last executing test programs:

47.148536108s ago: executing program 4 (id=466):
syz_open_dev$vim2m(0x0, 0x3, 0x2)
socket$packet(0x11, 0xa, 0x300)
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_udp_encap(r0, 0x11, 0x64, 0x0, 0x0)
r1 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r1, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x81, 0x1ff, 0x1, 0x1}, 0x1c)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
ioctl$sock_ipv6_tunnel_SIOCCHGPRL(r1, 0x89f7, &(0x7f0000000080)={'sit0\x00', &(0x7f0000000480)={@local, 0x1, 0x0, 0x60, 0x0, [{@empty}, {@multicast1}, {@broadcast}, {}, {@multicast1}, {@multicast1}]}})
sched_setscheduler(0x0, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r6 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90f24fc60", 0x8c0}], 0x1}, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
sendmmsg(r1, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
recvmsg$unix(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)=""/196, 0xc4}], 0x1}, 0x40000061)
r7 = socket$inet_smc(0x2b, 0x1, 0x0)
sendto$inet(r7, &(0x7f0000000200)="60f213643f7957791662e18b844108f12f009824ec696b8b61fb65210ebd7195921ef8cb42f3d5954b51ebf8b2dde7b7719ea7b6e33ba4f8cc815022d47fe5db12219995d0ad5620c9e6fb245de9849eac14c60bc0ea9520fa834310a2808133828c550d33540b6d7c27adb466cb68feb51695d17fd53809bfeb50bdc1b07f46150a96cd0c19ef51cdfb2a0713e26a4c04e111", 0x93, 0x40, 0x0, 0x0)

45.760148641s ago: executing program 4 (id=467):
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000180)={0x40, 0x6, 0xa5cf})

45.077704972s ago: executing program 4 (id=469):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="180100"/13], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6(0xa, 0x2, 0x0)
getsockopt$inet6_int(r3, 0x29, 0x18, 0x0, &(0x7f00000000c0))

43.935464381s ago: executing program 4 (id=472):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2200050, &(0x7f0000000080)=ANY=[], 0xde, 0x1b5, &(0x7f0000000200)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5goGK3/6tr7MOv6t6Uzf3X9fzbPFzevfwAbDIaj7y3Pc38nKJywKEc9JIgHlycciyKPohLT5KS8W3a6CP6+dmAapsV81d7kWABuq/qf/q/6YDh62+u3um7X/dH4+Gl+7A7P5fW1p3MAe255cw4AAAAAAAAAAAAAAPbRU0nP0gRNH/ADAAAAsDOu9pkhR1L8Y38AAAAAAAAAAAAAAAAAAAAAsrsIAAD//1S3QoQ=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$phonet(0x23, 0x2, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r1, 0x5607, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000640), 0x10, 0x20000000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000080)={'veth1_to_batadv\x00', {0x2, 0x0, @remote}})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000480)=0x800000000000)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000180)='.\x00', &(0x7f0000000200), 0x800, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=rdmq,port=0x0000000000004e23,\x00'])
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000600)={0x34, 0x0, &(0x7f0000000500)=[@increfs_done, @increfs={0x40046304, 0x1}, @clear_death, @increfs={0x40046304, 0x1}], 0x36, 0x0, &(0x7f0000000540)="dd7e4067023c513d377dc57f882976c07524b2b6c187fa6cb9675a4f35a2a5759ae9ff4c4cd22632835b962edcf339784ffd5a9c42a9"})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
r8 = syz_open_procfs(r2, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r8, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0)

42.369750167s ago: executing program 4 (id=474):
syz_emit_vhci(&(0x7f0000000640)=ANY=[@ANYBLOB="04040a00e0ffffff0f77042482"], 0xd)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={0xffffffffffffffff, 0xfeffff, 0xdf, 0x0, &(0x7f0000000700)="c45c57ce395de5b289f07d637a223920f181c2e57d71483cfb2d075a3ff07258e080a194805cdb0c26d3f7ffb1e0d9cf4fa36dcb2168b72de48ac8f93e6804f1c4d70898d0810e044d7e1778eaac5dfdcc9f1208905522025bcfdf1b6f969b094d5c022c2b7ffefde71e0627b9a2069cc1e0175c4b8860aad4b0a103c589f676b6c4e85eb3950c533b6e62c39ccf9ae9bfe54ee5887358d44f46337fbe090d7c7e55847edee8130ffd3d1e719e01a68b0e691c0d35b0b56e0b514036342fd56f08ac0083f3c2fe41a1295a3d23cf3d160d4fd90f66beba68860456ed41272e", 0x0, 0xf0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
syz_emit_vhci(&(0x7f00000007c0)=ANY=[], 0x9)
syz_read_part_table(0x1061, &(0x7f0000000000)="$eJzsz7FNw0AYBeBnW7ZBUDGBKwpGYA3EEGzhhiloqDNBUmWXSGmyxEW2ZXmDJMX3Ff/pnu7p9Ie76pIMdVLyeqjm5PN8+kn+Pl6mS1uNXfJWbYVxOZ6mUefSD791klLKfklW/Ty/npt2Lf9P75oc37efv3c3WRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHtw1AAD//2COD5g=")

40.907821022s ago: executing program 4 (id=477):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

40.44384326s ago: executing program 32 (id=477):
r0 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r0, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r1 = socket$netlink(0x10, 0x3, 0x0)
writev(r1, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
writev(r1, &(0x7f0000000300)=[{&(0x7f00000001c0)="390000001300034700bb5be1c3e4feff06000000010000004500000025000000190004000400ad000d00000000000006040000000000f93132", 0x39}], 0x1)
r2 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r2, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000000)=ANY=[@ANYBLOB], 0x57)
setsockopt$inet_mreqsrc(r0, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

34.152037353s ago: executing program 2 (id=491):
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000180)={0x40, 0x6, 0xa5cf})

33.74036374s ago: executing program 2 (id=494):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000001580)=0x100000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0x24, 0x25, 0x20, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x6, 0xd}, {0x480bd72125a0c189, 0xfff2}, {0xffe0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x400400c}, 0xc0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001440)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000600ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae640b1086cda40e00aec58754734be31d750351dc076eb43d9828149d6cb0c729c193838da5d02621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900e61d81503d3b557f0ec28da23c"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r7, 0x5608, 0x1)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab780ef39fa3910d96072000001ea800000000fdffffff0000faffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac000000000000000000000000001700", "90be8bf4bd00000000000000000000000000001000", [0x4]}})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9)
socket$can_bcm(0x1d, 0x2, 0x2)

31.986748848s ago: executing program 2 (id=497):
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
openat$dlm_control(0xffffffffffffff9c, 0x0, 0xc000, 0x0)
ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x80085665, 0x0)
socket$packet(0x11, 0x2, 0x300)
openat$vcsa(0xffffffffffffff9c, 0x0, 0x242002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x1}})
io_uring_enter(0xffffffffffffffff, 0x3516, 0x97e3, 0xb, 0x0, 0x0)

30.817247958s ago: executing program 2 (id=499):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2200050, &(0x7f0000000080)=ANY=[], 0xde, 0x1b5, &(0x7f0000000200)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5goGK3/6tr7MOv6t6Uzf3X9fzbPFzevfwAbDIaj7y3Pc38nKJywKEc9JIgHlycciyKPohLT5KS8W3a6CP6+dmAapsV81d7kWABuq/qf/q/6YDh62+u3um7X/dH4+Gl+7A7P5fW1p3MAe255cw4AAAAAAAAAAAAAAPbRU0nP0gRNH/ADAAAAsDOu9pkhR1L8Y38AAAAAAAAAAAAAAAAAAAAAsrsIAAD//1S3QoQ=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$phonet(0x23, 0x2, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r1, 0x5607, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000640), 0x10, 0x20000000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000080)={'veth1_to_batadv\x00', {0x2, 0x0, @remote}})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000480)=0x800000000000)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000180)='.\x00', &(0x7f0000000200), 0x800, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=rdmq,port=0x0000000000004e23,\x00'])
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000600)={0x34, 0x0, &(0x7f0000000500)=[@increfs_done, @increfs={0x40046304, 0x1}, @clear_death, @increfs={0x40046304, 0x1}], 0x36, 0x0, &(0x7f0000000540)="dd7e4067023c513d377dc57f882976c07524b2b6c187fa6cb9675a4f35a2a5759ae9ff4c4cd22632835b962edcf339784ffd5a9c42a9"})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
r8 = syz_open_procfs(r2, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r8, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0)

28.649586583s ago: executing program 2 (id=503):
ioctl$FS_IOC_SETFLAGS(0xffffffffffffffff, 0x40086602, 0x0)
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
r0 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000180)={0x40, 0x6, 0xa5cf})

27.757468398s ago: executing program 2 (id=507):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000001580)=0x100000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0x24, 0x25, 0x20, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x6, 0xd}, {0x480bd72125a0c189, 0xfff2}, {0xffe0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x400400c}, 0xc0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001440)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000600ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae640b1086cda40e00aec58754734be31d750351dc076eb43d9828149d6cb0c729c193838da5d02621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900e61d81503d3b557f0ec28da23c"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r7, 0x5608, 0x1)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab780ef39fa3910d96072000001ea800000000fdffffff0000faffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac000000000000000000000000001700", "90be8bf4bd00000000000000000000000000001000", [0x4]}})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9)
socket$can_bcm(0x1d, 0x2, 0x2)

27.328801254s ago: executing program 33 (id=507):
r0 = syz_open_dev$loop(&(0x7f0000000100), 0xd79, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.stat\x00', 0x275a, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000001580)=0x100000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x2, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20854}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000280)={0xffffffffffffffff, 0x0, 0x0}, 0x10)
sendmsg$nl_route_sched(r5, &(0x7f0000000380)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000300)={&(0x7f0000000540)=@delqdisc={0x24, 0x25, 0x20, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0x6, 0xd}, {0x480bd72125a0c189, 0xfff2}, {0xffe0, 0x4}}}, 0x24}, 0x1, 0x0, 0x0, 0x400400c}, 0xc0)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000900)={0xffffffffffffffff, 0xffffffffffffffff, 0x4}, 0x10)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15)
r6 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r6, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001440)=ANY=[@ANYBLOB="140100002e00010000000000fcdbdf250401f2800c00180008ac0f00000000001400010000000000000000000600ffffac14141650bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae640b1086cda40e00aec58754734be31d750351dc076eb43d9828149d6cb0c729c193838da5d02621dc08c029d1608a46cf26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f00ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be820400e900e61d81503d3b557f0ec28da23c"], 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0)
r7 = syz_open_dev$tty20(0xc, 0x4, 0x0)
ioctl$TCFLSH(r7, 0x5608, 0x1)
ioctl$LOOP_CONFIGURE(r0, 0x4c0a, &(0x7f00000002c0)={r1, 0x0, {0x2a00, 0x80010000, 0x0, 0x7, 0x0, 0x0, 0x0, 0x0, 0x1c, "fee8a2ab780ef39fa3910d96072000001ea800000000fdffffff0000faffffffffffffff00", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac000000000000000000000000001700", "90be8bf4bd00000000000000000000000000001000", [0x4]}})
syz_emit_vhci(&(0x7f0000000000)=@HCI_EVENT_PKT={0x4, @hci_ev_remote_oob_data_request={{0x35, 0x6}}}, 0x9)
socket$can_bcm(0x1d, 0x2, 0x2)

11.678654049s ago: executing program 1 (id=548):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2200050, &(0x7f0000000080)=ANY=[], 0xde, 0x1b5, &(0x7f0000000200)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5goGK3/6tr7MOv6t6Uzf3X9fzbPFzevfwAbDIaj7y3Pc38nKJywKEc9JIgHlycciyKPohLT5KS8W3a6CP6+dmAapsV81d7kWABuq/qf/q/6YDh62+u3um7X/dH4+Gl+7A7P5fW1p3MAe255cw4AAAAAAAAAAAAAAPbRU0nP0gRNH/ADAAAAsDOu9pkhR1L8Y38AAAAAAAAAAAAAAAAAAAAAsrsIAAD//1S3QoQ=")
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000640), 0x10, 0x20000000)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r2=>r1}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000600)={0x34, 0x0, &(0x7f0000000500)=[@increfs_done, @increfs={0x40046304, 0x1}, @clear_death, @increfs={0x40046304, 0x1}], 0x36, 0x0, &(0x7f0000000540)="dd7e4067023c513d377dc57f882976c07524b2b6c187fa6cb9675a4f35a2a5759ae9ff4c4cd22632835b962edcf339784ffd5a9c42a9"})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)

9.81423082s ago: executing program 3 (id=553):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402609333340000000000109022400010000000009040000010301010009210000000122010009058103"], 0x0)
syz_usb_connect$cdc_ecm(0x6, 0x4d, &(0x7f0000000380)={{0x12, 0x1, 0x310, 0x2, 0x0, 0x0, 0x8, 0x525, 0xa4a1, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x3b, 0x1, 0x1, 0x3, 0x100, 0xc, [{{0x9, 0x4, 0x0, 0xa, 0x3, 0x2, 0x6, 0x0, 0x6, {{0x5}, {0x5, 0x24, 0x0, 0x7ff}, {0xd, 0x24, 0xf, 0x1, 0xb, 0x40, 0x8195, 0x8}}, {[], {{0x9, 0x5, 0x82, 0x2, 0x8, 0x9, 0x0, 0x8}}, {{0x9, 0x5, 0x3, 0x2, 0x10, 0x4, 0x8e, 0x9}}}}}]}}]}}, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000280)={0x24, 0x0, 0x0, &(0x7f0000000200)={0x0, 0x22, 0x1, {[@local=@item_012={0x0, 0x2, 0x9}]}}, 0x0}, 0x0)

9.79206446s ago: executing program 1 (id=554):
r0 = syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1014800, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYBLOB="b8f5dd9098d670b9fbc005f8f1bc235a3487fda0b1ad27ec605f3b"], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xfffe82)
getdents64(r0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file1\x00', 0x8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r4 = openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f0000000480)={[{@gid_forget}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8}, {@uid}, {}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortad}, {@uid_forget}, {@iocharset={'iocharset', 0x3d, 'cp861'}}]}, 0x1, 0xc4f, &(0x7f0000000f40)="$eJzs3UFsHNd9B+D/Gy3FpdxWTJwqThoHm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuREpdmCIJkm5kIy2YXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyJAgZ6IFjaCoge2CBCgQMBgZt+KS4q0ZZGUKPn7bOq3M/PezHsz6xlZ0JsXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDE77108fSzaYcNRx5AYwCA++Ly+FdOn9np+Q8APLKu7Pb//wAAAAAAAAAAAAAAwGGRoojHI8X85fU0WS131C+1+167NTEyunO1gVTVPFKVL3/qz545e+6Lzw2f7+al9uz71N9vn45Xxq9cbLw4d3N+YXpxcXqqMTHbvjY3NX3Xe9hr/e2GqhPQuPnqa1PXry82zjxzdsvmW4Pv9T92YvDC8FOnnuyWnRgZHR3fLFLvLV+754Z07DbC42gUcSpSPP3dn6RWRBSx93NRv7/XfruBqhNDVScmRkarjsy0W7NL5cax7okoIho9lZrdc7TztYha333tw+6aEctl88sGD5XdG59vLbSuzkw3xloLS+2l9tzsWOq0tuxPI4o4nyJWImKt/87d9UURtUjx7ePr6Wp+60d1Hr5QDQzevR3FAfbxLpTtbPRFrBQPwTU7xPqjiJcjxU/fPhnX8n2mutd8PuLlMr8f8WaZL0Sk8otxLuLdHb5HPJxqUcSfl9f/wnqaqu4H3fvKpa82vjx7fa6nbPe+8iGfD3fcKR7Q82FgW94fh/zeVI8iWtUdfz3d+292AAAAAAAAAAAAAAAAANhvA1HEpyLFS//2R9W44qjGpR+/MPz7g7/cO2b8iQ/YT1n2mYhYLu5uTO7RPDBwLI2l9IDHEn+U1aOIP87j/775oBsDAAAAAAAAAAAAAAAAAADwkVbEjyPF8++cTCvRO6d4e/ZG40rr6kxnVtju3L/dOdM3NjY2GqmTzZyTOZdzruRczbmWM4pcP2cz52TO5ZwrOVdzruWMI7l+zmbOyZzLOVdyruZcyxm1XD9nM+dkzuWcKzlXc67ljEMydy8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOkiCJ+Him+9fX1FCkimhGT0cnV/gfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+F6kaPxB8/a6WkSk6t+Ok+Uv56J5tMyPR3O4zBeieTFnq8pa85sPoP3sTV8q4keRor/+1u0Lnq9/X2fp9tcg3vzG5tKna5080t04+F7/YyeOXxge/ewTu31OOzVg6FJ79rVbjYmR0dHxntW1fPSP96wbzMct9qfrRMTi62+82pqZmV649w/lV+Aeq3ev5B6Ofj8/pNpD01Qf9uND1A5FMx5M37eoP4ibEweufP6/Gyl++53/6D7wO8//evxSZ+n2Ez5+9iebz//nt+/oLp//te318vO/fBLs9Px/vGfd8/l3I321iPrSzfm+ExH1xdffONW+2boxfWN69tzp018aHv7S2dN9RyPq19sz0z2f9uV0AQAAAAAAAAAAAAAAANw/qYjfjRStH62nRkTcqsZrDV4YfurUk0fiSDXeasu47VfGr1xsvDh3c35henFxeqoxMdu+Njc1fbeHq1fDvSZGRg+kMx9o4IDbP1B/cW7+9YX2jT9c2nH7sfrFq4tLC61rO2+OgSgimr1rhqoGT4yMVo2eabdmq6pjOw6m//D6UhH/GSmunWukz+V1efz/9hH+W8b/L2/f0T6O///ssc3xfx/rKVoeM6UifhYpfusvnojPVe08Fnecs1zubyLF0PnP5HJxtCzXbUPnvQKdkYFl2f+NFP/w861lu+MhH98s++yHOrkPgfL6H48U3/uz78Sv53Vb3/+w8/U/tn1HB/T+h0/0rDu25X0Fe+46+fqfihQvPP5W/Ea15v/f9/0f3Tc2nOwU3nw/xwFd/1/tWTeYj/ub+9V5AAAAAAAAAACAh1hfKuJvI8UPRmvpubzubv7+39T2HR3Q3//6ZM+6qf2Zr+gDP+z5pAIAAADAIdGXivhxpLix9NbtMdRbx3/3jP/8nc3xnyNp29bqz/l+pXpvwH7++V+vwXzcyb13GwAAAAAAAAAAAAAAAAAAAA6VlIp4Ls+nPlmN55/adT711Ujx0n8/nculE2W57jzwg9Wv9ctzs6cuzszM1WOpdXVmujE+37o2Xdb9RKRY/+vP5LpFNb96d775zhzvm3OxL0SK0b/rlu3Mxd6dm7wzH3h9YyPi2bLsxyLFf/391rJ5auo8d3S13zNl2b+KFF/7p53Lntgse7Ys+51I8cOvNbplj5Vlu+9H/eRm2WeuzRUHcFUAAAAAAAAAAAAAAAAAAAD4qOlLRfxppPifmyu3x/Ln+f/7ehYrb36jZ77/bW5V8/wPVvP/7/b5Xub/r94rsLzbUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NGUoog3IsX85fW02l8ud9QvtWdfuzUxMrpztYFU1TxSlS9/6s+eOXvui88Nn+/m+9ffb5+KV8avXGy8OHdzfmF6cXF6qjEx2742NzV913vYa/3thqoT8O/HI6auX19snHnm7JbNtwbf63/sxOCF4adOPZnLNiZGRkfHe8rU+u756HdIu6w/GkX8ZaR4+rs/ST/ojyhi7+fiA747B22g6sRQ1YmJkdGqIzPt1uxSuXGseyKKiEZPpWb3HN2Ha7EnzYjlsvllg4fK7o3PtxZaV2emG2OthaX2Untudix1Wlv2pxFFnE8RKxGx1n/n7vqiiFcjxbePr6d/7o840j0PX7g8/pXTZ3ZvR3GAfbwLZTsbfRErxUNwzQ6x/ijiHyPFT98+Gf/SH1GLzk98PuLlMr8f8WZ0rncqvxjnIt7d4XvEw6kWRfxfef0vrKe3+8v7Qfe+cumrjS/PXp/rKdu9rzz0z4f76ZDfm+pRxA+rO/56+lf/XQMAAAAAAAAAAAAAAAAcIkX8WqR4/p2TqRoffHtMcXv2RuNK6+pMZ1hfd+xfd8z0xsbGRiN1spmzntcv5+WVnKs513JGkevnbJZZ39iYzMvLOVdyruZcyxlHcv2czZyTOZdzruRczbmWM2q5fs5mzsmcyzlXcq7mXMsZh2TsHgAAAAAAAAAAAAAAAAAA8Ggpqn9SfOvr62mjvzO/9GR0ctV8oI+8XwQAAP//6gL1LQ==")
sendfile(r3, r4, 0x0, 0xfffe82)

9.334891778s ago: executing program 1 (id=555):
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0xffffffff, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x963, 0x3, 0x53, 0x202, 0x1, 0xc})

8.714261538s ago: executing program 1 (id=556):
setsockopt$bt_BT_DEFER_SETUP(0xffffffffffffffff, 0x112, 0xf, 0x0, 0x0)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x210000000013, 0x0, 0x0)
r1 = gettid()
clock_nanosleep(0xfffffff2, 0x0, &(0x7f0000000140)={0x77359400}, &(0x7f0000000040))
rt_sigqueueinfo(r1, 0x21, &(0x7f0000002d00)={0xfffd, 0x0, 0xffffffff})
setsockopt$inet_tcp_TCP_REPAIR_OPTIONS(r0, 0x6, 0x16, &(0x7f0000005540)=[@timestamp, @timestamp], 0x2)
setsockopt$IP_VS_SO_SET_STARTDAEMON(r0, 0x0, 0x48b, &(0x7f0000000100)={0x2, 'bridge0\x00'}, 0x18)

8.61007048s ago: executing program 0 (id=557):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x3)

7.530487657s ago: executing program 0 (id=558):
socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000001840), 0x2982, 0x0)
r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/timer_list\x00', 0x0, 0x0)
sendfile(r2, r3, 0x0, 0x20000023896)

6.915526817s ago: executing program 3 (id=559):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2200050, &(0x7f0000000080)=ANY=[], 0xde, 0x1b5, &(0x7f0000000200)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5goGK3/6tr7MOv6t6Uzf3X9fzbPFzevfwAbDIaj7y3Pc38nKJywKEc9JIgHlycciyKPohLT5KS8W3a6CP6+dmAapsV81d7kWABuq/qf/q/6YDh62+u3um7X/dH4+Gl+7A7P5fW1p3MAe255cw4AAAAAAAAAAAAAAPbRU0nP0gRNH/ADAAAAsDOu9pkhR1L8Y38AAAAAAAAAAAAAAAAAAAAAsrsIAAD//1S3QoQ=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$phonet(0x23, 0x2, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r1, 0x5607, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000640), 0x10, 0x20000000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000080)={'veth1_to_batadv\x00', {0x2, 0x0, @remote}})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000480)=0x800000000000)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000180)='.\x00', &(0x7f0000000200), 0x800, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=rdmq,port=0x0000000000004e23,\x00'])
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000600)={0x34, 0x0, &(0x7f0000000500)=[@increfs_done, @increfs={0x40046304, 0x1}, @clear_death, @increfs={0x40046304, 0x1}], 0x36, 0x0, &(0x7f0000000540)="dd7e4067023c513d377dc57f882976c07524b2b6c187fa6cb9675a4f35a2a5759ae9ff4c4cd22632835b962edcf339784ffd5a9c42a9"})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
preadv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0)

5.760533016s ago: executing program 3 (id=560):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
syz_emit_ethernet(0x76, &(0x7f0000000040)=ANY=[], 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000006, 0x4132, 0xffffffffffffffff, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil)

4.658187704s ago: executing program 3 (id=561):
mkdir(&(0x7f0000002bc0)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x1)
openat$sysctl(0xffffffffffffff9c, &(0x7f0000000100)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(0xffffffffffffffff, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f00000000c0)=[0x0], 0x0, 0x0, 0x0, 0x1})
syz_open_dev$usbfs(&(0x7f0000000100), 0x206, 0x20182)
ioctl$DRM_IOCTL_MODE_GETCRTC(0xffffffffffffffff, 0xc06864a1, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
ioctl$DRM_IOCTL_MODE_GETFB2(0xffffffffffffffff, 0xc06864ce, &(0x7f0000000340)={0x0, 0xd, 0x0, 0x0, 0x0, [], [0x0, 0x7], [0x0, 0x0, 0x2, 0x3], [0x0, 0x0, 0x1, 0x1]})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000140)={0x3ff, 0x2, 0x806})
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(0xffffffffffffffff, 0xc00c642e, &(0x7f0000000300))
mq_open(0x0, 0x6e93ebbbcc0884f2, 0x0, 0x0)
r2 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000100), 0x40202, 0x0)
ioctl$SNDCTL_DSP_STEREO(r2, 0xc0045003, &(0x7f00000000c0)=0x1)
mmap$dsp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x1000007, 0x12, r2, 0x0)
ioctl$SNDCTL_DSP_POST(r2, 0x5008, 0x0)
write$uinput_user_dev(0xffffffffffffffff, 0x0, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000850000002a000000180100006420207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b701009427957900850000006d00000095000000000000000000"], &(0x7f0000000000)='syzkaller\x00', 0xfffffffc, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r3, 0x0, 0x5}, 0x18)
r4 = socket$inet(0x2, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f0000000980)={'filter\x00', 0x7, 0xa00, 0x3a0, 0x1d0, 0x1d0, 0xe8, 0x2b8, 0x2b8, 0x2b8, 0x4, 0x0, {[{{@uncond, 0xc0, 0xe8}, @unspec=@STANDARD={0x28}}, {{@arp={@rand_addr, @multicast1, 0x0, 0x0, 0x0, 0x0, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'nicvf0\x00', 'pimreg\x00'}, 0xc0, 0xe8}, @unspec=@AUDIT={0x28}}, {{@uncond, 0xc0, 0xe8}, @unspec=@NFQUEUE0={0x28}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x3f0)

4.528187736s ago: executing program 0 (id=562):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000380)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, 0x0, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f0000001a00), r3)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r3, &(0x7f0000001b40)={0x0, 0x0, &(0x7f0000001b00)={&(0x7f0000001a40)={0x14, r4, 0x528ea124191aeb57, 0x70bd2b, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x20000084}, 0x48044)

3.452927663s ago: executing program 3 (id=563):
r0 = syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000040)='./file1\x00', 0x1014800, &(0x7f0000000080)=ANY=[@ANYRES8=0x0, @ANYBLOB="b8f5dd9098d670b9fbc005f8f1bc235a3487fda0b1ad27ec605f3b"], 0x1, 0xda6, &(0x7f0000003c80)="$eJzs3ctvXFf9APBzx544r/7iNO4vJoTEJJSGR+wmtSg7XCksKqQKKX9BFdKS4pZHwqJVKiVZsCVS1T+AqmtY8MyiUtRVUDcg/oGqKzahqlQgQmqNbJ8zHn8zw51xbI/H8/lId87c+z33nnPmcefOfZ0EjKzGyuP8/HSV0tt33rrw4OT4v5ennGzlmFl5HM9jCymlZmu+lCbD8hYmVtPPPrl+qT39PKdVOp+qVLWmpxfut+Y9kFK6kWbS3TSZLn589PYrHzy/+N6Rm0cuvHnm3ta0HgAARsuD77370z8/9d3rh//zmxMLaaI1vWyfL+Txg3m7f6FaHc9J639A1ZZWbePFnpBvPA+NkG+sQ772cpoh33iX8veE5Ta75JuoKX+sbVqndsMwW/sfXzVm1403GrOzq//Jl304tqeafe3K4ktXB1RRYNN9ejLv4jMYDCM3LB0a9BoIYFU8bviQG3HPwqNpLW28t/LvP9foPD9sgu3+/Ct/uMp/96Y1Dptnt36aSrvK9+hgHo/HEcbDfP1+/8vy4vGIZo/17HYcYViOL3Sr59g212OjutU/fi52qy/ltLwOJ0K8/fsT39NheY+Bzh7Y/28wjOywNOgVELBjxfPmlrISj+f1xfhETXxvTXxfTXx/TfxATRxG2W+v/TLdrtb+58f/9P3uDyv72R7L6f/1WZ+4P7Lf8uN5v/161PLj+cSwo5351/FPf373L/H8/8/D+f+n82/pZF5BlP2Fcb9669z/cGFwo0u+x0N1HuuQf+X51Pp81dTaclLbeuahekyvn+9Qt3zH1+ebDPn2522RvaG+cftkf5ivbH+U9Wp5vcZDe5uhHXtCPco7czine0N7DndrV9iRvSfka+bhSGjXVGjXE2G+/w/tqqbXtyvuPy/1ORqmx+MkJV942x76XYrvRbwu41ROb+X0nZy+n9OPOpQ7isrnsdv5/+XzOZ2a1UtXFi8/ncfL5/TeWHNiefq5ba438Oh6vf5nOq2//udga3qz0b5eOLQ2vWpfL0yG6ee7TH8mj5ffsx+O7VuZPnvpx4s/2OzGw4i7+vobP3pxcfHyzzzxxBNPWk/+x0rj1zMXr23jOgrYGnPXXv3J3NXX3zh75dUXX7788uXXzj397W898+yz83MrW/Vz7dv2wO6y9qM/6JoAAAAAAAAAAAAAPav2dZ6c07r725brycv16fH6eIZDed/Kp6Hcx6Bc/9ntvi7l+s3D21BHNt92XE406DYCnf3D/X8NhpEdlpbcxR/YGQbd/1+572FJD5792+HloWS7/9z69WW8fyE8ip3e/5zyd1f/f63+r3pe/4UesyY3Vu7vHuz7a1ux6Viv5cf2l/vATvVX/u9z+aU1T6beyl/6VSg/3qi0R38I5e/vsfyH2n98Y+X/MZdfXrYzp3stf7XGVWN9PeJ+43IfwLjfuPhTaH+5t18/7T91a+Mdtd3J5cMoG5Z+Jvs1LP1/dlOWW9aDefXcOk5X7r8d+zvot/7lvt/ld+CJsPyq5vdN/5/Dra7/z/L5m9P/J+w6Hzr+ZzCM7LC0tDTQrk9Gtd+VnWLQr/+gtyEHXf6gX/86sf/P+H8p9v8Z47H/zxiP/X/GeOxfK8Zj/5/x9Yz9f8b40bDc2D/odE38CzXxYzXxL9bEj9fE4/+3GJ+piZ+oiZ+siT9eEz9VEz9dE/9KTfzJmvhTNfEzNfHd7ss5HdX2wyiL/Ub6/sPoKMd/un3/p2riwPCK/TrH7/dXa+LA8Crnefh+wwiqOt+xI+5vL/txb+X0nZy+n9OPtqyCbIev5fTrOf1GTr+Z07M5nc3pXE71DTncfvH3YyduV2vn+R0K8V7PJ43XA8T7xJzrsT7x+Fy/57Me7bGcrSp/g5eDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyNxsrj/Px0ldLbd9668M+p73x/ecrJVo6ZlcfxPLaQUmqmlKo8Ph6Wd2NiNf3sk+uXOqVVOr/yWMbTC/db8x5Ynj/NpLtpMl38+OjtVz54fvG9IzePXHjzzL2taT0AAACMhv8GAAD//5Cp5/o=")
r1 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
sendfile(r1, r2, 0x0, 0xfffe82)
getdents64(r0, 0x0, 0x0)
truncate(&(0x7f0000000040)='./file1\x00', 0x8)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff)
r4 = openat$nullb(0xffffffffffffff9c, 0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0xa00000, &(0x7f0000000480)={[{@gid_forget}, {@iocharset={'iocharset', 0x3d, 'cp1255'}}, {@utf8}, {@uid}, {}, {@iocharset={'iocharset', 0x3d, 'macinuit'}}, {@shortad}, {@uid_forget}, {@iocharset={'iocharset', 0x3d, 'cp861'}}]}, 0x1, 0xc4f, &(0x7f0000000f40)="$eJzs3UFsHNd9B+D/Gy3FpdxWTJwqThoHm7ZIZcZyZUkxFatwVzXNNoAsE6GYWwCuREpdmCIJkm5kIy2YXnroIUBR9JATgdYokKKB0RRBj0zrAsnFhyJAgZ6IFjaCoge2CBCgQMBgZt+KS4q0ZZGUKPn7bOq3M/PezHsz6xlZ0JsXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDE77108fSzaYcNRx5AYwCA++Ly+FdOn9np+Q8APLKu7Pb//wAAAAAAAAAAAAAAwGGRoojHI8X85fU0WS131C+1+167NTEyunO1gVTVPFKVL3/qz545e+6Lzw2f7+al9uz71N9vn45Xxq9cbLw4d3N+YXpxcXqqMTHbvjY3NX3Xe9hr/e2GqhPQuPnqa1PXry82zjxzdsvmW4Pv9T92YvDC8FOnnuyWnRgZHR3fLFLvLV+754Z07DbC42gUcSpSPP3dn6RWRBSx93NRv7/XfruBqhNDVScmRkarjsy0W7NL5cax7okoIho9lZrdc7TztYha333tw+6aEctl88sGD5XdG59vLbSuzkw3xloLS+2l9tzsWOq0tuxPI4o4nyJWImKt/87d9UURtUjx7ePr6Wp+60d1Hr5QDQzevR3FAfbxLpTtbPRFrBQPwTU7xPqjiJcjxU/fPhnX8n2mutd8PuLlMr8f8WaZL0Sk8otxLuLdHb5HPJxqUcSfl9f/wnqaqu4H3fvKpa82vjx7fa6nbPe+8iGfD3fcKR7Q82FgW94fh/zeVI8iWtUdfz3d+292AAAAAAAAAAAAAAAAANhvA1HEpyLFS//2R9W44qjGpR+/MPz7g7/cO2b8iQ/YT1n2mYhYLu5uTO7RPDBwLI2l9IDHEn+U1aOIP87j/775oBsDAAAAAAAAAAAAAAAAAADwkVbEjyPF8++cTCvRO6d4e/ZG40rr6kxnVtju3L/dOdM3NjY2GqmTzZyTOZdzruRczbmWM4pcP2cz52TO5ZwrOVdzruWMI7l+zmbOyZzLOVdyruZcyxm1XD9nM+dkzuWcKzlXc67ljEMydy8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKOkiCJ+Him+9fX1FCkimhGT0cnV/gfdOgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACg1J+K+F6kaPxB8/a6WkSk6t+Ok+Uv56J5tMyPR3O4zBeieTFnq8pa85sPoP3sTV8q4keRor/+1u0Lnq9/X2fp9tcg3vzG5tKna5080t04+F7/YyeOXxge/ewTu31OOzVg6FJ79rVbjYmR0dHxntW1fPSP96wbzMct9qfrRMTi62+82pqZmV649w/lV+Aeq3ev5B6Ofj8/pNpD01Qf9uND1A5FMx5M37eoP4ibEweufP6/Gyl++53/6D7wO8//evxSZ+n2Ez5+9iebz//nt+/oLp//te318vO/fBLs9Px/vGfd8/l3I321iPrSzfm+ExH1xdffONW+2boxfWN69tzp018aHv7S2dN9RyPq19sz0z2f9uV0AQAAAAAAAAAAAAAAANw/qYjfjRStH62nRkTcqsZrDV4YfurUk0fiSDXeasu47VfGr1xsvDh3c35henFxeqoxMdu+Njc1fbeHq1fDvSZGRg+kMx9o4IDbP1B/cW7+9YX2jT9c2nH7sfrFq4tLC61rO2+OgSgimr1rhqoGT4yMVo2eabdmq6pjOw6m//D6UhH/GSmunWukz+V1efz/9hH+W8b/L2/f0T6O///ssc3xfx/rKVoeM6UifhYpfusvnojPVe08Fnecs1zubyLF0PnP5HJxtCzXbUPnvQKdkYFl2f+NFP/w861lu+MhH98s++yHOrkPgfL6H48U3/uz78Sv53Vb3/+w8/U/tn1HB/T+h0/0rDu25X0Fe+46+fqfihQvPP5W/Ea15v/f9/0f3Tc2nOwU3nw/xwFd/1/tWTeYj/ub+9V5AAAAAAAAAACAh1hfKuJvI8UPRmvpubzubv7+39T2HR3Q3//6ZM+6qf2Zr+gDP+z5pAIAAADAIdGXivhxpLix9NbtMdRbx3/3jP/8nc3xnyNp29bqz/l+pXpvwH7++V+vwXzcyb13GwAAAAAAAAAAAAAAAAAAAA6VlIp4Ls+nPlmN55/adT711Ujx0n8/nculE2W57jzwg9Wv9ctzs6cuzszM1WOpdXVmujE+37o2Xdb9RKRY/+vP5LpFNb96d775zhzvm3OxL0SK0b/rlu3Mxd6dm7wzH3h9YyPi2bLsxyLFf/391rJ5auo8d3S13zNl2b+KFF/7p53Lntgse7Ys+51I8cOvNbplj5Vlu+9H/eRm2WeuzRUHcFUAAAAAAAAAAAAAAAAAAAD4qOlLRfxppPifmyu3x/Ln+f/7ehYrb36jZ77/bW5V8/wPVvP/7/b5Xub/r94rsLzbUQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4NGUoog3IsX85fW02l8ud9QvtWdfuzUxMrpztYFU1TxSlS9/6s+eOXvui88Nn+/m+9ffb5+KV8avXGy8OHdzfmF6cXF6qjEx2742NzV913vYa/3thqoT8O/HI6auX19snHnm7JbNtwbf63/sxOCF4adOPZnLNiZGRkfHe8rU+u756HdIu6w/GkX8ZaR4+rs/ST/ojyhi7+fiA747B22g6sRQ1YmJkdGqIzPt1uxSuXGseyKKiEZPpWb3HN2Ha7EnzYjlsvllg4fK7o3PtxZaV2emG2OthaX2Untudix1Wlv2pxFFnE8RKxGx1n/n7vqiiFcjxbePr6d/7o840j0PX7g8/pXTZ3ZvR3GAfbwLZTsbfRErxUNwzQ6x/ijiHyPFT98+Gf/SH1GLzk98PuLlMr8f8WZ0rncqvxjnIt7d4XvEw6kWRfxfef0vrKe3+8v7Qfe+cumrjS/PXp/rKdu9rzz0z4f76ZDfm+pRxA+rO/56+lf/XQMAAAAAAAAAAAAAAAAcIkX8WqR4/p2TqRoffHtMcXv2RuNK6+pMZ1hfd+xfd8z0xsbGRiN1spmzntcv5+WVnKs513JGkevnbJZZ39iYzMvLOVdyruZcyxlHcv2czZyTOZdzruRczbmWM2q5fs5mzsmcyzlXcq7mXMsZh2TsHgAAAAAAAAAAAAAAAAAA8Ggpqn9SfOvr62mjvzO/9GR0ctV8oI+8XwQAAP//6gL1LQ==")
sendfile(r3, r4, 0x0, 0xfffe82)

3.259782477s ago: executing program 1 (id=564):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000002c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$DRM_IOCTL_MODE_GETGAMMA(0xffffffffffffffff, 0xc02064a4, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x0, 0x0})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r3, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r3, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
setsockopt$inet_IP_XFRM_POLICY(r3, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@dev={0xfe, 0x80, '\x00', 0x40}, @in6=@dev={0xfe, 0x80, '\x00', 0x3b}, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0xfffffffffffffffe}, {0x0, 0x7e000000000}, 0x40000, 0x0, 0x1}, {{@in6=@empty, 0x0, 0x33}, 0x0, @in=@private=0xa010100, 0x0, 0x0, 0x0, 0xb7, 0xffffffff}}, 0xe8)
sendmmsg(r3, &(0x7f0000007fc0), 0x800001d, 0x0)

3.134879549s ago: executing program 0 (id=565):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000140)='./file1\x00', 0x228010, &(0x7f0000000600)={[{@dax}, {@min_batch_time={'min_batch_time', 0x3d, 0x2}}, {@noinit_itable}, {@norecovery}, {@noacl}, {@orlov}, {@noacl}, {@dioread_nolock}, {@nomblk_io_submit}, {@data_err_abort}, {@nouid32}, {@grpjquota}]}, 0x3, 0x57a, &(0x7f0000000f80)="$eJzs3V1rHNUbAPBnNtm+//9NoRT1QgK9sFK7aRJfKgitl6LFgt7XJdmGkk23ZDeliYW2F/bGGymCiAXxA3jvZfEL+CkKWihSgl54E5nNTLsm2bx1bFLn94Npz5mZ7DNnzzxnz+zssgGU1nD6TyXi5Yj4Kok43LNtMLKNw8v7LT6+MZEuSSwtffJ7Ekm2Lt8/yf4/mFVeioifv4g4WemNuLxXe35hut5sNmaztSOdmasj7fmFU5dn6lONqcaVsfHxM2+Nj737ztuFtfX1C39++/H9D858eXzxmx8fHrmbxLk4lG3rbcczuNVbGY7hrLXVOLdix9ECgu0myU4fANsykOV5NdIx4HAMZFkP/PfdjIgloKQS+Q8llc8D8mv7gq6DXxiP3l++AFrd/sHl90ZiX/fa6MBi8o8ro/R6d6iA+GmMn367dzddYoP3IW4WEA8gd+t2RJweHFw9/iXZ+Ld9p7tvHq9vZYyyvf7ATrqfzn/eWGv+U3ky/4k15j8H18jd7dg4/ysPCwjTVzr/e2/N+e+ToWtoIKv9rzvnqyaXLjcbpyPi/xFxIqp70/p693POLD5Y6retd/6XLmn8fC6YHcfDwb3Lpfwey2S9U3/Wduce3Y545en8N4lV4/++btyV/Z8+Hxc2GeNY496r/bZt3P5exc+Al36IeG3N/n96RytZ//7kSPd8GMnPitX+uHPsl37xt9b+4qX9f2D99g8lvfdr21uP8f2+vxr9tm3l/M+l5/+e5NNueU+27nq905kdjdiTfLR6/djTv83r+f5p+08cX3/8W+v83x8Rn22y/XeO3um763B3fN3Z/p/cUv9vvfDgw8+/6xd/c/3/Zrd0IluzmfFvswf4LM8dAAAAAAAA7DaViDgUSaX2pFyp1GrLn+84GgcqzVa7c/JSa+7KZHS/KzsU1Up+p/twz+chRrPPw+b1sRX18Yg4EhFfD+zv1msTrebkTjceAAAAAAAAAAAAAAAAAAAAdomDfb7/n/p1YKePDvjX+clvKK8N87+IX3oCdiWv/1Be8h/KS/5Decl/KC/5D+Ul/6G85D+Ul/wHAAAAAAAAAAAAAAAAAAAAAAAAAACAQl04fz5dlhYf35hI65PX5uemW9dOTTba07WZuYnaRGv2am2q1ZpqNmoTrZmNHq/Zal0dHYu56yOdRrsz0p5fuDjTmrvSuXh5pj7VuNioPpdWAQAAAAAAAAAAAAAAAAAAwIulPb8wXW82G7MKfQtno9AHrD6ng8+7uJls1Mtnsz23FWtwt3STQqGFnRuTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGClvwMAAP//0hAuRg==")
mkdir(&(0x7f00000004c0)='./control\x00', 0x11c)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x0, 0x3032, 0xffffffffffffffff, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socket$nl_route(0x10, 0x3, 0x0)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, 0x0, 0x40000402)
umount2(&(0x7f0000000100)='./file1\x00', 0x1)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_vcan(r4, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r5=>0x0})
bind$can_j1939(0xffffffffffffffff, &(0x7f0000000080)={0x1d, r5}, 0x18)
sendmsg$can_j1939(0xffffffffffffffff, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)

1.995178288s ago: executing program 1 (id=566):
syz_usb_connect(0x5, 0x36, &(0x7f0000000380)={{0x12, 0x1, 0x0, 0x23, 0x20, 0xc2, 0x10, 0x424, 0xc001, 0x49e4, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0xe4, 0x0, 0x2, 0x6c, 0x62, 0x1c, 0x0, [], [{{0x9, 0x5, 0x4, 0x2, 0x400, 0x0, 0xfa}}, {{0x9, 0x5, 0xd, 0x2, 0x40, 0xfc}}]}}]}}]}}, 0x0)

1.928023288s ago: executing program 3 (id=567):
r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000040)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4d8, 0xc002, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x4, [{{0x9, 0x4, 0x0, 0x0, 0x4, 0x3, 0x0, 0x2, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x3}}, {{{0x9, 0x5, 0x81, 0x3, 0x40, 0xee}}}}}]}}]}}, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000400)={0x24, 0x0, 0x0, &(0x7f0000000080)={0x0, 0x22, 0x5, {[@local=@item_4={0x3, 0x2, 0x3, "2e2a9bad"}]}}, 0x0}, 0x0)

1.410352147s ago: executing program 0 (id=568):
syz_mount_image$minix(&(0x7f0000000180), &(0x7f00000001c0)='./file0\x00', 0x2200050, &(0x7f0000000080)=ANY=[], 0xde, 0x1b5, &(0x7f0000000200)="$eJzs282O0lAYxvGnlALi99fGlYkL3QiKbtzJBXgD7ghUQixqxA3ExHgpcyfcydwAJDO7WU0nLWUCpMBpOzOF4f9LgDc5fc45JD1wzqICcLAehe+WLDlh5fv+v5eSvn6RVMx5cgCula9zH8Chsk/yngGAfEybdrgPGFvS8enf9iR6OYb7h2mzMCsqkhbyJdP8fyv8fFGUJgv5ctTl1v3L0Sz/Wsv5OwnHr67kq1ty1mV+9v3fvFrO35V0T9J9SQ8kPYzOWo8lPYkZv7My/nPD+QNZBHdfLWs+QwfB6vnW89x3cY329rwT5d/HNy/8hIxjLyhF+YbhfNflP6TMl6N8rf3T68S0F1L2C5goGK3/6tr7MOv6t6Uzf3X9fzbPFzevfwAbDIaj7y3Pc38nKJywKEc9JIgHlycciyKPohLT5KS8W3a6CP6+dmAapsV81d7kWABuq/qf/q/6YDh62+u3um7X/dH4+Gl+7A7P5fW1p3MAe255cw4AAAAAAAAAAAAAAPbRU0nP0gRNH/ADAAAAsDOu9pkhR1L8Y38AAAAAAAAAAAAAAAAAAAAAsrsIAAD//1S3QoQ=")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = socket$phonet(0x23, 0x2, 0x1)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000340), r0)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$KDSIGACCEPT(r1, 0x5607, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000640), 0x10, 0x20000000)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[], 0x48)
ioctl$sock_inet_SIOCSIFADDR(0xffffffffffffffff, 0x8916, &(0x7f0000000080)={'veth1_to_batadv\x00', {0x2, 0x0, @remote}})
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000480)=0x800000000000)
mount$9p_rdma(&(0x7f0000000000), &(0x7f0000000180)='.\x00', &(0x7f0000000200), 0x800, &(0x7f0000000400)=ANY=[@ANYBLOB='trans=rdmq,port=0x0000000000004e23,\x00'])
ioctl$AUTOFS_DEV_IOCTL_CATATONIC(0xffffffffffffffff, 0xc0189379, &(0x7f00000004c0)={{0x1, 0x1, 0x18, <r5=>r4}, './file0\x00'})
ioctl$BINDER_WRITE_READ(r5, 0xc0306201, &(0x7f0000000600)={0x34, 0x0, &(0x7f0000000500)=[@increfs_done, @increfs={0x40046304, 0x1}, @clear_death, @increfs={0x40046304, 0x1}], 0x36, 0x0, &(0x7f0000000540)="dd7e4067023c513d377dc57f882976c07524b2b6c187fa6cb9675a4f35a2a5759ae9ff4c4cd22632835b962edcf339784ffd5a9c42a9"})
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='pstore\x00', 0x1c011, 0x0)
r6 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r7 = ioctl$LOOP_CTL_GET_FREE(r6, 0x4c82)
ioctl$LOOP_CTL_REMOVE(r6, 0x4c81, r7)
preadv(0xffffffffffffffff, &(0x7f00000000c0)=[{&(0x7f0000000580)=""/128, 0x80}], 0x1, 0x5b, 0x0)

0s ago: executing program 0 (id=569):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x44, 0x86}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./bus\x00', 0x300000a, &(0x7f0000000a00)={[{@nodatacow}, {@nobarrier}, {@nodiscard}, {@clear_cache}, {@ssd_spread}, {@clear_cache}, {@ref_verify}, {@thread_pool={'thread_pool', 0x3d, 0x8}}, {@rescan_uuid_tree}, {@acl}, {@ssd_spread}, {@nossd}]}, 0x3, 0x55a3, &(0x7f000000e0c0)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file6\x00', 0x101442, 0xfb)
write$RDMA_USER_CM_CMD_GET_EVENT(r0, 0x0, 0x0)
sendmsg$IPCTNL_MSG_EXP_NEW(0xffffffffffffffff, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = syz_open_dev$radio(&(0x7f00000001c0), 0x3, 0x2)
ioctl$VIDIOC_G_MODULATOR(r4, 0xc0445636, &(0x7f00000002c0)={0x0, "511299aa76a6d31300", 0x520, 0x6, 0x0, 0x4, 0x2})
r5 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_int(r5, 0x107, 0xa, &(0x7f0000000180)=0x2, 0x4)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000280)={'bond0\x00', <r6=>0x0})
bind$packet(r5, &(0x7f00000002c0)={0x11, 0x9, r6, 0x1, 0x5, 0x6, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x1d}}, 0x14)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000040)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x0, 0x0, 0x3}, 0x1c)
socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$BTRFS_IOC_DEFRAG_RANGE(r0, 0x40309410, &(0x7f0000000040)={0x2, 0x2, 0x1, 0x7, 0x1, [0x180000, 0x4]})
r7 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_NL_KEY_SET(r7, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x0)

kernel console output (not intermixed with test programs):

type 2 family 0 port 6081 - 0
[   76.089019][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.107556][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.110893][ T4258] device veth1_macvtap entered promiscuous mode
[   76.133405][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   76.144195][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   76.152773][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   76.194926][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.205667][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.221488][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.235691][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.246734][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.257478][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.267921][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.278407][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.291318][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.304332][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.315724][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.327001][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.338192][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.348322][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.359012][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.369947][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   76.380718][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.393449][ T4258] batman_adv: batadv0: Interface activated: batadv_slave_0
[   76.405135][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   76.417223][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   76.426984][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.437866][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   76.447010][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   76.468214][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.479152][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.490226][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.502758][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.513642][ T4258] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.525074][ T4258] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.537517][ T4258] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.585306][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.616727][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.628516][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.639283][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.649799][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.662325][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.672871][ T4259] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   76.684314][ T4259] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   76.697246][ T4259] batman_adv: batadv0: Interface activated: batadv_slave_1
[   76.718198][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   76.728182][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   76.737758][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   76.746716][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   76.767142][ T4258] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.776020][ T4258] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.785211][ T4258] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.796789][ T4258] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.818974][   T33] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   76.830532][   T33] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   76.840202][ T4259] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   76.859429][ T4259] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   76.861755][ T4295] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   76.871189][ T4259] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   76.891533][ T4259] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   76.923064][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   76.965638][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   77.081336][ T4295] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[   77.133796][ T4295] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   77.146838][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   77.304831][ T4295] usb 1-1: config 0 descriptor??
[   77.482932][ T4265] Bluetooth: hci3: command 0x0419 tx timeout
[   77.489594][   T47] Bluetooth: hci4: command 0x0419 tx timeout
[   77.499184][ T4265] Bluetooth: hci1: command 0x0419 tx timeout
[   77.499510][   T47] Bluetooth: hci2: command 0x0419 tx timeout
[   77.563306][ T4265] Bluetooth: hci0: command 0x0419 tx timeout
[   77.681147][ T4334] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   77.952074][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.960555][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   77.968913][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   77.977230][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   77.985578][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   78.009706][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.097319][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.123124][ T4342] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   78.240378][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   78.292512][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   78.322379][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   78.362462][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   78.377802][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   78.442381][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   78.626081][ T4343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   78.695915][ T4295] usb 1-1: Cannot set autoneg
[   78.743677][ T4343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   78.881220][ T4299] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   79.807163][ T4295] MOSCHIP usb-ethernet driver: probe of 1-1:0.0 failed with error -71
[   80.066906][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.091286][ T4295] usb 1-1: USB disconnect, device number 2
[   80.113856][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.142153][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   80.227143][ T4343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   80.270882][ T4343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   80.340670][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   82.062794][ T4371] lo speed is unknown, defaulting to 1000
[   82.071365][ T4371] lo speed is unknown, defaulting to 1000
[   82.405662][ T4372] netlink: 224 bytes leftover after parsing attributes in process `syz.2.10'.
[   82.615681][ T4371] lo speed is unknown, defaulting to 1000
[   82.762295][ T4373] loop9: detected capacity change from 0 to 7
[   83.036055][ T4371] infiniband syz0: set active
[   83.036129][ T4371] infiniband syz0: added lo
[   83.043182][   T22] lo speed is unknown, defaulting to 1000
[   83.120704][ T4373] Dev loop9: unable to read RDB block 7
[   83.120773][ T4373]  loop9: unable to read partition table
[   83.120966][ T4373] loop9: partition table beyond EOD, truncated
[   83.120987][ T4373] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[   83.236157][ T4371] RDS/IB: syz0: added
[   83.240834][ T4371] smc: adding ib device syz0 with port count 1
[   83.247203][ T4371] smc:    ib device syz0 port 1 has pnetid 
[   83.255027][ T4371] lo speed is unknown, defaulting to 1000
[   83.329093][ T4371] lo speed is unknown, defaulting to 1000
[   83.354597][ T4295] lo speed is unknown, defaulting to 1000
[   83.491702][ T4371] lo speed is unknown, defaulting to 1000
[   83.598092][ T4371] lo speed is unknown, defaulting to 1000
[   83.691683][ T4371] lo speed is unknown, defaulting to 1000
[   84.807527][ T4379] netlink: 16 bytes leftover after parsing attributes in process `syz.3.12'.
[   85.186685][ T4390] overlayfs: failed to resolve './file1': -2
[   86.773429][  T126] cfg80211: failed to load regulatory.db
[   86.861007][ T4399] loop4: detected capacity change from 0 to 4096
[   86.929637][ T4395] loop2: detected capacity change from 0 to 8192
[   86.964990][ T4395]  loop2: p1 < > p3 < p5 > p4
[   86.971816][ T4395] loop2: partition table partially beyond EOD, truncated
[   86.979530][ T4395] loop2: p1 start 4294967040 is beyond EOD, truncated
[   87.032620][ T4399] NILFS (loop4): invalid segment: Checksum error in segment payload
[   87.041184][ T4399] NILFS (loop4): trying rollback from an earlier position
[   87.079726][ T4399] NILFS (loop4): recovery complete
[   87.132451][ T4404] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   87.223374][   T26] audit: type=1800 audit(1745024788.039:2): pid=4399 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.16" name="file1" dev="loop4" ino=12 res=0 errno=0
[   87.598318][ T4411] netlink: 'syz.2.20': attribute type 4 has an invalid length.
[   87.647204][ T4243] udevd[4243]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[   87.660655][ T4403] udevd[4403]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[   87.682202][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[   87.720406][ T4410] loop3: detected capacity change from 0 to 4096
[   87.800336][ T4411] infiniband syz0: set down
[   87.840517][ T4410] NILFS (loop3): invalid segment: Checksum error in segment payload
[   87.869392][ T4410] NILFS (loop3): trying rollback from an earlier position
[   87.876744][ T4294] lo speed is unknown, defaulting to 1000
[   87.893991][ T4294] lo speed is unknown, defaulting to 1000
[   87.934953][ T4402] loop0: detected capacity change from 0 to 512
[   87.968599][ T4410] NILFS (loop3): recovery complete
[   87.995212][ T4402] EXT4-fs: Ignoring removed nobh option
[   88.018536][ T4418] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.054667][   T26] audit: type=1800 audit(1745024788.869:3): pid=4410 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.21" name="file1" dev="loop3" ino=12 res=0 errno=0
[   88.074794][    C0] vkms_vblank_simulate: vblank timer overrun
[   88.086564][ T4402] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[   88.356278][ T4423] loop4: detected capacity change from 0 to 4096
[   88.425528][ T4423] NILFS (loop4): invalid segment: Checksum error in segment payload
[   88.441850][ T4423] NILFS (loop4): trying rollback from an earlier position
[   88.452076][ T4402] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[   88.519424][ T4423] NILFS (loop4): recovery complete
[   88.552381][ T4432] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   88.572724][   T26] audit: type=1800 audit(1745024789.389:4): pid=4423 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.22" name="file1" dev="loop4" ino=12 res=0 errno=0
[   88.592867][    C0] vkms_vblank_simulate: vblank timer overrun
[   90.690537][ T4266] Bluetooth: hci4: Controller not accepting commands anymore: ncmd = 0
[   90.703193][ T4266] Bluetooth: hci4: Injecting HCI hardware error event
[   90.711511][ T4266] Bluetooth: hci4: hardware error 0x00
[   90.869073][ T4439] loop2: detected capacity change from 0 to 512
[   90.940327][ T4439] EXT4-fs: Ignoring removed i_version option
[   90.997514][ T4439] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   91.103751][ T4443] lo speed is unknown, defaulting to 1000
[   91.140761][ T4439] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[   91.216965][ T4439] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[   91.275213][ T4439] EXT4-fs (loop2): orphan cleanup on readonly fs
[   91.483699][ T4439] EXT4-fs (loop2): 1 truncate cleaned up
[   91.492771][ T4439] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   92.135662][ T4449] loop4: detected capacity change from 0 to 8192
[   92.246026][ T4449]  loop4: p1 < > p3 < p5 > p4
[   92.286023][ T4449] loop4: partition table partially beyond EOD, truncated
[   92.370940][ T4449] loop4: p1 start 4294967040 is beyond EOD, truncated
[   93.001832][ T4266] Bluetooth: hci4: Opcode 0x0c03 failed: -110
[   93.428691][ T4459] loop3: detected capacity change from 0 to 4096
[   93.457245][ T4461] loop4: detected capacity change from 0 to 4096
[   93.494022][ T4444] loop1: detected capacity change from 0 to 32768
[   93.510859][ T4459] NILFS (loop3): invalid segment: Checksum error in segment payload
[   93.515199][ T4461] NILFS (loop4): invalid segment: Checksum error in segment payload
[   93.540659][ T4444] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.28 (4444)
[   93.554104][ T4461] NILFS (loop4): trying rollback from an earlier position
[   93.556142][ T4459] NILFS (loop3): trying rollback from an earlier position
[   93.615426][ T4461] NILFS (loop4): recovery complete
[   93.622289][ T4459] NILFS (loop3): recovery complete
[   93.640401][ T4462] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.652062][ T4444] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   93.653041][ T4463] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   93.673166][ T4444] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[   93.673451][ T4444] BTRFS info (device loop1): force clearing of disk cache
[   93.674093][ T4444] BTRFS info (device loop1): metadata ratio 0
[   93.734982][   T26] audit: type=1800 audit(1745024794.549:5): pid=4459 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.33" name="file1" dev="loop3" ino=12 res=0 errno=0
[   93.752524][ T4444] BTRFS info (device loop1): enabling ssd optimizations
[   93.790722][ T4444] BTRFS info (device loop1): using spread ssd allocation scheme
[   93.832089][ T4444] BTRFS info (device loop1): using free space tree
[   94.116298][ T4485] netlink: 'syz.4.35': attribute type 4 has an invalid length.
[   94.169266][ T4444] BTRFS error (device loop1): open_ctree failed: -12
[   94.396961][ T4258] EXT4-fs (loop2): unmounting filesystem.
[   95.730293][ T4505] loop2: detected capacity change from 0 to 512
[   96.506465][ T4266] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[   96.515640][ T4266] Bluetooth: hci3: Injecting HCI hardware error event
[   96.531666][ T4266] Bluetooth: hci3: hardware error 0x00
[   96.546731][ T4505] EXT4-fs: Ignoring removed nobh option
[   96.655942][ T4505] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[   96.888434][ T4512] loop3: detected capacity change from 0 to 4096
[   97.168027][ T4512] NILFS (loop3): invalid segment: Checksum error in segment payload
[   97.323965][ T4512] NILFS (loop3): trying rollback from an earlier position
[   97.378571][ T4505] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[   97.380435][ T4512] NILFS (loop3): recovery complete
[   97.435679][ T4518] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   97.488017][   T26] audit: type=1800 audit(1745024798.299:6): pid=4512 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.43" name="file1" dev="loop3" ino=12 res=0 errno=0
[   98.940978][ T4266] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[   99.210810][ T4533] loop3: detected capacity change from 0 to 4096
[   99.392579][ T4533] NILFS (loop3): invalid segment: Checksum error in segment payload
[   99.406438][ T4536] loop2: detected capacity change from 0 to 4096
[   99.473008][ T4533] NILFS (loop3): trying rollback from an earlier position
[   99.558839][ T4541] rdma_rxe: rxe_register_device failed with error -23
[   99.566860][ T4541] rdma_rxe: failed to add lo
[   99.692063][ T4536] NILFS (loop2): invalid segment: Checksum error in segment payload
[   99.700117][ T4536] NILFS (loop2): trying rollback from an earlier position
[   99.723234][ T4533] NILFS (loop3): recovery complete
[   99.779254][ T4541] netlink: 224 bytes leftover after parsing attributes in process `syz.0.48'.
[   99.855113][ T4541] loop9: detected capacity change from 0 to 7
[   99.884308][ T4541] Dev loop9: unable to read RDB block 7
[   99.890095][ T4541]  loop9: unable to read partition table
[   99.896407][ T4541] loop9: partition table beyond EOD, truncated
[   99.902732][ T4541] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  100.391733][ T4544] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.402726][ T4536] NILFS (loop2): recovery complete
[  100.421733][ T4540] lo speed is unknown, defaulting to 1000
[  100.473029][ T4545] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  100.525058][   T26] audit: type=1800 audit(1745024801.339:7): pid=4536 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.49" name="file1" dev="loop2" ino=12 res=0 errno=0
[  100.612364][ T4548] loop0: detected capacity change from 0 to 512
[  100.627432][   T26] audit: type=1800 audit(1745024801.429:8): pid=4547 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.49" name="file1" dev="loop2" ino=12 res=0 errno=0
[  100.642367][ T4548] EXT4-fs: Ignoring removed i_version option
[  100.709325][ T4548] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  100.770032][ T4548] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  100.839762][ T4548] EXT4-fs (loop0): orphan cleanup on readonly fs
[  100.848978][ T4548] EXT4-fs (loop0): 1 truncate cleaned up
[  100.890564][ T4548] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  100.891090][ T4551] netlink: 'syz.3.52': attribute type 4 has an invalid length.
[  101.944990][ T4266] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  101.958498][ T4266] Bluetooth: hci2: Injecting HCI hardware error event
[  101.973678][ T4266] Bluetooth: hci2: hardware error 0x00
[  103.730198][ T4570] loop2: detected capacity change from 0 to 512
[  103.737031][ T4570] EXT4-fs: Ignoring removed nobh option
[  103.746073][ T4570] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  104.121942][ T4266] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  105.821808][ T4570] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  106.193123][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  106.280925][ T4591] loop3: detected capacity change from 0 to 4096
[  106.357717][ T4593] loop4: detected capacity change from 0 to 4096
[  106.394043][ T4591] NILFS (loop3): invalid segment: Checksum error in segment payload
[  106.420690][ T4591] NILFS (loop3): trying rollback from an earlier position
[  106.538873][ T4593] NILFS (loop4): invalid segment: Checksum error in segment payload
[  106.601877][ T4591] NILFS (loop3): recovery complete
[  106.608959][ T4593] NILFS (loop4): trying rollback from an earlier position
[  106.643998][ T4600] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  106.667977][   T26] audit: type=1800 audit(1745024807.479:9): pid=4591 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.62" name="file1" dev="loop3" ino=12 res=0 errno=0
[  106.841797][   T47] Bluetooth: hci1: command 0x0409 tx timeout
[  107.401468][ T4593] NILFS (loop4): recovery complete
[  107.467536][ T4607] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  107.590529][ T4606] loop0: detected capacity change from 0 to 4096
[  107.639492][ T4606] NILFS (loop0): invalid segment: Checksum error in segment payload
[  107.675968][ T4606] NILFS (loop0): trying rollback from an earlier position
[  107.813257][ T4606] NILFS (loop0): recovery complete
[  107.840421][ T4615] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  108.002641][ T4618] lo speed is unknown, defaulting to 1000
[  108.182575][ T4625] rdma_rxe: already configured on lo
[  108.619426][   T26] audit: type=1800 audit(1745024809.429:10): pid=4606 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.67" name="file1" dev="loop0" ino=12 res=0 errno=0
[  108.841741][ T4266] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  108.850364][ T4266] Bluetooth: hci1: Injecting HCI hardware error event
[  108.859259][   T47] Bluetooth: hci1: hardware error 0x00
[  108.869593][   T26] audit: type=1800 audit(1745024809.459:11): pid=4620 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.67" name="file1" dev="loop0" ino=12 res=0 errno=0
[  109.097337][ T4628] loop2: detected capacity change from 0 to 8192
[  109.164017][ T4628]  loop2: p1 < > p3 < p5 > p4
[  109.170851][ T4628] loop2: partition table partially beyond EOD, truncated
[  109.190678][ T4628] loop2: p1 start 4294967040 is beyond EOD, truncated
[  109.550815][ T4631] rdma_rxe: rxe_register_device failed with error -23
[  109.558189][ T4631] rdma_rxe: failed to add lo
[  109.727472][ T4631] netlink: 224 bytes leftover after parsing attributes in process `syz.4.70'.
[  110.424980][ T4621] loop3: detected capacity change from 0 to 32768
[  110.476888][ T4621] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop3 scanned by syz.3.69 (4621)
[  111.780114][   T47] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  112.012792][ T4621] BTRFS error (device loop3): open_ctree failed: -4
[  112.059811][ T4650] loop0: detected capacity change from 0 to 512
[  112.112683][ T4650] EXT4-fs: Ignoring removed i_version option
[  112.123553][ T4650] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  112.201758][ T4650] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  112.230018][ T4653] loop2: detected capacity change from 0 to 512
[  112.239987][ T4653] EXT4-fs: Ignoring removed nobh option
[  112.250012][ T4653] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  112.369999][ T4650] EXT4-fs (loop0): orphan cleanup on readonly fs
[  112.435203][ T4650] EXT4-fs (loop0): 1 truncate cleaned up
[  112.491896][ T4650] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  112.522427][ T4657] netlink: 'syz.3.77': attribute type 4 has an invalid length.
[  112.967260][ T4653] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  114.792276][ T4672] loop1: detected capacity change from 0 to 4096
[  115.503653][ T4672] NILFS (loop1): invalid segment: Checksum error in segment payload
[  115.600888][ T4672] NILFS (loop1): trying rollback from an earlier position
[  115.741864][ T4672] NILFS (loop1): recovery complete
[  115.842909][ T4679] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  115.864321][   T26] audit: type=1800 audit(1745024816.679:12): pid=4672 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.81" name="file1" dev="loop1" ino=12 res=0 errno=0
[  116.248985][ T4682] loop2: detected capacity change from 0 to 8192
[  116.301732][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  116.307402][ T4684] loop3: detected capacity change from 0 to 4096
[  116.342328][ T4682]  loop2: p1 < > p3 < p5 > p4
[  116.347791][ T4682] loop2: partition table partially beyond EOD, truncated
[  116.405428][ T4682] loop2: p1 start 4294967040 is beyond EOD, 
[  116.406300][ T4684] NILFS (loop3): invalid segment: Checksum error in segment payload
[  116.434897][ T4682] truncated
[  116.586910][ T4684] NILFS (loop3): trying rollback from an earlier position
[  117.122906][ T4689] netlink: 'syz.4.88': attribute type 4 has an invalid length.
[  117.142866][ T4684] NILFS (loop3): recovery complete
[  117.235583][ T4691] lo speed is unknown, defaulting to 1000
[  117.273373][ T4694] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  117.339539][   T26] audit: type=1800 audit(1745024818.149:13): pid=4684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.85" name="file1" dev="loop3" ino=12 res=0 errno=0
[  118.776234][ T4707] loop2: detected capacity change from 0 to 512
[  118.783260][ T4707] EXT4-fs: Ignoring removed nobh option
[  118.800047][ T4707] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  119.163891][   T26] audit: type=1800 audit(1745024819.979:14): pid=4699 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.85" name="file1" dev="loop3" ino=12 res=0 errno=0
[  119.911566][    C1] sched: RT throttling activated
[  120.340088][ T4707] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  121.003428][ T4725] loop0: detected capacity change from 0 to 512
[  121.010594][ T4725] EXT4-fs: Ignoring removed i_version option
[  121.744622][ T4725] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  121.787399][ T4725] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  121.889504][ T4725] EXT4-fs (loop0): orphan cleanup on readonly fs
[  121.938110][ T4725] EXT4-fs (loop0): 1 truncate cleaned up
[  121.977624][ T4725] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  122.067848][ T4730] loop3: detected capacity change from 0 to 4096
[  122.122231][ T4733] netlink: 'syz.4.99': attribute type 4 has an invalid length.
[  122.139770][ T4736] loop1: detected capacity change from 0 to 8192
[  122.172218][ T4730] NILFS (loop3): invalid segment: Checksum error in segment payload
[  122.215408][ T4736]  loop1: p1 < > p3 < p5 > p4
[  122.230458][ T4736] loop1: partition table partially beyond EOD, truncated
[  122.322003][ T4736] loop1: p1 start 4294967040 is beyond EOD, truncated
[  122.332582][ T4730] NILFS (loop3): trying rollback from an earlier position
[  122.365155][ T4739] rdma_rxe: already configured on lo
[  122.559007][ T4739] netlink: 224 bytes leftover after parsing attributes in process `syz.2.100'.
[  122.958997][ T4730] NILFS (loop3): recovery complete
[  123.044703][ T4741] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  123.191671][   T26] audit: type=1800 audit(1745024823.969:15): pid=4730 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.98" name="file1" dev="loop3" ino=12 res=0 errno=0
[  123.262803][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  123.360238][ T4744] loop2: detected capacity change from 0 to 4096
[  123.786960][ T4744] NILFS (loop2): invalid segment: Checksum error in segment payload
[  123.978195][ T4744] NILFS (loop2): trying rollback from an earlier position
[  124.380426][ T4744] NILFS (loop2): recovery complete
[  125.908260][ T4757] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  126.068625][ T4759] loop1: detected capacity change from 0 to 512
[  126.075746][ T4759] EXT4-fs: Ignoring removed nobh option
[  126.086791][ T4759] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  126.118221][   T26] audit: type=1800 audit(1745024826.929:16): pid=4744 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.104" name="file1" dev="loop2" ino=12 res=0 errno=0
[  126.138542][    C0] vkms_vblank_simulate: vblank timer overrun
[  126.405891][ T4765] lo speed is unknown, defaulting to 1000
[  126.521854][ T4759] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  126.584552][   T26] audit: type=1800 audit(1745024827.389:17): pid=4766 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.104" name="file1" dev="loop2" ino=12 res=0 errno=0
[  126.604904][    C0] vkms_vblank_simulate: vblank timer overrun
[  127.174874][ T4778] netlink: 'syz.3.112': attribute type 4 has an invalid length.
[  128.681015][ T4788] loop2: detected capacity change from 0 to 512
[  128.745612][ T4788] EXT4-fs: Ignoring removed i_version option
[  128.808898][ T4788] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  128.941063][ T4788] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  129.344730][ T4797] rdma_rxe: rxe_register_device failed with error -23
[  129.352368][ T4797] rdma_rxe: failed to add lo
[  129.530528][ T4797] netlink: 224 bytes leftover after parsing attributes in process `syz.1.116'.
[  129.781380][ T4797] tty tty22: ldisc open failed (-12), clearing slot 21
[  129.798678][ T4788] EXT4-fs (loop2): orphan cleanup on readonly fs
[  130.030572][ T4788] EXT4-fs (loop2): 1 truncate cleaned up
[  130.066920][ T4788] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  132.108630][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  132.435981][ T4816] loop3: detected capacity change from 0 to 4096
[  132.765793][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  132.773338][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  133.154800][ T4816] NILFS (loop3): invalid segment: Checksum error in segment payload
[  133.169004][ T4816] NILFS (loop3): trying rollback from an earlier position
[  133.198969][ T4824] loop4: detected capacity change from 0 to 512
[  133.208991][ T4823] netlink: 'syz.2.125': attribute type 4 has an invalid length.
[  133.261852][ T4816] NILFS (loop3): recovery complete
[  133.284104][ T4827] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.296061][   T26] audit: type=1800 audit(1745024834.109:18): pid=4816 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.121" name="file1" dev="loop3" ino=12 res=0 errno=0
[  133.301163][ T4824] EXT4-fs: Ignoring removed nobh option
[  133.323916][ T4818] loop0: detected capacity change from 0 to 4096
[  133.368499][ T4826] loop1: detected capacity change from 0 to 4096
[  133.375111][ T4818] NILFS (loop0): invalid segment: Checksum error in segment payload
[  133.415741][ T4818] NILFS (loop0): trying rollback from an earlier position
[  133.427772][ T4824] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  133.448573][ T4826] NILFS (loop1): invalid segment: Checksum error in segment payload
[  133.492331][ T4818] NILFS (loop0): recovery complete
[  133.501795][ T4826] NILFS (loop1): trying rollback from an earlier position
[  133.515695][ T4829] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.618775][ T4826] NILFS (loop1): recovery complete
[  133.675710][ T4832] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  133.804264][   T26] audit: type=1800 audit(1745024834.619:19): pid=4826 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.126" name="file1" dev="loop1" ino=12 res=0 errno=0
[  134.351600][ T4824] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  134.630824][   T26] audit: type=1800 audit(1745024834.639:20): pid=4836 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.126" name="file1" dev="loop1" ino=12 res=0 errno=0
[  134.699244][ T4842] lo speed is unknown, defaulting to 1000
[  137.751821][ T4860] loop2: detected capacity change from 0 to 512
[  137.767923][ T4860] EXT4-fs: Ignoring removed i_version option
[  137.980375][ T4860] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  138.180081][ T4860] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  138.460545][ T4860] EXT4-fs (loop2): orphan cleanup on readonly fs
[  138.483318][ T4860] EXT4-fs (loop2): 1 truncate cleaned up
[  138.489133][ T4860] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  138.823311][ T4871] netlink: 'syz.1.137': attribute type 4 has an invalid length.
[  139.202502][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  139.519525][ T4878] loop3: detected capacity change from 0 to 4096
[  139.556464][ T4878] NILFS (loop3): invalid segment: Checksum error in segment payload
[  139.566584][ T4878] NILFS (loop3): trying rollback from an earlier position
[  139.584908][ T4879] loop2: detected capacity change from 0 to 4096
[  139.607168][ T4878] NILFS (loop3): recovery complete
[  139.781013][ T4882] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  139.845043][ T4879] NILFS (loop2): invalid segment: Checksum error in segment payload
[  140.439804][   T26] audit: type=1800 audit(1745024841.169:21): pid=4878 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.139" name="file1" dev="loop3" ino=12 res=0 errno=0
[  140.492663][ T4879] NILFS (loop2): trying rollback from an earlier position
[  140.725750][ T4879] NILFS (loop2): recovery complete
[  142.044010][ T4894] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  142.434924][ T4891] loop4: detected capacity change from 0 to 8192
[  142.677961][ T4846] I/O error, dev loop4, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  143.351759][ T4903] lo speed is unknown, defaulting to 1000
[  143.396211][ T4913] loop4: detected capacity change from 0 to 512
[  143.472914][ T4913] EXT4-fs: Ignoring removed i_version option
[  143.563470][ T4913] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  143.606525][ T4913] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  143.870623][ T4913] EXT4-fs (loop4): orphan cleanup on readonly fs
[  143.890635][ T4913] EXT4-fs (loop4): 1 truncate cleaned up
[  143.914730][ T4913] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  143.926199][ T4919] netlink: 'syz.3.151': attribute type 4 has an invalid length.
[  144.235498][ T4921] loop1: detected capacity change from 0 to 512
[  144.292864][ T4921] EXT4-fs: Ignoring removed nobh option
[  144.340189][ T4921] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  144.906854][ T4904] loop0: detected capacity change from 0 to 32768
[  144.957486][ T4904] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.148 (4904)
[  145.127935][ T4904] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  145.139275][ T4921] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  145.157000][ T4904] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  145.199195][ T4904] BTRFS info (device loop0): force clearing of disk cache
[  145.240010][ T4904] BTRFS info (device loop0): metadata ratio 0
[  145.273426][ T4904] BTRFS info (device loop0): enabling ssd optimizations
[  145.302100][ T4904] BTRFS info (device loop0): using spread ssd allocation scheme
[  145.351220][ T4904] BTRFS info (device loop0): using free space tree
[  145.418989][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  145.458173][ T4931] loop2: detected capacity change from 0 to 4096
[  145.642131][ T4904] BTRFS error (device loop0): open_ctree failed: -12
[  145.715624][ T4931] NILFS (loop2): invalid segment: Checksum error in segment payload
[  145.781644][ T4931] NILFS (loop2): trying rollback from an earlier position
[  145.932906][ T4931] NILFS (loop2): recovery complete
[  146.082436][ T4961] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  146.115532][ T4953] loop4: detected capacity change from 0 to 4096
[  146.157437][   T26] audit: type=1800 audit(1745024846.959:22): pid=4931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.154" name="file1" dev="loop2" ino=12 res=0 errno=0
[  146.346264][ T4953] NILFS (loop4): invalid segment: Checksum error in segment payload
[  146.384439][   T26] audit: type=1800 audit(1745024847.199:23): pid=4965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.154" name="file1" dev="loop2" ino=12 res=0 errno=0
[  146.394154][ T4953] NILFS (loop4): trying rollback from an earlier position
[  146.494070][ T4967] loop0: detected capacity change from 0 to 4096
[  146.524661][ T4953] NILFS (loop4): recovery complete
[  146.526150][ T4967] NILFS (loop0): invalid segment: Checksum error in segment payload
[  146.548263][ T4967] NILFS (loop0): trying rollback from an earlier position
[  146.566193][ T4967] NILFS (loop0): recovery complete
[  146.583519][ T4968] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  146.667853][ T4969] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  146.693763][   T26] audit: type=1800 audit(1745024847.509:24): pid=4953 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.157" name="file1" dev="loop4" ino=12 res=0 errno=0
[  148.143087][ T4981] netlink: 'syz.2.163': attribute type 4 has an invalid length.
[  149.340260][ T4988] loop2: detected capacity change from 0 to 512
[  149.361566][ T4988] EXT4-fs: Ignoring removed i_version option
[  149.380696][ T4988] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  149.397605][ T4988] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  149.792815][ T4988] EXT4-fs (loop2): orphan cleanup on readonly fs
[  149.814394][ T4988] EXT4-fs (loop2): 1 truncate cleaned up
[  149.873286][ T4996] lo speed is unknown, defaulting to 1000
[  149.881930][ T4988] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  150.185190][ T5000] loop4: detected capacity change from 0 to 4096
[  150.214239][ T5000] NILFS (loop4): invalid segment: Checksum error in segment payload
[  150.270724][ T5000] NILFS (loop4): trying rollback from an earlier position
[  150.598768][ T5000] NILFS (loop4): recovery complete
[  150.617848][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  150.622185][ T5006] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  150.721054][ T5008] loop0: detected capacity change from 0 to 4096
[  150.754216][ T5008] NILFS (loop0): invalid segment: Checksum error in segment payload
[  150.909971][ T5010] loop2: detected capacity change from 0 to 4096
[  150.911607][ T5008] NILFS (loop0): trying rollback from an earlier position
[  150.940238][ T5010] NILFS (loop2): invalid segment: Checksum error in segment payload
[  150.969194][ T5010] NILFS (loop2): trying rollback from an earlier position
[  150.985714][ T5008] NILFS (loop0): recovery complete
[  151.007148][ T5013] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.021306][ T5010] NILFS (loop2): recovery complete
[  151.032561][   T26] audit: type=1800 audit(1745024851.849:25): pid=5008 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.172" name="file1" dev="loop0" ino=12 res=0 errno=0
[  151.107722][ T5014] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  151.162054][   T26] audit: type=1800 audit(1745024851.979:26): pid=5010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.173" name="file1" dev="loop2" ino=12 res=0 errno=0
[  151.440450][   T26] audit: type=1800 audit(1745024852.009:27): pid=5010 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.173" name="file1" dev="loop2" ino=12 res=0 errno=0
[  151.973152][ T5022] rdma_rxe: rxe_register_device failed with error -23
[  151.981985][ T5022] rdma_rxe: failed to add lo
[  152.148949][ T5022] netlink: 224 bytes leftover after parsing attributes in process `syz.3.176'.
[  152.159603][ T5022] loop9: detected capacity change from 0 to 7
[  152.451287][ T5022] Dev loop9: unable to read RDB block 7
[  152.457540][ T5022]  loop9: unable to read partition table
[  152.463417][ T5022] loop9: partition table beyond EOD, truncated
[  152.469602][ T5022] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  152.969976][ T5028] netlink: 'syz.4.178': attribute type 4 has an invalid length.
[  153.469029][ T5033] loop3: detected capacity change from 0 to 8192
[  154.158960][ T3622]  loop3: p1 < > p3 < p5 > p4
[  154.195804][ T3622] loop3: partition table partially beyond EOD, truncated
[  154.208551][ T5044] loop2: detected capacity change from 0 to 512
[  154.242602][ T3622] loop3: p1 start 4294967040 is beyond EOD, truncated
[  154.248443][ T5044] EXT4-fs: Ignoring removed i_version option
[  154.257028][ T5044] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  154.285094][ T5043] loop4: detected capacity change from 0 to 512
[  154.291671][ T5044] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  154.307619][ T4241] I/O error, dev loop3, sector 8064 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  154.362484][ T5043] EXT4-fs: Ignoring removed nobh option
[  154.373239][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  154.383454][ T5043] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  154.390878][ T5044] EXT4-fs (loop2): orphan cleanup on readonly fs
[  154.440584][ T5044] EXT4-fs (loop2): 1 truncate cleaned up
[  154.470174][ T5044] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  154.765672][ T5043] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  154.768786][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  155.112958][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  155.697384][ T5057] loop3: detected capacity change from 0 to 4096
[  155.778983][ T5057] NILFS (loop3): invalid segment: Checksum error in segment payload
[  155.793279][ T5057] NILFS (loop3): trying rollback from an earlier position
[  155.824783][ T5057] NILFS (loop3): recovery complete
[  155.861705][ T5058] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  156.058289][ T5060] loop0: detected capacity change from 0 to 4096
[  156.135734][ T5060] NILFS (loop0): invalid segment: Checksum error in segment payload
[  156.201457][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  156.208105][ T5060] NILFS (loop0): trying rollback from an earlier position
[  156.300322][ T5060] NILFS (loop0): recovery complete
[  156.361800][ T5065] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  156.561813][   T26] audit: type=1800 audit(1745024857.319:28): pid=5060 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.187" name="file1" dev="loop0" ino=12 res=0 errno=0
[  157.057796][ T5070] netlink: 'syz.2.190': attribute type 4 has an invalid length.
[  157.546858][ T5080] rdma_rxe: rxe_register_device failed with error -23
[  157.554199][ T5080] rdma_rxe: failed to add lo
[  157.759670][ T5080] netlink: 224 bytes leftover after parsing attributes in process `syz.3.191'.
[  157.770853][ T5080] loop9: detected capacity change from 0 to 7
[  157.780007][ T5080] Dev loop9: unable to read RDB block 7
[  157.785821][ T5080]  loop9: unable to read partition table
[  157.791738][ T5080] loop9: partition table beyond EOD, truncated
[  157.798004][ T5080] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  159.304525][ T5096] lo speed is unknown, defaulting to 1000
[  159.924160][ T5103] loop1: detected capacity change from 0 to 4096
[  160.006406][ T5103] NILFS (loop1): invalid segment: Checksum error in segment payload
[  160.019442][ T5103] NILFS (loop1): trying rollback from an earlier position
[  160.070121][ T5103] NILFS (loop1): recovery complete
[  160.098472][ T5107] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  160.137112][ T5108] loop3: detected capacity change from 0 to 512
[  160.143791][   T26] audit: type=1800 audit(1745024860.959:29): pid=5103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.199" name="file1" dev="loop1" ino=12 res=0 errno=0
[  160.157841][ T5108] EXT4-fs: Ignoring removed i_version option
[  160.212954][ T5108] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  160.231706][   T26] audit: type=1800 audit(1745024860.979:30): pid=5103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.199" name="file1" dev="loop1" ino=12 res=0 errno=0
[  160.239620][ T5106] loop4: detected capacity change from 0 to 4096
[  160.259355][ T5108] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  160.317734][ T5108] EXT4-fs (loop3): orphan cleanup on readonly fs
[  160.375879][ T5106] NILFS (loop4): invalid segment: Checksum error in segment payload
[  160.409106][ T5108] EXT4-fs (loop3): 1 truncate cleaned up
[  160.427082][ T5108] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  160.447230][ T5106] NILFS (loop4): trying rollback from an earlier position
[  160.519000][ T5106] NILFS (loop4): recovery complete
[  160.557632][ T5110] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  160.645700][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  160.705387][ T5098] loop2: detected capacity change from 0 to 32768
[  160.745514][ T5098] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.198 (5098)
[  160.843995][ T5098] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  160.889760][ T5098] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  160.933019][ T5098] BTRFS info (device loop2): force clearing of disk cache
[  160.940245][ T5098] BTRFS info (device loop2): metadata ratio 0
[  160.996030][ T5098] BTRFS info (device loop2): enabling ssd optimizations
[  161.004377][ T5116] netlink: 'syz.4.204': attribute type 4 has an invalid length.
[  161.031666][ T5098] BTRFS info (device loop2): using spread ssd allocation scheme
[  161.039371][ T5098] BTRFS info (device loop2): using free space tree
[  161.065048][ T5114] loop1: detected capacity change from 0 to 4096
[  161.268225][ T5114] NILFS (loop1): invalid segment: Checksum error in segment payload
[  161.303917][ T5114] NILFS (loop1): trying rollback from an earlier position
[  162.075359][ T5114] NILFS (loop1): recovery complete
[  162.184438][ T5141] loop4: detected capacity change from 0 to 512
[  162.195479][ T5141] EXT4-fs: Ignoring removed nobh option
[  162.214847][ T5141] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  162.478494][ T5143] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  162.763313][   T26] audit: type=1800 audit(1745024863.579:31): pid=5114 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.203" name="file1" dev="loop1" ino=12 res=0 errno=0
[  162.787039][ T5098] BTRFS error (device loop2): open_ctree failed: -12
[  163.157634][ T5141] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  163.211234][ T5150] loop3: detected capacity change from 0 to 8192
[  163.313500][ T5150]  loop3: p1 < > p3 < p5 > p4
[  163.327057][ T5150] loop3: partition table partially beyond EOD, truncated
[  163.336286][ T5150] loop3: p1 start 4294967040 is beyond EOD, truncated
[  164.559044][ T5164] loop4: detected capacity change from 0 to 512
[  164.638749][ T5164] EXT4-fs: Ignoring removed i_version option
[  164.751899][ T5164] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  165.039131][ T5171] rdma_rxe: already configured on lo
[  165.756906][ T5164] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  165.849103][ T5164] EXT4-fs (loop4): orphan cleanup on readonly fs
[  165.893234][ T5164] EXT4-fs (loop4): 1 truncate cleaned up
[  165.916692][ T5164] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  166.087473][ T5174] loop3: detected capacity change from 0 to 4096
[  166.153286][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  166.335687][ T5174] NILFS (loop3): invalid segment: Checksum error in segment payload
[  166.350648][ T5174] NILFS (loop3): trying rollback from an earlier position
[  166.377121][ T5174] NILFS (loop3): recovery complete
[  166.383324][ T5180] netlink: 'syz.0.216': attribute type 4 has an invalid length.
[  166.400526][ T5184] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  166.419524][   T26] audit: type=1800 audit(1745024867.229:32): pid=5174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.214" name="file1" dev="loop3" ino=12 res=0 errno=0
[  166.950818][   T26] audit: type=1800 audit(1745024867.229:33): pid=5174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.214" name="file1" dev="loop3" ino=12 res=0 errno=0
[  167.465491][ T5199] lo speed is unknown, defaulting to 1000
[  168.170888][ T5207] loop3: detected capacity change from 0 to 512
[  168.179770][ T5207] EXT4-fs: Ignoring removed nobh option
[  168.200416][ T5207] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  169.183191][ T5207] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  169.333425][ T5211] loop4: detected capacity change from 0 to 8192
[  169.340553][ T5213] loop0: detected capacity change from 0 to 4096
[  169.436873][ T5213] NILFS (loop0): invalid segment: Checksum error in segment payload
[  169.469639][ T5213] NILFS (loop0): trying rollback from an earlier position
[  169.479437][ T5211]  loop4: p1 < > p3 < p5 > p4
[  169.485240][ T5211] loop4: partition table partially beyond EOD, truncated
[  169.500972][ T5213] NILFS (loop0): recovery complete
[  169.512023][ T5211] loop4: p1 start 4294967040 is beyond EOD, truncated
[  169.566812][ T5214] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  169.631426][   T26] audit: type=1800 audit(1745024870.439:34): pid=5213 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.225" name="file1" dev="loop0" ino=12 res=0 errno=0
[  169.651754][    C0] vkms_vblank_simulate: vblank timer overrun
[  169.964842][ T5219] rdma_rxe: rxe_register_device failed with error -23
[  169.972260][ T5219] rdma_rxe: failed to add lo
[  170.171006][ T5219] netlink: 224 bytes leftover after parsing attributes in process `syz.3.226'.
[  170.182035][ T5219] loop9: detected capacity change from 0 to 7
[  170.193738][ T5219] Dev loop9: unable to read RDB block 7
[  170.200074][ T5219]  loop9: unable to read partition table
[  170.206776][ T5219] loop9: partition table beyond EOD, truncated
[  170.213011][ T5219] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  172.158879][ T5231] loop3: detected capacity change from 0 to 512
[  172.189657][ T5231] EXT4-fs: Ignoring removed i_version option
[  172.230854][ T5231] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  172.257161][ T5231] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  172.338290][ T5231] EXT4-fs (loop3): orphan cleanup on readonly fs
[  172.345217][ T5231] EXT4-fs (loop3): 1 truncate cleaned up
[  172.351497][ T5231] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  173.320532][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  173.331571][ T5243] netlink: 'syz.4.233': attribute type 4 has an invalid length.
[  175.136628][ T5258] loop2: detected capacity change from 0 to 512
[  175.144026][ T5258] EXT4-fs: Ignoring removed nobh option
[  175.198434][ T5258] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  176.097270][ T5261] loop4: detected capacity change from 0 to 4096
[  176.151713][ T5261] NILFS (loop4): invalid segment: Checksum error in segment payload
[  176.172901][ T5261] NILFS (loop4): trying rollback from an earlier position
[  176.267144][ T5264] loop3: detected capacity change from 0 to 4096
[  176.280372][ T5261] NILFS (loop4): recovery complete
[  176.373530][ T5264] NILFS (loop3): invalid segment: Checksum error in segment payload
[  176.382476][ T5269] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  176.405210][ T5264] NILFS (loop3): trying rollback from an earlier position
[  176.431913][   T26] audit: type=1800 audit(1745024877.239:35): pid=5261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.238" name="file1" dev="loop4" ino=12 res=0 errno=0
[  176.475361][ T5270] rdma_rxe: rxe_register_device failed with error -23
[  176.482810][ T5270] rdma_rxe: failed to add lo
[  176.837113][ T5258] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  177.119248][   T26] audit: type=1800 audit(1745024877.719:36): pid=5261 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.238" name="file1" dev="loop4" ino=12 res=0 errno=0
[  177.142507][ T5264] NILFS (loop3): recovery complete
[  177.238982][ T5271] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  177.313811][   T26] audit: type=1800 audit(1745024878.099:37): pid=5264 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.239" name="file1" dev="loop3" ino=12 res=0 errno=0
[  177.356144][ T5273] lo speed is unknown, defaulting to 1000
[  177.961708][ T4266] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0
[  177.970524][ T4266] Bluetooth: hci0: Injecting HCI hardware error event
[  177.979727][   T47] Bluetooth: hci0: hardware error 0x00
[  178.050321][ T5285] loop4: detected capacity change from 0 to 512
[  178.058853][ T5285] EXT4-fs: Ignoring removed i_version option
[  178.067397][ T5285] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  178.088748][ T5285] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  178.205760][ T5285] EXT4-fs (loop4): orphan cleanup on readonly fs
[  178.228083][ T5285] EXT4-fs (loop4): 1 truncate cleaned up
[  178.301726][ T5285] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  178.425718][ T5275] loop0: detected capacity change from 0 to 32768
[  178.479830][ T5275] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.241 (5275)
[  178.552876][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  178.559906][ T5275] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  178.601890][ T5275] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[  178.610901][ T5275] BTRFS info (device loop0): force clearing of disk cache
[  178.661378][ T5275] BTRFS info (device loop0): metadata ratio 0
[  178.695596][ T5275] BTRFS info (device loop0): enabling ssd optimizations
[  178.721641][ T5275] BTRFS info (device loop0): using spread ssd allocation scheme
[  178.751610][ T5275] BTRFS info (device loop0): using free space tree
[  179.615049][ T5275] BTRFS info (device loop0): rebuilding free space tree
[  179.835381][ T4249] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  179.998974][ T5311] netlink: 'syz.4.248': attribute type 4 has an invalid length.
[  180.151836][   T47] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  181.681126][ T5321] loop4: detected capacity change from 0 to 8192
[  181.776278][ T5330] rdma_rxe: already configured on lo
[  181.981152][ T5330] netlink: 224 bytes leftover after parsing attributes in process `syz.2.253'.
[  182.016902][ T5330] loop9: detected capacity change from 0 to 7
[  182.026836][ T5330] Dev loop9: unable to read RDB block 7
[  182.032702][ T5330]  loop9: unable to read partition table
[  182.039014][ T5330] loop9: partition table beyond EOD, truncated
[  182.045664][ T5330] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  182.104754][ T5321]  loop4: p1 < > p3 < p5 > p4
[  182.146351][ T5321] loop4: partition table partially beyond EOD, truncated
[  182.387865][ T5321] loop4: p1 start 4294967040 is beyond EOD, truncated
[  182.756447][ T5332] loop1: detected capacity change from 0 to 512
[  182.768987][ T5332] EXT4-fs: Ignoring removed nobh option
[  182.776948][ T5332] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  182.873672][ T5336] loop2: detected capacity change from 0 to 4096
[  182.947623][ T5336] NILFS (loop2): invalid segment: Checksum error in segment payload
[  182.961856][ T5336] NILFS (loop2): trying rollback from an earlier position
[  183.047869][ T5336] NILFS (loop2): recovery complete
[  183.080668][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  183.082401][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  183.113009][ T4844] udevd[4844]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[  183.130683][ T5332] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  183.147494][ T5341] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  183.194223][   T26] audit: type=1800 audit(1745024884.009:38): pid=5336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.254" name="file1" dev="loop2" ino=12 res=0 errno=0
[  183.312757][ T5339] loop4: detected capacity change from 0 to 4096
[  183.367453][   T26] audit: type=1800 audit(1745024884.029:39): pid=5336 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.254" name="file1" dev="loop2" ino=12 res=0 errno=0
[  183.371975][ T5339] NILFS (loop4): invalid segment: Checksum error in segment payload
[  183.396357][ T5339] NILFS (loop4): trying rollback from an earlier position
[  183.431814][ T5339] NILFS (loop4): recovery complete
[  183.501826][ T5342] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  183.554079][   T26] audit: type=1800 audit(1745024884.359:40): pid=5339 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.255" name="file1" dev="loop4" ino=12 res=0 errno=0
[  184.126193][ T5347] loop2: detected capacity change from 0 to 512
[  184.192021][ T5347] EXT4-fs: Ignoring removed i_version option
[  184.251349][ T5347] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  184.321909][ T5347] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  184.359797][ T5349] lo speed is unknown, defaulting to 1000
[  184.373146][ T5347] EXT4-fs (loop2): orphan cleanup on readonly fs
[  184.397165][ T5347] EXT4-fs (loop2): 1 truncate cleaned up
[  184.419638][ T5347] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  184.933353][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  185.612220][ T5360] netlink: 'syz.2.260': attribute type 4 has an invalid length.
[  186.056441][ T5365] loop2: detected capacity change from 0 to 4096
[  186.759119][ T5365] NILFS (loop2): invalid segment: Checksum error in segment payload
[  186.819581][ T5365] NILFS (loop2): trying rollback from an earlier position
[  186.974029][ T5365] NILFS (loop2): recovery complete
[  187.011629][ T5369] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  187.295107][ T5351] loop4: detected capacity change from 0 to 32768
[  187.678588][ T5375] loop2: detected capacity change from 0 to 8192
[  187.763782][ T5375]  loop2: p1 < > p3 < p5 > p4
[  187.768886][ T5375] loop2: partition table partially beyond EOD, truncated
[  187.804991][ T5375] loop2: p1 start 4294967040 is beyond EOD, truncated
[  188.129173][ T5382] loop4: detected capacity change from 0 to 4096
[  188.703714][ T5382] NILFS (loop4): invalid segment: Checksum error in segment payload
[  188.741778][ T5382] NILFS (loop4): trying rollback from an earlier position
[  188.798939][ T5382] NILFS (loop4): recovery complete
[  188.859984][ T5388] loop2: detected capacity change from 0 to 512
[  188.866638][ T5389] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  188.897758][ T5388] EXT4-fs: Ignoring removed i_version option
[  188.903983][   T26] audit: type=1800 audit(1745024889.709:41): pid=5382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.267" name="file1" dev="loop4" ino=12 res=0 errno=0
[  188.982212][ T5388] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  188.997328][   T26] audit: type=1800 audit(1745024889.709:42): pid=5382 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.267" name="file1" dev="loop4" ino=12 res=0 errno=0
[  189.048923][ T5388] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  189.108707][ T5388] EXT4-fs (loop2): orphan cleanup on readonly fs
[  189.129718][ T5388] EXT4-fs (loop2): 1 truncate cleaned up
[  189.136874][ T5388] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  189.377203][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  189.485037][ T5395] rdma_rxe: rxe_register_device failed with error -23
[  189.492416][ T5395] rdma_rxe: failed to add lo
[  189.712544][ T5395] netlink: 224 bytes leftover after parsing attributes in process `syz.0.271'.
[  189.723408][ T5395] loop9: detected capacity change from 0 to 7
[  189.797843][ T5395] Dev loop9: unable to read RDB block 7
[  189.803963][ T5395]  loop9: unable to read partition table
[  189.810474][ T5395] loop9: partition table beyond EOD, truncated
[  189.816858][ T5395] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  190.336418][ T5401] netlink: 'syz.2.272': attribute type 4 has an invalid length.
[  192.711494][ T5415] loop0: detected capacity change from 0 to 512
[  192.720371][ T5415] EXT4-fs: Ignoring removed nobh option
[  192.751742][ T5415] EXT4-fs (loop0): mounting ext2 file system using the ext4 subsystem
[  192.930406][ T5416] loop4: detected capacity change from 0 to 4096
[  193.015974][ T5416] NILFS (loop4): invalid segment: Checksum error in segment payload
[  193.055849][ T5416] NILFS (loop4): trying rollback from an earlier position
[  193.122203][ T5415] EXT4-fs (loop0): failed to open journal device unknown-block(0,0) -6
[  193.145929][ T5416] NILFS (loop4): recovery complete
[  193.168635][ T5422] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  194.089858][ T5433] loop3: detected capacity change from 0 to 512
[  194.099557][ T5433] EXT4-fs: Ignoring removed i_version option
[  194.219854][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  194.226351][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  194.246780][ T5433] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  194.302224][ T5433] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  194.323055][ T5433] EXT4-fs (loop3): orphan cleanup on readonly fs
[  194.329695][ T5433] EXT4-fs (loop3): 1 truncate cleaned up
[  194.338029][ T5433] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  194.608056][ T5441] loop2: detected capacity change from 0 to 4096
[  194.682780][ T5441] NILFS (loop2): invalid segment: Checksum error in segment payload
[  194.796877][ T5441] NILFS (loop2): trying rollback from an earlier position
[  194.931808][ T5441] NILFS (loop2): recovery complete
[  194.959775][ T5443] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  194.992523][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  195.035873][   T26] audit: type=1800 audit(1745024895.839:43): pid=5441 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.284" name="file1" dev="loop2" ino=12 res=0 errno=0
[  195.202205][ T5446] netlink: 'syz.3.285': attribute type 4 has an invalid length.
[  197.658513][ T5461] loop0: detected capacity change from 0 to 4096
[  197.749484][ T5464] rdma_rxe: rxe_register_device failed with error -23
[  197.757468][ T5464] rdma_rxe: failed to add lo
[  197.912088][ T5461] NILFS (loop0): invalid segment: Checksum error in segment payload
[  197.920171][ T5461] NILFS (loop0): trying rollback from an earlier position
[  197.975608][ T5464] netlink: 224 bytes leftover after parsing attributes in process `syz.1.290'.
[  197.991273][ T5464] loop9: detected capacity change from 0 to 7
[  198.008979][ T5464] Dev loop9: unable to read RDB block 7
[  198.014813][ T5464]  loop9: unable to read partition table
[  198.021500][ T5464] loop9: partition table beyond EOD, truncated
[  198.027813][ T5464] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  198.403685][ T5461] NILFS (loop0): recovery complete
[  198.449645][ T5468] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  199.438906][ T5477] loop3: detected capacity change from 0 to 512
[  199.502350][ T5477] EXT4-fs: Ignoring removed i_version option
[  199.521630][ T5477] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  199.538953][ T5472] loop1: detected capacity change from 0 to 8192
[  199.562846][ T5477] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  199.596551][ T5477] EXT4-fs (loop3): orphan cleanup on readonly fs
[  199.615578][ T5477] EXT4-fs (loop3): 1 truncate cleaned up
[  199.621279][ T5477] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  199.631563][ T5472]  loop1: p1 < > p3 < p5 > p4
[  199.636295][ T5472] loop1: partition table partially beyond EOD, truncated
[  199.643630][ T5472] loop1: p1 start 4294967040 is beyond EOD, truncated
[  200.299996][ T5483] netlink: 'syz.1.297': attribute type 4 has an invalid length.
[  200.334531][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  201.838388][ T5498] loop3: detected capacity change from 0 to 512
[  201.887467][ T5501] loop4: detected capacity change from 0 to 4096
[  201.894923][ T5498] EXT4-fs: Ignoring removed nobh option
[  202.035394][ T5501] NILFS (loop4): invalid segment: Checksum error in segment payload
[  202.054049][ T5498] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  202.091488][ T5501] NILFS (loop4): trying rollback from an earlier position
[  202.164023][ T5501] NILFS (loop4): recovery complete
[  202.221208][ T5506] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  202.244572][ T5498] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  202.265654][   T26] audit: type=1800 audit(1745024903.079:44): pid=5501 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.302" name="file1" dev="loop4" ino=12 res=0 errno=0
[  203.418281][ T5516] rdma_rxe: rxe_register_device failed with error -23
[  203.425369][ T5516] rdma_rxe: failed to add lo
[  203.546407][ T5516] netlink: 224 bytes leftover after parsing attributes in process `syz.1.304'.
[  203.558611][ T5516] loop9: detected capacity change from 0 to 7
[  203.574701][ T5516] Dev loop9: unable to read RDB block 7
[  203.580369][ T5516]  loop9: unable to read partition table
[  203.586250][ T5516] loop9: partition table beyond EOD, truncated
[  203.592479][ T5516] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  203.826677][ T5515] loop2: detected capacity change from 0 to 4096
[  204.007898][ T5515] NILFS (loop2): invalid segment: Checksum error in segment payload
[  204.035192][ T5515] NILFS (loop2): trying rollback from an earlier position
[  204.065044][ T5515] NILFS (loop2): recovery complete
[  204.080591][ T5520] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  204.142586][   T26] audit: type=1800 audit(1745024904.959:45): pid=5515 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.306" name="file1" dev="loop2" ino=12 res=0 errno=0
[  204.331182][ T5522] loop1: detected capacity change from 0 to 512
[  204.360438][ T5522] EXT4-fs: Ignoring removed i_version option
[  204.396067][ T5519] loop4: detected capacity change from 0 to 8192
[  204.397597][ T5522] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  204.451388][ T5522] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  204.467491][ T5519]  loop4: p1 < > p3 < p5 > p4
[  204.472341][ T5519] loop4: partition table partially beyond EOD, truncated
[  204.501794][ T5519] loop4: p1 start 4294967040 is beyond EOD, truncated
[  204.644274][ T5522] EXT4-fs (loop1): orphan cleanup on readonly fs
[  204.699270][ T5522] EXT4-fs (loop1): 1 truncate cleaned up
[  204.711733][ T5522] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  204.790458][ T5528] netlink: 'syz.0.310': attribute type 4 has an invalid length.
[  205.404471][ T4256] EXT4-fs (loop1): unmounting filesystem.
[  205.820165][ T5540] rdma_rxe: rxe_register_device failed with error -23
[  205.827584][ T5540] rdma_rxe: failed to add lo
[  206.008111][ T5540] netlink: 224 bytes leftover after parsing attributes in process `syz.4.311'.
[  206.018930][ T5540] loop9: detected capacity change from 0 to 7
[  206.105113][ T5540] Dev loop9: unable to read RDB block 7
[  206.110923][ T5540]  loop9: unable to read partition table
[  206.117503][ T5540] loop9: partition table beyond EOD, truncated
[  206.124091][ T5540] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  208.280322][ T5555] loop0: detected capacity change from 0 to 4096
[  208.319913][ T5555] NILFS (loop0): invalid segment: Checksum error in segment payload
[  208.337517][ T5557] loop3: detected capacity change from 0 to 4096
[  208.370835][ T5555] NILFS (loop0): trying rollback from an earlier position
[  208.388732][ T5557] NILFS (loop3): invalid segment: Checksum error in segment payload
[  208.421642][ T5557] NILFS (loop3): trying rollback from an earlier position
[  208.428705][ T5555] NILFS (loop0): recovery complete
[  208.451054][ T5561] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  208.478443][ T5557] NILFS (loop3): recovery complete
[  208.488495][   T26] audit: type=1800 audit(1745024909.299:46): pid=5555 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.318" name="file1" dev="loop0" ino=12 res=0 errno=0
[  208.536092][ T5563] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  208.601665][   T26] audit: type=1800 audit(1745024909.379:47): pid=5557 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.319" name="file1" dev="loop3" ino=12 res=0 errno=0
[  208.621939][    C1] vkms_vblank_simulate: vblank timer overrun
[  209.147376][ T5565] loop3: detected capacity change from 0 to 8192
[  209.293630][ T5565]  loop3: p1 < > p3 < p5 > p4
[  209.299147][ T5565] loop3: partition table partially beyond EOD, truncated
[  209.355410][ T5565] loop3: p1 start 4294967040 is beyond EOD, truncated
[  209.672519][ T3622]  loop3: p1 < > p3 < p5 > p4
[  209.680702][ T3622] loop3: partition table partially beyond EOD, truncated
[  209.725499][ T5571] loop0: detected capacity change from 0 to 512
[  209.737492][ T3622] loop3: p1 start 4294967040 is beyond EOD, truncated
[  209.812359][ T5571] EXT4-fs: Ignoring removed i_version option
[  209.822409][ T5573] netlink: 'syz.4.324': attribute type 4 has an invalid length.
[  209.851733][ T5571] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  209.872628][ T5573] netlink: 'syz.4.324': attribute type 4 has an invalid length.
[  209.904438][ T5571] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  209.956696][ T5571] EXT4-fs (loop0): orphan cleanup on readonly fs
[  210.054792][ T5571] EXT4-fs (loop0): 1 truncate cleaned up
[  210.072791][ T5571] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  210.173062][ T5578] loop2: detected capacity change from 0 to 512
[  210.180111][ T5578] EXT4-fs: Ignoring removed nobh option
[  210.195148][ T5578] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  210.652636][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  210.663747][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  210.677005][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  210.749796][ T5587] rdma_rxe: rxe_register_device failed with error -23
[  210.757210][ T5587] rdma_rxe: failed to add lo
[  210.876278][ T4844] udevd[4844]: inotify_add_watch(7, /dev/loop3p5, 10) failed: No such file or directory
[  210.955565][ T5587] netlink: 224 bytes leftover after parsing attributes in process `syz.3.325'.
[  210.966399][ T5587] loop9: detected capacity change from 0 to 7
[  211.085283][ T5587] Dev loop9: unable to read RDB block 7
[  211.091150][ T5587]  loop9: unable to read partition table
[  211.097732][ T5587] loop9: partition table beyond EOD, truncated
[  211.104202][ T5587] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  212.066812][ T5578] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  212.240071][ T5594] rdma_rxe: rxe_register_device failed with error -23
[  212.247066][ T5594] rdma_rxe: failed to add lo
[  212.306216][ T5596] netlink: 224 bytes leftover after parsing attributes in process `syz.0.328'.
[  212.317173][ T5596] loop9: detected capacity change from 0 to 7
[  212.338363][ T5596] Dev loop9: unable to read RDB block 7
[  212.344070][ T5596]  loop9: unable to read partition table
[  212.349984][ T5596] loop9: partition table beyond EOD, truncated
[  212.356501][ T5596] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  216.027504][ T5611] loop1: detected capacity change from 0 to 4096
[  216.143951][ T5611] NILFS (loop1): invalid segment: Checksum error in segment payload
[  216.158705][ T5611] NILFS (loop1): trying rollback from an earlier position
[  216.204047][ T5611] NILFS (loop1): recovery complete
[  216.248359][ T5617] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  216.266151][   T26] audit: type=1800 audit(1745024917.079:48): pid=5611 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.333" name="file1" dev="loop1" ino=12 res=0 errno=0
[  216.286437][    C1] vkms_vblank_simulate: vblank timer overrun
[  216.556970][ T5621] netlink: 'syz.1.336': attribute type 4 has an invalid length.
[  216.593556][ T5621] netlink: 'syz.1.336': attribute type 4 has an invalid length.
[  216.698091][ T5619] loop0: detected capacity change from 0 to 8192
[  216.794397][ T5619]  loop0: p1 < > p3 < p5 > p4
[  216.799271][ T5619] loop0: partition table partially beyond EOD, truncated
[  216.829428][ T5619] loop0: p1 start 4294967040 is beyond EOD, truncated
[  217.152876][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  217.178851][ T5626] loop0: detected capacity change from 0 to 512
[  217.185787][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  217.198955][ T4844] udevd[4844]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory
[  217.241160][ T5626] EXT4-fs: Ignoring removed i_version option
[  217.253050][ T5626] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  217.334545][ T5626] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  217.426391][ T5626] EXT4-fs (loop0): orphan cleanup on readonly fs
[  217.523180][ T5626] EXT4-fs (loop0): 1 truncate cleaned up
[  217.547876][ T5626] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  218.272347][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  218.611708][ T5639] rdma_rxe: rxe_register_device failed with error -23
[  218.619175][ T5639] rdma_rxe: failed to add lo
[  218.857268][ T5639] netlink: 224 bytes leftover after parsing attributes in process `syz.4.342'.
[  218.868289][ T5639] loop9: detected capacity change from 0 to 7
[  219.292186][ T5639] Dev loop9: unable to read RDB block 7
[  219.297801][ T5639]  loop9: unable to read partition table
[  219.303683][ T5639] loop9: partition table beyond EOD, truncated
[  219.309865][ T5639] loop_reread_partitions: partition scan of loop9 (þ被x󟣑– ) failed (rc=-5)
[  219.419679][ T5643] loop0: detected capacity change from 0 to 512
[  219.432240][ T5643] EXT4-fs: Ignoring removed i_version option
[  219.448687][ T5643] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  219.534107][ T5643] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  219.576215][ T5646] rdma_rxe: rxe_register_device failed with error -23
[  219.679648][ T5643] EXT4-fs (loop0): orphan cleanup on readonly fs
[  219.771747][ T5646] rdma_rxe: failed to add lo
[  219.790445][ T5643] EXT4-fs (loop0): 1 truncate cleaned up
[  219.856412][ T5643] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  220.812451][ T5654] overlayfs: failed to resolve './file1': -2
[  220.869420][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  220.971640][ T5646] netlink: 224 bytes leftover after parsing attributes in process `syz.1.341'.
[  221.168187][ T5659] loop0: detected capacity change from 0 to 1024
[  221.801004][ T4846] I/O error, dev loop0, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  221.885887][ T5667] netlink: 'syz.3.348': attribute type 4 has an invalid length.
[  221.935740][ T5667] netlink: 'syz.3.348': attribute type 4 has an invalid length.
[  222.000782][ T5665] loop4: detected capacity change from 0 to 4096
[  222.086190][ T5665] NILFS (loop4): invalid segment: Checksum error in segment payload
[  222.095155][ T5665] NILFS (loop4): trying rollback from an earlier position
[  222.800955][ T5665] NILFS (loop4): recovery complete
[  222.826259][ T5676] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  222.945597][   T26] audit: type=1800 audit(1745024923.759:49): pid=5665 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.347" name="file1" dev="loop4" ino=12 res=0 errno=0
[  223.162323][ T5679] loop3: detected capacity change from 0 to 512
[  223.169368][ T5679] EXT4-fs: Ignoring removed nobh option
[  223.350851][ T5679] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  223.542061][ T5674] loop2: detected capacity change from 0 to 8192
[  224.176668][ T5679] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  224.866022][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056a21c00: rx timeout, send abort
[  225.189718][ T5698] loop4: detected capacity change from 0 to 512
[  225.309763][ T5698] EXT4-fs: Ignoring removed i_version option
[  225.375521][    C1] vcan0: j1939_tp_rxtimer: 0xffff888056a21c00: abort rx timeout. Force session deactivation
[  225.478609][ T5698] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  225.676947][ T5698] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  226.102062][ T5698] EXT4-fs (loop4): orphan cleanup on readonly fs
[  226.131921][ T5698] EXT4-fs (loop4): 1 truncate cleaned up
[  226.137709][ T5698] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  227.753899][ T4259] EXT4-fs (loop4): unmounting filesystem.
[  227.939036][ T5711] netlink: 'syz.3.361': attribute type 4 has an invalid length.
[  228.470879][ T5716] netlink: 'syz.3.361': attribute type 4 has an invalid length.
[  228.899335][ T5722] netlink: 16 bytes leftover after parsing attributes in process `syz.1.362'.
[  229.790845][ T5724] loop3: detected capacity change from 0 to 8192
[  229.816694][ T5726] loop1: detected capacity change from 0 to 4096
[  229.847339][ T5724]  loop3: p1 < > p3 < p5 > p4
[  229.862820][ T5724] loop3: partition table partially beyond EOD, truncated
[  229.892287][ T5726] NILFS (loop1): invalid segment: Checksum error in segment payload
[  229.901066][ T5726] NILFS (loop1): trying rollback from an earlier position
[  229.919449][ T5724] loop3: p1 start 4294967040 is beyond EOD, truncated
[  230.027330][ T5726] NILFS (loop1): recovery complete
[  230.049192][ T5731] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  230.068650][   T26] audit: type=1800 audit(1745024930.879:50): pid=5726 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.364" name="file1" dev="loop1" ino=12 res=0 errno=0
[  230.096993][ T5730] loop2: detected capacity change from 0 to 1024
[  230.355429][ T4241] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  232.251572][ T5746] rdma_rxe: rxe_register_device failed with error -23
[  232.259049][ T5746] rdma_rxe: failed to add lo
[  232.500128][ T5746] netlink: 224 bytes leftover after parsing attributes in process `syz.3.368'.
[  232.528753][ T5749] loop1: detected capacity change from 0 to 512
[  232.536601][ T5749] EXT4-fs: Ignoring removed nobh option
[  232.585238][ T5749] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  233.394747][ T5755] loop3: detected capacity change from 0 to 512
[  233.599944][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805420ac00: rx timeout, send abort
[  234.726044][ T5755] EXT4-fs: Ignoring removed i_version option
[  234.737676][    C1] vcan0: j1939_tp_rxtimer: 0xffff88805420ac00: abort rx timeout. Force session deactivation
[  234.772489][ T5749] EXT4-fs (loop1): failed to open journal device unknown-block(0,0) -6
[  234.904891][ T5755] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  234.940766][ T5755] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  234.973417][ T5755] EXT4-fs (loop3): orphan cleanup on readonly fs
[  235.241952][ T5755] EXT4-fs (loop3): 1 truncate cleaned up
[  235.247894][ T5755] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  235.895510][ T5768] netlink: 'syz.2.373': attribute type 4 has an invalid length.
[  235.915588][ T5768] netlink: 'syz.2.373': attribute type 4 has an invalid length.
[  235.959834][ T5768] infiniband syz0: set active
[  235.976570][ T5148] lo speed is unknown, defaulting to 1000
[  235.987195][ T5151] lo speed is unknown, defaulting to 1000
[  236.002710][ T4253] EXT4-fs (loop3): unmounting filesystem.
[  236.659787][ T5778] overlayfs: failed to resolve './file1': -2
[  239.646677][ T5802] loop3: detected capacity change from 0 to 1024
[  239.759715][ T4241] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  241.681288][ T5817] loop0: detected capacity change from 0 to 512
[  241.689976][ T5817] EXT4-fs: Ignoring removed i_version option
[  241.732257][ T5817] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  241.797161][ T5817] EXT4-fs (loop0): ext4_check_descriptors: Checksum for group 0 failed (8128!=33349)
[  241.833174][ T5817] EXT4-fs (loop0): orphan cleanup on readonly fs
[  241.846827][ T5817] EXT4-fs (loop0): 1 truncate cleaned up
[  241.853422][ T5817] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  242.561473][ T5823] netlink: 'syz.4.388': attribute type 4 has an invalid length.
[  242.672590][ T4249] EXT4-fs (loop0): unmounting filesystem.
[  242.764473][ T5824] netlink: 'syz.4.388': attribute type 4 has an invalid length.
[  242.829533][ T5827] syz.3.390 uses obsolete (PF_INET,SOCK_PACKET)
[  243.310220][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055c8c800: rx timeout, send abort
[  243.783920][ T5833] loop2: detected capacity change from 0 to 8192
[  243.818594][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055c8c800: abort rx timeout. Force session deactivation
[  243.831026][ T5833]  loop2: p1 < > p3 < p5 > p4
[  243.836818][ T5833] loop2: partition table partially beyond EOD, truncated
[  243.844339][ T5833] loop2: p1 start 4294967040 is beyond EOD, truncated
[  243.972574][ T4258] __loop_clr_fd: partition scan of loop2 failed (rc=-16)
[  243.977517][ T4846] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  243.981992][ T4241] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  243.999878][ T4844] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  244.032006][ T4844] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  244.038954][ T4846] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  244.071865][ T4241] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  244.094289][ T4846] Buffer I/O error on dev loop2p4, logical block 0, async page read
[  244.121632][ T4844] Buffer I/O error on dev loop2p5, logical block 0, async page read
[  244.131996][ T4241] Buffer I/O error on dev loop2p3, logical block 0, async page read
[  244.140660][ T4846] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  244.150896][ T4241] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  244.166562][ T4844] I/O error, dev loop2, sector 2 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  244.177292][ T4846] Buffer I/O error on dev loop2p4, logical block 1, async page read
[  244.185679][ T4241] Buffer I/O error on dev loop2p3, logical block 0, async page read
[  244.195309][ T4844] Buffer I/O error on dev loop2p5, logical block 1, async page read
[  244.211733][ T4955] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  244.214160][ T4241] Buffer I/O error on dev loop2p3, logical block 0, async page read
[  244.227608][ T4844] Buffer I/O error on dev loop2p5, logical block 2, async page read
[  244.240856][ T4241] Buffer I/O error on dev loop2p3, logical block 0, async page read
[  244.249615][ T4241] Buffer I/O error on dev loop2p3, logical block 0, async page read
[  245.728814][ T4846] blk_print_req_error: 4 callbacks suppressed
[  245.728835][ T4846] I/O error, dev loop2, sector 4 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  246.222765][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  246.271645][ T4955] usb 4-1: Using ep0 maxpacket: 8
[  246.289736][ T4955] usb 4-1: New USB device found, idVendor=1660, idProduct=0932, bcdDevice=80.ea
[  246.326368][ T4955] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  246.341783][ T5848] process 'syz.0.398' launched '/dev/fd/9' with NULL argv: empty string added
[  246.364743][ T4844] udevd[4844]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[  246.378763][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  246.383284][ T4955] usb 4-1: Product: syz
[  246.396973][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  246.440127][ T4955] usb 4-1: Manufacturer: syz
[  246.458145][ T4955] usb 4-1: SerialNumber: syz
[  246.497103][ T4955] usb 4-1: config 0 descriptor??
[  246.693806][ T4955] dvb-usb: found a 'Medion MD95700 (MDUSBTV-HYBRID)' in warm state.
[  246.699936][ T5850] loop0: detected capacity change from 0 to 4096
[  246.708682][ T4955] usb 4-1: setting power ON
[  246.713831][ T4955] dvb-usb: bulk message failed: -22 (2/0)
[  246.728255][ T4955] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  246.753475][ T5837] dvb-usb: bulk message failed: -22 (3/0)
[  246.759754][ T5837] usb 4-1: gpio_write failed.
[  246.762218][ T4955] dvbdev: DVB: registering new adapter (Medion MD95700 (MDUSBTV-HYBRID))
[  246.792124][ T5850] =======================================================
[  246.792124][ T5850] WARNING: The mand mount option has been deprecated and
[  246.792124][ T5850]          and is ignored by this kernel. Remove the mand
[  246.792124][ T5850]          option from the mount to silence this warning.
[  246.792124][ T5850] =======================================================
[  246.793931][ T4955] usb 4-1: media controller created
[  246.827050][    C1] vkms_vblank_simulate: vblank timer overrun
[  246.850578][ T5837] cxusb: i2c wr: len=79 is too big!
[  246.850578][ T5837] 
[  246.863183][ T5860] loop4: detected capacity change from 0 to 512
[  246.889878][ T5862] loop1: detected capacity change from 0 to 1024
[  246.906460][ T5860] EXT4-fs: Ignoring removed nobh option
[  246.932203][ T4955] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  246.957715][ T5860] EXT4-fs (loop4): mounting ext2 file system using the ext4 subsystem
[  247.005003][ T5862] EXT4-fs: Ignoring removed orlov option
[  247.023026][ T4955] usb 4-1: selecting invalid altsetting 6
[  247.070803][ T4955] usb 4-1: digital interface selection failed (-22)
[  247.106628][ T4955] dvb-usb: no frontend was attached by 'Medion MD95700 (MDUSBTV-HYBRID)'
[  247.122809][ T5862] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  247.134903][ T4955] usb 4-1: setting power OFF
[  247.152657][ T4955] dvb-usb: bulk message failed: -22 (2/0)
[  247.175340][ T4955] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully initialized and connected.
[  247.195075][ T4955] (NULL device *): no alternate interface
[  247.244181][ T4955] dvb-usb: Medion MD95700 (MDUSBTV-HYBRID) successfully deinitialized and disconnected.
[  247.311993][ T4955] usb 4-1: USB disconnect, device number 2
[  247.471435][ T5860] EXT4-fs (loop4): failed to open journal device unknown-block(0,0) -6
[  247.523308][ T4256] EXT4-fs (loop1): unmounting filesystem.
[  247.668366][ T5873] netlink: 'syz.1.403': attribute type 4 has an invalid length.
[  247.742716][ T5874] netlink: 'syz.1.403': attribute type 4 has an invalid length.
[  248.003582][ T5878] loop1: detected capacity change from 0 to 1024
[  250.864090][ T5888] loop4: detected capacity change from 0 to 8192
[  251.115204][ T3622]  loop4: p1 < > p3 < p5 > p4
[  251.120032][ T3622] loop4: partition table partially beyond EOD, truncated
[  251.133092][ T3622] loop4: p1 start 4294967040 is beyond EOD, truncated
[  251.278061][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop4p3, 10) failed: No such file or directory
[  251.326223][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop4p5, 10) failed: No such file or directory
[  251.328440][ T4241] udevd[4241]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  251.692516][    C0] vcan0: j1939_tp_rxtimer: 0xffff888030afa000: rx timeout, send abort
[  252.174038][ T5903] netlink: 'syz.0.414': attribute type 4 has an invalid length.
[  252.186941][ T5903] netlink: 'syz.0.414': attribute type 4 has an invalid length.
[  252.218840][    C0] vcan0: j1939_tp_rxtimer: 0xffff888030afa000: abort rx timeout. Force session deactivation
[  252.500341][ T5912] loop2: detected capacity change from 0 to 64
[  254.264012][ T5904] loop4: detected capacity change from 0 to 4096
[  254.726666][ T5923] loop4: detected capacity change from 0 to 8192
[  254.772444][ T5923]  loop4: p1 < > p3 < p5 > p4
[  254.777224][ T5923] loop4: partition table partially beyond EOD, truncated
[  254.810939][ T5923] loop4: p1 start 4294967040 is beyond EOD, truncated
[  255.257678][ T5929] loop3: detected capacity change from 0 to 512
[  255.367284][ T5929] EXT4-fs: Ignoring removed nobh option
[  255.468804][ T5929] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  255.643862][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  255.650491][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  256.268384][ T5929] EXT4-fs (loop3): failed to open journal device unknown-block(0,0) -6
[  256.290591][ T5919] loop0: detected capacity change from 0 to 32768
[  256.957841][ T5941] loop1: detected capacity change from 0 to 512
[  257.075886][ T5946] netlink: 'syz.0.427': attribute type 4 has an invalid length.
[  257.086952][ T5941] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  257.096741][ T5941] ext4 filesystem being mounted at /74/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  257.273740][ T5947] netlink: 'syz.0.427': attribute type 4 has an invalid length.
[  257.922597][ T4256] EXT4-fs (loop1): unmounting filesystem.
[  258.293460][ T5959] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.301875][ T5959] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.401713][ T5961] rdma_rxe: rxe_register_device failed with error -23
[  258.409080][ T5961] rdma_rxe: failed to add lo
[  258.619333][ T5961] netlink: 224 bytes leftover after parsing attributes in process `syz.1.428'.
[  259.044165][ T4292] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  259.262311][ T5965] loop0: detected capacity change from 0 to 8192
[  259.273762][ T4292] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  259.289204][ T4292] usb 4-1: New USB device found, idVendor=06cd, idProduct=0115, bcdDevice=d9.c3
[  259.308832][ T4292] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  259.311817][ T5965]  loop0: p1 < > p3 < p5 > p4
[  259.331573][ T5965] loop0: partition table partially beyond EOD, truncated
[  259.341059][ T5965] loop0: p1 start 4294967040 is beyond EOD, truncated
[  259.348137][ T4292] usb 4-1: Product: syz
[  259.361608][ T4292] usb 4-1: Manufacturer: syz
[  259.394327][ T4292] usb 4-1: SerialNumber: syz
[  259.422273][ T4292] usb 4-1: config 0 descriptor??
[  259.438412][ T4292] keyspan 4-1:0.0: Keyspan 2 port adapter converter detected
[  259.447231][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 87
[  259.471838][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 7
[  259.501907][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 81
[  259.509903][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 1
[  259.556319][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 2
[  259.571680][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 85
[  259.584245][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 5
[  259.624152][ T4292] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB0
[  259.668031][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 83
[  259.693540][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 3
[  259.718383][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 4
[  259.734074][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 86
[  259.773006][ T4292] keyspan 4-1:0.0: found no endpoint descriptor for endpoint 6
[  259.823912][ T4292] usb 4-1: Keyspan 2 port adapter converter now attached to ttyUSB1
[  259.869337][ T4292] usb 4-1: USB disconnect, device number 3
[  259.954730][ T4292] keyspan_2 ttyUSB0: Keyspan 2 port adapter converter now disconnected from ttyUSB0
[  260.014738][ T4292] keyspan_2 ttyUSB1: Keyspan 2 port adapter converter now disconnected from ttyUSB1
[  260.060491][ T4292] keyspan 4-1:0.0: device disconnected
[  260.731012][ T5982] loop1: detected capacity change from 0 to 4096
[  260.793250][ T5982] NILFS (loop1): invalid segment: Checksum error in segment payload
[  260.806510][ T5982] NILFS (loop1): trying rollback from an earlier position
[  260.814337][ T5987] netlink: 'syz.0.439': attribute type 4 has an invalid length.
[  260.851018][ T5982] NILFS (loop1): recovery complete
[  260.884906][ T5988] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  260.927791][   T26] audit: type=1800 audit(1745024961.739:51): pid=5982 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.438" name="file1" dev="loop1" ino=12 res=0 errno=0
[  260.950025][ T5989] netlink: 'syz.0.439': attribute type 4 has an invalid length.
[  262.971579][ T4959] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  263.080479][ T6006] loop1: detected capacity change from 0 to 8192
[  263.133265][ T6006]  loop1: p1 < > p3 < p5 > p4
[  263.138076][ T6006] loop1: partition table partially beyond EOD, truncated
[  263.167227][ T6006] loop1: p1 start 4294967040 is beyond EOD, truncated
[  263.183687][ T4959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  263.209426][ T4959] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  263.260838][ T4959] usb 1-1: New USB device found, idVendor=146b, idProduct=0902, bcdDevice= 0.00
[  263.299553][ T4959] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  263.335400][ T4959] usb 1-1: config 0 descriptor??
[  263.477084][ T6010] loop2: detected capacity change from 0 to 512
[  263.542622][ T6010] EXT4-fs: Ignoring removed nobh option
[  263.572427][ T6010] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  263.598359][ T6012] loop1: detected capacity change from 0 to 64
[  263.768385][ T4959] bigben 0003:146B:0902.0001: unexpected rdesc, please submit for review
[  263.867342][ T4959] bigben 0003:146B:0902.0001: hidraw0: USB HID v0.01 Device [HID 146b:0902] on usb-dummy_hcd.0-1/input0
[  263.973265][ T6015] Cannot find del_set index 3 as target
[  264.512329][ T6010] EXT4-fs (loop2): failed to open journal device unknown-block(0,0) -6
[  264.692746][ T4959] bigben 0003:146B:0902.0001: missing HID_OUTPUT_REPORT 0
[  264.699979][ T4959] bigben 0003:146B:0902.0001: no output report found
[  264.716758][ T4959] usb 1-1: USB disconnect, device number 3
[  266.409491][ T6032] netlink: 'syz.1.452': attribute type 4 has an invalid length.
[  266.570885][ T6033] netlink: 'syz.1.452': attribute type 4 has an invalid length.
[  268.514760][ T6046] netlink: 16 bytes leftover after parsing attributes in process `syz.4.453'.
[  268.567173][ T6052] x_tables: ip6_tables: sctp match: only valid for protocol 132
[  268.795135][ T6048] loop0: detected capacity change from 0 to 64
[  269.172414][ T6055] loop4: detected capacity change from 0 to 1024
[  269.242845][ T4241] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  272.371929][ T6077] netlink: 'syz.4.465': attribute type 4 has an invalid length.
[  272.424832][ T6079] loop2: detected capacity change from 0 to 512
[  272.466404][ T6081] netlink: 'syz.4.465': attribute type 4 has an invalid length.
[  272.548050][ T6079] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  272.571676][ T6079] ext4 filesystem being mounted at /91/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  273.805273][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058142c00: rx timeout, send abort
[  274.313555][    C1] vcan0: j1939_tp_rxtimer: 0xffff888058142c00: abort rx timeout. Force session deactivation
[  274.553247][ T4258] EXT4-fs (loop2): unmounting filesystem.
[  274.893101][ T6071] loop3: detected capacity change from 0 to 40427
[  274.961197][ T6071] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  274.994983][ T6071] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  275.146697][ T6071] F2FS-fs (loop3): invalid crc value
[  275.312696][ T6071] F2FS-fs (loop3): Failed to start F2FS issue_checkpoint_thread (-12)
[  275.978670][ T6103] loop4: detected capacity change from 0 to 64
[  277.192959][ T6107] 9pnet: Could not find request transport: rdmq
[  277.365301][ T4259] Bad inode number on dev loop4: 4160749571 is out of range
[  277.379442][ T4259] Bad inode number on dev loop4: 4160749571 is out of range
[  278.488827][ T6113] loop3: detected capacity change from 0 to 64
[  278.802924][ T4575] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  278.829195][ T4259] syz-executor (4259) used greatest stack depth: 18776 bytes left
[  278.979742][ T4575] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.037372][ T6122] loop1: detected capacity change from 0 to 1024
[  279.151617][ T4575] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  279.539546][ T4575] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  281.334194][ T6142] rdma_rxe: rxe_register_device failed with error -23
[  281.341112][ T6142] rdma_rxe: failed to add lo
[  281.507840][ T6142] netlink: 224 bytes leftover after parsing attributes in process `syz.0.479'.
[  281.858637][    C0] vcan0: j1939_tp_txtimer: 0xffff8880568e7400: tx aborted with unknown reason: -2
[  281.918266][ T4266] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  281.927482][ T4266] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  281.935262][ T4266] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  281.943125][ T4266] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  281.950639][ T4266] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  281.958011][ T4266] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  282.367978][    C0] vcan0: j1939_tp_rxtimer: 0xffff8880568e7400: abort rx timeout. Force session deactivation
[  283.267976][ T6146] lo speed is unknown, defaulting to 1000
[  283.514077][ T6163] loop3: detected capacity change from 0 to 64
[  284.332485][ T4265] Bluetooth: hci3: command 0x0409 tx timeout
[  284.389625][ T6164] 9pnet: Could not find request transport: rdmq
[  284.716034][ T6174] loop2: detected capacity change from 0 to 8192
[  284.804800][ T6178] Cannot find del_set index 3 as target
[  284.862887][ T6173] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge0, syncid = 0, id = 0
[  285.482864][ T3622]  loop2: p1 < > p3 < p5 > p4
[  285.494907][ T3622] loop2: partition table partially beyond EOD, truncated
[  285.539359][ T3622] loop2: p1 start 4294967040 is beyond EOD, truncated
[  285.656720][ T4844] udevd[4844]: inotify_add_watch(7, /dev/loop2p4, 10) failed: No such file or directory
[  285.657188][ T4846] udevd[4846]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  285.680349][ T4412] udevd[4412]: inotify_add_watch(7, /dev/loop2p5, 10) failed: No such file or directory
[  285.724182][ T6186] loop3: detected capacity change from 0 to 1024
[  286.160125][    T9] hfsplus: b-tree write err: -5, ino 4
[  286.861575][ T4265] Bluetooth: hci3: command 0x041b tx timeout
[  286.962557][ T6204] rdma_rxe: already configured on lo
[  287.224345][ T6204] netlink: 224 bytes leftover after parsing attributes in process `syz.2.494'.
[  288.248865][ T6212] loop3: detected capacity change from 0 to 1024
[  288.921896][ T4266] Bluetooth: hci3: command 0x040f tx timeout
[  289.575187][ T6146] chnl_net:caif_netlink_parms(): no params data found
[  289.698661][ T6223] loop2: detected capacity change from 0 to 64
[  289.964710][ T6146] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.055747][ T6146] bridge0: port 1(bridge_slave_0) entered disabled state
[  290.178035][ T6146] device bridge_slave_0 entered promiscuous mode
[  290.878907][ T6236] 9pnet: Could not find request transport: rdmq
[  291.001798][ T4266] Bluetooth: hci3: command 0x0419 tx timeout
[  291.085920][ T4258] Bad inode number on dev loop2: 4160749571 is out of range
[  291.131719][ T4258] Bad inode number on dev loop2: 4160749571 is out of range
[  291.222294][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055208000: rx timeout, send abort
[  291.335949][ T6146] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.351795][ T6146] bridge0: port 2(bridge_slave_1) entered disabled state
[  291.370255][ T6146] device bridge_slave_1 entered promiscuous mode
[  291.427287][ T6248] [U] 
[  291.745386][    C1] vcan0: j1939_tp_rxtimer: 0xffff888055208000: abort rx timeout. Force session deactivation
[  291.776096][ T6257] IPVS: sync thread started: state = BACKUP, mcast_ifn = bridge0, syncid = 0, id = 0
[  291.954693][ T6146] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  291.993523][ T6146] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  292.109959][ T6146] team0: Port device team_slave_0 added
[  292.185802][ T6146] team0: Port device team_slave_1 added
[  292.382085][ T6146] batman_adv: batadv0: Adding interface: batadv_slave_0
[  292.389084][ T6146] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  292.471935][ T6146] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  292.526666][ T4575] device hsr_slave_0 left promiscuous mode
[  292.580113][ T4575] device hsr_slave_1 left promiscuous mode
[  292.592778][ T4575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  292.600300][ T4575] batman_adv: batadv0: Removing interface: batadv_slave_0
[  292.653153][ T4575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  292.687087][ T4575] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.697889][ T4575] device bridge_slave_1 left promiscuous mode
[  292.733228][ T4575] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.784255][ T4575] device bridge_slave_0 left promiscuous mode
[  292.821715][ T4575] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.912450][ T4575] device veth1_macvtap left promiscuous mode
[  292.934677][ T4575] device veth0_macvtap left promiscuous mode
[  292.965451][ T4575] device veth1_vlan left promiscuous mode
[  293.002903][ T4575] device veth0_vlan left promiscuous mode
[  293.342537][ T4265] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  293.358561][ T4265] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  293.371938][ T4265] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  293.384481][ T4265] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  293.394810][ T4265] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  293.402953][ T4265] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  294.884317][ T4575] team0 (unregistering): Port device team_slave_1 removed
[  294.973861][ T4575] team0 (unregistering): Port device team_slave_0 removed
[  295.209149][    C1] vcan0: j1939_tp_rxtimer: 0xffff888074aaf000: rx timeout, send abort
[  295.426541][ T4575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  295.591984][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888055952800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  295.594044][   T47] Bluetooth: hci4: command 0x0409 tx timeout
[  295.610918][    C1] vcan0: j1939_xtp_rx_abort_one: 0xffff888055951c00: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  295.625314][    C0] vcan0: j1939_tp_txtimer: 0xffff888055951c00: tx aborted with unknown reason: -2
[  295.740825][    C1] vcan0: j1939_tp_rxtimer: 0xffff888074aaf000: abort rx timeout. Force session deactivation
[  295.798535][ T4575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  297.142065][ T6303] 9pnet: Could not find request transport: rdmq
[  297.345031][ T6307] [U] 
[  297.451433][ T4575] bond0 (unregistering): Released all slaves
[  297.662261][ T6146] batman_adv: batadv0: Adding interface: batadv_slave_1
[  297.669300][ T6146] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  297.683650][ T4266] Bluetooth: hci4: command 0x041b tx timeout
[  297.717409][ T6146] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  298.383593][ T6146] device hsr_slave_0 entered promiscuous mode
[  298.422658][ T6146] device hsr_slave_1 entered promiscuous mode
[  298.437624][ T6146] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  298.462748][ T6146] Cannot create hsr debugfs directory
[  298.650251][ T6271] lo speed is unknown, defaulting to 1000
[  299.605917][ T6146] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  299.643053][ T6146] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  299.664973][ T6146] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  299.692658][ T6146] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  299.721669][ T4266] Bluetooth: hci4: command 0x040f tx timeout
[  300.074791][ T6146] 8021q: adding VLAN 0 to HW filter on device bond0
[  300.269554][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  300.288365][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  300.379474][ T6146] 8021q: adding VLAN 0 to HW filter on device team0
[  300.546148][ T4575] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  300.629812][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  300.662370][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  300.686148][ T4343] bridge0: port 1(bridge_slave_0) entered blocking state
[  300.693327][ T4343] bridge0: port 1(bridge_slave_0) entered forwarding state
[  300.732019][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  300.762445][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  300.781191][ T4343] bridge0: port 2(bridge_slave_1) entered blocking state
[  300.788475][ T4343] bridge0: port 2(bridge_slave_1) entered forwarding state
[  300.852454][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  300.909029][ T6271] chnl_net:caif_netlink_parms(): no params data found
[  300.996422][ T4575] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.636808][ T6355] 9pnet: Could not find request transport: rdmq
[  301.714848][ T4575] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  301.811997][ T4266] Bluetooth: hci4: command 0x0419 tx timeout
[  301.882833][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  301.923787][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  302.053205][ T4575] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  302.199430][ T6360] [U] 
[  302.316878][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  302.335791][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  302.344668][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  302.353947][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  302.363759][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  302.442302][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  302.987683][ T6271] bridge0: port 1(bridge_slave_0) entered blocking state
[  303.022832][ T6271] bridge0: port 1(bridge_slave_0) entered disabled state
[  303.136160][ T6271] device bridge_slave_0 entered promiscuous mode
[  303.173913][ T6271] bridge0: port 2(bridge_slave_1) entered blocking state
[  303.186935][ T6271] bridge0: port 2(bridge_slave_1) entered disabled state
[  303.198050][ T6271] device bridge_slave_1 entered promiscuous mode
[  303.283711][ T6146] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  303.458120][ T6146] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  303.601860][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  303.660575][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  303.712694][ T4347] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  303.971195][ T6271] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  304.010299][ T6271] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  304.120438][ T6271] team0: Port device team_slave_0 added
[  304.149944][ T6271] team0: Port device team_slave_1 added
[  305.014294][ T6390] 9pnet: Could not find request transport: rdmq
[  305.132762][ T6271] batman_adv: batadv0: Adding interface: batadv_slave_0
[  305.139774][ T6271] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.182726][ T6271] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  305.269701][ T6271] batman_adv: batadv0: Adding interface: batadv_slave_1
[  305.278427][ T6271] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  305.337936][ T6271] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  305.661782][ T6271] device hsr_slave_0 entered promiscuous mode
[  305.692026][ T6271] device hsr_slave_1 entered promiscuous mode
[  305.698864][ T6271] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  305.715195][ T6271] Cannot create hsr debugfs directory
[  305.731042][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  305.746502][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  305.894430][ T6146] 8021q: adding VLAN 0 to HW filter on device batadv0
[  307.434852][ T6271] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  307.533046][ T6271] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  307.572907][ T6271] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  307.672627][ T6271] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  307.726362][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  307.742484][ T4637] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  307.938842][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  307.962722][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  308.013134][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  308.051426][ T4530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  308.062562][ T6146] device veth0_vlan entered promiscuous mode
[  308.268296][ T6146] device veth1_vlan entered promiscuous mode
[  308.366150][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  308.378648][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  308.398492][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  308.420413][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  308.478580][ T6271] 8021q: adding VLAN 0 to HW filter on device bond0
[  308.505747][ T6146] device veth0_macvtap entered promiscuous mode
[  308.543963][ T4575] device hsr_slave_0 left promiscuous mode
[  308.579795][ T4575] device hsr_slave_1 left promiscuous mode
[  308.666920][ T4575] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  308.683581][ T4575] batman_adv: batadv0: Removing interface: batadv_slave_0
[  308.711022][ T4575] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  308.737359][ T4575] batman_adv: batadv0: Removing interface: batadv_slave_1
[  308.769048][ T4575] device bridge_slave_1 left promiscuous mode
[  308.790595][ T4575] bridge0: port 2(bridge_slave_1) entered disabled state
[  308.800689][ T4575] device bridge_slave_0 left promiscuous mode
[  308.812155][ T4575] bridge0: port 1(bridge_slave_0) entered disabled state
[  308.884685][ T4575] device veth1_macvtap left promiscuous mode
[  309.712823][ T4575] device veth0_macvtap left promiscuous mode
[  309.861281][ T4575] device veth1_vlan left promiscuous mode
[  309.874205][ T4575] device veth0_vlan left promiscuous mode
[  310.199075][ T4575] infiniband syz0: set down
[  311.110036][ T5148] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  311.305939][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  311.346763][ T5148] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  311.377140][ T5148] usb 4-1: New USB device found, idVendor=0926, idProduct=3333, bcdDevice= 0.40
[  311.388745][ T5148] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  311.497257][ T5148] usb 4-1: config 0 descriptor??
[  312.032373][ T5148] keytouch 0003:0926:3333.0002: fixing up Keytouch IEC report descriptor
[  312.078670][ T5148] input: HID 0926:3333 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:0926:3333.0002/input/input5
[  312.266435][ T5148] keytouch 0003:0926:3333.0002: input,hidraw0: USB HID v0.00 Keyboard [HID 0926:3333] on usb-dummy_hcd.3-1/input0
[  312.309737][ T5148] usb 4-1: USB disconnect, device number 4
[  312.507413][ T4575] team0 (unregistering): Port device team_slave_1 removed
[  312.551710][ T4575] team0 (unregistering): Port device team_slave_0 removed
[  312.624394][ T4575] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  312.764993][ T4575] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  313.821445][ T6495] 9pnet: Could not find request transport: rdmq
[  316.153478][ T4575] bond0 (unregistering): Released all slaves
[  316.226715][ T5914] smc: removing ib device syz0
[  316.248251][ T6146] device veth1_macvtap entered promiscuous mode
[  316.264803][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  316.281382][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  316.307593][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  316.315921][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  316.328216][ T4296] lo speed is unknown, defaulting to 1000
[  316.336826][ T6271] 8021q: adding VLAN 0 to HW filter on device team0
[  316.388547][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  316.420246][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  316.448036][ T4604] bridge0: port 1(bridge_slave_0) entered blocking state
[  316.455278][ T4604] bridge0: port 1(bridge_slave_0) entered forwarding state
[  316.572231][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  316.589959][ T6146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.602513][ T6146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.614482][ T6146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.625065][ T6146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.635410][ T6146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  316.651898][ T6146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  316.683053][ T6146] batman_adv: batadv0: Interface activated: batadv_slave_0
[  316.841781][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  316.862693][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  316.871157][ T4604] bridge0: port 2(bridge_slave_1) entered blocking state
[  316.878353][ T4604] bridge0: port 2(bridge_slave_1) entered forwarding state
[  317.496243][ T1277] ieee802154 phy0 wpan0: encryption failed: -22
[  317.502657][ T1277] ieee802154 phy1 wpan1: encryption failed: -22
[  317.897462][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  318.002433][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  318.050083][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  318.138406][ T6146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.210973][ T6146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.244014][ T6146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.285259][ T6146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.332247][ T6146] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  318.342795][ T6146] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  318.354142][ T6146] batman_adv: batadv0: Interface activated: batadv_slave_1
[  318.372251][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  318.399780][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  318.424126][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  318.445151][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  318.451683][ T4336] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  318.456028][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  318.460747][  T951] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  318.469731][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  318.582112][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  318.630518][ T6271] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  318.671915][  T951] usb 4-1: Using ep0 maxpacket: 16
[  318.673788][ T6271] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  318.679180][ T4336] usb 2-1: Using ep0 maxpacket: 16
[  318.703974][ T6146] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  318.724927][  T951] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 238, changing to 11
[  318.747843][  T951] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 4
[  318.752944][ T6146] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  318.763373][ T4336] usb 2-1: config 0 has an invalid interface number: 228 but max is 0
[  318.854927][ T6146] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  318.954971][ T6146] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  319.372184][ T6533] 9pnet: Could not find request transport: rdmq
[  319.470363][ T4336] usb 2-1: config 0 has no interface number 0
[  319.476619][  T951] usb 4-1: New USB device found, idVendor=04d8, idProduct=c002, bcdDevice= 0.00
[  319.482259][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  319.485827][ T4336] usb 2-1: config 0 interface 228 altsetting 0 bulk endpoint 0x4 has invalid maxpacket 1024
[  319.503603][  T951] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  319.512482][ T4336] usb 2-1: config 0 interface 228 altsetting 0 bulk endpoint 0xD has invalid maxpacket 64
[  319.523534][  T951] usb 4-1: config 0 descriptor??
[  319.539601][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  319.549049][ T4336] usb 2-1: New USB device found, idVendor=0424, idProduct=c001, bcdDevice=49.e4
[  319.559211][ T4336] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  319.567458][ T4336] usb 2-1: Product: syz
[  319.572862][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  319.581886][ T4336] usb 2-1: Manufacturer: syz
[  319.586584][ T4336] usb 2-1: SerialNumber: syz
[  319.593768][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  319.609169][ T4336] usb 2-1: config 0 descriptor??
[  319.622257][ T6523] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  319.629975][ T6523] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[  319.639064][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  319.679433][ T4604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  319.909725][ T4958] usb 2-1: USB disconnect, device number 2
[  319.952340][ T4958] ==================================================================
[  319.960552][ T4958] BUG: KASAN: use-after-free in hdm_disconnect+0x109/0x1c0
[  319.967812][ T4958] Read of size 8 at addr ffff88807bf2d898 by task kworker/0:12/4958
[  319.975835][ T4958] 
[  319.978206][ T4958] CPU: 0 PID: 4958 Comm: kworker/0:12 Not tainted 6.1.134-syzkaller #0
[  319.986512][ T4958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  319.996610][ T4958] Workqueue: usb_hub_wq hub_event
[  320.001685][ T4958] Call Trace:
[  320.005002][ T4958]  <TASK>
[  320.007964][ T4958]  dump_stack_lvl+0x1e3/0x2cb
[  320.012688][ T4958]  ? nf_tcp_handle_invalid+0x647/0x647
[  320.018182][ T4958]  ? panic+0x764/0x764
[  320.022310][ T4958]  ? _printk+0xd1/0x111
[  320.026501][ T4958]  ? __virt_addr_valid+0x17f/0x530
[  320.031651][ T4958]  ? __virt_addr_valid+0x17f/0x530
[  320.036799][ T4958]  print_report+0x15f/0x4f0
[  320.041336][ T4958]  ? __virt_addr_valid+0x17f/0x530
[  320.046477][ T4958]  ? __virt_addr_valid+0x17f/0x530
[  320.051623][ T4958]  ? __virt_addr_valid+0x45b/0x530
[  320.056774][ T4958]  ? __phys_addr+0xb6/0x170
[  320.061315][ T4958]  ? hdm_disconnect+0x109/0x1c0
[  320.066202][ T4958]  kasan_report+0x136/0x160
[  320.070860][ T4958]  ? hdm_disconnect+0x109/0x1c0
[  320.075757][ T4958]  hdm_disconnect+0x109/0x1c0
[  320.080464][ T4958]  usb_unbind_interface+0x1cd/0x840
[  320.085703][ T4958]  ? kernfs_remove_by_name_ns+0x10f/0x150
[  320.091461][ T4958]  ? usb_driver_release_interface+0x1c0/0x1c0
[  320.097561][ T4958]  device_release_driver_internal+0x59e/0x880
[  320.103677][ T4958]  bus_remove_device+0x2e5/0x400
[  320.108656][ T4958]  device_del+0x6e2/0xbd0
[  320.113029][ T4958]  ? kill_device+0x160/0x160
[  320.117649][ T4958]  ? kobject_put+0x429/0x460
[  320.122290][ T4958]  usb_disable_device+0x3b8/0x840
[  320.127356][ T4958]  usb_disconnect+0x33c/0x8c0
[  320.132080][ T4958]  hub_event+0x1f78/0x5730
[  320.136596][ T4958]  ? led_work+0x700/0x700
[  320.140961][ T4958]  ? read_lock_is_recursive+0x10/0x10
[  320.146375][ T4958]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  320.152402][ T4958]  ? print_irqtrace_events+0x210/0x210
[  320.157901][ T4958]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  320.163839][ T4958]  ? do_raw_spin_unlock+0x137/0x8a0
[  320.169070][ T4958]  ? process_one_work+0x806/0x1260
[  320.174224][ T4958]  process_one_work+0x917/0x1260
[  320.179209][ T4958]  ? worker_detach_from_pool+0x260/0x260
[  320.184885][ T4958]  ? _raw_spin_lock_irqsave+0x120/0x120
[  320.190464][ T4958]  ? kthread_data+0x4e/0xc0
[  320.195012][ T4958]  ? wq_worker_running+0x97/0x190
[  320.200082][ T4958]  worker_thread+0xa47/0x1200
[  320.204808][ T4958]  kthread+0x28d/0x320
[  320.208926][ T4958]  ? worker_clr_flags+0x190/0x190
[  320.213985][ T4958]  ? kthread_blkcg+0xd0/0xd0
[  320.218616][ T4958]  ret_from_fork+0x1f/0x30
[  320.223084][ T4958]  </TASK>
[  320.226125][ T4958] 
[  320.228471][ T4958] Allocated by task 4336:
[  320.232816][ T4958]  kasan_set_track+0x4b/0x70
[  320.237447][ T4958]  __kasan_kmalloc+0x97/0xb0
[  320.242073][ T4958]  hdm_probe+0x91/0x13d0
[  320.246347][ T4958]  usb_probe_interface+0x5c0/0xaf0
[  320.251487][ T4958]  really_probe+0x2ab/0xcb0
[  320.256018][ T4958]  __driver_probe_device+0x1a2/0x3d0
[  320.261337][ T4958]  driver_probe_device+0x50/0x420
[  320.266393][ T4958]  __device_attach_driver+0x2cf/0x510
[  320.271805][ T4958]  bus_for_each_drv+0x183/0x200
[  320.276685][ T4958]  __device_attach+0x359/0x570
[  320.281472][ T4958]  bus_probe_device+0xba/0x1e0
[  320.286267][ T4958]  device_add+0xb48/0xfd0
[  320.290638][ T4958]  usb_set_configuration+0x19dd/0x2020
[  320.296139][ T4958]  usb_generic_driver_probe+0x84/0x140
[  320.301637][ T4958]  usb_probe_device+0x130/0x260
[  320.306522][ T4958]  really_probe+0x2ab/0xcb0
[  320.311061][ T4958]  __driver_probe_device+0x1a2/0x3d0
[  320.316377][ T4958]  driver_probe_device+0x50/0x420
[  320.321434][ T4958]  __device_attach_driver+0x2cf/0x510
[  320.326845][ T4958]  bus_for_each_drv+0x183/0x200
[  320.331731][ T4958]  __device_attach+0x359/0x570
[  320.336523][ T4958]  bus_probe_device+0xba/0x1e0
[  320.341298][ T4958]  device_add+0xb48/0xfd0
[  320.345644][ T4958]  usb_new_device+0xbdd/0x1900
[  320.350420][ T4958]  hub_event+0x2efe/0x5730
[  320.354852][ T4958]  process_one_work+0x917/0x1260
[  320.359816][ T4958]  worker_thread+0xa47/0x1200
[  320.364521][ T4958]  kthread+0x28d/0x320
[  320.368620][ T4958]  ret_from_fork+0x1f/0x30
[  320.373056][ T4958] 
[  320.375387][ T4958] Freed by task 4958:
[  320.379368][ T4958]  kasan_set_track+0x4b/0x70
[  320.383977][ T4958]  kasan_save_free_info+0x27/0x40
[  320.389008][ T4958]  ____kasan_slab_free+0xd6/0x120
[  320.394053][ T4958]  __kmem_cache_free+0x25c/0x3c0
[  320.399001][ T4958]  device_release+0x91/0x1c0
[  320.403603][ T4958]  kobject_put+0x224/0x460
[  320.408036][ T4958]  hdm_disconnect+0xef/0x1c0
[  320.412635][ T4958]  usb_unbind_interface+0x1cd/0x840
[  320.417850][ T4958]  device_release_driver_internal+0x59e/0x880
[  320.423940][ T4958]  bus_remove_device+0x2e5/0x400
[  320.428896][ T4958]  device_del+0x6e2/0xbd0
[  320.433408][ T4958]  usb_disable_device+0x3b8/0x840
[  320.438443][ T4958]  usb_disconnect+0x33c/0x8c0
[  320.443141][ T4958]  hub_event+0x1f78/0x5730
[  320.447583][ T4958]  process_one_work+0x917/0x1260
[  320.452538][ T4958]  worker_thread+0xa47/0x1200
[  320.457227][ T4958]  kthread+0x28d/0x320
[  320.461336][ T4958]  ret_from_fork+0x1f/0x30
[  320.465768][ T4958] 
[  320.468095][ T4958] The buggy address belongs to the object at ffff88807bf2c000
[  320.468095][ T4958]  which belongs to the cache kmalloc-8k of size 8192
[  320.482154][ T4958] The buggy address is located 6296 bytes inside of
[  320.482154][ T4958]  8192-byte region [ffff88807bf2c000, ffff88807bf2e000)
[  320.495611][ T4958] 
[  320.497935][ T4958] The buggy address belongs to the physical page:
[  320.504363][ T4958] page:ffffea0001efca00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7bf28
[  320.514538][ T4958] head:ffffea0001efca00 order:3 compound_mapcount:0 compound_pincount:0
[  320.522957][ T4958] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  320.530968][ T4958] raw: 00fff00000010200 0000000000000000 dead000000000122 ffff888017c42280
[  320.539559][ T4958] raw: 0000000000000000 0000000080020002 00000001ffffffff 0000000000000000
[  320.548181][ T4958] page dumped because: kasan: bad access detected
[  320.554629][ T4958] page_owner tracks the page as allocated
[  320.560403][ T4958] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d28c0(GFP_NOWAIT|__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 3916, tgid 3916 (dhcpcd), ts 316736877447, free_ts 314046625509
[  320.583987][ T4958]  post_alloc_hook+0x18d/0x1b0
[  320.588863][ T4958]  get_page_from_freelist+0x3731/0x38d0
[  320.594438][ T4958]  __alloc_pages+0x28d/0x770
[  320.599033][ T4958]  alloc_slab_page+0x6a/0x150
[  320.603718][ T4958]  new_slab+0x84/0x2d0
[  320.607798][ T4958]  ___slab_alloc+0xc20/0x1270
[  320.612485][ T4958]  __kmem_cache_alloc_node+0x19f/0x260
[  320.617950][ T4958]  __kmalloc_node_track_caller+0xa0/0x220
[  320.623678][ T4958]  __alloc_skb+0x12a/0x2c0
[  320.628108][ T4958]  netlink_dump+0x1f5/0xc80
[  320.632623][ T4958]  netlink_recvmsg+0x6ca/0x1180
[  320.637484][ T4958]  ____sys_recvmsg+0x285/0x530
[  320.642258][ T4958]  __sys_recvmsg+0x2e9/0x3d0
[  320.646860][ T4958]  do_syscall_64+0x3b/0x80
[  320.651290][ T4958]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  320.657201][ T4958] page last free stack trace:
[  320.661875][ T4958]  free_unref_page_prepare+0x12a6/0x15b0
[  320.667527][ T4958]  free_unref_page+0x33/0x3e0
[  320.672265][ T4958]  __unfreeze_partials+0x1b7/0x210
[  320.677394][ T4958]  put_cpu_partial+0x17b/0x250
[  320.682165][ T4958]  qlist_free_all+0x76/0xe0
[  320.686674][ T4958]  kasan_quarantine_reduce+0x156/0x170
[  320.692139][ T4958]  __kasan_slab_alloc+0x1f/0x70
[  320.697003][ T4958]  slab_post_alloc_hook+0x52/0x3a0
[  320.702122][ T4958]  __kmem_cache_alloc_node+0x137/0x260
[  320.707593][ T4958]  __kmalloc+0xa1/0x230
[  320.711753][ T4958]  tomoyo_encode+0x26b/0x530
[  320.716344][ T4958]  tomoyo_path_perm+0x3b6/0x710
[  320.721233][ T4958]  tomoyo_path_symlink+0xda/0x110
[  320.726269][ T4958]  security_path_symlink+0xd9/0x130
[  320.731490][ T4958]  do_symlinkat+0x132/0x390
[  320.736008][ T4958]  __x64_sys_symlinkat+0x95/0xa0
[  320.740951][ T4958] 
[  320.743277][ T4958] Memory state around the buggy address:
[  320.748904][ T4958]  ffff88807bf2d780: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.756968][ T4958]  ffff88807bf2d800: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.765032][ T4958] >ffff88807bf2d880: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.773180][ T4958]                             ^
[  320.778031][ T4958]  ffff88807bf2d900: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.786094][ T4958]  ffff88807bf2d980: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  320.794156][ T4958] ==================================================================
[  320.817243][  T951] hid-picolcd 0003:04D8:C002.0003: item fetching failed at offset 0/3
[  320.872382][  T951] hid-picolcd 0003:04D8:C002.0003: device report parse failed
[  320.891029][ T4604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  320.902459][  T951] hid-picolcd: probe of 0003:04D8:C002.0003 failed with error -22
[  320.924512][ T4604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.042263][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  321.079446][ T5914] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  321.093417][ T5914] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  321.142793][ T4633] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  321.180008][ T4958] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  321.187260][ T4958] CPU: 0 PID: 4958 Comm: kworker/0:12 Not tainted 6.1.134-syzkaller #0
[  321.195525][ T4958] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  321.205608][ T4958] Workqueue: usb_hub_wq hub_event
[  321.210690][ T4958] Call Trace:
[  321.214006][ T4958]  <TASK>
[  321.216963][ T4958]  dump_stack_lvl+0x1e3/0x2cb
[  321.221674][ T4958]  ? nf_tcp_handle_invalid+0x647/0x647
[  321.227145][ T4958]  ? panic+0x764/0x764
[  321.231257][ T4958]  ? preempt_schedule_common+0xa6/0xd0
[  321.236724][ T4958]  ? vscnprintf+0x59/0x80
[  321.241104][ T4958]  panic+0x318/0x764
[  321.245014][ T4958]  ? check_panic_on_warn+0x1d/0xa0
[  321.250138][ T4958]  ? memcpy_page_flushcache+0xfc/0xfc
[  321.255532][ T4958]  ? _raw_spin_unlock_irqrestore+0x128/0x130
[  321.261521][ T4958]  ? _raw_spin_unlock+0x40/0x40
[  321.266380][ T4958]  ? print_report+0x4a3/0x4f0
[  321.271076][ T4958]  check_panic_on_warn+0x7e/0xa0
[  321.276022][ T4958]  ? hdm_disconnect+0x109/0x1c0
[  321.280879][ T4958]  end_report+0x66/0x110
[  321.285139][ T4958]  kasan_report+0x143/0x160
[  321.289666][ T4958]  ? hdm_disconnect+0x109/0x1c0
[  321.294531][ T4958]  hdm_disconnect+0x109/0x1c0
[  321.299246][ T4958]  usb_unbind_interface+0x1cd/0x840
[  321.304478][ T4958]  ? kernfs_remove_by_name_ns+0x10f/0x150
[  321.310222][ T4958]  ? usb_driver_release_interface+0x1c0/0x1c0
[  321.316308][ T4958]  device_release_driver_internal+0x59e/0x880
[  321.322419][ T4958]  bus_remove_device+0x2e5/0x400
[  321.327385][ T4958]  device_del+0x6e2/0xbd0
[  321.331724][ T4958]  ? kill_device+0x160/0x160
[  321.336318][ T4958]  ? kobject_put+0x429/0x460
[  321.340922][ T4958]  usb_disable_device+0x3b8/0x840
[  321.345961][ T4958]  usb_disconnect+0x33c/0x8c0
[  321.350657][ T4958]  hub_event+0x1f78/0x5730
[  321.355107][ T4958]  ? led_work+0x700/0x700
[  321.359458][ T4958]  ? read_lock_is_recursive+0x10/0x10
[  321.364841][ T4958]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  321.370833][ T4958]  ? print_irqtrace_events+0x210/0x210
[  321.376332][ T4958]  ? _raw_spin_unlock_irqrestore+0xd9/0x130
[  321.382271][ T4958]  ? do_raw_spin_unlock+0x137/0x8a0
[  321.387752][ T4958]  ? process_one_work+0x806/0x1260
[  321.392886][ T4958]  process_one_work+0x917/0x1260
[  321.397862][ T4958]  ? worker_detach_from_pool+0x260/0x260
[  321.403522][ T4958]  ? _raw_spin_lock_irqsave+0x120/0x120
[  321.409092][ T4958]  ? kthread_data+0x4e/0xc0
[  321.413615][ T4958]  ? wq_worker_running+0x97/0x190
[  321.418653][ T4958]  worker_thread+0xa47/0x1200
[  321.423355][ T4958]  kthread+0x28d/0x320
[  321.427439][ T4958]  ? worker_clr_flags+0x190/0x190
[  321.432471][ T4958]  ? kthread_blkcg+0xd0/0xd0
[  321.437073][ T4958]  ret_from_fork+0x1f/0x30
[  321.441535][ T4958]  </TASK>
[  321.444862][ T4958] Kernel Offset: disabled
[  321.449186][ T4958] Rebooting in 86400 seconds..