last executing test programs:

20m26.099640898s ago: executing program 1 (id=532):
syz_init_net_socket$ax25(0x3, 0x3, 0xcc)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000000), 0xa000)
syz_clone(0x99a1cfb1edd42446, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$int_in(0xffffffffffffffff, 0x40000000af01, 0x0)
socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, 0x0)
ioctl$VHOST_NET_SET_BACKEND(0xffffffffffffffff, 0x4008af30, &(0x7f00000003c0)={0x1})
bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfff}, 0x94)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x8090)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x10)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000001c0)='mmap_lock_acquire_returned\x00', r2}, 0x10)
madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0xc)
r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000080)='/sys/kernel/mm/ksm/run\x00', 0x1, 0x0)
write$sysctl(r3, &(0x7f0000000000)='2\x00', 0x2)

20m22.661764287s ago: executing program 1 (id=539):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
add_key(&(0x7f00000001c0)='encrypted\x00', 0x0, 0x0, 0x0, 0xfffffffffffffffd)
pread64(r0, 0x0, 0x0, 0x7fff)
socket(0x200000000000011, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="70000000100003040000800000000000000074", @ANYRES8=r3], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)
tee(r0, 0xffffffffffffffff, 0xf, 0x0)
r4 = getpid()
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x7)
syz_open_procfs(r4, 0x0)
r5 = syz_open_dev$vim2m(0x0, 0x9, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r5, 0xc0405602, &(0x7f0000000a80)={0x7fff, 0xd, 0x3, "134600cea4dd512d97d4188cbf770637bc747721f37af54dd1dc03030096c337", 0x35323645})
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8003, &(0x7f0000000000)=0xd, 0x8, 0x0)
r6 = openat$apparmor_thread_current(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
write$apparmor_current(r6, &(0x7f0000000280)=@profile={'permprofile ', ':\xf4\xf9\x90N\x7f\xdb65\xa7\r#\xc7>\xea\xf2:?P2\x80\b\f\xa2b0f\x8a\xd9\xdc\xf8\xb0a\"\x8f\x85\x99\xd3NE\b}!\xaaVu\x9e\x16Q\xb3\xddF{\xde\xf3\x90\xc7m'}, 0x46)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x0)

20m20.100159793s ago: executing program 1 (id=542):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60)
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r4, 0x4400ae8f, 0x0)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r5, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

20m16.633925706s ago: executing program 1 (id=547):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x200000000000008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000000007910480000000000610400000000000095000080"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x48)
close(r3)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000029c0)={0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xe, 0x4, &(0x7f0000000540)=ANY=[@ANYBLOB="b4050000fdff7f006110580000000000c60000000000000095000000000000009f33ef60916e6e713f1eeb0b725ad99b817fd98cd8073a46b08b94214d816f770600dcca55f21f3ca9e822d182054d54d53cd2b6db714e4beb4147000001000000008f2b9000f22425e4097ed62cbc891061017cfa6f6148a1c1e43f00001bde60beac671e8e8fdecb03588aa623fa71f31bf0f871ab5c2ff88afc60027f4e5b5271ed58e835cf0d0000000098b51fe68db8d9dbe87dcff414ed000000000000000000000000000000000000000000000000000000b347abe6352a080f8140e5fd10747b6ecdb3542646bf636e3d6e700e5b0500000000000000eb9e1403e6c8f7a187eaf60f3a17f0f046a307a403c19d9829c90bd2114252581567acae715cbe1b57d5cda432c5b910400623d24195405f2e76ccb7b37b41215c184e731fb1"], &(0x7f0000003ff6)='GPL\x00', 0x4, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x366, 0x10, &(0x7f0000000000), 0x1dd}, 0x48)
r6 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="0f000000040000000400000012"], 0x48)
bpf$BPF_PROG_DETACH(0x8, &(0x7f00000002c0)=ANY=[@ANYRES32=r6, @ANYRES32=r5, @ANYRES32], 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000000c0)={{r6}, &(0x7f0000000000), &(0x7f0000000080)=r3}, 0x20)
sendmsg$inet(r4, &(0x7f0000000500)={0x0, 0x4003e80, &(0x7f0000001740)=[{&(0x7f0000000280)='>', 0x20000281}], 0x1}, 0x0)

20m14.583595677s ago: executing program 1 (id=549):
r0 = memfd_create(&(0x7f0000000b40)='\x9d#\x00\xe6Z\x00\xafq%\xa5\x83\xa6\xb5\x00\x83y\xf3\xb2\xe6b \x00\x00\x00\x00\x00\x00\x01\x00\x00\xf7\xffg\xf5\x12oP\xfe\xe6\xd2SLR\xa1\x00\x00\x17\x1f$^\xe1\x00\x00\x00\x00\x00\x00\a\xff;\xeb\xf1\xd0\xce\xe5\x19\x12\b\x01\xd9\xae>/\x05\x00\x00\x00\x15\x00\x00\x00\xa1\xa2\xe0g\x98\xbf*\xdcc\x12.\xb7\xbe`\'\xcb\xb6\xaf\xdc\xa0D\x93.\xf25\x957\xec\xfb\xe6|\\\xe4h\xfc\x14\x05\x00\xfd\xc7\x00\x00\x00\x00\x91\x98\x15\xec\xdb\xaa\t9\x11\xb4h$&0\xdd\x19\x86\x90\xbe\xd7\xdc\n\xcbC\x15\xfcp\x11\xdai\f{a?\xd0\xe1{\x84\xb5\x82q\x19\xacS\x88|\x99\xfd\x9eS\x80\xcb\x14G\xfa\xff\xff\xff\xff\xff\xff\xff\xcd\xf0%\x97!\xba\xe3J\xc2t\x96\xf8\xb1\xd2\x168\xbf`$\xbf\xca\xea\xa3\x83\x8e-k\x12\xdf\xb9\xb6Pr\xd4\xb5X\\\xdbD\n\x03G\x00\x04\x00\x00\xbc\xac\x18\xba\xce\xb3%QF\x03\b\x9dh\xcb)\xf4f\x12[\xf9\r\t\xef{h\xb0\xc0:\x8f|\x8f\x06\xf8T\x826`M\x11\x1c\xb0*8\v\x1e\xcf\x03\xd3\xe8,?P\xac\x86\x13b\xa8D\x0f\x93\xab\x1c\x11\x00\xc5\x8d\x82\x9c\xd6B[\xc9\x00\xf5]\x81\xf3\xfd\x06M\xbe\xf9\xba\x9em\xe9\"\x03\x933P\x9b\xcc\x9b\f\xa7\x8f9\x988\tgC\xbc\xe0\xc5\xf4\xe0E%\xd9\xd8w\x00k\x042Y\xd9\xc5\xe59\xa95\xd1m\xd8hCuZYi\x10D\xb9\xe6\xff\x04K%yH\xe5\xf4\x8b\x03Ca8\x1e\xe9\\#\xf8O\fw\xd9\xf5cF\xcc\x1a2ex\xb4\x0fi$\x97\x81.\x02\x04m\xfbT2\xd4\"\x1e\xf0\x16\x0f\x97\xe6j}J\xca\xb8)f\xd5\xfd>\x9bU\xb0\x03Zt0\xc0b\xad\xef@o\xc1\xd6\x17T\f\xc30\xe2\x89\xf6L\x1b1\x9c\t\xa7\x80\x1b:\xbb\x04\xd7\xd1\x06\xa0\xe9\xbah\xb6\xb2\xea/{Q\xca\x14\x13\x9ajWt\xc9\xecd\r\xd5)\x1d\xaf\n\xc0\xc1\x1d}DY\x95&\xe7\xf4U\xff\xcd&\a\x9f\x1bg\xe5|~\xc1\xc5n\x12%ur\xa1\x9e`\xc2\x01\b,\x18\xaf\xccD\xdeag\xc6\xf3\xd6\x94\x9d\xae\x8bl\xee\x7fu\xe5bu\x84\x04\xb3@\xa1\xf7\xc6\x13\xf9I\xfa\x12\xfc\x96\",aT\xfd\"\x01\x92\xb1\xbf\x8a\x15\x88\xfd\x8f\x88\x87\x82\x9c:L\xd2\xb8\xfa5\x066\x82\xf3_LUr\xfa\xd2\x99d \x97c9G\x99\xe3\xcc$\x96cu\x97\xe7\xc7a\tm\xe8F\xc7j\xf8\x98\x81\xe7\xf7\xab3F\xf4u\xdaav\xd21\v\x99HG\xdfx\x1cPl\t#\xc1\x8e\xddW\x00'/667, 0xe)
fcntl$addseals(r0, 0x409, 0xc)
syz_mount_image$udf(&(0x7f00000002c0), &(0x7f0000000080)='./file0\x00', 0x4006, &(0x7f0000002440)=ANY=[], 0xff, 0xc13, &(0x7f0000002140)="$eJzs3U9sHNd5APDvDUmRkotk61iykxrB2gUcVWlUkootGwxQq2aJplFs1hSTNu7BK5FSt6KWC5JyZKNN1JMPLVA2BXppChQtUhg9BCyKHNpTChTolShyKwqoaeq6KArsIUYuhVnM7FtxSVGWaoqi/vx+gPTNznxv5s17o5nZeTtQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAARv/TLp0bH0n7XAgC4m16eeXV03PUfAB4qZ3z/BwAAAAAAAAAAAACAe12KIt6LFF9/spNerz53jZxuti5fmZ2c2rnYwVSVHKjyyz8jY+MnPv/scyef78UPL3+nfTJemTlzqv7S4qX20vzy8vxcfbbVPLc4N3/ba9ht+e2OVQ1Qv3Tx8tz588v18eMntiy+Unt3+JEjtYmTY68d7uXOTk5NzfTlDA595K3f4GZveByIIs5HiovvvJcaEVHE7tviFsfOXjtY7cSxaidmJ6eqHVloNlor5cLpXkMUEbW+Qi/22ugu9MWu1COultUvK3ys3L2ZdmOpcXZhvj7dWFpprjQXW9OpW9tUpRfxfIpoR0Rn+MbVDUUR34gUb3+7k85GxECvHT5bvRh86/oUe7CPt2EwImpDEevFfdBn97DhKOK7keJb3xyNc7ldq2Z7JuLLZTwScbmM1yJWy/jpiFQeII9FvL/D8cT9ZTCK+P1I8eOJTprr9X11Xjn9lfoXW+cX+3J755X7/vpwN93j56aRKKJRnfE76aPf7AAAAAAAcO8p4o8ixVM/OJra0T+m2GxdqJ9pnF3oPhXuPfuv51IbGxsbtdSNozlO59jOcTXHtRzXyxibK6gVuXyO0zm2c1zNcS3H9Rw7OdYGcvkcp3Ns57ia41qO6zl2cqwN5vI5Tg9WNbvazp9Xc1zLcT3HzuB+9BMAAAAAAAAA3NzBKOKrkeKZX3ijeq84qvfSPz5x8tXjv9r/zvgTt1hPmXs8ItaK23sn90B+dXg6Tae0T+8Q033/73fz+3+/t9+VAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9lURRTwdKd74XidFioh6xOvRjdeG97t2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAnTCSing/UvzJl0aqz+tFxNci4oONDzYi4toHG3fafu8xAAAAAAAAADyAUhFvRoqnX+2kWkRcqb07/MiR2sTJsdcOD8RApDKlP/+VmTOn6i8tXmovzS8vz8/VZ1vNc4tz87e7uZHTzdblK7OTU3uyM7d0cI/rf3DkpcX2m0vNC7+1suPyQyOnzi6vLDXO7bw4DkYRUe+fc6yq8OzkVFXphWajVRWdTrdbYwAAAAAAAAAeBkOpiA8ixdt/9c71cefB7pj/4Pbc73whosjTk3n8+fowdPW7gY9VvxvoTn984uSvjX+qf3rHIetj1YB6fXZyamqmb/bg0I2pI3m7o7vbZfqU/b8SKf7gz+rpqTxva/8PXM/9zu9s9vfV7Su6SZ//P/p/S4/3+v+n++aV20ypiL+JFD/z60/EU1U9D8UNv5nIeV+KFL+x9mTOiwNl3tN5+aPV3yPnmwvzo2XulUjxD5e35j6Tcz+xmTt2u+16vyj7/+lI8d+/uXa9bXL/5x7Y7LX+/v/U9qNj9/2/47//R/vm1fJ2f/bO7DoRsfzmWxcbCwvzSw/jxMC9UQ0TJnaeiKv7t/X9PjNxN5TX/69Gir//43+5fr+Tr/8/FdVt1eb930++sXn9n9i+ojt6/f+Lr/Wu/5/oS53IdyNDgxEjK5faQ49HjCy/+dbnmpcaF+YvzLdOnHzhufHRF8ZGTwwd6N3cbU5t3/IN328eRmX//3ak+O4P/zo+k+dtvf/b+f7/0PYV7dH932N98w5tuV/Z9a6T+/9/I8U/TX4/juZ5H3b/3/v+fzTfhF+/P9+j/j/cN6/6jvexiJ/rm3f0cMQD96UMAAAA7rCUivh+Hk8dvcV46j9Girf+6+dzXjpS5r2Yl9eqv0deXmx97tTCwuK5xkrj7MJ8fabdODdflv1RpOj85ZO5bFGNr/bGm7tjvJtjsf8cKV74lV5udyy292zqsc3csTL3eKT4w5e35vaeYxzezB0vc/81Uoy9tnPukc3cE2Xuf0aKn/xpvZd7qMz9Qs59fDP3+LnFhbk96BYAAAAAANiVoVTEc5Hi704Mpt7z7dv5/ecND7336Pd/j/fNm7tL76vsulEB4B5XXv+Pllf1X/zz62P5W6//m+/J9F//t+v/fwNuNv1Rrv+1O7ObAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+dFEUsRoqvP9lJ14bLz10jp5uty1dmJ6d2LnYwVSUHqvzyz8jY+InPP/vcyed78cPL32mfjFdmzpyqv7R4qb00v7w8P1efbTXPLc7N3/Yadlt+u2NVA9QvXbw8d/58xPjxE1sWX6m9O/zIkdrEybHXDvdyZyenpmb6cgaHPvLWb9Dr12Lb/ANRxP9EiovvvJf+bTgv32Vb3OLY2WsHo4i/jYhyJ2Ynp6odWWg2Wivlwum+hqj1FXqx10Z3oS92pR5xtax+WeFj5e7NtBtLjbML8/XpxtJKc6W52JpO3dqmKr2I51NEOyI6wzeubiiKGIoUb3+7k344HDHQa4fPvjzz6uj4TSoxsjm5/YC6SwYjojYUsV7cB312DxuOIp6NFN/65mj8+3C3Xatmeybiy2U8EnG5jNciVsv46YhUHiCPRby/w/HE/WUwing0Uvx4opN+NJz7vjqvnP5K/Yut84t9ub3zyn1/fbib7vFz00gU8V51xu+k//DvGQAAAADgAVLEE5HiqR8cTdX44PUxxWbrQv1M4+xC97F+79l/PZfa2NjYqKVuHM1xOsd2jqs5ruW4nmMnx1qRy+c4nWM7x9Uc13Jcz7GTY20gl89xOsd2jqs5ruW4nmMnx9pgLp/jdI7tHFdzXMtxPcfO4H72FwAAAAAAAMDOiijiM5Hije910sZwd4D39ejGa94HeuD9XwAAAP//3kdScw==")
r1 = openat$thread_pidfd(0xffffffffffffff9c, &(0x7f0000000040), 0x30000, 0x0)
r2 = socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r3, &(0x7f00000000c0)={0x26, 'hash\x00', 0x0, 0x0, 'cmac(aes-generic)\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x536, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_genetlink_get_family_id$smc(0x0, 0xffffffffffffffff)
connect$phonet_pipe(r2, &(0x7f0000000040)={0x23, 0xfd, 0x0, 0xfd}, 0x10)
pidfd_getfd(r1, r2, 0x0)
r7 = add_key$keyring(0x0, &(0x7f0000000240)={'syz', 0x3}, 0x0, 0x0, 0xfffffffffffffffb)
add_key(&(0x7f00000000c0)='blacklist\x00', &(0x7f0000000100)={'syz', 0x3}, 0x0, 0x0, r7)
creat(&(0x7f0000000000)='./bus\x00', 0x48)

20m14.038526332s ago: executing program 2 (id=552):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r2, 0xae60)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
ioctl$KVM_SET_VCPU_EVENTS(r3, 0x4400ae8f, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x2c, &(0x7f00000006c0)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r4, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r4, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r4, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
sendto$inet(r4, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r4, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

20m11.334599731s ago: executing program 1 (id=554):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
unshare(0x2c020400)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)={0x10000000})
signalfd4(r0, &(0x7f0000000180), 0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f00000000c0)={0x1, 0x2}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_MARK={0x8}]}, {0xfffffffffffffe4b}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f00000007c0)=@newtclass={0x104, 0x28, 0x400, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x2}, {0x0, 0x10}, {0x7, 0xfff2}}, [@tclass_kind_options=@c_fq_codel={0xd}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_hfsc={{0x9}, {0x74, 0x2, [@TCA_HFSC_RSC={0x10, 0x1, {0x3, 0x6, 0x7}}, @TCA_HFSC_USC={0x10, 0x3, {0xffffffff, 0xffff, 0x5}}, @TCA_HFSC_RSC={0x10, 0x1, {0x80, 0x4420f45e, 0x800}}, @TCA_HFSC_RSC={0x10, 0x1, {0x9, 0x8, 0xa00000}}, @TCA_HFSC_RSC={0x10, 0x1, {0x40, 0xff, 0xfffffff9}}, @TCA_HFSC_FSC={0x10, 0x2, {0x3, 0x10, 0x6}}, @TCA_HFSC_USC={0x10, 0x3, {0x7, 0x7a3, 0xfa}}]}}, @TCA_RATE={0x6, 0x5, {0x27, 0x9}}, @tclass_kind_options=@c_multiq={0xb}, @tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0xe}}}, @TCA_RATE={0x6, 0x5, {0x4, 0x8}}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_tbf={0x8}]}, 0x104}, 0x1, 0x0, 0x0, 0x4040}, 0x1)

20m9.33086754s ago: executing program 2 (id=558):
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
socketpair$tipc(0x1e, 0x2, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket(0x1e, 0x4, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
accept4(0xffffffffffffffff, 0x0, 0x0, 0x1000)
syz_io_uring_setup(0x499, &(0x7f0000000400)={0x0, 0x707b, 0x0, 0xc, 0x288}, &(0x7f0000000100)=<r2=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, 0x0, 0x0, 0x4)
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000300)=ANY=[@ANYBLOB="440000001000030500000000ffdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="15460100ef000000140012800b0001006d61637365630000", @ANYRES32, @ANYBLOB, @ANYRES32, @ANYBLOB], 0x44}, 0x1, 0x0, 0x0, 0x200488c0}, 0x0)
r3 = openat(0xffffffffffffff9c, 0x0, 0x82400, 0x0)
ioctl$FS_IOC_ENABLE_VERITY(r3, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$FS_IOC_READ_VERITY_METADATA(r3, 0xc0286687, &(0x7f0000000d00)={0x1, 0xfffffffffffffff7, 0xc4, &(0x7f0000000200)=""/209})
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), 0xffffffffffffffff)

20m5.271048304s ago: executing program 2 (id=560):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@bloom_filter={0x1e, 0x0, 0xf, 0xe3, 0x0, 0x1}, 0x48)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ptrace(0x10, 0x0)
ptrace$getregset(0x4205, 0x0, 0x402, &(0x7f0000000240)={&(0x7f0000000180)=""/108, 0x6c})
r3 = socket(0x28, 0x1, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0xffa1, &(0x7f0000000500)={&(0x7f00000000c0)=ANY=[], 0x40}}, 0x0)
r4 = socket$inet(0x2, 0x2, 0x1)
connect$inet(r4, &(0x7f0000000080)={0x2, 0x0, @local}, 0x10)
ioprio_set$pid(0x2, 0x0, 0x6000)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000100)='/sys/kernel/rcu_normal', 0x14f242, 0x42)
connect$packet(r3, &(0x7f0000000500)={0x28}, 0x14)

20m4.186429753s ago: executing program 2 (id=562):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_setup(0x3c20, 0x0, &(0x7f0000000140)=<r1=>0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={<r2=>0xffffffffffffffff})
ioctl$SIOCSIFHWADDR(r2, 0x8b06, &(0x7f0000000080)={'wlan1\x00', @random="0600"})
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0)
r3 = dup(0xffffffffffffffff)
write$FUSE_BMAP(r3, &(0x7f0000000000)={0x18}, 0x18)
r4 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r4, 0x3b81, &(0x7f0000000380)={0xc, 0x0, <r5=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r4, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r5})
ioctl$IOMMU_HWPT_ALLOC$TEST(r4, 0x3b89, 0x0)
ioctl$IOMMU_HWPT_SET_DIRTY_TRACKING(r4, 0x3b8b, &(0x7f0000000040)={0x10, 0x1})
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, 0x0)
write$FUSE_DIRENTPLUS(r3, &(0x7f00000003c0)=ANY=[], 0xb0)
mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', 0x0, 0x0, 0x0)

20m1.609258695s ago: executing program 2 (id=567):
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x2, 0x2172, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f00000002c0), 0x2000000f5, 0x2)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_open_dev$video4linux(0x0, 0xd36, 0x18bc80)
ioctl$VIDIOC_S_STD(r2, 0x40085618, &(0x7f0000001cc0)=0x8000)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$SIOCRSSCAUSE(0xffffffffffffffff, 0x89e1, &(0x7f0000000180)=0x4)
r3 = socket$rxrpc(0x21, 0x2, 0x2)
bind$rxrpc(r3, &(0x7f0000000340)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
bind$rxrpc(r3, &(0x7f0000001280)=@in4={0x21, 0x4, 0x2, 0x10, {0x2, 0x4e21, @local}}, 0x24)
r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r4, &(0x7f0000001600)='./file1\x00', 0x2, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
linkat(r4, &(0x7f0000000000)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0)
unlink(&(0x7f0000001200)='./file1\x00')
ioctl$vim2m_VIDIOC_S_CTRL(r0, 0xc008561c, &(0x7f0000000400)={0xf0f020})
syz_mount_image$ext4(&(0x7f0000000140)='ext2\x00', &(0x7f00000005c0)='./file1\x00', 0xc248, &(0x7f0000000000), 0x83, 0x5f6, &(0x7f0000001740)="$eJzs3c9rHGUfAPDvzCZp0uZ90768iC2KAQ8tSNOkFque2nqwh4IFexDx0NAkNXT7gyYVWwum4EFBQcSrSC/+A96ldw+CCOrNs1BFKh5UujK7M82a7qQhTTJp5vOB2TzPM5N9nm9mn8wzs/vsBFBbo9lDGrE7Ik4nESNd64ajs3I03+7Ob9fPZEsSrdarvyaR5GXF9nfznzuyhyRiMCK+PRbxv8b99c5dvXZustnqeDfiwPz5Swfmrl7bP3t+8uz02ekLEwefP3R4/IWJQxNrEmcR1/ETrzzx0XtvPjfzXXN/EkfiVP87U7EkjrUyGqNxNw8xy7eSTnlfRBzOEj3+Lo+aLRBCrTXy12N/RDwWI9Fo5zpGYvbDShsHrKtWI6IF1FSi/0NNFeOA4tx+Pc6DN7PbRzsnQPfH39e5NhKD7XOj7XeSrjOjzrWNnWtQf1bH39f3fJYtUXIdom8N6imzcKN9+adH/Em7bTvbkWbxp/86189+ZzwiBvL2vfQQbei+RrLRr78s/nh8ZfF374cs/iP5z6z82CrrH12Sr1v/A6Aat47mB/KFLLd4/MuOxsX4J3qMf4Z7HLtWo+rjX/n4rzjeD7bHPemScVgSESd7P2X/0oKfPjj+SVn93eO/bMnqL8aCG+H2jYg9S+J/Pws2H/9k8Sc99n+2yekV1vHy978cL1tXdfytmxF7S8a/hSy1zPuTB2Zmm9PjnceedXz19RtflNVfdfzZ/t++zPi/bP9nZZdWWMeXJ2+eL1s3/MD4058HklPt1EBe8vbk/PzliYiB5ES+SVf5weXbUmxTPEcW/76ne/f/5eIfKv5lrsCl187dKVv3kPv/bmuFG5bJ4p9a5f7/OP87PMgfr195smzdcvGv5LkBAAAAAACARWn7PdgkHbuXTtOxsc4c3v/H9rR5cW7+mZmLVy5MRexrfx6yPy3e6R7p5JMsP5F/HrbIH1ySfzYidkXEp42hdn7szMXmVNXBAwAAAAAAAAAAAAAAAAAAwCaxI5//X9yD6fdGZ/4/UBPreYM5YHPT/6G+2v0/rboVQBUc/6G+9H+oL/0f6kv/h/rS/6G++krSwNanz0N96f8AAAAAsCXteurWj0lELLw41F4yA/m6/kpbBqw3fRzqq1F1A4DK3Hvr3/R/qJ0Vjf//bG2LiFZr/ZsDVCDpVdgeHORfDFrW+W/1/E0AAAAAAAAAAAAAYB3s3W3+P9SVaX9QXw8x/99XB8Ajzlf/Q305xwceNIt/sGyF+f8AAAAAAAAAAAAAsGGG20uSjuVzgYcjTcfGIv4TETujP5mZbU6PR8R/I+KHRv+2LD9RdaMBAAAAAAAAAAAAAAAAAABgi5m7eu3cZLM5fbk78dd9JVs7UdwFdbO0pzsRycZXOhQRmyH2VSbS5bfp6ypJIhayPV95mzuJ2Ki63vqm84pfLNm2dJsq/ysBAAAAAAAAAAAAAAAAAEA9dc097m3P5xvcIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYeIv3/1+/RNUxAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACPpn8CAAD//9ROPtM=")
munmap(&(0x7f0000003000/0x3000)=nil, 0x3000)

19m59.832202411s ago: executing program 2 (id=570):
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000002a82, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x4, 0x6, 0x10, 0x507, 0xd, @local, @private1, 0x40, 0x700, 0x1, 0x9}})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB], 0x50)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0)
r1 = epoll_create1(0x0)
unshare(0x2c020400)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)={0x10000000})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_MARK={0x8}]}, {0xfffffffffffffe4b}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$inet6(0xa, 0x5, 0x0)

19m55.603698662s ago: executing program 32 (id=554):
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x4000000002a82, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[], 0x50)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = signalfd4(0xffffffffffffffff, 0x0, 0x0, 0x0)
r1 = epoll_create1(0x0)
unshare(0x2c020400)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)={0x10000000})
signalfd4(r0, &(0x7f0000000180), 0x8, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0)
landlock_add_rule$LANDLOCK_RULE_NET_PORT(r3, 0x2, &(0x7f00000000c0)={0x1, 0x2}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_MARK={0x8}]}, {0xfffffffffffffe4b}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000480)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x800000}, 0xc, &(0x7f0000000240)={&(0x7f00000007c0)=@newtclass={0x104, 0x28, 0x400, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, 0x0, {0x4, 0x2}, {0x0, 0x10}, {0x7, 0xfff2}}, [@tclass_kind_options=@c_fq_codel={0xd}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_hfsc={{0x9}, {0x74, 0x2, [@TCA_HFSC_RSC={0x10, 0x1, {0x3, 0x6, 0x7}}, @TCA_HFSC_USC={0x10, 0x3, {0xffffffff, 0xffff, 0x5}}, @TCA_HFSC_RSC={0x10, 0x1, {0x80, 0x4420f45e, 0x800}}, @TCA_HFSC_RSC={0x10, 0x1, {0x9, 0x8, 0xa00000}}, @TCA_HFSC_RSC={0x10, 0x1, {0x40, 0xff, 0xfffffff9}}, @TCA_HFSC_FSC={0x10, 0x2, {0x3, 0x10, 0x6}}, @TCA_HFSC_USC={0x10, 0x3, {0x7, 0x7a3, 0xfa}}]}}, @TCA_RATE={0x6, 0x5, {0x27, 0x9}}, @tclass_kind_options=@c_multiq={0xb}, @tclass_kind_options=@c_drr={{0x8}, {0xc, 0x2, @TCA_DRR_QUANTUM={0x8, 0x1, 0xe}}}, @TCA_RATE={0x6, 0x5, {0x4, 0x8}}, @tclass_kind_options=@c_clsact={0xb}, @tclass_kind_options=@c_tbf={0x8}]}, 0x104}, 0x1, 0x0, 0x0, 0x4040}, 0x1)

19m44.705580587s ago: executing program 33 (id=570):
openat$nullb(0xffffffffffffff9c, 0x0, 0x4000000002a82, 0x0)
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f0000000200)={'syztnl1\x00', &(0x7f0000000180)={'ip6tnl0\x00', 0x0, 0x4, 0x6, 0x10, 0x507, 0xd, @local, @private1, 0x40, 0x700, 0x1, 0x9}})
bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYRES32, @ANYBLOB], 0x50)
r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000040), 0x8, 0x0)
r1 = epoll_create1(0x0)
unshare(0x2c020400)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f000001bff4)={0x10000000})
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$phonet_pipe(0x23, 0x5, 0x2)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000100)=@newtaction={0x6c, 0x30, 0xb, 0x0, 0x0, {}, [{0x58, 0x1, [@m_ct={0x54, 0x1, 0x0, 0x0, {{0x7}, {0x2c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18}, @TCA_CT_ACTION={0x6, 0x3, 0x19}, @TCA_CT_MARK={0x8}]}, {0xfffffffffffffe4b}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
socket$inet6(0xa, 0x5, 0x0)

17m42.759454029s ago: executing program 6 (id=764):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x488c0}, 0xc000)
socket$inet6_sctp(0xa, 0x1, 0x84)
socket$nl_generic(0x10, 0x3, 0x10)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x802, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x8, 0x2c, &(0x7f00000006c0)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000140)='cdg\x00', 0x4)
sendto$inet(r3, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x11)
recvfrom$inet(r3, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x700, 0x0, 0xfffffffffffffd25)

17m40.994002471s ago: executing program 6 (id=768):
sendto$packet(0xffffffffffffffff, 0x0, 0xffffffffffffff70, 0x0, &(0x7f0000000140)={0x11, 0x8100, 0x0, 0x1, 0x83}, 0x14)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0185500, &(0x7f0000000180)={0x1, 0x14, 0x4, 0xfffd, 0x2d, 0x40, &(0x7f0000000480)="c9ea87d1c0e550f1a28fbc590fe3489fc3b1fa4828b551545d337b76b362d12de25d965d8ebc69c08ff64b72f9"})
r0 = add_key$keyring(&(0x7f0000000280), &(0x7f00000002c0)={'syz', 0x3}, 0x0, 0x0, 0xffffffffffffffff)
r1 = add_key$user(0x0, &(0x7f0000000300)={'syz', 0x1}, &(0x7f0000000080)="bc", 0x1, r0)
r2 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r1, r2, r1}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = dup(r4)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r4, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r6, 0xae80, 0x0)

17m38.908423413s ago: executing program 6 (id=772):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0})
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
r2 = syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(0xffffffffffffffff, 0x0, 0x54)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[<r4=>0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_GETCRTC(r2, 0xc06864a1, &(0x7f0000000d40)={0x0, 0x0, r4})
ioctl$DRM_IOCTL_MODE_GETFB2(r2, 0xc06864ce, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f0000000080)={0x0, 0x0, <r5=>0xffffffffffffffff})
socket$kcm(0x29, 0x2, 0x0)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r2, 0xc00c642e, &(0x7f0000000300)={0x0, 0x0, r5})
ioctl$SW_SYNC_IOC_CREATE_FENCE(0xffffffffffffffff, 0xc0285700, 0x0)
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r2, 0xc00c642d, &(0x7f0000000180)={0x0, 0x80000})

17m37.725477285s ago: executing program 6 (id=775):
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x10008, &(0x7f0000000700), 0xff, 0x49d, &(0x7f0000000740)="$eJzs3M9vFFUcAPDv7LallR+tiCgIWkEj8UdLCyoHD2o08aCJiR7wWNuCyEINrQmQRosxeDQk3o1HE/8Cb16MejAmXjXxaEiINiYUTzWzM0OX7bZ0S9uV7ueTbPe9nZl97zvz3u6beZ0NoG31p3+SiG0R8VtE9GbZW1foz57mZqdHb8xOjyYxP//WX0l1veuz06PFqsV2W/PMoVJE6dMkXkwWlzt54eLpkUpl/FyeH5w688Hg5IWLz5w6M3Jy/OT42eFjx44eGXr+ueFn1yTONK7rez+a2LfntXeuvDF6/Mq7P36TVmv3/mx5bRy3daNBQA30p3vt7/mq+mWPN1H3u8H2mnTS0cKK0JRyRKSHq7Pa/3ujHAsHrzde/aSllQPWVfrdtGXpxTPzwCaWRKtrALRG8UWfnv8Wjw0aevwvXHspoitPz81Oj87djL8jSvnrnetYfn9EHJ/598v0Ec1ehwAAWIXq2ObpRuO/UuyuPmdzHTvyOZS+iLg3InZGxH0RsSsi7o+orvtARDyYbTzfu8Ly++vyi8c/pasN67xG0vHfCzVjv7ma+POnvnKe216NvzM5caoyfjjfJ4eic0uaH1qmjO9e+fXzpZbVjv/SR1p+MRbMK3C1o+4C3djI1Mha7YRrlyL2djSKP7k5E5C2gD0Rsbe5t95RJE49+fW+pVa6ffzLWIN5pvmvIp7Ijv9M1MVfSJafnxzsjsr44cGiVSz20y+X31yq/DuKfw1cO/BQllg4/nVr9P6T9OTJSmX83GTzZVz+/bMlz2lW2/67krerc9Y/v5e9dn5kaurcUERX8no1X5zTVV8fXtj2/MhUT5ov1k/b/6GDjfv/znyb9PineyltxPsj4uGIeCSv+6MRcSAiDi4T/w8vP/b+MvEnkUTrjv+liLGGn383239fUjtfv4pE+fT33y41Y76y4380ZqqftZnq599trLSCd7j7AAAA4K5QiohtkZQGsnT/tiiVBgay/+HfFfeUKhOTU0+dmPjw7Fh2j0BfdJaKK129NddDh5KZ/B2z/HB+rbhYfiS/bvxFuaeaHxidqIy1OHZod1tv7f9R9P/Un+VW1w5Yd+7XgvZV3/9LLaoHsPFW8v3vXAA2p1v7f3f6p6dVdQE2lvN/aF+N+v/HdXnjf9icFvf/Pxr8ZB2wGRn/Q/vS/6F96f/Qlu7kvv6FRHdENLNVcbPA6gvtXvEd/u2SKH7xYj3L6omLp7vyV6LUokjLTTa2TZFIe8zGFrrwGyoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB3s/8CAAD//90I3/s=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x536, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$netlink(0x10, 0x3, 0x4)
fcntl$dupfd(r3, 0x0, r3)
keyctl$chown(0x4, 0x0, 0xffffffffffffffff, 0x0)
read$FUSE(0xffffffffffffffff, 0x0, 0x0)

17m36.440882742s ago: executing program 6 (id=781):
socket$netlink(0x10, 0x3, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x0, 0x0)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xc, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
connect$inet6(0xffffffffffffffff, &(0x7f0000000000)={0xa, 0x4e24, 0x10000, @private0, 0x5}, 0x1c)
bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
r3 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect)

17m34.883593127s ago: executing program 6 (id=784):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x40030000000000}, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3000000000080041007278650014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x24004000)

17m19.580405484s ago: executing program 34 (id=784):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$smc(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$SMC_PNETID_DEL(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)={0x2c, r1, 0x1, 0x0, 0x0, {0x2, 0x2, 0x2}, [@SMC_PNETID_IBNAME={0x9, 0x3, 'syz1\x00'}, @SMC_PNETID_NAME={0x9, 0x1, 'syz0\x00'}]}, 0x2c}, 0x1, 0x40030000000000}, 0x0)
r2 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073797a3000000000080041007278650014003300626f6e6430"], 0x38}, 0x1, 0x0, 0x0, 0x4000840}, 0x24004000)

54.39372012s ago: executing program 3 (id=2738):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@user_xattr}, {@noquota}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x1e2c}}, {@usrquota}, {@quota}, {@mb_optimize_scan}]}, 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
lchown(&(0x7f0000000040)='.\x00', 0xee00, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00'])
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f00000000c0)=0x8b, 0x100000500)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

20.516322591s ago: executing program 7 (id=2793):
open(&(0x7f00000000c0)='./file1\x00', 0x349940, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@deltaction={0x14, 0x31, 0x8, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2404c894)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', 0x1210080, &(0x7f0000000200)={[{@uid}, {@umask={'umask', 0x3d, 0x97}}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@creator={'creator', 0x3d, "0691aaf6"}}, {@umask={'umask', 0x3d, 0x472}}, {@dir_umask={'dir_umask', 0x3d, 0x400}}, {@codepage={'codepage', 0x3d, 'maccroatian'}}, {@uid}]}, 0x7, 0x318, &(0x7f00000004c0)="$eJzs3U1rE08cB/Dv7CZp8m/pf20rBY/VgqfS1oPixSLFi2/AgxRrm0LpWkEraEGMnkW8CYJHb55F34JexDegpx7Ek16CB1dmZmcf0tnNQ9tsQr4faJrszsNvdnayMynpgohG1tXVb28vHMgfUQbgArgMOACqQAnAacxWH+zube/59c28glyVQ/4I6JziUJqN3botq8yncoQ8+aqEieQ2OhlBEATf26b61ZdYqDhCj/1DHGAsHJ1qf7XvkZ2Mhm7XaEn0sGiiiYeYLDIcIiIqXnj9d8KrxEQ4f3ccYD6chw/79T81v2kWF8dAiK7/jn4dCHl8/le74vWeWsLJ3nfMKtFWlvWcCOLDXYE+s1IdINqtKlUsTm1r268vNFQBz3AllEg2ox43YRqiZEVb0b/mLGvTHHltzzeu2lCWbVjOiH+66xo//sAre3VrnzuISXwSX8Sa8PAam9H8rxQIeXDU8fFaekrHv5hdomqlp1OlWhmv30+pSs6YHvjwLm5lLeu4VuHKWGxkKaJ1/u6ZOF9WsnNhCumPFXTrlrJbp3JNW3MtR6//WHPNtOaqbZX9+sLGXT/3o5RjY13RiRfihpjDT7zHamL+78jU88gemalRLlTK8MzIbU9JpczoxxQ1gO90NTJJuWbt6HzPcRuXMHn/0f7Ouu/X7xX/xAyVAYlHn4jh6Si3yN+JNKjKJ2UAx1bp3yAIrLtK6EeTy6qpF9/ETd7fWRcN/fJoVaARFWh2rWQnBrACINxi3hF6qf1JlGssLrCj7L9lb6st9hPSRNWHE9JUldrlYqyjkVLrodLrj3fW/Z7eiWjIxJ2O2ZtFB0NFkPMuodd/ifXKonrXkQ9ezmokaFd4osSljBXQlHr8r7MVXFRs5jxx3Dxps+Y6ex4411KjA1Pj09ZivTBODOJfJbv/U4ZYxVfc4uf/RERERERERERERERERERERERERETDpttvI/TydYJ0jQcj+I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiOJnH/X8BVd4ypFH7/X7eD+/+a+1IQUc/+BQAA//8KX2Ch")
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)

19.282864921s ago: executing program 0 (id=2794):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d3101010000383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f7274653d6d6978746e616d653d6c6f7765722c646f733178666c6f707079696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee8a465e6e1be6eeb5d588035a24458d346fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9000000"], 0xfe, 0x2b1, &(0x7f0000000640)="$eJzs3c9qK1UYAPBv0iSN3kWycCWCs7gLN5abu3VhLlJB7ErJwj+gF++9cGlCoYFA/Re68glcuPA93LkX3PgGgg/gziKFI5NMk9imiWlNK/X32/RwzvfNfGfm0FkMc/LpK/39JweDZ8df/hqNRhaVTnTiJItWVKLQiIhUCgDgTjhJKX6/0vO9WtlUTQDAZs09/2uXhGxf7Hpz02UBABv0/gcfvvtob2/3vTxvRPS/GXazmPydjD96Fs+jF0/jQTTjdPYuIKVJ++139najmhdacb8/GnaLzP4nP8+/Nijy29GM1uL8dj4xlz8admvxYkSWRTzvFIU8jGa8dCG/GN99uCA/uvV4rVFOsjj/TjTjl8/iIHrxZPxOY3b+r9t5/lb69o8vPiqCi/xsNOxuj+Nm0tZN3xsAAAAAAAAAAAAAAAAAAAAAAO6unXyqFff7RVe5/87W6Xh852/j4/11KuPxSX4WUR83zu0PNErx/dn+Og/yPE/ZJH62v081Xq5G9dYmDgAAAAAAAAAAAAAAAAAAAP8hg6PP9x/3ek8P/5VG+ZH/9LP+qx6nM9fzaiwP3l7rXLFVhhe1no9p//Rxf9pTTOIqxQ9recSymmsXel4o6ll95D9TSinLIq53m2r/5FwrGveWxxQX+Mfv7r2+/zhbdQ0bZzfuh/mhehwOjs7d08jWqTCttfzqS2Lq5YpZfZyvynV/jcv7xm+TQ5Q92RqzqJWNuGz5NdYq7Ib+AQEAAAAAAAAAAAAAAAAAAFOzj34XDB4vTa1srCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuGGz3/9fozEqkxfHpJRG0556HA5ueYoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8D/wVAAD//xwhbPs=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00')
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', 0x0, 0x2200892, 0x0)
pread64(r3, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

17.806933656s ago: executing program 0 (id=2797):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@user_xattr}, {@noquota}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x1e2c}}, {@usrquota}, {@quota}, {@mb_optimize_scan}]}, 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
lchown(&(0x7f0000000040)='.\x00', 0xee00, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00'])
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f00000000c0)=0x8b, 0x100000500)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

16.030916839s ago: executing program 4 (id=2799):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x401, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)

15.618602941s ago: executing program 7 (id=2800):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000680)=0x2)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x18)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDFONTOP_SET(r1, 0x4b72, &(0x7f0000000000)={0x4, 0x0, 0x16, 0x1, 0x100, &(0x7f0000000040)="387ed7626d850509a2d6c1aa38f15cd0c263cb226db671261fff7ce9c555f18dafae3530db6dd493f2a3cc88731b9ae21b3e3b4523ae2594f47d8f62b480c4160b1f90ac9c41fae6ab12ac4c113fef588684ef494c89092883b902a41cd75387ef6f7bc7d461d5e665f398ff95596dc94ec97003c7e6f3c82fbd8de6e11aa4031a61c51caf7a65a2b613bda33f3eaeae635d7cd81761e74c38a7695800a15516eb337056e02335f9a7d10aa2eaf7beb7e1aed6e850ecb3421143c5c4ded0f06affc524dcf3208272619b6a952db5bc96141b26c54d13c7a5416287a3b6f7aadf50bc549974b6401a19cdb130282b955592efa94242065a4c8d695a2cdd9ada350defd58c775b92d348305774d3a256c7520b285d8ddbf5e20d604413ed2ddf9bcbf881caf811852806175d638909f6234fbcd7a88a2a0aea45d19148f0e7dada7d6d0d77881387fdeaa0284abe90b88dfff412bff40c31c6415c54ae3335e54a49d315851feffe30d999c36def4df7df747695efbd649f42f310859122c0d2c1e558dc6586958a283762386ecf369274e43003a0fdff59ea515eb44504901ef0d00baa91c10a8e44a76aac3468a15bd3d45ad389977467f306f9bcde071b30769795eed2f1580414d168f557cd90040c4bd2a3d6bc5092548feaef7204a12cece59181fcb5bad8c24bd9f8f78d17ab82831325501e80d899e9252f99d3a266639438ac5252d9bccff4dd9f45657f8224fc78eb1168fe0527fac33466aadf48f16994d29a47778566e0f3945b2bf36b6eecc7fa18914beb66ac9e519bd333b30d3ce2f50dddeea3447aebbe3bed781e39d5a0fb0cdc60e196f2261305feb596b68986af3eee7b199fefb5f79ffb2d1050e46982af1c14a88dd9000400002f56a8404755c73e74bb90e64bab9647c70ed5afca1c3d87907d01000100df6f40a80ace2bb8a2aad3b0c66915927db4233181943d88c0c76d5969e2043db5bd77fd60ba0f013139929ccfec965c0c769785a4d23332ba1f0875e3146afef5b20cc306d3ecee65944fe9829e0ad0c3f6bb2fd81bc31152538db50f47dc38ba908a0d808687e478a609fe0daa02d4e9c618b99266e7f2e98597e2813e1dba9c3c16e9fab3bda6ed33cb1c75513e2264b69d472dd0e1338688ba782b41bde141f99c4894ded98eff9aa53d22eb77c9d93169c04ab2490bf28106f770e07eb7a9e87dde71929f918b98c4cbfcb11a9013923167f493760278df0cc34be9e8f86f948d9a62e63ad6ca9d2195ff9c6320c85bddc42915e4f3a5db642447bc2195a3d64e04c9ecd1c313c08e29b814bd8fed1ab6d2846c73345962895d289ac77152cac2e0e32b75ce814731c542091f218dd1e68a15f8226577bf9481ae0555db64a717eb23a811356d00"})
ioctl$VT_DISALLOCATE(r1, 0x5608)
write$cgroup_devices(0xffffffffffffffff, 0x0, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, 0x0, 0x0)
syz_open_procfs$namespace(0x0, 0x0)
sendmsg$key(0xffffffffffffffff, 0x0, 0x2404c857)
socket$nl_generic(0x10, 0x3, 0x10)

14.827605479s ago: executing program 4 (id=2801):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000003a61000000000000000a5800000006465efe2c0004802800018007000100637400001c0002800800014000000002080002400000001408000440000000170900010073797a30000000000900020073797a3200000000"], 0x80}}, 0x24004800)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000044c0)={0x0, 0x44}, 0x1, 0x0, 0x0, 0x40000}, 0x20004000)
openat$rdma_cm(0xffffffffffffff9c, 0x0, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
io_uring_enter(0xffffffffffffffff, 0x207a98, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
getdents(0xffffffffffffffff, &(0x7f0000000480)=""/179, 0xb3)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = socket(0x10, 0x6, 0x4)
sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=@gettaction={0x20, 0x5a, 0x1, 0x0, 0x0, {}, [@action_dump_flags=@TCA_ROOT_FLAGS={0xc, 0x2, {0x1}}]}, 0x20}}, 0x0)
r5 = socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$inet_tcp_TCP_REPAIR(r5, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
connect$inet(r5, &(0x7f0000000280)={0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x4}}, 0x10)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='syz_tun\x00', 0x10)
sendto$inet(r1, 0x0, 0x0, 0x20000800, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000180)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0xc2}}}}}}, 0x0)

14.774095701s ago: executing program 3 (id=2743):
fsconfig$FSCONFIG_SET_PATH_EMPTY(0xffffffffffffffff, 0x4, &(0x7f0000000300)='acl\x00\x9a\v\x9e\xd4\x10\x18\xe6\xca\xf1\x0f\xc8H\xc8#A@\x9a\xe4r\x89h8\x1b\xab\x84<\x85\xe5\x88j_<(nW4\xe4\xbb\xe9PF\x1b|\xc4\xa1\xa0\x9e\x81\xa0lZS\'\x8f\x91\xf7\x03\xa2\x8cd\x1f\xd3y\xce\x1asj\x98\xb5\x95\xdf\x915\a\x97=\xa9\xe7A\x12\xc2\xf5_\x11\b\x00\x00\x00\x00\x00\x00\x00\x1c\x1e:^\xdeNT\xe8O\xe8\x1ez\x9e\xc8\x8eo@Ti\xf6\xe5F\x0fv\xf1H\xdf\xf1\xe1\x9en\xc1\xd1\xca\xca\x89\"\xe4\x9c\xe6\xc2\xd8\xaa\xf6\f>\x19\x15t=\x1eXp\xba~\xb8xd>\x92LO\x06\xa3\xfdS\x01\xd1GE\x0f\x98L\x99#\xef5\xed[H\x104\xcd\xe23l\xd1\x9fc5\x87\xb4\xd7\xf6\xecr)\x0f\xc7\xe4\x1d[\x82\xc3\x18\xa4{\xecF\x81\xdb', 0x0, 0xffffffffffffff9c)
syz_usb_connect(0x1, 0x2d, &(0x7f0000000340)=ANY=[@ANYBLOB="120100001ddf8208c00712152230000000010902"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x0)
r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$int_in(r0, 0x40000000af01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0})
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000340))
r2 = dup(r1)
ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x1, r2})

14.34062335s ago: executing program 0 (id=2802):
lseek(0xffffffffffffffff, 0x10001, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x1000000000021, &(0x7f0000000180)=0x1, 0x23)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x80380000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)
r2 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$kcm(r2, &(0x7f0000000080)={&(0x7f0000000000)=@in6={0xa, 0xe20, 0x200, @remote, 0x1ff}, 0x80, 0x0}, 0x8000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r3 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r4 = openat$cgroup_int(r3, &(0x7f0000000080)='hugetlb.1GB.rsvd.limit_in_bytes\x00', 0x2, 0x0)
writev(r4, &(0x7f0000004380)=[{&(0x7f00000007c0)='e', 0x1}], 0x1)
sendmsg$kcm(r2, 0x0, 0x20008000)
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, 0x0, 0x20008084)
io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0x2, 0x0, 0x0)
ioctl$KDSETLED(0xffffffffffffffff, 0x4b32, 0x70)
mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f0000000100)='.\x00', &(0x7f0000002280)='vxfs\x00', 0x8000, 0x0)

13.634293802s ago: executing program 5 (id=2803):
sendmsg$can_bcm(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xc, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000019300)={0x2020}, 0x2020)
socket$kcm(0xa, 0x1, 0x106)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r3)
socketpair(0x1e, 0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'})

12.785507558s ago: executing program 4 (id=2804):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@user_xattr}, {@noquota}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x1e2c}}, {@usrquota}, {@quota}, {@mb_optimize_scan}]}, 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
lchown(&(0x7f0000000040)='.\x00', 0xee00, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00'])
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f00000000c0)=0x8b, 0x100000500)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

12.57369636s ago: executing program 5 (id=2805):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000000200)="580000001400add4275a1bf00c45b45602067fffffff81005e22000d00ff0028925aa8002000eaa57b00090080000efffeffe809000000ff0000f03a0200f0ffffffffffffffffffffffffe7ee00000000000000000200", 0x57}], 0x1)

12.369633441s ago: executing program 7 (id=2806):
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x0, &(0x7f0000000d40)=ANY=[@ANYBLOB="73686f72746e616d653d77696e39352c73686f72746e616d653d77696e6e742c756e695f786c6174653d302c756e695f786c6174653d312c757466383d3101010000383d312c646973636172642c757466383d302c756e695f786c6174653d302c666c7573682c73686f7274653d6d6978746e616d653d6c6f7765722c646f733178666c6f707079696e6e742c73686f72746e616d653d6c6f7765722c757466382c0014697a7960fb374b723f64329787434c6c9f891d2e309efaf1d4e529e1ba0f697fedffb095592bc19d5a8f8141ee8a465e6e1be6eeb5d588035a24458d346fc1f9a234cdc4ba352a4185614ce67df4870bff796357ee95fffb99cde9000000"], 0xfe, 0x2b1, &(0x7f0000000640)="$eJzs3c9qK1UYAPBv0iSN3kWycCWCs7gLN5abu3VhLlJB7ErJwj+gF++9cGlCoYFA/Re68glcuPA93LkX3PgGgg/gziKFI5NMk9imiWlNK/X32/RwzvfNfGfm0FkMc/LpK/39JweDZ8df/hqNRhaVTnTiJItWVKLQiIhUCgDgTjhJKX6/0vO9WtlUTQDAZs09/2uXhGxf7Hpz02UBABv0/gcfvvtob2/3vTxvRPS/GXazmPydjD96Fs+jF0/jQTTjdPYuIKVJ++139najmhdacb8/GnaLzP4nP8+/Nijy29GM1uL8dj4xlz8admvxYkSWRTzvFIU8jGa8dCG/GN99uCA/uvV4rVFOsjj/TjTjl8/iIHrxZPxOY3b+r9t5/lb69o8vPiqCi/xsNOxuj+Nm0tZN3xsAAAAAAAAAAAAAAAAAAAAAAO6unXyqFff7RVe5/87W6Xh852/j4/11KuPxSX4WUR83zu0PNErx/dn+Og/yPE/ZJH62v081Xq5G9dYmDgAAAAAAAAAAAAAAAAAAAP8hg6PP9x/3ek8P/5VG+ZH/9LP+qx6nM9fzaiwP3l7rXLFVhhe1no9p//Rxf9pTTOIqxQ9recSymmsXel4o6ll95D9TSinLIq53m2r/5FwrGveWxxQX+Mfv7r2+/zhbdQ0bZzfuh/mhehwOjs7d08jWqTCttfzqS2Lq5YpZfZyvynV/jcv7xm+TQ5Q92RqzqJWNuGz5NdYq7Ib+AQEAAAAAAAAAAAAAAAAAAFOzj34XDB4vTa1srCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuGGz3/9fozEqkxfHpJRG0556HA5ueYoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD8D/wVAAD//xwhbPs=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000002340)='mountstats\x00')
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/crypto\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000000200)={0x2020}, 0x2020)
mount(&(0x7f0000000300), &(0x7f0000000080)='.\x00', 0x0, 0x2200892, 0x0)
pread64(r3, &(0x7f0000002240)=""/237, 0xed, 0x4eb)

11.050954501s ago: executing program 3 (id=2807):
syz_emit_ethernet(0xda, &(0x7f0000000040)=ANY=[@ANYBLOB="ffffffffffffffffffffffff0800480000cc00", @ANYRES32=0x41424344, @ANYRES32=0x41424344, @ANYBLOB="5210000690780000000100ba34a8edafad9e38fed5e4659231c3113a44f5a7d4a024d8e7723f4bf16fcf7c8fd4da74615eef1c3034a26521ea57ebeefa272e3a4c36c309a22909263706d4f9ec0193ff000000000000002eb8c00b00d8a12d24ae591781108de9265e372d7479bcb1650aee54a305ef2486135654e6a0f4d98a04ed37b376f9b7336712e3a9210c"], 0x0)
syz_open_procfs$userns(0x0, &(0x7f0000000000))
socket$inet6_sctp(0xa, 0x1, 0x84)
io_submit(0x0, 0x0, &(0x7f0000000800))
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000400)=0x6)
r0 = getpid()
ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f0000000600)={"f34eea1395bcec63f0b182bccec9a0fd", 0x0, 0x0, {0x6, 0x3}, {0x6, 0x8}, 0x400000080000020, [0x0, 0x10000, 0x9, 0x6, 0x7, 0x3, 0x5, 0xffffffffffffffff, 0xa02e, 0x2fb, 0x829b, 0x8, 0x2, 0xffbfffffffffffff, 0x6635, 0x9]})
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r3 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
r4 = fsopen(&(0x7f0000000040)='afs\x00', 0x0)
fsconfig$FSCONFIG_SET_STRING(r4, 0x1, &(0x7f00000001c0)='source', &(0x7f0000000100)='%\xff:2\x82|\x9a\xe0\xadA\xde\xd5\x03\x00\x00\x00\xb7\xe5\xee:\xb5\x0e\xec\xe5\xdc\xe5\x8d?\x16BE\x8b\xe8)\xa9H\x99\x10\x02q\xf7\xd3\xc5*\x15\xdf_\xb2_`\x92|\x7f\xff9\xf7o$e&1\xfd\xea\xb0\xb0', 0x0)
fsconfig$FSCONFIG_SET_STRING(r3, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%\xde({F\xfaA:', 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f0000000180)='%(,c\xbe\xfbL:', 0x0)

10.800156363s ago: executing program 0 (id=2808):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0)
syz_io_uring_setup(0x1714, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_open_procfs$pagemap(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)

10.663180835s ago: executing program 7 (id=2809):
open(&(0x7f00000000c0)='./file1\x00', 0x349940, 0x10)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000440)=@deltaction={0x14, 0x31, 0x8, 0x70bd29, 0x25dfdbff}, 0x14}, 0x1, 0x0, 0x0, 0x4}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, 0x0, 0x0, 0x2404c894)
getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x200}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, 0x0)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', 0x1210080, &(0x7f0000000200)={[{@uid}, {@umask={'umask', 0x3d, 0x97}}, {@iocharset={'iocharset', 0x3d, 'iso8859-7'}}, {@creator={'creator', 0x3d, "0691aaf6"}}, {@umask={'umask', 0x3d, 0x472}}, {@dir_umask={'dir_umask', 0x3d, 0x400}}, {@codepage={'codepage', 0x3d, 'maccroatian'}}, {@uid}]}, 0x7, 0x318, &(0x7f00000004c0)="$eJzs3U1rE08cB/Dv7CZp8m/pf20rBY/VgqfS1oPixSLFi2/AgxRrm0LpWkEraEGMnkW8CYJHb55F34JexDegpx7Ek16CB1dmZmcf0tnNQ9tsQr4faJrszsNvdnayMynpgohG1tXVb28vHMgfUQbgArgMOACqQAnAacxWH+zube/59c28glyVQ/4I6JziUJqN3botq8yncoQ8+aqEieQ2OhlBEATf26b61ZdYqDhCj/1DHGAsHJ1qf7XvkZ2Mhm7XaEn0sGiiiYeYLDIcIiIqXnj9d8KrxEQ4f3ccYD6chw/79T81v2kWF8dAiK7/jn4dCHl8/le74vWeWsLJ3nfMKtFWlvWcCOLDXYE+s1IdINqtKlUsTm1r268vNFQBz3AllEg2ox43YRqiZEVb0b/mLGvTHHltzzeu2lCWbVjOiH+66xo//sAre3VrnzuISXwSX8Sa8PAam9H8rxQIeXDU8fFaekrHv5hdomqlp1OlWhmv30+pSs6YHvjwLm5lLeu4VuHKWGxkKaJ1/u6ZOF9WsnNhCumPFXTrlrJbp3JNW3MtR6//WHPNtOaqbZX9+sLGXT/3o5RjY13RiRfihpjDT7zHamL+78jU88gemalRLlTK8MzIbU9JpczoxxQ1gO90NTJJuWbt6HzPcRuXMHn/0f7Ouu/X7xX/xAyVAYlHn4jh6Si3yN+JNKjKJ2UAx1bp3yAIrLtK6EeTy6qpF9/ETd7fWRcN/fJoVaARFWh2rWQnBrACINxi3hF6qf1JlGssLrCj7L9lb6st9hPSRNWHE9JUldrlYqyjkVLrodLrj3fW/Z7eiWjIxJ2O2ZtFB0NFkPMuodd/ifXKonrXkQ9ezmokaFd4osSljBXQlHr8r7MVXFRs5jxx3Dxps+Y6ex4411KjA1Pj09ZivTBODOJfJbv/U4ZYxVfc4uf/RERERERERERERERERERERERERETDpttvI/TydYJ0jQcj+I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiOJnH/X8BVd4ypFH7/X7eD+/+a+1IQUc/+BQAA//8KX2Ch")
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000200)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000f80)=""/4096, 0x1000)

9.752680332s ago: executing program 3 (id=2810):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@user_xattr}, {@noquota}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x1e2c}}, {@usrquota}, {@quota}, {@mb_optimize_scan}]}, 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
lchown(&(0x7f0000000040)='.\x00', 0xee00, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00'])
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f00000000c0)=0x8b, 0x100000500)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0xfffffd52, 0x1})
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

9.587923333s ago: executing program 4 (id=2811):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[], [], 0x2f})
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x40000f63c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18010000200180000000000000000000850000007b00000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x93, &(0x7f00000003c0)=""/147}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
ioctl$USBDEVFS_CONTROL(0xffffffffffffffff, 0xc0105500, &(0x7f0000000000)={0x80, 0x10, 0x2, 0x0, 0x56, 0x101, 0x0})
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)

9.346478343s ago: executing program 5 (id=2812):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x401, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)

8.087658932s ago: executing program 5 (id=2813):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x8010)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
io_uring_enter(0xffffffffffffffff, 0x0, 0xcb, 0xf, &(0x7f0000000000), 0x18)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$pid(0x3, 0x0, 0x0)
mq_open(0x0, 0x840, 0x0, 0x0)
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000000)='./file2\x00', 0x800008, &(0x7f0000000540)=ANY=[@ANYBLOB='de=0x00000000800000b1,norock,overriderockperm,gid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000000401,norock,showassoc,hide,hide,norock,gid=', @ANYRESHEX=0x0, @ANYBLOB=',mode=0x0000000000001000,check=strict,iocharset=cp949,cruft,uid=', @ANYRESHEX=0x0, @ANYBLOB=',\x00'], 0xff, 0xa4a, &(0x7f00000007c0)="$eJzs3c1vHOd9B/DvLEmJoV1JcVTXFRxxJVcK47AUSdVSBR9SiVxJTPlSkBRgoYcojahCEFu3cQs4RoEoQNFTjBZo0UN7M3rqyUAuTQ+FL0V7a049FCj8LwQ9qScGM7skl+Qul2IoklY+H2J35+U3z/PMyzMPd3d2nvDFsnZ6y9jaWvXY5/i9fz6EEnOM3Zr+/JNPPy4fP3yaE+nLO8W/JINJ6kl/kjeSganpxYW5Hgk9SR4k+SwpkpxM83VPHqT467y6Of5Zin8s8+3qxF5Tppc1fqkd9fEHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHUTE1PT4+UZzIzPy99+pNSX2HqenFhSJrazvnrC/T9JOq1+/iJz3zTYrykcHB9a6+3zi7Ofv1JPWLebM59mbVIXkG89Err5959yv9tfXlu5XmF3Jy78l+8P2PnnxndXXlex3nFsUBluqYaR4jdxrzM0sLM3M37zTqM0sL9RvXro1fuXt7qX57ZraxdH9puTFXn1ps3FxeWKyPTH29PnHjxtV6Y+z+wr35O9Njs431idd/c3J8/Fr9W2O/17i5uLQwf+VbY0tTd2dmZ2fm71Qx5ewy5np5IP7uzHJ9uXFzrl5/9Hh15eq2kvVl2/FbBk30Wp8yaLJX0OT45OTExOTkxA9bvWdvTLj2zo13ro+P9483vZrWQHZEvKCDluPlS91388GfxGGfas32P5nNTOZzL++l3vFvKtNZzELmusxvWW//L11p7Jpt2tr/Vivf3zb/XPl0Medbo4Nd2v8uZTm8vw/y/XyUJ/lOVrOalXzvyEt0uH930sh8ZrKUhcxkLjerKfXWlHpu5FquZTzfzt0MZyn9uZ2ZzKaRpdzPUpbTqI6oqSymkZtZzkIWU89IpvL11DORG7mRq6mnkbHcz0LuZT53Mp2bVSqP8rja7ld3KeNG0MRegiZ3CdrRmHdr/zdsX6Sx/Z8TXkK1XffyCziLw/6stdr/E71DR6YOo0AAAADAgfv1/8yps6/9x/8mRb5afS9/e2a2MX7UxQIAAAAOUHW53pvly0A59NUU3v8DAADAy6aofmNXJBnKcHNo/ZdQPgQAAACAl0T1/f/5FMObE7z/BwAAgJdM73vs94woRtdv/1t/2Hx92IpojhVDt2dmG2NTC7PvTuRydZeB6pcGO1LrS4qB6ucHb+dCM+rCUPN1aDPFMs/BMmpi7N2JvJ2LrRUZeat8eWukQ+RkM/JrzcivtUf2ZUvk1TISAF52F3dpj/fa/r+d0WbE6Lmqye8/t6UN7qta1nEtKwAcFxt97Px/q0uzDu3/+ea9Ac53a/9/a5f3/2XEa3k03LykYCzfzftZzcOMpnXFwXCnVNd7I2hehjDa49OAodYlCz+9Xsvojs8DBjfWtT12JZMZ7fiJQFu6xXoZrjbj+l7UXgCAw3Vx13Z4vf2vPiTv2v6P7v7+v63NdUkhABwHGz3YP+/A8N6Dj3odAYCttNIAAAAAAAAAAAAAAAAAAAAAAAAAAABw8PZ0A///upysrq4k++0soMPAT//9X3+la8yPXkkGn6eEuw/UcjBlPv4DfUmOKvdv5rmXKvfxcdl0L9NA8bSqsL9QOkd8YgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBQFElfp+m15GSS8SRXDr9UL87Toy7AQanvb7HiWZ7lw5w66OIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPyya93/v5bm6yvNSemvJZeSPEjy+0ddxucx2GP+s0Mqx/HzR9Vz2/3/a8lA1or0Z21tbS0pBqamFxfmykOhOFnO//yTTz8uH12T/MH6wM5eFcoEyhy2dC7RyqFtysDWpb5cLTU0vfLBkz97/0/q07eqA/PW8u3Z6bk7i7+zGfh68eNmFwjt3SCsl/cvLv3b37RNPtHK/Mfp77Yi2/O9XeU7vTPfX+u0dJd89+Dx6spkmdNy473lP//jWvus13IheWskGdma0x+Wjy45Xdi+Pbcqflb8VXEqf58H1f4vt0axVpS76HS1/l969Hh1Zey7768+3CjTDx5/2JbAmQwnebi1lvUo03B1PunolSrXgTLX8SqofDrbI71dtaU4sbldt6zDl6tDZui51qHefR0qPbZ7q0RXt5dorawkf/unX8nlXff0yQ4pXu6RY0fFz4r/Ke7mv/OXbf1/1Mr9fykda2eHJKrItiOlfd6W6lW7tLnmk+0zvr09za61khfgR/mD/PbG/q9V5//2ejPZpd5snI++2TaxS71Zr1pd6sXJrTV1R71o6VUvdtbUfzq9o0XZmmvObmuRWmefbsu0ynm2GdWlnL+abyT9557rjPKNHmeUXsvvt/7/QzGS/8tT/f8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADHX5H0dZpeSy4lOZPkdDleT9a2xzzdR361oWI/xTww+ynzF0/RdUWLZ3mWD3PqsEsEAAAAAAAAwItxa/rzTz79uHxU38f35TdqrTn1pD/JmeLvBqamFxfmeiQ0kDxY/0p/sHNIl8l5UD69ujn+WTn2Ro/8jvbyAQD4Qvt5AAAA//9B+m/L")
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0x1, 0x5, 0x29fd, 0x84, 0x105}, 0x48)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r3}, 0x38)
bpf$MAP_LOOKUP_BATCH(0x19, &(0x7f0000000100)={0x0, &(0x7f0000000040)=""/129, &(0x7f0000000680), &(0x7f0000000000), 0x6c, r3}, 0x38)
syz_usb_connect$uac1(0x0, 0x71, &(0x7f00000000c0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x8, 0x1d6b, 0x101, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x5f, 0x3, 0x1, 0x9, 0x40, 0x6, {{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x0, 0x0, {{0xa, 0x24, 0x1, 0x0, 0x2}}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x10, 0x2, 0x44, 0x0, {0x7, 0x25, 0x1, 0x0, 0x7, 0xff}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x0, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x20, 0x6, 0x2, 0x2, {0x7, 0x25, 0x1, 0x83, 0xa, 0x1}}}}}}}]}}, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x0})

7.712992295s ago: executing program 4 (id=2814):
r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000040), 0x802, 0x0)
write$uinput_user_dev(r0, 0x0, 0x0)
ioctl$UI_SET_EVBIT(r0, 0x40045564, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000000)='./file0\x00', 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="6e6f646973636172642c6261636b67726f756e645f67633d73796e632c6261636b67726f756e645f67633d6f6e2c6e6f757365725f78617474722c6e6f71756f74612c64697361626c655f726f6c6c5f666f72776172642c67635f6d657267652c6e6f757365725f78617474722c636865636b706f696e743d64697361626c652c757365725f78617474722c6673796e635f6d6f64653d7374726963742c646973636172645f756e69743d73656374696f6e2c636865636b706f696e743d64697361626c652c6e6f696e6c696e655f64656e7472792c00ec6da92d1c80a6c720380e3c2c55bf27596d2776ce408c4bb19b149757508e1c7e919c6c2047023baa412d14fa75c8cac6e5f103e13ea52708af0a7c5da8af4ecb6612"], 0x2, 0x5505, &(0x7f0000002480)="$eJzs3E1rY9UbAPAn7XTe//Mv4sLdXBiEFiZh0nlBd6PO4At2KKMuXGmapCEzSW5p0rR25cKluPCbiIIrl34GF67diQvFnaDknlud+gJC08ZOfz+4ee45OXnuc8Iw8NxbEsCptZj9/GMlrsSFiJiPiMsRxXmlPAp3U3guIq5GxNwTR6Wc/33ibERcjIgrk+QpZ6V869Pr42u3f3jjp6++OXfm0mdffju7XQOz9nxE9DfT+U4/xbyT4qNyvjHuFrF/a1zG9Eb/cTnOU9xprxcZdhr76xpFvNlJ6/PN7eEkbvQazUnsdDeK+c1BuuBw3NnPU3zgUWOrGLfa60XsDvMidvZSXbt76f+2veEo5WmV+T4o0sdotB/TfHu3nfaz+biIzcGonE9581Z7dxLHZSwvF8281yrqWD/MN/3f9mZ3sL2bjdtbw24+yG7X6i/U6neq9a281R61b1Ub/dadW9lSpzdZVh21G/27nTzv9Nq1Zt5fzpY6zWa1Xs+W7rXXu41BVq/XbtZuVG8vl2fXs1cfvJP1WtnSJL7cHWyPur1htpFvZekTy9lK7eaLy9m1evbW6lq29vD+/dW1t9+79+6Dl1Zff6Vc9JeysqWVGysr1fqN6kp9+RTt/6Oy6CnuHw6lMusCAE4e/T8wC0fX/289jDj6/j/0/1Nxovrf097/H8H+4VD0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAp9Z3C5+/VpwspvGlcv5/5dQz5bgSEXMR8evfmI+zB3LOl3kW/mH9wp9q+LoSRYbJNc6Vx8WIuFsev/z/qL8FAAAAeHp98eHVT1K3nl4WZ10QxyndtJm7/P6U8lUiYmHx+yllm5u8PDulZMW/7zOxO6VsxQ2s81NKlm65nZlWtn9l/kA4/0SopDB3rOUAAADH4mAncLxdCAAAAMfp41kXwGxUYv9R5v6z4OIv7/94IHjhwAgAAAA4gSqzLgAAAAA4ckX/7/f/AAAA4OmWfv8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnfm4TB6I4AD8bvLD/tGi1921lb1DGlrDHPUYUkCYoIAfSQhqgBnJLCRFEeBwCEYdIHttK9H2SMxnL/HiD4DAz0gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAF26r9aL26vf121zdvt28owGAAAAuGRbrRf1P7PU/9rc/97c+tn0i4goI+LS3H0Un84yR01O9fL8zenz1asa7iLqhMN7TJrrS0T8aa7HH11/CgAAAPBxbZareZqtpz+zoQuiT2nRpvz2N1NeERHV7CFTWnnI+5UprP5+j+N/prR6AWuaKSwtuY1zpb1J/XM/rtpNT5oiNeXFlx2LzDZ2AACgR6Ozpt9ZCAAAAH36N3QBDKOI563M41bgJDXN9t7nsx4AAADwDhVDFwAAAAB0rp7/93T+3975fwAAADCMdP4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXdpW68VmuZq3zdnt28kzGgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHhif95RIATCIAz2ru9M5v6HlQZNTU2qQPj4G4MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIv9eUmBEAiCKJgz/nfS9z+sJOgZRIiAhkcVtWgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgIud+3mNo4oDAP5mZmdrq+IaZQ8RUfCgF7vd1tbexIMSPPgnCCHd1titP9ocbCliLt4k515EjyKCEm/9H3JOIJd4y2EPETwrMzuTnfwA118zm+TzgTfvu8Mw7/tmIeQ77yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACURm9P4iQ7dMZxXJzb3Hu4lPVbh/rM47Xt+axlcVRn0ifDi9UPUbe5RAAAADg7krK+DyHspOsLWR938vo/La/Jav5vnx7HZT1/uO4v+7L2z9ovP+8+vz9QZzxOdtOby8PBpaOptP6/Wc62Z/7yilb+5PN3L0n+hcTvrT43SvPnGX29sfFOOw/P1ZEtAPBPXCz7Iih/H8r6fpOJAXBmtCqFd1n/J51mcwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACow2g1PFnGUQhhvjWJM1t7D5eO6x+vbc+X7dqjR2vhy8k9s1ukIYSby8PBpVpnM9vu3X9we3E4HNytP3gphNDU6G8V07/9wRQXh9DI8xH8R0FcfNmzks/JCBr8oQQAwKmUFi2r63fS9YXsXDQXwh/fHaz/X63EYcr6f/fDa5vVsar1f7+2Gc6+3sqdT3v37j94ffnO4q3BrcHHb1zuv9m/cv3q1eu9/F1JzxsTAAAA/p120ar1fzx3dP3/QiUOU9b/n33T/6I6VqL+P9Zk0a/pTAAAAM62Z1/+/bfomPNRux0+X1xZudsfH/c/Xx4fG0j1bztXtGr9n8w1nRUAAABQh9FqdGD9/0YlDlOu/z/1/Qs/Vu+ZhBDOF+v/F5c+Gd6obzozrY4/J256jgAAADTrfNGq6/9pvv8/3t/yEIcQXntlHBf/BnCq+j9596sfqmNV9/9fqW+KMynujp9H3ndDaHWbzggAAIDT7ImiZcX+r+n6wkc/XXi/bf8/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQN3+DAAA//962D6S")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x183341, 0x0)
ioctl$F2FS_IOC_SET_PIN_FILE(r3, 0x4004f50d, 0x0)
r4 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r4, &(0x7f0000000140)='2', 0x1, 0x8000c61)
ioctl$EXT4_IOC_MOVE_EXT(r4, 0x40305829, &(0x7f0000000240)={0x17c04, 0xffffffffffffffff, 0x4ffa1, 0x100000001})
ioctl$UI_DEV_CREATE(r0, 0x5501)
read$FUSE(0xffffffffffffffff, &(0x7f0000000040)={0x2020}, 0x2020)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0xfff, 0x0)
getsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000002300)={{{@in6, @in=@broadcast, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, <r5=>0x0}}, {{}, 0x0, @in6}}, &(0x7f00000021c0)=0xe8)
getresuid(&(0x7f0000002140)=<r6=>0x0, 0x0, &(0x7f0000002080))
r7 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x1, 0x0)
r8 = ioctl$KVM_CREATE_VM(r7, 0xae01, 0x0)
ioctl$KVM_CAP_X86_NOTIFY_VMEXIT(r8, 0x4068aea3, &(0x7f0000000100)={0xdb, 0x0, 0x2})
mount$cgroup(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000040), 0xb, &(0x7f0000000380)={[{@cpuset_v2_mode}, {@nofavordynmods}, {@release_agent}, {@name={'name', 0x3d, '^(/-(/[\xc8'}}], [{@dont_measure}, {@fscontext={'fscontext', 0x3d, 'root'}}, {@euid_eq={'euid', 0x3d, r5}}, {@smackfsdef}, {@obj_role={'obj_role', 0x3d, 'gfs2\x00'}}, {@uid_gt={'uid>', r6}}, {@dont_hash}, {@subj_type={'subj_type', 0x3d, '}:%'}}, {@dont_measure}]})
r9 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r9, &(0x7f0000000180)={0x0, 0x18, 0xfa00, {0x1, &(0x7f0000000140), 0x111}}, 0x20)

3.532330925s ago: executing program 3 (id=2815):
syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000040), 0xffffffffffffffff)
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000340)=0xf)
r1 = openat$mixer(0xffffffffffffff9c, &(0x7f0000000080), 0x101403, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x2)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000140)={{}, &(0x7f0000000180), 0x0}, 0x20)
sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000002000)=""/102400, 0x19000)
mprotect(&(0x7f0000ffe000/0x1000)=nil, 0x1000, 0x3000002)
socket$nl_generic(0x10, 0x3, 0x10)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$SOUND_MIXER_READ_VOLUME(r1, 0x81044d03, &(0x7f0000000000))
ioctl$TIOCVHANGUP(r0, 0x5437, 0x0)
sendmsg$NLBL_MGMT_C_ADDDEF(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)=ANY=[@ANYBLOB, @ANYBLOB], 0x4c}, 0x1, 0x0, 0x0, 0x8004}, 0x4040000)

3.425061497s ago: executing program 4 (id=2816):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = socket$igmp6(0xa, 0x3, 0x2)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x2d0, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x100, 0x130, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x330)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r1, 0x0, 0x482, &(0x7f00000000c0)={0x84, @dev={0xac, 0x14, 0x14, 0x3d}, 0x4e20, 0x3, 'dh\x00', 0x1, 0x800002, 0x6e}, 0x2c)
lsm_get_self_attr(0x65, 0x0, 0x0, 0x0)
mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000280), 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, 0x0, 0x0, 0x74, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x3)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet_smc(0x2b, 0x1, 0x0)
setsockopt$IP_VS_SO_SET_FLUSH(r1, 0x0, 0x485, 0x0, 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x92)

2.857263824s ago: executing program 5 (id=2817):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@user_xattr}, {@noquota}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x1e2c}}, {@usrquota}, {@quota}, {@mb_optimize_scan}]}, 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
lchown(&(0x7f0000000040)='.\x00', 0xee00, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00'])
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f00000000c0)=0x8b, 0x100000500)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

2.83253889s ago: executing program 0 (id=2818):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000140)='ext4\x00', &(0x7f0000000640)='./file1\x00', 0x3014850, &(0x7f00000000c0)={[{@user_xattr}, {@noquota}, {@init_itable}, {@max_batch_time={'max_batch_time', 0x3d, 0x1e2c}}, {@usrquota}, {@quota}, {@mb_optimize_scan}]}, 0x3, 0x4d5, &(0x7f0000001300)="$eJzs3d9rW9cdAPDvle3ESZzZ2faQBZaFLcMJWyQ7XhKzh8yDsT0FlmXvnmfLxli2jCUnsQnDYX/AYGxtaZ/61JdCn0uh5E8ohUD7XkppCW2SPvShrYrkq8ZxZVvGP+RYnw8c33PuvdL3HMk60rnncm8AbetcRIxEREdEXIyI3nR9Jk2xspqq+z15fG+8mpKoVG59nkSSrqs/V5IuT6QP646Iv/0l4p/JD+OWlpZnxgqF/EJazpVn53OlpeVL07NjU/mp/NzI0ODV4WvDV4YHdq2t1//0yUv/eePP19/97Z2PRj+78K9qtXrSbWvb0YyVJvdbbXpX7bWo64yIhe0EO8A60vZ0tboiAAA0pfob/8cR8cuIePpqq2sDAAAA7IXKH3ri6ySiAgAAABxamdo5sEkmm54L0BOZTDa7eg7vT+N4plAslX8zWVycm1g9V7YvujKT04X8QHqucF90JdXyYC3/rHx5XXkoIk5FxP96j9XK2fFiYaLVBz8AAACgTZxYN/7/snd1/A8AAAAcMn2trgAAAACw54z/AQAA4PDbcPyfdO5vRQAAAIC98NcbN6qpUr//9cTtpcWZ4u1LE/nSTHZ2cTw7XlyYz04Vi1O1a/bNbvV8hWJx/ncxt3g3V86XyrnS0vLobHFxrjxau6/3aN59ogEAAGD/nfrFgw+TiFj5/bFaqjqSbmtirD6yt7UD9lJme7sne1UPYP91tLoCQMs4wRfal/l4YIuB/f/Xlbd52AAAADgI+n+2o/l/84HwAjOQh/Zl/h/al/l/aF/m/6HNHd16l+6NNrzXxPM7SggAAAdCTy0lmWw6F9gTmUw2G3GydluArmRyupAfiIgfRcQHvV1Hq+XBVlcaAAAAAAAAAAAAAAAAAAAAAAAAAF4wlUoSFQAAAOBQi8h8mqS36OrvPd+z/vjAkeSr3toyIu68duvlu2Pl8sJgdf0X368vv5Kuv9yKIxgAAADAevVxen0cDwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC76cnje+P1tJ9xH/0xIvoaxe+M7tqy++3eiDj+NInONY9LIqJjF+Kv3I+I043iJ9VqRV9ai/XxMxFxrMXxT+xCfGhnD6r9z0ijz18mztWWjT9/nWnaqUfnNur/MvX+r9bPNer/TjYZ48zDt3Ibxr8fcaazcf9Tj5/ssP/9x9+XlzfaVnk9or/h90/yXKxceXY+V1pavjQ9OzaVn8rPDQ0NXh2+NnxleCA3OV3Ip38bxvjvz9/5drP2H98gft8W7T/fZPu/eXj38U82iX/hV43f/9ObxK++9r9Ovweq2/vr+ZXV/Fpn33z/7LpVR9bGn9ig/Vu9/xeabP/Fm//+uMldAYB9UFpanhkrFPILMjI7yNT/nw5KfWTSzM30jdn2w1vXJwEAAHvj2Y/+VtcEAAAAAAAAAAAAAAAAAAAA2tdzF/3qiIjdvgjZ0eevLNDduqYCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGzquwAAAP//e4jN8A==")
lchown(&(0x7f0000000040)='.\x00', 0xee00, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r1)
ioctl$sock_bt_bnep_BNEPCONNADD(r0, 0x400442c8, &(0x7f0000000000)=ANY=[@ANYRES32=r0, @ANYBLOB='\x00\x00\x00'])
r2 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'lo\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x40000, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x6, 0x9, 0x80, 0x0, 0xffffffff, 0x91b1}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x4000400}, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
r5 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000240)='/proc/sys/net/ipv4/tcp_dsack\x00', 0x1, 0x0)
sendfile(r5, r4, &(0x7f00000000c0)=0x8b, 0x100000500)
r6 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r6, &(0x7f0000000080)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r6, &(0x7f0000000180)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r6, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
r7 = syz_open_dev$dri(&(0x7f0000000000), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r7, 0xc02064b2, &(0x7f0000000200)={0x8000, 0x101, 0x4})
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f0000000040)={0x0, &(0x7f00000002c0)=[0x0], 0x0, 0x0, 0xfffffd52, 0x1})
recvfrom$inet(r6, &(0x7f0000000080)=""/8, 0xfffffffffffffd0b, 0x720, 0x0, 0xfffffffffffffd25)

2.4823765s ago: executing program 7 (id=2819):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f00000001c0), 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004800}, 0x4000000)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mount(0x0, 0x0, 0x0, 0x0, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r4 = socket$kcm(0x29, 0x5, 0x0)
getsockopt$kcm_KCM_RECV_DISABLE(r4, 0x119, 0x1, 0xffffffffffffffff, 0xfffffffffffffe84)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket$inet_udp(0x2, 0x2, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=ANY=[@ANYRES32=0x0, @ANYBLOB, @ANYRES32=r6, @ANYBLOB], 0x40}}, 0x8080)
setsockopt$inet_udp_encap(r6, 0x11, 0x64, &(0x7f0000000040)=0x3, 0x4)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r7, 0xffffffffffffffff, 0x0)
ioctl$VIDIOC_TRY_FMT(0xffffffffffffffff, 0xc0d05640, &(0x7f00000001c0)={0xa, @raw_data="03091f682f97de8bf5de030965f3875767f6ee1404a33062ef3b061315c1e8c446b6b654ff4030c94e863998744c7ea75f41f156a5b848a438d260cc5d3fe6e8d5c8a7db0606db4622d5a25539914d0044688f2c8b135fd24379c4030e0865b28051ae97cd50558df9576ea4ccf3ba99d7107c326ce69d970fb8de907062fe6a8bbc6e95ac17de68efdd0a073fdebc2c632da243bf9362276110a73e4691993f66c89bdfd9497cb6ffa3e4da02a996b925a0833793956236772e5b735381397be1872481d8bf763a"})

1.270919038s ago: executing program 3 (id=2820):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000002c0)={[{@init_itable}, {@resuid}, {@stripe={'stripe', 0x3d, 0x40}}]}, 0x3, 0x463, &(0x7f0000000340)="$eJzs281vFOUfAPDvTLvlxw+wFfGFF7WKxsaXlgIqBw9qNPGAiYke9Ni0C0EWatqaCCEKxuDJGBPvxqP/gie9GOPJxKveDQkxXABPa2Z3BnaX3aUsu11gP59k4Hnmpc/325mn+8w8OwGMrOnsnyRia0T8GRGT9WrzDtP1/65cOrN49dKZxSSq1Xf/SWr7Xb50ZrHYtThuS16ZSSPSL5LY3abd1VOnjy9UKuWVvD63duKjudVTp184dmLhaPlo+eT+Q4cOHph/+aX9L/Ylzyymy7s+Xd6z860Pvnn78FdN+bfk0SfT3TY+Xa32ubnh2tZQTsaHGAi3ZCwistNVqvX/yRiL6ydvMt78fKjBAQNVrVarWzpvPlsF7mFJNNd1eRgVxQd9dv9bLK2DgFcHN/wYuouv1W+Asryv5Et9y3ik+T6llvvbfpqOiPfP/vtdtsRgnkMAADT5KRv/PN9u/JfGQw373ZfPDU1FxP0RsT0iHoiIHRHxYERt34cj4pFbbL91kuTG8U96oafE1ikb/72Sz201j/+K0V9MjeW1bbX8S8mRY5Xyvvx3MhOlTVl9vksbP7/xx9edtjWO/7Ila78YC+ZxXBjf1HzM0sLawu3k3OjiuYhd4+3yT67NBCQRsTMidvXYxrFnf9jTadvN8++iD/NM1e8jnqmf/7PRkn8h6T4/Ofe/qJT3zRVXxY1++/38O53av638+yA7//9ve/1fy38qKeZr0yivrN56G+f/+rLjPU2v1/9E8l6tPJGv+2RhbW1lPmIiOVwPunH9/uvHFvVi/yz/mb3t+//2uP6b2B0R2UX8aEQ8FhGP57E/ERFPRsTeLvn/+vpTH/ae/2Bl+S+t9/xXKuWVhsJEtK5pXxg7/suPTY1O3ZD/1e7n/2CtNJOvWc/fv/XEVenpagYAAIC7TxoRWyNJZ6+V03R2tv59+R0RaWV5de25I8sfn1yqvyMwFaW0eNI12fA8dD6/ra/Xz0VE/asFxfYD+XPjb8c21+qzi8uVpWEnDyNuS4f+n/l7bNjRAQPnfS0YXfo/jK519v977JV1IHz+w0hr0/83DyMOYOO1+/z/bAhxABuvpf+b9oMR4v4fRlen/l+d3OBAgA1X7/+G/TBiVjfHzV+S71ooflKPh9+zhSjdEWEMrBDpHRFGa6EUEXdAGHd/Ybh/lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPrlvwAAAP//HArhUQ==")
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000080)='./file1\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
mount$overlay(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = syz_open_dev$loop(&(0x7f0000000140), 0x0, 0xa0000)
ioctl$LOOP_SET_BLOCK_SIZE(r0, 0x4c09, 0x8000)
r1 = openat$urandom(0xffffffffffffff9c, &(0x7f0000000000), 0x103902, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0xc4042, 0x1ef)
sendfile(r2, r1, 0x0, 0xfffa83)

736.016322ms ago: executing program 7 (id=2821):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010001090003206d0414c340000000000109022400010000a0000904000001030101000921000800012203000905", @ANYRES16], 0x0)
syz_usb_control_io$hid(r0, &(0x7f00000001c0)={0x24, &(0x7f0000001180)=ANY=[@ANYBLOB="00020c0000000c0002"], 0x0, 0x0, 0x0}, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000001300)={0x2c, &(0x7f00000000c0)=ANY=[], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000240)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, &(0x7f0000000680)={0x2c, &(0x7f0000000200)=ANY=[@ANYBLOB='@0J'], 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f00000006c0)={0x84, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20, 0x0, 0x4}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, &(0x7f0000000080)={0x84, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000040)={0x20, 0x0, 0x4, {0x140}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(r0, 0x0, 0x0)

471.348625ms ago: executing program 5 (id=2822):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bind$inet6(r0, &(0x7f0000000040)={0xa, 0x5e22, 0x0, @empty}, 0x1c)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000140)=[{&(0x7f0000000200)="580000001400add4275a1bf00c45b45602067fffffff81005e22000d00ff0028925aa8002000eaa57b00090080000efffeffe809000000ff0000f03a0200f0ffffffffffffffffffffffffe7ee00000000000000000200", 0x57}], 0x1)

0s ago: executing program 0 (id=2823):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d000000"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x3, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r3, 0x11, 0x67, &(0x7f0000000040)=0x401, 0x4)
connect$inet6(r3, &(0x7f0000000000)={0xa, 0x4e27, 0xffffffff, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r3, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)

kernel console output (not intermixed with test programs):

s: unknown parameter or missing value '(' in ctrl creation request
[  987.995472][T13472] loop3: detected capacity change from 0 to 64
[  994.252878][T13529] loop4: detected capacity change from 0 to 2048
[  994.414862][T13529] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  994.493288][T13538] loop3: detected capacity change from 0 to 256
[  995.005265][T13539] loop7: detected capacity change from 0 to 64
[  997.244550][T13558] xt_CT: No such helper "snmp"
[  997.330161][T13551] loop0: detected capacity change from 0 to 4096
[  997.394123][T13551] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[  997.565803][T13568] loop5: detected capacity change from 0 to 512
[  997.831022][T13568] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.1583: casefold flag without casefold feature
[  997.893287][T13568] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1583: couldn't read orphan inode 15 (err -117)
[  998.000297][T13568] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  998.535417][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  998.541943][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1001.599496][T13607] loop4: detected capacity change from 0 to 64
[ 1002.293007][T11127] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1003.583495][T13629] overlayfs: overlapping lowerdir path
[ 1003.666424][T13631] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1004.361142][T13624] xt_CT: No such helper "snmp"
[ 1005.683563][T13656] loop5: detected capacity change from 0 to 256
[ 1007.605986][T13671] loop0: detected capacity change from 0 to 512
[ 1007.942441][T13671] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1601: casefold flag without casefold feature
[ 1007.983610][T13680] loop4: detected capacity change from 0 to 64
[ 1007.994528][T13671] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1601: couldn't read orphan inode 15 (err -117)
[ 1008.149085][T13671] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1011.995538][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1013.703587][T13739] loop5: detected capacity change from 0 to 2048
[ 1014.053039][T13739] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1014.243136][T13746] loop0: detected capacity change from 0 to 64
[ 1014.835904][T13755] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[ 1014.847906][T13755] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[ 1014.853815][T13755] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[ 1014.853815][T13755] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[ 1014.872885][T13755] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[ 1014.884222][T13755] CUSE: DEVNAME unspecified
[ 1016.898034][T13772] loop4: detected capacity change from 0 to 512
[ 1017.544266][T13772] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.1621: casefold flag without casefold feature
[ 1017.581235][T13772] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.1621: couldn't read orphan inode 15 (err -117)
[ 1017.623329][T13772] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1018.666378][T13795] loop5: detected capacity change from 0 to 64
[ 1022.078620][T13820] loop5: detected capacity change from 0 to 64
[ 1022.918327][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1023.226485][T13830] loop7: detected capacity change from 0 to 256
[ 1023.363180][T13832] loop5: detected capacity change from 0 to 2048
[ 1023.375620][T13832] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1028.254257][T13870] loop4: detected capacity change from 0 to 64
[ 1029.246860][T13880] loop0: detected capacity change from 0 to 512
[ 1029.471265][T13880] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1641: casefold flag without casefold feature
[ 1029.557466][T13880] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1641: couldn't read orphan inode 15 (err -117)
[ 1029.868599][T13880] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1030.610150][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1031.506714][T13905] loop0: detected capacity change from 0 to 2048
[ 1031.574646][T13905] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1035.079201][T13939] loop0: detected capacity change from 0 to 64
[ 1035.775050][T13947] loop0: detected capacity change from 0 to 512
[ 1035.843479][T13947] EXT4-fs error (device loop0): ext4_orphan_get:1393: inode #15: comm syz.0.1653: casefold flag without casefold feature
[ 1035.881873][T13947] EXT4-fs error (device loop0): ext4_orphan_get:1398: comm syz.0.1653: couldn't read orphan inode 15 (err -117)
[ 1035.970721][T13947] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1036.428192][ T5834] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1036.439395][T13953] loop4: detected capacity change from 0 to 2048
[ 1036.557562][T13953] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1036.625621][T13960] loop7: detected capacity change from 0 to 2048
[ 1037.590217][T13960] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1039.380648][   T30] audit: type=1400 audit(1751616033.583:41): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=13975 comm="syz.4.1659"
[ 1042.394133][T14010] loop5: detected capacity change from 0 to 64
[ 1042.429793][T14012] loop7: detected capacity change from 0 to 512
[ 1042.506500][T14012] EXT4-fs error (device loop7): ext4_orphan_get:1393: inode #15: comm syz.7.1666: casefold flag without casefold feature
[ 1042.550193][T14012] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.1666: couldn't read orphan inode 15 (err -117)
[ 1042.673902][T14012] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1043.186522][T10882] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1044.058150][T14023] xt_CT: No such helper "snmp"
[ 1044.702185][T14036] loop3: detected capacity change from 0 to 2048
[ 1044.789271][T14036] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1047.275756][ T5952] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1047.394365][   T30] audit: type=1400 audit(1751616041.593:42): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=14056 comm="syz.0.1672"
[ 1047.727073][ T5952] usb 6-1: Using ep0 maxpacket: 32
[ 1047.736903][ T5952] usb 6-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1047.753918][ T5952] usb 6-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1047.788021][ T5952] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1047.811081][ T5952] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1047.845932][ T5952] usb 6-1: config 0 descriptor??
[ 1047.880392][ T5952] hub 6-1:0.0: bad descriptor, ignoring hub
[ 1048.089472][ T5952] hub 6-1:0.0: probe with driver hub failed with error -5
[ 1048.124293][ T5952] usbhid 6-1:0.0: couldn't find an input interrupt endpoint
[ 1049.560243][ T5952] usb 6-1: USB disconnect, device number 2
[ 1050.319213][T14102] loop5: detected capacity change from 0 to 512
[ 1050.750645][T14102] EXT4-fs error (device loop5): ext4_orphan_get:1393: inode #15: comm syz.5.1678: casefold flag without casefold feature
[ 1050.818169][T14102] EXT4-fs error (device loop5): ext4_orphan_get:1398: comm syz.5.1678: couldn't read orphan inode 15 (err -117)
[ 1050.875491][T14102] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1051.775762][T11127] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1052.248592][T14131] loop4: detected capacity change from 0 to 64
[ 1059.600821][   T30] audit: type=1400 audit(1751616053.803:43): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=14201 comm="syz.3.1695"
[ 1060.055568][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1060.084434][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1060.988844][T14228] loop3: detected capacity change from 0 to 64
[ 1065.415139][T14258] xt_CT: No such helper "snmp"
[ 1065.981429][T14270] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1071.829835][T14318] loop0: detected capacity change from 0 to 4096
[ 1072.268150][T14318] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[ 1073.589065][T14348] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1073.685012][T14350] loop5: detected capacity change from 0 to 64
[ 1074.644912][T14357] fuse: Unknown parameter 'group_i00000000000000000000'
[ 1078.336145][T14392] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1080.193645][T14421] loop5: detected capacity change from 0 to 4096
[ 1080.244946][T14421] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[ 1082.268708][T14439] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1084.235601][T14445] xt_CT: No such helper "snmp"
[ 1086.079006][T14467] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1088.702876][   T30] audit: type=1400 audit(1751616082.903:44): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=14481 comm="syz.7.1748"
[ 1089.444803][T14486] loop4: detected capacity change from 0 to 4096
[ 1090.254428][T14486] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[ 1090.533663][T14493] xt_CT: No such helper "snmp"
[ 1091.174912][T14501] overlayfs: failed to resolve './file1': -2
[ 1091.838388][T14511] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1093.620891][T14523] fuse: Unknown parameter 'group_id00000000000000000000'
[ 1094.404447][T14524] loop7: detected capacity change from 0 to 64
[ 1097.917769][T14554] ptrace attach of "./syz-executor exec"[11127] was attempted by "./syz-executor exec"[14554]
[ 1099.684684][T14564] loop5: detected capacity change from 0 to 2048
[ 1100.007557][T14564] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1102.709258][T14599] syz.0.1771: attempt to access beyond end of device
[ 1102.709258][T14599] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1102.745806][T14599] syz.0.1771: attempt to access beyond end of device
[ 1102.745806][T14599] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1103.850166][T14604] autofs: Unknown parameter '0x0000000000000000'
[ 1104.425337][T14612] ptrace attach of "./syz-executor exec"[11127] was attempted by "./syz-executor exec"[14612]
[ 1104.639536][   T30] audit: type=1400 audit(1751616098.843:45): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=14609 comm="syz.7.1779"
[ 1107.870072][T14640] loop7: detected capacity change from 0 to 64
[ 1109.494506][T14656] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1110.126145][T14654] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1111.213117][T14667] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[14667]
[ 1115.378309][T14717] loop7: detected capacity change from 0 to 256
[ 1116.769101][T14730] syz.0.1806: attempt to access beyond end of device
[ 1116.769101][T14730] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1116.783364][T14730] syz.0.1806: attempt to access beyond end of device
[ 1116.783364][T14730] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1117.605037][T14738] loop3: detected capacity change from 0 to 256
[ 1117.678344][T14738] vfat: Bad value for 'utf8'
[ 1120.115316][T14761] loop5: detected capacity change from 0 to 64
[ 1120.199654][T14756] loop0: detected capacity change from 0 to 256
[ 1121.240562][T14770] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[ 1121.252740][T14770] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[ 1121.258687][T14770] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[ 1121.258687][T14770] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[ 1121.277615][T14770] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[ 1121.288875][T14770] CUSE: DEVNAME unspecified
[ 1121.427844][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1121.434360][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1123.298255][T14782] syz.0.1819: attempt to access beyond end of device
[ 1123.298255][T14782] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1123.313090][T14782] syz.0.1819: attempt to access beyond end of device
[ 1123.313090][T14782] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1123.581755][T14784] loop5: detected capacity change from 0 to 256
[ 1123.616696][T14784] vfat: Bad value for 'utf8'
[ 1126.669722][T14818] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[ 1126.681943][T14818] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[ 1126.687915][T14818] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[ 1126.687915][T14818] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[ 1126.706864][T14818] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[ 1126.718174][T14818] CUSE: DEVNAME unspecified
[ 1127.771369][    C0] Unknown status report in ack skb
[ 1127.966965][T14832] loop0: detected capacity change from 0 to 256
[ 1128.001718][T14832] vfat: Bad value for 'utf8'
[ 1130.640910][T14859] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[ 1130.652929][T14859] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[ 1130.658844][T14859] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[ 1130.658844][T14859] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[ 1130.678169][T14859] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[ 1130.689461][T14859] CUSE: DEVNAME unspecified
[ 1133.838646][T14883] loop4: detected capacity change from 0 to 16
[ 1133.891659][T14883] erofs (device loop4): mounted with root inode @ nid 36.
[ 1134.271081][T14885] loop3: detected capacity change from 0 to 4096
[ 1134.337130][T14885] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[ 1137.295257][T14907] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[ 1137.307037][T14907] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[ 1137.312882][T14907] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[ 1137.312882][T14907] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[ 1137.331847][T14907] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[ 1137.343140][T14907] CUSE: DEVNAME unspecified
[ 1140.066238][T14927] syz.5.1855: attempt to access beyond end of device
[ 1140.066238][T14927] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1140.107319][T14927] syz.5.1855: attempt to access beyond end of device
[ 1140.107319][T14927] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1143.410424][    C1] wlan0: beacon TX faster than countdown (channel/color switch) completion
[ 1144.422169][T14956] loop7: detected capacity change from 0 to 4096
[ 1144.649029][T14956] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[ 1145.696133][T14988] loop5: detected capacity change from 0 to 16
[ 1146.705279][T14988] erofs (device loop5): mounted with root inode @ nid 36.
[ 1147.157095][T14994] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1148.359265][T15004] loop7: detected capacity change from 0 to 64
[ 1150.593878][T15019] syz.3.1873: attempt to access beyond end of device
[ 1150.593878][T15019] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1150.622313][T15019] syz.3.1873: attempt to access beyond end of device
[ 1150.622313][T15019] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1153.406177][T15044] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1155.001329][T15063] loop7: detected capacity change from 0 to 256
[ 1155.022558][T15063] vfat: Bad value for 'utf8'
[ 1157.319130][T15077] loop3: detected capacity change from 0 to 16
[ 1157.385240][T15077] erofs (device loop3): mounted with root inode @ nid 36.
[ 1160.951742][T15106] loop4: detected capacity change from 0 to 256
[ 1160.993253][T15106] vfat: Bad value for 'utf8'
[ 1162.452699][T15121] CUSE: unknown device info "�KJéH+ßãÛ¤2Lh¸änLþ1Õ`†CcÝòn§õ†îì8­¨×0º©®(À3Õ¶ië®â>f¡Çè_Ù®,�°
ð<Ö_e¤FÀÆ"
[ 1162.465621][T15121] CUSE: unknown device info "3�ÜŸ•,²¥Ì˜õ"
[ 1162.471639][T15121] CUSE: unknown device info "Jô©Ð2SZûü !e/ëÅúãõž‘­J½+-n´¸a4¼ßØÁDÿ|G$öó­5O~©q	´ƒ
[ 1162.471639][T15121] f𳦧ìýzóÚXÁSAäx¡Ùjª½T¾Ç”¨åw—üæšxR�É�Q÷®(hÒ�j	pøVdY0¨Æ|M?2JÿúIšvö^
RÎ@´å"
[ 1162.490555][T15121] CUSE: unknown device info "!ToÛ}Ý�&|L+U²®oæõϲ±„Ð"–¨FstVµ:׌E•gJºî‹ÂÁ<@cÁ”²ûŽ4ÊTáM˜M|©·š‚ô"
[ 1162.502012][T15121] CUSE: DEVNAME unspecified
[ 1162.937426][T15126] loop3: detected capacity change from 0 to 64
[ 1167.424349][T15164] loop5: detected capacity change from 0 to 256
[ 1167.471729][T15164] vfat: Bad value for 'utf8'
[ 1167.791127][T15167] loop0: detected capacity change from 0 to 64
[ 1171.213473][T15193] overlayfs: overlapping lowerdir path
[ 1171.341729][T15193] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1174.013297][T15215] loop5: detected capacity change from 0 to 256
[ 1174.166522][T15215] vfat: Bad value for 'utf8'
[ 1177.296705][T15225] loop3: detected capacity change from 0 to 4096
[ 1177.532683][T15225] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[ 1178.709660][T15225] ntfs3(loop3): Failed to read $UpCase (-4).
[ 1181.986549][T15288] loop3: detected capacity change from 0 to 64
[ 1182.877675][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1182.884210][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1186.004755][T15309] loop0: detected capacity change from 0 to 4096
[ 1186.030985][T15309] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[ 1190.185001][T15355] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1193.402738][T15383] loop0: detected capacity change from 0 to 64
[ 1194.508834][T15385] loop7: detected capacity change from 0 to 4096
[ 1194.846981][T15385] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[ 1201.805941][T15456] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1211.167257][T15535] loop0: detected capacity change from 0 to 256
[ 1220.441908][T15613] loop3: detected capacity change from 0 to 256
[ 1221.499628][T15619] loop5: detected capacity change from 0 to 64
[ 1226.040240][T15652] loop3: detected capacity change from 0 to 64
[ 1228.958909][T15676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2034'.
[ 1228.967999][T15676] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2034'.
[ 1230.680956][T15693] overlayfs: failed to resolve './file1': -2
[ 1233.173427][T15712] loop4: detected capacity change from 0 to 256
[ 1236.824316][T15731] xt_CT: No such helper "snmp"
[ 1240.395863][T15770] loop0: detected capacity change from 0 to 64
[ 1244.534235][T15816] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1244.699693][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1244.706311][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1245.328562][T15820] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1247.976921][   T30] audit: type=1400 audit(1751616242.173:46): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=15821 comm="syz.0.2067"
[ 1255.637082][   T30] audit: type=1400 audit(1751616249.833:47): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=15895 comm="syz.0.2083"
[ 1256.862297][T15918] loop4: detected capacity change from 0 to 64
[ 1260.010247][T15941] loop3: detected capacity change from 0 to 16
[ 1260.040488][T15941] erofs (device loop3): mounted with root inode @ nid 36.
[ 1261.859570][T15957] overlayfs: missing 'lowerdir'
[ 1261.987310][T15957] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1264.938545][T15988] loop5: detected capacity change from 0 to 64
[ 1265.276753][T15990] loop4: detected capacity change from 0 to 64
[ 1266.284207][T15995] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1269.970581][T16021] syz.0.2109: attempt to access beyond end of device
[ 1269.970581][T16021] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1269.984423][T16021] syz.0.2109: attempt to access beyond end of device
[ 1269.984423][T16021] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1270.153685][T16023] overlayfs: missing 'lowerdir'
[ 1270.181688][T16023] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1271.467361][T16037] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[16037]
[ 1271.677086][T16037] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2112'.
[ 1272.492608][T16045] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2116'.
[ 1274.739440][T16068] loop4: detected capacity change from 0 to 4096
[ 1274.767919][T16068] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[ 1276.333055][T16086] syz.7.2125: attempt to access beyond end of device
[ 1276.333055][T16086] nbd7: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1276.346198][T16086] syz.7.2125: attempt to access beyond end of device
[ 1276.346198][T16086] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1276.557136][T16087] ptrace attach of "./syz-executor exec"[11127] was attempted by "./syz-executor exec"[16087]
[ 1276.568469][T16087] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2126'.
[ 1278.088135][T16098] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1279.558748][   T43] usb 5-1: new high-speed USB device number 22 using dummy_hcd
[ 1279.747236][   T43] usb 5-1: Using ep0 maxpacket: 32
[ 1279.858812][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1280.114707][   T43] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1280.351005][   T43] usb 5-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1280.401084][   T43] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1280.451069][   T43] usb 5-1: config 0 descriptor??
[ 1281.216374][T16131] fuse: Unknown parameter '0x0000000000000005'
[ 1281.737687][   T43] ft260 0003:0403:6030.0006: chip code: 0000 0000
[ 1281.819329][   T43] ft260 0003:0403:6030.0006: failed to retrieve system status
[ 1281.866041][   T43] ft260 0003:0403:6030.0006: probe with driver ft260 failed with error -32
[ 1282.056568][   T43] usb 5-1: USB disconnect, device number 22
[ 1284.918700][   T30] audit: type=1400 audit(1751616279.123:48): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=16141 comm="syz.3.2141"
[ 1285.075001][T16162] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2146'.
[ 1287.321662][T16181] fuse: Unknown parameter '0x0000000000000005'
[ 1288.030886][T16186] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1291.481790][T16209] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[16209]
[ 1291.496581][T16209] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2157'.
[ 1293.725004][T16228] loop3: detected capacity change from 0 to 1764
[ 1293.732745][T16228] iso9660: Unknown parameter 'de'
[ 1297.168100][T16260] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[16260]
[ 1297.377358][T16260] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2169'.
[ 1299.904404][T16282] loop4: detected capacity change from 0 to 2048
[ 1301.862047][T16290] fuse: Unknown parameter '0x0000000000000005'
[ 1302.223744][T16282] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1303.433345][T16307] loop4: detected capacity change from 0 to 16
[ 1304.183203][T16313] binder: 16301:16313 ioctl c0306201 200000000540 returned -14
[ 1304.207317][T16307] erofs (device loop4): mounted with root inode @ nid 36.
[ 1305.745222][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1305.751933][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1310.303560][T16371] overlayfs: failed to resolve './file0': -2
[ 1314.000855][T16411] syz.7.2198: attempt to access beyond end of device
[ 1314.000855][T16411] nbd7: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1314.014417][T16411] syz.7.2198: attempt to access beyond end of device
[ 1314.014417][T16411] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1314.324293][T16413] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1314.346975][ T5909] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1314.507288][ T5909] usb 6-1: Using ep0 maxpacket: 32
[ 1314.544095][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1314.604611][ T5909] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1314.638469][ T5909] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1314.669557][ T5909] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1314.705698][ T5909] usb 6-1: config 0 descriptor??
[ 1314.800080][T16419] loop3: detected capacity change from 0 to 16
[ 1314.815971][T16419] erofs (device loop3): mounted with root inode @ nid 36.
[ 1315.166395][ T5909] usbhid 6-1:0.0: can't add hid device: -71
[ 1315.221228][ T5909] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1315.285261][ T5909] usb 6-1: USB disconnect, device number 3
[ 1316.712358][T16425] overlayfs: failed to resolve './file0': -2
[ 1321.206881][T16470] syz.5.2213: attempt to access beyond end of device
[ 1321.206881][T16470] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1321.219933][T16470] syz.5.2213: attempt to access beyond end of device
[ 1321.219933][T16470] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1321.289784][T16472] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1322.062080][T16466] syz.7.2214: attempt to access beyond end of device
[ 1322.062080][T16466] nbd7: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1322.075223][T16466] syz.7.2214: attempt to access beyond end of device
[ 1322.075223][T16466] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1324.127572][T16496] syz.0.2220: attempt to access beyond end of device
[ 1324.127572][T16496] nbd0: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1324.141088][T16496] SQUASHFS error: Failed to read block 0x0: -5
[ 1324.147976][T16496] unable to read squashfs_super_block
[ 1324.214086][T16497] o2cb: This node has not been configured.
[ 1324.220233][T16497] o2cb: Cluster check failed. Fix errors before retrying.
[ 1324.227651][T16497] (syz.0.2220,16497,1):user_dlm_register:674 ERROR: status = -22
[ 1324.235461][T16497] (syz.0.2220,16497,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1324.708384][ T8385] usb 1-1: new high-speed USB device number 15 using dummy_hcd
[ 1324.935027][ T8385] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1325.055731][ T8385] usb 1-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[ 1325.371141][ T8385] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1326.106600][ T8385] usb 1-1: config 0 descriptor??
[ 1326.164373][ T8385] HFC-S_USB 1-1:0.0: probe with driver HFC-S_USB failed with error -5
[ 1327.735175][T16491] loop0: detected capacity change from 0 to 32768
[ 1327.742871][T16491] o2cb: This node has not been configured.
[ 1327.748885][T16491] o2cb: Cluster check failed. Fix errors before retrying.
[ 1327.756090][T16491] (syz.0.2220,16491,0):user_dlm_register:674 ERROR: status = -22
[ 1327.764008][T16491] (syz.0.2220,16491,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[ 1328.667441][   T43] usb 1-1: USB disconnect, device number 15
[ 1330.462609][T16529] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1331.734626][T16542] loop0: detected capacity change from 0 to 4096
[ 1331.771525][T16542] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[ 1333.288293][T16562] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1333.958274][T16571] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2240'.
[ 1334.174605][T16573] loop5: detected capacity change from 0 to 64
[ 1335.593420][T16591] loop7: detected capacity change from 0 to 256
[ 1336.116372][T16591] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[ 1336.234046][T16591] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186)
[ 1336.323463][T16598] syz.4.2241: attempt to access beyond end of device
[ 1336.323463][T16598] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1336.555501][T16598] syz.4.2241: attempt to access beyond end of device
[ 1336.555501][T16598] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1336.628471][T16603] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1339.246921][ T5902] usb 4-1: new high-speed USB device number 22 using dummy_hcd
[ 1339.450821][ T5902] usb 4-1: Using ep0 maxpacket: 32
[ 1339.484660][ T5902] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1339.498972][T16633] loop5: detected capacity change from 0 to 64
[ 1339.598501][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1339.693274][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1339.796904][ T5902] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1340.521964][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1340.586635][ T5902] usb 4-1: config 0 descriptor??
[ 1340.594952][ T5902] hub 4-1:0.0: USB hub found
[ 1340.816982][ T5902] hub 4-1:0.0: 2 ports detected
[ 1341.013556][ T5953] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[ 1341.037690][T16647] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1341.255663][ T5953] usb 6-1: Using ep0 maxpacket: 32
[ 1341.278832][ T5953] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1341.327397][ T5953] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1341.346987][ T5953] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1341.380647][ T5953] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1341.440156][ T5902] usb 4-1: USB disconnect, device number 22
[ 1341.612463][ T5953] usb 6-1: config 0 descriptor??
[ 1342.404091][ T5953] usbhid 6-1:0.0: can't add hid device: -71
[ 1342.416010][ T5953] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1342.435952][ T5953] usb 6-1: USB disconnect, device number 4
[ 1346.268322][T16692] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1346.524000][T16702] overlayfs: overlapping lowerdir path
[ 1346.591482][T16702] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1347.590597][T16706] loop5: detected capacity change from 0 to 256
[ 1351.711252][T16738] syz.3.2280: attempt to access beyond end of device
[ 1351.711252][T16738] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1351.725472][T16738] syz.3.2280: attempt to access beyond end of device
[ 1351.725472][T16738] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1352.327139][T16025] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1352.522664][T16025] usb 6-1: Using ep0 maxpacket: 32
[ 1352.544507][T16025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1352.576306][T16025] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1352.597457][ T5902] usb 4-1: new high-speed USB device number 23 using dummy_hcd
[ 1352.610447][T16025] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1352.747696][T16025] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1352.772875][T16025] usb 6-1: config 0 descriptor??
[ 1352.827126][ T5902] usb 4-1: Using ep0 maxpacket: 32
[ 1352.844667][ T5902] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1352.930422][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1352.994351][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1353.197412][T16755] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[16755]
[ 1353.778346][T16752] loop0: detected capacity change from 0 to 256
[ 1353.978422][ T5902] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1354.050736][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1354.084121][T16025] usbhid 6-1:0.0: can't add hid device: -71
[ 1354.110866][T16025] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1354.127932][ T5902] usb 4-1: config 0 descriptor??
[ 1354.173659][ T5902] hub 4-1:0.0: USB hub found
[ 1354.213634][T16025] usb 6-1: USB disconnect, device number 5
[ 1354.441540][ T5902] hub 4-1:0.0: 2 ports detected
[ 1355.471711][ T5902] hub 4-1:0.0: set hub depth failed
[ 1355.511491][ T5902] usb 4-1: USB disconnect, device number 23
[ 1355.869537][T16770] loop7: detected capacity change from 0 to 40427
[ 1355.961782][T16770] F2FS-fs (loop7): invalid crc value
[ 1356.283432][T16770] F2FS-fs (loop7): Start checkpoint disabled!
[ 1356.307848][T16770] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[ 1357.340911][T16770] cgroup: Bad value for 'release_agent'
[ 1358.947615][T11856] kworker/u8:11: attempt to access beyond end of device
[ 1358.947615][T11856] loop7: rw=1, sector=45096, nr_sectors = 8 limit=40427
[ 1359.022845][T11856] kworker/u8:11: attempt to access beyond end of device
[ 1359.022845][T11856] loop7: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[ 1359.091538][T11856] CPU: 1 UID: 0 PID: 11856 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1359.091572][T11856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1359.091587][T11856] Workqueue: writeback wb_workfn (flush-7:7)
[ 1359.091625][T11856] Call Trace:
[ 1359.091634][T11856]  <TASK>
[ 1359.091644][T11856]  dump_stack_lvl+0x189/0x250
[ 1359.091683][T11856]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1359.091712][T11856]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1359.091743][T11856]  ? __pfx_queue_work_on+0x10/0x10
[ 1359.091774][T11856]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1359.091805][T11856]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1359.091837][T11856]  ? f2fs_hw_is_readonly+0x39b/0x470
[ 1359.091868][T11856]  f2fs_handle_critical_error+0x37c/0x540
[ 1359.091928][T11856]  f2fs_write_end_io+0x495/0x810
[ 1359.091957][T11856]  ? blkg_put+0x22/0x240
[ 1359.092005][T11856]  __submit_merged_bio+0x27a/0x6a0
[ 1359.092038][T11856]  __submit_merged_write_cond+0x255/0x530
[ 1359.092071][T11856]  f2fs_write_data_pages+0x261d/0x3000
[ 1359.092136][T11856]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1359.092179][T11856]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1359.092248][T11856]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1359.092289][T11856]  ? trace_f2fs_writepages+0x7f/0x200
[ 1359.092316][T11856]  ? f2fs_write_node_pages+0x478/0x6e0
[ 1359.092345][T11856]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1359.092377][T11856]  ? __lock_acquire+0xab9/0xd20
[ 1359.092408][T11856]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1359.092437][T11856]  do_writepages+0x32e/0x550
[ 1359.092478][T11856]  ? reacquire_held_locks+0x127/0x1d0
[ 1359.092506][T11856]  ? writeback_sb_inodes+0x384/0x1010
[ 1359.092544][T11856]  __writeback_single_inode+0x145/0xff0
[ 1359.092573][T11856]  ? do_raw_spin_unlock+0x122/0x240
[ 1359.092599][T11856]  writeback_sb_inodes+0x6c7/0x1010
[ 1359.092658][T11856]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1359.092733][T11856]  ? rcu_is_watching+0x15/0xb0
[ 1359.092773][T11856]  wb_writeback+0x43b/0xaf0
[ 1359.092810][T11856]  ? queue_io+0x3a1/0x590
[ 1359.092841][T11856]  ? __pfx_wb_writeback+0x10/0x10
[ 1359.092879][T11856]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1359.092916][T11856]  wb_workfn+0x409/0xef0
[ 1359.092956][T11856]  ? __pfx_wb_workfn+0x10/0x10
[ 1359.092986][T11856]  ? __lock_acquire+0xab9/0xd20
[ 1359.093029][T11856]  ? process_scheduled_works+0x9ef/0x17b0
[ 1359.093065][T11856]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1359.093093][T11856]  ? process_scheduled_works+0x9ef/0x17b0
[ 1359.093120][T11856]  ? process_scheduled_works+0x9ef/0x17b0
[ 1359.093150][T11856]  process_scheduled_works+0xae1/0x17b0
[ 1359.093211][T11856]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1359.093259][T11856]  worker_thread+0x8a0/0xda0
[ 1359.093291][T11856]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1359.093331][T11856]  ? __kthread_parkme+0x7b/0x200
[ 1359.093372][T11856]  kthread+0x70e/0x8a0
[ 1359.093396][T11856]  ? __pfx_worker_thread+0x10/0x10
[ 1359.093424][T11856]  ? __pfx_kthread+0x10/0x10
[ 1359.093446][T11856]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1359.093476][T11856]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1359.093507][T11856]  ? __pfx_kthread+0x10/0x10
[ 1359.093528][T11856]  ret_from_fork+0x3fc/0x770
[ 1359.093560][T11856]  ? __pfx_ret_from_fork+0x10/0x10
[ 1359.093595][T11856]  ? __switch_to_asm+0x39/0x70
[ 1359.093615][T11856]  ? __switch_to_asm+0x33/0x70
[ 1359.093633][T11856]  ? __pfx_kthread+0x10/0x10
[ 1359.093655][T11856]  ret_from_fork_asm+0x1a/0x30
[ 1359.093695][T11856]  </TASK>
[ 1359.446000][T11856] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1359.456400][T11856] CPU: 0 UID: 0 PID: 11856 Comm: kworker/u8:11 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1359.456431][T11856] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1359.456447][T11856] Workqueue: writeback wb_workfn (flush-7:7)
[ 1359.456480][T11856] Call Trace:
[ 1359.456489][T11856]  <TASK>
[ 1359.456499][T11856]  dump_stack_lvl+0x189/0x250
[ 1359.456537][T11856]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1359.456565][T11856]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1359.456596][T11856]  ? __pfx_queue_work_on+0x10/0x10
[ 1359.456627][T11856]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1359.456657][T11856]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1359.456690][T11856]  ? f2fs_hw_is_readonly+0x39b/0x470
[ 1359.456721][T11856]  f2fs_handle_critical_error+0x37c/0x540
[ 1359.456753][T11856]  f2fs_write_end_io+0x495/0x810
[ 1359.456779][T11856]  ? blkg_put+0x22/0x240
[ 1359.456821][T11856]  __submit_merged_bio+0x27a/0x6a0
[ 1359.456850][T11856]  __submit_merged_write_cond+0x255/0x530
[ 1359.456879][T11856]  f2fs_write_data_pages+0x261d/0x3000
[ 1359.456943][T11856]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1359.456985][T11856]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1359.457056][T11856]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1359.457095][T11856]  ? trace_f2fs_writepages+0x7f/0x200
[ 1359.457122][T11856]  ? f2fs_write_node_pages+0x478/0x6e0
[ 1359.457151][T11856]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1359.457183][T11856]  ? __lock_acquire+0xab9/0xd20
[ 1359.457214][T11856]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1359.457251][T11856]  do_writepages+0x32e/0x550
[ 1359.457287][T11856]  ? reacquire_held_locks+0x127/0x1d0
[ 1359.457315][T11856]  ? writeback_sb_inodes+0x384/0x1010
[ 1359.457354][T11856]  __writeback_single_inode+0x145/0xff0
[ 1359.457383][T11856]  ? do_raw_spin_unlock+0x122/0x240
[ 1359.457409][T11856]  writeback_sb_inodes+0x6c7/0x1010
[ 1359.457468][T11856]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1359.457542][T11856]  ? rcu_is_watching+0x15/0xb0
[ 1359.457582][T11856]  wb_writeback+0x43b/0xaf0
[ 1359.457620][T11856]  ? queue_io+0x3a1/0x590
[ 1359.457650][T11856]  ? __pfx_wb_writeback+0x10/0x10
[ 1359.457688][T11856]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1359.457723][T11856]  wb_workfn+0x409/0xef0
[ 1359.457764][T11856]  ? __pfx_wb_workfn+0x10/0x10
[ 1359.457793][T11856]  ? __lock_acquire+0xab9/0xd20
[ 1359.457831][T11856]  ? process_scheduled_works+0x9ef/0x17b0
[ 1359.457866][T11856]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1359.457894][T11856]  ? process_scheduled_works+0x9ef/0x17b0
[ 1359.457919][T11856]  ? process_scheduled_works+0x9ef/0x17b0
[ 1359.457949][T11856]  process_scheduled_works+0xae1/0x17b0
[ 1359.458009][T11856]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1359.458057][T11856]  worker_thread+0x8a0/0xda0
[ 1359.458089][T11856]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1359.458128][T11856]  ? __kthread_parkme+0x7b/0x200
[ 1359.458169][T11856]  kthread+0x70e/0x8a0
[ 1359.458194][T11856]  ? __pfx_worker_thread+0x10/0x10
[ 1359.458221][T11856]  ? __pfx_kthread+0x10/0x10
[ 1359.458250][T11856]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1359.458279][T11856]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1359.458309][T11856]  ? __pfx_kthread+0x10/0x10
[ 1359.458330][T11856]  ret_from_fork+0x3fc/0x770
[ 1359.458362][T11856]  ? __pfx_ret_from_fork+0x10/0x10
[ 1359.458396][T11856]  ? __switch_to_asm+0x39/0x70
[ 1359.458415][T11856]  ? __switch_to_asm+0x33/0x70
[ 1359.458434][T11856]  ? __pfx_kthread+0x10/0x10
[ 1359.458457][T11856]  ret_from_fork_asm+0x1a/0x30
[ 1359.458513][T11856]  </TASK>
[ 1359.545219][T16804] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[16804]
[ 1360.083735][T11856] F2FS-fs (loop7): Stopped filesystem due to reason: 3
[ 1361.087234][T16814] loop5: detected capacity change from 0 to 64
[ 1364.168053][T16839] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1366.207980][T16861] ptrace attach of "./syz-executor exec"[5831] was attempted by "./syz-executor exec"[16861]
[ 1367.540121][T16873] syz.4.2314: attempt to access beyond end of device
[ 1367.540121][T16873] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1367.554358][T16873] syz.4.2314: attempt to access beyond end of device
[ 1367.554358][T16873] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1368.091998][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1368.108573][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1368.119551][T16841] overlayfs: overlapping lowerdir path
[ 1368.159667][T16841] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1368.574433][T16870] loop3: detected capacity change from 0 to 64
[ 1373.301334][T16916] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[16916]
[ 1374.117098][ T5902] usb 1-1: new high-speed USB device number 16 using dummy_hcd
[ 1374.229729][T16920] loop4: detected capacity change from 0 to 16
[ 1374.279688][T16920] erofs (device loop4): mounted with root inode @ nid 36.
[ 1374.321746][ T5902] usb 1-1: Using ep0 maxpacket: 32
[ 1374.335386][ T5902] usb 1-1: config 0 has an invalid descriptor of length 255, skipping remainder of the config
[ 1374.746504][T16928] syz.5.2329: attempt to access beyond end of device
[ 1374.746504][T16928] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1374.760692][T16928] syz.5.2329: attempt to access beyond end of device
[ 1374.760692][T16928] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1375.324034][ T5902] usb 1-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1375.338282][ T5902] usb 1-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1375.350045][ T5902] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1375.674225][ T5902] usb 1-1: config 0 descriptor??
[ 1375.692034][ T5902] hub 1-1:0.0: bad descriptor, ignoring hub
[ 1375.698986][ T5902] hub 1-1:0.0: probe with driver hub failed with error -5
[ 1375.709479][ T5902] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[ 1376.957789][ T5902] usb 1-1: USB disconnect, device number 16
[ 1377.606251][T16953] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1378.027458][T16958] loop7: detected capacity change from 0 to 256
[ 1378.034935][T16958] vfat: Bad value for 'utf8'
[ 1378.384057][T16963] ptrace attach of "./syz-executor exec"[5833] was attempted by "./syz-executor exec"[16963]
[ 1381.585370][T16969] loop5: detected capacity change from 0 to 2048
[ 1382.678108][T16969] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1383.234574][T16974] loop0: detected capacity change from 0 to 16
[ 1383.283145][T16974] erofs (device loop0): mounted with root inode @ nid 36.
[ 1385.556137][T17000] loop0: detected capacity change from 0 to 256
[ 1386.061090][T17005] loop0: detected capacity change from 0 to 256
[ 1386.101799][T17005] vfat: Bad value for 'utf8'
[ 1386.183006][T17004] loop5: detected capacity change from 0 to 4096
[ 1386.290828][T17004] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[ 1387.755591][T17021] loop4: detected capacity change from 0 to 64
[ 1388.065706][T17026] syz.5.2355: attempt to access beyond end of device
[ 1388.065706][T17026] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1388.079848][T17026] syz.5.2355: attempt to access beyond end of device
[ 1388.079848][T17026] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1389.073626][T17034] syz.5.2359: attempt to access beyond end of device
[ 1389.073626][T17034] nbd5: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1389.086956][T17034] SQUASHFS error: Failed to read block 0x0: -5
[ 1389.093287][T17034] unable to read squashfs_super_block
[ 1389.131713][T17035] o2cb: This node has not been configured.
[ 1389.137748][T17035] o2cb: Cluster check failed. Fix errors before retrying.
[ 1389.145013][T17035] (syz.5.2359,17035,0):user_dlm_register:674 ERROR: status = -22
[ 1389.152904][T17035] (syz.5.2359,17035,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1390.256952][T16762] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1390.496229][T16762] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1390.541207][T16762] usb 6-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[ 1390.583275][T16762] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1390.678209][T16762] usb 6-1: config 0 descriptor??
[ 1390.721144][T16762] HFC-S_USB 6-1:0.0: probe with driver HFC-S_USB failed with error -5
[ 1391.104537][T17031] loop5: detected capacity change from 0 to 32768
[ 1391.111525][T17031] o2cb: This node has not been configured.
[ 1391.117844][T17031] o2cb: Cluster check failed. Fix errors before retrying.
[ 1391.125058][T17031] (syz.5.2359,17031,1):user_dlm_register:674 ERROR: status = -22
[ 1391.132885][T17031] (syz.5.2359,17031,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[ 1392.605247][T17058] loop3: detected capacity change from 0 to 64
[ 1392.999286][   T43] usb 6-1: USB disconnect, device number 6
[ 1394.735401][T17076] syz.5.2370: attempt to access beyond end of device
[ 1394.735401][T17076] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1394.749768][T17076] syz.5.2370: attempt to access beyond end of device
[ 1394.749768][T17076] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1395.582262][T17081] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[17081]
[ 1395.808674][T17086] loop4: detected capacity change from 0 to 64
[ 1397.071796][T17094] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1398.037154][T17103] ptrace attach of "./syz-executor exec"[11127] was attempted by "./syz-executor exec"[17103]
[ 1399.128143][T17115] loop0: detected capacity change from 0 to 64
[ 1402.224231][T17139] loop7: detected capacity change from 0 to 2048
[ 1402.427341][T17142] ptrace attach of "./syz-executor exec"[5834] was attempted by "./syz-executor exec"[17142]
[ 1402.565985][T17146] loop4: detected capacity change from 0 to 256
[ 1402.960658][T17139] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1403.275858][T17152] overlayfs: missing 'lowerdir'
[ 1403.366955][T17153] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1404.085165][T17156] loop4: detected capacity change from 0 to 512
[ 1404.389260][T17157] loop0: detected capacity change from 0 to 1024
[ 1404.397370][T17156] EXT4-fs error (device loop4): ext4_orphan_get:1393: inode #15: comm syz.4.2388: casefold flag without casefold feature
[ 1404.474233][T17156] EXT4-fs error (device loop4): ext4_orphan_get:1398: comm syz.4.2388: couldn't read orphan inode 15 (err -117)
[ 1404.678458][T17156] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1405.499265][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1406.496038][T17177] loop5: detected capacity change from 0 to 16
[ 1406.757440][T17177] erofs (device loop5): mounted with root inode @ nid 36.
[ 1411.077535][T17202] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1412.198096][T17211] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1413.137041][   T43] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1413.686913][   T43] usb 6-1: Using ep0 maxpacket: 32
[ 1413.697993][   T43] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1413.716422][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1413.790808][T17225] ptrace attach of "./syz-executor exec"[10882] was attempted by "./syz-executor exec"[17225]
[ 1414.625476][   T43] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1414.690370][   T43] usb 6-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1414.853753][   T43] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1414.925968][T17229] syz.4.2401: attempt to access beyond end of device
[ 1414.925968][T17229] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1414.948030][   T43] usb 6-1: config 0 descriptor??
[ 1414.989670][   T43] hub 6-1:0.0: USB hub found
[ 1415.040912][T17229] syz.4.2401: attempt to access beyond end of device
[ 1415.040912][T17229] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1415.995523][T17240] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1416.109073][T17236] loop0: detected capacity change from 0 to 16
[ 1416.163030][   T43] hub 6-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1416.222627][   T43] usbhid 6-1:0.0: can't add hid device: -71
[ 1416.237054][   T43] usbhid 6-1:0.0: probe with driver usbhid failed with error -71
[ 1416.248834][T17236] erofs (device loop0): mounted with root inode @ nid 36.
[ 1416.557854][   T43] usb 6-1: USB disconnect, device number 7
[ 1419.169939][T17264] overlayfs: missing 'lowerdir'
[ 1419.683310][T17273] loop0: detected capacity change from 0 to 1024
[ 1420.564603][T17279] loop5: detected capacity change from 0 to 4096
[ 1420.625154][T17279] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[ 1423.313016][T17301] loop0: detected capacity change from 0 to 2048
[ 1423.476744][T17301] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1428.619066][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1428.625699][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1428.933888][T17330] overlayfs: missing 'lowerdir'
[ 1429.397401][T17344] loop5: detected capacity change from 0 to 1024
[ 1429.628615][T17348] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1429.895789][ T5902] usb 4-1: new high-speed USB device number 24 using dummy_hcd
[ 1430.107174][ T5902] usb 4-1: Using ep0 maxpacket: 32
[ 1430.134708][ T5902] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1430.186976][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1430.246824][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1430.297038][ T5902] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1430.303317][T17355] syz.4.2433: attempt to access beyond end of device
[ 1430.303317][T17355] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1430.327638][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1430.363474][ T5902] usb 4-1: config 0 descriptor??
[ 1430.389031][ T5902] hub 4-1:0.0: USB hub found
[ 1430.417174][T17355] syz.4.2433: attempt to access beyond end of device
[ 1430.417174][T17355] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1430.474556][T17357] loop7: detected capacity change from 0 to 256
[ 1430.519657][T17357] vfat: Bad value for 'utf8'
[ 1430.777966][ T5902] hub 4-1:0.0: config failed, can't read hub descriptor (err -22)
[ 1430.793321][ T5902] usbhid 4-1:0.0: can't add hid device: -71
[ 1430.809959][ T5902] usbhid 4-1:0.0: probe with driver usbhid failed with error -71
[ 1430.865839][ T5902] usb 4-1: USB disconnect, device number 24
[ 1432.103042][T17375] overlayfs: overlapping lowerdir path
[ 1432.114073][T17375] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1436.301208][T17404] overlayfs: missing 'lowerdir'
[ 1436.844702][T17410] loop7: detected capacity change from 0 to 1024
[ 1438.777569][T17423] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1441.084315][T17444] loop0: detected capacity change from 0 to 256
[ 1441.121888][T17444] vfat: Bad value for 'utf8'
[ 1442.156003][T17442] loop4: detected capacity change from 0 to 4096
[ 1442.249405][T17442] ntfs3(loop4): Different NTFS sector size (2048) and media sector size (512).
[ 1447.196309][T17493] loop3: detected capacity change from 0 to 256
[ 1447.309254][T17493] vfat: Bad value for 'utf8'
[ 1450.542922][T17524] loop7: detected capacity change from 0 to 64
[ 1452.000449][T17532] syz.3.2474: attempt to access beyond end of device
[ 1452.000449][T17532] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1452.013630][T17532] syz.3.2474: attempt to access beyond end of device
[ 1452.013630][T17532] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1453.387007][T17547] overlayfs: overlapping lowerdir path
[ 1453.511610][T17549] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1454.429248][T17558] loop3: detected capacity change from 0 to 256
[ 1454.457817][T17558] vfat: Bad value for 'utf8'
[ 1455.930026][T17577] loop0: detected capacity change from 0 to 64
[ 1456.750580][T16762] usb 5-1: new full-speed USB device number 23 using dummy_hcd
[ 1457.057009][T17581] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1457.575193][T16762] usb 5-1: config 0 has an invalid interface number: 128 but max is 0
[ 1457.605274][T16762] usb 5-1: config 0 has no interface number 0
[ 1457.621321][T16762] usb 5-1: New USB device found, idVendor=20b7, idProduct=1540, bcdDevice=b7.5a
[ 1457.630663][T16762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1457.638835][T16762] usb 5-1: Product: syz
[ 1457.643125][T16762] usb 5-1: Manufacturer: syz
[ 1457.651462][T16762] usb 5-1: SerialNumber: syz
[ 1457.689392][T16762] usb 5-1: config 0 descriptor??
[ 1458.843448][ T5902] usb 4-1: new high-speed USB device number 25 using dummy_hcd
[ 1459.007094][ T5902] usb 4-1: Using ep0 maxpacket: 32
[ 1459.028024][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1459.089545][ T5902] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1459.122872][ T5902] usb 4-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1459.156242][T17602] overlayfs: overlapping lowerdir path
[ 1459.164186][T16762] usb 5-1: Firmware version (0.0) predates our first public release.
[ 1459.182081][ T5902] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1459.193734][T17602] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1459.201102][T16762] usb 5-1: Please update to version 0.2 or newer
[ 1459.232264][ T5902] usb 4-1: config 0 descriptor??
[ 1459.480020][T16762] usb 5-1: USB disconnect, device number 23
[ 1459.499583][T17607] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2496'.
[ 1459.509007][T17607] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2496'.
[ 1459.946003][T17609] syz.7.2492: attempt to access beyond end of device
[ 1459.946003][T17609] nbd7: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1459.959203][T17609] syz.7.2492: attempt to access beyond end of device
[ 1459.959203][T17609] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1460.067115][ T5902] usbhid 4-1:0.0: can't add hid device: -32
[ 1460.106976][ T5902] usbhid 4-1:0.0: probe with driver usbhid failed with error -32
[ 1460.177000][ T5902] usb 4-1: USB disconnect, device number 25
[ 1460.566286][T17619] loop4: detected capacity change from 0 to 256
[ 1460.601577][T17619] vfat: Bad value for 'utf8'
[ 1461.734742][T17627] loop7: detected capacity change from 0 to 64
[ 1462.246849][T17631] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2503'.
[ 1462.873691][T17642] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1463.563435][T17653] loop3: detected capacity change from 0 to 16
[ 1463.572949][T17653] erofs (device loop3): mounted with root inode @ nid 36.
[ 1468.015177][T17678] loop4: detected capacity change from 0 to 1764
[ 1468.023907][T17678] iso9660: Unknown parameter 'de'
[ 1468.309140][T16762] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[ 1468.360879][T17685] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2516'.
[ 1469.177249][T16762] usb 5-1: Using ep0 maxpacket: 8
[ 1469.299582][T16762] usb 5-1: unable to get BOS descriptor or descriptor too short
[ 1469.322361][T16762] usb 5-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1469.337945][T16762] usb 5-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1469.348959][T16762] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1469.370528][T16762] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1469.393079][T16762] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1469.402965][T16762] usb 5-1: Product: syz
[ 1469.427194][T16762] usb 5-1: Manufacturer: syz
[ 1469.460920][T16762] usb 5-1: SerialNumber: syz
[ 1469.473019][T17690] loop3: detected capacity change from 0 to 256
[ 1469.508338][T17690] vfat: Bad value for 'utf8'
[ 1471.025143][T16762] usb 5-1: 0:2 : does not exist
[ 1471.170942][T17697] syz.5.2518: attempt to access beyond end of device
[ 1471.170942][T17697] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1471.185206][T17697] syz.5.2518: attempt to access beyond end of device
[ 1471.185206][T17697] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1471.371559][T16762] usb 5-1: USB disconnect, device number 24
[ 1471.692353][ T5975] udevd[5975]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1471.711146][T17705] loop5: detected capacity change from 0 to 16
[ 1471.748167][T17705] erofs (device loop5): mounted with root inode @ nid 36.
[ 1472.071936][T17710] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1473.331914][T17714] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1476.900144][T17738] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2528'.
[ 1477.013113][T17740] loop5: detected capacity change from 0 to 256
[ 1477.041061][T17740] vfat: Bad value for 'utf8'
[ 1477.627512][T17746] overlayfs: missing 'lowerdir'
[ 1477.718594][T17747] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1478.370937][T17751] loop3: detected capacity change from 0 to 2048
[ 1478.392759][T17751] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1480.958273][T17767] syz.5.2533: attempt to access beyond end of device
[ 1480.958273][T17767] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1480.981576][T17767] syz.5.2533: attempt to access beyond end of device
[ 1480.981576][T17767] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1481.707904][T17770] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1482.833808][T17781] syz.4.2537: attempt to access beyond end of device
[ 1482.833808][T17781] nbd4: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1482.847289][T17781] SQUASHFS error: Failed to read block 0x0: -5
[ 1482.853882][T17781] unable to read squashfs_super_block
[ 1482.922215][T17782] o2cb: This node has not been configured.
[ 1482.928353][T17782] o2cb: Cluster check failed. Fix errors before retrying.
[ 1482.935846][T17782] (syz.4.2537,17782,1):user_dlm_register:674 ERROR: status = -22
[ 1482.944234][T17782] (syz.4.2537,17782,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1483.507242][ T5952] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1483.729347][ T5952] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1483.753046][ T5952] usb 5-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[ 1483.980670][ T5952] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1484.936165][ T5952] usb 5-1: config 0 descriptor??
[ 1484.966961][ T5952] usb 5-1: can't set config #0, error -71
[ 1484.985946][ T5952] usb 5-1: USB disconnect, device number 25
[ 1485.095707][T17795] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2542'.
[ 1486.592948][T17811] overlayfs: missing 'lowerdir'
[ 1486.619545][T17811] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1487.483298][T17812] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1488.815473][T17825] syz.0.2548: attempt to access beyond end of device
[ 1488.815473][T17825] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1488.830219][T17825] syz.0.2548: attempt to access beyond end of device
[ 1488.830219][T17825] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1489.721904][T17831] loop0: detected capacity change from 0 to 2048
[ 1489.743706][T17831] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1490.667697][T17837] loop7: detected capacity change from 0 to 64
[ 1490.781153][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1490.797494][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1493.600043][T17861] overlayfs: missing 'lowerdir'
[ 1494.241891][T17861] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1497.506565][T17889] loop7: detected capacity change from 0 to 64
[ 1498.022462][   T30] audit: type=1400 audit(1751616492.183:49): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=17893 comm="syz.4.2565"
[ 1499.191634][T17907] loop7: detected capacity change from 0 to 2048
[ 1499.222461][T17907] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1500.450013][T17915] loop0: detected capacity change from 0 to 256
[ 1500.499865][T17915] vfat: Bad value for 'utf8'
[ 1500.557199][T17917] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1501.291213][T17924] loop4: detected capacity change from 0 to 64
[ 1501.581268][T17918] loop7: detected capacity change from 0 to 4096
[ 1501.738803][T17918] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[ 1502.136918][T17930] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1504.790121][T17944] loop7: detected capacity change from 0 to 2048
[ 1504.861388][T17944] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1506.100826][T17956] loop0: detected capacity change from 0 to 64
[ 1507.498574][T17968] loop3: detected capacity change from 0 to 256
[ 1507.558034][T17968] vfat: Bad value for 'utf8'
[ 1508.357162][T17982] process 'syz.3.2587' launched './file0' with NULL argv: empty string added
[ 1509.772427][T17990] loop0: detected capacity change from 0 to 2048
[ 1509.824979][T17990] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1510.307572][T17999] loop7: detected capacity change from 0 to 64
[ 1512.158863][T18014] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2595'.
[ 1512.623011][T18018] loop3: detected capacity change from 0 to 256
[ 1512.673789][T18018] vfat: Bad value for 'utf8'
[ 1514.639059][T18036] loop3: detected capacity change from 0 to 2048
[ 1514.793570][T18036] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1516.042555][T18044] loop7: detected capacity change from 0 to 64
[ 1519.429414][T18067] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2609'.
[ 1519.866901][ T5952] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1520.218603][ T5952] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1520.246864][ T5952] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1521.017034][ T5952] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1521.027228][ T5952] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[ 1521.075724][ T5952] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[ 1521.106911][ T5952] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1521.162142][ T5952] usb 6-1: config 0 descriptor??
[ 1522.194642][ T5952] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[ 1522.217135][ T5952] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[ 1522.224791][ T5952] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[ 1522.237805][ T5952] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[ 1522.245296][ T5952] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[ 1522.390231][ T5952] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.5-1/input0
[ 1522.643256][ T5846] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[ 1522.667735][ T5846] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[ 1522.682140][ T5846] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[ 1522.826451][T18097] loop4: detected capacity change from 0 to 64
[ 1522.854690][ T5846] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[ 1522.869846][ T5846] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[ 1523.979191][T18104] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1524.014325][T18107] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2621'.
[ 1524.865977][ T5902] usb 6-1: USB disconnect, device number 8
[ 1525.369375][T18123] loop3: detected capacity change from 0 to 1764
[ 1525.377112][T18123] iso9660: Unknown parameter 'de'
[ 1525.448329][ T5846] Bluetooth: hci5: command tx timeout
[ 1525.657581][T16762] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[ 1526.506805][T16762] usb 4-1: Using ep0 maxpacket: 8
[ 1526.536028][T16762] usb 4-1: unable to get BOS descriptor or descriptor too short
[ 1526.619224][T16762] usb 4-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1526.647240][T16762] usb 4-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1526.677891][T16762] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1526.731132][T18090] chnl_net:caif_netlink_parms(): no params data found
[ 1526.866681][T16762] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1526.878882][T16762] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1526.887500][T16762] usb 4-1: Product: syz
[ 1526.891767][T16762] usb 4-1: Manufacturer: syz
[ 1526.896517][T16762] usb 4-1: SerialNumber: syz
[ 1527.498387][ T5846] Bluetooth: hci5: command tx timeout
[ 1528.040899][   T30] audit: type=1400 audit(1751616522.233:50): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=18135 comm="syz.4.2627"
[ 1528.660665][T16762] usb 4-1: 0:2 : does not exist
[ 1529.151356][T18151] loop3: detected capacity change from 0 to 64
[ 1529.607343][ T5846] Bluetooth: hci5: command tx timeout
[ 1529.652524][T16762] usb 4-1: USB disconnect, device number 26
[ 1529.831294][T18157] loop4: detected capacity change from 0 to 512
[ 1529.900631][T18157] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[ 1529.924138][ T6107] udevd[6107]: error opening ATTR{/sys/devices/platform/dummy_hcd.3/usb4/4-1/4-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1530.026349][T18157] EXT4-fs (loop4): 1 truncate cleaned up
[ 1530.093789][T18157] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1530.535299][T18090] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1530.807010][T18090] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1530.866427][T18090] bridge_slave_0: entered allmulticast mode
[ 1530.875395][T18090] bridge_slave_0: entered promiscuous mode
[ 1530.886986][T18090] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1530.895468][T18090] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1530.903264][T18090] bridge_slave_1: entered allmulticast mode
[ 1530.911785][T18090] bridge_slave_1: entered promiscuous mode
[ 1530.919255][T18157] overlayfs: conflicting lowerdir path
[ 1531.128995][ T5833] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1531.231801][T18169] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1531.747842][ T5846] Bluetooth: hci5: command tx timeout
[ 1532.622467][T18090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1532.840809][T18090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1533.798550][T18183] loop7: detected capacity change from 0 to 4096
[ 1533.907023][T18183] ntfs3(loop7): Different NTFS sector size (2048) and media sector size (512).
[ 1533.997098][T18090] team0: Port device team_slave_0 added
[ 1535.238142][T18198] syz.5.2640: attempt to access beyond end of device
[ 1535.238142][T18198] nbd5: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1535.251637][T18198] SQUASHFS error: Failed to read block 0x0: -5
[ 1535.258194][T18198] unable to read squashfs_super_block
[ 1535.323610][T18199] o2cb: This node has not been configured.
[ 1535.329598][T18199] o2cb: Cluster check failed. Fix errors before retrying.
[ 1535.336838][T18199] (syz.5.2640,18199,1):user_dlm_register:674 ERROR: status = -22
[ 1535.344617][T18199] (syz.5.2640,18199,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1535.627580][T18090] team0: Port device team_slave_1 added
[ 1535.747127][ T8385] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1535.878478][T18183] ntfs3(loop7): Failed to read $UpCase (-4).
[ 1535.940235][ T8385] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1536.023508][ T8385] usb 6-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[ 1536.134940][ T8385] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1536.255422][ T8385] usb 6-1: config 0 descriptor??
[ 1536.299519][ T8385] HFC-S_USB 6-1:0.0: probe with driver HFC-S_USB failed with error -5
[ 1536.322641][T18090] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1536.341050][T18090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1536.890957][T18210] loop4: detected capacity change from 0 to 64
[ 1537.338680][T18197] loop5: detected capacity change from 0 to 32768
[ 1537.346349][T18197] o2cb: This node has not been configured.
[ 1537.352214][T18197] o2cb: Cluster check failed. Fix errors before retrying.
[ 1537.359449][T18197] (syz.5.2640,18197,0):user_dlm_register:674 ERROR: status = -22
[ 1537.367201][T18197] (syz.5.2640,18197,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[ 1537.449992][T18090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1537.471969][T18090] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1537.479005][T18090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1537.505360][T18090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1537.889357][T18090] hsr_slave_0: entered promiscuous mode
[ 1537.990502][T18215] fuse: Unknown parameter '0x0000000000000009'
[ 1538.520475][T18090] hsr_slave_1: entered promiscuous mode
[ 1538.532032][T18090] debugfs: 'hsr0' already exists in 'hsr'
[ 1538.665867][   T43] usb 6-1: USB disconnect, device number 9
[ 1538.706487][T18090] Cannot create hsr debugfs directory
[ 1540.126578][T18238] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1541.021045][T18090] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1541.249924][T18242] iommufd_mock iommufd_mock0: Adding to iommu group 0
[ 1542.725742][T18259] loop7: detected capacity change from 0 to 64
[ 1543.772032][T18090] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1544.080667][T18265] loop5: detected capacity change from 0 to 2048
[ 1545.241259][T18265] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1545.363949][T18090] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1547.545732][T18297] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1549.438341][T18312] o2cb: This node has not been configured.
[ 1549.444223][T18312] o2cb: Cluster check failed. Fix errors before retrying.
[ 1549.451472][T18312] (syz.4.2663,18312,0):user_dlm_register:674 ERROR: status = -22
[ 1549.459322][T18312] (syz.4.2663,18312,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1550.167100][T16025] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1550.398728][T16025] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1550.420799][T18320] fuse: Unknown parameter '0x0000000000000009'
[ 1550.702457][T16025] usb 5-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[ 1550.732924][T16025] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1550.823724][T16025] usb 5-1: config 0 descriptor??
[ 1550.914025][T16025] HFC-S_USB 5-1:0.0: probe with driver HFC-S_USB failed with error -5
[ 1551.336415][T18090] netdevsim netdevsim0 netdevsim0: renamed from eth0
[ 1551.369504][T18311] loop4: detected capacity change from 0 to 32768
[ 1551.377156][T18311] o2cb: This node has not been configured.
[ 1551.383034][T18311] o2cb: Cluster check failed. Fix errors before retrying.
[ 1551.390358][T18311] (syz.4.2663,18311,1):user_dlm_register:674 ERROR: status = -22
[ 1551.398255][T18311] (syz.4.2663,18311,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[ 1551.421761][T18090] netdevsim netdevsim0 netdevsim1: renamed from eth1
[ 1551.494600][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1551.501698][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1551.543601][T18090] netdevsim netdevsim0 netdevsim2: renamed from eth2
[ 1551.615533][T18090] netdevsim netdevsim0 netdevsim3: renamed from eth3
[ 1551.796890][ T8385] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[ 1551.977120][ T8385] usb 6-1: Using ep0 maxpacket: 32
[ 1552.001642][ T8385] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1552.030924][ T8385] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1552.043209][T18090] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1552.064363][ T8385] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1552.105041][ T8385] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1552.135050][T18090] 8021q: adding VLAN 0 to HW filter on device team0
[ 1552.161605][ T8385] usb 6-1: config 0 descriptor??
[ 1552.197694][T11856] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1552.204977][T11856] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1552.281553][T11856] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1552.288874][T11856] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1552.567073][   T43] usb 5-1: USB disconnect, device number 26
[ 1552.819038][ T8385] ft260 0003:0403:6030.0008: failed to retrieve chip version
[ 1552.849090][ T8385] ft260 0003:0403:6030.0008: probe with driver ft260 failed with error -32
[ 1553.493353][T18090] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1553.706221][T18090] veth0_vlan: entered promiscuous mode
[ 1553.809205][T18090] veth1_vlan: entered promiscuous mode
[ 1553.954174][T18090] veth0_macvtap: entered promiscuous mode
[ 1553.994030][T18090] veth1_macvtap: entered promiscuous mode
[ 1554.048891][T18090] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1554.140774][T18090] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1554.179478][   T12] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1554.196067][   T12] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1554.292725][   T36] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1555.037116][   T61] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1555.077401][T16025] usb 6-1: USB disconnect, device number 10
[ 1555.193837][T18377] loop3: detected capacity change from 0 to 2048
[ 1555.228985][T18377] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1555.328209][   T36] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1555.600656][T18385] syz.4.2672: attempt to access beyond end of device
[ 1555.600656][T18385] nbd4: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1555.614917][T18385] syz.4.2672: attempt to access beyond end of device
[ 1555.614917][T18385] nbd4: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1556.095317][   T36] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1556.339328][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1556.445012][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1557.325893][T18401] bridge0: port 3(syz_tun) entered blocking state
[ 1557.379491][T18401] bridge0: port 3(syz_tun) entered disabled state
[ 1557.589981][T18401] syz_tun: entered allmulticast mode
[ 1557.694754][T18401] syz_tun: entered promiscuous mode
[ 1557.851767][T18401] bridge0: port 3(syz_tun) entered blocking state
[ 1557.860311][T18401] bridge0: port 3(syz_tun) entered forwarding state
[ 1558.663763][T18417] loop0: detected capacity change from 0 to 40427
[ 1558.707606][T18417] F2FS-fs (loop0): invalid crc value
[ 1559.257210][T18417] F2FS-fs (loop0): Start checkpoint disabled!
[ 1559.308341][T18417] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[ 1559.700716][T18430] cgroup: Bad value for 'release_agent'
[ 1561.004248][ T5966] kworker/u8:10: attempt to access beyond end of device
[ 1561.004248][ T5966] loop0: rw=1, sector=45096, nr_sectors = 8 limit=40427
[ 1561.143210][T18387] kworker/u8:13: attempt to access beyond end of device
[ 1561.143210][T18387] loop0: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[ 1561.226868][T18387] CPU: 1 UID: 0 PID: 18387 Comm: kworker/u8:13 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1561.226899][T18387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1561.226914][T18387] Workqueue: writeback wb_workfn (flush-7:0)
[ 1561.226950][T18387] Call Trace:
[ 1561.226959][T18387]  <TASK>
[ 1561.226969][T18387]  dump_stack_lvl+0x189/0x250
[ 1561.227008][T18387]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1561.227036][T18387]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1561.227067][T18387]  ? __pfx_queue_work_on+0x10/0x10
[ 1561.227098][T18387]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1561.227129][T18387]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1561.227162][T18387]  ? f2fs_hw_is_readonly+0x39b/0x470
[ 1561.227194][T18387]  f2fs_handle_critical_error+0x37c/0x540
[ 1561.227228][T18387]  f2fs_write_end_io+0x495/0x810
[ 1561.227253][T18387]  ? blkg_put+0x22/0x240
[ 1561.227299][T18387]  __submit_merged_bio+0x27a/0x6a0
[ 1561.227331][T18387]  __submit_merged_write_cond+0x255/0x530
[ 1561.227373][T18387]  f2fs_write_data_pages+0x261d/0x3000
[ 1561.227444][T18387]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1561.227491][T18387]  ? unwind_next_frame+0xa5/0x2390
[ 1561.227552][T18387]  ? ret_from_fork_asm+0x1a/0x30
[ 1561.227582][T18387]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1561.227628][T18387]  ? __lock_acquire+0xab9/0xd20
[ 1561.227664][T18387]  ? __update_page_owner_handle+0x5a/0x570
[ 1561.227708][T18387]  ? __lock_acquire+0xab9/0xd20
[ 1561.227738][T18387]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1561.227767][T18387]  do_writepages+0x32e/0x550
[ 1561.227803][T18387]  ? reacquire_held_locks+0x127/0x1d0
[ 1561.227832][T18387]  ? writeback_sb_inodes+0x384/0x1010
[ 1561.227873][T18387]  __writeback_single_inode+0x145/0xff0
[ 1561.227902][T18387]  ? do_raw_spin_unlock+0x122/0x240
[ 1561.227929][T18387]  writeback_sb_inodes+0x6c7/0x1010
[ 1561.227994][T18387]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1561.228078][T18387]  ? rcu_is_watching+0x15/0xb0
[ 1561.228120][T18387]  wb_writeback+0x43b/0xaf0
[ 1561.228160][T18387]  ? queue_io+0x3a1/0x590
[ 1561.228192][T18387]  ? __pfx_wb_writeback+0x10/0x10
[ 1561.228231][T18387]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1561.228269][T18387]  wb_workfn+0x409/0xef0
[ 1561.228314][T18387]  ? __pfx_wb_workfn+0x10/0x10
[ 1561.228351][T18387]  ? __lock_acquire+0xab9/0xd20
[ 1561.228392][T18387]  ? process_scheduled_works+0x9ef/0x17b0
[ 1561.228429][T18387]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1561.228457][T18387]  ? process_scheduled_works+0x9ef/0x17b0
[ 1561.228484][T18387]  ? process_scheduled_works+0x9ef/0x17b0
[ 1561.228514][T18387]  process_scheduled_works+0xae1/0x17b0
[ 1561.228583][T18387]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1561.228636][T18387]  worker_thread+0x8a0/0xda0
[ 1561.228702][T18387]  kthread+0x70e/0x8a0
[ 1561.228728][T18387]  ? __pfx_worker_thread+0x10/0x10
[ 1561.228756][T18387]  ? __pfx_kthread+0x10/0x10
[ 1561.228780][T18387]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1561.228808][T18387]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1561.228838][T18387]  ? __pfx_kthread+0x10/0x10
[ 1561.228861][T18387]  ret_from_fork+0x3fc/0x770
[ 1561.228892][T18387]  ? __pfx_ret_from_fork+0x10/0x10
[ 1561.228929][T18387]  ? __switch_to_asm+0x39/0x70
[ 1561.228948][T18387]  ? __switch_to_asm+0x33/0x70
[ 1561.228967][T18387]  ? __pfx_kthread+0x10/0x10
[ 1561.228990][T18387]  ret_from_fork_asm+0x1a/0x30
[ 1561.229034][T18387]  </TASK>
[ 1561.229045][T18387] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1561.622681][ T5840] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[ 1561.657253][T18387] CPU: 0 UID: 0 PID: 18387 Comm: kworker/u8:13 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1561.657279][T18387] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1561.657291][T18387] Workqueue: writeback wb_workfn (flush-7:0)
[ 1561.657322][T18387] Call Trace:
[ 1561.657331][T18387]  <TASK>
[ 1561.657340][T18387]  dump_stack_lvl+0x189/0x250
[ 1561.657376][T18387]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1561.657404][T18387]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1561.657434][T18387]  ? __pfx_queue_work_on+0x10/0x10
[ 1561.657458][T18387]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1561.657480][T18387]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1561.657503][T18387]  ? f2fs_hw_is_readonly+0x39b/0x470
[ 1561.657525][T18387]  f2fs_handle_critical_error+0x37c/0x540
[ 1561.657548][T18387]  f2fs_write_end_io+0x495/0x810
[ 1561.657568][T18387]  ? blkg_put+0x22/0x240
[ 1561.657597][T18387]  __submit_merged_bio+0x27a/0x6a0
[ 1561.657619][T18387]  __submit_merged_write_cond+0x255/0x530
[ 1561.657642][T18387]  f2fs_write_data_pages+0x261d/0x3000
[ 1561.657686][T18387]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1561.657716][T18387]  ? unwind_next_frame+0xa5/0x2390
[ 1561.657756][T18387]  ? ret_from_fork_asm+0x1a/0x30
[ 1561.657775][T18387]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[ 1561.657804][T18387]  ? __lock_acquire+0xab9/0xd20
[ 1561.657828][T18387]  ? __update_page_owner_handle+0x5a/0x570
[ 1561.657858][T18387]  ? __lock_acquire+0xab9/0xd20
[ 1561.657879][T18387]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1561.657900][T18387]  do_writepages+0x32e/0x550
[ 1561.657924][T18387]  ? reacquire_held_locks+0x127/0x1d0
[ 1561.657945][T18387]  ? writeback_sb_inodes+0x384/0x1010
[ 1561.657972][T18387]  __writeback_single_inode+0x145/0xff0
[ 1561.657992][T18387]  ? do_raw_spin_unlock+0x122/0x240
[ 1561.658010][T18387]  writeback_sb_inodes+0x6c7/0x1010
[ 1561.658057][T18387]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1561.658109][T18387]  ? rcu_is_watching+0x15/0xb0
[ 1561.658137][T18387]  wb_writeback+0x43b/0xaf0
[ 1561.658163][T18387]  ? queue_io+0x3a1/0x590
[ 1561.658185][T18387]  ? __pfx_wb_writeback+0x10/0x10
[ 1561.658211][T18387]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1561.658236][T18387]  wb_workfn+0x409/0xef0
[ 1561.658264][T18387]  ? __pfx_wb_workfn+0x10/0x10
[ 1561.658284][T18387]  ? __lock_acquire+0xab9/0xd20
[ 1561.658310][T18387]  ? process_scheduled_works+0x9ef/0x17b0
[ 1561.658335][T18387]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1561.658355][T18387]  ? process_scheduled_works+0x9ef/0x17b0
[ 1561.658374][T18387]  ? process_scheduled_works+0x9ef/0x17b0
[ 1561.658395][T18387]  process_scheduled_works+0xae1/0x17b0
[ 1561.658437][T18387]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1561.658470][T18387]  worker_thread+0x8a0/0xda0
[ 1561.658510][T18387]  kthread+0x70e/0x8a0
[ 1561.658527][T18387]  ? __pfx_worker_thread+0x10/0x10
[ 1561.658547][T18387]  ? __pfx_kthread+0x10/0x10
[ 1561.658562][T18387]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1561.658583][T18387]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1561.658604][T18387]  ? __pfx_kthread+0x10/0x10
[ 1561.658619][T18387]  ret_from_fork+0x3fc/0x770
[ 1561.658641][T18387]  ? __pfx_ret_from_fork+0x10/0x10
[ 1561.658665][T18387]  ? __switch_to_asm+0x39/0x70
[ 1561.658679][T18387]  ? __switch_to_asm+0x33/0x70
[ 1561.658692][T18387]  ? __pfx_kthread+0x10/0x10
[ 1561.658707][T18387]  ret_from_fork_asm+0x1a/0x30
[ 1561.658734][T18387]  </TASK>
[ 1561.658741][T18387] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[ 1562.086936][ T5840] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[ 1562.096478][ T5840] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[ 1562.107671][ T5840] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[ 1562.117442][ T5840] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[ 1562.725754][T18454] loop5: detected capacity change from 0 to 256
[ 1565.026915][ T5840] Bluetooth: hci3: command tx timeout
[ 1565.147247][T18468] loop5: detected capacity change from 0 to 256
[ 1565.160310][T18468] vfat: Bad value for 'utf8'
[ 1567.106870][ T5846] Bluetooth: hci3: command tx timeout
[ 1567.153773][T18481] nvme_fabrics: unknown parameter or missing value '(' in ctrl creation request
[ 1567.167363][T18483] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[ 1567.471872][T18441] chnl_net:caif_netlink_parms(): no params data found
[ 1568.080860][T18494] loop7: detected capacity change from 0 to 2048
[ 1568.204463][T18494] NILFS (loop7): invalid segment: Magic number mismatch
[ 1568.245035][T18494] NILFS (loop7): trying rollback from an earlier position
[ 1568.269734][T18441] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1568.302776][T18441] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1568.325601][T18494] NILFS (loop7): recovery complete
[ 1568.338985][T18441] bridge_slave_0: entered allmulticast mode
[ 1568.352573][T18505] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1568.365020][T18441] bridge_slave_0: entered promiscuous mode
[ 1568.407643][T18441] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1568.626863][ T5952] usb 1-1: new high-speed USB device number 17 using dummy_hcd
[ 1568.784871][T18441] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1568.863981][T18441] bridge_slave_1: entered allmulticast mode
[ 1568.964810][T18441] bridge_slave_1: entered promiscuous mode
[ 1569.167318][ T5846] Bluetooth: hci3: command tx timeout
[ 1569.347176][ T5952] usb 1-1: Using ep0 maxpacket: 8
[ 1569.386455][ T5952] usb 1-1: unable to get BOS descriptor or descriptor too short
[ 1569.411148][T18441] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1569.467485][T18441] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1569.509083][ T5952] usb 1-1: config 1 interface 0 altsetting 13 endpoint 0x81 has an invalid bInterval 64, changing to 10
[ 1569.545835][ T5952] usb 1-1: config 1 interface 0 altsetting 13 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1569.802288][ T5952] usb 1-1: config 1 interface 0 has no altsetting 0
[ 1569.808479][T18441] team0: Port device team_slave_0 added
[ 1569.818364][ T5952] usb 1-1: New USB device found, idVendor=05ac, idProduct=0249, bcdDevice= 0.40
[ 1569.843974][T18441] team0: Port device team_slave_1 added
[ 1569.846836][ T5952] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1569.871805][ T5952] usb 1-1: Product: syz
[ 1569.876136][ T5952] usb 1-1: Manufacturer: syz
[ 1569.922039][ T5952] usb 1-1: SerialNumber: syz
[ 1570.656044][ T5952] input: bcm5974 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/input/input15
[ 1570.752293][ T5186] bcm5974 1-1:1.0: could not read from device
[ 1570.834780][ T5186] bcm5974 1-1:1.0: could not read from device
[ 1571.071417][ T5186] bcm5974 1-1:1.0: could not read from device
[ 1571.092976][T18441] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1571.106634][ T5952] usb 1-1: USB disconnect, device number 17
[ 1571.184256][ T5186] bcm5974 1-1:1.0: could not read from device
[ 1571.248740][ T5846] Bluetooth: hci3: command tx timeout
[ 1571.248767][T18441] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1571.307439][T18441] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1571.473834][T18441] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1571.491881][T18441] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1571.637405][T18441] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1572.007256][T18441] hsr_slave_0: entered promiscuous mode
[ 1572.014142][T18441] hsr_slave_1: entered promiscuous mode
[ 1572.059936][T18441] debugfs: 'hsr0' already exists in 'hsr'
[ 1572.065906][T18441] Cannot create hsr debugfs directory
[ 1572.191228][T18532] syz.7.2696: attempt to access beyond end of device
[ 1572.191228][T18532] nbd7: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1572.205518][T18532] syz.7.2696: attempt to access beyond end of device
[ 1572.205518][T18532] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1572.397086][ T5952] usb 1-1: new high-speed USB device number 18 using dummy_hcd
[ 1572.806812][ T5952] usb 1-1: Using ep0 maxpacket: 32
[ 1572.825603][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1572.857253][ T5952] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1572.872750][ T5952] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1572.883167][ T5952] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1572.911326][ T5952] usb 1-1: config 0 descriptor??
[ 1574.403392][ T5952] ft260 0003:0403:6030.0009: failed to retrieve chip version
[ 1574.418851][ T5952] ft260 0003:0403:6030.0009: probe with driver ft260 failed with error -32
[ 1574.505238][T18543] loop7: detected capacity change from 0 to 256
[ 1574.556051][T18543] vfat: Bad value for 'utf8'
[ 1576.471288][T16025] usb 1-1: USB disconnect, device number 18
[ 1577.924613][T18441] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1578.480228][T16025] IPVS: starting estimator thread 0...
[ 1578.827730][T18568] IPVS: using max 26 ests per chain, 62400 per kthread
[ 1578.997879][T18575] binder: 18571:18575 ioctl c0306201 200000000540 returned -14
[ 1579.526090][T18441] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1580.479444][T18441] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1581.540578][ T5953] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[ 1581.846897][ T5953] usb 8-1: Using ep0 maxpacket: 32
[ 1581.863179][ T5953] usb 8-1: config 0 interface 0 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[ 1581.947988][ T5953] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1582.225203][ T5953] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1582.658311][ T5953] usb 8-1: config 0 descriptor??
[ 1582.726850][ T8385] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[ 1582.915694][ T5953] hub 8-1:0.0: bad descriptor, ignoring hub
[ 1582.992680][ T8385] usb 4-1: Using ep0 maxpacket: 32
[ 1582.998568][ T5953] hub 8-1:0.0: probe with driver hub failed with error -5
[ 1583.019922][ T8385] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1583.038962][ T5953] usbhid 8-1:0.0: couldn't find an input interrupt endpoint
[ 1583.065994][ T8385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1583.277602][ T8385] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1583.464662][ T8385] usb 4-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1583.616914][ T8385] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1583.665978][T18441] netdevsim netdevsim4 netdevsim0: renamed from eth0
[ 1583.678282][ T8385] usb 4-1: config 0 descriptor??
[ 1583.715420][ T8385] hub 4-1:0.0: USB hub found
[ 1583.772586][T18441] netdevsim netdevsim4 netdevsim1: renamed from eth1
[ 1583.822049][T18441] netdevsim netdevsim4 netdevsim2: renamed from eth2
[ 1583.843720][T18441] netdevsim netdevsim4 netdevsim3: renamed from eth3
[ 1583.946044][ T8385] hub 4-1:0.0: 2 ports detected
[ 1584.183835][T18441] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1584.235592][T18441] 8021q: adding VLAN 0 to HW filter on device team0
[ 1584.300522][T18387] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1584.307799][T18387] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1584.396017][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1584.403273][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1584.449039][T16762] usb 8-1: USB disconnect, device number 3
[ 1585.802586][ T8385] hub 4-1:0.0: activate --> -90
[ 1585.997418][T18664] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1586.058840][ T5952] IPVS: starting estimator thread 0...
[ 1586.157793][T18668] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1586.599182][ T5952] usb 4-1: USB disconnect, device number 27
[ 1586.803519][T18441] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1588.757243][T11370] usb 1-1: new low-speed USB device number 19 using dummy_hcd
[ 1589.017763][T11370] usb 1-1: config index 0 descriptor too short (expected 62914, got 27)
[ 1589.138633][T11370] usb 1-1: config 17 has too many interfaces: 95, using maximum allowed: 32
[ 1589.340193][T11370] usb 1-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1589.386907][T11370] usb 1-1: config 17 has 0 interfaces, different from the descriptor's value: 95
[ 1589.449060][T11370] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1589.498992][T11370] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1589.565056][T18441] veth0_vlan: entered promiscuous mode
[ 1589.814767][T18441] veth1_vlan: entered promiscuous mode
[ 1589.934299][T18707] overlayfs: failed to resolve './file0': -2
[ 1590.697335][T11370] usb 1-1: string descriptor 0 read error: -71
[ 1590.728897][T11370] usb 1-1: USB disconnect, device number 19
[ 1590.749508][T18441] veth0_macvtap: entered promiscuous mode
[ 1590.790398][T18441] veth1_macvtap: entered promiscuous mode
[ 1590.904284][T18441] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1590.982171][T18441] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1591.111871][   T36] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1591.853789][   T36] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.073103][   T36] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.103286][   T36] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1592.490894][   T30] audit: type=1400 audit(1751616586.683:51): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-2 profile="unconfined" name=3AF4F9904E7FDB3635A70D23C73EEAF23A3F503280080CA26230668AD9DCF8B061228F8599D34E45087D21AA56759E1651B3DD467BDEF390C76D pid=18721 comm="syz.7.2733"
[ 1593.395910][T18736] loop3: detected capacity change from 0 to 4096
[ 1593.405901][T18736] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[ 1593.666169][ T5935] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1593.766125][T18743] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore
[ 1593.775376][T18743] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1594.275056][T16025] usb 1-1: new high-speed USB device number 20 using dummy_hcd
[ 1594.346995][ T5935] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1594.456866][T16025] usb 1-1: Using ep0 maxpacket: 32
[ 1594.462432][T18391] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1594.527432][T16025] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1594.562681][T18391] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1594.570860][T16025] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1594.640453][T16025] usb 1-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1594.755110][T16025] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1594.918840][T16025] usb 1-1: config 0 descriptor??
[ 1595.167457][T18755] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2738'.
[ 1596.270878][T16025] ft260 0003:0403:6030.000A: failed to retrieve chip version
[ 1596.389945][T16025] ft260 0003:0403:6030.000A: probe with driver ft260 failed with error -5
[ 1597.782827][T18788] loop4: detected capacity change from 0 to 2048
[ 1597.893697][T18794] loop7: detected capacity change from 0 to 256
[ 1598.503941][T18788] NILFS (loop4): invalid segment: Magic number mismatch
[ 1598.525291][T18788] NILFS (loop4): trying rollback from an earlier position
[ 1598.527315][T11370] usb 1-1: USB disconnect, device number 20
[ 1598.688606][T18788] NILFS (loop4): recovery complete
[ 1598.801014][T18799] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1601.032891][ T5840] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1601.047883][ T5840] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1601.056569][ T5840] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1601.104732][ T5840] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1601.115374][ T5840] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1602.115527][T18823] loop0: detected capacity change from 0 to 512
[ 1602.310882][T18823] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1602.432189][T18823] ext4 filesystem being mounted at /14/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1602.941302][T18839] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2750'.
[ 1603.218633][ T5840] Bluetooth: hci2: command tx timeout
[ 1603.611160][T18809] chnl_net:caif_netlink_parms(): no params data found
[ 1603.637368][T18846] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1604.935913][T18090] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1604.963332][T18809] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1604.980009][T18809] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1605.018202][T18809] bridge_slave_0: entered allmulticast mode
[ 1605.034699][T18809] bridge_slave_0: entered promiscuous mode
[ 1605.053087][T18809] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1605.078122][T18809] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1605.100145][T18809] bridge_slave_1: entered allmulticast mode
[ 1605.144173][T18809] bridge_slave_1: entered promiscuous mode
[ 1605.248566][ T5840] Bluetooth: hci2: command tx timeout
[ 1605.956148][T18809] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1606.052219][T18809] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1606.234454][T18862] loop0: detected capacity change from 0 to 2048
[ 1606.651028][T18862] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1607.167453][T18809] team0: Port device team_slave_0 added
[ 1607.238900][T18809] team0: Port device team_slave_1 added
[ 1607.335027][ T5840] Bluetooth: hci2: command tx timeout
[ 1607.971566][T18874] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2758'.
[ 1607.985035][T18874] netlink: 28 bytes leftover after parsing attributes in process `syz.4.2758'.
[ 1608.023985][T18809] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1608.032132][T18809] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1608.246953][T18809] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1608.349464][T18881] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1608.899566][T18809] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1608.906589][T18809] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1608.935596][T18809] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1609.407061][ T5840] Bluetooth: hci2: command tx timeout
[ 1609.516644][T18891] loop4: detected capacity change from 0 to 256
[ 1611.130277][T18809] hsr_slave_0: entered promiscuous mode
[ 1611.321060][T18809] hsr_slave_1: entered promiscuous mode
[ 1612.027559][T18809] debugfs: 'hsr0' already exists in 'hsr'
[ 1612.033381][T18809] Cannot create hsr debugfs directory
[ 1612.236157][T18907] loop0: detected capacity change from 0 to 2048
[ 1612.280409][T18907] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1612.953968][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[ 1612.960641][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[ 1613.424407][T18911] loop5: detected capacity change from 0 to 4096
[ 1613.446756][T18918] bridge0: received packet on syz_tun with own address as source address (addr:aa:aa:aa:aa:aa:aa, vlan:0)
[ 1613.507099][T18911] ntfs3(loop5): Different NTFS sector size (2048) and media sector size (512).
[ 1613.902818][T18924] overlayfs: missing 'workdir'
[ 1616.216779][T18934] loop5: detected capacity change from 0 to 256
[ 1616.815090][T18935] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1617.370432][T18809] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1619.949994][T18958] loop4: detected capacity change from 0 to 64
[ 1620.214359][T18959] loop7: detected capacity change from 0 to 2048
[ 1620.296779][T18959] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1620.314575][T18809] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1620.608940][T18966] syz.5.2775: attempt to access beyond end of device
[ 1620.608940][T18966] nbd5: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1620.622025][T18966] syz.5.2775: attempt to access beyond end of device
[ 1620.622025][T18966] nbd5: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1621.018530][T18809] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1621.292918][T18809] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1621.446436][T18968] loop0: detected capacity change from 0 to 4096
[ 1621.490887][T18968] ntfs3(loop0): Different NTFS sector size (2048) and media sector size (512).
[ 1622.353685][T18981] loop4: detected capacity change from 0 to 256
[ 1622.698589][T18983] overlayfs: "xino" feature enabled using 2 upper inode bits.
[ 1623.451854][T18987] syz.7.2781: attempt to access beyond end of device
[ 1623.451854][T18987] nbd7: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1623.576178][T18809] netdevsim netdevsim3 netdevsim0: renamed from eth0
[ 1623.603871][T18987] syz.7.2781: attempt to access beyond end of device
[ 1623.603871][T18987] nbd7: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1623.695908][   T43] IPVS: starting estimator thread 0...
[ 1623.715939][T18809] netdevsim netdevsim3 netdevsim1: renamed from eth1
[ 1623.797399][T18994] IPVS: using max 25 ests per chain, 60000 per kthread
[ 1623.850346][T18809] netdevsim netdevsim3 netdevsim2: renamed from eth2
[ 1624.328082][T18809] netdevsim netdevsim3 netdevsim3: renamed from eth3
[ 1624.816654][T18809] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1624.931541][T18809] 8021q: adding VLAN 0 to HW filter on device team0
[ 1625.000762][   T59] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1625.008179][   T59] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1626.090425][   T61] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1626.097778][   T61] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1626.353672][T18809] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1627.157723][T19019] syz.5.2790: attempt to access beyond end of device
[ 1627.157723][T19019] nbd5: rw=2048, sector=0, nr_sectors = 8 limit=0
[ 1627.171377][T19019] SQUASHFS error: Failed to read block 0x0: -5
[ 1627.178126][T19019] unable to read squashfs_super_block
[ 1627.250996][T19020] o2cb: This node has not been configured.
[ 1627.257460][T19020] o2cb: Cluster check failed. Fix errors before retrying.
[ 1627.264809][T19020] (syz.5.2790,19020,1):user_dlm_register:674 ERROR: status = -22
[ 1627.272731][T19020] (syz.5.2790,19020,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file1"
[ 1627.829795][ T5952] usb 6-1: new high-speed USB device number 11 using dummy_hcd
[ 1628.042702][ T5952] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1628.103004][ T5952] usb 6-1: New USB device found, idVendor=07b0, idProduct=0007, bcdDevice=17.c6
[ 1628.132680][ T5952] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1628.155512][T19026] loop0: detected capacity change from 0 to 2048
[ 1628.179873][ T5952] usb 6-1: config 0 descriptor??
[ 1628.200602][ T5952] HFC-S_USB 6-1:0.0: probe with driver HFC-S_USB failed with error -5
[ 1628.257528][T19026] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1628.951508][T19017] loop5: detected capacity change from 0 to 32768
[ 1628.958609][T19017] o2cb: This node has not been configured.
[ 1628.964488][T19017] o2cb: Cluster check failed. Fix errors before retrying.
[ 1628.971744][T19017] (syz.5.2790,19017,0):user_dlm_register:674 ERROR: status = -22
[ 1628.979648][T19017] (syz.5.2790,19017,0):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[ 1629.380003][T18809] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1629.551588][T19040] loop7: detected capacity change from 0 to 64
[ 1629.558760][T18809] veth0_vlan: entered promiscuous mode
[ 1629.665341][T18809] veth1_vlan: entered promiscuous mode
[ 1629.838246][T19042] loop0: detected capacity change from 0 to 256
[ 1629.863567][T19042] vfat: Bad value for 'utf8'
[ 1630.131778][T18809] veth0_macvtap: entered promiscuous mode
[ 1630.145281][T18809] veth1_macvtap: entered promiscuous mode
[ 1630.170539][T18809] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1630.986838][ T5952] usb 6-1: USB disconnect, device number 11
[ 1631.023063][T18809] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1631.150761][   T59] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.241934][   T59] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.395963][   T59] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.421733][T19060] loop0: detected capacity change from 0 to 512
[ 1631.458926][   T59] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1631.567149][ T5953] usb 6-1: new low-speed USB device number 12 using dummy_hcd
[ 1631.685745][T19060] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1631.736617][T19060] ext4 filesystem being mounted at /27/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1632.509527][ T5953] usb 6-1: config 0 has an invalid interface number: 1 but max is 0
[ 1632.551396][T19069] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2797'.
[ 1632.562347][ T5953] usb 6-1: config 0 has an invalid descriptor of length 222, skipping remainder of the config
[ 1632.633309][ T5953] usb 6-1: config 0 has no interface number 0
[ 1632.669180][ T5953] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1632.741018][ T5953] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1632.749419][T19065] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[ 1632.771095][   T59] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1632.801516][   T59] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1632.810571][ T5953] usb 6-1: config 0 descriptor??
[ 1632.953372][T18391] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1632.981935][T18391] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1633.239539][ T5953] usb 6-1: string descriptor 0 read error: -71
[ 1633.248574][ T5953] iowarrior 6-1:0.1: no interrupt-in endpoint found
[ 1633.262156][ T5953] usb 6-1: USB disconnect, device number 12
[ 1634.692049][ T5953] usb 4-1: new low-speed USB device number 28 using dummy_hcd
[ 1635.118373][T18090] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1635.192087][ T5953] usb 4-1: config index 0 descriptor too short (expected 62914, got 27)
[ 1635.192126][ T5953] usb 4-1: config 17 has too many interfaces: 95, using maximum allowed: 32
[ 1635.192148][ T5953] usb 4-1: config 17 has an invalid descriptor of length 0, skipping remainder of the config
[ 1635.192171][ T5953] usb 4-1: config 17 has 0 interfaces, different from the descriptor's value: 95
[ 1635.192211][ T5953] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[ 1635.192237][ T5953] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1635.948162][ T5953] usb 4-1: string descriptor 0 read error: -71
[ 1635.960328][ T5953] usb 4-1: USB disconnect, device number 28
[ 1636.264996][T19096] syz.0.2802: attempt to access beyond end of device
[ 1636.264996][T19096] nbd0: rw=0, sector=2, nr_sectors = 2 limit=0
[ 1636.265222][T19096] syz.0.2802: attempt to access beyond end of device
[ 1636.265222][T19096] nbd0: rw=0, sector=16, nr_sectors = 2 limit=0
[ 1636.379340][T19100] loop4: detected capacity change from 0 to 512
[ 1636.454332][T19100] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1636.530227][T19105] loop7: detected capacity change from 0 to 256
[ 1636.532437][T19100] ext4 filesystem being mounted at /23/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1636.556218][T19105] vfat: Bad value for 'utf8'
[ 1636.739131][T19100] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2804'.
[ 1639.081830][T19122] loop7: detected capacity change from 0 to 64
[ 1639.225698][T18441] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1639.245611][T19124] loop3: detected capacity change from 0 to 512
[ 1639.402464][T19124] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1639.542251][T19124] ext4 filesystem being mounted at /2/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1640.511658][T19136] overlayfs: failed to resolve './file1': -2
[ 1640.529545][T19124] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2810'.
[ 1640.885335][T19141] loop5: detected capacity change from 0 to 1764
[ 1640.893003][T19141] iso9660: Unknown parameter 'de'
[ 1641.197400][   T24] usb 6-1: new high-speed USB device number 13 using dummy_hcd
[ 1641.495694][T19144] loop4: detected capacity change from 0 to 40427
[ 1641.548111][T19144] F2FS-fs (loop4): invalid crc value
[ 1641.619128][T19144] F2FS-fs (loop4): Start checkpoint disabled!
[ 1641.626849][   T24] usb 6-1: Using ep0 maxpacket: 8
[ 1641.634538][   T24] usb 6-1: unable to get BOS descriptor or descriptor too short
[ 1641.646440][   T24] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping
[ 1641.664588][   T24] usb 6-1: config 1 has an invalid descriptor of length 1, skipping remainder of the config
[ 1641.684249][   T24] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1641.725311][T19144] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[ 1641.748234][   T24] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1641.787033][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1641.810802][   T24] usb 6-1: Product: syz
[ 1641.819752][   T24] usb 6-1: Manufacturer: syz
[ 1641.833935][   T24] usb 6-1: SerialNumber: syz
[ 1642.076060][T19147] cgroup: Bad value for 'release_agent'
[ 1645.121527][   T24] usb 6-1: 0:2 : does not exist
[ 1645.154093][T19103] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[ 1645.320077][T18809] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1645.396250][   T24] usb 6-1: USB disconnect, device number 13
[ 1645.408656][   T59] kworker/u8:4: attempt to access beyond end of device
[ 1645.408656][   T59] loop4: rw=1, sector=45096, nr_sectors = 8 limit=40427
[ 1645.479516][   T59] kworker/u8:4: attempt to access beyond end of device
[ 1645.479516][   T59] loop4: rw=2049, sector=45104, nr_sectors = 16 limit=40427
[ 1645.549610][   T59] CPU: 0 UID: 0 PID: 59 Comm: kworker/u8:4 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1645.549641][   T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1645.549656][   T59] Workqueue: writeback wb_workfn (flush-7:4)
[ 1645.549692][   T59] Call Trace:
[ 1645.549702][   T59]  <TASK>
[ 1645.549712][   T59]  dump_stack_lvl+0x189/0x250
[ 1645.549752][   T59]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1645.549781][   T59]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1645.549826][   T59]  ? __pfx_queue_work_on+0x10/0x10
[ 1645.549859][   T59]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1645.549889][   T59]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1645.549922][   T59]  ? f2fs_hw_is_readonly+0x39b/0x470
[ 1645.549956][   T59]  f2fs_handle_critical_error+0x37c/0x540
[ 1645.549992][   T59]  f2fs_write_end_io+0x495/0x810
[ 1645.550019][   T59]  ? blkg_put+0x22/0x240
[ 1645.550064][   T59]  __submit_merged_bio+0x27a/0x6a0
[ 1645.550099][   T59]  __submit_merged_write_cond+0x255/0x530
[ 1645.550135][   T59]  f2fs_write_data_pages+0x261d/0x3000
[ 1645.550207][   T59]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1645.550253][   T59]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1645.550329][   T59]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1645.550372][   T59]  ? trace_f2fs_writepages+0x7f/0x200
[ 1645.550400][   T59]  ? f2fs_write_node_pages+0x478/0x6e0
[ 1645.550432][   T59]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1645.550466][   T59]  ? __lock_acquire+0xab9/0xd20
[ 1645.550498][   T59]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1645.550528][   T59]  do_writepages+0x32e/0x550
[ 1645.550565][   T59]  ? reacquire_held_locks+0x127/0x1d0
[ 1645.550593][   T59]  ? writeback_sb_inodes+0x384/0x1010
[ 1645.550634][   T59]  __writeback_single_inode+0x145/0xff0
[ 1645.550664][   T59]  ? do_raw_spin_unlock+0x122/0x240
[ 1645.550692][   T59]  writeback_sb_inodes+0x6c7/0x1010
[ 1645.550790][   T59]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1645.550884][   T59]  ? rcu_is_watching+0x15/0xb0
[ 1645.550926][   T59]  wb_writeback+0x43b/0xaf0
[ 1645.550964][   T59]  ? queue_io+0x3a1/0x590
[ 1645.551001][   T59]  ? __pfx_wb_writeback+0x10/0x10
[ 1645.551038][   T59]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1645.551075][   T59]  wb_workfn+0x409/0xef0
[ 1645.551120][   T59]  ? __pfx_wb_workfn+0x10/0x10
[ 1645.551151][   T59]  ? __lock_acquire+0xab9/0xd20
[ 1645.551192][   T59]  ? process_scheduled_works+0x9ef/0x17b0
[ 1645.551229][   T59]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1645.551258][   T59]  ? process_scheduled_works+0x9ef/0x17b0
[ 1645.551285][   T59]  ? process_scheduled_works+0x9ef/0x17b0
[ 1645.551316][   T59]  process_scheduled_works+0xae1/0x17b0
[ 1645.551385][   T59]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1645.551436][   T59]  worker_thread+0x8a0/0xda0
[ 1645.551498][   T59]  kthread+0x70e/0x8a0
[ 1645.551524][   T59]  ? __pfx_worker_thread+0x10/0x10
[ 1645.551552][   T59]  ? __pfx_kthread+0x10/0x10
[ 1645.551575][   T59]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1645.551605][   T59]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1645.551636][   T59]  ? __pfx_kthread+0x10/0x10
[ 1645.551659][   T59]  ret_from_fork+0x3fc/0x770
[ 1645.551692][   T59]  ? __pfx_ret_from_fork+0x10/0x10
[ 1645.551729][   T59]  ? __switch_to_asm+0x39/0x70
[ 1645.551748][   T59]  ? __switch_to_asm+0x33/0x70
[ 1645.551766][   T59]  ? __pfx_kthread+0x10/0x10
[ 1645.551789][   T59]  ret_from_fork_asm+0x1a/0x30
[ 1645.551841][   T59]  </TASK>
[ 1645.553136][   T59] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1645.981752][   T59] CPU: 0 UID: 0 PID: 59 Comm: kworker/u8:4 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1645.981786][   T59] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1645.981801][   T59] Workqueue: writeback wb_workfn (flush-7:4)
[ 1645.981835][   T59] Call Trace:
[ 1645.981844][   T59]  <TASK>
[ 1645.981854][   T59]  dump_stack_lvl+0x189/0x250
[ 1645.981895][   T59]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1645.981924][   T59]  ? _raw_spin_unlock_irqrestore+0x85/0x110
[ 1645.981956][   T59]  ? __pfx_queue_work_on+0x10/0x10
[ 1645.981988][   T59]  ? _raw_spin_unlock_irqrestore+0xad/0x110
[ 1645.982018][   T59]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[ 1645.982051][   T59]  ? f2fs_hw_is_readonly+0x39b/0x470
[ 1645.982085][   T59]  f2fs_handle_critical_error+0x37c/0x540
[ 1645.982135][   T59]  f2fs_write_end_io+0x495/0x810
[ 1645.982163][   T59]  ? blkg_put+0x22/0x240
[ 1645.982209][   T59]  __submit_merged_bio+0x27a/0x6a0
[ 1645.982244][   T59]  __submit_merged_write_cond+0x255/0x530
[ 1645.982279][   T59]  f2fs_write_data_pages+0x261d/0x3000
[ 1645.982353][   T59]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1645.982400][   T59]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[ 1645.982478][   T59]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[ 1645.982521][   T59]  ? trace_f2fs_writepages+0x7f/0x200
[ 1645.982550][   T59]  ? f2fs_write_node_pages+0x478/0x6e0
[ 1645.982582][   T59]  ? __pfx_f2fs_write_node_pages+0x10/0x10
[ 1645.982617][   T59]  ? __lock_acquire+0xab9/0xd20
[ 1645.982650][   T59]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[ 1645.982680][   T59]  do_writepages+0x32e/0x550
[ 1645.982717][   T59]  ? reacquire_held_locks+0x127/0x1d0
[ 1645.982746][   T59]  ? writeback_sb_inodes+0x384/0x1010
[ 1645.982787][   T59]  __writeback_single_inode+0x145/0xff0
[ 1645.982817][   T59]  ? do_raw_spin_unlock+0x122/0x240
[ 1645.982846][   T59]  writeback_sb_inodes+0x6c7/0x1010
[ 1645.982911][   T59]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1645.982998][   T59]  ? rcu_is_watching+0x15/0xb0
[ 1645.983041][   T59]  wb_writeback+0x43b/0xaf0
[ 1645.983081][   T59]  ? queue_io+0x3a1/0x590
[ 1645.983120][   T59]  ? __pfx_wb_writeback+0x10/0x10
[ 1645.983161][   T59]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1645.983198][   T59]  wb_workfn+0x409/0xef0
[ 1645.983244][   T59]  ? __pfx_wb_workfn+0x10/0x10
[ 1645.983275][   T59]  ? __lock_acquire+0xab9/0xd20
[ 1645.983316][   T59]  ? process_scheduled_works+0x9ef/0x17b0
[ 1645.983354][   T59]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1645.983383][   T59]  ? process_scheduled_works+0x9ef/0x17b0
[ 1645.983409][   T59]  ? process_scheduled_works+0x9ef/0x17b0
[ 1645.983440][   T59]  process_scheduled_works+0xae1/0x17b0
[ 1645.983510][   T59]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1645.983564][   T59]  worker_thread+0x8a0/0xda0
[ 1645.983630][   T59]  kthread+0x70e/0x8a0
[ 1645.983656][   T59]  ? __pfx_worker_thread+0x10/0x10
[ 1645.983684][   T59]  ? __pfx_kthread+0x10/0x10
[ 1645.983708][   T59]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1645.983738][   T59]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1645.983765][   T59]  ? __pfx_kthread+0x10/0x10
[ 1645.983787][   T59]  ret_from_fork+0x3fc/0x770
[ 1645.983820][   T59]  ? __pfx_ret_from_fork+0x10/0x10
[ 1645.983867][   T59]  ? __switch_to_asm+0x39/0x70
[ 1645.983887][   T59]  ? __switch_to_asm+0x33/0x70
[ 1645.983906][   T59]  ? __pfx_kthread+0x10/0x10
[ 1645.983929][   T59]  ret_from_fork_asm+0x1a/0x30
[ 1645.983972][   T59]  </TASK>
[ 1645.983982][   T59] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[ 1646.127608][ T5846] Bluetooth: hci5: command 0x0406 tx timeout
[ 1646.265655][T19151] loop5: detected capacity change from 0 to 512
[ 1646.342656][T19153] loop0: detected capacity change from 0 to 512
[ 1646.887926][T19153] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1646.958397][T19153] ext4 filesystem being mounted at /30/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1646.973140][T19151] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1647.018556][T19151] ext4 filesystem being mounted at /339/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1647.039092][T19153] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2818'.
[ 1647.118511][T19151] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2817'.
[ 1648.212994][T19168] loop3: detected capacity change from 0 to 512
[ 1648.307394][T19168] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1648.348791][T19168] EXT4-fs (loop3): 1 truncate cleaned up
[ 1648.352676][T11127] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1648.361338][T19168] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1648.438049][ T8273] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[ 1648.493761][T19172] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[ 1648.666930][ T8273] usb 8-1: Using ep0 maxpacket: 32
[ 1648.678975][ T8273] usb 8-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[ 1648.691024][   T30] audit: type=1800 audit(1751616642.883:52): pid=19168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2820" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1648.733136][ T8273] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[ 1648.776506][ T8273] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8F has invalid wMaxPacketSize 0
[ 1648.795301][ T8273] usb 8-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[ 1648.808180][   T12] ------------[ cut here ]------------
[ 1648.813731][   T12] WARNING: fs/buffer.c:1125 at bdev_getblk+0x580/0x660, CPU#0: kworker/u8:0/12
[ 1648.823238][   T12] Modules linked in:
[ 1648.828046][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1648.839806][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1648.850052][   T12] Workqueue: writeback wb_workfn (flush-7:0)
[ 1648.856142][   T12] RIP: 0010:bdev_getblk+0x580/0x660
[ 1648.862890][   T12] Code: 26 fb ff ff e8 a1 6c 79 ff 48 c7 c7 a0 ee 99 8b 48 c7 c6 b5 71 9e 8d 4c 89 fa 4c 89 e9 e8 98 5c e1 fe eb bd e8 81 6c 79 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[ 1648.883541][   T12] RSP: 0018:ffffc90000117070 EFLAGS: 00010293
[ 1648.890051][   T12] RAX: ffffffff8246329f RBX: ffff888148c46798 RCX: ffff88801ce95a00
[ 1648.898297][   T12] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000000000
[ 1648.906350][   T12] RBP: 0000000000001000 R08: 0000000000000000 R09: ffffffff82165efd
[ 1648.914434][   T12] R10: 0000000000000406 R11: 0000000000000000 R12: 0000000000000002
[ 1648.922523][   T12] R13: ffff888148c46780 R14: 0000000000001000 R15: 1ffff11029188cf3
[ 1648.930668][   T12] FS:  0000000000000000(0000) GS:ffff888125c1e000(0000) knlGS:0000000000000000
[ 1648.939704][   T12] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1648.946338][   T12] CR2: 000000110c2bad8b CR3: 0000000023d9a000 CR4: 00000000003526f0
[ 1648.954458][   T12] Call Trace:
[ 1648.958027][   T12]  <TASK>
[ 1648.962235][   T12]  ? ext4_get_group_desc+0x434/0x4e0
[ 1648.968629][   T12]  ? ext4_get_group_desc+0x10e/0x4e0
[ 1648.973989][   T12]  __ext4_get_inode_loc+0x561/0x1040
[ 1648.979398][   T12]  ? __pfx___ext4_get_inode_loc+0x10/0x10
[ 1648.985205][   T12]  ? __lock_acquire+0xab9/0xd20
[ 1648.990297][   T12]  ext4_write_inode+0x312/0x620
[ 1648.995216][   T12]  __writeback_single_inode+0x6f1/0xff0
[ 1649.000948][   T12]  writeback_sb_inodes+0x6c7/0x1010
[ 1649.006232][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1649.012501][   T12]  ? rcu_is_watching+0x15/0xb0
[ 1649.017404][   T12]  wb_writeback+0x43b/0xaf0
[ 1649.022008][   T12]  ? queue_io+0x3a1/0x590
[ 1649.026402][   T12]  ? __pfx_wb_writeback+0x10/0x10
[ 1649.031555][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1649.036870][   T12]  wb_workfn+0x409/0xef0
[ 1649.041188][   T12]  ? __pfx_wb_workfn+0x10/0x10
[ 1649.046010][   T12]  ? __lock_acquire+0xab9/0xd20
[ 1649.051051][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[ 1649.056899][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1649.063396][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[ 1649.070100][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[ 1649.075892][   T12]  process_scheduled_works+0xae1/0x17b0
[ 1649.081593][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1649.087706][   T12]  worker_thread+0x8a0/0xda0
[ 1649.092381][   T12]  kthread+0x70e/0x8a0
[ 1649.096581][   T12]  ? __pfx_worker_thread+0x10/0x10
[ 1649.101812][   T12]  ? __pfx_kthread+0x10/0x10
[ 1649.106453][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1649.112061][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1649.117384][   T12]  ? __pfx_kthread+0x10/0x10
[ 1649.122053][   T12]  ret_from_fork+0x3fc/0x770
[ 1649.126856][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[ 1649.132040][   T12]  ? __switch_to_asm+0x39/0x70
[ 1649.136923][   T12]  ? __switch_to_asm+0x33/0x70
[ 1649.141735][   T12]  ? __pfx_kthread+0x10/0x10
[ 1649.146473][   T12]  ret_from_fork_asm+0x1a/0x30
[ 1649.151415][   T12]  </TASK>
[ 1649.154489][   T12] Kernel panic - not syncing: kernel: panic_on_warn set ...
[ 1649.161799][   T12] CPU: 0 UID: 0 PID: 12 Comm: kworker/u8:0 Not tainted 6.16.0-rc4-next-20250703-syzkaller #0 PREEMPT(full) 
[ 1649.173280][   T12] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[ 1649.183385][   T12] Workqueue: writeback wb_workfn (flush-7:0)
[ 1649.189434][   T12] Call Trace:
[ 1649.192752][   T12]  <TASK>
[ 1649.195724][   T12]  dump_stack_lvl+0x99/0x250
[ 1649.200373][   T12]  ? __asan_memcpy+0x40/0x70
[ 1649.205017][   T12]  ? __pfx_dump_stack_lvl+0x10/0x10
[ 1649.210274][   T12]  ? __pfx__printk+0x10/0x10
[ 1649.214949][   T12]  panic+0x2db/0x790
[ 1649.218926][   T12]  ? __pfx_panic+0x10/0x10
[ 1649.223404][   T12]  ? ret_from_fork_asm+0x1a/0x30
[ 1649.228393][   T12]  __warn+0x334/0x4c0
[ 1649.232432][   T12]  ? bdev_getblk+0x580/0x660
[ 1649.237075][   T12]  ? bdev_getblk+0x580/0x660
[ 1649.241722][   T12]  report_bug+0x2be/0x4f0
[ 1649.246088][   T12]  ? bdev_getblk+0x580/0x660
[ 1649.250702][   T12]  ? bdev_getblk+0x580/0x660
[ 1649.255308][   T12]  ? bdev_getblk+0x582/0x660
[ 1649.260005][   T12]  handle_bug+0x84/0x160
[ 1649.264267][   T12]  exc_invalid_op+0x1a/0x50
[ 1649.268799][   T12]  asm_exc_invalid_op+0x1a/0x20
[ 1649.273665][   T12] RIP: 0010:bdev_getblk+0x580/0x660
[ 1649.278879][   T12] Code: 26 fb ff ff e8 a1 6c 79 ff 48 c7 c7 a0 ee 99 8b 48 c7 c6 b5 71 9e 8d 4c 89 fa 4c 89 e9 e8 98 5c e1 fe eb bd e8 81 6c 79 ff 90 <0f> 0b 90 48 b8 00 00 00 00 00 fc ff df 41 80 3c 07 00 74 08 48 89
[ 1649.298518][   T12] RSP: 0018:ffffc90000117070 EFLAGS: 00010293
[ 1649.304612][   T12] RAX: ffffffff8246329f RBX: ffff888148c46798 RCX: ffff88801ce95a00
[ 1649.312603][   T12] RDX: 0000000000000000 RSI: 0000000000001000 RDI: 0000000000000000
[ 1649.320591][   T12] RBP: 0000000000001000 R08: 0000000000000000 R09: ffffffff82165efd
[ 1649.328580][   T12] R10: 0000000000000406 R11: 0000000000000000 R12: 0000000000000002
[ 1649.336570][   T12] R13: ffff888148c46780 R14: 0000000000001000 R15: 1ffff11029188cf3
[ 1649.344568][   T12]  ? fs_reclaim_acquire+0x7d/0x100
[ 1649.349720][   T12]  ? bdev_getblk+0x57f/0x660
[ 1649.354358][   T12]  ? ext4_get_group_desc+0x434/0x4e0
[ 1649.359663][   T12]  ? ext4_get_group_desc+0x10e/0x4e0
[ 1649.364972][   T12]  __ext4_get_inode_loc+0x561/0x1040
[ 1649.370301][   T12]  ? __pfx___ext4_get_inode_loc+0x10/0x10
[ 1649.376044][   T12]  ? __lock_acquire+0xab9/0xd20
[ 1649.380930][   T12]  ext4_write_inode+0x312/0x620
[ 1649.385812][   T12]  __writeback_single_inode+0x6f1/0xff0
[ 1649.391387][   T12]  writeback_sb_inodes+0x6c7/0x1010
[ 1649.396628][   T12]  ? __pfx_writeback_sb_inodes+0x10/0x10
[ 1649.402320][   T12]  ? rcu_is_watching+0x15/0xb0
[ 1649.407127][   T12]  wb_writeback+0x43b/0xaf0
[ 1649.411670][   T12]  ? queue_io+0x3a1/0x590
[ 1649.416026][   T12]  ? __pfx_wb_writeback+0x10/0x10
[ 1649.421081][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1649.426311][   T12]  wb_workfn+0x409/0xef0
[ 1649.430594][   T12]  ? __pfx_wb_workfn+0x10/0x10
[ 1649.435379][   T12]  ? __lock_acquire+0xab9/0xd20
[ 1649.440265][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[ 1649.446007][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1649.451244][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[ 1649.456983][   T12]  ? process_scheduled_works+0x9ef/0x17b0
[ 1649.462727][   T12]  process_scheduled_works+0xae1/0x17b0
[ 1649.468327][   T12]  ? __pfx_process_scheduled_works+0x10/0x10
[ 1649.474343][   T12]  worker_thread+0x8a0/0xda0
[ 1649.478987][   T12]  kthread+0x70e/0x8a0
[ 1649.483082][   T12]  ? __pfx_worker_thread+0x10/0x10
[ 1649.488219][   T12]  ? __pfx_kthread+0x10/0x10
[ 1649.492834][   T12]  ? _raw_spin_unlock_irq+0x23/0x50
[ 1649.498101][   T12]  ? lockdep_hardirqs_on+0x9c/0x150
[ 1649.503325][   T12]  ? __pfx_kthread+0x10/0x10
[ 1649.507934][   T12]  ret_from_fork+0x3fc/0x770
[ 1649.512549][   T12]  ? __pfx_ret_from_fork+0x10/0x10
[ 1649.517705][   T12]  ? __switch_to_asm+0x39/0x70
[ 1649.522610][   T12]  ? __switch_to_asm+0x33/0x70
[ 1649.527409][   T12]  ? __pfx_kthread+0x10/0x10
[ 1649.532031][   T12]  ret_from_fork_asm+0x1a/0x30
[ 1649.536829][   T12]  </TASK>
[ 1649.540218][   T12] Kernel Offset: disabled
[ 1649.544555][   T12] Rebooting in 86400 seconds..