last executing test programs:

25m39.856041412s ago: executing program 32 (id=30):
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0xe)
socket(0x2b, 0x80801, 0x1)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2040, 0x0)
fcntl$setlease(r0, 0x400, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x88040, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
r2 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
pread64(r2, &(0x7f0000002140)=""/17, 0x11, 0x0)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r4 = getpid()
sched_setscheduler(r4, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x50)
r7 = gettid()
ioctl$sock_inet_SIOCSARP(0xffffffffffffffff, 0x80108906, 0x0)
timer_create(0x0, &(0x7f0000000000)={0x0, 0x21, 0x800000000004, @tid=r7}, &(0x7f0000bbdffc))
r8 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r8, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
timer_settime(0x0, 0x1, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mkdir(&(0x7f0000000000)='./file0\x00', 0x0)
pipe2$9p(&(0x7f0000000240), 0x0)
mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f00000000c0), 0x2a00040, 0x0)
sendmsg$SOCK_DIAG_BY_FAMILY(r3, 0x0, 0x0)
openat$nullb(0xffffffffffffff9c, &(0x7f0000000040), 0x84042, 0x0)

25m21.522608011s ago: executing program 33 (id=49):
r0 = socket$xdp(0x2c, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x800, 0x0, 0x1}, 0x20)
sendmsg$MPTCP_PM_CMD_ANNOUNCE(0xffffffffffffffff, 0x0, 0x1)

22m1.562486058s ago: executing program 34 (id=251):
shmctl$IPC_RMID(0x0, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
mknodat$loop(0xffffffffffffff9c, 0x0, 0x6000, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x4c0c8)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x1)
ioctl$VT_RESIZEX(r3, 0x560a, &(0x7f00000006c0)={0x4, 0x0, 0x0, 0x0, 0x132, 0x3})
sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=@newlink={0x28, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2031}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x20048054}, 0x0)
remap_file_pages(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x0, 0x0, 0x0)

17m21.281313018s ago: executing program 35 (id=594):
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x3a)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
getgid()
r4 = add_key$fscrypt_provisioning(&(0x7f0000000380), 0x0, 0x0, 0x0, 0xfffffffffffffffc)
keyctl$chown(0x4, r4, 0x0, 0x0)
r5 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
read$FUSE(r5, &(0x7f00000007c0)={0x2020}, 0x2020)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)

15m14.623963019s ago: executing program 4 (id=803):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = openat$tcp_mem(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/tcp_wmem\x00', 0x1, 0x0)
sendfile(r3, 0xffffffffffffffff, 0x0, 0x3a)
write(0xffffffffffffffff, &(0x7f0000000000), 0x0)
add_key$fscrypt_provisioning(&(0x7f0000000380), 0x0, 0x0, 0x0, 0xfffffffffffffffc)
openat$cuse(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x0, 0x0)
mount(0x0, 0x0, &(0x7f0000000100)='autofs\x00', 0x0, &(0x7f0000000400))
r4 = openat$autofs(0xffffffffffffff9c, &(0x7f0000000000), 0x200, 0x0)
ioctl$AUTOFS_DEV_IOCTL_EXPIRE(r4, 0xc018937e, &(0x7f00000019c0)={{0x1, 0x1, 0x1018}, './file1\x00'})
socket$inet6_udp(0xa, 0x2, 0x0)

15m13.353197129s ago: executing program 4 (id=805):
msgget$private(0x0, 0x3ac)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1ff, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82, 0x6, @random="a55378321800"}, 0x14)
shutdown(r4, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5", 0x1d}], 0x1}, 0x41)

15m7.759131623s ago: executing program 4 (id=810):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C\x00'], 0x20}}, 0x20004000)
r3 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffff5d)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

15m6.473013273s ago: executing program 4 (id=812):
msgget$private(0x0, 0x3ac)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1ff, 0x4)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82, 0x6, @random="a55378321800"}, 0x14)
shutdown(r4, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5", 0x1d}], 0x1}, 0x41)

15m3.758834717s ago: executing program 4 (id=814):
msgget$private(0x0, 0x3ac)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1ff, 0x4)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82, 0x6, @random="a55378321800"}, 0x14)
shutdown(r4, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f0000003c00)={0x0, 0x0, &(0x7f00000039c0)=[{&(0x7f0000000780)="4274aa814c8f6ea8d8db43178dd2f41ef596a3ca465412910e05cba0f5", 0x1d}], 0x1}, 0x41)

14m56.621932738s ago: executing program 4 (id=820):
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x800)
r0 = openat$cachefiles(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
fchdir(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000000380)=""/70, 0x46)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
preadv(r1, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x24040090)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x24008043)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

14m39.988717725s ago: executing program 36 (id=820):
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x800)
r0 = openat$cachefiles(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
fchdir(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, &(0x7f0000000380)=""/70, 0x46)
openat$vicodec1(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
preadv(r1, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x24040090)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x24008043)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

9m56.969792487s ago: executing program 1 (id=1191):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r3, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket$igmp6(0xa, 0x3, 0x2)
r4 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14, 0x0)
setsockopt$packet_rx_ring(r4, 0x107, 0x5, &(0x7f0000000240)=@req={0x1, 0x8, 0x8, 0x6}, 0x10)
r5 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r5)

9m54.605407362s ago: executing program 1 (id=1194):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x662, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
r5 = socket(0x1e, 0x4, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$tipc(r5, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r5, r4, 0x0, 0x8010002b)
r6 = openat$cgroup_procs(r0, &(0x7f0000000400)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
ptrace$getsig(0x4202, r1, 0xed62, &(0x7f0000000180))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)

9m53.262551936s ago: executing program 1 (id=1196):
syz_open_dev$dri(0x0, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f0000000040)={'wlan1\x00'})
r0 = socket$inet6(0xa, 0x805, 0x0)
ioctl$sock_SIOCETHTOOL(r0, 0x8946, &(0x7f0000000000)={'veth0\x00', &(0x7f0000000080)=@ethtool_cmd={0x4e, 0x40, 0x3, 0x2, 0x6, 0x4c, 0x4, 0xb, 0x6, 0x0, 0x9, 0x10001, 0xaff0, 0xa8, 0xa8, 0x5, [0xb, 0x8]}})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000003, 0x50032, 0xffffffffffffffff, 0x0)
r2 = bpf$PROG_LOAD(0x5, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
ioctl$sock_kcm_SIOCKCMATTACH(0xffffffffffffffff, 0x89e0, &(0x7f0000000040)={0xffffffffffffffff, r2})
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x7, &(0x7f0000000000), 0x4)
mlock(&(0x7f00007d8000/0x800000)=nil, 0x800000)
pread64(0xffffffffffffffff, 0x0, 0x0, 0x2f)
syz_clone(0x100, 0x0, 0x0, 0x0, 0x0, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000400), 0x2, 0x0)
syz_open_dev$hidraw(0x0, 0x0, 0x81)
write$UHID_SET_REPORT_REPLY(r3, 0x0, 0xc)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)

9m49.38167435s ago: executing program 1 (id=1201):
socketpair$unix(0x1, 0x3, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000003c0)={0xfff, 0x4000000007}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000080), 0x0, 0x0)
r1 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/tty/ldiscs\x00', 0x0, 0x0)
r2 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000400)='/proc/sys/net/ipv4/tcp_timestamps\x00', 0x1, 0x0)
sendfile(r2, r1, &(0x7f0000002080)=0x99, 0x23b)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
r3 = syz_open_dev$dvb_frontend(&(0x7f0000001300), 0x0, 0x0)
ioctl$FE_SET_PROPERTY(r3, 0x40106f52, &(0x7f0000000640)={0x29, 0x0})
r4 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r4, 0xc008561c, &(0x7f0000000100)={0xf0f017, 0x3})
sendmmsg$alg(0xffffffffffffffff, &(0x7f0000001e40)=[{0x0, 0x0, &(0x7f0000000340), 0x0, 0x0, 0x0, 0x20048051}], 0x1, 0x40800)
r5 = socket$packet(0x11, 0x2, 0x300)
bind$packet(r5, &(0x7f0000000340)={0x11, 0x4, 0x0, 0x1, 0x0, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x32)
r6 = accept4$inet6(0xffffffffffffffff, &(0x7f00000000c0), &(0x7f0000000100)=0x1c, 0x800)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
setresuid(0x0, 0x0, 0xee00)
setsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000800)={{{@in=@multicast1, @in=@local, 0x4e23, 0x3, 0x4e22, 0x4, 0x2, 0x80, 0x80, 0x2b}, {0x4, 0x1000, 0x53d, 0x0, 0x2, 0x3f97, 0x8, 0x8}, {0x6, 0x1, 0x2e, 0x7}, 0xbd8d, 0x6e6bb6, 0x1, 0x1, 0x0, 0x3}, {{@in=@dev={0xac, 0x14, 0x14, 0x21}, 0x4d2, 0x6c}, 0xa, @in6=@private0={0xfc, 0x0, '\x00', 0x1}, 0x3501, 0x2, 0x3, 0x4, 0x406, 0xd, 0x1ff}}, 0xe8)
r7 = syz_usb_connect(0x5, 0x2d, &(0x7f0000000080)=ANY=[], 0x0)
syz_usb_control_io$uac2(r7, 0x0, &(0x7f0000000780)={0x44, 0x0, &(0x7f00000005c0)={0x0, 0xa, 0x1, 0x6}, &(0x7f0000000600)={0x0, 0x8, 0x1, 0x5}, &(0x7f0000000640)={0x20, 0x81, 0x1, 'T'}, &(0x7f0000000680)={0x20, 0x82, 0x1, "98"}, &(0x7f00000006c0)={0x20, 0x83, 0x2, '\x00['}, &(0x7f0000000700)={0x20, 0x84, 0x2, "fa6f"}, 0x0})
syz_usb_ep_write$ath9k_ep1(r7, 0x82, 0xa8, &(0x7f0000000040)=ANY=[@ANYBLOB="6b0ee0"])

9m43.208236937s ago: executing program 1 (id=1209):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0xe0000000}, 0x1a92189d0dd42cd6)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c810}, 0x804)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

9m39.157229047s ago: executing program 1 (id=1213):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket$igmp6(0xa, 0x3, 0x2)
r5 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14, 0x0)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000240)=@req={0x1, 0x8, 0x8, 0x6}, 0x10)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$setsig(0x4203, r6, 0x5, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f0000000340)=0x39)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="110025bd7000ffdbdf255200000008000300", @ANYRES32, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x40)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000b80)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xc}}, {@nobh}, {@nodioread_nolock}, {@discard}, {@usrjquota, 0x2e}, {@jqfmt_vfsv1}, {@noauto_da_alloc}, {@jqfmt_vfsv0}, {@resuid}], [], 0x2c}, 0x1, 0x477, &(0x7f0000000480)="$eJzs289vFFUcAPDvbFt+YyviDxC1ij8af7S0oHLwgtGEi4mJHvBYSyFIoYbWRAiR6gGPhpNH9WjiX+BJLkY9abzq3ZgQw0U0kYyZ3ZllaXeX7W63C+znk0x33uybed83M6998940gL41mv1IIrZFxG8RMRwRA8szjFY+rl09P/PP1fMzSaTpW38l2W7x99XzM0XWJP/cmifGStVNKyycPXdyem5u9kyenlg89f7EwtlzL5w4NX189vjs6amDBw/sn3z5pakX16Se27NYd380v2fX4XcuvTFz5NK7P36TBbct/762HhUjHZc5GqMNT8BTHR/99rI9/2x4wbktZW19MCKGyu1/OAbKqYrheP2TngYHdFWapunGFVurPYClFLiLJdHrCIDeKP7QZ8+/xbKO3Y+eu3Ko8gCU1ftavlS+GYxSnmeo5vl2rY1GxJGlf7/Ilqg7DgEAsLa+y/o/z9fr/5XigZp89+RzQyMRcW9E7IiI+yJiZ0TcH1HO+2BEPLTK8keXpW+Ufz0fhPplc/u1u7UrhyJ5JZ/burn/V/T+YmQgT20v138oOXZibnZffk7GYmhjlp5sUsbl1379rNF3tf2/bMnKL/qCeRx/Di4boDs6vTjdSZ1rXfm4PAZ4YWX9k+pMQBIRuyJidxvH3xQRJ579ek91w4aag+aa17+JwTYCWib9KuKZyvVfimX1j5pQm8xPTmyKudl9E8VdsdJPP198s1H5t77+3ZVd/y117/9q/UeS2vnahdWXcfH3Txs+07R7/29I3i6vF7fTh9OLi2cmIzYkSyu3T93Yt0gX+bP6j+2t3/53RFz/Mt/v4YjIbuJHIuLRiHgsj/3xiHgiIvY2qf8Prz75Xvv1766s/kdXdf1XvzJw8vtvG5Xf2vU/UF4by7e08vuv1QA7OXcAAABwpyiV34FPSuPV9VJpfLzyDv/O2FKam19YfO7Y/Aenj1belR+JoVIx0jVcMx46mY+5FOmpfKy4SO8vjxunaZpuLqfHZ+bnujWnDrRma4P2n/ljoNfRAV1Xnkc7+Hlrmf2HF9xVbppHH+pdHMD6W4P3aIA7lPYP/Uv7h/5Vr/1fiLjWg1CAdebvP/Qv7R/6l/YP/Uv7h77Uyf/1N1vZcbhbR74TVy5HRKM8A20feWNEdBrh01vb3T1KvT6rra8U77RVt5TqZP6vVxFm17HVzBdivQLr8S8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANfJ/AAAA///tr+cS")

9m39.005796192s ago: executing program 6 (id=1214):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket$igmp6(0xa, 0x3, 0x2)
r6 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000240)=@req={0x1, 0x8, 0x8, 0x6}, 0x10)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$setsig(0x4203, r7, 0x5, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="110025bd7000ffdbdf255200000008000300", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x40)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000b80)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xc}}, {@nobh}, {@nodioread_nolock}, {@discard}, {@usrjquota, 0x2e}, {@jqfmt_vfsv1}, {@noauto_da_alloc}, {@jqfmt_vfsv0}, {@resuid}], [], 0x2c}, 0x1, 0x477, &(0x7f0000000480)="$eJzs289vFFUcAPDvbFt+YyviDxC1ij8af7S0oHLwgtGEi4mJHvBYSyFIoYbWRAiR6gGPhpNH9WjiX+BJLkY9abzq3ZgQw0U0kYyZ3ZllaXeX7W63C+znk0x33uybed83M6998940gL41mv1IIrZFxG8RMRwRA8szjFY+rl09P/PP1fMzSaTpW38l2W7x99XzM0XWJP/cmifGStVNKyycPXdyem5u9kyenlg89f7EwtlzL5w4NX189vjs6amDBw/sn3z5pakX16Se27NYd380v2fX4XcuvTFz5NK7P36TBbct/762HhUjHZc5GqMNT8BTHR/99rI9/2x4wbktZW19MCKGyu1/OAbKqYrheP2TngYHdFWapunGFVurPYClFLiLJdHrCIDeKP7QZ8+/xbKO3Y+eu3Ko8gCU1ftavlS+GYxSnmeo5vl2rY1GxJGlf7/Ilqg7DgEAsLa+y/o/z9fr/5XigZp89+RzQyMRcW9E7IiI+yJiZ0TcH1HO+2BEPLTK8keXpW+Ufz0fhPplc/u1u7UrhyJ5JZ/burn/V/T+YmQgT20v138oOXZibnZffk7GYmhjlp5sUsbl1379rNF3tf2/bMnKL/qCeRx/Di4boDs6vTjdSZ1rXfm4PAZ4YWX9k+pMQBIRuyJidxvH3xQRJ579ek91w4aag+aa17+JwTYCWib9KuKZyvVfimX1j5pQm8xPTmyKudl9E8VdsdJPP198s1H5t77+3ZVd/y117/9q/UeS2vnahdWXcfH3Txs+07R7/29I3i6vF7fTh9OLi2cmIzYkSyu3T93Yt0gX+bP6j+2t3/53RFz/Mt/v4YjIbuJHIuLRiHgsj/3xiHgiIvY2qf8Prz75Xvv1766s/kdXdf1XvzJw8vtvG5Xf2vU/UF4by7e08vuv1QA7OXcAAABwpyiV34FPSuPV9VJpfLzyDv/O2FKam19YfO7Y/Aenj1belR+JoVIx0jVcMx46mY+5FOmpfKy4SO8vjxunaZpuLqfHZ+bnujWnDrRma4P2n/ljoNfRAV1Xnkc7+Hlrmf2HF9xVbppHH+pdHMD6W4P3aIA7lPYP/Uv7h/5Vr/1fiLjWg1CAdebvP/Qv7R/6l/YP/Uv7h77Uyf/1N1vZcbhbR74TVy5HRKM8A20feWNEdBrh01vb3T1KvT6rra8U77RVt5TqZP6vVxFm17HVzBdivQLr8S8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANfJ/AAAA///tr+cS")

9m33.776785279s ago: executing program 6 (id=1219):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket$igmp6(0xa, 0x3, 0x2)
r6 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000240)=@req={0x1, 0x8, 0x8, 0x6}, 0x10)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$setsig(0x4203, r7, 0x5, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="110025bd7000ffdbdf255200000008000300", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x40)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000b80)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xc}}, {@nobh}, {@nodioread_nolock}, {@discard}, {@usrjquota, 0x2e}, {@jqfmt_vfsv1}, {@noauto_da_alloc}, {@jqfmt_vfsv0}, {@resuid}], [], 0x2c}, 0x1, 0x477, &(0x7f0000000480)="$eJzs289vFFUcAPDvbFt+YyviDxC1ij8af7S0oHLwgtGEi4mJHvBYSyFIoYbWRAiR6gGPhpNH9WjiX+BJLkY9abzq3ZgQw0U0kYyZ3ZllaXeX7W63C+znk0x33uybed83M6998940gL41mv1IIrZFxG8RMRwRA8szjFY+rl09P/PP1fMzSaTpW38l2W7x99XzM0XWJP/cmifGStVNKyycPXdyem5u9kyenlg89f7EwtlzL5w4NX189vjs6amDBw/sn3z5pakX16Se27NYd380v2fX4XcuvTFz5NK7P36TBbct/762HhUjHZc5GqMNT8BTHR/99rI9/2x4wbktZW19MCKGyu1/OAbKqYrheP2TngYHdFWapunGFVurPYClFLiLJdHrCIDeKP7QZ8+/xbKO3Y+eu3Ko8gCU1ftavlS+GYxSnmeo5vl2rY1GxJGlf7/Ilqg7DgEAsLa+y/o/z9fr/5XigZp89+RzQyMRcW9E7IiI+yJiZ0TcH1HO+2BEPLTK8keXpW+Ufz0fhPplc/u1u7UrhyJ5JZ/burn/V/T+YmQgT20v138oOXZibnZffk7GYmhjlp5sUsbl1379rNF3tf2/bMnKL/qCeRx/Di4boDs6vTjdSZ1rXfm4PAZ4YWX9k+pMQBIRuyJidxvH3xQRJ579ek91w4aag+aa17+JwTYCWib9KuKZyvVfimX1j5pQm8xPTmyKudl9E8VdsdJPP198s1H5t77+3ZVd/y117/9q/UeS2vnahdWXcfH3Txs+07R7/29I3i6vF7fTh9OLi2cmIzYkSyu3T93Yt0gX+bP6j+2t3/53RFz/Mt/v4YjIbuJHIuLRiHgsj/3xiHgiIvY2qf8Prz75Xvv1766s/kdXdf1XvzJw8vtvG5Xf2vU/UF4by7e08vuv1QA7OXcAAABwpyiV34FPSuPV9VJpfLzyDv/O2FKam19YfO7Y/Aenj1belR+JoVIx0jVcMx46mY+5FOmpfKy4SO8vjxunaZpuLqfHZ+bnujWnDrRma4P2n/ljoNfRAV1Xnkc7+Hlrmf2HF9xVbppHH+pdHMD6W4P3aIA7lPYP/Uv7h/5Vr/1fiLjWg1CAdebvP/Qv7R/6l/YP/Uv7h77Uyf/1N1vZcbhbR74TVy5HRKM8A20feWNEdBrh01vb3T1KvT6rra8U77RVt5TqZP6vVxFm17HVzBdivQLr8S8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANfJ/AAAA///tr+cS")

9m30.644197339s ago: executing program 6 (id=1222):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r2, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C\x00'], 0x20}}, 0x20004000)
r3 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffff5d)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

9m29.625856912s ago: executing program 6 (id=1224):
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000500)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x662, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r4, &(0x7f0000000100), 0xfffffd9d)
r5 = socket(0x1e, 0x4, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
connect$tipc(r5, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10)
sendfile(r5, r4, 0x0, 0x8010002b)
r6 = openat$cgroup_procs(r0, &(0x7f0000000400)='cgroup.procs\x00', 0x2, 0x0)
write$cgroup_pid(r6, &(0x7f0000000c40), 0x12)
ptrace$getsig(0x4202, r1, 0xed62, &(0x7f0000000180))
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_type(0xffffffffffffffff, &(0x7f0000000100), 0x2, 0x0)

9m26.812382592s ago: executing program 6 (id=1226):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket$igmp6(0xa, 0x3, 0x2)
r6 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14, 0x0)
setsockopt$packet_rx_ring(r6, 0x107, 0x5, &(0x7f0000000240)=@req={0x1, 0x8, 0x8, 0x6}, 0x10)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r7)
ptrace$setsig(0x4203, r7, 0x5, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f0000000340)=0x39)
r8 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_TDLS_MGMT(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r8, @ANYBLOB="110025bd7000ffdbdf255200000008000300", @ANYRES32=r9, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x40)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000b80)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xc}}, {@nobh}, {@nodioread_nolock}, {@discard}, {@usrjquota, 0x2e}, {@jqfmt_vfsv1}, {@noauto_da_alloc}, {@jqfmt_vfsv0}, {@resuid}], [], 0x2c}, 0x1, 0x477, &(0x7f0000000480)="$eJzs289vFFUcAPDvbFt+YyviDxC1ij8af7S0oHLwgtGEi4mJHvBYSyFIoYbWRAiR6gGPhpNH9WjiX+BJLkY9abzq3ZgQw0U0kYyZ3ZllaXeX7W63C+znk0x33uybed83M6998940gL41mv1IIrZFxG8RMRwRA8szjFY+rl09P/PP1fMzSaTpW38l2W7x99XzM0XWJP/cmifGStVNKyycPXdyem5u9kyenlg89f7EwtlzL5w4NX189vjs6amDBw/sn3z5pakX16Se27NYd380v2fX4XcuvTFz5NK7P36TBbct/762HhUjHZc5GqMNT8BTHR/99rI9/2x4wbktZW19MCKGyu1/OAbKqYrheP2TngYHdFWapunGFVurPYClFLiLJdHrCIDeKP7QZ8+/xbKO3Y+eu3Ko8gCU1ftavlS+GYxSnmeo5vl2rY1GxJGlf7/Ilqg7DgEAsLa+y/o/z9fr/5XigZp89+RzQyMRcW9E7IiI+yJiZ0TcH1HO+2BEPLTK8keXpW+Ufz0fhPplc/u1u7UrhyJ5JZ/burn/V/T+YmQgT20v138oOXZibnZffk7GYmhjlp5sUsbl1379rNF3tf2/bMnKL/qCeRx/Di4boDs6vTjdSZ1rXfm4PAZ4YWX9k+pMQBIRuyJidxvH3xQRJ579ek91w4aag+aa17+JwTYCWib9KuKZyvVfimX1j5pQm8xPTmyKudl9E8VdsdJPP198s1H5t77+3ZVd/y117/9q/UeS2vnahdWXcfH3Txs+07R7/29I3i6vF7fTh9OLi2cmIzYkSyu3T93Yt0gX+bP6j+2t3/53RFz/Mt/v4YjIbuJHIuLRiHgsj/3xiHgiIvY2qf8Prz75Xvv1766s/kdXdf1XvzJw8vtvG5Xf2vU/UF4by7e08vuv1QA7OXcAAABwpyiV34FPSuPV9VJpfLzyDv/O2FKam19YfO7Y/Aenj1belR+JoVIx0jVcMx46mY+5FOmpfKy4SO8vjxunaZpuLqfHZ+bnujWnDrRma4P2n/ljoNfRAV1Xnkc7+Hlrmf2HF9xVbppHH+pdHMD6W4P3aIA7lPYP/Uv7h/5Vr/1fiLjWg1CAdebvP/Qv7R/6l/YP/Uv7h77Uyf/1N1vZcbhbR74TVy5HRKM8A20feWNEdBrh01vb3T1KvT6rra8U77RVt5TqZP6vVxFm17HVzBdivQLr8S8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANfJ/AAAA///tr+cS")

9m23.024392783s ago: executing program 37 (id=1213):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r1 = getpid()
sched_setscheduler(r1, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)
socket$igmp6(0xa, 0x3, 0x2)
r5 = accept4$packet(0xffffffffffffffff, &(0x7f00000001c0)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000200)=0x14, 0x0)
setsockopt$packet_rx_ring(r5, 0x107, 0x5, &(0x7f0000000240)=@req={0x1, 0x8, 0x8, 0x6}, 0x10)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r6)
ptrace$setsig(0x4203, r6, 0x5, &(0x7f0000000040)={0x15, 0xa, 0x1e0000})
bpf$BPF_LINK_CREATE(0x1c, 0x0, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(0xffffffffffffffff, 0x6, 0x23, 0x0, &(0x7f0000000340)=0x39)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$NL80211_CMD_TDLS_MGMT(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="110025bd7000ffdbdf255200000008000300", @ANYRES32, @ANYBLOB], 0x50}, 0x1, 0x0, 0x0, 0xc0}, 0x40)
mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x8000, 0x10103)
syz_mount_image$ext4(&(0x7f0000000440)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0xc41a, &(0x7f0000000b80)={[{@noblock_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0xc}}, {@nobh}, {@nodioread_nolock}, {@discard}, {@usrjquota, 0x2e}, {@jqfmt_vfsv1}, {@noauto_da_alloc}, {@jqfmt_vfsv0}, {@resuid}], [], 0x2c}, 0x1, 0x477, &(0x7f0000000480)="$eJzs289vFFUcAPDvbFt+YyviDxC1ij8af7S0oHLwgtGEi4mJHvBYSyFIoYbWRAiR6gGPhpNH9WjiX+BJLkY9abzq3ZgQw0U0kYyZ3ZllaXeX7W63C+znk0x33uybed83M6998940gL41mv1IIrZFxG8RMRwRA8szjFY+rl09P/PP1fMzSaTpW38l2W7x99XzM0XWJP/cmifGStVNKyycPXdyem5u9kyenlg89f7EwtlzL5w4NX189vjs6amDBw/sn3z5pakX16Se27NYd380v2fX4XcuvTFz5NK7P36TBbct/762HhUjHZc5GqMNT8BTHR/99rI9/2x4wbktZW19MCKGyu1/OAbKqYrheP2TngYHdFWapunGFVurPYClFLiLJdHrCIDeKP7QZ8+/xbKO3Y+eu3Ko8gCU1ftavlS+GYxSnmeo5vl2rY1GxJGlf7/Ilqg7DgEAsLa+y/o/z9fr/5XigZp89+RzQyMRcW9E7IiI+yJiZ0TcH1HO+2BEPLTK8keXpW+Ufz0fhPplc/u1u7UrhyJ5JZ/burn/V/T+YmQgT20v138oOXZibnZffk7GYmhjlp5sUsbl1379rNF3tf2/bMnKL/qCeRx/Di4boDs6vTjdSZ1rXfm4PAZ4YWX9k+pMQBIRuyJidxvH3xQRJ579ek91w4aag+aa17+JwTYCWib9KuKZyvVfimX1j5pQm8xPTmyKudl9E8VdsdJPP198s1H5t77+3ZVd/y117/9q/UeS2vnahdWXcfH3Txs+07R7/29I3i6vF7fTh9OLi2cmIzYkSyu3T93Yt0gX+bP6j+2t3/53RFz/Mt/v4YjIbuJHIuLRiHgsj/3xiHgiIvY2qf8Prz75Xvv1766s/kdXdf1XvzJw8vtvG5Xf2vU/UF4by7e08vuv1QA7OXcAAABwpyiV34FPSuPV9VJpfLzyDv/O2FKam19YfO7Y/Aenj1belR+JoVIx0jVcMx46mY+5FOmpfKy4SO8vjxunaZpuLqfHZ+bnujWnDrRma4P2n/ljoNfRAV1Xnkc7+Hlrmf2HF9xVbppHH+pdHMD6W4P3aIA7lPYP/Uv7h/5Vr/1fiLjWg1CAdebvP/Qv7R/6l/YP/Uv7h77Uyf/1N1vZcbhbR74TVy5HRKM8A20feWNEdBrh01vb3T1KvT6rra8U77RVt5TqZP6vVxFm17HVzBdivQLr8S8mAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACANfJ/AAAA///tr+cS")

9m22.841502199s ago: executing program 6 (id=1235):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./bus\x00', 0x0, 0x8}, 0x18)
r2 = openat$vsock(0xffffffffffffff9c, 0x0, 0x2c0c2, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
fsopen(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x1, 0x16, 0xb4, 0x7f}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r3}, 0x38)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0)
socket(0x3, 0x1, 0x8)
r4 = socket(0x1000000000000010, 0x80802, 0x0)
write(r4, &(0x7f0000000000)="240000004e0001000000f4f9002304000a03f51108000100020100000800028001000000", 0x24)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0xb4, 0x4}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002240)=ANY=[@ANYBLOB="24000000200001032cbd7000ffdbdf25020000000000000510000000050016002c000000d34513539afc0826d8d8b368e8ababbfe02dfa29a00418b9d01ef21c267e7226a0680367bc799790e642229a774dc397f54a9cfce77d30892988f0daf3bc77f295bc7ec73aa92439fa58f0c248535543f2e1a5aeda4177"], 0x24}}, 0x8800)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x200040d0}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_pts(r2, 0x2000)
sendmsg$NFT_BATCH(r6, 0x0, 0x4000000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002200)='statm\x00')

9m7.591488946s ago: executing program 38 (id=1235):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000000c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$OBJ_GET_PROG(0x7, &(0x7f00000005c0)=@generic={&(0x7f0000000580)='./bus\x00', 0x0, 0x8}, 0x18)
r2 = openat$vsock(0xffffffffffffff9c, 0x0, 0x2c0c2, 0x0)
sched_setattr(0x0, &(0x7f0000000000)={0x38, 0x0, 0x4, 0x8001, 0x0, 0xb49, 0x200000000002, 0x7, 0x8, 0x5}, 0x0)
fsopen(0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000ac0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000f40)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x1}, 0x8000002)
r3 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0x1, 0x16, 0xb4, 0x7f}, 0x48)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, r3}, 0x38)
socketpair$unix(0x1, 0x1, 0x0, 0x0)
poll(&(0x7f0000000000), 0x20000000000000b5, 0x9)
readlinkat(0xffffffffffffffff, &(0x7f0000000140)='./mnt\x00', 0x0, 0x0)
socket(0x3, 0x1, 0x8)
r4 = socket(0x1000000000000010, 0x80802, 0x0)
write(r4, &(0x7f0000000000)="240000004e0001000000f4f9002304000a03f51108000100020100000800028001000000", 0x24)
prlimit64(0x0, 0x0, &(0x7f0000000140)={0xb4, 0x4}, 0x0)
r5 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000002240)=ANY=[@ANYBLOB="24000000200001032cbd7000ffdbdf25020000000000000510000000050016002c000000d34513539afc0826d8d8b368e8ababbfe02dfa29a00418b9d01ef21c267e7226a0680367bc799790e642229a774dc397f54a9cfce77d30892988f0daf3bc77f295bc7ec73aa92439fa58f0c248535543f2e1a5aeda4177"], 0x24}}, 0x8800)
sendmsg$nl_route(r5, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000300)=ANY=[], 0x3c}, 0x1, 0x0, 0x0, 0x200040d0}, 0x0)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
openat$nci(0xffffffffffffff9c, &(0x7f0000000240), 0x2, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
syz_open_pts(r2, 0x2000)
sendmsg$NFT_BATCH(r6, 0x0, 0x4000000)
syz_open_procfs(0xffffffffffffffff, &(0x7f0000002200)='statm\x00')

5m0.649579885s ago: executing program 9 (id=1524):
arch_prctl$ARCH_MAP_VDSO_64(0x2003, 0x800)
r0 = openat$cachefiles(0xffffffffffffff9c, 0x0, 0x2000, 0x0)
fchdir(0xffffffffffffffff)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)
read$msr(r0, 0x0, 0x0)
openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0)
r1 = openat$vicodec1(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000040)=""/98, 0x62}], 0x1, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r3 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_MFC_PROXY(r3, 0x0, 0xd2, 0x0, 0x0)
close_range(r2, 0xffffffffffffffff, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_FLUSH(r4, 0x0, 0x0)
sendmsg$NL80211_CMD_SET_WIPHY(0xffffffffffffffff, 0x0, 0x24040090)
sendmsg$NL80211_CMD_SET_COALESCE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10000}, 0xc, &(0x7f0000000240)={0x0}, 0x1, 0x0, 0x0, 0x4}, 0x24008043)
bpf$PROG_LOAD(0x5, 0x0, 0x0)

4m59.688244926s ago: executing program 9 (id=1527):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f00005a6000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000247000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000370000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xfffffffffffffd30}, 0x68)
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(r1, &(0x7f0000000400)=[{&(0x7f0000000300)=""/55, 0x37}], 0x1, &(0x7f0000000580)=[{&(0x7f0000000440)=""/209, 0xd1}], 0x1, 0x0)
io_uring_setup(0x14cf, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x80008, 0xc0})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)

4m55.156181171s ago: executing program 9 (id=1534):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
r1 = getpgrp(0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000040)=0x5)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
openat$tcp_congestion(0xffffffffffffff9c, 0x0, 0x1, 0x0)
ioprio_set$pid(0x2, 0x0, 0x2000)

4m47.481651497s ago: executing program 9 (id=1543):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsmount(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfc409000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r4, 0x6, 0x6, &(0x7f0000000080)=0x2, 0x4)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
sendfile(r6, r5, 0x0, 0x100000500)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5)
sendto$inet6(r7, 0x0, 0x0, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000008c0)={0x34, r8, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x20, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x22}}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0xa}]}]}, 0x34}, 0x1, 0x0, 0x0, 0xc8d1}, 0x800)

4m33.095859206s ago: executing program 9 (id=1561):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f00005a6000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000247000/0x2000)=nil, &(0x7f0000ff8000/0x3000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000370000/0x2000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0, 0xfffffffffffffd30}, 0x68)
getpgrp(0x0)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f00000000c0)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x1, 0x0)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
process_vm_readv(r1, &(0x7f0000000400)=[{&(0x7f0000000300)=""/55, 0x37}], 0x1, &(0x7f0000000580)=[{&(0x7f0000000440)=""/209, 0xd1}], 0x1, 0x0)
io_uring_setup(0x14cf, &(0x7f0000000040)={0x0, 0xc8a2, 0xc000, 0x80008, 0xc0})
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000080)=0xf)

4m31.594094055s ago: executing program 9 (id=1562):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

4m14.569699249s ago: executing program 39 (id=1562):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0xffffffffffffffff}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(0x0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001480)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f00000004c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x19, 0x3, &(0x7f00000003c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, '\x00', 0x0, @cgroup_sockopt=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
madvise(&(0x7f0000000000/0x3000)=nil, 0x7fffffffffffffff, 0x15)

1m37.937924339s ago: executing program 0 (id=1872):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0xe0000000}, 0x1a92189d0dd42cd6)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

1m36.395272718s ago: executing program 0 (id=1873):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20004000)
r4 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffff5d)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

1m35.330064303s ago: executing program 0 (id=1878):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r1 = openat$incfs(0xffffffffffffff9c, 0x0, 0x181ac1, 0x0)
fchown(r1, 0xee01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x20, 0x1, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0x69}}]}, 0x20}, 0x1, 0x0, 0x0, 0x20048001}, 0x5800)
openat$dsp(0xffffffffffffff9c, 0x0, 0x8041, 0x0)
syz_open_dev$sndctrl(0x0, 0xfa, 0x66822)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
get_robust_list(r4, 0x0, &(0x7f0000000940))
r5 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$unix(r5, &(0x7f000000ea00)=[{{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000300)="a5aaa6bc", 0x4}], 0x1, 0x0, 0x0, 0x40000}}], 0x1, 0x40000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
accept4$alg(r0, 0x0, 0x0, 0x180000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e44097d0c"], 0x47)

1m33.202369191s ago: executing program 0 (id=1882):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
syz_mount_image$exfat(&(0x7f00000041c0), &(0x7f0000000000)='./file0\x00', 0x810c90, &(0x7f0000000140)=ANY=[@ANYBLOB='iocharset=maciceland,utf8,errors=continue,utf8,uid=', @ANYRESHEX=0x0, @ANYRES16=0x0], 0x1, 0x1520, &(0x7f0000000440)="$eJzs3AucTtX6OPDnWWvtMSbpbZLLsNZ6Nm9yWSZJIklySZIkSXJLSJrkSEJiyC1pSJLkMiSXISSXaUwa9/tdEpKkSZKQ3JL1/wh/p1Pndzq/0zl+nzPP9/PZn1nPu/ez9trv8+733Xu9M/Ntl6E1G9eq1pCI4F+C538kA0AsAAwEgKsAIACA8vHl48+tzy0x+V/bCftzPZh2uUfALieuf87G9c/ZuP45G9c/Z+P652xc/5yN65+zcf0Zy8k2Tit0NS85d+H5/5yMP///i2SXGfPl6jLXdgWI+aMpXP+cjev/Xyv4Ixtx/XM2rn9OFXu5B8D+D+DzPyfI9XfXcP1zNq4/YznZv3+OWbnLPcf9Py0QydnfgVzu1x9jjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMsZzhpL9EAcDF9uUeF2OMMcYYY4wxxv48PtflHgFjjDHGGGOMMcb+/RAESFAQQAzkgljIDXEgAOBKyAtXQQSuhni4BvLBtZAfCkBBKAQJUBiKgAYDFghCKArFIArXQXG4HkpASSgFpcFBGUiEG6As3Ajl4CYoDzdDBbgFKkIluBUqw21QBW6HqnAHVIM7oTrUgJpQC+6C2nA31IF7oC7cC/XgPqgP90MDeAAawoPQCB6CxvAwNIFHoCk0g+bQAlr+r/Kfhx7wAvSEXpAMvaEPvAh9oR/0hwEwEF6CQfAyDIZXIAWGwFB4FYbBazAcXocR8AaMhDdhFLwFo2EMjIVxkArjYQK8DRPhHZgEk2EKTIU0mAbT4V2YATNhFrwHs+F9mANzYR7Mh3T4ADJgAWTCh7AQPoIsWASLYQkshWWwHFbASlgFq2ENrIV1sB42wEbYBJthC2yFj2EbfALb4VPYATthF3wGu+HzfzL/xN/kd0VAQIECFSqMwRiMxViMwzjMg3kwL+bFCEYwHuMxH+bD/JgfC2JBTMAELIJF0KBByk1YFItiFKNYHItjCSyBpbAUOnSYiIlYFm/EclgOy2N5rIAVsCJWwkpYGStjFayCVbEqVsNqWB2rY02siXfhXdgb62AdrIt1sR7Wuzg9hQ2xITbCRtgYG2MTbIJNsSk2x+bYEltiK2yFrbE1tsW22A7bYXtsj0mYhB2wA3bEjtgJO2Fn7IxdsAt2xW7YLfv5XIAv4AvYC6uL3tgH+2BfTMnVHwfgAHwJB+HL+DK+gik4BIfiq/gqvobD8TiOwDdwJI7EKuItHI1jkMQ4TMVUnIATcCJOxEk4GSfjVEzDaTgdp+MMnIkz8T2cje/j+zgX5+J8TMd0zMAFmImZuBBPYBYuwsW4BJfiMlyKK3AlrsDVuAZX4zpchxtwA27CTbgFL56sCgA/xZ24E1NwN+7GPbgH9+Je3If7MBuzcT/uxwMW8CAexEN4CA/jETyKR/AYHsPjeAJPYr8LXT2b8HWjT0quSgFxjhJKxIgYEStiRZyIE3lEHpFX5BURERHxIl7kE/lEfpFfFBQFRYJIEEVEEWGEESTCGAAQUREVxUVxUUKUEKVEKeGEE4kiUZQVZUU5UU6UFzeLCuIWUVFUEm1cZVFZVBFtXVVxh6gmqonqooaoKWqJWqK2qC3qiDqirqgr6ol6or64XzQQvbE/PijOVaaxGIJNxFBsKpoJeeFIWonh2Fq0EW3F4+INHIHtRSuXJJ4SHcRo7Cj+IsbgM6KzGIddxHOiq+gmuovnRQ/R2vUUvcQk7C36iKnYV/QT/cUAMQNriPdwdu6a4hWRIoaIoeJVMR9fE8PF62JEbxAjxZtilHhLjBZjxFgxTqSK8WKCeFtMFO+ISWKymCKmijQxTUwX74oZYqaYJd4Ts8X7Yo6YK+aJ+SJdfCAyxAKRKT4UC8VHIkssEovFErFULBPLxQqRG1aJ1WKNWCvWifVig9goNonNYovYKj4W28QnYrv4VOwQO8Uu8ZnYLT4Xe8QXYq/4UuwTX4ls8bXYL74RB8S34qD4ThwS34vD4og4Kn4Qx8SP4rg4IU6KU+K0+EmcET+Ls8ILkCiFlFLJQMbIXDJW5pZx8gqZRwYXnt2rZby8RuaT18r8soAsKAvJBFlYFpFaGmklyVAWlcVkVF4ni8vrZQlZUpaSpaWTZWSivEGWlTfKcvImWV7eLCvIW2RFWUneKivL22QVebuEyPl9VJc1ZE1ZS94lk+FuWUfeI+vKe2U9eZ+sL++XDeQDsqF8UDaSD8nG8mHZRD4im8pmsrlsIVvKR2Ur+ZhsLdvItvJx2U4+IdvLJ2WSfEp2kP7CS+QZ2Vk+K7vI52RX2U12lz/Ls9LLnrKXhN4g+8gXZV/ZT/aXA+RA+ZIcJF+Wg+UrMkUOkUPlq3KYfE0Ol6/LEfINOVK+KUfJt+RoOUaOleNkqhwvJ8i35UT5jpwkJ8spcqpMk9Nk/ws9zZLyH+a//Tv5g3/Z+wa5UW6Sm+UWuVV+LLfJT+R2uV3ukDvkLrlL7pa75R65R+6Ve+U+uU9myzvkfrlfHpAH5EF5UB6Sh+RheUSekj/IY/JHeVyekCfkKXlanpZnLjwHoFAJJZVSgYpRuVSsyq3i1BUqj7pS5VVXqYi6WsWra1Q+da3KrwqogqqQSlCFVRGllVFWkQpVUVVMRdV1F9+jVClVWjlVRiWqG/6ZfFVcXa9KqJK/yr84vuS/M76WqqVqpVqp1qq1aqvaqnaqnWqv2qsklaQ6qA6qo+qoOqlOqrPqrLqoLqqr6qq6q+6qh+qheqqeKlklqz7qRdVX9VP91QA1UL2kBqlBarAarFJUihqqhqphapgaroarEWqEGqlGqlFqlBqtRquxaqxKValqgpqgJqqJapKapKaoKSpNpanparqaoWaoWWqWmq1mqzlqjpqn5ql0la4yVIbKVJlqoVqostQitUgtUUvUMrVMrVAr1Cq1Sq1Ra9Q6tU5lqY1qo9qsNqutaqvaprap7Wq72qF2qF1ql9qtdqs9ao/aq/aqfWqfylbZar/arw6oA+qgOqgOqUPqsDqsjqqj6pg6po6r4+qkOqlOq9PqjDqjzqqz5y77AhGIQAUqiAligtggNogL4oI8QZ4gb5A3iASRID6ID/IF1wb5gwJBwaBQkBAUDooEOjCBDcSFokeD64LiwfVBiaBkUCooHbigTJAY3BCUDW4MygU3BeWDm4MKwS1BxaBScGtQObgtqBLcHlQN7giqBXcG1YMaQc2gVnBXUDu4O6gT3BPUDe4N6gX3BfWD+4MGwQNBw+DBoFHwUNA4eDhoEjwSNA2aBc2DFkHLP7V/748XeMz11L10su6t++gXdV/dT/fXA/RA/ZIepF/Wg/UrOkUP0UP1q3qYfk0P16/rEfoNPVK/qUfpt/RoPUaP1eN0qh6vJ+i39UT9jp6kJ+speqpO09P0dP2unqFn6ln6PT1bv6/n6Ll6np6v0/UHOkMv0Jn6Q71Qf6Sz9CK9WC/RS/UyvVyv0Cv1Kr1ar9Fr9Tq9Xm/QG/UmvVlv0Vv1x3qb/kRv15/qHXqn3qU/07v153qP/kLv1V/qfforna2/1vv1N/qA/lYf1N/pQ/p7fVgf0Uf1D/qY/lEf1yf0SX1Kn9Y/6TP6Z31W+3MX9+c+3o0yysSYGBNrYk2ciTN5TB6T1+Q1ERMx8Sbe5DP5TH6T3xQ0BU2CSTBFTBFzDhkyRU1REzVRU9wUNyVMCVPKlDLOOJNoEk1ZU9aUM+VMeVPeVDAVTEVT0dxqbjW3mdvM7eZ2c4e5w9xp7jQ1TA1Ty9QytU1tU8fUMXVNXVPP1DP1TX3TwDQwDU1D08g0Mo1NY9PENDFNTVPT3DQ3LU1L08q0Mq1Na9PWtDXtTDvT3rQ3SSbJdDAdTEfT0XQynUxn09l0MV1MV9PVdDfdTQ/Tw/Q0PU2ySTZ9TB/T1/Q1/U1/M9AMNIPMIDPYDDYpJsUMNUPNMDPMDDfDzQjzhhl57kLVvGVGmzFmrBlnUk2qmWAmmIlmoplkJpkpZopJM2lmupluZpgZZpaZZWab2WaOmWPmmXkm3aSbDJNhMk2mWWgWmiyTZRabxWapWWqWm+VmpVlpVpvVZi2sNevNerPRbDSbzWaz1Ww128w2s91sNzvMDrPL7DK7zW6zx+wxe81es8/sM9km2+w3+80Bc8AcNAfNIXPIHDaHzVFz1Bwzx8xxc9ycNCfNaVPgwuelN7E2t42zV9g89kqb115l/zYuaAvZBFvYFrHa5rcFfhUba20JW9KWsqWts2Vsor3hN3FFW8neaivb22wVe7ut+pu4tr3b1rH32Lr2XlvL3vWruJ69z9a3D9sGiAC2mW1kW9jG9mHbxD5im9pmtrltYdvZJ2x7+6RNsk/ZDvbp38QZdoFdaVfZ1XaN3WF32pP2lD1gv7Wn7U+2p+1lB9qX7CD7sh1sX7Epdshv4pH2TTvKvmVH2zF2rB33m3iKnWrT7DQ73b5rZ9iZv4nT7Qd2ts20c+xcO8/O/yXOsGgz7Yd2of3IZtkAFtsldqldZpfbFf9/rEvsOrvebrDb7ad2s91it9qP7baLF8J2p91lP7O77ed2v/3G7rVf2n32oM22X/8Snzu+g/Y7e8h+bw/bI/ao/cEesz+qi9nnjv0H+7M9a70FQgKSpCigGMpFsZSb4ugKykNXUl66iiJ0NcXTNZSPrqX8VIAKUiFKoMJUhDQZskQUUlEqRlG6ji4OrxSVJkdlKJFuoLJ0I5Wjm6g83UwV6BaqSJVyX9iMbqeqdAdVozupOtWgmlSL7qLadDfVoXuoLt1L9eg+qk/3UwN6gBrSg9SIHqLG9DA1oUeoKTWj5tSCWtKj1Ioeo9bUhtrS49SOnqD29CQl0VPUgZ6mjvQX6kTPUGd6lrrQc9SVulF3ep560AvUk3pRMvWmPvQi9aV+1J8G0EB6iQbRyzSYXqEUGkJD6VUaRq/RcHqdRtAbNJLepFH0Fo2mMTSWxlEqjacJ9DZNpHdoEk2mKTSV0mgaTad3aQbNpFn0Hs2m92kOzaV5NJ/S6QPKoAWUSR/SQvqIsmgRLaYltJSW0XJaQStpFa2mNbSW1tF62kAbaRNtpi20lT6mbfQJbadPaQftpF30Ge2mz2kPfUF76UvaR19RNn1N++kbOkDf0kH6zvei7+kwHaGj9AMdox/pOJ2gk3SKTtNPdIZ+prPkCUIMRShDFQZhTJgrjA1zh3HhFWGe8Mowb3hVGAmvDuPDa8J84bVh/rBAWDAsFCaEhcMioQ5NaEMKw7BoWCyMhteFxcPrwxJhybBUWDp0YZkwMbwhLBveGJYLbwrLhzeHFcJbwophpfDheyuHt4VVwtvDquEdYbXwzrB6WCOsGdYK7wprh3eHdcJ7wrrhvWG58L6wfnh/2CB8IGwYPhg2Ch8KG4cPh03CR8KmYbOwedgibBk+GrYKHwtbh23CtuHjYbvwibB9+GSYFD4Vdgif/mX9fQv+/vrksHfYJ3wxfDH0/h45Lzo/mh79IJoRXRDNjH4YXRj9KJoVXRRdHF0SXRpdFl0eXRFdGV0VXR1dE10bXRddH90Q9b5WLnDohJNOucDFuFwu1uV2ce4Kl8dd6fK6q1zEXe3i3TUun7vW5XcFXEFXyCW4wq6I084468iFrqgr5qLuOlfcXe9KuJKulCvtnCvjEl0L19K1dK3cY661a+Pausfd4+4J94R70j3pnnId3NOuo/uL6+SecZ3ds+5Z95zr6rq57u5518ONz3v+ZEt2fVwf19f1df1dfzfQDXSD3CA32A12KS7FDXVD3TA3zA13w90IN8KNdCPd3QpgtBvtxrqxLtWluglugpvoJrpJbpKb4qa4NJfmprvpboab4arMPL+XOW6Om+fmuXSX7jLcuWvGTLfQLXRZLsstdovdUrfULXfL3Uq30q12q91at9atd+vdRrfRbXab3Va31W1z29x2t93t8Fed79TtdnvcHrfX7XX73Fcu233t9rtv3AH3rTvovnOH3PfusDvijrof3DH3ozvuTriT7pQ77X5yZ9zP7qzzLjUyPjIh8nZkYuSdyKTI5MiUyNRIWmRaZHrk3ciMyMzIrMh7kdmR9yNzInMj8yLzI+mRDyIZkQWRzMiHkYWRjyJZkUWRxZElkaWRZRHvC28OfVFfzEf9db64v96X8CV9KV/aO1/GJ/obfFl/oy/nb/Ll/c2+gr/FV/SV/K3+Ed/UN/PNfQvf0j/qW/nHfGvfxrf1j/t2/gnf3j/pk/xTvoN/2nf0f/Gd/DO+s3/Wd/HP+a6+m+/un/c9/Au+p+/lk31v38e/6Pv6fr6/H+AH+pf8IP+yH+xf8Sl+iB/qX/XD/Gt+uH/dj/Bv+JExb/pRF2+RYZxP9eP9BP+2n+jf8ZP8ZD/FT/Vpfpqf7t/1M/xMP8u/52f79/0cP9fP8/N9uv/AZ/gFPtN/6Bf6j3yWX3RxUtkv9yv8Sr/Kr/Zr/Fq/zq/3G/xGv8lv9lv8Vv+x3+Y/8dv9p36H3+l3+c/8bv+53+O/8Hv9l36f/8pn+6/9fv+NP+C/9Qf9d/6Q/94f9kf8Uf+DP+Z/9Mf9CX/Sn/Kn/U/+jP/Zn+W/WWOMMcYY+0PGX2qKX685P53f+3dyxF9t3AcArtxSKPuv15+7olyb/3y7n0hoFwGAp3p1efDiUr16cnLyhW2zJATF5gJc/CbonBi4FC+CtvAEJEEbKPu74+8nup2mf9B/9GaAuL/KiYVL8aX+vwDA5N/p/9HHR2ZUCE/G/w/9zwUoUexSTm64FC+Ctr/Mr7SBcn9n/AVa/YPx5/4yFaD1X+XkgUvxpfEnwmPwNCT9akvGGGOMMcYYY+y8fuLWThfvPy/+xufv3Z8nqEs5ueBS/I/uzxljjDHGGGOMMXb5PdOt+5OPJiW16fTPN6r+r7L+cKMJ/Lt65sbvNrwHuPiIAoB/sUOAcw35nzyKTf+RfaVcOHX+dtXSUz6A/xul/DMal/mNiTHGGGOMMfanu3TR/+vH1eUaEGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxlgP9J/6d2OU+RsYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY4wxxhhjjDHGGGOMMcYYY+xy+38BAAD//3lG9tE=")
creat(&(0x7f00000003c0)='./bus\x00', 0x110)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x1084, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x7)
write(r1, &(0x7f00000001c0)='u', 0x1)
sendfile(r1, r0, 0x0, 0x7ffff000)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000740)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b708000008"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x3c, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r2, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xe, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r2], 0x0, 0x0, 0x0, 0x0, 0x0, 0x59, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mmap(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x3000007, 0x10, r2, 0x23d91000)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000280)={r3, 0x2000300, 0xe, 0x0, &(0x7f0000000000)="63eced8e46dc3f0adf3389f7b986", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

1m32.452902104s ago: executing program 0 (id=1886):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0xd, 0x3, &(0x7f0000000280)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9}, 0x94)
r0 = fsopen(&(0x7f00000003c0)='cgroup2\x00', 0x0)
fsmount(r0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x7)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x12, 0x4, &(0x7f0000000700)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x9}, [@generic={0x73, 0x1, 0x1, 0x1e}]}, &(0x7f0000000400)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, @cgroup_sock_addr=0x8, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000480)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xfc409000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_int(r4, 0x6, 0x6, &(0x7f0000000080)=0x2, 0x4)
r5 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000100)='/proc/timer_list\x00', 0x0, 0x0)
r6 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000180)='/proc/sys/net/ipv4/tcp_sack\x00', 0x1, 0x0)
sendfile(r6, r5, 0x0, 0x100000500)
sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x0)
r7 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_CONGESTION(r7, 0x6, 0xd, &(0x7f0000000100)='dctcp', 0x5)
sendto$inet6(r7, 0x0, 0x0, 0x24000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x9}, 0x1c)
r8 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_SET_FLAGS(0xffffffffffffffff, &(0x7f0000000a80)={0x0, 0x0, &(0x7f0000000a40)={&(0x7f00000008c0)={0x2c, r8, 0x1, 0x70bd2b, 0x25dfdbfd, {}, [@MPTCP_PM_ATTR_ADDR={0x18, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR6={0x14, 0x4, @dev={0xfe, 0x80, '\x00', 0x22}}]}]}, 0x2c}, 0x1, 0x0, 0x0, 0xc8d1}, 0x800)

1m31.533863054s ago: executing program 0 (id=1889):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xe0000000}, 0x1a92189d0dd42cd6)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c810}, 0x804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

1m30.771497848s ago: executing program 40 (id=1889):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1, 0x0, 0x0, 0xe0000000}, 0x1a92189d0dd42cd6)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c810}, 0x804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

10.843859133s ago: executing program 5 (id=2085):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280), 0x0)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c810}, 0x804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

10.410500157s ago: executing program 5 (id=2088):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C'], 0x20}}, 0x20004000)
r4 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffff5d)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

10.02190021s ago: executing program 7 (id=2089):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581d7"], 0x0)
syz_usb_control_io$hid(r1, 0x0, 0x0)
syz_usb_control_io$hid(r1, &(0x7f0000000080)={0x24, 0x0, 0x0, &(0x7f0000000040)={0x0, 0x22, 0xf, {[@main=@item_4={0x3, 0x0, 0x8, '\t\x00'}, @local=@item_4={0x3, 0x2, 0x0, "112000"}, @main=@item_4={0x3, 0x0, 0xb, "7488dffc"}]}}, 0x0}, 0x0)
r2 = syz_open_dev$hiddev(&(0x7f0000000180), 0x0, 0x20000)
ioctl$HIDIOCGFIELDINFO(r2, 0xc038480a, &(0x7f0000000640)={0x2, 0x3, 0x1, 0x9, 0x1, 0x1, 0x40000, 0x80000000, 0x1930, 0x20080003, 0x21f, 0x1, 0x9})
r3 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x1d)
r4 = openat$zero(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r4, &(0x7f0000fe5000/0x18000)=nil, &(0x7f0000000600)=[@text16={0x10, &(0x7f0000000100)="640f0f5d65b6baf80c66b868e4f88b66efbafc0ced0f14e5660f38800d0fc77e00660f38816800f02089ef00650f531e3b000f08baa100ec", 0x38}], 0x1, 0x14, &(0x7f0000000680)=[@cstype3={0x5, 0xf}], 0x1)
r5 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000bde5a44070275290f515010203010902120001000000000904"], 0x0)
prlimit64(0x0, 0x2, &(0x7f0000000000)={0x1000000000000009, 0xffffffffffffffff}, 0x0)
prctl$PR_SET_MM(0x23, 0x8, &(0x7f0000005000/0x2000)=nil)
syz_usb_control_io$sierra_net(r5, 0x0, 0x0)
syz_usb_control_io$uac1(r5, &(0x7f0000000300)={0x14, &(0x7f00000001c0)={0x0, 0x8, 0xde, {0xde, 0x30, "6f4a84dadb6dd75b267b7503e0d61bc7a22ff1d49d3515312ff1f5072c791964730d8eb24ab052661b37d2cbe6b4eefeac94d1dc124020d3aadf7aaf7b78cf893741be3506162cf784a8a1111c498d136414f277cfe131afd010681bd37a8cc7191ff3f07411782ca2f785e56827f399aeb8ffdb27f9b5a68daeb6f2d75a5bc2ee02afba7d836447181dd4056d2ac670fa6e23114de8827aeca018439e50b9ad7636af6cfa3696c7392bcbaaf9e3753f49ec442a28c63ca052e3172ea604bd885a1e5af8bb7afe1e4a12f08699032c3fc4327c493eb0b34e9c168239"}}, &(0x7f00000002c0)={0x0, 0x3, 0x2a, @string={0x2a, 0x3, "5b8c6d73862026f69ed41f9a89a7b93be169dfa89efccefc8ec93470f5d148a28ffe7436070218e4"}}}, &(0x7f0000000580)={0x44, &(0x7f0000000340)={0x20, 0x17, 0x6e, "dc2c75af3885f81bb8b5a7b8c4ce2c03529d971f9c6850f5350de5f31244d88ab40e17ad532da17dfb1137a2e6630c6079e6fedfae7ae48f239eb4e11365be0a0411a373e9f8e52851ed0c65b5cabac9a3502425b81850d2ecc9d3d52eba704a29d7870dd3a84e7b8c9ddb9c7fb8"}, &(0x7f00000003c0)={0x0, 0xa, 0x1, 0x7f}, &(0x7f0000000400)={0x0, 0x8, 0x1, 0xff}, &(0x7f0000000440)={0x20, 0x81, 0x2, "31ec"}, &(0x7f0000000480)={0x20, 0x82, 0x3, "0b96ab"}, &(0x7f00000004c0)={0x20, 0x83, 0x3, "c296c5"}, &(0x7f0000000500)={0x20, 0x84, 0x1, "f5"}, &(0x7f0000000540)={0x20, 0x85, 0x3, "f4bdcd"}})
setsockopt$SO_ATTACH_FILTER(r0, 0x1, 0x1a, &(0x7f0000000040)={0x2, &(0x7f0000000140)=[{0x30, 0xff, 0x0, 0xfffff018}, {0x6, 0x0, 0x9, 0xfffffffd}]}, 0x10)

9.276488844s ago: executing program 5 (id=2090):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r1, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r0, {0x2, 0x0, @broadcast}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x11, &(0x7f0000000100)={&(0x7f0000000080)={0x40, r2, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x2}, @L2TP_ATTR_PEER_COOKIE={0xc, 0x10, 0x4}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000034)

8.871319437s ago: executing program 5 (id=2091):
r0 = socket$rxrpc(0x21, 0x2, 0xa)
bind$rxrpc(r0, &(0x7f0000000140)=@in4={0x21, 0x3, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
bind$rxrpc(r0, &(0x7f0000000100)=@in4={0x21, 0x400, 0x2, 0x10, {0x2, 0x0, @local}}, 0x24)
listen(r0, 0x8)
getrandom(&(0x7f0000000240)=""/286, 0xffffff9a, 0x0)
r1 = syz_open_dev$admmidi(&(0x7f0000000100), 0x2, 0x101842)
syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00')
ioctl$SNDRV_RAWMIDI_IOCTL_PARAMS(r1, 0xc0305710, &(0x7f0000000880)={0x0, 0x9, 0x3, 0x0, 0xf8})
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
getrandom(&(0x7f0000000000)=""/95, 0x5f, 0x0)
semtimedop(0x0, &(0x7f0000000080), 0x50, &(0x7f00000014c0)={0x0, 0x3938700})
syz_usb_connect(0x5, 0x59, &(0x7f0000000140)=ANY=[@ANYBLOB="12010000ec13b2106c04e814280b0102030109024700010000000009046900000e010000182402010202", @ANYBLOB="3bd40d41b9e11f45d364142ce477878cf444"], 0x0)

8.021803634s ago: executing program 8 (id=2097):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r1 = openat$incfs(0xffffffffffffff9c, 0x0, 0x181ac1, 0x0)
fchown(r1, 0xee01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x20, 0x1, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0x69}}]}, 0x20}, 0x1, 0x0, 0x0, 0x20048001}, 0x5800)
openat$dsp(0xffffffffffffff9c, 0x0, 0x8041, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0xfa, 0x66822)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
get_robust_list(r4, 0x0, 0x0)
r5 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$unix(r5, &(0x7f000000ea00)=[{{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000300)="a5aaa6bc", 0x4}], 0x1, 0x0, 0x0, 0x40000}}], 0x1, 0x40000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
accept4$alg(r0, 0x0, 0x0, 0x180000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e44097d0c"], 0x47)

6.993173727s ago: executing program 3 (id=2100):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C'], 0x20}}, 0x20004000)
r4 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffff5d)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

6.835457812s ago: executing program 8 (id=2103):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C\x00'], 0x20}}, 0x20004000)
r4 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

6.521619122s ago: executing program 7 (id=2104):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000380), 0x149842, 0x0)
write$dsp(r0, &(0x7f0000000140)="eb67b1610cb6343a946f68e16aca1399721551b851446070df532849ee0fb477f3ed9968bf7e8d138795705647ea6bb4d84c080aab5456a0ab966ef3a923d6fcb8faa25c71d5c492c85fb49aa04e95ba952b9a6e3dcfdba032d1c7d27ad930b7644bf2c4a8b637070e95457035ff1e4241e7827326c802ed4069b8950b58ae736e40aa5859a2573d170a5b8a7ae297abe6aed6727075155e9bf03504a7d77c8d958f5542244bb0490326baa40537d89fdfc0c4747194b3d595", 0xb9) (async)
mmap$dsp(&(0x7f0000ffd000/0x2000)=nil, 0x2000, 0x100000b, 0x8012, r0, 0x0)
openat$fuse(0xffffffffffffff9c, &(0x7f0000002280), 0x2, 0x0)
syz_mount_image$fuse(&(0x7f00000003c0), &(0x7f0000002080)='./file0\x00', 0x0, &(0x7f00000031c0)=ANY=[], 0x1, 0x0, 0x0) (async)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, &(0x7f0000000240)={0x1, &(0x7f0000000280)=[{0x6, 0x5, 0x7, 0x7ffc0001}]}) (async)
ioprio_get$pid(0x1, 0x0)
r1 = syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000005600)='./file0\x00', 0x0, &(0x7f0000000040)={[{@discard_async}]}, 0x5, 0x559a, &(0x7f000000ac40)="$eJzs3X2QVWUdB/Bzd1lYZGI3BMGBFShfQEIhpVRS7kBBuDJtkjU2GQtioaAwzBI1ii04WLgam1kz5QxCiwjDUmszGmXlygyQk9PWjIPIgjLThjG9SMXEFjU2e+99Lveey+5eyVxfPh9m99zn/s7znOeeOX/c72WfcyMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACIoujgjtr/rB1ZV75+06hFt199cPSq0RNWVDWdHHWg+rzdl/absWjovuntdw6b0bH6SPX65tsu6IyiRKpfItN/3vSPX/+FufPmlIcBaz+Z3lZWdnfIdNfD6Ub/vCe7+uX/zI+iqCw2QGlmu7s0p52IHyBaXjhgj8pmbVsycEGyduvmp+ouX7J1XOFLp0t5X0+gr2Suq45T11Iy9bsktke2nXPpJfIu0XT/+AX3prwIAOB1mVST2mTfjmbe4mbb9fF6rJ2MtRtj7fAOoTG3cSbS4/bvbp5j4vU+mmcyHRUGdDvPWD1z/rPtmnj/WDsWNV7HPPN3zUSa8u7muSxW76t5AgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALyVvFa3Ys34z714sOyX549bvfLk4WvLL3zoq/8uWXrzS68dqlnzl7ah+6a33zlsRsfqI9Xrm2+7oDOKKlP9EunuiWknXr1kYvWcUeuf+N7ETc+OP16aGTds++XsHO0PD66siKIFOZWOMOzRwVFUk19INaPvFhZuTT2YHQoAAAC8k5yb+l2SbafjYFleO5FKk4nUvyAdFstmbVsycEGyduvmp+ouX7J13JmPV9PNeMnTjpdtV576SeQE4xB/4+OdqoddlxeM07P4iPE8P+X5l1+oGHHtT5+pOu+mlde/NPKax9tmfnP48UX7K+8YtGrc2CsK8n9lz/k/nDn5HwAAgP+F/B8fp2e95f/PzK+75Y5HvnJszD2HVw66+8H9G4eVH7nplsn7/jj8hosvvqz2xoL8PybvkAX5P8w45P+S6MzyPwAAALyV/b/zf7JgnJ71lv/bhzff/MB7Di2sbOt4evtlK/b0X3j1RUMOPHTR3In3XjdozPkNBfl/UnH5v1/utMOTz4UJL66IoknFn1QAAAAgT/h/91MfLYS8nv7kIJ7XW+dtGd3y6swvTxj78KH6P1Vtnvj5jUMe37lh5jd2PXf3/RPbzi7I/8ni8n/Zm/NyAQAAgCI0HTpnxNBPJ38e3X/01vnf/+yuR+9b+sWrLtnbOWvC2l9UP72jviD/1xSX/wf0zcsBAAAATuPE+GsW/mPnkd9e1/yJ+5qO/v5Lq0p/NaNp9/62hqZ/bh81e/XkgvxfW1z+Pyuzzax8SHfaE/4K4VsVUVTe9WBZurA3apyWLQAAAABvkJDT75ryfMm9A6edu2Xub06Me+KFPZ/aN3vxhnPWTGp69n2tiz9y4WMF+X9Zz/f/D3c6COv/8+7/V7D+P6eQvuvfVDcGAAAA4N2ocD1/uD1++psLuvv+/WLX///w6xv+mqiqf/ID8342q/P9zT/Z2zr1wZNVf5hz/OGW5MgnL32xIP/XF5f/S3O3b+T3/wEAAMAZeLt9/9+NBeP0rLf7/7c980j1o1d+6GtXza2buuN3H77iz68Mn9qwPXpl+UfbFx342K5fF+T/xuLyf9gOyn15reH83FMRRSO6HmTuJrgtTHdxrNBSllNIn/hYj7mhR6bQMiCnkLIs1uODFVE0tutBfazw3lBojBWODc4UNsYKbaGQuR6yhR/ECq3hSvvO4Mx044Ufh0JmgUVLWEExKLskItbj79316Cqctkd79uAAAADvKiE8Z7JsWX4zikfZlkRvO5zV2w4lve1Q2tsO/WI7xHfs7vmoNr8Qnv/Rt294ecBdD2yom7Jl04KqhrPX/euxyZNuX7Z2Z93SziF/W7euIP9vLC7/h1PRP73pbv1/FNb/Z77XMLv+vzYUKmOFllCoid8xoCYcIx12G8IxKmsyPY6NyBYAAADgHS18LlDax/MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/7J373FW1nXiwL8zzIUZhplRMS+RISaKwTCMKYaZID/TnwQOq6WFJgSDjgxCXEzQTUTd1VzB2+ZtE0jdtIwoNbVUeGnekspLsKl5SfHSK41lS5Js133NnPM9nPOcOc5BQBn3/f5jzvecz/f6nMuc7/M85/sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD/N2z85GVfeHmfj/xg3cKBi1eP+krfI4cMn3DMNTceu/jhb0/e777f//8+aw575sydR60955XRi245de+3QmjuKFeSKl5y6F/XNQwePabvotuvGbz0kYF/qUjXm46HXu1/StN3zoutru0dwh0lIZQlA4NrUoHy9P2aWF/fmhB2CJsCmRIt1akSyYbDA1UhLAmbApmq7qoKoSYrcOwT9624uD1xRVUIe4cQKpNtPFuZaqMqGRhQkQpUJwPTy1KBv76TkgncWZoKwBaLb4bMi355c26G+s7LFXj9lW+1jn2wksPrERP1hfO9MXIbdypLRfKB5i162vKqY5vIe3us9G7rBu+2vO18iact+4tU+hvKO5tClaF0csuUiXPaZsdHSkNDQ49CNW2j5/np9WdN2px0t3kdxg7Ub5XX4aoLe49d/OhRw2+tG35Dn0ELN25pNwtt3m2tMqRfc93meYxG+DzpBm+/vG9J/XzpCiHsf9v42798wcs3L7h87K4HPbHTsDc+u/vdLT+75YTxxx++fsVXf//jvPl//bvP/+PLOd6W5uSOrb5dm5qbx0dqYmJdbWpuDgAAAN1Gd9hr+srq/5722X3HDX185OrqW2+659SL7/v8tT9r3a/t4bE77fj8vvN+lDf/71fc8f94yL8me7QrQxjRkTi3LoRdOx5PBW6O3flqXQh7dqSacwMjE4GVIezWkRiYqSpRomcs0S8ReLU2HRiRCDwYA82JwI0xcEkicF4MLE8EJsXAykTgsBgIrbnj2K82PY6iA1UxMCG1EZfHsxD+XBtbS2yrZzJVAQAAbCXp2WF57t2scx22NEOcXi6v6ipDPAO7YIbKRA3JGWxmWlWwhrKuaijtqobMuOe/+/Dzai7pqua80zBKcjNcWXXLpT8aNumNu2e8tOG0Iz7x2quP1S/96afXXfPGU9Mr79/j8ofz5v+N7z7/r+ykIyV5x/9DGNfxN+YuTUfaMvEJzTkZAAAAgC3w1sADvvydsq/NfeH3jwz75K+vfez1lQ9/dO8zb1v7/Bk/+NZ3au4fnTf/H1Hc+f9xn0iPrMxhVdwNMbUuhMbcQKrag/MDqaPevdIBAAAA6A4yx+Mzx8Jb07epU7ST8+n8/M2bmT8e+B/Raf7131p2/Y6feGT2Q7W3zXhqw+NfWTl64bEz3xh05dmP7HvoQU+N/Gze/L+5uPP/q3NvU514MPbi8roQemYFHoq9bA906BcDLxyaG0iP/8G4AS6KVaVPTMhUdVEsMSEGGhOBJYVKPJYpsWtuIP1kZRo/NzOO1nSJrAAAAAC87+LugHhcPp7/v2LBXZf9x41/umzVgUtnnzz98de+V1H5zknL7zyxzwX39li008hJefP/CZt3/n/HPDjv9P62XiEMKQuhR/KHAauqUwsDxkBNSTpxT3Wqrh7JqhZUh3Bw+8CSVb2YXv+/LLnG4JNVqapiYNf+N60f0J64oSqEIdmBNeOXHtCemJMIZBr/YlUIH28fbbLxn/RMNV6ebPyqniHskRXIVDWpZwjtjVUkq7q/Mn0dg2RVyytD2CkrkKlqWGUIcwMA3VX8Xzo5+8FZc+dNndjW1jJzGybiTvyqMKW1raVh0vS2yZUF+jQ50eecdYzOyR9TsZe++V16jaLVx0ytKyad+aFgY3Zb6R35eWcOpu/HL0PlHeNsKs+5u39yyPvuld9EyPoqVWjIpdt4yNXZlWx6EvPqj/krQq/Qc86slpkNZ0ycPXvm0NTfYrM3pf7G40ypbTU0ua2qO+tbES+PgstlJbzXbTUgu5Ihs6fNGDJr7rzBrdMmntxycstpwz7VNKxp6P5NjUPaB5X+28VIB3RWc2Kk7ywtclhbcaS7l2VV8n58aEhISHS3xE2Xj39m0UcXV3538UmXPHH++WefcvrOt1057ft9p48fdOXnlkz9et78f8a7z//jp0784E+vz1Do+H99PMyfenzTYf4JMbCk2OP/9YWO5mdODOiXCMyPgfkO8wMAAPDhEHdHxr2Zcad07SvfOP1/Tjii9NA/HP2LpqGDdrnw1qkDbnx94+kf23vekmvLKvKv/ze/uN//b6X1/zNL1x9VaJn/gbFEY6H1/5PL/GfW/59faP3/5DL/mfX/l3wA6//PyQQSm+TP1v8HAAA+DN6/9f+7XN4/eYGAvAxdLu+fvEBAXoYul/Ev9gIBm73+/89/XrbDx47YrW/ZF56YuNedB/7mpGkP7vKjUVev+3RT/TfPWPPzZXnz/0uKm/9buB8AAAC2Hyfs+6UBC14a8vVzpj/ww8Ezdn7purOfH3HPL4/75MYxfddVr+v76bz5/5Li5v/v//p/odD5//0KBZoLLQxo/T8AAAC6qULr//3t42d987p+O24Y1O/M29+6emrJ8L2fO/XXbRc9NOrwj435xyWTrs2b/y8vbv4fT7sozckde/N2bWpNu5Bc025dbeYnAwAAANA9lIaGhvIi8+YsjDryvbf5dHop0HdLZ9vtE6vWnHvvdX8fcvP5C9Ydf3rtQUf+oeyQOydf99KCU/boX/Pc2rz5/8ri5v85v8tYdWHvsYsfPWr427fWDb+hz6CFGzcd/wcAAAC2nWL3SwAAAAAAAAAAAAAAAB+8Y1b95Kz/+uWY4+4cNu/qR3d+/OT//PqsM1on/aLtiHUHPLv0hk/tk/f7/zCuo1yh3//H6/7F3xf0yckdW+16/b/0/WNHL5vbsWThqtoQ9soOTF0wdYeQvjb/PtmBFScO3KU9sSBZ4u7nDnu5PXFSMnDk4B03tCc+kwhMiIsk7pYMxKsqbuidCMTlFZ9MBuL2WJ4MVKQDF/ZOjaMkua3+UJPaViXJbfV0TQh1WYHMtrqjJtVGSXKAVyQCmQF+LRmIAxybDpQme7WsV6pXMVATiy7uleoVAADbrfgtsDxMaW1raYxf4ePt7mW5t1HOkmXn5FdbUmTzv0svTbb6mKl1xaR7JL+LbrrWeHmobB/C0Lyvq9lZSjpGuXVq6WLT9Skw5K5WeystUC5pczddReERVaVG1DBpetvk8i4Hvn/XWZrKuswyNG+yk52ltGOTFlFLEX0pYkRFbpsiuhzvl4aGhh6JXMNjsD7k6OoVUezv9bPX+Sv0KsjOs3zUQQOOW/bcgRMWPXnQtKnhI5e9M2Li5FmHXPHiU0vnjxw0oUfe/L++uPl/Zfa4NqQvBjA/Xlnv4LoQJhQ5IgAAAPjwO+W05y674P5LX32hecDL04dcuuK3c6+aV1Z783mHP3336W+OX3jSlsYHDHtj6Kl3/ebcjU2jHrqy99X3X7PTkXU//H/Vvea+tWLQmy/cvVfe/L9fcfP/uAcrfSg4tbdjZbz+/7l1IXRcWr8+Fbg5DverdSHs2ZFqjiVSF9Q/KpZoTAVujjtMBsYSE5pzq+oZA8sTgVdr04GVicCDMZDeS3FTSO/KubQ2hAM6UuNyS8yIJeoTgaNjoF8i0BADjYlA7xgYkQi83jsdaE4EHo2B0Jq7rW7tnd5WAAAAmyM9zyrPvRuS87zlZV1lKOkqQ3VXGUq7ylDZVYZCo4j3fxwzlCdOXinJylSerLUqUUtehngx/M3uV16G8FhuzmTBvKbj+QeZ8w1KcjNccWbF9Dc/33/R8UPGrB/ftPhzc38a/uHtOW9d8OYvz6977pqNJXnz/8bi5v/Vubep1h+M8/9N1/9LBR6K3bs8njreLwZeODQ3kN4x8GCc7F6Uqao5XSI9ab8olhgRA/0SgRkxMCIRmDAuHViyS24gPdPONH5upvHWdImsAAAAALzv4g6CuJsmzv+fXTv+iWnjf3vQZX1nLzx/+VFffvrXx736i3t73v3d/osebitZuzpv/j+iuPl/bK9XdmPnxd6s7R3CHSWbepMJDK5JBeJ+jJr48/i+NSHskLWDI1OipTpVoiLRcHigKvUL9YpkVXdVpdYYiPePfeK+FRe3J66oCmHvrL0vmTaerUy1UZUMDKhIBaqTgellqUDc85MJ3FmaCsAWy+wVjC+o9KkuGfWdlyvw+vuwXBM0Oby8faCd5OvsN1fbSmXygfQ+1YzNe9ryqmObyHt7rPRu647vtnrvtuwvUulvKO9sClWG0sktUybOaZsdH8n+JWuebfQ8Z/9KtZj0Vngdzn/vve1aZbIDjYmPj8bOy3X+OiyJ1a26sPfYxY8eNfzWuuE39Bm0cGPR3Sgg/lB45rCr6rM377ZWGdKvuW73edLs86Q7/hvo52kLIYy7d+xFjYfcuHDSiP7X73xH7fDLvzT4lkMbnx1XM2eXw8e89sV5efP/5uLm/2WJ2w4b48acVRfCvlkbd1Xc/KPqUp+DWYHUp+RO+YHUIfeXagt+cgIAAMDWltndkdlf0Jq+TZ0Qnpwn5+dv3sz8cX/FiE7zF9vv/lecsnL0hAN/23f8XoccvM9Zdy04er+/Tbz+tT9Wj5z0wPd+tfr6vPn/hHef//dMdNPxf8f/2UYc/+/U9r4rumfygflbtCs6rzq2Ccf/O7W9v9sc/++U4/+O/3fG8f8uOP7fqe39acv7ljTDl64Qwr9f/vm/vX3Pbv02LC393pQH5vU//rLvL1r2k52f+efH/mn69H33/FXe/H9GcfN/6/91vmhfZv2/CYXW/5tRaP2/+db/AwAAtqkCC80l53l5q/flZUiu3peXocsFArtcYtD6f5u9/t+L/3Lpgr2mjv3GiWc9dnDvR+tHrRkz6O8nvbrnmuuevHLoIyf8/dt58//5xc3/48uhV3br3WX9v37jClR1SQzMsDAgAAAA26NCOwgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4YJ31xynnjVjw+J+ap39l/fLx32nd8fGHprzefMQPRy87es0pu5xyb581hz1z5s6j1p7zyuhFt5y691shtHaUK0kVLzn0r+saBo8e03fR7dcMXvrIwL9UpustT99+NCd3bPXt2hCWZD1SExPratvvbAocO3rZ3LL2xKraEPbKDkxdMHWH9sSNtSHskx1YceLAXdoTC5Il7n7usJfbEyclA0cO3nFDe+Iz6UBJsrv/1jvV3ZJkdy/uHUJdViDT3VN751aVaeOIdKA02cZ3a1JtxEBNLHpVTaqNGGiLJVp7hjCkLIQeyaoeqUxV1SNZ1U8rU1X1SFZ1dmUIB4cQypJVPV+RqqosOfLHKlJVxcCu/W9aP6A9sbQihCHZgTXjlx7QnpiZCGQaP6YihI+3v2SSjd9anmq8PNn4v5aHsEcIoSJZ4s2yVImKZIkXy0LYKSuwaSOWhTA38OEQP30mZz84a+68qRPb2lpmbsNERbqtqjClta2lYdL0tsmViT4VUpKVfuec9z72360/a1L77epjptYVky5Llyvv6HJTec7d/bf33sd+VWdXsun5yKs/5q8IvULPObNaZjacMXH27JlDU3+Lzd6U+tsjHU1tq6HdZVsNyK5kyOxpM4bMmjtvcOu0iSe3nNxy2rBPNQ1rGrp/U+OQ9kGl/26NkS59/0e6e1lWJe/H+19CQqK7JUpzPt0at/fP8bwv+ps6Wh4qOz6g86YV2VlKOka5NQY98j2O+L18TelyREPzJg55WZq6zrJ/3mRiU5aqVJaOr3V5k8Psmko7Nmm8XxoaGnoU2g71uXezN+8bW7B5n05vumLTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwv+zAgQAAAAAAkP9rI1RVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVhBw4EAAAAAID8XxuhqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqCjtwLAAAAAAgzN86jJ4NAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAD//+GI8JI=") (async)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000500), r2)
r4 = socket$l2tp6(0xa, 0x2, 0x73)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, &(0x7f00000001c0)={'wlan1\x00'}) (async)
sendmsg$NL80211_CMD_TRIGGER_SCAN(r2, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000340)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002bbd7000ffdbdf252100000008000300", @ANYRES16=r1, @ANYBLOB="14001308eb2d80040000000a0000000202020205000000000000000000010000000000"], 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x40000)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000300)='./file1\x00', 0xc4042, 0x1ff) (async)
r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000540), 0x8000, 0x0)
sendfile(r5, r6, 0x0, 0xfffe82) (async)
r7 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="05000000040000000c0000000b"], 0x50) (async)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="180000000000000000000000000000001801000020646c2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007d00000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000000400000018110000", @ANYRES32=r7], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000380)={r8, r7}, 0xc) (async)
ioctl$BTRFS_IOC_ENCODED_READ(r5, 0x80809440, &(0x7f00000006c0)={&(0x7f0000000140)=[{&(0x7f0000000000)='\v', 0x1}], 0x1, 0x8, 0x0, 0x8000001003, 0x820000950, 0x66e2, 0x1, 0x5})
r9 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x4, &(0x7f00000001c0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x0, r5}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r9, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) (async)
ioctl$DRM_IOCTL_MODE_GETPLANE(r5, 0xc02064b6, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)})
r10 = socket(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r10, 0x8933, &(0x7f0000000000)={'veth0_to_team\x00', <r11=>0x0})
sendmsg$nl_route_sched(r10, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000cc0)={&(0x7f0000000580)=@newqdisc={0x40, 0x24, 0xd0f, 0x3, 0x7, {0x60, 0x0, 0x0, r11, {0x0, 0xf}, {0xffff, 0xffff}, {0x4}}, [@qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0xa296}}, @TCA_RATE={0x6, 0x5, {0x6, 0x42}}]}, 0x40}, 0x1, 0x0, 0x0, 0x401c4}, 0x20000000) (async)
ioctl$DRM_IOCTL_MODE_GETCRTC(r5, 0xc06864a1, &(0x7f0000000240)={&(0x7f0000000400)}) (async)
close(r0) (async)
bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'hash\x00', 0x0, 0x0, 'sha384-generic\x00'}, 0x58)

5.876556003s ago: executing program 3 (id=2105):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@jqfmt_vfsv0}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3020, 0x1)
r0 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r0, 0x0)
add_key$fscrypt_v1(&(0x7f0000000140), 0x0, &(0x7f0000000400)={0x0, "5e95b1c50f77c0e6208328ed9c94dd3509f9658a1030a3d242cd781a50259128028a080c7118079e9cf2e42d03ee0185156b74fefbd7e8795080327d31565cd6", 0x29}, 0x48, 0x0)
truncate(&(0x7f00000001c0)='./file1\x00', 0x42dc)

5.66548712s ago: executing program 5 (id=2106):
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000040)='./file1\x00', 0x200840, &(0x7f0000000600)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6469725f726573765f6c6576656c3d30303030303030303030303030303030303030332c726573765f6c6576656c3d30303030303030303030303030303030303030362c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c636f686572656e63793d66756c6c2c6e6f61636c2c004c98065b85e5b137d63b2211c62c402045083da9bddc3b0d88d44ecd24ba5288d428197284f332858b83349af2c7646f1e07e91120d7f23ce20389bbc031d81d654f1ca08f61c92d90e6ea478843c1ad942c7c257f9ff5348dd038e947775991ad90f8861dada21d5fa2de7042b5e2cbbcd1ada2b568e37581c70cf1d5adf566142ed45924fe72a1eb1a914faf754b9d94bf0fdc1f98c708bd89940b5ef96e328240c39559b35bc83c15c15104f3b3fe1945f0278c34e2399dadcd9776ac659afcbb239569140ab408ad87f15b353941"], 0x5, 0x4445, &(0x7f0000011180)="$eJzs3c9PXFsdAPDvveB7gO9V+t5bPBMTJ/ElGjUEulJpYktpKbRYU21j3EwHmLbowDQwGBdd4K6JKxMXjYtGE3esGhZu65/gxmVdN9GFGxOTRszMXOjcy4xMGwZs3+ez4DDnN3zvPZy7uJw007i/ulla3SxV1kv15bub50q/qNe21qqRDt5wROTHj+2THJ/XMIjr5BSvvc+9G5eu/Oj2uYg/r/z1xd7e3l40DUdXUx3f/+ufD5c7031poU2z3+69HZefRsQnh+bVNBQRP/lTRBIRF7O8mSwdjYgz0S67/fDXd0rHNJunz6vnyy8XH+1Of7aw82S398+eRPyu9uVv31v7+9eGpv/2zWMaHgAAAAAAAAAAAAAAAACAt9zczRu3fjg5Fc+SGN5JDr+vO5elvd6P3Ts2Xx38DwsAAAAAAAAAAAAAAAAAAAD/p169/19KPury/v9sll7o0X7v+4OfI4Mz/4Mbs5cnp7Lz35ND5d/Jsv5xcSjOdjn3vXj++8VC++7nvx8e503tz29/3PFI0pGO8vFI04mJiD9kB79/moyltfpm41t361vrK8c2jbdWPv7t0/tz0ckO9O83/jOF/gd//v/Hh66m5uc7x3eJvdPy8R/qWe+Pv0r6iv+lfLPHA5p2h48HP8Q7LB//4VbeaGeF99tJM/6/GT46/rOF/gd1/5+JiFLSnGsptwI09zDN/F77FfLy8f9CKy+3dGa/yF73/78L8b9c6P+01v/t4h8iusrH/71W3kiuRnsD0Ip/evT9f6XQ/2nEvzn/bX//+5KPf7bYD+eqtH6T/a7/c4X+u8S/9ybjNdxKs3meSXJXwE7Szu/1/+rIy8d/5FD5q+e/tK/939VC+5N6/tsft/n8N9HxHPKNpP38R3f5+I/2rNfv/T9faDfo9f9Ca//Hm8rHf6yVl987j7e+9hv/hUL/g4p/a1cysh//V+vJf95v5//e/q8v+fh/sZ2ZdtbYbn1t7f+So/f/1wr9n8b+rzn/7XSwo74r8vH/oGe9Zvz/ksV97H/c/9cL7QYf/4hJe/03lo//hz3rte7/kaPX/8VCu0HH/+uD7BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgLTCTpeORpBO5z2k6MRFxKfv8aYwlS5WV8lKtvvzzzYjZLL8UHyX3avWlSq28ul5fqZYrtVp9OeJyVv5JjCSbtXqjvFZ5cOWgr9HkfrWy0ViqVhoRMZflfyU+3O9rabWxVnkQEVcPyr6U1jce3K+sl1dWN743OTk5GfMHczibVH/ZqK432qO3SyMWDtqOJx2TaxVfO5jLB8nP6lsb65VaK/96R5tafblS62izmJX9Ns4mjY2t9eVKo1qu1e/tj3eaLmTp7PzNH9+8PnWo/E7STmdOdloAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvKZn0999HBHD7U9pRJSS5jfv9aj/9Hn1fPnl4qPd6c8Wdp7svoiI5CTnCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAf9mBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCLt2jRBAEYQCtbgUNPYbRMJOZjiiigSOCJ9BjeBg9ipfwDgYGpgbLwm4PLPMDy8Amy3tJQX9UV0MXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHBs7p67l6e6iUhxvjqL+Hr7/tnNH0r9uJ7uP1kw83RBD4dx/9jd3NZN+fc0yq/K0W+bN+n/3/trTNTe52BPhvu0NZ4zNLdvc+/r515EylVEtCW/TDlX1X53AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAa3bgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8raPo2wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FcAAAD//0yJHBw=")
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
r0 = socket$packet(0x11, 0x3, 0x300)
syz_open_dev$tty1(0xc, 0x4, 0x4)
socket$netlink(0x10, 0x3, 0x0)
socket$packet(0x11, 0x2, 0x300)
r1 = socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100)={<r2=>0xffffffffffffffff})
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route_sched(r1, &(0x7f0000006280)={0x0, 0x0, &(0x7f0000000500)={&(0x7f0000000280)=@newtaction={0x68, 0x30, 0x1, 0x4000000, 0x0, {0x0, 0x0, 0x6a00}, [{0x54, 0x1, [@m_mirred={0x50, 0x1, 0x0, 0x0, {{0xb}, {0x24, 0x2, 0x0, 0x1, [@TCA_MIRRED_PARMS={0x20, 0x2, {{0x0, 0x0, 0x10000000, 0x0, 0x4}, 0x3, r3}}]}, {0x4, 0xa}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0x68}}, 0x0)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f00000001c0)={0x84, 0x1000}, 0x4)
r4 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r4, 0x107, 0xf, &(0x7f0000000100)=0x6, 0x4)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x3, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020732500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007300000095"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r5, 0x0, 0xe40, 0xe80, &(0x7f00000002c0)="f3fffeffffffa000", &(0x7f0000000180), 0x5, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f00000000c0)={'geneve0\x00', <r6=>0x0})
sendto$packet(r4, &(0x7f0000000180)="0b032200e0ff25a60208475400f6a13bb1080000080008004803", 0x1a, 0x0, &(0x7f0000000140)={0x11, 0x0, r6}, 0x14)
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f00000000c0)='./file1\x00', 0x0, &(0x7f0000000100), 0x2, 0x4fd, &(0x7f0000000b00)="$eJzs3ctvW1kZAPDv3jycyWQmGZgFoAHKMFBQVTtxZ6LRbBhWI4RGQsySRSckThTFiaPYGZrQRbpkj0QlVrDiHwCJBVJX7JFYwI5NWSDxqEANEgsjX19nnIcbq03sNv79pCufe47t75xa9xzrc3NPACPrWkQcRMRkRHwcEbN5fZIf8X77aD3v8aO7y4eP7i4n0Wx+9M8ka2/VRddrWl7O33MqIr7/QcQPkxNB/xhR39vfWKpWKzt5VamxuV2q7+3fXN9cWqusVbbK5cWFxfl3b71TvqCR/vqo9LvffvHhHw6++eNWt2byuu5xXKT20CeO4rSMR8R3LyPYEIzl45l8mhc/1Yu4SGlEfCYi3syu/9kYyz7N445/TN+K/NIGAF5QzeZsNGe7zwGAqy7NcmBJWsxzATORpsViO4f3ekyn1Vq9cWO1tru10s6VzcVEurpercznucK5mEhW18crC1m5c16tlE+c34qI1yLip4WXsvPicq26MswvPgAwwl4+sf7/p9Be/wGAK67r1/zCMPsBAAyO/80HAKPH+g8Ao8f6DwCjx/oPAKPH+g8Ao8f6DwAj5Xsfftg6mof5/a9XPtnb3ah9cnOlUt8obu4uF5drO9vFtVptLbtnz+Z571et1bYX3o7dO6VGpd4o1ff2b2/Wdrcat7P7et+uTAxkVADAk7z25Qd/TiLi4L2XsiO67vd/7lr9xmX3DrhM6bA7AAzN2LA7AAzN6d2+gFEhHw90bdF7r6t66lThpPt9vX2a7xsKPEeuf/4Z8v/AC03+H0bX0+X/fZeHq0D+H0ZXs5nY8x8ARowcP5Cc0979+/98s+ukv9//AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4EqayY4kLeZ7gc9EmhaLEa9ExFxMJKvr1cp8RLwaEX8qTBRa5wsRYd8gAHiRpX9L8v2/rs++NXOydbLw30L2GBE/+vlHP7uz1GjsLERMJv86qm/cz+vLw+g/AHCezjrdWcc7Hj+6u9w5Btmfv3+7vbloK+5hfrRbxmM8e5zKcg3T/07y87bW95WxC4h/cC8iPnfW+JMsNzKX73x6Mn4r9isDjZ8ei59mbe3H1r/FZy+gLzBqHrTmn/fPuv7SuJY9nn39T2Uz1LPrzH+Hp+a/9Gj+G+sx/13rN8bbv//OqcrmbLvtXsQXxiMOO2/eNf904ic94r/VZ/y/vPGlN3u1NX8RcT3OGn9yLFapsbldqu/t31zfXFqrrFW2yuXFhcX5d2+9Uy5lOepSJ1N92j/eu/Fqr/it8U/3iD91zvi/1uf4f/m/j3/wlSfE/8ZXz/78X39C/Naa+PU+4y9N/2aqV1sr/kqP8Z/3+d/oM/7Dv+6v9PlUAGAA6nv7G0vVamXnsgvp5YfICknEwQCG0y4UfvWTDwYV6xIL8Xx0Q+F5Kgx7ZgIu26cX/bB7AgAAAAAAAAAAAAAA9DKIPyca9hgBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//2KH0wQ=")
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffff3)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x400, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000400)={[{@redirect_dir_off}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
r7 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x8, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r7, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r7, &(0x7f0000002980)={0x2020, 0x0, <r8=>0x0}, 0x2020)
write$FUSE_INIT(r7, &(0x7f0000000040)={0x50, 0x0, r8, {0x7, 0x1f, 0x4001ffe, 0xa68d7c519f800ff1, 0xffbc, 0x6, 0x1d45, 0x0, 0x0, 0x0, 0x40}}, 0x50)
syz_fuse_handle_req(r7, &(0x7f0000008380)="00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000200000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000060000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000006340)={0x20, 0x0, 0x68cc, {0x0, 0x14}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r9 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
r10 = socket$inet_mptcp(0x2, 0x1, 0x106)
getsockopt$inet_mptcp_buf(r10, 0x11c, 0x3, 0x0, &(0x7f0000000140))
writev(r9, &(0x7f0000000b40)=[{&(0x7f0000000540)="2064b2", 0x3}], 0x1)

5.157770166s ago: executing program 3 (id=2108):
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000080)={0x73622a85, 0x100})
mmap$binder(&(0x7f00000a0000)=nil, 0x2000, 0x1, 0x11, r0, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_GET_ADDR(r1, &(0x7f0000000340)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x42001}, 0xc, &(0x7f0000000300)={&(0x7f00000002c0)={0x24, r2, 0x12e, 0x70bd27, 0x25dfdbfe, {}, [@MPTCP_PM_ATTR_LOC_ID={0x5, 0x5, 0x40}, @MPTCP_PM_ATTR_TOKEN={0x8, 0x4, 0x4}]}, 0x24}, 0x1, 0x0, 0x0, 0x8010}, 0x800)
r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
mmap$binder(&(0x7f00000c0000)=nil, 0x2000, 0x1, 0x11, r3, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
r5 = socket(0x1e, 0x4, 0x0)
setsockopt$packet_tx_ring(r5, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
r6 = socket(0x1e, 0x4, 0x0)
ioctl$sock_inet_SIOCSIFDSTADDR(0xffffffffffffffff, 0x8918, 0x0)
setsockopt$packet_tx_ring(r6, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x2, 0x81, 0x1fd, 0x1, 0x1}, 0x1c)
recvmsg$unix(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000280)=""/246, 0xf6}], 0x1}, 0x20)
sendmmsg(r6, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)
setsockopt$sock_int(r6, 0x1, 0x21, &(0x7f0000000540)=0x5, 0x4)
recvmsg$unix(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000180)=""/254, 0xfe}], 0x1}, 0x20)
sendmmsg(r5, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
close(0x4)
close(r4)
r7 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r8 = ioctl$USERFAULTFD_IOC_NEW(0xffffffffffffffff, 0xaa00)
ioctl$UFFDIO_WRITEPROTECT(r8, 0xc018aa06, &(0x7f0000000380)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}, 0x2})
sendmsg$NFT_BATCH(r7, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x40008d0}, 0x40)
sendmsg$NFT_BATCH(r7, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x40, 0xc, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x14, 0x3, 0x0, 0x1, [{0x10, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d65b"}]}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x68}, 0x1, 0x0, 0x0, 0x24000840}, 0x40)
sendmsg$NFT_BATCH(r4, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1400000010007c0000000000000000000500000a480000000e"], 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000100)={0x4c, 0x0, &(0x7f0000000140)=[@transaction_sg={0x40486311, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x58, 0x18, &(0x7f00000001c0)={@flat, @fd={0x66642a85, 0x0, r0}, @ptr={0x70742a85, 0x0, &(0x7f0000000240)=""/10, 0xa}}, &(0x7f0000000280)={0x0, 0x18, 0x30}}, 0x10}], 0x0, 0x0, &(0x7f00000002c0)})

5.047846769s ago: executing program 7 (id=2109):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0xe0000000}, 0x1a92189d0dd42cd6)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

4.886884664s ago: executing program 2 (id=2110):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56", 0x2)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c810}, 0x804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

4.69564378s ago: executing program 7 (id=2111):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x4, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x6c}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@ipv6_delrule={0x30, 0x21, 0x1, 0x70bd29, 0x25dfdbff, {0xa, 0x0, 0x80, 0x71, 0xf0, 0x0, 0x0, 0x1, 0x16b4fc48c5a7a6cc}, [@FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x44}}]}, 0x30}}, 0xc080)
close(r0)
socket$tipc(0x1e, 0x5, 0x0)
r2 = syz_open_dev$audion(&(0x7f0000000080), 0x8e8, 0x2400)
close(r2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f0000000200)=0x188, 0x4)
sendto$inet(r3, &(0x7f0000000000)="f461c5bbd75c3583", 0xffc7, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x7)
mount$9p_fd(0x0, &(0x7f0000001a00)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',directio,debug=0x0000000000000007,access=', @ANYRESDEC=0x0, @ANYBLOB="2c70726976706f72742c6361ffff653d6e6f6e652c6f626a5f757365723d2f6465762f947bb62829846f1ae6617564696f23002c000a9b6c99f1d60191f8a38d52249e5438ca64be6f77cc1a2ce29228593ac3392e7a2d10326d9a463b3c87a27dd3127e1956a5ac9b241dfb9dd52b578493227ac2bb25957eec4f932938995339a2fe69af5de28455d7349d270307c2fc583eca6ec9f3f50e75cb92ffbdc1910eda301b69bdf97c7dc19e23a0602f9ebf72f99b97597c9ec77400"/198])

4.520956216s ago: executing program 2 (id=2112):
r0 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r0, &(0x7f0000001040)={0x27, 0x0, 0xfffffffe, 0x4, 0x0, 0x1, "d92984bd1ca44c226af5160e961711a077609475b78411e88509de050000000000f2170e65e3f50327e422000000000000000000000200000000001900", 0x3f}, 0x60)
r1 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r1, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x10000000000001}, 0x60)
r2 = syz_init_net_socket$nfc_llcp(0x27, 0x2, 0x1)
bind$nfc_llcp(r2, &(0x7f0000000080)={0x27, 0x0, 0x0, 0x7, 0x0, 0x6, "750538d1ee602ec4802a04ea7cdcd151bb2cd9893bc31f80718336d9bd3517076db9ad1f6a120d8be6d7f81cd81ec275000386e7d95f0669b740a5418d69d0", 0x1000000000003f}, 0x60)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nbd(&(0x7f00000026c0), r3)
sendmsg$NBD_CMD_CONNECT(r3, &(0x7f0000002800)={0x0, 0x0, &(0x7f00000027c0)={&(0x7f00000002c0)=ANY=[@ANYRES16=r4, @ANYRES32=r1, @ANYRES32=r0, @ANYBLOB='\f'], 0x3c}, 0x1, 0x0, 0x0, 0x24040001}, 0x800)
r5 = syz_genetlink_get_family_id$nfc(&(0x7f0000000140), 0xffffffffffffffff)
sendmsg$NFC_CMD_ACTIVATE_TARGET(r3, &(0x7f0000000200)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000240)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="000429bd7000fbdbdf251c1c000008000400ffffffff080003000300000008000400000000000159be4cbd28adbeb737dafc887666d4dcf783a04c4dbf0274170f60ec80aaeafc67de82"], 0x2c}}, 0x4001)
syz_mount_image$hfs(&(0x7f0000000040), &(0x7f0000000100)='./file1\x00', 0x1210080, &(0x7f0000000340)={[{@iocharset={'iocharset', 0x3d, 'iso8859-9'}}, {}, {}, {}, {@dir_umask={'dir_umask', 0x3d, 0x5}}, {@dir_umask}, {@dir_umask}, {@dir_umask={'dir_umask', 0x3d, 0x200}}, {}, {@codepage={'codepage', 0x3d, 'iso8859-1'}}]}, 0x7, 0x318, &(0x7f00000004c0)="$eJzs3U1rE08cB/Dv7CZp8m/pf20rBY/VgqfS1oPixSLFi2/AgxRrm0LpWkEraEGMnkW8CYJHb55F34JexDegpx7Ek16CB1dmZmcf0tnNQ9tsQr4faJrszsNvdnayMynpgohG1tXVb28vHMgfUQbgArgMOACqQAnAacxWH+zube/59c28glyVQ/4I6JziUJqN3botq8yncoQ8+aqEieQ2OhlBEATf26b61ZdYqDhCj/1DHGAsHJ1qf7XvkZ2Mhm7XaEn0sGiiiYeYLDIcIiIqXnj9d8KrxEQ4f3ccYD6chw/79T81v2kWF8dAiK7/jn4dCHl8/le74vWeWsLJ3nfMKtFWlvWcCOLDXYE+s1IdINqtKlUsTm1r268vNFQBz3AllEg2ox43YRqiZEVb0b/mLGvTHHltzzeu2lCWbVjOiH+66xo//sAre3VrnzuISXwSX8Sa8PAam9H8rxQIeXDU8fFaekrHv5hdomqlp1OlWhmv30+pSs6YHvjwLm5lLeu4VuHKWGxkKaJ1/u6ZOF9WsnNhCumPFXTrlrJbp3JNW3MtR6//WHPNtOaqbZX9+sLGXT/3o5RjY13RiRfihpjDT7zHamL+78jU88gemalRLlTK8MzIbU9JpczoxxQ1gO90NTJJuWbt6HzPcRuXMHn/0f7Ouu/X7xX/xAyVAYlHn4jh6Si3yN+JNKjKJ2UAx1bp3yAIrLtK6EeTy6qpF9/ETd7fWRcN/fJoVaARFWh2rWQnBrACINxi3hF6qf1JlGssLrCj7L9lb6st9hPSRNWHE9JUldrlYqyjkVLrodLrj3fW/Z7eiWjIxJ2O2ZtFB0NFkPMuodd/ifXKonrXkQ9ezmokaFd4osSljBXQlHr8r7MVXFRs5jxx3Dxps+Y6ex4411KjA1Pj09ZivTBODOJfJbv/U4ZYxVfc4uf/RERERERERERERERERERERERERETDpttvI/TydYJ0jQcj+I83iIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiOJnH/X8BVd4ypFH7/X7eD+/+a+1IQUc/+BQAA//8KX2Ch")
r6 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x20000, 0x108)
getdents64(r6, &(0x7f0000000f80)=""/4096, 0x1000)
mmap(&(0x7f0000ffc000/0x1000)=nil, 0x1000, 0x1, 0x810, 0xffffffffffffffff, 0xda7f5000)

4.029845502s ago: executing program 2 (id=2113):
socket$nl_route(0x10, 0x3, 0x0)
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000540)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-avx\x00'}, 0x58)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mount(0x0, 0x0, &(0x7f0000000000)='tmpfs\x00', 0x8, &(0x7f0000000300)='usrquota')
chdir(&(0x7f0000000280)='./file1\x00')
r1 = openat$incfs(0xffffffffffffff9c, 0x0, 0x181ac1, 0x0)
fchown(r1, 0xee01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r2 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r2, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFQNL_MSG_CONFIG(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000020303000000000000000000000000000800010001"], 0x1c}}, 0x0)
sendmsg$NFQNL_MSG_VERDICT(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)={0x20, 0x1, 0x3, 0x101, 0x0, 0x0, {}, [@NFQA_VERDICT_HDR={0xc, 0x2, {0x0, 0x69}}]}, 0x20}, 0x1, 0x0, 0x0, 0x20048001}, 0x5800)
openat$dsp(0xffffffffffffff9c, 0x0, 0x8041, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0xfa, 0x66822)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r4 = syz_clone(0x4000000, 0x0, 0x0, 0x0, 0x0, 0x0)
get_robust_list(r4, 0x0, 0x0)
r5 = accept4(r0, 0x0, 0x0, 0x80800)
sendmmsg$unix(r5, &(0x7f000000ea00)=[{{0x0, 0x0, &(0x7f0000001700)=[{&(0x7f0000000300)="a5aaa6bc", 0x4}], 0x1, 0x0, 0x0, 0x40000}}], 0x1, 0x40000)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
accept4$alg(r0, 0x0, 0x0, 0x180000)
syz_emit_vhci(&(0x7f0000000040)=ANY=[@ANYBLOB="040e44097d0c"], 0x47)

4.029258192s ago: executing program 3 (id=2114):
mkdir(&(0x7f0000000280)='./file0\x00', 0x0)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xa, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0)
pipe2$9p(&(0x7f00000000c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@afid={'afid', 0x3d, 0x100000001}}]}})
syz_usb_connect$uac2(0x0, 0x8c, &(0x7f0000001dc0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1235, 0x8210, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7a, 0x3, 0x1, 0xc, 0x20, 0x81, {0x8, 0xb, 0x0, 0x1, 0x1, 0x5, 0x20, 0xb5}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x1, 0x7, 0x1a, 0x9}, [@mixer_unit={0x5, 0x24, 0x4, 0x2}, @output_terminal={0xc, 0x24, 0x3, 0x3, 0x307, 0xfb, 0x3, 0x2, 0x7, 0x81}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x4, 0x4, 0xb, {0x8, 0x25, 0x1, 0x0, 0x31, 0xa6, 0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x4, 0x4, 0x8, {0x8, 0x25, 0x1, 0x80, 0xf, 0x5a, 0x7fff}}}}}}}}]}}, &(0x7f0000002480)={0x0, 0x0, 0x0, 0x0})
mkdir(&(0x7f0000000280)='./file0\x00', 0x0) (async)
socketpair$tipc(0x1e, 0x1, 0x0, &(0x7f00000001c0)) (async)
recvmsg(r0, &(0x7f0000000500)={&(0x7f0000000040)=@hci, 0x80, &(0x7f0000000100)=[{&(0x7f0000000400)=""/248, 0xd68210}], 0x1, 0x0, 0x1f00000000000000, 0x200000}, 0x1f00) (async)
sendmsg$tipc(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000140)="a2", 0xfffffdef}], 0x1}, 0x0) (async)
mmap(&(0x7f0000000000/0x95c000)=nil, 0x95c000, 0xa, 0x8c4b815a5465c2b2, 0xffffffffffffffff, 0x0) (async)
pipe2$9p(&(0x7f00000000c0), 0x0) (async)
mount$9p_fd(0x0, &(0x7f0000000300)='./file0\x00', &(0x7f0000000280), 0x0, &(0x7f0000000540)={'trans=fd,', {'rfdno', 0x3d, r2}, 0x2c, {'wfdno', 0x3d, r3}, 0x2c, {[{@afid={'afid', 0x3d, 0x100000001}}]}}) (async)
syz_usb_connect$uac2(0x0, 0x8c, &(0x7f0000001dc0)={{0x12, 0x1, 0x300, 0x0, 0x0, 0x0, 0x40, 0x1235, 0x8210, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x7a, 0x3, 0x1, 0xc, 0x20, 0x81, {0x8, 0xb, 0x0, 0x1, 0x1, 0x5, 0x20, 0xb5}, {{{0x9, 0x4, 0x0, 0x0, 0x0, 0x1, 0x1, 0x20, 0x0, {{0x9, 0x24, 0x1, 0x1, 0x7, 0x1a, 0x9}, [@mixer_unit={0x5, 0x24, 0x4, 0x2}, @output_terminal={0xc, 0x24, 0x3, 0x3, 0x307, 0xfb, 0x3, 0x2, 0x7, 0x81}]}}, {}, {0x9, 0x4, 0x1, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x1, 0x9, 0x3ff, 0x4, 0x4, 0xb, {0x8, 0x25, 0x1, 0x0, 0x31, 0xa6, 0x7}}}}, {}, {0x9, 0x4, 0x2, 0x1, 0x1, 0x1, 0x2, 0x20, 0x0, {}, {{0x9, 0x5, 0x82, 0x9, 0x200, 0x4, 0x4, 0x8, {0x8, 0x25, 0x1, 0x80, 0xf, 0x5a, 0x7fff}}}}}}}}]}}, &(0x7f0000002480)={0x0, 0x0, 0x0, 0x0}) (async)

3.038540723s ago: executing program 8 (id=2115):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C\x00'], 0x20}}, 0x20004000)
r4 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(0x0)
listxattr(&(0x7f0000000040)='./file0\x00', 0x0, 0xffffff5d)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)

2.966331516s ago: executing program 7 (id=2116):
msgget$private(0x0, 0x3ac)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x1000000000021, &(0x7f0000000000)=0x1ff, 0x4)
socket$inet_udp(0x2, 0x2, 0x0)
syz_open_procfs(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = getpgrp(0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, r0, 0x2, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000032680)=""/102400, 0x19000)
r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x3)
connect$packet(r4, &(0x7f0000000200)={0x1f, 0xf8, 0x0, 0x1, 0x82, 0x6, @random="a55378321800"}, 0x14)
shutdown(r4, 0x1)
syz_emit_ethernet(0x0, 0x0, 0x0)

2.746067503s ago: executing program 3 (id=2117):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
bind$netlink(0xffffffffffffffff, &(0x7f0000514ff4)={0x10, 0x0, 0x25dfdbfb, 0x40000000}, 0xb8)
mlock(&(0x7f000040a000/0x4000)=nil, 0x4000)
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3)
sched_setaffinity(0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000240), 0x0, 0x0)
read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8)
socket$inet6(0xa, 0x80002, 0x0)
socket$inet6(0x10, 0x3, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8)
bind$inet(0xffffffffffffffff, &(0x7f0000000340)={0x2, 0x0, @loopback}, 0x10)
getsockopt(0xffffffffffffffff, 0x200000000114, 0x8, &(0x7f0000000580)=""/102393, &(0x7f0000000000)=0x18ff9)

778.000956ms ago: executing program 8 (id=2118):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$tipc(0x1e, 0x5, 0x0)
bind$tipc(r1, &(0x7f0000000180)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x1, 0x5}}, 0x10)
r2 = socket$tipc(0x1e, 0x5, 0x0)
r3 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r3, 0x10f, 0x87, &(0x7f00000001c0)={0x8000042, 0x3}, 0x10)
setsockopt$TIPC_GROUP_JOIN(r2, 0x10f, 0x87, &(0x7f0000000200)={0x1000042, 0x1, 0x1}, 0x10)
r4 = socket$tipc(0x1e, 0x2, 0x0)
setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x8a, &(0x7f0000000080)={0x42, 0x80000009, 0x2}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

753.501967ms ago: executing program 7 (id=2119):
syz_read_part_table(0x1060, &(0x7f0000001080)="$eJzsz7FtwlAQBuBfsV5sp3GTOvIOUfrMkCj7JCNkDRoYgpINYA4qpIcwmBGA4vuqu/90J124vy75/3xJSbLKx9iU0qbmbx4/J/laJ6ntOXjf1dp0qUkuSd6erk2f5dhkmOrv1205rR/q5LdPhmz2892fxa1fBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBHdAwAAP//v64WdQ==")
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
setsockopt$sock_int(r0, 0x1, 0x1e, &(0x7f0000000080)=0x8, 0x4)
getsockopt$inet_sctp_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f0000000f80)={0x0, @in6={{0xa, 0x4e21, 0x972e, @private0, 0x796880cc}}}, &(0x7f0000001040)=0x90)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
r2 = openat$pfkey(0xffffffffffffff9c, &(0x7f0000000000), 0x80800, 0x0)
ioctl$BLKGETNRZONES(r2, 0x80041285, &(0x7f0000000040)=0x2)
ioctl$KVM_RUN(r1, 0xae80, 0x0)

610.514451ms ago: executing program 2 (id=2120):
r0 = openat$audio(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
readv(r0, &(0x7f00000001c0)=[{&(0x7f0000001c00)=""/4088, 0xff8}], 0x11)

389.902208ms ago: executing program 8 (id=2121):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={&(0x7f0000000000)={0x2, 0x4e20, @empty}, 0x10, &(0x7f00000000c0)=[{&(0x7f0000000380)}], 0x1, 0x0, 0x0, 0xe0000000}, 0x1a92189d0dd42cd6)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5", 0x4)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

337.65286ms ago: executing program 2 (id=2122):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000500)=ANY=[@ANYBLOB="180000000000000000000000000000009500000000000000ed0759cb47cd90df41fa7a40c72a22dcc53a83731c39b01fceb7"], &(0x7f0000000000)='syzkaller\x00'}, 0x94)
sendmsg$TIPC_NL_MON_GET(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
r0 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r0, &(0x7f00000002c0)={0xa, 0x4e22, 0x0, @local, 0xb}, 0x1c)
listen(r0, 0x2)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f0000000940)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56", 0x2)
accept$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @link_local}, &(0x7f0000000540)=0x14)
sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f00000007c0)={&(0x7f0000000340)={0x10, 0x0, 0x0, 0x80000000}, 0xc, 0x0}, 0x4000)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmsg$NL80211_CMD_DEL_INTERFACE(0xffffffffffffffff, &(0x7f0000000900)={&(0x7f0000000580)={0x10, 0x0, 0x0, 0x40000000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x2004c810}, 0x804)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
syz_emit_ethernet(0x4e, &(0x7f0000000600)={@local, @broadcast, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "eb8b00", 0x18, 0x6, 0xff, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x6, 0xc2, 0x0, 0x0, 0x0, {[@fastopen={0x1e, 0x2}]}}}}}}}}, 0x0)

254.419632ms ago: executing program 5 (id=2123):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@jqfmt_vfsv0}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x4042, 0x0)
syz_open_procfs$namespace(0x0, &(0x7f0000000580)='ns/time\x00')
syz_open_procfs$namespace(0x0, &(0x7f0000001f40)='ns/time_for_children\x00')
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e21, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
listen(r0, 0x0)
quotactl$Q_QUOTAON(0xffffffff80000201, &(0x7f0000000180)=@loop={'/dev/loop', 0x0}, 0x0, 0x0)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
r3 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f0000000180)='memory.current\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xa, 0x28011, r3, 0x0)
add_key$fscrypt_v1(&(0x7f0000000140), 0x0, &(0x7f0000000400)={0x0, "5e95b1c50f77c0e6208328ed9c94dd3509f9658a1030a3d242cd781a50259128028a080c7118079e9cf2e42d03ee0185156b74fefbd7e8795080327d31565cd6", 0x29}, 0x48, 0x0)
truncate(&(0x7f00000001c0)='./file1\x00', 0x42dc)

60.012719ms ago: executing program 8 (id=2124):
r0 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x7e3040, 0x0)
write$fb(r0, &(0x7f0000000040)="af0d6609b37c7bb1dbee2a51beec22bb63c71ca28e376dc7728109176dfe4ee2dab564ab44da2070d6b8e3cea4f1ce1e1801bec0b724dac59950396c9f5133e4fc0e1fc5e58048d9c5552ceb44", 0x4d)
ioctl$DRM_IOCTL_SYNCOBJ_HANDLE_TO_FD_FD(0xffffffffffffffff, 0xc01864c1, &(0x7f00000000c0)={0x0, 0x0, <r1=>0xffffffffffffffff})
r2 = geteuid()
quotactl_fd$Q_GETQUOTA(r1, 0xffffffff80000702, r2, &(0x7f0000000100))
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f00000001c0)=@filter={'filter\x00', 0xe, 0x4, 0x398, 0xffffffff, 0x0, 0x1c8, 0x1c8, 0xffffffff, 0xffffffff, 0x2c8, 0x2c8, 0x2c8, 0xffffffff, 0x4, &(0x7f0000000180), {[{{@uncond, 0x0, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x5}}}, {{@ipv6={@empty, @mcast1, [0xffffff00, 0xff, 0xffffff00, 0xff], [0x0, 0xffffffff, 0xff000000, 0xffffffff], 'veth0\x00', 'bond_slave_0\x00', {0xff}, {0xff}, 0x0, 0x80, 0x1}, 0x0, 0xd0, 0xf8, 0x0, {}, [@common=@eui64={{0x28}}]}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x8}}}, {{@uncond, 0x0, 0xd8, 0x100, 0x0, {}, [@common=@frag={{0x30}, {[0x7ff], 0xfffffffb, 0x1, 0x1}}]}, @common=@unspec=@NFQUEUE0={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3f8)
r4 = syz_open_dev$ttys(0xc, 0x2, 0x0)
ioctl$GIO_FONT(r4, 0x4b60, &(0x7f00000005c0)=""/197)
r5 = openat$autofs(0xffffffffffffff9c, &(0x7f00000006c0), 0x589040, 0x0)
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(0xffffffffffffffff, 0xc018937b, &(0x7f0000000700)={{0x1, 0x1, 0x18, <r6=>r1, {r2, <r7=>0xee00}}, './file0\x00'})
ioctl$AUTOFS_DEV_IOCTL_REQUESTER(r5, 0xc018937b, &(0x7f0000000740)={{0x1, 0x1, 0x18, <r8=>r4, {r2, r7}}, './file0\x00'})
ioctl$VIDIOC_SUBDEV_QUERY_DV_TIMINGS(r8, 0x80845663, &(0x7f0000000780))
ioctl$PIO_UNIMAP(r6, 0x4b67, &(0x7f0000000880)={0x3, &(0x7f0000000840)=[{0x0, 0x8}, {0x7ff, 0x1}, {0x8, 0x5}]})
getsockopt$IP_VS_SO_GET_DAEMON(0xffffffffffffffff, 0x0, 0x487, &(0x7f00000008c0), &(0x7f0000000900)=0x30)
r9 = syz_genetlink_get_family_id$batadv(&(0x7f0000000980), r6)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r6, 0x8933, &(0x7f00000009c0)={'batadv_slave_0\x00', <r10=>0x0})
sendmsg$BATADV_CMD_GET_BLA_BACKBONE(r8, &(0x7f0000000a80)={&(0x7f0000000940)={0x10, 0x0, 0x0, 0x20}, 0xc, &(0x7f0000000a40)={&(0x7f0000000a00)={0x34, r9, 0x400, 0x70bd29, 0x25dfdbff, {}, [@BATADV_ATTR_AGGREGATED_OGMS_ENABLED={0x5}, @BATADV_ATTR_HARD_IFINDEX={0x8, 0x6, r10}, @BATADV_ATTR_GW_BANDWIDTH_DOWN={0x8, 0x31, 0xa3d}, @BATADV_ATTR_ORIG_INTERVAL={0x8, 0x39, 0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c010}, 0x80)
getsockopt$inet6_IPV6_IPSEC_POLICY(r6, 0x29, 0x22, &(0x7f0000000ac0)={{{@in6, @in=@dev}}, {{@in6=@private2}, 0x0, @in=@loopback}}, &(0x7f0000000bc0)=0xe8)
ioctl$TCFLSH(r4, 0x540b, 0x1)
socket$inet6(0xa, 0x80000, 0xa)
r11 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000c00)='/sys/kernel/rcu_expedited', 0x81, 0xe667848b49ac6927)
syz_open_dev$video4linux(&(0x7f0000000c40), 0x6b75, 0x155b00)
open(&(0x7f0000000c80)='./file0\x00', 0x200900, 0xf7)
mount(&(0x7f0000000cc0)=@filename='./file0/file0\x00', &(0x7f0000000d00)='./file0\x00', &(0x7f0000000d40)='anon_inodefs\x00', 0x8, &(0x7f0000000d80)='/dev/fb0\x00')
r12 = openat$vimc0(0xffffffffffffff9c, &(0x7f0000000dc0), 0x2, 0x0)
ioctl$VIDIOC_ENCODER_CMD(r12, 0xc028564d, &(0x7f0000000e00)={0x1, 0x1, [0x6, 0xa, 0x7, 0x93a, 0x8001, 0x32d, 0x60000, 0x80000001]})
ioctl$TIOCL_UNBLANKSCREEN(r11, 0x541c, &(0x7f0000000e40))
creat(&(0x7f0000000e80)='./file0\x00', 0x80)
sendmsg$IPCTNL_MSG_CT_GET(0xffffffffffffffff, &(0x7f0000000fc0)={&(0x7f0000000f00)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000f80)={&(0x7f0000000f40)={0x2c, 0x1, 0x1, 0x3, 0x0, 0x0, {0x5, 0x0, 0xa}, [@CTA_TUPLE_REPLY={0x10, 0x2, 0x0, 0x1, [@CTA_TUPLE_PROTO={0xc, 0x2, 0x0, 0x1, {0x5, 0x1, 0x6}}]}, @CTA_MARK={0x8, 0x8, 0x1, 0x0, 0x6}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000005}, 0x8000)

41.360939ms ago: executing program 3 (id=2125):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r3, 0x29, 0x20, &(0x7f0000000000)={@loopback={0xff00000000000000, 0x777fe6a4b23f}, 0x0, 0x0, 0x2, 0x9, 0xffa4, 0xc00, 0x5}, 0x20)
socket(0x10, 0x803, 0x0)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB=' \x00\x00\x00C\x00'], 0x20}}, 0x20004000)
r4 = socket(0x10, 0x3, 0x0)
syz_mount_image$squashfs(&(0x7f0000000000), &(0x7f00000001c0)='./file0\x00', 0x10802, &(0x7f0000000040)=ANY=[], 0x1, 0x17f, &(0x7f0000000340)="$eJzskr1OOkEUxc/sLh//f5RoYkUDBfGjUJZFjZ2W2NvZSGBF4qLCkiiEYo0xFBbG0ifgNUx8AS2MD0BNQazNmtm5OxnwEZxfsWfumTt35l4489t+CsD3dFDDASJMZPDOGCwAOSa8iSH0ifSD9FEI3ijvkPw70qzf6ycpJ49lYZxXPc/t5AF8RZ60/P1bA5Oo1Od0UOOLEwBhGIbcqwM8HQtKjgmgreRkLWAlaiKUObwRHqwBKHZbV0W/199stqoNt+FeOGZ519627R2neNr0XFt8mXIFtQKuGwBSaUj4fgLAPcX/MQtTnkb77B+O5dlkPMMMwzyGcjZWhhf5rhTi3ws4wir4s64DpriFqIqFqKUKGEwKSpbyPnFXOtrYql169SEYWHxsBEvWKI2RkIGjBuW9AIui1JBKFkgrpCPSMWlu7i9jBfz7QNG6CSRxU+12OyU+JLFi8cqRnrMUqAPjtz4bs829Gr9mq9FoNBqNRqPRaDR/jZ8AAAD//zdCdYQ=")
chdir(&(0x7f0000000080)='./file0\x00')
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, 0x0)
syz_open_pts(0xffffffffffffffff, 0x303040)
syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_JOIN_OCB(0xffffffffffffffff, 0x0, 0x20008014)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
socket$nl_netfilter(0x10, 0x3, 0xc)

0s ago: executing program 2 (id=2126):
r0 = creat(&(0x7f0000000040)='./file0\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x1f, 0x4, &(0x7f00000007c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x80}, [@call={0x85, 0x0, 0x0, 0x6c}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x11}, 0x94)
r1 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000280)=@ipv6_delrule={0x30, 0x21, 0x1, 0x70bd29, 0x25dfdbff, {0xa, 0x0, 0x80, 0x71, 0xf0, 0x0, 0x0, 0x1, 0x16b4fc48c5a7a6cc}, [@FRA_SRC={0x14, 0x2, @dev={0xfe, 0x80, '\x00', 0x44}}]}, 0x30}}, 0xc080)
close(r0)
socket$tipc(0x1e, 0x5, 0x0)
r2 = syz_open_dev$audion(&(0x7f0000000080), 0x8e8, 0x2400)
close(r2)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f0000000200)=0x188, 0x4)
r4 = socket$tipc(0x1e, 0x5, 0x0)
listen(r4, 0x7)
mount$9p_fd(0x0, &(0x7f0000001a00)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000001a40)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4, @ANYBLOB=',directio,debug=0x0000000000000007,access=', @ANYRESDEC=0x0, @ANYBLOB="2c70726976706f72742c6361ffff653d6e6f6e652c6f626a5f757365723d2f6465762f947bb62829846f1ae6617564696f23002c000a9b6c99f1d60191f8a38d52249e5438ca64be6f77cc1a2ce29228593ac3392e7a2d10326d9a463b3c87a27dd3127e1956a5ac9b241dfb9dd52b578493227ac2bb25957eec4f932938995339a2fe69af5de28455d7349d270307c2fc583eca6ec9f3f50e75cb92ffbdc1910eda301b69bdf97c7dc19e23a0602f9ebf72f99b97597c9ec77400"/198])

kernel console output (not intermixed with test programs):

4362] EXT4-fs (loop2): unmounting filesystem.
[ 1529.438842][ T9403] input: KB Gear Tablet as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/input/input6
[ 1529.465377][ T9782] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1529.475031][T14367] device batadv_slave_1 entered promiscuous mode
[ 1529.494361][ T9782] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1529.506536][T14367] netlink: 'syz.8.1792': attribute type 1 has an invalid length.
[ 1529.523144][ T9782] usb 1-1: config 0 descriptor??
[ 1529.549151][ T9782] cp210x 1-1:0.0: cp210x converter detected
[ 1529.800355][T14342] loop3: detected capacity change from 0 to 4096
[ 1529.896749][T14342] EXT4-fs (loop3): ext4_check_descriptors: Inode table for group 0 not in group (block 144115188075855876)!
[ 1530.246094][T14342] EXT4-fs (loop3): group descriptors corrupted!
[ 1530.465232][ T9782] cp210x 1-1:0.0: failed to get vendor val 0x000e size 3: -71
[ 1530.623925][ T9782] cp210x 1-1:0.0: failed to get vendor val 0x370c size 73: -71
[ 1530.684495][ T9782] cp210x 1-1:0.0: GPIO initialisation failed: -71
[ 1530.864027][ T9782] usb 1-1: cp210x converter now attached to ttyUSB0
[ 1530.961030][ T9782] usb 1-1: USB disconnect, device number 2
[ 1530.996619][T14366] device batadv_slave_1 left promiscuous mode
[ 1531.018928][ T9782] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1531.123857][T14317] usb 4-1: USB disconnect, device number 2
[ 1531.124556][ T9782] cp210x 1-1:0.0: device disconnected
[ 1531.336648][T14386] loop3: detected capacity change from 0 to 128
[ 1531.397235][T14386] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1531.443764][T14386] ext4 filesystem being mounted at /58/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[ 1531.540194][T14394] netlink: 'syz.8.1796': attribute type 3 has an invalid length.
[ 1531.572166][T14386] EXT4-fs (loop3): shut down requested (2)
[ 1536.114873][T14417] netlink: 'syz.8.1802': attribute type 4 has an invalid length.
[ 1536.140192][T12654] EXT4-fs (loop3): unmounting filesystem.
[ 1536.513538][T13406] usb 9-1: new low-speed USB device number 24 using dummy_hcd
[ 1536.623345][ T4478] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1536.705239][T13406] usb 9-1: config index 0 descriptor too short (expected 6427, got 27)
[ 1536.723293][T13406] usb 9-1: config 0 has an invalid interface number: 21 but max is 0
[ 1536.740791][T13406] usb 9-1: config 0 has no interface number 0
[ 1536.753488][T13406] usb 9-1: config 0 interface 21 altsetting 0 endpoint 0x82 is Bulk; changing to Interrupt
[ 1536.773910][T13406] usb 9-1: config 0 interface 21 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[ 1536.816368][T13406] usb 9-1: New USB device found, idVendor=06cd, idProduct=0202, bcdDevice=92.d4
[ 1536.833366][ T4478] usb 4-1: Using ep0 maxpacket: 32
[ 1536.840577][ T4478] usb 4-1: config 0 has an invalid interface number: 119 but max is 0
[ 1536.846975][T13406] usb 9-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1536.884582][T13406] usb 9-1: config 0 descriptor??
[ 1536.930797][ T4478] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1536.972319][ T4478] usb 4-1: config 0 has no interface number 0
[ 1536.983521][ T4478] usb 4-1: config 0 interface 119 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1
[ 1537.050865][ T4478] usb 4-1: New USB device found, idVendor=05ac, idProduct=0292, bcdDevice=88.73
[ 1537.084121][ T4478] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1537.109395][ T4478] usb 4-1: Product: syz
[ 1537.133357][ T4478] usb 4-1: Manufacturer: syz
[ 1537.153326][ T4478] usb 4-1: SerialNumber: syz
[ 1537.180430][ T4478] usb 4-1: config 0 descriptor??
[ 1537.230522][ T4478] input: bcm5974 as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.119/input/input8
[ 1537.313839][T13406] usb 9-1: USB disconnect, device number 24
[ 1537.504801][T14430] FAULT_INJECTION: forcing a failure.
[ 1537.504801][T14430] name failslab, interval 1, probability 0, space 0, times 0
[ 1537.551400][T14430] CPU: 0 PID: 14430 Comm: syz.0.1806 Not tainted syzkaller #0
[ 1537.558939][T14430] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1537.569012][T14430] Call Trace:
[ 1537.572311][T14430]  <TASK>
[ 1537.575259][T14430]  dump_stack_lvl+0x188/0x24e
[ 1537.579956][T14430]  ? show_regs_print_info+0x12/0x12
[ 1537.585166][T14430]  ? load_image+0x400/0x400
[ 1537.589690][T14430]  ? __might_sleep+0xd0/0xd0
[ 1537.594292][T14430]  ? __lock_acquire+0x7d10/0x7d10
[ 1537.599338][T14430]  should_fail_ex+0x399/0x4d0
[ 1537.604045][T14430]  should_failslab+0x5/0x20
[ 1537.608588][T14430]  slab_pre_alloc_hook+0x59/0x310
[ 1537.613664][T14430]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1537.619446][T14430]  __kmem_cache_alloc_node+0x4f/0x260
[ 1537.624879][T14430]  ? tomoyo_realpath_from_path+0xdf/0x5d0
[ 1537.630733][T14430]  __kmalloc+0xa0/0x240
[ 1537.635094][T14430]  tomoyo_realpath_from_path+0xdf/0x5d0
[ 1537.640730][T14430]  ? tomoyo_path_number_perm+0x205/0x650
[ 1537.646437][T14430]  tomoyo_path_number_perm+0x22f/0x650
[ 1537.651968][T14430]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1537.657591][T14430]  ? ksys_write+0x1c0/0x250
[ 1537.662153][T14430]  ? common_file_perm+0x171/0x1c0
[ 1537.667331][T14430]  ? __fget_files+0x28/0x4b0
[ 1537.671968][T14430]  ? __fget_files+0x28/0x4b0
[ 1537.676956][T14430]  security_file_ioctl+0x6c/0xa0
[ 1537.681940][T14430]  __se_sys_ioctl+0x48/0x170
[ 1537.686579][T14430]  do_syscall_64+0x4c/0xa0
[ 1537.691034][T14430]  ? clear_bhb_loop+0x60/0xb0
[ 1537.695763][T14430]  ? clear_bhb_loop+0x60/0xb0
[ 1537.700489][T14430]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1537.706438][T14430] RIP: 0033:0x7f6eb9f9ce59
[ 1537.710996][T14430] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1537.730642][T14430] RSP: 002b:00007f6ebaecb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1537.739088][T14430] RAX: ffffffffffffffda RBX: 00007f6eba215fa0 RCX: 00007f6eb9f9ce59
[ 1537.747089][T14430] RDX: 0000200000000080 RSI: 0000000000005423 RDI: 0000000000000004
[ 1537.755098][T14430] RBP: 00007f6ebaecb090 R08: 0000000000000000 R09: 0000000000000000
[ 1537.763096][T14430] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1537.771091][T14430] R13: 00007f6eba216038 R14: 00007f6eba215fa0 R15: 00007ffdf44e8f88
[ 1537.779100][T14430]  </TASK>
[ 1537.783420][T14430] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1537.897144][T14440] loop3: detected capacity change from 0 to 1024
[ 1537.925645][T14440] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1538.022000][T14440] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1538.073765][T14440] ext4 filesystem being mounted at /59/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1538.119316][T14445] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[ 1538.161943][T14422] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.1803: bg 0: block 112: padding at end of block bitmap is not set
[ 1538.209691][T14422] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 7 with max blocks 1 with error 117
[ 1538.232906][T14422] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1538.232906][T14422] 
[ 1538.247927][T14440] EXT4-fs (loop3): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 1 with error 28
[ 1538.278293][T14440] EXT4-fs (loop3): This should not happen!! Data will be lost
[ 1538.278293][T14440] 
[ 1538.312887][T14440] EXT4-fs (loop3): Total free blocks count 0
[ 1538.333646][T14440] EXT4-fs (loop3): Free/Dirty block details
[ 1538.373473][ T4478] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[ 1539.195842][T14440] EXT4-fs (loop3): free_blocks=0
[ 1539.216344][T14440] EXT4-fs (loop3): dirty_blocks=0
[ 1539.223817][T14440] EXT4-fs (loop3): Block reservation details
[ 1539.234901][ T9929] usb 4-1: USB disconnect, device number 3
[ 1539.316795][ T4478] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1539.347474][ T4478] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1539.403382][ T4478] usb 1-1: config 1 interface 0 altsetting 0 has an invalid endpoint descriptor of length 6, skipping
[ 1539.430217][ T4478] usb 1-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[ 1539.465182][ T4478] usb 1-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[ 1539.499057][ T4478] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[ 1539.519357][ T4478] usb 1-1: SerialNumber: syz
[ 1539.566572][T14463] loop5: detected capacity change from 0 to 512
[ 1539.575735][T14463] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1539.590442][T14463] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[ 1539.729143][T14463] EXT4-fs (loop5): 1 truncate cleaned up
[ 1539.743521][T14463] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[ 1541.753197][ T4478] usb 1-1: 0:2 : does not exist
[ 1541.763294][ T4478] usb 1-1: unit 5 not found!
[ 1541.871229][T13821] EXT4-fs (loop5): unmounting filesystem.
[ 1541.920212][ T4478] usb 1-1: USB disconnect, device number 3
[ 1542.330388][T14486] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1816'.
[ 1542.593494][ T3599] usb 3-1: new high-speed USB device number 12 using dummy_hcd
[ 1542.632527][T14486] loop3: detected capacity change from 0 to 512
[ 1542.641750][T14486] EXT4-fs: Ignoring removed nobh option
[ 1542.659407][T14029] udevd[14029]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1542.739095][T14486] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 1542.749923][T14486] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1816: invalid indirect mapped block 256 (level 1)
[ 1542.768533][T14486] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1816: invalid indirect mapped block 2683928664 (level 1)
[ 1542.792780][T14486] EXT4-fs (loop3): 1 truncate cleaned up
[ 1542.798902][T14486] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1542.833459][T14486] EXT4-fs (loop3): unmounting filesystem.
[ 1543.063605][ T3599] usb 3-1: Using ep0 maxpacket: 8
[ 1543.089269][ T3599] usb 3-1: unable to get BOS descriptor or descriptor too short
[ 1543.128517][ T3599] usb 3-1: config 147 has an invalid interface number: 101 but max is 0
[ 1543.275040][ T3599] usb 3-1: config 147 has no interface number 0
[ 1543.282090][ T3599] usb 3-1: config 147 interface 101 has no altsetting 0
[ 1543.347620][ T3599] usb 3-1: New USB device found, idVendor=093b, idProduct=a102, bcdDevice= 0.01
[ 1543.514871][ T3599] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1543.608041][ T3599] usb 3-1: Product: syz
[ 1543.653930][ T3599] usb 3-1: Manufacturer: syz
[ 1543.707998][ T3599] usb 3-1: SerialNumber: syz
[ 1544.150459][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.220171][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.241614][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.269754][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.306117][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.343395][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.475483][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.648184][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1544.848356][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.011317][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.195971][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.396033][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.586823][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.723695][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.731234][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.879942][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.900643][T14317] hid-generic 0006:0004:0009.0001: unknown main item tag 0x0
[ 1545.968943][T14317] hid-generic 0006:0004:0009.0001: hidraw0: VIRTUAL HID v0.04 Device [syz1] on syz0
[ 1545.983450][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[ 1545.989818][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[ 1546.047499][ T3599] go7007: probe of 3-1:147.101 failed with error -12
[ 1546.068274][ T3599] usb 3-1: USB disconnect, device number 12
[ 1546.596771][T14516] ptrace attach of "ci2-linux-6-1-kasan/syz-executor exec"[14517] was attempted by "ci2-linux-6-1-kasan/syz-executor exec"[14516]
[ 1548.249462][T14534] FAULT_INJECTION: forcing a failure.
[ 1548.249462][T14534] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1548.300908][T14534] CPU: 1 PID: 14534 Comm: syz.2.1828 Not tainted syzkaller #0
[ 1548.308456][T14534] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1548.318549][T14534] Call Trace:
[ 1548.321841][T14534]  <TASK>
[ 1548.324785][T14534]  dump_stack_lvl+0x188/0x24e
[ 1548.329473][T14534]  ? show_regs_print_info+0x12/0x12
[ 1548.334683][T14534]  ? load_image+0x400/0x400
[ 1548.339206][T14534]  ? __lock_acquire+0x7d10/0x7d10
[ 1548.344271][T14534]  should_fail_ex+0x399/0x4d0
[ 1548.348982][T14534]  strncpy_from_user+0x32/0x350
[ 1548.353931][T14534]  bpf_prog_load+0x1f3/0x1560
[ 1548.358660][T14534]  ? map_freeze+0x390/0x390
[ 1548.363178][T14534]  ? __might_fault+0xa6/0x120
[ 1548.368132][T14534]  ? __might_fault+0xa6/0x120
[ 1548.372818][T14534]  ? __might_fault+0xc2/0x120
[ 1548.377532][T14534]  ? __might_fault+0xa6/0x120
[ 1548.382221][T14534]  ? bpf_lsm_bpf+0x5/0x10
[ 1548.386624][T14534]  ? security_bpf+0x7a/0xa0
[ 1548.391136][T14534]  __sys_bpf+0x5b8/0x780
[ 1548.395417][T14534]  ? bpf_link_show_fdinfo+0x380/0x380
[ 1548.400866][T14534]  ? lock_chain_count+0x20/0x20
[ 1548.405787][T14534]  __x64_sys_bpf+0x78/0x90
[ 1548.410330][T14534]  do_syscall_64+0x4c/0xa0
[ 1548.414754][T14534]  ? clear_bhb_loop+0x60/0xb0
[ 1548.419469][T14534]  ? clear_bhb_loop+0x60/0xb0
[ 1548.424180][T14534]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1548.430166][T14534] RIP: 0033:0x7f75b979ce59
[ 1548.434615][T14534] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1548.454237][T14534] RSP: 002b:00007f75ba582028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[ 1548.462665][T14534] RAX: ffffffffffffffda RBX: 00007f75b9a15fa0 RCX: 00007f75b979ce59
[ 1548.470670][T14534] RDX: 0000000000000048 RSI: 000020000000e000 RDI: 0000000000000005
[ 1548.478652][T14534] RBP: 00007f75ba582090 R08: 0000000000000000 R09: 0000000000000000
[ 1548.486630][T14534] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1548.494612][T14534] R13: 00007f75b9a16038 R14: 00007f75b9a15fa0 R15: 00007fffb7057f18
[ 1548.502604][T14534]  </TASK>
[ 1548.623156][T14526] fido_id[14526]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1551.361205][T14556] FAULT_INJECTION: forcing a failure.
[ 1551.361205][T14556] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1551.436348][T14556] CPU: 1 PID: 14556 Comm: syz.2.1832 Not tainted syzkaller #0
[ 1551.444003][T14556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1551.454240][T14556] Call Trace:
[ 1551.457593][T14556]  <TASK>
[ 1551.460586][T14556]  dump_stack_lvl+0x188/0x24e
[ 1551.465340][T14556]  ? show_regs_print_info+0x12/0x12
[ 1551.470586][T14556]  ? load_image+0x400/0x400
[ 1551.475147][T14556]  ? __lock_acquire+0x7d10/0x7d10
[ 1551.480225][T14556]  ? __virt_addr_valid+0x188/0x540
[ 1551.485473][T14556]  should_fail_ex+0x399/0x4d0
[ 1551.490198][T14556]  _copy_from_user+0x2c/0x170
[ 1551.494931][T14556]  __se_sys_memfd_create+0x129/0x340
[ 1551.500269][T14556]  do_syscall_64+0x4c/0xa0
[ 1551.504740][T14556]  ? clear_bhb_loop+0x60/0xb0
[ 1551.509480][T14556]  ? clear_bhb_loop+0x60/0xb0
[ 1551.514245][T14556]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1551.520180][T14556] RIP: 0033:0x7f75b979ce59
[ 1551.524652][T14556] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1551.544302][T14556] RSP: 002b:00007f75ba581e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1551.552749][T14556] RAX: ffffffffffffffda RBX: 0000000000000089 RCX: 00007f75b979ce59
[ 1551.560753][T14556] RDX: 00007f75ba581ee0 RSI: 0000000000000000 RDI: 00007f75b9832f4f
[ 1551.568851][T14556] RBP: 0000200000000180 R08: 00000000ffffffff R09: 0000000000000000
[ 1551.576851][T14556] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000100
[ 1551.584856][T14556] R13: 00007f75ba581ee0 R14: 00007f75ba581ea0 R15: 0000200000000140
[ 1551.592878][T14556]  </TASK>
[ 1551.803116][T14559] loop2: detected capacity change from 0 to 65
[ 1551.918046][T14559] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop2
[ 1552.244606][T14570] FAULT_INJECTION: forcing a failure.
[ 1552.244606][T14570] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1552.268308][T14569] netlink: 'syz.8.1836': attribute type 4 has an invalid length.
[ 1552.315057][T14569] netlink: 17 bytes leftover after parsing attributes in process `syz.8.1836'.
[ 1552.333457][T14570] CPU: 1 PID: 14570 Comm: syz.3.1825 Not tainted syzkaller #0
[ 1552.341011][T14570] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1552.351128][T14570] Call Trace:
[ 1552.354447][T14570]  <TASK>
[ 1552.357416][T14570]  dump_stack_lvl+0x188/0x24e
[ 1552.362232][T14570]  ? show_regs_print_info+0x12/0x12
[ 1552.367489][T14570]  ? load_image+0x400/0x400
[ 1552.372053][T14570]  ? __lock_acquire+0x7d10/0x7d10
[ 1552.377139][T14570]  ? snprintf+0xe5/0x140
[ 1552.381439][T14570]  should_fail_ex+0x399/0x4d0
[ 1552.386177][T14570]  _copy_to_user+0x2c/0x130
[ 1552.390745][T14570]  simple_read_from_buffer+0xe3/0x150
[ 1552.396171][T14570]  proc_fail_nth_read+0x1a6/0x220
[ 1552.401252][T14570]  ? proc_fault_inject_write+0x310/0x310
[ 1552.406944][T14570]  ? fsnotify_perm+0x248/0x550
[ 1552.411769][T14570]  ? proc_fault_inject_write+0x310/0x310
[ 1552.417447][T14570]  vfs_read+0x2de/0xa00
[ 1552.421644][T14570]  ? kernel_read+0x1e0/0x1e0
[ 1552.426272][T14570]  ? __fget_files+0x28/0x4b0
[ 1552.430896][T14570]  ? __fget_files+0x28/0x4b0
[ 1552.435518][T14570]  ? __fget_files+0x43d/0x4b0
[ 1552.440766][T14570]  ? __fdget_pos+0x2ae/0x360
[ 1552.445391][T14570]  ? ksys_read+0x71/0x250
[ 1552.449756][T14570]  ksys_read+0x14c/0x250
[ 1552.454037][T14570]  ? vfs_write+0xa30/0xa30
[ 1552.458496][T14570]  ? lockdep_hardirqs_on+0x94/0x140
[ 1552.463731][T14570]  do_syscall_64+0x4c/0xa0
[ 1552.468176][T14570]  ? clear_bhb_loop+0x60/0xb0
[ 1552.472888][T14570]  ? clear_bhb_loop+0x60/0xb0
[ 1552.477608][T14570]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1552.483531][T14570] RIP: 0033:0x7fc63fb5d68e
[ 1552.487974][T14570] Code: 08 0f 85 a5 a8 ff ff 49 89 fb 48 89 f0 48 89 d7 48 89 ce 4c 89 c2 4d 89 ca 4c 8b 44 24 08 4c 8b 4c 24 10 4c 89 5c 24 08 0f 05 <c3> 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 80 00 00 00 00 48 83 ec 08
[ 1552.507627][T14570] RSP: 002b:00007fc640a21fe8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1552.516080][T14570] RAX: ffffffffffffffda RBX: 00007fc640a226c0 RCX: 00007fc63fb5d68e
[ 1552.524078][T14570] RDX: 000000000000000f RSI: 00007fc640a220a0 RDI: 0000000000000004
[ 1552.532769][T14570] RBP: 00007fc640a22090 R08: 0000000000000000 R09: 0000000000000000
[ 1552.540762][T14570] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1552.548755][T14570] R13: 00007fc63fe16038 R14: 00007fc63fe15fa0 R15: 00007ffdc46ef398
[ 1552.556771][T14570]  </TASK>
[ 1552.618352][T14569] loop8: detected capacity change from 0 to 8
[ 1552.651416][T14569] Dev loop8: unable to read RDB block 8
[ 1552.679760][T14569]  loop8: unable to read partition table
[ 1552.692785][T14569] loop8: partition table beyond EOD, truncated
[ 1552.738516][T14573] loop2: detected capacity change from 0 to 128
[ 1552.914846][T14580] loop5: detected capacity change from 0 to 512
[ 1553.002304][T14583] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1839'.
[ 1553.041822][T14583] loop0: detected capacity change from 0 to 512
[ 1553.050866][T14583] EXT4-fs: Ignoring removed nobh option
[ 1553.336184][T14580] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1553.378530][T14569] loop_reread_partitions: partition scan of loop8 (�被x�^>�� �) failed (rc=-5)
[ 1553.443311][T14583] EXT4-fs (loop0): Cannot turn on journaled quota: type 0: error -2
[ 1553.454375][T14583] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1839: invalid indirect mapped block 256 (level 1)
[ 1553.470230][T14583] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #13: comm syz.0.1839: invalid indirect mapped block 2683928664 (level 1)
[ 1553.487674][T14583] EXT4-fs (loop0): 1 truncate cleaned up
[ 1553.493566][T14583] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[ 1553.513879][T14583] EXT4-fs (loop0): unmounting filesystem.
[ 1553.653823][T14573] hpfs: Bad magic ... probably not HPFS
[ 1553.665316][T14580] UDF-fs: Scanning with blocksize 512 failed
[ 1553.709782][T14580] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1553.860661][T14580] UDF-fs: Scanning with blocksize 1024 failed
[ 1553.932863][T14580] UDF-fs: warning (device loop5): udf_load_vrs: No VRS found
[ 1553.960723][T14580] UDF-fs: Scanning with blocksize 2048 failed
[ 1554.931201][T14580] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[ 1555.205828][T14580] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1556.329750][T14613] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1845'.
[ 1556.339830][T14608] loop0: detected capacity change from 0 to 8192
[ 1556.382456][T14617] FAULT_INJECTION: forcing a failure.
[ 1556.382456][T14617] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1556.430948][T14622] FAULT_INJECTION: forcing a failure.
[ 1556.430948][T14622] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1556.446736][T14617] CPU: 1 PID: 14617 Comm: syz.8.1846 Not tainted syzkaller #0
[ 1556.454274][T14617] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1556.464374][T14617] Call Trace:
[ 1556.467694][T14617]  <TASK>
[ 1556.470658][T14617]  dump_stack_lvl+0x188/0x24e
[ 1556.475379][T14617]  ? show_regs_print_info+0x12/0x12
[ 1556.480633][T14617]  ? load_image+0x400/0x400
[ 1556.485194][T14617]  ? __lock_acquire+0x7d10/0x7d10
[ 1556.490262][T14617]  ? __virt_addr_valid+0x188/0x540
[ 1556.495432][T14617]  should_fail_ex+0x399/0x4d0
[ 1556.500152][T14617]  _copy_from_user+0x2c/0x170
[ 1556.504859][T14617]  __se_sys_memfd_create+0x129/0x340
[ 1556.510206][T14617]  do_syscall_64+0x4c/0xa0
[ 1556.514646][T14617]  ? clear_bhb_loop+0x60/0xb0
[ 1556.519361][T14617]  ? clear_bhb_loop+0x60/0xb0
[ 1556.524097][T14617]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1556.530045][T14617] RIP: 0033:0x7f6357b9ce59
[ 1556.534493][T14617] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1556.554147][T14617] RSP: 002b:00007f63589d3e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1556.562589][T14617] RAX: ffffffffffffffda RBX: 00000000000005af RCX: 00007f6357b9ce59
[ 1556.570638][T14617] RDX: 00007f63589d3ee0 RSI: 0000000000000000 RDI: 00007f6357c32f4f
[ 1556.578655][T14617] RBP: 0000200000000680 R08: 00000000ffffffff R09: 0000000000000000
[ 1556.586663][T14617] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000600
[ 1556.594673][T14617] R13: 00007f63589d3ee0 R14: 00007f63589d3ea0 R15: 0000200000000640
[ 1556.602689][T14617]  </TASK>
[ 1556.648004][T14608] Dev loop0: RDB in block 1 has bad checksum
[ 1556.706180][T14624] FAULT_INJECTION: forcing a failure.
[ 1556.706180][T14624] name fail_page_alloc, interval 1, probability 0, space 0, times 1
[ 1556.721805][T14622] CPU: 1 PID: 14622 Comm: syz.5.1844 Not tainted syzkaller #0
[ 1556.729337][T14622] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1556.739443][T14622] Call Trace:
[ 1556.742764][T14622]  <TASK>
[ 1556.745734][T14622]  dump_stack_lvl+0x188/0x24e
[ 1556.750464][T14622]  ? show_regs_print_info+0x12/0x12
[ 1556.755709][T14622]  ? load_image+0x400/0x400
[ 1556.760274][T14622]  ? __lock_acquire+0x7d10/0x7d10
[ 1556.765351][T14622]  ? __virt_addr_valid+0x188/0x540
[ 1556.770514][T14622]  should_fail_ex+0x399/0x4d0
[ 1556.775231][T14622]  _copy_from_user+0x2c/0x170
[ 1556.779963][T14622]  __se_sys_memfd_create+0x129/0x340
[ 1556.785307][T14622]  do_syscall_64+0x4c/0xa0
[ 1556.789766][T14622]  ? clear_bhb_loop+0x60/0xb0
[ 1556.794488][T14622]  ? clear_bhb_loop+0x60/0xb0
[ 1556.799220][T14622]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1556.805175][T14622] RIP: 0033:0x7f24eb59ce59
[ 1556.809635][T14622] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1556.829292][T14622] RSP: 002b:00007f24ec38de08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1556.837759][T14622] RAX: ffffffffffffffda RBX: 00000000000004de RCX: 00007f24eb59ce59
[ 1556.845780][T14622] RDX: 00007f24ec38dee0 RSI: 0000000000000000 RDI: 00007f24eb632f4f
[ 1556.853808][T14622] RBP: 00002000000005c0 R08: 00000000ffffffff R09: 0000000000000000
[ 1556.861830][T14622] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000540
[ 1556.869853][T14622] R13: 00007f24ec38dee0 R14: 00007f24ec38dea0 R15: 0000200000000580
[ 1556.877892][T14622]  </TASK>
[ 1556.880972][T14624] CPU: 0 PID: 14624 Comm: syz.3.1847 Not tainted syzkaller #0
[ 1556.888494][T14624] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1556.898602][T14624] Call Trace:
[ 1556.901917][T14624]  <TASK>
[ 1556.904894][T14624]  dump_stack_lvl+0x188/0x24e
[ 1556.909618][T14624]  ? show_regs_print_info+0x12/0x12
[ 1556.914869][T14624]  ? load_image+0x400/0x400
[ 1556.919428][T14624]  ? __lock_acquire+0x7d10/0x7d10
[ 1556.924514][T14624]  should_fail_ex+0x399/0x4d0
[ 1556.929251][T14624]  prepare_alloc_pages+0x1e2/0x5f0
[ 1556.934512][T14624]  __alloc_pages+0x130/0x4f0
[ 1556.939161][T14624]  ? zone_statistics+0x170/0x170
[ 1556.944165][T14624]  __pmd_alloc+0xa6/0x760
[ 1556.948536][T14624]  ? __lock_acquire+0x7d10/0x7d10
[ 1556.953616][T14624]  ? do_raw_spin_lock+0x128/0x2f0
[ 1556.958687][T14624]  ? __pud_alloc+0x150/0x150
[ 1556.963318][T14624]  ? __rwlock_init+0x140/0x140
[ 1556.968131][T14624]  ? hugepage_vma_check+0x466/0x540
[ 1556.973480][T14624]  handle_mm_fault+0xa03/0x3ee0
[ 1556.978379][T14624]  ? mt_find+0x157/0x830
[ 1556.982764][T14624]  ? numa_migrate_prep+0x250/0x250
[ 1556.987928][T14624]  ? lock_chain_count+0x20/0x20
[ 1556.992836][T14624]  ? lock_mm_and_find_vma+0xae/0x2f0
[ 1556.998167][T14624]  do_user_addr_fault+0x51f/0xb10
[ 1557.003249][T14624]  exc_page_fault+0x60/0x100
[ 1557.007897][T14624]  asm_exc_page_fault+0x22/0x30
[ 1557.012803][T14624] RIP: 0010:__put_user_nocheck_4+0x3/0x11
[ 1557.018578][T14624] Code: 00 00 48 39 d9 73 54 0f 01 cb 66 89 01 31 c9 0f 01 ca c3 90 90 90 90 90 48 bb fd ef ff ff ff 7f 00 00 48 39 d9 73 34 0f 01 cb <89> 01 31 c9 0f 01 ca c3 90 90 90 90 90 90 48 bb f9 ef ff ff ff 7f
[ 1557.038233][T14624] RSP: 0018:ffffc90004acfe80 EFLAGS: 00050293
[ 1557.044345][T14624] RAX: 0000000000000004 RBX: 00007fffffffeffd RCX: 0000200000000080
[ 1557.052366][T14624] RDX: 0000000000000000 RSI: ffffffff8a8c2c20 RDI: ffffffff8adf2060
[ 1557.060388][T14624] RBP: 0000000000000004 R08: ffffffff8e2029ef R09: 1ffffffff1c4053d
[ 1557.068412][T14624] R10: dffffc0000000000 R11: fffffbfff1c4053e R12: 0000000000000000
[ 1557.076434][T14624] R13: 0000200000000080 R14: 0000000000000001 R15: 0000000000000005
[ 1557.084466][T14624]  __sys_socketpair+0xb4/0x540
[ 1557.089380][T14624]  __x64_sys_socketpair+0x97/0xb0
[ 1557.094462][T14624]  do_syscall_64+0x4c/0xa0
[ 1557.098925][T14624]  ? clear_bhb_loop+0x60/0xb0
[ 1557.103668][T14624]  ? clear_bhb_loop+0x60/0xb0
[ 1557.108404][T14624]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1557.114353][T14624] RIP: 0033:0x7fc63fb9ce59
[ 1557.118816][T14624] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1557.138479][T14624] RSP: 002b:00007fc640a22028 EFLAGS: 00000246 ORIG_RAX: 0000000000000035
[ 1557.146945][T14624] RAX: ffffffffffffffda RBX: 00007fc63fe15fa0 RCX: 00007fc63fb9ce59
[ 1557.154962][T14624] RDX: 0000000000000000 RSI: 0000000000000005 RDI: 0000000000000001
[ 1557.162991][T14624] RBP: 00007fc640a22090 R08: 0000000000000000 R09: 0000000000000000
[ 1557.171024][T14624] R10: 0000200000000080 R11: 0000000000000246 R12: 0000000000000001
[ 1557.179043][T14624] R13: 00007fc63fe16038 R14: 00007fc63fe15fa0 R15: 00007ffdc46ef398
[ 1557.187078][T14624]  </TASK>
[ 1557.513834][T14317] usb 3-1: new high-speed USB device number 13 using dummy_hcd
[ 1557.713508][T14317] usb 3-1: Using ep0 maxpacket: 32
[ 1557.743600][T13215] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[ 1557.897724][T14317] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has an invalid bInterval 0, changing to 7
[ 1558.032775][T14317] usb 3-1: config 0 interface 0 altsetting 128 endpoint 0x2 has invalid wMaxPacketSize 0
[ 1558.136934][T13215] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1558.176321][T14317] usb 3-1: config 0 interface 0 has no altsetting 0
[ 1558.230942][T13215] usb 1-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1558.277067][T14317] usb 3-1: New USB device found, idVendor=1b1c, idProduct=1c09, bcdDevice= 0.00
[ 1558.379881][T13215] usb 1-1: New USB device found, idVendor=0582, idProduct=0582, bcdDevice= 0.40
[ 1558.393273][T14317] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1558.439810][T13215] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1558.465213][T14317] usb 3-1: config 0 descriptor??
[ 1558.490695][T13215] usb 1-1: Product: syz
[ 1558.531388][T13215] usb 1-1: Manufacturer: syz
[ 1558.545733][T13215] usb 1-1: SerialNumber: syz
[ 1558.918109][T14317] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[ 1558.948681][T14317] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[ 1559.064960][T14652] netlink: 'syz.3.1852': attribute type 2 has an invalid length.
[ 1559.073516][T14652] netlink: 'syz.3.1852': attribute type 1 has an invalid length.
[ 1559.091163][T14652] loop3: detected capacity change from 0 to 128
[ 1559.131405][T14651] block device autoloading is deprecated and will be removed.
[ 1559.240130][T14317] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[ 1559.356889][T14317] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[ 1559.516676][T14317] corsair-psu 0003:1B1C:1C09.0002: unknown main item tag 0x0
[ 1559.581626][T14317] corsair-psu 0003:1B1C:1C09.0002: hidraw0: USB HID v4.08 Device [HID 1b1c:1c09] on usb-dummy_hcd.2-1/input0
[ 1559.638108][T14650] netlink: 36 bytes leftover after parsing attributes in process `syz.8.1854'.
[ 1559.657151][T14632] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1559.683544][T14317] corsair-psu 0003:1B1C:1C09.0002: unable to initialize device (-90)
[ 1559.733848][T14632] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1559.759717][T14317] corsair-psu: probe of 0003:1B1C:1C09.0002 failed with error -90
[ 1559.852494][T14317] usb 3-1: USB disconnect, device number 13
[ 1559.870950][T13215] usb 1-1: 0:1 : does not exist
[ 1559.896468][T13215] usb 1-1: BAAD SPEAKER p_chmask mismatch
[ 1559.947247][ T4319] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1560.019630][T13215] snd-usb-audio: probe of 1-1:1.0 failed with error -22
[ 1560.124144][T13215] usb 1-1: USB disconnect, device number 4
[ 1560.144551][ T4319] usb 4-1: Using ep0 maxpacket: 16
[ 1560.164414][ T4319] usb 4-1: config 0 has an invalid interface number: 64 but max is 0
[ 1560.242299][T14666] loop8: detected capacity change from 0 to 512
[ 1560.261446][ T4319] usb 4-1: config 0 has an invalid descriptor of length 77, skipping remainder of the config
[ 1560.287877][T14056] udevd[14056]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1560.377220][ T4319] usb 4-1: config 0 has no interface number 0
[ 1560.416788][T14666] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: writeback.
[ 1560.452786][ T4319] usb 4-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.5b
[ 1560.493577][T14666] ext4 filesystem being mounted at /207/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1560.578479][ T4319] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1560.597120][T14672] EXT4-fs warning (device loop8): ext4_group_add:1723: Can't resize non-sparse filesystem further
[ 1560.632299][ T4319] usb 4-1: config 0 descriptor??
[ 1560.751216][T14663] fido_id[14663]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.2/usb3/report_descriptor': No such file or directory
[ 1560.872513][ T9649] EXT4-fs (loop8): unmounting filesystem.
[ 1561.287230][T14679] netlink: 28 bytes leftover after parsing attributes in process `syz.8.1858'.
[ 1561.947270][ T4319] usb 4-1: string descriptor 0 read error: -71
[ 1561.953974][ T4319] usb 4-1: Found UVC 0.00 device <unnamed> (0bd3:0555)
[ 1561.960991][ T4319] usb 4-1: No valid video chain found.
[ 1563.479668][ T4319] usb 4-1: USB disconnect, device number 4
[ 1563.858589][T14695] loop5: detected capacity change from 0 to 512
[ 1563.869862][T14695] EXT4-fs: Ignoring removed nomblk_io_submit option
[ 1563.876933][T14695] EXT4-fs: Invalid commit interval 541065225, must be smaller than 21474836
[ 1564.613633][T14056] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1564.788824][T14699] FAULT_INJECTION: forcing a failure.
[ 1564.788824][T14699] name failslab, interval 1, probability 0, space 0, times 0
[ 1564.856416][T14699] CPU: 0 PID: 14699 Comm: syz.0.1862 Not tainted syzkaller #0
[ 1564.863972][T14699] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1564.874071][T14699] Call Trace:
[ 1564.877388][T14699]  <TASK>
[ 1564.880352][T14699]  dump_stack_lvl+0x188/0x24e
[ 1564.885094][T14699]  ? show_regs_print_info+0x12/0x12
[ 1564.890343][T14699]  ? load_image+0x400/0x400
[ 1564.894901][T14699]  ? __might_sleep+0xd0/0xd0
[ 1564.899532][T14699]  ? __lock_acquire+0x7d10/0x7d10
[ 1564.904612][T14699]  should_fail_ex+0x399/0x4d0
[ 1564.909338][T14699]  should_failslab+0x5/0x20
[ 1564.913888][T14699]  slab_pre_alloc_hook+0x59/0x310
[ 1564.918962][T14699]  ? lockdep_softirqs_off+0x430/0x430
[ 1564.924439][T14699]  kmem_cache_alloc+0x56/0x2f0
[ 1564.929339][T14699]  ? security_inode_alloc+0x30/0x110
[ 1564.934682][T14699]  security_inode_alloc+0x30/0x110
[ 1564.939845][T14699]  inode_init_always+0x8f8/0xc90
[ 1564.944838][T14699]  new_inode_pseudo+0x91/0x1c0
[ 1564.949697][T14699]  do_accept+0x197/0x6f0
[ 1564.954079][T14699]  ? __lock_acquire+0x7d10/0x7d10
[ 1564.959179][T14699]  ? do_raw_spin_lock+0x128/0x2f0
[ 1564.964268][T14699]  ? __ia32_sys_listen+0x60/0x60
[ 1564.969287][T14699]  __sys_accept4+0x97/0x100
[ 1564.973846][T14699]  __x64_sys_accept4+0x96/0xb0
[ 1564.978655][T14699]  do_syscall_64+0x4c/0xa0
[ 1564.983113][T14699]  ? clear_bhb_loop+0x60/0xb0
[ 1564.987848][T14699]  ? clear_bhb_loop+0x60/0xb0
[ 1564.992589][T14699]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1564.998539][T14699] RIP: 0033:0x7f6eb9f9ce59
[ 1565.002996][T14699] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1565.022656][T14699] RSP: 002b:00007f6ebaecb028 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1565.031124][T14699] RAX: ffffffffffffffda RBX: 00007f6eba215fa0 RCX: 00007f6eb9f9ce59
[ 1565.039141][T14699] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 1565.047154][T14699] RBP: 00007f6ebaecb090 R08: 0000000000000000 R09: 0000000000000000
[ 1565.055311][T14699] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1565.063324][T14699] R13: 00007f6eba216038 R14: 00007f6eba215fa0 R15: 00007ffdf44e8f88
[ 1565.071361][T14699]  </TASK>
[ 1565.125665][T14702] netlink: 52 bytes leftover after parsing attributes in process `syz.3.1861'.
[ 1565.142521][T14702] loop3: detected capacity change from 0 to 512
[ 1565.149608][T14702] EXT4-fs: Ignoring removed nobh option
[ 1566.312599][T14702] EXT4-fs (loop3): Cannot turn on journaled quota: type 0: error -2
[ 1566.322704][T14702] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1861: invalid indirect mapped block 256 (level 1)
[ 1566.336771][T14702] EXT4-fs error (device loop3): ext4_free_branches:1030: inode #13: comm syz.3.1861: invalid indirect mapped block 2683928664 (level 1)
[ 1566.351700][T14702] EXT4-fs (loop3): 1 truncate cleaned up
[ 1566.357467][T14702] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1566.368380][T14702] EXT4-fs (loop3): unmounting filesystem.
[ 1566.486055][T14029] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[ 1566.568466][T14709] x_tables: duplicate underflow at hook 1
[ 1566.836600][T14714] loop0: detected capacity change from 0 to 512
[ 1567.544433][T14714] EXT4-fs (loop0): 1 orphan inode deleted
[ 1567.551004][T14714] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[ 1567.579223][T14714] ext4 filesystem being mounted at /110/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1567.684889][T14723] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.1865: iget: bad i_size value: 360287970189639690
[ 1567.899624][T12553] EXT4-fs (loop0): unmounting filesystem.
[ 1569.100790][T14738] FAULT_INJECTION: forcing a failure.
[ 1569.100790][T14738] name failslab, interval 1, probability 0, space 0, times 0
[ 1569.195813][T14738] CPU: 0 PID: 14738 Comm: syz.8.1871 Not tainted syzkaller #0
[ 1569.203590][T14738] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1569.213715][T14738] Call Trace:
[ 1569.217070][T14738]  <TASK>
[ 1569.220047][T14738]  dump_stack_lvl+0x188/0x24e
[ 1569.224787][T14738]  ? show_regs_print_info+0x12/0x12
[ 1569.230036][T14738]  ? load_image+0x400/0x400
[ 1569.234604][T14738]  ? __might_sleep+0xd0/0xd0
[ 1569.239247][T14738]  ? __lock_acquire+0x7d10/0x7d10
[ 1569.244347][T14738]  should_fail_ex+0x399/0x4d0
[ 1569.249092][T14738]  should_failslab+0x5/0x20
[ 1569.253664][T14738]  slab_pre_alloc_hook+0x59/0x310
[ 1569.258798][T14738]  ? prepend_path+0xa68/0xc20
[ 1569.263627][T14738]  ? tomoyo_encode+0x27e/0x540
[ 1569.268464][T14738]  __kmem_cache_alloc_node+0x4f/0x260
[ 1569.273905][T14738]  ? tomoyo_encode+0x27e/0x540
[ 1569.278741][T14738]  __kmalloc+0xa0/0x240
[ 1569.282978][T14738]  tomoyo_encode+0x27e/0x540
[ 1569.287637][T14738]  tomoyo_realpath_from_path+0x58e/0x5d0
[ 1569.293340][T14738]  ? tomoyo_path_number_perm+0x205/0x650
[ 1569.299030][T14738]  tomoyo_path_number_perm+0x22f/0x650
[ 1569.304550][T14738]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1569.310080][T14738]  ? ksys_write+0x1c0/0x250
[ 1569.314651][T14738]  ? common_file_perm+0x171/0x1c0
[ 1569.319760][T14738]  ? __fget_files+0x28/0x4b0
[ 1569.324406][T14738]  ? __fget_files+0x28/0x4b0
[ 1569.329070][T14738]  security_file_ioctl+0x6c/0xa0
[ 1569.334070][T14738]  __se_sys_ioctl+0x48/0x170
[ 1569.338714][T14738]  do_syscall_64+0x4c/0xa0
[ 1569.343175][T14738]  ? clear_bhb_loop+0x60/0xb0
[ 1569.347918][T14738]  ? clear_bhb_loop+0x60/0xb0
[ 1569.352674][T14738]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1569.358629][T14738] RIP: 0033:0x7f6357b9ce59
[ 1569.363089][T14738] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1569.382750][T14738] RSP: 002b:00007f63589d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1569.391228][T14738] RAX: ffffffffffffffda RBX: 00007f6357e15fa0 RCX: 00007f6357b9ce59
[ 1569.399264][T14738] RDX: 0000200000000100 RSI: 00000000c0306201 RDI: 0000000000000004
[ 1569.407287][T14738] RBP: 00007f63589d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1569.415306][T14738] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1569.423343][T14738] R13: 00007f6357e16038 R14: 00007f6357e15fa0 R15: 00007ffe55847198
[ 1569.431424][T14738]  </TASK>
[ 1569.888535][T14747] loop0: detected capacity change from 0 to 8
[ 1569.938599][T14747] SQUASHFS error: Failed to read block 0x29b: -5
[ 1569.945155][T14747] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1569.969134][T14738] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1570.164988][T14751] loop3: detected capacity change from 0 to 512
[ 1570.215823][T14751] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1570.256721][T14751] EXT4-fs (loop3): 1 truncate cleaned up
[ 1570.262581][T14751] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1570.361771][   T26] audit: type=1800 audit(1780680057.171:31): pid=14751 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1875" name="file1" dev="loop3" ino=15 res=0 errno=0
[ 1570.448022][T14751] EXT4-fs error (device loop3) in ext4_setattr:5695: Corrupt filesystem
[ 1570.523383][T14751] EXT4-fs (loop3): Remounting filesystem read-only
[ 1570.871862][T14763] loop8: detected capacity change from 0 to 8
[ 1571.856152][T14760] SQUASHFS error: Failed to read block 0x29b: -5
[ 1571.862534][T14760] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1571.889936][T12654] EXT4-fs (loop3): unmounting filesystem.
[ 1572.690318][T14775] loop0: detected capacity change from 0 to 256
[ 1572.709917][T14775] exfat: Deprecated parameter 'utf8'
[ 1572.793384][T14775] exfat: Deprecated parameter 'utf8'
[ 1573.026303][T14775] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0x18acca35, utbl_chksum : 0xe619d30d)
[ 1573.229276][T14791] exFAT-fs (loop0): error, invalid access to FAT (entry 0x00000005) bogus content (0x75757575)
[ 1573.406217][T12553] exFAT-fs (loop0): error, invalid access to FAT (entry 0x00000005) bogus content (0x75757575)
[ 1573.447313][T12553] exFAT-fs (loop0): error, invalid access to FAT (entry 0x00000005) bogus content (0x75757575)
[ 1573.970565][T14803] loop2: detected capacity change from 0 to 1024
[ 1574.175057][T14792] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1883'.
[ 1574.344140][T14789] loop5: detected capacity change from 0 to 512
[ 1574.468659][    T9] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.504148][T14789] EXT4-fs: Ignoring removed nobh option
[ 1574.672884][T14789] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -2
[ 1574.809520][T14789] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1883: invalid indirect mapped block 256 (level 1)
[ 1574.845799][    T9] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1574.948976][T14789] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.1883: invalid indirect mapped block 2683928664 (level 1)
[ 1574.973784][T14799] loop3: detected capacity change from 0 to 32768
[ 1575.098494][    T9] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1575.101961][T14789] EXT4-fs (loop5): 1 truncate cleaned up
[ 1575.123648][T14789] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1575.161622][T14789] EXT4-fs (loop5): unmounting filesystem.
[ 1575.200103][T14799] XFS (loop3): Mounting V5 Filesystem
[ 1575.423551][T14799] XFS (loop3): Ending clean mount
[ 1575.430023][    T9] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1575.576750][   T26] audit: type=1800 audit(1780680062.391:32): pid=14827 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1887" name="file2" dev="loop3" ino=6151 res=0 errno=0
[ 1575.957245][  T954] usb 3-1: new full-speed USB device number 14 using dummy_hcd
[ 1576.171235][ T4277] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[ 1576.182959][  T954] usb 3-1: config 0 has an invalid interface number: 105 but max is 0
[ 1576.184534][ T4277] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[ 1576.200488][ T4277] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[ 1576.225078][ T4277] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[ 1576.230897][  T954] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1576.245068][ T4279] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[ 1576.252427][ T4279] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[ 1576.316968][  T954] usb 3-1: config 0 has no interface number 0
[ 1576.335789][  T954] usb 3-1: New USB device found, idVendor=046c, idProduct=14e8, bcdDevice= b.28
[ 1576.353344][  T954] usb 3-1: New USB device strings: Mfr=5, Product=2, SerialNumber=3
[ 1576.372687][  T954] usb 3-1: Product: syz
[ 1576.377238][  T954] usb 3-1: Manufacturer: syz
[ 1576.381881][  T954] usb 3-1: SerialNumber: syz
[ 1576.417866][  T954] usb 3-1: config 0 descriptor??
[ 1576.439802][  T954] usb 3-1: Found UVC 0.00 device syz (046c:14e8)
[ 1576.459876][  T954] uvcvideo 3-1:0.105: Entity type for entity Output 1 was not initialized!
[ 1576.490249][  T954] usb 3-1: Failed to create links for entity 1
[ 1576.519926][  T954] usb 3-1: Failed to register entities (-22).
[ 1578.248893][  T954] usb 3-1: USB disconnect, device number 14
[ 1578.293629][ T4279] Bluetooth: hci2: command 0x0409 tx timeout
[ 1579.310271][T12654] XFS (loop3): Unmounting Filesystem
[ 1580.017465][T14870] netlink: 52 bytes leftover after parsing attributes in process `syz.2.1896'.
[ 1580.107487][T14872] loop2: detected capacity change from 0 to 512
[ 1580.116582][T14872] EXT4-fs: Ignoring removed nobh option
[ 1580.380790][ T4279] Bluetooth: hci2: command 0x041b tx timeout
[ 1580.923598][T14872] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[ 1580.932004][T14872] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1896: invalid indirect mapped block 256 (level 1)
[ 1580.968977][T14872] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #13: comm syz.2.1896: invalid indirect mapped block 2683928664 (level 1)
[ 1581.149524][T14872] EXT4-fs (loop2): 1 truncate cleaned up
[ 1581.155378][T14872] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[ 1581.167611][T14872] EXT4-fs (loop2): unmounting filesystem.
[ 1581.967653][T14883] FAULT_INJECTION: forcing a failure.
[ 1581.967653][T14883] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1582.103475][T14883] CPU: 1 PID: 14883 Comm: syz.8.1901 Not tainted syzkaller #0
[ 1582.111029][T14883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1582.121131][T14883] Call Trace:
[ 1582.124455][T14883]  <TASK>
[ 1582.127433][T14883]  dump_stack_lvl+0x188/0x24e
[ 1582.132175][T14883]  ? show_regs_print_info+0x12/0x12
[ 1582.137428][T14883]  ? load_image+0x400/0x400
[ 1582.141988][T14883]  ? __lock_acquire+0x7d10/0x7d10
[ 1582.147073][T14883]  should_fail_ex+0x399/0x4d0
[ 1582.151797][T14883]  _copy_from_user+0x2c/0x170
[ 1582.156245][T14887] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1900'.
[ 1582.156505][T14883]  iovec_from_user+0x143/0x360
[ 1582.170174][T14883]  __import_iovec+0x6d/0x500
[ 1582.174818][T14883]  import_iovec+0x6f/0xa0
[ 1582.179199][T14883]  ___sys_sendmsg+0x252/0x360
[ 1582.183933][T14883]  ? __sys_sendmsg+0x290/0x290
[ 1582.188786][T14883]  ? __lock_acquire+0x7d10/0x7d10
[ 1582.193901][T14883]  __se_sys_sendmsg+0x1bb/0x2a0
[ 1582.198812][T14883]  ? __x64_sys_sendmsg+0x80/0x80
[ 1582.203814][T14883]  ? lockdep_hardirqs_on+0x94/0x140
[ 1582.209064][T14883]  do_syscall_64+0x4c/0xa0
[ 1582.213532][T14883]  ? clear_bhb_loop+0x60/0xb0
[ 1582.218263][T14883]  ? clear_bhb_loop+0x60/0xb0
[ 1582.222993][T14883]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1582.228939][T14883] RIP: 0033:0x7f6357b9ce59
[ 1582.233385][T14883] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1582.253020][T14883] RSP: 002b:00007f63589d4028 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1582.261453][T14883] RAX: ffffffffffffffda RBX: 00007f6357e15fa0 RCX: 00007f6357b9ce59
[ 1582.269441][T14883] RDX: 0000000024000840 RSI: 0000200000009b40 RDI: 0000000000000003
[ 1582.277423][T14883] RBP: 00007f63589d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1582.285413][T14883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1582.293394][T14883] R13: 00007f6357e16038 R14: 00007f6357e15fa0 R15: 00007ffe55847198
[ 1582.301402][T14883]  </TASK>
[ 1582.324695][T14832] chnl_net:caif_netlink_parms(): no params data found
[ 1582.463605][ T4279] Bluetooth: hci2: command 0x040f tx timeout
[ 1582.773588][ T9195] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[ 1583.858317][T14910] loop3: detected capacity change from 0 to 8
[ 1583.939488][T14910] SQUASHFS error: Failed to read block 0x29b: -5
[ 1583.946211][T14910] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1583.963515][ T9195] usb 6-1: device descriptor read/64, error -71
[ 1584.079585][    T9] device hsr_slave_0 left promiscuous mode
[ 1584.087430][    T9] device hsr_slave_1 left promiscuous mode
[ 1584.168116][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[ 1584.253328][ T9195] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[ 1584.351429][    T9] batman_adv: batadv0: Removing interface: batadv_slave_0
[ 1584.533471][   T48] Bluetooth: hci1: command 0x0401 tx timeout
[ 1584.533543][ T4279] Bluetooth: hci2: command 0x0419 tx timeout
[ 1584.967351][    T9] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1584.989420][    T9] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1585.004153][    T9] device bridge_slave_1 left promiscuous mode
[ 1585.010484][    T9] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1585.022311][    T9] device bridge_slave_0 left promiscuous mode
[ 1585.033491][    T9] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1585.123312][ T9195] usb 6-1: device descriptor read/64, error -71
[ 1585.176652][    T9] device veth1_macvtap left promiscuous mode
[ 1585.182777][    T9] device veth0_macvtap left promiscuous mode
[ 1585.219784][    T9] device veth1_vlan left promiscuous mode
[ 1585.241687][    T9] device veth0_vlan left promiscuous mode
[ 1585.253650][ T9195] usb usb6-port1: attempt power cycle
[ 1585.659740][T14935] dlm: non-version read from control device 8224
[ 1586.193736][T14926] loop2: detected capacity change from 0 to 32768
[ 1586.342694][T14947] loop8: detected capacity change from 0 to 128
[ 1586.418646][T14926] XFS (loop2): Mounting V5 Filesystem
[ 1586.570895][T14947] hpfs: Bad magic ... probably not HPFS
[ 1586.583461][T14926] XFS (loop2): Ending clean mount
[ 1586.947693][T13215] usb 3-1: new high-speed USB device number 15 using dummy_hcd
[ 1587.294104][T14966] loop3: detected capacity change from 0 to 8
[ 1587.978375][T14965] SQUASHFS error: Failed to read block 0x29b: -5
[ 1587.984892][T14965] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1587.992393][T13215] usb 3-1: Using ep0 maxpacket: 16
[ 1588.025035][T13215] usb 3-1: config 1 interface 0 altsetting 25 bulk endpoint 0x1 has invalid maxpacket 16
[ 1588.302076][T13215] usb 3-1: config 1 interface 0 altsetting 25 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[ 1588.436113][T13215] usb 3-1: config 1 interface 0 has no altsetting 0
[ 1588.514189][T13215] usb 3-1: string descriptor 0 read error: -71
[ 1588.520549][T13215] usb 3-1: New USB device found, idVendor=03f0, idProduct=0004, bcdDevice= 0.40
[ 1588.597503][T13215] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1588.620980][T13215] usb 3-1: can't set config #1, error -71
[ 1588.631734][T13215] usb 3-1: USB disconnect, device number 15
[ 1588.656495][ T4283] XFS (loop2): Unmounting Filesystem
[ 1589.080221][T14976] loop8: detected capacity change from 0 to 256
[ 1589.113506][T14976] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1589.225454][T14976] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=512, location=512
[ 1589.287421][T14976] UDF-fs: warning (device loop8): udf_load_vrs: No anchor found
[ 1589.432538][T14976] UDF-fs: Scanning with blocksize 512 failed
[ 1589.498825][T14976] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1589.552449][T14979] loop3: detected capacity change from 0 to 8192
[ 1589.573017][T14976] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1590.324170][T14984] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1592.076599][T14990] syz.8.1924 uses obsolete (PF_INET,SOCK_PACKET)
[ 1592.508159][T14993] loop8: detected capacity change from 0 to 128
[ 1592.519581][T14993] befs: (loop8): No write support. Marking filesystem read-only
[ 1592.533702][T14993] befs: (loop8): invalid magic header
[ 1593.006332][    T9] team0 (unregistering): Port device team_slave_1 removed
[ 1593.241454][    T9] team0 (unregistering): Port device team_slave_0 removed
[ 1593.534327][    T9] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[ 1593.661078][    T9] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[ 1593.801097][T14995] FAULT_INJECTION: forcing a failure.
[ 1593.801097][T14995] name failslab, interval 1, probability 0, space 0, times 0
[ 1593.858215][T14995] CPU: 0 PID: 14995 Comm: syz.2.1925 Not tainted syzkaller #0
[ 1593.865784][T14995] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1593.875884][T14995] Call Trace:
[ 1593.879206][T14995]  <TASK>
[ 1593.882171][T14995]  dump_stack_lvl+0x188/0x24e
[ 1593.886899][T14995]  ? show_regs_print_info+0x12/0x12
[ 1593.892147][T14995]  ? load_image+0x400/0x400
[ 1593.896699][T14995]  ? __might_sleep+0xd0/0xd0
[ 1593.901333][T14995]  ? __lock_acquire+0x7d10/0x7d10
[ 1593.906386][T14995]  ? __se_sys_memfd_create+0xee/0x340
[ 1593.911829][T14995]  should_fail_ex+0x399/0x4d0
[ 1593.916543][T14995]  should_failslab+0x5/0x20
[ 1593.921071][T14995]  slab_pre_alloc_hook+0x59/0x310
[ 1593.926125][T14995]  kmem_cache_alloc_lru+0x49/0x2e0
[ 1593.931268][T14995]  ? shmem_alloc_inode+0x24/0x40
[ 1593.936254][T14995]  shmem_alloc_inode+0x24/0x40
[ 1593.941056][T14995]  ? shmem_match+0x160/0x160
[ 1593.945678][T14995]  new_inode_pseudo+0x5f/0x1c0
[ 1593.950501][T14995]  new_inode+0x25/0x1c0
[ 1593.954688][T14995]  shmem_get_inode+0x347/0xbf0
[ 1593.959490][T14995]  __shmem_file_setup+0x10b/0x290
[ 1593.964540][T14995]  ? shmem_file_setup+0x13/0x30
[ 1593.969444][T14995]  __se_sys_memfd_create+0x1e1/0x340
[ 1593.974807][T14995]  do_syscall_64+0x4c/0xa0
[ 1593.979255][T14995]  ? clear_bhb_loop+0x60/0xb0
[ 1593.983964][T14995]  ? clear_bhb_loop+0x60/0xb0
[ 1593.988679][T14995]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1593.994613][T14995] RIP: 0033:0x7f75b979ce59
[ 1593.999069][T14995] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1594.018717][T14995] RSP: 002b:00007f75ba581e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1594.027203][T14995] RAX: ffffffffffffffda RBX: 0000000000000bf6 RCX: 00007f75b979ce59
[ 1594.035228][T14995] RDX: 00007f75ba581ee0 RSI: 0000000000000000 RDI: 00007f75b9832f4f
[ 1594.043259][T14995] RBP: 0000200000000cc0 R08: 00000000ffffffff R09: 0000000000000000
[ 1594.051283][T14995] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000c40
[ 1594.059315][T14995] R13: 00007f75ba581ee0 R14: 00007f75ba581ea0 R15: 0000200000000c80
[ 1594.067403][T14995]  </TASK>
[ 1594.570854][T15001] loop2: detected capacity change from 0 to 8
[ 1594.618953][T15001] SQUASHFS error: Failed to read block 0x29b: -5
[ 1594.625644][T15001] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1595.352740][    T9] bond0 (unregistering): Released all slaves
[ 1595.742866][T14991] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1924'.
[ 1595.829173][T14832] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1596.359520][T14832] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1596.391068][T14832] device bridge_slave_0 entered promiscuous mode
[ 1596.456034][T14832] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1596.464431][T14832] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1596.472663][T14832] device bridge_slave_1 entered promiscuous mode
[ 1596.541707][T15011] loop5: detected capacity change from 0 to 512
[ 1596.572715][T14832] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1596.675249][T14832] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1596.908530][T14832] team0: Port device team_slave_0 added
[ 1596.928494][T14832] team0: Port device team_slave_1 added
[ 1597.431090][T14832] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1597.593261][T14832] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1597.656669][T15021] loop2: detected capacity change from 0 to 16
[ 1597.679603][T14832] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1597.713035][T14832] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1597.722726][T14832] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1597.748657][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1597.778646][T15021] erofs: (device loop2): mounted with root inode @ nid 36.
[ 1597.792048][T14832] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1597.885545][T15028] loop3: detected capacity change from 0 to 2048
[ 1597.930149][T15028] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[ 1597.995627][T15035] loop5: detected capacity change from 0 to 512
[ 1598.071512][T15035] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.1936: bg 0: block 393: padding at end of block bitmap is not set
[ 1598.183394][T15033] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 234: padding at end of block bitmap is not set
[ 1598.215760][T15035] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6180: Corrupt filesystem
[ 1598.237157][T15035] EXT4-fs (loop5): 2 truncates cleaned up
[ 1598.265888][T15033] EXT4-fs (loop3): Remounting filesystem read-only
[ 1598.273825][T15035] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[ 1598.295664][T15021] sp0: Synchronizing with TNC
[ 1598.428194][   T26] audit: type=1800 audit(1780680085.241:33): pid=15030 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1936" name="file1" dev="loop5" ino=15 res=0 errno=0
[ 1598.724742][T12654] EXT4-fs (loop3): unmounting filesystem.
[ 1598.733547][T13821] EXT4-fs (loop5): unmounting filesystem.
[ 1598.737941][T14832] device hsr_slave_0 entered promiscuous mode
[ 1599.105309][T14832] device hsr_slave_1 entered promiscuous mode
[ 1599.182465][T14832] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1599.247546][T14832] Cannot create hsr debugfs directory
[ 1599.263541][ T4279] Bluetooth: hci0: command 0x0406 tx timeout
[ 1600.018700][T15057] loop3: detected capacity change from 0 to 8
[ 1600.061597][T15057] SQUASHFS error: Failed to read block 0x29b: -5
[ 1600.068157][T15057] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1600.179605][T15061] FAULT_INJECTION: forcing a failure.
[ 1600.179605][T15061] name failslab, interval 1, probability 0, space 0, times 0
[ 1600.222953][T15061] CPU: 1 PID: 15061 Comm: syz.8.1941 Not tainted syzkaller #0
[ 1600.230502][T15061] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1600.240601][T15061] Call Trace:
[ 1600.243924][T15061]  <TASK>
[ 1600.246891][T15061]  dump_stack_lvl+0x188/0x24e
[ 1600.251626][T15061]  ? show_regs_print_info+0x12/0x12
[ 1600.256876][T15061]  ? load_image+0x400/0x400
[ 1600.261431][T15061]  ? __might_sleep+0xd0/0xd0
[ 1600.266075][T15061]  ? __lock_acquire+0x7d10/0x7d10
[ 1600.271164][T15061]  should_fail_ex+0x399/0x4d0
[ 1600.275894][T15061]  should_failslab+0x5/0x20
[ 1600.280447][T15061]  slab_pre_alloc_hook+0x59/0x310
[ 1600.285515][T15061]  ? prepend_path+0xa68/0xc20
[ 1600.290256][T15061]  ? tomoyo_encode+0x27e/0x540
[ 1600.295091][T15061]  __kmem_cache_alloc_node+0x4f/0x260
[ 1600.300523][T15061]  ? tomoyo_encode+0x27e/0x540
[ 1600.305347][T15061]  __kmalloc+0xa0/0x240
[ 1600.309555][T15061]  tomoyo_encode+0x27e/0x540
[ 1600.314226][T15061]  tomoyo_realpath_from_path+0x58e/0x5d0
[ 1600.319912][T15061]  ? tomoyo_path_number_perm+0x205/0x650
[ 1600.325577][T15061]  tomoyo_path_number_perm+0x22f/0x650
[ 1600.331079][T15061]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1600.336572][T15061]  ? ksys_write+0x1c0/0x250
[ 1600.341108][T15061]  ? common_file_perm+0x171/0x1c0
[ 1600.346180][T15061]  ? __fget_files+0x28/0x4b0
[ 1600.350802][T15061]  ? __fget_files+0x28/0x4b0
[ 1600.355437][T15061]  security_file_ioctl+0x6c/0xa0
[ 1600.360406][T15061]  __se_sys_ioctl+0x48/0x170
[ 1600.365028][T15061]  do_syscall_64+0x4c/0xa0
[ 1600.369473][T15061]  ? clear_bhb_loop+0x60/0xb0
[ 1600.374188][T15061]  ? clear_bhb_loop+0x60/0xb0
[ 1600.378903][T15061]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1600.384832][T15061] RIP: 0033:0x7f6357b9ce59
[ 1600.389272][T15061] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1600.409002][T15061] RSP: 002b:00007f63589d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1600.417462][T15061] RAX: ffffffffffffffda RBX: 00007f6357e15fa0 RCX: 00007f6357b9ce59
[ 1600.425472][T15061] RDX: 0000200000000300 RSI: 0000000040086408 RDI: 0000000000000003
[ 1600.433474][T15061] RBP: 00007f63589d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1600.441475][T15061] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1600.449482][T15061] R13: 00007f6357e16038 R14: 00007f6357e15fa0 R15: 00007ffe55847198
[ 1600.457500][T15061]  </TASK>
[ 1600.660381][T15061] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1601.070435][T15075] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1947'.
[ 1602.093298][T14317] usb 9-1: new high-speed USB device number 25 using dummy_hcd
[ 1602.313318][T14317] usb 9-1: Using ep0 maxpacket: 8
[ 1602.324447][T14317] usb 9-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1602.352058][T14317] usb 9-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1602.361454][T14317] usb 9-1: config 1 has no interface number 0
[ 1602.370636][T14317] usb 9-1: config 1 interface 1 altsetting 1 endpoint 0x1 has an invalid bInterval 0, changing to 7
[ 1602.391383][T14317] usb 9-1: New USB device found, idVendor=0582, idProduct=0025, bcdDevice= 0.40
[ 1602.410871][T14317] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1602.428915][T14317] usb 9-1: Product: syz
[ 1602.443320][T13215] usb 6-1: new high-speed USB device number 5 using dummy_hcd
[ 1602.451049][T14317] usb 9-1: Manufacturer: syz
[ 1602.456400][T14317] usb 9-1: SerialNumber: syz
[ 1602.643792][T13215] usb 6-1: Using ep0 maxpacket: 16
[ 1602.651255][T13215] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1602.662728][T13215] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[ 1602.698962][T13215] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1602.708553][T13215] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1602.726149][T15102] 9pnet_fd: Insufficient options for proto=fd
[ 1602.732636][T13215] usb 6-1: Product: syz
[ 1602.738114][T13215] usb 6-1: Manufacturer: syz
[ 1602.744059][T13215] usb 6-1: SerialNumber: syz
[ 1603.179318][T15086] UHID_CREATE from different security context by process 125 (syz.5.1949), this is not allowed.
[ 1603.195027][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.261986][T15110] loop3: detected capacity change from 0 to 8
[ 1603.291455][T15110] SQUASHFS error: Failed to read block 0x29b: -5
[ 1603.298047][T15110] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1603.333473][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.364261][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.386490][T15107] loop2: detected capacity change from 0 to 4096
[ 1603.404078][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.426575][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.448903][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.486387][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.515661][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.535582][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1603.919253][ T9403] kernel read not supported for file /dsp1 (pid: 9403 comm: kworker/1:0)
[ 1604.705380][T15120] FAULT_INJECTION: forcing a failure.
[ 1604.705380][T15120] name failslab, interval 1, probability 0, space 0, times 0
[ 1604.836073][T15120] CPU: 1 PID: 15120 Comm: syz.2.1957 Not tainted syzkaller #0
[ 1604.843644][T15120] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1604.853764][T15120] Call Trace:
[ 1604.857082][T15120]  <TASK>
[ 1604.860052][T15120]  dump_stack_lvl+0x188/0x24e
[ 1604.864780][T15120]  ? show_regs_print_info+0x12/0x12
[ 1604.870017][T15120]  ? load_image+0x400/0x400
[ 1604.874574][T15120]  ? __lock_acquire+0x7d10/0x7d10
[ 1604.879656][T15120]  should_fail_ex+0x399/0x4d0
[ 1604.884392][T15120]  should_failslab+0x5/0x20
[ 1604.888957][T15120]  slab_pre_alloc_hook+0x59/0x310
[ 1604.894043][T15120]  kmem_cache_alloc_lru+0x49/0x2e0
[ 1604.899206][T15120]  ? __d_alloc+0x31/0x700
[ 1604.903608][T15120]  __d_alloc+0x31/0x700
[ 1604.907831][T15120]  d_alloc_pseudo+0x19/0x70
[ 1604.912404][T15120]  alloc_file_pseudo+0xe0/0x200
[ 1604.917425][T15120]  ? alloc_empty_file_noaccount+0x80/0x80
[ 1604.923203][T15120]  ? __rwlock_init+0x140/0x140
[ 1604.928008][T15120]  ? bpf_lsm_inode_alloc_security+0x5/0x10
[ 1604.933989][T15120]  ? do_raw_spin_unlock+0x11d/0x230
[ 1604.939257][T15120]  sock_alloc_file+0xb3/0x240
[ 1604.944001][T15120]  do_accept+0x404/0x6f0
[ 1604.948301][T15120]  ? __ia32_sys_listen+0x60/0x60
[ 1604.953335][T15120]  __sys_accept4+0x97/0x100
[ 1604.957900][T15120]  __x64_sys_accept4+0x96/0xb0
[ 1604.962831][T15120]  do_syscall_64+0x4c/0xa0
[ 1604.967306][T15120]  ? clear_bhb_loop+0x60/0xb0
[ 1604.972041][T15120]  ? clear_bhb_loop+0x60/0xb0
[ 1604.976787][T15120]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1604.982742][T15120] RIP: 0033:0x7f75b979ce59
[ 1604.987204][T15120] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1605.006862][T15120] RSP: 002b:00007f75ba582028 EFLAGS: 00000246 ORIG_RAX: 0000000000000120
[ 1605.015330][T15120] RAX: ffffffffffffffda RBX: 00007f75b9a15fa0 RCX: 00007f75b979ce59
[ 1605.023358][T15120] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000004
[ 1605.031379][T15120] RBP: 00007f75ba582090 R08: 0000000000000000 R09: 0000000000000000
[ 1605.039398][T15120] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1605.047423][T15120] R13: 00007f75b9a16038 R14: 00007f75b9a15fa0 R15: 00007fffb7057f18
[ 1605.055472][T15120]  </TASK>
[ 1605.272908][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.280775][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.288536][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.296064][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.303568][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.311134][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.318690][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.326228][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.333813][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.341595][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.349154][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.356686][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.364166][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.371701][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.379263][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.386831][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.394334][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.402409][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.409993][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.421617][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.429345][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.436861][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.462378][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.482543][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.511062][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.523339][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.551081][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.583372][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.590923][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.633339][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.640823][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.693303][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.700844][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.733896][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.741372][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.793594][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.801075][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.833305][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.840809][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.867575][T15128] loop2: detected capacity change from 0 to 512
[ 1605.883505][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.891047][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.933347][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.940836][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1605.951281][T15128] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1605.990188][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.010699][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.054421][T15128] EXT4-fs (loop2): shut down requested (0)
[ 1606.062430][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.085794][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.125998][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.159459][T15123] loop8: detected capacity change from 0 to 32768
[ 1606.161303][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.179779][T15123] BTRFS: device fsid e0cb6322-611b-4325-acdf-015f79de3787 devid 1 transid 8 /dev/loop8 scanned by syz.8.1958 (15123)
[ 1606.192254][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.207462][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.222901][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.237097][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.247745][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.261653][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.270727][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.283131][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.292183][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.305695][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.317582][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.328824][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.339739][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.351011][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.368598][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.377859][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.390813][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.399917][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.412296][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.421722][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.436876][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.447221][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.458625][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.490314][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.509315][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.525046][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.541470][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.557500][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.574761][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.591392][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.606826][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.622829][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.639508][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.661884][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.680641][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.700889][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.711019][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.731271][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.756869][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.773742][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.791578][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.804701][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.822374][  T954] hid-generic 0000:0000:0004.0003: unknown main item tag 0x0
[ 1606.843418][  T954] hid-generic 0000:0000:0004.0003: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz0
[ 1606.888116][T15123] BTRFS info (device loop8): first mount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1606.902599][T13215] usb 6-1: 0:2 : does not exist
[ 1606.908122][T15123] BTRFS info (device loop8): using sha256 (sha256-avx2) checksum algorithm
[ 1606.958942][T13215] usb 6-1: 5:0: failed to get current value for ch 0 (-22)
[ 1606.966743][T15123] BTRFS info (device loop8): enabling ssd optimizations
[ 1606.993422][T15123] BTRFS info (device loop8): not using ssd optimizations
[ 1607.010087][T15123] BTRFS info (device loop8): turning off barriers
[ 1607.051555][T15123] BTRFS info (device loop8): using free space tree
[ 1607.107070][T13215] usb 6-1: USB disconnect, device number 5
[ 1607.194606][T14317] usb 9-1: USB disconnect, device number 25
[ 1607.368094][ T4283] EXT4-fs (loop2): unmounting filesystem.
[ 1607.430232][ T1268] ieee802154 phy0 wpan0: encryption failed: -22
[ 1607.438265][ T1268] ieee802154 phy1 wpan1: encryption failed: -22
[ 1608.093762][T14321] udevd[14321]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[ 1608.256259][T13968] udevd[13968]: error opening ATTR{/sys/devices/platform/dummy_hcd.8/usb9/9-1/9-1:1.1/sound/card4/controlC4/../uevent} for writing: No such file or directory
[ 1608.321879][T14832] netdevsim netdevsim7 netdevsim0: renamed from eth0
[ 1608.366869][T15161] fido_id[15161]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[ 1608.419612][T14832] netdevsim netdevsim7 netdevsim1: renamed from eth1
[ 1608.452725][T14832] netdevsim netdevsim7 netdevsim2: renamed from eth2
[ 1608.466813][ T9649] BTRFS info (device loop8): last unmount of filesystem e0cb6322-611b-4325-acdf-015f79de3787
[ 1608.495676][T15165] program syz.2.1962 is using a deprecated SCSI ioctl, please convert it to SG_IO
[ 1608.556153][T14832] netdevsim netdevsim7 netdevsim3: renamed from eth3
[ 1608.597772][T15171] 9pnet_fd: Insufficient options for proto=fd
[ 1608.980819][T14832] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1609.142587][T15179] loop3: detected capacity change from 0 to 128
[ 1609.683914][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[ 1609.727442][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[ 1609.763023][T15185] netlink: 'syz.2.1968': attribute type 32 has an invalid length.
[ 1609.808221][T14832] 8021q: adding VLAN 0 to HW filter on device team0
[ 1609.872054][T14832] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[ 1609.892894][T14832] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[ 1610.335470][T15195] 9pnet_fd: Insufficient options for proto=fd
[ 1610.342639][T15195] netlink: 20 bytes leftover after parsing attributes in process `syz.2.1969'.
[ 1610.358653][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[ 1610.368138][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[ 1610.377678][ T4405] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1610.384869][ T4405] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1610.395502][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[ 1610.469742][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[ 1610.472860][T15196] loop2: detected capacity change from 0 to 512
[ 1610.521405][T15196] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[ 1610.564266][ T4405] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1610.571451][ T4405] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1610.619248][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[ 1610.645128][T15196] EXT4-fs (loop2): 1 truncate cleaned up
[ 1610.650965][T15196] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[ 1610.676862][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[ 1610.722902][   T26] audit: type=1800 audit(1780680097.531:34): pid=15195 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1969" name="file1" dev="loop2" ino=15 res=0 errno=0
[ 1610.871197][T15196] EXT4-fs error (device loop2) in ext4_setattr:5695: Corrupt filesystem
[ 1610.881617][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[ 1610.924465][T15196] EXT4-fs (loop2): Remounting filesystem read-only
[ 1610.945802][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[ 1611.062361][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[ 1611.073821][T15201] EXT4-fs error (device loop2): ext4_read_block_bitmap_nowait:477: comm ext4lazyinit: Invalid block bitmap block 3 in block_group 0
[ 1611.134824][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[ 1611.149023][T15201] EXT4-fs (loop2): Remounting filesystem read-only
[ 1611.164516][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[ 1611.194136][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[ 1611.194159][ T3599] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[ 1611.224136][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[ 1611.254785][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[ 1611.290874][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[ 1611.317814][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[ 1611.383588][ T4283] EXT4-fs (loop2): unmounting filesystem.
[ 1611.401238][ T4405] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[ 1611.617050][ T3599] usb 6-1: config 2 has an invalid interface number: 79 but max is 0
[ 1611.646387][ T3599] usb 6-1: config 2 has no interface number 0
[ 1611.652604][ T3599] usb 6-1: config 2 interface 79 has no altsetting 0
[ 1611.706929][ T3599] usb 6-1: New USB device found, idVendor=0ab4, idProduct=0011, bcdDevice=ca.fb
[ 1611.765800][ T3599] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1611.805687][ T3599] usb 6-1: Product: syz
[ 1611.809938][ T3599] usb 6-1: Manufacturer: syz
[ 1611.843554][ T3599] usb 6-1: SerialNumber: syz
[ 1612.135496][ T3599] esd_usb 6-1:2.79: sending version message failed
[ 1612.144744][ T3599] esd_usb: probe of 6-1:2.79 failed with error -22
[ 1612.179541][ T3599] usb 6-1: USB disconnect, device number 6
[ 1612.973459][T15230] netlink: 'syz.8.1975': attribute type 2 has an invalid length.
[ 1612.981282][T15230] netlink: 8 bytes leftover after parsing attributes in process `syz.8.1975'.
[ 1613.213720][   T26] audit: type=1326 audit(1780680099.821:35): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.8.1975" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6357b9ce59 code=0x7ffc0000
[ 1613.661771][   T26] audit: type=1326 audit(1780680099.821:36): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.8.1975" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f6357b9ce59 code=0x7ffc0000
[ 1613.686377][   T26] audit: type=1326 audit(1780680099.821:37): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.8.1975" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6357b9ce59 code=0x7ffc0000
[ 1613.711717][   T26] audit: type=1326 audit(1780680099.821:38): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.8.1975" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=54 compat=0 ip=0x7f6357b9ce59 code=0x7ffc0000
[ 1613.738231][   T26] audit: type=1326 audit(1780680099.821:39): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.8.1975" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6357b9ce59 code=0x7ffc0000
[ 1613.809132][   T26] audit: type=1326 audit(1780680099.821:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15221 comm="syz.8.1975" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f6357b9ce59 code=0x7ffc0000
[ 1613.909448][ T4279] Bluetooth: hci1: unexpected event for opcode 0x0c7d
[ 1614.075050][T15234] loop8: detected capacity change from 0 to 512
[ 1614.109140][T15234] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[ 1614.219900][T15234] EXT4-fs (loop8): 1 truncate cleaned up
[ 1614.237744][T15234] EXT4-fs (loop8): mounted filesystem without journal. Quota mode: none.
[ 1614.263805][   T26] audit: type=1800 audit(1780680101.081:41): pid=15234 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.8.1977" name="file1" dev="loop8" ino=15 res=0 errno=0
[ 1614.294990][T15234] FAULT_INJECTION: forcing a failure.
[ 1614.294990][T15234] name failslab, interval 1, probability 0, space 0, times 0
[ 1614.834082][T15241] FAULT_INJECTION: forcing a failure.
[ 1614.834082][T15241] name failslab, interval 1, probability 0, space 0, times 0
[ 1614.847569][T15241] CPU: 0 PID: 15241 Comm: syz.5.1979 Not tainted syzkaller #0
[ 1614.855074][T15241] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1614.865145][T15241] Call Trace:
[ 1614.868439][T15241]  <TASK>
[ 1614.871383][T15241]  dump_stack_lvl+0x188/0x24e
[ 1614.876081][T15241]  ? show_regs_print_info+0x12/0x12
[ 1614.881293][T15241]  ? load_image+0x400/0x400
[ 1614.885819][T15241]  should_fail_ex+0x399/0x4d0
[ 1614.890512][T15241]  should_failslab+0x5/0x20
[ 1614.895044][T15241]  slab_pre_alloc_hook+0x59/0x310
[ 1614.900092][T15241]  kmem_cache_alloc_node+0x5a/0x320
[ 1614.905329][T15241]  ? alloc_io_context+0x27/0x290
[ 1614.910382][T15241]  alloc_io_context+0x27/0x290
[ 1614.915169][T15241]  set_task_ioprio+0x458/0x5d0
[ 1614.919966][T15241]  ? set_task_ioprio+0x5b/0x5d0
[ 1614.924834][T15241]  __se_sys_ioprio_set+0x831/0xa40
[ 1614.930033][T15241]  ? __se_sys_ioprio_set+0xf4/0xa40
[ 1614.935251][T15241]  do_syscall_64+0x4c/0xa0
[ 1614.939678][T15241]  ? clear_bhb_loop+0x60/0xb0
[ 1614.944415][T15241]  ? clear_bhb_loop+0x60/0xb0
[ 1614.949139][T15241]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1614.955071][T15241] RIP: 0033:0x7f24eb59ce59
[ 1614.959511][T15241] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1614.979136][T15241] RSP: 002b:00007f24e97f6028 EFLAGS: 00000246 ORIG_RAX: 00000000000000fb
[ 1614.987577][T15241] RAX: ffffffffffffffda RBX: 00007f24eb816090 RCX: 00007f24eb59ce59
[ 1614.995576][T15241] RDX: 0000000000002000 RSI: 0000000000000000 RDI: 0000000000000002
[ 1615.006002][T15241] RBP: 00007f24e97f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1615.013996][T15241] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1615.022018][T15241] R13: 00007f24eb816128 R14: 00007f24eb816090 R15: 00007ffc9e41bed8
[ 1615.030022][T15241]  </TASK>
[ 1615.933364][T15234] CPU: 1 PID: 15234 Comm: syz.8.1977 Not tainted syzkaller #0
[ 1615.940917][T15234] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1615.951012][T15234] Call Trace:
[ 1615.954321][T15234]  <TASK>
[ 1615.957276][T15234]  dump_stack_lvl+0x188/0x24e
[ 1615.961998][T15234]  ? show_regs_print_info+0x12/0x12
[ 1615.967230][T15234]  ? load_image+0x400/0x400
[ 1615.971769][T15234]  ? __might_sleep+0xd0/0xd0
[ 1615.976388][T15234]  ? __lock_acquire+0x7d10/0x7d10
[ 1615.981453][T15234]  should_fail_ex+0x399/0x4d0
[ 1615.986167][T15234]  should_failslab+0x5/0x20
[ 1615.990696][T15234]  slab_pre_alloc_hook+0x59/0x310
[ 1615.995759][T15234]  kmem_cache_alloc+0x56/0x2f0
[ 1616.000560][T15234]  ? mas_alloc_nodes+0x2ec/0x890
[ 1616.005549][T15234]  mas_alloc_nodes+0x2ec/0x890
[ 1616.010360][T15234]  mas_preallocate+0x161/0x3c0
[ 1616.015176][T15234]  __vma_adjust+0x30d/0x1cd0
[ 1616.019807][T15234]  ? rwsem_write_trylock+0x135/0x1c0
[ 1616.025122][T15234]  ? clear_nonspinnable+0x60/0x60
[ 1616.030266][T15234]  ? validate_mm+0x2e0/0x2e0
[ 1616.034887][T15234]  ? up_write+0x1bb/0x420
[ 1616.039270][T15234]  __split_vma+0x3a7/0x500
[ 1616.043731][T15234]  mprotect_fixup+0x5b1/0x800
[ 1616.048461][T15234]  ? change_protection+0x38e0/0x38e0
[ 1616.053784][T15234]  ? apparmor_file_mprotect+0xf4/0x110
[ 1616.059357][T15234]  ? bpf_lsm_file_mprotect+0x5/0x10
[ 1616.064601][T15234]  ? security_file_mprotect+0x7e/0xb0
[ 1616.070005][T15234]  do_mprotect_pkey+0x7fe/0xba0
[ 1616.074903][T15234]  ? prot_none_test+0x10/0x10
[ 1616.079628][T15234]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1616.085660][T15234]  __x64_sys_mprotect+0x7c/0x90
[ 1616.090544][T15234]  do_syscall_64+0x4c/0xa0
[ 1616.094994][T15234]  ? clear_bhb_loop+0x60/0xb0
[ 1616.099718][T15234]  ? clear_bhb_loop+0x60/0xb0
[ 1616.104435][T15234]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1616.110365][T15234] RIP: 0033:0x7f6357b9ce59
[ 1616.114830][T15234] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1616.135074][T15234] RSP: 002b:00007f63589d4028 EFLAGS: 00000246 ORIG_RAX: 000000000000000a
[ 1616.143521][T15234] RAX: ffffffffffffffda RBX: 00007f6357e15fa0 RCX: 00007f6357b9ce59
[ 1616.151525][T15234] RDX: 0000000000000001 RSI: 0000000000003000 RDI: 0000200000000000
[ 1616.159530][T15234] RBP: 00007f63589d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1616.167529][T15234] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1616.175534][T15234] R13: 00007f6357e16038 R14: 00007f6357e15fa0 R15: 00007ffe55847198
[ 1616.183561][T15234]  </TASK>
[ 1618.094084][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[ 1618.101701][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[ 1618.127529][ T9649] EXT4-fs (loop8): unmounting filesystem.
[ 1618.189232][T14832] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1618.505232][T15257] loop2: detected capacity change from 0 to 8
[ 1618.542768][T15257] SQUASHFS error: Failed to read block 0x29b: -5
[ 1618.549905][T15257] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1618.746491][T15259] loop8: detected capacity change from 0 to 128
[ 1618.833539][T15259] UDF-fs: error (device loop8): udf_read_tagged: read failed, block=256, location=256
[ 1619.184528][T15263] vim2m vim2m.0: Fourcc format (0x47524247) invalid.
[ 1619.420355][T15266] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1980'.
[ 1620.028073][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[ 1620.050007][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[ 1620.156526][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[ 1620.174272][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[ 1620.204578][T14832] device veth0_vlan entered promiscuous mode
[ 1620.219984][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[ 1620.231656][ T6530] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[ 1620.251237][T15289] loop5: detected capacity change from 0 to 8
[ 1620.288018][T14832] device veth1_vlan entered promiscuous mode
[ 1620.309410][T15290] mmap: syz.5.1990 (15290): VmData 176005120 exceed data ulimit 8. Update limits or use boot option ignore_rlimit_data.
[ 1620.486917][ T5058] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[ 1620.562831][ T5058] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[ 1620.727272][ T5058] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[ 1620.887842][ T5058] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[ 1621.095328][T14832] device veth0_macvtap entered promiscuous mode
[ 1621.234963][ T5058] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[ 1621.296315][T14832] device veth1_macvtap entered promiscuous mode
[ 1621.414215][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1621.470808][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1621.673530][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1621.685020][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1621.695799][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1621.726474][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1621.845360][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1621.860509][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1621.884731][T14832] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1621.893513][T15301] netlink: 24 bytes leftover after parsing attributes in process `syz.8.1992'.
[ 1621.913545][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[ 1622.005970][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[ 1622.024371][ T3599] usb 9-1: new high-speed USB device number 26 using dummy_hcd
[ 1622.082180][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1622.094179][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1622.113385][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1622.149185][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1622.169763][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1622.211342][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1622.223364][ T3599] usb 9-1: Using ep0 maxpacket: 32
[ 1622.230747][ T3599] usb 9-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 219
[ 1622.251606][T14832] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1622.295204][ T3599] usb 9-1: New USB device found, idVendor=0499, idProduct=1010, bcdDevice= a.f5
[ 1622.313306][T14832] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1622.325330][ T3599] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1622.344782][T14832] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1622.353514][ T3599] usb 9-1: Product: syz
[ 1622.357738][ T3599] usb 9-1: Manufacturer: syz
[ 1622.376223][T14832] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1622.393986][ T3599] usb 9-1: SerialNumber: syz
[ 1622.424031][ T3599] usb 9-1: config 0 descriptor??
[ 1622.431617][T15305] raw-gadget.0 gadget.8: fail, usb_ep_enable returned -22
[ 1622.441851][T14832] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1622.481478][T14832] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1622.518124][T14832] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1622.569382][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[ 1622.598095][ T4761] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[ 1622.713973][T15309] loop2: detected capacity change from 0 to 4096
[ 1622.756526][ T4474] usb 9-1: USB disconnect, device number 26
[ 1623.024460][ T4786] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1623.072650][T15319] loop3: detected capacity change from 0 to 8
[ 1623.169415][T15319] SQUASHFS error: Failed to read block 0x29b: -5
[ 1623.176054][T15319] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1623.260050][ T4786] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1623.296684][ T4452] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[ 1623.369244][T15321] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1623.414109][ T4413] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1623.422023][ T4413] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1623.473524][ T4413] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[ 1623.540685][T15306] netlink: 8 bytes leftover after parsing attributes in process `syz.2.1993'.
[ 1626.915259][ T5058] wlan1: Trigger new scan to find an IBSS to join
[ 1627.696164][ T4279] Bluetooth: hci1: unexpected event for opcode 0x0c7d
[ 1628.853333][T15353] loop2: detected capacity change from 0 to 512
[ 1629.896418][T15370] loop3: detected capacity change from 0 to 8
[ 1630.050795][T15370] SQUASHFS error: Failed to read block 0x29b: -5
[ 1630.050892][T15370] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1630.572246][T15377] fuse: Unknown parameter '00000000000000000000003000000000000000000000030000000000000000000300000000000000000000004'
[ 1630.795630][   T26] audit: type=1326 audit(1780680117.611:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1630.839569][T15374] loop7: detected capacity change from 0 to 256
[ 1630.854222][ T4413] wlan1: Trigger new scan to find an IBSS to join
[ 1630.892432][   T26] audit: type=1326 audit(1780680117.641:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=449 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1630.942448][T15374] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0x204dac4c, utbl_chksum : 0xe619d30d)
[ 1630.984279][   T26] audit: type=1326 audit(1780680117.641:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1631.090993][   T26] audit: type=1326 audit(1780680117.641:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1631.115079][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1631.218726][   T26] audit: type=1326 audit(1780680117.651:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1631.242751][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1631.322105][   T26] audit: type=1326 audit(1780680117.651:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1631.346204][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1631.429021][   T26] audit: type=1326 audit(1780680117.651:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1631.538151][   T26] audit: type=1326 audit(1780680117.651:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fc63fb5d68e code=0x7ffc0000
[ 1631.869610][T15399] FAULT_INJECTION: forcing a failure.
[ 1631.869610][T15399] name failslab, interval 1, probability 0, space 0, times 0
[ 1631.883318][T15399] CPU: 0 PID: 15399 Comm: syz.7.2012 Not tainted syzkaller #0
[ 1631.890835][T15399] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1631.900936][T15399] Call Trace:
[ 1631.904260][T15399]  <TASK>
[ 1631.907232][T15399]  dump_stack_lvl+0x188/0x24e
[ 1631.911963][T15399]  ? show_regs_print_info+0x12/0x12
[ 1631.917215][T15399]  ? load_image+0x400/0x400
[ 1631.921776][T15399]  ? __might_sleep+0xd0/0xd0
[ 1631.926407][T15399]  ? __lock_acquire+0x7d10/0x7d10
[ 1631.931496][T15399]  should_fail_ex+0x399/0x4d0
[ 1631.936228][T15399]  should_failslab+0x5/0x20
[ 1631.940779][T15399]  slab_pre_alloc_hook+0x59/0x310
[ 1631.945857][T15399]  ? snd_pcm_oss_change_params_locked+0x1b3/0x3c60
[ 1631.952517][T15399]  __kmem_cache_alloc_node+0x4f/0x260
[ 1631.957942][T15399]  ? snd_pcm_oss_change_params_locked+0x1b3/0x3c60
[ 1631.964531][T15399]  kmalloc_trace+0x26/0xe0
[ 1631.969019][T15399]  snd_pcm_oss_change_params_locked+0x1b3/0x3c60
[ 1631.975410][T15399]  ? __mutex_trylock_common+0x155/0x260
[ 1631.981035][T15399]  ? trace_raw_output_contention_end+0xd0/0xd0
[ 1631.987270][T15399]  ? rcu_is_watching+0x11/0xa0
[ 1631.992221][T15399]  ? __mutex_lock+0x1ab/0xaf0
[ 1631.996963][T15399]  ? aa_file_perm+0x3ea/0xf00
[ 1632.001696][T15399]  ? snd_pcm_oss_read2+0x3d0/0x3d0
[ 1632.006867][T15399]  ? mutex_lock_nested+0x10/0x10
[ 1632.011867][T15399]  ? aa_path_link+0x880/0x880
[ 1632.016598][T15399]  snd_pcm_oss_write+0x277/0xaf0
[ 1632.021603][T15399]  ? snd_pcm_oss_read+0x8b0/0x8b0
[ 1632.026679][T15399]  vfs_write+0x2e6/0xa30
[ 1632.030988][T15399]  ? file_end_write+0x250/0x250
[ 1632.035889][T15399]  ? __fget_files+0x28/0x4b0
[ 1632.040530][T15399]  ? __fget_files+0x28/0x4b0
[ 1632.045169][T15399]  ? __fget_files+0x43d/0x4b0
[ 1632.049913][T15399]  ? __fdget_pos+0x1d4/0x360
[ 1632.054675][T15399]  ? ksys_write+0x71/0x250
[ 1632.059158][T15399]  ksys_write+0x14c/0x250
[ 1632.063557][T15399]  ? __ia32_sys_read+0x80/0x80
[ 1632.068393][T15399]  ? lockdep_hardirqs_on+0x94/0x140
[ 1632.073652][T15399]  do_syscall_64+0x4c/0xa0
[ 1632.078120][T15399]  ? clear_bhb_loop+0x60/0xb0
[ 1632.082861][T15399]  ? clear_bhb_loop+0x60/0xb0
[ 1632.087608][T15399]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1632.093577][T15399] RIP: 0033:0x7f9f7bb9ce59
[ 1632.098030][T15399] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1632.117671][T15399] RSP: 002b:00007f9f7cb0d028 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[ 1632.126094][T15399] RAX: ffffffffffffffda RBX: 00007f9f7be16090 RCX: 00007f9f7bb9ce59
[ 1632.134090][T15399] RDX: 00000000ffffffd9 RSI: 00002000000001c0 RDI: 0000000000000005
[ 1632.142114][T15399] RBP: 00007f9f7cb0d090 R08: 0000000000000000 R09: 0000000000000000
[ 1632.150146][T15399] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1632.158343][T15399] R13: 00007f9f7be16128 R14: 00007f9f7be16090 R15: 00007ffc80cbd618
[ 1632.166392][T15399]  </TASK>
[ 1632.169474][    C0] vkms_vblank_simulate: vblank timer overrun
[ 1632.873544][   T26] audit: type=1326 audit(1780680117.651:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1632.958122][ T4413] wlan1: Creating new IBSS network, BSSID 6a:ed:68:75:cf:87
[ 1632.984423][   T26] audit: type=1326 audit(1780680117.651:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15379 comm="syz.3.2009" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63fb9ce59 code=0x7ffc0000
[ 1633.132434][T15410] loop8: detected capacity change from 0 to 256
[ 1633.193302][ T3599] usb 3-1: new high-speed USB device number 16 using dummy_hcd
[ 1633.383174][T15410] exfat: Bad value for 'uid'
[ 1634.133531][ T3599] usb 3-1: Using ep0 maxpacket: 32
[ 1634.493576][ T3599] usb 3-1: config 9 has an invalid interface number: 83 but max is 0
[ 1634.501769][ T3599] usb 3-1: config 9 has no interface number 0
[ 1634.523355][ T3599] usb 3-1: config 9 interface 83 altsetting 4 has an invalid endpoint with address 0x0, skipping
[ 1634.550678][ T3599] usb 3-1: config 9 interface 83 altsetting 4 has a duplicate endpoint with address 0x4, skipping
[ 1634.561797][ T3599] usb 3-1: config 9 interface 83 has no altsetting 0
[ 1634.604729][ T3599] usb 3-1: New USB device found, idVendor=086a, idProduct=0110, bcdDevice=28.57
[ 1634.633463][ T3599] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1634.677892][ T3599] usb 3-1: Product: 䣨쪡逕ㇽ婶ꄗ㘖ꁸ九걃ೂ汌鵫֤濝颈慄엨㻵蓮쥂ひޑ䱼姇躰ἦ＜⇾塱彅鍞혋쌊ⰹ痓⣘秅要굀
[ 1634.892726][ T3599] usb 3-1: Manufacturer: В
[ 1634.900706][ T3599] usb 3-1: SerialNumber: syz
[ 1634.997753][T15427] loop8: detected capacity change from 0 to 8
[ 1635.415718][T15427] SQUASHFS error: Failed to read block 0x29b: -5
[ 1635.422284][T15427] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1635.840379][ T3599] emi62 - firmware loader 3-1:9.83: emi62_probe start
[ 1635.920182][ T3599] usb 3-1: Direct firmware load for emi62/loader.fw failed with error -2
[ 1635.932993][ T3599] usb 3-1: Falling back to sysfs fallback for: emi62/loader.fw
[ 1636.316878][T15438] loop8: detected capacity change from 0 to 65
[ 1636.468688][T15438] BFS-fs: bfs_fill_super(): Superblock is corrupted on loop8
[ 1637.918419][T15450] loop5: detected capacity change from 0 to 4096
[ 1638.019858][T15450] ntfs3: loop5: Different NTFS' sector size (4096) and media sector size (512)
[ 1638.242936][T15450] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[ 1638.426304][T15462] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2029'.
[ 1638.532284][T15469] netlink: 256 bytes leftover after parsing attributes in process `syz.8.2029'.
[ 1638.850911][T15475] loop7: detected capacity change from 0 to 8
[ 1638.943960][T15477] loop3: detected capacity change from 0 to 8
[ 1639.001611][T15477] SQUASHFS error: Failed to read block 0x29b: -5
[ 1639.008156][T15477] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1639.832383][T15491] FAULT_INJECTION: forcing a failure.
[ 1639.832383][T15491] name failslab, interval 1, probability 0, space 0, times 0
[ 1639.876539][T15491] CPU: 1 PID: 15491 Comm: syz.8.2035 Not tainted syzkaller #0
[ 1639.884091][T15491] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1639.894282][T15491] Call Trace:
[ 1639.897607][T15491]  <TASK>
[ 1639.900582][T15491]  dump_stack_lvl+0x188/0x24e
[ 1639.905331][T15491]  ? show_regs_print_info+0x12/0x12
[ 1639.910579][T15491]  ? load_image+0x400/0x400
[ 1639.915139][T15491]  ? __might_sleep+0xd0/0xd0
[ 1639.919768][T15491]  ? __lock_acquire+0x7d10/0x7d10
[ 1639.924853][T15491]  should_fail_ex+0x399/0x4d0
[ 1639.929579][T15491]  should_failslab+0x5/0x20
[ 1639.934119][T15491]  slab_pre_alloc_hook+0x59/0x310
[ 1639.939189][T15491]  ? lockdep_softirqs_off+0x430/0x430
[ 1639.944623][T15491]  kmem_cache_alloc+0x56/0x2f0
[ 1639.949433][T15491]  ? security_inode_alloc+0x30/0x110
[ 1639.954774][T15491]  security_inode_alloc+0x30/0x110
[ 1639.959942][T15491]  inode_init_always+0x8f8/0xc90
[ 1639.964942][T15491]  new_inode_pseudo+0x91/0x1c0
[ 1639.969791][T15491]  new_inode+0x25/0x1c0
[ 1639.974015][T15491]  shmem_get_inode+0x347/0xbf0
[ 1639.979096][T15491]  __shmem_file_setup+0x10b/0x290
[ 1639.984169][T15491]  ? shmem_file_setup+0x13/0x30
[ 1639.989074][T15491]  __se_sys_memfd_create+0x1e1/0x340
[ 1639.994409][T15491]  do_syscall_64+0x4c/0xa0
[ 1639.998861][T15491]  ? clear_bhb_loop+0x60/0xb0
[ 1640.003575][T15491]  ? clear_bhb_loop+0x60/0xb0
[ 1640.008298][T15491]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1640.014236][T15491] RIP: 0033:0x7f6357b9ce59
[ 1640.018694][T15491] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1640.038331][T15491] RSP: 002b:00007f63589d3e08 EFLAGS: 00000202 ORIG_RAX: 000000000000013f
[ 1640.046786][T15491] RAX: ffffffffffffffda RBX: 00000000000004de RCX: 00007f6357b9ce59
[ 1640.054797][T15491] RDX: 00007f63589d3ee0 RSI: 0000000000000000 RDI: 00007f6357c32f4f
[ 1640.062801][T15491] RBP: 00002000000005c0 R08: 00000000ffffffff R09: 0000000000000000
[ 1640.070818][T15491] R10: 0000000000000001 R11: 0000000000000202 R12: 0000200000000540
[ 1640.078818][T15491] R13: 00007f63589d3ee0 R14: 00007f63589d3ea0 R15: 0000200000000580
[ 1640.086829][T15491]  </TASK>
[ 1640.155359][T15486] loop5: detected capacity change from 0 to 8192
[ 1640.247425][T15494] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[ 1640.701844][T15507] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2039'.
[ 1640.802879][T15509] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2039'.
[ 1642.264866][T15535] loop7: detected capacity change from 0 to 8
[ 1642.322321][T15535] SQUASHFS error: Failed to read block 0x29b: -5
[ 1642.328902][T15535] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1642.549457][T15540] device bridge1 entered promiscuous mode
[ 1643.800835][T15554] FAULT_INJECTION: forcing a failure.
[ 1643.800835][T15554] name fail_page_alloc, interval 1, probability 0, space 0, times 0
[ 1643.903534][T15554] CPU: 1 PID: 15554 Comm: syz.8.2050 Not tainted syzkaller #0
[ 1643.911085][T15554] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1643.921200][T15554] Call Trace:
[ 1643.924517][T15554]  <TASK>
[ 1643.927495][T15554]  dump_stack_lvl+0x188/0x24e
[ 1643.932262][T15554]  ? show_regs_print_info+0x12/0x12
[ 1643.937512][T15554]  ? load_image+0x400/0x400
[ 1643.942081][T15554]  ? __lock_acquire+0x7d10/0x7d10
[ 1643.947165][T15554]  should_fail_ex+0x399/0x4d0
[ 1643.951889][T15554]  prepare_alloc_pages+0x1e2/0x5f0
[ 1643.957066][T15554]  __alloc_pages+0x130/0x4f0
[ 1643.961721][T15554]  ? zone_statistics+0x170/0x170
[ 1643.966728][T15554]  ? __lock_acquire+0x7d10/0x7d10
[ 1643.971824][T15554]  ? alloc_pages+0x4d8/0x740
[ 1643.976574][T15554]  get_zeroed_page+0x13/0x30
[ 1643.981236][T15554]  __pud_alloc+0x31/0x150
[ 1643.985626][T15554]  ? handle_mm_fault+0x558/0x3ee0
[ 1643.990703][T15554]  handle_mm_fault+0x25fc/0x3ee0
[ 1643.995694][T15554]  ? mt_find+0x157/0x830
[ 1644.000009][T15554]  ? numa_migrate_prep+0x250/0x250
[ 1644.005172][T15554]  ? lock_chain_count+0x20/0x20
[ 1644.010071][T15554]  ? _prb_read_valid+0x9d8/0xa60
[ 1644.015096][T15554]  ? lock_mm_and_find_vma+0xae/0x2f0
[ 1644.020435][T15554]  do_user_addr_fault+0x51f/0xb10
[ 1644.025547][T15554]  exc_page_fault+0x60/0x100
[ 1644.030198][T15554]  asm_exc_page_fault+0x22/0x30
[ 1644.035104][T15554] RIP: 0010:copy_user_enhanced_fast_string+0xa/0x40
[ 1644.041743][T15554] Code: ff c9 75 f2 89 d1 c1 e9 03 83 e2 07 f3 48 a5 89 d1 f3 a4 31 c0 0f 01 ca c3 8d 0c ca 89 ca eb 20 0f 01 cb 83 fa 40 72 38 89 d1 <f3> a4 31 c0 0f 01 ca c3 89 ca eb 0a 90 90 90 90 90 90 90 90 90 90
[ 1644.061402][T15554] RSP: 0018:ffffc9000505fb08 EFLAGS: 00050206
[ 1644.067538][T15554] RAX: ffffffff84117001 RBX: 0000000000000100 RCX: 0000000000000100
[ 1644.075578][T15554] RDX: 0000000000000100 RSI: ffffc9000505fb80 RDI: 0000200000000140
[ 1644.083590][T15554] RBP: 0000000000000000 R08: ffffc9000505fc7f R09: 1ffff92000a0bf8f
[ 1644.091614][T15554] R10: dffffc0000000000 R11: fffff52000a0bf90 R12: 00007fffffffef00
[ 1644.099640][T15554] R13: ffff888017628000 R14: 0000200000000140 R15: ffffc9000505fb80
[ 1644.107683][T15554]  ? _copy_to_user+0x51/0x130
[ 1644.112435][T15554]  _copy_to_user+0xea/0x130
[ 1644.117003][T15554]  con_get_trans_old+0x402/0x4b0
[ 1644.122029][T15554]  ? update_user_maps+0x4c0/0x4c0
[ 1644.127100][T15554]  ? slab_free_freelist_hook+0x131/0x1a0
[ 1644.132813][T15554]  ? apparmor_capable+0x12c/0x190
[ 1644.137906][T15554]  ? bpf_lsm_capable+0x5/0x10
[ 1644.142638][T15554]  ? security_capable+0x85/0xb0
[ 1644.147552][T15554]  vt_ioctl+0xa66/0x1ca0
[ 1644.151947][T15554]  ? __vt_event_wait+0x260/0x260
[ 1644.156958][T15554]  ? __fget_files+0x28/0x4b0
[ 1644.161612][T15554]  ? __fget_files+0x28/0x4b0
[ 1644.166267][T15554]  ? tty_jobctrl_ioctl+0x163/0xb30
[ 1644.171473][T15554]  tty_ioctl+0x7ea/0xba0
[ 1644.175865][T15554]  ? security_file_ioctl+0x7c/0xa0
[ 1644.181047][T15554]  ? tty_get_icount+0xa0/0xa0
[ 1644.185783][T15554]  __se_sys_ioctl+0xfa/0x170
[ 1644.190431][T15554]  do_syscall_64+0x4c/0xa0
[ 1644.194902][T15554]  ? clear_bhb_loop+0x60/0xb0
[ 1644.199633][T15554]  ? clear_bhb_loop+0x60/0xb0
[ 1644.204363][T15554]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1644.210318][T15554] RIP: 0033:0x7f6357b9ce59
[ 1644.214778][T15554] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1644.234437][T15554] RSP: 002b:00007f63589d4028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1644.242992][T15554] RAX: ffffffffffffffda RBX: 00007f6357e15fa0 RCX: 00007f6357b9ce59
[ 1644.251023][T15554] RDX: 0000200000000140 RSI: 0000000000004b40 RDI: 0000000000000003
[ 1644.257154][T15545] loop3: detected capacity change from 0 to 8
[ 1644.259032][T15554] RBP: 00007f63589d4090 R08: 0000000000000000 R09: 0000000000000000
[ 1644.273182][T15554] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1644.281204][T15554] R13: 00007f6357e16038 R14: 00007f6357e15fa0 R15: 00007ffe55847198
[ 1644.289253][T15554]  </TASK>
[ 1644.457015][T15540] loop5: detected capacity change from 0 to 40427
[ 1644.551367][T15540] F2FS-fs (loop5): build fault injection attr: rate: 694, type: 0x3ffff
[ 1644.654433][T15540] F2FS-fs (loop5): invalid crc value
[ 1644.725554][T15540] F2FS-fs (loop5): Found nat_bits in checkpoint
[ 1645.327726][T15578] netlink: 28 bytes leftover after parsing attributes in process `syz.8.2054'.
[ 1645.859952][T15585] loop3: detected capacity change from 0 to 1024
[ 1646.332678][T15599] loop8: detected capacity change from 0 to 8
[ 1646.380759][T15599] SQUASHFS error: Failed to read block 0x29b: -5
[ 1646.387278][T15599] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1646.596501][ T4349] hfsplus: bad catalog file entry
[ 1646.627008][ T4349] hfsplus: b-tree write err: -5, ino 3
[ 1650.119562][T15642] FAULT_INJECTION: forcing a failure.
[ 1650.119562][T15642] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1650.233501][T15642] CPU: 1 PID: 15642 Comm: syz.2.2073 Not tainted syzkaller #0
[ 1650.241069][T15642] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1650.251172][T15642] Call Trace:
[ 1650.254490][T15642]  <TASK>
[ 1650.257458][T15642]  dump_stack_lvl+0x188/0x24e
[ 1650.262187][T15642]  ? show_regs_print_info+0x12/0x12
[ 1650.267432][T15642]  ? load_image+0x400/0x400
[ 1650.271989][T15642]  ? __lock_acquire+0x7d10/0x7d10
[ 1650.277067][T15642]  ? drm_ioctl_kernel+0x361/0x4d0
[ 1650.282250][T15642]  should_fail_ex+0x399/0x4d0
[ 1650.286983][T15642]  _copy_to_user+0x2c/0x130
[ 1650.291549][T15642]  drm_ioctl+0x677/0xa10
[ 1650.295858][T15642]  ? drm_crtc_vblank_restore+0xa60/0xa60
[ 1650.301608][T15642]  ? drm_ioctl_kernel+0x4d0/0x4d0
[ 1650.306677][T15642]  ? bpf_lsm_file_ioctl+0x5/0x10
[ 1650.311652][T15642]  ? security_file_ioctl+0x7c/0xa0
[ 1650.316799][T15642]  ? drm_ioctl_kernel+0x4d0/0x4d0
[ 1650.321859][T15642]  __se_sys_ioctl+0xfa/0x170
[ 1650.326592][T15642]  do_syscall_64+0x4c/0xa0
[ 1650.331041][T15642]  ? clear_bhb_loop+0x60/0xb0
[ 1650.335757][T15642]  ? clear_bhb_loop+0x60/0xb0
[ 1650.340479][T15642]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1650.346406][T15642] RIP: 0033:0x7f75b979ce59
[ 1650.350846][T15642] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[ 1650.370489][T15642] RSP: 002b:00007f75ba582028 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1650.378940][T15642] RAX: ffffffffffffffda RBX: 00007f75b9a15fa0 RCX: 00007f75b979ce59
[ 1650.386943][T15642] RDX: 0000200000000300 RSI: 0000000040086408 RDI: 0000000000000003
[ 1650.394946][T15642] RBP: 00007f75ba582090 R08: 0000000000000000 R09: 0000000000000000
[ 1650.402963][T15642] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1650.410966][T15642] R13: 00007f75b9a16038 R14: 00007f75b9a15fa0 R15: 00007fffb7057f18
[ 1650.418975][T15642]  </TASK>
[ 1650.773735][T15651] loop8: detected capacity change from 0 to 8
[ 1650.819486][T15651] SQUASHFS error: Failed to read block 0x29b: -5
[ 1650.826038][T15651] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1650.843043][T13215] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[ 1651.257575][T15659] netlink: 28 bytes leftover after parsing attributes in process `syz.7.2077'.
[ 1651.869250][ T4279] Bluetooth: hci2: command 0x0405 tx timeout
[ 1651.907472][T13215] usb 4-1: New USB device found, idVendor=2770, idProduct=9052, bcdDevice=15.f5
[ 1651.983955][T13215] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1652.006355][T13215] usb 4-1: Product: syz
[ 1652.010695][T13215] usb 4-1: Manufacturer: syz
[ 1652.033363][T13215] usb 4-1: SerialNumber: syz
[ 1652.070454][T13215] usb 4-1: config 0 descriptor??
[ 1652.091968][T13215] gspca_main: sq905c-2.14.0 probing 2770:9052
[ 1652.322163][T15644] loop3: detected capacity change from 0 to 512
[ 1652.624516][T13215] gspca_sq905c: sq905c_command: usb_control_msg failed (-110)
[ 1652.633443][T15644] EXT4-fs (loop3): 1 orphan inode deleted
[ 1652.663405][T15644] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1653.568383][T15675] loop5: detected capacity change from 0 to 8
[ 1653.615165][T15644] ext4 filesystem being mounted at /117/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1653.636736][T15675] SQUASHFS error: lzo decompression failed, data probably corrupt
[ 1653.669505][T15675] SQUASHFS error: Failed to read block 0x28d: -5
[ 1653.729309][T15675] SQUASHFS error: Unable to read metadata cache entry [28b]
[ 1653.833298][T15675] SQUASHFS error: Unable to read inode 0x11f
[ 1653.886522][T13215] sq905c 4-1:0.0: Get version command failed
[ 1653.892742][T13215] sq905c: probe of 4-1:0.0 failed with error -110
[ 1653.958649][T13215] usb 4-1: USB disconnect, device number 5
[ 1654.034565][T12654] EXT4-fs (loop3): unmounting filesystem.
[ 1655.103051][T15681] loop7: detected capacity change from 0 to 4096
[ 1655.244000][T15681] ntfs3: loop7: Different NTFS' sector size (1024) and media sector size (512)
[ 1655.443946][   T26] kauditd_printk_skb: 58 callbacks suppressed
[ 1655.443963][   T26] audit: type=1800 audit(1780680142.261:110): pid=15681 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.2083" name="file1" dev="loop7" ino=30 res=0 errno=0
[ 1655.959520][T15705] loop5: detected capacity change from 0 to 8
[ 1655.997833][T15705] SQUASHFS error: Failed to read block 0x29b: -5
[ 1656.004377][T15705] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1656.408981][T15690] loop3: detected capacity change from 0 to 32768
[ 1656.432190][T15711] loop8: detected capacity change from 0 to 8
[ 1656.822332][T15690] JBD2: unrecognised superblock format ID
[ 1656.865107][T15690] (syz.3.2086,15690,1):ocfs2_journal_wipe:1183 ERROR: status = -22
[ 1656.876104][T15690] (syz.3.2086,15690,1):ocfs2_check_volume:2420 ERROR: status = -22
[ 1656.894969][T15690] (syz.3.2086,15690,0):ocfs2_check_volume:2489 ERROR: status = -22
[ 1656.903307][T15690] (syz.3.2086,15690,0):ocfs2_mount_volume:1821 ERROR: status = -22
[ 1656.956118][T15690] (syz.3.2086,15690,0):ocfs2_fill_super:1176 ERROR: status = -22
[ 1657.382079][T15690] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2086'.
[ 1657.427531][T15690] loop3: detected capacity change from 0 to 64
[ 1657.481177][T15690] MINIX-fs: bad superblock
[ 1657.565009][T14121] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[ 1657.723468][T14121] usb 6-1: device descriptor read/64, error -71
[ 1657.993291][T14121] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[ 1658.913549][T14121] usb 6-1: device descriptor read/64, error -71
[ 1659.044528][T14121] usb usb6-port1: attempt power cycle
[ 1659.323914][T15769] loop3: detected capacity change from 0 to 8
[ 1659.600692][T15769] SQUASHFS error: Failed to read block 0x29b: -5
[ 1659.607793][T15769] SQUASHFS error: Unable to read metadata cache entry [299]
[ 1659.816860][   T26] audit: type=1326 audit(1780680146.631:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1659.870596][   T26] audit: type=1326 audit(1780680146.671:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f9f7bb9e0ca code=0x7ffc0000
[ 1659.958000][T14121] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[ 1659.977514][   T26] audit: type=1326 audit(1780680146.671:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1660.034015][T14121] usb 6-1: device descriptor read/8, error -71
[ 1660.092080][   T26] audit: type=1326 audit(1780680146.671:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1660.140746][T15779] loop3: detected capacity change from 0 to 512
[ 1660.195691][   T26] audit: type=1326 audit(1780680146.671:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9f7bb59b51 code=0x7ffc0000
[ 1660.224748][T15779] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[ 1660.303529][T15779] EXT4-fs (loop3): 1 truncate cleaned up
[ 1660.309275][T15779] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[ 1660.337449][   T26] audit: type=1326 audit(1780680146.671:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f9f7bb9dc49 code=0x7ffc0000
[ 1660.448133][   T26] audit: type=1326 audit(1780680146.671:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9f7bb59bbb code=0x7ffc0000
[ 1660.484519][T15779] EXT4-fs error (device loop3) in ext4_setattr:5695: Corrupt filesystem
[ 1660.519248][T15779] EXT4-fs (loop3): Remounting filesystem read-only
[ 1660.568888][   T26] audit: type=1326 audit(1780680146.671:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1660.667523][T12654] EXT4-fs (loop3): unmounting filesystem.
[ 1660.739357][   T26] audit: type=1326 audit(1780680146.671:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1660.868002][   T26] audit: type=1326 audit(1780680146.671:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1660.917366][T15793] loop8: detected capacity change from 0 to 8
[ 1661.018648][   T26] audit: type=1326 audit(1780680146.671:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=273 compat=0 ip=0x7f9f7bb592ac code=0x7ffc0000
[ 1661.164337][   T26] audit: type=1326 audit(1780680146.671:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9f7bb5930e code=0x7ffc0000
[ 1661.278138][   T26] audit: type=1326 audit(1780680146.671:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=252 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1661.375606][   T26] audit: type=1326 audit(1780680146.671:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1661.479084][T15805] loop2: detected capacity change from 0 to 64
[ 1661.481104][   T26] audit: type=1326 audit(1780680146.671:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1661.559575][   T26] audit: type=1326 audit(1780680146.671:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1661.618611][T15783] loop5: detected capacity change from 0 to 32768
[ 1661.681875][   T26] audit: type=1326 audit(1780680146.671:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=15772 comm="syz.7.2104" exe="/root/ci2-linux-6-1-kasan/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9f7bb9ce59 code=0x7ffc0000
[ 1661.832180][T15783] ocfs2: Mounting device (7,5) on (node local, slot 0) with ordered data mode.
[ 1662.988335][ T4369] wlan1: No active IBSS STAs - trying to scan for other IBSS networks with same SSID (merge)
[ 1663.295191][T15834] loop8: detected capacity change from 0 to 8
[ 1665.591751][T13821] VFS: Lookup of '' in ocfs2 loop5 would have caused loop
[ 1665.646544][T13821] VFS: Lookup of '' in ocfs2 loop5 would have caused loop
[ 1665.934075][T15852] x_tables: duplicate underflow at hook 2
[ 1666.348379][   T28] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1666.419312][T13821] ocfs2: Unmounting device (7,5) on (node local)
[ 1666.485358][T13821] VFS: Busy inodes after unmount of loop5 (ocfs2)
[ 1666.485614][T13821] ------------[ cut here ]------------
[ 1666.497907][T13821] kernel BUG at fs/super.c:505!
[ 1666.542184][T13821] invalid opcode: 0000 [#1] PREEMPT SMP KASAN
[ 1666.548353][T13821] CPU: 0 PID: 13821 Comm: syz-executor Not tainted syzkaller #0
[ 1666.556042][T13821] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[ 1666.566153][T13821] RIP: 0010:generic_shutdown_super+0x334/0x340
[ 1666.572372][T13821] Code: e8 03 42 80 3c 28 00 74 08 4c 89 f7 e8 65 6c f1 ff 49 8b 16 48 81 c3 a8 06 00 00 48 c7 c7 a0 57 99 8a 48 89 de e8 ac 06 42 08 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 53 48 89 fb 49
[ 1666.592039][T13821] RSP: 0018:ffffc900045d7b98 EFLAGS: 00010246
[ 1666.598163][T13821] RAX: 000000000000002f RBX: ffff88801e3946a8 RCX: 583b4765bb8c5400
[ 1666.606186][T13821] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 1666.614219][T13821] RBP: 1ffff11003c728fb R08: ffffc900045d78a7 R09: 1ffff920008baf14
[ 1666.622240][T13821] R10: dffffc0000000000 R11: fffff520008baf15 R12: 0000000000000000
[ 1666.630262][T13821] R13: dffffc0000000000 R14: ffffffff8d01af20 R15: ffff88801e3947d8
[ 1666.638282][T13821] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1666.647268][T13821] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1666.653997][T13821] CR2: 00007ffb88204000 CR3: 000000005f6b9000 CR4: 00000000003506f0
[ 1666.662202][T13821] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1666.670222][T13821] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1666.678249][T13821] Call Trace:
[ 1666.681554][T13821]  <TASK>
[ 1666.684510][T13821]  kill_block_super+0x7c/0xe0
[ 1666.689223][T13821]  deactivate_locked_super+0x93/0xf0
[ 1666.694544][T13821]  cleanup_mnt+0x42c/0x4b0
[ 1666.698986][T13821]  ? lockdep_hardirqs_on+0x94/0x140
[ 1666.704216][T13821]  task_work_run+0x1d0/0x260
[ 1666.708945][T13821]  ? task_work_cancel+0x220/0x220
[ 1666.713999][T13821]  ? do_exit+0x97d/0x2480
[ 1666.718402][T13821]  ? kmem_cache_free+0xf7/0x290
[ 1666.723285][T13821]  do_exit+0x982/0x2480
[ 1666.727505][T13821]  ? put_task_struct+0x80/0x80
[ 1666.732312][T13821]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1666.738330][T13821]  ? lock_chain_count+0x20/0x20
[ 1666.743214][T13821]  ? _raw_spin_lock_irq+0xb7/0xf0
[ 1666.748271][T13821]  ? _raw_spin_lock_irqsave+0x100/0x100
[ 1666.753844][T13821]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[ 1666.759857][T13821]  ? _raw_spin_unlock_irq+0x1f/0x40
[ 1666.765085][T13821]  ? lockdep_hardirqs_on+0x94/0x140
[ 1666.770312][T13821]  do_group_exit+0x217/0x2d0
[ 1666.774941][T13821]  __x64_sys_exit_group+0x3b/0x40
[ 1666.779999][T13821]  do_syscall_64+0x4c/0xa0
[ 1666.784444][T13821]  ? clear_bhb_loop+0x60/0xb0
[ 1666.789157][T13821]  ? clear_bhb_loop+0x60/0xb0
[ 1666.793873][T13821]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1666.799803][T13821] RIP: 0033:0x7f24eb59ce59
[ 1666.804250][T13821] Code: Unable to access opcode bytes at 0x7f24eb59ce2f.
[ 1666.811291][T13821] RSP: 002b:00007ffc9e419f48 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7
[ 1666.819732][T13821] RAX: ffffffffffffffda RBX: 00007f24eb6321ef RCX: 00007f24eb59ce59
[ 1666.827728][T13821] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000001
[ 1666.835720][T13821] RBP: 0000000000000028 R08: 0000000000000000 R09: 00007f24eb6321ca
[ 1666.843716][T13821] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffc9e41b200
[ 1666.851727][T13821] R13: 00007f24eb6321ca R14: 0000000000000005 R15: 00007ffc9e41c2d0
[ 1666.859738][T13821]  </TASK>
[ 1666.862804][T13821] Modules linked in:
[ 1666.900404][T13821] ---[ end trace 0000000000000000 ]---
[ 1666.906164][T13821] RIP: 0010:generic_shutdown_super+0x334/0x340
[ 1666.914510][   T28] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1666.933694][T13821] Code: e8 03 42 80 3c 28 00 74 08 4c 89 f7 e8 65 6c f1 ff 49 8b 16 48 81 c3 a8 06 00 00 48 c7 c7 a0 57 99 8a 48 89 de e8 ac 06 42 08 <0f> 0b 66 2e 0f 1f 84 00 00 00 00 00 55 41 57 41 56 53 48 89 fb 49
[ 1667.000747][T13821] RSP: 0018:ffffc900045d7b98 EFLAGS: 00010246
[ 1667.016040][T13821] RAX: 000000000000002f RBX: ffff88801e3946a8 RCX: 583b4765bb8c5400
[ 1667.025596][   T28] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.049459][T13821] RDX: 0000000000000000 RSI: 0000000080000000 RDI: 0000000000000000
[ 1667.070199][T13821] RBP: 1ffff11003c728fb R08: ffffc900045d78a7 R09: 1ffff920008baf14
[ 1667.102280][   T28] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1667.123401][T13821] R10: dffffc0000000000 R11: fffff520008baf15 R12: 0000000000000000
[ 1667.131473][T13821] R13: dffffc0000000000 R14: ffffffff8d01af20 R15: ffff88801e3947d8
[ 1667.163258][T13821] FS:  0000000000000000(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[ 1667.185990][T13821] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 1667.199228][T15872] loop3: detected capacity change from 0 to 8
[ 1667.259756][T13821] CR2: 00007f02999e4fe8 CR3: 000000007daa4000 CR4: 00000000003506f0
[ 1667.295100][T13821] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[ 1667.315794][T13821] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[ 1667.373439][T13821] Kernel panic - not syncing: Fatal exception
[ 1667.387384][T13821] Kernel Offset: disabled
[ 1667.391760][T13821] Rebooting in 86400 seconds..