last executing test programs:

2m53.63886356s ago: executing program 2 (id=166):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x1a1740, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = syz_kvm_setup_syzos_vm$x86(r1, &(0x7f0000c00000/0x400000)=nil)
r3 = syz_kvm_add_vcpu$x86(r2, &(0x7f0000000080)={0x0, &(0x7f0000000100)=[@wr_crn={0x67, 0x20, {0x8, 0x5371}}], 0x20})
ioctl$KVM_RUN(r3, 0xae80, 0x0)

2m53.26340138s ago: executing program 2 (id=170):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000000)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000400)={0x44, &(0x7f0000000200)={0x20, 0x14, 0x1, "ca"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
read$char_usb(r1, 0x0, 0x0)

2m51.09636581s ago: executing program 2 (id=179):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, 0x0, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

2m49.140890985s ago: executing program 2 (id=183):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000480)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x801400, 0x0)
r0 = open(&(0x7f0000000080)='./bus\x00', 0x4600, 0xe898d2275f586838)
preadv2(r0, &(0x7f0000000980)=[{&(0x7f0000001200)=""/4096, 0xffffffa4}], 0x1, 0x8000, 0x9, 0x1b)

2m48.61512036s ago: executing program 2 (id=185):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x4, &(0x7f0000000800), 0x1, 0x76a, &(0x7f0000001800)="$eJzs2E9rXFUYB+D33kxi2sZOqi6sm4oVWpBO/rWhqZvWhSAIFgquVAx2koZMmpJJ0WSV4lIXLgQVEbQbFyLNQuhGNCD4AXRjv4IgKrpwIYzcySQN6SSNdeKh6fPAyZxz37n5vWeGucydAB5YTxZ/soi+iBiMiHLreB4RPc1Zb8TS6vNujCxfKkYWjcaFX7PitLg+snxp7X9lrccD0TwljkfEc89n8ejbd+bWFxanx2u16lxrPTA/c2WgvrB4YmpmfLI6Wb08PHz61NjJodHRsY7tdWggXvvuq7MvL527+uXgK7PTRb99rdrGfXRS1uZYKSJe3Y2wBLpa++nacCwrJWwIAIBtFd/zH4mIp5rf4crRFbe/vJXj1rdJmwMAAAA6onGkAQAAAOxxqX9/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg/tBoZNEAAAAA9rTUvz8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB/uT6yfGlt/J+5v5yLiP7V/ButsVopxVLzsTe6I2L/H1mUNpyXRcRgB/KXrkXE4+32nzXz+6O3udqcn0fE+cT5r3cgHx5kK8X152y7z1++fv2JNp+/0upp/9na9e/GHde/2/ldW1z/ruww4/MfX3p3y/xrEU+U2uVn6/nZFvlLO8z/5sXDH21Va3wWcSza52/MGpifuTJQX1g8MTUzPlmdrF4eHj59auzk0Ojo2MDEVK06uPq3bcYnX7zz/Xb7379Vfhbbvv7v7XD/Rw89+/Wn2+QfP7r9+9/u9S96Wt5h/u8/HPx7q1qRf3GL/d/t/V/ZYf4LN8/f3OFTAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYI/KI6Issr6zP87xSiTgQEY/F/rw2W59/ZmL26uWLRS2iP7rzialadTAiyqvrrFgPNee318Ob1iMRcSgi3i/va64rb8zWLqbePAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOsORERfZHklIvKI+LOc55VK6q4AAACAjutP3QAAAACw69z/AwAAwN7n/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddujIyq0sIpbO7GuOQk+r1p20M2C35akbAJLpSt0AkEwpdQNAMu7xgewu9d57qAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACw9xw7vHIri4ilM/uao9DTqnUn7QzYbXnqBoBkulI3ACRTSt0AkIx7fCC7S733HioAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA7D19zZHllYjIm/M8r1QiHo6I/ujOJqZq1cGIOBgRP5W7HyrWQ6mbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOPqC4vT47Vadc7ExMRkfZL6ygQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAr1hcXp8VqtOldP3QkAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABp5T9nEVGMY+Wn+zZXe7K/ys3HiHjz4wsfvDU+Pz83VBz/bf34/Iet48Mp+gcAAAA2W7tPX7uPBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA2Kn6wuL0eK1WndvFSeo9AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/zj8BAAD//5GsoMo=")
chdir(&(0x7f00000001c0)='./file0\x00')
r0 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0, 0x100)
ioctl$FS_IOC_ENABLE_VERITY(r0, 0x40806685, &(0x7f0000000a80)={0x1, 0x2, 0x1000, 0x0, 0x0, 0x0, 0x0, 0x0})
ioctl$FS_IOC_READ_VERITY_METADATA(r0, 0xc0286687, &(0x7f0000000180)={0x3, 0xfffffffffffffffe, 0x0, 0x0})

2m47.538888719s ago: executing program 2 (id=192):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, 0x0, 0xff2e)
ioctl$TCSETS(r5, 0x40045431, 0x0)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

2m46.741837172s ago: executing program 32 (id=192):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, 0x0, 0xff2e)
ioctl$TCSETS(r5, 0x40045431, 0x0)
r6 = dup3(0xffffffffffffffff, r5, 0x0)
ioctl$TIOCSTI(r6, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB='0\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

31.583209712s ago: executing program 3 (id=826):
symlinkat(&(0x7f0000000080)='.\x00', 0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1)
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file7\x00', 0x1ac)
renameat2(0xffffffffffffff9c, &(0x7f0000000780)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000000)='./file7/file0\x00', 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000140)='./file7/file0\x00', 0x101000, 0x0)
mkdirat(r0, &(0x7f0000000180)='./file1\x00', 0x1c5)
getdents64(r0, &(0x7f0000000240)=""/146, 0x92)

31.201159442s ago: executing program 3 (id=828):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x184, 0x2, 0x10, 0xf1, 0x100000001, 0x1, 0x5, 0x0, 0x29, 0x0, 0x2, 0x0, 0xbd9], 0xffff1001, 0x53101})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x7, 0x1000000000, 0x0, 0x200000000000043, 0x2000004, 0x0, 0x2004cb, 0x0, 0xa7c, 0x68ff, 0x7, 0x8000000009, 0x803, 0x0, 0x9], 0xeeee8000, 0x202})
ioctl$KVM_SET_SREGS(0xffffffffffffffff, 0x4138ae84, &(0x7f00000001c0)={{0x3000, 0x1, 0x8, 0xc, 0xb, 0xe6, 0x40, 0x0, 0x0, 0x81, 0x80}, {0x200000, 0x200000, 0x3, 0x0, 0x1, 0x5, 0x75, 0x6, 0x36, 0x0, 0x2, 0x87}, {0x0, 0xdddd0000, 0xe, 0x5, 0x3, 0x7, 0x0, 0x9, 0x1, 0xa4, 0x5, 0x5}, {0x1, 0xeeee0000, 0x4, 0x6, 0x5, 0x7f, 0xb, 0xff, 0x8, 0x7, 0xe, 0x3}, {0xf000, 0xd000, 0xf, 0x3, 0x16, 0x87, 0xab, 0x8, 0x9, 0x9, 0xf7, 0x97}, {0xeeefa000, 0x0, 0xe, 0xa0, 0xb1, 0x8, 0x1, 0xa0, 0x82, 0x2f, 0x1, 0x7}, {0x3000, 0x18227000, 0xf, 0x5, 0x7, 0x5, 0x7, 0x3, 0x8, 0x81, 0x42, 0x70}, {0xdddd0000, 0xa000, 0xa, 0x5, 0xcd, 0x7, 0x1, 0x9, 0x2, 0xc, 0xb0, 0x91}, {0xeeee0000, 0x30}, {0x8000000, 0x7}, 0x80000031, 0x0, 0x3000, 0x2024, 0x2, 0x0, 0x100000, [0x6800000000000000, 0x4, 0x3, 0x8]})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

30.453250403s ago: executing program 3 (id=831):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fff0006}]})
r3 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000240), 0xa2003, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r3, 0xc0184800, &(0x7f0000000100)={0x20004, <r4=>r2, 0x2})
r5 = syz_open_dev$dri(&(0x7f0000000280), 0x1ff, 0x140)
ioctl$DRM_IOCTL_PRIME_FD_TO_HANDLE(r5, 0xc00c642e, &(0x7f00000000c0)={<r6=>0x0, 0x0, r4})
ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(r1, 0xc00c642d, &(0x7f00000002c0)={r6, 0x80000})
close_range(r0, 0xffffffffffffffff, 0x0)

30.22322141s ago: executing program 3 (id=832):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0xa00, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x4000000e42, 0x9, 0xffffffffffffffff, 0x5, 0x10000, 0x3, 0x4002004c2, 0x100000007ff, 0x1, 0x0, 0x10000000000400, 0x8, 0x7, 0x0, 0x8, 0x8b], 0x58000, 0x240046})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
close_range(r0, 0xffffffffffffffff, 0x0)

29.814009231s ago: executing program 3 (id=836):
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xb18094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f00000001c0)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')
r0 = open(&(0x7f0000000640)='.\x00', 0x0, 0xdd)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mount$tmpfs(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000001c0), 0x1010408, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x400, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

29.603473207s ago: executing program 3 (id=839):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x3000408, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x204008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002f40)='./bus\x00', 0x1020020, 0x0, 0x1, 0x0, 0x0)
lseek(r0, 0x3, 0x0)

18.457275577s ago: executing program 0 (id=891):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socket$netlink(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x2d)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
r1 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x48002)
write$binfmt_aout(r1, &(0x7f0000000280)=ANY=[@ANYBLOB="03040000b500000001008aea0000feff", @ANYRESDEC], 0xc8)

17.415297016s ago: executing program 0 (id=896):
syz_mount_image$hfs(&(0x7f0000000180), &(0x7f00000000c0)='./file1\x00', 0x1000812, &(0x7f0000001240)=ANY=[@ANYBLOB="71756965742c636f6465706167653d63703836302c696f636861727365743d63703836312c00808fead042bd35dc78f7f06333a5e7165b8271e41aee85e59cbb6c2df3d4e4c16b06c73f2e3b34ac8d4813c9c3d9cee1ddb95d1bbcf504e065b3749a1cbd841e685a558598cf0db10b55885946e678d0a71877037a090000000700848879ef1604cadc1faca3aa22a576750d559c4e124d4cb7293e7393b77286fa8c6dc449eda0a03d342382e84d6d3c29ab95cc923fbe25e134d1c421320a3bffaa17fcd6b5178e322cc47133b3811e3d3bc34998dc7ed029834ad591d9d56c41063d8de2d50a2398e73ff2913a9fe8e954a4e4ca99ceb5737e57193c5f47fd63b16c8b34f256dbac0e5ebd009078df2cb1ca0151ad091adbfee5126d8a59fa5438734bc3e8cc7b7edc10716a0a9b711952cdf96586e06fbace21dc04bdb4a1a2072ce5f72cf02e5256ff74be5e07a5f8d6ec2fa867b2a353bf6ea1b533377803804a49a499d51f1cb71e1cea551598939afe8ff8e8472352e2d5193bc866c000"/396, @ANYRESOCT, @ANYBLOB="b0790a07e1e471aed209036fa5f5ca6bc1ad170371c5e2bd52cf99296e6cdd0882cc4c075a7c4b8ca0d78022160660db09219ebb75dc37499a8272c148662b3afc124ff55a705238d347a5a54bc22fc6e8539f02d1a14d4df87689f2e34e7449a843df2a4e9fbe059f2102bb7efa83db5ef26895be033858456061b9ac965c95f1928de05eb811731601", @ANYRES32=0x0, @ANYRESHEX=0x0, @ANYBLOB="0affd5ece651e2a4648f9b279d8dc44bc4bd6acc0aa01a3ab56e469d3c338a26ff996b57afbe65c4eb94f6fd4cfbda2af6c85c6e135955ca0640546a2aac7bb02432e45e6d333181ee921f9f26a8ef000000000800000000000000000000000000000000000000000000000000004de9f91aeab66cc8b2197d3c00068324c7b7bd"], 0x1, 0x305, &(0x7f0000000340)="$eJzs3U1rE1scx/HfmaRNepvbmz5cLtxltaAb0boRNxHJWxDEhWjbCMVQUSuoG1NxJaJ7974FX4QbxTegKxfiC2g3jpwzD8kkk5k0JB2D3w+Ik8n85/zPPP5PoBwB+GNdbX55d/Gb/WekkkrSy8uSJ6kqlSX9q/+qj/b2d/fbrZ2sHZVchI58GQWRZmCb7b2W+/8gudrGuYhQ3X4qq9a7DtPh+/6Vr33rvnsFJYPCuLs/hSdVwrvTfV898cyyHYwZ15lwHrPGHOpQj7VUdB4AgGLZ9/9BUPjb93wtrN89T9oIX/u/5ft/XIdFJzB1fua3Pe9/N8ryjT2//7ivuuM9N4Sz33vRKHGUluf6Ps8rKCQTBaZJH1V2h3wuF2/hzm67dW77XnvH03M1Qj0Ba3ELIXuF5mS7njI2zTBC301qRRmk5c3ZPmwOyX91zBYzDAzfEifEfDCfzE1T11vtxPVf2Tc2W5dwve9MBfmfH97eoouyWyl8bDQaDc/tKLLsGvk/eaZyellNH5EoOrDLSv5AUM/L00Wt9EUFvbuQGlCJo1ZTozajT0PaWktE2d7EV/PwLKfNvDbXzbp+6L2aPfW/Z/Pb0PA7M/GLjtkIbjR3xIP+zKc3V3b7rA+8OTq6UUuuiY9iZVjqR9nPNIwgOoevtKVLWnr45OndUrvdemAXbqcs3K/Fa+ZeSKnbFLygTndNRb4zsHH0DEyEL4Qrp5TY2Ynu0D4/cje2d9mJHPneKyG6YSfWhLziL62sa6P5se9CmtiCX5nwDn/6Y0T9fcIPJRSle9KLzgQFsXWXCcZ/rpIP631Xr9lq4VpleJ0eFWRpJZur3sM9+rbGjkdA1UT8ilv6K1lG54wNFsM6JmUc19FoY65TZ6TTo7dYD/OcDf6znA1MU591i9//AQAAAAAAAAAAAAAAAAAAZs3x/65g4dhRRfcRAAAAAAAAAAAAAAAAAAAAAIBZF8//q2j+X402/2//VCzh/L9V5cz/uzWYw8D8v2/2ZDoS8/8C0/UrAAD///8sd7M=")
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cpu.stat\x00', 0x275a, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42042, 0x14a)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.group_wait_time\x00', 0x275a, 0x0)
syz_mount_image$vfat(&(0x7f00000024c0), &(0x7f00000001c0)='./bus\x00', 0x204b82f, 0x0, 0x3, 0x0, &(0x7f0000000240))
openat(0xffffffffffffff9c, &(0x7f0000000140)='./bus\x00', 0x4042, 0x80)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x3e, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./bus\x00', 0x300f401, 0x0, 0x2, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x441, 0x20)

17.293307419s ago: executing program 0 (id=897):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0x25dfdbfd, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x2}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd21, 0x25dfdbff, {0x0, 0x0, 0x0, r5, {0xc, 0xfff2}, {}, {0xfff2, 0x2}}, [@filter_kind_options=@f_bpf={{0x8}, {0x18, 0x2, [@TCA_BPF_OPS={{0x6, 0x4, 0x1}, {0xc, 0x5, [{0x6, 0xd, 0x5, 0x4}]}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000440)=@newtfilter={0x24, 0x2c, 0xd27, 0x70bd24, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0xb, 0x9}, {}, {0xfff2, 0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x8848}, 0x20004804)

17.140817813s ago: executing program 0 (id=898):
sendmsg$nl_generic(0xffffffffffffffff, 0x0, 0xc000)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f0000000080)={[{@usebackuproot}, {@nodatasum}, {@ssd_spread}, {@user_subvol_rm}, {@flushoncommit}, {@compress_force}, {@acl}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
syz_usb_connect(0x0, 0x3f, 0x0, 0x0)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
syz_genetlink_get_family_id$nl80211(0x0, r0)
ioctl$FS_IOC_SETFSLABEL(r0, 0x41009432, &(0x7f00000002c0)="cf88a9714cb61aa53923ba31fc4f1bd45544cd8cee0028a79aefed602496ab3b936b0ce9bf68251469d83cb761159101f9e6a4b249b5519a994f9f7ae51c2a5d9a53ec999c9639a15453904df41bddcec5f2a5df8d7c6e8e9a55b7f8635b09b3e87e1d9a6ffee5cbde4c6675697e4907162ea155d03485884789c7be9bb63836bec5b46d3c03cd481320ae91d3a7c9aafb60a4c78188b94045b18ec69cb9a94e26c39a1cffd84f4f4c0afa70dac93477602fcbe6f526512701aee72bf88eb54e0355af4be00a2fa19a093a458a2ab54441d78dcef42711e5f1f0744160716af60d7b0dfe79c6a989bcca35473643b399e6b0877c06dad496fb923e098702a0fc")
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)

14.619168853s ago: executing program 0 (id=902):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0})
r2 = dup3(r1, r0, 0x0)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0})
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000004a40)={0x8, 0x0, &(0x7f0000000440)=[@acquire={0x40046305, 0x1}], 0x0, 0x0, 0x0})

14.489939247s ago: executing program 33 (id=839):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./bus\x00', 0x3000408, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000200)='./bus\x00', &(0x7f0000000b80), 0x204008, &(0x7f0000000240)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './cgroup'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$fuse(&(0x7f00000001c0), &(0x7f00000002c0)='./bus\x00', 0x322020, &(0x7f0000000380)=ANY=[], 0x1, 0x0, 0x0)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000002c0)='.\x00', 0x0, 0x0)
getdents64(r0, 0x0, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r1, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000002f40)='./bus\x00', 0x1020020, 0x0, 0x1, 0x0, 0x0)
lseek(r0, 0x3, 0x0)

13.234586262s ago: executing program 0 (id=907):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)

12.422086645s ago: executing program 34 (id=907):
socket$inet_udp(0x2, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x2, 0x7}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x2)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r0, &(0x7f0000005580)=""/102392, 0x18ff8)
shmget$private(0x0, 0x3000, 0x0, &(0x7f0000ffd000/0x3000)=nil)
r1 = socket$xdp(0x2c, 0x3, 0x0)
setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4)

5.74474404s ago: executing program 1 (id=924):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000840)='./file2\x00', 0x0, &(0x7f0000000880)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX, @ANYBLOB="bce47a6513af9f63289d464d9a23a92023d6cddf223ac3e711c6b3fa551a2429177695e4e9b43aff485ebbff335f1642296a05c3c3de7a1560af336250e532be2d190900840bbaba82fb1798e574cc2df7036960a714b9fa1cafa5a733fa932299c13e1c29ef254ad2c93864537d7d3aed9dc9c3bc2f06f7c34e366e5056ac3553a152ce4c5ad9cd881b9a972a6809ed6c165d862389a58a239149e85dd48295635a5f0ced491e8a512769d2d5642be9060d02f62475a3962de8b1b595c135a2f08873dc09b1ff5509a9ee16abc125763e135e81d55800cfd85ba5fe", @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYBLOB="f4a1e730abdede6b2277652e72a295635b2c3cf41630205c64882dc83612b0865726a6730f9e2042c9815a2a027da5c7f5bbb7653dad4a4d728024b3a130c70dcc8f285646e1234ee6472db3d47799a56ccc9624b5", @ANYRES8, @ANYRES16], 0xfd, 0x1506, &(0x7f0000027240)="$eJzs3Au0TlX3MPA511qbQ+JJct9zzc2TXBZJEkqSS5IkIbknJEmSJIlDbklIQq4nyeU4Ifd00nG/X3JPOnklSRISkqxvnC6ff+/b+++99P/8v/fM3xh7nDXP3nPutc4cz3n23mM8z1fdR9RsUqtaQ2aGf4X+dYA//0gEgAQAGAwAuQAgAIDyucvnztifTWPiv3QS8T+kUfLlnoG4nKT/mZv0P3OT/mdu0v/MTfqfuUn/Mzfpf+Ym/RciU0spcJVsmXeT5///n1P/TrK8/2cK+Pd2SP//0+h/6mjpfyZkLg2l/5mb9D9zk/5nZsHlnoC4zOT1n7lJ/4XI1P70Z8obzl3uZ9qy/RObEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgjx/8A5f4kBgF/Hl3teQgghhBBCCCGE+PP4dy73DIQQQgghhBBCCPE/D0GBBgMBZIGskADZIDtcATngSsgJuSAGV0FuuBrywDWQF/JBfigABaEQFIYQCCwwRFAEikIcroVicB0UhxJQEkqBg9JQBq6HsnADlIMboTzcBBXgZqgIlX46Z4bboCrcDtXgDqgONaAm1II7oTbcBXXgbqgL90A9uBfqw33QAO6HhtAIGsMD0AQehKbQDJpDC2gJraD1H+Qn5fq9/OegFzwPvaEPJEJf6AcvQH8YAANhEAyGF2EIvARD4WUYBsNhBLwCI+FVGAWvwWgYA2PhdRgH42ECTIRJMBmS4A2YAm/CVHjrwSthOsyAmZAMsyAF3obZMAfmwjswD+bDAkjKtggWwxJ4F5bCe5AK78My+ADSYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCtvgQ9gOO2An7ILdsAf2wkewDz6G/fAJpOOn/2T+2d/mQw8EBFSo0KDBLJgFEzABs2N2zIE5MCfmxBjGMDfmxjyYB/NiXsyP+TERC2JhLIyEhIyMRbAIxjGOxbAYFsfiWBJLokOHZbAMlsUbsByWw/JYHitgBayIlbAS3oK3YBWsglWxKlbDalgdq2NNrIl34p14F9bBOlgX62I9rIf1sT42wAbYEBtiY2yMTbAJNsWm2BybY0tsia2xNbbBNtgW22J7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A27YXfsjj3wWXwWn8Pn8Hl8HvtgddUX+2E/7I/9cSAOwkH4Ig7Bl/AlfBmH4XAcga/gK/gqjsIzOBrH4Fgci1XUeJyAE5HVZEzCJMwKU3AqTsVpOB2n40xMxlmYgik4G+fgHHwH5+F8nI8LcSEuxiW4BJfie5iKqbgMz2IaLscVuBJX4WpchWtxHa7FDbgRN+Bm3IxbcSt+iB/iDtyBu3AX7sE9+BF+hB/jxzgM0zEdD+ABPIgH8RAewsN4GI/gETyKR/EYHsPjeBxP4Ek8hSfxNJ7GM3gWzwHAeTyPF/ACXsSLGS9+lcEoo7KoLCpBJajsKrvKoXKonCqniqmYyq1yqzwqj8qr8qr8Kr8qqAqqwqqwIkWKVaSKqCIqruKqmCqmiqviqqQqqZxyqowqo8qqsqqcKqfKq5tUBXWzqqgqqXbuFnWLqqLau6rqdlVNVVPVVQ1VU9VStVRtVVvVUXVUXVVX1VP1VH11n2qg+uJAbKQyOtNEDcemagQ2Vy1US9VKvYoPqTZqFLZV7VR79Ygag6Oxo2rjOqnHVWc1AbuoJ9VEfEp1U5Oxu3pG9VDPqp7qOdVLtXW9VR81Dfuqfmom9lcD1EA1SM3GGiqjYzXVy+q5rMPVCPWKWoyvqlHqNTVajVFj1etqnBqvJqiJapKarJLUG2qKelNNVW+paWq6mqFmqmQ1S6Wot9VsNUfNVe+oeWq+WqAWqkVqsVqi3lVL1XsqVb2vlqkPVJparlaolWqVWq3WqLVqnVqvNqiNapParLaorWqb+lBtVzvUTrVL7VZ71F71kdqnPlb71ScqXX2qDqi/qIPqM3VIfa4Oqy/UEfWlOqq+UsfU1+q4+kadUCfVKfWtOq2+U2fUWXVOfa/Oqx/UBfWjuqi8Ao1aaa2NDnQWnVUn6Gw6u75C59BX6pw6l47pq3RufbXOo6/ReXU+nd8U0AV1IV1Yh5q01awjXUQX1XF9rS6mr9PFdQldUpfSTpfWZfT1uqy+QZfTN+ry+iZdQd+sK+pKurIHfauuom/TVfXtupq+Q1fXNXRNXUvfqWvru3Qdfbeuq+/R9fS9ur6+TzfQ9+uGupFurB/QTfSDuqluppvrFrqlbqVb64d0G/2wbqvb6fb6Ed1BP6o76sd0J/247qyf0F30k7qrfkp300/r7voZ3UM/q3vqH/VF7XVv3Ucn6r66n35B99cD9EA9SA/WL+oh+iU9VL+sh+nheoR+RY/Ur+pR+jU9Wo/RY/XrepweryfoiXqSnqyT9Bt6in5TT9Vv6Wl6up6hZ+pkPUsP/KXS3H8g/83fyR/609m36m36Q71d79A79S69W+/Re/VevU/v0/v1fp2u0/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Sf6+/1af1d/qMPqvP6u/1eX1eX/jlbwAGjTLaGBOYLCarSTDZTHZzhclhrjQ5TS4TM1eZ3OZqk8dcY/KafCa/KWAKmkKmsAkNGWvYRKaIKWri5lpTzFxnipsSpqQpZZwpbcqY6//t/D+aX2vT2rQxbUxb09a0N+1NB9PBdDQdTSfTyXQ2nU0X08V0NV1NN9PNdDfdTQ/Tw/Q0PU0v08v0Nr1Nokk0/cwLpr8ZYAaaQWawedEMMUPMUDPUDDPDzAgzwow0I80oM8qMNqPNWDPWjDPjzAQzwUwyk0ySz2WmmClmqplqpplpZsbgXCbZJJsUk2Jmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm1aSaZWaZSTPLzXKz0qw0q81qs9asNevNerPRbDSbzWaTZraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbdpJsD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWguZlz2BSpQgQlMkCXIEiQECUH2IHuQI8gR5AxyBrEgFuQOcgd5gmuCvEG+IH9QICgYFAoKB2FAgQ04iIIiQdEgHlwbFAuuC4oHJYKSQanABaWDMsH1QdnghqBccGNQPrgpqBDcHFQMKgWVg1uCW4MqwW1B1eD2oFpwR1A9qBHUDGoFdwa1g7uCOsHdQd3gnqBecG9QP7gvaBDcHzQMGgWNgweCJsGDQdOgWdA8aBG0DFoFrf/U+t6fyfew6x32CRPDvmG/8IWwfzggHBgOCgeHL4ZDwpfCoeHL4bBweDgifCUcGb4ajgpfC0eHY8Kx4evhuHB8OCGcGE4KJ4dJ4RvhlPDNcGr4VjgtnB7OCGaGyeGsMCV8O5wdzgnnhu+E88L54YJwYbgoXBziz5fEkBq+Hy4LPwjTwuXhinBluCpcHa4J14brwvXhhnBjuCncXH7Iz4eG28Md4c5wV7g73BPuDT8K94Ufh/vDT8L08NPwQPiX8GD4WXgo/Dw8HH4RHgm/DI+GX4XHwq/D4+E34YnwZHgq/DY8HX4XngnPhufC78Pz4Q/hhfDH8GLoMy7uM97eyZChLJSFEiiBslN2ykE5KCflpBjFKDflpjyUh/JSXspP+akgFaTCVJgyMDEVoSIUpzgVo2JUnIpTSSpJjhyVoTJUlspSOSpH5ak8VaAKVJEqUmWqTLfSrXQb3Ua30+10B91BNagG1aJaVJtqUx2qQ3WpLtWjelSf6lMDakANqSE1psbUhJpQU2pKzak5taSW1JpaUxtqQ22pLbWn9tSBOlBH6kidqBN1ps7UhbpQV+pK3agbdafu1IN6UE/qSb2oF/Wm3pRIidSP+lF/6k8DaSANpsE0hIbQUBpKw2gYjaARNJJG0igaRaNpDI2l12kcjacJNJEm0WRKoiSaQlNoKk2laTSNZtAMSqZkSqEUmk2zaS7NpXk0jxbQAlpEi2gJLaGltJRSKZWW0TJKozRaQStoFa2iNbSG1tE62kAbaBNtoi20hbbRNtpO22kn7aTdtJv20l7aR/toP+2ndEqnA3SADtJBOkSH6DAdpiN0hI7SUTpGx+g4HacTdIJO0Sk6TafpDJ2hc3SOztMPdIF+pIvkKcFms9ntFTaHvdLmtLnsX8f5bQFb0BayhW1o89p8v4nJWlvclrAlbSnrbGlbxl7/N3FFW8lWtrfYW20Ve5utaivabPBf49r2LlvH3m3r2ntsLXvnb+J69l5b3z5oG9hmtqFtYRvbVraJfdA2tc1sc9vCtrStbAf7qO1oH7Od7OO2s33ib+Kl9j27zq63G+xGu89+bM/Z7+1R+5U9b3+wvW0fO9i+aIfYl+xQ+7IdZof/NgawY+3rdpwdbyfYiXaSnfw38Qw70ybbWTbFvm1n2zl/Ey+x79p5NtUusAvtIrv4pzhjTqn2fbvMfmDT7HK7wq60q+xqu8au/b9zXWk32y12q91rP7Lb7Q670+6yu+2en+KMdey3n9h0+6k9Yr+0B+1n9pA9Zg/bL36KM9Z3zH5tj9tv7Al70p6y39rT9jt7xp79af0Za//W/mgvWm+BkRVrNhxwFs7KCZyNs/MVnIOv5Jyci2N8FefmqzkPX8N5OR/n5wJckAtxYQ6Z2DJzxEW4KMf5Wi7G13FxLsEluRQ7Ls1l+HouyzdwOb6Ry/NNXIFv5opciSvzLXwrV+HbuCrfztX4Dq7ONbgm1+I7uTbfxXX4bq7L93A9vpfr833cgO/nhtyIG/MD3IQf5KbcjJtzC27Jrbg1P8Rt+GFuy+24PT/CHfhR7siPcSd+nDvzE9yFn+Su/BR346e5Oz/DPfhZ7snPcS9+nntzH07kvtyPX+D+PIAH8iAezC/yEH6Jh/LLPIyH8wh+hUfyqzyKX+PRPIbH8us8jsfzBJ7Ik3gyJ/EbPIXf5Kn8Fk/j6TyDZ3Iyz+IUfptn8xyey+/wPJ7PC3ghL+LFvITf5aX8Hqfy+7yMP+A0Xs4reCWv4tW8htfyOl7PG3gjb+LNvIW38jb+kLfzDt7Ju3g37+G9/BHv4495P3/C6fwpH+C/8EH+jA/x53yYv+Aj/CUf5a/4GH/Nx/kbPsEn+RR/y6f5Oz7DZ/kcf8/n+Qe+wD/yRfYMEUYq0pGJgihLlDVKiLJFCb88McoZ5Ypi0VVR7ujqKE90TZQ3yhfljwpEBaNCUeEojCiyEUdRVCQqGsWja6Ni0XVR8ahEVDIqFbmodFQmuj4qG90QlYtujMpHN0UVopujilGlqHJ0S3RrVCW6Laoa3R5Vi+6Iqkc1oppRrejOqHZ0V1QnujuqG90TlYvujepH90UNovujhlGjqHH0QNQkejBqGjWLmkctopZRq6h19FDUJno4ahu1i9pHj0QdokejjtFjUafo8ahz9MSl/SWCnxf1V/sTo76R/mW9d+tF8cXxJfF340vj78VT4+/Hl8U/iKfFl8dXxFfGV8VXx9fE18bXxdfHN8Q3xjfFN8e3xLfGva+VFRxm3AiDcYHL4rK6BJfNZXdXuBzuSpfT5XIxd5XL7a52edw1Lq/L5/K7Aq6gK+QKu9CRs45d5Iq4oi7urnXF3HWuuCvhSrpSzrnSroxr5Vq71q6Ne9i1de1ce/eIe8Q96h51j/3aKNfFPem6uqdcN/e0e9o943q4Z11P95zr5Z53vV0fl+gSXT/Xz/V3/d1AN9ANdoPdEDfEDXVD3TA3zI1wI9xIN9KNcqPcaDfajXVj3Tg3zk1wE9wkN8kluSQ3xU1xU91UN81NczPcDJfskl2KS3Gz3Ww3181189w8t8AtcIvcIrfELXFL3VKX6lLdMrfMpbk0t8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfu0t0Bd8AddAfdIfe5O+y+cEfcl+6o+8odc1+74+4bd8KddKec16fdd+6MO+vOue/defeDu+B+dBedd0mxN2JTYm/Gpsbeik2LTY/NiM2MJcdmxVJib8dmx+bE5sbeic2LzY8tiC2MLYotji2JvRtbGnsvlhp7P7Ys9kEsLbY8tiK2MrYqtjrmfaHtkS/ii/q4v9YX89f54r6EL+lLeedL+zL+el/W3+DL+Rt9eX+Tr+Bv9hV9JV/ZN/PNfQvf0rfyrf1Dvo1/2Lf17Xx7/4jv4B/1Hf1jvpN/3Hf2T/gu/knf1T/lu/mnfXf/zPxfuux7+ed9b9/HJ/q+vp9/wff3A/xAP8gP9i/6If4lP9S/7If54X6Ef8WP9K/6Uf41P9qP8WP9636cH+8n+Il+kp/sk/wbfop/00/1b/lpfrqf4Wf6ZD/Lp/i3/Ww/x8/17/h5fr5f4Bf6RX6xX+Lf9Uv9ez7Vv++X+Q98ml/uV/iVfpVf7df4tX6dX+83+I1+k9/st/itfpv/0G/3O/xOv8vv9nv8Xv+R3+c/9vv9Jz7df+oP+L/4g/4zf8h/7g/7L/wR/6U/6r/yx/zX/rj/xp/wJ/0p/60/7b/zZ/xZf85/78/7H/wF/6O/KJ9ZE0IIIYT4h+g/2N/3d36nftky9AOAK3cUOPzXNTfl/Xk8QO3rHAOAx/t0b/Tr1qhRYmLiL8emaQiKLgSA2KX8n75/4Jd4ObSHR6ETtIOyvzu/AaryT9d9/139+E0A2QGy/ZqTcXuUHf66/g1/p36zd/mP6i8EKF70Uk7GiX6NL9Uv93fq7+nwB/WzfZYE0Pa/5OSAS/Gl+mXgYXgCOv3mSCGEEEIIIYQQ4mcD1Pkef3R/m3F/XtBcyskKl+I/uj//A1X/jDUIIYQQQgghhBDiv/fUsz0fe6hTp3Zd/5MHWf+0ggkAcNmX828MEAD+F0xDBv/7B5f7P5MQQgghhBDiz3bpov9yz0QIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi8/vVvCFP/8MGXe41CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHE5fZ/AgAA///ifVN/")
capset(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x1000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))

4.858311345s ago: executing program 4 (id=926):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000200)={0x0, 0x1, 0xf000, 0x2000, &(0x7f0000f9a000/0x2000)=nil})
pivot_root(0x0, &(0x7f00000000c0)='./file0/../file0/../file0\x00')
r3 = dup(r2)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f0000000240)={0x3, 0x2c5, 0x4, 0x7, 0x4, 0x6})
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000040)=@x86={0x0, 0xf0, 0x0, 0x0, 0x407, 0x1, 0x86, 0x2, 0xe7, 0xfc, 0x2, 0x2, 0x0, 0x7, 0x4, 0x7, 0x5, 0xff, 0x3b, '\x00', 0x8, 0x7ffffffffffffffe})
ioctl$KVM_SET_VAPIC_ADDR(r3, 0x4008ae93, &(0x7f00000000c0)=0xffff)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

4.516317545s ago: executing program 1 (id=927):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

3.539385032s ago: executing program 4 (id=928):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan1\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f0000000140)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f0000000080)=ANY=[@ANYBLOB="01000000300800"/16, @ANYRES64=0x77359400, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYBLOB="0000004001000000000000002b000000f33d8e7b847ec8b36f1107e036dd98fc469107485e371bcf5c6b77db54f3d984795c49eca9b92241dc9fc3"], 0x80}, 0x1, 0x0, 0x0, 0x40084}, 0x20000000)
sendmsg$can_bcm(r1, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000480)=ANY=[@ANYBLOB="0500"], 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x4004844)
r3 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r3, 0x8933, &(0x7f0000000180)={'vxcan0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x100003, {0x0, 0x0, 0x0, r4, {0xb, 0xfff3}, {0x3, 0xfff9}, {0xd}}}, 0x24}}, 0x0)
r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]})
close_range(r5, 0xffffffffffffffff, 0x0)

2.689668155s ago: executing program 4 (id=929):
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='cpuacct.usage_sys\x00', 0x26e1, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000500)={0x2, 0x0, @ioapic={0xfec00000, 0x1, 0x401, 0x7fffffff, 0x0, [{0x7, 0x10, 0xff, '\x00', 0x38}, {0x4, 0xfe, 0x7c, '\x00', 0x31}, {0x5, 0xb3, 0x1, '\x00', 0xd}, {0x5, 0x9, 0x10, '\x00', 0x6}, {0x5, 0x7f, 0x6, '\x00', 0x79}, {0x7, 0x80, 0x0, '\x00', 0x6}, {0x4, 0x8, 0x1, '\x00', 0x45}, {0x52, 0x9, 0x3, '\x00', 0x9}, {0x40, 0x2, 0x73, '\x00', 0xff}, {0x1, 0xb6, 0x89, '\x00', 0x80}, {0x6, 0x8, 0xa0, '\x00', 0x1}, {0x1, 0x1, 0x7, '\x00', 0x4}, {0x8, 0xc, 0x5, '\x00', 0x8}, {0xd, 0x10, 0x8c, '\x00', 0x4}, {0x0, 0xc0, 0x7, '\x00', 0x3}, {0x8, 0x2, 0x4b, '\x00', 0x5}, {0x7, 0x6, 0x8, '\x00', 0x5}, {0x9, 0x0, 0xfa, '\x00', 0x5}, {0x1, 0x3, 0x6, '\x00', 0x6}, {0xf8, 0x8, 0xa, '\x00', 0xf8}, {0x8, 0x1, 0xcc, '\x00', 0xf7}, {0x6, 0x6, 0xfe, '\x00', 0xa}, {0xff, 0x0, 0x3, '\x00', 0x7}, {0x16, 0x81, 0x4, '\x00', 0xff}]}})
bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)=@arm64={0x10, 0x2, 0xb6, '\x00', 0x2})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_MSRS(r2, 0x4008ae89, &(0x7f0000000300)={0x1, 0x0, [{0x40000070, 0x0, 0x400006}]})

2.272627947s ago: executing program 1 (id=930):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x21c0, 0x103)
r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000001180), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000080), 0x0, &(0x7f00000000c0)={{'fd', 0x3d, r2}, 0x2c, {'rootmode', 0x3d, 0x8000}})
syz_fuse_handle_req(r2, &(0x7f0000002100)="23db5037805f177d136115e6a1a5903469af39c1fb9cb38215fe64cff9f2f0444a57e22b0cc5cb4f74c9792365400d9e1c68539ea5eff0a5ed0864814d39251bee8dfea69aa052d900bc0c792e1c9752b7d3a3222f6a1ad3e44c1f65617b128aea51911861ca36ba7c96b96b2fba0fdaa49ffb2612f3e81fe565327dd9965a60046442c9dcd0d552c6a00388be3b438a08883c7349761531880294ad9887db97d8c2f74921c57910cf1f5cc528e17bd5c3746b6202f26d621535aac5f7872c2cb3295e42524b5acb249b2d1ac1b53a4e31271decfca3fad2e2f740768adf00875c18cb7d115150f83ceb73f77a1f61f1666c2bb9f6bd9f0fb55b3a619446e32bae2a1d99aa49e5f3822e048f8be44b707f2db10d7916ec9a10a695d573d871cf24959c3d15e61344a68309d186956537c6ea8532fc2e1c7649f8409d8dcde4c8ee1530470ac9c870f9f1837574e444ba6addf5ddb2dec67c0e76df79f265b403818dddb4efc27c90985ed69a48b12056e548f9c99edf80d2b195d26acb1127661727a0600257f4b2546513d03930a0638a71bd3223e51fbb75c832ef737907f2f4d3f0505f431ea02783c798b5c4579c99961fb73dc623a0d99c1b306435464d413b537d42c6444851b36482597140b22fbc0ebc7e795b2f96739bf139f5823bc869ede547da4f394fa1b1787836095e1013264042e53d5006ea059d0488cb2f5ccd44b30d25ea53c2dda71d112d7d441dbfc9f8462c99c098b1958c80b237d83c32f2759c9a9c081d7d7666a477cfda59354309b09f2a8b9f6c3077b0df1e8d0c71ac07232de4f437107cb0eb9b47b2267efe31938a337cf11cadad72ced56895bb14763cca5bdadd245d801e829a1eb3bb4ed851a345918efd2dcf8d38f66badc773068e6a2ef59b2bb838abd8b043cf6ac54550f3fde1bbb9e761095e4b8ef1891757d376be1f778142610c0acbbfc697f51fbb7a1602ed46e82813c74f41ee2bae818174809f3692084bea7310ebec3d6166702ae62aad84313e19b4d145167185ea8d53cb21d099fb592d7d7f8bc305dd375b5c0cd73be44f49ff53cee220085d4706bbf50c6f63b02e7e805e8fa4c73046a57a8700886da29ea53e5a316e7b011c44a0f7be5cc5cb5641ba0069ff591eee18966c7f005ef40046a5fe2bf325b2545b009867761264aa9611d184fa372ba3c5c33d9a50717210f7cec7f6dc4418a87a797eb6aaf6ab3892bd3f559547c88d8c29646c8173fad1588f52beb34ff863be65e7ec1598cfb465f270bd5532fa7035aae077eedbc846058fa19f58ffb1cf0f1863f6d33f2e5c454d18b66be766ca369af2cc9656fa34c6c10e4d4da44ce5e2370aaf60c4e130da331d3489e8f44c600246323409fdd35d11da27128c9d64be65dd3a90c1546a6eb9185cb6d3a4a9cfad0e41ea03896fd2346f745eb3563d7a79fd345b037c040e56f0677840bf9b0d295bcfa98b931464c5ce9fcaf745720deac2d8b4edeffc0fe6f089ed7c3880959fcf8e31f7b7054bc4f5c9d3ed3f66c968d0bc20b2d66c374f030f3f1965f43a98519e527caf693362412d523eeb38c8b016ff77f78f833d7513e4b5a53d5ed5143916673f822ceac9967b8788bc6428283181eaf8d99e48286aacf4f658a903e9f08659450f7f9483807c2e013a1d9d199f18886a8cb4e14d41c71e5731455a4394551281eca12a1bb6ae717f5da2949175d0f1f3d718b761dfc1099c7d9d8928c899ac8e936e69d19fcbfcfdee83b68ef8e15eed41a8ac0d54aa92d7d2ee58bb4799f378225ec9ba4709e5ce2b77208ecc85c22c64967a9ef3360c54d311b8917ceb7b432c90cc5e98de9327c1400f8ec89261b1d77d8874b0bbdd2c5eb59df415705de52b08b0e12c07fb7367c6d461c19f282d51e482cb4fb9ceb0249ac2d6400ca170fbd6c0063224179c616bb030a5c10102aa2eea92f1e6f5828590b250b09e6d1a9535c298a68160b7c281fecdd295dc3396c4e6eb3395d5a677d5fa95a732dfdef81f4346545dd1a74bb3aa9b516699bdf0a59165077ab459a5ffe0dbb3ef8afa7a8382a8441e0c36ffabbed8f93f4bbeb97e5f6a704bf63a0de9ccf8fef643ebc530a80920931002003b027014de317c42f861d98ef4fef66d232d9706e6bd263347384dadadaa43a7e106bbb21bd822d468ace171b3f04b996112135b63dcbd612b5888ec40da583ab549c340ddaf5d7406c3e99322c68874214356c1fd9b5f84348e629cc3487a901d1b7a2fa531b1509ac1c93de3da9f1c3773e3a2aba2b29d2419f240ae6d24ed9f14bf0b9b0f1e740a2db06dab64d6386f950bff4e4c94160ef4b832bbde3af4937b7528658b5c16a51cb22193fe99385721ce5b048d9338e289dcb40683140c413eca52c8e4b64b306f47569477379c864cfb3aa3e349262407d3935ab9a0916eb0f6db2be71a7eb8f9968dfac44995d5bff8ef617fceeaa448f5e5f8d4b39e3512fe7ae9ee1d8a0d5912b6148969ab0325f3f76e2340fbd67ce156bdf638140b3ccdb08e5049db15957915cb05db8901249b10c59cc5c3ff836290e3334eee2df387e44c57b4d6198c3749f5dc57f6c3de115ced6b43cbddd762b58f1fb40b2baf3b381febdc073142e30d2e9a1a69e8d86314221e540f195509d223b206173dc5406865d8064817c30c284c034035a63190ab86df3bae4168c58e01d2251748fd5d9d610024129e83a5730fe83cf0918790e6854ab765c78649b91c06655f0cb9e26d8432df78bbadd99583b6a8afcf177ed6f339e08c0b36a16c6d31d8a24cb6f2bc3ba58d7711b6f8b988dc3e3144be619548457d4f40509f17eeb186cb93a2928ecb951593d1907c8bbb9f4c8999caba3059c8e73dce54ad6f87bcd51d559f7759902b14e68d3b845c0b179b38f4e6f0bd3a89cbcd5ebed9972102048647da1eda5c8456442369f4ae871d4037ba26f27d27371ce57e23adca5af8dc93f934f2ef8d69ad3b2db66657b3868dd839c2b522f5461f24407ef0ffb77242fc70a48b7eec45f3bcbcfbc6bdc36e4b67295020a345233a32a0a0af4d03a53ef67e69716d5ae35342722afbe7558946475a9ebf5b39c18558a0011f68bc8a78590b0cb63618379a512790c42d94bb239dd3ef5b8d1036cf0391aded8802a7a447c38f231ae611aeeab9bba44cd14369473758b64108d0bc9b6bc9e9b497c2d1d2acbae7c620a55c226cf371331688eaddec61fe961c5fcef71dad45820ed0ac8dc7641d82150f1318ac15aa41e7be585b6a50da1b3cd95239ee61cfde15aba80ae8ebc21ba4540883c6f44cd35b6b97da4640c97f5a2b6efa8d184fec823abc754ab8a0db6c45c2293e90d9c154c4a3e0b9ec2b6113ce6583b80f0d234dec9a9815067244733e2134b9ba93bb9692fb44200bb5501bb109f2401e8baaf0115d795bb0346dfafaf953bed8e9a52a5b9b02d490c55fd89daf311ad5e08b070a9571f696d6df4715c8b69b840e4e03d6f361326e20d9546c47b3a63163e7df9bd260621358c166177ee7c69ed63a8c43dd4a78543aa9f922c0ef527f4aa61ff65bb14595f518412ce25a1e103df89cd4b363593da16c11d80a23a9b5ad8e3a7be8f697cecf82c8fbd889a4f743c839b67f7ba5453b10bbf59b1e4f4e821872c061a4125c0c15c1ca5164efe61a58bb54dcedc849800a6021a448d4660c3b85e2362b7cd8ce95156fbf408a09a30a8ccfc3554004e9f9a35382907eec00617e2ae1f8803146bc8c28b4f3bf3c6b183ae9248e7f05c4adce3e0b7ff29252b5be9b19431e3fe612d471f52c5c34cc12c83049189f4d2e5ca516df78766ba3449d07ef9436c68052c986d9dde8802c931194e2ce34acb8cc26663a09348b15c6c145d26306bded0d1f482803ae6dee26562b03fcb183b69ee4a0491e8776ecdadfca395cb4eac2948d4d64321a4e669f2f663eb54f05f12ed9c685835c3e79f982152dbe701073b9a4ab2932b46ee2424a5e18bbe5f25ce0b898ff6937927f4670defe430ac86021226ae055daf39b535cdc0899fcc99d15e67d66bd2dd89bb21b8d2689a8af10a1b0bd44103c469922c36fc0228d7b6febf5e366dceecf8bb1db385c8ab95d86ff09b76c2fa6282de81fd6864c495a4c8295df61a2548e1b81c3e3f30d7a41216801d6c2d1743f66ae2055756083e8bf403d436b8244ac214f4d84a693d13f299ba267401d094f2df70840e8a980622794212f0992ecf5a47980ab2cf7d5a6f12b0a489af3c3c847ac59bc89f36fbb0e08bf283b68213a17de38b3a45eade6f0b198def408f7711c16367bcc0ded794a9a323c7e7f07fad96ea9c4d7344c26e43844a27c21076b8d7cd07677602d91eac825eb5fd0631755c2dd1dbf7bce3eb3c3f7377fc6080ecd0b894e29769845725943e25932d4249abb4ab78d4e2ff2e2df42c8d884cd6bd13886cef080c6491c217abae0eec6e9d4d49eab6657f15cfd38e6cd6d0bd33198c4685ab302d0f46e42f4a5d5bb7d2840a0a8817b98a856700d4de74351896fe7d7d5a0d1bc57fb4c828aa51f9637807aeb905780f239527ed4affd83f68be8b7ad1e10d9e797ba39cdee24f7be0a0ab0ac22ea3968dac61eb4bdd522c9ce570edf63a439abfd9954bf6a16c88d86157d05477200a83255cde279b454979cee4de00e81cb44acdc4295c877566a749ab5b91d250f03d46ecc14210c196700338eea028c930ce104f20a9e7fabb0ad1d314ec1a2d97d1d1b9e09114dee0e3e513eacede01971ff85dc98634156073df4e8acd6c3aadd615adaffa7a81573813bc4ca21886ddd532021bba5c84b34c34665534db48d61903a03c1cca4ed955ca92c1e33b7664b494e3db6d1e637a49e537808a2669ebeca301691acd4fab0af197b9c7db01b7862466b568ab3a4712a25210264fb297a6b679dfc3fceb65bddd1a23d5b507a0d6da83d73b716d971c5179a92e57b9b93451eb943845a549de737f2d082a83682c32649b4941e787758ead9d2c256b2b4ed1e0255952ce83cccecc39e5bbdd38490f1960b26e5379943be3d9a64b5149c84d577e5fd099560baa292befa06ce9065fb03ed432a9e055ca4ad0e952f8368b3d230fd5239726f79f4c98a0b4a9648382b245d324cb61049562f765f923fc657ef36747658494d78590a1e27a2d09856acf50c3b26271c6d5aa96e8ff9bdb9043859665e21ea53a050c335cac414bbf27b0328ac2c7450acb26b093bf232358afd1135ee50ac3fb26b5f0256ccdd37033c8a59740607cfd549d4c6540afe4a6b4425ae1f633872dcfb5da8d0547cf0c4888817b71fbc7c45b2a641e9c1a76b6a6be124402422ada35edc02ed997d6b87b361aee95a16d2c528d89a52fe40dfd83434969bd86f02e63fc1ae72941209af39a08cfbb4c320bc47d853f5dbaf0cd60ec54608aadbc382fa6b5cab3e9cac57bea26609f4c79f6a6b4eb4a9336fa95783b0c0c366f36d5d6b8310b3cfdb800207919a131bc7f984f7fa11fd0bf2c89e060e9d1286e453fe97363ef72bd6eba29a85ffeccdc3bee72e12284333a5a40622c01619558d2750fc45abfa22059ebdf743f8e50ad29770d19f84d8a34232d6918514769b3bb2a1ea5e59e9556332ba669675764458e9349a1835c501a93e91dd3b31018979880a9913f54ec1e8526b8cffcb776b97fbb9424faa5c5eb60d2ac74955bba4b5182571d0d9f84f0df1baa722b20a78c9c0011c667f688b58489c9e450d83e40ac5eb41c5564b6d76a226448abe4a3f499927074125aa9c0e7e704c36df5bb110a0f15f8433a470e81db414827d5ce21ca1da1c8d51d746d1e1ca110127c15e92afd75d3cd05ce0b632cfa03745de3cdd4b57373d46676583c89f045c26c6fc5793e5489555ced08f83ba351135834a2028113c319af30cc85bc01a7f8208822d7d607aed0d2e12c80aa009100441b75beaccfe0adbda7e8bb870edf4963158794c8c3a5baacf6eec7b5efaefb7602dab8409d161beeb281cba21f1da0ccdc092d0433fb940d79699ffeb87ea775829a6e7e3b308a2ee0b7aec8ac5f35eed61be374c7c77196f7119a8882deff68230f461cb917b0ccb2b8597efcbdd1003b7b77b2c601ebd4b45c35b8426f7b9138ab3df0ec00819604ab8e1e64cf2aa2282b1269585af127a268cd207f964edff172e555398a16df44bdc52889538c3a27f8fbfffb61f7aeb55b259952bbfea81d73058d8b0f78ece9dc08e660437d21d4e3ec38b19e5afda7a6e33023f9158db8a1c14dabd9b8b307ddc66927f7b19df5e0da2237d98ddd890b81f1963808977d02198e8ae2e97419dbb1f8e51cad36a3424b955500fbdaab6ff8dbf028708b1f951fe43864b59b6c2368b816c98023d4480a91b3f1059e9c214bf55a7f8c7da907f79ff5568fd787d3aa022ab9d03cde551f7e3295f02c4f3aa37e4cebdd968c0f82f09eb004fbdb1a4ef3a0d426691bde3964c29ea65622f5d3ffd854053545ba1ec164495e4bef4845439c058f9438d13be7922b656db499c246ee6176a15b97e6a68e42f0c703033b699504e1f92b43054c7237199bd013d96faab47433b6b3f91dc66368706439d4ef7da3942ce8b9c1c9a9d0643fc4540e7d3f1c3821267e866cacd3e904be9f9df80381eec09eb2b0d745ff03ffb199b917a14fdd8fbfbffe8bfb0cf7023aa7183301a8a41e7097ff9f5247f8b78f7d08bbfc596a81047807cf0929677222e7e9e921b294e04088c3746d8dc19294645f1c093a21b4c5e6d92e54dd90465b11dd5d9d42af849070edff4ec63970f4088daaa33afdebb28d01df5ee043a8150ab1b25d864ef31e20c84696596cfbea92d02ea29c4a3933c41ec68aee7d68d7eea7f30d8920e14e62be42bcf856d7a58f46fdb2438b023e974f77281c5a462553627e9614504cbd3f1cae6e0fd9f7e89d9bce48946d0508616fbe542303dc542982c61d7bb4afbf3e76bf1fb2381cdc99f2175ef944dcd826aabdca2b7678db5262733c69ce504c38e7deb7adfb9b6d8bb00d8e4251e0438417ea615cde58bd76c2427b3d7a0578bbbff9fde2abbc5d60307aff0050b18176158aaedb34e283886378ff798b4f74e0a0c95d64271f1916280dd247304d9201c67f5e2640d9706add8703cac81795a0190107e2bb2941ed13738595da1c86ba0f68e2283a435cb5f162c74071a13dfe2266d05abaef080dd6b1dade115e883e04f0bb4be4d91f535ae6f822b02e814e65d2b7807d199a23d3f26209f6c9f93602a3a93ccfdebb5f8161b7928059674e15820d1848a980c8d1af5a73aadc5c402fbb6e730ba51227913ca27f0d78d331d6325d0a7926c238296b2a22b10a69cdffeb087dfe175511ed8e2cde8d7dae140e4ce92f892b129d9940e4a30b19f822ef7611b8750eaea8e55502604b7d2358c09a217af8be6c86d67cf6ff6130c971c9765d56631fe6224fbe1e833d497b534fbf6b030af93691f59295279aa1bdfb5d5d9d4668d5aea70e2b8fc117df0042e91c7e6225f27329727ed6e14a87c7943c040dfee4e5c06a20251c39a45ab4865951b0daefb9c05571fdcc21d1761945bd2b8047ccedd6f1e708646fbe61e75bb2728e8cee893d7e6f642119e786155a6cbab057d6d83b77716145119e974ad7355179d2adc3d748fa249cb58e32e6791d646240c05da4427b2f359976c8fd1486c604cb7ee647e24633d8fca8314cf1f85110ca6351156a2b26e44b040f7d2810acd36f45a3969c1fafd1a7e0bc14fd9b26593375be8e750c3f6534ffb85904d15d75fba05dac4a673de97f7543ee931724cd35474cd7ff5cf3e8abaf206f3030e92895633fa9d8499ea763601560260109dad18bd64b990531fc5377e6eaa5da050b98e1c6515ea48c7de1a15b63283d4a694cbad379356bfdac50e6c343879e29f6b9ab425600d51f257ceb35d0ca00f83cf5bd734223de716747614666ba1f1a8fa756e5f3ff0fc94fa4bd4073bddb0098cf565ee40af5732ee9218d262e5b64ad6b8118c54eeaf7072f2e15514a401779b425fa89d8abb1750e56cc3108dffdcf2d3fd86b8af4560d56f7ff0702154211f9949e3992d93e66892b297fa2d4bfe18de3fd74e96c9d30eb14fd458fdbc9e9a34e00f3280dd732520147fa2a8fa83e91dd0687501466a300015bf888c03fc08190c2753d7719acf6f84885c4c5642f466c1984f15a7716a9b608ee5f1b395726bcc8519766667d24d11e396e62ea39640c9e73e4e9e9e5076d7019ca1bebbd7097807f46b3b6fcb96ed4b433b25ec551fb176a5fa252ed1d81b0350cfdfb8069c9916495bef3a262b6668910896c0b37eee40547c663a901e92f41b417ac50e88d058d021a8f9a5783bd936cca4962bec1c9886689cc547970f9215232596392515182e563f720bb79d29baaabf0e2697de6500bc677e346847011ee3450358c0b16ca528368b5cbb8df5ab974a3cef072d20c9906fa585e0f3083ec6d8507b8561f64e65aa1aecf825fc47ad1459c87771549fd5c9a9cc094e7b1179ee1e90eff7158f28f59f029d90e708f4ec50b4f67d8b4bb7140065528354a7e25d63e92977183a0284ec22aa923210f0bfea89cca53547137381e5de0f60bc484bc2daf129b0380244f1ed4bfb674eb2791e76dce33cae684ad36620d5d67cb587f840caed316b7439b0e8c3de0e065e62680f3997369be3466670278168c9a1a644d870e3a8d0a79b2b720e8c3c51bb9133532beee64319e98714bb2e6d5c0b723962d923b0ef454361d4b3cb470bf8c39031ed4a75267f499741be15aacac92d8e6afdcb01a2e7d2dbf549ceb2a2108c4079c620f05ca1bd31d631c2c8d35ca0d73155f56ed020c25e389db356edf510ae088d11b5e4fed51d0dce4d3aa04924b09c28200ede5bec1a8f38cc5f081055e0f28d75afc4d588ca0e828d00085d150beafdda17b8df9e7d9218ea7d81f2e076412901c5ae04d6929d717fea2fcc8e5a1e69dbd7b5258799a2fa5eb108b6cc35dfab599fb27e6d75f1030b83f452af8137830337141f031942eba83123d3f87b5f01623d4613e5a44b4952c300baf3d4d3dbbfb0ad024a19b3810a174ef8453d85a25822f66e45eba2490f29de1077683ccc32e3517f88b51e010672a982f7c8591450c9ab1573143aefb61c17ebb0c92dcb0494d116b970c2a827a6b3608ae10d583d1f7d092263fa873de9f31cd59bc9491ff012059b63a9120af89477f2ccc34eee7bd66de60af64730c879128b49d31da6400c2471e0d5abf707e560574b477b8e20ca45d92182d639eb434e14aea1a3f91ad8fb60e4859b77389753990513181ea3a82884235e8520294359435cfba220502b591fc28ac36ec697442657d290bd7aad7fce53a3f1766f2bf7d55c24d7c0e9c7a71d6f1282ea1478e0a36378b50e4fee281f686bc53f50138036e2a5d6199d40caff084fde7b63b3c0a47da0791107c3218330f7c2e2c7609aba202fae5290243b6033379eb15edc572eee452008e04c9b53efd5f3d88327317b38934745bc3de4c55bd818febc7a7953bf03c4029f77177c2a974310f0485aa46252f1000dc71934947287c38ea5854f29c7b82f630afb8caf1fd880670307b155a6e7feddc019cfbbbdc18f3bc03da3bd371d93ccbf56bcb39eea55c2d113efc148127c30089d21ce6a5088dbfbcf8f8d75c19456bc962c371548634a95382acb5a0886efc46a87bdc111dc0d1e54084cea0d58054f00762c91d7fe0f0fbcf4c280f29f9cd5999a5e8c6f507f8080d7c7ea9a8685be50722cf1a082f3728dec8d6152cdc72f8da6b1805643c042f4f6780ba79cc8a2165d9d7acec8ab2f421bc3e77b51c62c4bbb262b5674ea7d2dcf9acb894d050e91b052364322a5b08bd9667249571c004fb495da7e24fc5620adda3af6848ccf238911a52bdbff766e4e279ac274afa2c2302faba25b5fe98d972a04aa13f77c0c05d7dd82b0a19f1ded8cf5f99c80e392b0aab1264a29e9fbcf0b69f6b0a9f2332e09ab74dea7277106d0883bb264e279c67e5bc69009225bf4fd1a8532f9392a011b55a73a7cf8d16a59d695b2a65b57fad64a2041f8c28804ee1a48845c5dab757d04f1d95520aa9ddb69904d6529c0e14bd789dfe37067073b3e0e136ae2aebb1c34c55b94ce942f786be4b45f801f35f7c768d91a460b92ffa57ff675f0b4b00437a07f871a8650f21b2bf7c722c1d9e860e8955fef5699ee53a5f6fe46fb9e5e17a1c69fe2538af4718b7215ad2c00c3d420589a8653ee511b809945451fb8205b19ce377c8d0253b05493c557cf2bd8ef208e8fc01beceea1acca38d025f328f28d69bcfaa3adc6d9573a3832dc3f3c758fe08cf9cd0c32acfddae81b3682869e8aa9725b64336252aeb2ee8eb78f0721aa3158217a3009948adb297c5ea45ec26cb6d963c7be47ee1b93fa136ebe73a21936df0148fa311206f8bca2e80719aeca8745ff74ddaad5182644762c66333f942d9a93c467d5f9fd5d0dbbe57480362d4bb0f760294f4eba3e1b08047d256dbda157635d21a43aff3a71f6ad574b402bb36e5270d7ed082c6fbae07771721513ae9ddb22d23b00733046c898ee6ac05ef8a51ce41919e1f241cb98e0592ace68214620ba1a748ef81131661f58f1635713ca2873e150a3e848c8d2ebd039769fda112b73050efa4d1c35dbb46ca5a7b7ccbed1dcded36af272f6838b4c1e7e6778e7e9ca3d794f275d49c9e32e768097349118d2337e7c031ada38d0cc5c04c286ff93083f6d58d73a821118c93432fda9a8c76fa2cbcc093a7decac8e4f001ecc9f67faf1c2f102120f0618469cf653bbd5fcefd4ef2bae86dc4f5393b840f9f47140cf7f46a186c21878a43612a71d3b540b9994f010ab623f878264cf46c7366d0bec5d43d481b47846091fd3cda73a9a28ceb7f839eca695c9f084a16c812475f6575ef2368c88cc6655f47663ef69ce4779fe3ccc4dd85a07a9e4c6f39f42690d231f5727f45c247a53fd8df029fcefda4f328658435892519c17205a3c715ad6bb7387d09a5e387c83f008daf626f5977c66203af1143ef7b59ccd8e3c17bb156bca317861f0b9f222ea63c044075a3a74beaf05c23d0a75caa60397d831bbe507234fff154960faf0f02776d3f9038c955bf0c1ec9c92523cf0b855c18d6ac3b35d437796420ba3dfd581dc6adac64315c1cb1a2c3a45ec4655bb2bd6e0b4a3082281ed0697a213d1d93142e96b4fd57431d2f4547451d008ab58bcd9765ccf3ca3297becd5de9e2be0263cfca09935c9334b5e687bc7e7057dc2ed03873be22200c9fe32a9497dd00a336cf4c723ead302340b5cd1fef8cd88330a9089fc93af4ef739295b94407b291bf33f4f39c936736e1166106428f8796a4b92805f4dfcf46d8692b54e40a9e8584c0eaac4caada87bb33f553eafeef5051b889402176ab766936a38ddd7e5205d2c87e133a02e84ab24ba2d889a4c4db8cbe18b271455e84da716f4a32acdbc0a5aaba25a2ec757c73847dd1c4ccb2967c651e5257692a4553dde227846bfe2977021805f46a287c835ea8dc5", 0x2000, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
close(r2)

2.035983734s ago: executing program 4 (id=931):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x41, 0x0)
r1 = dup(r0)
r2 = epoll_create(0x7)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r0, &(0x7f0000000200)={0x90000009})
write$P9_RSTATFS(r1, &(0x7f0000000100)={0x43, 0x9, 0x1, {0x569142f7, 0x0, 0x100000001, 0x0, 0x7f, 0x5, 0x7, 0x200, 0x6}}, 0x43)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x4, 0x0, 0x0, 0x1b, "0062ba7d820700000000000000000000096304"})
r3 = syz_open_pts(r0, 0x80)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
dup3(r3, r0, 0x80000)
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000580)={0x1000, 0x7ffe, 0x3, 0x400c, 0x5, "73309be7b7525f00", 0x70000001, 0x203})
read(r0, &(0x7f00000002c0)=""/228, 0xe4)

1.939217476s ago: executing program 5 (id=903):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfe, {0x0, 0x0, 0x0, r3, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000040)={'syzkaller0\x00', <r5=>0x0})
sendto$packet(r4, &(0x7f00000008c0)="05031400d3fc140000004788031c", 0xe, 0x4, &(0x7f0000000140)={0x11, 0x88a8, r5, 0x1, 0x0, 0x6, @multicast}, 0x14)

1.78733755s ago: executing program 4 (id=932):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x185d, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x1, 0x800000c1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)
rename(&(0x7f0000000100)='./file0/../file0/file0\x00', &(0x7f00000000c0)='./file0/../file0/file0\x00')
umount2(&(0x7f0000000080)='./file0\x00', 0x9)

1.297707134s ago: executing program 5 (id=933):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f0000000840)='./file2\x00', 0x0, &(0x7f0000000880)=ANY=[@ANYRES16=0x0, @ANYRESOCT, @ANYRESHEX, @ANYBLOB="bce47a6513af9f63289d464d9a23a92023d6cddf223ac3e711c6b3fa551a2429177695e4e9b43aff485ebbff335f1642296a05c3c3de7a1560af336250e532be2d190900840bbaba82fb1798e574cc2df7036960a714b9fa1cafa5a733fa932299c13e1c29ef254ad2c93864537d7d3aed9dc9c3bc2f06f7c34e366e5056ac3553a152ce4c5ad9cd881b9a972a6809ed6c165d862389a58a239149e85dd48295635a5f0ced491e8a512769d2d5642be9060d02f62475a3962de8b1b595c135a2f08873dc09b1ff5509a9ee16abc125763e135e81d55800cfd85ba5fe", @ANYRES16, @ANYRESHEX, @ANYRES32, @ANYBLOB="f4a1e730abdede6b2277652e72a295635b2c3cf41630205c64882dc83612b0865726a6730f9e2042c9815a2a027da5c7f5bbb7653dad4a4d728024b3a130c70dcc8f285646e1234ee6472db3d47799a56ccc9624b5", @ANYRES8, @ANYRES16], 0xfd, 0x1506, &(0x7f0000027240)="$eJzs3Au0TlX3MPA511qbQ+JJct9zzc2TXBZJEkqSS5IkIbknJEmSJIlDbklIQq4nyeU4Ifd00nG/X3JPOnklSRISkqxvnC6ff+/b+++99P/8v/fM3xh7nDXP3nPutc4cz3n23mM8z1fdR9RsUqtaQ2aGf4X+dYA//0gEgAQAGAwAuQAgAIDyucvnztifTWPiv3QS8T+kUfLlnoG4nKT/mZv0P3OT/mdu0v/MTfqfuUn/Mzfpf+Ym/RciU0spcJVsmXeT5///n1P/TrK8/2cK+Pd2SP//0+h/6mjpfyZkLg2l/5mb9D9zk/5nZsHlnoC4zOT1n7lJ/4XI1P70Z8obzl3uZ9qy/RObEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgjx/8A5f4kBgF/Hl3teQgghhBBCCCGE+PP4dy73DIQQQgghhBBCCPE/D0GBBgMBZIGskADZIDtcATngSsgJuSAGV0FuuBrywDWQF/JBfigABaEQFIYQCCwwRFAEikIcroVicB0UhxJQEkqBg9JQBq6HsnADlIMboTzcBBXgZqgIlX46Z4bboCrcDtXgDqgONaAm1II7oTbcBXXgbqgL90A9uBfqw33QAO6HhtAIGsMD0AQehKbQDJpDC2gJraD1H+Qn5fq9/OegFzwPvaEPJEJf6AcvQH8YAANhEAyGF2EIvARD4WUYBsNhBLwCI+FVGAWvwWgYA2PhdRgH42ECTIRJMBmS4A2YAm/CVHjrwSthOsyAmZAMsyAF3obZMAfmwjswD+bDAkjKtggWwxJ4F5bCe5AK78My+ADSYDmsgJWwClbDGlgL62A9bICNsAk2wxbYCtvgQ9gOO2An7ILdsAf2wkewDz6G/fAJpOOn/2T+2d/mQw8EBFSo0KDBLJgFEzABs2N2zIE5MCfmxBjGMDfmxjyYB/NiXsyP+TERC2JhLIyEhIyMRbAIxjGOxbAYFsfiWBJLokOHZbAMlsUbsByWw/JYHitgBayIlbAS3oK3YBWsglWxKlbDalgdq2NNrIl34p14F9bBOlgX62I9rIf1sT42wAbYEBtiY2yMTbAJNsWm2BybY0tsia2xNbbBNtgW22J7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A27YXfsjj3wWXwWn8Pn8Hl8HvtgddUX+2E/7I/9cSAOwkH4Ig7Bl/AlfBmH4XAcga/gK/gqjsIzOBrH4Fgci1XUeJyAE5HVZEzCJMwKU3AqTsVpOB2n40xMxlmYgik4G+fgHHwH5+F8nI8LcSEuxiW4BJfie5iKqbgMz2IaLscVuBJX4WpchWtxHa7FDbgRN+Bm3IxbcSt+iB/iDtyBu3AX7sE9+BF+hB/jxzgM0zEdD+ABPIgH8RAewsN4GI/gETyKR/EYHsPjeBxP4Ek8hSfxNJ7GM3gWzwHAeTyPF/ACXsSLGS9+lcEoo7KoLCpBJajsKrvKoXKonCqniqmYyq1yqzwqj8qr8qr8Kr8qqAqqwqqwIkWKVaSKqCIqruKqmCqmiqviqqQqqZxyqowqo8qqsqqcKqfKq5tUBXWzqqgqqXbuFnWLqqLau6rqdlVNVVPVVQ1VU9VStVRtVVvVUXVUXVVX1VP1VH11n2qg+uJAbKQyOtNEDcemagQ2Vy1US9VKvYoPqTZqFLZV7VR79Ygag6Oxo2rjOqnHVWc1AbuoJ9VEfEp1U5Oxu3pG9VDPqp7qOdVLtXW9VR81Dfuqfmom9lcD1EA1SM3GGiqjYzXVy+q5rMPVCPWKWoyvqlHqNTVajVFj1etqnBqvJqiJapKarJLUG2qKelNNVW+paWq6mqFmqmQ1S6Wot9VsNUfNVe+oeWq+WqAWqkVqsVqi3lVL1XsqVb2vlqkPVJparlaolWqVWq3WqLVqnVqvNqiNapParLaorWqb+lBtVzvUTrVL7VZ71F71kdqnPlb71ScqXX2qDqi/qIPqM3VIfa4Oqy/UEfWlOqq+UsfU1+q4+kadUCfVKfWtOq2+U2fUWXVOfa/Oqx/UBfWjuqi8Ao1aaa2NDnQWnVUn6Gw6u75C59BX6pw6l47pq3RufbXOo6/ReXU+nd8U0AV1IV1Yh5q01awjXUQX1XF9rS6mr9PFdQldUpfSTpfWZfT1uqy+QZfTN+ry+iZdQd+sK+pKurIHfauuom/TVfXtupq+Q1fXNXRNXUvfqWvru3Qdfbeuq+/R9fS9ur6+TzfQ9+uGupFurB/QTfSDuqluppvrFrqlbqVb64d0G/2wbqvb6fb6Ed1BP6o76sd0J/247qyf0F30k7qrfkp300/r7voZ3UM/q3vqH/VF7XVv3Ucn6r66n35B99cD9EA9SA/WL+oh+iU9VL+sh+nheoR+RY/Ur+pR+jU9Wo/RY/XrepweryfoiXqSnqyT9Bt6in5TT9Vv6Wl6up6hZ+pkPUsP/KXS3H8g/83fyR/609m36m36Q71d79A79S69W+/Re/VevU/v0/v1fp2u0/UBfUAf1Af1IX1IH9aH9RF9RB/VR/UxfUwf18f1CX1Sf6+/1af1d/qMPqvP6u/1eX1eX/jlbwAGjTLaGBOYLCarSTDZTHZzhclhrjQ5TS4TM1eZ3OZqk8dcY/KafCa/KWAKmkKmsAkNGWvYRKaIKWri5lpTzFxnipsSpqQpZZwpbcqY6//t/D+aX2vT2rQxbUxb09a0N+1NB9PBdDQdTSfTyXQ2nU0X08V0NV1NN9PNdDfdTQ/Tw/Q0PU0v08v0Nr1Nokk0/cwLpr8ZYAaaQWawedEMMUPMUDPUDDPDzAgzwow0I80oM8qMNqPNWDPWjDPjzAQzwUwyk0ySz2WmmClmqplqpplpZsbgXCbZJJsUk2Jmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm1aSaZWaZSTPLzXKz0qw0q81qs9asNevNerPRbDSbzWaTZraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbdpJsD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWguZlz2BSpQgQlMkCXIEiQECUH2IHuQI8gR5AxyBrEgFuQOcgd5gmuCvEG+IH9QICgYFAoKB2FAgQ04iIIiQdEgHlwbFAuuC4oHJYKSQanABaWDMsH1QdnghqBccGNQPrgpqBDcHFQMKgWVg1uCW4MqwW1B1eD2oFpwR1A9qBHUDGoFdwa1g7uCOsHdQd3gnqBecG9QP7gvaBDcHzQMGgWNgweCJsGDQdOgWdA8aBG0DFoFrf/U+t6fyfew6x32CRPDvmG/8IWwfzggHBgOCgeHL4ZDwpfCoeHL4bBweDgifCUcGb4ajgpfC0eHY8Kx4evhuHB8OCGcGE4KJ4dJ4RvhlPDNcGr4VjgtnB7OCGaGyeGsMCV8O5wdzgnnhu+E88L54YJwYbgoXBziz5fEkBq+Hy4LPwjTwuXhinBluCpcHa4J14brwvXhhnBjuCncXH7Iz4eG28Md4c5wV7g73BPuDT8K94Ufh/vDT8L08NPwQPiX8GD4WXgo/Dw8HH4RHgm/DI+GX4XHwq/D4+E34YnwZHgq/DY8HX4XngnPhufC78Pz4Q/hhfDH8GLoMy7uM97eyZChLJSFEiiBslN2ykE5KCflpBjFKDflpjyUh/JSXspP+akgFaTCVJgyMDEVoSIUpzgVo2JUnIpTSSpJjhyVoTJUlspSOSpH5ak8VaAKVJEqUmWqTLfSrXQb3Ua30+10B91BNagG1aJaVJtqUx2qQ3WpLtWjelSf6lMDakANqSE1psbUhJpQU2pKzak5taSW1JpaUxtqQ22pLbWn9tSBOlBH6kidqBN1ps7UhbpQV+pK3agbdafu1IN6UE/qSb2oF/Wm3pRIidSP+lF/6k8DaSANpsE0hIbQUBpKw2gYjaARNJJG0igaRaNpDI2l12kcjacJNJEm0WRKoiSaQlNoKk2laTSNZtAMSqZkSqEUmk2zaS7NpXk0jxbQAlpEi2gJLaGltJRSKZWW0TJKozRaQStoFa2iNbSG1tE62kAbaBNtoi20hbbRNtpO22kn7aTdtJv20l7aR/toP+2ndEqnA3SADtJBOkSH6DAdpiN0hI7SUTpGx+g4HacTdIJO0Sk6TafpDJ2hc3SOztMPdIF+pIvkKcFms9ntFTaHvdLmtLnsX8f5bQFb0BayhW1o89p8v4nJWlvclrAlbSnrbGlbxl7/N3FFW8lWtrfYW20Ve5utaivabPBf49r2LlvH3m3r2ntsLXvnb+J69l5b3z5oG9hmtqFtYRvbVraJfdA2tc1sc9vCtrStbAf7qO1oH7Od7OO2s33ib+Kl9j27zq63G+xGu89+bM/Z7+1R+5U9b3+wvW0fO9i+aIfYl+xQ+7IdZof/NgawY+3rdpwdbyfYiXaSnfw38Qw70ybbWTbFvm1n2zl/Ey+x79p5NtUusAvtIrv4pzhjTqn2fbvMfmDT7HK7wq60q+xqu8au/b9zXWk32y12q91rP7Lb7Q670+6yu+2en+KMdey3n9h0+6k9Yr+0B+1n9pA9Zg/bL36KM9Z3zH5tj9tv7Al70p6y39rT9jt7xp79af0Za//W/mgvWm+BkRVrNhxwFs7KCZyNs/MVnIOv5Jyci2N8FefmqzkPX8N5OR/n5wJckAtxYQ6Z2DJzxEW4KMf5Wi7G13FxLsEluRQ7Ls1l+HouyzdwOb6Ry/NNXIFv5opciSvzLXwrV+HbuCrfztX4Dq7ONbgm1+I7uTbfxXX4bq7L93A9vpfr833cgO/nhtyIG/MD3IQf5KbcjJtzC27Jrbg1P8Rt+GFuy+24PT/CHfhR7siPcSd+nDvzE9yFn+Su/BR346e5Oz/DPfhZ7snPcS9+nntzH07kvtyPX+D+PIAH8iAezC/yEH6Jh/LLPIyH8wh+hUfyqzyKX+PRPIbH8us8jsfzBJ7Ik3gyJ/EbPIXf5Kn8Fk/j6TyDZ3Iyz+IUfptn8xyey+/wPJ7PC3ghL+LFvITf5aX8Hqfy+7yMP+A0Xs4reCWv4tW8htfyOl7PG3gjb+LNvIW38jb+kLfzDt7Ju3g37+G9/BHv4495P3/C6fwpH+C/8EH+jA/x53yYv+Aj/CUf5a/4GH/Nx/kbPsEn+RR/y6f5Oz7DZ/kcf8/n+Qe+wD/yRfYMEUYq0pGJgihLlDVKiLJFCb88McoZ5Ypi0VVR7ujqKE90TZQ3yhfljwpEBaNCUeEojCiyEUdRVCQqGsWja6Ni0XVR8ahEVDIqFbmodFQmuj4qG90QlYtujMpHN0UVopujilGlqHJ0S3RrVCW6Laoa3R5Vi+6Iqkc1oppRrejOqHZ0V1QnujuqG90TlYvujepH90UNovujhlGjqHH0QNQkejBqGjWLmkctopZRq6h19FDUJno4ahu1i9pHj0QdokejjtFjUafo8ahz9MSl/SWCnxf1V/sTo76R/mW9d+tF8cXxJfF340vj78VT4+/Hl8U/iKfFl8dXxFfGV8VXx9fE18bXxdfHN8Q3xjfFN8e3xLfGva+VFRxm3AiDcYHL4rK6BJfNZXdXuBzuSpfT5XIxd5XL7a52edw1Lq/L5/K7Aq6gK+QKu9CRs45d5Iq4oi7urnXF3HWuuCvhSrpSzrnSroxr5Vq71q6Ne9i1de1ce/eIe8Q96h51j/3aKNfFPem6uqdcN/e0e9o943q4Z11P95zr5Z53vV0fl+gSXT/Xz/V3/d1AN9ANdoPdEDfEDXVD3TA3zI1wI9xIN9KNcqPcaDfajXVj3Tg3zk1wE9wkN8kluSQ3xU1xU91UN81NczPcDJfskl2KS3Gz3Ww3181189w8t8AtcIvcIrfELXFL3VKX6lLdMrfMpbk0t8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcdvcNrfdbXc73U632+12e91et8/tc/vdfpfu0t0Bd8AddAfdIfe5O+y+cEfcl+6o+8odc1+74+4bd8KddKec16fdd+6MO+vOue/defeDu+B+dBedd0mxN2JTYm/Gpsbeik2LTY/NiM2MJcdmxVJib8dmx+bE5sbeic2LzY8tiC2MLYotji2JvRtbGnsvlhp7P7Ys9kEsLbY8tiK2MrYqtjrmfaHtkS/ii/q4v9YX89f54r6EL+lLeedL+zL+el/W3+DL+Rt9eX+Tr+Bv9hV9JV/ZN/PNfQvf0rfyrf1Dvo1/2Lf17Xx7/4jv4B/1Hf1jvpN/3Hf2T/gu/knf1T/lu/mnfXf/zPxfuux7+ed9b9/HJ/q+vp9/wff3A/xAP8gP9i/6If4lP9S/7If54X6Ef8WP9K/6Uf41P9qP8WP9636cH+8n+Il+kp/sk/wbfop/00/1b/lpfrqf4Wf6ZD/Lp/i3/Ww/x8/17/h5fr5f4Bf6RX6xX+Lf9Uv9ez7Vv++X+Q98ml/uV/iVfpVf7df4tX6dX+83+I1+k9/st/itfpv/0G/3O/xOv8vv9nv8Xv+R3+c/9vv9Jz7df+oP+L/4g/4zf8h/7g/7L/wR/6U/6r/yx/zX/rj/xp/wJ/0p/60/7b/zZ/xZf85/78/7H/wF/6O/KJ9ZE0IIIYT4h+g/2N/3d36nftky9AOAK3cUOPzXNTfl/Xk8QO3rHAOAx/t0b/Tr1qhRYmLiL8emaQiKLgSA2KX8n75/4Jd4ObSHR6ETtIOyvzu/AaryT9d9/139+E0A2QGy/ZqTcXuUHf66/g1/p36zd/mP6i8EKF70Uk7GiX6NL9Uv93fq7+nwB/WzfZYE0Pa/5OSAS/Gl+mXgYXgCOv3mSCGEEEIIIYQQ4mcD1Pkef3R/m3F/XtBcyskKl+I/uj//A1X/jDUIIYQQQgghhBDiv/fUsz0fe6hTp3Zd/5MHWf+0ggkAcNmX828MEAD+F0xDBv/7B5f7P5MQQgghhBDiz3bpov9yz0QIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhMi8/vVvCFP/8MGXe41CCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCHE5fZ/AgAA///ifVN/")
capset(0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x42, 0x0)
mount$tmpfs(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000400), 0x0, &(0x7f0000000080)=ANY=[@ANYBLOB='huge=always'])
chdir(&(0x7f0000000140)='./file0\x00')
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x1000)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
socketpair(0x1, 0x100000005, 0x0, &(0x7f0000000000))

1.295086964s ago: executing program 4 (id=940):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
ioctl$KVM_CREATE_DEVICE(r1, 0xc00caee0, 0x0)
read(r0, &(0x7f0000000180)=""/174, 0xae)

1.273247795s ago: executing program 1 (id=934):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000340), 0x103080)
ioctl$SNDRV_TIMER_IOCTL_TREAD_OLD(r0, 0x40045402, &(0x7f0000000140)=0x1)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f00000083c0)={{0x1}})
ioctl$SNDRV_TIMER_IOCTL_PARAMS(r0, 0x40505412, &(0x7f0000000380)={0x0, 0x9dc8, 0x0, 0x0, 0xf})
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f000068c000/0xc000)=nil, &(0x7f0000817000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x0)
r1 = io_uring_setup(0x1ca5, &(0x7f0000000040)={0x0, 0xc8a1, 0xc000, 0x1, 0x800000c1})
bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x12, 0x3, 0x0, &(0x7f0000000240)='syzkaller\x00', 0x80000000, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="16"], 0x50)
io_uring_enter(r1, 0x2219, 0x7721, 0x16, 0x0, 0x0)

869.378026ms ago: executing program 6 (id=908):
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c)
sendto$inet6(r0, &(0x7f0000847fff), 0x0, 0x0, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$inet6_sctp(0xa, 0x801, 0x84)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4000)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="1a00000007"], 0x50)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r1, &(0x7f0000000100)={0x1f, 0xffff, 0x3}, 0x6)
write$binfmt_misc(r1, &(0x7f0000000000), 0xd)

766.071729ms ago: executing program 1 (id=935):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000400)=ANY=[@ANYBLOB="7a0af8ff75257075bfa100000000000007010000f9ffffffb702000005000000bf130000000000008500000071000000b7000000000000009500000000000000b2595285faa6ead0169191d54f8196217fc560e2fc91f6da4dad4fdc2eb1b257183fa3bcd48666d1ddd73f3047d248df061222193165274bc7f2382f6cda4bfdd45be583823c0f09601f3c1c65ee19ee875daf45006a4c4ea5e15b2f9618d547244a22000000000000db453620ce7243d1aebd00000000000000005839c77edf2d34b12cd48a0c20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef76d7d864409eb2dcc718a09f4886afc26abba34635d0e8b54bc76be40d435aa8b5202db761014b1b999a12df6bee431a666100"/296], &(0x7f0000000100)='GPL\x00'}, 0x48)
ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f00000003c0)=r1)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r3)
sendmsg$TIPC_CMD_ENABLE_BEARER(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
ioctl$SIOCSIFHWADDR(r2, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

575.122855ms ago: executing program 6 (id=936):
ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
socket$netlink(0x10, 0x3, 0x8000000004)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$tipc(&(0x7f00000008c0), 0xffffffffffffffff)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
writev(0xffffffffffffffff, 0x0, 0x0)
r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0)
write$binfmt_aout(r5, &(0x7f0000000300)=ANY=[], 0xff2e)
ioctl$TCSETS(r5, 0x40045431, 0x0)
ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, &(0x7f0000000140)=0x12)
sendmsg$TIPC_CMD_SHOW_LINK_STATS(r3, &(0x7f0000000980)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000900)=ANY=[@ANYBLOB, @ANYRES16=r4, @ANYBLOB="010828bd7000fcdbdf2501000000000000000b000000001400143954ee6272"], 0x30}, 0x1, 0x0, 0x0, 0x800}, 0x800)

543.291905ms ago: executing program 5 (id=937):
syz_kvm_add_vcpu$x86(0x0, &(0x7f0000000100)={0x0, &(0x7f0000000280)=[@code={0xa, 0x5a, {"0f380a669766ba6100b000ee2309c0da00008c000000ba000000000f30c4827941fac4e1f96e42e46505e7ee1921b9500b00000f328fe9209b7ce100c403790cdeb8010000000f01d9"}}], 0x5a})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x200, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)={0x9})
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$BATADV_CMD_GET_GATEWAYS(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f00000001c0)={0x10, 0x0, 0x0, 0x10}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4800}, 0x4008000)
ioctl$KVM_SET_PIT2(r1, 0x4070aea0, &(0x7f0000000140)={[{0x1, 0xc, 0x6, 0x3, 0x6, 0x2, 0x42, 0x9, 0x1, 0x4, 0x2, 0x3, 0x3}, {0x1, 0x7, 0x7, 0x0, 0x8, 0x7, 0x49, 0xff, 0x2, 0x1, 0x9, 0xf, 0x20000000006}, {0x2, 0x5, 0x5, 0x84, 0x8, 0x7, 0xfd, 0x40, 0x5, 0x3, 0x4, 0x3, 0x80000000000}], 0xf87})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

0s ago: executing program 1 (id=938):
ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, &(0x7f0000000000)={0x1, 0x0, [{0x40000001, 0x4, 0x2, 0x31237648, 0x6, 0x2, 0x80}]})
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc4a, 0x9, 0xfffffffffffffffd, 0x1, 0x10000, 0x3, 0x4002004c2, 0x1000, 0x9, 0x100, 0xfffffffffffffffb, 0x8, 0x71dd, 0x0, 0x8, 0x8d], 0x100000, 0x2008c0})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

escriptor of length 55, skipping remainder of the config
[  123.807079][ T5992] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 66
[  123.817991][ T5992] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  123.836848][ T5992] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  123.851718][ T5992] usb 3-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  123.864965][ T5992] usb 3-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  123.873253][ T5992] usb 3-1: Product: syz
[  123.880531][ T5992] usb 3-1: Manufacturer: syz
[  123.901807][ T5992] cdc_wdm 3-1:1.0: skipping garbage
[  123.912434][ T5992] cdc_wdm 3-1:1.0: skipping garbage
[  123.930747][ T5992] cdc_wdm 3-1:1.0: cdc-wdm0: USB WDM device
[  123.941751][ T5992] cdc_wdm 3-1:1.0: Unknown control protocol
[  124.003047][ T5811] usb 2-1: usb_control_msg returned -32
[  124.013498][ T5811] usbtmc 2-1:16.0: can't read capabilities
[  124.543684][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.550707][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.557286][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.563963][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.570491][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.577158][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.583547][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.590211][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.596662][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.603354][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.609681][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.616345][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.622727][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.629385][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.635745][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.642414][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.650480][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.657150][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.667090][    C1] cdc_wdm 3-1:1.0: nonzero urb status received: -71
[  124.673776][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - 0 bytes
[  124.680235][ T5992] usb 3-1: USB disconnect, device number 4
[  124.686206][    C1] cdc_wdm 3-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19
[  126.034633][ T5992] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  126.276911][ T5992] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  126.357427][ T5822] usb 2-1: USB disconnect, device number 2
[  126.381916][ T5992] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  126.397182][ T5992] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  126.409832][ T5992] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.420753][ T5992] usb 4-1: config 0 descriptor??
[  126.859037][ T5992] pyra 0003:1E7D:2CF6.0004: unknown main item tag 0x2
[  126.894139][ T5992] pyra 0003:1E7D:2CF6.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.3-1/input0
[  127.442163][ T5992] pyra 0003:1E7D:2CF6.0004: couldn't init struct pyra_device
[  127.474558][ T5992] pyra 0003:1E7D:2CF6.0004: couldn't install mouse
[  127.484021][ T5992] pyra: probe of 0003:1E7D:2CF6.0004 failed with error -71
[  127.511885][ T5992] usb 4-1: USB disconnect, device number 7
[  127.516833][ T6469] loop2: detected capacity change from 0 to 512
[  127.627281][ T6469] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  127.663769][ T6469] ext4 filesystem being mounted at /43/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.799654][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.821108][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.838042][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.854748][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.875390][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.898962][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.914225][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.927311][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.940398][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  127.954181][ T5771] EXT4-fs error (device loop2): ext4_empty_dir:3136: inode #12: comm syz-executor: invalid size
[  128.819088][ T5771] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  129.159974][ T3009] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.357621][ T4815] Bluetooth: hci2: Frame reassembly failed (-84)
[  129.445920][ T3009] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.679093][ T3009] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  129.849020][ T3009] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  130.532364][ T6527] loop0: detected capacity change from 0 to 512
[  130.612560][ T6527] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  130.786781][ T5774] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  130.802850][ T5774] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  130.820677][ T5774] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  130.863848][ T5774] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  130.885040][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  130.901269][ T5774] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  130.938161][ T5774] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  131.396089][ T6545] loop3: detected capacity change from 0 to 1024
[  131.413653][ T5784] Bluetooth: hci2: command 0x1003 tx timeout
[  131.419255][ T5774] Bluetooth: hci0: command 0x080f tx timeout
[  131.426405][ T5782] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  131.468982][ T6515] Bluetooth: hci0: Opcode 0x080f failed: -110
[  131.511867][ T6545] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  131.858901][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  131.908649][ T6558] netlink: 8 bytes leftover after parsing attributes in process `syz.1.203'.
[  132.699946][ T6529] chnl_net:caif_netlink_parms(): no params data found
[  133.094443][ T5782] Bluetooth: hci4: command tx timeout
[  133.274711][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  133.281821][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  133.678923][ T6529] bridge0: port 1(bridge_slave_0) entered blocking state
[  133.722103][ T6529] bridge0: port 1(bridge_slave_0) entered disabled state
[  133.763582][ T6529] bridge_slave_0: entered allmulticast mode
[  133.783200][ T6529] bridge_slave_0: entered promiscuous mode
[  133.899823][ T6529] bridge0: port 2(bridge_slave_1) entered blocking state
[  133.933759][ T6529] bridge0: port 2(bridge_slave_1) entered disabled state
[  133.943017][   T12] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  133.973656][ T6529] bridge_slave_1: entered allmulticast mode
[  134.005515][ T6529] bridge_slave_1: entered promiscuous mode
[  134.072581][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  134.107194][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  134.278466][ T6529] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  134.361594][ T6529] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  134.455457][ T6617] loop3: detected capacity change from 0 to 256
[  134.523607][ T3009] hsr_slave_0: left promiscuous mode
[  134.561083][ T6617] FAT-fs (loop3): Directory bread(block 64) failed
[  134.578224][ T6617] FAT-fs (loop3): Directory bread(block 65) failed
[  134.592602][ T6617] FAT-fs (loop3): Directory bread(block 66) failed
[  134.605812][ T3009] hsr_slave_1: left promiscuous mode
[  134.623693][ T6617] FAT-fs (loop3): Directory bread(block 67) failed
[  134.640912][ T6617] FAT-fs (loop3): Directory bread(block 68) failed
[  134.666542][ T6617] FAT-fs (loop3): Directory bread(block 69) failed
[  134.673858][ T3009] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  134.682260][ T3009] batman_adv: batadv0: Removing interface: batadv_slave_0
[  134.703708][ T6617] FAT-fs (loop3): Directory bread(block 70) failed
[  134.716621][ T6617] FAT-fs (loop3): Directory bread(block 71) failed
[  134.728029][ T3009] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  134.756797][ T6617] FAT-fs (loop3): Directory bread(block 72) failed
[  134.773631][ T3009] batman_adv: batadv0: Removing interface: batadv_slave_1
[  134.813445][ T6617] FAT-fs (loop3): Directory bread(block 73) failed
[  134.824353][ T3009] bridge_slave_1: left allmulticast mode
[  134.830113][ T3009] bridge_slave_1: left promiscuous mode
[  134.892617][ T3009] bridge0: port 2(bridge_slave_1) entered disabled state
[  134.943255][ T3009] bridge_slave_0: left allmulticast mode
[  134.984562][ T3009] bridge_slave_0: left promiscuous mode
[  134.992227][ T3009] bridge0: port 1(bridge_slave_0) entered disabled state
[  135.123799][ T3009] veth1_macvtap: left promiscuous mode
[  135.130194][ T3009] veth0_macvtap: left promiscuous mode
[  135.151350][ T3009] veth1_vlan: left promiscuous mode
[  135.163931][ T3009] veth0_vlan: left promiscuous mode
[  135.174322][ T5782] Bluetooth: hci4: command tx timeout
[  136.521263][ T3009] team0 (unregistering): Port device team_slave_1 removed
[  136.591502][ T3009] team0 (unregistering): Port device team_slave_0 removed
[  136.679970][ T3009] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  136.758610][ T3009] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  137.268224][ T5782] Bluetooth: hci4: command tx timeout
[  137.310917][ T3009] bond0 (unregistering): Released all slaves
[  137.529316][ T6529] team0: Port device team_slave_0 added
[  137.569797][ T6529] team0: Port device team_slave_1 added
[  137.703165][ T6529] batman_adv: batadv0: Adding interface: batadv_slave_0
[  137.743389][ T6529] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  137.833345][ T6529] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  137.888374][ T6529] batman_adv: batadv0: Adding interface: batadv_slave_1
[  137.909044][ T6529] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  138.057972][ T6529] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  138.176871][ T6529] hsr_slave_0: entered promiscuous mode
[  138.205165][ T6529] hsr_slave_1: entered promiscuous mode
[  138.261931][ T6529] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  138.328925][ T6529] Cannot create hsr debugfs directory
[  139.113391][    T8] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  139.330046][ T6529] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  139.336120][ T5782] Bluetooth: hci4: command tx timeout
[  139.353393][    T8] usb 1-1: Using ep0 maxpacket: 16
[  139.377382][    T8] usb 1-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  139.443536][    T8] usb 1-1: config 0 interface 0 has no altsetting 0
[  139.472210][ T6529] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  139.485969][    T8] usb 1-1: New USB device found, idVendor=15c2, idProduct=0045, bcdDevice=1f.20
[  139.522447][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  139.534640][ T6529] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  139.561988][    T8] usb 1-1: Product: syz
[  139.573448][    T8] usb 1-1: Manufacturer: syz
[  139.578187][    T8] usb 1-1: SerialNumber: syz
[  139.593952][ T6529] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  139.620086][    T8] usb 1-1: config 0 descriptor??
[  139.856412][    C0] imon 1-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  139.889845][    T8] input: iMON Panel, Knob and Mouse(15c2:0045) as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/input/input6
[  139.988196][    T8] imon:send_packet: packet tx failed (-71)
[  140.048416][    T8] imon 1-1:0.0: panel buttons/knobs setup failed
[  140.052687][ T6529] 8021q: adding VLAN 0 to HW filter on device bond0
[  140.128782][ T6529] 8021q: adding VLAN 0 to HW filter on device team0
[  140.198106][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  140.205393][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  140.227914][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[  140.235254][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[  140.254796][   T27] audit: type=1326 audit(1777516484.434:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6698 comm="syz.3.227" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efea859cdd9 code=0x0
[  140.334513][    T8] rc_core: IR keymap rc-imon-pad not found
[  140.340433][    T8] Registered IR keymap rc-empty
[  140.371335][    T8] imon 1-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  140.410828][    T8] imon 1-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  140.445978][    T8] imon:send_packet: packet tx failed (-71)
[  140.478549][    T8] imon 1-1:0.0: remote input dev register failed
[  140.495889][    T8] imon 1-1:0.0: imon_init_intf0: rc device setup failed
[  140.564028][    T8] imon 1-1:0.0: unable to initialize intf0, err 0
[  140.578405][    T8] imon:imon_probe: failed to initialize context!
[  140.623653][    T8] imon 1-1:0.0: unable to register, err -19
[  140.664424][    T8] usb 1-1: USB disconnect, device number 3
[  140.971830][ T6529] 8021q: adding VLAN 0 to HW filter on device batadv0
[  141.480045][ T6740] netlink: 8 bytes leftover after parsing attributes in process `syz.0.234'.
[  141.890915][ T6529] veth0_vlan: entered promiscuous mode
[  141.961994][ T6529] veth1_vlan: entered promiscuous mode
[  142.081281][ T6529] veth0_macvtap: entered promiscuous mode
[  142.123928][ T6529] veth1_macvtap: entered promiscuous mode
[  142.187641][ T6529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  142.219598][ T6529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.245137][ T6529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  142.271186][ T6529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.306187][ T6529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  142.328430][ T6529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.352000][ T6529] batman_adv: batadv0: Interface activated: batadv_slave_0
[  142.403527][ T6529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.437837][ T6529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.494014][ T6529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.532071][ T6529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.556299][ T6529] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  142.570741][ T6529] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  142.583037][ T6529] batman_adv: batadv0: Interface activated: batadv_slave_1
[  142.643161][ T6529] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  142.688764][ T6529] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  142.711662][ T6529] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  142.730120][ T6529] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  142.985313][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.005245][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.078348][ T4800] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  143.114445][ T4800] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  143.537829][ T6803] loop4: detected capacity change from 0 to 512
[  143.550490][ T6806] loop1: detected capacity change from 0 to 1024
[  143.582115][ T6803] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  143.633008][ T6803] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  143.675013][ T6803] System zones: 1-12
[  143.717392][ T6803] EXT4-fs (loop4): 1 truncate cleaned up
[  143.752086][ T6803] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  143.946218][ T6529] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  144.083848][   T59] hfsplus: b-tree write err: -5, ino 25
[  144.089774][   T59] hfsplus: b-tree write err: -5, ino 4
[  144.099073][   T59] hfsplus: b-tree write err: -5, ino 2
[  144.112294][   T59] hfsplus: b-tree write err: -5, ino 26
[  144.135573][   T59] hfsplus: b-tree write err: -5, ino 27
[  144.432489][ T6828] loop1: detected capacity change from 0 to 512
[  144.558507][ T6828] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  144.614826][ T6828] ext4 filesystem being mounted at /70/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.730103][   T27] audit: type=1800 audit(1777516488.914:8): pid=6828 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.251" name="file2" dev="loop1" ino=16 res=0 errno=0
[  144.991501][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  145.504912][ T6854] loop4: detected capacity change from 0 to 256
[  145.619267][ T6854] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  145.674063][ T6859] loop1: detected capacity change from 0 to 128
[  145.681206][ T6854] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  145.741207][ T6854] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  145.991122][ T6859] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  146.049787][ T6859] ext4 filesystem being mounted at /72/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  146.321986][ T5770] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  148.389013][ T6894] loop1: detected capacity change from 0 to 32768
[  148.525517][ T6894] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  148.627321][ T6902] loop0: detected capacity change from 0 to 32768
[  148.708459][ T6894] XFS (loop1): Ending clean mount
[  148.824358][ T6902] XFS (loop0): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.085479][ T5770] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.116765][ T6902] XFS (loop0): Ending clean mount
[  149.709276][ T5769] XFS (loop0): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  149.769414][ T6940] loop4: detected capacity change from 0 to 512
[  149.890929][ T6940] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  149.964331][ T6940] ext4 filesystem being mounted at /8/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  150.140428][ T6948] loop3: detected capacity change from 0 to 164
[  150.176520][ T6940] EXT4-fs (loop4): shut down requested (0)
[  150.268304][ T6948] rock: directory entry would overflow storage
[  150.308240][ T6948] rock: sig=0x66, size=4, remaining=3
[  150.371213][ T6948] rock: directory entry would overflow storage
[  150.392474][ T6948] rock: sig=0x66, size=4, remaining=3
[  150.566038][ T6529] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  150.873450][ T5811] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[  151.122313][ T5811] usb 2-1: Using ep0 maxpacket: 16
[  151.146062][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  151.167788][ T6977] loop3: detected capacity change from 0 to 4096
[  151.226939][ T6977] EXT4-fs: inline encryption not supported
[  151.240104][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  151.319869][ T5811] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  151.365451][ T6977] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=e842c018, mo2=0003]
[  151.403549][ T6977] System zones: 0-5
[  151.413028][ T5811] usb 2-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  151.445562][ T6977] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  151.453703][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  151.520108][ T5811] usb 2-1: config 0 descriptor??
[  151.706095][ T6985] gretap0: entered promiscuous mode
[  151.715990][ T6985] netlink: 8 bytes leftover after parsing attributes in process `syz.0.287'.
[  151.725464][ T6985] gretap0: left promiscuous mode
[  152.002280][ T5811] input: HID 05ac:8241 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:05AC:8241.0005/input/input8
[  152.105864][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  152.171528][ T5811] appleir 0003:05AC:8241.0005: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.1-1/input0
[  152.631849][ T7003] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  152.774997][ T3381] usb 2-1: USB disconnect, device number 3
[  153.312957][   T27] audit: type=1326 audit(1777516497.494:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.398152][   T27] audit: type=1326 audit(1777516497.494:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.495713][   T27] audit: type=1326 audit(1777516497.494:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.569141][   T27] audit: type=1326 audit(1777516497.494:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.655747][   T27] audit: type=1326 audit(1777516497.494:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.744176][   T27] audit: type=1326 audit(1777516497.534:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=106 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.839286][   T27] audit: type=1326 audit(1777516497.534:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.911004][   T27] audit: type=1326 audit(1777516497.534:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  153.988207][   T27] audit: type=1326 audit(1777516497.534:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  154.069288][   T27] audit: type=1326 audit(1777516497.534:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7020 comm="syz.0.294" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff74899cdd9 code=0x7ffc0000
[  155.252110][ T7080] syzkaller1: entered promiscuous mode
[  155.272013][ T7080] syzkaller1: entered allmulticast mode
[  155.273658][ T5811] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  155.348676][ T7084] netlink: 9286 bytes leftover after parsing attributes in process `syz.1.308'.
[  155.533749][ T5811] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  155.661409][ T5811] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  155.887285][ T5811] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7
[  156.110651][ T5811] usb 1-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13
[  156.133798][ T5811] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  156.159804][ T5811] usb 1-1: Product: syz
[  156.171909][ T5811] usb 1-1: Manufacturer: syz
[  156.203467][ T5811] usb 1-1: SerialNumber: syz
[  156.225528][ T5811] usb 1-1: config 0 descriptor??
[  156.639260][ T5811] adutux 1-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0
[  156.703794][ T5811] usb 1-1: USB disconnect, device number 4
[  160.449798][ T7152] loop3: detected capacity change from 0 to 32768
[  160.515051][ T7152] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  160.649610][ T7152] XFS (loop3): Ending clean mount
[  160.681264][ T7152] XFS (loop3): Quotacheck needed: Please wait.
[  160.847108][ T7152] XFS (loop3): Quotacheck: Done.
[  161.467902][   T27] kauditd_printk_skb: 15 callbacks suppressed
[  161.467917][   T27] audit: type=1326 audit(1777516505.654:34): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.497447][   T27] audit: type=1326 audit(1777516505.654:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.513053][ T5772] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  161.524033][   T27] audit: type=1326 audit(1777516505.654:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.557324][   T27] audit: type=1326 audit(1777516505.654:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.580564][   T27] audit: type=1326 audit(1777516505.654:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.604835][   T27] audit: type=1326 audit(1777516505.654:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=161 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.629154][   T27] audit: type=1326 audit(1777516505.654:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.662912][   T27] audit: type=1326 audit(1777516505.664:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.788977][   T27] audit: type=1326 audit(1777516505.664:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  161.828713][   T27] audit: type=1326 audit(1777516505.664:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7208 comm="syz.1.333" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd139b9cdd9 code=0x7ffc0000
[  162.044860][ T7160] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  163.699004][ T7224] loop1: detected capacity change from 0 to 32768
[  163.717505][ T7224] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 scanned by syz.1.339 (7224)
[  163.756440][ T7224] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  163.783398][ T7224] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[  163.812987][ T7224] BTRFS info (device loop1): setting nodatasum
[  163.848133][ T7224] BTRFS info (device loop1): force zlib compression, level 3
[  163.858019][ T7238] netlink: 76 bytes leftover after parsing attributes in process `syz.4.343'.
[  163.873428][ T7224] BTRFS info (device loop1): setting incompat feature flag for COMPRESS_LZO (0x8)
[  163.902548][ T7224] BTRFS info (device loop1): use lzo compression, level 0
[  163.922592][ T7224] BTRFS info (device loop1): turning on flush-on-commit
[  163.949612][ T7224] BTRFS info (device loop1): enabling auto defrag
[  163.966140][ T7224] BTRFS info (device loop1): max_inline at 4096
[  163.997251][ T7224] BTRFS info (device loop1): using free space tree
[  164.124995][ T7224] BTRFS info (device loop1): enabling ssd optimizations
[  164.496082][ T7263] capability: warning: `syz.0.346' uses 32-bit capabilities (legacy support in use)
[  164.556774][ T7263] overlayfs: upper fs does not support file handles, falling back to index=off.
[  164.619581][ T5770] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  165.243502][    T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  165.475816][    T8] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  165.493478][    T8] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[  165.528306][    T8] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  165.561317][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  165.603670][    T8] usb 1-1: SerialNumber: syz
[  165.856913][    T8] usb 1-1: 0:2 : does not exist
[  165.954591][    T8] usb 1-1: USB disconnect, device number 5
[  166.005660][ T5786] udevd[5786]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  166.038438][ T7301] binder: 7300:7301 ioctl c0306201 200000000040 returned -14
[  167.174632][    T8] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  167.276531][ T7326] Bluetooth: hci0: unsupported parameter 255
[  167.282695][ T7326] Bluetooth: hci0: invalid length 0, exp 2 for type 1
[  167.381662][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  167.419473][    T8] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  167.450233][    T8] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  167.478500][    T8] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  167.504289][    T8] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.535720][    T8] usb 4-1: config 0 descriptor??
[  167.965734][    T8] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  168.011772][    T8] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  170.144913][ T3381] usb 4-1: USB disconnect, device number 8
[  170.442911][ T7379] loop0: detected capacity change from 0 to 64
[  170.482901][ T7379] BFS-fs: bfs_fill_super(): loop0 is unclean, continuing
[  170.712606][   T27] kauditd_printk_skb: 14 callbacks suppressed
[  170.712624][   T27] audit: type=1804 audit(1777516514.884:58): pid=7379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.374" name="/newroot/100/bus/file0" dev="loop0" ino=4 res=1 errno=0
[  171.160253][   T27] audit: type=1326 audit(1777516515.344:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7391 comm="syz.3.378" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7efea859cdd9 code=0x0
[  171.883511][    T8] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  172.137846][    T8] usb 1-1: Using ep0 maxpacket: 8
[  172.177058][    T8] usb 1-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  172.201928][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  172.241549][    T8] usb 1-1: Product: syz
[  172.274653][    T8] usb 1-1: Manufacturer: syz
[  172.279448][    T8] usb 1-1: SerialNumber: syz
[  172.317078][    T8] usb 1-1: config 0 descriptor??
[  172.651429][    T8] usb 1-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  173.410025][    T8] dvb_usb_rtl28xxu: probe of 1-1:0.0 failed with error -71
[  173.420372][    T8] usb 1-1: USB disconnect, device number 6
[  175.090856][ T7467] loop4: detected capacity change from 0 to 4096
[  175.131910][   T27] audit: type=1326 audit(1777516519.314:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7465 comm="syz.1.392" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd139b9cdd9 code=0x0
[  175.171189][ T7452] loop0: detected capacity change from 0 to 32768
[  175.251735][ T7467] ntfs: volume version 3.1.
[  175.320533][ T7452] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.549924][ T7452] XFS (loop0): Ending clean mount
[  175.576076][   T28] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  175.773490][   T28] usb 4-1: Using ep0 maxpacket: 16
[  175.810315][   T28] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  175.872384][   T28] usb 4-1: config 0 interface 0 has no altsetting 0
[  175.913000][   T28] usb 4-1: New USB device found, idVendor=15c2, idProduct=0045, bcdDevice=1f.20
[  175.929597][   T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  175.963076][ T5769] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  175.974671][   T28] usb 4-1: Product: syz
[  175.978907][   T28] usb 4-1: Manufacturer: syz
[  175.993952][   T28] usb 4-1: SerialNumber: syz
[  176.008306][   T28] usb 4-1: config 0 descriptor??
[  176.279190][    C1] imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  176.298343][   T28] input: iMON Panel, Knob and Mouse(15c2:0045) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input9
[  176.344306][   T28] imon:send_packet: packet tx failed (-71)
[  176.371936][   T28] imon 4-1:0.0: panel buttons/knobs setup failed
[  176.413612][    T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  176.563450][   T28] rc_core: IR keymap rc-imon-pad not found
[  176.573137][   T28] Registered IR keymap rc-empty
[  176.583239][   T28] imon 4-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  176.610077][   T28] imon 4-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  176.621503][   T28] imon:send_packet: packet tx failed (-71)
[  176.623710][    T8] usb 5-1: Using ep0 maxpacket: 8
[  176.635417][    T8] usb 5-1: config index 0 descriptor too short (expected 74, got 45)
[  176.652521][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  176.668244][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  176.680168][   T28] imon 4-1:0.0: remote input dev register failed
[  176.688875][    T8] usb 5-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  176.697358][   T28] imon 4-1:0.0: imon_init_intf0: rc device setup failed
[  176.719812][    T8] usb 5-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  176.740478][    T8] usb 5-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  176.751193][   T28] imon 4-1:0.0: unable to initialize intf0, err 0
[  176.777212][    T8] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  176.778354][   T28] imon:imon_probe: failed to initialize context!
[  176.796684][    T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  176.815562][   T28] imon 4-1:0.0: unable to register, err -19
[  176.830413][   T28] usb 4-1: USB disconnect, device number 9
[  177.101331][    T8] usb 5-1: usb_control_msg returned -32
[  177.123500][    T8] usbtmc 5-1:16.0: can't read capabilities
[  177.214527][   T28] usb 4-1: new full-speed USB device number 10 using dummy_hcd
[  177.430519][   T28] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  177.462548][   T28] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid maxpacket 198, setting to 64
[  177.481985][   T28] usb 4-1: config 0 interface 0 has no altsetting 0
[  177.508575][   T28] usb 4-1: New USB device found, idVendor=15c2, idProduct=0045, bcdDevice=1f.20
[  177.525879][   T28] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  177.539083][   T28] usb 4-1: Product: syz
[  177.544268][   T28] usb 4-1: Manufacturer: syz
[  177.549240][   T28] usb 4-1: SerialNumber: syz
[  177.568088][   T28] usb 4-1: config 0 descriptor??
[  177.581873][ T7478] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22
[  177.622157][ T7496] loop1: detected capacity change from 0 to 65536
[  177.681846][ T7496] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  177.756315][ T7496] XFS (loop1): Ending clean mount
[  177.785248][ T7496] XFS (loop1): Quotacheck needed: Please wait.
[  177.829964][    C1] imon 4-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  177.845960][   T28] input: iMON Panel, Knob and Mouse(15c2:0045) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input11
[  177.883713][ T7496] XFS (loop1): Quotacheck: Done.
[  177.977765][ T5770] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  178.213922][   T28] rc_core: IR keymap rc-imon-pad not found
[  178.224103][   T28] Registered IR keymap rc-empty
[  178.255394][   T28] imon 4-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  178.286135][   T28] imon 4-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  178.365214][   T28] rc rc0: iMON Remote (15c2:0045) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0
[  178.388576][   T28] input: iMON Remote (15c2:0045) as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/rc/rc0/input12
[  178.459141][   T28] imon 4-1:0.0: iMON device (15c2:0045, intf0) on usb<4:10> initialized
[  178.570677][ T2192] usb 4-1: USB disconnect, device number 10
[  178.954733][ T7556] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  179.204184][ T5822] usb 5-1: USB disconnect, device number 2
[  179.479424][   T27] audit: type=1326 audit(1777516523.664:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7566 comm="syz.0.404" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7ff74899cdd9 code=0x0
[  179.783368][ T5822] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  179.996949][ T5822] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  180.012530][ T5822] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  180.035411][ T5822] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  180.063500][ T5822] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  180.072900][ T5822] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  180.090484][ T5822] usb 5-1: config 0 descriptor??
[  180.194838][   T28] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  180.336580][ T7598] loop0: detected capacity change from 0 to 512
[  180.364432][ T7598] EXT4-fs: Ignoring removed nomblk_io_submit option
[  180.391605][ T7598] EXT4-fs: Ignoring removed mblk_io_submit option
[  180.422512][ T7598] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[  180.426205][   T28] usb 2-1: Using ep0 maxpacket: 32
[  180.455531][   T28] usb 2-1: New USB device found, idVendor=1964, idProduct=0001, bcdDevice=d4.15
[  180.466475][   T28] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  180.475124][ T7598] EXT4-fs (loop0): Cannot turn on journaled quota: type 1: error -2
[  180.488150][   T28] usb 2-1: Product: syz
[  180.492480][   T28] usb 2-1: Manufacturer: syz
[  180.497940][   T28] usb 2-1: SerialNumber: syz
[  180.514392][   T28] usb 2-1: config 0 descriptor??
[  180.524631][ T7598] EXT4-fs (loop0): 1 truncate cleaned up
[  180.531744][ T7598] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  180.584124][ T5822] plantronics 0003:047F:FFFF.0007: No inputs registered, leaving
[  180.616347][ T5822] plantronics 0003:047F:FFFF.0007: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.4-1/input0
[  180.691663][ T7598] EXT4-fs (loop0): shut down requested (2)
[  180.780316][   T28] RobotFuzz Open Source InterFace, OSIF 2-1:0.0: version d4.15 found at bus 002 address 004
[  180.860002][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  181.051634][ T7588] i2c i2c-1: adapter quirk: no zero length (addr 0x0007, size 0, read)
[  181.071628][   T28] usb 2-1: USB disconnect, device number 4
[  181.334191][ T7585] loop3: detected capacity change from 0 to 65536
[  181.389730][ T7585] XFS (loop3): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  181.500506][ T7585] XFS (loop3): Ending clean mount
[  181.522534][ T7585] XFS (loop3): Quotacheck needed: Please wait.
[  181.679552][ T7585] XFS (loop3): Quotacheck: Done.
[  182.013903][ T5772] XFS (loop3): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  182.308104][ T7633] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  182.630368][ T7631] loop1: detected capacity change from 0 to 32768
[  182.681503][ T7631] XFS (loop1): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  182.750472][ T7646] loop3: detected capacity change from 0 to 16
[  182.768033][ T2192] usb 5-1: USB disconnect, device number 3
[  182.795159][ T7646] MTD: Attempt to mount non-MTD device "/dev/loop3"
[  182.848718][ T7631] XFS (loop1): Ending clean mount
[  183.005948][   T27] audit: type=1800 audit(1777516527.194:62): pid=7631 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.413" name="file1" dev="loop1" ino=6150 res=0 errno=0
[  183.131551][ T5770] XFS (loop1): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  183.275178][ T2192] usb 5-1: new high-speed USB device number 4 using dummy_hcd
[  183.335548][ T5782] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  183.347910][ T5782] Bluetooth: hci1: Injecting HCI hardware error event
[  183.359289][ T5774] Bluetooth: hci1: hardware error 0x00
[  183.483359][ T2192] usb 5-1: Using ep0 maxpacket: 8
[  183.506445][ T2192] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2e.04
[  183.566499][ T2192] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  183.598597][ T2192] usb 5-1: Product: syz
[  183.617890][ T2192] usb 5-1: Manufacturer: syz
[  183.633174][ T2192] usb 5-1: SerialNumber: syz
[  183.652859][ T2192] usb 5-1: config 0 descriptor??
[  183.884764][ T2192] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  184.126498][ T2192] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  184.144907][ T2192] usb 5-1: USB disconnect, device number 4
[  185.144190][ T2192] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  185.242672][ T7676] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  185.353464][ T2192] usb 1-1: Using ep0 maxpacket: 8
[  185.367862][ T2192] usb 1-1: config index 0 descriptor too short (expected 74, got 45)
[  185.391039][ T2192] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  185.417593][ T2192] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  185.428000][ T5774] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  185.454541][ T2192] usb 1-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  185.466778][ T2192] usb 1-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  185.477015][ T2192] usb 1-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  185.490164][ T2192] usb 1-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  185.505746][ T2192] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  185.801752][ T2192] usb 1-1: usb_control_msg returned -32
[  185.808816][ T2192] usbtmc 1-1:16.0: can't read capabilities
[  185.876823][ T7675] loop3: detected capacity change from 0 to 32768
[  185.909302][ T7675] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  185.949495][ T7675] XFS (loop3): Ending clean mount
[  186.011655][   T27] audit: type=1800 audit(1777516530.194:63): pid=7675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.427" name="file1" dev="loop3" ino=6150 res=0 errno=0
[  186.090024][ T5772] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  186.098975][ T3381] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  186.293501][ T3381] usb 5-1: Using ep0 maxpacket: 16
[  186.301205][ T3381] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  186.312326][ T3381] usb 5-1: config 0 interface 0 has no altsetting 0
[  186.322033][ T3381] usb 5-1: New USB device found, idVendor=15c2, idProduct=0045, bcdDevice=1f.20
[  186.331351][ T3381] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  186.339545][ T3381] usb 5-1: Product: syz
[  186.344061][ T3381] usb 5-1: Manufacturer: syz
[  186.348875][ T3381] usb 5-1: SerialNumber: syz
[  186.355956][ T3381] usb 5-1: config 0 descriptor??
[  186.579829][    C1] imon 5-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  186.597723][ T3381] input: iMON Panel, Knob and Mouse(15c2:0045) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input13
[  186.628857][ T3381] imon:send_packet: packet tx failed (-71)
[  186.654723][ T3381] imon 5-1:0.0: panel buttons/knobs setup failed
[  186.743501][ T3381] rc_core: IR keymap rc-imon-pad not found
[  186.749414][ T3381] Registered IR keymap rc-empty
[  186.754588][ T3381] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  186.765983][ T3381] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  186.776103][ T3381] imon:send_packet: packet tx failed (-71)
[  186.803485][ T3381] imon 5-1:0.0: remote input dev register failed
[  186.810072][ T3381] imon 5-1:0.0: imon_init_intf0: rc device setup failed
[  186.825886][ T3381] imon 5-1:0.0: unable to initialize intf0, err 0
[  186.832397][ T3381] imon:imon_probe: failed to initialize context!
[  186.839303][ T3381] imon 5-1:0.0: unable to register, err -19
[  186.853842][ T3381] usb 5-1: USB disconnect, device number 5
[  187.233904][ T3381] usb 5-1: new full-speed USB device number 6 using dummy_hcd
[  187.455995][ T3381] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  187.467567][ T3381] usb 5-1: config 0 interface 0 altsetting 2 endpoint 0x82 has invalid maxpacket 198, setting to 64
[  187.479563][ T3381] usb 5-1: config 0 interface 0 has no altsetting 0
[  187.503417][ T3381] usb 5-1: New USB device found, idVendor=15c2, idProduct=0045, bcdDevice=1f.20
[  187.512869][ T3381] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  187.523897][ T3381] usb 5-1: Product: syz
[  187.537914][ T3381] usb 5-1: Manufacturer: syz
[  187.542559][ T3381] usb 5-1: SerialNumber: syz
[  187.566199][ T3381] usb 5-1: config 0 descriptor??
[  187.580291][ T7681] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  187.836674][    C1] imon 5-1:0.0: imon usb_rx_callback_intf0: status(-71)
[  187.864129][ T3381] input: iMON Panel, Knob and Mouse(15c2:0045) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/input/input15
[  187.908977][ T2192] usb 1-1: USB disconnect, device number 7
[  188.219013][ T3381] rc_core: IR keymap rc-imon-pad not found
[  188.225407][ T3381] Registered IR keymap rc-empty
[  188.237222][ T3381] imon 5-1:0.0: Looks like you're trying to use an IR protocol this device does not support
[  188.263426][ T3381] imon 5-1:0.0: Unsupported IR protocol specified, overriding to iMON IR protocol
[  188.304523][ T3381] rc rc0: iMON Remote (15c2:0045) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0
[  188.328388][ T3381] input: iMON Remote (15c2:0045) as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/rc/rc0/input16
[  188.349410][ T3381] imon 5-1:0.0: iMON device (15c2:0045, intf0) on usb<5:6> initialized
[  188.584952][ T2192] usb 5-1: USB disconnect, device number 6
[  189.277682][ T7720] bond0: (slave macvlan2): Error -98 calling set_mac_address
[  189.563657][ T3381] usb 4-1: new high-speed USB device number 11 using dummy_hcd
[  189.783531][ T3381] usb 4-1: Using ep0 maxpacket: 8
[  189.804604][ T3381] usb 4-1: config index 0 descriptor too short (expected 74, got 45)
[  189.812827][ T3381] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  189.833890][ T3381] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  189.853351][ T3381] usb 4-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  189.869925][ T3381] usb 4-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  189.893332][ T3381] usb 4-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  189.906846][ T3381] usb 4-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  189.923326][ T3381] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  190.187935][ T3381] usb 4-1: usb_control_msg returned -32
[  190.194041][ T3381] usbtmc 4-1:16.0: can't read capabilities
[  192.340498][ T5822] usb 4-1: USB disconnect, device number 11
[  193.086559][ T7769] loop0: detected capacity change from 0 to 32768
[  193.123110][ T7769] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 8 /dev/loop0 scanned by syz.0.457 (7769)
[  193.452095][ T7769] BTRFS info (device loop0): first mount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  193.508034][ T7769] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  193.640984][ T7774] loop3: detected capacity change from 0 to 131072
[  193.695627][ T7769] BTRFS info (device loop0): using free space tree
[  193.726587][ T7777] loop4: detected capacity change from 0 to 16
[  193.760547][ T7774] F2FS-fs (loop3): Found nat_bits in checkpoint
[  193.817866][ T7774] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  193.834099][ T7777] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  194.075787][ T7769] BTRFS info (device loop0): enabling ssd optimizations
[  194.082847][ T7769] BTRFS info (device loop0): auto enabling async discard
[  194.670664][ T5769] BTRFS info (device loop0): last unmount of filesystem 5e4b7888-5e56-43f0-8345-635ad0fd87c6
[  194.703452][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  194.712168][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  195.025917][ T5786] BTRFS: device fsid 5e4b7888-5e56-43f0-8345-635ad0fd87c6 devid 1 transid 10 /dev/loop0 scanned by udevd (5786)
[  195.062277][ T7806] syzkaller1: entered promiscuous mode
[  195.113784][ T7806] syzkaller1: entered allmulticast mode
[  196.014865][ T7820] syzkaller1: entered promiscuous mode
[  196.030727][ T7820] syzkaller1: entered allmulticast mode
[  196.164240][ T3381] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  197.033187][ T7835] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  197.196630][ T7839] loop0: detected capacity change from 0 to 128
[  197.235513][ T7839] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  197.279488][ T7839] ext4 filesystem being mounted at /134/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  197.388823][ T5769] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  197.510847][ T7824] loop4: detected capacity change from 0 to 131072
[  197.522680][ T3381] usb 2-1: Using ep0 maxpacket: 8
[  197.548054][ T3381] usb 2-1: config index 0 descriptor too short (expected 74, got 45)
[  197.557943][ T3381] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 1536, setting to 1024
[  197.569431][ T3381] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  197.580458][ T3381] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 30768, setting to 1024
[  197.591938][ T3381] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  197.606093][ T7824] F2FS-fs (loop4): Found nat_bits in checkpoint
[  197.663386][ T3381] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  197.686426][ T3381] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  197.697088][ T7824] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  197.706778][ T3381] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.959737][ T3381] usb 2-1: usb_control_msg returned -32
[  197.982510][ T3381] usbtmc 2-1:16.0: can't read capabilities
[  198.863568][ T7872] TCP: request_sock_subflow_v6: Possible SYN flooding on port [fe80::aa]:20002. Sending cookies.
[  199.121050][ T7878] loop0: detected capacity change from 0 to 1024
[  199.334439][ T7878] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  199.480300][ T3381] usb 2-1: USB disconnect, device number 5
[  199.672130][ T7887] syzkaller1: entered promiscuous mode
[  199.680105][ T7887] syzkaller1: entered allmulticast mode
[  199.725851][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  200.055239][ T7891] loop4: detected capacity change from 0 to 16
[  200.088568][ T7891] erofs: (device loop4): mounted with root inode @ nid 36.
[  200.163399][   T27] audit: type=1800 audit(1777516544.324:64): pid=7891 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.495" name="file1" dev="loop4" ino=86 res=0 errno=0
[  200.920027][ T7912] syzkaller1: entered promiscuous mode
[  200.925940][ T7912] syzkaller1: entered allmulticast mode
[  201.123937][ T7915] syzkaller1: entered promiscuous mode
[  201.143608][ T7915] syzkaller1: entered allmulticast mode
[  201.360138][ T7902] loop0: detected capacity change from 0 to 32768
[  201.438215][   T27] audit: type=1800 audit(1777516545.614:65): pid=7902 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.508" name="file0" dev="loop0" ino=7 res=0 errno=0
[  202.200647][ T7920] loop4: detected capacity change from 0 to 32768
[  202.273658][ T7920] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.433040][ T7920] XFS (loop4): Ending clean mount
[  202.458381][ T7920] XFS (loop4): Quotacheck needed: Please wait.
[  202.612780][ T7920] XFS (loop4): Quotacheck: Done.
[  202.728874][ T7920] XFS (loop4): User initiated shutdown received.
[  202.763778][ T7920] XFS (loop4): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501).  Shutting down filesystem.
[  202.811147][ T7920] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  202.827153][ T7950] loop0: detected capacity change from 0 to 4096
[  202.842854][ T7934] loop1: detected capacity change from 0 to 32768
[  202.870620][ T7934] BTRFS: device fsid 14d642db-7b15-43e4-81e6-4b8fac6a25f8 devid 1 transid 8 /dev/loop1 scanned by syz.1.514 (7934)
[  202.932473][ T7934] BTRFS info (device loop1): first mount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  202.952430][ T6529] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  202.982343][ T7934] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  203.031123][ T7934] BTRFS info (device loop1): using free space tree
[  203.135026][ T7950] ntfs3: loop0: ino=5, "/" directory corrupted
[  203.362705][ T7934] BTRFS info (device loop1): enabling ssd optimizations
[  203.394122][ T7934] BTRFS info (device loop1): auto enabling async discard
[  203.610484][ T7975] loop3: detected capacity change from 0 to 8192
[  203.632936][ T7975] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  203.959345][ T5770] BTRFS info (device loop1): last unmount of filesystem 14d642db-7b15-43e4-81e6-4b8fac6a25f8
[  204.791099][ T7999] loop0: detected capacity change from 0 to 16
[  204.955740][ T7999] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  205.180236][ T7992] loop3: detected capacity change from 0 to 32768
[  205.206695][ T7992] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  205.258882][ T7992] XFS (loop3): Ending clean mount
[  205.295796][ T7992] XFS (loop3): Quotacheck needed: Please wait.
[  205.420932][ T7992] XFS (loop3): Quotacheck: Done.
[  205.514061][ T7992] XFS (loop3): User initiated shutdown received.
[  205.525178][ T7992] XFS (loop3): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501).  Shutting down filesystem.
[  205.583364][ T7992] XFS (loop3): Please unmount the filesystem and rectify the problem(s)
[  205.713575][ T5772] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  206.019878][ T8012] loop4: detected capacity change from 0 to 4096
[  206.022655][ T5811] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  206.227953][ T8012] ntfs3: loop4: ino=5, "/" directory corrupted
[  206.270884][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.313436][ T5811] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  206.344019][ T5811] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  206.373659][ T5811] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  206.391197][ T5811] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  206.420648][ T5811] usb 2-1: config 0 descriptor??
[  206.797074][ T8027] tipc: Started in network mode
[  206.803184][ T8027] tipc: Node identity 02ec93e77d5c, cluster identity 4711
[  206.816113][ T8027] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  206.828115][ T8027] tipc: Disabling bearer <eth:syzkaller0>
[  206.879453][ T5811] plantronics 0003:047F:FFFF.0008: No inputs registered, leaving
[  206.897141][ T5811] plantronics 0003:047F:FFFF.0008: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  207.018198][ T5782] Bluetooth: hci0: command 0x080f tx timeout
[  207.024448][ T5086] Bluetooth: hci3: command 0x0406 tx timeout
[  207.219875][ T8022] loop3: detected capacity change from 0 to 32768
[  207.237938][ T5822] usb 2-1: USB disconnect, device number 6
[  207.260980][ T8022] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  207.322780][ T8022] XFS (loop3): Ending clean mount
[  207.336027][ T8022] XFS (loop3): Quotacheck needed: Please wait.
[  207.395010][ T8022] XFS (loop3): Quotacheck: Done.
[  207.483746][ T5772] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  208.311086][ T8053] syzkaller1: entered promiscuous mode
[  208.317053][ T8053] syzkaller1: entered allmulticast mode
[  208.382140][ T8044] loop1: detected capacity change from 0 to 32768
[  208.479019][ T8044] XFS (loop1): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  208.583090][ T8044] XFS (loop1): Ending clean mount
[  208.637948][ T8044] XFS (loop1): Quotacheck needed: Please wait.
[  208.761532][ T8067] loop2: detected capacity change from 0 to 7
[  208.797524][ T8067] Dev loop2: unable to read RDB block 7
[  208.803195][ T8067]  loop2: AHDI p1 p2 p3 p4
[  208.808392][ T8067] loop2: partition table partially beyond EOD, truncated
[  208.817288][ T8067] loop2: p1 start 1601398130 is beyond EOD, truncated
[  208.824511][ T8067] loop2: p2 start 1702059890 is beyond EOD, truncated
[  208.831358][ T8067] loop2: p3 size 4261412863 extends beyond EOD, truncated
[  208.833774][ T8044] XFS (loop1): Quotacheck: Done.
[  208.877772][ T8044] XFS (loop1): User initiated shutdown received.
[  208.884296][ T8044] XFS (loop1): Log I/O Error (0x6) detected at xfs_fs_goingdown+0x71/0x150 (fs/xfs/xfs_fsops.c:501).  Shutting down filesystem.
[  208.897677][ T8044] XFS (loop1): Please unmount the filesystem and rectify the problem(s)
[  208.997612][ T5770] XFS (loop1): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  209.087881][ T5786] udevd[5786]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  210.369380][ T8088] loop4: detected capacity change from 0 to 1024
[  210.468543][ T8088] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  210.531923][ T8094] loop1: detected capacity change from 0 to 16
[  210.539783][ T8094] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  210.999881][ T6529] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.060856][ T8109] loop3: detected capacity change from 0 to 512
[  212.167378][ T8109] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  212.185069][ T8109] System zones: 1-20
[  212.201623][ T8109] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.207620][ T8107] loop1: detected capacity change from 0 to 1024
[  212.260099][ T8107] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  212.446055][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.587711][ T8119] loop3: detected capacity change from 0 to 512
[  212.640507][ T8119] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  212.721256][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  212.809126][    T8] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  213.015797][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  213.041605][    T8] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  213.062427][    T8] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  213.084596][    T8] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  213.099606][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  213.119288][    T8] usb 1-1: config 0 descriptor??
[  213.555854][    T8] plantronics 0003:047F:FFFF.0009: No inputs registered, leaving
[  213.582622][ T8140] loop4: detected capacity change from 0 to 1024
[  213.593408][    T8] plantronics 0003:047F:FFFF.0009: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0
[  213.848746][ T4800] hfsplus: b-tree write err: -5, ino 25
[  213.863807][ T4800] hfsplus: b-tree write err: -5, ino 4
[  213.869459][ T4800] hfsplus: b-tree write err: -5, ino 2
[  213.889772][ T4800] hfsplus: b-tree write err: -5, ino 26
[  213.900214][    T8] usb 1-1: USB disconnect, device number 8
[  214.058388][ T8149] loop4: detected capacity change from 0 to 512
[  214.117046][ T8151] loop1: detected capacity change from 0 to 512
[  214.162175][ T8151] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  214.173038][ T8149] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  214.195935][ T8149] System zones: 1-20
[  214.235114][ T8149] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  214.584648][ T6529] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  214.661697][   T27] audit: type=1326 audit(1777516558.844:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8145 comm="syz.3.575" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7efea859cdd9 code=0x0
[  215.265488][ T8178] loop3: detected capacity change from 0 to 1024
[  215.558686][ T1132] hfsplus: b-tree write err: -5, ino 25
[  215.572036][ T1132] hfsplus: b-tree write err: -5, ino 4
[  215.583953][ T1132] hfsplus: b-tree write err: -5, ino 2
[  215.593018][ T1132] hfsplus: b-tree write err: -5, ino 26
[  215.957753][   T27] audit: type=1326 audit(1777516560.134:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8169 comm="syz.4.591" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f336f59cdd9 code=0x0
[  215.979370][    C0] vkms_vblank_simulate: vblank timer overrun
[  216.395686][ T8201] loop4: detected capacity change from 0 to 512
[  216.420027][ T8201] FAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  217.301759][ T8207] loop0: detected capacity change from 0 to 512
[  217.368741][ T8207] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  217.393519][ T8207] System zones: 1-20
[  217.419928][ T8207] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  217.563467][ T7593] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  217.606726][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  217.687687][ T8222] netlink: 'syz.0.595': attribute type 1 has an invalid length.
[  217.721065][ T8222] 8021q: adding VLAN 0 to HW filter on device bond1
[  217.746320][ T7593] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  217.757650][ T7593] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  217.767992][ T7593] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  217.781317][ T7593] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  217.796975][ T8222] bond1: (slave veth0_to_bond): making interface the new active one
[  217.805303][ T3381] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  217.812895][ T7593] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  217.834387][ T7593] usb 2-1: config 0 descriptor??
[  217.841065][ T8222] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  217.896534][ T8222] syz.0.595 (8222) used greatest stack depth: 20232 bytes left
[  218.005204][ T3381] usb 5-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  218.014130][ T3381] usb 5-1: config 0 has 1 interface, different from the descriptor's value: 253
[  218.030008][ T3381] usb 5-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  218.040393][ T3381] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  218.048580][ T3381] usb 5-1: Product: syz
[  218.052831][ T3381] usb 5-1: Manufacturer: syz
[  218.062629][ T3381] usb 5-1: SerialNumber: syz
[  218.072655][ T3381] usb 5-1: config 0 descriptor??
[  218.086005][ T3381] gspca_main: sunplus-2.14.0 probing 055f:c630
[  218.269194][ T7593] plantronics 0003:047F:FFFF.000A: No inputs registered, leaving
[  218.294039][ T7593] plantronics 0003:047F:FFFF.000A: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  218.575773][ T2192] usb 2-1: USB disconnect, device number 7
[  219.503156][ T8240] block device autoloading is deprecated and will be removed.
[  219.749536][ T2192] usb 5-1: USB disconnect, device number 7
[  219.982248][   T27] audit: type=1326 audit(1777516564.164:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8235 comm="syz.1.600" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fd139b9cdd9 code=0x0
[  220.214707][ T5811] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  220.417481][ T5811] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  220.437362][ T5811] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  220.458524][ T5811] usb 1-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00
[  220.478245][ T5811] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  220.495796][ T5811] usb 1-1: config 0 descriptor??
[  220.929297][ T5811] pyra 0003:1E7D:2CF6.000B: unknown main item tag 0x2
[  220.947179][ T5811] pyra 0003:1E7D:2CF6.000B: hidraw0: USB HID v0.00 Device [HID 1e7d:2cf6] on usb-dummy_hcd.0-1/input0
[  220.969610][ T8267] netlink: 'syz.3.614': attribute type 1 has an invalid length.
[  221.011485][ T8267] 8021q: adding VLAN 0 to HW filter on device bond1
[  221.033588][    T8] usb 2-1: new high-speed USB device number 8 using dummy_hcd
[  221.117143][ T8267] bond1: (slave veth0_to_bond): making interface the new active one
[  221.137788][ T8267] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  221.244140][    T8] usb 2-1: Using ep0 maxpacket: 16
[  221.261666][    T8] usb 2-1: config 1 has an invalid interface number: 105 but max is 0
[  221.283377][    T8] usb 2-1: config 1 has no interface number 0
[  221.293708][    T8] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x4 has invalid maxpacket 16
[  221.329353][    T8] usb 2-1: config 1 interface 105 altsetting 2 bulk endpoint 0x82 has invalid maxpacket 64
[  221.351523][    T8] usb 2-1: config 1 interface 105 has no altsetting 0
[  221.381205][ T8272] netlink: 44 bytes leftover after parsing attributes in process `syz.3.615'.
[  221.398590][    T8] usb 2-1: New USB device found, idVendor=20f4, idProduct=e05a, bcdDevice=6c.6d
[  221.418625][    T8] usb 2-1: New USB device strings: Mfr=1, Product=23, SerialNumber=3
[  221.437419][    T8] usb 2-1: Product: syz
[  221.441808][    T8] usb 2-1: Manufacturer: syz
[  221.460904][    T8] usb 2-1: SerialNumber: syz
[  221.493871][ T8265] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  221.509746][ T8265] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  221.542732][ T5811] pyra 0003:1E7D:2CF6.000B: couldn't init struct pyra_device
[  221.560818][ T5811] pyra 0003:1E7D:2CF6.000B: couldn't install mouse
[  221.571224][ T5811] pyra: probe of 0003:1E7D:2CF6.000B failed with error -71
[  221.616096][ T5811] usb 1-1: USB disconnect, device number 9
[  221.945413][ T8285] netlink: 4 bytes leftover after parsing attributes in process `syz.3.620'.
[  221.955379][ T8265] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  221.991499][ T8265] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22
[  222.110400][ T8287] vivid-003: =================  START STATUS  =================
[  222.119000][ T8287] vivid-003: Radio HW Seek Mode: Bounded
[  222.125660][ T8287] vivid-003: Radio Programmable HW Seek: false
[  222.131863][ T8287] vivid-003: RDS Rx I/O Mode: Block I/O
[  222.137518][ T8287] vivid-003: Generate RBDS Instead of RDS: false
[  222.143916][ T8287] vivid-003: RDS Reception: true
[  222.148890][ T8287] vivid-003: RDS Program Type: 0 inactive
[  222.154690][ T8287] vivid-003: RDS PS Name:  inactive
[  222.159937][ T8287] vivid-003: RDS Radio Text:  inactive
[  222.165463][ T8287] vivid-003: RDS Traffic Announcement: false inactive
[  222.172300][ T8287] vivid-003: RDS Traffic Program: false inactive
[  222.178744][ T8287] vivid-003: RDS Music: false inactive
[  222.184305][ T8287] vivid-003: ==================  END STATUS  ==================
[  222.417928][    T8] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  222.430951][    T8] aqc111 2-1:1.105 (unnamed net_device) (uninitialized): Failed to read(0x1) reg index 0x0001: -32
[  222.480216][    T8] aqc111 2-1:1.105 eth5: register 'aqc111' at usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter, 02:25:7d:58:6a:e7
[  222.662494][    T8] usb 2-1: USB disconnect, device number 8
[  222.681779][    T8] aqc111 2-1:1.105 eth5: unregister 'aqc111' usb-dummy_hcd.1-1, USB-C 3.1 to 5GBASE-T Ethernet Adapter
[  222.754757][    T8] aqc111 2-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  222.773438][    T8] aqc111 2-1:1.105 eth5 (unregistered): Failed to write(0x1) reg index 0x0002: -19
[  222.783408][    T8] aqc111 2-1:1.105 eth5 (unregistered): Failed to write(0x61) reg index 0x0000: -19
[  223.331271][ T8319] netlink: 'syz.4.624': attribute type 1 has an invalid length.
[  223.421967][ T8319] 8021q: adding VLAN 0 to HW filter on device bond1
[  223.588114][ T8326] bond1: (slave veth0_to_bond): making interface the new active one
[  223.594055][ T3381] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  223.645216][ T8326] bond1: (slave veth0_to_bond): Enslaving as an active interface with an up link
[  223.815390][ T3381] usb 2-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  223.833832][ T3381] usb 2-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  223.845063][ T3381] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 66
[  223.855345][ T3381] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  223.873790][ T3381] usb 2-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  223.935756][ T3381] usb 2-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  223.952102][ T3381] usb 2-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  223.970937][ T3381] usb 2-1: Product: syz
[  223.976142][ T3381] usb 2-1: Manufacturer: syz
[  223.989666][ T3381] cdc_wdm 2-1:1.0: skipping garbage
[  224.007693][ T3381] cdc_wdm 2-1:1.0: skipping garbage
[  224.035318][ T3381] cdc_wdm 2-1:1.0: cdc-wdm0: USB WDM device
[  224.046358][ T8344] loop4: detected capacity change from 0 to 512
[  224.063540][ T3381] cdc_wdm 2-1:1.0: Unknown control protocol
[  224.087228][ T8344] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  224.172260][ T6529] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  224.599940][   T59] wlan1: BSS 50:50:50:50:50:50 switches to unsupported channel (0 MHz), disconnecting
[  224.617306][   T59] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  224.631198][   T59] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  224.702765][ T3381] usb 2-1: USB disconnect, device number 9
[  225.385626][   T11] Bluetooth: hci2: Frame reassembly failed (-84)
[  225.573871][    T9] usb 2-1: new high-speed USB device number 10 using dummy_hcd
[  225.593908][ T8376] loop3: detected capacity change from 0 to 512
[  225.634764][ T8376] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.722164][ T8379] loop0: detected capacity change from 0 to 256
[  225.769897][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  225.788510][    T9] usb 2-1: config 0 has too many interfaces: 253, using maximum allowed: 32
[  225.816169][ T8379] FAT-fs (loop0): Directory bread(block 64) failed
[  225.820342][    T9] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 253
[  225.822769][ T8379] FAT-fs (loop0): Directory bread(block 65) failed
[  225.846182][    T9] usb 2-1: New USB device found, idVendor=055f, idProduct=c630, bcdDevice=b6.ac
[  225.855994][ T8379] FAT-fs (loop0): Directory bread(block 66) failed
[  225.882224][ T8379] FAT-fs (loop0): Directory bread(block 67) failed
[  225.889193][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  225.897739][ T8379] FAT-fs (loop0): Directory bread(block 68) failed
[  225.905380][    T9] usb 2-1: Product: syz
[  225.909696][    T9] usb 2-1: Manufacturer: syz
[  225.915340][ T8379] FAT-fs (loop0): Directory bread(block 69) failed
[  225.924949][    T9] usb 2-1: SerialNumber: syz
[  225.945811][    T9] usb 2-1: config 0 descriptor??
[  225.956458][ T8379] FAT-fs (loop0): Directory bread(block 70) failed
[  225.982686][    T9] gspca_main: sunplus-2.14.0 probing 055f:c630
[  225.984738][ T8379] FAT-fs (loop0): Directory bread(block 71) failed
[  226.008379][ T8379] FAT-fs (loop0): Directory bread(block 72) failed
[  226.035007][ T8379] FAT-fs (loop0): Directory bread(block 73) failed
[  226.645012][ T8393] loop0: detected capacity change from 0 to 512
[  226.653188][ T8393] EXT4-fs: inline encryption not supported
[  226.666774][ T8393] EXT4-fs error (device loop0): ext4_do_update_inode:5255: inode #15: comm syz.0.650: corrupted inode contents
[  226.691886][ T8393] EXT4-fs (loop0): Remounting filesystem read-only
[  226.702081][ T8393] EXT4-fs (loop0): 1 orphan inode deleted
[  226.710936][ T7593] usb 4-1: new high-speed USB device number 12 using dummy_hcd
[  226.724804][ T8393] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  226.782153][ T8393] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3069829543 (12279318172 ns) > initial count (129356784 ns). Using initial count to start timer.
[  226.888127][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.928576][ T7593] usb 4-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  226.946163][ T7593] usb 4-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  226.958019][ T7593] usb 4-1: config 1 has 1 interface, different from the descriptor's value: 66
[  226.967803][ T7593] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  226.979306][ T7593] usb 4-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  226.992862][ T7593] usb 4-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  227.002475][ T7593] usb 4-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  227.012548][ T7593] usb 4-1: Product: syz
[  227.018941][ T7593] usb 4-1: Manufacturer: syz
[  227.032839][ T7593] cdc_wdm 4-1:1.0: skipping garbage
[  227.038352][ T7593] cdc_wdm 4-1:1.0: skipping garbage
[  227.050255][ T7593] cdc_wdm 4-1:1.0: cdc-wdm0: USB WDM device
[  227.056621][ T7593] cdc_wdm 4-1:1.0: Unknown control protocol
[  227.413366][ T5774] Bluetooth: hci0: command 0x080f tx timeout
[  227.413908][ T5784] Bluetooth: hci2: Opcode 0x1003 failed: -110
[  227.426225][ T5782] Bluetooth: hci2: command 0x1003 tx timeout
[  227.426391][ T8371] Bluetooth: hci0: Opcode 0x080f failed: -110
[  227.646158][ T8401] block device autoloading is deprecated and will be removed.
[  227.675489][ T7593] usb 4-1: USB disconnect, device number 12
[  227.731063][    T8] usb 2-1: USB disconnect, device number 10
[  228.123431][ T8411] loop0: detected capacity change from 0 to 1024
[  228.206860][ T8411] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.314655][ T8419] loop4: detected capacity change from 0 to 256
[  228.367546][ T8419] FAT-fs (loop4): Directory bread(block 64) failed
[  228.381344][ T8419] FAT-fs (loop4): Directory bread(block 65) failed
[  228.388262][ T8419] FAT-fs (loop4): Directory bread(block 66) failed
[  228.411637][ T8419] FAT-fs (loop4): Directory bread(block 67) failed
[  228.421073][ T8419] FAT-fs (loop4): Directory bread(block 68) failed
[  228.437751][ T8419] FAT-fs (loop4): Directory bread(block 69) failed
[  228.452778][ T8419] FAT-fs (loop4): Directory bread(block 70) failed
[  228.476614][ T8419] FAT-fs (loop4): Directory bread(block 71) failed
[  228.490499][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  228.503171][ T8419] FAT-fs (loop4): Directory bread(block 72) failed
[  228.563024][ T8419] FAT-fs (loop4): Directory bread(block 73) failed
[  229.019418][ T8435] netlink: 4 bytes leftover after parsing attributes in process `syz.1.662'.
[  229.247517][ T8441] kvm: MWAIT instruction emulated as NOP!
[  229.567031][ T8455] netlink: 8 bytes leftover after parsing attributes in process `syz.4.671'.
[  230.233376][    T9] usb 1-1: new high-speed USB device number 10 using dummy_hcd
[  230.445006][    T9] usb 1-1: Using ep0 maxpacket: 8
[  230.451967][    T9] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  230.462837][    T9] usb 1-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  230.472000][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  230.482611][    T9] usb 1-1: config 0 descriptor??
[  230.492200][    T9] gspca_main: vc032x-2.14.0 probing 046d:0892
[  232.104831][    T9] gspca_vc032x: reg_w err -71
[  232.112625][    T9] vc032x: probe of 1-1:0.0 failed with error -71
[  232.125318][    T9] usb 1-1: USB disconnect, device number 10
[  232.712109][ T8479] netlink: 8 bytes leftover after parsing attributes in process `syz.3.681'.
[  232.857321][ T8489] loop4: detected capacity change from 0 to 512
[  232.884699][ T8489] EXT4-fs: inline encryption not supported
[  232.990716][ T8489] EXT4-fs error (device loop4): ext4_do_update_inode:5255: inode #15: comm syz.4.680: corrupted inode contents
[  233.045875][ T8494] syzkaller0: entered promiscuous mode
[  233.051604][ T8494] syzkaller0: entered allmulticast mode
[  233.071679][ T8489] EXT4-fs (loop4): Remounting filesystem read-only
[  233.099674][ T8489] EXT4-fs (loop4): 1 orphan inode deleted
[  233.126809][ T8489] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  233.232811][ T8483] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=3069829543 (12279318172 ns) > initial count (129356784 ns). Using initial count to start timer.
[  233.489818][ T6529] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  234.455644][ T8499] loop0: detected capacity change from 0 to 40427
[  234.482615][ T8499] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  234.502130][ T8499] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  234.530293][ T8499] F2FS-fs (loop0): invalid crc value
[  234.544198][ T8499] F2FS-fs (loop0): Found nat_bits in checkpoint
[  234.729685][ T8499] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  234.741716][ T8499] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  236.073606][ T8535] loop0: detected capacity change from 0 to 512
[  236.125611][ T8535] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  236.155942][ T8535] ext4 filesystem being mounted at /183/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  236.333583][   T27] audit: type=1800 audit(1777516580.484:69): pid=8535 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.692" name="file2" dev="loop0" ino=16 res=0 errno=0
[  236.534588][ T5769] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  236.956839][ T8546] loop0: detected capacity change from 0 to 256
[  237.028612][ T8546] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  237.046031][ T8546] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  237.052789][ T5992] usb 2-1: new high-speed USB device number 11 using dummy_hcd
[  237.073925][ T8546] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  237.254111][ T5992] usb 2-1: Using ep0 maxpacket: 32
[  237.286282][ T5992] usb 2-1: New USB device found, idVendor=05a9, idProduct=1550, bcdDevice=e4.bb
[  237.303428][ T5992] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  237.316790][ T5992] usb 2-1: Product: syz
[  237.321074][ T5992] usb 2-1: Manufacturer: syz
[  237.326469][ T5992] usb 2-1: SerialNumber: syz
[  237.349240][ T5992] usb 2-1: config 0 descriptor??
[  237.372297][ T5992] gspca_main: ov534_9-2.14.0 probing 05a9:1550
[  237.867199][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805c2bfc00: rx timeout, send abort
[  238.368368][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805cb00c00: rx timeout, send abort
[  238.380626][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805c2bfc00: abort rx timeout. Force session deactivation
[  238.876781][    C0] vcan0: j1939_tp_rxtimer: 0xffff88805cb00c00: abort rx timeout. Force session deactivation
[  239.012263][ T5992] gspca_ov534_9: reg_w failed -71
[  239.350699][ T5992] gspca_ov534_9: Unknown sensor 0000
[  239.350800][ T5992] ov534_9: probe of 2-1:0.0 failed with error -22
[  239.394371][ T5992] usb 2-1: USB disconnect, device number 11
[  239.940487][ T8557] netlink: 4 bytes leftover after parsing attributes in process `syz.4.701'.
[  240.149960][ T8579] binder: BINDER_SET_CONTEXT_MGR already set
[  240.174137][ T8579] binder: 8578:8579 ioctl 4018620d 200000000040 returned -16
[  240.288484][ T8582] loop4: detected capacity change from 0 to 164
[  240.340627][ T8582] rock: directory entry would overflow storage
[  240.348347][ T8582] rock: sig=0x66, size=4, remaining=3
[  240.399701][ T8587] loop3: detected capacity change from 0 to 512
[  240.414569][ T8582] rock: directory entry would overflow storage
[  240.420823][ T8582] rock: sig=0x66, size=4, remaining=3
[  240.535150][ T8587] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.575334][ T8587] ext4 filesystem being mounted at /173/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  240.694518][ T8587] EXT4-fs (loop3): shut down requested (0)
[  240.915907][ T5772] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.333557][    T8] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  241.535251][    T8] usb 4-1: too many configurations: 9, using maximum allowed: 8
[  241.546748][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.558743][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.593217][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.602289][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.632230][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.659062][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.671961][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.681622][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.723336][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.731651][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.761237][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.782594][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.796521][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.813387][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.843360][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.865069][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.883320][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.914950][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.924798][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  241.953400][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  241.973993][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  241.985157][    T8] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 9
[  242.013356][    T8] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7
[  242.028376][    T8] usb 4-1: config 0 interface 0 has no altsetting 0
[  242.051847][    T8] usb 4-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e
[  242.061888][    T9] usb 1-1: new high-speed USB device number 11 using dummy_hcd
[  242.071347][    T8] usb 4-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168
[  242.090138][    T8] usb 4-1: Product: syz
[  242.094810][    T8] usb 4-1: Manufacturer: syz
[  242.099464][    T8] usb 4-1: SerialNumber: syz
[  242.122450][    T8] usb 4-1: config 0 descriptor??
[  242.143464][    T8] yurex 4-1:0.0: USB YUREX device now attached to Yurex #0
[  242.273418][    T9] usb 1-1: Using ep0 maxpacket: 16
[  242.283732][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  242.323307][    T9] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  242.363327][    T9] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  242.393371][    T9] usb 1-1: New USB device found, idVendor=05ac, idProduct=8241, bcdDevice= 0.00
[  242.423306][    T9] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.444399][    T9] usb 1-1: config 0 descriptor??
[  242.490182][    C0] usb 4-1: yurex_control_callback - control failed: -71
[  242.501100][    T8] usb 4-1: USB disconnect, device number 13
[  242.516579][    T8] yurex 4-1:0.0: USB YUREX #0 now disconnected
[  242.734000][ T8619] loop4: detected capacity change from 0 to 40427
[  242.772537][ T8619] F2FS-fs (loop4): invalid crc value
[  242.797540][ T8619] F2FS-fs (loop4): Found nat_bits in checkpoint
[  242.882561][    T9] input: HID 05ac:8241 as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:0.0/0003:05AC:8241.000C/input/input17
[  242.916362][ T8619] F2FS-fs (loop4): Start checkpoint disabled!
[  242.948223][ T8619] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  243.022269][    T9] appleir 0003:05AC:8241.000C: input,hiddev0,hidraw0: USB HID v0.00 Device [HID 05ac:8241] on usb-dummy_hcd.0-1/input0
[  243.140062][ T8628] syz.4.725: attempt to access beyond end of device
[  243.140062][ T8628] loop4: rw=10241, sector=45096, nr_sectors = 8 limit=40427
[  243.878101][    T9] usb 1-1: USB disconnect, device number 11
[  243.932768][   T11] kworker/u4:0: attempt to access beyond end of device
[  243.932768][   T11] loop4: rw=1, sector=77824, nr_sectors = 2048 limit=40427
[  243.981818][   T11] kworker/u4:0: attempt to access beyond end of device
[  243.981818][   T11] loop4: rw=1, sector=79872, nr_sectors = 2048 limit=40427
[  244.081543][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.081543][   T11] loop4: rw=1, sector=49152, nr_sectors = 3952 limit=40427
[  244.118229][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.118229][   T11] loop4: rw=1, sector=53104, nr_sectors = 144 limit=40427
[  244.212273][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.212273][   T11] loop4: rw=1, sector=57344, nr_sectors = 4424 limit=40427
[  244.283002][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.283002][   T11] loop4: rw=1, sector=61768, nr_sectors = 3768 limit=40427
[  244.307748][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.307748][   T11] loop4: rw=1, sector=69632, nr_sectors = 8 limit=40427
[  244.343218][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.343218][   T11] loop4: rw=1, sector=69640, nr_sectors = 8 limit=40427
[  244.367479][   T11] kworker/u4:0: attempt to access beyond end of device
[  244.367479][   T11] loop4: rw=1, sector=69648, nr_sectors = 8 limit=40427
[  245.362766][   T12] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  246.486260][ T8666] syzkaller1: entered promiscuous mode
[  246.491824][ T8666] syzkaller1: entered allmulticast mode
[  246.583529][    T9] usb 4-1: new high-speed USB device number 14 using dummy_hcd
[  246.774668][    T9] usb 4-1: Using ep0 maxpacket: 32
[  246.822696][    T9] usb 4-1: config 139 has an invalid interface number: 49 but max is 0
[  246.865318][    T9] usb 4-1: config 139 has no interface number 0
[  246.941740][    T9] usb 4-1: config 139 interface 49 has no altsetting 0
[  247.068555][    T9] usb 4-1: New USB device found, idVendor=10c4, idProduct=8244, bcdDevice=72.75
[  247.189509][    T9] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  247.286436][    T9] usb 4-1: Product: syz
[  247.335655][    T9] usb 4-1: Manufacturer: syz
[  247.391577][    T9] usb 4-1: SerialNumber: syz
[  248.057607][    T9] radio-usb-si4713 4-1:139.49: Si4713 development board discovered: (10C4:8244)
[  248.112398][    T9] radio-usb-si4713: probe of 4-1:139.49 failed with error -71
[  248.132976][    T9] usbhid 4-1:139.49: couldn't find an input interrupt endpoint
[  248.173961][    T9] usb 4-1: USB disconnect, device number 14
[  248.236266][ T8696] netlink: 76 bytes leftover after parsing attributes in process `syz.0.751'.
[  250.509727][ T8729] loop3: detected capacity change from 0 to 32768
[  250.553481][ T8729] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.760 (8729)
[  250.654109][ T8729] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  250.690807][ T8729] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  250.734290][ T8729] BTRFS info (device loop3): setting nodatasum
[  250.740574][ T8729] BTRFS info (device loop3): force zlib compression, level 3
[  250.773434][ T8729] BTRFS info (device loop3): setting incompat feature flag for COMPRESS_LZO (0x8)
[  250.813302][ T8729] BTRFS info (device loop3): use lzo compression, level 0
[  250.820530][ T8729] BTRFS info (device loop3): turning on flush-on-commit
[  250.883325][ T8729] BTRFS info (device loop3): enabling auto defrag
[  250.890677][ T8729] BTRFS info (device loop3): max_inline at 4096
[  250.918864][ T8729] BTRFS info (device loop3): using free space tree
[  251.104278][ T8729] BTRFS info (device loop3): enabling ssd optimizations
[  251.597277][ T5772] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  252.999676][ T8794] loop6: detected capacity change from 0 to 7
[  253.046247][ T8794] Dev loop6: unable to read RDB block 7
[  253.079659][ T8794]  loop6: unable to read partition table
[  253.159581][ T8794] loop6: partition table beyond EOD, truncated
[  253.243378][ T8794] loop_reread_partitions: partition scan of loop6 (ÄNùh*h‘…ÿìžÝ×pਸ਼ "ýo§æ?<í¯ÊºöÙXDˆÚ
bÔÌ	) failed (rc=-5)
[  254.593379][    T8] usb 1-1: new full-speed USB device number 12 using dummy_hcd
[  254.805500][    T8] usb 1-1: config 0 has an invalid interface number: 41 but max is 0
[  254.813745][    T8] usb 1-1: config 0 has no interface number 0
[  254.819899][    T8] usb 1-1: config 0 interface 41 altsetting 2 endpoint 0x82 has invalid maxpacket 65535, setting to 64
[  254.832136][    T8] usb 1-1: config 0 interface 41 has no altsetting 0
[  254.853711][    T8] usb 1-1: New USB device found, idVendor=0fe6, idProduct=9800, bcdDevice=d1.9a
[  254.873568][    T8] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  254.881684][    T8] usb 1-1: Product: syz
[  254.891867][    T8] usb 1-1: Manufacturer: syz
[  254.903512][    T8] usb 1-1: SerialNumber: syz
[  254.924901][    T8] usb 1-1: config 0 descriptor??
[  254.958636][ T8810] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  255.379117][ T8810] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  255.715725][ T8830] tipc: Started in network mode
[  255.720878][ T8830] tipc: Node identity 9e38e960a9b3, cluster identity 4711
[  255.754433][ T8830] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  255.882652][ T8831] syzkaller0: entered promiscuous mode
[  255.892980][ T8831] syzkaller0: entered allmulticast mode
[  255.905519][ T8831] tipc: Resetting bearer <eth:syzkaller0>
[  255.932018][ T8829] tipc: Resetting bearer <eth:syzkaller0>
[  256.090772][    T8] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): sr_get_phy_addr : Error reading PHYID register:ffffffe0
[  256.161583][ T1281] ieee802154 phy0 wpan0: encryption failed: -22
[  256.168312][ T1281] ieee802154 phy1 wpan1: encryption failed: -22
[  257.346323][    T8] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to send software reset:ffffffb9
[  257.363723][    T8] CoreChips 1-1:0.41 (unnamed net_device) (uninitialized): Failed to reset PHY: -71
[  257.385741][    T8] CoreChips: probe of 1-1:0.41 failed with error -71
[  257.408205][    T8] usb 1-1: USB disconnect, device number 12
[  258.221558][ T5774] Bluetooth: hci4: command 0x0406 tx timeout
[  258.940153][ T8829] tipc: Disabling bearer <eth:syzkaller0>
[  258.960280][    T9] tipc: Node number set to 931916128
[  259.262005][ T8869] loop4: detected capacity change from 0 to 512
[  259.272187][ T8869] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  259.675355][ T8877] sd 0:0:1:0: PR command failed: 1026
[  259.680895][ T8877] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  259.713202][ T8877] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  261.466270][ T8902] loop1: detected capacity change from 0 to 1024
[  261.502559][ T8902] EXT4-fs: Ignoring removed i_version option
[  261.522390][ T8902] EXT4-fs: Ignoring removed nobh option
[  261.533455][ T8902] EXT4-fs: Ignoring removed bh option
[  261.614666][ T8902] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  261.744203][ T8902] EXT4-fs error (device loop1): __ext4_get_inode_loc:4496: comm syz.1.809: Invalid inode table block 14708632959893849238 in block_group 0
[  261.771304][ T8902] EXT4-fs (loop1): Remounting filesystem read-only
[  261.871146][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.189482][ T8914] kvm: pic: single mode not supported
[  262.189663][ T8914] kvm: pic: single mode not supported
[  263.432892][ T8933] netlink: 'syz.4.819': attribute type 2 has an invalid length.
[  263.663715][ T5992] usb 2-1: new high-speed USB device number 12 using dummy_hcd
[  263.856585][ T5992] usb 2-1: Using ep0 maxpacket: 32
[  263.872613][ T5992] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  263.883081][ T5992] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  263.899252][ T5992] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  263.928995][ T5992] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  263.955019][ T5992] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  263.969363][ T5992] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  263.997234][ T5992] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  264.028879][ T5992] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  264.065582][ T5992] usb 2-1: config 0 descriptor??
[  264.316129][ T5992] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 12 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  264.365400][ T5992] usb 2-1: USB disconnect, device number 12
[  264.406469][ T5992] usblp0: removed
[  264.556745][ T8947] binder: 8946:8947 unknown command 0
[  264.578147][ T8947] binder: 8946:8947 ioctl c0306201 200000000080 returned -22
[  264.923602][ T5992] usb 2-1: new high-speed USB device number 13 using dummy_hcd
[  265.143308][ T5992] usb 2-1: Using ep0 maxpacket: 32
[  265.163909][ T5992] usb 2-1: config index 0 descriptor too short (expected 29220, got 36)
[  265.201552][ T5992] usb 2-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  265.214808][ T5992] usb 2-1: config 0 has 1 interface, different from the descriptor's value: 81
[  265.224308][ T5992] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  265.234671][ T5992] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  265.248493][ T5992] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  265.304128][ T5992] usb 2-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  265.315474][ T5992] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.360877][ T5992] usb 2-1: config 0 descriptor??
[  265.610511][ T5992] usblp 2-1:0.0: usblp0: USB Bidirectional printer dev 13 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  265.622423][ T8956] kvm: requested 25980 ns i8254 timer period limited to 200000 ns
[  265.638832][ T8956] kvm: requested 196952 ns i8254 timer period limited to 200000 ns
[  265.650780][ T8956] kvm: requested 183542 ns i8254 timer period limited to 200000 ns
[  265.664280][ T8956] kvm: requested 9219 ns i8254 timer period limited to 200000 ns
[  265.672862][ T8956] kvm: requested 25980 ns i8254 timer period limited to 200000 ns
[  265.701299][ T8956] kvm: requested 62857 ns i8254 timer period limited to 200000 ns
[  265.724843][ T8956] kvm: requested 129904 ns i8254 timer period limited to 200000 ns
[  265.733060][ T8956] kvm: requested 25980 ns i8254 timer period limited to 200000 ns
[  265.773866][ T8956] kvm: requested 143314 ns i8254 timer period limited to 200000 ns
[  265.812426][ T8956] kvm: requested 49447 ns i8254 timer period limited to 200000 ns
[  265.863425][    C1] usblp0: nonzero read bulk status received: -71
[  265.872927][ T5822] usb 2-1: USB disconnect, device number 13
[  266.057800][ T8930] usblp0: removed
[  269.061296][ T9028] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  272.499339][ T9036] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  272.651488][ T9048] binder: 9047:9048 unknown command 0
[  272.658026][ T9048] binder: 9047:9048 ioctl c0306201 200000000080 returned -22
[  272.904138][    T8] usb 5-1: new high-speed USB device number 8 using dummy_hcd
[  272.942075][ T9058] binder_alloc: 9057: pid 9057 spamming oneway? 1 buffers allocated for a total size of 5184
[  272.959583][ T9058] binder_alloc: 9057: pid 9057 spamming oneway? 2 buffers allocated for a total size of 5192
[  273.113465][    T8] usb 5-1: New USB device found, idVendor=0cf3, idProduct=9271, bcdDevice= 1.08
[  273.139897][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  273.162845][    T8] usb 5-1: Product: syz
[  273.173371][    T8] usb 5-1: Manufacturer: syz
[  273.178065][    T8] usb 5-1: SerialNumber: syz
[  273.220144][    T8] usb 5-1: ath9k_htc: Firmware ath9k_htc/htc_9271-1.4.0.fw requested
[  273.367358][ T9066] loop1: detected capacity change from 0 to 512
[  273.389463][ T9066] EXT4-fs: inline encryption not supported
[  273.395542][ T9066] EXT4-fs: inline encryption not supported
[  273.457068][ T9066] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  273.599744][ T9066] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1154: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  273.625539][ T9066] EXT4-fs error (device loop1): ext4_validate_block_bitmap:439: comm syz.1.863: bg 0: block 248: padding at end of block bitmap is not set
[  273.649235][ T9066] Quota error (device loop1): write_blk: dquota write failed
[  273.657380][ T9066] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  273.667627][ T9066] EXT4-fs error (device loop1): ext4_acquire_dquot:6953: comm syz.1.863: Failed to acquire dquot type 1
[  273.721904][ T9066] EXT4-fs (loop1): 1 truncate cleaned up
[  273.741649][ T9066] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  274.072485][    T9] usb 5-1: ath9k_htc: Transferred FW: ath9k_htc/htc_9271-1.4.0.fw, size: 51008
[  274.082680][ T5770] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  274.237112][ T9072] tipc: Started in network mode
[  274.242195][ T9072] tipc: Node identity 84e, cluster identity 4711
[  274.252849][ T9072] tipc: Node number set to 2126
[  274.276569][   T27] audit: type=1800 audit(1777516618.464:70): pid=9074 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.866" name="file1" dev="overlay" ino=1142 res=0 errno=0
[  274.337714][ T9046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.366253][ T9046] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.398708][ T9046] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  274.423791][ T9046] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  274.458923][ T3381] usb 5-1: USB disconnect, device number 8
[  275.173579][    T9] ath9k_htc 5-1:1.0: ath9k_htc: Target is unresponsive
[  275.191640][    T9] ath9k_htc: Failed to initialize the device
[  275.209465][ T3381] usb 5-1: ath9k_htc: USB layer deinitialized
[  275.594870][ T3381] usb 5-1: new high-speed USB device number 9 using dummy_hcd
[  275.784424][ T3381] usb 5-1: Using ep0 maxpacket: 8
[  275.804150][ T3381] usb 5-1: device descriptor read/all, error -71
[  277.066599][ T9115] kvm: pic: non byte write
[  277.072729][ T9115] kvm: pic: non byte write
[  277.082179][ T9115] kvm: pic: non byte write
[  277.098098][ T9115] kvm: pic: non byte write
[  277.108290][ T9115] kvm: pic: non byte write
[  277.115050][ T9115] kvm: pic: non byte write
[  277.124953][ T9115] kvm: pic: non byte write
[  277.129795][ T9115] kvm: pic: non byte write
[  277.136557][ T9115] kvm: pic: non byte write
[  277.145057][ T9115] kvm: pic: non byte write
[  277.150582][ T9115] kvm: pic: single mode not supported
[  277.151232][ T9115] kvm: pic: single mode not supported
[  277.157187][ T9115] kvm: pic: level sensitive irq not supported
[  277.168652][ T9115] kvm: pic: single mode not supported
[  277.311257][ T9118] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  277.594833][ T9121] binder: BINDER_SET_CONTEXT_MGR already set
[  277.600917][ T9121] binder: 9120:9121 ioctl 4018620d 200000004a80 returned -16
[  278.403757][ T9142] loop4: detected capacity change from 0 to 256
[  278.468705][ T9142] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3620664b, utbl_chksum : 0xe619d30d)
[  279.025518][ T9151] loop0: detected capacity change from 0 to 64
[  279.114365][    T8] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  279.308514][    T8] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  279.322639][    T8] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  279.332724][    T8] usb 5-1: Product: syz
[  279.358782][    T8] usb 5-1: Manufacturer: syz
[  279.364920][    T8] usb 5-1: SerialNumber: syz
[  279.374400][    T8] usb 5-1: config 0 descriptor??
[  279.611304][    T8] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  279.703569][ T9155] loop0: detected capacity change from 0 to 32768
[  279.723430][ T9155] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.898 (9155)
[  279.736557][ T9157] syzkaller0: entered promiscuous mode
[  279.742112][ T9157] syzkaller0: entered allmulticast mode
[  279.759704][ T9155] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  279.772253][ T9155] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  279.803307][ T9155] BTRFS warning (device loop0): 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  279.831196][ T9155] BTRFS info (device loop0): trying to use backup root at mount time
[  279.842336][ T9155] BTRFS info (device loop0): setting nodatasum
[  279.852191][ T9155] BTRFS info (device loop0): enabling ssd optimizations
[  279.859613][ T9155] BTRFS info (device loop0): using spread ssd allocation scheme
[  279.867862][ T9155] BTRFS info (device loop0): turning on flush-on-commit
[  279.875666][ T9155] BTRFS info (device loop0): force zlib compression, level 3
[  279.884534][ T9155] BTRFS info (device loop0): using free space tree
[  280.370803][ T9155] loop0: detected capacity change from 32768 to 0
[  280.702016][ T1132] bio_check_eod: 2021 callbacks suppressed
[  280.702059][ T1132] kworker/u4:8: attempt to access beyond end of device
[  280.702059][ T1132] loop0: rw=4097, sector=10440, nr_sectors = 8 limit=0
[  280.929970][ T1132] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 1, rd 0, flush 0, corrupt 0, gen 0
[  280.959568][ T1132] kworker/u4:8: attempt to access beyond end of device
[  280.959568][ T1132] loop0: rw=4097, sector=10448, nr_sectors = 8 limit=0
[  280.988761][ T1132] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 2, rd 0, flush 0, corrupt 0, gen 0
[  281.006377][ T1132] kworker/u4:8: attempt to access beyond end of device
[  281.006377][ T1132] loop0: rw=4097, sector=10456, nr_sectors = 8 limit=0
[  281.027409][ T1132] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 3, rd 0, flush 0, corrupt 0, gen 0
[  281.045638][ T1132] kworker/u4:8: attempt to access beyond end of device
[  281.045638][ T1132] loop0: rw=4097, sector=10464, nr_sectors = 8 limit=0
[  281.066511][ T1132] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 4, rd 0, flush 0, corrupt 0, gen 0
[  281.079634][ T1132] kworker/u4:8: attempt to access beyond end of device
[  281.079634][ T1132] loop0: rw=4097, sector=10472, nr_sectors = 8 limit=0
[  281.098935][ T1132] BTRFS error (device loop0): bdev /dev/loop0 errs: wr 5, rd 0, flush 0, corrupt 0, gen 0
[  281.111231][ T9178] BTRFS error (device loop0: state A): Transaction aborted (error -5)
[  281.125604][ T9178] BTRFS: error (device loop0: state A) in __btrfs_run_delayed_items:1161: errno=-5 IO failure
[  281.142084][ T9178] BTRFS info (device loop0: state EA): forced readonly
[  281.154896][ T9178] BTRFS warning (device loop0: state EA): Skipping commit of aborted transaction.
[  281.184689][ T9178] BTRFS: error (device loop0: state EA) in cleanup_transaction:2021: errno=-5 IO failure
[  281.447046][    T8] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  281.461516][    T8] usb 5-1: USB disconnect, device number 11
[  281.871984][ T7520] BTRFS info (device loop0: state EA): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  283.161468][ T5774] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  283.172644][ T5774] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  283.181557][ T5774] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  283.190507][ T5774] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  283.198292][ T5774] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  283.205898][ T5774] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  284.060206][ T9194] chnl_net:caif_netlink_parms(): no params data found
[  284.329178][ T9194] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.357207][ T9194] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.382702][ T9194] bridge_slave_0: entered allmulticast mode
[  284.419684][ T9194] bridge_slave_0: entered promiscuous mode
[  284.468595][ T9194] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.495442][ T9194] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.513902][ T9194] bridge_slave_1: entered allmulticast mode
[  284.538952][ T9194] bridge_slave_1: entered promiscuous mode
[  284.682370][ T9194] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.703152][ T9194] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.835296][ T9194] team0: Port device team_slave_0 added
[  284.869272][ T9194] team0: Port device team_slave_1 added
[  284.984983][ T5774] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  285.001751][ T5774] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  285.010323][ T5774] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  285.021421][ T5774] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  285.030199][ T5774] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  285.040278][ T5774] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  285.100967][ T9194] batman_adv: batadv0: Adding interface: batadv_slave_0
[  285.141961][ T9194] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.181780][ T9194] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.205750][ T9194] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.212769][ T9194] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.239391][ T9194] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.259809][ T5784] Bluetooth: hci2: command tx timeout
[  285.420049][ T9194] hsr_slave_0: entered promiscuous mode
[  285.460708][ T9194] hsr_slave_1: entered promiscuous mode
[  285.484440][ T9194] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  285.506236][ T9194] Cannot create hsr debugfs directory
[  287.068521][ T9213] chnl_net:caif_netlink_parms(): no params data found
[  287.093547][ T5784] Bluetooth: hci0: command tx timeout
[  287.131439][ T9228] syzkaller0: entered promiscuous mode
[  287.144983][ T9228] syzkaller0: entered allmulticast mode
[  287.333536][ T5784] Bluetooth: hci2: command tx timeout
[  288.127613][ T9213] bridge0: port 1(bridge_slave_0) entered blocking state
[  288.153667][ T9213] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.161201][ T9213] bridge_slave_0: entered allmulticast mode
[  288.178571][ T9213] bridge_slave_0: entered promiscuous mode
[  288.354499][ T9213] bridge0: port 2(bridge_slave_1) entered blocking state
[  288.363528][ T9213] bridge0: port 2(bridge_slave_1) entered disabled state
[  288.393575][ T9213] bridge_slave_1: entered allmulticast mode
[  288.401210][ T9213] bridge_slave_1: entered promiscuous mode
[  288.522466][ T9213] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  288.571462][ T9194] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  288.645868][ T9194] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  288.666458][ T9213] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  288.681773][ T9194] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  288.708920][ T9194] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  288.859405][ T9213] team0: Port device team_slave_0 added
[  289.008377][ T9213] team0: Port device team_slave_1 added
[  289.175312][ T5784] Bluetooth: hci0: command tx timeout
[  289.270661][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_0
[  289.278418][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.305966][ T9213] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  289.356878][ T9213] batman_adv: batadv0: Adding interface: batadv_slave_1
[  289.375846][ T9213] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  289.413390][ T5784] Bluetooth: hci2: command tx timeout
[  289.548088][ T9213] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  289.730984][ T9213] hsr_slave_0: entered promiscuous mode
[  289.755133][ T9213] hsr_slave_1: entered promiscuous mode
[  289.776133][ T9213] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  289.785984][ T9213] Cannot create hsr debugfs directory
[  289.839727][ T9194] 8021q: adding VLAN 0 to HW filter on device bond0
[  290.007713][ T9194] 8021q: adding VLAN 0 to HW filter on device team0
[  290.061141][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state
[  290.068574][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state
[  290.107475][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state
[  290.114742][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state
[  290.211307][ T9264] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  290.606867][ T9213] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  290.620070][ T9213] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  290.657166][ T9213] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  290.676360][ T9213] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  291.037244][ T9276] loop1: detected capacity change from 0 to 256
[  291.264191][ T5784] Bluetooth: hci0: command tx timeout
[  291.358315][ T9276] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3620664b, utbl_chksum : 0xe619d30d)
[  291.467606][ T9194] 8021q: adding VLAN 0 to HW filter on device batadv0
[  291.504764][ T5784] Bluetooth: hci2: command tx timeout
[  291.602767][ T9213] 8021q: adding VLAN 0 to HW filter on device bond0
[  291.680687][ T9213] 8021q: adding VLAN 0 to HW filter on device team0
[  291.726370][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[  291.733694][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[  291.771124][   T11] bridge0: port 2(bridge_slave_1) entered blocking state
[  291.778462][   T11] bridge0: port 2(bridge_slave_1) entered forwarding state
[  292.496435][ T9194] veth0_vlan: entered promiscuous mode
[  292.598824][ T9194] veth1_vlan: entered promiscuous mode
[  292.747762][ T9213] 8021q: adding VLAN 0 to HW filter on device batadv0
[  292.908707][ T9194] veth0_macvtap: entered promiscuous mode
[  292.978572][ T9194] veth1_macvtap: entered promiscuous mode
[  293.082626][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.121463][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.144063][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.163518][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.175246][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.190873][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.201970][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  293.222929][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.235655][ T9194] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.256663][ T9300] netlink: 4 bytes leftover after parsing attributes in process `syz.4.928'.
[  293.333485][ T5784] Bluetooth: hci0: command tx timeout
[  293.470823][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.501725][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.515414][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.527048][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.537320][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.548221][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.558512][ T9194] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  293.569437][ T9194] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  293.601770][ T9194] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.629383][ T9194] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.670935][ T9194] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.724099][ T9194] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.732901][ T9194] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.887253][ T9308] kvm: apic: phys broadcast and lowest prio
[  294.161453][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.170453][ T9213] veth0_vlan: entered promiscuous mode
[  294.206796][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.233809][ T9308] kvm: apic: phys broadcast and lowest prio
[  294.266800][ T9213] veth1_vlan: entered promiscuous mode
[  294.330317][ T4815] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  294.340477][ T4815] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  294.402467][ T9213] veth0_macvtap: entered promiscuous mode
[  294.440962][ T9213] veth1_macvtap: entered promiscuous mode
[  294.501036][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.512068][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.533365][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.582565][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.603314][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.615258][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.627296][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.639537][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.651179][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  294.664165][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.686779][ T9213] batman_adv: batadv0: Interface activated: batadv_slave_0
[  294.732533][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.750175][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.763112][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.781719][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.792041][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.802963][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.813139][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.823897][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.842820][ T9213] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  294.854358][ T9213] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  294.883770][ T9213] batman_adv: batadv0: Interface activated: batadv_slave_1
[  294.903908][ T9321] syzkaller0: entered promiscuous mode
[  294.909559][ T9321] syzkaller0: entered allmulticast mode
[  294.945656][ T9213] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  294.957790][ T9213] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  294.968507][ T9213] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  294.977519][ T9213] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  295.215127][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.223031][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.296792][ T9333] loop5: detected capacity change from 0 to 256
[  295.336973][   T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  295.367201][ T9333] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3620664b, utbl_chksum : 0xe619d30d)
[  295.375169][   T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  295.723450][ T9339] Bluetooth: MGMT ver 1.22
[  296.016560][ T9341] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  296.083892][ T9345] syzkaller0: entered promiscuous mode
[  296.104698][ T9345] syzkaller0: entered allmulticast mode
[  296.204343][ T9341] tipc: Resetting bearer <eth:syzkaller0>
[  296.233674][ T9340] tipc: Resetting bearer <eth:syzkaller0>
[  296.329301][ T9340] tipc: Disabling bearer <eth:syzkaller0>
[  446.283198][    C0] rcu: INFO: rcu_preempt detected stalls on CPUs/tasks:
[  446.290239][    C0] rcu: 	(detected by 0, t=10502 jiffies, g=44849, q=399 ncpus=2)
[  446.297969][    C0] rcu: All QSes seen, last rcu_preempt kthread activity 10502 (4294981703-4294971201), jiffies_till_next_fqs=1, root ->qsmask 0x0
[  446.311354][    C0] rcu: rcu_preempt kthread starved for 10502 jiffies! g44849 f0x2 RCU_GP_WAIT_FQS(5) ->state=0x0 ->cpu=1
[  446.322557][    C0] rcu: 	Unless rcu_preempt kthread gets sufficient CPU time, OOM is now expected behavior.
[  446.332553][    C0] rcu: RCU grace-period kthread stack dump:
[  446.338491][    C0] task:rcu_preempt     state:R  running task     stack:27272 pid:17    ppid:2      flags:0x00004000
[  446.349318][    C0] Call Trace:
[  446.352629][    C0]  <TASK>
[  446.355588][    C0]  __schedule+0x1553/0x45a0
[  446.360145][    C0]  ? asan.module_dtor+0x20/0x20
[  446.365023][    C0]  ? enqueue_timer+0x23d/0x550
[  446.369836][    C0]  ? __mod_timer+0x984/0xdb0
[  446.374456][    C0]  schedule+0xbd/0x170
[  446.378544][    C0]  schedule_timeout+0x188/0x2d0
[  446.383425][    C0]  ? console_conditional_schedule+0x40/0x40
[  446.389365][    C0]  ? update_process_times+0x1b0/0x1b0
[  446.394758][    C0]  ? prepare_to_swait_event+0x339/0x360
[  446.400322][    C0]  rcu_gp_fqs_loop+0x313/0x1590
[  446.405180][    C0]  ? rcu_gp_init+0x1162/0x1560
[  446.409953][    C0]  ? rcu_gp_kthread+0x3b0/0x3b0
[  446.414812][    C0]  ? _raw_spin_unlock_irqrestore+0x86/0x120
[  446.420717][    C0]  ? lockdep_hardirqs_on+0x98/0x150
[  446.425927][    C0]  ? rcu_gp_init+0x1560/0x1560
[  446.430694][    C0]  ? _raw_spin_unlock_irqrestore+0xc5/0x120
[  446.436627][    C0]  ? finish_swait+0xc7/0x1d0
[  446.441229][    C0]  rcu_gp_kthread+0x9d/0x3b0
[  446.445851][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  446.450994][    C0]  ? __kthread_parkme+0x7a/0x1c0
[  446.455941][    C0]  ? __kthread_parkme+0x162/0x1c0
[  446.460972][    C0]  kthread+0x2fa/0x390
[  446.465049][    C0]  ? rcu_report_qs_rsp+0x1a0/0x1a0
[  446.470184][    C0]  ? kthread_blkcg+0xd0/0xd0
[  446.474784][    C0]  ret_from_fork+0x48/0x80
[  446.479224][    C0]  ? kthread_blkcg+0xd0/0xd0
[  446.483830][    C0]  ret_from_fork_asm+0x11/0x20
[  446.488646][    C0]  </TASK>
[  446.491671][    C0] rcu: Stack dump where RCU GP kthread last ran:
[  446.497994][    C0] Sending NMI from CPU 0 to CPUs 1:
[  446.503212][    C1] NMI backtrace for cpu 1
[  446.503233][    C1] CPU: 1 PID: 0 Comm: swapper/1 Not tainted syzkaller #0
[  446.503249][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  446.503259][    C1] RIP: 0010:native_apic_msr_write+0x39/0x50
[  446.503286][    C1] Code: 74 2a 83 ff 30 74 25 eb 10 81 ff d0 00 00 00 74 1b 81 ff e0 00 00 00 74 13 c1 ef 04 81 c7 00 08 00 00 89 f9 89 f0 31 d2 0f 30 <66> 90 c3 89 f6 31 d2 e9 3b 03 24 03 66 2e 0f 1f 84 00 00 00 00 00
[  446.503300][    C1] RSP: 0018:ffffc900001f0e58 EFLAGS: 00000046
[  446.503314][    C1] RAX: 000000000009785f RBX: ffff8880b8f28280 RCX: 0000000000000838
[  446.503325][    C1] RDX: 0000000000000000 RSI: 000000000009785f RDI: 0000000000000838
[  446.503335][    C1] RBP: 0000000000000000 R08: ffffffff8e8b19ef R09: 1ffffffff1d1633d
[  446.503346][    C1] R10: dffffc0000000000 R11: fffffbfff1d1633e R12: dffffc0000000000
[  446.503358][    C1] R13: 0000000010005a98 R14: 000000000009785f R15: 0000000000000020
[  446.503369][    C1] FS:  0000000000000000(0000) GS:ffff8880b8f00000(0000) knlGS:0000000000000000
[  446.503382][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  446.503393][    C1] CR2: 0000001b33314ff8 CR3: 0000000030a13000 CR4: 00000000003526e0
[  446.503408][    C1] Call Trace:
[  446.503415][    C1]  <IRQ>
[  446.503419][    C1]  lapic_next_event+0x11/0x20
[  446.503441][    C1]  clockevents_program_event+0x1c0/0x310
[  446.503465][    C1]  hrtimer_interrupt+0x5a1/0x9c0
[  446.503497][    C1]  __sysvec_apic_timer_interrupt+0xfb/0x3b0
[  446.503519][    C1]  sysvec_apic_timer_interrupt+0x9f/0xc0
[  446.503540][    C1]  </IRQ>
[  446.503562][    C1]  <TASK>
[  446.503567][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  446.503590][    C1] RIP: 0010:pv_native_safe_halt+0xf/0x10
[  446.503611][    C1] Code: 09 21 02 c3 cc cc cc cc cc cc cc f3 0f 1e fa 0f 0b 66 2e 0f 1f 84 00 00 00 00 00 f3 0f 1e fa 66 90 0f 00 2d e3 c3 41 00 fb f4 <c3> 66 0f 1f 00 55 41 57 41 56 41 54 53 50 8b 2f eb 2e 41 89 de 80
[  446.503624][    C1] RSP: 0018:ffffc90000187de0 EFLAGS: 000002c6
[  446.503637][    C1] RAX: 8765bfb882174500 RBX: ffffffff8162a8f1 RCX: 8765bfb882174500
[  446.503649][    C1] RDX: 0000000000000001 RSI: ffffffff8acac9e0 RDI: ffffffff8b1c8fe0
[  446.503661][    C1] RBP: ffffc90000187f20 R08: ffff8880b8f36b2b R09: 1ffff110171e6d65
[  446.503682][    C1] R10: dffffc0000000000 R11: ffffed10171e6d66 R12: 1ffff92000030fc8
[  446.503695][    C1] R13: dffffc0000000000 R14: 1ffff1100384c780 R15: 0000000000000000
[  446.503708][    C1]  ? do_idle+0x221/0x590
[  446.503734][    C1]  default_idle+0x13/0x20
[  446.503755][    C1]  default_idle_call+0x6c/0xa0
[  446.503776][    C1]  do_idle+0x221/0x590
[  446.503799][    C1]  ? idle_inject_timer_fn+0x60/0x60
[  446.503819][    C1]  ? asm_sysvec_call_function_single+0x1a/0x20
[  446.503849][    C1]  cpu_startup_entry+0x43/0x60
[  446.503870][    C1]  start_secondary+0xee/0xf0
[  446.503887][    C1]  secondary_startup_64_no_verify+0x179/0x17b
[  446.503919][    C1]  </TASK>