last executing test programs:

8m51.147132495s ago: executing program 1 (id=145):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCSARP(r0, 0x8955, &(0x7f0000000800)={{0x2, 0x4e23, @remote}, {0x1, @local}, 0x2c, {0x2, 0x4e22, @empty}, 'lo\x00'})
r1 = socket$inet_udp(0x2, 0x2, 0x0)
execve(&(0x7f0000000040)='./file0\x00', &(0x7f00000001c0)={[&(0x7f0000000080)=')@/#-^^\x00', &(0x7f0000000140)='!\x00', &(0x7f0000000180)='syztnl0\x00']}, &(0x7f0000000300)={[&(0x7f0000000200)=',)\x00', &(0x7f0000000240)='syztnl1\x00', &(0x7f0000000280)='syztnl0\x00', &(0x7f00000002c0)='syztnl1\x00']})
ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f0000000440)={'sit0\x00', &(0x7f00000000c0)={'syztnl0\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @loopback, @multicast2}}}})
r2 = gettid()
timer_create(0x2, &(0x7f000049efa0)={0x0, 0xb, 0x4, @tid=r2}, &(0x7f0000044000)=<r3=>0x0)
syz_clone(0x42164000, 0x0, 0x0, 0x0, 0x0, 0x0)
timer_settime(0x0, 0xffffffffffffffff, 0x0, 0x0)
timer_settime(r3, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
ioctl$sock_ipv4_tunnel_SIOCDELTUNNEL(r1, 0x89f6, &(0x7f0000000100)={'syztnl0\x00', &(0x7f0000000000)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @remote, @broadcast}}}})

8m49.871743104s ago: executing program 1 (id=150):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
bind$bt_l2cap(r0, &(0x7f0000000380)={0x1f, 0x6, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x11}, 0x2}, 0xe)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x200000, &(0x7f0000000b80), 0xde, 0x558, &(0x7f0000000c00)="$eJzs3U1rG0cfAPD/ynbenOeJAyG0PRRDDk1JI8d2X1LoIT2WNjTQ3lNhb0ywHAVLDrEbaHJoLr2UUCilgdIP0HuPoV+gnyLQBkIJpj30orLyylFsyZZtpVaq3w82mdldaXY0+x/PaCQUwMAaz/4pRLwcEV8nEcdajg1HfnB87bzVJ7dmsi2Jev2TP5JI8n3N85P8/9E881JE/PJlxJnC5nKryyvzpXI5XczzE7WF6xPV5ZWzVxdKc+lcem1qevr8W9NT777zds/q+vqlv777+MEH5786tfrtT4+O30viQhzNj7XWYw9ut2bGYzx/TUbiwoYTJ3tQWD9J9vsC2JWhPM5HIusDjsVQHvXAf98XEVEHBlQi/mFANccBzbl9j+bBL4zH769NgDbXf3jtvZE41JgbHVlNnpkZZfPdsR6Un5Xx8+/372Vb9O59CIBt3b4TEeeGhzf3f0ne/+3euS7O2VjGDvu/+g4vCWjxIBv/vNFu/FNYH/9Em/HPaJvY3Y3t47/wqAfFdJSN/95rO/5dX7QaG8pz/2uM+UaSK1fLada3/T8iTsfIwSy/1XrO+dWHHfup1vFftmXlN8eC+XU8Gj747GNmS7XSXurc6vGdiFfajn+T9fZP2rR/9npc6rKMk+n9Vzsd277+z1f9x4jX2rb/0xWtZOv1yYnG/TDRvCs2+/PuyV87lb/f9c/a/8jW9R9LWtdrqzsv44dDf6edju32/j+QfNpIH8j33SzVaouTEQeSjzbvn3r62Ga+eX5W/9Ontu7/2t3/hyPisy7rf/fE3Y6n9kP7z+6o/XeeePjh5993Kr+79n+zkTqd7+mm/+v2Avfy2gEAAAAAAEC/KUTE0UgKxfV0oVAsrn2+40QcKZQr1dqZK5Wla7PR+K7sWIwUmivdoy2fh5jMPw/bzE9tyE9HxPGI+GbocCNfnKmUZ/e78gAAAAAAAAAAAAAAAAAAANAnRjt8/z/z29B+Xx3w3PnJbxhc28Z/L37pCehL/v7D4BL/MLjEPwwu8Q+DS/zD4BL/MLjEPwwu8Q8AAAAAAAAAAAAAAAAAAAAAAAAAAAA9denixWyrrz65NZPlZ28sL81XbpydTavzxYWlmeJMZfF6ca5SmSunxZnKwnbPV65Urk9OxdLNiVparU1Ul1cuL1SWrtUuX10ozaWX05F/pVYAAAAAAAAAAAAAAAAAAADwYqkur8yXyuV0UUJiV4nh/rgMibVEM7D3/IT72y8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQKt/AgAA//+jgjYy")
r1 = socket$inet6_icmp(0xa, 0x2, 0x3a)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vxcan0\x00'})
r2 = bpf$PROG_LOAD(0x5, 0xfffffffffffffffc, 0x9e)
r3 = socket$nl_route(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r3, 0x10e, 0xc, &(0x7f0000000040)={0x80}, 0x10)
sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=@ipv6_getroute={0x24, 0x1a, 0x115, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x7f}, [@RTA_METRICS={0x5, 0x8, 0x0, 0x1, "8e"}]}, 0x24}, 0x1, 0x0, 0x0, 0x40440c0}, 0x240000d4)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="c50a000000000000791048000000000061044f0000"], &(0x7f0000003ff6)='GPL\x00', 0x2, 0xce, &(0x7f00000000c0)=""/206, 0x0, 0x0, '\x00', 0x0, @sk_msg, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, r2}, 0x94)
creat(&(0x7f0000000040)='./bus\x00', 0x0)

8m48.698864664s ago: executing program 1 (id=158):
syz_emit_ethernet(0x3a, &(0x7f0000000180)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x11, 0x0, @loopback, @empty}, {0x0, 0x4e22, 0x18, 0x0, @wg=@data}}}}}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xe, 0x16, &(0x7f0000000940)=ANY=[@ANYBLOB="61158800000000006113500000000000bfa000000000000007000000ee0016055e0301000000000064050000000000006916340000000000bf07000000000000260507000fff07206706000020000000470600000ee60060bf500000000000002f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffad4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05002000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe0185473d51b546cad3f1d5ace0600006e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc0da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e0dee5eb106774a8f3e6916dfec88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc206438b8ef4901fd03c16dfda44e2a2235c8ac86d8a297dff0445a15f21dce431e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076eb685d00c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932fb3bba54b3a6aa57f1ad2e99e0e67ab9ff16d20000009f0f53acbb40b4f8e2738270001562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000007b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000000000000000000000000000c1eb2d91fb79ea00000000815266b2c9e1bfadc7498e9dda5d000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631822a11dc3c693962895496d4f6e9cc54db6c7205a6b26f92121ef53e553acdf42068fff496d2da7d6327f31d7c8cc5d325c5379b0363ce8bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b3042065acaa10856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710eec53f1b11cced7bc3c8da0c44d2fbf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db80300c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fc5fb38f8709d87b27f8a5d9121fdc058447b728f134f72062fc4b1ca0780b1a7af137ff7b4ff139604faf0453b65586f65c7943d56b52f06c870edf0c5d744b5272b44c23480b2bdbff947c4dfa108cbb88202eeb81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2cc17dc4a29b9cba8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da20000d9ef418cf19e7a8c4c328be0ce91798adc2dca871073f6bd61940aabc86b94f8cbde4d47060400e722a6a2af483ad0d3415ed0f9db009acaba9eaea93f811d434e00000000000000000000d154672fea96aedf346279ec00000000000000000000d535d41b0067f01e2e54b9154d876020b669640ead4ca44631fadf7c4ac39a1b331dbdcd52b36df021b731ef1f92330d347f88ced5c1aaadbcdd8d2257e3a9a7c7494fadf9be36f7a2334ee6e9446fa1fd486f85d672a77dc5bd21463994d49f12016305a1e394d292b66840fe32b40ad665d241a8b8a32b3100450c32832789aa8a096f41201b585cd76631c88cf958e9e9047f5af1730c5e83db12460a0768fd4b62be6c41eed307048bac8d1f7f164574241e06027654b248dcc38749eee0c1ee7c61b3f6411a559c3d45637b11e440ed5a99109b8e71d28c3d677af5f0499c6d3fc6a129775056958c9df824ebe5fa9fb306b24a8a8334910627d03efe69d4b61c4345f048c5da8aca16cea848fa77d2507c920a6bd654b00e07789382ed902c80deeff2fd5c78f42e4353e5360c3e55962efd1331e6736eaf4ee27736fa54803ee8ec1a15266ffcd8b30368740b584c2559e691e542cab3d49db327db62328f159d1e0900b3e23e84dedcd1377aa15dbeab7db181bd66980c3557c7d9f7377fcb6023accb5c368a121acf70e5f4c3f2a0ea07011c7149ea979cab2ee65cf7ffa29152b7a8fed89575e6e6fd77d4d9463d21775abac886ee6a1f2d7d8523840438a73d6307a87e2f525867fc3af7ab74520a773ae26bae74cdd405a211e8833e1ba523cde51d04a7ca6732"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_skb, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

8m47.001224399s ago: executing program 1 (id=162):
socket$inet_mptcp(0x2, 0x1, 0x106)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x60140, 0x0)
socket$phonet_pipe(0x23, 0x5, 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
r0 = syz_io_uring_setup(0x1ed3, &(0x7f0000000240)={0x0, 0x0, 0x10100, 0x5, 0x279}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000003c0)='pids.current\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_TEE={0x21, 0x4, 0x0, @fd_index=0x8, 0x0, 0x0, 0x9, 0x7, 0x1})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

8m46.301716706s ago: executing program 1 (id=164):
mkdir(&(0x7f0000000040)='./file1\x00', 0x160)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
symlink(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000140)='./file1\x00')

8m46.018935321s ago: executing program 1 (id=165):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_crypto(0x10, 0x3, 0x15)
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

8m30.305181766s ago: executing program 32 (id=165):
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$nl_crypto(0x10, 0x3, 0x15)
socket$xdp(0x2c, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000080)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r0 = syz_io_uring_setup(0x24f6, &(0x7f0000000b80)={0x0, 0x0, 0x10100, 0x0, 0x33a}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
sendmsg$IPSET_CMD_TYPE(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='8'], 0x38}}, 0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f0000000180)=ANY=[], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_CLOSE={0x13, 0x8})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

7m59.321708008s ago: executing program 5 (id=320):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
r0 = socket$inet6(0xa, 0x80002, 0x0)
setsockopt$inet6_udp_int(r0, 0x11, 0x67, 0x0, 0x0)
connect$inet6(r0, &(0x7f00000001c0)={0xa, 0x4e23, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x20}}}, 0x1c)
setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8)
sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4001c00)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)

7m58.757543837s ago: executing program 5 (id=324):
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
syz_mount_image$nilfs2(&(0x7f0000000040), &(0x7f0000000300)='./file2\x00', 0x400, &(0x7f0000000000)=ANY=[], 0x1, 0xabf, &(0x7f0000000480)="$eJzs3U2oXFfhAPAz8968vJe2/0z6T+wzjW1ita0ffWlenvEjaFIShIamiJtCcRPStAZjBCuopWCSlTtbSgRXfuCqm1JFsBsJXbkp2EARuqouRAwRCy40moxk3jnz7pzM9M5M3puPzO8HZ86ce+6dc+7MvXfu5zkBmFrV5uvKymIlhAtvvHLkbw/+ZeHGkIOtMerN19lCqhZCqMT0bPZ5782sxtfef/FEp7gSlpuvKR2evNKa9o4QwtmwK1wM9bDjwqWX31p+4ti5o+d3v/3qgcsbM/cAADBdvnLxwMr2P/3h3q1XX7vvUNjUGp72z+sxfWfc7z8Ud/zT/n81tKcrhVA0l403G0N1oX28mQ7jFcupZePNFsdfWCt7Liu/1qWem8IHlz9TGNZpvmGSpeW4HirVpbZ0tbq0tHpMHprH9XOVpTOnTj/7/IgqCqy7f94fQthVCIfPt6fHLRwcgzoMGBpjUIeJDIeGV9bVxqqRz/OQQmPLqLdAAKvy64U3OZufWbg1rU+b7a38K49VO08P62DYy39f5c+NuPyg/F+es8Vh/dyuS1Oar7Qe3RnT+XWE/P6l7utffqWjfWh+PaLWYz27XUeYlOsL3eo5M+R6DKpb/fPl4nb1xRin7+FLWX5x/cl/00n5jYHO/pWf/xcEYbxDaEvXbuWzGiPe/gDjK79vrpGuj0b5fX15/qaS/PmS/IWS/M0l+XeU5MM0+/V3fhReqqwd5+fH9P2eD0/n2e6K8f/1WZ/8fGS/5ef3/fbrVsvP7yeGcfbb40+d/NwzT19avf+/0lr+r8flPR1u1OO6dTGOkM4X5ufVW/f+19vLqXYZ7+6sPnd1GL/5flv7eJVta58TCtuZm+qx2D7dlm7j7Wwfr56NtxDDfFbffP9kczZd2v9I29X0fc1m81vL5mMuq0farmyNcV4PGERaHrvd/5+Wz8VQqzx76vTJR2M6Lae/n6ltujF875DrDdy6Xp//WQztz//c2Rpeqxa3C1vWhldWtwuvx89rH77cKqd9+L6YTv9zX59ZaA5fOvGt08+s/+zDVHv++y984/jp0ye/7c3Ab76c3vw1hDAG9enhTTpsGZf6eDN2b0a8YQI23J4frO4EPHLqm8efO/ncyTP79u/ft7y8//P7VvY09+v3FPfui86OoLbAelr70x91TQAAAAAAAAAAAIBefffokUvvvPnZd1ef/197/i89/5/u/E3P//8we/4/f04+PQefngPc2iG/OU7WwOpcNl4thv/P6rstK2d7Nt2HYtzqxy8+/5+Ky9t1TfW5Jxte65LMmhO4qb2UuawNkry/wI/G+HyMfxFghCoLnQfHuGP71vNrK0Ra1lP7FIV2KRraB54c6XdLS0NqxyQ9/92xXafCj711CHVk/Q3jccJRzyPQ2d+nqv3vf6zN+MjrInQPs8Mt7yfTu0w0uu6l99qDDcD6GHX/n+m8Z4rP/O7x+RshjXblsfbtZd5+KfTjj++0p8e9/8mNLj/vt2/Y5Y96/ofd/2er/7uet39Zj3n1wcr9908vv1soNuzotfx8/lM70Nv6K/9qLD/NzUOht/IbP8/Kzy8I9eg/Wfmbeyz/pvnfOVj5/43lp6/t4Qd6LX+1xpVqez3y88bp+l9+3ji5ls1/atvzA8r/6gud5n/Ajhqvx/Jhmk1KP7P9yvYjWjvtg/f/G51d3/5/W5XNNmv5fRifiem0IU73OeT9nfRb/3R/Rfof2J59fqXk/03/v5PtCzEuWx9S/79peazHv/xCuvldpnStw3d7u25rYFK9N1XX/yYizI9BHYTeQ2NmgOla/cStUz2OXhhsukajsbEntEqMtHBG/v2P+jhh1OWP+vsvk/f/m+/D5/3/NvMLBxF5/7/59Hn/v3n+QvyFuuVvDiE8XsjPv8+8/988/57sc/P+gRdL8j9ckr+jc37rsP3ekul3luR/pCR/dyv/YNsYKf++kunvL8m/uyT/gZL8j5Xkf7wk/8GS/IcL+cU+oFP+J0qmv92l51Gmdf5hmuXP51n/YXqk6z/d1v9tJfnA5Prxa3sPP/2rr9VXn/+fa50PSdfxDsV0LR4/fS+m8+veoZC+kfdmTP85yx/38x0wTfL2M/L/94dK8oHJle7zsn7DFKrMdx4c47J2q7rt5zNZPhnjT8X40zF+JMZLMd4T470xXh5S/dgYh1//zYGXKmvH+1uy/F7vJ8+fB2prJyqEsK/H+uTnB/q9nz1vx69ft1r+gI+DAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAjEy1+bqyslgJ4cIbrxx56tipPTeGHGyNUW++zhZStdZ0ITwa45kY/yy+ufb+iyeK8fUYV8JyqIRKa3h48kqrpDtCCGfDrnAx1MOOC5defmv5iWPnjp7f/farBy5v3DcAAAAAt7//BQAA//+Cow9I")
mknod$loop(&(0x7f0000000780)='./bus\x00', 0x400, 0x1)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$ifreq_SIOCGIFINDEX_team(0xffffffffffffffff, 0x8933, &(0x7f0000000200))
r1 = fspick(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0)
fsconfig$FSCONFIG_CMD_RECONFIGURE(r1, 0x7, 0x0, 0x0, 0x0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./bus\x00', 0x0)
socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)

7m57.95158828s ago: executing program 5 (id=328):
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
pipe(&(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newqdisc={0x3c, 0x24, 0x0, 0x0, 0x0, {}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_INTERVAL={0x8, 0x3, 0x6}]}}]}, 0x3c}}, 0x0)
r2 = socket$inet_udp(0x2, 0x2, 0x0)
close(r2)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$EVIOCSFF(0xffffffffffffffff, 0x40304580, &(0x7f0000000040)={0x0, 0x0, 0x100, {0x0, 0xa}, {0x3}, @const={0x0, {0x1, 0x8, 0x4, 0x881}}})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0)
write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc)
splice(r0, 0x0, r2, 0x0, 0x4ffe6, 0x0)

7m56.502732226s ago: executing program 5 (id=333):
openat$sequencer(0xffffffffffffff9c, 0x0, 0x8002, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, 0x0}, 0x1)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x1a3089, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000740)='autofs\x00', 0xc000, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$AUTOFS_DEV_IOCTL_ISMOUNTPOINT(r1, 0xc018937e, 0x0)

7m56.157435009s ago: executing program 5 (id=335):
syz_emit_ethernet(0x3a, &(0x7f0000000140)=ANY=[], 0x0)
r0 = memfd_create(&(0x7f0000000000)='\xf3e\t\x9f\x918\xc0y\x01c\x1fnux\x00sV\ad\xb0l \xfd\xd7\x8e\x7f\x89\xb8\xc5;~\x04\x03~K\xfbP\x84=\xfa\x81\f\x1et\x10\x0e\xcf^9\xbe\\', 0x0)
pwrite64(r0, &(0x7f00000008c0)='/', 0x1, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
socket(0x10, 0x803, 0x0)
socketpair$unix(0x1, 0x0, 0x0, &(0x7f0000000100))
socket(0x1, 0x803, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket(0x1, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295a5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r3}, [@IFA_LOCAL={0x14, 0x2, @mcast1={0xff, 0x2}}, @IFA_ADDRESS={0x14, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x4000}, 0x0)

7m55.795152586s ago: executing program 5 (id=336):
r0 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000280))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
r2 = dup2(r1, r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x5)
read$FUSE(r2, &(0x7f0000002b40)={0x2020}, 0x2020)
read$FUSE(r2, &(0x7f0000000b00)={0x2020}, 0x2020)
close_range(r0, 0xffffffffffffffff, 0x0)

7m55.009304403s ago: executing program 33 (id=336):
r0 = io_uring_setup(0x194e, &(0x7f0000000a80)={0x0, 0xd3d5, 0x80, 0x5, 0x2b0})
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000280))
ioctl$VHOST_SET_FEATURES(r1, 0x4008af00, &(0x7f0000000080)=0x200000000)
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000040)=0x1)
r2 = dup2(r1, r1)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x5)
read$FUSE(r2, &(0x7f0000002b40)={0x2020}, 0x2020)
read$FUSE(r2, &(0x7f0000000b00)={0x2020}, 0x2020)
close_range(r0, 0xffffffffffffffff, 0x0)

6m20.631547184s ago: executing program 3 (id=590):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000080000000c"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000005000008000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000008500000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10)
r2 = socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
r4 = socket(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r4)
getsockname$packet(r4, &(0x7f00000002c0)={0x11, 0x0, <r5=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r5, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r5, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x4000800)
sendmsg$nl_route_sched(r2, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)=@delchain={0x3c, 0x64, 0xf31, 0xfffffffb, 0x0, {0x0, 0x0, 0x0, r5, {0x0, 0xfff1}, {0xfff3, 0xffff}, {0xa, 0x1b}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_ENC_OPTS={0x8, 0x54, 0x0, 0x1, [@TCA_FLOWER_KEY_ENC_OPTS_ERSPAN={0x4}]}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x10}, 0x4000)

6m16.983770012s ago: executing program 3 (id=597):
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000280)=@newlink={0x3c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x20305}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e21}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x11}, 0x0)

6m14.736634505s ago: executing program 3 (id=604):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_mount_image$ext4(&(0x7f0000000bc0)='ext4\x00', &(0x7f0000000140)='./bus\x00', 0x4000, &(0x7f0000000900)={[{@bsdgroups}, {@noquota}, {@usrjquota}, {@orlov}, {@test_dummy_encryption}, {@minixdf}, {@nobh}, {@nodioread_nolock}]}, 0xa, 0xbb8, &(0x7f00000017c0)="$eJzs3M1rXFUbAPDn3kymaZv3nfTlRawbIyItiNOkkmKLYCsVNy4E3QoN6aSETD9IIjVpFhP9B0RdC24EtSgu7LobRbdutN0qLoQisVEQ0cidjyQ2mTS1M70x/f3gzD3nnpl5nmcuM/cemJkA7luD2U0asT8iTiURpeb+NCKK9V5fRK1xv6XF+bFfF+fHklhefumnJJKIuLk4P9Z6rqS53dsc9EXE188m8b831sednp2bHK1WK1PN8aGZsxcOTc/OPTFxdvRM5Uzl3PCRp0YOjxwZOjrSsVp/++74lV8eef6H2u8f/nH557ffT+J49Dfn1tbRKYMxuPKarFWIiNFOB8tJT7OetXUmhds8KO1yUgAAtJWuuYZ7IErRE6sXb6X4/JtckwMAAAA6YrknYhkAAADY4RLrfwAAANjhWt8DuLk4P9Zq+X4j4d66cSIiBhr1LzVbY6YQtfq2L3ojYs/NJNb+rDVpPOyuDUbE99ePfpK16NLvkDdTW4iIBzc6/km9/oH6r7jX159GxFAH4g/eMv431X+8A/Hzrh+A+9PVE40T2frzX7py/RMbnP8KG5y7/om8z3+t67+lddd/q/X3tLn+e3GLMS598O7FdnNZ/U9fee7jVsviZ9u7KuoO3FiIeKiwUf3JSv1Jm/pPbTFG6c+LlXZzede//F7Egdi4/pZk8/8nOjQ+Ua0MNW43jLHw1chH7eLnXX92/Pe0qb/1/0/tjv+FLcZ45eTJT9ftvL7a3bz+9Mdi8nK9V2zueW10ZmZqOKKYvLB+/+HNc2ndp/UcWf0HH938/b9R/dlnQq35OmRrgYXmNhu/fkvMZy5f+qxdPq31X57H/3Sb47+2/i8L64//m1uM8dgXbx1sN7d2/Zu1LH5rLQwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALWlE9EeSllf6aVouR+yNiP/HnrR6fnrm8fHzr547nc1FDERvOj5RrQxFRKkxTrLxcL2/Oj58y/jJiNgXEe+UdtfH5bHz1dN5Fw8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMCKvRHRH0lajog0IpZKaVou550VAAAA0HEDeScAAAAAdJ31PwAAAOx81v8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB02b6Hr15LIqJ2bHe9ZYrNud5cMwO6Lc07ASA3PXknAOSmkHcCQG7ucI3vcgF2oOQ2831tZ3Z1PBcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtq8D+69eSyKidmx3vWWKzbneXDMDui3NOwEgNz2bTRbuXR7AvectDvcva3wguc183+p9an+f2dW1nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADYfvrrLUnLEVFs7iuXI/4TEQPRm4xPVCtDEfHfiPi21LsrGw/nnDMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACdNz07NzlarVamsk4azc7KHp3VTtJ4xWrbJR+du+wUY1uksU07eX8yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACQh+nZucnRarUyNZ13JgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDepmfnJker1cpUFzt51wgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQH7+CgAA//9gfgp0")
socket$inet6_tcp(0xa, 0x1, 0x0)
gettid()
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f00000001c0), 0x67682, 0x0)
r1 = dup(r0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
rmdir(0x0)
fallocate(r1, 0x10, 0x0, 0x1062200)

6m10.631825523s ago: executing program 3 (id=614):
syz_mount_image$udf(&(0x7f0000000c40), &(0x7f0000000c80)='./file0\x00', 0x2810489, &(0x7f0000000580)={[{@lastblock={'lastblock', 0x3d, 0xe2}}, {@unhide}, {@gid_forget}, {@nostrict}, {@unhide}, {@undelete}, {@shortad}, {@uid_ignore}, {@shortad}, {@uid}, {@adinicb}, {@uid_ignore}, {@fileset}, {@uid_forget}]}, 0x4, 0xc24, &(0x7f0000000d00)="$eJzs3V9oXOl5B+D3myOtJW/TzG42zh/nYmAD2Xqzi2R51yregBwrIgvGa1ZWLhYKGluyO6w0kiW5eEMJLiSUkLa45CKXNWwCvauvWggNuFfbEgKiV6UXxW03Zns3CaQtvViVM/ONNNLalrK2JXn9PMb+nTnznpnvzOrVnDN7zpwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACK+/o2TQ8Npr0cBAOymM5NvDo14/weAJ8o5+/8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwvRRHfjRTv/qCVptu3OwZON5pXrk6NT9x9scEUKSpRtOvLvwPDR0eOvfLq8dFu3n/5h+0L8cbkuZO1Uwvzi0uzy8uzM7WpZuPCwszsjh/hQZff6kj7BajNv31l5uLF5drRl0c23X21eufA04eqJ0YPj7zVrZ0an5iY7Knp6//Yz/4R6eE9FJ8gT0UR34wU7730QapHRCUevBe2+d3xqA1GX9l/7ZWYGp9or8hco95cKe9MlVzVF1HtWWis2yO70IsPZCziWvnfqRzwkXL1JhfrS/Xzc7O1s/WllcZKY6GZKp3RlutTjUqMpojFiGgVez149pv+KOJYpLjz61Y6HxFFtw9ePDP55tDI9g/QtwuDvMfTVouI1XgMehb2qQNRxF9Gih9OD8WF3Ffttnk/4itlvhZxucxbKa7n26n8BTEa8SvvJ/BY64sifhEpFlIrzXR7v71defpbtdebFxd6arvblY/9/sFusm3CPjYQRZxvb/G30sf/sAsAAAAAAAAAAAAA2B1F/DRS3Jx/IS1G7zmljeal2rn6+bnOUcHdY/9ream1tbW1aupkLedQzrGcZ3NO51zMeS3n9Zw3ct7MeSvnas7bOVs5o5KfP2ct51DOsZxnc07nXMx5Lef1nDdy3sx5K+dqzts5WznDeU8AAAAAAAAAAAAAAAAAAAA8ZINRxESkuPHuH7WvKx3t69J/+sTomfHneq8Z/7ltHqesfTkifho7uyZvf77WeKqUfx7+egHbG4givpOv//cnez0YAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgX6hEEd+NFD/6TStFioixiOno5O1ir0cHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJQGUhGnIsV/fWOgfXs1Ir4YER+ulX8i/ndtq70eMQAAAAAAAAAAAAAAAAAAAHwCpSIuR4ofv9dK1Yi4Wr1z4OlD1ROjh0feKqKIVJb01r8xee5k7dTC/OLS7PLy7Extqtm4sDAzu9OnGzjdaF65OjU+8UhWZluDj3j8gwOnFhbfWWpc+sOVu95/cODk+eWVpfqFu98dg9EXMdQ750h7wFPjE+1BzzXqzfaiqXKPAfZF1Ha6MgAAAAAAAAAAAAAAAAAAAOwbB1MR45Hi+Z8dS93zxvs65/x/qnOrWK/9yR9vfBfA3Jbs6v3+gJ1Mp50O9Ej7xPva1PjExGTP7L7+j5aWY0qpiM9GisN///n2+fApDt713Piy7s8ixej/Hct11cNl3dimqoEjU+MTtTMLzZdOzs0tXKiv1M/PzdYmF+sXdvzFAQAAAAAAAAAAAAAAAAAAAHAfB1MRfx4pjr2+mrrXnc/n//d1bvWc//9aRPey8wNpc65rn9v/u+1z+zvTnz4x+vrR5+81/1Gc/1+OKaUiPowUz/zV59vX0++e/z+0pbas+3Gk+MX3vpTrKk+VdcPd1ek84sXG3OxQWftipPj+2W5ttGtfzbWf2agdLmv/IVI8+weba4/n2uc2ao+WtXcixcSZu9d+dqN2pKwdjBRf/dNat/ZgWfv1XHtoo/blCwtzMzt9eXkylf3/b5Hiy8PfTN2f+Xv2f8/3f1zbkus+0vP3n35Y/V/tmXct9/Va7v/hbfr/cqT4i+tfynWd3jua73+m/e9G/38/UvzepzbXvpJrn92oHd7pasFeKvv/nyLF6u1/Wf+Zz/2fO2ujQ3v7/4t9m7O7XbBX/f9Mz7xqHtfIb/lawJNm+Z1vv12fm5tdMmHChIn1ib3+zQQ8auX2/39Hiq9dLlJ3PzZv//9O59bG/v//fGdj+//Elly3R9v/z/bMO5H3Wvr7IgZW5hf7PxcxsPzOt19qzNcvzV6abY6MjB7//WPDR48P9z/V3bnfmNrxawePu7L/344UP/mbf17/HHvz/v/dP/87uCXX7VH/f6Z3nTbt1+z4pYAnTtn/fx0p/vXGB+v/v+l+n/91P+d74fnNOdgt2qP+f65nXi3/M9oz74Ui4uROnwsAAAAAAAAAAB4TB1MRP4sUf9v6x/Vr3m8+/ie+3K3tPf7vXvbD9f8BgPsr3/8nI8XPD341db9DZifH/89syXV7dPzvoZ55M7t0XvOOX2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiYUhRxIFK8+4NWul2UtzsGTjeaV65OjU/cfbHBFCkqUbTry78Dw0dHjr3y6vHRbt5/+YftC/HG5LmTtVML84tLs8vLszO1qWbjwsLM7I4f4UGX3+pI+wWozb99ZebixeXa0ZdHNt19tXrnwNOHqidGD4+81a2dGp+YmOyp6ev/2M/+EenhPRSfIE9FET+PFO+99EH69yKiEg/eC9v87njUBqOv7L/2SkyNT7RXZK5Rb66Ud6ZKruqLqPYsNNbtkV3oxQcyFnEtIirlgI+Uqze5WF+qn5+brZ2tL600VhoLzVTpjLZcn2pUYjRFLEZEq9jrwbPf9EcRfxcp7vy6lf6jiCi6ffDimck3h0a2f4C+XRjkPZ62WkSsxmPQs7BPHYginosUP5weiv8sOn3Vbpv3I75S5msRl8u8leJ6vp3KXxCjEb/yfgKPtb4o4mykWEit9H6Re7+9XXn6W7XXmxcXemq725WP/f7BbrJtwj42EEX8sr3F30q/9H4OAAAAAAAAAAAAAPtcEV+LFDfnX0jt80PXzyltNC/VztXPz3UO6+8e+1/LS62tra1VUydrOYdyjuU8m3M652LOazmv57yR82bOWzlXc97O2coZlfz8OWs5h3KO5TybczrnYs5rOa/nvJHzZs5bOVdz3s7ZyhmOkwYAAAAAAAAAAAAAAAAA4BGpRBHfixQ/+k0rrRWd68tORydvO88VPtH+PwAA//9mFkcG")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000880)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='mountinfo\x00')
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x80)
syz_emit_ethernet(0x3e, 0x0, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x8020000)
mount_setattr(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x8000, &(0x7f0000001dc0)={0xf, 0x0, 0x100000}, 0x20)

6m8.793646157s ago: executing program 3 (id=619):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000004c0), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x2, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
creat(&(0x7f0000000180)='./file0\x00', 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000280)={0x3})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$SNDRV_TIMER_IOCTL_GSTATUS(0xffffffffffffffff, 0xc0505405, &(0x7f0000000000)={{0xffffffffffffffff, 0x3, 0x9}, 0x3})
syz_kvm_setup_cpu$x86(r1, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text16={0x10, 0x0}], 0x1, 0xe, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000140)=[@text32={0x20, &(0x7f0000000500)="b8010000000f01c10f22a10f20e035800000000f22e066ba610066b80a0066ef66b832000f00d0b8010000000f01c166ba4300b0beee0f793c1e2e643e2e3e650f79288fc878c15b0e3f", 0x4a}], 0x1, 0x21, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)

6m6.940015733s ago: executing program 3 (id=625):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_io_uring_setup(0x239, &(0x7f00000003c0)={0x0, 0xf2d0, 0x10100, 0x0, 0x392}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x90c0}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
ppoll(&(0x7f00000000c0)=[{r5, 0x1000}], 0x1, 0x0, 0x0, 0x0)

6m4.96674289s ago: executing program 34 (id=625):
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000180), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_io_uring_setup(0x239, &(0x7f00000003c0)={0x0, 0xf2d0, 0x10100, 0x0, 0x392}, &(0x7f00000001c0)=<r3=>0x0, &(0x7f0000000080)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r1, 0x0, 0x0, 0x0, {0x90c0}, 0x1})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
r5 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0)
ppoll(&(0x7f00000000c0)=[{r5, 0x1000}], 0x1, 0x0, 0x0, 0x0)

12.649820444s ago: executing program 7 (id=1437):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0xc, 0x0, &(0x7f0000000180)='GPL\x00', 0x8}, 0x94)
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaabb08004c000078ac1414000a0101004414050300000000000000000a0101010000000089", @ANYRES32=0x41424344, @ANYBLOB='\\'], 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f1068", 0x9, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

12.421444929s ago: executing program 2 (id=1439):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000000c0)=[{&(0x7f0000000180)="1400000017000b63d25a80648c2594f905a3c92b", 0x14}], 0x1}, 0x0)

11.305592456s ago: executing program 2 (id=1442):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c000280080001400000000114000000110001"], 0xd0}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r4, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a14000000020a090100000000000000000000000014000000110001000000"], 0x3c}}, 0x0)

10.746925645s ago: executing program 4 (id=1443):
r0 = socket$kcm(0x10, 0x3, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
syz_emit_ethernet(0x66, &(0x7f0000000240)={@local, @random="706ab144ffe0", @void, {@ipv4={0x800, @gre={{0x5, 0x4, 0x0, 0x0, 0x58, 0x0, 0x0, 0x0, 0x2f, 0x0, @remote, @remote}, {{0x0, 0x0, 0x1, 0x0, 0xb, 0x1, 0x0, 0x4}}}}}}, 0x0)
openat$fuse(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f90224fc60", 0x14}], 0x1, 0x0, 0x0, 0x10}, 0x0)

10.611593884s ago: executing program 7 (id=1444):
socket$netlink(0x10, 0x3, 0x0)
socket$inet_mptcp(0x2, 0x1, 0x106)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000180)=ANY=[@ANYBLOB="1801000001ffffeb00000000eb658e0d850000007b00000095"], &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18)
socket$nl_xfrm(0x10, 0x3, 0x6)
socket$inet_mptcp(0x2, 0x1, 0x106)
socket(0xa, 0x3, 0x3a)
socket$inet6(0xa, 0x3, 0x8000000003c)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$NL80211_CMD_GET_COALESCE(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000400)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000200)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x8f)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c0000001000030400000006000000005dcc0300", @ANYRES32=r3, @ANYBLOB="71e79fd800000000140012800c0001006d616376746170001400028008000500", @ANYRES32=r4], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newtfilter={0x2c, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x74, r3, {0xffe0}, {}, {0xa, 0x1}}, [@TCA_RATE={0x6, 0x5, {0x39, 0x1}}]}, 0x2c}, 0x1, 0xf0ffffffffffff, 0x0, 0x4004140}, 0x0)

9.290602434s ago: executing program 4 (id=1446):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000140)={0x0, 0xffffffffffffff34, &(0x7f0000000080)={0x0, 0xb8}}, 0x0)
getsockname$packet(r1, &(0x7f0000000000)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x3c)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x27, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sendmsg$nl_route(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000540)=ANY=[@ANYBLOB="34000000100081eee80000040000000010000000", @ANYRES32=r3, @ANYBLOB="ddfffffdff000000140012000c000100627269646765"], 0x34}}, 0x0)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000140)=@ipv4_newaddr={0x20, 0x14, 0x1, 0x0, 0x0, {0x2, 0x20, 0x0, 0xff, r3}, [@IFA_LOCAL={0x8, 0x2, @local}]}, 0x20}}, 0x0)
r4 = socket$inet(0x2, 0x3, 0x2)
setsockopt$inet_mreqsrc(r4, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local, @empty}, 0xc)
r5 = socket$nl_route(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x4)
sendmsg$nl_route(r6, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000240)=0xe)
sendmsg$nl_route_sched(r5, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1300, 0x0, {0x0, 0x0, 0x0, r7}}, 0x24}}, 0x0)

9.202391981s ago: executing program 7 (id=1447):
syz_open_procfs(0x0, &(0x7f0000000000)='sched\x00')
socket$inet_udp(0x2, 0x2, 0x0)
open(&(0x7f0000000180)='./bus\x00', 0x189a7c, 0x113)
mknod$loop(&(0x7f0000000140)='./file0\x00', 0x20, 0x1)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f0000006300)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x0, 0x10408}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f00000041c0)="6930d8697c97a65b36159a023034632628cd4474514a1368f1e71dd9b7c48436c2ea07f3bd58a6bbc0f065ddba346122dff6ad81d21cea72e7d951c5c5b21a9f0ba768cd18ddcc7de78e2ba9ac88654a1d99806fb236617ff138f15994a6259de4f933ae62cdc98b2e33514066dd1b9ae1546df8db973d467507b2ecb6a4ece57b2ba7b9df20a0d6817b9fc2ee34e709a8bdef99624ab97472db298354edf3c072c710b9ba9d9a0ae44928172ce6a0d2695a17057255ec6e0b09c684a7f808e38302eb375390ae65d665da7f176a45ed0144a762fc666931f1a4c0ed03fb42e8f7ed4439add1a96b90904330d8e3c91527b405f36e89e44599c5ba4e742f1a281f0dab5fc2dc8855a78e1812ba99ce71fbabef429e87295d941c555c0fdacfa1f3256b70c1fc84b2d0df2c589dac34698d8d108474f84dce58efcbe580b8f348c550c6ca9abe230330d05dffea89475391015c707ddc45a3958a68ea44b5f7d81a84b9064111954da3b5c832df657efd5f0849b32834a053f4a052d7fd7d4db17be80879bf6859bc9605664557eceeb74753416e41b92fb84b572b3c78b6aab6f0bdfcfd7d3a830f12d1b3046e615889ae554db34d35775c6272243d7132426dfc9027ea50d62b91f356c58093933ad75013f9470ec90bfe1d9376002dbbcba9b7e7a1e023f878bfa4d88a9421c035951fd3169c5508ecf28c3a8691605242cc858fb56af44956bb5e677d1d90f0a3b97ad30c74adfc2f22232f7f1fa022c1f0492619cf98381039f26c784ca4d4706f67013bf457fe927aad53c1aa0da90d2730155664d84e41792f3f461840e41135c5b82c87834156b9d6403b7001e5ebb1846a6ad80723387bb92f8d991fa8db1fa65ef90a5054798635c18e7ff7649c41e867fb070bcfef61445a7d0c0c5fa02da82969db96aada4095e8cb2bf7728bf95eb020594c0d3617467701d8c4dd01c750712dae33dfba7548032b48ab93ff3c82e104b08116c1a68fb3b28a1b8ccc23c2698803828d1da099a5437b248078b502f7ccd867af9f8c79bc55643414c57466a781032bdd6dea9acd5cde821480a85c308dd03af012d03cb552b3770124ac279c9427c0e1b761c525eb251598d326bc650b5f055b610688fdaf9789e60fc234f1881536016901ddb2597b47e7bc675cac3ae8c50169230af084998dd6be35dc3609c5edbc93da3fe98ebb475a0d30437017ef640b96fd48ef52f509cf57e65c73ac09603081cd980e8b9d73ef4acf4511cfbb07d5074a6561192c2b2bce29cef8ec70ff599d4751103ffec500a8657d6ef30499b9ad0b10f3e7b6b53fc61dfbbb209e3691b1cba1af62468ebcb61c4c0a776fbfc92c5d2a10350bad29915e44cc952de4226ab646e28ab008683e470ccae3486bdb4ab4a6ffea9a671237bf0943660d929667ebe4a5f9cd1bdecbb53262a4fe3eaeed7fbb4ed1ca40da9e2efdaae4da05b14c754360f3c3e5b96f203c4f87e5feeb73abb88aa57fb850702339b5ac192810597e99fefedd52558fc6aad5d2ac0eaec00dda68467a3c7c7cdc3b724990f1b2f4f65e9181e5ebd0a343c491a1fe0e4378f241bd071fabeb1487044fe5c5eb942eb92dc80ff317cabfa10c75434441716a7339115a3071e45eb2d0800627b99a4fb59e260b26d53953ff3f255dc4bf40d3cc8797287fe3d6356d1eaaf67745ef73844b4c64e89ca0f04a87659427c26f0d6bfa2f4881ef69dc5c7b4515c7c4394f621fb98f2c6f496b7ac640d3a1fcd483ae10c4ee9710a896e67175a679f2461be09c722be20df30c9670299db21bc8aeae63e57ebeab1ca61c265f10d8def8243583e6967c5e40162110025a65f0c658db29f5eb0e50b2dd318ac55209721c8c0d51fb05c9ff3106731b058e14c8c89dd33bef6333f218c9f66e2bd9fd897b985bda3747c88fbd24d90cc8428380048330abb044f9e7107ccae059b961e0c6a53d182de21cb77e12d1ed0faeeb214c9ab6b7dd5f99d9278df393958a7a46aa734726938ca2172e4cba5f0a68cc2823bd5aa622c099fd936e303549ea4a80521b12b616526fdaf00779de369a5a83dcedbb739d426eb7f3864cbe346ff458433ca67a86ccbc703939216e4a001d9ccc84b4c438e5bb583e733973b3b0d2fa9a1bd4be4fc2b497b80e1455657a3f339f512cd38428e022d311075190c8d443cd94505dc52b0c7b6138f2279dcfd0a20a564e45b8f144a6f09e5beda5303f885a7d9fbdb4a6f3778ff9e9fc6e0dbee5bdd0330c3c956ddc36f10fb6811320ab30b4817934bd7e11bdcefb58132a17ac76fb54aaab0188a32eec2284f1a24835cc79c6909f742ab35631b919673eb84d53715dc8bdac9b6d28a24b869929d7fb7bcb34b5b5bab1ee69ee38c86541982806b84db06d0dc81e940a872ca89a5a7e1c191bec2808ac6aa0d733c1d647f88df8455ccfbd35fd5bef780bc8c4fb86efb1951b8382915939779493c20279b165c2b775b7d5b63ea0ceec09a17472bab7ec8122dbcf5ebaf4ac3db25fd0776f13cd67a36ce6cfa58acd262cbf4bdcbf2fa7239c79386dc580121e986de5b78a4351388e7fa6461a7657bdb4383c659409f16c7508d5e5618d116a659bc0462c130b088d63ac4bb69c0d756b5fa2e80004019d6ca5371ea361e8cc613954332ee959de1766f8f3689ab8daf45b69ec0810d0ab7e3b402860c8b94ffc25de57920f8da7a3bc7badc4dc9088bc7f6c71b1d4d960c258cd87abcd739bbd5115aef29f994f062318e8accab85f5c64a263ca14c1629284f7369d86436d174f6f2b1a5e014dc5cc3021efbce66bb88d7b3827be33365d8ab2daed7c6dc0651b77af1dd289684df8e21b6a81c66a27294c7cbf5cd90add094477cd6dec894b140a409add754727459c695c4e63dc73fb491af8c22edf1dbabe56a9969146056259a65f9c1c62973abba625b8065fdcccddda10cd7ff7b2144c63b754af792cfe395902608da630aeed913e9f014bdd184c9341c62fe0c7dd2660e26eab22cbd0d9e21ba0552e71f1ce17407672f01ef1012877fb7da93cdc92056ecad3ab01922b3a8e13661ef1372d84ce5167153ca2551edfed8c2c6557626f2554d67a852a8d2b566fa40c6dfeee3b63e2be83523f64365922531ac93ae196fa6a98b3b8708eb90f410f150c3e8680d9cb7265f108f2b860e7d8c7dd64405bd545eea08520cb33857b3090fe1b364e47151eb847ff444fab989dbe1e03b29409d46fff338d6ae5a4c61426ba4b170d96617774b6f3ae64beb7f791334f4d48d3fd26969d4a4342a8f1088bafdbefbcb1990e9d0fc95edf96113137e619cb15df9c4d9a21de468e40d284f5af88cb8b038540b91ba070f311efe1b081000da886eaddb3aaad90bca70e2ed34dadacccebb095d8e116ac9911c2c4f2a7a95e939853950b5e04a98b6bc9340b28e323ad7cc58888e33ef8bf438080dc26c71c8e12e0bbccb1fde98231ebf61a9011a2190b33c941d927128d30570c11b2a51d919d4caf1fbca673931fb2016b81c12e4a31b3458d0f215c97c9dfec8d514d66e748931b6e8bd06085c7ee8e7b845912053766ceaa20f1917d075fdcf2e9cca3e21bbbb1dc0a5cad36ee44e7a4e136ec5e5fc233cb63d5f035f96628a7abb281b493d9cf8fc4251fc9c3c004bd5d64713c05ba68de2318826b01db27661561b6dd381e5973b887797bb21f7a7f30c9343696a60775c36e5b05eb19dc62fef3ff99f8f00e8ccd25e00bd1863609f51e6a69f7e9c650aff3c8897ed6ee4c8d0b0356627cf69a3a3abd0c352e255b2c6250834c9fb272d83bdeb959ebc1e7207546da012b3eb4861c98fa1fd126b18a14585a2e142b98e5fe902a4961ccbdf7b7728588b7559511b30a2d2e86857d0281bd5e08103dcd11becfeb8e9c5b3e4813c79c14055e46203a5cebaa30fedec57ed23538afa85711e0ef3f72541af4d3e6c938590ee053d4ad1de8ecac6c49f1d70707c4d93e031b6f930658425fb0dfc3cde7c9f775eb3cf28fff76097c35e532335a80053fc198b6de7fb09b87e2219ec04782f35bedffef4c08e6316b25824caffef257d7a072fcd6251450dd9882e25e3e0a05a63b022e53ffcbff4097ad150095fb7065c47f7b8a9fc2c8186a5942663e661d80649af235707a87619d277dc8b5ef70190663991a531d67660c74f778301f9939d4511eca1f8bdee0706fec004a6042e45954f710a9e90081a8b297bcde440bc8d54676ba38397734196aa3835d361d8f36acbe4c1bf0f2782d27611555b19d1b9bd1ba493ab4c3a884216bc143629d8d418518f9a06b2b0d25a5e10ce515f47c5a54fa63212a686eab067600d56b234fba7be63b4d40f8be1fef0e69a55373f8faaa8f02b2b85aaee0720d0dff9a0e84850d998959df6397cd824c1a7bed9b73ca92f83ba66e3f170c3b34a3f7ad509d7bdf916d5367c22454f2252ecbb9a334e2fd2032c569fbf4bfcf6f41bd003ed10911f2644d66f4a6ec4a2eca936fcaff29ea9f454d5fc68575cfcb7e6cf8cffca37d1c5d374ca1ed77ffde5a01d349e4d18ddd15cc7397e696d6a92e0ed7260efd42ac23b5396840df636f85f83b6fcfb27f3503e130200a77c61c01b3c80a5b77c90eff390e27c3c1256efae5da2cb7ca7169cb824a164da49078e461f4640ff4d7b074a32676aac9f96746c36fa151145e1d13187191dc9739fe3c3af9418d6258e525ac82f626666278fc888cc0b8616d851469d3c676c1a0ac6c71b5914009b9797a914f1498f6f439a92205f855a4bf69843489dd425c4b5482522b96f385ab8138aefa8833eaf2056cfd068da37229fc7a5900d30c152cf92cf2a4f7a7505190268b08c9acd3839d560ab5762a0dfca0f2db56e2298c1f7d894b98ae8c98dfc81ef6e8e7a8a7138f12005f54bcfb93c9244468b7c76fc3afdc4c59abea57ce6302291c5130697834e838147d62112c96acefb57900eef463048068a0344f2e09d4c5a9488b63b92c5a67d1486ef56aff7f79c06fc5eb3eed23ea56f4331a638bbde8e9b022c29c08a803fb2e386012a1cf008106e619b5fab2a60653fba60c6ec7fd19f33a8e2ff6dc8046c117d3d8131d5f23b70f900ae5d632a51bf76420b9a1055c4bf49e22b5011e0fd12c12c403b42f54f799ba61b57c0bc0933adabdb909f0609602e73e583a9747a8f0477f0ea3621669343960f2dad82056471f596449ba52bef2fb24959f80659df251df5443dfe6b6a91fe0919cf0193afb37a786f9d13eeeafacd839f876e70c791e911b6e8c35fff3e4dbb787bf50fdcf9c8d001d8c078c0cb994f17a95f08d8de87700286c251011ffd8baf2e976e587730390e412e35b664a1dbff7744b68c91eee7356348c2fbe5a2e38985337cdeceb12c836cb1bade7c4c999eff6333bc5c0f779573080d046f96cca17802a0a2b7b0d36560868c2e54a883bf3ed16d5067adb0f4ff81d246b00ab30aaa58ba139e0e2d84c2b86e77934ff04cbb05f5ce568ceeb3ceb1baaf084160617f6821fc503c238a6daa5ffc19321a878ebad11a898f8d0d27b823c2e3ce57a9333d9d40a492da5ba26593ccf97b25c7b6698d9b8b4a46dce1c81c98093a790075411a6a7abca59e592f37eac9d588ab3a2e86edfbba12bbb83af804afb015a8c240dda9124a0c9c9691569eae6e948b48d4cf470f898075a1d5f13a239b3c1e31e8d98ddde799d8c3035d1e3949c2ec5a760a0f38314f66b3bf40de785c7a60a8f22d701a9e70d6a3f1b35d6d1e94038f8a7f4c97fb5370c9f83e31daa73a6e648a21e929324faa27482b039bf2d55032bfd8d1b5712b9250c8269b0daae8dbb5c8d4a243484b0d5f941a987242d06987bedfa97a3e062510c9b4cd3b82222ef22a4927749f38bd4259c3e6c8d8cbf0a1224bb80d8a5923827e18b18778dd44e7e3fa8b8b407c0cdec6fbccb5e33c2fbd9f5f0a7e35c4a04dedd69cdda7d888f2082903dd86e45732a687568a248a9af16253db86bae7e893a8a8c380e53d596733523499c74ab1c1b1ab26888533bf2d3ccfe221033442ce0d34aa34bd9c420d4e39413c95de2c2acdc520fc6ce524149bc80e9bd32bc7d72e7def1c425391fdee15cd89a090ec7aa29a4b9c0bfc01df19b9bf692c4569a9f3e0e19b288710089f677905780d2c3132c909cb29bee3bd6d62f060a944d66c78493b01279203e7a1185001ee8f6cb0967e8b3ce9aa50106c5576912a7dae46229ff03b65cc659cf49dae6aa6b162d6dba82119c511119225d6a536fc24bbc55f6e237d957a43f351c50378d0efc9ba1eac7d6a1b280c16454452294c457b8eb10dabc768edd67877b2ed08abba8768bc6579eccde4839ee7d68f80cc4aa318fd458f97ea9609f3135ea417aa455592e394b1f5ab6ccc14385ddbb416d47279e5748ee4e02e76ecba7d7474fb6ed6a851da3e156a7542bb9ad9b48b8362bff43755ce5b657d5a752ef632bb416184e70f1937c494ed9db084cc1177ac6c491772b739fba1b4be52acc2cc0975c8dc0b00929f503fb3cfe4c7e6670295edaef2327cec950737f0cc96eb30e7fa8217d9b9968274c413ec79e1b050814145432bf164f6e7b75a43424dec600502011190097ffd1edf795be01c4135a9be178b6b050d82d8542375abb40f0fe776965bf3f0630a2652e5bcf3dc237a84a4634081d0a9ba1842e6ddd4faf787aa6449a50fa9498ffe97c2759558112d1b0ec0db512d7990fc0efce6bde80f4b1ec9799d0cdcd41e6863eb473c3edb5c2e70ddc7d3aba52c2ad2e054b01eb3d92c2023b33975b23a72211fec063bb4fbaa49abacc47efea7d5ede3675ad49eb74b7fdaa5667b9ddff2e6007eccc90a7cfda32a053d9fd2aa1d01fe54c112b955d8c26e3e0ac2994fcf3f50d1fb129ee3df3db886d93faad74cec81c11e2e0922fcd0b2187cb75369598a3b5c8c8495870403b2593647a8a2d4d86601da9fbf49f1222dcfe5b64d0102d3c9296d0c0d459c5a7bab1580fb0b25a5ef71eb579546bda6ea58be241ec8ac9737e0e30ea47fa93c4cf2d44d2b6421c856dd5e1c2c3569040113d7006be693b293074a2a6188b228129fc79f9984f5bafd6f7a32f68bd3dc7197a7094e93561d208f0c948d364743854efc6af051a3e2a7eea8f132442d1e3a87e670190f3752ef0699f470ed15719ba274371179935ff79853b928cda754d1045929f8db75ca71825f21642f738622e392bc0b35ca98eff3821b7d122732f8ccf8d251d84589ce028d2efe7d7cbd34e8137f518e2feda64d9c788713df3e1450e8a36dc031c22f3d5bf7d294a66f90b64fd285aeded6e4a07b82c740c87598a9684f8f6d47b266169696b126e66d7b4532ace038a2b7921bd62fc806bb552676abb8204b4ad975d449d1be97ec9b55dc8b2b10a3dfe4880487de3f8c6a3b4426ac6adfa03845b4d0cf1e6cbd86be473d154bf7439dee05d555268a769ab339b299379cb8546f16ed8bbb789049eb57dcaca48c26e78982cc331ba474bcdd9f893f5f6526b4999fabcadc7bc6e8805ecc68902a31522e20b3f1817c1b516f16ab5bcdc7101165d59ce074e633dc68202221d2bae4ea62a13f6a5e7c82e8fd232fc076ca7399b5d01c325d67ab82f50acc789dfe8cab35de7e2131081a9d90606e5dc5a9c3af3fc9bc895174215d8aeae8dfe75b33be25298a11eabf2e0481050731edb27894df45a17985ffb4f3f27ad6393af9ac6f461737394ffc89f9549b7607dbecbf7803899d2e6513a74473ec0fb6569f6d27cc9a83f242f4ab78aea3c293ee846a2e0b3114991d5543902c848a7e451da4789e478f707e585defb47e3ce3525cfa17571772e1526c16c1065e5f438442c25e43e1023511022647244415f0bb7d28be2f7a75dae78b5da0f9d063c66ac396ef0b66fdb7e701e4caf9a435ccc476cdf3e5356ade531a3e33640ede4af542bcdb1ec54fcfe6f0ba105e0fd72b707611020ae1adc3f794b3c66e3c1f9ab0c87e5641a4891d74a194b9cd8ce14c81ad35df9a3c7862921e2d8c3942d4a57f4f4d13a6d82d75a21f1b862e8f4402c8b2c0fe2fb788ab761a22a4377497b34d137d0184d2d7bce69826e7ecbf63a89b133f263d58945627bd79472e3cbef5595a0c9d2e512605b578f2e558d4c4b31416c12f5709f68bd4e7ab1b0954f395299d634102bbbc97506e2dc938c5ecd9fdb26566eeb4de1621954ecb5af9b0d9d39b0fb1b972fd92b959277bf78d0a1763df9d9bc4182ad3f3b8eeb19d00cf41016f4d0d4623f2541a73f588f5108cde960b0bdc93ec260c14a498931226c981b41804bc09ca8a9168d9a4e17d269815e7ada71be1fc410b38874aa5782abc7ba7976daa94d724c9687c419165e77b7effe77d07e5fd6f55993b8a151889e57166c2ff63f04e3e09eead6f8c92e49e926c8f60a2f933c8926be5fb83b650b126cdbd9d239f6f11d717f8f32fd757350e7db0bd32e191052524922b2bf2b92801a717be7504ab79d55e425b09a79c8a84af1cf94c66dada7789e6d67dc041b4ac0e57c4e658d11be13af2fc3c200086e147a2223296a4253297155210440f0f17c3aa21ab7e15fe2e12bb9e9356d1018cc68313034b469152b650adab57f73350a6c0f76a36580a7dd8af218d656fa4bdd57b9d584e5acd1fa95e14120d7f9ed1fc3a83aa24135ca45472844d115f0a1bdebe2f6bc37cabdd0d7f9aab4fdc6a2c58aa0beb0ce431620d5ede6ef98e2b77e8d0558d250aa20c54c62d4b61d9bdd63286c6887ee3a556677e0673c94e46b9f834c6e4996b1c91141cd0d39b712f93e5195a7f7838f3af8325f649938d8c319ceebfa8154d23197bcbcf616be6f1f5d6fc070ed76abe89d6b94bf8a8d3f5b9bedce758b17d1e0be38bce845c8c3209d3fc30901494408c96956d050d14548d6edf55f4add18c91fb6da723a0c7c3c3f4c4b3a7056e611bdabdfd4edfb7a79a2b02c05ef4027c15db8bf2bcd015c66ae6d3203164615c56dba94606702caa577777e05e642ce3df5573ba3ae268f4ce4b38cc9013faf21d7dd7174ce7ea498c9451a1626f02398e49a33def46d228edb6de6fe8dec11f553634fb923849e3cdfbe645cff327b8251afc107b7fb8cf3cd735ed9bb1275ecc804a4f126bfeb853e13e636a74a4efc9faf01118aa82d00ac20ce0c0af140c756ab90e5dfa238707318c353c7bc9342c36ddcb6e74400933c8fa99448f3a169b95cd6d2558d755e1dd53f3fcfc46b057c550de64829e556c8cae40e796ef76fcb953086168fb2eae89349f29d3dd26ac6282292355be3b123b0c02e553bfb8948afe8d7e8ae5d63184b20795481a9385be05e9eff807b94eb1e977d50a7dd7da582695aa496a9a7587d01f970c3ed8d63db217164824d8b8bf4c5e493f801e1ed241afda4b695a4c606d6b5344493d9922dff76b4be7021d26b60d1f785d205c39d83694b0585eff60c9e1bb2f7023c5b5d3d043897baa9a9ef3507c280d9580d43c7985db146694b8649e2bf67e37081a945c4c81fad0a48e64d8877dd149443c8f4d2267b4aeaec8f168b44d5af109f505644e2a545fefb13d673210bd2b418b054cb4fc9fb7f2041e87be5f31466b51b308deff16bd9878a3ec72d0a1ad27c5cbd497b2c9585d914392da52b3708b198a3693d2988f03c7d3a41762c78cb9c268dbbcb0d1efc800fab4183286d924604a5fe9657cebad2d8bb0ef0006a46a4ef9fe92c3fdc1682b993239421879cb5626bae2368b646e61c870342b5cbb7f7baab7142a9ca2378805310c1abc12098c796550a20f3d5f01141470c1b5550857202ec712e3813d1ff7150111f4730bd83c8516aa86b345c280fb461c7bc6ff6f0bea507033d312027f51b4a90becfb048e676bfecfe2b1cd7504a226e89bb4df31d13436db7765062fc74789b75f82e77a6e83f49092558d38da47755ca0373ee0979c880e224bd5f70d6a69d8e2463d9b70bc7dbbdc9f27e1ba38d5adfdd6a5a0c564cda76a9ed6dc0e5117b06b9817d6d47f2a82d41a5a821431fe5f38eb3417d820c769afc09ffd001fd0a6f3c3879dc74ffcba15b8b29a4f435249226ee1cd7fb8c0bb6ec9012178bd25c05e69cb1d6e7121295a4e166c80d918b915232e6e8823ed6529eda300f2541142092df194de0cc255beed438afa94cbd350acf809e7f0467830b20108b95c9b653b030e311026cecc32332697cc2f8ef9cecb227de6de7144fc4b25e2180784f55204b17612228548fc825e60c88144c72abf3cb468a2d5491c431f38d858fb5471ce84c69d1d2b38e8ae2b134f4f94aa03996b2e0f1edc538ff32f7ee409b79922660b0f3421083298b14f26733577ff59b672b7214bd0e4508503c61da0b70cb6186b01ed575f9e5bf8f3bf538c2260f4a82755094c33c931ad0bb346518cff593de0985602852749610e073f20dd0be87ec8c452c3dfb4ac19d73a489e74a8a48411faac7ecf7e53d76ced94495ec2e814259fb5114a7986fb81a936d38c99443ebd55026acc6c78e1b14728551bae0bdb86cd518eeeb22dbfd7f7a32d2b94f7b0f757f34d6d22156e4dc1e7b9533fcf7a0d0cc3e41480345ddc68c11e47f8c514f1ed601d69e5b36e03962643544064ddbf689a3cbf378074879f6cd33d56c0a728a2050ab202981d6723b99a0e505cd8fea39da000bc7608a53024614407a5ebd5e034b9a59fa952841ab4f0758e988161e56fb454db449b3090eb1c4154ea6e34ea13101bb3a62dfa1878448952b1955a3c462432d7035228caf6ed4381e3ec1295e90decc62ebed5e60acbae3d26982e7834ee00a7632f581b6198f9bf42161a4980d08fac53d40b81731e4c727f5a24e75f6a262a1d2ab37b3ebc09ca6b0ffb0a1edf942e93d17d95eb3532b57488469575d9d47c2d08eec166f8fc1f6183795e1d5e48f46ae05a173af5765e03e98e6710b408cbeb169fb67f1d79a1999a977b7df51d7ede5aca5d31e9d75d2be3838a014d8283c3566ef5ea37955d6e66628d755c927e14d40f723428a69e03c8b100924b72e2c49926208044ff49536b0a1eca6c7c42ff9c90716fa35b02d2d869bcceb60e91dacf34ac1249f5d7934a078417e4fd416da2fbf9122fd37c042712ad9ce8592806b556d26163990b11466bf759615d2b852e75681a8b87571b5f0a21a4b5617cb94e2dc9efb264c0a331a752994d10a958b245cb40d9985365c4dd3b9551c4d03157aa29222a2af29ada6c123eaf08722310da16f7611cfe729255044642a8c5cb9f94c3f778248bf35520ac980af12ddd3b001df23404e49e3a57cc11fd12e51e422a92b5bf9e2ad225d42ad5d0325ca35804340fdde061c5bf2a4c8cc86e946a60040130ce831b9be93885f4ddb9fb7584ad875b05d59128f533c40c541ec03dfccba2af6fbdae4efb10a45e0f7d9851126b1dd9d374cec36067cdf2eefcb0a0cbf5619fa7ac2027d4b5c9da389bc1ffee655aef769a5aa542b291c0d71c8dc5e54268dc5f86a4133cc917a84efaf1456de9106c6fb3f5d41ff9f9a76a1dd3243a5e99c95e933d32e13f3eeb5a550", 0x2000, &(0x7f0000001180)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000004c0)={0x20, 0x0, 0xffffffffffffff80, {0x0, 0x4}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x80101, 0x0)
r3 = dup2(r2, r0)
r4 = epoll_create(0x80)
epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000001c0)={0x8})
openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x20000, 0x0)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x3, 0x3, 0x0, 0xfffffffc, 0x0, 0x2}, 0x0, &(0x7f00000002c0)={0x3fb, 0xfffffffffffe, 0x10001, 0x0, 0x9, 0x8a, 0x80000001, 0x7fffffffffffffff}, 0x0, 0x0)

8.839571094s ago: executing program 4 (id=1448):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000002300)=@raw={'raw\x00', 0xc01, 0x3, 0x2298, 0x1100, 0x5002004a, 0x0, 0x0, 0x0, 0x2200, 0x3c8, 0x3c8, 0x2200, 0x3c8, 0x3, 0x0, {[{{@uncond, 0x60, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x1, 0x0, 0x0, 0x0, './cgroup.cpu/syz1\x00'}}]}, @common=@SET={0x60, 'SET\x00', 0x0, {{0x1, [0x2, 0x1, 0x7], 0x6, 0x2}, {0x2, [0x0, 0x6, 0x4, 0x9, 0x0, 0x89ce99baffcf6900], 0x1, 0x1}}}}, {{@uncond, 0x0, 0x10a0, 0x1100, 0x0, {}, [@common=@unspec=@cgroup1={{0x1030}, {0x0, 0x0, 0x1, 0x1, './cgroup.net/syz1\x00', 0x2, {0x5}}}]}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@loopback, [0xffffff00, 0xff000000, 0xff, 0xff0000ff], 0x4e22, 0x4c20, 0x4e24, 0x4e23, 0xc9, 0x0, 0x3b, 0x83, 0x25}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x22f8)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone3(&(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, {}, 0x0, 0x0, 0x0, 0x0}, 0x58)

8.793227323s ago: executing program 6 (id=1450):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknod$loop(&(0x7f00000017c0)='./file0\x00', 0x2480, 0x0)
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
mount(&(0x7f00000000c0)=@filename='./file0\x00', &(0x7f0000000100)='./file0\x00', &(0x7f0000000080)='ubifs\x00', 0x0, 0x0)

7.313328922s ago: executing program 6 (id=1451):
r0 = socket(0xa, 0x3, 0x3a)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$MRT6_ADD_MFC_PROXY(r0, 0x29, 0xd2, &(0x7f0000000300)={{0xa, 0x0, 0x5, @loopback}, {0xa, 0x0, 0x0, @mcast2}, 0x9}, 0x5c)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, &(0x7f0000000100)={0x400, 0x300, 0x550, 0x40, 0x1000, 0x0, 0xd968d5b908ac0cde, 0x0, {0x0, 0x8}, {0x350}, {0xf4ef}, {0x0, 0x0, 0xffe}, 0x1, 0x100, 0x0, 0xd614, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000, 0x0, 0x8, 0x4, 0x0, 0xb})

7.311172338s ago: executing program 4 (id=1452):
bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1e, 0xb, &(0x7f0000000e00)=ANY=[], &(0x7f00000004c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xf, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_mount_image$ext4(&(0x7f0000000400)='ext4\x00', &(0x7f0000000080)='./file1\x00', 0x50, &(0x7f0000000440)={[{@usrquota}, {}, {@nobh}, {@resuid}, {@dioread_nolock}]}, 0x0, 0x3eb, &(0x7f0000000880)="$eJzs3M1uG0UcAPD/br5I+uEgcUCFQwQIgoCkDgQoQqJw5eMCPICVpKXCbarGSLTkUBAnThwQNw59AQ48QFUhJCRegRdAlSqU5gC3oLV3HTe2Qyw7der8ftLIM+txZv7ezWpmvTsBHFtzEXE+IsYiYikiSvn2NE9xs5Gyeve3Nle2tzZXktjZ+fjvJJJ8W/G3kvz1RF6YTyPSbyOeutne7sb1G59XqtW1a3l5sXb56uLG9RuvXLpcubh2ce1K+Y1z5fLy0pvl1wYW64/PvXhu7L3zZ376s3RneXJyOuvvyfy91jgGZS7mmt/JXsuDbmzIJofdAQAADiTNx/7j9fF/KcbquYZSLG4OtXMAAADAQOy8k78CAAAAIywx9wcAAIARV9wHcH9rc6VIB7pxoHRotyQ8VPfejYjZ3Webt5vxj8djeZ2JQ3y+dS4irj6flLIUh/QcMgBAqzvZ+Odsp/FfGk+21JuKqI+Hpgfc/tyecvv4J7074CYfkI3/3o6I7bbxX1pUmR3LS6fqQ8WJ5MKl6trZiDgdEfMxMZWVy/u08f4/P3/U7b0s/t+SU6eLlLWfve7WSO+OTz34mdVKrdJPzK3ufR1xZrxT/Elz/JtExEwfbYx9deutbu/9f/yHa+dWxAsd9//uyj3J/usTLdaPh8XiqGj37ze/fNit/WHHn+3/mf3jn01a12va6L2N25/98XQ90yGq1vlPL8f/ZPJJPV/My76s1GrXyhGTyQft25d2P1uUi/pZ/PPPdv7/L85/Sb6m1cn8HNCr777/9eX9azTiz1LWfjEXfBiy+Fd72v+9Z16//fun3dpv3f+d48/2f2MNsPl8y0HOfwftYD/fHQAAADwq0vp1jSRdaObTdGGhcb3jiZhJq+sbtZcurH9xZbVx/WM2JtLiSlep5XpoufEzerO8tKf8akQ8HhE/lKbr5YWV9erqsIMHAACAY+JEl/l/5q8RuccfAAAAyH+oBwAAAEab+T8AAACMtH7W9Tu+meybOwLdOPKZZ45GN4aQmYgj0Y0+MsM+MwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADza/gsAAP//Bdqy/A==")
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x161642, 0x0)
sendmsg$TIPC_NL_KEY_SET(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4}, 0x4000004)
setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x8, 0x3, 0x4a8, 0x0, 0xffffffff, 0xffffffff, 0x150, 0xffffffff, 0x3d8, 0xffffffff, 0xffffffff, 0x3d8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x128, 0x150, 0x0, {}, [@inet=@rpfilter={{0x28}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x508)
ioctl$KVM_NMI(r2, 0xae9a)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x81, 0x100000, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0x7, 0x0, 0x5, 0x0, 0x2, 0xffffffffffffffff], 0x0, 0x200})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000001, 0x5, 0xfffffffffffffffe, 0x4004, 0x2, 0x4, 0xefffffffffffffff, 0x0, 0x0, 0x2000000, 0x0, 0x1c, 0x0, 0xffffffffffffffff, 0x6], 0x0, 0x41901})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

7.202563101s ago: executing program 7 (id=1453):
syz_emit_ethernet(0x52, &(0x7f0000000100)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaaaaaaaa", @ANYRES32=0x41424344, @ANYRES32=0x41424344], 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d77f", 0x7, 0xfffffffffffffffe)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000018c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="48000000100005040000000000000000", @ANYBLOB="ebffffffffffffff"], 0x48}, 0x1, 0x0, 0x0, 0x4000011}, 0x0)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, &(0x7f00000000c0)={{0xa, 0x4e23, 0x5, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x8}, {0xa, 0x4e24, 0x0, @local, 0x7}, 0xffffffffffffffff, {[0x6, 0x8, 0x1ff, 0x2e, 0x40, 0xffffffff, 0x2, 0x81]}}, 0x5c)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

6.421354247s ago: executing program 2 (id=1454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000380)=@base={0x5, 0x4, 0x4, 0x4}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000a40)={0x15, 0x17, &(0x7f0000000880)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {0x85, 0x0, 0x0, 0xa0}}, {{0x6, 0x0, 0x2, 0x9, 0x0, 0x6, 0xe7030000}, {0x4, 0x0, 0x0, 0x6}}, [@printk={@llu, {0x5, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0xa, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x14}}], {{0x4, 0x1, 0x5, 0x3}, {0x5, 0x0, 0xb, 0x3, 0x0, 0x2}}}, &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2e, '\x00', 0x0, @sk_reuseport, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socket$nl_route(0x10, 0x3, 0x0)
mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x8946, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20008b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r1, &(0x7f0000a73000/0x18000)=nil, 0x0, 0x0, 0x8, &(0x7f0000000180)=[@cr4={0x1, 0x400044}, @cstype0={0x4, 0x1}], 0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f000001aa40)=""/102400, 0x19000)
socket$nl_netfilter(0x10, 0x3, 0xc)
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, 0x0)

6.31659318s ago: executing program 6 (id=1455):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000800000000000000000095"], &(0x7f0000000700)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000200)='sched_switch\x00', r0}, 0x10)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mkdir(0x0, 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
r2 = open(&(0x7f0000000580)='./bus\x00', 0x84242, 0x1df2a23c5997fa5f)
sendfile(r2, r2, &(0x7f0000000080), 0x7f03)

6.195141766s ago: executing program 0 (id=1456):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket(0x10, 0x2, 0x0)
getsockopt$sock_cred(r3, 0x1, 0x11, &(0x7f0000caaffb), &(0x7f0000cab000)=0x32)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)

5.998408223s ago: executing program 7 (id=1457):
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r0 = openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0)
ioctl$TIOCSETD(r0, 0x5423, 0x0)
ioctl$TCFLSH(r0, 0x8925, 0xffffffffffff7ffe)
close(0xffffffffffffffff)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
sendfile(0xffffffffffffffff, r1, 0x0, 0x20000023896)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
r2 = syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f00000015c0)='./file0\x00', 0x0, &(0x7f0000000040)={[{@clear_cache}, {@metadata_ratio}, {@ssd_spread}]}, 0x0, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
ioctl$BTRFS_IOC_QUOTA_CTL(r2, 0xc0109428, &(0x7f00000000c0)={0x4})
ioctl$BTRFS_IOC_SNAP_CREATE(r2, 0x50009401, 0x0)

5.089504483s ago: executing program 6 (id=1458):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_RM_DEV(r4, 0x5000940b, &(0x7f0000000a80)={{r2}, "fad7b9428d93038f63c4dafa1da7e07527fe756bde6d960d81bfd34ba5cca803ad5bdebe227152d43a607faa0dc407fc189b0d7e7468ab55f146ff0337aed82849987da5e1ab963dda992d377e4eacce0e342581ab9962694df4a98aef6d7813fb8b796948ff95415e9d71a47ede207b1794f624b034487af5832e243034017f4f93e15abf71e2dc1e26f97de375b5a1f1a24f98467d2d07d33c06c55c3f89c8d5282a18faedb7595cdedc33c345c89deca5b925cf8467200094111705e71154b451ed8407d1c89255b27d9b243d3a333b099595c33db04682ac22a418c49f5c39a0918c015e8393d2cb7c20feb2c54c82b6387812412e3237e938369453e1e8030d49fcd1c91bf36f2422d1a72f49b31ec3889ebc0d28c929b0c6736f00b53b9ccfd3934a7d933a8202fd2bdb2a8b0d58d6180c1a69b7fb41255ce92795786d10a8c7d9e4f680517f4e34b1e8f884e81e09bd5ec5ecf38b7b8f1637afb0aee0e708c4074eec24e3141b9e12ced6b4beaedec6d55dbae69d5a63142b3e81997458d7151a84d0d7cd4ebd25d24f3d2a3b4c403ab707fe38aa61cab1b070d4730625f76dc37f201e8698204637fe62fe52ed11ae0d8f98f69d4f92762bcba03b8b42feeca7a9fa9300ca4759ff9d7e9162479f954b1316775fcbfc6640b91dd1cb976ceaf2f9f28040ecfdc0e28bb9705a1b985274c7d08bd96aacd6a00f865f3a22f86ef2ace146c4f40bb20798e0bc2db4ce62f0873c09a85e7892729489a7b9c8c9a2939812595942b1ca2d3260315bc723ac2edf24d88f0f49d586a8065817ad936dc8161e438eb5b845df96b2c9a56eb7535ee9e255f41def5d9e9720857fbfd84b4bf1c97c574f568933df8f25d6df5d74a374e4f9a6a2e76644df77da621a8c9ce947af8f20feda0e22ef467eb210665589823025c9144ec05d80276574d3cae61c639d3b12438e012ffe1ca3823b4b79185ce1896b7a41aa36a47776fade667af70c25d9543bc036f40aec1c521f39239cdbf2748883f86b89349ffee1f528f955bdf6f29686c57a49b66ebfc26ee604316f27f9547cf3c21c221581458246b04d627e29e8b846e099e5d8234ce0db1d3e77130147580622b8eeaa34707ea25369c250ce5f5adc14b7afcfbce3c25e5e65d04858dc056456e2f2d2bd6afb59afae8d63b7ab5b8b6ad3386d52dbcee60c7f0945517a77edeeda33789acdb3b7b3242704d6c51940c004cde1d3a342477607581a92a50716caf93495cbc1a6b2f1be20081f7ba8a013416e6b8433383299b752feabd1455bc336b868b38f5ad73f397f0381a51748ffa8550510837d9128ab095629b7a159c6b0dfadfd8a8bff53c80481c59d861954790c593524d8a53cd8b2f2c234b850ec7576a46074293453a86cb3c0c346a8cbbac65eda4a2130e00053f5a054603776ea1d2975e4badbaa83518dad9274c22ac17f20686f56315340e5581c787a2f71ab3a2063664bcc82c7380a13cc8eb106c036800c7b0f14ed667f39af9a5cc01dcdd5809b534fad505858508845d9c547e19c632cd8024ecd777e193c2258312b7a5998a875d33dd8b861500946852af487bbefa54e9b16a83b6131ac343eacb2558e759a9b6ce5db0f1ab173d457d144fd5a65f092e553e1d0e3f9972ec57d27bb48c78332c7a6fab0d5958c61898b3a5ae8810e2246ae36291cd5f79f9475e697c9da84d05cc8dc197485ad790d2a8da5400583dce8ffa3c8adfe276884ed5d33f0e7bc4fb1748e83884213c10ec673dbbbf55670da7fbdd6d8927cd41106064ce22cd2ae14084c439e8f07e4e261667507c0acb03033f30665dbf928d31ff9cf38f61a46d6d1286065bfad5839b0247c975673839f6f685ebaad9396c5f93b3a5f346202a40969ab5c72d0355fd609d33b9443093a53dfbf8052a405389ce269f71da8ae1fb39b30f6a701f56838ca11527de58850f17b4fcc6397614da8e2e331f06024f1ee7f6a8b2f910711526361244a585dfacb4bab57738d7938adb436cf17cfeceb95016e339aa5f2ba30515f289ba35118d32504f52710044e78666dd2834fc2d9fad35e2df29b10e0557ab4789c7dc718d2d03434062bb58fd824c13a0bc6298ed9bdc3d0cc79d008972fcc9f751af4824b2be0823313581cd2fd2b436f84b14719b93dd95a38941c11af5b51f3b0503f3db3569ac847a93ea9124622044b37b083fcf8882a788041289905296e1bf2eb12aadb5228f366a925269a20f7ca9db7f317d5117a70d93f90b402993a7f84328409bda0fdc6306dd5c126fdb179fde4e4d7314d2ee419c8635e62895f8dffdf73f38188121f7b24dae40531b6e43054d3b9b459df2f2613536819643e6b7038de55ffa43bc9edc72e2038e2bf9da70a4a24a3fce0b8673f7f8f5099fcf0d23ab90c7f8770bdfd23e6aaabf7d110768ff08c8754ff6d962e43ff215d78d2ebd882353490da27dabd92ab08291338eaacf3e1ebe6a7da8286d3d57e272b9eac7c70a9a1bd67fb3f4e3052779422a7e19b7cfb01760f949ce4562ce5ad5292cb607e42d513d1facd0903a87836d5c30c181b5728db474154d3cb4e524ba5e03336534ca9f6b093fd6d9e5b89ede5becc677996321d65e9022d1c00e2907767a51c75c9f0688e4e82e045dc972e6be8948c7fc8a84ca8e1a992d44ac8e7a962a931d8eb3d0c4756b838c1339758a4a563d108d35940366b582c48567b5ca539839fbd327361ed76f4204f8ec84ec6401079a189b271747129c3d0025ccc25c9d7fbea0aa4f6a0e5f10422e9866e42ab0f86d6e9022688652536eef7fd28dc5961670a4058eaec61ba3e11273111be9cc3da57edc16321e1382d20f4cf52827032b5f79e395e742113303b0aa595f7188a417ddfdc3b6259b56f9f8f7b133774bfb5c181f1288713e3144ac4ff69fc146cc633dc70c8aee1da2384b72115b49cdbdfe9508b2e06fcd02df78d895e12cf6f0cf4171c7570809b949c6bfbff07da4018935a186630be06d42a4844521428afbed6b3a34aa0226a948fa12e8bdfbb27d13fd5627093511f52a51a6dcd33e0122d2dd1736885c797e1d1c65c06739790767be42582349c147d52e377732742f176b79243edd2c6b585d5512702ce4a7395835e2ab038a5deff84f7ff0d4622aebcd31c58d2dbbaad54638473e5fb428b827a577215460489001af429b40d0dae3521be9a381913740ea72a8b707d2ed4a12f5791fc2d0ea9674d59d68ff02a7b7dda9b9a1917db6093bf8ba4a186c952434dfd664cf9607d9b194b874c24ad03b04148d6f1951d4127146b22783be7eceefc686c4bef899e6cce8ce1344e9e49cfc0d43633098983a40276b4b4fcbe4ce0b695d58471afcfcce714ff1da6e975bd1494d127fbcda25c0110f596e4e0882e01acc674446d2c6e3d08d8034eebd4432968b1aab2e825eba0f76612ae6617667ad6c823fb8234363d5bb341c440fe0a0cad018b6c36ca317e3473eedbcc5f6740a7fad23b55a6fb626d8093ea62d6f35d2babd391e138b24a4ddfa86fef5487a710289f2994f36e87fadd178a5e139455d398a8809e30d2569650ceee90ad6b68942087ae0e33c49c6f7952b08da8762be2c9066e56d27a69a926fc58c82565877e913bff08e0827c45f9e74c964f282d5023efb21e976b93177464a686150ef09a32c352505c534e467ce014fec144dbbdcc8e2d28b6bf619ddf63a48054406dfa33aa541cb9beafa70cabcd8600cabf93d138de261f6f5b63273691669e363e06bc583bdee1ed210179f2ab50a6bc0a727475551e90b0265e1e8ca02acabe93b596b7a782151d792a5679e21e730b7e964c38a49717d0a1385bbb1b0459916424133149720bf47ac38687178a8b351ae3f29bf4a6ea369c90f85f4f123416c8c09c3f25b133ddcdb71b1289821d81581b78ae66c075c535e30151ae1bd48e787b55cc45951c83b5ce097711df0764feab81f24d63940915c471479c24222bd5569201ac4c56577168b76c1f0684f981df516cf5ac5d4307ef2bf429d818c9809f6669f43b1eb160bdcb817154bc36cd8bd24cd6c75e037edab6fa0fe9a0f19b6dbaf99dd68f0318382ccf8d20fe2fdc08134a86b5b0794a534992751fca4ec726dfca985cc239bae2b04ce49416e07e14f752767d05f6584479b5da973fa22477be64fef48b5f3c07936c2be9fa8b92c9e8a0412a2718932edf53382efe2aa1531bbde87363fee5a15501a490c16d26354c0ffeeccf0d05705a6b68a0b88de1e15736092014273f7494474a24555e7e7a6b4e274a9dd4d534cac979a0e99758203f74309af7b221e925c592ad25e13c7907c1030fc79bb728bce4437047470cf97ebc48f45ef67695585caa73178057802a24e3e4fea0a55111275c738d2b09aa7e7a00e91be43ee507b6533c6c6e9d1848e708240d7547b08bb9121fc024caed12805a0a8bfb72f72c6787b760ccd3657328507050f8ad3e348597b38685ad6d44125266382dbf433a9628c548f89eea1691e92fc755502e4656d2faa2077ab1d749a3d2d0543cd5248db49cdb1a60f006ec8cb5b3ecfc1b6b38ed802a6885c6733dbdfbe9d6c0a0daacda38f9bdbd728bfae407e2be620cd8e66743c70073e38e87ede0daf00e7e6205bc0f5cc3ff5657ad559ad13a865d01357215e2e813153212d13d6817ff2badace7edac682ea459e30b476b98ea7ca540c9ec3f8a0550ab51340e04425e3eb0d36fcfa6612bfe947263322afb876ef4a86edf8adf41f4bf4fd617c2cc57c0639baa79f4e6468258e53b76ae51c83f37b6d128cbe4eaf3e58e7d24a7c24451289c991984bed04ce060e4ee13a0c0e43fc98baae2352366672075a6c8c26165aa538b1bac0765ffda39bfafaa401cea38646e418fc99704540acd08e128121bb0b8ab8e316f924cfdae1002d54e2ef3cf3477558d77881beaa3c31cb9cc2429eaf858ebaf06709910faf26d7433290a3250cca586c0e49c3d2456a6409da11259bc7b7e2345146a360404f3d7333487343d9dfbb2813bbeba56a1e1f90d421aca2d1e6ca075b1fcb5733df856fc45de7fe5dbe6174ebc4a6241576e46503a3f7e4ad18b5965c0525faa3d031b09b2b9aa1874285c874382359e93775a69701bb63fccc33d095aac42e79a74ec9700218add3c93114c0686f6897f3228cf3bee05ca63f709075df1b5e89e44c05feb00356c0de06190b84e09285443e58a361840e93da22a3ab64d8a4a0474466d13738c07c71847b6b2e47adb22db94e92524a08ca0dbb02de2e0eb5c2edb7e29d89ed5c2d76bb2fc5da5cd57b89bfd47465b5a57ebd72261ddfb443a141415670a59ae82acde715d73b4ab62602b9a347764a05a15159d25abfa2e26531efc90cce8692bb61d859ef6ecb4d9d6d44813085915e8d97916127241aa470b55cdf629ad52b7ad48d4253b2539726f26cf169c208a591ed4a3d4c0474446493a2da85d1226e58d988bcd484ed94d8b18f3298815be6627d1eb5bde9a2f8a3864b2e0c772502854afab501e8cbf1425028bebc3aece71cae8fc40f1606902d0ebcb124be02fcfb6a2810f580942e9f6a2871f9e9bd4a43bb3428c8e4cc16c5b7f3f6cf92bc0aec8c7826c2e759d6062c7409e2e770e3780bbff8e390bc9b551d12c5d295dda72b46cbf9a20c76f6881d69ec27a003b6edb5b2983483d06b246cc3cbd2c8524e601ce0d45c7441bb9e1dcd676ccb5ac3a9e59e6d65c4eee6b120b6bb71eafc80f9ca5de3529ff04fc2f3546"})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
socket$nl_route(0x10, 0x3, 0x0)

4.647174143s ago: executing program 0 (id=1459):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./file2\x00', 0x2200050, &(0x7f0000000000)=ANY=[], 0x1, 0x1516, &(0x7f0000003140)="$eJzs3Am4T+X2OPC13vfdHDJ8k8x7vWvzTYaXJMmQJEOSJCGZE5IkSZLEIVMSkpDxJJlD5nTSMc9D5qSTK0mSkJDk/T+n4e823H/33l/3r9896/M8+znv2nu/a6991vmePTzPOV90HVa9UY0q9ZkZ/h365wH++CURABIAYCAAZAeAAADK5CiTI217Jo2J/9ZBxH9IgxmXuwJxOUn/0zfpf/om/U/fpP/pm/Q/fZP+p2/S//RN+i9EujYr75WypN9F3v//L6f+J5Pl+v/fB/G3q/7RvtL//zb6X9pb+p9uZPi9ldL/9OL3LwHS//RN+p+eBZe7AHGZyec/fZP+C5Gu/envlDecu9zvtGX5FxYhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEOL/g3P+EgMAP48vd11CCCGEEEIIIYT48/i3LncFQgghhBBCCCGE+M9DUKDBQAAZICMkQCbIDFdAFsgK2SA7xOBKyAFXQU64GnJBbsgDeSEf5IcCEAKBBYYICkIhiMM1UBiuhSJQFIpBcXBQAkrCdVAKrofScAOUgRuhLNwE5aA8VICKcDNUglugMtwKVeA2qArVoDrUgNuhJtwBteBOqA13QR24G+rCPVAP7oX60AAawn3QCO6HxtAEmkIzaA4toOUfzE/K/nvzn4Ee8Cz0hF6QCL2hDzwHfaEf9IcBMBCeh0HwAgyGF2EIDIVh8BIMh5dhBLwCI2EUjIZXYQyMhXEwHibAREiC12ASvA6T4Y37s8JUmAbTYQbMhFnwJsyGOTAX3oJ5MB8WQFKmRbAYlsDbsBTegWR4F5bBe5ACy2EFrIRVsBrWwFpYB+thA2yETbAZtsBW2Abvw3bYATthF+yGPbAXPoB98CHsh48gFT/+F+ef/eV86IaAgAoVGjSYATNgAiZgZsyMWTALZsNsGMMY5sAcmBNzYi7MhXkwD+bDfFgACyAhISNjQSyIcYxjYSyMRbAIFsNi6NBhSSyJpfB6LI2lsQyWwbJYFstheSyPFbEiVsJKWBkrYxWsglWxKlbH6ng73o53YC2shbWxNtbBOlgX62I9rIf1sT42xIbYCBthY2yMTbEpNsfm2BJbYitsha2xNbbFttgO22F7bI8dsAN2xI7YCTthZ+yMXbALdsWu2A2fxqfxGXwGn8VnsRdWVb2xD/bBvtgX++MAHIDP4yB8AV/AF3EIDsVh+BK+hC/jCDyDI3EUjsbRWEmNxXE4HllNxCRMwowwCSfjZJyCU3EqTscZOBNn4SycjXNwDr6F83A+zseFuBAX4xJcgkvxHUzGZFyGZzEFl+MKXImrcDWuwrW4DtfiBtyIG3AzbsatuBXfx/dxB+7AXbgL9+Ae/AA/wA/xQxyCqZiKB/AAHsSDeAgP4WE8jEfwCB7Fo3gMj+FxPI4n8CSewpN4Gk/jGTyL5wDgPJ7HC3gBL+LFtA+/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I2qrLpJlVPlVRtXUVVUlVRbV1ndqqqoKqqqqqaqqxqqhqqpaqpaqpaqrWqrOqqOqqvuUfVUb+yPDVRaZxqpodhYDcOmqplqrlqol/EB1UqNwNaqjWqrHlKjcCS2V61cB/Wo6qjGYSf1uBqPT6guaiJ2VU+pbupp1V09o3qo1q6n6qWmYG/VR03Hvqqf6q8GqNlYTaV1rLp6UQ1RQ9Uw9ZJajC+rEeoVNVKNUqPVq2qMGqvGqfFqgpqoktRrapJ6XU1Wb6gpaqqapqarGWqmmqXeVLPVHDVXvaXmqflqgVqoFqnFaol6Wy1V76hk9a5apt5TKWq5WqFWqlVqtVqj1qp1ar3aoDaqTWqz2qK2qm3qfbVd7VA71S61W+1Re9UHap/6UO1XH6lU9bE6oP6mDqpP1CH1qTqsPlNH1OfqqPpCHVNfquPqK3VCnVSn1NfqtPpGnVFn1Tn1rTqvvlMX1PfqovIKNGqltTY60Bl0Rp2gM+nM+gqdRWfV2XR2HdNX6hz6Kp1TX61z6dw6j8mr8+n8uoAONWmrWUe6oC6k4/oaXVhfq4voorqYLq6dLqFL6ut0KX29Lq1v0GX0jbqsvkmX0+V1BQ/6Zl1J36Ir61t1FX2brqqr6eq6hr5d19R36Fr6Tl1b36Xr6Lt1XX2Prqfv1fV1A91Q36cb6ft1Y91EN9XNdHPdQrfUD+hW+kHdWrfRbfVDup1+WLfXj+gO+lHdUT+mO+nHdWf9hO6in9Rd9VO6m35ad9ff64va6566l07UvXUf/Zzuq/vp/nqAHqif14P0C3qwflEP0UP1MP2SHq5f1iP0K3qkHqVH61f1GD1Wj9Pj9QQ9USfp1/Qk/bqerN/QU/RUPU1P1zP0TN3/p0xz/4n5r//O/ME/HH2r3qbf19v1Dr1T79K79R69V+/V+/Q+vV/v16k6VR/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfVyf0Cf1t/prfVp/o8/os/qs/laf1+f1hZ++B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc9z+e/0f1tTQtTSvTyrQ2rU1b09a0M+1Me9PedDAdTEfT0XQynUxn09l0MV1MV9PVdDPdTHfT3fQwPUxP09MkmkTTxzxn+pp+pr8ZYAaa580gM8gMNoPNEDPEDDPDzHAz3IwwI8xIM9KMNqPNGDPGjDPjzAQzwST57GaSmWQmm8lmiplipg3MbmaYGWaWmWVmm9lmrplr5pl5ZoFZYBaZRWaJWWKWmqUm2SSbZWaZSTHLzXKz0qw0q81qs9asNevNerPRbDSbzWaTYraZbWa72W52mp1mt9lt9pq9Zp/ZZ/ab/SbVpJoD5oA5aA6aQ+aQOWwOmyPmiDlqjppj5pg5bo6bE+aEOWVOmdPmtDljzphz5pw5b86bC+aCuWgupt32BSpQgQlMkCHIECQECUHmIHOQJcgSZAuyBbEgFuQIcgQ5g6uDXEHuIE+QN8gX5A8KBGFAgQ04iIKCQaEgHlwTFA6uDYoERYNiQfHABSWCksF1Qang+qB0cENQJrgxKBvcFJQLygcVgorBzUGl4JagcnBrUCW4LagaVAuqBzWC24OawR1BreDOoHZwV1AnuDuoG9wT1AvuDeoHDYKGwX1Bo+D+oHHQJGgaNAuaBy2Cln9qfu/P5H7Q9Qx7hYlh77BP+FzYN+wX9g8HhAPD58NB4Qvh4PDFcEg4NBwWvhQOD18OR4SvhCPDUeHo8NVwTDg2HBeODyeEE8Ok8LVwUvh6ODl8I5wSTg2nBdPDGeHMcFb4Zjg7nBPODd8K54XzwwXhwnBRuDhE/PFuPDl8N1wWvhemhMvDFeHKcFW4OlwTrg3XhevDDeHGcFO4ucygH3cNt4c7wp3hrnB3uCfcG34Q7gs/DPeHH4Wp4cfhgfBv4cHwk/BQ+Gl4OPwsPBJ+Hh4NvwiPhV+Gx8OvwhPhyUwQfh2eDr8Jz4Rnw3Pht+H58LvwQvh9eDH0aTf3aZd3MmQoA2WgBEqgzJSZslAWykbZKEYxykE5KCflpFyUi/JQHspH+agAFaA0TEwFqSDFKU6FqTAVoSJUjIqRI0clqSSVolJUmkpTGSpDZakslSNLFagC3Uw30y10C91Kt9JtdBtVo2pUg2oQYk2qRbWoNtWmOlSH6lJdqkf1qD7Vp4bUkBpRI2pMjakpNaXm1JxaUktqRa2oNbWmttSW2lE7ak/tqQN1oI7UkTpRJ+pMnakLdaGu1JW6UTfqTt2pB/WgntSTEimR+lAf6kt9qT/1p4E0kAbRIBpMg2kIDaFhNIyG03AaQSNoJI2i0fQqjaGxNI7G0wSaSEmURJNoEk2myTSFptA0mkYzaAbNolk0m2bTXJpL82geLaAFtIgW0RJaQktpKSVTMi2jZZRCKbSCVtAqWkVraA2to3W0gTbQJtpEW2gLbaNttJ22007aSbtpN+2lvbSP9tF+2k+plEoH6AAdpIN0iA7RYTpMR+gIHaWjdIyO0XE6TifoBJ2iU3SaTtMZOkPn6Bydp+/oAn1PF8lTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bO5fxGStLWKL2mK2uHW2hC1pr/tNXM6WtxVsRXuzrWRvsZVtOZsJ/j6uae+wteydtra9y9awt/8irmPvtnXt/baebWLr22a2oW1hG9n7bWPbxDa1zWxz28K2sw/b9vYR28E+ajvax34TL7Xv2HV2vd1gN9p99kN7zn5rj9ov7Hn7ne1pe9mB9nk7yL5gB9sX7RA79JcxgB1tX7Vj7Fg7zo63E+zE38TT7HQ7w860s+ybdrad85t4iX3bzrPJdoFdaBfZxT/EaTUl23ftMvueTbHL7Qq70q6yq+0au/b/1rrSbrZb7Fa7135gt9sddqfdZXfbPT/Eaeex335kU+3H9oj93B60n9hD9pg9bD/7IU47v2P2S3vcfmVP2JP2lP3anrbf2DP27A/nn3buX9vv7UXrLTCyYs2GA87AGTmBM3FmvoKzcFbOxtk5xldyDr6Kc/LVnItzcx7Oy/k4PxfgkIktM0dckAtxnK/hwnwtF+GiXIyLs+MSXJKv41J8PZfmG7gM38hl+SYux+W5Alfkm7kS38KV+VauwrdxVa7G1bkG3841+Q6uxXdybb6L6/DdXJfv4Xp8L9fnBtyQ7+NGfD835ibclJtxc27BLfkBbsUPcmtuw235IW7HD3N7foQ78KPckR/jTvw4d+YnuAs/yV35Ke7GT3N3foZ78LPck3txIvfmPvwc9+V+3J8H8EB+ngfxCzyYX+QhPJSH8Us8nF/mEfwKj+RRPJpf5TE8lsfxeJ7AEzmJX+NJ/DpP5jd4Ck/laTydZ/BMnsVv8myew3P5LZ7H83kBL+RFvJiX8Nu8lN/hZH6Xl/F7nMLLeQWv5FW8mtfwWl7H63kDb+RNvJm38Fbexu/zdt7BO3kX7+Y9vJc/4H38Ie/njziVP+YD/Dc+yJ/wIf6UD/NnfIQ/56P8BR/jL/k4f8Un+CSf4q/5NH/DZ/gsn+Nv+Tx/xxf4e77IniHCSEU6MlEQZYgyRglRpihzdEWUJcoaZYuyR7HoyihHdFWUM7o6yhXljvJEeaN8Uf6oQBRGFNmIoygqGBWK4tE1UeHo2qhIVDQqFhWPXFQiKhldF5WKro9KRzdEZaIbo7LRTVG5qHxUIaoY3RxVim6JKke3RlWi26KqUbWoelQjuj2qGd0R1YrujGpHd0Wlo7ujutE9Ub3o3qh+1CBqGN0XNYrujxpHTaKmUbOoedQiahk9ELWKHoxaR22ittFDUbvo4ah99EjUIXo06hg9dml70eDHq+mvtidGvSP90xuyO/Wi+OL4kvjb8aXxd+LJ8Xfjy+LvxVPiy+Mr4ivjq+Kr42via+Pr4uvjG+Ib45vim+Nb4lvj3tfICA7THoTBuMBlcBldgsvkMrsrXBaX1WVz2V3MXelyuKtcTne1y+Vyuzwur8vn8rsCLnTkrGMXuYKukIu7a1xhd60r4oq6Yq64c66EK+lauJaupWvlHnStXRvX1j3kHnIPu4fdI+4R96jr6B5zndzjrrN7wnVxT7on3VOum3vadXfPuB7uWdfT9XKJLtH1cX1cX9fX9Xf93UA30A1yg9xgN9gNcUPcMDfMDXfD3Qg3wo10I91oN9qNcWPcODfOTXATXJJLcpPcJDfZTXZT3BQ3zU1zM9wMN8vNcrPdbDfXzXXz3Dy3wC1wi9wit8QtcUvdUpfskt0yt8yluBS3wq1wq9wqt8atcevcOrfBbXCb3Ca3xW1x29w2t91tdzvdTrfb7XZ73V63z+1z+91+l+pS3QF3wB10B90h96k77D5zR9zn7qj7wh1zX7rj7it3wp10p9zX7rT7xp1xZ9059607775zF9z37qLzLin2WmxS7PXY5NgbsSmxqbFpsemxGbGZsVmxN2OzY3Nic2NvxebF5scWxBbGFsUWx5bE3o4tjb0TS469G1sWey+WElseWxFbGVsVWx3zPv/2yBf0hXzcX+ML+2t9EV/UF/PFvfMlfEl/nS/lr/el/Q2+jL/Rl/U3+XK+vK/gm/imvplv7lv4lv4B38o/6Fv7Nr6tf8i38w/79v4R38E/6jv6x3wn/7jv7J/wXfyTvqt/av5PP56+h3/W9/S9fKLv7fv453xf38/39wP8QP+8H+Rf8IP9i36IH+qH+Zf8cP+yH+Ff8SP9KD/av+rH+LF+nB/vJ/iJPsm/5if51/1k/4af4qf6aX66n+Fn+ln+TT/bz/Fz/Vt+np/vF/iFfpFf7Jf4t/1S/45P9u/6Zf49n+KX+xV+pV/lV/s1fq1f59f7DX6j3+Q3+y1+q9/mM8J2v8Pv9Lv8br/H7/Uf+H3+Q7/ff+RT/cf+gP+bP+g/8Yf8p/6w/8wf8Z/7o/4Lf8x/6Y/7r/wJf9Kf8l/70/4bf8af9ef8t/68/85f8N/7i/I3a0IIIYQQ/xT9B9t7/8469dNiAKAPAGTdkffwr3NuyvXjuJ/a1zEGAI/26trg56VBg8TExJ/2TdEQFFoIALFL8zPApXg5tIWHoQO0gVK/W18/VQH5V/mDv9uelj9+I0BmgEw/r0uAH+Jf5b/+H+Rv8vav8/+6/vhCgCKFLs1JO9DP8aX8pf9B/j3t/iB/pk+SAFr/3ZwscCm+lL8kPAiPQYdf7CmEEEIIIYQQQvyonzrf7Y+eb9Oez/OZS3MywqX4j57P/0DlP+MchBBCCCGEEEII8f/2xNPdH3mgQ4c2nf+bBxn/GmX8BQYIAH+BMmTw1x9c7t9MQgghhBBCiD/bpZv+y12JEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgiRfv37/yFM/dM7X+5zFEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIS63/xMAAP//gUVOqg==")
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
fchdir(r0)
mkdir(&(0x7f0000000000)='./control\x00', 0x0)
creat(&(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x10)
mknod$loop(&(0x7f0000000000)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x4, 0x1)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
creat(&(0x7f0000000e00)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.throttle.io_service_bytes\x00', 0x275a, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cpuset.effective_cpus\x00', 0x275a, 0x0)
creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
rename(&(0x7f0000001800)='./file0\x00', &(0x7f0000001080)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
r1 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r1, &(0x7f0000001fc0)=""/184, 0x20002078)

4.049378631s ago: executing program 2 (id=1460):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r3}, 0x10)
r4 = socket$netlink(0x10, 0x3, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000080)=0x9, 0x12)
bind$netlink(r4, &(0x7f0000000100)={0x10, 0x0, 0x25dfdbfb, 0x4000000}, 0xc)
getsockopt$netlink(r4, 0x10e, 0x9, &(0x7f0000001100)=""/4096, &(0x7f0000000040)=0x1000)

3.902398617s ago: executing program 0 (id=1461):
r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000000680), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'wpan0\x00', <r1=>0x0})
sendmsg$IEEE802154_LLSEC_SETPARAMS(0xffffffffffffffff, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000440)={0x2c, r0, 0x7be9ca225e964e2d, 0x70bd29, 0x25dfdbff, {}, [@IEEE802154_ATTR_LLSEC_FRAME_COUNTER={0x8, 0x2f, 0x81}, @IEEE802154_ATTR_LLSEC_SECLEVEL={0x5, 0x2a, 0x5}, @IEEE802154_ATTR_DEV_INDEX={0x8, 0x2, r1}]}, 0x2c}, 0x1, 0x0, 0x0, 0x44004}, 0x4000004)
vmsplice(0xffffffffffffffff, &(0x7f0000000380)=[{&(0x7f0000000480)="eba45a57fba15bb0a8e9bae2527ace704b509c8242f063e827b9353c21ff7fc525bf96adc120b3657cf12a93d7aa6dde6faae4ed732775a36571270fbf778c6db13c92f66e29ccb9eb74bac03c843bc7d6db25d61ee7f7692f11611ef3c61e375e650741d2da2058d03a82b576c0274a130bd70a104654ba469353939259625cb970664cf0eb65cb3944315ee5ef1e1b0563237422c873b6035c957afbcb9f478d19ad", 0xa3}], 0x1, 0x9)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r2, &(0x7f0000001640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40041}, 0x40010)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x101100, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000044c0)={&(0x7f0000000080)={0x54, 0x2, 0x6, 0x401, 0x0, 0x0, {}, [@IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_CADT_FLAGS={0x8, 0x8, 0x1, 0x0, 0x59}]}, @IPSET_ATTR_PROTOCOL={0x5, 0x1, 0x6}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_TYPENAME={0xd, 0x3, 'hash:net\x00'}]}, 0x54}}, 0x0)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r7, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB="44000000090601020000000000000000000000000900020073797a310000000005000100070000001c0007801800018014000240"], 0x44}, 0x1, 0x0, 0x0, 0x10000047}, 0x4000084)
sendmsg$IPSET_CMD_DESTROY(r5, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000580)={0x1c, 0x3, 0x6, 0x5, 0x0, 0x0, {0x5, 0x0, 0x4}, [@IPSET_ATTR_PROTOCOL={0x5}]}, 0x1c}, 0x1, 0x0, 0x0, 0x1}, 0x4000080)

2.982852825s ago: executing program 4 (id=1462):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$sock_SIOCETHTOOL(0xffffffffffffffff, 0x89f0, 0x0)
connect$phonet_pipe(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000180)={0xa, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
r1 = open(&(0x7f0000000000)='./file0\x00', 0x80140, 0x0)
fcntl$setsig(r1, 0xa, 0x21)
fcntl$setlease(r1, 0x400, 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
creat(&(0x7f0000000100)='./file0\x00', 0x0)
r2 = socket(0x10, 0x3, 0x0)
setsockopt$netlink_NETLINK_TX_RING(r2, 0x10e, 0xc, &(0x7f0000000100)={0x2209d, 0x3, 0x0, 0xfffffffc}, 0x10)
close_range(r1, 0xffffffffffffffff, 0x0)

2.961312794s ago: executing program 2 (id=1463):
syz_mount_image$ext4(&(0x7f00000002c0)='ext4\x00', &(0x7f0000000180)='./bus\x00', 0xe, &(0x7f00000005c0)={[{@bh}, {@errors_remount}]}, 0x3, 0x445, &(0x7f0000000b00)="$eJzs28+PE1UcAPDvTLeLCLgr4g9+qKto3PhjlwVUDh7UaOIBExM96HGzuxCksIZdEyFEwRg8GWPi3Xj0X/CkF2M8mXjVuyEhhgvgqWbaGbYtbdktLUX6+SQD78282fe+nXnte/PaAEbWVPZPErE1Iv6MiIl6trnAVP2/q5fPLly7fHYhiWr13X+SWrkrl88uFEWL87bkmek0Iv0iid1t6l05feb4fKWydCrPz66e+Gh25fSZF46dmD+6dHTp5P5Dhw4emHv5pf0v9iXOrE1Xdn26vGfnWx988/bhr5rib4mjT6a6HXy6Wu1zdcO1rSGdjA2xIWxIKSKyy1Wu9f+JKMXaxZuINz8fauOAgapWq9UtnQ+fqwJ3sSSa87o8jIrigz6b/xZb6yDg1cENP4bu0mv1CVAW99V8qx8ZizQvU26Z3/bTVES8f+7f77ItBvMcAgCgyU/Z+Of5duO/NB5qKHdfvjY0GRH3R8T2iHggInZExIMRtbIPR8QjG6y/dZHkxvFPerGnwNYpG/+9kq9tNY//itFfTJby3LZa/OXkyLHK0r78NZmO8qYsP9eljp/f+OPrTscax3/ZltVfjAXzdlwc29R8zuL86vytxNzo0vmIXWPt4k+urwQkEbEzInb1WMexZ3/Y0+nYzePvog/rTNXvI56pX/9z0RJ/Iem+Pjl7T1SW9s0Wd8WNfvv9wjud6r+l+Psgu/73tr3/r8c/mTSu165svI4Lf33ZcU7T6/0/nrxXS4/n+z6ZX109NRcxnhyuN7px//61c4t8UT6Lf3pv+/6/PdZeid0Rkd3Ej0bEYxHxeN72JyLiyYjY2yX+X19/6sPe4x+sLP7FDV3/tcR4tO5pnygd/+XHpkonb4j/Wvfrf7CWms73rOf9bz3t6u1uBgAAgP+fNCK2RpLOXE+n6cxM/fvyOyLSyvLK6nNHlj8+uVj/jcBklNPiSddEw/PQuXxaX8+fj4j6VwuK4wfy58bfljbX8jMLy5XFYQcPI25Lh/6f+bs07NYBA+f3WjC69H8YXfo/jC79H0ZXm/6/eRjtAG6/dp//nw2hHcDt19L/LfvBCDH/h9Gl/8Po0v9hJK1sjpv/SL5rovhLPZ5+1yaifEc0Y2CJSO+IZkgMKDHc9yUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB++S8AAP///fHg0g==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0xec25, 0x0, 0x0, 0x40000333}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd, 0x6, &(0x7f0000000380)=[{0x0}, {0x0}], 0x2})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

2.730565391s ago: executing program 0 (id=1464):
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$inet6(0xa, 0x80001, 0x0)
syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
socket(0x80000000000000a, 0x2, 0x0)
socket$inet_smc(0x2b, 0x1, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_sctp(0xa, 0x1, 0x84)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x0, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='cgroup.stat\x00', 0x275a, 0x0)
write$UHID_CREATE2(r1, &(0x7f0000000040)=ANY=[@ANYRES8=r0], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r1, 0x0)
r2 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$TIOCL_GETKMSGREDIRECT(r2, 0x541c, &(0x7f0000000000))

2.525353604s ago: executing program 4 (id=1465):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000380)={'vcan0\x00', <r1=>0x0})
r2 = socket$can_j1939(0x1d, 0x2, 0x7)
bind$can_j1939(r2, &(0x7f0000000080)={0x1d, r1, 0x0, {0x0, 0x0, 0x4}, 0xfe}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
getpid()
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
sendmsg$can_j1939(r2, &(0x7f00000001c0)={&(0x7f0000000040), 0x18, &(0x7f0000000180)={&(0x7f00000000c0)="92", 0x1a000}}, 0xee)
sendmsg$can_j1939(r2, &(0x7f0000000480)={&(0x7f0000000240)={0x1d, r1, 0x10, {0x0, 0xf0, 0x2}, 0x2}, 0x18, &(0x7f0000000440)={0x0}, 0x1, 0x0, 0x0, 0x1}, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)

2.524445915s ago: executing program 6 (id=1466):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e23, 0x3, 'dh\x00', 0x1, 0x7, 0x49}, 0x2c)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={0x0}}, 0x0)
setsockopt$IP_VS_SO_SET_ADDDEST(r1, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x4, 0x0}, 0x4e21, 0x3, 'lc\x00', 0x2, 0x81, 0x19}, {@local, 0x4e20, 0x4, 0xc3, 0x12d5c, 0x12d5c}}, 0x44)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @initdev={0xac, 0x1e, 0x1, 0x0}, 0x4e21, 0x3, 'wrr\x00', 0x4, 0x81, 0x5}, {@rand_addr=0xac1414aa, 0x4e23, 0x3, 0x1cb, 0x12d5c, 0x12d5c}}, 0x44)

2.375840649s ago: executing program 0 (id=1467):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet(0x2, 0x1, 0x0)
mount$overlay(0x0, 0x0, &(0x7f0000000380), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0}, 0x50)
r4 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000140)={0x19, 0xf, &(0x7f0000000040)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r4}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000300)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x8300, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0x23, &(0x7f00000000c0)={r5, r3}, 0xc)

1.128029745s ago: executing program 2 (id=1468):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000190c0)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
newfstatat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sndctrl(0x0, 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_WRITE(r3, 0xc1105518, 0x0)
creat(&(0x7f0000000b80)='./bus\x00', 0x155)
mount(&(0x7f0000000000)=@loop={'/dev/loop', 0x0}, &(0x7f00000005c0)='./bus\x00', &(0x7f00000000c0)='ecryptfs\x00', 0x0, 0x0)

1.027264505s ago: executing program 6 (id=1469):
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
wait4(0x0, 0x0, 0x20000000, &(0x7f00000003c0))
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
inotify_init1(0x800)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = syz_open_procfs(0x0, &(0x7f0000000040)='maps\x00')
r2 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000000), 0x282, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000007, 0x38011, r2, 0x3000)
io_uring_setup(0x2e34, &(0x7f0000000180)={0x0, 0xfffffffc})
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0xc0686611, &(0x7f0000000180)={0x67, 0x0, 0x3f, 0x2000, &(0x7f0000ffe000/0x2000)=nil})

125.574418ms ago: executing program 0 (id=1470):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000340)={0xd, 0x200200090}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000040)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r4 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_DELAYED_SACK(r4, 0x84, 0x10, &(0x7f0000000240)=@assoc_value, 0x8)
ioctl$SNDCTL_DSP_SETFMT(0xffffffffffffffff, 0xc0045005, 0x0)
getsockopt$sock_int(r0, 0x1, 0x2b, 0x0, &(0x7f0000000100))
io_submit(0x0, 0x0, 0x0)

0s ago: executing program 7 (id=1471):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$netlink(0x10, 0x3, 0x4)
socket$inet6(0xa, 0x3, 0x7)
writev(r4, &(0x7f0000000300)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560aff820fffff5bab00070000002058000b4824ca945f6400940f6a0325010ebc000000000000008000f0fffeffe809005300fff5dd000000100001000a0c100000000000224e0000", 0x58}], 0x1)

kernel console output (not intermixed with test programs):

66][ T5917] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  182.931564][   T30] audit: type=1326 audit(1751278715.993:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  183.137070][   T12] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.192111][   T30] audit: type=1326 audit(1751278715.993:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  183.296932][   T30] audit: type=1326 audit(1751278715.993:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  183.520931][   T30] audit: type=1326 audit(1751278715.993:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7153 comm="syz.4.330" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f884d7858e7 code=0x7ffc0000
[  183.593805][   T12] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  183.742306][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000900.
[  184.152635][   T12] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.270973][   T12] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  184.718519][   T12] bridge_slave_1: left allmulticast mode
[  184.757565][   T12] bridge_slave_1: left promiscuous mode
[  184.792622][   T12] bridge0: port 2(bridge_slave_1) entered disabled state
[  185.021046][   T12] bridge_slave_0: left allmulticast mode
[  185.246268][   T12] bridge_slave_0: left promiscuous mode
[  185.254049][   T12] bridge0: port 1(bridge_slave_0) entered disabled state
[  185.934175][ T5838] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  185.944172][ T5838] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  185.952304][ T5838] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  185.994813][ T5838] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  186.015446][ T5838] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  186.253303][ T7202] loop0: detected capacity change from 0 to 1024
[  186.606491][ T7208] loop3: detected capacity change from 0 to 64
[  186.693102][ T5916] usb 5-1: new full-speed USB device number 4 using dummy_hcd
[  187.506511][ T5916] usb 5-1: config 0 has an invalid interface number: 112 but max is 0
[  187.533736][ T5916] usb 5-1: config 0 has no interface number 0
[  187.696439][ T5916] usb 5-1: config 0 interface 112 altsetting 0 endpoint 0x2 has invalid maxpacket 1024, setting to 64
[  188.235693][ T5838] Bluetooth: hci4: command tx timeout
[  188.283360][ T5916] usb 5-1: New USB device found, idVendor=1286, idProduct=1fa4, bcdDevice=fb.16
[  188.308900][ T5916] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  188.341707][ T5916] usb 5-1: Product: syz
[  188.351845][ T5916] usb 5-1: Manufacturer: syz
[  188.377481][ T5916] usb 5-1: SerialNumber: syz
[  188.482706][ T5916] usb 5-1: config 0 descriptor??
[  188.662840][ T5916] mvusb_mdio 5-1:0.112: probe with driver mvusb_mdio failed with error -5
[  188.922415][ T7219] netlink: 'syz.0.351': attribute type 10 has an invalid length.
[  189.043194][   T12] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  189.063956][   T12] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  189.073739][   T12] bond0 (unregistering): Released all slaves
[  189.145865][ T7219] team0: Port device team_slave_0 removed
[  189.306256][ T7226] loop2: detected capacity change from 0 to 164
[  189.897699][  T982] usb 5-1: USB disconnect, device number 4
[  190.400135][ T5838] Bluetooth: hci4: command tx timeout
[  191.248515][   T12] hsr_slave_0: left promiscuous mode
[  191.384959][   T12] hsr_slave_1: left promiscuous mode
[  191.391109][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  191.457325][   T12] batman_adv: batadv0: Removing interface: batadv_slave_0
[  191.487046][   T12] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  191.536743][   T12] batman_adv: batadv0: Removing interface: batadv_slave_1
[  191.627124][   T12] veth1_macvtap: left promiscuous mode
[  191.639545][ T7263] netlink: 4 bytes leftover after parsing attributes in process `syz.3.361'.
[  191.644223][   T12] veth0_macvtap: left promiscuous mode
[  191.682727][   T12] veth1_vlan: left promiscuous mode
[  191.699874][   T12] veth0_vlan: left promiscuous mode
[  192.414678][ T5838] Bluetooth: hci4: command tx timeout
[  194.285488][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  194.292267][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  194.524647][ T5153] Bluetooth: hci4: command tx timeout
[  194.774206][ T7289] netlink: 'syz.2.367': attribute type 10 has an invalid length.
[  195.007290][   T12] team0 (unregistering): Port device team_slave_1 removed
[  195.089021][   T12] team0 (unregistering): Port device team_slave_0 removed
[  195.939682][ T7289] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  196.258442][ T5153] Bluetooth: hci3: command 0x0406 tx timeout
[  196.336421][ T5847] Bluetooth: hci0: command 0x0406 tx timeout
[  196.342454][ T5847] Bluetooth: hci1: command 0x0406 tx timeout
[  196.759505][ T7196] chnl_net:caif_netlink_parms(): no params data found
[  197.951520][ T7196] bridge0: port 1(bridge_slave_0) entered blocking state
[  197.960689][ T7196] bridge0: port 1(bridge_slave_0) entered disabled state
[  198.004171][ T7196] bridge_slave_0: entered allmulticast mode
[  198.402731][ T7196] bridge_slave_0: entered promiscuous mode
[  198.452020][ T7196] bridge0: port 2(bridge_slave_1) entered blocking state
[  198.489039][ T7196] bridge0: port 2(bridge_slave_1) entered disabled state
[  198.502623][ T7196] bridge_slave_1: entered allmulticast mode
[  198.534398][ T7196] bridge_slave_1: entered promiscuous mode
[  199.661733][ T7352] overlayfs: statfs failed on './file0'
[  199.733775][ T7196] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  199.827926][ T7196] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  200.391671][ T7196] team0: Port device team_slave_0 added
[  200.439792][ T7196] team0: Port device team_slave_1 added
[  200.609750][ T7367] trusted_key: encrypted_key: insufficient parameters specified
[  201.474233][ T7196] batman_adv: batadv0: Adding interface: batadv_slave_0
[  201.487181][ T7196] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.521863][ T7196] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  201.559401][ T7196] batman_adv: batadv0: Adding interface: batadv_slave_1
[  201.573992][ T7196] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  201.673567][ T7196] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  201.898360][ T7196] hsr_slave_0: entered promiscuous mode
[  201.915656][ T7196] hsr_slave_1: entered promiscuous mode
[  201.929075][ T7196] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  201.947960][ T7196] Cannot create hsr debugfs directory
[  201.952466][ T7397] loop4: detected capacity change from 0 to 4096
[  202.672318][ T7405] loop3: detected capacity change from 0 to 2048
[  202.830939][ T7408] capability: warning: `syz.0.392' uses deprecated v2 capabilities in a way that may be insecure
[  203.170070][ T5917] Process accounting resumed
[  205.027762][ T7196] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  205.101649][ T7196] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  205.183263][ T7196] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  205.202416][ T7196] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  205.845339][ T7196] 8021q: adding VLAN 0 to HW filter on device bond0
[  205.921659][ T7196] 8021q: adding VLAN 0 to HW filter on device team0
[  205.963338][   T13] bridge0: port 1(bridge_slave_0) entered blocking state
[  205.970561][   T13] bridge0: port 1(bridge_slave_0) entered forwarding state
[  206.147440][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  206.154608][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  208.983665][ T7454] loop3: detected capacity change from 0 to 512
[  209.315657][ T7454] EXT4-fs (loop3): revision level too high, forcing read-only mode
[  209.334421][ T7454] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  209.492594][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 3: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  209.562559][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 12: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5066064, rec_len=1, size=2048 fake=0
[  210.324897][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 13: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653246737, rec_len=1, size=2048 fake=0
[  210.348533][ T7196] 8021q: adding VLAN 0 to HW filter on device batadv0
[  210.696355][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 14: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  210.835760][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 15: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=5, rec_len=0, size=2048 fake=0
[  210.900686][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 16: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3653245223, rec_len=1, size=2048 fake=0
[  211.011728][ T7454] EXT4-fs error (device loop3): ext4_readdir:264: inode #2: block 17: comm syz.3.402: path /87/file0: bad entry in directory: rec_len is smaller than minimal - offset=0, inode=3, rec_len=0, size=2048 fake=0
[  211.100522][ T7454] EXT4-fs error (device loop3): ext4_map_blocks:780: inode #2: block 18: comm syz.3.402: lblock 23 mapped to illegal pblock 18 (length 1)
[  211.908165][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  211.941698][ T7196] veth0_vlan: entered promiscuous mode
[  211.987906][ T7196] veth1_vlan: entered promiscuous mode
[  212.119550][ T7196] veth0_macvtap: entered promiscuous mode
[  212.163021][ T7196] veth1_macvtap: entered promiscuous mode
[  212.228150][ T7196] batman_adv: batadv0: Interface activated: batadv_slave_0
[  212.615443][ T7196] batman_adv: batadv0: Interface activated: batadv_slave_1
[  212.653430][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  212.705756][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  212.788300][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  212.817737][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  212.916726][ T7531] loop4: detected capacity change from 0 to 2048
[  213.426851][ T1108] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.434890][ T1108] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  213.462836][ T7531] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  213.776630][   T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  213.795252][   T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  217.683290][ T7590] loop0: detected capacity change from 0 to 2048
[  217.753875][ T7590] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  224.591647][ T7683] netlink: 'syz.6.448': attribute type 6 has an invalid length.
[  225.241135][ T7672] loop3: detected capacity change from 0 to 32768
[  225.851584][ T7672] XFS (loop3): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  226.291921][ T7672] XFS (loop3): Ending clean mount
[  226.329576][ T7672] XFS (loop3): Quotacheck needed: Please wait.
[  227.472284][ T7672] XFS (loop3): Quotacheck: Done.
[  228.482568][ T5834] XFS (loop3): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  229.048554][ T7735] Cannot find add_set index 0 as target
[  229.878514][ T7740] Cache volume key already in use (9p,(null),)
[  230.376212][ T7752] trusted_key: encrypted_key: insufficient parameters specified
[  233.461026][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  233.461042][   T30] audit: type=1326 audit(1751278767.323:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7787 comm="syz.2.469" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x0
[  233.784732][ T5988] usb 3-1: new full-speed USB device number 4 using dummy_hcd
[  234.077193][ T5988] usb 3-1: unable to get BOS descriptor or descriptor too short
[  234.103148][ T5988] usb 3-1: not running at top speed; connect to a high speed hub
[  234.133679][ T5988] usb 3-1: config 7 has an invalid interface number: 44 but max is 0
[  234.152194][ T5988] usb 3-1: config 7 has no interface number 0
[  234.189439][ T5988] usb 3-1: config 7 interface 44 altsetting 14 endpoint 0x6 has an invalid bInterval 0, changing to 10
[  234.248994][ T5988] usb 3-1: config 7 interface 44 altsetting 14 endpoint 0x6 has invalid wMaxPacketSize 0
[  234.280260][ T5988] usb 3-1: config 7 interface 44 has no altsetting 0
[  234.345102][ T5988] usb 3-1: New USB device found, idVendor=798d, idProduct=9787, bcdDevice=fc.51
[  234.403921][ T5988] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.452658][ T5988] usb 3-1: Product: syz
[  234.466102][ T5988] usb 3-1: Manufacturer: syz
[  234.470803][ T5988] usb 3-1: SerialNumber: syz
[  236.009077][ T7822] netlink: 'syz.4.476': attribute type 1 has an invalid length.
[  236.038956][ T7822] netlink: 'syz.4.476': attribute type 4 has an invalid length.
[  236.085559][ T7822] netlink: 15334 bytes leftover after parsing attributes in process `syz.4.476'.
[  236.288797][ T7825] xt_CT: No such helper "syz1"
[  236.468304][ T5988] usb 3-1: USB disconnect, device number 4
[  237.132684][ T7852] netlink: zone id is out of range
[  237.224732][ T7852] netlink: zone id is out of range
[  238.146552][ T7862] @: renamed from vlan0 (while UP)
[  238.307256][ T7852] netlink: set zone limit has 4 unknown bytes
[  239.720828][ T7927] loop4: detected capacity change from 0 to 512
[  239.770608][ T7927] EXT4-fs: Ignoring removed i_version option
[  239.933337][ T7927] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.954732][ T7927] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  241.229629][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.536476][ T7957] netlink: 4 bytes leftover after parsing attributes in process `syz.0.495'.
[  241.643868][ T7957] netlink: 12 bytes leftover after parsing attributes in process `syz.0.495'.
[  241.954107][ T7937] loop6: detected capacity change from 0 to 32768
[  242.044869][ T7937] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop6 (7:6) scanned by syz.6.490 (7937)
[  242.253966][ T7937] BTRFS info (device loop6): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  242.346638][ T5988] Process accounting resumed
[  242.389229][ T7937] BTRFS info (device loop6): using crc32c (crc32c-lib) checksum algorithm
[  242.591205][ T7937] BTRFS info (device loop6): using free-space-tree
[  242.974862][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-flush_delalloc": -EINTR
[  243.002086][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  243.189317][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-fixup": -EINTR
[  243.322421][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  243.444704][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  243.575280][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  243.695234][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  243.810262][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-compressed-write": -EINTR
[  243.908832][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  244.005698][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-delayed-meta": -EINTR
[  244.077554][ T7937] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  244.157442][ T7937] BTRFS error (device loop6): open_ctree failed: -12
[  244.622462][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.631366][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.640187][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.650457][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.659302][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.668095][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.676886][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  244.685697][ T8007] netlink: 4 bytes leftover after parsing attributes in process `syz.3.502'.
[  250.086937][ T8074] kvm: kvm [8072]: vcpu0, guest rIP: 0x1a3 Unhandled WRMSR(0x186) = 0x8000
[  250.160809][ T8075] loop0: detected capacity change from 0 to 4096
[  251.211604][ T8082] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  252.967530][ T8097] bond0: (slave team0): Releasing backup interface
[  253.123450][ T8097] bridge_slave_0: left promiscuous mode
[  253.180558][ T8097] bridge_slave_0: left allmulticast mode
[  253.368705][ T8097] team0: Port device bridge_slave_0 removed
[  253.441804][ T8097] bridge_slave_1: left allmulticast mode
[  253.472487][ T8097] bridge_slave_1: left promiscuous mode
[  253.938868][ T8097] bridge0: port 2(bridge_slave_1) entered disabled state
[  254.735281][ T8097] bond0: (slave 
5
@�): Releasing backup interface
[  254.801005][ T8097] bond0: (slave bond_slave_1): Releasing backup interface
[  254.952599][ T8097] team_slave_0: left promiscuous mode
[  254.966063][ T8097] team_slave_0: left allmulticast mode
[  255.003664][ T8134] loop6: detected capacity change from 0 to 2048
[  255.023988][ T8097] team0: Port device team_slave_0 removed
[  255.070288][ T8097] team_slave_1: left promiscuous mode
[  255.521415][ T8097] team_slave_1: left allmulticast mode
[  255.586999][ T8145] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  255.609830][ T8097] team0: Port device team_slave_1 removed
[  255.666869][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  255.673199][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  255.718550][ T8097] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  255.797237][ T8097] batman_adv: batadv0: Removing interface: batadv_slave_0
[  255.934149][ T8097] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  255.963215][ T8097] batman_adv: batadv0: Removing interface: batadv_slave_1
[  256.113549][ T8097] bond0: (slave vlan2): Releasing backup interface
[  256.278333][ T8099] team0: Mode changed to "loadbalance"
[  256.317210][   T30] audit: type=1800 audit(1751278790.183:103): pid=8160 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.530" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0
[  256.508120][ T8160] fuse: Unknown parameter './file0'
[  256.568371][ T5916] syz1: Port: 1 Link DOWN
[  259.077249][ T8187] loop2: detected capacity change from 0 to 16
[  259.177667][ T8187] erofs (device loop2): mounted with root inode @ nid 36.
[  261.794174][ T8211] loop3: detected capacity change from 0 to 4096
[  261.806719][ T8215] loop2: detected capacity change from 0 to 512
[  261.857862][ T8215] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.865274][ T8211] ntfs3(loop3): Different NTFS sector size (2048) and media sector size (512).
[  261.884605][ T8215] EXT4-fs: inline encryption not supported
[  261.930869][ T8220] loop6: detected capacity change from 0 to 256
[  261.944700][ T8215] EXT4-fs: Ignoring removed mblk_io_submit option
[  261.973948][ T8215] EXT4-fs (loop2): Test dummy encryption mode enabled
[  262.029890][ T8215] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  262.049076][ T8220] FAT-fs (loop6): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  262.108665][ T8215] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  262.189791][ T8215] EXT4-fs (loop2): 1 truncate cleaned up
[  262.208937][ T8215] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  262.356097][ T8215] fscrypt: AES-256-XTS using implementation "xts-aes-aesni-avx"
[  262.583926][ T8234] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  262.612566][ T8212] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  262.868072][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.365287][ T5903] usb 5-1: new high-speed USB device number 5 using dummy_hcd
[  265.884586][ T5903] usb 5-1: Using ep0 maxpacket: 16
[  266.055775][ T5903] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  266.764510][ T5903] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  266.859810][ T5903] usb 5-1: string descriptor 0 read error: -71
[  266.895961][ T5903] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  267.094548][ T5903] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  267.180770][ T8288] xt_HMARK: spi-set and port-set can't be combined
[  267.749800][ T5903] usb 5-1: can't set config #1, error -71
[  267.902488][ T8285] loop2: detected capacity change from 0 to 2048
[  267.926080][ T5903] usb 5-1: USB disconnect, device number 5
[  268.075701][ T8286] loop0: detected capacity change from 0 to 2048
[  268.473762][ T8293] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  268.486105][ T8286] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  269.691838][ T8304] loop3: detected capacity change from 0 to 256
[  269.812484][ T8304] exfat: Bad value for 'uid'
[  269.884621][ T8304] exfat: Bad value for 'uid'
[  270.016612][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  272.080114][ T8323] loop2: detected capacity change from 0 to 1024
[  272.235406][ T8323] ext2: Unknown parameter 'defcontext'
[  273.295607][ T8341] netlink: 'syz.4.572': attribute type 13 has an invalid length.
[  273.427864][ T8341] 8021q: adding VLAN 0 to HW filter on device team0
[  273.461957][ T8341] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  275.677370][   T30] audit: type=1800 audit(1751278809.533:104): pid=8381 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.6.583" name="SYSV00000000" dev="hugetlbfs" ino=2 res=0 errno=0
[  277.921911][   T30] audit: type=1800 audit(1751278811.783:105): pid=8401 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.588" name="/" dev="9p" ino=2 res=0 errno=0
[  279.318513][ T8420] netlink: 'syz.2.592': attribute type 10 has an invalid length.
[  279.363518][ T8422] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount.
[  279.389812][ T8422] CIFS mount error: No usable UNC path provided in device string!
[  279.389812][ T8422] 
[  279.400122][ T8422] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string!
[  280.006565][ T8429] __nla_validate_parse: 45 callbacks suppressed
[  280.006582][ T8429] netlink: 24 bytes leftover after parsing attributes in process `syz.3.590'.
[  280.532388][ T8420] veth0_vlan: left promiscuous mode
[  280.552723][ T8420] veth0_vlan: entered promiscuous mode
[  280.562145][ T8420] team0: Device veth0_vlan failed to register rx_handler
[  283.706920][ T8445] geneve2: entered promiscuous mode
[  283.714106][ T8445] geneve2: entered allmulticast mode
[  283.984162][ T8462] netlink: 'syz.2.603': attribute type 10 has an invalid length.
[  284.251926][ T8462] netlink: 40 bytes leftover after parsing attributes in process `syz.2.603'.
[  285.269781][ T8462] team0: Port device geneve0 added
[  285.360490][ T8470] loop3: detected capacity change from 0 to 4096
[  285.414258][ T8470] EXT4-fs: Ignoring removed orlov option
[  285.451433][ T8470] EXT4-fs: Ignoring removed nobh option
[  285.506872][ T8470] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  285.543060][ T8470] EXT4-fs (loop3): Test dummy encryption mode enabled
[  285.616473][ T8470] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  285.728734][   T30] audit: type=1800 audit(1751278819.593:106): pid=8490 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.609" name="/" dev="9p" ino=2 res=0 errno=0
[  287.453378][ T8513] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  288.107811][ T5834] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  288.193454][    C0] Unknown status report in ack skb
[  288.545451][ T8525] loop3: detected capacity change from 0 to 2048
[  288.616428][ T8525] UDF-fs: error (device loop3): udf_read_tagged: tag version 0x0000 != 0x0002 || 0x0003, block 0
[  288.670338][ T8525] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  288.709703][ T8525] UDF-fs: Scanning with blocksize 512 failed
[  288.920251][ T8525] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  290.728123][ T8543] loop0: detected capacity change from 0 to 1024
[  291.164974][ T5946] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  291.520714][ T5946] usb 1-1: Using ep0 maxpacket: 32
[  291.627641][ T5946] usb 1-1: config 0 has an invalid interface number: 166 but max is 0
[  291.645146][ T5946] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  291.664825][ T5946] usb 1-1: config 0 has no interface number 0
[  291.707789][ T5946] usb 1-1: New USB device found, idVendor=06d0, idProduct=0622, bcdDevice= 3.5a
[  291.761223][ T5946] usb 1-1: New USB device strings: Mfr=0, Product=2, SerialNumber=3
[  291.812096][ T5946] usb 1-1: Product: syz
[  291.821175][ T5946] usb 1-1: SerialNumber: syz
[  292.266022][ T8561] loop6: detected capacity change from 0 to 4096
[  292.294596][ T8561] ntfs3(loop6): Different NTFS sector size (4096) and media sector size (512).
[  293.340082][ T5946] usb 1-1: config 0 descriptor??
[  293.396965][ T5946] usb 1-1: can't set config #0, error -71
[  293.424039][ T5946] usb 1-1: USB disconnect, device number 4
[  293.489093][ T7920] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  293.702466][ T7920] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  294.194856][ T5847] Bluetooth: hci4: connection err: -111
[  294.474564][ T7920] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.467468][ T7920] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  296.875753][ T5850] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  296.887763][ T5850] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  296.899909][ T5850] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  296.908940][ T5850] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  296.917312][ T5850] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  296.978054][ T8613] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.987456][ T8613] bridge0: port 2(bridge_slave_1) entered disabled state
[  297.050712][ T8615] netlink: 'syz.0.636': attribute type 16 has an invalid length.
[  297.225938][ T8615] netlink: 'syz.0.636': attribute type 17 has an invalid length.
[  297.927972][ T8613] netlink: 'syz.0.636': attribute type 16 has an invalid length.
[  297.966869][ T8613] netlink: 'syz.0.636': attribute type 17 has an invalid length.
[  298.578515][ T5916] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  298.690020][ T8613] bond_slave_0: left promiscuous mode
[  298.836293][ T8613] bond_slave_1: left promiscuous mode
[  298.843069][ T5916] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 94, changing to 10
[  298.883874][ T5916] usb 1-1: New USB device found, idVendor=18d1, idProduct=9400, bcdDevice= 0.00
[  298.937751][ T5916] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  298.949245][ T5916] usb 1-1: config 0 descriptor??
[  299.065026][ T5850] Bluetooth: hci2: command tx timeout
[  299.520302][ T8613] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  299.937310][ T8613] bond0: left allmulticast mode
[  299.942310][ T8613] bond_slave_0: left allmulticast mode
[  299.947896][ T8613] bond_slave_1: left allmulticast mode
[  300.054376][ T5916] usbhid 1-1:0.0: can't add hid device: -71
[  300.078740][ T5916] usbhid 1-1:0.0: probe with driver usbhid failed with error -71
[  300.080069][ T7908] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  300.239164][ T5916] usb 1-1: USB disconnect, device number 5
[  300.279660][ T7908] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  300.447597][ T7908] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  300.456829][ T7908] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  301.138601][ T5850] Bluetooth: hci2: command tx timeout
[  302.680090][ T8676] loop6: detected capacity change from 0 to 256
[  302.695240][ T5890] usb 5-1: new high-speed USB device number 6 using dummy_hcd
[  302.765808][ T8676] FAT-fs (loop6): Directory bread(block 64) failed
[  302.773248][ T8676] FAT-fs (loop6): Directory bread(block 65) failed
[  302.786617][ T8676] FAT-fs (loop6): Directory bread(block 66) failed
[  302.793149][ T8676] FAT-fs (loop6): Directory bread(block 67) failed
[  302.828537][ T8676] FAT-fs (loop6): Directory bread(block 68) failed
[  302.835690][ T8676] FAT-fs (loop6): Directory bread(block 69) failed
[  302.842350][ T8676] FAT-fs (loop6): Directory bread(block 70) failed
[  302.861380][ T8676] FAT-fs (loop6): Directory bread(block 71) failed
[  302.883569][ T8676] FAT-fs (loop6): Directory bread(block 72) failed
[  302.892128][ T5890] usb 5-1: config 0 has no interfaces?
[  302.899373][ T5890] usb 5-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  302.915633][ T8676] FAT-fs (loop6): Directory bread(block 73) failed
[  302.922268][ T5890] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  302.954684][ T5890] usb 5-1: SerialNumber: syz
[  302.976986][ T5890] usb 5-1: config 0 descriptor??
[  303.064287][ T8676] syz.6.649: attempt to access beyond end of device
[  303.064287][ T8676] loop6: rw=2051, sector=1320, nr_sectors = 32 limit=256
[  303.089588][ T8676] syz.6.649: attempt to access beyond end of device
[  303.089588][ T8676] loop6: rw=2051, sector=1384, nr_sectors = 32 limit=256
[  303.111667][ T8676] syz.6.649: attempt to access beyond end of device
[  303.111667][ T8676] loop6: rw=2051, sector=1448, nr_sectors = 32 limit=256
[  303.132444][ T8676] syz.6.649: attempt to access beyond end of device
[  303.132444][ T8676] loop6: rw=2051, sector=1512, nr_sectors = 32 limit=256
[  303.151619][ T8676] syz.6.649: attempt to access beyond end of device
[  303.151619][ T8676] loop6: rw=2051, sector=1576, nr_sectors = 32 limit=256
[  303.167509][ T8676] syz.6.649: attempt to access beyond end of device
[  303.167509][ T8676] loop6: rw=2051, sector=1640, nr_sectors = 32 limit=256
[  303.193506][ T8676] syz.6.649: attempt to access beyond end of device
[  303.193506][ T8676] loop6: rw=2051, sector=1704, nr_sectors = 32 limit=256
[  303.224521][ T5850] Bluetooth: hci2: command tx timeout
[  303.235958][ T8671] netlink: 28 bytes leftover after parsing attributes in process `syz.4.648'.
[  303.257428][ T8681] netlink: 'syz.6.649': attribute type 29 has an invalid length.
[  303.287132][ T8671] netlink: 28 bytes leftover after parsing attributes in process `syz.4.648'.
[  303.312517][ T8676] syz.6.649: attempt to access beyond end of device
[  303.312517][ T8676] loop6: rw=2051, sector=1768, nr_sectors = 32 limit=256
[  303.334379][ T7920] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  303.340454][ T8676] syz.6.649: attempt to access beyond end of device
[  303.340454][ T8676] loop6: rw=2051, sector=1864, nr_sectors = 32 limit=256
[  303.359781][ T7920] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  303.363923][ T8676] syz.6.649: attempt to access beyond end of device
[  303.363923][ T8676] loop6: rw=2051, sector=1928, nr_sectors = 32 limit=256
[  303.403780][ T8683] netlink: 'syz.0.651': attribute type 1 has an invalid length.
[  303.427728][ T7920] bond0 (unregistering): Released all slaves
[  303.522111][ T8685] netlink: 28 bytes leftover after parsing attributes in process `syz.0.651'.
[  303.635243][ T7920] bond1 (unregistering): Released all slaves
[  303.669258][ T8671] bond0: entered promiscuous mode
[  303.685405][ T8671] bridge0: entered promiscuous mode
[  303.695854][ T8671] hsr1: Slave A (bond0) is not up; please bring it up to get a fully working HSR network
[  303.730443][ T8671] hsr1: Slave B (bridge0) is not up; please bring it up to get a fully working HSR network
[  303.767764][ T5917] usb 5-1: USB disconnect, device number 6
[  304.028166][ T8684] bond1: (slave geneve2): making interface the new active one
[  304.130847][ T8684] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  304.325214][ T8685] 8021q: adding VLAN 0 to HW filter on device bond1
[  304.370258][ T7920] : left promiscuous mode
[  304.474641][ T7912] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 20000 - 0
[  304.497343][ T7912] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 20000 - 0
[  304.510415][ T7912] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 20000 - 0
[  304.521403][ T7912] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 20000 - 0
[  305.299939][ T5850] Bluetooth: hci2: command tx timeout
[  306.675932][ T7920] hsr_slave_0: left promiscuous mode
[  306.753168][ T7920] hsr_slave_1: left promiscuous mode
[  306.774191][ T7920] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  306.820281][ T7920] batman_adv: batadv0: Removing interface: batadv_slave_0
[  306.930914][ T7920] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  306.964203][ T7920] batman_adv: batadv0: Removing interface: batadv_slave_1
[  307.252508][ T7920] veth1_macvtap: left promiscuous mode
[  307.293363][ T7920] veth0_macvtap: left promiscuous mode
[  307.299875][ T7920] veth1_vlan: left promiscuous mode
[  307.319868][ T7920] veth0_vlan: left promiscuous mode
[  308.516114][ T8748] TCP: out of memory -- consider tuning tcp_mem
[  308.895395][ T5847] Bluetooth: hci4: command 0x0406 tx timeout
[  312.269809][ T7920] team0 (unregistering): Port device team_slave_1 removed
[  313.106855][ T7920] team0 (unregistering): Port device team_slave_0 removed
[  314.068343][ T8811] loop0: detected capacity change from 0 to 1764
[  314.179337][ T8814] iso9660: Corrupted directory entry in block 2 of inode 1920
[  314.439937][ T8818] binder_alloc: 8817: binder_alloc_buf, no vma
[  314.595218][ T8822] loop0: detected capacity change from 0 to 128
[  314.636378][ T8822] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  314.710968][ T8822] ext4 filesystem being mounted at /135/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  314.932738][ T5830] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  315.084183][ T8833] netlink: 4 bytes leftover after parsing attributes in process `syz.0.687'.
[  315.309881][ T8833] batman_adv: batadv0: Removing interface: batadv_slave_0
[  315.367948][ T8833] batman_adv: batadv0: Removing interface: batadv_slave_1
[  315.927084][ T8607] chnl_net:caif_netlink_parms(): no params data found
[  316.228074][ T8848] loop6: detected capacity change from 0 to 8192
[  317.028632][ T8861] vlan0: entered allmulticast mode
[  317.034611][ T8861] veth1: entered allmulticast mode
[  317.062157][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  317.068602][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  317.248080][ T8871] loop6: detected capacity change from 0 to 1024
[  317.257259][ T8607] bridge0: port 1(bridge_slave_0) entered blocking state
[  317.286611][ T8607] bridge0: port 1(bridge_slave_0) entered disabled state
[  317.294220][ T8607] bridge_slave_0: entered allmulticast mode
[  317.344996][ T8871] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  317.357522][ T8877] loop0: detected capacity change from 0 to 1024
[  317.359468][ T8607] bridge_slave_0: entered promiscuous mode
[  317.379719][ T8877] EXT4-fs: Ignoring removed orlov option
[  317.436376][ T8607] bridge0: port 2(bridge_slave_1) entered blocking state
[  317.499961][ T8607] bridge0: port 2(bridge_slave_1) entered disabled state
[  317.537117][ T8607] bridge_slave_1: entered allmulticast mode
[  317.622354][ T8607] bridge_slave_1: entered promiscuous mode
[  317.643489][ T8877] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.356240][ T7196] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.386653][ T8607] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  318.428680][ T8607] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  318.479993][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.752124][ T8896] loop6: detected capacity change from 0 to 256
[  318.762539][ T8896] exfat: Deprecated parameter 'namecase'
[  319.445633][ T8896] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0x36bd6320, utbl_chksum : 0xe619d30d)
[  319.558528][   T49] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  319.753659][ T8898] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  319.794051][ T8607] team0: Port device team_slave_0 added
[  320.850107][ T8607] team0: Port device team_slave_1 added
[  320.907423][ T8904] netlink: 'syz.2.700': attribute type 3 has an invalid length.
[  320.917842][ T8904] netlink: 'syz.2.700': attribute type 3 has an invalid length.
[  321.152418][   T49] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.332397][ T8607] batman_adv: batadv0: Adding interface: batadv_slave_0
[  322.383173][ T8607] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  322.438977][ T8607] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  322.578245][   T49] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  322.766102][ T8607] batman_adv: batadv0: Adding interface: batadv_slave_1
[  322.773067][ T8607] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  323.645014][ T8607] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  323.803372][   T49] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  324.421998][ T8948] netlink: 8 bytes leftover after parsing attributes in process `syz.4.712'.
[  325.430942][ T8954] netlink: 788 bytes leftover after parsing attributes in process `syz.0.713'.
[  325.565101][ T8952] 8021q: VLANs not supported on vcan0
[  326.642369][ T8607] hsr_slave_0: entered promiscuous mode
[  326.800891][ T8607] hsr_slave_1: entered promiscuous mode
[  326.814269][ T8607] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  326.974103][ T8607] Cannot create hsr debugfs directory
[  327.112487][ T8982] rdma_op ffff8880310f41f0 conn xmit_rdma 0000000000000000
[  330.244067][ T9005] Cannot find del_set index 2 as target
[  330.940671][ T9008] futex_wake_op: syz.2.724 tries to shift op by -1; fix this program
[  331.253121][   T49] bridge_slave_1: left allmulticast mode
[  331.258885][   T49] bridge_slave_1: left promiscuous mode
[  331.297001][   T49] bridge0: port 2(bridge_slave_1) entered disabled state
[  331.352922][   T49] bridge_slave_0: left allmulticast mode
[  331.352985][   T49] bridge_slave_0: left promiscuous mode
[  331.353177][   T49] bridge0: port 1(bridge_slave_0) entered disabled state
[  333.412443][ T9034] loop0: detected capacity change from 0 to 8
[  333.475239][ T9034] SQUASHFS error: zlib decompression failed, data probably corrupt
[  333.495607][ T9034] SQUASHFS error: Failed to read block 0x9b: -5
[  333.513028][ T9034] SQUASHFS error: Unable to read metadata cache entry [99]
[  334.124586][ T9034] SQUASHFS error: Unable to read inode 0x127
[  334.342369][ T9032] netlink: 12 bytes leftover after parsing attributes in process `syz.0.731'.
[  334.662765][   T49] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  334.673194][   T49] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  334.684787][   T49] bond0 (unregistering): Released all slaves
[  334.732999][ T9032] netlink: 12 bytes leftover after parsing attributes in process `syz.0.731'.
[  337.511368][   T49] hsr_slave_0: left promiscuous mode
[  337.809734][   T49] hsr_slave_1: left promiscuous mode
[  338.409351][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  338.786689][   T49] batman_adv: batadv0: Removing interface: batadv_slave_0
[  338.832337][ T9085] loop2: detected capacity change from 0 to 4096
[  338.852399][   T49] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  338.901935][   T30] audit: type=1326 audit(1751278872.763:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  338.971516][ T9096] loop4: detected capacity change from 0 to 1024
[  338.978180][   T49] batman_adv: batadv0: Removing interface: batadv_slave_1
[  339.014956][   T30] audit: type=1326 audit(1751278872.763:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  339.111573][   T30] audit: type=1326 audit(1751278872.803:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  339.152636][ T9096] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  339.219826][ T9096] EXT4-fs (loop4): shut down requested (1)
[  339.241026][   T49] veth1_vlan: left promiscuous mode
[  339.446752][   T30] audit: type=1326 audit(1751278872.803:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f884d78e963 code=0x7ffc0000
[  339.469057][   T49] veth0_vlan: left promiscuous mode
[  339.475509][   T30] audit: type=1326 audit(1751278872.803:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f884d78d3df code=0x7ffc0000
[  339.531727][   T30] audit: type=1326 audit(1751278872.803:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f884d78e9b7 code=0x7ffc0000
[  339.605863][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.062221][   T30] audit: type=1326 audit(1751278872.803:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f884d78d290 code=0x7ffc0000
[  340.084954][   T30] audit: type=1326 audit(1751278872.803:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f884d78e52b code=0x7ffc0000
[  340.229347][   T30] audit: type=1326 audit(1751278872.843:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f884d78d58a code=0x7ffc0000
[  340.251899][   T30] audit: type=1326 audit(1751278872.843:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9095 comm="syz.4.747" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f884d78d58a code=0x7ffc0000
[  342.129611][ T9117] netlink: 'syz.4.749': attribute type 4 has an invalid length.
[  342.420444][   T49] team0 (unregistering): Port device team_slave_1 removed
[  342.483858][   T49] team0 (unregistering): Port device team_slave_0 removed
[  343.301142][ T9135] loop6: detected capacity change from 0 to 512
[  343.355211][ T9135] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  343.368262][ T9135] ext4 filesystem being mounted at /77/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  343.728785][ T8607] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  343.780083][ T8607] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  343.840064][ T8607] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  343.952618][ T8607] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  343.973829][ T7196] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  344.862234][ T9162] loop4: detected capacity change from 0 to 128
[  344.986810][ T9162] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  345.050533][ T8607] 8021q: adding VLAN 0 to HW filter on device bond0
[  345.071345][ T9162] ext4 filesystem being mounted at /166/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  345.750316][ T8607] 8021q: adding VLAN 0 to HW filter on device team0
[  345.929566][ T7908] bridge0: port 1(bridge_slave_0) entered blocking state
[  345.936758][ T7908] bridge0: port 1(bridge_slave_0) entered forwarding state
[  346.037769][ T7908] bridge0: port 2(bridge_slave_1) entered blocking state
[  346.044995][ T7908] bridge0: port 2(bridge_slave_1) entered forwarding state
[  346.343989][ T9181] loop6: detected capacity change from 0 to 1024
[  346.455844][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  346.458574][ T8607] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  346.567478][   T30] kauditd_printk_skb: 20 callbacks suppressed
[  346.567496][   T30] audit: type=1800 audit(1751278880.423:137): pid=9185 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.763" name="file1" dev="loop6" ino=20 res=0 errno=0
[  346.888198][   T30] audit: type=1326 audit(1751278880.753:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9186 comm="syz.4.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7fc00000
[  346.968109][   T30] audit: type=1326 audit(1751278880.753:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9186 comm="syz.4.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f884d78e929 code=0x7fc00000
[  347.278222][ T9201] block nbd6: NBD_DISCONNECT
[  347.287972][ T9201] block nbd6: Send disconnect failed -22
[  347.541602][   T30] audit: type=1326 audit(1751278881.393:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9186 comm="syz.4.764" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7fc00000
[  347.727206][ T9196] block nbd6: Disconnected due to user request.
[  347.736849][ T8607] 8021q: adding VLAN 0 to HW filter on device batadv0
[  347.772168][ T9196] block nbd6: shutting down sockets
[  349.841160][ T8607] veth0_vlan: entered promiscuous mode
[  349.861429][ T8607] veth1_vlan: entered promiscuous mode
[  350.002156][ T8607] veth0_macvtap: entered promiscuous mode
[  350.038897][ T8607] veth1_macvtap: entered promiscuous mode
[  352.004732][ T8607] batman_adv: batadv0: Interface activated: batadv_slave_0
[  352.036223][ T8607] batman_adv: batadv0: Interface activated: batadv_slave_1
[  352.072340][   T13] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  352.119558][   T13] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  352.135889][   T13] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  352.557703][   T13] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  353.007551][ T2984] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.597295][ T2984] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  353.672021][ T7908] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  353.680582][ T7908] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  355.860800][ T9291] netlink: 'syz.2.781': attribute type 1 has an invalid length.
[  356.099444][ T9291] 8021q: adding VLAN 0 to HW filter on device bond1
[  356.228238][ T5847] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  356.243457][ T5847] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  356.274808][ T5847] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  356.336312][ T9295] 8021q: adding VLAN 0 to HW filter on device bond1
[  356.343412][ T9295] bond1: (slave ipip0): The slave device specified does not support setting the MAC address
[  356.357877][ T9295] bond1: (slave ipip0): Error -95 calling set_mac_address
[  356.365235][ T5847] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  356.376098][ T5847] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  356.976376][ T9296] bond1: (slave ip6erspan0): making interface the new active one
[  356.985879][ T9296] bond1: (slave ip6erspan0): Enslaving as an active interface with an up link
[  357.138531][ T2984] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  357.668138][ T2984] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.586858][ T5850] Bluetooth: hci2: command tx timeout
[  358.740290][ T2984] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  358.912184][ T2984] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  360.292165][ T9298] chnl_net:caif_netlink_parms(): no params data found
[  360.392837][ T9354] netlink: 36 bytes leftover after parsing attributes in process `syz.6.794'.
[  360.468063][ T9359] netlink: 'syz.0.795': attribute type 1 has an invalid length.
[  360.495678][ T9354] netlink: 16 bytes leftover after parsing attributes in process `syz.6.794'.
[  360.841654][ T5850] Bluetooth: hci2: command tx timeout
[  361.052434][ T9354] netlink: 36 bytes leftover after parsing attributes in process `syz.6.794'.
[  361.087354][ T9354] netlink: 36 bytes leftover after parsing attributes in process `syz.6.794'.
[  361.099998][ T9359] 8021q: adding VLAN 0 to HW filter on device bond2
[  361.442994][ T9374] netlink: 4 bytes leftover after parsing attributes in process `syz.4.798'.
[  361.601840][ T9364] bond2: (slave gretap1): making interface the new active one
[  361.639047][ T9364] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  362.284973][ T2984] bridge_slave_1: left allmulticast mode
[  362.290647][ T2984] bridge_slave_1: left promiscuous mode
[  362.424149][ T2984] bridge0: port 2(bridge_slave_1) entered disabled state
[  362.508975][ T2984] bridge_slave_0: left allmulticast mode
[  362.539367][ T2984] bridge_slave_0: left promiscuous mode
[  362.561841][ T2984] bridge0: port 1(bridge_slave_0) entered disabled state
[  363.214836][ T5850] Bluetooth: hci2: command tx timeout
[  364.298667][ T2984] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  364.342674][ T2984] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  364.378383][ T2984] bond0 (unregistering): Released all slaves
[  364.681267][ T9390] syz_tun: entered allmulticast mode
[  364.689247][ T9390] syz_tun: left allmulticast mode
[  364.868274][ T9298] bridge0: port 1(bridge_slave_0) entered blocking state
[  364.887184][ T9298] bridge0: port 1(bridge_slave_0) entered disabled state
[  364.894417][ T9298] bridge_slave_0: entered allmulticast mode
[  365.080251][ T9298] bridge_slave_0: entered promiscuous mode
[  365.092366][ T9298] bridge0: port 2(bridge_slave_1) entered blocking state
[  365.154671][ T9422] bio_check_eod: 65 callbacks suppressed
[  365.154719][ T9422] syz.2.805: attempt to access beyond end of device
[  365.154719][ T9422] loop2: rw=2048, sector=2, nr_sectors = 1 limit=0
[  365.512641][ T9422] hfsplus: unable to find HFS+ superblock
[  365.604900][ T5847] Bluetooth: hci2: command tx timeout
[  366.083814][ T9298] bridge0: port 2(bridge_slave_1) entered disabled state
[  366.163267][ T9298] bridge_slave_1: entered allmulticast mode
[  366.563426][ T9298] bridge_slave_1: entered promiscuous mode
[  367.907597][  T982] libceph: connect (1)[c::]:6789 error -101
[  367.970410][  T982] libceph: mon0 (1)[c::]:6789 connect error
[  368.055579][ T9298] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  368.120503][ T9298] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  368.146558][ T5946] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  368.391869][ T5890] libceph: connect (1)[c::]:6789 error -101
[  368.404741][ T5890] libceph: mon0 (1)[c::]:6789 connect error
[  368.462713][ T9441] ceph: No mds server is up or the cluster is laggy
[  368.544562][ T5946] usb 3-1: Using ep0 maxpacket: 8
[  368.551390][ T5946] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  368.565789][ T5946] usb 3-1: New USB device found, idVendor=1345, idProduct=3008, bcdDevice= 0.00
[  368.884119][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  368.993377][ T5946] usb 3-1: config 0 descriptor??
[  369.602460][ T5946] usbhid 3-1:0.0: can't add hid device: -71
[  369.614422][ T5946] usbhid 3-1:0.0: probe with driver usbhid failed with error -71
[  369.782649][ T5946] usb 3-1: USB disconnect, device number 5
[  370.574780][ T2984] hsr_slave_0: left promiscuous mode
[  370.654074][ T2984] hsr_slave_1: left promiscuous mode
[  370.684783][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  370.692298][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_0
[  370.755251][ T2984] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  370.778174][ T2984] batman_adv: batadv0: Removing interface: batadv_slave_1
[  370.808196][ T9477] loop6: detected capacity change from 0 to 256
[  370.883106][ T2984] veth1_macvtap: left promiscuous mode
[  370.897336][ T9477] exfat: Deprecated parameter 'utf8'
[  370.907960][ T2984] veth0_macvtap: left promiscuous mode
[  370.917800][ T9477] exfat: Deprecated parameter 'utf8'
[  370.924128][ T2984] veth1_vlan: left promiscuous mode
[  371.001302][ T2984] veth0_vlan: left promiscuous mode
[  371.060680][ T9477] exFAT-fs (loop6): failed to load upcase table (idx : 0x00010000, chksum : 0xa943978a, utbl_chksum : 0xe619d30d)
[  371.814414][ T9492] Bluetooth: MGMT ver 1.23
[  372.605531][ T5946] usb 5-1: new high-speed USB device number 7 using dummy_hcd
[  372.825005][ T9502] overlayfs: failed to resolve './file1/file0': -2
[  373.171167][ T5946] usb 5-1: Using ep0 maxpacket: 16
[  373.192485][ T5946] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  373.233043][ T5946] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  373.276885][ T5946] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  373.290477][ T5946] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  373.312386][ T5946] usb 5-1: Product: syz
[  373.317060][ T5946] usb 5-1: Manufacturer: syz
[  373.326413][ T5946] usb 5-1: SerialNumber: syz
[  373.559710][ T5946] usb 5-1: 0:2 : does not exist
[  373.590650][ T5946] usb 5-1: 5:0: failed to get current value for ch 0 (-22)
[  373.661408][ T5946] usb 5-1: USB disconnect, device number 7
[  374.275996][ T6025] udevd[6025]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  376.519380][ T2984] team0 (unregistering): Port device team_slave_1 removed
[  376.945753][   T30] audit: type=1326 audit(1751278910.803:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  377.023503][   T30] audit: type=1326 audit(1751278910.803:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  377.040117][ T9536] vhci_hcd vhci_hcd.0: pdev(6) rhport(0) sockfd(7)
[  377.052390][ T9536] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless)
[  377.145096][   T30] audit: type=1326 audit(1751278910.803:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  377.181924][   T30] audit: type=1326 audit(1751278910.803:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda7918d290 code=0x7ffc0000
[  377.274909][ T5946] vhci_hcd: vhci_device speed not set
[  377.345098][ T2984] team0 (unregistering): Port device team_slave_0 removed
[  377.404593][   T30] audit: type=1326 audit(1751278910.803:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  377.432266][ T9536] vhci_hcd vhci_hcd.0: Device attached
[  377.454708][ T5946] usb 45-1: new full-speed USB device number 2 using vhci_hcd
[  378.074879][   T30] audit: type=1326 audit(1751278910.803:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fda7918d290 code=0x7ffc0000
[  378.111866][   T30] audit: type=1326 audit(1751278910.803:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  378.225797][   T30] audit: type=1326 audit(1751278910.803:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=61 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  378.308727][   T30] audit: type=1326 audit(1751278910.973:149): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  378.476630][   T30] audit: type=1326 audit(1751278910.973:150): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9537 comm="syz.2.831" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fda7918e929 code=0x7ffc0000
[  378.529652][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  378.536356][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  379.581119][ T9540] vhci_hcd: connection reset by peer
[  380.195716][ T7905] vhci_hcd: stop threads
[  380.201537][ T7905] vhci_hcd: release socket
[  380.221443][ T7905] vhci_hcd: disconnect device
[  382.610357][ T5946] vhci_hcd: vhci_device speed not set
[  384.144798][ T9298] team0: Port device team_slave_0 added
[  384.292212][ T9582] .: renamed from bond0 (while UP)
[  384.371710][ T9298] team0: Port device team_slave_1 added
[  384.938478][ T9601] loop4: detected capacity change from 0 to 512
[  384.962583][ T9298] batman_adv: batadv0: Adding interface: batadv_slave_0
[  385.004784][ T9298] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.041460][ T9298] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  385.071509][ T9601] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  385.390735][ T9298] batman_adv: batadv0: Adding interface: batadv_slave_1
[  385.417008][ T9298] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  385.573383][ T9601] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  385.597265][ T9298] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  385.654692][ T9601] ext4 filesystem being mounted at /193/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  385.674980][ T9608] loop0: detected capacity change from 0 to 512
[  385.715235][ T9606] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1220: group 0, block bitmap and bg descriptor inconsistent: 41 vs 39667 free clusters
[  385.730095][ T9608] EXT4-fs error (device loop0): __ext4_fill_super:5500: inode #2: comm syz.0.851: casefold flag without casefold feature
[  385.742888][ T9608] EXT4-fs (loop0): get root inode failed
[  385.779369][ T9608] EXT4-fs (loop0): mount failed
[  385.834815][ T9606] EXT4-fs (loop4): Remounting filesystem read-only
[  386.447070][ T9619] input: syz0 as /devices/virtual/input/input7
[  386.517873][ T9298] hsr_slave_0: entered promiscuous mode
[  386.626072][ T9298] hsr_slave_1: entered promiscuous mode
[  386.632402][ T9298] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  386.720015][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  386.743449][ T9298] Cannot create hsr debugfs directory
[  386.753076][ T9608] netlink: 'syz.0.851': attribute type 5 has an invalid length.
[  389.748451][ T9658] loop6: detected capacity change from 0 to 256
[  390.239322][ T9298] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  390.255097][ T9298] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  390.272877][ T9298] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  390.300675][ T9298] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  390.526421][ T9298] 8021q: adding VLAN 0 to HW filter on device bond0
[  390.605716][ T9298] 8021q: adding VLAN 0 to HW filter on device team0
[  390.661879][ T7357] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.669104][ T7357] bridge0: port 1(bridge_slave_0) entered forwarding state
[  390.737235][ T7357] bridge0: port 2(bridge_slave_1) entered blocking state
[  390.744435][ T7357] bridge0: port 2(bridge_slave_1) entered forwarding state
[  393.401879][ T9298] 8021q: adding VLAN 0 to HW filter on device batadv0
[  394.290385][ T9717] loop0: detected capacity change from 0 to 128
[  394.472193][ T9724] netlink: 12 bytes leftover after parsing attributes in process `syz.4.869'.
[  394.492836][ T9717] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  394.512633][ T9717] ext4 filesystem being mounted at /177/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  394.815414][ T5830] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  394.829161][ T9733] netlink: 'syz.4.870': attribute type 1 has an invalid length.
[  395.085706][ T9733] 8021q: adding VLAN 0 to HW filter on device bond0
[  395.824701][ T9738] bond0: (slave veth3): Enslaving as an active interface with a down link
[  396.419615][ T9741] vlan0: entered allmulticast mode
[  396.460773][ T9741] veth1: entered allmulticast mode
[  396.466605][ T9741] veth1: entered promiscuous mode
[  396.473280][ T9741] veth1: left promiscuous mode
[  396.505594][ T9741] bond0: (slave vlan0): making interface the new active one
[  396.514107][ T9741] veth1: entered promiscuous mode
[  396.605382][ T9741] vlan0: entered promiscuous mode
[  396.630165][ T9741] bond0: (slave vlan0): Enslaving as an active interface with an up link
[  396.742607][   T30] audit: type=1326 audit(1751278930.603:151): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9757 comm="syz.6.874" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f28db78e929 code=0x0
[  396.851432][ T9298] veth0_vlan: entered promiscuous mode
[  397.137352][ T9298] veth1_vlan: entered promiscuous mode
[  398.396058][ T9776] netlink: 28 bytes leftover after parsing attributes in process `syz.2.878'.
[  398.422242][ T9776] netlink: 'syz.2.878': attribute type 7 has an invalid length.
[  398.468641][ T9298] veth0_macvtap: entered promiscuous mode
[  398.494697][ T9776] netlink: 'syz.2.878': attribute type 8 has an invalid length.
[  398.507540][ T9298] veth1_macvtap: entered promiscuous mode
[  398.537345][ T9776] netlink: 4 bytes leftover after parsing attributes in process `syz.2.878'.
[  398.835470][ T9776] ip6gretap0: entered promiscuous mode
[  398.863397][ T9776] syz_tun: entered promiscuous mode
[  399.069765][ T9776] gretap0: entered promiscuous mode
[  399.155716][ T9776] debugfs: Directory 'hsr1' with parent 'hsr' already present!
[  399.163434][ T9776] Cannot create hsr debugfs directory
[  399.222140][ T9298] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.338172][ T9298] batman_adv: batadv0: Interface activated: batadv_slave_1
[  399.421601][ T7912] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  399.453718][ T7912] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  399.489338][   T36] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  399.531807][   T36] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  399.811244][ T9792] loop2: detected capacity change from 0 to 32768
[  399.869109][ T9792] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  399.881250][ T9792] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  399.968985][ T9792] gfs2: fsid=syz:syz.0: journal 0 mapped with 3 extents in 0ms
[  399.988202][ T5890] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  400.004751][ T5890] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  400.207345][ T7905] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  400.260304][ T7905] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  400.322893][ T5890] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 318ms
[  400.528724][ T5890] gfs2: fsid=syz:syz.0: jid=0: Done
[  400.535359][ T9792] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  401.384520][ T9792] gfs2: fsid=syz:syz.0: Corruption found in quota_change0file: duplicate identifier in slot 57405
[  401.396038][ T9792] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed - function = gfs2_qd_dispose, file = fs/gfs2/quota.c, line = 129
[  401.409684][ T9792] CPU: 0 UID: 0 PID: 9792 Comm: syz.2.881 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  401.409709][ T9792] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  401.409724][ T9792] Call Trace:
[  401.409732][ T9792]  <TASK>
[  401.409741][ T9792]  dump_stack_lvl+0x189/0x250
[  401.409783][ T9792]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.409812][ T9792]  ? __pfx_dump_stack_lvl+0x10/0x10
[  401.409839][ T9792]  ? __pfx__printk+0x10/0x10
[  401.409863][ T9792]  ? gfs2_assert_warn_i+0x139/0x2c0
[  401.409893][ T9792]  gfs2_assert_warn_i+0x194/0x2c0
[  401.409923][ T9792]  gfs2_qd_dispose+0x4aa/0x5b0
[  401.409947][ T9792]  gfs2_quota_init+0xcc8/0x1230
[  401.409965][ T9792]  ? __lock_acquire+0xab9/0xd20
[  401.410009][ T9792]  ? __pfx_gfs2_quota_init+0x10/0x10
[  401.410028][ T9792]  ? __pfx_wake_up_bit+0x10/0x10
[  401.410054][ T9792]  ? inode_go_inval+0x259/0x2c0
[  401.410077][ T9792]  gfs2_make_fs_rw+0x181/0x2b0
[  401.410104][ T9792]  gfs2_fill_super+0x1a7b/0x20d0
[  401.410143][ T9792]  ? __pfx_gfs2_fill_super+0x10/0x10
[  401.410169][ T9792]  ? init_locking+0xb8/0x210
[  401.410189][ T9792]  ? sb_set_blocksize+0x104/0x180
[  401.410211][ T9792]  ? setup_bdev_super+0x4c1/0x5b0
[  401.410242][ T9792]  get_tree_bdev_flags+0x40e/0x4d0
[  401.410268][ T9792]  ? __pfx_gfs2_fill_super+0x10/0x10
[  401.410289][ T9792]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  401.410316][ T9792]  ? rcu_is_watching+0x15/0xb0
[  401.410346][ T9792]  gfs2_get_tree+0x51/0x1e0
[  401.410370][ T9792]  vfs_get_tree+0x8f/0x2b0
[  401.410404][ T9792]  do_new_mount+0x24a/0xa40
[  401.410432][ T9792]  __se_sys_mount+0x317/0x410
[  401.410457][ T9792]  ? __pfx___se_sys_mount+0x10/0x10
[  401.410482][ T9792]  ? do_syscall_64+0xbe/0x3b0
[  401.410497][ T9792]  ? __x64_sys_mount+0x20/0xc0
[  401.410518][ T9792]  do_syscall_64+0xfa/0x3b0
[  401.410534][ T9792]  ? lockdep_hardirqs_on+0x9c/0x150
[  401.410559][ T9792]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.410577][ T9792]  ? clear_bhb_loop+0x60/0xb0
[  401.410599][ T9792]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  401.410621][ T9792] RIP: 0033:0x7fda791900ca
[  401.410641][ T9792] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  401.410657][ T9792] RSP: 002b:00007fda79f70e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  401.410678][ T9792] RAX: ffffffffffffffda RBX: 00007fda79f70ef0 RCX: 00007fda791900ca
[  401.410692][ T9792] RDX: 0000200000000000 RSI: 0000200000001c00 RDI: 00007fda79f70eb0
[  401.410705][ T9792] RBP: 0000200000000000 R08: 00007fda79f70ef0 R09: 0000000001000800
[  401.410718][ T9792] R10: 0000000001000800 R11: 0000000000000246 R12: 0000200000001c00
[  401.410730][ T9792] R13: 00007fda79f70eb0 R14: 0000000000012613 R15: 0000200000000100
[  401.410761][ T9792]  </TASK>
[  401.525827][ T7908] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  401.527609][ T9792] gfs2: fsid=syz:syz.0: found 1 quota changes
[  401.534877][ T7908] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  402.568991][ T9829] loop4: detected capacity change from 0 to 16
[  402.583676][ T9829] erofs (device loop4): mounted with root inode @ nid 36.
[  403.046724][ T9833] loop0: detected capacity change from 0 to 8
[  403.204759][ T9833] SQUASHFS error: Unknown LZ4 version
[  403.260140][ T9833] squashfs image failed sanity check
[  404.350634][ T9840] kvm: pic: single mode not supported
[  404.350794][ T9840] kvm: pic: level sensitive irq not supported
[  404.467891][ T9840] kvm: pic: single mode not supported
[  407.228603][ T9890] loop4: detected capacity change from 0 to 64
[  407.673993][ T9890] BFS-fs: bfs_fill_super(): loop4 is unclean, continuing
[  407.733526][ T9890] BFS-fs: bfs_fill_super(): Inode 0x00000002 corrupted on loop4
[  407.781843][ T9897] loop2: detected capacity change from 0 to 1024
[  407.856185][ T9897] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  407.892906][ T9890] netlink: 'syz.4.900': attribute type 2 has an invalid length.
[  407.946519][ T9897] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  408.004533][ T9897] JBD2: no valid journal superblock found
[  408.010309][ T9897] EXT4-fs (loop2): Could not load journal inode
[  408.100041][ T9900] loop0: detected capacity change from 0 to 1024
[  408.197756][ T9900] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  408.204123][ T9900] hfsplus: xattr searching failed
[  408.268733][   T30] audit: type=1800 audit(1751278942.133:152): pid=9900 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.903" name="memory.events" dev="loop0" ino=26 res=0 errno=0
[  408.298630][ T9906] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  408.324603][ T9906] hfsplus: xattr searching failed
[  408.399482][ T9900] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  408.437867][ T9900] hfsplus: xattr search failed
[  408.460219][ T9900] hfsplus: inconsistency in B*Tree (9,1,255,1,0)
[  408.516581][ T9900] hfsplus: xattr search failed
[  408.639849][ T9905] loop2: detected capacity change from 0 to 8192
[  408.731284][ T9916] loop6: detected capacity change from 0 to 16
[  408.795227][ T9916] erofs (device loop6): mounted with root inode @ nid 36.
[  408.980162][ T9905] FAT-fs (loop2): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  409.235528][ T7905] hfsplus: b-tree write err: -5, ino 4
[  410.350786][ T5833] usb 7-1: new high-speed USB device number 2 using dummy_hcd
[  410.543233][ T5833] usb 7-1: Using ep0 maxpacket: 8
[  410.572188][ T9938] netfs: Couldn't get user pages (rc=-14)
[  410.586990][ T5833] usb 7-1: New USB device found, idVendor=04a5, idProduct=3003, bcdDevice=3a.b2
[  410.612345][ T5833] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  410.644396][ T5833] usb 7-1: Product: syz
[  410.658626][ T5833] usb 7-1: Manufacturer: syz
[  410.673458][ T5833] usb 7-1: SerialNumber: syz
[  410.693734][ T5833] usb 7-1: config 0 descriptor??
[  411.332231][ T5833] gspca_main: sunplus-2.14.0 probing 04a5:3003
[  411.360315][ T5833] gspca_sunplus: reg_w_riv err -71
[  411.394790][ T5833] sunplus 7-1:0.0: probe with driver sunplus failed with error -71
[  411.438955][ T5833] usb 7-1: USB disconnect, device number 2
[  412.514737][ T9961] loop2: detected capacity change from 0 to 8192
[  412.649791][ T9973] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  412.658728][ T9967] vlan2: entered allmulticast mode
[  412.778013][ T9981] netlink: 'syz.0.922': attribute type 10 has an invalid length.
[  413.279059][ T9981] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  413.319356][ T9973] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  413.354645][ T9973] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  413.386528][ T9973] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  413.410517][ T9973] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  413.465069][ T9973] fanotify: failed to encode fid (type=0, len=0, err=-2)
[  413.494645][ T7905] vlan0: left promiscuous mode
[  414.514631][ T5916] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  414.716105][ T5916] usb 8-1: Using ep0 maxpacket: 32
[  414.903545][ T5916] usb 8-1: config index 0 descriptor too short (expected 35577, got 27)
[  415.124530][ T5916] usb 8-1: config 1 has too many interfaces: 92, using maximum allowed: 32
[  415.716394][ T5916] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 92
[  415.731740][ T5916] usb 8-1: config 1 has no interface number 0
[  415.737903][ T5916] usb 8-1: config 1 interface 1 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  415.748126][ T5916] usb 8-1: config 1 interface 1 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 17
[  415.762378][ T5916] usb 8-1: New USB device found, idVendor=0e41, idProduct=5051, bcdDevice=d5.e8
[  415.773808][ T5916] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  415.896340][ T5916] snd_usb_pod 8-1:1.1: Line 6 Pocket POD found
[  417.117401][ T9989] kvm: pic: non byte read
[  417.161912][T10022] loop4: detected capacity change from 0 to 1024
[  417.182498][ T9989] kvm: pic: non byte read
[  417.215100][ T9989] kvm: pic: non byte read
[  417.298142][ T9989] kvm: pic: single mode not supported
[  417.298163][ T9989] kvm: pic: level sensitive irq not supported
[  417.445740][ T9989] kvm: pic: non byte read
[  417.496847][ T9989] kvm: pic: single mode not supported
[  417.496865][ T9989] kvm: pic: level sensitive irq not supported
[  417.694818][ T9989] kvm: pic: non byte read
[  419.153023][ T5916] snd_usb_pod 8-1:1.1: set_interface failed
[  419.257981][ T5916] snd_usb_pod 8-1:1.1: Line 6 Pocket POD now disconnected
[  419.306552][ T5916] snd_usb_pod 8-1:1.1: probe with driver snd_usb_pod failed with error -71
[  419.696999][ T5916] usb 8-1: USB disconnect, device number 2
[  420.337170][T10047] netdevsim netdevsim7: Direct firmware load for ./file0 failed with error -2
[  420.346301][T10047] netdevsim netdevsim7: Falling back to sysfs fallback for: ./file0
[  422.273622][T10066] loop0: detected capacity change from 0 to 2048
[  422.296752][T10066] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  423.290353][T10069] TCP: out of memory -- consider tuning tcp_mem
[  423.565234][   T30] audit: type=1800 audit(1751278957.433:153): pid=10082 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.943" name="file1" dev="loop0" ino=1346 res=0 errno=0
[  423.958617][T10094] netlink: 4 bytes leftover after parsing attributes in process `syz.6.949'.
[  427.517949][T10125] netlink: 12 bytes leftover after parsing attributes in process `syz.7.956'.
[  427.528766][T10125] netlink: 12 bytes leftover after parsing attributes in process `syz.7.956'.
[  428.214972][T10134] ptrace attach of "./syz-executor exec"[5832] was attempted by "                                                                                                                                                                                                                                                                                                                                eth0 #�u��u0*�i��Ƈ޿_���k�.\x22��#p�/��yL�a��~+>�����3�l{@!2�!��9k��\x0b8I$�Q�=r���\x09/�vӧ�J��#KT���_$A=z�/X�mOX)s�޾_�N���)��6m\x0a\x0b
�뻑z�|d\x1b��yx�\x1bLTrw�|0\x09���\x5c�[� �]V:�Þ\x07x��.TTϿ��a%�Q�CuT����
YZy�!��Ѧ7�vs�\x07��j*�I��{]���*�5Jt�sĪ�~��0�fۮG����:Q\x1b㣤}�`e�L��\x0d�y�g1�\x09i/!�,�u��~)�\x1b2����j�����N��Th�\x1bo:�\x0bq7S�H�L���B��q�(���[�aF����*q�� �v� AN�����Te��L��+u�^����\x07���sha 넙���LD�7�DQ�2!8,�%$��֜y�K������ƴ�����%:��0��d��LWՐ�l\x1b��\x0bh�=m�.�\x0bh��Q}�8/��P��+:�E\x5c�Ԭ��ט���լ�C�R�r^g�Q(�>⺨=\x0c04��*@v���Tځg�:hzW6s)x���\x
[  429.530388][T10149] loop2: detected capacity change from 0 to 8
[  430.269186][   T30] audit: type=1800 audit(1751278964.133:154): pid=10148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.960" name="file1" dev="loop2" ino=5 res=0 errno=0
[  430.296187][T10148] SQUASHFS error: Failed to read block 0x2fc: -5
[  430.302936][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.310304][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.317115][T10148] SQUASHFS error: Failed to read block 0xfc: -5
[  430.325071][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.332360][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.339723][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.347343][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.354845][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.362117][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.370458][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.377902][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.384825][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.392104][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.398937][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.406239][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.413032][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.420333][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  430.427402][T10148] SQUASHFS error: Unable to read metadata cache entry [2fa]
[  430.434706][T10148] SQUASHFS error: read_indexes: reading block [2fa:0]
[  432.562128][T10186] xt_TPROXY: Can be used only with -p tcp or -p udp
[  436.524685][ T5890] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  436.794829][ T5833] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  437.012259][ T5833] usb 8-1: Using ep0 maxpacket: 16
[  437.073999][ T5833] usb 8-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[  437.087257][ T5890] usb 3-1: config 0 has an invalid interface number: 255 but max is 0
[  437.099375][ T5890] usb 3-1: config 0 has no interface number 0
[  437.114633][ T5890] usb 3-1: too many endpoints for config 0 interface 255 altsetting 255: 255, using maximum allowed: 30
[  437.150076][ T5833] usb 8-1: New USB device found, idVendor=1fd2, idProduct=6007, bcdDevice= 0.00
[  437.164584][ T5890] usb 3-1: config 0 interface 255 altsetting 255 has 0 endpoint descriptors, different from the interface descriptor's value: 255
[  437.194736][ T5833] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.227230][ T5890] usb 3-1: config 0 interface 255 has no altsetting 0
[  437.237317][ T5890] usb 3-1: New USB device found, idVendor=0bda, idProduct=0177, bcdDevice=7d.0b
[  437.248522][ T5833] usb 8-1: config 0 descriptor??
[  437.259339][ T5890] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  437.297211][ T5890] usb 3-1: config 0 descriptor??
[  437.332817][ T5890] ums-realtek 3-1:0.255: USB Mass Storage device detected
[  437.602242][ T5890] usb 3-1: USB disconnect, device number 6
[  437.656007][T10243] netlink: 'syz.4.980': attribute type 4 has an invalid length.
[  437.766227][T10247] netlink: 'syz.4.980': attribute type 4 has an invalid length.
[  438.239659][ T5833] usb 8-1: USB disconnect, device number 3
[  438.774679][ T5833] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  439.447950][ T5833] usb 8-1: Using ep0 maxpacket: 32
[  439.507369][ T5833] usb 8-1: config 2 has an invalid interface number: 66 but max is 0
[  439.542708][ T5833] usb 8-1: config 2 has no interface number 0
[  439.949000][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  439.959409][ T5833] usb 8-1: config 2 interface 66 altsetting 0 endpoint 0xC has an invalid bInterval 0, changing to 7
[  439.963383][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  440.169474][ T5833] usb 8-1: New USB device found, idVendor=046d, idProduct=08c6, bcdDevice= b.5d
[  440.206799][ T5833] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  440.233431][ T5833] usb 8-1: Product: syz
[  440.271334][ T5833] usb 8-1: Manufacturer: syz
[  440.777304][ T5833] usb 8-1: SerialNumber: syz
[  440.977147][ T5833] usb 8-1: Found UVC 0.00 device syz (046d:08c6)
[  441.022960][ T5833] usb 8-1: No valid video chain found.
[  442.327081][ T5946] usb 8-1: USB disconnect, device number 4
[  446.166863][ T5946] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  446.230559][T10353] loop6: detected capacity change from 0 to 2048
[  446.858309][T10353] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  446.924926][ T5946] usb 3-1: config 0 has no interfaces?
[  447.017549][ T5946] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  447.271452][ T5946] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  447.509827][ T5946] usb 3-1: SerialNumber: syz
[  448.125748][ T5946] usb 3-1: config 0 descriptor??
[  448.744269][T10372] loop0: detected capacity change from 0 to 1024
[  448.752715][T10372] EXT4-fs: Ignoring removed orlov option
[  448.759079][T10372] EXT4-fs: Ignoring removed nomblk_io_submit option
[  448.828379][ T5946] usb 3-1: can't set config #0, error -71
[  448.921084][T10372] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  448.988510][ T5946] usb 3-1: USB disconnect, device number 7
[  449.064577][   T30] audit: type=1326 audit(1751278982.913:155): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  449.560858][   T30] audit: type=1326 audit(1751278982.913:156): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  449.585005][   T30] audit: type=1326 audit(1751278982.913:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  450.617987][   T30] audit: type=1326 audit(1751278982.913:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  450.854561][   T30] audit: type=1326 audit(1751278982.913:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  450.856448][ T5830] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.894572][   T30] audit: type=1326 audit(1751278982.953:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  451.023046][   T30] audit: type=1326 audit(1751278982.953:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  451.175276][T10402] loop7: detected capacity change from 0 to 64
[  451.542577][   T30] audit: type=1326 audit(1751278982.953:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  453.006029][   T30] audit: type=1326 audit(1751278982.953:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=302 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  453.056603][   T30] audit: type=1326 audit(1751278982.953:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10371 comm="syz.0.1007" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f10c018e929 code=0x7ffc0000
[  453.411698][T10412] loop7: detected capacity change from 0 to 1024
[  453.469896][T10412] ext4: Unknown parameter 'fsmagic'
[  453.708035][T10421] xt_TPROXY: Can be used only with -p tcp or -p udp
[  456.671080][ T5988] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  456.857335][ T5988] usb 1-1: Using ep0 maxpacket: 32
[  456.871752][ T5988] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  456.909858][ T5988] usb 1-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  456.920920][ T5988] usb 1-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  456.933864][ T5988] usb 1-1: Product: syz
[  456.939869][ T5988] usb 1-1: Manufacturer: syz
[  456.953078][ T5988] usb 1-1: SerialNumber: syz
[  456.976462][ T5988] usb 1-1: config 0 descriptor??
[  456.996601][T10445] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  457.032432][ T5988] hub 1-1:0.0: bad descriptor, ignoring hub
[  457.052196][ T5988] hub 1-1:0.0: probe with driver hub failed with error -5
[  457.168534][T10469] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1027'.
[  458.147167][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806b207000: rx timeout, send abort
[  458.156773][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806b207800: rx timeout, send abort
[  458.655486][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806b207000: abort rx timeout. Force session deactivation
[  458.668004][    C1] vcan0: j1939_tp_rxtimer: 0xffff88806b207800: abort rx timeout. Force session deactivation
[  459.241484][T10445] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  461.414541][T10516] tipc: Started in network mode
[  461.447379][T10516] tipc: Node identity , cluster identity 4711
[  461.473093][T10516] tipc: Failed to obtain node identity
[  461.484440][T10516] tipc: Enabling of bearer <eth:caif0> rejected, failed to enable media
[  462.919166][T10532] binder_alloc: 10531: binder_alloc_buf, no vma
[  463.288174][T10540] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1044'.
[  463.294175][T10539] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1043'.
[  463.382617][T10540] bridge1: port 1(ip6gretap1) entered blocking state
[  463.393290][T10539] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1043'.
[  463.403851][T10540] bridge1: port 1(ip6gretap1) entered disabled state
[  463.414016][T10540] ip6gretap1: entered allmulticast mode
[  463.437269][T10539] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1043'.
[  463.458645][T10540] ip6gretap1: entered promiscuous mode
[  463.473798][T10539] netlink: 36 bytes leftover after parsing attributes in process `syz.7.1043'.
[  463.987621][T10546] veth3: entered promiscuous mode
[  464.003413][T10546] bridge1: port 2(veth3) entered blocking state
[  464.014027][T10553] loop2: detected capacity change from 0 to 512
[  464.022362][T10546] bridge1: port 2(veth3) entered disabled state
[  464.047396][T10546] veth3: entered allmulticast mode
[  464.055696][T10553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  464.092777][T10553] ext4 filesystem being mounted at /237/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  464.688940][T10445] usb 1-1: device descriptor read/64, error -110
[  464.750872][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  464.984613][T10445] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  465.734662][T10445] usb 1-1: device descriptor read/64, error -32
[  465.978650][T10580] netlink: 'syz.4.1052': attribute type 4 has an invalid length.
[  466.017844][T10445] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  466.110419][T10445] usb 1-1: device descriptor read/8, error -32
[  466.915767][T10445] usb 1-1: reset high-speed USB device number 6 using dummy_hcd
[  466.945079][T10445] usb 1-1: device descriptor read/8, error -32
[  467.184850][ T5988] usb 1-1: USB disconnect, device number 6
[  468.912905][T10613] netlink: 28 bytes leftover after parsing attributes in process `syz.4.1059'.
[  470.713139][T10635] loop2: detected capacity change from 0 to 4096
[  471.148267][T10635] EXT4-fs (loop2): Test dummy encryption mode enabled
[  471.176960][T10635] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[  471.220314][T10635] System zones: 0-5
[  471.234945][T10635] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  471.554218][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  476.352531][T10684] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1074'.
[  476.371978][T10684] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1074'.
[  476.510118][   T30] kauditd_printk_skb: 15 callbacks suppressed
[  476.510137][   T30] audit: type=1326 audit(1751279010.373:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10662 comm="syz.6.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28db78e929 code=0x7fc00000
[  476.678802][   T30] audit: type=1326 audit(1751279010.373:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10662 comm="syz.6.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f28db78e929 code=0x7fc00000
[  477.734842][   T30] audit: type=1326 audit(1751279010.373:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10662 comm="syz.6.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28db78e929 code=0x7fc00000
[  478.298101][   T30] audit: type=1326 audit(1751279010.373:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10662 comm="syz.6.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28db78e929 code=0x7fc00000
[  478.320539][   T30] audit: type=1326 audit(1751279010.373:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10662 comm="syz.6.1070" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f28db78e929 code=0x7fc00000
[  478.733371][T10706] loop2: detected capacity change from 0 to 32768
[  480.064517][T10718] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  483.079375][ T5850] Bluetooth: hci2: command 0x0406 tx timeout
[  485.832809][T10762] loop0: detected capacity change from 0 to 128
[  488.107769][T10756] syz.4.1093: vmalloc error: size 16781312, failed to allocated page array size 32776, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1
[  488.244763][T10756] CPU: 1 UID: 0 PID: 10756 Comm: syz.4.1093 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  488.244794][T10756] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  488.244802][T10756] Call Trace:
[  488.244807][T10756]  <TASK>
[  488.244813][T10756]  dump_stack_lvl+0x189/0x250
[  488.244836][T10756]  ? __pfx_dump_stack_lvl+0x10/0x10
[  488.244850][T10756]  ? __pfx__printk+0x10/0x10
[  488.244861][T10756]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  488.244875][T10756]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  488.244890][T10756]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  488.244905][T10756]  warn_alloc+0x214/0x310
[  488.244919][T10756]  ? __pfx_warn_alloc+0x10/0x10
[  488.244933][T10756]  ? __get_vm_area_node+0x28f/0x300
[  488.244947][T10756]  ? translate_table+0x19b/0x2040
[  488.244963][T10756]  __vmalloc_node_range_noprof+0x67e/0x12f0
[  488.245005][T10756]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  488.245035][T10756]  ? rcu_is_watching+0x15/0xb0
[  488.245060][T10756]  ? translate_table+0x19b/0x2040
[  488.245078][T10756]  ? translate_table+0x19b/0x2040
[  488.245094][T10756]  __kvmalloc_node_noprof+0x3b8/0x5f0
[  488.245121][T10756]  ? translate_table+0x19b/0x2040
[  488.245138][T10756]  ? xt_alloc_table_info+0x3b/0xa0
[  488.245167][T10756]  translate_table+0x19b/0x2040
[  488.245202][T10756]  ? __lock_acquire+0xab9/0xd20
[  488.245229][T10756]  ? __pfx_translate_table+0x10/0x10
[  488.245251][T10756]  ? __might_fault+0xb0/0x130
[  488.245297][T10756]  ? _copy_from_user+0x94/0xb0
[  488.245329][T10756]  do_ip6t_set_ctl+0x970/0xce0
[  488.245357][T10756]  ? rcu_is_watching+0x15/0xb0
[  488.245379][T10756]  ? __pfx_do_ip6t_set_ctl+0x10/0x10
[  488.245419][T10756]  ? __pfx___mutex_lock+0x10/0x10
[  488.245437][T10756]  ? __pfx___mutex_unlock_slowpath+0x10/0x10
[  488.245457][T10756]  ? aa_sk_perm+0x81e/0x950
[  488.245483][T10756]  ? __pfx_aa_sk_perm+0x10/0x10
[  488.245512][T10756]  nf_setsockopt+0x26c/0x290
[  488.245534][T10756]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  488.245563][T10756]  do_sock_setsockopt+0x25a/0x3e0
[  488.245584][T10756]  ? __pfx_do_sock_setsockopt+0x10/0x10
[  488.245615][T10756]  ? __fget_files+0x2a/0x420
[  488.245642][T10756]  __x64_sys_setsockopt+0x18b/0x220
[  488.245670][T10756]  do_syscall_64+0xfa/0x3b0
[  488.245687][T10756]  ? lockdep_hardirqs_on+0x9c/0x150
[  488.245712][T10756]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.245731][T10756]  ? clear_bhb_loop+0x60/0xb0
[  488.245753][T10756]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  488.245772][T10756] RIP: 0033:0x7f884d78e929
[  488.245789][T10756] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  488.245805][T10756] RSP: 002b:00007f884e5e5038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  488.245824][T10756] RAX: ffffffffffffffda RBX: 00007f884d9b5fa0 RCX: 00007f884d78e929
[  488.245845][T10756] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000005
[  488.245856][T10756] RBP: 00007f884d810b39 R08: 00000000000002f8 R09: 0000000000000000
[  488.245868][T10756] R10: 0000200000000440 R11: 0000000000000246 R12: 0000000000000000
[  488.245880][T10756] R13: 0000000000000000 R14: 00007f884d9b5fa0 R15: 00007fff5acd0088
[  488.245910][T10756]  </TASK>
[  488.246702][T10756] Mem-Info:
[  488.995304][T10756] active_anon:18725 inactive_anon:0 isolated_anon:0
[  488.995304][T10756]  active_file:11283 inactive_file:40355 isolated_file:0
[  488.995304][T10756]  unevictable:768 dirty:382 writeback:0
[  488.995304][T10756]  slab_reclaimable:11474 slab_unreclaimable:111541
[  488.995304][T10756]  mapped:32540 shmem:11512 pagetables:1766
[  488.995304][T10756]  sec_pagetables:0 bounce:0
[  488.995304][T10756]  kernel_misc_reclaimable:0
[  488.995304][T10756]  free:1286434 free_pcp:14932 free_cma:0
[  489.185096][T10756] Node 0 active_anon:79540kB inactive_anon:0kB active_file:45132kB inactive_file:161216kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:135060kB dirty:1436kB writeback:0kB shmem:49412kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13400kB pagetables:6832kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  489.247918][T10756] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:48kB pagetables:136kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  489.308632][T10756] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  490.164325][T10756] lowmem_reserve[]: 0 2498 2500 2500 2500
[  490.170591][T10756] Node 0 DMA32 free:1216772kB boost:0kB min:34248kB low:42808kB high:51368kB reserved_highatomic:0KB free_highatomic:0KB active_anon:93228kB inactive_anon:0kB active_file:45132kB inactive_file:159640kB unevictable:1536kB writepending:1456kB present:3129332kB managed:2558440kB mlocked:0kB bounce:0kB free_pcp:42820kB local_pcp:14208kB free_cma:0kB
[  490.314242][T10756] lowmem_reserve[]: 0 0 1 1 1
[  490.332690][T10756] Node 0 Normal free:12kB boost:0kB min:20kB low:24kB high:28kB reserved_highatomic:0KB free_highatomic:0KB active_anon:48kB inactive_anon:0kB active_file:0kB inactive_file:1576kB unevictable:0kB writepending:0kB present:1048580kB managed:1644kB mlocked:0kB bounce:0kB free_pcp:8kB local_pcp:8kB free_cma:0kB
[  490.524611][T10756] lowmem_reserve[]: 0 0 0 0 0
[  490.535211][T10756] Node 1 Normal free:3890104kB boost:0kB min:55632kB low:69540kB high:83448kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:204kB unevictable:1536kB writepending:0kB present:4194300kB managed:4111164kB mlocked:0kB bounce:0kB free_pcp:21616kB local_pcp:11424kB free_cma:0kB
[  490.601634][T10756] lowmem_reserve[]: 0 0 0 0 0
[  490.636831][T10756] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  490.654201][T10796] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1101'.
[  490.661935][T10756] Node 0 DMA32: 46*4kB (UME) 6*8kB (UE) 2*16kB (UE) 116*32kB (UME) 128*64kB (UME) 37*128kB (UME) 32*256kB (UME) 21*512kB (UM) 13*1024kB (UME) 5*2048kB (UM) 284*4096kB (UM) = 1222664kB
[  490.694742][ T5946] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  490.727101][T10756] Node 0 Normal: 1*4kB (M) 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 12kB
[  490.777610][T10756] Node 1 Normal: 202*4kB (UE) 56*8kB (UME) 41*16kB (UME) 118*32kB (UME) 31*64kB (UME) 6*128kB (UME) 3*256kB (ME) 4*512kB (UME) 2*1024kB (ME) 1*2048kB (E) 946*4096kB (M) = 3890168kB
[  490.848667][T10800] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1101'.
[  490.864583][T10756] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  490.898365][ T5946] usb 1-1: Using ep0 maxpacket: 32
[  490.906585][T10756] Node 0 hugepages_total=2 hugepages_free=0 hugepages_surp=0 hugepages_size=2048kB
[  490.917880][ T5946] usb 1-1: config 0 has an invalid interface number: 12 but max is 0
[  490.929799][ T5946] usb 1-1: config 0 has no interface number 0
[  490.976415][T10756] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  490.987128][ T5946] usb 1-1: config 0 interface 12 has no altsetting 0
[  491.028102][T10756] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  491.030531][ T5946] usb 1-1: New USB device found, idVendor=2c42, idProduct=1202, bcdDevice=85.40
[  491.041028][T10806] netlink: 28 bytes leftover after parsing attributes in process `syz.6.1103'.
[  491.069304][T10756] 61874 total pagecache pages
[  491.128020][T10756] 0 pages in swap cache
[  491.196752][T10756] Free swap  = 124996kB
[  491.233196][T10806] netlink: 8 bytes leftover after parsing attributes in process `syz.6.1103'.
[  491.248412][T10756] Total swap = 124996kB
[  491.252899][T10756] 2097051 pages RAM
[  491.257391][ T5946] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  491.263385][T10756] 0 pages HighMem/MovableOnly
[  491.321987][T10756] 425399 pages reserved
[  491.338506][T10756] 0 pages cma reserved
[  491.344080][T10808] netlink: 'syz.6.1103': attribute type 10 has an invalid length.
[  491.377845][T10808] bridge0: port 3(team0) entered blocking state
[  491.381169][ T5946] usb 1-1: Product: syz
[  491.521124][T10808] bridge0: port 3(team0) entered disabled state
[  491.524639][ T5946] usb 1-1: Manufacturer: syz
[  491.531986][ T5946] usb 1-1: SerialNumber: syz
[  491.587742][T10808] team0: entered allmulticast mode
[  491.593171][T10810] loop7: detected capacity change from 0 to 16
[  491.624747][ T5946] usb 1-1: config 0 descriptor??
[  491.627640][T10810] erofs (device loop7): mounted with root inode @ nid 36.
[  491.644916][T10808] team_slave_0: entered allmulticast mode
[  491.664415][T10808] team_slave_1: entered allmulticast mode
[  491.687886][T10808] team0: entered promiscuous mode
[  491.707778][T10808] team_slave_0: entered promiscuous mode
[  491.722061][T10808] team_slave_1: entered promiscuous mode
[  491.742725][T10808] bridge0: port 3(team0) entered blocking state
[  491.749163][T10808] bridge0: port 3(team0) entered forwarding state
[  494.884700][ T5946] f81534 1-1:0.12: f81534_set_register: reg: 1002 data: 2f failed: -71
[  494.895325][ T5946] f81534 1-1:0.12: f81534_find_config_idx: read failed: -71
[  494.913768][ T9298] erofs (device loop7): bogus dirent @ nid 46
[  494.953226][ T5833] IPVS: starting estimator thread 0...
[  494.963772][ T5946] f81534 1-1:0.12: f81534_calc_num_ports: find idx failed: -71
[  495.021631][ T9298] erofs (device loop7): invalid de[0].nameoff 0 @ nid 89
[  495.088699][T10838] IPVS: using max 32 ests per chain, 76800 per kthread
[  495.096872][ T5946] f81534 1-1:0.12: probe with driver f81534 failed with error -71
[  495.254957][ T9298] erofs (device loop7): invalid de[0].nameoff 0 @ nid 89
[  495.523060][ T5946] usb 1-1: USB disconnect, device number 8
[  497.601161][T10870] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  501.219510][  T982] IPVS: starting estimator thread 0...
[  501.324772][T10907] IPVS: using max 36 ests per chain, 86400 per kthread
[  501.333122][T10910] netlink: 'syz.6.1125': attribute type 1 has an invalid length.
[  501.385419][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  501.392066][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  502.079840][T10917] vlan2: entered allmulticast mode
[  502.132629][T10917] bond1: entered allmulticast mode
[  502.370958][T10926] loop4: detected capacity change from 0 to 256
[  502.395440][T10926] exfat: Deprecated parameter 'namecase'
[  502.430551][T10926] exfat: Deprecated parameter 'utf8'
[  502.485823][   T30] audit: type=1800 audit(1751279036.343:185): pid=10928 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1127" name="bus" dev="overlay" ino=528 res=0 errno=0
[  502.506448][    C0] vkms_vblank_simulate: vblank timer overrun
[  502.623824][T10926] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x1a9973fb, utbl_chksum : 0xe619d30d)
[  504.394386][T10956] xt_CONNSECMARK: invalid mode: 0
[  507.819252][T10997] tmpfs: Bad value for 'nr_blocks'
[  507.842652][T10997] loop6: detected capacity change from 0 to 128
[  507.899374][T10995] loop0: detected capacity change from 0 to 1024
[  513.993954][T11076] vimc link validate: Sensor A:src:640x480 (0x33424752, 8, 0, 0, 0) Raw Capture 0:snk:640x480 (0x33424752, 8, 0, 0, 0)
[  514.706235][T11083] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1159'.
[  514.792648][T11086] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1159'.
[  514.987513][T11091] netlink: 156 bytes leftover after parsing attributes in process `syz.0.1162'.
[  515.972344][T11109] loop2: detected capacity change from 0 to 64
[  520.156795][T11127] loop7: detected capacity change from 0 to 1024
[  520.315164][T11130] loop2: detected capacity change from 0 to 1024
[  521.037595][   T13] hfsplus: b-tree write err: -5, ino 4
[  523.086776][ T5847] Bluetooth: hci2: unexpected event for opcode 0x0016
[  523.259632][T11159] loop6: detected capacity change from 0 to 1024
[  523.302485][T11159] EXT4-fs: Ignoring removed orlov option
[  524.721312][T11159] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  526.823604][T11195] 9pnet: Found fid 0 not clunked
[  527.533284][T11199] netlink: 'syz.0.1184': attribute type 10 has an invalid length.
[  527.544222][T11199] 8021q: adding VLAN 0 to HW filter on device team0
[  527.560689][ T7196] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  527.629868][T11199] siw: device registration error -23
[  530.154651][T11247] loop0: detected capacity change from 0 to 256
[  538.608092][T11305] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1204'.
[  538.900781][T11305] openvswitch: netlink: Flow actions may not be safe on all matching packets.
[  543.051616][T11350] loop7: detected capacity change from 0 to 256
[  543.671128][T11350] exFAT-fs (loop7): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  543.823796][T11350] exFAT-fs (loop7): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  551.657245][T11433] loop4: detected capacity change from 0 to 1024
[  551.665635][ T5847] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  553.055201][T11453] loop2: detected capacity change from 0 to 64
[  553.661271][T11432] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  553.775068][ T5847] Bluetooth: hci0: command 0x0406 tx timeout
[  553.992147][T11460] loop7: detected capacity change from 0 to 512
[  554.180905][T11460] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8842c11d, mo2=0002]
[  554.277378][T11460] EXT4-fs error (device loop7): ext4_iget_extra_inode:5034: inode #15: comm syz.7.1236: corrupted in-inode xattr: e_value size too large
[  554.531081][T11460] EXT4-fs error (device loop7): ext4_orphan_get:1398: comm syz.7.1236: couldn't read orphan inode 15 (err -117)
[  554.631763][ T1108] hfsplus: b-tree write err: -5, ino 4
[  555.144893][T11460] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  557.058497][ T9298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  557.923555][T11503] sch_tbf: burst 19872 is lower than device lo mtu (65499) !
[  559.215304][T11519] loop0: detected capacity change from 0 to 1024
[  560.613362][T11534] loop2: detected capacity change from 0 to 16
[  560.623390][T11534] erofs (device loop2): mounted with root inode @ nid 36.
[  560.676359][T11534] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  560.708368][T11538] loop0: detected capacity change from 0 to 128
[  560.756842][T11534] erofs (device loop2): failed to decompress -23 in[64, 4032] out[1851]
[  560.769153][T11538] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  560.779786][T11534] erofs (device loop2): read error -117 @ 43 of nid 36
[  560.858013][T11539] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  560.871788][T11539] erofs (device loop2): failed to decompress -23 in[64, 4032] out[1851]
[  560.880505][T11539] erofs (device loop2): read error -117 @ 43 of nid 36
[  560.889649][T11534] erofs (device loop2): bogus lookback distance 1388 @ lcn 42 of nid 36
[  560.969624][T11538] nftables ruleset with unbound chain
[  560.989364][T11534] erofs (device loop2): failed to decompress -23 in[64, 4032] out[1851]
[  561.121275][T11534] erofs (device loop2): read error -117 @ 43 of nid 36
[  561.740367][T11538] UDF-fs: error (device loop0): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  561.788148][T11546] syz.0.1253(11546): Attempt to set a LOCK_MAND lock via flock(2). This support has been removed and the request ignored.
[  562.048140][T11550] netfs: Couldn't get user pages (rc=-14)
[  562.226770][T11558] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1262'.
[  562.666548][T11562] netlink: 32 bytes leftover after parsing attributes in process `syz.6.1262'.
[  562.676246][  T982] IPVS: starting estimator thread 0...
[  563.103107][T11563] IPVS: using max 27 ests per chain, 64800 per kthread
[  563.219711][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  563.226083][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  565.417481][T10823] libceph: connect (1)[c::]:6789 error -101
[  565.733521][T10823] libceph: mon0 (1)[c::]:6789 connect error
[  565.833913][T11593] loop2: detected capacity change from 0 to 736
[  565.851656][T11587] ceph: No mds server is up or the cluster is laggy
[  566.040850][  T982] libceph: connect (1)[c::]:6789 error -101
[  566.057236][  T982] libceph: mon0 (1)[c::]:6789 connect error
[  566.633383][  T982] libceph: connect (1)[c::]:6789 error -101
[  566.653704][T11593] rock: directory entry would overflow storage
[  566.665693][  T982] libceph: mon0 (1)[c::]:6789 connect error
[  566.675447][T11593] rock: sig=0x3b10, size=4, remaining=3
[  567.398157][T11614] Illegal XDP return value 4294967274 on prog  (id 316) dev N/A, expect packet loss!
[  569.934706][ T5988] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  573.607464][ T5847] Bluetooth: hci2: unexpected event for opcode 0x0419
[  574.291074][T11679] loop7: detected capacity change from 0 to 512
[  574.336627][T11681] loop0: detected capacity change from 0 to 8
[  574.338098][T11679] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  574.375595][T11681] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  574.433081][T11679] EXT4-fs (loop7): 1 truncate cleaned up
[  574.472900][ T6025] udevd[6025]: incorrect cramfs checksum on /dev/loop0
[  574.494325][T11679] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  574.692334][ T6025] udevd[6025]: incorrect cramfs checksum on /dev/loop0
[  574.848656][T11691] cramfs: Error -3 while decompressing!
[  574.854561][T11691] cramfs: ffffffff99be9b88(26)->ffff88804f027000(4096)
[  574.861529][T11691] cramfs: Error -3 while decompressing!
[  574.867181][T11691] cramfs: ffffffff99be9ba2(26)->ffff88807babc000(4096)
[  574.874181][T11691] cramfs: Error -3 while decompressing!
[  574.879809][T11691] cramfs: ffffffff99be9bbc(16)->ffff88807babd000(4096)
[  574.886943][T11691] cramfs: Error -3 while decompressing!
[  574.892548][T11691] cramfs: ffffffff99be9b88(26)->ffff88804f027000(4096)
[  575.819882][T11699] loop6: detected capacity change from 0 to 4096
[  575.831164][T11699] ntfs3(loop6): Different NTFS sector size (2048) and media sector size (512).
[  575.879396][ T6025] udevd[6025]: incorrect cramfs checksum on /dev/loop0
[  576.027495][ T9298] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  576.034618][  T982] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  576.584706][  T982] usb 5-1: config 5 has an invalid interface number: 244 but max is 0
[  576.592907][  T982] usb 5-1: config 5 has no interface number 0
[  576.746807][  T982] usb 5-1: config 5 interface 244 altsetting 0 endpoint 0x2 has an invalid bInterval 0, changing to 10
[  576.762654][  T982] usb 5-1: config 5 interface 244 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  576.775921][  T982] usb 5-1: New USB device found, idVendor=16d6, idProduct=0001, bcdDevice=b2.cd
[  576.791291][  T982] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  576.821482][  T982] usb 5-1: Product: syz
[  576.891230][  T982] usb 5-1: Manufacturer: syz
[  577.386428][  T982] usb 5-1: SerialNumber: syz
[  577.502270][T11714] binfmt_misc: register: failed to install interpreter file ./file0
[  577.716787][T11713] Bluetooth: hci2: Controller not accepting commands anymore: ncmd = 0
[  577.727163][T11713] Bluetooth: hci2: Injecting HCI hardware error event
[  578.379718][  T982] cp210x 5-1:5.244: cp210x converter detected
[  578.387621][  T982] cp210x 5-1:5.244: failed to get vendor val 0x370b size 1: -71
[  578.395375][  T982] cp210x 5-1:5.244: querying part number failed
[  578.406683][  T982] usb 5-1: cp210x converter now attached to ttyUSB0
[  579.388346][  T982] usb 5-1: USB disconnect, device number 8
[  579.416514][  T982] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  579.426915][  T982] cp210x 5-1:5.244: device disconnected
[  579.926192][T11713] Bluetooth: hci2: command 0x0406 tx timeout
[  579.935122][ T5847] Bluetooth: hci2: hardware error 0x00
[  581.253411][T11737] loop2: detected capacity change from 0 to 8
[  582.374784][ T5847] Bluetooth: hci2: Opcode 0x0c03 failed: -110
[  583.895355][T11747] loop6: detected capacity change from 0 to 1024
[  583.921041][T11747] EXT4-fs: Ignoring removed nobh option
[  583.926973][T11747] EXT4-fs: Ignoring removed bh option
[  584.494169][T11747] EXT4-fs error (device loop6): ext4_orphan_get:1419: comm syz.6.1308: bad orphan inode 32767
[  584.761608][T11747] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  585.325599][ T7196] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  593.085404][T11819] syz.6.1325: attempt to access beyond end of device
[  593.085404][T11819] loop13: rw=0, sector=0, nr_sectors = 1 limit=0
[  593.098417][T11819] FAT-fs (loop13): unable to read boot sector
[  596.701231][T11847] kvm: kvm [11834]: vcpu0, guest rIP: 0x18e Unhandled WRMSR(0x186) = 0x80
[  597.303324][T11841] syz.4.1330 (11841): drop_caches: 2
[  598.291519][T11863] loop4: detected capacity change from 0 to 1024
[  601.910648][T11887] team0: Port device vxlan0 added
[  601.945389][   T13] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  602.120525][   T13] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  602.431597][   T13] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  602.942691][   T13] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  604.890752][T11918] loop7: detected capacity change from 0 to 1024
[  606.060034][T11932] loop2: detected capacity change from 0 to 512
[  606.072048][T11932] EXT4-fs: Ignoring removed nobh option
[  606.609866][T11932] EXT4-fs warning (device loop2): dx_probe:846: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  606.621789][T11932] EXT4-fs warning (device loop2): dx_probe:849: Enable large directory feature to access it
[  606.631968][T11932] EXT4-fs warning (device loop2): dx_probe:934: inode #2: comm syz.2.1354: Corrupt directory, running e2fsck is recommended
[  606.650233][T11932] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  606.658827][T11932] EXT4-fs error (device loop2): ext4_iget_extra_inode:5034: inode #15: comm syz.2.1354: corrupted in-inode xattr: invalid ea_ino
[  606.685656][T11932] EXT4-fs error (device loop2): ext4_orphan_get:1398: comm syz.2.1354: couldn't read orphan inode 15 (err -117)
[  606.701187][T11932] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  607.032718][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  607.604108][T11943] loop4: detected capacity change from 0 to 128
[  607.709016][T11943] EXT4-fs (loop4): Test dummy encryption mode enabled
[  608.220838][T11943] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  608.254127][T11943] ext4 filesystem being mounted at /307/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  608.298353][T11947] loop2: detected capacity change from 0 to 2048
[  608.308664][T11947] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  610.282080][T11959] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  610.678587][ T5839] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  610.760648][T11966] trusted_key: encrypted_key: keyword 'new' not allowed when called from .update method
[  617.753794][T12021] netlink: 64 bytes leftover after parsing attributes in process `syz.0.1380'.
[  620.390029][T12043] netlink: 'syz.4.1385': attribute type 1 has an invalid length.
[  622.044844][T12050] netlink: 'syz.4.1388': attribute type 11 has an invalid length.
[  622.052698][T12050] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1388'.
[  623.220439][T12065] loop6: detected capacity change from 0 to 64
[  623.344293][T12065] hfs: get root inode failed
[  623.437549][T12071] loop7: detected capacity change from 0 to 256
[  623.686397][T12071] exFAT-fs (loop7): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  623.708207][T12071] exFAT-fs (loop7): Medium has reported failures. Some data may be lost.
[  624.465133][ T1302] ieee802154 phy0 wpan0: encryption failed: -22
[  624.471464][ T1302] ieee802154 phy1 wpan1: encryption failed: -22
[  624.558758][T12071] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  626.560383][T12074] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  630.161315][T12120] openvswitch: netlink: Either Ethernet header or EtherType is required.
[  630.312657][T12121] ptrace attach of "./syz-executor exec"[5839] was attempted by "                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              
[  631.081248][T12124] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1406'.
[  631.102558][   T30] audit: type=1326 audit(1751279164.943:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  631.596082][   T30] audit: type=1326 audit(1751279165.073:187): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  631.688210][   T30] audit: type=1326 audit(1751279165.083:188): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  631.721527][   T30] audit: type=1326 audit(1751279165.093:189): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  632.192758][   T30] audit: type=1326 audit(1751279165.093:190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  632.230886][   T30] audit: type=1326 audit(1751279165.113:191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  632.269640][   T30] audit: type=1326 audit(1751279165.123:192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  632.300575][   T30] audit: type=1326 audit(1751279165.123:193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  632.328158][   T30] audit: type=1326 audit(1751279165.133:194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  632.359240][   T30] audit: type=1326 audit(1751279165.153:195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12125 comm="syz.4.1409" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f884d78e929 code=0x7ffc0000
[  637.436541][T12176] netlink: 2 bytes leftover after parsing attributes in process `syz.6.1419'.
[  639.970245][T12201] loop0: detected capacity change from 0 to 1764
[  640.298503][T12176] loop6: detected capacity change from 0 to 32768
[  640.394628][T12206] overlay: filesystem on . not supported
[  640.835517][T12176] workqueue: Failed to create a rescuer kthread for wq "ocfs2_wq": -EINTR
[  640.838034][T12176] (syz.6.1419,12176,0):ocfs2_initialize_super:2227 ERROR: status = -12
[  640.911653][T12176] (syz.6.1419,12176,1):ocfs2_fill_super:1177 ERROR: status = -12
[  641.584013][T12217] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  641.597878][T12217] Error validating options; rc = [-22]
[  643.651461][T12234] loop0: detected capacity change from 0 to 256
[  648.382373][T12274] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1444'.
[  648.498071][T12274] bridge0: entered promiscuous mode
[  648.503464][T12274] macvtap1: entered promiscuous mode
[  648.556004][T12274] macvtap1: entered allmulticast mode
[  648.591991][T12274] bridge0: entered allmulticast mode
[  648.872991][T12279] bridge0: left allmulticast mode
[  648.982497][T12279] bridge0: left promiscuous mode
[  649.464632][T12285] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1446'.
[  649.608553][T12285] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1446'.
[  650.624825][T12302] Invalid source name
[  650.628944][T12302] UBIFS error (pid: 12302): cannot open "./file0", error -22
[  654.095868][T12328] loop0: detected capacity change from 0 to 256
[  654.263528][T12328] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x53fda505, utbl_chksum : 0xe619d30d)
[  654.316634][T12328] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  654.529486][T12333] loop4: detected capacity change from 0 to 512
[  654.610536][T12333] EXT4-fs: Ignoring removed nobh option
[  654.783357][T12333] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  655.734192][ T5839] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  655.855873][T12345] loop2: detected capacity change from 0 to 512
[  655.915963][T12345] EXT4-fs: Ignoring removed bh option
[  655.981178][T12345] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  656.034858][T12345] EXT4-fs (loop2): 1 truncate cleaned up
[  656.115658][T12345] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  657.320339][T12321] loop7: detected capacity change from 0 to 32768
[  657.331508][T12321] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.1457 (12321)
[  658.525494][ T5832] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  658.717085][T12374] BUG: sleeping function called from invalid context at kernel/locking/rwsem.c:1523
[  658.727343][T12374] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12374, name: syz.6.1469
[  658.736578][T12374] preempt_count: 0, expected: 0
[  658.741501][T12374] RCU nest depth: 1, expected: 0
[  658.746652][T12374] 2 locks held by syz.6.1469/12374:
[  658.751891][T12374]  #0: ffffffff8e13bee0 (rcu_read_lock){....}-{1:3}, at: query_vma_setup+0x18/0x110
[  658.761572][T12374]  #1: ffff888027525808 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  658.771945][T12374] CPU: 0 UID: 0 PID: 12374 Comm: syz.6.1469 Not tainted 6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  658.771975][T12374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  658.771988][T12374] Call Trace:
[  658.771996][T12374]  <TASK>
[  658.772004][T12374]  dump_stack_lvl+0x189/0x250
[  658.772036][T12374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  658.772071][T12374]  ? print_lock_name+0xde/0x100
[  658.772097][T12374]  __might_resched+0x495/0x610
[  658.772125][T12374]  ? preempt_schedule_irq+0xa5/0x150
[  658.772150][T12374]  ? __pfx___might_resched+0x10/0x10
[  658.772177][T12374]  ? vma_start_read+0x218/0x3b0
[  658.772192][T12374]  ? vma_start_read+0x259/0x3b0
[  658.772206][T12374]  ? preempt_schedule_irq+0xb5/0x150
[  658.772234][T12374]  ? __filemap_get_folio+0x9a6/0xaf0
[  658.772256][T12374]  down_read+0x22/0x2e0
[  658.772278][T12374]  freader_get_folio+0x38b/0x830
[  658.772309][T12374]  freader_fetch+0xa3/0x5d0
[  658.772336][T12374]  ? rcu_is_watching+0x15/0xb0
[  658.772367][T12374]  __build_id_parse+0x133/0x7d0
[  658.772395][T12374]  ? __pfx___build_id_parse+0x10/0x10
[  658.772443][T12374]  ? lock_next_vma+0x146/0xdc0
[  658.772459][T12374]  ? procfs_procmap_ioctl+0x75b/0xd10
[  658.772493][T12374]  procfs_procmap_ioctl+0x77e/0xd10
[  658.772525][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  658.772561][T12374]  ? lockdep_hardirqs_on+0x9c/0x150
[  658.772591][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  658.772617][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  658.772643][T12374]  ? __se_sys_ioctl+0xea/0x170
[  658.772668][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  658.772694][T12374]  __se_sys_ioctl+0xfc/0x170
[  658.772720][T12374]  do_syscall_64+0xfa/0x3b0
[  658.772738][T12374]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.772756][T12374]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  658.772773][T12374]  ? clear_bhb_loop+0x60/0xb0
[  658.772794][T12374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  658.772812][T12374] RIP: 0033:0x7f28db78e929
[  658.772829][T12374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  658.772843][T12374] RSP: 002b:00007f28dc5cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  658.772862][T12374] RAX: ffffffffffffffda RBX: 00007f28db9b6080 RCX: 00007f28db78e929
[  658.772875][T12374] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000008
[  658.772887][T12374] RBP: 00007f28db810b39 R08: 0000000000000000 R09: 0000000000000000
[  658.772899][T12374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  658.772909][T12374] R13: 0000000000000000 R14: 00007f28db9b6080 R15: 00007ffd54d042c8
[  658.772940][T12374]  </TASK>
[  658.773112][T12374] 
[  659.036023][T12374] =============================
[  659.040865][T12374] [ BUG: Invalid wait context ]
[  659.045702][T12374] 6.16.0-rc4-next-20250630-syzkaller #0 Tainted: G        W          
[  659.053841][T12374] -----------------------------
[  659.058674][T12374] syz.6.1469/12374 is trying to lock:
[  659.064034][T12374] ffff888148c64e40 (mapping.invalidate_lock){++++}-{4:4}, at: freader_get_folio+0x38b/0x830
[  659.074138][T12374] other info that might help us debug this:
[  659.080022][T12374] context-{5:5}
[  659.083472][T12374] 2 locks held by syz.6.1469/12374:
[  659.088668][T12374]  #0: ffffffff8e13bee0 (rcu_read_lock){....}-{1:3}, at: query_vma_setup+0x18/0x110
[  659.098074][T12374]  #1: ffff888027525808 (vm_lock){++++}-{0:0}, at: lock_next_vma+0x146/0xdc0
[  659.106869][T12374] stack backtrace:
[  659.110587][T12374] CPU: 0 UID: 0 PID: 12374 Comm: syz.6.1469 Tainted: G        W           6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  659.110613][T12374] Tainted: [W]=WARN
[  659.110618][T12374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  659.110628][T12374] Call Trace:
[  659.110634][T12374]  <TASK>
[  659.110642][T12374]  dump_stack_lvl+0x189/0x250
[  659.110672][T12374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  659.110697][T12374]  ? __pfx__printk+0x10/0x10
[  659.110721][T12374]  __lock_acquire+0xbcb/0xd20
[  659.110746][T12374]  ? freader_get_folio+0x38b/0x830
[  659.110770][T12374]  lock_acquire+0x120/0x360
[  659.110789][T12374]  ? freader_get_folio+0x38b/0x830
[  659.110815][T12374]  ? vma_start_read+0x218/0x3b0
[  659.110831][T12374]  ? vma_start_read+0x259/0x3b0
[  659.110846][T12374]  ? preempt_schedule_irq+0xb5/0x150
[  659.110874][T12374]  down_read+0x46/0x2e0
[  659.110891][T12374]  ? freader_get_folio+0x38b/0x830
[  659.110916][T12374]  freader_get_folio+0x38b/0x830
[  659.110942][T12374]  freader_fetch+0xa3/0x5d0
[  659.110966][T12374]  ? rcu_is_watching+0x15/0xb0
[  659.110993][T12374]  __build_id_parse+0x133/0x7d0
[  659.111018][T12374]  ? __pfx___build_id_parse+0x10/0x10
[  659.111049][T12374]  ? lock_next_vma+0x146/0xdc0
[  659.111064][T12374]  ? procfs_procmap_ioctl+0x75b/0xd10
[  659.111093][T12374]  procfs_procmap_ioctl+0x77e/0xd10
[  659.111120][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  659.111149][T12374]  ? lockdep_hardirqs_on+0x9c/0x150
[  659.111176][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  659.111201][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  659.111227][T12374]  ? __se_sys_ioctl+0xea/0x170
[  659.111250][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  659.111275][T12374]  __se_sys_ioctl+0xfc/0x170
[  659.111299][T12374]  do_syscall_64+0xfa/0x3b0
[  659.111316][T12374]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.111333][T12374]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  659.111350][T12374]  ? clear_bhb_loop+0x60/0xb0
[  659.111370][T12374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  659.111393][T12374] RIP: 0033:0x7f28db78e929
[  659.111410][T12374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  659.111425][T12374] RSP: 002b:00007f28dc5cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  659.111444][T12374] RAX: ffffffffffffffda RBX: 00007f28db9b6080 RCX: 00007f28db78e929
[  659.111458][T12374] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000008
[  659.111470][T12374] RBP: 00007f28db810b39 R08: 0000000000000000 R09: 0000000000000000
[  659.111482][T12374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  659.111493][T12374] R13: 0000000000000000 R14: 00007f28db9b6080 R15: 00007ffd54d042c8
[  659.111511][T12374]  </TASK>
[  659.382429][    C0] vcan0: j1939_tp_rxtimer: 0xffff888060c81c00: rx timeout, send abort
[  659.890720][    C0] vcan0: j1939_tp_rxtimer: 0xffff888060c81c00: abort rx timeout. Force session deactivation
[  659.951894][T12374] BUG: sleeping function called from invalid context at ./include/linux/sched/mm.h:321
[  659.961648][T12374] in_atomic(): 0, irqs_disabled(): 0, non_block: 0, pid: 12374, name: syz.6.1469
[  660.144368][T12374] preempt_count: 0, expected: 0
[  660.227305][T12387] ecryptfs_validate_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README
[  660.240949][T12387] Error validating options; rc = [-22]
[  660.677933][T12374] RCU nest depth: 1, expected: 0
[  660.686262][T12383] vcan0: tx drop: invalid da for name 0x0000000000000010
[  660.694277][T12374] INFO: lockdep is turned off.
[  660.699214][T12374] CPU: 1 UID: 0 PID: 12374 Comm: syz.6.1469 Tainted: G        W           6.16.0-rc4-next-20250630-syzkaller #0 PREEMPT(full) 
[  660.699238][T12374] Tainted: [W]=WARN
[  660.699247][T12374] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  660.699253][T12374] Call Trace:
[  660.699258][T12374]  <TASK>
[  660.699262][T12374]  dump_stack_lvl+0x189/0x250
[  660.699282][T12374]  ? __pfx_dump_stack_lvl+0x10/0x10
[  660.699295][T12374]  ? __pfx__printk+0x10/0x10
[  660.699307][T12374]  ? preempt_schedule_irq+0xde/0x150
[  660.699321][T12374]  __might_resched+0x495/0x610
[  660.699335][T12374]  ? preempt_schedule_irq+0xa5/0x150
[  660.699347][T12374]  ? __pfx___might_resched+0x10/0x10
[  660.699359][T12374]  ? lock_acquire+0x5f/0x360
[  660.699370][T12374]  ? rcu_is_watching+0x15/0xb0
[  660.699385][T12374]  ? fs_reclaim_acquire+0x7d/0x100
[  660.699396][T12374]  prepare_alloc_pages+0x1d9/0x610
[  660.699407][T12374]  __alloc_frozen_pages_noprof+0x123/0x370
[  660.699418][T12374]  ? __pfx___alloc_frozen_pages_noprof+0x10/0x10
[  660.699432][T12374]  ? filemap_get_entry+0xad/0x2f0
[  660.699442][T12374]  alloc_pages_mpol+0x232/0x4a0
[  660.699457][T12374]  alloc_pages_noprof+0xa9/0x190
[  660.699466][T12374]  folio_alloc_noprof+0x1e/0x30
[  660.699474][T12374]  filemap_alloc_folio_noprof+0xdf/0x470
[  660.699484][T12374]  ? __pfx_filemap_alloc_folio_noprof+0x10/0x10
[  660.699495][T12374]  ? __filemap_get_folio+0x9a6/0xaf0
[  660.699508][T12374]  ? vma_start_read+0x218/0x3b0
[  660.699518][T12374]  do_read_cache_folio+0x2da/0x590
[  660.699529][T12374]  ? __pfx_blkdev_read_folio+0x10/0x10
[  660.699541][T12374]  freader_get_folio+0x3c4/0x830
[  660.699556][T12374]  freader_fetch+0xa3/0x5d0
[  660.699569][T12374]  ? rcu_is_watching+0x15/0xb0
[  660.699582][T12374]  __build_id_parse+0x133/0x7d0
[  660.699595][T12374]  ? __pfx___build_id_parse+0x10/0x10
[  660.699611][T12374]  ? lock_next_vma+0x146/0xdc0
[  660.699619][T12374]  ? procfs_procmap_ioctl+0x75b/0xd10
[  660.699634][T12374]  procfs_procmap_ioctl+0x77e/0xd10
[  660.699649][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  660.699664][T12374]  ? lockdep_hardirqs_on+0x9c/0x150
[  660.699678][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  660.699691][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  660.699704][T12374]  ? __se_sys_ioctl+0xea/0x170
[  660.699717][T12374]  ? __pfx_procfs_procmap_ioctl+0x10/0x10
[  660.699730][T12374]  __se_sys_ioctl+0xfc/0x170
[  660.699742][T12374]  do_syscall_64+0xfa/0x3b0
[  660.699751][T12374]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.699761][T12374]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[  660.699770][T12374]  ? clear_bhb_loop+0x60/0xb0
[  660.699780][T12374]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  660.699789][T12374] RIP: 0033:0x7f28db78e929
[  660.699799][T12374] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  660.699807][T12374] RSP: 002b:00007f28dc5cb038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  660.699819][T12374] RAX: ffffffffffffffda RBX: 00007f28db9b6080 RCX: 00007f28db78e929
[  660.699827][T12374] RDX: 0000200000000180 RSI: 00000000c0686611 RDI: 0000000000000008
[  660.699833][T12374] RBP: 00007f28db810b39 R08: 0000000000000000 R09: 0000000000000000
[  660.699840][T12374] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  660.699846][T12374] R13: 0000000000000000 R14: 00007f28db9b6080 R15: 00007ffd54d042c8
[  660.699856][T12374]  </TASK>