000000440005000000000000000000"], 0xfc}, 0x1, 0x0, 0x0, 0x20008000}, 0x0)
r8 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r8, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r8, 0x0, 0x0)
ioctl$LOOP_CTL_ADD(r0, 0x4c80, r1)

2.266841115s ago: executing program 3 (id=1379):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

2.100717342s ago: executing program 3 (id=1380):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x28100, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x10003, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_NMI(r3, 0xae9a)
ioctl$KVM_RUN(r3, 0xae80, 0x0)
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r6, @ANYBLOB="0000000000000000b7020000140000e5b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r7}, 0x10)
r8 = socket$inet6(0xa, 0x2, 0x0)
r9 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r9, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
getsockname$packet(r9, &(0x7f0000000180)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r9, &(0x7f0000000380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000580)=ANY=[@ANYBLOB="640000001000370403000000ffffffff00000000", @ANYRES32=r10, @ANYBLOB="0b1b050000000000440012800b00010069703667726500003400028008000100", @ANYRES32, @ANYBLOB="14000600fe8000000000000000000000000000aa1400070000000000000000000000000000bb"], 0x64}, 0x1, 0x0, 0x0, 0x48810}, 0x4000010)
sendmmsg$inet(r8, &(0x7f0000000c00)=[{{&(0x7f0000000040)={0x2, 0x4e25, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000400)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @empty, @multicast1}}}], 0x20, 0x3f}}], 0x1, 0xc0)

1.973616297s ago: executing program 2 (id=1381):
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
listxattr(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)

1.89474062s ago: executing program 2 (id=1382):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000580), 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe2$9p(0x0, 0x44880)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
pipe(0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0xfffffff8}, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r2}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r3 = socket$tipc(0x1e, 0x5, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
ppoll(&(0x7f0000000500)=[{}], 0x1, 0x0, 0x0, 0x0)

1.876563151s ago: executing program 0 (id=1383):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)={@ifindex, 0xffffffffffffffff, 0x2f}, 0x20)
r5 = syz_open_dev$video(0x0, 0x7, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r5, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, 0x0)
gettid()
timer_create(0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000040), 0x4)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
write$P9_RSTATu(r7, &(0x7f0000000540)={0x41c, 0x7d, 0x0, {{0x500, 0x2db, 0x0, 0x5000000, {0xcdb74b01717932d9, 0x400}, 0x10000000, 0x0, 0x0, 0x8000fe, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\xff\xff\xff0\xff\xce\xbc\x92\x00\x00\x00', 0x120, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05>\x00\x1e\x00\x00\x18{\x82O^\x97\xe5p\xbeg\xb0^\xb0V\xca|=9\x00\xb5\x00\x00;Y_\xcb\x14\x03\x03\x00\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x1a\xb4\x94\xcc\xe37A\x95\xcc\x90U\xd1\xc8~x\xcdY\x96\xd9\x967\x87\xe7\xb6\x98\"l5\xf0\x17K\r\xf3\xf8\x91\xcf\x99lI\b\xe889d\x01,\xe2\x15]\xd6\xb3\xf4kb\xcay$\xeba\x13\x90\x98\xb2\"\xbc\xf4/\xeah1Z\x81ju\x16i\xd6%\xe5\xe4\xe4_\x96?\x1e\xe2\x1e\xb7N\xf3\xcd\xf9\x8f7\xb2?\r\xac\xc9\xd9\xe5\xd4\xbe\xbf\x91J\x8d,\x9f\x19fxu\xd1\r\xeb\xddkT\x03\xf6j\xe8}\x8a/\x067\xcdH\x82\x8f,W\xc3,\x19\xc3#9(O\xa5\x14\xa9#l\x1b\x17\xe7R\x93^J\xf4v\x86\xa6\xcfHC\x10\xec\xd1\xe8\x98l\x12_\xb7B\xfd2\xfc]\x87\xe0\x8aj\x8e\r\x94X\x02\xd7\x7f\x15\xb4G\t\x8b\xd5c\x9c\x0e\xba\\o\xd2\x132\xf6\xddX\x8b\x17\"=\xa7l-\xf5\x91\v_\xf9\xfc\x01\x9f\xd9&', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x157, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85+\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00\xd0\x02\xaf\x02k\x9en\r\xca\x00\x89\xfdL\xd0\x9c\xf8\r\xbb\xe9Q\xb2\x1f5y\x8b\n\xb6hx\xc0\x9d\"\x8b7\x88\\\x10\x8a\xcb\xee\xcd\xbe\x06Kz\xd8\xd79\x9f\xd5\x18j\'t\x8f$\x88\'\x06\x8f\x89\x0fOPZ\x04\xc4$\xd7%\xc8\x1exa\xe1 --\xc4\xc94\x1dWH\xff\x9eS\x9e\rIT\x8fz\x1c\xcf^\xac\x9a\xa0\x92L\a\x00\x00\x00\xf3|c\xccjn1\xa7}\x1f\xad\x05\x83h\xae\xd5\xe3\xc1M\x89\x96\x87\n\v\t\xd0l\x97\x04\x98\v\xb4GxB\xb1\xed.\x8f%\x01\xb2_\xbc\\^\xe6}\x8bnN\xc7G\xe9]\x03\xf6x\xd7\x1a-\xa34\x92\xf8\xd4\x87\xeeB|Y\xf6\xe7\ni\xa9J}\x987\xd6\x02c\xd68\aM\xfa\x04\xa4V\x04\tD\xb7\x02\"gFh\xc7D\xb7\xba\xda\xad4uXO 5|\x84 \xc1IO\x8d\r4 *\xfb5\xccVp\xe2@\xbe\xba\x96SS\xaf\xe9F\xc0\xc1\xb5\t\x1d9U\xc8\xc8_\xf1\xc7q|\n'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcf\x01.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb49\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0xffffffffffffffff, 0xee00}}, 0x41c)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002e00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48)
r8 = socket$rds(0x15, 0x5, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r8])

1.324755334s ago: executing program 1 (id=1384):
r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="02000000040000000800000001"], 0x50)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000700)={r0, <r1=>0xffffffffffffffff}, 0x4)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xa, 0x10, &(0x7f0000000740)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000020000007b8a00fe0000000087080000000000007b8af0ff00000000bda100000000000027000000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r1, @ANYBLOB="0000000000000000b704000008000000850000004900"], &(0x7f0000000440)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000007c0)={r2, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000680)="76389e6a65585578f830e9000000", 0x0, 0x10001, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50)

1.098802824s ago: executing program 3 (id=1385):
r0 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000480)=[{&(0x7f0000000000)="1400000010003507d25a806f8c6394f90324fc60", 0x14}], 0x1}, 0x0)
recvmsg$kcm(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000500)=""/4096, 0x1000}], 0x1}, 0x0)
r1 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080), 0x0, 0x0, 0x0, 0x3000000}, 0x240040d4)

1.056374345s ago: executing program 2 (id=1386):
r0 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r2}, 0x10)
close(r0)
r3 = memfd_create(&(0x7f0000000180)='[\v\xdbX\xae[\x1a\xa9\xfd\xfa\xad\xd1md\xc8\x85HX\xa9%\f\x1ae\xe0\x00\x00\x00\x00\xfb\xff\x00\x00\x81\x9eG\xd9,\xe2\xc6a\x9f\xe8\xf1\xb3\x86\xe2+Op\xd0\xa2\x82\x1eb;(\xb5\xe1jS\xd6\x91%||\xa0\x8ez\xadT\xc8\f\xe5\x89\xbf3:\x99\x1e\xac`\xc3\xcf\xd3\xae\xd2\a\x11\xa9\xa5^\xff\xf5\x95\xd2q#\xc6\xca\x97\x9d\xcb\x1e\x80\xd6\xd5%N&\xf8#\x80z8Z\xd2}\xf5\xe4\x9f5\x9b\x01\xf9t\xbb\x1er\x14\xdb\xd3\xcd\xfd\xbdnC\xecz\xabq\x95t*T9\xa9\b X \x04\"\x17\xbf\xcb\xccF\xda\xcf\xdd^\xa0\x15\xc0\xcb^h>\x1b\xb5d\xc7\x7f0\x9a&\xb0\x12#\x9c`\xa6\xed\x05\x95g\a\xccYb\xaf\xe9\xb6G?\x9f\xf5\xfe\xc1\xc0JJ\xc8\xd9d\x80\x13\x8fX\xb4\x19\xc4\\\xcb\x89-)\x90\x01\v\xac^\xdbBQ|\xaej;\x92\\\xf8u\x19Y\xee\x99EI\xf1t\xadn<\x9b\xc9\x87\xd0\xa7\x1a\x81\xb9\xc87sq\xd7\x15\xd6\x91O\x9c\x99!9>\xff\xa8\xfa\xe6=d\xcf\xca\xa9\xc61!\xc6P\x13\xd0\x88gZ\xbe\xdfl\xfa\xff\xb0m;d07tx\xbb\xabd\xe5\x16\xc4\xae\xf0', 0x0)
write$binfmt_script(r3, &(0x7f0000000340)={'#! ', './file0'}, 0xb)
execveat(r3, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000)

996.496268ms ago: executing program 4 (id=1387):
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x75, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={0x0}, 0x18)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000000a80)=ANY=[], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r4, 0x0, 0x800)
sendmsg$NFT_BATCH(r4, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)={{0x14}, [@NFT_MSG_NEWFLOWTABLE={0x48, 0x16, 0xa, 0x801, 0x0, 0x0, {0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x1c, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_DEVS={0x18, 0x3, 0x0, 0x1, [{0x14, 0x1, 'geneve0\x00'}]}]}]}], {0x14}}, 0x70}}, 0x24040884)
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340), 0x1, 0x538, &(0x7f0000002140)="$eJzs3c9vI1cdAPDvTOLd7G6KXUCorUSpaNFuRdfeNLSNEIJygVMloByRlpB4oyh2HMVO2UQVpOI/QEggceLEBYk/AKnqgRMnVKkSXAAJBAiEYAsHxI8O8nisbhw7SXcde0k+H+nF741n3ve9sf08M57MBHBuPRERL0bETEQ8HRHlYnpapNjvpe58b995daWbksiyl/+axKViWr+ubh2zEXGlWGwuIr70+YivJYfjtnf3NpYbjfp2Ua51mlu19u7e9fXm8lp9rb65uLjw/NILS88t3cgK99XPSj/zw899+vVnvv67m3++9o1usz71oSjFQD/Gqdf1Ur4u+rrraPu3P/v1M6cRcML6r3lp2g0BAOBEutv474+Ij+bb/+WYybfmBsxMo2UAAADAuGSfmY//JBEZAAAAcGalETEfSVotzgWYjzS9UBwb+GBcThutdufjt1o7m6vd5yIqUUpvrTfqN4pzhStRSrrlheIc23752YHyYkQ8HBHfKV/Ky9WVVmN1ysc+AAAA4Ly4MrD//49ymuePN+T/BAAAAIAHV2VkAQAAADgr7PIDAADA2Te4///6lNoBAAAAnIovvPRSN2X9+1+vvrK7s9F65fpqvb1Rbe6sVFda21vVtVZrLb9mX/O4+hqt1tYnYnPndq1Tb3dq7d29m83Wzmbn5vqBW2ADAAAAE/TwR974ZRIR+5+8lKcorgMIcMAfpt0AYJxm7m2xC+NuBzB5ruIN51dp2g0Api455nkn7wAAwP+/q48e/v2/f3DfsQE4244712d1Qu0AACbH7/9wfpXu9QxA4ExII+J9vezFUfOM/P3/5yeNkmURb5bvnuL4IgAATNZ8npK0WuwHzEeaVqsRD0WklSglt9Yb9RvF/sEvyqWL3fJCvmRy7DnDAAAAAAAAAAAAAAAAAAAAAAAAAEBPliWRAQAAAGdalOJPSX41/4ir5afmB48PXEj+WY4/FoXvv/zd28udzvZCd/rf8nt5XYiIzveK6c+OvH0YAAAAMG7Jfn4vv2F6++nF48KE2wUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAmff2nVdX+mmScf/y2YioDIs/G3P541yUIuLy35OYvWu5JCJmxhB//7WIeGRY/CTeybKsUrRiMH4aEZdOOX4lXzWj418ZQ3w4z97ojj8vDvv8pfFE/jj88zdbpPs1evxLi8iP5OPcsPHvoUO1NYfGeOytH9dGxn8t4rHZ4eNPf/xNRsR/8lBt/86y7HCMr355b29U/OwHEVeHfv8kB2LVOs2tWnt37/p6c3mtvlbfXFxceH7phaXnlm7Ubq036sXfoTG+/eGfvHNU/y8Pif+bX/XG36P6/9SoSgf8963bdz7Qy5aGxb/25NDv37kYET8tvvs+VuS7z1/t5/d7+bs9/qM3H4+vPDqy/6sj1v9xr/+1E/b/6S9+6/cnnBUAmID27t7GcqNR3z4iM3eCeYZnkkjivS81qcxP5x6IZrzHTPbN3is3rWb8a0z1dLdW353S79XJ67l4wnfv/WSyia3VmXgA3loHMlMdlgAAgFPw7kb/tFsCAAAAAAAAAAAAAAAAAAAA59ckLic2GHN/Ol0FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADjS/wIAAP//QCvhCA==")
request_key(0x0, &(0x7f0000000380)={'syz', 0x3}, 0x0, 0x0)

996.015188ms ago: executing program 0 (id=1388):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
socket$xdp(0x2c, 0x3, 0x0)
socket(0x2c, 0x3, 0x0)

934.740471ms ago: executing program 3 (id=1389):
syz_mount_image$ext4(&(0x7f00000003c0)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f0000000580)={[{@orlov}, {@min_batch_time={'min_batch_time', 0x3d, 0x4}}]}, 0x1, 0x5d8, &(0x7f0000000c00)="$eJzs3c9vFFUcAPDvbH/QUrSFGBUP0sQYSJSWFjDEeICrIQ3+iBcvVloQKdDQGi2aUBK8mBgvxph48iD+F0rkyklPHrx4MiREDUcT18x2pnTb2ZYubacyn0+y9M17O7w33X773r6+NxtAZQ2m/9Qi9kbEdBLRn8wvlnVGVji48Lx7f39yOn0kUa+/8WcSSZaXPz/JvvZlJ/dExM8/JbGnY2W9M3NXzo9PTU1ezo6HZy9MD8/MXTl47sL42cmzkxdHXxo9dvTI0WMjh9q6rqsFeSevv/9h/2djb3/3zT/JyPe/jSVxPF7Nnrj0OjbKYAw2vifJyqK+YxtdWUk6sp+TpS9x0llig1iX/PXrioinoj864v6L1x+fvlZq44BNVU8i6kBFJeIfKiofB+Tv7Ze/D66VMioBtsLdEwsTACvjv3NhbjB6GnMDO+8lsXRaJ4mI9mbmmu2KiNu3xq6fuTV2PTZpHg4oNn8tIp4uiv+kEf8D0RMDjfivNcV/Oi44lX1N819vs/7lU8XiH7bOQvz3rBr/0SL+31kS/++2Wf/g/eR7vU3x39vuJQEAAAAAAEBl3TwRES8W/f2/trj+JwrW//RFxPENqH9w2fHKv//X7mxANUCBuyciXilc/1vLV/8OdGSpxxrrAbqSM+emJg9FxOMRcSC6dqTHI6vUcfDzPV+3KhvM1v/lj7T+29lawKwddzp3NJ8zMT47/rDXDUTcvRbxTOH632Sx/08K+v/098H0A9ax5/kbp1qVrR3/wGapfxuxv7D/v3/XimT1+3MMN8YDw/moYKVnP/7ih1b1txv/bjEBDy/t/3euHv8DydL79cysv47Dc531VmXtjv+7kzcbt5zpzvI+Gp+dvTwS0Z2c7Ehzm/JH199meBTl8ZDHSxr/B55bff6vaPzfGxHzy/7v5K/mPcW5J//t+71Ve4z/oTxp/E+sq/9ff2L0xsCPrep/sP7/SKOvP5DlmP+DBV/lYdrdnF8Qjp1FRVvdXgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4FNQiYlcktaHFdK02NBTRFxFPxM7a1KWZ2RfOXPrg4kRa1vj8/1r+Sb/9C8dJ/vn/A0uOR5cdH46I3RHxZUdv43jo9KWpibIvHgAAAAAAAAAAAAAAAAAAALaJvhb7/1N/dJTdOmDTdZbdAKA0BfH/SxntALae/h+qS/xDdYl/qC7xD9Ul/qG6xD9Ul/iH6hL/AAAAAADwSNm97+avSUTMv9zbeKS6s7KuUlsGbLZa2Q0ASuMWP1Bdlv5AdXmPDyRrlPe0PGmtM1czffohTgYAAAAAAAAAAACAytm/1/5/qCr7/6G67P+H6sr3/+8ruR3A1vMeH4g1dvIX7v9f8ywAAAAAAAAAAAAAYCPNzF05Pz41NXlZ4q3t0YytTNTr9avpT8F2ac//PJEvhd8u7VmWyPf6PdhZ5f1OAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAmv0XAAD//xYSJMU=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x663c0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

934.369531ms ago: executing program 1 (id=1390):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000016000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000660000000000"], 0x0, 0x7ff}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00', r1}, 0x10)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

820.323825ms ago: executing program 1 (id=1391):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r3 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
r4 = fsmount(r3, 0x0, 0x82)
fchdir(r4)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x2)
unlinkat(r4, &(0x7f0000000140)='./file0\x00', 0x200)

819.825885ms ago: executing program 2 (id=1392):
socket$inet6(0xa, 0x2, 0x0)
r0 = socket(0x10, 0x803, 0x0)
sendmsg$SMC_PNETID_GET(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000001c0)={0x0, 0x14}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r1, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x2, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r3}, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r4, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)={0x1c, r5, 0x9c3fa077fa966179, 0x0, 0x0, {{0x7e}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x4008084}, 0x0)

576.542356ms ago: executing program 0 (id=1393):
syz_mount_image$ext4(0x0, &(0x7f0000000140)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, &(0x7f0000000000))
pipe2$9p(&(0x7f0000000240)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x800)
write$P9_RVERSION(r1, &(0x7f0000000080)=ANY=[@ANYBLOB="1500000065ffff097b000008003950323030302e4c"], 0x15)
r2 = dup(r1)
write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18)
write$FUSE_DIRENTPLUS(r2, &(0x7f0000002c00)=ANY=[@ANYBLOB="b0"], 0xb0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r2, @ANYBLOB])

208.205801ms ago: executing program 2 (id=1394):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
unlink(0x0)

142.882274ms ago: executing program 0 (id=1395):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000300)={'pim6reg1\x00', 0x1})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16000000000000000400000001"], 0x50)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0, 0x0, 0x0, 0x0, 0x41100}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='qdisc_destroy\x00', r2}, 0x10)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000100)={'pim6reg1\x00', @link_local})
close(r0)

127.454615ms ago: executing program 4 (id=1396):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000980)=ANY=[@ANYBLOB="0a00000004000000e27f000001"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="05000000080000005c0a00007b00000001000000", @ANYRES32=0x1, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/24], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000400)={{r0}, &(0x7f0000000080), &(0x7f0000000280)=r1}, 0x20)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000000c0), &(0x7f0000000140), 0xca, r2}, 0x38)

89.244726ms ago: executing program 2 (id=1397):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmsg$tipc(r0, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000000)={{r1}, &(0x7f0000000580), 0x0}, 0x20)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe2$9p(0x0, 0x44880)
write$P9_RVERSION(0xffffffffffffffff, 0x0, 0x15)
mkdir(&(0x7f0000000300)='./file0\x00', 0xfffffffffffffffe)
pipe(0x0)
r2 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000180)={0xfffffff8}, 0x8)
bpf$TOKEN_CREATE(0x24, &(0x7f0000000200)={0x0, r2}, 0x8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18)
r3 = socket$tipc(0x1e, 0x5, 0x0)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f00000007c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r4, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000030000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000))
pselect6(0x40, &(0x7f00000001c0)={0x2, 0x0, 0x3, 0xfffffffffffffffd, 0x3, 0x0, 0x0, 0xe}, 0x0, &(0x7f0000000300)={0x3ff, 0x7e7, 0x0, 0x9, 0x4, 0x0, 0x7fffffff, 0x3f8}, 0x0, 0x0)
sendmsg$tipc(r3, &(0x7f00000002c0)={&(0x7f0000000080)=@nameseq={0x1e, 0x2, 0x0, {0x41}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x480c0}, 0x0)
ppoll(&(0x7f0000000500)=[{}], 0x1, 0x0, 0x0, 0x0)

54.563968ms ago: executing program 4 (id=1398):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000008c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x2, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000005a000000850000002200000018010000202070250000000000202020010000"], 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1c, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000070000001801000020756c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000"], 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x52)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_deliver\x00', r0}, 0x10)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000850000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='signal_deliver\x00', r1}, 0x10)
syz_open_procfs$namespace(0x0, 0xfffffffffffffffe)

0s ago: executing program 3 (id=1399):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000001000)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000002100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000380)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020000000000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b7030000000000008500000006000000"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={0x0, r3}, 0x18)
r4 = socket$nl_rdma(0x10, 0x3, 0x14)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000300)={@ifindex, 0xffffffffffffffff, 0x2f}, 0x20)
r5 = syz_open_dev$video(0x0, 0x7, 0x0)
ioctl$VIDIOC_TRY_EXT_CTRLS(r5, 0xc0205647, &(0x7f0000000100)={0xf000000, 0x8, 0x0, 0xffffffffffffffff, 0x0, 0x0})
ioctl$sock_SIOCETHTOOL(r4, 0x8946, 0x0)
gettid()
timer_create(0x0, 0x0, 0x0)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_TCP_ULP(r6, 0x6, 0x1f, &(0x7f0000000040), 0x4)
r7 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x149002, 0x0)
write$P9_RSTATu(r7, &(0x7f0000000540)={0x41c, 0x7d, 0x0, {{0x500, 0x2db, 0x0, 0x5000000, {0xcdb74b01717932d9, 0x400}, 0x10000000, 0x0, 0x0, 0x8000fe, 0x1f, '\x04nodev{cvfox\x92\xff\xff\xff\x81\x02\x00\x00\xff\xff\xff0\xff\xce\xbc\x92\x00\x00\x00', 0x120, 'pJ\x86\xce\xc6\x02\x00}\xfag>\xff\xeb\t\xb55\x1f[\xde\x05>\x00\x1e\x00\x00\x18{\x82O^\x97\xe5p\xbeg\xb0^\xb0V\xca|=9\x00\xb5\x00\x00;Y_\xcb\x14\x03\x03\x00\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x1a\xb4\x94\xcc\xe37A\x95\xcc\x90U\xd1\xc8~x\xcdY\x96\xd9\x967\x87\xe7\xb6\x98\"l5\xf0\x17K\r\xf3\xf8\x91\xcf\x99lI\b\xe889d\x01,\xe2\x15]\xd6\xb3\xf4kb\xcay$\xeba\x13\x90\x98\xb2\"\xbc\xf4/\xeah1Z\x81ju\x16i\xd6%\xe5\xe4\xe4_\x96?\x1e\xe2\x1e\xb7N\xf3\xcd\xf9\x8f7\xb2?\r\xac\xc9\xd9\xe5\xd4\xbe\xbf\x91J\x8d,\x9f\x19fxu\xd1\r\xeb\xddkT\x03\xf6j\xe8}\x8a/\x067\xcdH\x82\x8f,W\xc3,\x19\xc3#9(O\xa5\x14\xa9#l\x1b\x17\xe7R\x93^J\xf4v\x86\xa6\xcfHC\x10\xec\xd1\xe8\x98l\x12_\xb7B\xfd2\xfc]\x87\xe0\x8aj\x8e\r\x94X\x02\xd7\x7f\x15\xb4G\t\x8b\xd5c\x9c\x0e\xba\\o\xd2\x132\xf6\xddX\x8b\x17\"=\xa7l-\xf5\x91\v_\xf9\xfc\x01\x9f\xd9&', 0x12, '\xcf\xc2\x00\x10\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf3\x13\xf6\x00', 0x157, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85+\x9a\xc6[\x94\bg\x8c,;\x9e\x1dR\xc3l\xde{\xa4\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8R\x9aE\x1b4\a\xdb\xda\xb2\x88K\xaf\x05\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\x9c\x1c\xbe6\xf4\xfd\x1aL\xc2\x80\xe8\xd4\x89\xdad\x9a7\x00\xd0\x02\xaf\x02k\x9en\r\xca\x00\x89\xfdL\xd0\x9c\xf8\r\xbb\xe9Q\xb2\x1f5y\x8b\n\xb6hx\xc0\x9d\"\x8b7\x88\\\x10\x8a\xcb\xee\xcd\xbe\x06Kz\xd8\xd79\x9f\xd5\x18j\'t\x8f$\x88\'\x06\x8f\x89\x0fOPZ\x04\xc4$\xd7%\xc8\x1exa\xe1 --\xc4\xc94\x1dWH\xff\x9eS\x9e\rIT\x8fz\x1c\xcf^\xac\x9a\xa0\x92L\a\x00\x00\x00\xf3|c\xccjn1\xa7}\x1f\xad\x05\x83h\xae\xd5\xe3\xc1M\x89\x96\x87\n\v\t\xd0l\x97\x04\x98\v\xb4GxB\xb1\xed.\x8f%\x01\xb2_\xbc\\^\xe6}\x8bnN\xc7G\xe9]\x03\xf6x\xd7\x1a-\xa34\x92\xf8\xd4\x87\xeeB|Y\xf6\xe7\ni\xa9J}\x987\xd6\x02c\xd68\aM\xfa\x04\xa4V\x04\tD\xb7\x02\"gFh\xc7D\xb7\xba\xda\xad4uXO 5|\x84 \xc1IO\x8d\r4 *\xfb5\xccVp\xe2@\xbe\xba\x96SS\xaf\xe9F\xc0\xc1\xb5\t\x1d9U\xc8\xc8_\xf1\xc7q|\n'}, 0x12c, 'odev-n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcf\x01.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb49\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0xffffffffffffffff, 0xee00}}, 0x41c)
openat$audio(0xffffffffffffff9c, &(0x7f0000000180), 0x400, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x1, 0x3, &(0x7f0000001fd8)=ANY=[@ANYBLOB="850000002e00000084000000000000009500000000000000"], &(0x7f0000000180)='GPL\x00'}, 0x48)
r8 = socket$rds(0x15, 0x5, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1)
r9 = openat$fuse(0xffffffffffffff9c, &(0x7f00000003c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYRESHEX=r9, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=r8])

kernel console output (not intermixed with test programs):

 has 1 interface, different from the descriptor's value: 9
[  204.194799][ T5598] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  204.206045][ T5598] usb 5-1: config 0 interface 0 has no altsetting 0
[  204.295120][ T5598] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 9
[  204.304566][ T5598] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  204.317201][ T5598] usb 5-1: config 0 interface 0 has no altsetting 0
[  204.321427][   T26] usb 1-1: USB disconnect, device number 2
[  204.323895][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  204.339407][   T26] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  204.451182][ T4844] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  204.491159][ T5598] usb 5-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  204.500305][ T5598] usb 5-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  204.508841][ T5598] usb 5-1: Product: syz
[  204.513088][ T5598] usb 5-1: Manufacturer: syz
[  204.517681][ T5598] usb 5-1: SerialNumber: syz
[  204.524338][ T5675] udc-core: couldn't find an available UDC or it's busy
[  204.531765][ T5675] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  204.539838][ T5598] usb 5-1: config 0 descriptor??
[  204.593284][ T5598] yurex 5-1:0.0: USB YUREX device now attached to Yurex #0
[  204.701016][ T4844] usb 3-1: Using ep0 maxpacket: 8
[  204.832284][ T4844] usb 3-1: config index 0 descriptor too short (expected 301, got 45)
[  204.840498][ T4844] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  204.858751][ T4844] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  204.868962][ T4844] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  204.879288][ T4844] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  204.900463][ T4844] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  204.910863][ T4844] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  205.001039][    C0] usb 5-1: yurex_control_callback - control failed: -2
[  205.022537][   T26] usb 5-1: USB disconnect, device number 3
[  205.049239][   T26] yurex 5-1:0.0: USB YUREX #0 now disconnected
[  205.301249][ T4844] usb 3-1: GET_CAPABILITIES returned 0
[  205.306929][ T4844] usbtmc 3-1:16.0: can't read capabilities
[  205.944854][ T5673] udc-core: couldn't find an available UDC or it's busy
[  206.031128][ T5673] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  206.040847][ T5598] usb 3-1: USB disconnect, device number 2
[  206.080896][    T7] usb 4-1: USB disconnect, device number 4
[  206.125761][ T4305] usb 2-1: USB disconnect, device number 3
[  206.461277][ T5075] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  206.511591][ T4844] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  206.801228][ T5075] usb 5-1: Using ep0 maxpacket: 8
[  206.942178][ T4844] usb 1-1: config 0 has an invalid interface number: 53 but max is 0
[  206.942223][ T5075] usb 5-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  206.961007][ T5075] usb 5-1: config 16 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 3
[  206.979461][ T5075] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  207.045669][ T4844] usb 1-1: config 0 has no interface number 0
[  207.052284][ T5075] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.060673][ T4844] usb 1-1: config 0 interface 53 has no altsetting 0
[  207.133729][ T5075] usbtmc 5-1:16.0: bulk endpoints not found
[  207.201148][ T5598] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  207.241114][ T4844] usb 1-1: New USB device found, idVendor=15a4, idProduct=9020, bcdDevice= 4.6e
[  207.250174][ T4844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  207.258530][ T4844] usb 1-1: Product: syz
[  207.263153][ T4844] usb 1-1: Manufacturer: syz
[  207.267751][ T4844] usb 1-1: SerialNumber: syz
[  207.281420][ T4844] usb 1-1: config 0 descriptor??
[  207.329098][ T5703] overlayfs: failed to resolve './file1': -2
[  207.526726][    T7] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  207.572833][ T4844] af9005: boot packet bulk message failed: -22 (252/0)
[  207.579738][ T4844] dvb-usb: found a 'Afatech DVB-T USB1.1 stick' in cold state, will try to load a firmware
[  207.666005][ T4261] hid-generic FFFF:0008:0003.0006: item fetching failed at offset 0/2
[  207.790179][ T4261] hid-generic: probe of FFFF:0008:0003.0006 failed with error -22
[  207.798755][    T7] usb 4-1: Using ep0 maxpacket: 32
[  207.951920][    T7] usb 4-1: config 2 has an invalid descriptor of length 0, skipping remainder of the config
[  208.192038][    T7] usb 4-1: New USB device found, idVendor=3344, idProduct=22f0, bcdDevice=ef.4d
[  208.250636][    T7] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  208.276776][    T7] usb 4-1: Product: syz
[  208.306640][ T4844] usb 1-1: Direct firmware load for af9005.fw failed with error -2
[  208.315378][ T4844] usb 1-1: Falling back to sysfs fallback for: af9005.fw
[  208.329004][    T7] usb 4-1: Manufacturer: syz
[  208.350003][    T7] usb 4-1: SerialNumber: syz
[  208.568648][ T5713] loop0: detected capacity change from 0 to 40427
[  208.629666][ T5713] F2FS-fs (loop0): invalid crc value
[  208.636851][ T5713] F2FS-fs (loop0): Found nat_bits in checkpoint
[  208.669419][ T5713] F2FS-fs (loop0): Start checkpoint disabled!
[  208.680029][ T5713] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  208.681314][    T7] usb 4-1: selecting invalid altsetting 1
[  208.694718][ T4234] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  208.892337][    T7] LME2510(C): Firmware Status: 00 00 00 00 00 00
[  208.892423][    T7] dvb_usb_lmedm04: probe of 4-1:2.0 failed with error -22
[  208.938534][ T4322] attempt to access beyond end of device
[  208.938534][ T4322] loop0: rw=2049, want=40968, limit=40427
[  209.091665][ T4234] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  209.132326][ T4234] usb 2-1: config 0 has no interfaces?
[  209.149560][ T4234] usb 2-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  209.154363][ T5075] usb 4-1: USB disconnect, device number 5
[  209.198047][ T4234] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.212531][    T7] usb 5-1: USB disconnect, device number 4
[  209.225818][ T4234] usb 2-1: config 0 descriptor??
[  209.659767][ T5727] fuse: Bad value for 'fd'
[  209.821022][ T4863] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  209.854626][ T5716] udc-core: couldn't find an available UDC or it's busy
[  209.862206][ T5716] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  209.874311][    T7] usb 2-1: USB disconnect, device number 4
[  211.627587][ T5742] overlayfs: failed to resolve './file1': -2
[  211.905762][ T5074] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  211.926096][ T4863] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  211.941013][ T4863] usb 3-1: New USB device found, idVendor=046d, idProduct=c090, bcdDevice= 0.00
[  211.950344][ T4863] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  211.961771][ T4863] usb 3-1: config 0 descriptor??
[  212.082760][ T4234] hid-generic FFFF:0008:0003.0007: item fetching failed at offset 0/2
[  212.118365][ T4234] hid-generic: probe of FFFF:0008:0003.0007 failed with error -22
[  212.291253][    T7] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  212.501820][ T4863] usbhid 3-1:0.0: can't add hid device: -71
[  212.534405][ T4863] usbhid: probe of 3-1:0.0 failed with error -71
[  212.551008][    T7] usb 2-1: Using ep0 maxpacket: 8
[  212.638136][ T4863] usb 3-1: USB disconnect, device number 4
[  212.671461][    T7] usb 2-1: config 0 has an invalid interface number: 122 but max is 0
[  212.679653][    T7] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  212.718692][    T7] usb 2-1: config 0 has no interface number 0
[  212.725716][    T7] usb 2-1: config 0 interface 122 altsetting 0 endpoint 0xA has invalid maxpacket 512, setting to 64
[  212.742148][    T7] usb 2-1: config 0 interface 122 altsetting 0 bulk endpoint 0x8 has invalid maxpacket 8
[  212.757147][    T7] usb 2-1: config 0 interface 122 altsetting 0 bulk endpoint 0x88 has invalid maxpacket 1023
[  212.797398][    T7] usb 2-1: config 0 interface 122 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  212.810749][    T7] usb 2-1: config 0 interface 122 altsetting 0 endpoint 0xF has invalid wMaxPacketSize 0
[  212.826694][    T7] usb 2-1: config 0 interface 122 altsetting 0 has 6 endpoint descriptors, different from the interface descriptor's value: 8
[  212.881158][ T5074] usb 4-1: Using ep0 maxpacket: 32
[  212.908898][ T5757] loop2: detected capacity change from 0 to 512
[  212.981569][ T5757] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  212.990109][ T5757] EXT4-fs (loop2): orphan cleanup on readonly fs
[  212.991220][    T7] usb 2-1: New USB device found, idVendor=1286, idProduct=2046, bcdDevice= 5.b7
[  212.999421][ T5757] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  213.009669][    T7] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.019467][ T5757] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  213.031405][    T7] usb 2-1: Product: syz
[  213.037879][ T5074] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has an invalid bInterval 128, changing to 11
[  213.046005][    T7] usb 2-1: Manufacturer: syz
[  213.053353][ T5074] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x9 has invalid wMaxPacketSize 0
[  213.060882][    T7] usb 2-1: SerialNumber: syz
[  213.067384][ T5757] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  213.083887][ T5074] usb 4-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xB7, skipping
[  213.102300][    T7] usb 2-1: config 0 descriptor??
[  213.111633][ T4234] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  213.121629][ T5749] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  213.128858][ T5749] raw-gadget.3 gadget: fail, usb_ep_enable returned -22
[  213.264008][ T5074] usb 4-1: New USB device found, idVendor=0e6f, idProduct=582c, bcdDevice=31.68
[  213.273182][ T5074] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.284248][ T5074] usb 4-1: Product: syz
[  213.288402][ T5074] usb 4-1: Manufacturer: syz
[  213.293019][ T5074] usb 4-1: SerialNumber: syz
[  213.299119][ T5074] usb 4-1: config 0 descriptor??
[  213.351044][ T4234] usb 5-1: Using ep0 maxpacket: 8
[  213.381652][    T7] usb 2-1: NFC: intf ffff88802b6f5000 id ffffffff8c94ad60
[  213.402304][    T7] nfcmrvl 2-1:0.122: NFC: registered with nci successfully
[  213.422335][    T7] usb 2-1: USB disconnect, device number 5
[  213.430240][    T7] usb 2-1: NFC: intf ffff88802b6f5000
[  213.567969][ T1336] usb 4-1: USB disconnect, device number 6
[  213.661159][ T4234] usb 5-1: New USB device found, idVendor=0867, idProduct=9812, bcdDevice=94.07
[  213.671260][ T4234] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.679257][ T4234] usb 5-1: Product: syz
[  213.683440][ T4234] usb 5-1: Manufacturer: syz
[  213.688031][ T4234] usb 5-1: SerialNumber: syz
[  213.695025][ T4234] usb 5-1: config 0 descriptor??
[  213.738735][ T4234] comedi comedi5: Wrong number of endpoints
[  213.744831][ T4234] dt9812 5-1:0.0: driver 'dt9812' failed to auto-configure device.
[  213.903585][ T5074] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  214.147831][ T1336] usb 5-1: USB disconnect, device number 5
[  215.205087][ T5074] usb 3-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  215.213974][ T5074] usb 3-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  215.224231][ T5074] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  215.233265][ T5074] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  215.244459][ T5074] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  215.622034][ T5074] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  215.652778][ T5074] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  215.715027][ T5074] usb 3-1: Product: syz
[  215.972688][ T5074] usb 3-1: Manufacturer: syz
[  216.018777][ T5785] overlayfs: failed to resolve './file1': -2
[  216.052356][ T5074] cdc_wdm 3-1:1.0: skipping garbage
[  216.064214][ T5074] cdc_wdm 3-1:1.0: skipping garbage
[  216.091294][ T5074] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  216.097229][ T5074] cdc_wdm 3-1:1.0: Unknown control protocol
[  216.171028][    T7] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  216.310400][ T5765] udc-core: couldn't find an available UDC or it's busy
[  216.338476][ T5765] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  216.393159][ T4234] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  216.541379][    T7] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  216.544342][ T5790] loop0: detected capacity change from 0 to 65536
[  216.555596][    T7] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  216.570231][    T7] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  216.584351][    T7] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  216.612311][    T7] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  216.629482][ T5790] XFS (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  216.629600][ T5598] usb 3-1: USB disconnect, device number 5
[  216.638669][ T5790] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  216.666860][ T5790] XFS (loop0): Mounting V5 Filesystem
[  216.699431][ T5790] XFS (loop0): Ending clean mount
[  216.705958][ T5790] XFS (loop0): Quotacheck needed: Please wait.
[  216.751499][    T7] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  216.760722][    T7] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  216.765572][ T5790] XFS (loop0): Quotacheck: Done.
[  216.769076][    T7] usb 4-1: Product: syz
[  216.778265][ T4234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  216.806196][    T7] usb 4-1: Manufacturer: syz
[  216.814160][ T1336] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  216.835125][ T4234] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  216.845862][ T4234] usb 5-1: New USB device found, idVendor=0d8c, idProduct=0022, bcdDevice= 0.00
[  216.855589][ T4234] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  216.865112][ T4234] usb 5-1: config 0 descriptor??
[  216.877183][    T7] cdc_wdm 4-1:1.0: skipping garbage
[  216.883958][    T7] cdc_wdm 4-1:1.0: skipping garbage
[  216.890377][ T4186] XFS (loop0): Unmounting Filesystem
[  216.893931][    T7] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  216.904986][    T7] cdc_wdm 4-1:1.0: Unknown control protocol
[  217.181281][ T5598] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  217.575757][   T26] usb 4-1: USB disconnect, device number 7
[  217.580981][    C0] cdc_wdm 4-1:1.0: Unexpected error -71
[  217.588487][    C0] cdc_wdm 4-1:1.0: nonzero urb status received: -71
[  217.588678][ T5788] udc-core: couldn't find an available UDC or it's busy
[  217.595290][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - 0 bytes
[  217.608159][    C0] cdc_wdm 4-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  217.701298][ T5788] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  217.917914][ T4234] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  217.927144][ T4234] cm6533_jd 0003:0D8C:0022.0008: unknown main item tag 0x0
[  217.939359][ T4234] input: HID 0d8c:0022 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:0D8C:0022.0008/input/input7
[  217.943330][ T5788] udc-core: couldn't find an available UDC or it's busy
[  217.973877][ T4234] cm6533_jd 0003:0D8C:0022.0008: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 0d8c:0022] on usb-dummy_hcd.4-1/input0
[  217.991240][ T5788] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  218.041390][ T1336] usb 2-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[  218.053294][ T1336] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.067378][ T1336] usb 2-1: Product: syz
[  218.072913][ T4234] usb 5-1: USB disconnect, device number 6
[  218.081765][ T1336] usb 2-1: Manufacturer: syz
[  218.086576][ T1336] usb 2-1: SerialNumber: syz
[  218.126488][ T1336] r8152-cfgselector 2-1: config 0 descriptor??
[  218.193670][ T5814] fido_id[5814]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  218.697468][ T5793] udc-core: couldn't find an available UDC or it's busy
[  218.733991][ T5793] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  218.971519][ T1336] r8152-cfgselector 2-1: Unknown version 0x0000
[  218.989626][ T1336] r8152-cfgselector 2-1: bad CDC descriptors
[  219.063323][ T1336] r8152-cfgselector 2-1: Unknown version 0x0000
[  219.168233][ T1336] r8152-cfgselector 2-1: USB disconnect, device number 6
[  219.180715][ T5833] overlayfs: failed to resolve './file0': -2
[  219.287129][ T5835] tipc: Started in network mode
[  219.292553][ T5835] tipc: Node identity ac14140f, cluster identity 4711
[  219.311273][ T5835] tipc: New replicast peer: 255.255.255.83
[  219.319690][ T5835] tipc: Enabled bearer <udp:£>, priority 10
[  220.353955][ T5844] netlink: 'syz.1.367': attribute type 10 has an invalid length.
[  220.393198][ T4174] tipc: Node number set to 2886997007
[  220.537803][ T5844] netlink: 40 bytes leftover after parsing attributes in process `syz.1.367'.
[  220.844900][ T5848] loop3: detected capacity change from 0 to 40427
[  221.467289][ T5844] team0: Port device geneve0 added
[  221.482021][ T5856] netlink: 'syz.2.370': attribute type 10 has an invalid length.
[  221.520374][ T5848] F2FS-fs (loop3): invalid crc value
[  221.539842][ T5848] F2FS-fs (loop3): Found nat_bits in checkpoint
[  221.579396][ T5848] F2FS-fs (loop3): Start checkpoint disabled!
[  221.625976][ T5856] team0: Port device vlan0 added
[  221.637738][ T5848] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  221.754693][ T5868] device batadv0 entered promiscuous mode
[  222.001949][ T5880] overlayfs: failed to resolve './file0': -2
[  222.054323][ T5881] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  222.417550][ T4370] attempt to access beyond end of device
[  222.417550][ T4370] loop3: rw=2049, want=40968, limit=40427
[  223.513536][ T5902] netlink: 'syz.1.384': attribute type 8 has an invalid length.
[  223.539148][ T5900] can: request_module (can-proto-4) failed.
[  223.541488][ T5902] netlink: 'syz.1.384': attribute type 7 has an invalid length.
[  223.577171][ T5902] netlink: 198628 bytes leftover after parsing attributes in process `syz.1.384'.
[  223.732996][ T5905] loop4: detected capacity change from 0 to 2048
[  223.799235][ T5915] overlayfs: failed to resolve './file0': -2
[  223.818194][ T5920] netlink: 4 bytes leftover after parsing attributes in process `syz.1.391'.
[  225.152101][ T5921] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  227.191645][ T5942] netlink: 'syz.1.400': attribute type 21 has an invalid length.
[  228.242170][ T5964] netlink: 4 bytes leftover after parsing attributes in process `syz.1.407'.
[  231.950787][ T6001] loop0: detected capacity change from 0 to 512
[  232.076346][ T6001] EXT4-fs (loop0): revision level too high, forcing read-only mode
[  232.085291][ T6001] EXT4-fs (loop0): orphan cleanup on readonly fs
[  232.093325][ T6001] EXT4-fs error (device loop0): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  232.108131][ T6001] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  232.120529][ T6001] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  234.325720][ T6045] netlink: 'syz.2.431': attribute type 12 has an invalid length.
[  234.368627][ T6045] netlink: 132 bytes leftover after parsing attributes in process `syz.2.431'.
[  240.119484][ T6109] netlink: 'syz.3.454': attribute type 29 has an invalid length.
[  240.141120][ T6109] netlink: 44 bytes leftover after parsing attributes in process `syz.3.454'.
[  240.150500][ T6109] netlink: 'syz.3.454': attribute type 29 has an invalid length.
[  240.153848][ T6101] loop2: detected capacity change from 0 to 2048
[  240.269688][ T6112] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  240.293493][ T6109] netlink: 44 bytes leftover after parsing attributes in process `syz.3.454'.
[  242.477037][ T6157] loop0: detected capacity change from 0 to 2048
[  242.591814][ T6163] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  244.853580][ T6190] netlink: 'syz.1.478': attribute type 10 has an invalid length.
[  244.965602][ T6190] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[  245.086009][ T6194] overlayfs: missing 'lowerdir'
[  245.465322][ T6199] loop4: detected capacity change from 0 to 40427
[  245.544067][ T6199] F2FS-fs (loop4): invalid crc value
[  245.568950][ T6199] F2FS-fs (loop4): Found nat_bits in checkpoint
[  245.610567][ T6199] F2FS-fs (loop4): Start checkpoint disabled!
[  245.639499][ T6199] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  245.847864][  T144] attempt to access beyond end of device
[  245.847864][  T144] loop4: rw=2049, want=40976, limit=40427
[  247.154570][ T6231] overlayfs: missing 'lowerdir'
[  247.287219][   T25] kauditd_printk_skb: 2 callbacks suppressed
[  247.287232][   T25] audit: type=1326 audit(1763785406.993:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  247.323909][ T6238] netlink: 60 bytes leftover after parsing attributes in process `syz.3.495'.
[  247.331567][ T4174] Bluetooth: hci4: command 0x0406 tx timeout
[  247.372132][ T6238] netlink: 60 bytes leftover after parsing attributes in process `syz.3.495'.
[  247.391015][   T25] audit: type=1326 audit(1763785407.063:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  247.414824][ T6242] netlink: 60 bytes leftover after parsing attributes in process `syz.3.495'.
[  247.445920][ T6238] netlink: 60 bytes leftover after parsing attributes in process `syz.3.495'.
[  247.461881][   T25] audit: type=1326 audit(1763785407.063:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  247.484037][    C0] vkms_vblank_simulate: vblank timer overrun
[  247.551224][   T25] audit: type=1326 audit(1763785407.063:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  247.655409][   T25] audit: type=1326 audit(1763785407.063:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  247.669173][ T6250] loop2: detected capacity change from 0 to 1024
[  248.197962][ T6253] loop3: detected capacity change from 0 to 512
[  248.279971][   T25] audit: type=1326 audit(1763785407.063:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  248.392024][   T25] audit: type=1326 audit(1763785407.063:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  248.426845][   T25] audit: type=1326 audit(1763785407.063:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  248.827791][   T25] audit: type=1326 audit(1763785407.063:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  248.850273][   T25] audit: type=1326 audit(1763785407.063:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6235 comm="syz.4.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  248.867936][ T6263] netlink: 'syz.1.504': attribute type 8 has an invalid length.
[  248.872773][ T6253] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  248.889032][ T6253] EXT4-fs (loop3): orphan cleanup on readonly fs
[  249.089461][ T6263] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.504'.
[  249.099661][ T6253] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  249.113154][ T6253] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  249.143926][ T6253] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  249.480153][ T4234] hid-generic FFFF:0008:0003.0009: item fetching failed at offset 0/2
[  249.480495][ T4234] hid-generic: probe of FFFF:0008:0003.0009 failed with error -22
[  249.508120][ T6272] loop4: detected capacity change from 0 to 512
[  249.518069][ T6275] overlayfs: missing 'lowerdir'
[  250.014555][ T6272] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #16: comm syz.4.506: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0)
[  250.047532][ T6272] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm syz.4.506: couldn't read orphan inode 16 (err -117)
[  250.060757][ T6272] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  250.145862][ T6272] ext4 filesystem being mounted at /105/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  250.264667][ T6293] loop2: detected capacity change from 0 to 1024
[  251.401534][ T6299] syz.4.506[6299] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  251.404358][ T6299] syz.4.506[6299] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  252.371494][ T6305] netlink: 'syz.1.517': attribute type 8 has an invalid length.
[  252.488200][ T6305] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.517'.
[  252.646920][ T6312] overlayfs: missing 'lowerdir'
[  253.786478][ T1336] hid-generic FFFF:0008:0003.000A: item fetching failed at offset 0/2
[  253.798443][ T1336] hid-generic: probe of FFFF:0008:0003.000A failed with error -22
[  254.491446][ T6338] overlayfs: failed to resolve './file0': -2
[  254.903985][ T6344] loop2: detected capacity change from 0 to 512
[  254.938280][ T6346] netlink: 8 bytes leftover after parsing attributes in process `syz.3.527'.
[  255.806374][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  255.813199][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  256.452718][ T6344] EXT4-fs (loop2): Unrecognized mount option "rootcontext=system_u" or missing value
[  257.872447][   T25] kauditd_printk_skb: 7 callbacks suppressed
[  257.872460][   T25] audit: type=1800 audit(1763785673.589:35): pid=6346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.527" name="regulatory.db.p7s" dev="sda1" ino=449 res=0 errno=0
[  257.901461][ T6346] platform regulatory.0: loading /lib/firmware/regulatory.db.p7s failed with error -4
[  257.928647][ T6348] loop1: detected capacity change from 0 to 1024
[  257.932067][ T6350] overlayfs: missing 'lowerdir'
[  257.954417][ T6346] platform regulatory.0: Direct firmware load for regulatory.db.p7s failed with error -4
[  257.984737][ T6352] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[  258.028979][ T6346] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db.p7s
[  258.226592][ T6346] syz.3.527 (6346) used greatest stack depth: 18632 bytes left
[  258.641773][ T6363] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  259.905697][ T6371] loop0: detected capacity change from 0 to 65536
[  260.082717][ T6377] loop4: detected capacity change from 0 to 2048
[  260.210740][ T6371] XFS (loop0): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  260.219249][ T6371] XFS (loop0): DAX unsupported by block device. Turning off DAX.
[  260.229005][ T6371] XFS (loop0): Mounting V5 Filesystem
[  260.377836][ T6389] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  260.434579][ T6371] XFS (loop0): Ending clean mount
[  260.436361][ T6371] XFS (loop0): Quotacheck needed: Please wait.
[  260.998520][ T6371] XFS (loop0): Quotacheck: Done.
[  261.074839][ T4186] XFS (loop0): Unmounting Filesystem
[  261.322762][ T6399] netlink: 'syz.1.539': attribute type 16 has an invalid length.
[  261.331339][ T6399] netlink: 'syz.1.539': attribute type 17 has an invalid length.
[  261.510345][ T6399] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  261.525161][ T6399] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  261.611446][ T6399] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  262.091172][ T6407] overlayfs: missing 'lowerdir'
[  262.582334][ T6414] tipc: Started in network mode
[  262.587224][ T6414] tipc: Node identity ac14140f, cluster identity 4711
[  262.594290][ T6414] tipc: New replicast peer: 255.255.255.83
[  262.600227][ T6414] tipc: Enabled bearer <udp:£>, priority 10
[  262.617183][ T6415] loop4: detected capacity change from 0 to 512
[  263.686740][ T4174] tipc: Node number set to 2886997007
[  263.777829][ T6415] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  263.787232][ T6415] EXT4-fs (loop4): orphan cleanup on readonly fs
[  263.795256][ T6415] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  263.808516][ T6415] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  263.922455][ T6415] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  264.783577][ T4174] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  265.261302][ T4174] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  265.298582][ T4174] usb 3-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  265.393831][ T4174] usb 3-1: too many endpoints for config 1 interface 1 altsetting 0: 255, using maximum allowed: 30
[  265.449961][ T6434] loop1: detected capacity change from 0 to 65536
[  265.459422][ T4174] usb 3-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  265.645609][ T6434] XFS (loop1): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  265.654237][ T6434] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  265.663189][ T6434] XFS (loop1): Mounting V5 Filesystem
[  265.696415][ T4174] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  265.715810][ T4174] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  265.734236][ T4174] usb 3-1: Product: syz
[  265.738412][ T4174] usb 3-1: Manufacturer: syz
[  265.790085][ T4174] usb 3-1: SerialNumber: syz
[  265.830898][ T6434] XFS (loop1): Ending clean mount
[  265.853177][ T6434] XFS (loop1): Quotacheck needed: Please wait.
[  265.946726][ T4174] cdc_ncm 3-1:1.0: skipping garbage
[  265.999626][ T6434] XFS (loop1): Quotacheck: Done.
[  266.085577][ T4185] XFS (loop1): Unmounting Filesystem
[  266.184440][ T6438] loop4: detected capacity change from 0 to 40427
[  266.211083][ T6438] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  266.218842][ T6438] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  266.272904][ T6438] F2FS-fs (loop4): Found nat_bits in checkpoint
[  266.325085][ T6438] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  266.336943][ T6438] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  267.260731][ T4174] cdc_ncm 3-1:1.0: bind() failure
[  267.301378][ T4174] usbtest: probe of 3-1:1.1 failed with error -71
[  267.341171][ T4174] usb 3-1: USB disconnect, device number 7
[  267.607052][ T6462] loop3: detected capacity change from 0 to 32768
[  267.705469][ T6462] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop3 scanned by syz.3.555 (6462)
[  267.852311][ T6465] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  267.895132][ T6462] BTRFS info (device loop3): using sha256 (sha256-avx2) checksum algorithm
[  267.904101][ T6462] BTRFS info (device loop3): setting nodatacow, compression disabled
[  267.912323][ T6462] BTRFS info (device loop3): enabling ssd optimizations
[  267.919331][ T6462] BTRFS info (device loop3): setting datacow
[  267.925425][ T6462] BTRFS info (device loop3): doing ref verification
[  267.932119][ T6462] BTRFS info (device loop3): force clearing of disk cache
[  267.939282][ T6462] BTRFS info (device loop3): turning off barriers
[  267.945786][ T6462] BTRFS info (device loop3): using spread ssd allocation scheme
[  267.953508][ T6462] BTRFS info (device loop3): using free space tree
[  267.960066][ T6462] BTRFS info (device loop3): has skinny extents
[  268.128442][ T6462] BTRFS info (device loop3): clearing free space tree
[  268.135402][ T6462] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  268.145956][ T6462] BTRFS info (device loop3): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  268.166176][ T6462] BTRFS info (device loop3): creating free space tree
[  268.181182][ T6462] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  268.190765][ T6462] BTRFS info (device loop3): setting compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  268.257634][   T25] audit: type=1800 audit(1763785683.969:36): pid=6461 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.555" name="bus" dev="loop3" ino=263 res=0 errno=0
[  269.908522][ T6508] loop4: detected capacity change from 0 to 256
[  270.002513][ T6506] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  270.161055][ T6508] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  270.692188][ T6508] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  270.858141][ T4844] dvb-usb: did not find the firmware file 'af9005.fw' (status -110). You can use <kernel_dir>/scripts/get_dvb_firmware to get the firmware
[  270.878074][ T4844] dvb_usb_af9005: probe of 1-1:0.53 failed with error -110
[  270.882059][ T6508] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  270.901546][ T4844] usb 1-1: USB disconnect, device number 3
[  273.510001][ T6564] loop2: detected capacity change from 0 to 1024
[  273.983639][ T6569] loop1: detected capacity change from 0 to 4096
[  274.864468][ T4185] ntfs3: loop1: ntfs_evict_inode r=5 failed, -22.
[  274.938414][   T25] audit: type=1326 audit(1763786202.647:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  275.026202][ T4185] ntfs3: loop1: Mark volume as dirty due to NTFS errors
[  275.298744][   T25] audit: type=1326 audit(1763786202.677:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6580 comm="syz.0.582" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  275.756171][ T6572] loop3: detected capacity change from 0 to 40427
[  275.828031][ T6572] F2FS-fs (loop3): build fault injection attr: rate: 25, type: 0x1ffff
[  275.867163][ T6572] F2FS-fs (loop3): invalid crc value
[  276.035750][    T7] hid-generic FFFF:0008:0003.000B: item fetching failed at offset 0/2
[  276.051377][    T7] hid-generic: probe of FFFF:0008:0003.000B failed with error -22
[  276.066526][ T6572] F2FS-fs (loop3) : inject kmalloc in f2fs_kmalloc of f2fs_build_segment_manager+0x26f1/0x67b0
[  276.111145][ T6572] F2FS-fs (loop3): Failed to initialize F2FS segment manager (-12)
[  277.790465][ T6602] loop1: detected capacity change from 0 to 512
[  278.116858][ T6602] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  278.125908][ T6602] EXT4-fs (loop1): orphan cleanup on readonly fs
[  278.133369][ T6602] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  278.207774][ T6602] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  278.220362][ T6602] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  278.634486][ T6618] fuse: Bad value for 'group_id'
[  279.440571][ T6622] loop1: detected capacity change from 0 to 1024
[  279.730258][ T6624] loop0: detected capacity change from 0 to 2048
[  280.379032][ T6629] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  281.806859][ T6641] syz.4.598[6641] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.806986][ T6641] syz.4.598[6641] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  281.877521][   T25] audit: type=1326 audit(1763786465.589:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.019756][   T25] audit: type=1326 audit(1763786465.639:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=63 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.113780][   T25] audit: type=1326 audit(1763786465.639:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.151025][   T25] audit: type=1326 audit(1763786465.639:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.280540][ T6651] loop1: detected capacity change from 0 to 512
[  282.376602][   T25] audit: type=1326 audit(1763786465.639:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.615724][ T6651] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  282.630001][ T6651] EXT4-fs (loop1): orphan cleanup on readonly fs
[  282.641583][ T6651] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  282.656565][ T6651] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  282.671638][ T6651] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  282.707376][   T25] audit: type=1326 audit(1763786465.639:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.729587][   T25] audit: type=1326 audit(1763786465.639:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  282.751995][   T25] audit: type=1326 audit(1763786465.639:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  283.010990][   T25] audit: type=1326 audit(1763786465.639:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  283.201030][   T25] audit: type=1326 audit(1763786465.639:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6640 comm="syz.4.598" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  283.596170][ T6718] loop1: detected capacity change from 0 to 512
[  283.636849][ T6719] loop3: detected capacity change from 0 to 2048
[  283.858372][ T6723] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  284.021366][ T6718] EXT4-fs (loop1): orphan cleanup on readonly fs
[  284.030890][ T6718] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.606: bg 0: block 248: padding at end of block bitmap is not set
[  284.050183][ T6718] EXT4-fs error (device loop1): ext4_acquire_dquot:6209: comm syz.1.606: Failed to acquire dquot type 1
[  284.064495][ T6718] EXT4-fs (loop1): 1 truncate cleaned up
[  284.079258][ T6718] EXT4-fs (loop1): mounted filesystem without journal. Opts: bsdgroups,nodiscard,noblock_validity,grpjquota=,grpjquota=,noquota,auto_da_alloc,noload,nodiscard,,errors=continue. Quota mode: writeback.
[  284.511009][ T4844] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  284.741087][ T6732] loop1: detected capacity change from 0 to 65536
[  284.895407][ T6732] XFS (loop1): DAX enabled. Warning: EXPERIMENTAL, use at your own risk
[  284.903849][ T6732] XFS (loop1): DAX unsupported by block device. Turning off DAX.
[  284.912328][ T6732] XFS (loop1): Mounting V5 Filesystem
[  284.986934][ T6732] XFS (loop1): Ending clean mount
[  284.993969][ T6732] XFS (loop1): Quotacheck needed: Please wait.
[  285.042797][ T4844] usb 1-1: Using ep0 maxpacket: 16
[  285.114534][ T6732] XFS (loop1): Quotacheck: Done.
[  285.161183][ T4844] usb 1-1: config 0 has an invalid interface number: 105 but max is 0
[  285.178179][ T4844] usb 1-1: config 0 descriptor has 1 excess byte, ignoring
[  285.201246][ T4185] XFS (loop1): Unmounting Filesystem
[  285.240552][ T6748] fuse: Bad value for 'group_id'
[  285.355059][ T4844] usb 1-1: config 0 has no interface number 0
[  285.631630][ T4844] usb 1-1: New USB device found, idVendor=046d, idProduct=08f3, bcdDevice= b.28
[  285.677907][ T4844] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.772925][ T4844] usb 1-1: Product: syz
[  285.820841][ T4844] usb 1-1: Manufacturer: syz
[  285.876746][ T4844] usb 1-1: SerialNumber: syz
[  285.932582][ T4844] usb 1-1: config 0 descriptor??
[  286.023392][ T4844] usb 1-1: Found UVC 0.00 device syz (046d:08f3)
[  286.029806][ T4844] usb 1-1: No valid video chain found.
[  286.227325][ T4844] usb 1-1: USB disconnect, device number 4
[  287.608814][ T6769] loop0: detected capacity change from 0 to 512
[  288.187779][ T6769] EXT4-fs error (device loop0): ext4_ext_check_inode:501: inode #16: comm syz.0.619: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0)
[  288.285179][ T6769] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.619: couldn't read orphan inode 16 (err -117)
[  288.332367][ T6769] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  288.391138][ T6769] ext4 filesystem being mounted at /127/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.482958][ T6777] loop4: detected capacity change from 0 to 2048
[  288.689045][ T6782] syz.0.619[6782] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  288.689134][ T6782] syz.0.619[6782] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  288.907001][ T6783] loop1: detected capacity change from 0 to 512
[  289.778065][ T6785] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  290.650266][ T6783] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  290.663852][ T6783] EXT4-fs (loop1): orphan cleanup on readonly fs
[  290.681096][ T6783] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  290.696134][ T6783] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  290.710891][ T6783] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  291.936710][ T6804] loop3: detected capacity change from 0 to 16
[  291.950245][ T6804] erofs: (device loop3): mounted with root inode @ nid 36.
[  291.972430][ T6804] attempt to access beyond end of device
[  291.972430][ T6804] loop3: rw=0, want=40, limit=16
[  291.985563][ T6804] attempt to access beyond end of device
[  291.985563][ T6804] loop3: rw=0, want=40, limit=16
[  292.833003][ T6820] overlayfs: missing 'lowerdir'
[  293.153811][ T6830] loop2: detected capacity change from 0 to 512
[  293.448837][ T6830] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  293.462132][ T6830] EXT4-fs (loop2): orphan cleanup on readonly fs
[  293.474859][ T6830] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  293.488899][ T6830] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  293.503552][ T6830] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  294.159796][ T6842] loop0: detected capacity change from 0 to 1024
[  297.593371][ T6886] loop3: detected capacity change from 0 to 512
[  299.221087][    T7] usb 5-1: new full-speed USB device number 7 using dummy_hcd
[  299.631186][    T7] usb 5-1: unable to get BOS descriptor or descriptor too short
[  299.681138][    T7] usb 5-1: not running at top speed; connect to a high speed hub
[  299.771247][    T7] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  299.787051][    T7] usb 5-1: config 1 has 0 interfaces, different from the descriptor's value: 1
[  299.951189][    T7] usb 5-1: New USB device found, idVendor=0cb8, idProduct=c90b, bcdDevice= d.ae
[  299.964887][    T7] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  299.976167][    T7] usb 5-1: Product: syz
[  299.980534][    T7] usb 5-1: Manufacturer: syz
[  299.988922][    T7] usb 5-1: SerialNumber: syz
[  300.170184][ T6893] loop2: detected capacity change from 0 to 1024
[  300.219512][ T6886] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  300.228835][ T6886] EXT4-fs (loop3): orphan cleanup on readonly fs
[  300.237533][ T6886] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  300.250431][ T6886] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  300.264860][ T6886] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  300.275224][ T6898] loop0: detected capacity change from 0 to 512
[  300.283692][    T7] usb 5-1: USB disconnect, device number 7
[  300.414460][ T6898] EXT4-fs (loop0): Ignoring removed bh option
[  300.495619][ T6898] EXT4-fs (loop0): mounted filesystem without journal. Opts: i_version,nogrpid,bh,,errors=continue. Quota mode: writeback.
[  300.509905][ T6898] ext4 filesystem being mounted at /135/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  301.311544][ T6920] netlink: 4 bytes leftover after parsing attributes in process `syz.4.658'.
[  302.757455][ T6932] loop3: detected capacity change from 0 to 8192
[  309.140731][ T6998] loop2: detected capacity change from 0 to 512
[  309.428651][ T6998] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  309.437687][ T6998] EXT4-fs (loop2): orphan cleanup on readonly fs
[  309.448061][ T6998] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  309.775237][ T6998] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  309.787427][ T6998] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  309.861285][ T6975] loop3: detected capacity change from 0 to 40427
[  309.940030][ T6975] F2FS-fs (loop3): invalid crc value
[  309.999460][ T7010] netlink: 8 bytes leftover after parsing attributes in process `syz.1.684'.
[  310.039865][ T6975] F2FS-fs (loop3): Found nat_bits in checkpoint
[  310.148062][ T7017] netlink: 'syz.0.685': attribute type 8 has an invalid length.
[  310.236348][ T7017] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.685'.
[  310.326100][ T6975] F2FS-fs (loop3): Start checkpoint disabled!
[  313.575674][ T7058] loop1: detected capacity change from 0 to 512
[  313.841927][ T7058] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  313.856166][ T7058] EXT4-fs (loop1): orphan cleanup on readonly fs
[  313.868862][ T7058] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  313.883610][ T7058] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  313.899172][ T7058] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  314.776241][ T7078] netlink: 'syz.0.703': attribute type 8 has an invalid length.
[  314.791089][ T7078] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.703'.
[  317.415363][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  317.421702][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  318.609949][ T7106] netlink: 8 bytes leftover after parsing attributes in process `syz.1.712'.
[  320.216790][ T7115] loop2: detected capacity change from 0 to 512
[  321.210155][ T7115] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  321.220167][ T7115] EXT4-fs (loop2): orphan cleanup on readonly fs
[  321.228755][ T7115] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  321.241780][ T7115] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  321.254048][ T7115] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  328.594033][ T7154] loop1: detected capacity change from 0 to 40427
[  328.660835][ T7154] F2FS-fs (loop1): invalid crc value
[  328.672835][ T7154] F2FS-fs (loop1): Found nat_bits in checkpoint
[  328.816155][ T7154] F2FS-fs (loop1): Start checkpoint disabled!
[  328.855496][ T7154] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  329.006532][ T7180] fuse: Unknown parameter 'grou00000000000000000010'
[  329.265472][ T7178] binfmt_misc: register: failed to install interpreter file ./file2
[  330.286433][  T448] attempt to access beyond end of device
[  330.286433][  T448] loop1: rw=2049, want=40968, limit=40427
[  332.341642][   T25] kauditd_printk_skb: 2 callbacks suppressed
[  332.341657][   T25] audit: type=1326 audit(1763787028.050:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7220 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  332.798022][ T7228] fuse: Unknown parameter 'grou00000000000000000010'
[  333.180308][   T25] audit: type=1326 audit(1763787028.110:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7220 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=226 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  333.239921][ T7230] loop2: detected capacity change from 0 to 2048
[  333.256676][   T25] audit: type=1326 audit(1763787028.110:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7220 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  333.348697][   T25] audit: type=1326 audit(1763787028.110:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7220 comm="syz.0.744" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  333.371559][ T7240] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  335.526565][ T7236] loop0: detected capacity change from 0 to 40427
[  335.546838][ T7236] F2FS-fs (loop0): invalid crc value
[  335.580274][ T7236] F2FS-fs (loop0): Found nat_bits in checkpoint
[  335.989067][ T7236] F2FS-fs (loop0): Start checkpoint disabled!
[  338.106535][ T7293] loop2: detected capacity change from 0 to 512
[  338.204442][ T7299] loop0: detected capacity change from 0 to 2048
[  338.231550][ T7293] EXT4-fs (loop2): revision level too high, forcing read-only mode
[  338.240877][ T7293] EXT4-fs (loop2): orphan cleanup on readonly fs
[  338.258799][ T7293] EXT4-fs error (device loop2): ext4_orphan_get:1401: inode #16: comm syz.2.765: iget: bad extended attribute block 1661952
[  338.276661][ T7293] EXT4-fs error (device loop2): ext4_orphan_get:1406: comm syz.2.765: couldn't read orphan inode 16 (err -117)
[  338.312564][ T7293] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  338.355261][ T7302] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  340.131165][ T7323] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  341.745499][ T7318] loop4: detected capacity change from 0 to 40427
[  341.843201][ T7346] loop1: detected capacity change from 0 to 512
[  342.536902][ T7318] F2FS-fs (loop4): invalid crc value
[  342.546904][ T4234] hid-generic FFFF:0008:0003.000C: item fetching failed at offset 0/2
[  342.556045][ T7351] loop2: detected capacity change from 0 to 512
[  342.570201][ T7318] F2FS-fs (loop4): Failed to initialize F2FS segment manager (-4)
[  342.582146][ T4234] hid-generic: probe of FFFF:0008:0003.000C failed with error -22
[  342.601203][ T7346] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  342.610102][ T7346] EXT4-fs (loop1): orphan cleanup on readonly fs
[  342.619819][ T7346] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm syz.1.780: iget: bad extended attribute block 1661952
[  342.633382][ T7346] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.780: couldn't read orphan inode 16 (err -117)
[  342.645770][ T7346] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  343.610256][ T7351] EXT4-fs (loop2): orphan cleanup on readonly fs
[  343.691590][ T7351] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated!
[  344.165492][ T7351] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[  344.356068][ T7367] netlink: 8 bytes leftover after parsing attributes in process `syz.0.785'.
[  344.391936][ T7351] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.782: Failed to acquire dquot type 0
[  344.430430][ T7367] syz.0.785 (7367) used greatest stack depth: 18560 bytes left
[  344.467860][ T7351] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated!
[  344.485092][ T7351] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[  344.558365][ T7351] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.782: Failed to acquire dquot type 0
[  344.618915][ T7351] EXT4-fs error (device loop2): ext4_validate_block_bitmap:438: comm syz.2.782: bg 0: block 64: padding at end of block bitmap is not set
[  344.661103][ T5074] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  344.688114][ T7375] fuse: Unknown parameter 'group_i00000000000000000010'
[  345.015761][ T5074] usb 2-1: Using ep0 maxpacket: 16
[  345.332765][ T7351] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6178: Corrupt filesystem
[  345.349317][ T7351] Quota error (device loop2): dq_insert_tree: Quota tree root isn't allocated!
[  345.421104][ T7351] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[  345.435864][ T7351] EXT4-fs error (device loop2): ext4_acquire_dquot:6209: comm syz.2.782: Failed to acquire dquot type 0
[  345.463248][ T7351] EXT4-fs (loop2): 1 orphan inode deleted
[  345.496523][ T7351] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,nolazytime,,errors=continue. Quota mode: writeback.
[  345.501217][ T5074] usb 2-1: unable to get BOS descriptor or descriptor too short
[  346.841116][ T7385] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  347.251219][ T5074] usb 2-1: config 15 has an invalid interface number: 197 but max is 1
[  347.270197][ T5074] usb 2-1: config 15 has an invalid interface number: 136 but max is 1
[  347.282719][ T5074] usb 2-1: config 15 has no interface number 0
[  347.299010][ T5074] usb 2-1: config 15 has no interface number 1
[  347.315784][ T5074] usb 2-1: config 15 interface 197 has no altsetting 0
[  347.498110][ T5074] usb 2-1: config 15 interface 136 has no altsetting 0
[  347.563363][ T7390] loop4: detected capacity change from 0 to 40427
[  347.719703][ T7390] F2FS-fs (loop4): invalid crc value
[  347.798715][ T7390] F2FS-fs (loop4): Found nat_bits in checkpoint
[  347.847473][ T7390] F2FS-fs (loop4): Start checkpoint disabled!
[  347.961386][ T5074] usb 2-1: string descriptor 0 read error: -71
[  347.961844][ T5074] usb 2-1: New USB device found, idVendor=0403, idProduct=d678, bcdDevice=d4.b3
[  347.961907][ T5074] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  347.999655][ T7390] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  348.062133][ T5074] usb 2-1: can't set config #15, error -71
[  348.070155][ T5074] usb 2-1: USB disconnect, device number 7
[  348.631611][ T7402] loop1: detected capacity change from 0 to 512
[  349.237655][   T25] audit: type=1326 audit(1763787044.950:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7403 comm="syz.2.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  349.299567][ T7402] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  349.308387][   T25] audit: type=1326 audit(1763787044.980:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7403 comm="syz.2.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  349.308571][ T7402] EXT4-fs (loop1): orphan cleanup on readonly fs
[  349.331747][   T25] audit: type=1326 audit(1763787044.980:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7403 comm="syz.2.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  349.355448][ T7402] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm syz.1.794: iget: bad extended attribute block 1661952
[  349.360301][   T25] audit: type=1326 audit(1763787044.980:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7403 comm="syz.2.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=18 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  349.381283][ T7402] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.794: couldn't read orphan inode 16 (err -117)
[  349.421186][ T7410] netlink: 8 bytes leftover after parsing attributes in process `syz.0.798'.
[  349.421194][ T7402] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  349.455126][   T25] audit: type=1326 audit(1763787044.980:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7403 comm="syz.2.797" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  349.609020][ T7417] fuse: Unknown parameter 'group_id00000000000000000010'
[  350.206496][ T4370] attempt to access beyond end of device
[  350.206496][ T4370] loop4: rw=2049, want=40968, limit=40427
[  350.603522][ T7432] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  352.475275][ T4234] hid-generic FFFF:0008:0003.000D: item fetching failed at offset 0/2
[  352.541395][ T4234] hid-generic: probe of FFFF:0008:0003.000D failed with error -22
[  353.790126][ T7454] loop4: detected capacity change from 0 to 2048
[  353.916438][ T7455] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  354.786871][ T7452] loop1: detected capacity change from 0 to 40427
[  355.004314][ T7452] F2FS-fs (loop1): invalid crc value
[  355.057458][ T7452] F2FS-fs (loop1): Found nat_bits in checkpoint
[  355.133252][ T7474] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  355.250918][ T7452] F2FS-fs (loop1): Start checkpoint disabled!
[  355.281142][ T7452] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  356.844102][ T7488] loop2: detected capacity change from 0 to 256
[  356.990851][ T7471] netlink: 8 bytes leftover after parsing attributes in process `syz.4.814'.
[  357.380698][ T7471] netlink: 4 bytes leftover after parsing attributes in process `syz.4.814'.
[  357.422831][   T25] audit: type=1326 audit(1763787053.140:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  357.484821][   T25] audit: type=1326 audit(1763787053.140:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  357.523636][ T7494] loop3: detected capacity change from 0 to 256
[  357.724227][   T25] audit: type=1326 audit(1763787053.140:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=201 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  357.746964][   T25] audit: type=1326 audit(1763787053.140:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  357.769304][   T25] audit: type=1326 audit(1763787053.140:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  357.844216][   T25] audit: type=1326 audit(1763787053.140:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  358.013249][ T7498] overlayfs: filesystem on './file0' not supported
[  358.031073][   T25] audit: type=1326 audit(1763787053.140:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  358.071274][ T4370] attempt to access beyond end of device
[  358.071274][ T4370] loop1: rw=2049, want=40968, limit=40427
[  358.203164][   T25] audit: type=1326 audit(1763787053.140:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  358.241125][   T25] audit: type=1326 audit(1763787053.140:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  358.314091][   T25] audit: type=1326 audit(1763787053.140:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7491 comm="syz.3.821" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  358.327232][ T7502] loop4: detected capacity change from 0 to 2048
[  358.526429][ T7503] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  358.933060][ T7510] netlink: 'syz.3.825': attribute type 8 has an invalid length.
[  358.940719][ T7510] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.825'.
[  359.843229][ T6510] hid-generic FFFF:0008:0003.000E: item fetching failed at offset 0/2
[  359.908395][ T6510] hid-generic: probe of FFFF:0008:0003.000E failed with error -22
[  360.043221][ T7534] syz.4.834[7534] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  360.043303][ T7534] syz.4.834[7534] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  360.164547][ T7534] netlink: 4 bytes leftover after parsing attributes in process `syz.4.834'.
[  360.338611][ T7538] syz.3.833[7538] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  360.338699][ T7538] syz.3.833[7538] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  360.682088][ T7547] loop0: detected capacity change from 0 to 2048
[  360.791251][ T7550] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  360.809749][ T7551] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  361.163768][ T7536] loop2: detected capacity change from 0 to 40427
[  361.290222][ T7536] F2FS-fs (loop2): invalid crc value
[  361.303488][ T7536] F2FS-fs (loop2): Found nat_bits in checkpoint
[  361.428299][ T7536] F2FS-fs (loop2): Start checkpoint disabled!
[  361.454995][ T7536] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  362.106720][ T7565] loop0: detected capacity change from 0 to 4096
[  362.131434][ T7565] EXT4-fs (loop0): Test dummy encryption mode enabled
[  362.149975][ T7565] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  362.274424][ T7570] loop4: detected capacity change from 0 to 512
[  362.354450][ T7565] System zones: 0-5
[  362.585777][ T7565] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  362.712418][ T7570] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  362.725387][ T7570] EXT4-fs (loop4): orphan cleanup on readonly fs
[  362.739749][ T7570] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  362.791471][ T7570] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  362.803512][ T7570] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  362.819593][ T6692] attempt to access beyond end of device
[  362.819593][ T6692] loop2: rw=2049, want=40968, limit=40427
[  363.081069][ T4603] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  363.201701][ T7576] netlink: 'syz.4.844': attribute type 8 has an invalid length.
[  363.209369][ T7576] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.844'.
[  363.371098][ T4603] usb 1-1: Using ep0 maxpacket: 8
[  363.951608][ T4603] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  364.109563][ T4603] usb 1-1: config 179 has no interface number 0
[  364.116969][ T4603] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  364.142485][ T4603] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  364.170999][ T4603] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  364.241558][ T4603] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid wMaxPacketSize 0
[  364.261489][ T4603] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  364.299895][ T4603] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  364.330105][ T4603] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  364.362359][ T7565] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  364.387927][ T4603] xpad: probe of 1-1:179.65 failed with error -5
[  364.431644][ T7592] loop2: detected capacity change from 0 to 2048
[  364.481207][ T4234] hid-generic FFFF:0008:0003.000F: item fetching failed at offset 0/2
[  364.520172][ T4234] hid-generic: probe of FFFF:0008:0003.000F failed with error -22
[  364.571479][ T7596] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  364.996081][ T7599] fuse: Bad value for 'fd'
[  367.044903][ T1336] usb 1-1: USB disconnect, device number 5
[  367.281509][ T7612] syz.0.853[7612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  367.281604][ T7612] syz.0.853[7612] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  367.489325][ T7618] netlink: 8 bytes leftover after parsing attributes in process `syz.2.854'.
[  367.605424][ T7619] loop1: detected capacity change from 0 to 512
[  367.886817][ T7619] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  367.900001][ T7619] EXT4-fs (loop1): orphan cleanup on readonly fs
[  367.916334][ T7619] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  367.931539][ T7619] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  367.945318][ T7619] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  368.388164][ T7635] fuse: Bad value for 'user_id'
[  368.999645][ T7636] fuse: Bad value for 'fd'
[  369.461002][ T4174] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  369.600252][ T4603] hid-generic FFFF:0008:0003.0010: item fetching failed at offset 0/2
[  369.636580][ T4603] hid-generic: probe of FFFF:0008:0003.0010 failed with error -22
[  369.798036][ T7653] loop3: detected capacity change from 0 to 2048
[  369.842013][ T4174] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  369.908999][ T4174] usb 1-1: too many endpoints for config 1 interface 1 altsetting 0: 255, using maximum allowed: 30
[  369.982384][ T7654] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  370.141441][ T4174] usb 1-1: config 1 interface 1 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  370.165545][ T7656] netlink: 'syz.2.865': attribute type 1 has an invalid length.
[  370.471902][ T7665] loop4: detected capacity change from 0 to 512
[  370.491389][ T4174] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  370.500613][ T4174] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  370.539281][ T4174] usb 1-1: Product: syz
[  371.125123][ T4174] usb 1-1: Manufacturer: syz
[  371.130662][ T4174] usb 1-1: SerialNumber: syz
[  371.182025][ T4174] cdc_ncm 1-1:1.0: skipping garbage
[  371.221693][ T7665] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  371.231186][ T7665] EXT4-fs (loop4): orphan cleanup on readonly fs
[  371.239014][ T7665] EXT4-fs error (device loop4): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  371.271867][ T7665] EXT4-fs error (device loop4): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  371.283903][ T7665] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  371.631258][ T7679] overlayfs: missing 'lowerdir'
[  371.966294][ T7685] netlink: 'syz.4.874': attribute type 8 has an invalid length.
[  371.994683][ T7685] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.874'.
[  372.531392][ T4174] cdc_ncm 1-1:1.0: bind() failure
[  372.571110][ T4174] cdc_ncm: probe of 1-1:1.1 failed with error -71
[  372.591097][ T4174] cdc_mbim: probe of 1-1:1.1 failed with error -71
[  372.611256][ T4174] usbtest: probe of 1-1:1.1 failed with error -71
[  372.625516][ T4174] usb 1-1: USB disconnect, device number 6
[  373.770406][ T7714] loop2: detected capacity change from 0 to 16
[  373.812603][ T7707] loop0: detected capacity change from 0 to 2048
[  375.438114][ T7714] erofs: (device loop2): mounted with root inode @ nid 36.
[  375.731129][ T7720] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  376.157326][ T7722] loop3: detected capacity change from 0 to 4096
[  376.307002][ T7722] EXT4-fs (loop3): Test dummy encryption mode enabled
[  376.321881][ T7722] EXT4-fs (loop3): Quota format mount options ignored when QUOTA feature is enabled
[  376.378297][ T7722] EXT4-fs (loop3): Number of reserved GDT blocks insanely large: 64768
[  376.399508][ T7733] netlink: 'syz.2.890': attribute type 8 has an invalid length.
[  376.421731][ T7733] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.890'.
[  377.018267][ T7752] loop0: detected capacity change from 0 to 512
[  377.150775][ T7752] EXT4-fs (loop0): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  377.183553][ T7752] ext4 filesystem being mounted at /180/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  377.326139][ T4603] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  377.681150][ T4603] usb 4-1: Using ep0 maxpacket: 16
[  377.747626][ T7754] loop4: detected capacity change from 0 to 40427
[  377.879302][ T7754] F2FS-fs (loop4): invalid crc value
[  377.930102][ T7754] F2FS-fs (loop4): Found nat_bits in checkpoint
[  377.951136][ T4603] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  377.967515][ T4603] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[  378.012719][ T7754] F2FS-fs (loop4): Start checkpoint disabled!
[  378.039057][ T7754] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  378.161257][ T4603] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  378.176689][ T4603] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  378.212195][ T4603] usb 4-1: Product: syz
[  378.223774][ T4603] usb 4-1: Manufacturer: syz
[  378.237133][ T4603] usb 4-1: SerialNumber: syz
[  378.373488][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  378.379815][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  378.763814][ T4603] usb 4-1: 0:2 : does not exist
[  378.769661][ T4603] usb 4-1: unit 6 not found!
[  378.817145][ T7782] loop1: detected capacity change from 0 to 128
[  378.939931][ T7782] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  379.365398][ T4351] attempt to access beyond end of device
[  379.365398][ T4351] loop4: rw=2049, want=40968, limit=40427
[  379.555964][ T4603] usb 4-1: USB disconnect, device number 8
[  381.172138][ T4396] udevd[4396]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  381.857269][ T4844] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  381.937870][ T7805] loop3: detected capacity change from 0 to 1024
[  382.982555][ T4844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  383.016954][ T4844] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.037471][ T4844] usb 5-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  383.046823][ T4844] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.057843][ T4844] usb 5-1: config 0 descriptor??
[  383.332732][ T7820] netlink: 8 bytes leftover after parsing attributes in process `syz.3.918'.
[  383.674056][   T25] kauditd_printk_skb: 22 callbacks suppressed
[  383.674069][   T25] audit: type=1326 audit(1763787335.387:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7802 comm="syz.4.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  383.825246][   T25] audit: type=1326 audit(1763787335.467:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7802 comm="syz.4.904" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  383.871121][ T4844] usbhid 5-1:0.0: can't add hid device: -71
[  383.881079][ T4844] usbhid: probe of 5-1:0.0 failed with error -71
[  383.911356][ T4844] usb 5-1: USB disconnect, device number 8
[  383.976514][ T7844] netlink: 20 bytes leftover after parsing attributes in process `syz.1.927'.
[  384.001280][ T7844] IPv6: Can't replace route, no match found
[  384.851966][ T7854] netlink: 8 bytes leftover after parsing attributes in process `syz.4.932'.
[  385.382167][ T7873] netlink: 'syz.2.939': attribute type 8 has an invalid length.
[  385.410507][ T7873] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.939'.
[  388.803442][ T7889] xt_hashlimit: max too large, truncated to 1048576
[  390.031625][ T7933] 9pnet: Insufficient options for proto=fd
[  390.233002][ T7935] netlink: 'syz.1.955': attribute type 8 has an invalid length.
[  390.246050][ T7935] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.955'.
[  390.302346][ T7937] loop0: detected capacity change from 0 to 1024
[  390.341124][ T4234] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  390.631140][ T4234] usb 4-1: Using ep0 maxpacket: 16
[  390.778305][ T4234] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  390.831714][ T4234] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  390.939989][ T4234] usb 4-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  390.960410][ T4234] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  391.754907][ T4234] usb 4-1: config 0 descriptor??
[  393.235951][ T4234] usb 4-1: USB disconnect, device number 9
[  393.245903][ T7976] loop4: detected capacity change from 0 to 1024
[  393.489590][ T7985] netlink: 'syz.2.970': attribute type 8 has an invalid length.
[  393.533221][ T7985] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.970'.
[  393.814385][ T7991] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  395.549909][ T8011] netlink: 'syz.3.979': attribute type 3 has an invalid length.
[  395.562067][ T8011] netlink: 'syz.3.979': attribute type 3 has an invalid length.
[  397.920646][ T8030] netlink: 32 bytes leftover after parsing attributes in process `syz.4.984'.
[  397.931204][ T8030] netlink: 32 bytes leftover after parsing attributes in process `syz.4.984'.
[  398.640692][ T8034] loop3: detected capacity change from 0 to 1024
[  398.967497][ T8039] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  400.686904][ T8051] fuse: Bad value for 'fd'
[  402.970121][ T8070] loop3: detected capacity change from 0 to 512
[  403.138022][ T8070] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #16: comm syz.3.997: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0)
[  403.211833][ T8070] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.997: couldn't read orphan inode 16 (err -117)
[  403.282850][ T8070] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  403.352549][ T8070] ext4 filesystem being mounted at /185/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  403.408998][   T25] audit: type=1326 audit(1763787867.115:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  403.451006][   T25] audit: type=1326 audit(1763787867.115:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  403.566128][   T25] audit: type=1326 audit(1763787867.165:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  403.666550][   T25] audit: type=1326 audit(1763787867.165:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  403.707408][   T25] audit: type=1326 audit(1763787867.165:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  403.793008][ T8084] netlink: 164 bytes leftover after parsing attributes in process `syz.1.999'.
[  404.310277][   T25] audit: type=1326 audit(1763787867.165:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  404.343210][ T8084] netlink: 164 bytes leftover after parsing attributes in process `syz.1.999'.
[  404.352427][ T8084] netlink: 60 bytes leftover after parsing attributes in process `syz.1.999'.
[  404.371148][   T25] audit: type=1326 audit(1763787867.165:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  404.406631][   T25] audit: type=1326 audit(1763787867.165:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  404.674444][   T25] audit: type=1326 audit(1763787867.185:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  404.682272][ T8087] loop4: detected capacity change from 0 to 40427
[  404.758337][   T25] audit: type=1326 audit(1763787867.185:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8075 comm="syz.4.1000" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  404.819418][ T8087] F2FS-fs (loop4): invalid crc value
[  404.948585][ T8087] F2FS-fs (loop4): Found nat_bits in checkpoint
[  404.987539][ T8087] F2FS-fs (loop4): Start checkpoint disabled!
[  405.001640][ T8095] loop1: detected capacity change from 0 to 1024
[  405.055372][ T8087] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  406.014840][ T1276] attempt to access beyond end of device
[  406.014840][ T1276] loop4: rw=2049, want=40984, limit=40427
[  407.586207][ T8120] fuse: Bad value for 'fd'
[  408.589642][ T8130] hub 8-0:1.0: USB hub found
[  408.598839][ T8130] hub 8-0:1.0: 1 port detected
[  409.726702][ T8137] blk_update_request: I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  409.738861][ T8137] F2FS-fs (loop5): Unable to read 1th superblock
[  409.746427][ T8137] blk_update_request: I/O error, dev loop5, sector 8 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  409.757777][ T8137] F2FS-fs (loop5): Unable to read 2th superblock
[  411.826368][ T8147] loop4: detected capacity change from 0 to 40427
[  412.670078][ T8153] loop0: detected capacity change from 0 to 1024
[  413.202029][ T8147] F2FS-fs (loop4): invalid crc value
[  413.285584][ T8147] F2FS-fs (loop4): Found nat_bits in checkpoint
[  413.323411][ T8147] F2FS-fs (loop4): Start checkpoint disabled!
[  413.342795][ T8147] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  413.726812][  T154] attempt to access beyond end of device
[  413.726812][  T154] loop4: rw=2049, want=40976, limit=40427
[  415.637310][ T8179] fuse: Bad value for 'fd'
[  417.372566][   T25] kauditd_printk_skb: 13 callbacks suppressed
[  417.372581][   T25] audit: type=1326 audit(1763788137.085:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8199 comm="syz.3.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  417.472901][   T25] audit: type=1326 audit(1763788137.125:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8199 comm="syz.3.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=109 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  417.884835][   T25] audit: type=1326 audit(1763788137.125:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8199 comm="syz.3.1030" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  418.770867][ T8223] fuse: Bad value for 'fd'
[  420.682993][ T8241] loop1: detected capacity change from 0 to 512
[  420.699527][ T8239] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  420.760628][ T8239] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  420.808845][ T8241] EXT4-fs error (device loop1): ext4_ext_check_inode:501: inode #16: comm syz.1.1040: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0)
[  420.837000][ T8241] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.1040: couldn't read orphan inode 16 (err -117)
[  420.929407][ T8241] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  420.951752][ T8241] ext4 filesystem being mounted at /225/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  421.249093][ T8256] syz.1.1040[8256] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  421.249537][ T8256] syz.1.1040[8256] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  423.399502][   T25] audit: type=1326 audit(1763788399.109:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  423.551945][ T8271] fuse: Invalid rootmode
[  423.994953][   T25] audit: type=1326 audit(1763788399.159:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.173627][   T25] audit: type=1326 audit(1763788399.159:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.202148][   T25] audit: type=1326 audit(1763788399.169:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.224600][   T25] audit: type=1326 audit(1763788399.169:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.471869][   T25] audit: type=1326 audit(1763788399.179:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.494819][   T25] audit: type=1326 audit(1763788399.179:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.517769][   T25] audit: type=1326 audit(1763788399.179:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  424.575675][   T25] audit: type=1326 audit(1763788399.179:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  425.164595][   T25] audit: type=1326 audit(1763788399.179:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8267 comm="syz.3.1049" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  425.626816][ T8293] loop0: detected capacity change from 0 to 2048
[  425.651266][ T5074] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  425.703390][ T8296] overlayfs: failed to clone upperpath
[  425.796821][ T8298] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  425.941182][ T5074] usb 2-1: Using ep0 maxpacket: 16
[  426.061214][ T5074] usb 2-1: config 1 has an invalid interface number: 214 but max is 0
[  426.069438][ T5074] usb 2-1: config 1 has no interface number 0
[  426.109506][ T5074] usb 2-1: config 1 interface 214 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  426.152203][ T5074] usb 2-1: config 1 interface 214 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  426.171285][ T5074] usb 2-1: config 1 interface 214 has no altsetting 0
[  426.317302][ T8304] loop3: detected capacity change from 0 to 512
[  426.331424][ T5074] usb 2-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  426.340487][ T5074] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  426.380992][ T5074] usb 2-1: Product: syz
[  426.391253][ T5074] usb 2-1: Manufacturer: syz
[  426.540784][ T5074] usb 2-1: SerialNumber: syz
[  426.560839][ T8304] EXT4-fs error (device loop3): ext4_ext_check_inode:501: inode #16: comm syz.3.1060: pblk 0 bad header/extent: too large eh_max - magic f30a, entries 1, max 2052(4), depth 0(0)
[  426.581337][ T8287] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  426.584213][ T8304] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.1060: couldn't read orphan inode 16 (err -117)
[  426.609669][ T8304] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  426.649691][ T8304] ext4 filesystem being mounted at /196/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  426.673079][ T8287] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  427.249219][ T5074] ums-alauda 2-1:1.214: USB Mass Storage device detected
[  427.476657][ T5074] scsi host1: usb-storage 2-1:1.214
[  427.620845][ T8320] syz.3.1060[8320] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  427.620983][ T8320] syz.3.1060[8320] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  428.381970][ T5074] usb 2-1: USB disconnect, device number 8
[  434.512950][ T8356] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1072'.
[  435.568097][ T8372] syz.2.1075[8372] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  435.568189][ T8372] syz.2.1075[8372] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  436.037100][ T8374] loop1: detected capacity change from 0 to 4096
[  436.077452][ T8361] device wireguard0 entered promiscuous mode
[  436.194710][ T8374] EXT4-fs (loop1): Test dummy encryption mode enabled
[  436.274195][ T8374] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  436.312301][ T8374] System zones: 0-5
[  436.349742][ T8374] EXT4-fs (loop1): mounted filesystem without journal. Opts: debug,delalloc,journal_ioprio=0x0000000000000000,test_dummy_encryption,nodiscard,min_batch_time=0x0000000000000004,acl,debug_want_extra_isize=0x0000000000000040,,errors=continue. Quota mode: writeback.
[  439.159503][ T8382] fscrypt (loop1): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  440.253589][ T1336] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  440.259691][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  440.267382][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  440.867079][ T8402] loop4: detected capacity change from 0 to 2048
[  440.981616][ T8406] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  441.064932][ T8405] loop1: detected capacity change from 0 to 512
[  441.322820][ T8405] EXT4-fs warning (device loop1): ext4_enable_quotas:6461: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  441.506481][ T8405] EXT4-fs (loop1): mount failed
[  442.799518][ T8429] loop4: detected capacity change from 0 to 256
[  442.970731][ T8429] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011d5f, chksum : 0x09863542, utbl_chksum : 0x000cd30d)
[  443.098830][ T8429] exFAT-fs (loop4): error, tried to truncate zeroed cluster.
[  443.138787][ T8429] exFAT-fs (loop4): Filesystem has been set read-only
[  445.210002][   T25] kauditd_printk_skb: 1 callbacks suppressed
[  445.210016][   T25] audit: type=1326 audit(1763788932.913:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8443 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  445.316503][   T25] audit: type=1326 audit(1763788932.913:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8443 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  445.399562][   T25] audit: type=1326 audit(1763788932.963:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8443 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=6 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  445.615742][   T25] audit: type=1326 audit(1763788932.963:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8443 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  445.694572][   T25] audit: type=1326 audit(1763788932.963:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8443 comm="syz.4.1096" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f4a230ea749 code=0x7ffc0000
[  446.620992][ T8459] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  447.088974][ T8463] netlink: 'syz.4.1103': attribute type 8 has an invalid length.
[  447.127471][ T8463] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1103'.
[  447.325344][ T8465] loop3: detected capacity change from 0 to 1024
[  447.347963][ T8471] device veth1_macvtap left promiscuous mode
[  447.364005][ T8471] device macsec0 entered promiscuous mode
[  447.448022][ T8465] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  447.481143][ T8465] ext4 filesystem being mounted at /206/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  447.512236][ T8479] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1108'.
[  447.566017][ T8465] EXT4-fs error (device loop3): ext4_map_blocks:739: inode #15: comm syz.3.1104: lblock 0 mapped to illegal pblock 0 (length 1)
[  447.670600][ T8465] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  447.688542][ T8465] EXT4-fs (loop3): This should not happen!! Data will be lost
[  447.688542][ T8465] 
[  449.101538][ T8490] binfmt_misc: register: failed to install interpreter file ./file2
[  449.238071][ T8492] loop4: detected capacity change from 0 to 2048
[  449.404921][ T8495] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  449.690668][ T8501] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  449.735827][ T8501] loop3: detected capacity change from 0 to 512
[  450.326848][ T8501] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  450.336179][ T8501] EXT4-fs (loop3): orphan cleanup on readonly fs
[  450.343578][ T8501] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  450.382252][ T8501] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  450.394174][ T8501] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  450.683886][ T8507] netlink: 'syz.3.1116': attribute type 8 has an invalid length.
[  450.715115][ T8507] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1116'.
[  451.097123][ T8523] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[  451.180381][ T8515] loop1: detected capacity change from 0 to 40427
[  451.249391][ T8515] F2FS-fs (loop1): invalid crc value
[  451.261669][ T8515] F2FS-fs (loop1): Found nat_bits in checkpoint
[  451.298785][ T8515] F2FS-fs (loop1): Start checkpoint disabled!
[  451.309123][ T8515] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  451.658500][ T4328] attempt to access beyond end of device
[  451.658500][ T4328] loop1: rw=2049, want=40968, limit=40427
[  452.034177][ T8541] netlink: 12 bytes leftover after parsing attributes in process `+}[@'.
[  452.076572][ T8541] loop3: detected capacity change from 0 to 512
[  452.385995][ T8541] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  452.398842][ T8541] EXT4-fs (loop3): orphan cleanup on readonly fs
[  452.411154][ T8541] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  452.427542][ T8541] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  452.443454][ T8541] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  452.814970][ T8545] loop1: detected capacity change from 0 to 2048
[  452.826534][ T8547] netlink: 'syz.0.1130': attribute type 8 has an invalid length.
[  452.835403][ T8547] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1130'.
[  453.061404][ T8555] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  453.793922][   T25] audit: type=1326 audit(1763789197.510:134): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  453.895119][   T25] audit: type=1326 audit(1763789197.510:135): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  453.977474][   T25] audit: type=1326 audit(1763789197.540:136): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.005918][   T25] audit: type=1326 audit(1763789197.540:137): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.053561][   T25] audit: type=1326 audit(1763789197.540:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.107755][ T8572] loop3: detected capacity change from 0 to 2048
[  454.135427][   T25] audit: type=1326 audit(1763789197.540:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.165093][   T25] audit: type=1326 audit(1763789197.540:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.253240][   T25] audit: type=1326 audit(1763789197.540:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.310815][   T25] audit: type=1326 audit(1763789197.540:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  454.659545][   T25] audit: type=1326 audit(1763789197.540:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8563 comm="syz.3.1134" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f038dec1749 code=0x7ffc0000
[  455.129369][ T8593] netlink: 'syz.0.1143': attribute type 8 has an invalid length.
[  455.154124][ T8593] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1143'.
[  455.519007][ T8599] loop4: detected capacity change from 0 to 2048
[  455.604784][ T8603] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  457.086052][ T8625] netlink: 'syz.3.1155': attribute type 8 has an invalid length.
[  457.129846][ T8625] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.1155'.
[  457.337505][ T8627] loop1: detected capacity change from 0 to 512
[  457.518115][ T8627] EXT4-fs (loop1): Ignoring removed nobh option
[  457.524876][ T8627] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  457.728227][ T8627] EXT4-fs (loop1): 1 truncate cleaned up
[  457.734084][ T8627] EXT4-fs (loop1): mounted filesystem without journal. Opts: barrier,nobh,stripe=0x0000000000000000,noblock_validity,,errors=continue. Quota mode: none.
[  458.417468][ T8635] netlink: 'syz.2.1160': attribute type 3 has an invalid length.
[  458.432945][ T8635] netlink: 'syz.2.1160': attribute type 3 has an invalid length.
[  458.639733][ T8638] loop4: detected capacity change from 0 to 1024
[  460.917327][   T25] kauditd_printk_skb: 5 callbacks suppressed
[  460.917341][   T25] audit: type=1326 audit(1763789716.562:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8652 comm="syz.0.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  460.930116][ T8655] loop0: detected capacity change from 0 to 2048
[  460.989137][   T25] audit: type=1326 audit(1763789716.562:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8652 comm="syz.0.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=35 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  461.012630][   T25] audit: type=1326 audit(1763789716.562:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8652 comm="syz.0.1164" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  461.021827][ T8638] EXT4-fs error (device loop4): ext4_map_blocks:739: inode #3: block 1: comm syz.4.1156: lblock 1 mapped to illegal pblock 1 (length 1)
[  461.061909][ T8638] Quota error (device loop4): write_blk: dquota write failed
[  461.126631][ T8660] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  461.161408][ T8638] Quota error (device loop4): find_free_dqentry: Can't write quota data block 1
[  461.237225][ T8638] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  461.311569][ T8638] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.1156: Failed to acquire dquot type 0
[  461.362289][ T8638] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm syz.4.1156: lblock 1 mapped to illegal pblock 1 (length 1)
[  461.449105][ T8638] Quota error (device loop4): do_insert_tree: Can't read tree quota block 1
[  461.492035][ T8638] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[  461.514703][ T8638] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.1156: Failed to acquire dquot type 0
[  461.536927][   T25] audit: type=1326 audit(1763789717.242:152): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8669 comm="syz.1.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f77682c8749 code=0x7ffc0000
[  461.586860][   T25] audit: type=1326 audit(1763789717.272:153): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8669 comm="syz.1.1172" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f77682c6f90 code=0x7ffc0000
[  461.616086][ T8638] EXT4-fs error (device loop4): ext4_free_blocks:6218: comm syz.4.1156: Freeing blocks not in datazone - block = 0, count = 4096
[  461.654671][ T8638] EXT4-fs error (device loop4): ext4_map_blocks:629: inode #3: block 1: comm syz.4.1156: lblock 1 mapped to illegal pblock 1 (length 1)
[  461.677212][ T8672] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1173'.
[  461.723842][ T8638] EXT4-fs error (device loop4): ext4_acquire_dquot:6209: comm syz.4.1156: Failed to acquire dquot type 0
[  461.744070][ T8638] EXT4-fs (loop4): 1 orphan inode deleted
[  461.749930][ T8638] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  462.047007][ T8659] loop3: detected capacity change from 0 to 40427
[  462.104231][ T8676] loop1: detected capacity change from 0 to 40427
[  462.168370][ T8659] F2FS-fs (loop3): build fault injection attr: rate: 690, type: 0x1ffff
[  462.183551][ T8676] F2FS-fs (loop1): invalid crc value
[  462.285016][ T8676] F2FS-fs (loop1): Found nat_bits in checkpoint
[  462.306170][ T8659] F2FS-fs (loop3): invalid crc value
[  462.321509][ T8676] F2FS-fs (loop1): Start checkpoint disabled!
[  464.409084][ T8659] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  464.453035][ T8689] loop0: detected capacity change from 0 to 1024
[  464.542330][ T8676] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  465.026526][ T8704] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1184'.
[  465.029493][ T4280] attempt to access beyond end of device
[  465.029493][ T4280] loop1: rw=2049, want=45104, limit=40427
[  466.184221][ T8714] netlink: 'syz.4.1188': attribute type 8 has an invalid length.
[  466.375898][ T8714] netlink: 199836 bytes leftover after parsing attributes in process `syz.4.1188'.
[  467.814459][ T8733] loop1: detected capacity change from 0 to 2048
[  467.867741][ T8738] overlayfs: failed to clone upperpath
[  467.943083][ T8741] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  468.075844][ T8745] loop0: detected capacity change from 0 to 1024
[  469.535077][ T8775] loop4: detected capacity change from 0 to 1024
[  469.826567][ T8779] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1208'.
[  470.423572][ T8778] loop3: detected capacity change from 0 to 128
[  471.005862][ T8783] loop0: detected capacity change from 0 to 512
[  471.013220][ T8784] netlink: 'syz.1.1201': attribute type 8 has an invalid length.
[  471.026161][ T8784] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1201'.
[  471.217011][ T8783] EXT4-fs (loop0): can't mount with journal_checksum, fs mounted w/o journal
[  471.460196][ T8795] loop0: detected capacity change from 0 to 512
[  471.546565][ T8795] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=684ec018, mo2=0002]
[  471.617081][ T8803] fuse: Unknown parameter 'user_i00000000000000000000'
[  471.736340][ T8795] System zones: 0-2, 18-18, 34-34
[  471.892094][ T8795] EXT4-fs (loop0): orphan cleanup on readonly fs
[  472.241152][ T8795] EXT4-fs error (device loop0): ext4_orphan_get:1427: comm syz.0.1215: bad orphan inode 13
[  472.301717][ T8795] ext4_test_bit(bit=12, block=18) = 1
[  472.307202][ T8795] is_bad_inode(inode)=0
[  472.366312][ T8795] NEXT_ORPHAN(inode)=2130706432
[  472.416714][ T8795] max_ino=32
[  472.419938][ T8795] i_nlink=1
[  472.423802][ T8795] EXT4-fs (loop0): mounted filesystem without journal. Opts: debug,discard,usrquota,noinit_itable,inode_readahead_blks=0x0000000000000010,,errors=continue. Quota mode: writeback.
[  472.569728][ T8814] loop1: detected capacity change from 0 to 512
[  473.216852][ T8823] netlink: 'syz.2.1223': attribute type 8 has an invalid length.
[  473.271159][ T8814] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  473.280115][ T8814] EXT4-fs (loop1): orphan cleanup on readonly fs
[  473.287919][ T8814] EXT4-fs error (device loop1): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  473.306762][ T8814] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  473.318767][ T8814] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  473.371211][ T8823] netlink: 199836 bytes leftover after parsing attributes in process `syz.2.1223'.
[  473.599454][ T8830] netlink: 'syz.3.1224': attribute type 12 has an invalid length.
[  473.915124][ T8838] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  474.625728][ T8825] loop4: detected capacity change from 0 to 40427
[  474.860655][ T8825] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  474.886602][ T8825] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  475.105833][ T8825] F2FS-fs (loop4): invalid crc value
[  475.359923][ T8825] F2FS-fs (loop4): Found nat_bits in checkpoint
[  475.673030][ T8825] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  475.680176][ T8825] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  477.687111][ T8888] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  478.614134][ T8896] netlink: 'syz.0.1244': attribute type 8 has an invalid length.
[  478.631070][ T8896] netlink: 199836 bytes leftover after parsing attributes in process `syz.0.1244'.
[  480.096968][ T8917] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  480.959073][ T8931] netlink: 'syz.1.1255': attribute type 8 has an invalid length.
[  481.015872][ T8931] netlink: 199836 bytes leftover after parsing attributes in process `syz.1.1255'.
[  485.316837][ T8977] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  486.390069][ T8986] syz.3.1270[8986] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  486.390161][ T8986] syz.3.1270[8986] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  486.437763][ T8988] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1272'.
[  487.548925][ T4234] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  487.653331][ T9008] tipc: Enabling of bearer <udp:£> rejected, already enabled
[  487.851048][ T4234] usb 5-1: Using ep0 maxpacket: 16
[  487.937549][ T9012] loop1: detected capacity change from 0 to 512
[  487.991566][ T4234] usb 5-1: config 1 has an invalid interface number: 214 but max is 0
[  488.007999][ T9012] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  488.018649][ T4234] usb 5-1: config 1 has no interface number 0
[  488.037564][ T4234] usb 5-1: config 1 interface 214 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  488.071144][ T4234] usb 5-1: config 1 interface 214 altsetting 2 bulk endpoint 0x81 has invalid maxpacket 64
[  488.105882][ T9012] EXT4-fs (loop1): Cannot turn on journaled quota: type 0: error -13
[  488.118331][ T4234] usb 5-1: config 1 interface 214 has no altsetting 0
[  488.129953][ T9012] EXT4-fs error (device loop1): ext4_clear_blocks:883: inode #13: comm syz.1.1281: attempt to clear invalid blocks 2 len 1
[  488.208682][ T9012] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  488.246210][ T9012] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1281: invalid indirect mapped block 1819239214 (level 0)
[  488.261965][ T9012] EXT4-fs error (device loop1): ext4_free_branches:1030: inode #13: comm syz.1.1281: invalid indirect mapped block 1819239214 (level 1)
[  488.289611][ T9012] EXT4-fs (loop1): 1 truncate cleaned up
[  488.297642][ T9012] EXT4-fs (loop1): mounted filesystem without journal. Opts: nodioread_nolock,init_itable=0x0000000000000004,mblk_io_submit,minixdf,jqfmt=vfsv0,usrjquota=..,errors=continue. Quota mode: writeback.
[  488.334457][ T4234] usb 5-1: New USB device found, idVendor=07b4, idProduct=010a, bcdDevice= 1.02
[  488.348180][ T4234] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  488.358611][ T4234] usb 5-1: Product: syz
[  488.375082][ T4234] usb 5-1: Manufacturer: syz
[  488.379704][ T4234] usb 5-1: SerialNumber: syz
[  488.456921][ T8999] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  488.469247][ T8999] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  488.517166][ T4234] ums-alauda 5-1:1.214: USB Mass Storage device detected
[  488.604202][ T4234] scsi host1: usb-storage 5-1:1.214
[  489.281527][ T1336] usb 5-1: USB disconnect, device number 10
[  490.713337][ T9052] device ip6gre4 entered promiscuous mode
[  492.273695][ T9084] loop1: detected capacity change from 0 to 40427
[  492.346661][ T9084] F2FS-fs (loop1): invalid crc value
[  492.367123][ T9084] F2FS-fs (loop1): Found nat_bits in checkpoint
[  492.415312][ T9084] F2FS-fs (loop1): Start checkpoint disabled!
[  492.431095][ T9084] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  492.471031][ T1336] hid-generic FFFF:0008:0003.0011: item fetching failed at offset 0/2
[  492.505974][ T1336] hid-generic: probe of FFFF:0008:0003.0011 failed with error -22
[  492.511404][ T9097] loop0: detected capacity change from 0 to 1024
[  492.650715][ T9097] EXT4-fs error (device loop0): ext4_map_blocks:739: inode #3: block 1: comm syz.0.1310: lblock 1 mapped to illegal pblock 1 (length 1)
[  492.670728][ T9097] __quota_error: 20 callbacks suppressed
[  492.670770][ T9097] Quota error (device loop0): write_blk: dquota write failed
[  492.710489][ T9097] Quota error (device loop0): find_free_dqentry: Can't write quota data block 1
[  492.790341][ T9097] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  492.811183][ T9097] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.1310: Failed to acquire dquot type 0
[  492.823260][ T9097] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 1: comm syz.0.1310: lblock 1 mapped to illegal pblock 1 (length 1)
[  492.838714][ T9097] Quota error (device loop0): do_insert_tree: Can't read tree quota block 1
[  492.848050][ T9097] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  492.860993][ T9097] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.1310: Failed to acquire dquot type 0
[  492.910110][ T9097] EXT4-fs error (device loop0): ext4_free_blocks:6218: comm syz.0.1310: Freeing blocks not in datazone - block = 0, count = 4096
[  492.969945][ T4328] attempt to access beyond end of device
[  492.969945][ T4328] loop1: rw=2049, want=40968, limit=40427
[  492.981644][ T9097] EXT4-fs error (device loop0): ext4_map_blocks:629: inode #3: block 1: comm syz.0.1310: lblock 1 mapped to illegal pblock 1 (length 1)
[  493.038278][ T9097] Quota error (device loop0): do_insert_tree: Can't read tree quota block 1
[  493.048027][ T9097] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  493.094166][ T9097] EXT4-fs error (device loop0): ext4_acquire_dquot:6209: comm syz.0.1310: Failed to acquire dquot type 0
[  493.161130][ T9097] EXT4-fs (loop0): 1 orphan inode deleted
[  493.181339][ T9097] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  493.434955][   T25] audit: type=1326 audit(1763789749.142:172): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.0.1310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  493.457234][ T1336] usb 5-1: new high-speed USB device number 11 using dummy_hcd
[  493.474919][   T25] audit: type=1326 audit(1763789749.142:173): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.0.1310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  493.720920][   T25] audit: type=1326 audit(1763789749.142:174): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9096 comm="syz.0.1310" exe="/root/syz-executor" sig=0 arch=c000003e syscall=424 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  494.291200][ T1336] usb 5-1: Using ep0 maxpacket: 8
[  494.433412][ T1336] usb 5-1: config 0 has an invalid interface number: 234 but max is 0
[  494.457779][ T1336] usb 5-1: config 0 has no interface number 0
[  495.511551][ T1336] usb 5-1: New USB device found, idVendor=0460, idProduct=0008, bcdDevice= d.5e
[  496.535473][ T1336] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  496.545008][ T1336] usb 5-1: Product: syz
[  496.549639][ T1336] usb 5-1: Manufacturer: syz
[  496.554520][ T1336] usb 5-1: SerialNumber: syz
[  496.653016][ T1336] usb 5-1: config 0 descriptor??
[  496.682972][ T1336] usb 5-1: can't set config #0, error -71
[  496.690185][ T1336] usb 5-1: USB disconnect, device number 11
[  497.021160][ T4234] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  497.760284][ T9165] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1334'.
[  497.891189][ T4234] usb 2-1: Using ep0 maxpacket: 8
[  497.929010][ T9172] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1336'.
[  498.821130][ T4234] usb 2-1: config 1 has an invalid interface number: 6 but max is 2
[  498.829158][ T4234] usb 2-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[  498.838259][ T4234] usb 2-1: config 1 has 4 interfaces, different from the descriptor's value: 3
[  498.861021][ T4234] usb 2-1: config 1 has no interface number 3
[  498.867132][ T4234] usb 2-1: too many endpoints for config 1 interface 6 altsetting 29: 147, using maximum allowed: 30
[  498.878354][ T4234] usb 2-1: config 1 interface 6 altsetting 29 has an invalid endpoint descriptor of length 4, skipping
[  498.894638][ T4234] usb 2-1: config 1 interface 6 altsetting 29 has 1 endpoint descriptor, different from the interface descriptor's value: 147
[  498.909911][ T4234] usb 2-1: config 1 interface 2 altsetting 1 endpoint 0x82 has an invalid bInterval 202, changing to 7
[  498.925928][ T4234] usb 2-1: config 1 interface 6 has no altsetting 0
[  498.932804][ T4234] usb 2-1: config 1 interface 1 has no altsetting 0
[  499.334600][ T9196] loop3: detected capacity change from 0 to 512
[  499.902462][ T4234] usb 2-1: string descriptor 0 read error: -22
[  499.908736][ T4234] usb 2-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  499.925015][ T4234] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  499.951273][ T4234] usb 2-1: can't set config #1, error -71
[  499.958473][ T4234] usb 2-1: USB disconnect, device number 9
[  499.966263][ T9196] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  499.975538][ T9196] EXT4-fs (loop3): orphan cleanup on readonly fs
[  499.983479][ T9196] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #16: comm +}[@: iget: bad extended attribute block 1661952
[  499.996473][ T9196] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm +}[@: couldn't read orphan inode 16 (err -117)
[  500.008743][ T9196] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  500.087302][   T25] kauditd_printk_skb: 2 callbacks suppressed
[  500.087341][   T25] audit: type=1326 audit(1763789755.792:177): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.251361][   T25] audit: type=1326 audit(1763789755.952:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=94 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.356946][   T25] audit: type=1326 audit(1763789755.952:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.411072][   T25] audit: type=1326 audit(1763789755.952:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.511583][   T25] audit: type=1326 audit(1763789755.962:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.551157][ T9221] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  500.559247][   T25] audit: type=1326 audit(1763789755.962:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.629594][   T25] audit: type=1326 audit(1763789755.962:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=222 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.683544][   T25] audit: type=1326 audit(1763789755.962:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.771236][   T25] audit: type=1326 audit(1763789755.962:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=22 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.795386][   T25] audit: type=1326 audit(1763789755.962:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9206 comm="syz.0.1349" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe244dc1749 code=0x7ffc0000
[  500.977933][   T26] hid-generic FFFF:0008:0003.0012: item fetching failed at offset 0/2
[  500.997139][   T26] hid-generic: probe of FFFF:0008:0003.0012 failed with error -22
[  501.301608][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  501.314488][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  501.420999][ T9199] loop4: detected capacity change from 0 to 40427
[  501.813721][ T9199] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  501.879023][ T9199] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  502.110896][ T9245] loop3: detected capacity change from 0 to 1024
[  502.194745][ T9199] F2FS-fs (loop4): Found nat_bits in checkpoint
[  502.310313][ T9199] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  502.323511][ T9199] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  502.935824][ T9245] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  502.981400][ T9245] ext4 filesystem being mounted at /268/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  503.018025][ T9245] EXT4-fs error (device loop3): ext4_free_blocks:6218: comm syz.3.1362: Freeing blocks not in datazone - block = 0, count = 16
[  503.505228][ T9281] fuse: Unknown parameter '0x000000000000000b'
[  504.432335][ T9284] loop3: detected capacity change from 0 to 4096
[  504.613872][ T9284] EXT4-fs (loop3): Test dummy encryption mode enabled
[  506.585188][ T9284] EXT4-fs: failed to create workqueue
[  506.615078][ T9284] EXT4-fs (loop3): mount failed
[  506.633396][   T25] kauditd_printk_skb: 84 callbacks suppressed
[  506.633410][   T25] audit: type=1326 audit(1763789762.342:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9301 comm="syz.1.1377" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f77682c8749 code=0x0
[  507.448643][ T9321] device ip6gre3 entered promiscuous mode
[  507.585267][ T9326] fuse: Unknown parameter '0x000000000000000b'
[  508.325057][ T9336] loop3: detected capacity change from 0 to 1024
[  508.474802][ T9336] EXT4-fs (loop3): Ignoring removed orlov option
[  508.853782][ T9336] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,min_batch_time=0x0000000000000004,,errors=continue. Quota mode: writeback.
[  509.049079][   T25] audit: type=1800 audit(1763789764.752:272): pid=9336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1389" name="bus" dev="loop3" ino=18 res=0 errno=0
[  509.086084][   T25] audit: type=1804 audit(1763789764.782:273): pid=9354 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.1389" name="/newroot/273/bus/bus" dev="loop3" ino=18 res=1 errno=0
[  509.154386][   T25] audit: type=1326 audit(1763789764.832:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  509.288676][   T25] audit: type=1326 audit(1763789764.832:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  509.327888][   T25] audit: type=1326 audit(1763789764.832:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  509.405014][   T25] audit: type=1326 audit(1763789764.832:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  509.439713][   T25] audit: type=1326 audit(1763789764.832:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9355 comm="syz.2.1394" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb8ce7f2749 code=0x7ffc0000
[  614.600966][    C1] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  614.607980][    C1] 	(detected by 1, t=10502 jiffies, g=34397, q=2)
[  614.614391][    C1] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294998599-4294988097), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  614.627749][    C1] rcu: rcu_preempt kthread starved for 10502 jiffies! g34397 f0x0 RCU_GP_ONOFF(3) ->state=0x0 ->cpu=1
[  614.638683][    C1] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  614.648643][    C1] rcu: RCU grace-period kthread stack dump:
[  614.654522][    C1] task:rcu_preempt     state:R  running task     stack:26272 pid:   15 ppid:     2 flags:0x00004000
[  614.665308][    C1] Call Trace:
[  614.668583][    C1]  <TASK>
[  614.671511][    C1]  __schedule+0x11bb/0x4390
[  614.676025][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  614.682014][    C1]  ? lock_chain_count+0x20/0x20
[  614.686875][    C1]  ? release_firmware_map_entry+0x190/0x190
[  614.692772][    C1]  ? preempt_schedule+0xa7/0xb0
[  614.697619][    C1]  preempt_schedule_common+0x82/0xd0
[  614.702904][    C1]  preempt_schedule+0xa7/0xb0
[  614.707575][    C1]  ? schedule_preempt_disabled+0x20/0x20
[  614.713205][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  614.718225][    C1]  ? lock_chain_count+0x20/0x20
[  614.723073][    C1]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  614.728443][    C1]  preempt_schedule_thunk+0x16/0x18
[  614.733643][    C1]  _raw_spin_unlock+0x36/0x40
[  614.738339][    C1]  rcu_gp_init+0x25a/0x10e0
[  614.742855][    C1]  ? lock_chain_count+0x20/0x20
[  614.747734][    C1]  ? rcu_gp_cleanup+0x97c/0xa90
[  614.752579][    C1]  ? rcu_gp_kthread+0x350/0x350
[  614.757438][    C1]  ? _raw_spin_unlock_irq+0x1f/0x40
[  614.762639][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  614.767841][    C1]  rcu_gp_kthread+0x164/0x350
[  614.772519][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  614.777623][    C1]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  614.783515][    C1]  ? __kthread_parkme+0x157/0x1b0
[  614.788542][    C1]  kthread+0x436/0x520
[  614.792602][    C1]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  614.797707][    C1]  ? kthread_blkcg+0xd0/0xd0
[  614.802296][    C1]  ret_from_fork+0x1f/0x30
[  614.806722][    C1]  </TASK>
[  614.809734][    C1] rcu: Stack dump where RCU GP kthread last ran:
[  614.816043][    C1] NMI backtrace for cpu 1
[  614.820360][    C1] CPU: 1 PID: 9366 Comm: syz.3.1399 Not tainted syzkaller #0
[  614.827723][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  614.837769][    C1] Call Trace:
[  614.841045][    C1]  <IRQ>
[  614.843897][    C1]  dump_stack_lvl+0x168/0x230
[  614.848582][    C1]  ? show_regs_print_info+0x20/0x20
[  614.853784][    C1]  ? load_image+0x3b0/0x3b0
[  614.858288][    C1]  ? irq_work_queue+0xbf/0x140
[  614.863052][    C1]  nmi_cpu_backtrace+0x397/0x3d0
[  614.867988][    C1]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  614.874137][    C1]  ? _printk+0xcc/0x110
[  614.878293][    C1]  ? cpu_online+0x1d/0x30
[  614.882618][    C1]  ? load_image+0x3b0/0x3b0
[  614.887115][    C1]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  614.893179][    C1]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  614.899159][    C1]  rcu_check_gp_kthread_starvation+0x1cd/0x250
[  614.905314][    C1]  print_other_cpu_stall+0x10c8/0x1220
[  614.910783][    C1]  ? print_cpu_stall+0x5f0/0x5f0
[  614.915737][    C1]  ? timekeeping_advance+0x7f6/0xac0
[  614.921030][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  614.926073][    C1]  rcu_sched_clock_irq+0x831/0x1110
[  614.931270][    C1]  ? rcutree_dead_cpu+0x20/0x20
[  614.936132][    C1]  ? account_process_tick+0x227/0x3a0
[  614.941498][    C1]  update_process_times+0x193/0x200
[  614.946705][    C1]  tick_sched_timer+0x37d/0x560
[  614.951571][    C1]  __hrtimer_run_queues+0x4fe/0xc40
[  614.956784][    C1]  ? tick_setup_sched_timer+0x2c0/0x2c0
[  614.962340][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  614.967462][    C1]  ? ktime_get_update_offsets_now+0x3ce/0x3e0
[  614.973531][    C1]  hrtimer_interrupt+0x3bb/0x8d0
[  614.978486][    C1]  __sysvec_apic_timer_interrupt+0x137/0x4a0
[  614.984468][    C1]  sysvec_apic_timer_interrupt+0x9b/0xc0
[  614.990098][    C1]  </IRQ>
[  614.993020][    C1]  <TASK>
[  614.995941][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  615.002149][    C1] RIP: 0010:_raw_spin_unlock_irq+0x25/0x40
[  615.007958][    C1] Code: f6 ff 0f 1f 00 53 48 89 fb 48 83 c7 18 48 8b 74 24 08 e8 de 9e a9 f7 48 89 df e8 a6 73 aa f7 e8 41 0d cb f7 fb bf 01 00 00 00 <e8> 76 95 9e f7 65 8b 05 07 93 4f 76 85 c0 74 02 5b c3 e8 b4 9d 4d
[  615.027563][    C1] RSP: 0018:ffffc90002e1fcf0 EFLAGS: 00000286
[  615.033636][    C1] RAX: 09642bed46509400 RBX: ffff888058eb65c0 RCX: 09642bed46509400
[  615.041622][    C1] RDX: dffffc0000000000 RSI: ffffffff8a0b1c60 RDI: 0000000000000001
[  615.049596][    C1] RBP: ffffc90002e1ff10 R08: dffffc0000000000 R09: ffffed100b1d6cb9
[  615.057578][    C1] R10: ffffed100b1d6cb9 R11: 1ffff1100b1d6cb8 R12: ffff88801a390000
[  615.065555][    C1] R13: 1ffff920005c3ffe R14: 1ffff920005c3fa8 R15: ffffc90002e1fff0
[  615.073642][    C1]  __ia32_sys_rt_sigreturn+0x184/0x790
[  615.079119][    C1]  ? load_gs_index+0x120/0x120
[  615.083885][    C1]  ? __context_tracking_exit+0x4c/0x80
[  615.089365][    C1]  ? __lock_acquire+0x7c60/0x7c60
[  615.094404][    C1]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  615.100387][    C1]  ? lock_chain_count+0x20/0x20
[  615.105242][    C1]  ? vtime_user_exit+0x2dc/0x400
[  615.110189][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  615.115399][    C1]  do_syscall_64+0x4c/0xa0
[  615.119811][    C1]  ? clear_bhb_loop+0x30/0x80
[  615.124504][    C1]  ? clear_bhb_loop+0x30/0x80
[  615.129177][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  615.135067][    C1] RIP: 0033:0x7f038de5d829
[  615.139479][    C1] Code: 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 90 66 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 c7 c0 0f 00 00 00 0f 05 <0f> 1f 80 00 00 00 00 48 81 ec 48 01 00 00 49 89 d0 64 48 8b 04 25
[  615.159096][    C1] RSP: 002b:00007ffcbd3e6a40 EFLAGS: 00000206 ORIG_RAX: 000000000000000f
[  615.167521][    C1] RAX: ffffffffffffffda RBX: 00007f038e118308 RCX: 00007f038de5d829
[  615.175488][    C1] RDX: 00007ffcbd3e6a40 RSI: 00007ffcbd3e6b70 RDI: 0000000000000021
[  615.183454][    C1] RBP: 0000000000000003 R08: 00007f038e117fa0 R09: 00007ffcbd3e7457
[  615.191420][    C1] R10: 0000000000000008 R11: 0000000000000206 R12: 00007f038e11827c
[  615.199383][    C1] R13: 00007f038e118270 R14: 0000000000000af5 R15: 0000000000000003
[  615.207363][    C1]  </TASK>