last executing test programs:

17m17.900193049s ago: executing program 2 (id=94):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x5)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = getpid()
syz_io_uring_setup(0x109, &(0x7f0000000980)={0x0, 0x45885, 0x80, 0x0, 0x8}, 0x0, 0x0)
syz_io_uring_submit(0x0, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000000)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r2 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r2, 0x1, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)
r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NET_DM_CMD_START(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f00000011c0)={0x0}, 0x1, 0x0, 0x0, 0x40880}, 0x20000000)
inotify_init1(0x0)
mknod(&(0x7f0000000000)='./bus\x00', 0x1000, 0x0)
r5 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file1\x00', 0x8042, 0x1fe)
r6 = open(&(0x7f0000000100)='./bus\x00', 0x143142, 0x0)
write$UHID_INPUT(r6, &(0x7f0000000680)={0x8, {"5bb1b7326c28a6e24fd9d56b4ffaf1b4d34bd54797646ceaf89cd44294fa4acd64476c7abbfaab0f18cf2c307f625a6e4a490e6e5316851d1865115f92c65c4a43ad49c5e1fa4da87ff5fb786226082c2410e1478741dec5bab9a353e41da1ddae596d9bf9740cbb28eff5903ae8eb1601da97607a953e35948d3730b1f5f70985548cb0e07d9af50cd382cb5795c6061c8f73dc5f42a5cc8443a0ac40db03ae1654b7e314e65e801c0ccd15afa207bb9dd62ff6e0b060755939de54135874fd4d2e662950ebf5d08bebc54a777e53c23fc26479441c19e9a71e709ba67ec89ef71dda8d23385e37a5057c38af4df032dea50d06acc2e3bee5fad4561a95c8013bd618595957ca42106eda51655cff7fd0ad30b383c95d350b02bf4aa8e6c1fe73a2de0f70f2fbe2975390e99a9bfb5cbf32fc927075ec213e9b169d8e1b497d04feca907716cd47713aba15f40ed2980795d87dbb160077a07b352783d9bdca4bec26c61412a70dc23c68d05c27a9e5ff2b0f5370045d32d5727d83371593e6a96b8d9c1cc4dd1e47a8b4182fccd56f5b726e5189068132d61823248248ac03075359ce93ae2d8193d6378b227ec88239a9a7e6e509dae9fc6195d5315f2ed3d5832da3918afd5047b1c5192823b164389d0b2988b0676701ced5690fff01484ae01aa0775523d62f5af5b7543662317c233d34448380f40e11d99cdd33b682cc95e10d2b94b6885beebe6882aaab64358ac5d230fc3db487ee9ebaba245c13ae29f9a8355cf727bf5386741a9a929d0c987c9140fe23b356650dfafbbea3e3056c7f43fa28cf69d05bb9a873948c1db1a1df86ca3756f31e9980b7d3c7e02d49bfc745a662f94f5075e68421758d90152034bd2b81fca0a9967efccba6f50e2c6ba5cb4d1c14760102a2fde69284dd2fb8d9e1b2a2e2f684590747de8c16191da5384f4bd6af0028d290864a8b74d014e89be0107273e73a37291ba8c35c76dca644a05bf2c502d8f2f1cfbe1c752fad6ce4a839d0bf92de7fe2770e1f2d37b8c44eeba623a5743a839a2dffd6051dd7bebc79e31c21a71acf07359358e579863307511aa2039d00db27883ee5ef5358fc8bc1bd8c090fc13a42d2c0f7a8f9929cb415be25cdc99f4c3815390ee69bd613a23dc44e459f4530ee2cf2e3398abbe625a0ca9f36c8b9d29dbc47ebf1818913722c06dee7b463a5b2d43d3c96c8f4cafa38de947a6761f8ebe513d247b0db7a734b0e039704520fbf8f6be2730033f330a4b0266494f33a801898c603b44029fd1540393d521118a03118300f89dcfa4851f87fea53303f6efc55b1241eaef623f3664c4e4f7c5df914600855c0bc3bafaff3b77f3623a207854352a95ba2ebf9b5a5b9259b74567628e552021f9b3b08016d16ee073b92971143e48f89a92715d8f228557c8c5ea81d75abd90d71318d5028119db57d525a29b45bdb1e222d1aed5bf48c00ff96b158e76cb8c4d7869f1d4cbbdd51c187536bf6725be0969ec53dc5268cce9775b648153a57317cf0b31993e82575f93ae843635515b5aef81b69234b9344da926f7bf0fe6ebd166a219ec1bc6642a2210d347ee8a0cc53b99d2b351c49015500b3a6096fe6f5dad422a8a7062a5758d884da2afe807f98b08571a2d4dabaf900357cd73baa0820c06cf83e10a20eadcbc013c5a54dc02abb8113884e7308edb1f642c335df6edd763bc9555f9b9fc563e21a89ed986be0f1f8da30f05829cda19fd32c3861d5c647b647d1ba2f279d17535cba693032d7751cbba34f0d736043d9759d5afdac2ee17661afa1297d4e1de5f3a8e97ceef50c129dc39cf8d8eca76d03ed10d2b7c467ce76df20f765f2f06570745d9c6531bb2ed8ed0b4ebbd0a3fe628b23a914a5e58a6c606b9ac75232a2b51e1a582ff0396a9736b48f404400707b9b48ce9be9b54a360c26e9941f011bad60df51c6b9a22cdf2bcbcb287ce5f4ce2b26e1326808ce5b5002e5e84e8d15ecb4f00bbd087d12e7f7eda67087460577bd63893c66be504f10d99d938d97bd7c67c8bd341c93ec72d625c405b3609ffe4f5b6e418b24f45fa703b5d401d89609150be6bae850c149cded63eeaf85f24dfdfdeecc5f1195a90194844b634dba389930eda1fec45df7800e0c413f3d486c8cc9f20c2d20c6153b8da33eb2cf3f2e26c179aca251d5ddadfdf1a5da473145fbfea93929a5bc055542d21c7af42db156966b74a2be1c742f04bc6bbc68194ac2777c37a139bc9ceedc138a4d67b442471aac533bbabd7c95b5e72726fa4f1761f728ca607d8992a8d36a0d929f2a25d67666f1c903a3a52b9927e82ad15a031918a4284d58bf789b081c8db0d051ea40870778d02e459482ddd17d5d04d52b270c2287adbc96a5cf1d629fab708a68ccd31937358227749aa41d7726fc13ae7bd586d49f3d32ae2f3d686727c0941de7ef27c1fb284f2a7cf0050bd5b47ea079fc00c08f0af96950f744bbc7335f1d4c7e7d877ce482387edb4f7e4b98c9927444380d616bbc9c08231dba0cff500e12da8a1cc8ae334f63ae9690efa811036306305723dd1b2b3c499cb608bc62bb3394698a2a227fedf5ad6b9fbd1ac759eab76c32bc5905ed2e5e2b598310c5d4b3f3aa54acbdf560ebfc4f73cd26dd529d45c7db35b21c6c1ebe3336440beef801dde51dd6731b4d2ea1ac56b400a31735a92d2b58977a82c622fe19d99041ce61b67ed5e47c30ad84eac4ed30af33dc0eea9bac5d5a9ba5ff1ca524afffb9f346803b12c01854cd5a5f5da7a01ceb25b09b6e02ed7fb8349b83393d7941aa738ecc9c3f77cb1c5d7afa66e54d1c8ec044c92290cac983a02d61d95398eba1339084b9093da1f2f156f668cc02ccab1d81d5bae345cd3493111b6edd160915315b317855a04ede93c2cc28d01aabfda069801c1541bd0edb521983976985b2270e4ac018a7e527e818a0384b3bfb0a5fb82160c99cc0cb81827af9cfed78536189d7586bf71a5185fc3a9f6a96cc7c529ea6ffd77573d230ee8e3a02420c54041416f16a2d0b8fca690f640e7e7650e9f7ab160fc29379718f01bd264ae1b2f9aea11ed0e9750ca987828ebb82f2db0446dded1f0fa1181f8997741154e5f27af7ba3ed6671ad7305be744cb1fff171beb6e4a9c8f4aaafca0c46cef46ca41c29c178c37069025e3cdc26c630ed345c48c32f5ea973744b766978716b59e06cf474b41f3bf0f5e057effdf37586d16c93fb30c66c5d447c20eb896133c8c3478f09a0def656d41cf372f9394da29b79007e1061792d2fd0dd02b345091afc9e58f9142183e90e88acc5724584ce8252b230f0b4f23a14e78e05c5bff7f9b1956de35a9dcae1ff84a5cd1f84567b70bc7a5c2e4bad7b4b659a81af5ac6ae7da8f2d28c2c885a8c236de841f29aa5410b80a446d15474836cb1306c56ccae032847d6136403142806f1ffba07b41123b9cb11bd4da29ef633a08b3dc11cb48c68ef7f0329add0401031bd90b4137323790bfbf9573898387f5ee8e1d89d60df818f8d18b210fab97d99e4d1b20f0eae2776cc942e5cf8013ec06ccdc45f450a2a67a0b08da66c8e4c9a22a84b8c6e87b14b9e3f89f4e5ab55d2223238e3712615c497bc5cc7f1aa1a2216b5f372f27b2e5135f9cfb6f1ea2dc52706c0dd6849d455da4207de3af3077083710816c20700eaeb2220ce2c13116eca6abbc43ed1cb6b0dc1849f11592a56f48285ecb2ab99a2c9819efa9e2b20a66cbaf0e4e7de866f91d188509b5477926d1eb1058688744104a3e048694831550621c88af5d7c1e02ca5c15fa6f304f6b4c510168d540eaa6de2ad200fdc402e918cb8df39474c5740a86ccf47a756075a81e72dd489b6535f7c7a70db035f09255db4e4e8c364ba7b129c27f184df105529d9bff27f6efc40ee04eb4881c27da5b736601a2e491198a992c5adb2a9b6e94875e37cf55e884672b187b7fe76d61163bd99db96372cff8ba5fba258a104567ef438e4e2d4cca94175517291742668d5ba60271ea4efca097a38c94026f9ebfd47be11b482a78528eb8b42767960e904ec52073efb85aefa5e11c40c7af16cbdd032a5ab75b69bc43de1d38d7a05d055c65ea00a2a93539887f5cebb1e939fa5f8937060df047ff34aa5706c318a45a227cbf214d17d552627c946e1e506c74ba6871d5899f2d0e1a7fb749e810acc74bd19c812c1e204fbad8f1f94720d4e15d3245fe5c198758c45d80abd41e7a6a548859b7d7c88ef8bf4d50d0e71475b17f86a35e45418f14c6710bb5e461f7cabf677c31ab7450fa4f119135f83b237bd6b5783d3e95acee64c31bbd16324e4aa653a7fe5e4dd8b602081d7d8203476c58730bd5492231656b43e2411b789f63f0c5508667251e56b52700ae03b58f81ae4b91e4e856173f8666239f81083c7a04c8cc83c2c235812df58099f009c1924814ae9b87a99b528ef43bd19eead33a5a14158cb601d72f89c2f8bfdaf90cbd3c8b8c9ce6b609d234f89dfec7045aa607360dd54c6a94687d175a877dcb4fb4dc8e9c3030fbcaf85f443ec6850bf61731fe568d8b397b45570b9549ee5759d52517fb561c58b63a3e64baa403adeb83efacaf2d655537a0dece13c824faef657bacf1e1fce713cdfc46e1d4e53776913a2ee31f7c470cec2ac1e03c0550ad49cc283dbc1c51527bcd500f5537e153ee09ca49ed02b2a032ba593e901d8bda6cbd849b42639344a05e10b9526d155822bba6004221f0d35b28eb5c303220cb3cfef0ed47762b34fea56ab01cd5de1003e8b0ee757601e0b16be0424e3aef9dc4d93c98216c462a6099a87468075220fc6ce6cd110e56a155b24819c5e2e351c27de86343d88195ee84a0ec0f02418668643ffd77ebe356a075c08d9f6e66c32e21e95256ffc5bd2321323fc21e8c5b9d7afd018ce88aeb6fd97b8406759bd6d31b5c580de8f5f6bf2474446dea4c5db53a10189e0051923fb99b4f6c8d3da74b0d27b2bd1eac556b4b36d4d6e0c95512e13bce3ff9d13a754a91b4002452ac31faab036dbeaa56266ce20ac94cb118f91a69aa69da3da10d53bf4a56760cc2b1204ec8a6068a0b64903a0513ae98f62ef5173c720bf28c04edaee1a066e2c6d8a85e054584b1059acc33a1419129eb8ba47b2299bcc7258410379fa858f959e7b961ed2d0b22ef4575869e5980893a4317813af66e45fd2d69b626f76b4ebe787078bc163440bb0d99948a353e81464288ce6fca69f7d84b15854ff0c591c335b4f524e5cd0322dc0799600ea8aae1c7f7ee6c14193446eb18a1cb30ccdf1fa4b22898893584dd7a64144d23f149d530e831e80f0ec0247f811d341e66f7099a41c7adfe540923c737569a1770e7e3af811bfcff28b215d283a5bd52a2307d32a07e6bfe3bc3c99aba88573a0b1a69de2f50388fa63af0ad32012bf920a6873d1015bfc6c29177e0720e634e046290b25dd07c2efb3d2aea33a4022a0d9efd71dbe7f9385a1ebf884acf82c6d8dd7401078c7d828d909d2f5bad6fa6913f72b7b3e2373eea0e42f3d41f8dd789ace762b1024eefe0ab55a99eb417bce45bf5f8c7b2c39e8ab3e65b3d2309930cc4707a1e70badd07079be4f8f5c5bc5509be45327516e6f59df67eb6c6a125ced695abe5a26a9ae7adb58ebd4ae79bfe456fbb038f0fd95a4395e0938c0ad382ecdc8b8b803aa7e0d7d98fc37dda2f06420b53194b74c191a4aea9206e2c3660ed5f6ed93e3e98e1aba99888c4f6097e34160598d471fcc4e6d53605c3", 0x1000}}, 0x1006)
splice(r6, 0x0, r5, 0x0, 0x9b, 0x0)
r7 = socket$packet(0x11, 0x2, 0x300)
sendmmsg$sock(r7, 0x0, 0x0, 0x240088c0)

17m10.929916932s ago: executing program 2 (id=105):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000500)={{0x0, 0x3}})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}})
unshare(0x400)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000003c0)={0x9c9, 0x0, 0x0, 'queue1\x00', 0x200000})

17m9.17123785s ago: executing program 2 (id=110):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0))
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000000000)={'syzkaller0\x00', @broadcast})
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newqdisc={0x44, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0xfff1}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_hfsc={{0x9}, {0x14, 0x2, @TCA_HFSC_FSC={0x10, 0x2, {0x4d, 0xfffffffb, 0x7fffffff}}}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
sendmsg$nl_route_sched(r4, &(0x7f0000001200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000001740)=@newqdisc={0x434, 0x28, 0x4ee4e6a52ff56541, 0x4001, 0xfffffdf8, {0x0, 0x0, 0x0, r6, {0x10}, {}, {0xa, 0x3}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x408, 0x2, [@TCA_TBF_PTAB={0x404, 0x3, [0x5, 0x200006, 0xd, 0x400, 0x0, 0x3, 0x5, 0x10000, 0x7, 0x4, 0x81, 0x0, 0x8, 0x0, 0x9, 0x5, 0xc0000, 0x8001, 0x1, 0x2000, 0x1, 0x8da5, 0x1, 0x4, 0x2, 0x6, 0x58, 0x7, 0x6f, 0x8, 0x3, 0x4, 0x9, 0x1000, 0x4, 0x9, 0x6, 0x80000001, 0x3, 0x1, 0xd4, 0x100, 0xa, 0xfff, 0x8, 0x9, 0x7, 0x7fffffff, 0xf4b3, 0x1, 0x0, 0x8, 0x8, 0x6, 0xd815, 0xfffffff9, 0x2, 0x401, 0x9, 0x36, 0xf, 0x74, 0xbbc, 0x9, 0x0, 0x6, 0x8, 0x5, 0x6, 0xb, 0x5, 0x5, 0x4e3, 0x200, 0x0, 0x9, 0x8001, 0x2, 0x1000, 0x7fffffff, 0x46a3, 0x6, 0x2, 0x1dd50645, 0x401, 0x5, 0x101, 0xbf, 0x0, 0x9, 0x3, 0x65, 0xffffff13, 0x2, 0x30, 0x1a3f, 0x2, 0x389c, 0x4, 0xffffffff, 0x3ff, 0x4, 0x4, 0x6, 0xf3bb, 0x1ff, 0x8, 0xf, 0xb, 0x401, 0x4, 0x1000, 0x1, 0x8, 0x1, 0x7ff, 0x7fff, 0x8, 0xd, 0x3ff, 0x4, 0x1, 0xffff, 0x7ffc, 0x2, 0x9, 0x1, 0xfff, 0x0, 0xfffffffe, 0x4, 0x0, 0x101, 0x78f0, 0xf, 0x7, 0x0, 0x3, 0xf1c7, 0x100, 0x3, 0x4, 0xfffffffe, 0xffffff7f, 0x3, 0x8, 0x6, 0xd, 0x3, 0xa, 0xd0, 0x200, 0x0, 0x400, 0x9, 0x6, 0x132c, 0xaba3, 0x1, 0x3, 0x1, 0x5, 0x6f788000, 0xc, 0x1ff, 0x40, 0x8, 0x3, 0x2, 0x1, 0x0, 0x71, 0xb13, 0x4, 0xbc5, 0x0, 0x7, 0xffff, 0x100, 0x7b58, 0x1, 0x807, 0x1ff, 0x3, 0x400, 0x80000000, 0x1040, 0x3, 0xfffffffa, 0x9a5, 0x8, 0x5, 0x1, 0x9, 0x3, 0x9, 0x7, 0x3, 0x1, 0x101, 0x2, 0x6, 0x598f, 0x5, 0x8e, 0x0, 0xa, 0x9, 0x1000, 0x8, 0xd00f, 0x2, 0x1, 0x6, 0x2a, 0x7, 0x100, 0x24e, 0xbd, 0x2, 0x2800000, 0x807, 0x0, 0x401, 0x6, 0x2, 0x9, 0x7039, 0x4, 0x1, 0x9, 0x1, 0xb18, 0x2, 0xfffffffe, 0x26e, 0x6, 0x5c, 0x8, 0x100, 0x3ff, 0x1, 0x0, 0xb, 0x10000, 0x8, 0x6, 0x2, 0x6, 0x7, 0x6, 0x7ff, 0x1, 0x4, 0x8001, 0x3]}]}}]}, 0x434}, 0x1, 0x0, 0x0, 0x40098}, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
r8 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r8, &(0x7f0000000200)="2478546ca4fa3b0bfe4ddf30cc5a", 0xe, 0x4000050, &(0x7f00000001c0)={0x11, 0xf7, r7, 0x1, 0xd8, 0x6, @multicast}, 0x14)
r9 = socket$unix(0x1, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r10=>0x0})
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r10, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x8000004)

17m7.334067918s ago: executing program 2 (id=113):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x20, 0xf, &(0x7f0000000bc0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x3}, {{0x18, 0x1, 0x1, 0x0, 0x1}}, {}, [], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='syzkaller\x00', 0x2, 0x0, &(0x7f0000000240), 0x41100, 0x20, '\x00', 0x0, @netfilter=0x2d, 0xffffffffffffffff, 0x8, &(0x7f00000003c0)={0x5, 0x5}, 0x8, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x5, 0x0, &(0x7f0000000580)=[{0x0, 0x3, 0x8, 0x4}, {0x1, 0x3, 0x20008, 0x3}, {0x0, 0x5, 0xc, 0x8}, {0x0, 0x2, 0xd, 0x3}, {0x3, 0x2, 0xe, 0xc}], 0x10, 0xb77a}, 0x94)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x8000000004)
r2 = socket$kcm(0xa, 0x3, 0x3a)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @loopback, 0x6, 0xfffe}, 0x80, &(0x7f0000000300)=[{0x0}], 0x1}, 0xd0a0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
listen(r3, 0x6f6)
writev(r1, &(0x7f0000000280)=[{&(0x7f00000005c0)="580000001400192340834b80040d8c560a06ffffff7f070000000000000058000b480400945f64009400050038925a01000000800000008004000000ff0109000000fff5dd0000000800030006010000418e01400004", 0x56}], 0x1)
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000100)='./file1\x00', 0x200400c, &(0x7f00000002c0)={[{@mblk_io_submit}, {@errors_remount}]}, 0x3, 0x551, &(0x7f00000011c0)="$eJzs3cFvHFcZAPBvNt7YSZ06hR4AAQ2lEFCUtb1praoX0gsIVZUQFScOqbG3luXdrOXdiNrkYB+5VyISJ+A/4MYBqScO3LiBxKGXckAKEIFiJCS2mtmxvbF37bXs7Nre308a77w3k/ne282bN/PsnRfAyLoREZsRcTki3o+IqTw/yZe4217S/Z4+ebiw/eThQhKt1nv/TLLtaV50/JvUC/kxJyLih9+L+ElyMG5jfWNlvlqtrOXp6WZtdbqxvnF7uZDnlOdm52bevPNG+dTq+krtt4+/u/zOj37/u698+qfNb/8sLdbkz69l2zrrsad44phJfpzJjryxiHjnxEc+O8by/z+cP2lr+1xEvJq1/6m4lH2aAMBF1mpNRWuqMw0AXHTp/f9kJIVSPhYwGYVCqdQew3s5rhaq9Ubz1lT9wf3FyMawrkex8MFytTKTjxVej2KSpmez9b10+Zn0R5U7EfFSRHw0fiXbXlqoVxeHeeEDACPshX39/3/G2/1/p5P/FgwAOHMmhl0AAGDgOvr/68MsBwAwOO7/AWD0HKP/9+1AALgg3P8DwOjR/wPA6Dmy/98aTDkAgIH4wbvvpktru/38650ndd9erDRWSrUHC6WF+tpqaaleX6pWSgut1lHHq9brq7Ov7yYb6xv3avUH95v3lmvzS5V7Fc8SAIDhe+mVj/+Sdvqbb13Jlo5rgI7n/pjdAS6iwrALAAzNpWEXABga3+eB0dXHeLwhe7jgukzR25YPECS9dnhkeBDOq5tfPDD+v9ucdfxwsZ1k/N/YAZxvxxr////On/995/kUBhgofTiMrlYrMec/AIwYY/xAz9//53o+IuRRHwe/e/zyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwHkwmS1JoZTNBb6Z/iyUShHXIuJ6FJMPlquVmYh4MSL+PF4cT9Ozwy40AHBChb8n+fxfN6dem9y/9XLy3/HsNSJ++sv3fvHhfLO5Npvm/2s3v/kozb/SXCtfHkYFAIBOO/NufrKXlfXf5fy140b+6ZOHCzvLIIv4+O2ImLiSxd/Ol/aWsRjLXieiGBFX/53k6bb0euXSKcTf3IqIL+zUfyI+7IgwmY2BtGc+3R8/jX3t1ON3vv/74xeeqW8h25a+FrP34vOxr3DAkT5+u32ebLe9rInn7a8QN7LX7u1/IjtDnVx6/kub6/aB819h9/x36UD8JGvzN3bTh5fk8et/+P6BzNZUe9tWxJfGusVPduMn3c+/xdf6rOMnX/7qq722tX4VcbNr/XdmpK5lp9npZm11urG+cXu5Nr9UWarcL5fnZudm3rzzRnk6G6Nu//xj+6CtZ2L8461bL/Z8b7YirvaIP3F4/eMbfdb/1/97/8dfOyT+t77e/fN/+ZD4aZ/4zT7jz1+923P67jT+Yo/6H/H5x60+43/6t43FPncFAAagsb6xMl+tVtaOWEmvNY/ax0r/K+m9/RkoRrYSmxGndcBsUCIiuu6TXlGfjSo/r5VkaNF/k69cO0ajPnRl2Gcm4Hnba/S99/nrIAsEAAAAAAAAAAAAAAAc0FjfWBnv/m2tU1sZdh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uD4LAAD//8J/yC4=")
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3813009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f00000001c0), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), r0)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan0\x00', <r5=>0x0})
sendmsg$NL80211_CMD_NEW_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r4, @ANYBLOB="090d2000000000f0ff000700000008000300", @ANYRES32=r5, @ANYBLOB="0800051d000000001400060076657468115f746f5f7465616d0000000400cc0008000500090000001400040073"], 0x58}}, 0x0)
mprotect(&(0x7f0000714000/0x4000)=nil, 0x4000, 0x1)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
mremap(&(0x7f000037a000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f00004b3000/0x4000)=nil)
mremap(&(0x7f000033a000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
madvise(&(0x7f000042f000/0x800000)=nil, 0x800000, 0x15)
socket$xdp(0x2c, 0x3, 0x0)
r6 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
write$P9_RSTATu(r6, &(0x7f0000000840)={0x20f, 0x2, 0x0, {{0x51f, 0xce, 0x0, 0x0, {}, 0x2810000, 0x8, 0x1, 0x0, 0x1b, '\x04nodev{evoo~\x059\xc6\x00\x05\x00\x007\xd9:\x8b\x92\x00\x00\x00', 0x38, 'pg>\xff\xeb\t\xb55\x1f[\xde\x05@\x00\x00\x00\x00\x18{\x83\x00\xb5\x00\x00+YN\xcb\x14\x03CT\xb9\xfd\x9e\xf1\x96\xa5\x1c\xd5\x15z\xdc\x81\x03\xb4\x94\xe1\x00\x00\x00\x00\x00\x00\x00\x00', 0x2, '\x00\x00\x9f\xd2\x8f43\xb6\x02\"K\xdd_MR\xb8=a\xcb\v!\x89A\x16\x95\xef\xe2\xefH\xb2\x11\x1d\x1c6\x04\x82\xe6\xc7\x8e\x1e{\xb8\x8e7\x9d*\xec\xff\xfe\xc3\xa1\x9e^\x17<\x8b\x04\xcfr\f\xa4+\xfd3\x8c\xb7\x0f\xdaP+\x89/\xb0\xdd\x83{\x9e\xc6S\x05\x0f\r|\xdcE\x99\x7f\xa6w;\xbf\xe1\xbdp\xee\x03\xe4\xaf\xb4\x99\xa2\x9b\xd3\xde\xce/F@\xf8V\x02\x1c\xde\xe9\xdcoR\x1e{\xc0jv\xa9\x1eg\xba\x8d\xf3\xcc%:\xbcY\x1a\x15\a\x7f\x89\x92\xeaWv\x80\xff\xec\x87\xa9\x06\xd0(\x8am\xbf2\xa2$\x01T6{\x1e\x05v\x1a;\xac\xde\xab\xba\x82\xb3\xccLFl\xe0\x0e&\x81\xb2\xffk\x94\"\xd8\x01\b\n\x96\xc8\xc8r\xa6\xad\xd7\xd7 D3\x82\xaea\xb3U89\xde#4]\v\xdd\xcc\t\x878\x97\x03\xf81\xa0\x948\x91\xf0\xfa\x9eo\x9b\xb5w\x86\xd9R\xc2\x9a\x8c\xbd\xb8M\xd5\xed~\xd8\xab\xf6\x0f\xacKC\x1b\xbfo\x0e\xc9\x006\xf5\xe4', 0x2f19639a8414712, '\xf8\xf6i\xfbqm\xcf1^\xca\xf3\x85@\x9a\xc6[\x94\bg\x8c\xa4\x00\xb4\xb0\xb4\xf1t\xa6f\xa8r\x9aE\x1b4\a\xdb\xda\xb2\x02\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xec!\xca\xbf\xf2\x0f\xfd\x1aL\xc2\x80\xe8\xe2\x89\xdad\x9a7\x00\x13\x12D\xf7s=\xa4*&%\x00\x00\x00_\ro \xe5\xfd\xac\xfb\xa5l\xf3\xe7\xa3\xc0\x14\x19N\x13\xa4\x92G\x7f\x92\'\xe4{\x1a^,)\xee\xec\x05}d\xc2\xb5\x9e\\\xa6\a\x1e\x06l\xa4\x86,\xff\b\x9f\xd5\x9fo\xb8\x8cLi\x14\xd0\x9a\xf7\xf6'}, 0xfffffed4, 'odev/n\xb1{#\x00\xf9\xda\xa5\xee#&n\xcf\x85\xfe\xa6^B\xd9y\xa3\xfd\xe5\xf4u\xda\xf0;\x11r\xd9{\xad\xc7\tZ\xfdv\xfeO\x04A\xf7\xf7t\x1e\xac\x03\x00\x00\xec\xff\x00\x00\xdb\xa0\xc2\xf7\xf0\x9f\xf5<~M\x1a\xd6n-\a\x01\x98\x01\x9f0\x11\x84G\xaa\x9at\xf5\x16\x85\xf5\x06\xae\x89H\x06\x87\x82g\xd5\xa1)\x8dy,J7\xf2\xe1\xcb\xbd$\x82\x92\x9a\r\x89r\xb5\xcfs.\xa5\xb0\xd7#\x85\x9d\xba?\x93\xae\xd3\xb4.\xe7\xca\xc0}\xe0\x9d\x1dh\xa6\x033\xa8\x82F}+1\xaa\xcd\xf9\x18\x85I\xb1\x12]lL\x9b\x18\xc2\xfbV\xc5}}\xc6&\xe49\a\x96\xa1\xebH\'Fi\xab\x13\xf8\xb1\x1d\x14`Y\xf3\x10\xe2cMY?\xece\xd5)\xf3\x82\x06fd\xdf$NL\x90W\np\x04\x9f9\x9f\x06\x1fu\xb7y|\xe1\xfe\x11\xea\x91\x96\t\xd5\x1aA\xdd=\xe3\x04\xbd|~\xd0\xa4V\xf0\xae\x12Qa\x05\xc9\xce\x88}\xf5\xa6\xe0\xb6\xa7}Yl\xf8\x8b\xa6\xe5\xc69|}P!\xd7\x98\x95(\xfd\x179\xe1\xc2\xd8\x7f\xff\x00'/300, 0x0, 0x0, 0xee01}}, 0x20f)

17m6.401229958s ago: executing program 2 (id=115):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f00000000c0))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3})
syz_io_uring_setup(0x2048b7, &(0x7f0000000140)={0x0, 0xfffffffc, 0x20000, 0x0, 0x386}, &(0x7f0000000200), &(0x7f0000ff4000))
r2 = syz_io_uring_setup(0x49a, &(0x7f00000000c0)={0x0, 0x79b2, 0x1000, 0x2, 0x40024e}, &(0x7f0000000340)=<r3=>0x0, &(0x7f0000000300)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x40, 0x4007, @fd=r1, 0x6, &(0x7f0000000440)=""/207, 0xfffffffffffffd5a, 0x2, 0x1})
io_uring_enter(r2, 0x627, 0x4c1, 0x43, 0x0, 0x0)

17m5.725730876s ago: executing program 2 (id=116):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007500000004"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, 0x0)
close(r2)

17m5.235796479s ago: executing program 32 (id=116):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007500000004"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, 0x0)
close(r2)

12.337272876s ago: executing program 4 (id=2496):
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000001c0))
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000000)={&(0x7f00002b9000/0x400000)=nil, &(0x7f0000779000/0x1000)=nil, 0x400000, 0x3, 0x2})
r1 = syz_open_dev$tty1(0xc, 0x4, 0x3)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0xc2240, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xf)
ioctl$TCGETA(r2, 0x5405, &(0x7f0000000000))
syz_usb_connect(0x0, 0x36, &(0x7f0000000000)=ANY=[@ANYBLOB="120100005dbafc40fd0b0c01162d01020301090224000100000000090400000221efb00009050202000000000009058202"], 0x0)
ioctl$KDSKBSENT(r1, 0x4b49, &(0x7f0000000480)={0x2, "b6575e5d0fb7d32d5e6d9b8bb17b798e2b796caba43a0ea97dd883ee66185e5967fb39a3d054aaae1fe3373ef112f7753e859ec2e3c37d27e61bfe8307b0de91221de1c625cb23fb049a8424b2c3d0d13e1e3b0c41c626db46e6733a64d08969b6c3232c805b7de7063f08a2b0dcddd0b12906b747a776fc12db388457b33885c78ef69a3ba42c3a188fcf096984037fae1ee46156980090e61bb7c09ce792675922367733d5eef91c1fd1480442dcdb4540feec76c8aa94efe68c89eb29169922d237ead0fe0270700b22ac1f51909d4c8b341266b3ec7aa9968aa71129675a7366ee919c133662e232d0a165d9316d8157faaad3c1f1f4cca7da0a5cfde995c66b75d0495e8e14cb0a14a8300dbb3678215350265d536a39755320d32ecb7171d1d3c2157a22df49352f9ccbb48a6764d96ce8d1fd58c05d2872d249d491959df2b565b0b6639ac5ae2b0f0f9410ce244861cd5460f69c685c365f16bf3d4acdb5d12b3cd46788d91b5fb4d73433f627701547a52ff2859ce78bd98f3f9dae3a686d58125eb56753f3ace7c67fe65629f929ccbd89d7d3cdad28f677e801e3ffaf06a11c8ddd6369edf02efa87029f7c57335238ffba2de4d8d93684692a0e76673994903e9d284404ea78213ec7c889dcc5a00754acdec4eadd0fd4fe81f6ef9df96a8dc70cfa3c1a148c34714d54377588244d464abc244f7dc73b67fa21"})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000000)={'lo\x00', <r4=>0x0})
r5 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000002340)=@newqdisc={0x24, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r4, {}, {0xfff2, 0xa}, {0x2}}}, 0x24}, 0x1, 0x0, 0x0, 0x80c0}, 0x4000)
socket$nl_netfilter(0x10, 0x3, 0xc)
r6 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r6, 0x3b81, &(0x7f0000000340)={0xc, 0x0, <r7=>0x0})
ioctl$IOMMU_TEST_OP_MOCK_DOMAIN_FLAGS(r6, 0x3ba0, &(0x7f0000000200)={0x48, 0x2, r7})
r8 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000380)={&(0x7f0000000080)=ANY=[@ANYBLOB="9feb010018000000000000001c0000001c00000003000000010000000000000e0200000000000000000000000000000604000000002e"], 0x0, 0x37}, 0x20)
r9 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x9, 0x4, 0x4, 0xa, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, r8, 0x2, 0x1}, 0x50)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000240)={r9, 0x5b, &(0x7f00000001c0)}, 0x10)
r10 = socket$inet6_tcp(0xa, 0x1, 0x0)
r11 = openat(0xffffffffffffff9c, &(0x7f00000004c0)='./file1\x00', 0x443, 0x0)
timerfd_settime(r11, 0x1, &(0x7f0000000040)={{0x0, 0x3938700}, {0x77359400}}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0xa, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000005000000bca30000000000002403000040feffff720af0ff0000000071a4f0ff000000001f030000000000002e0a0200000000002600000000ff000e61143c00000000001d430000000000007a0a00fe00581c1f61145d0000000000b503f7fff80000009500000000000000033bc065b78111c6dfa041b63af4a3912435f1a864a7aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168e5181554a090f30002af51efd601b6bf01c8e8b1fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e65440000000000000000028610643a98d9ec21ead2ed51b104d4d91af25b845b9f7d08d123deda88c658d42ecbf28bf7076c15b463bebc72f526dd70252e79166d858fcd0e06dd31af9612fa402d0b11008e59a5923906f88b53987ad1714e72ba7d06a59ff616236fd9aa58f0177184b6a89adaf17b0a6041bdef728f5089048ddff6da40f9411fe7226a40409d6e37c4f46756d31cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10076443d643649393bf52d2105bd901128c7e0ec82701c8204a1deeed4155617572652d950ad31928b0b036dc2869f478341d02d0f5ad94b081fcd507acb4b9c67382f13d000000225d85ae49cee383dc5049076b98fb6853ab39a21514da60d2ae20cfb91d6a49964757cdf538f9ce2bdbb9893a5de817101ab062cd54e67051d355d84ce97bb0c6b6a595e487a2cc47c0efbb2d71cde2c10f0bc6980fe78683ac5c0c31032599dd273863be9261eee52216d009f4c52048ef8c126aeef5f510a8f1aded94a129e4aec6e8d9ab06faffc3a15d91c2ea3e2e04cfe031b287539d0540059fe6c7fe7cd8697502c7596566de74e425da5e7f009602a9f61d3804b3e0a1053abdc31282dfb15eb6841bb64a1b3045024a982f3c48b936e6f9e0fcda88fe4413537528fdb6153baae244e7bf573eac34b781337ad5901a4cad2422ee965a38f7defbd2960242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44022a579dfc0229cc0dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc48899b212c55318294270a1ad10c80fef7c24d47afcc829ba0f85da6d888f18ea40ab959f6074ab2a40d85d1501783a7ab51380d7b4ead35a385e0b4a26b602396df7e0c1e02b88c114f244a9bf93f04bf072f0861f5c0b000000000000eedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba3401e6a52acb1188883ad2a3b1832371fe5bc621426d1ed01b389708165b9cdbae2ed9dc7358f0ebadde0b727f27feeb7464dcc536cbae2f5c7d951680f6f2f9a6a8346962a350845ffa0d82884f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010ae20e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d648532869d701723fedcbada1ee7baa19faf67256b56a41fd355b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2654026c6ea08b83b123145ab5703dad844ceb201efeb6dc5f6a9037d2283c42efc54dd84323afc4c10eff46248843187f1dd48ef0900000000000000ff0f4000000000f00700003c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538c6ee6ba65893ff1f908ba7554ba583ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738612e4fee18a22da19fcdb4c1011e32f808890205f0e6da2819d2f9e77c7c64affa54fec0136cbafa5f62e96753b639a924599c1f69219927ea5301fff0a6063d427180d61542c2571f983e96635600000554f327a3535e7c7542799493c31ac05a7b57f03ca91a01ba2a30ca99e969d6fd09dc28ebc15edb4d91675767999d146aef7799738b292fd64bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a794963442aece449a0d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2869291b7d12096833d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e637d4219ef7ec61261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ecab5d232f89fe0120f64c62e8e3ed8bcb45202c204bbec8d722824c0ebca8db1ea4a05e41f6016ab5bbe4fe7ff5d785d0128171c90d9900ca2532b0f9d01c4b45294fbba468df3e1b393cb4e62e753b4172ba7ac1f2b51c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addbc4b3093c91b8068c5adfcb0d7fd849904568916694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a881192292ffff5392ab3d1311b82432662806add87047f601fa888400000000000000000000000000006acc19808d7cf29bc974b0ea92499a41b9b9a7c2bca311a28ee4952f2d325a56397c78f12205db653a536f0100e0eda300a43a13bd1b9f3322405d1efd78e578dc6b3fb84f3738a4b6caa800000087efa51c5d95ecba4e50e529d1e8c89600e809dc3d0a2f65579e23457949a50f2d0455cf699b3746979f99f6a1527f004f37e84fb478199dc1020f4beb98b8074bf7df8b5e783637daf121f175a81cffff4ac55a4385e9a617aa6c8e10d4202c5afeb06e2f9115558ea12f92d7ae543d44086b3f03b20d546fa66a72e38207c9d20035abc46271a30f1240de52536941242d23896ab74a3c6670fdc49c14f34fc4eadd6db8d80aba439772bf60a1db18c472dafc5569adc2c406f39f82928d2a1ffe29f1a57d3f18f4edaeb5d37918e6fddcd821da67a0785585a4443440dc65600e64a4a274000000000000000000000000000000000000000000000009dd14b38f2f5426d7cf5075047c31f6ce6adddfe3ac649c0643c8bfbeb14ba1fd7a485aa893915cf81e29aaf375e904bbe52691a4120260ffcd030000006d291ebcef893e1b9ccb6797d0646fe0e7274434f28efb43e06e64f0698caca42f4e6018a455736c482a017e2b13dac4a90faa109f0e87cc94e3efb649692456463ca74aa6ad4bf50c1acb3928143be1c1023a375e528285544d0064b98646f3109e9a4942ce42c6e7ec84b664f6c2770803f10b0a1fcbfc309381aeba191950bae71f37f1eb7ceeffb3c0547ac6571603adbfde4c8b5f8d7f4b854441613633b48865b65bdc415e1e0dcf672d68cf4cebf04f4bc1eebf560a26d3b332240d450fdb0a9a69f432e277f3a0386eb2bd1305c821c64757f786b79fef54dbe64c67d73934bc80b2133fb3c04cc7ea48bf97a6243c9f95dcbddecf45f008f1822c7868e1ff5a3cff5d6b6898335792749df7b1f51e91f8c1c3b1b93b33aaa3fab69cef08a9f6f6cf39dea3d878b2ed42545421970cc426e644332bc956d1c6adefdf0ede2c5c94aa632646ae225accdf031f611d01622921f1b922a5ac887cca3136133dce8d9f5f4da7bed2ea5d94362200000000000000000000f296b0c1484e5f781ad26bff696b05ff0a5e2270e07e18b04273bd4075ea38ab463bfa6a38e7c537498ba3e4df8dfc9e8c0a0d213c3ffad44d2a376def42e41e9fc3167a257e040fa7cf32c221aaac6cfdeb33c27500001a0000000000000000000017350000c11ae694b0c69c2c03f6790044a357e785af6e153d5f1ea460af92c7cbbd6295afe740f5e154346d483e0d10522a7a945b93fb705b95b6aae27a8fab1e6984c8bdc12360627137ab6737b68ab08a1a4b94cb29a74dc36b51209cfbc87f61182bbeb2772e9d5a1ffc477179be481ffe46a4ce86be0b1f8eee42a611a3d44ca450b14586ed63dd92005c79e4a8ab8a94f0b74903580ac98708007c80d6c7d0de4614195e40d797c0348dd70f36a220e8b3710fb5358c27e90793bcb9ee6319342c4b239ca8cbc6fc83d32e6eb62ad92e43991f2447be9c2a1ae1119eafb901a43d57e885116d19aa152bfb89f8d0b2516f80120a1cddff771657f3d0288ec3899f1e3ba0151c4037148fb479de703fc52b6573349c28d1b107d859b4961324c17756dde99de1924a1d2b7095d34a55060f47f4407d89acf9f1d2156befec432e8e993c79027b7ef285b20c2e6b3d0491d0d3591b0d94713332b6b79c8297117b0d14eff64e0aca8a4b4aa773d8fba1217e9519952419bb9dd998d0ec870ff00b6d556018602738fbc6cec89d6dd13cf55b96f6fe9a137d2d6a56ad78e52c23ed080000000000002bc261a781fd14126c146a0aac4221839a4b9bbf61e4bba695a41e2109eba8e40c370267cc51ffadbd15cafc97a4d3edfdcb9b5729307c6bdaf7b69325fb05fa8a9869de0600ee477d71bf3e36d1d9019edfa27aae24b632f251df210c86a18fae731ecb8b0d48357378caf2b6789509b1bacfd4fa812dc341875cfa5e798bbf59770000000000000000c8a594ea3c3347962d9113b1fecdfad5a8da641053f02e49456f5d21674521e67a5b18ea451eccf69dd6af928d2d68da9304a296c22fdc0500000000000000b1aade386b113045033a6188d56e675564d8cb8d5b40114b0f5bf15dd64c9ece60b8588ee8777d0ea8f4713b258427c7d90f9e93348e17723ba9ab8ae790f74cc41ae5795835f3cec40dff485d2802c08611454d9ea784a205bcc07ec26f906f3cf45bb37014ab6f22af6213618e242b283ea9d3f0677ee598072ec06f7170009d92bb87d9d12c378dfd3e74ec056ee83eef666423d934fc5908c9ff98715218a5964f1e00000000426ac9588e27aefe307f49662990ee823568bbc2f89596ced7c6c52d76b8096f1848410843b93fd404f535be474f456778b5ef85abb8fc2336abd5ea64a6efea8a5aca0015499b88ae780a7bae4df603bd3c72808cf300440b1b638a6640f7de8d0d82f359ca2f779cd48cd8d3603f4f69e47f386988c9b7b5d6dd3d48a1fdca780049d7c87bea42161a4c0d7cf0125b43dc9d8845f3c05a08acda647e7143d0e0aee2949a45e28488b0522c2288072467d2afe269f589fb7e034b92d3ca245b16b71998711bfe206c9690b6d0eebb06a29349229eb45ff15c63aa2c82c56d7420738cd1b04eb16e87cb524315d7361ea3635d3799bb7fcc56aa5e1dbe031a7a12554dee6754b72f43a6fddf427f32ec3df274a88097725679769beebf1aa6eb09d5154e4900000000000d0f7160a05911d969879953d3d4702b2676c07bb0fd14020a66718378825d5ed789711b77d40dc31e0b8fc651b45559da463f0000000000000000000000000052d42124e9c26aba885015e69d42ecd710342ac597ebea576ae15fdf611356f622e831741ab15549e0d7a2bd0324e2b3b48a10551607492c19eaf58485feb4cab19c303b30ba2ddea0d792d77724c9fa4ed58b93668fc20484f141ee2b6a0029e88fdc853189b4dafd36ff23b11967090e508f45e3f10857038a52ef275cf9e3e4b5d30b12d138dfa70930c603b5e3f4b7be67be3dba3cbd8d4d143195af0697d779445d67dcfbd922d12a8b49f93eac7a72faacf80346b3b669615f2710eb8df39fc8c04d2c9c196fa6facfea613569a35cde6451f2edf55ce25c7d72ec7ea85a92458c0559ca3a94727d495bd4671a55a70bc544d71d8e0257707a31936f1adf224077310a86bf447ec92c650acca8c6b0721020894b06178c32f4472d17174d6eb2b067030c5d2c12583f46d2da7fba42d4083259c7cdc8bf1f4299c248865d3c809356c3ed"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffff97, 0x10, &(0x7f00000000c0), 0xffffffffffffffc2}, 0x48)
connect$inet6(r10, &(0x7f0000000180)={0xa, 0x4001, 0xd000000, @dev={0xfe, 0x80, '\x00', 0x1b}, 0xd}, 0x1c)
r12 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r12, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f0000000000)=ANY=[@ANYBLOB="fc000000190001002dbd7000000000000000f5ff000000000000000000000004f4ffffffffffff00000000000000000000000000000a00000a00000000000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB="00000000000000000c00000000000000000000000000000000000000000000000000000000000000ffffffffffffffff000000000000000000000000000000000000000000000000000a000000000000feffffffff7f400002000000000000080000000000000000010000000000000044000500ac1414aa000000000000000000000000000000003c"], 0xfc}}, 0x810)
r13 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0)
write$binfmt_script(r13, &(0x7f0000000100), 0xfffffd9d)

10.068235699s ago: executing program 3 (id=2505):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000008c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000005c0)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @dynset={{0xb}, @val={0x18, 0x2, 0x0, 0x1, [@NFTA_DYNSET_OP={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_DYNSET_SET_NAME={0x9, 0x1, 'syz1\x00'}]}}}]}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}]}], {0x14}}, 0x80}}, 0x0)

9.97882309s ago: executing program 3 (id=2506):
syz_usb_connect(0x0, 0x36, &(0x7f0000000180)=ANY=[@ANYBLOB="12014101d48d96101c06a4c021b40102030109022400dbbc0010000504370202a18632cf6c323ee85b652b1abb51088b7745f2ac70a92367105c91535022267cbb7fd2447f2065592b8c4c0e586563516747494bc9fd801152193b4f7a9c1eaf24f2fab707b2493c4a5de93cf4583d8f6c63cc94f1d5d3418ede84dad9acb35c01a119c4b140fb5feb2226c7"], 0x0)
r0 = openat$binfmt_register(0xffffffffffffff9c, &(0x7f0000000000), 0x1, 0x0)
write$binfmt_register(r0, &(0x7f0000000080)={0x3a, 'syz1', 0x3a, 'E', 0x3a, 0x8, 0x3a, '', 0x3a, '', 0x3a, './file0', 0x3a, [0x43]}, 0x28)
r1 = ioctl$KVM_GET_STATS_FD_cpu(0xffffffffffffffff, 0xaece)
r2 = openat$full(0xffffffffffffff9c, &(0x7f0000000040), 0x200000, 0x0)
getsockopt$PNPIPE_IFINDEX(0xffffffffffffffff, 0x113, 0x2, &(0x7f0000000140)=<r3=>0x0, &(0x7f0000000380)=0x4)
r4 = dup3(r0, r0, 0x0)
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000440)={0x30, <r5=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0xd, 0x25, &(0x7f0000000240)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r1}}, {}, [@jmp={0x5, 0x1, 0x0, 0x3, 0x8, 0x6, 0x10}, @btf_id={0x18, 0x4, 0x3, 0x0, 0x1}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x5}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r2}}, @initr0={0x18, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0xf}, @cb_func={0x18, 0x6, 0x4, 0x0, 0x5}, @map_idx={0x18, 0x2, 0x5, 0x0, 0x7}], {{}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x2}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f00000000c0)='syzkaller\x00', 0x8, 0x35, &(0x7f0000000100)=""/53, 0x41000, 0x54, '\x00', r3, @fallback=0xb, r4, 0x8, &(0x7f00000003c0)={0xa, 0x3}, 0x8, 0x10, &(0x7f0000000400)={0x1, 0x7, 0x8f8}, 0x10, r5, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000480)=[{0x3, 0x4, 0x7, 0x7}, {0x0, 0x2, 0x1, 0xd}], 0x10, 0x62f8c831}, 0x94)

8.97849726s ago: executing program 4 (id=2509):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prlimit64(0x0, 0x7, &(0x7f0000000040)={0x4, 0x5}, 0x0)
poll(&(0x7f0000000080)=[{0xffffffffffffffff, 0x9400}], 0x1, 0x8)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)

7.977801429s ago: executing program 3 (id=2512):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000061000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x2c020400)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r0, 0xe8, 0x0}, 0x10)

7.932472445s ago: executing program 3 (id=2515):
syz_usb_connect(0x6, 0x0, 0x0, 0x0)
syz_open_dev$sndctrl(&(0x7f0000000040), 0x97b, 0x7c1182)
ioperm(0x0, 0x9, 0x40000000002)
rseq(0x0, 0x0, 0x0, 0x0)
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0x200080, 0x0)
setsockopt$sock_linger(r0, 0x1, 0xd, &(0x7f00000000c0)={0x1, 0x1}, 0x8)
shutdown(r0, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000100), 0xffffffffffffffff)
r1 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r1, &(0x7f0000001080)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_int(r1, 0x29, 0x3, 0x0, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r2}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
io_getevents(0x0, 0x5, 0x0, 0x0, 0xfffffffffffffffd)
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
syz_mount_image$squashfs(&(0x7f0000000240), &(0x7f0000000280)='./file0\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='\x00'], 0x1, 0x22c, &(0x7f0000000000)="$eJzKKC4sZmdgYPj7sSaZgUGAAQRYGEQYLjAwMrAwMDDIM4KFGD4yQeipUPomlGaDyl+B0r5Q8XYo/de8KiKKgYExU+meGdMB8RRFRgEGHpGvpx4wJDPwxzJYzvNecykoc8pVobdL94PUe4VWbmJgVE/hXzRnwwSnmbxgYxkjo5DNYT4gM4sDZBADA8PkPxH3HrBIMoggmSXK8U/sVMvyVWad9xlmdExLY2A0mMXBwMCgd0R3pp0BbzcT1MziyqrsxJyc1KLiMwyo5k9m3M+kyAhSd+bv1eAHjHYM3ZwMDQxyG/zVFn/7I1W5cVN95PSqiJqp3U03l66PY9im//eKidT7iRlh/x8cEtSyyMv/ME9G6fvmhjkfauqemDh2NirP5W+9/Pfd+5ja4gQ1psfiXYVs/AluWjWfnJ3cLB/PTa9u31KsuCArzWXisakX/yYcX8vAMPnCE1v9mjOH4hVjOKXcKufG3HWLZ+Vapn6+7g0Dw8GozxMZGJcz7mdiYJgZtnMPsr/KG6CRwcDMwMCgwsDAwMTAwpCWmZNq4MHAyMAM5RiyQFXBVDMxcIAl9JLzc1LaGRjBSQCsbTkDC9wMw8cMrHCOEYzz2oEBGbQzQOJfBcr3gNLLwWQsF0ydPFqyYWkAkf1QnkYDAwMbQ0ViSUmRIRsDA5QFFzOCixkJNDDAPQGxdS4TqueOMzGMglEwCkbBKBgFo2AUjIJRMApGwUgGgAAAAP//YTC4QA==")
ioctl$SNDCTL_DSP_SETFRAGMENT(0xffffffffffffffff, 0xc004500a, 0x0)
socket$inet_udp(0x2, 0x2, 0x0)
syz_emit_ethernet(0x3b3, 0x0, 0x0)

5.779000303s ago: executing program 0 (id=2518):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00')
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x2)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)

4.819592397s ago: executing program 4 (id=2519):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80000, 0x47)
r4 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r4, &(0x7f00000020c0)={0x2020}, 0x2020)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r5)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000180)={0x0, 0x7ff}, &(0x7f00000002c0)=0x8)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0x300)
prlimit64(0x0, 0x0, &(0x7f0000000180)={0x401, 0x8000000000000001}, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
io_setup(0x10001, &(0x7f00000001c0)=<r9=>0x0)
io_cancel(r9, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x6, 0x4, r7, &(0x7f00000102c0)="d4125880e7b57aabd1df2c2b615dd71adc9853a6599e962428be4ba25646608e369ee65ec358bb65486826c24b9c7a856d9850c35c63a052449a84f2fc4525d58cbf8e97a461a636a668538f7ae2629a18ac6b7c7ae8159a6ff38ace3f1a3ca7feed7d023eaa986efb9b2aa0202e30d27f704d4c75111e93c47f3b5119398309ffceda9deb562cc948e97a07812eb429de26044794371747529a18c3fb230f0ed2b1bf54980956f0b0991a6c1d374b63158700a97a4c37c71d23a5f2060e23aa8e3fa3ce29ff56ea9a55cb03da0d00006472c3c79d5339722bdea2106ce8a218469d8c53bb66bbed15ee02c334d0371b3b79925d747ee394a702872b7791809836ddd67ee77446487929ab7ad5b6cc59c4927412349a3bb6c313aaed4e76910ff404b078c1ef2e24d2d0822deb917fce5bb717fd95e9f64db80af105d0efc5cd6f323d2164ed6ba668bddf8c944963222b3e07b530fb09b1e3db55f0bff49a684c6a769a3c6669b428d439c1a4c12d882995a9de41e604cc4c8cafd74954671c9e9664ea50f6dcbe8f9d3e847a2652cb35cce43a4d92465193d7995637ff612aebdd18dc777f0c4d27d322e932091c803f09f85d1e750f7f17890cc8d68e91526cd9c53cbc42f60440ad3a04dbab98138f20de6a306a6c752e2872516d0d88a4609dda98a57df08176874fbce49bafd1970ca2871e4f7f345803", 0x1fa, 0x7, 0x0, 0x2, r7}, &(0x7f0000000240))
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
r10 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r10, &(0x7f0000000500)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x40, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @remote}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x19}, @dev={0xac, 0x14, 0x14, 0x24}}}}], 0x20}}], 0x2, 0x4000084)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f0000000140)={{0x1, 0x1, 0x18, r8, {0x8}}, './file0\x00'})

4.783135942s ago: executing program 1 (id=2520):
setsockopt(0xffffffffffffffff, 0x84, 0x7f, &(0x7f0000000040)="020000000980", 0x6)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffa, 0xffffffc, 0x10000, 0x3, 0x4002004c2, 0x1000, 0x6, 0x2, 0x400, 0x80, 0x3, 0x0, 0xa, 0x8d], 0x100000, 0x192402})
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x104)

4.561598611s ago: executing program 3 (id=2521):
setsockopt(0xffffffffffffffff, 0x84, 0x7f, &(0x7f0000000040)="020000000980", 0x6)
r0 = syz_init_net_socket$ax25(0x3, 0x5, 0xce)
ioctl$SIOCAX25GETINFO(r0, 0x89ed, &(0x7f0000002580))
syz_usb_connect$uac1(0x0, 0x71, &(0x7f0000000000)=ANY=[@ANYBLOB="12010002000000406b1d010140000102030109025f0003010090050904000000010100000a2401065e000302010209040100000102"], 0x0)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r1)
sendmsg$NLBL_CIPSOV4_C_ADD(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000000)={0x3c, r2, 0x1, 0x0, 0x0, {}, [@NLBL_CIPSOV4_A_TAGLST={0x4}, @NLBL_CIPSOV4_A_MTYPE={0x8, 0x2, 0x1}, @NLBL_CIPSOV4_A_DOI={0x8}, @NLBL_CIPSOV4_A_MLSLVLLST={0x4}, @NLBL_CIPSOV4_A_MLSCATLST={0x10, 0xc, 0x0, 0x1, [{0xc, 0xb, 0x0, 0x1, [@NLBL_CIPSOV4_A_MLSCATLOC={0x8, 0xc}]}]}]}, 0x3c}}, 0x0)
ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0xc008ae88, &(0x7f0000000000)={0x1, 0x0, [{0xf88e470f, 0xed}]})
r3 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002040)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r6}, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r8, 0x8933, &(0x7f0000002200)={'wlan1\x00', <r9=>0x0})
sendmsg$NL80211_CMD_NEW_KEY(r8, &(0x7f0000000800)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000000000000a00000008000300", @ANYRES32=r9, @ANYBLOB="1000c3461b6037690000000000000000"], 0x2c}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r5, 0x4090ae82, &(0x7f0000000200)={[0xc45, 0x9, 0xfffffffffffffffa, 0xffffffc, 0x10000, 0x3, 0x4002004c2, 0x1000, 0x6, 0x2, 0x400, 0x80, 0x3, 0x0, 0xa, 0x8d], 0x100000, 0x192402})
ioctl$KVM_RUN(r5, 0xae80, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

3.846815393s ago: executing program 0 (id=2522):
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000400))
clock_nanosleep(0xfffffff2, 0x225c17d03, &(0x7f0000000400)={0x0, 0x989680}, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x80000000004)
recvmsg$kcm(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0)
write(r0, &(0x7f0000000000)="29000000140005b7ff000000040860eb01ff00159f02c26ed638eeb738256e06a40e07fff0797ed9fa", 0x29)

3.846483513s ago: executing program 4 (id=2523):
r0 = getpgrp(0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000040)=0x14d)
prlimit64(0x0, 0xe, &(0x7f0000000100)={0x8, 0x80000100008b}, 0x0)
syz_mount_image$jfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x1c802, &(0x7f0000000780)=ANY=[], 0x1, 0x612d, &(0x7f000001b000)="$eJzs3cuOHFcZB/CvL9NzCXGsCEXGYuE4EBJCfLch3OKwYAFIICGvsTWZRAYHkG0QiSw8kReIBZdHgE02LPIaLMIrIB4ASzOsIkEoVDPnjGtqetxj7OmanvP7Se2qr0/X9Cn/p6YvdTkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMR3vv3Ds72IuPrLdMfRiE/FIKIfsVjXJ6KeuZwfP4yIY7HRHM9FxGA+ol5+459nIi5ExEdHItbW7yzXd5/bYz8unrl985Pvfuvvv/nDvWM/fvNHH7Tbf/Dp8x/+9m7E0e+/9uEnd5/MugMAAEApqqqqeulj/vH0+b7fdacAgKnIr/9Vku9Xq9Vq9ROtf98/WP1RF1o3VePdbRYRsdpcpn7PYHc8AMyY1fi46y7QIfkXbRgRT3XdCeBA63XdAfbF2vqd5V7Kt9d8PTix2Z6/p9yW/2pv6/yO3aaTtI8xmdbv170YxLO79GdxSn04SHL+/Xb+VzfbR+lx+53/tOyW/2jz1Kfi5PwH7fxbtuX/x4iY2fz7Y/MvVc5/+Cj5rw5mePuXPwAAAAAAh1/+/v/o1vf/q53s/51//FXZk932/w0erDIAAAAAAAAAzJzHHf9vi/H/AAAA4MCqP6vX/nTkwX27XYutvv9KL+Lp1uOBwqSTZZa67gcAAAAAAAAAAAAAlGS4eQzvlV7EXEQ8vbRUVVV9a2rXj+pxl591pa8/lKzrP/IAALDpoyOtc/l7EQsRcSVd629uaWmpqhYWl6qlanE+v58dzS9Ui43PtXla3zc/2sMb4uGoqn/YQmO5pkmflye1t39e/VyjarCHjk1Hh4EDQERsvhqteUU6ZKrqmej6XQ6zwfZ/+Nj+2Yuuf08BAACA/VdVVdVLl/M+nvb597vuFAAwDQv59b+9X0CtVqvVavXhq5uq8e42i4hYbS5Tv2cwHD8AzJjV+LjrLtAh+RdtGBHHuu4EcKD1uu4A+2Jt/c5yL+Xba74epPHd87Eg2/Jf7W0sl5cfN52kfYzJtH6/7sUgnt2lP89NqQ8HSc6/387/6mb7KD1uv/Oflt3yr9fzaAf96VrOf9DOv+Xw5N8fm3+pcv7DR8p/IH8AAAAAADjA8vf/R+3/zasMAAAAAAAAADNnbf3Ocj7vNe///+yYx/Wac1v7/+cjwvl/syzn39tz/s7/PUxy/v12/q0DcgaN+ftvPMj/X+t3lj+4/c/P5OnY/P+6tuOio53lPzcY1c891+sPhumYn2rurbgeN2Ilzux4/HBb+9kd7XPb2s9NaD+/o31Uty/m9lOxHD+LG/HmVvv8hAOjFia0VxPac/4D23+Rcv7Dxq3Ofym191rT2v33+zu2++Z03PNc/st/Xty5dU3fvRhsrVtTvX4nO+jPxv/JU6P4xa2Vm6d+de327ZtnI0223Xsu0uQJy/nPpVvO/6UXNtvz3/3m9nr//dEj539Q3Ivhrvm/0Jiv1/flKfetCzn/Ubrl/PMr0Pjtf5bz3337f6WD/gAAAAAAAAAAAAAAAMDDVFW1cYro5Yi4lM7/6ercTABgqn73vTRTVdsv1aFWq9Vqtfrw1U3VeK83i1jYvsyliPj1uB8GABxk/42If3TdCToj/4Ll6/3V08913Rlgqm69+95Prt24sXLzVtc9AQAAAAAAAAD+X3n8zxON8Z83jgNqjRu9bfzXN+LEjnE/BzMy/md/NNgY6zyt0PPx8PG/T8bDx/8eTni+uQntownt8xPaFya0jz3RoyHn/3zKOOd/PK1YSeO/vtRBf7qW8z+ZxnrO+X+h9bhm/tWfZzn//rb8T99+5+enb7373qvX37n29srbKz89e+bShfMXL5y/ePH0W9dvrJzZ/LfDHu+vnH8e+9pxoGXJ+efM5V+WnP/nUy3/suT8X0y1/MuS88/v9+Rflpx//uwj/7Lk/F9OtfzLkvP/YqrlX5ac/yupln9Zcv5fSrX8y5LzfzXV8i9Lzv9UquVflpz/6VTLvyw5/7yHS/5lyfnnIxvkX5ac/7lUy78sOf/zqZZ/WXL+F1It/7Lk/C+mWv5lyflfSrX8y5Lz/3Kq5V+WnP9XUi3/suT8X0u1/MuS8/9qquVflpz/11It/7Lk/L+eavmXJef/jVTLvyw5/2+mWv5lyfm/nmr5l+XB9f/NTHnm33+LOADdMGNm3EzXf5kAAAAAAAAAAAAAgLZpHE7c9ToCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMD/2IEDAQAAAAAg/9dGqKqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsIOHAgAAAAAAPm/NkJVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVUV9u4uRq7yvh/42VevDQn+B0IIccLaGHDC4l2/gkOcmLz9KWlTSkLatEmNY6+NE7/VaycQRWUptCUKUpHaC3rRNERpFKmtQFGkphKNkBqpvStXibho1EpcWCpUDkoqpQK2OnOe59mZ2dmZtb3rPXPO54PMzzuvz5w5M7vftb5zAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoNnGj0z/6UCWZfmfxv/WZ9mV+d/XZvvyL2d3r/YKAQAAgEv1RuP/f3dVOmHfEq7UdJl/ec+//WBubm4u+8Jr597887m5dMZ4lg2tybLGedG//uqXc82XCR7LxgYGm74e7HH3Qz3OH+5x/kiP80d7nL+mx/ljPc5fsAEWWFv8PqZxY5sbf11fbNLsmmykcd7mDtd6bGDN4GD8XU7DQOM6cyOHs6PZsWw6m1pwnYHGf1n2/Mb8vu7O4n0NNt3XhizLzv/8awfjGgbCNt6ctdxZQ/Nz9+pd2fhrP//awe+eeeWdnWbPzbBgpVm2ZVO+zsezbP7XVdlAtiZtk7jOwaZ1buiwzqGWdQ40rpf/vX2d55e4zvi4x8I6X+yyzg3htIduzLJsNlv0Mu0eywazdW33mrb3WLFH5LeRP5Vvy4YvaD/ZuIT9JL/Oyze27ift+2Tc/hvDNhleZA3NT8erj44u2O4Xu5/kj7oM+2p+2/fmdzo21vyr1ZZ9Nb/M125afB/o+Nx12AfSvty0D2zqtQ8Mjg419oHB+TVvatkHti24zmA20Livczd13wcmzxw/NTnz8FdvO3r8wJHpI9Mntk3t3rlj184du3ZNHj56bHpq8vDIsemF+1hVrMsG0z64KbzXxH3wlrbLNu+Sc88s3+tgrCSvg/yxf/rmfEFXDmaL7OP5ZR7fcumvg/R9v+l1MNz0Ouj4njq38HUwvITXQX6Z81uW9j1zuOlPpzWs1Hvh+qZ9YDW/H+b3+bn3Lv5euCGs64n3Xej3w6EF+0B8WAPhtZefkn7eG7sjbJeF+8X1+RlXjGZnZ6ZPb33owJkzp7dlYVwWVzc9V+37y7qmx5Qt2F8GL3h/2fe3r998fYfT14dtNXZr9+cqv8zOie7PVePdvXV7jmbF9mw5dXsWxtL1+vF/VbZnp+9m+fZMWaLL9swv8/htl/6zYMolTe9/I73e/4ZGhov3v6G0NUZa3v8WPjVDjZVl2fnblvb+NxL+XO73v2tK8v6Xb6vPbe2+D+SXeWLyQveB4a7vfzeGORDW896QGMaacv+bjfNni9206bnsud8MD4+E/WY43mPrfrNjwXXyW8vve8vUxe03W25sfa5afm6p4H6Tb6u/mOq+3+SXeWHbpb93rI1/bXrvGO21D4wMjebrHUk7QfF+N7c27gNbs4PZyexYdihdJ3+W8/ua2L60fWA0/Lnc7x3XlWQfyLfV09u77wP5ZX68Y3l/dtoSTkmXafrZqf33C4tl/uuH52+vfbMtd+bP1/nRn3wyndYpQ+SXeWXnheaM7tvp1nDKFR22U/vrZ7F9+lB2ebbTdWGdx3Z1/91Ufplrdi9xf9qXZdlLr7/U+H1X+P3u98/+5Actv/ft9Dvll7a9dM/kfT+9kPUDAHDx3mz8f3a0+Fmz6V+sl/Lv/wAAAEBfiLl/MMxE/gcAAIDKiLl/KMxE/gcAAIDKiLl/OMykJvn/wTv2PPvGI1n6NMC5IJ4fN8O9HywuFzves+Hr8bl5+ekf/s7Is19/ZGn3PZhl2ev3vKvj5R/8YFxX4VRc5/tbT1/guhuWdP8P3D9/uebPTzi/p7j9+HiWuhvErvLzk9sbtzv+8LbGfOGerDHvm33iseL2i6/j5c/tKC7/V+FDS/YdHmi5/pawns1hjofPlLl33/x2yGe83rMb3vPPV39m/v7i9QY2vbXxMJ/+w+J242dEPXV1cfn4uBdb/z9943vP5pd/6KbO639ksPP6z4XbfTnMX+0tLt+8zb/etP4/DuuP9xevt/XbP+q4/ufeUVz+ubBffCvM9vXf9WfvfqPT8xXvZ9+dxfXi/U/9z87G9eLtxdtvX//YI9tatkf77b/wWnE7e7/8i6Hmy8fT4/1ED9zZun8PhOe3pUeeZdn3/iRr2c7ZB4rr/WPb+uPtnbqz8/pvbVvnqYEbGteffzzrWx7XN/9me8fHG9ez7+/Xtzyepz4Wtt9rkz/Ob/fcfWF/DOf/74vF7bV/mNFzH2t9v4mX/9b64nUbb2+ybf1Pta1/9oZ82/Ve/92vFet/7kNrWta/7+Nhf7q7mL3Wf+Svr2q5/jPfLZ6P01+ZOHFy5uzRQ01btfl1vGZs7borrnzLW68K76XtX+8/eebB6dPjU+NTWTbehx8ZuNLr/3aY/12M2eW/h8JPf1Hsd09+ovi+dcsvi6+fCqc/EJ7P+P3xm3850rK/tj/vsx8q5qWu/31hHUv1jm/85w1LuuC5zz9/9h/+6JX2nwvi4zn19rHG43t647WN8wZeKM5vf7/q5T/e3vq6/tnwVGP+MGzXufDJzJuuLe6v/fbjZ5M8+ani9Rt/kovXz9o+T2T9UOvjuNT1/yz8HPOj61rf/+L+8cNH2j7NeX02kC9hNrw/ZLPF+fFScXs/ef7ajvcXP4cnm33nhSxzUTMPz0weO3ri7EOTZ6ZnzkzOPPzV/cdPnj1xZn/js0v3f7HX9edf3+sar+9D07t3Zo1X+8lirLDVXv+p+w8eun3q5kPThw+cPXzm/lPTp48cnJk5OH1o5uYDhw9Pf6XX9Y8e2rtt+54dt2+fOHL00N479uzZsWfi6ImT+TKKRfWwe+pLEydO729cZWbvzj3bdu3aOTVx/OSh6b23T01NnO11/cb3pon82l+eOD197MCZo8enJ2aOfnV677Y9u3dv7/npj8dPHZ4Znzx99sTk2Znp05PFYxk/0zg5/97X6/rUw8zJ8H7XZiD8dP7ZW3enz8fNfefRRW+quEjrj6fZq+GzoOL3t15fx9w/EmZSk/wPAAAAdRBzf/jg//kz5H8AAACojJj714SZyP8AAABQGTH3F8l/LB3+vS75f7n6/4/q/zfo/+v/Z/r/SYn6//G9Xf9/Fej/6/93o/+v/9/P69f/1/+nt7L1/0PuDz8c+vd/AAAAqKKY+9eFmSyW///9bVObL8fCAAAAgGUTc/8VYSb+/R8AAAAqI+b+K8NMapL/Hf9f/7+1/79W/7+l/x8vq/+f9Xf/v+v6+6j/v/m/9P8X0P/X/8/0/y/aavfn+339Jez/r9X/p2zK1v+Puf8tYSY1yf8AAABQBzH3vzXMRP4HAACAyoi5/6owE/kfAAAAKiPm/vVhJjXJ//r/+v91Pf7/esf/L/r/d+n/91H/3/H/O9D/1//P9P8v2mr35/t9/SXs/zv+P6VTtv5/zP3/L8ykJvkfAAAA6iDm/reFmcj/AAAAUBkx918dZiL/AwAAQGXE3H9NmElN8n89+/8vZ1m2qv3/1OfS/y/78f9r0P93/H/9/xWm/6//343+v/5/P69f/1//n97K1v+Puf/tYSY1yf8AAABQBzH3XxtmIv8DAABAZcTc/44wE/kfAAAAKiPm/uvCTGqS/+vZ/3f8f/3/gv5/6zr1//X/V4L+v/5/N/r/+v/9vH79f/1/eitb/z/m/neGmdQk/wMAAEAdxNx/fZiJ/A8AAACVEXP/u8JM5H8AAACojJj7N4SZ1CT/X3L/f1j/P9P/1/9fZH/Q/9f/r2P/f6Tt6/7q/w8ueo7+f0H/v9Xy9f9n5xdQgv5/vhz9f/3/XtfX/2cpLq3/P9D8Lr4s/f+Y+98dZlKT/A8AAAB1EHP/e8JM5H8AAACojJj7bwgzkf8BAACgMmLuHw8zqUn+r9Px/5v7f/r/Bf1//f9M/1//f4X1V/9/cfr/Bf3/Vo7/r/+v/6//T3dlO/5/zP0bw0xqkv8BAACgDmLu3xRmIv8DAABAZcTcf2OYifwPAAAAlRFz/+Ywk5rk/zr1/5st2v+fW6P/r/+v/5/uSf9f///S6f/r/3ej/6//38/rX53+/9r0N/1/+kHZ+v8x998UZlKT/A8AAAB1EHP/zWEm8j8AAACU05oLv0rM/beEmcj/AAAAUBkx928JM6lJ/tf/d/x//f8+7v8P6f9n+v/l0r5x9f/1/3vQ/9f/7+f1O/6//j+9la3/H3P/e8NMapL/AQAAoA5i7n9fmIn8DwAAAJURc/+tYSbyPwAAAFRGzP0TYSY1yf/6//r/+v993P93/P+W9fd//z9rvAv3df+/A/1//f9u9P/1//t5/fr/+v/0tnj/v/g583L3/2Puvy3MZKnBb3CJlwMAAABWTcz9W8NMavLv/wAAAFAHMfdPhpnI/wAAAFAZMfdPhZnUJP/r/+v/6//r/+v/l6X/X4Hj/3eg/6//343+v/5/P69/hfr/+RuB/j+VUbbj/8fcvy3MpCb5HwAAAOog5v7tYSbyPwAAAFRGzP07wkzkfwAAAKiMmPt3hpnUJP/3Sf9/aypA6f/r/+v/6//r//cV/X/9/270//X/+3n9jv+v/0+rTofGv2z9//avF+n/x9y/K8ykJvkfAAAA6iDm/t1hJvI/AAAAVEbM/beHmcj/AAAAUBkx998RZlKT/N8n/X/H/9f/L0P/P71B6P+30v8v6P93pv+v/9+N/r/+fz+vX/9f/5/eynb8/5j794SZ1CT/AwAAQB3E3P/+MBP5HwAAACoj5v47w0zkfwAAAOgrnY5DGMXc/4Ewk5rk/2Xs/z8TztL/L1X/f26N/r/j/+v/d1+//v/K0v/X/+9G/1//v5/Xr/+v/09vZev/x9y/N8ykJvkfAAAA6iDm/g+Gmcj/AAAAUBkx938ozET+BwAAgMqIuX9fmElN8n8Vjv8/3PyF/r/j/+v/6/+H0/X/y0H/X/+/G/3//uz/hx9b9P9L1P/P9yH9f8qobP3/mPvvCjOpSf4HAACAOoi5/8NhJvI/AAAAVEbM/R8JM5H/AQAAoDJi7v9omElN8n8V+v8t9P/1//X/9f/D6fr/5aD/v2L9/8Zbof5/Qf//4qx2f77f11+m/r/j/1NWZev/x9z/sTCTmuR/AAAAqIOY+z8eZiL/AwAAQGXE3P//w0zkfwAAAKiMmPvvDjOpSf7X/9f/1//X/9f/1/9fSfr/jv/fjf6//n8/r1//X/+f3srW/4+5/9fCTGqS/wEAAKAOYu6/J8xE/gcAAIDKiLn/E2Em8j8AAAD0mdFFz4m5/9fDTGqS//uv/z/el/3/wXT7+v/6//r/+v/6/8tJ/1//P9P/v2ir3Z/v9/Xr/+v/01vZ+v8x9/9GmElN8j8AAADUQcz9nwwzkf8BAACgMmLu/80wE/kfAAAAKiPm/nvDTGqS/5e7/99+/W4c/1//P9P/1//X/9f/v0T6//r/mf7/RVvt/ny/r1//X/+f3srW/4+5/7fCTGqS/wEAAKAOYu6/L8xE/gcAAICSevCCrxFz/6fCTOR/AAAAqIyY+z8dZlKT/N9/x//X/9f/1//X/9f/7yf6//r/3ej/6//38/r1//X/6a1s/f+Y++8PM6lJ/gcAAIA6iLn/M2Em8j8AAABURsz9vx1mIv8DAABAZcTc/zthJjXJ/7H/P6L/36D/r/+v/6//H+n/Lw/9/4X9//w9TP+/ULn+/2hxuv6//r/+v/4/hbL1/2Pu/2yYSU3yPwAAANRBzP2/G2Yi/wMAAEBlxNz/e2Em8j8AAABURsz9nwszqUn+d/x//X/9f/1//X/9/5Wk/+/4/91Urv8f6P/r/+v/6/9TKFv/P+b+z4eZ1CT/AwAAQB3E3P/7YSbyPwAAAFRGzP37w0zkfwAAAKiMmPsfCDOpSf7X/9f/1//X/9f/1/9fSfr/+v/dXEj/f6zD7ev/X5rV7s/3+/r1//X/CUYXP6ts/f+Y+w+EmexrvRsAAACgf8Xc/4Uwk5r8+z8AAADUQcz9B8NM5H8AAACojJj7D4WZ1CT/6//r/+v/6//r/+v/ryT9f/3/bhz/X/+/n9ev/6//T29l6//H3D8dZlKT/A8AAAB1EHP/4TAT+R8AAAAqI+b+I2Em8j8AAABURsz9D4aZ1CT/6//r/+v/17b//+L329ap/6//vxL0//X/u9H/1//v5/Xr/+v/01vZ+v8x9x8NM6lJ/gcAAIA6iLn/i2Em8j8AAABURsz9Xwozkf8BAACgMmLuPxZmUpP8r/+v/6//X9v+/9KO/792/n71//X/L4b+v/5/N/r/+v/9vH79f/1/eitb/z/m/uNhJjXJ/wAAAFAHMfefCDOR/wEAAKAyYu4/GWYi/wMAAEBlxNx/KsykJvlf///C+v8Di3QD9f87r1//vwL9/+CWoVL3/9fo/5eX/r/+fzf6//r//bx+/X/9f3orW/8/5v4/CDOpSf4HAOD/2LuvHb3OKo7DG8d2ZoTCMRI5yC0gLgAkLoBrQOKAY3onoYcOofcWQuiBUEPvvdfQQi8hEFooQQJlZq1lz3hmf+OZr+z9vs9zkGWPLXsb2yh/TX7aAPQgd/9D4hb7HwAAAJqRu/+hcYv9DwAAAPNxdvybc/c/LG7pZP/r/73/X/+v/z9K/z94/7/+/5j0//r/Mfp//f+cn1//r/9nsan1/7n7Hx63dLL/AQAAoAe5+x8Rt9j/AAAA0Izc/Y+MW+x/AAAAaEbu/kfFLZ3sf/2//l//r//X/+v/V0n/r/8fs+b+/zr9/17r6+cP/vXM5/kPpv/X/7PY1Pr/3P2PjlsOHX5njvCrBAAAAKYkd/9j4pZOPv8PAAAAPcjd/9i4xf4HAACAZuTuf1zc0sn+1//r//X/y+r/L7ngx9f/L7n/j78ng/5/VvT/PfT/5/4WT67/P7v359P/77Xpfn7uz6//1/+z2NT6/9z9j49bOtn/AAAA0IPc/U+IW+x/AAAAaEbu/ifGLfY/AAAANCN3/5VxSyf7X/+v/9f/z/D9/6c77f+9/1//fwD9/xT6/9m8/1//v8+m+/m5P7/+X//PYlPr/3P3XxW3dLL/AQAAoAe5+58Ut9j/AAAA0ITT9aWt4clxi/0PAAAAzcjd/5S4pZP9r//X/+v/Z9j/9/r+f/2//v8A+n/9/6D/P7ZN9/Nzf379v/6fxabW/+fuf2rc0sn+BwAAgB7k7n9a3GL/AwAAQDNy9z89brH/AQAAoBm5+58Rt1yw/7fX+FTro//X/+v/9f/6f/3/Kun/9f9j9P/6/zk/v/5f/89iK+//H3D1zj1q/5+7/+q4xef/AQAAoBm5+58Zt9j/AAAA0Izc/c+KW+x/AAAAaEbu/mfHLZ3sf/2//v9c//+/u+n/9f/6/3Mf1/8vh/5f/z9G/6//n/Pz6//1/yy28v5/Qe+//+u5+58Tt3Sy/wEAAKAHufufG7fY/wAAANCM3P3Pi1vsfwAAAGhG7v7nxy2d7H/9v/7f+//X2P/fOej/9f/6/yXT/x+7/9//V28v/f+R6P/1/4f1//c9wvPr/+nB1Pr/3P0viFs62f8AAADQg9z9L4xb7H8AAABoRu7+a+IW+x8AAACakbv/RXFLJ/t/iv3/pfp//X+r/f8s3v9/qsv+/66P6f9XQ/8/2f5/nP7/SPT/+n/v/9f/M25q/X/u/hfHLUfe//fZOur3BAAAADYjd/9L4pZOPv8PAAAAPcjd/9K4xf4HAACAZuTuf1nc0sn+n2L/P+j/9f/6//pxJv/+/0va6P9n+P7/64eZ0P/r/8fo//X/c35+/b/+n8Wm1v/n7n953NLJ/gcAAIDmnRpq978ibrH/AQAAoBm5+18Zt9j/AAAA0Izc/a+KWzrZ//p//b/+X/9/ov6/kff/z7D/nw39v/5/zFH7/0H/X78W/f90nl//r/9nsan1/7n7Xx23dLL/AQAAoAe5+18Tt9j/AAAA0Izc/a+NW+x/AAAAaEbu/tfFLZ3sf/3/ivr/rUH/r//X/+v/9f/6f/3/At7/r/+f8/PPvP+/16D/Zw2m1v/n7n993NLJ/gcAAIAe5O5/Q9xi/wMAAEAzcve/MW6x/wEAAKAZufvfFLfs3/+n1vlU66P/9/5//b/+X/+v/18l/b/+f4z+/+D+f+uQn0//P63nn3n/7/3/rMXU+v/c/dfGLT7/DwAAAPOx/xM9++Tuf3PcYv8DAABAM3L3Xxe32P8AAADQjNz9b4lbOtn/h/X/t99999v1/0dzWP+/rf/X/+v/9f/6f/2//v9Q+n/v/5/z8+v/9f8sNrX+P3f/9XFLJ/sfAAAAepC7/61xi/0PAAAAzcjd/7a4xf4HAACAZuTuf3vc0sn+X/77/6/Q/3v/v/4/rv5f/6//n1r/f8uxfx79/y79/176f/2//l//z7ip9f+5+98Rt3Sy/wEAAKAHufvfGbfY/wAAANCM3P3vilvsfwAAAGhG7v53xy2d7P/l9//e/7+e/v+qoZn+/5T+P+n/4/dV/6//vwje/99u/392OGr/v63/P6ZN9/Nzf379v/6fxdbV/5/e9/XD+v/c/TfsTL3+9j8AAAD04Iadf24N74lb7H8AAABoRu7+98Yt9j8AAAA0I3f/jXFLJ/tf/z/X/t/7/wf9v/5/3/Pr/6dJ/6//H+P9//31//v/P39uz38+/b/+n8XW1f8f1vvv/3ru/vfFLZ3sfwAAAOhB7v73xy32PwAAADQjdv/uf/xu/wMAAECTPrDzz63hg3FLJ/u/4/7/ipP2/9vnfVn/f/Dz6/+X0v/fsP/Pnv5f/z8n+n/9/xj9f3/9/zJt+vlP2P/nv0ouof+PD1yp/2d6ptb/5+7/UNzSyf4HAACAHuTu/3DcYv8DAABAM3L33xS32P8AAADQjNz9H4lbOtn/Hff/G33//9n4/ifv/x94WzyB/r/d/t/7/+Pq//X/B9H/6/8H/f+xbbqfn/vze/+//p/Fptb/5+7/aNzSyf4HAACAHuTu/1jcYv8DAABAM3L3fzxusf8BAACgGbn7PxG3dLL/9f+b6f83/v7/+I3U/+v/h9X1/6eHNvr/y/T/J6P/1/+P0f/r/2f4/PfML+j/9f8sNrX+P3f/J+OWTvY/AAAA9CB3/6fiFvsfAAAAmpG7/9Nxi/0PAAAAzcjd/5m4pZP9r//vtP+Pn3+V/f9dP4n+v5P+/yrv/x/0/4fS/+v/x+j/9f9zfn79v/6fxabW/+fu/2zc0sn+BwAAgB7k7v9c3GL/AwAAQDNy938+brH/AQAAoBm5+78QN9z7ss090nKdOeTj0ZtPt/+/8f7nf13/P7/+3/v/N9j/nx2GYfPv/9f/6/936P/1/2P0//r/OT+//l//z2JT6/9z938xbvH5fwAAAGhG7v4vxS32PwAAADQjd/+X4xb7HwAAAJqRu/8rcUsn+3+D/X/+UN7/r//X/4eL7P+3J/P+f/3/Dv3/wfT/+v8x+n/9/5yfX/+v/2exqfX/ufu/Grd0sv8BAACgB7n7vxa32P8AAADQjNz9X49b7H8AAABoRu7+b8Qtnez/6b7/X/+v/9f/H/v9//r/Hfr/adD/6//H6P/1/3N+fv2//p/Fptb/5+7/ZtzSyf4HAACAHuTu/1bcYv8DAABAM3L3fztusf8BAACgGbn7vxO3dLL/H3xq0P+f93H9v/5f/6//T/r/5dD/6//H6P/1/3N+/nX2/wf9O6n+nzmYWv+fu/+7cUsn+x8AAAB6kLv/e3GL/Q8AAADNyN3//bjF/gcAAIBm5O7/QdzSyf5v+f3/Y99N/79L/6//H/T/+v8V0//r/8fo//X/c35+7/8/Qf9/j0U/Oq2YWv+fu/+HcUsn+x8AAAB6kLv/5rjF/gcAAIBm5O7/Udxi/wMAAEAzcvf/OG7pZP+33P+PmVL/f+vlm+j/d4Mb/b/+f9D/6/9XTP+/rv7/9JG+v/5/769D/6//1/97/z+rtaH+/8xwSP+fu/8ncUsn+x8AAAB6kLv/p3GL/Q8AAADNyN3/s7jF/gcAAIBm5O6/JW5pZ/8/6KaRb9T/L73/3/lD5P3/+v9B/6//1//v0P97//8Y/b/+f87Pr//X/7PY1N7/n7v/53FLO/sfAAAAupe7/xdxi/0PAAAAzcjd/8u4xf4HAACAZuTu/1Xc0sn+1/9v/v3/+v/j9/9n9P8X2/9fMuj/19r/X76l/9f/6//H6P9n3P9vx9X/6//1/4yYWv+fu//XcUsn+x8AAAB6kLv/N3GL/Q8AAADNyN3/27jF/gcAAIBm5O7/XdzSyf5vrf/f1v931f97/7/3/w8T7/+9/1//r/8fp/+fcf/v/f/V/+efO/2//p8LTa3/z93/+7ilk/0PAAAAPcjd/4e4xf4HAACAZuTuvzVusf8BAACgGbn7/xi3dLL/l9X/5/9ym+7/l/j+/50iX/+v/9f/n6P/1/8fh/5f/z9G/6//n/Pze/+//p/Fptb/5+6/LW7pZP8DAABAD3L3/ylusf8BAACgGbn7/xy33O/STT0SAAAAsGS5+2+PWzr5/H9r7/9fYv/v/f9z7v8v1f/r//X/U7HB/n//b/XFuuPm876i/9+l/99L/6//1//r/xk3tf4/d/9f4pZO9j8AAAD0IHf/X+MW+x8AAACakbv/b3GL/Q8AAADNyN3/97ilk/2v/9f/X3z/f6Z+3ZPt/73/X/+v/5+Mdt//f1b/r/8/cf9/zbW7H9b/z/P59f/6fxabWv+fu/8fcUsn+x8AAAB6kLv/jrjF/gcAAIBm5O7/Z9xi/wMAAEAzcvf/K27pZP/r//X/Tb7/X/+v/9f/T0a7/b/3/+v/vf9f/6//1/+zyNT6/9z9/45bOtn/AAAA0IPc/f+JW+x/AAAAaEbu/jvjFvsfAAAAmpG7/79xSyf7X/+v/9f/6//1//r/VdL/6//H6P/1/3N+fv2//p/Fptb/5+7/fwAAAP//53Aasg==")
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8880, 0x85)
lseek(r1, 0x50000000, 0x1)
getdents64(r1, 0x0, 0x4f)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r3 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r3, 0x1, 0x0)
r4 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8)
r5 = syz_open_dev$sg(&(0x7f00000004c0), 0x0, 0x0)
ioctl$SG_GET_VERSION_NUM(r5, 0x2284, &(0x7f0000000080))

3.78650617s ago: executing program 1 (id=2524):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000061000000850000007d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x2c020400)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000480)={r0, 0xe8, 0x0}, 0x10)

3.748995215s ago: executing program 1 (id=2525):
setresgid(0xee01, 0xffffffffffffffff, 0x0)
r0 = syz_open_dev$vim2m(&(0x7f0000000080), 0x7, 0x2)
ioctl$vim2m_VIDIOC_ENUM_FMT(r0, 0xc0405602, &(0x7f0000000000)={0x3, 0x1, 0x2, "d30580c9042b7275077bafe6410c2087850000000000000000000080001500", 0x50565559})
r1 = syz_clone(0xa8200780, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='net/llc/core\x00')
fchdir(r2)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x800000, 0x0)
syz_open_procfs$pagemap(r1, &(0x7f0000000200))

3.701664392s ago: executing program 0 (id=2526):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$EXT4_IOC_SWAP_BOOT(r0, 0x6611)
r1 = syz_open_dev$dri(&(0x7f00000008c0), 0xd20, 0x0)
ioctl$DRM_IOCTL_MODE_ADDFB2(r1, 0xc06864b8, &(0x7f00000000c0)={0x0, 0x9, 0x401, 0x5, 0x2, [], [0x8, 0x65d9, 0x7, 0xe5], [0x101, 0x400, 0x3, 0xfffffffd], [0x4, 0x1, 0xd0, 0x8]})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000040)=@ipv4_newroute={0x38, 0x18, 0x1, 0x0, 0x0, {0x2, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x9}, [@RTA_ENCAP_TYPE={0x6, 0x15, 0x4}, @RTA_ENCAP={0x14, 0x16, 0x0, 0x1, @LWTUNNEL_IP_OPTS={0x10, 0x8, 0x0, 0x1, @LWTUNNEL_IP_OPTS_GENEVE={0xc, 0x1, 0x0, 0x1, @LWTUNNEL_IP_OPT_GENEVE_CLASS={0x6, 0x1, 0x7}}}}]}, 0x38}}, 0x0)

3.562225259s ago: executing program 0 (id=2527):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prlimit64(0x0, 0x7, &(0x7f0000000040)={0x4, 0x5}, 0x0)
poll(&(0x7f0000000080)=[{0xffffffffffffffff, 0x9400}], 0x1, 0x8)
syz_init_net_socket$nfc_llcp(0x27, 0x3, 0x1)

3.56206117s ago: executing program 1 (id=2528):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="1805000000000000000000004b64ffec850000007500000004"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
sendmsg$L2TP_CMD_TUNNEL_CREATE(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)={0x14, 0x0, 0x917}, 0x14}}, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, 0x0, 0x0, 0x0)
r2 = socket(0x2000000000000021, 0x2, 0x10000000000002)
connect$rxrpc(r2, &(0x7f0000000140)=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x8, @multicast2}}, 0x24)
sendmmsg(r2, &(0x7f0000000000)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000001001000001"], 0x18, 0xe000}, 0x5}], 0x1, 0x0)
recvmmsg(r2, &(0x7f0000000d00), 0xf000, 0x10002, 0x0)

2.716317949s ago: executing program 0 (id=2529):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000180)={{}, 0x0, 0x0}, 0x20)
chdir(&(0x7f0000000080)='./file1\x00')
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000300), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000840)=ANY=[@ANYBLOB='fd=', @ANYRESOCT=r0, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0)
ioctl$AUTOFS_IOC_PROTOSUBVER(r1, 0x40049366, &(0x7f0000000180))
r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x14)
ioctl$AUTOFS_IOC_PROTOSUBVER(r2, 0x40049366, 0x0) (fail_nth: 1)

2.325424199s ago: executing program 4 (id=2530):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r0, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffd}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10)
socket$packet(0x11, 0x3, 0x300)
socket$nl_audit(0x10, 0x3, 0x9)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f00000001c0))
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x0, 0x13012, r0, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ff9000/0x1000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)=@newtfilter={0x24, 0x2c, 0xd2f, 0x0, 0xfffffffd, {0x0, 0x0, 0x0, 0x0, {0xa}, {}, {0x2, 0xf}}}, 0x24}, 0x1, 0x0, 0x0, 0x1}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x10, 0x4, &(0x7f00000001c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0xd}, 0x94)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r5 = io_uring_setup(0x1b7f, &(0x7f0000000040)={0x0, 0x970, 0x1f480, 0x0, 0x398})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000280)=@newlink={0x20, 0x10, 0x44b, 0x0, 0x0, {0x7a}}, 0x20}}, 0x0)
io_uring_enter(r5, 0x8ae, 0x6933, 0x17, 0x0, 0xeffd)
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000100)='./file1\x00', 0x18, &(0x7f0000000240)=ANY=[], 0x1, 0x70a, &(0x7f0000000e80)="$eJzs3U9v2/b5APBHjtP65x/QDdtQFEGasmkPCZA5ktw6MHoYNJl22MqiQMpFgh2KonGGoE47NBuweIeul2477CXs0OveRM+777bX0PtO9SDqT2xHltPEtYPg8xFifkU+5Pf50gIfU6GoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACi1l6r1xu16GTdrVvJ0dprRb45Y/l4e98emMzoN6I2+BcLC/HacNZrv3i0+NXBj8txcfjsYiwMJgux+/+v/vS9n8/PjddPrs5I6RQ8eLj76cc7O9tfnG0aZ2Yj7WZlnm22NtIkK/NkdWWlfv3mepmsZ520vF32082kXaStfl4kV9pXk8bq6nKSLt3Ot7oba61OOp5545fNen0leX+pl7aKMu9ef3+pbN/MOp2su1HFDBYPYm4kv/28+CDrJ/20tZkkd+/tbC8fl+QgqPEkQc1D886PXoyTGc16s9loNJuNlXdX371Rr8836wtxYEb9kDiwSlKvz9dGm6sd3vgP8O+nWYkfzdyBZ/Hn2b/Zkzhsw4mYG9X/6EQW3diKW5FMfbRjLYrIY/OI5SPfRvypalxPZ/a7v/6Pq/xrjxZfGPy4vDB6dumo+n9ELqf3eBAPYzc+jY9jJ3ZiO74484xO97ERaXQjizLyyGIzWtWcZDQnidVYiZWox0dxM9ajjCTWI4tOpFHG7SijH2n1impHEWm0oh95FJHElWjH1UiiEauxGsuRRBpLcTvy2IpubMRatKqt3I171X5fnpHjJKjxJEHNGUHjYv7S6HU5/9gfBLPr/41J/f9HVR8evH0KxYnnw7lx42QP4PAM9sb1P/b2vt8bOOuMAAAAgJNWq959r116afJ8PeukvznjrAAAAICTVF2GfHEwqa52fj1qg/P/+lmnBQAAAJygWlwavQuwGG8MW+NPQnkTAAAAAF4Q1f//XxpMFgetN6Lm/B8AAABeNH99dI/93Zh6j92yNxcR8xFR+6p36+3a/dYgrnX/3HC9c4e32F+/UHtltJFqsjI/etZOL9ZGd7+c3ATzu9Hk7nH3+q8VxflnTSBibhTz5p3h9M5kSdXL4nrWSZfaeee9RrRar8z101v9P3x2748Rg97/1t18pRZ37+1sL33y+c6dKpevBlv56v7obu61H5DL7+P1YczrL8djI96N2vm9n3TS+qjfxWG/9f3jH41lPKT/29fn91P6XNif1+XF4XTx4PgXBuNvLB01+sXay6P1n2nkX4+D37ry1nAyJYvmjCyqfdHcv/8P7YsnyiLeOj6L5eOyWH7GLADOyt1JFTpYd89P6v9jdfcpjnKnU92/jivDmCsXqgPr/IUpR/T61CP63rlDNfbpq9s/4+ow5uo4+KgaOxjz3yf9Nqp+vxms8M2R/Zadf41a938X1+ceno97Vez2Z83m8kr9nXr93Wacr4Yxmgwy/a/aA8BBl6vr/2d9x870iHMRL41r9zvx5jDi0Vn1oCZNKt7PJpcULMUn8XnsxJ24Vn3aoLriYGq/i/suQ7gWl0fJTj9rXdz3DS/XjjmrG8aO/3Z5ktjh18sAwIvk8jF1eFL/J28fjyKqEjqs/9f2nXcvTDnvPljLZ58d76/lAMCPIy2+qy32/1Iriqz3UWN1tdHq30yTIm9/kBTZ2kaaZN1+WrRvtrobadIr8n7ezjuDxofZWlom5Vavlxf9ZD0vkl5eZrd+FVknTUZf/V6mm61uP2uXvU7aKtOknXf7rXY/WcvKdtLb+nUnK7/c29sbrFz20na2nrVb/SzvJmW+VbTTpSQp03QUeDMtkmwt7faz9WzQ7Ca9Ins5itvJh3lnazNN1tKyXWS9fl5U2Yz7yrrrebFZbXbprHc2ADwnHjzc/fTjnZ3tL6Y3FuLIRVXjP7NXHzbOeowAwEGzqvRjV58BAAAAAAAAAAAAAABn4pjP/z19o3ZozlxE/Fh9vXCNvS9Ppa/xBzz8dh5vfLNvTvIc5HPqjTM+MAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAFP8LAAD//08VT7s=")

922.93437ms ago: executing program 0 (id=2531):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x102}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, 0x0, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x6)
add_key$keyring(&(0x7f0000000140), &(0x7f0000000180)={'syz', 0x3}, 0x0, 0x0, 0x0)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, &(0x7f0000000040)=0x9, 0x4)
syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00')
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$TIOCSETD(r4, 0x5423, &(0x7f00000003c0)=0x2)
ioctl$TIOCVHANGUP(r4, 0x5437, 0x2)

922.28091ms ago: executing program 1 (id=2532):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x18)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x80000, 0x47)
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000040)='fdinfo/3\x00')
read$FUSE(r4, 0x0, 0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
r5 = socket$inet6_sctp(0xa, 0x1, 0x84)
dup(r5)
r6 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_CONTEXT(r6, 0x84, 0x11, &(0x7f0000000180)={0x0, 0x7ff}, &(0x7f00000002c0)=0x8)
r7 = openat$cgroup_ro(0xffffffffffffffff, &(0x7f00000000c0)='cgroup.controllers\x00', 0x0, 0x0)
r8 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x2, 0x300)
prlimit64(0x0, 0x0, &(0x7f0000000180)={0x401, 0x8000000000000001}, 0x0)
add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
io_setup(0x10001, &(0x7f00000001c0)=<r9=>0x0)
io_cancel(r9, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x6, 0x4, r7, &(0x7f00000102c0)="d4125880e7b57aabd1df2c2b615dd71adc9853a6599e962428be4ba25646608e369ee65ec358bb65486826c24b9c7a856d9850c35c63a052449a84f2fc4525d58cbf8e97a461a636a668538f7ae2629a18ac6b7c7ae8159a6ff38ace3f1a3ca7feed7d023eaa986efb9b2aa0202e30d27f704d4c75111e93c47f3b5119398309ffceda9deb562cc948e97a07812eb429de26044794371747529a18c3fb230f0ed2b1bf54980956f0b0991a6c1d374b63158700a97a4c37c71d23a5f2060e23aa8e3fa3ce29ff56ea9a55cb03da0d00006472c3c79d5339722bdea2106ce8a218469d8c53bb66bbed15ee02c334d0371b3b79925d747ee394a702872b7791809836ddd67ee77446487929ab7ad5b6cc59c4927412349a3bb6c313aaed4e76910ff404b078c1ef2e24d2d0822deb917fce5bb717fd95e9f64db80af105d0efc5cd6f323d2164ed6ba668bddf8c944963222b3e07b530fb09b1e3db55f0bff49a684c6a769a3c6669b428d439c1a4c12d882995a9de41e604cc4c8cafd74954671c9e9664ea50f6dcbe8f9d3e847a2652cb35cce43a4d92465193d7995637ff612aebdd18dc777f0c4d27d322e932091c803f09f85d1e750f7f17890cc8d68e91526cd9c53cbc42f60440ad3a04dbab98138f20de6a306a6c752e2872516d0d88a4609dda98a57df08176874fbce49bafd1970ca2871e4f7f345803", 0x1fa, 0x7, 0x0, 0x2, r7}, &(0x7f0000000240))
keyctl$dh_compute(0x17, 0x0, 0x0, 0x0, &(0x7f0000000280)={&(0x7f00000000c0)={'sha384\x00'}})
r10 = socket$inet6(0xa, 0x2, 0x0)
sendmmsg$inet(r10, &(0x7f0000000500)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @loopback}, 0x10, 0x0, 0x40, &(0x7f0000000000)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @empty, @remote}}}], 0x20}}, {{&(0x7f00000000c0)={0x2, 0x4e20, @multicast2}, 0x10, 0x0, 0x0, &(0x7f00000004c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x19}, @dev={0xac, 0x14, 0x14, 0x24}}}}], 0x20}}], 0x2, 0x4000084)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r7, 0xc018937d, &(0x7f0000000140)={{0x1, 0x1, 0x18, r8, {0x8}}, './file0\x00'})

762.254352ms ago: executing program 4 (id=2533):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="180200000000000000000000000000008500000061000000850000007d00000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
unshare(0x2c020400)
bpf$BPF_GET_PROG_INFO(0xf, 0x0, 0x0)

691.798001ms ago: executing program 3 (id=2534):
gettid()
timer_create(0x1, 0x0, 0x0)
ioctl$vim2m_VIDIOC_REQBUFS(0xffffffffffffffff, 0xc0145608, &(0x7f0000000040)={0x401, 0x2, 0x1, 0x0, 0x1})
io_uring_enter(0xffffffffffffffff, 0x7f78, 0x204ef8, 0x5a, 0x0, 0x0)
socket$tipc(0x1e, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141182)
socket$inet6(0xa, 0x3, 0x3a)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f00000005c0)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r1}, 0x18)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x100000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x7, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000005}, 0x0, 0x0) (fail_nth: 4)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'bridge0\x00'})

0s ago: executing program 1 (id=2535):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x15, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7030000080000002d01000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x2, 0x2, 0x4}, 0x50)

kernel console output (not intermixed with test programs):

msg+0x80/0xa0
[  925.186149][T12874]  ? netlink_getsockopt+0x580/0x580
[  925.191350][T12874]  ____sys_sendmsg+0x5bf/0x950
[  925.196120][T12874]  ? __asan_memset+0x22/0x40
[  925.200713][T12874]  ? __sys_sendmsg_sock+0x30/0x30
[  925.205731][T12874]  ? __import_iovec+0x5f2/0x860
[  925.210596][T12874]  ? import_iovec+0x73/0xa0
[  925.215112][T12874]  ___sys_sendmsg+0x220/0x290
[  925.219796][T12874]  ? __sys_sendmsg+0x270/0x270
[  925.224602][T12874]  ? __lock_acquire+0x7c80/0x7c80
[  925.229648][T12874]  __se_sys_sendmsg+0x1a5/0x270
[  925.234504][T12874]  ? __x64_sys_sendmsg+0x80/0x80
[  925.239450][T12874]  ? lockdep_hardirqs_on+0x98/0x150
[  925.244655][T12874]  do_syscall_64+0x55/0xb0
[  925.249067][T12874]  ? clear_bhb_loop+0x40/0x90
[  925.253748][T12874]  ? clear_bhb_loop+0x40/0x90
[  925.258511][T12874]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  925.264668][T12874] RIP: 0033:0x7f6247f8f749
[  925.269082][T12874] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  925.288691][T12874] RSP: 002b:00007f6248e6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  925.297105][T12874] RAX: ffffffffffffffda RBX: 00007f62481e5fa0 RCX: 00007f6247f8f749
[  925.305077][T12874] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  925.313049][T12874] RBP: 00007f6248e6f090 R08: 0000000000000000 R09: 0000000000000000
[  925.321134][T12874] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  925.329102][T12874] R13: 00007f62481e6038 R14: 00007f62481e5fa0 R15: 00007fff3b86ee08
[  925.337088][T12874]  </TASK>
[  925.412037][ T5846] usb 1-1: USB disconnect, device number 24
[  925.843233][T12883] FAULT_INJECTION: forcing a failure.
[  925.843233][T12883] name failslab, interval 1, probability 0, space 0, times 0
[  925.855952][T12883] CPU: 0 PID: 12883 Comm: syz.0.2060 Not tainted syzkaller #0
[  925.863426][T12883] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  925.873498][T12883] Call Trace:
[  925.876794][T12883]  <TASK>
[  925.879746][T12883]  dump_stack_lvl+0x16c/0x230
[  925.884444][T12883]  ? show_regs_print_info+0x20/0x20
[  925.889652][T12883]  ? load_image+0x3b0/0x3b0
[  925.894183][T12883]  ? __might_sleep+0xe0/0xe0
[  925.898787][T12883]  ? __lock_acquire+0x7c80/0x7c80
[  925.903917][T12883]  should_fail_ex+0x39d/0x4d0
[  925.908618][T12883]  should_failslab+0x9/0x20
[  925.913138][T12883]  slab_pre_alloc_hook+0x59/0x310
[  925.918180][T12883]  ? __lock_acquire+0x7c80/0x7c80
[  925.923242][T12883]  kmem_cache_alloc+0x5a/0x2e0
[  925.928030][T12883]  ? security_file_alloc+0x34/0x120
[  925.933253][T12883]  security_file_alloc+0x34/0x120
[  925.938299][T12883]  init_file+0x94/0x1f0
[  925.942484][T12883]  alloc_empty_file+0xb7/0x1d0
[  925.947271][T12883]  path_openat+0x100/0x3190
[  925.951813][T12883]  ? kasan_set_track+0x4e/0x70
[  925.956691][T12883]  ? __kasan_slab_free_mempool+0xf1/0x120
[  925.962436][T12883]  ? __x64_sys_openat+0x139/0x160
[  925.967478][T12883]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  925.973568][T12883]  ? verify_lock_unused+0x140/0x140
[  925.978786][T12883]  ? do_filp_open+0x3d0/0x3d0
[  925.983484][T12883]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  925.989504][T12883]  do_filp_open+0x1c5/0x3d0
[  925.994035][T12883]  ? vfs_tmpfile+0x490/0x490
[  925.998664][T12883]  ? _raw_spin_unlock+0x28/0x40
[  926.003532][T12883]  ? alloc_fd+0x58f/0x630
[  926.007895][T12883]  do_sys_openat2+0x12c/0x1c0
[  926.012598][T12883]  ? do_sys_open+0xe0/0xe0
[  926.017033][T12883]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  926.023032][T12883]  ? lockdep_hardirqs_on+0x98/0x150
[  926.028253][T12883]  ? lock_chain_count+0x20/0x20
[  926.033137][T12883]  __x64_sys_openat+0x139/0x160
[  926.038010][T12883]  do_syscall_64+0x55/0xb0
[  926.042439][T12883]  ? clear_bhb_loop+0x40/0x90
[  926.047132][T12883]  ? clear_bhb_loop+0x40/0x90
[  926.051825][T12883]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  926.057730][T12883] RIP: 0033:0x7f81f858f749
[  926.062155][T12883] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  926.081779][T12883] RSP: 002b:00007f81f9342038 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[  926.090230][T12883] RAX: ffffffffffffffda RBX: 00007f81f87e6180 RCX: 00007f81f858f749
[  926.098222][T12883] RDX: 0040000000040301 RSI: 0000200000000140 RDI: ffffffffffffff9c
[  926.106214][T12883] RBP: 00007f81f9342090 R08: 0000000000000000 R09: 0000000000000000
[  926.114207][T12883] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  926.122192][T12883] R13: 00007f81f87e6218 R14: 00007f81f87e6180 R15: 00007ffcb879b7a8
[  926.130197][T12883]  </TASK>
[  926.329237][T12886] loop3: detected capacity change from 0 to 128
[  926.366823][T12886] VFS: Found a Xenix FS (block size = 512) on device loop3
[  926.412122][T12886] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[  926.488804][T12890] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2062'.
[  926.518405][T12885] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  926.549913][T12886] sysv_count_free_inodes: unable to read inode table
[  926.581781][T12892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2063'.
[  926.643996][T12592] sysv_free_block: trying to free block not in datazone
[  926.664964][T12592] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  927.694941][T12904] netlink: 'syz.3.2067': attribute type 11 has an invalid length.
[  927.796963][T12904] loop3: detected capacity change from 0 to 2048
[  927.865979][T12904] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  929.212106][   T28] audit: type=1326 audit(2000000038.550:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12919 comm="syz.4.2071" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde6fd8f749 code=0x0
[  929.267926][T11478] usb 2-1: new high-speed USB device number 32 using dummy_hcd
[  929.433729][T12920] loop3: detected capacity change from 0 to 40427
[  929.445877][T12920] F2FS-fs (loop3): invalid crc value
[  929.462029][T12920] F2FS-fs (loop3): Found nat_bits in checkpoint
[  929.470446][T11478] usb 2-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  929.494184][T11478] usb 2-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  929.510136][T11478] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  929.520655][T11478] usb 2-1: Product: syz
[  929.524872][T11478] usb 2-1: Manufacturer: syz
[  929.533982][T11478] usb 2-1: SerialNumber: syz
[  929.534561][T12920] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  929.550133][T11478] usb 2-1: config 0 descriptor??
[  929.623490][T12592] syz-executor: attempt to access beyond end of device
[  929.623490][T12592] loop3: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  929.641819][T12592] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  929.651780][T12592] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  929.854077][T12932] loop0: detected capacity change from 0 to 1024
[  929.869172][T12932] ext4: Unknown parameter 'appraise_type'
[  929.878973][T12934] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2069'.
[  930.001019][T12936] loop0: detected capacity change from 0 to 256
[  930.035408][T12936] FAT-fs (loop0): Unrecognized mount option "uni_xlate}0" or missing value
[  930.249845][T12940] loop4: detected capacity change from 0 to 4096
[  930.274304][T12940] ntfs3: loop4: Different NTFS sector size (4096) and media sector size (512).
[  930.367248][T12940] ntfs3: loop4: failed to convert "c46c" to iso8859-14
[  930.714759][T11478] hid-generic 0000:0000:0000.0006: unknown main item tag 0x0
[  930.736648][T12946] loop4: detected capacity change from 0 to 1024
[  931.901686][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  931.950478][T11478] hid-generic 0000:0000:0000.0006: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  931.977360][T12936] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  932.101833][T12951] netdevsim netdevsim4 netdevsim0: entered promiscuous mode
[  932.178787][    T9] usb 2-1: USB disconnect, device number 32
[  932.216608][T12950] fido_id[12950]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  932.307128][   T12] hfsplus: b-tree write err: -5, ino 4
[  933.096420][T12963] mmap: syz.3.2080 (12963) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  933.901444][T12973] FAULT_INJECTION: forcing a failure.
[  933.901444][T12973] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  933.950824][T12973] CPU: 0 PID: 12973 Comm: syz.4.2084 Not tainted syzkaller #0
[  933.958350][T12973] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  933.968426][T12973] Call Trace:
[  933.971735][T12973]  <TASK>
[  933.974682][T12973]  dump_stack_lvl+0x16c/0x230
[  933.979392][T12973]  ? show_regs_print_info+0x20/0x20
[  933.984610][T12973]  ? load_image+0x3b0/0x3b0
[  933.989138][T12973]  ? __lock_acquire+0x7c80/0x7c80
[  933.994184][T12973]  ? snprintf+0xdb/0x120
[  933.998460][T12973]  should_fail_ex+0x39d/0x4d0
[  934.003167][T12973]  _copy_to_user+0x2f/0xa0
[  934.007600][T12973]  simple_read_from_buffer+0xe7/0x150
[  934.012998][T12973]  proc_fail_nth_read+0x1e3/0x250
[  934.018047][T12973]  ? proc_fault_inject_write+0x340/0x340
[  934.023709][T12973]  ? fsnotify_perm+0x271/0x5e0
[  934.028493][T12973]  ? proc_fault_inject_write+0x340/0x340
[  934.034144][T12973]  vfs_read+0x27e/0x920
[  934.038326][T12973]  ? kernel_read+0x1e0/0x1e0
[  934.042939][T12973]  ? __fget_files+0x28/0x4d0
[  934.047547][T12973]  ? __fget_files+0x44a/0x4d0
[  934.052245][T12973]  ? __fdget_pos+0x2a3/0x330
[  934.056840][T12973]  ? ksys_read+0x75/0x250
[  934.061172][T12973]  ksys_read+0x147/0x250
[  934.065415][T12973]  ? vfs_write+0x940/0x940
[  934.069833][T12973]  ? lockdep_hardirqs_on+0x98/0x150
[  934.075031][T12973]  do_syscall_64+0x55/0xb0
[  934.079443][T12973]  ? clear_bhb_loop+0x40/0x90
[  934.084117][T12973]  ? clear_bhb_loop+0x40/0x90
[  934.088800][T12973]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  934.094756][T12973] RIP: 0033:0x7fde6fd8e15c
[  934.099177][T12973] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  934.118973][T12973] RSP: 002b:00007fde70c89030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  934.127385][T12973] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8e15c
[  934.135452][T12973] RDX: 000000000000000f RSI: 00007fde70c890a0 RDI: 0000000000000005
[  934.143426][T12973] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[  934.151392][T12973] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  934.159358][T12973] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[  934.167352][T12973]  </TASK>
[  936.134992][T12979] comedi comedi3: 8255: I/O port conflict (0x5,4)
[  936.142027][T12979] comedi comedi3: 8255: I/O port conflict (0x3,4)
[  936.148538][T12979] comedi comedi3: 8255: I/O port conflict (0x4,4)
[  936.154966][T12979] comedi comedi3: 8255: I/O port conflict (0x1,4)
[  936.161469][T12979] comedi comedi3: 8255: I/O port conflict (0xb,4)
[  936.521336][ T5846] usb 1-1: new high-speed USB device number 25 using dummy_hcd
[  936.586235][T12989] loop4: detected capacity change from 0 to 256
[  936.640312][T11658] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  936.662960][T12989] loop4: detected capacity change from 0 to 512
[  936.671286][T11658] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 2
[  936.690353][T11658] Buffer I/O error on dev loop4, logical block 0, async page read
[  936.725630][ T5846] usb 1-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  936.758117][ T5846] usb 1-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  936.782025][ T5846] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  936.811280][ T5846] usb 1-1: Product: syz
[  936.815502][ T5846] usb 1-1: Manufacturer: syz
[  936.853599][ T5846] usb 1-1: SerialNumber: syz
[  936.879367][ T5846] usb 1-1: config 0 descriptor??
[  937.675691][T13007] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2088'.
[  940.117908][    T9] usb 1-1: USB disconnect, device number 25
[  940.357401][T13021] loop3: detected capacity change from 0 to 8192
[  940.429078][T13029] loop0: detected capacity change from 0 to 512
[  940.479180][T13029] EXT4-fs error (device loop0): ext4_iget_extra_inode:4732: inode #15: comm syz.0.2102: corrupted in-inode xattr: invalid ea_ino
[  940.798484][T13034] binder_alloc: 13032: binder_alloc_buf, no vma
[  941.888066][T13029] EXT4-fs error (device loop0): ext4_orphan_get:1403: comm syz.0.2102: couldn't read orphan inode 15 (err -117)
[  941.942467][T13029] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  942.838685][ T5766] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  944.295378][T13045] loop3: detected capacity change from 0 to 40427
[  944.333340][T13045] F2FS-fs (loop3): Invalid Fs Meta Ino: node(3) meta(0) root(3)
[  944.382597][T13045] F2FS-fs (loop3): Can't find valid F2FS filesystem in 2th superblock
[  944.425578][T13045] F2FS-fs (loop3): Unrecognized mount option "nofiscard" or missing value
[  945.731960][T13075] loop4: detected capacity change from 0 to 1024
[  945.824840][T13075] hfsplus: bad catalog entry type
[  945.868402][T13075] netlink: 'syz.4.2114': attribute type 10 has an invalid length.
[  946.012845][T13075] team0: Port device wlan1 added
[  946.063281][T13081] loop3: detected capacity change from 0 to 128
[  946.102840][T13081] VFS: Found a Xenix FS (block size = 512) on device loop3
[  946.126907][T13081] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[  946.182779][T13081] sysv_count_free_inodes: unable to read inode table
[  946.530079][T13085] binder_alloc: 13083: binder_alloc_buf, no vma
[  947.540068][T13088] FAULT_INJECTION: forcing a failure.
[  947.540068][T13088] name failslab, interval 1, probability 0, space 0, times 0
[  947.552841][T13088] CPU: 1 PID: 13088 Comm: syz.4.2118 Not tainted syzkaller #0
[  947.560329][T13088] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  947.570411][T13088] Call Trace:
[  947.573708][T13088]  <TASK>
[  947.576648][T13088]  dump_stack_lvl+0x16c/0x230
[  947.581381][T13088]  ? show_regs_print_info+0x20/0x20
[  947.586602][T13088]  ? load_image+0x3b0/0x3b0
[  947.591132][T13088]  ? __lock_acquire+0x7c80/0x7c80
[  947.596181][T13088]  should_fail_ex+0x39d/0x4d0
[  947.600909][T13088]  should_failslab+0x9/0x20
[  947.605442][T13088]  slab_pre_alloc_hook+0x59/0x310
[  947.610590][T13088]  ? sk_prot_alloc+0xe7/0x210
[  947.615292][T13088]  ? sk_prot_alloc+0xe7/0x210
[  947.619992][T13088]  __kmem_cache_alloc_node+0x53/0x260
[  947.625394][T13088]  ? sk_prot_alloc+0xe7/0x210
[  947.630100][T13088]  __kmalloc+0xa4/0x240
[  947.634284][T13088]  sk_prot_alloc+0xe7/0x210
[  947.638819][T13088]  ? sk_alloc+0x24/0x360
[  947.643090][T13088]  sk_alloc+0x3a/0x360
[  947.647178][T13088]  ? bpf_ctx_init+0x163/0x1a0
[  947.651869][T13088]  ? bpf_prog_test_run_skb+0x268/0x11c0
[  947.657430][T13088]  bpf_prog_test_run_skb+0x39a/0x11c0
[  947.662824][T13088]  ? __fget_files+0x28/0x4d0
[  947.667427][T13088]  ? cpu_online+0x60/0x60
[  947.671757][T13088]  bpf_prog_test_run+0x321/0x390
[  947.676715][T13088]  __sys_bpf+0x440/0x800
[  947.680969][T13088]  ? bpf_link_show_fdinfo+0x350/0x350
[  947.686358][T13088]  ? lock_chain_count+0x20/0x20
[  947.691219][T13088]  __x64_sys_bpf+0x7c/0x90
[  947.695630][T13088]  do_syscall_64+0x55/0xb0
[  947.700049][T13088]  ? clear_bhb_loop+0x40/0x90
[  947.704726][T13088]  ? clear_bhb_loop+0x40/0x90
[  947.709399][T13088]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  947.715291][T13088] RIP: 0033:0x7fde6fd8f749
[  947.719719][T13088] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  947.739326][T13088] RSP: 002b:00007fde70c89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  947.747738][T13088] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8f749
[  947.755713][T13088] RDX: 000000000000004c RSI: 0000200000000240 RDI: 000000000000000a
[  947.763688][T13088] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[  947.771660][T13088] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  947.779631][T13088] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[  947.787616][T13088]  </TASK>
[  947.803784][T12592] sysv_free_block: trying to free block not in datazone
[  947.829115][T12592] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  950.034696][T13105] FAULT_INJECTION: forcing a failure.
[  950.034696][T13105] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  950.058260][T13105] CPU: 0 PID: 13105 Comm: syz.4.2124 Not tainted syzkaller #0
[  950.065869][T13105] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  950.075951][T13105] Call Trace:
[  950.079282][T13105]  <TASK>
[  950.082227][T13105]  dump_stack_lvl+0x16c/0x230
[  950.086951][T13105]  ? show_regs_print_info+0x20/0x20
[  950.092246][T13105]  ? load_image+0x3b0/0x3b0
[  950.096764][T13105]  ? __might_fault+0xaa/0x120
[  950.101451][T13105]  ? __lock_acquire+0x7c80/0x7c80
[  950.106483][T13105]  should_fail_ex+0x39d/0x4d0
[  950.111265][T13105]  _copy_from_iter+0x1d3/0x1290
[  950.116116][T13105]  ? slab_post_alloc_hook+0x8a/0x4d0
[  950.121405][T13105]  ? __virt_addr_valid+0x18c/0x540
[  950.126519][T13105]  ? __lock_acquire+0x7c80/0x7c80
[  950.131544][T13105]  ? rcu_is_watching+0x15/0xb0
[  950.136309][T13105]  ? copyout_mc+0x70/0x70
[  950.140644][T13105]  ? __virt_addr_valid+0x18c/0x540
[  950.145769][T13105]  ? __virt_addr_valid+0x18c/0x540
[  950.150885][T13105]  ? __virt_addr_valid+0x469/0x540
[  950.156000][T13105]  ? __check_object_size+0x506/0xa30
[  950.161291][T13105]  netlink_sendmsg+0x75c/0xbe0
[  950.166066][T13105]  ? netlink_getsockopt+0x580/0x580
[  950.171272][T13105]  ? aa_sock_msg_perm+0x94/0x150
[  950.176214][T13105]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  950.181599][T13105]  ? security_socket_sendmsg+0x80/0xa0
[  950.187058][T13105]  ? netlink_getsockopt+0x580/0x580
[  950.192254][T13105]  ____sys_sendmsg+0x5bf/0x950
[  950.197030][T13105]  ? __asan_memset+0x22/0x40
[  950.201625][T13105]  ? __sys_sendmsg_sock+0x30/0x30
[  950.206724][T13105]  ? __import_iovec+0x5f2/0x860
[  950.211594][T13105]  ? import_iovec+0x73/0xa0
[  950.216106][T13105]  ___sys_sendmsg+0x220/0x290
[  950.220792][T13105]  ? __sys_sendmsg+0x270/0x270
[  950.225651][T13105]  ? __lock_acquire+0x7c80/0x7c80
[  950.230689][T13105]  __se_sys_sendmsg+0x1a5/0x270
[  950.235545][T13105]  ? __x64_sys_sendmsg+0x80/0x80
[  950.240506][T13105]  ? lockdep_hardirqs_on+0x98/0x150
[  950.245727][T13105]  do_syscall_64+0x55/0xb0
[  950.250170][T13105]  ? clear_bhb_loop+0x40/0x90
[  950.254876][T13105]  ? clear_bhb_loop+0x40/0x90
[  950.259561][T13105]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  950.265460][T13105] RIP: 0033:0x7fde6fd8f749
[  950.269874][T13105] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  950.289735][T13105] RSP: 002b:00007fde70c89038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  950.298168][T13105] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8f749
[  950.306144][T13105] RDX: 0000000020040000 RSI: 0000200000000100 RDI: 0000000000000003
[  950.314121][T13105] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[  950.322094][T13105] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  950.330070][T13105] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[  950.338086][T13105]  </TASK>
[  950.686459][   T28] audit: type=1326 audit(2000000060.020:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13109 comm="syz.4.2127" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde6fd8f749 code=0x0
[  951.031990][T13104] loop0: detected capacity change from 0 to 40427
[  951.055922][T13104] F2FS-fs (loop0): Invalid log_blocksize (268), supports only 12
[  951.084119][T13104] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[  951.107096][T13104] F2FS-fs (loop0): invalid crc value
[  951.127767][T13104] F2FS-fs (loop0): Found nat_bits in checkpoint
[  951.152624][T13120] loop1: detected capacity change from 0 to 128
[  951.174046][T13120] VFS: Found a Xenix FS (block size = 512) on device loop1
[  951.202194][T13120] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[  951.261854][T13120] sysv_count_free_inodes: unable to read inode table
[  951.355830][T13104] F2FS-fs (loop0): Try to recover 1th superblock, ret: 0
[  951.356707][ T5762] sysv_free_block: trying to free block not in datazone
[  951.380919][T13104] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  952.715701][ T5762] sysv_free_inode: inode 0,1,2 or nonexistent inode
[  954.126395][T13139] loop4: detected capacity change from 0 to 512
[  954.151124][T13139] EXT4-fs (loop4): external journal device major/minor numbers have changed
[  954.222318][T13139] block device autoloading is deprecated and will be removed.
[  954.259744][T13139] syz.4.2135: attempt to access beyond end of device
[  954.259744][T13139] md185: rw=0, sector=2, nr_sectors = 2 limit=0
[  954.297998][T13139] EXT4-fs (loop4): couldn't read superblock of external journal
[  955.884940][T13152] FAULT_INJECTION: forcing a failure.
[  955.884940][T13152] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  955.902646][T13152] CPU: 1 PID: 13152 Comm: syz.0.2134 Not tainted syzkaller #0
[  955.910152][T13152] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  955.920232][T13152] Call Trace:
[  955.923540][T13152]  <TASK>
[  955.926499][T13152]  dump_stack_lvl+0x16c/0x230
[  955.931210][T13152]  ? show_regs_print_info+0x20/0x20
[  955.936533][T13152]  ? load_image+0x3b0/0x3b0
[  955.941067][T13152]  ? __might_fault+0xaa/0x120
[  955.945774][T13152]  ? __lock_acquire+0x7c80/0x7c80
[  955.950841][T13152]  should_fail_ex+0x39d/0x4d0
[  955.955552][T13152]  _copy_from_iter+0x1d3/0x1290
[  955.960444][T13152]  ? copyout_mc+0x70/0x70
[  955.964803][T13152]  ? verify_lock_unused+0x140/0x140
[  955.970023][T13152]  ? aa_label_sk_perm+0x3ec/0x500
[  955.975077][T13152]  ? __check_object_size+0x8d/0xa30
[  955.980302][T13152]  ? release_sock+0x2f/0x1c0
[  955.984923][T13152]  ping_common_sendmsg+0xbc/0x2a0
[  955.989978][T13152]  ping_v6_sendmsg+0x1c6/0x10a0
[  955.994866][T13152]  ? ping_v6_pre_connect+0x30/0x30
[  956.000006][T13152]  ? inet_sendmsg+0x14b/0x2f0
[  956.004707][T13152]  ? __local_bh_enable_ip+0x12e/0x1c0
[  956.010094][T13152]  ? lockdep_hardirqs_on+0x98/0x150
[  956.015322][T13152]  ? _local_bh_enable+0xa0/0xa0
[  956.020190][T13152]  ? do_raw_spin_unlock+0x121/0x230
[  956.025416][T13152]  ? inet_sendmsg+0x14b/0x2f0
[  956.030116][T13152]  ? inet_sendmsg+0x14b/0x2f0
[  956.034816][T13152]  ? inet_send_prepare+0x260/0x260
[  956.039949][T13152]  ____sys_sendmsg+0x5bf/0x950
[  956.044740][T13152]  ? __asan_memset+0x22/0x40
[  956.049351][T13152]  ? __sys_sendmsg_sock+0x30/0x30
[  956.054400][T13152]  ? __import_iovec+0x5f2/0x860
[  956.059280][T13152]  ? import_iovec+0x73/0xa0
[  956.063815][T13152]  ___sys_sendmsg+0x220/0x290
[  956.068516][T13152]  ? __sys_sendmsg+0x270/0x270
[  956.073319][T13152]  ? __lock_acquire+0x7c80/0x7c80
[  956.078392][T13152]  __se_sys_sendmsg+0x1a5/0x270
[  956.083274][T13152]  ? __x64_sys_sendmsg+0x80/0x80
[  956.088252][T13152]  ? lockdep_hardirqs_on+0x98/0x150
[  956.093475][T13152]  do_syscall_64+0x55/0xb0
[  956.097906][T13152]  ? clear_bhb_loop+0x40/0x90
[  956.102597][T13152]  ? clear_bhb_loop+0x40/0x90
[  956.107296][T13152]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  956.113210][T13152] RIP: 0033:0x7f81f858f749
[  956.117639][T13152] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  956.137269][T13152] RSP: 002b:00007f81f9384038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  956.145705][T13152] RAX: ffffffffffffffda RBX: 00007f81f87e5fa0 RCX: 00007f81f858f749
[  956.153695][T13152] RDX: 0000000000008050 RSI: 0000200000003100 RDI: 0000000000000003
[  956.161718][T13152] RBP: 00007f81f9384090 R08: 0000000000000000 R09: 0000000000000000
[  956.169709][T13152] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.177697][T13152] R13: 00007f81f87e6038 R14: 00007f81f87e5fa0 R15: 00007ffcb879b7a8
[  956.185702][T13152]  </TASK>
[  956.348045][ T5799] usb 5-1: new full-speed USB device number 22 using dummy_hcd
[  956.622432][ T5799] usb 5-1: config 8 has an invalid interface number: 8 but max is 1
[  956.707471][ T5799] usb 5-1: config 8 has an invalid interface number: 8 but max is 1
[  956.846128][ T5799] usb 5-1: config 8 has 1 interface, different from the descriptor's value: 2
[  956.990483][ T5799] usb 5-1: config 8 has no interface number 0
[  957.074007][ T5799] usb 5-1: config 8 interface 8 has no altsetting 1
[  957.122014][T13171] IPv6: NLM_F_CREATE should be specified when creating new route
[  957.231190][T13173] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2137'.
[  957.360345][ T5799] usb 5-1: string descriptor 0 read error: -71
[  957.398069][ T5799] usb 5-1: New USB device found, idVendor=1199, idProduct=68a2, bcdDevice=33.93
[  957.407169][ T5799] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  957.462751][ T5799] usb 5-1: can't set config #8, error -71
[  957.485035][ T5799] usb 5-1: USB disconnect, device number 22
[  957.512127][T13177] binder: 13176:13177 ioctl c0306201 0 returned -14
[  957.517918][   T28] audit: type=1326 audit(2000000066.850:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13178 comm="syz.1.2142" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdc74d8f749 code=0x0
[  961.912490][T13207] FAULT_INJECTION: forcing a failure.
[  961.912490][T13207] name failslab, interval 1, probability 0, space 0, times 0
[  962.012651][T13207] CPU: 0 PID: 13207 Comm: syz.0.2150 Not tainted syzkaller #0
[  962.020175][T13207] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  962.030272][T13207] Call Trace:
[  962.033589][T13207]  <TASK>
[  962.036539][T13207]  dump_stack_lvl+0x16c/0x230
[  962.041239][T13207]  ? show_regs_print_info+0x20/0x20
[  962.046466][T13207]  ? load_image+0x3b0/0x3b0
[  962.050998][T13207]  ? __might_sleep+0xe0/0xe0
[  962.055604][T13207]  ? __lock_acquire+0x7c80/0x7c80
[  962.060739][T13207]  should_fail_ex+0x39d/0x4d0
[  962.065453][T13207]  should_failslab+0x9/0x20
[  962.069985][T13207]  slab_pre_alloc_hook+0x59/0x310
[  962.075044][T13207]  ? stack_trace_save+0xe0/0xe0
[  962.079914][T13207]  ? kvmalloc_node+0x70/0x180
[  962.084618][T13207]  ? kvmalloc_node+0x70/0x180
[  962.089315][T13207]  __kmem_cache_alloc_node+0x53/0x260
[  962.094722][T13207]  ? kvmalloc_node+0x70/0x180
[  962.099435][T13207]  __kmalloc_node+0xa4/0x230
[  962.104064][T13207]  kvmalloc_node+0x70/0x180
[  962.108598][T13207]  bpf_test_run_xdp_live+0x180/0x1a40
[  962.114000][T13207]  ? verify_lock_unused+0x140/0x140
[  962.119234][T13207]  ? kasan_set_track+0x5f/0x70
[  962.124024][T13207]  ? kasan_set_track+0x4e/0x70
[  962.128812][T13207]  ? __kasan_kmalloc+0x8f/0xa0
[  962.133591][T13207]  ? __kmalloc+0xb4/0x240
[  962.137943][T13207]  ? bpf_prog_test_run_xdp+0x382/0xfa0
[  962.143416][T13207]  ? bpf_prog_test_run+0x321/0x390
[  962.148540][T13207]  ? __sys_bpf+0x440/0x800
[  962.152976][T13207]  ? __x64_sys_bpf+0x7c/0x90
[  962.157666][T13207]  ? do_syscall_64+0x55/0xb0
[  962.162280][T13207]  ? xdp_convert_md_to_buff+0x330/0x330
[  962.167861][T13207]  ? __lock_acquire+0x7c80/0x7c80
[  962.172934][T13207]  ? __virt_addr_valid+0x18c/0x540
[  962.178067][T13207]  ? trace_raw_output_bpf_test_finish+0xd0/0xd0
[  962.184322][T13207]  ? _copy_from_user+0xa5/0xe0
[  962.189077][T13207]  ? bpf_test_init+0x134/0x150
[  962.193860][T13207]  ? xdp_convert_md_to_buff+0x5b/0x330
[  962.199308][T13207]  bpf_prog_test_run_xdp+0x76c/0xfa0
[  962.204591][T13207]  ? dev_put+0x80/0x80
[  962.208691][T13207]  ? dev_put+0x80/0x80
[  962.212758][T13207]  bpf_prog_test_run+0x321/0x390
[  962.217695][T13207]  __sys_bpf+0x440/0x800
[  962.221936][T13207]  ? bpf_link_show_fdinfo+0x350/0x350
[  962.227303][T13207]  ? lock_chain_count+0x20/0x20
[  962.232149][T13207]  __x64_sys_bpf+0x7c/0x90
[  962.236552][T13207]  do_syscall_64+0x55/0xb0
[  962.240954][T13207]  ? clear_bhb_loop+0x40/0x90
[  962.245621][T13207]  ? clear_bhb_loop+0x40/0x90
[  962.250291][T13207]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  962.256171][T13207] RIP: 0033:0x7f81f858f749
[  962.260575][T13207] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  962.280173][T13207] RSP: 002b:00007f81f9384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  962.288593][T13207] RAX: ffffffffffffffda RBX: 00007f81f87e5fa0 RCX: 00007f81f858f749
[  962.296555][T13207] RDX: 0000000000000050 RSI: 0000200000000340 RDI: 000000000000000a
[  962.304527][T13207] RBP: 00007f81f9384090 R08: 0000000000000000 R09: 0000000000000000
[  962.312515][T13207] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  962.320479][T13207] R13: 00007f81f87e6038 R14: 00007f81f87e5fa0 R15: 00007ffcb879b7a8
[  962.328451][T13207]  </TASK>
[  962.811864][T13217] binder: 13215:13217 ioctl c0306201 0 returned -14
[  963.352928][T13229] input: syz0 as /devices/virtual/input/input12
[  964.535162][   T28] audit: type=1326 audit(2000000073.870:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13237 comm="syz.4.2156" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde6fd8f749 code=0x0
[  964.810966][T13247] Illegal XDP return value 256 on prog  (id 337) dev N/A, expect packet loss!
[  965.599201][T13253] FAULT_INJECTION: forcing a failure.
[  965.599201][T13253] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  965.671397][T13253] CPU: 0 PID: 13253 Comm: syz.4.2161 Not tainted syzkaller #0
[  965.678930][T13253] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  965.689010][T13253] Call Trace:
[  965.692307][T13253]  <TASK>
[  965.695257][T13253]  dump_stack_lvl+0x16c/0x230
[  965.699964][T13253]  ? show_regs_print_info+0x20/0x20
[  965.705185][T13253]  ? load_image+0x3b0/0x3b0
[  965.709722][T13253]  ? __lock_acquire+0x7c80/0x7c80
[  965.714773][T13253]  ? snprintf+0xdb/0x120
[  965.719060][T13253]  should_fail_ex+0x39d/0x4d0
[  965.723791][T13253]  _copy_to_user+0x2f/0xa0
[  965.728241][T13253]  simple_read_from_buffer+0xe7/0x150
[  965.733651][T13253]  proc_fail_nth_read+0x1e3/0x250
[  965.738717][T13253]  ? proc_fault_inject_write+0x340/0x340
[  965.744393][T13253]  ? fsnotify_perm+0x271/0x5e0
[  965.749186][T13253]  ? proc_fault_inject_write+0x340/0x340
[  965.754859][T13253]  vfs_read+0x27e/0x920
[  965.759047][T13253]  ? kernel_read+0x1e0/0x1e0
[  965.763664][T13253]  ? __fget_files+0x28/0x4d0
[  965.768281][T13253]  ? __fget_files+0x44a/0x4d0
[  965.772985][T13253]  ? __fdget_pos+0x2a3/0x330
[  965.777599][T13253]  ? ksys_read+0x75/0x250
[  965.782049][T13253]  ksys_read+0x147/0x250
[  965.786327][T13253]  ? vfs_write+0x940/0x940
[  965.790755][T13253]  ? lockdep_hardirqs_on+0x98/0x150
[  965.795956][T13253]  do_syscall_64+0x55/0xb0
[  965.800367][T13253]  ? clear_bhb_loop+0x40/0x90
[  965.805050][T13253]  ? clear_bhb_loop+0x40/0x90
[  965.809731][T13253]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  965.815646][T13253] RIP: 0033:0x7fde6fd8e15c
[  965.820069][T13253] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  965.839679][T13253] RSP: 002b:00007fde70c89030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  965.848106][T13253] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8e15c
[  965.856186][T13253] RDX: 000000000000000f RSI: 00007fde70c890a0 RDI: 0000000000000004
[  965.864171][T13253] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[  965.872147][T13253] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  965.880123][T13253] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[  965.888108][T13253]  </TASK>
[  965.972201][T13255] binder: 13254:13255 ioctl c0306201 0 returned -14
[  967.023298][T13268] syzkaller0: entered promiscuous mode
[  967.044332][T13268] syzkaller0: entered allmulticast mode
[  967.080974][T13268] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  967.113892][T13267] tipc: Resetting bearer <eth:syzkaller0>
[  967.260047][T13267] tipc: Disabling bearer <eth:syzkaller0>
[  968.917723][T13292] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2175'.
[  969.766920][T13303] loop0: detected capacity change from 0 to 256
[  969.793425][T13303] FAT-fs (loop0): Unrecognized mount option "uni_xlate}0" or missing value
[  970.330437][T13310] loop4: detected capacity change from 0 to 4096
[  970.383511][T13310] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  970.446305][T13310] ntfs3: loop4: Failed to initialize $Extend/$Reparse.
[  970.474695][T13314] program syz.4.2184 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  970.494909][T13313] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  970.720154][T13318] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  970.738643][T13318] syzkaller0: entered promiscuous mode
[  970.754388][T13318] syzkaller0: entered allmulticast mode
[  970.838845][T13322] netlink: zone id is out of range
[  970.844181][T13322] netlink: zone id is out of range
[  970.849657][T13322] netlink: zone id is out of range
[  970.854915][T13322] netlink: zone id is out of range
[  970.860244][T13322] netlink: zone id is out of range
[  970.865397][T13322] netlink: zone id is out of range
[  970.870633][T13322] netlink: zone id is out of range
[  970.875848][T13322] netlink: zone id is out of range
[  970.881966][T13322] netlink: zone id is out of range
[  970.887398][T13322] netlink: zone id is out of range
[  971.359535][T13317] tipc: Resetting bearer <eth:syzkaller0>
[  971.778863][T13317] tipc: Disabling bearer <eth:syzkaller0>
[  972.345349][T13331] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2188'.
[  973.114068][T13335] FAULT_INJECTION: forcing a failure.
[  973.114068][T13335] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  973.127495][T13335] CPU: 1 PID: 13335 Comm: syz.4.2189 Not tainted syzkaller #0
[  973.134982][T13335] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  973.145059][T13335] Call Trace:
[  973.148351][T13335]  <TASK>
[  973.151295][T13335]  dump_stack_lvl+0x16c/0x230
[  973.155994][T13335]  ? show_regs_print_info+0x20/0x20
[  973.161209][T13335]  ? load_image+0x3b0/0x3b0
[  973.165737][T13335]  ? __might_fault+0xaa/0x120
[  973.170432][T13335]  ? __lock_acquire+0x7c80/0x7c80
[  973.175479][T13335]  should_fail_ex+0x39d/0x4d0
[  973.180192][T13335]  _copy_from_user+0x2f/0xe0
[  973.184806][T13335]  ___sys_sendmsg+0x159/0x290
[  973.189512][T13335]  ? __sys_sendmsg+0x270/0x270
[  973.194316][T13335]  ? __lock_acquire+0x7c80/0x7c80
[  973.199382][T13335]  __se_sys_sendmsg+0x1a5/0x270
[  973.204258][T13335]  ? __x64_sys_sendmsg+0x80/0x80
[  973.209665][T13335]  ? lockdep_hardirqs_on+0x98/0x150
[  973.214888][T13335]  do_syscall_64+0x55/0xb0
[  973.219323][T13335]  ? clear_bhb_loop+0x40/0x90
[  973.224018][T13335]  ? clear_bhb_loop+0x40/0x90
[  973.228718][T13335]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  973.234628][T13335] RIP: 0033:0x7fde6fd8f749
[  973.239059][T13335] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  973.258690][T13335] RSP: 002b:00007fde70c68038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  973.267122][T13335] RAX: ffffffffffffffda RBX: 00007fde6ffe6090 RCX: 00007fde6fd8f749
[  973.275204][T13335] RDX: 000000000000c000 RSI: 0000200000000000 RDI: 0000000000000005
[  973.283193][T13335] RBP: 00007fde70c68090 R08: 0000000000000000 R09: 0000000000000000
[  973.291179][T13335] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  973.299169][T13335] R13: 00007fde6ffe6128 R14: 00007fde6ffe6090 R15: 00007ffddcfcba58
[  973.307178][T13335]  </TASK>
[  974.921294][T13345] binder: BINDER_SET_CONTEXT_MGR already set
[  974.940129][T13345] binder: 13344:13345 ioctl 4018620d 200000004a80 returned -16
[  975.217883][ T7320] usb 5-1: new high-speed USB device number 23 using dummy_hcd
[  975.464985][ T7320] usb 5-1: Using ep0 maxpacket: 16
[  975.703562][ T7320] usb 5-1: config 7 has an invalid descriptor of length 0, skipping remainder of the config
[  975.722939][ T7320] usb 5-1: config 7 interface 0 altsetting 5 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  975.734453][ T7320] usb 5-1: config 7 interface 0 altsetting 5 endpoint 0x81 has invalid wMaxPacketSize 0
[  975.744753][ T7320] usb 5-1: config 7 interface 0 altsetting 5 has 1 endpoint descriptor, different from the interface descriptor's value: 5
[  975.765929][ T7320] usb 5-1: config 7 interface 0 has no altsetting 0
[  975.776392][ T7320] usb 5-1: New USB device found, idVendor=0458, idProduct=5010, bcdDevice= 0.00
[  975.790321][ T7320] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  976.097996][    T9] usb 2-1: new high-speed USB device number 33 using dummy_hcd
[  976.122170][T13361] FAULT_INJECTION: forcing a failure.
[  976.122170][T13361] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  976.135689][T13361] CPU: 1 PID: 13361 Comm: syz.3.2197 Not tainted syzkaller #0
[  976.143175][T13361] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  976.153259][T13361] Call Trace:
[  976.156556][T13361]  <TASK>
[  976.159519][T13361]  dump_stack_lvl+0x16c/0x230
[  976.164226][T13361]  ? show_regs_print_info+0x20/0x20
[  976.169439][T13361]  ? load_image+0x3b0/0x3b0
[  976.173963][T13361]  ? __might_fault+0xaa/0x120
[  976.178659][T13361]  ? __lock_acquire+0x7c80/0x7c80
[  976.183716][T13361]  should_fail_ex+0x39d/0x4d0
[  976.188414][T13361]  _copy_from_iter+0x1d3/0x1290
[  976.193285][T13361]  ? slab_post_alloc_hook+0x8a/0x4d0
[  976.198591][T13361]  ? __virt_addr_valid+0x18c/0x540
[  976.203733][T13361]  ? __lock_acquire+0x7c80/0x7c80
[  976.208781][T13361]  ? rcu_is_watching+0x15/0xb0
[  976.213573][T13361]  ? copyout_mc+0x70/0x70
[  976.217929][T13361]  ? __virt_addr_valid+0x18c/0x540
[  976.223068][T13361]  ? __virt_addr_valid+0x18c/0x540
[  976.228195][T13361]  ? __virt_addr_valid+0x469/0x540
[  976.233329][T13361]  ? __check_object_size+0x506/0xa30
[  976.238640][T13361]  netlink_sendmsg+0x75c/0xbe0
[  976.243427][T13361]  ? netlink_getsockopt+0x580/0x580
[  976.248644][T13361]  ? aa_sock_msg_perm+0x94/0x150
[  976.253598][T13361]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[  976.258904][T13361]  ? security_socket_sendmsg+0x80/0xa0
[  976.264382][T13361]  ? netlink_getsockopt+0x580/0x580
[  976.269602][T13361]  ____sys_sendmsg+0x5bf/0x950
[  976.274388][T13361]  ? __asan_memset+0x22/0x40
[  976.278995][T13361]  ? __sys_sendmsg_sock+0x30/0x30
[  976.284045][T13361]  ? __import_iovec+0x5f2/0x860
[  976.288922][T13361]  ? import_iovec+0x73/0xa0
[  976.291987][    T9] usb 2-1: config 0 has no interfaces?
[  976.293435][T13361]  ___sys_sendmsg+0x220/0x290
[  976.293464][T13361]  ? __sys_sendmsg+0x270/0x270
[  976.308388][T13361]  ? __lock_acquire+0x7c80/0x7c80
[  976.308854][    T9] usb 2-1: New USB device found, idVendor=18b4, idProduct=fffb, bcdDevice=dc.7b
[  976.313435][T13361]  __se_sys_sendmsg+0x1a5/0x270
[  976.313466][T13361]  ? __x64_sys_sendmsg+0x80/0x80
[  976.313496][T13361]  ? lockdep_hardirqs_on+0x98/0x150
[  976.337486][T13361]  do_syscall_64+0x55/0xb0
[  976.341925][T13361]  ? clear_bhb_loop+0x40/0x90
[  976.344179][    T9] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  976.346604][T13361]  ? clear_bhb_loop+0x40/0x90
[  976.346631][T13361]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  976.365219][T13361] RIP: 0033:0x7f6247f8f749
[  976.369651][T13361] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  976.371640][    T9] usb 2-1: Product: syz
[  976.389346][T13361] RSP: 002b:00007f6248e6f038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  976.389372][T13361] RAX: ffffffffffffffda RBX: 00007f62481e5fa0 RCX: 00007f6247f8f749
[  976.389382][T13361] RDX: 0000000000000000 RSI: 0000200000000480 RDI: 0000000000000003
[  976.389393][T13361] RBP: 00007f6248e6f090 R08: 0000000000000000 R09: 0000000000000000
[  976.389402][T13361] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  976.389411][T13361] R13: 00007f62481e6038 R14: 00007f62481e5fa0 R15: 00007fff3b86ee08
[  976.389435][T13361]  </TASK>
[  976.464086][    T9] usb 2-1: Manufacturer: syz
[  976.468858][ T7320] input: HID 0458:5010 as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:7.0/0003:0458:5010.0007/input/input13
[  976.499170][    T9] usb 2-1: SerialNumber: syz
[  976.506334][    T9] usb 2-1: config 0 descriptor??
[  976.594502][T13346] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  976.608348][T13346] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  976.686850][T13368] loop3: detected capacity change from 0 to 256
[  976.687927][ T7320] kye 0003:0458:5010.0007: input,hiddev0,hidraw0: USB HID v2.00 Device [HID 0458:5010] on usb-dummy_hcd.4-1/input0
[  976.708916][T13368] FAT-fs (loop3): Unrecognized mount option "uni_xlate}0" or missing value
[  976.786574][ T7320] usb 5-1: USB disconnect, device number 23
[  976.942773][T13369] fido_id[13369]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/5-1/report_descriptor': No such file or directory
[  977.158186][ T5799] usb 2-1: USB disconnect, device number 33
[  977.276419][T13373] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2201'.
[  977.526843][T13378] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  979.215778][T13389] sp0: Synchronizing with TNC
[  979.893916][T13387] [U] è
[  979.944638][T13392] loop1: detected capacity change from 0 to 64
[  980.050889][   T28] audit: type=1800 audit(2000000089.390:117): pid=13392 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2206" name="file1" dev="loop1" ino=21 res=0 errno=0
[  980.421274][T13396] loop1: detected capacity change from 0 to 128
[  980.440042][T13396] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  980.499134][T13396] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  980.566661][T13396] ext2 filesystem being mounted at /533/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  980.768914][T13396] EXT4-fs error (device loop1): ext4_check_dx_root:2266: inode #2: comm syz.1.2209: Corrupt dir, invalid name for '..', running e2fsck is recommended
[  980.923486][ T5762] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  981.903790][   T28] audit: type=1326 audit(2000000091.240:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f81f85865e7 code=0x7ffc0000
[  981.965916][   T28] audit: type=1326 audit(2000000091.240:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f81f852b829 code=0x7ffc0000
[  981.989026][   T28] audit: type=1326 audit(2000000091.240:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f81f85865e7 code=0x7ffc0000
[  982.026473][   T28] audit: type=1326 audit(2000000091.240:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f81f852b829 code=0x7ffc0000
[  982.180763][T13406] loop3: detected capacity change from 0 to 40427
[  982.202177][   T28] audit: type=1326 audit(2000000091.240:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f81f85865e7 code=0x7ffc0000
[  982.227903][T13406] F2FS-fs (loop3): Fix alignment : done, start(4096) end(16896) block(12288)
[  982.244254][T13406] F2FS-fs (loop3): invalid crc value
[  982.252692][T13406] F2FS-fs (loop3): invalid crc value
[  982.261336][T13406] F2FS-fs (loop3): Failed to get valid F2FS checkpoint
[  982.272981][   T28] audit: type=1326 audit(2000000091.270:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f81f852b829 code=0x7ffc0000
[  982.322239][   T28] audit: type=1326 audit(2000000091.270:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f81f85865e7 code=0x7ffc0000
[  982.378639][   T28] audit: type=1326 audit(2000000091.270:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f81f852b829 code=0x7ffc0000
[  982.425835][T13423] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  982.428109][   T28] audit: type=1326 audit(2000000091.270:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13417 comm="syz.0.2207" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f81f85865e7 code=0x7ffc0000
[  982.442033][T13423] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  982.633341][T13423] loop4: detected capacity change from 0 to 4096
[  982.650933][T13423] ntfs3: Unknown parameter 'ÿÿ000000000000000000000x0000000000000033ÿÿ'
[  982.688000][ T5799] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  986.345310][T13465] delete_channel: no stack
[  988.253617][T13469] FAULT_INJECTION: forcing a failure.
[  988.253617][T13469] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  988.267605][T13469] CPU: 0 PID: 13469 Comm: syz.0.2229 Not tainted syzkaller #0
[  988.275107][T13469] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  988.285190][T13469] Call Trace:
[  988.288478][T13469]  <TASK>
[  988.291412][T13469]  dump_stack_lvl+0x16c/0x230
[  988.296084][T13469]  ? show_regs_print_info+0x20/0x20
[  988.301272][T13469]  ? load_image+0x3b0/0x3b0
[  988.305778][T13469]  ? __might_fault+0xaa/0x120
[  988.310442][T13469]  ? __lock_acquire+0x7c80/0x7c80
[  988.315464][T13469]  should_fail_ex+0x39d/0x4d0
[  988.320141][T13469]  _copy_to_user+0x2f/0xa0
[  988.324550][T13469]  video_usercopy+0xde4/0x1330
[  988.329314][T13469]  ? video_ioctl2+0x30/0x30
[  988.333993][T13469]  ? v4l_printk_ioctl+0x160/0x160
[  988.339024][T13469]  v4l2_ioctl+0x18a/0x1e0
[  988.343351][T13469]  ? v4l2_poll+0x2b0/0x2b0
[  988.347763][T13469]  __se_sys_ioctl+0xfd/0x170
[  988.352364][T13469]  do_syscall_64+0x55/0xb0
[  988.356771][T13469]  ? clear_bhb_loop+0x40/0x90
[  988.361443][T13469]  ? clear_bhb_loop+0x40/0x90
[  988.366109][T13469]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  988.371999][T13469] RIP: 0033:0x7f81f858f749
[  988.376409][T13469] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  988.396012][T13469] RSP: 002b:00007f81f9384038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  988.404425][T13469] RAX: ffffffffffffffda RBX: 00007f81f87e5fa0 RCX: 00007f81f858f749
[  988.412401][T13469] RDX: 0000000000000000 RSI: 0000000080885659 RDI: 0000000000000003
[  988.420379][T13469] RBP: 00007f81f9384090 R08: 0000000000000000 R09: 0000000000000000
[  988.428430][T13469] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  988.436393][T13469] R13: 00007f81f87e6038 R14: 00007f81f87e5fa0 R15: 00007ffcb879b7a8
[  988.444372][T13469]  </TASK>
[  990.670941][T13486] binder: BINDER_SET_CONTEXT_MGR already set
[  990.677055][T13486] binder: 13484:13486 ioctl 4018620d 2000000002c0 returned -16
[  994.026707][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[  996.521466][T13518] binder: BINDER_SET_CONTEXT_MGR already set
[  996.527563][T13518] binder: 13516:13518 ioctl 4018620d 2000000002c0 returned -16
[  997.319229][   T23] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  997.529747][   T23] usb 4-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[  997.570368][   T23] usb 4-1: New USB device found, idVendor=2c42, idProduct=1602, bcdDevice=da.64
[  997.582246][   T23] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  997.610966][   T23] usb 4-1: Product: syz
[  997.621085][   T23] usb 4-1: Manufacturer: syz
[  997.631209][   T23] usb 4-1: SerialNumber: syz
[  997.658818][   T23] usb 4-1: config 0 descriptor??
[  999.178094][T11478] usb 4-1: USB disconnect, device number 2
[  999.519658][T13521] loop0: detected capacity change from 0 to 32768
[  999.606420][T13521] XFS (loop0): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  999.754692][T13521] XFS (loop0): Ending clean mount
[  999.782407][T13521] XFS (loop0): Quotacheck needed: Please wait.
[  999.895720][T13521] XFS (loop0): Quotacheck: Done.
[  999.948737][ T1187] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[ 1000.066774][ T5766] XFS (loop0): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[ 1000.146449][ T1187] usb 5-1: Using ep0 maxpacket: 32
[ 1000.156773][ T1187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1000.194403][ T1187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1000.217238][ T1187] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1001.467366][ T1187] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1001.508938][ T1187] usb 5-1: config 0 descriptor??
[ 1001.519663][ T1187] hub 5-1:0.0: USB hub found
[ 1001.722017][T13539] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[ 1001.776700][T13539] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[ 1001.808311][ T1187] hub 5-1:0.0: config failed, hub doesn't have any ports! (err -19)
[ 1002.279306][ T1187] hid-generic 0003:046D:C31C.0008: unknown main item tag 0x0
[ 1002.458275][ T1187] hid-generic 0003:046D:C31C.0008: hidraw0: USB HID v8.00 Device [HID 046d:c31c] on usb-dummy_hcd.4-1/input0
[ 1002.512772][ T1187] usb 5-1: USB disconnect, device number 25
[ 1003.080862][T13556] binder: BINDER_SET_CONTEXT_MGR already set
[ 1003.086989][T13556] binder: 13554:13556 ioctl 4018620d 2000000002c0 returned -16
[ 1004.347902][ T1187] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[ 1004.459905][T13564] loop1: detected capacity change from 0 to 256
[ 1004.577934][ T1187] usb 5-1: Using ep0 maxpacket: 32
[ 1004.605747][T13564] FAT-fs (loop1): Directory bread(block 64) failed
[ 1004.612565][ T1187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1004.648333][T13564] FAT-fs (loop1): Directory bread(block 65) failed
[ 1004.672303][ T1187] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1004.682316][T13564] FAT-fs (loop1): Directory bread(block 66) failed
[ 1004.743438][T13564] FAT-fs (loop1): Directory bread(block 67) failed
[ 1004.757140][ T1187] usb 5-1: New USB device found, idVendor=046d, idProduct=c31c, bcdDevice= 0.40
[ 1004.878156][T13564] FAT-fs (loop1): Directory bread(block 68) failed
[ 1004.899336][ T1187] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1004.937497][ T1187] usb 5-1: config 0 descriptor??
[ 1004.945649][ T1187] usb 5-1: can't set config #0, error -71
[ 1004.947946][T13564] FAT-fs (loop1): Directory bread(block 69) failed
[ 1004.978262][T13564] FAT-fs (loop1): Directory bread(block 70) failed
[ 1004.985452][T13564] FAT-fs (loop1): Directory bread(block 71) failed
[ 1004.992410][T13564] FAT-fs (loop1): Directory bread(block 72) failed
[ 1005.008268][ T1187] usb 5-1: USB disconnect, device number 26
[ 1005.031585][T13564] FAT-fs (loop1): Directory bread(block 73) failed
[ 1005.413417][T13575] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2251'.
[ 1006.278570][ T1187] usb 1-1: new full-speed USB device number 26 using dummy_hcd
[ 1006.640405][ T1187] usb 1-1: device descriptor read/64, error -71
[ 1006.798274][T13590] loop3: detected capacity change from 0 to 8
[ 1007.020941][T13590] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1007.029850][T13590] SQUASHFS error: Failed to read block 0x108: -5
[ 1007.036263][T13590] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1007.043690][T13590] SQUASHFS error: Unable to read inode 0x11f
[ 1007.417890][ T1187] usb 1-1: new full-speed USB device number 27 using dummy_hcd
[ 1007.628004][ T1187] usb 1-1: device descriptor read/64, error -71
[ 1007.798067][ T1187] usb usb1-port1: attempt power cycle
[ 1008.847932][ T1187] usb 1-1: new full-speed USB device number 28 using dummy_hcd
[ 1010.196968][ T1187] usb 1-1: device not accepting address 28, error -71
[ 1011.824679][T13606] FAULT_INJECTION: forcing a failure.
[ 1011.824679][T13606] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1011.868077][T13606] CPU: 1 PID: 13606 Comm: syz.4.2264 Not tainted syzkaller #0
[ 1011.875597][T13606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1011.885673][T13606] Call Trace:
[ 1011.888960][T13606]  <TASK>
[ 1011.891893][T13606]  dump_stack_lvl+0x16c/0x230
[ 1011.896579][T13606]  ? show_regs_print_info+0x20/0x20
[ 1011.901778][T13606]  ? load_image+0x3b0/0x3b0
[ 1011.906289][T13606]  ? __might_fault+0xaa/0x120
[ 1011.910973][T13606]  ? __lock_acquire+0x7c80/0x7c80
[ 1011.916012][T13606]  should_fail_ex+0x39d/0x4d0
[ 1011.920700][T13606]  _copy_from_user+0x2f/0xe0
[ 1011.925295][T13606]  capi_unlocked_ioctl+0x28e/0xc90
[ 1011.930410][T13606]  ? capi_poll+0x120/0x120
[ 1011.934826][T13606]  ? __fget_files+0x28/0x4d0
[ 1011.939422][T13606]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1011.944359][T13606]  ? security_file_ioctl+0x80/0xa0
[ 1011.949477][T13606]  ? capi_poll+0x120/0x120
[ 1011.953893][T13606]  __se_sys_ioctl+0xfd/0x170
[ 1011.958499][T13606]  do_syscall_64+0x55/0xb0
[ 1011.962918][T13606]  ? clear_bhb_loop+0x40/0x90
[ 1011.967595][T13606]  ? clear_bhb_loop+0x40/0x90
[ 1011.972276][T13606]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1011.978168][T13606] RIP: 0033:0x7fde6fd8f749
[ 1011.982580][T13606] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1012.002306][T13606] RSP: 002b:00007fde70c89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1012.010732][T13606] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8f749
[ 1012.018701][T13606] RDX: 00002000000000c0 RSI: 0000000080044326 RDI: 0000000000000004
[ 1012.026678][T13606] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[ 1012.034648][T13606] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1012.042616][T13606] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[ 1012.050598][T13606]  </TASK>
[ 1012.200501][T13607] loop4: detected capacity change from 0 to 2048
[ 1012.269145][T13607] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1012.307978][T13607] NILFS (loop4): segment count 8142508126285856831 exceeds upper limit (1152921504606846975 segments)
[ 1012.913229][T13611] loop4: detected capacity change from 0 to 256
[ 1013.011409][T13611] FAT-fs (loop4): Directory bread(block 64) failed
[ 1013.039098][T13611] FAT-fs (loop4): Directory bread(block 65) failed
[ 1013.068240][T13611] FAT-fs (loop4): Directory bread(block 66) failed
[ 1013.075233][T13611] FAT-fs (loop4): Directory bread(block 67) failed
[ 1013.118391][T13611] FAT-fs (loop4): Directory bread(block 68) failed
[ 1013.125228][T13611] FAT-fs (loop4): Directory bread(block 69) failed
[ 1013.158018][T13611] FAT-fs (loop4): Directory bread(block 70) failed
[ 1013.164595][T13611] FAT-fs (loop4): Directory bread(block 71) failed
[ 1013.213227][T13611] FAT-fs (loop4): Directory bread(block 72) failed
[ 1013.253638][T13611] FAT-fs (loop4): Directory bread(block 73) failed
[ 1013.906022][T13617] loop3: detected capacity change from 0 to 128
[ 1013.966493][T13617] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[ 1014.524689][T13622] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2266'.
[ 1014.656428][T13617] ext4 filesystem being mounted at /56/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[ 1015.052602][T13625] sp0: Synchronizing with TNC
[ 1015.746209][T13618] [U] è
[ 1015.758410][T13617] EXT4-fs warning (device loop3): ext4_dirblock_csum_verify:406: inode #2: comm syz.3.2265: No space for directory leaf checksum. Please run e2fsck -D.
[ 1015.850652][ T5761] Bluetooth: hci0: command 0x0406 tx timeout
[ 1015.878071][T13617] EXT4-fs error (device loop3): __ext4_find_entry:1696: inode #2: comm syz.3.2265: checksumming directory block 1
[ 1016.491431][T12592] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1023.664636][T13678] loop4: detected capacity change from 0 to 1024
[ 1023.733462][   T28] kauditd_printk_skb: 79 callbacks suppressed
[ 1023.733476][   T28] audit: type=1800 audit(2000000133.070:206): pid=13678 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2282" name="file2" dev="loop4" ino=22 res=0 errno=0
[ 1023.805963][T13678] netlink: 32 bytes leftover after parsing attributes in process `syz.4.2282'.
[ 1023.821314][T13678] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2282'.
[ 1023.860709][T13676] loop3: detected capacity change from 0 to 32768
[ 1023.875703][T13676] xfs: Unknown parameter 'rootcontext'
[ 1023.898938][T13679] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2282'.
[ 1023.985313][T13683] loop0: detected capacity change from 0 to 136
[ 1024.668810][   T11] hfsplus: b-tree write err: -5, ino 4
[ 1025.145602][T13698] FAULT_INJECTION: forcing a failure.
[ 1025.145602][T13698] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.159040][T13698] CPU: 0 PID: 13698 Comm: syz.0.2286 Not tainted syzkaller #0
[ 1025.166519][T13698] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1025.176587][T13698] Call Trace:
[ 1025.179878][T13698]  <TASK>
[ 1025.182816][T13698]  dump_stack_lvl+0x16c/0x230
[ 1025.187508][T13698]  ? show_regs_print_info+0x20/0x20
[ 1025.192719][T13698]  ? load_image+0x3b0/0x3b0
[ 1025.197240][T13698]  ? __might_fault+0xaa/0x120
[ 1025.201951][T13698]  ? __lock_acquire+0x7c80/0x7c80
[ 1025.207017][T13698]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1025.213090][T13698]  should_fail_ex+0x39d/0x4d0
[ 1025.217788][T13698]  _copy_from_iter+0x1d3/0x1290
[ 1025.222662][T13698]  ? lockdep_hardirqs_on+0x98/0x150
[ 1025.227879][T13698]  ? asm_sysvec_reschedule_ipi+0x1a/0x20
[ 1025.233530][T13698]  ? __virt_addr_valid+0x18c/0x540
[ 1025.238663][T13698]  ? copyout_mc+0x70/0x70
[ 1025.243024][T13698]  ? __virt_addr_valid+0x45b/0x540
[ 1025.248155][T13698]  ? __virt_addr_valid+0x469/0x540
[ 1025.253291][T13698]  ? __check_object_size+0x506/0xa30
[ 1025.258600][T13698]  netlink_sendmsg+0x75c/0xbe0
[ 1025.263385][T13698]  ? lockdep_hardirqs_on+0x98/0x150
[ 1025.268603][T13698]  ? netlink_getsockopt+0x580/0x580
[ 1025.273823][T13698]  ? netlink_getsockopt+0x580/0x580
[ 1025.279038][T13698]  ____sys_sendmsg+0x5bf/0x950
[ 1025.283822][T13698]  ? __asan_memset+0x22/0x40
[ 1025.288436][T13698]  ? __sys_sendmsg_sock+0x30/0x30
[ 1025.293555][T13698]  ? __import_iovec+0x5f2/0x860
[ 1025.298447][T13698]  ? import_iovec+0x73/0xa0
[ 1025.302976][T13698]  ___sys_sendmsg+0x220/0x290
[ 1025.307681][T13698]  ? __sys_sendmsg+0x270/0x270
[ 1025.312514][T13698]  __se_sys_sendmsg+0x1a5/0x270
[ 1025.317391][T13698]  ? __x64_sys_sendmsg+0x80/0x80
[ 1025.322360][T13698]  ? lockdep_hardirqs_on+0x98/0x150
[ 1025.327581][T13698]  do_syscall_64+0x55/0xb0
[ 1025.332013][T13698]  ? clear_bhb_loop+0x40/0x90
[ 1025.336702][T13698]  ? clear_bhb_loop+0x40/0x90
[ 1025.341396][T13698]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1025.347306][T13698] RIP: 0033:0x7f81f858f749
[ 1025.351734][T13698] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1025.371365][T13698] RSP: 002b:00007f81f9342038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1025.379797][T13698] RAX: ffffffffffffffda RBX: 00007f81f87e6180 RCX: 00007f81f858f749
[ 1025.387803][T13698] RDX: 0000000000000000 RSI: 0000200000000300 RDI: 000000000000000a
[ 1025.395855][T13698] RBP: 00007f81f9342090 R08: 0000000000000000 R09: 0000000000000000
[ 1025.403821][T13698] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1025.411789][T13698] R13: 00007f81f87e6218 R14: 00007f81f87e6180 R15: 00007ffcb879b7a8
[ 1025.419775][T13698]  </TASK>
[ 1026.503899][T13706] loop0: detected capacity change from 0 to 32768
[ 1026.514211][T13706] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop0 scanned by syz.0.2287 (13706)
[ 1026.844707][T13706] BTRFS info (device loop0): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1028.118186][T13706] BTRFS info (device loop0): using sha256 (sha256-avx2) checksum algorithm
[ 1028.151801][T13706] BTRFS info (device loop0): using free space tree
[ 1028.693753][T13706] BTRFS info (device loop0): enabling ssd optimizations
[ 1028.707937][T13706] BTRFS info (device loop0): auto enabling async discard
[ 1028.966506][ T5766] BTRFS info (device loop0): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1029.688592][T13740] netlink: 140 bytes leftover after parsing attributes in process `syz.4.2290'.
[ 1030.842727][T13743] loop4: detected capacity change from 0 to 32768
[ 1030.844102][T13744] loop3: detected capacity change from 0 to 1024
[ 1031.423333][T13760] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1031.430162][T13760] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1031.436850][T13760] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1031.443729][T13760] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1031.450564][T13760] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1032.141924][T13744] EXT4-fs: Ignoring removed orlov option
[ 1032.162464][T13743] XFS (loop4): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1032.233450][T13744] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1032.328613][T13743] XFS (loop4): Ending clean mount
[ 1032.370773][T13743] XFS (loop4): Quotacheck needed: Please wait.
[ 1032.498338][T13743] XFS (loop4): Quotacheck: Done.
[ 1032.832696][ T6257] XFS (loop4): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1033.030532][T12592] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1035.922328][T13783] loop1: detected capacity change from 0 to 32768
[ 1035.954848][T13783] (syz.1.2300,13783,0):ocfs2_parse_options:1448 ERROR: Unrecognized mount option "errors=con" or missing value
[ 1036.431062][T13790] binder: BINDER_SET_CONTEXT_MGR already set
[ 1036.437187][T13790] binder: 13788:13790 ioctl 4018620d 2000000002c0 returned -16
[ 1037.209838][T13783] (syz.1.2300,13783,0):ocfs2_fill_super:1178 ERROR: status = -22
[ 1037.910050][T13795] loop1: detected capacity change from 0 to 128
[ 1038.324314][T13795] VFS: Found a Xenix FS (block size = 512) on device loop1
[ 1038.428922][T13795] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1038.615472][T13795] sysv_count_free_inodes: unable to read inode table
[ 1039.183406][T13800] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1039.190353][T13800] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1039.197084][T13800] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1039.204042][T13800] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1039.210922][T13800] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1040.010077][ T5762] sysv_free_block: trying to free block not in datazone
[ 1040.038576][ T5762] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1043.630770][T13818] binder: BINDER_SET_CONTEXT_MGR already set
[ 1043.636941][T13818] binder: 13812:13818 ioctl 4018620d 2000000002c0 returned -16
[ 1046.179169][T13831] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1046.185814][T13831] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1046.192713][T13831] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1046.200058][T13831] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1046.206745][T13831] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1050.153655][T13847] loop1: detected capacity change from 0 to 128
[ 1050.200847][T13847] VFS: Found a Xenix FS (block size = 512) on device loop1
[ 1050.238026][T13847] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1050.324139][T13835] loop0: detected capacity change from 0 to 40427
[ 1051.585349][T13835] F2FS-fs (loop0): Invalid log blocks per segment (4278190089)
[ 1051.635921][T13835] F2FS-fs (loop0): Can't find valid F2FS filesystem in 1th superblock
[ 1051.640639][T13847] sysv_count_free_inodes: unable to read inode table
[ 1051.696409][T13835] F2FS-fs (loop0): invalid crc value
[ 1051.723427][T13835] F2FS-fs (loop0): Failed to initialize F2FS segment manager (-4)
[ 1051.891335][ T5762] sysv_free_block: trying to free block not in datazone
[ 1051.911227][ T5762] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1052.400755][T13856] binder: BINDER_SET_CONTEXT_MGR already set
[ 1052.406895][T13856] binder: 13854:13856 ioctl 4018620d 2000000002c0 returned -16
[ 1054.351100][T13865] loop1: detected capacity change from 0 to 8
[ 1054.545513][T13865] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1054.741319][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1054.828084][T13865] SQUASHFS error: Failed to read block 0x108: -5
[ 1054.834782][T13865] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1054.842505][T13865] SQUASHFS error: Unable to read inode 0x11f
[ 1055.965079][T13872] sp0: Synchronizing with TNC
[ 1056.718675][T13869] [U] è
[ 1057.574937][T13877] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1057.581942][T13877] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1057.588837][T13877] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1057.595519][T13877] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1057.602285][T13877] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1058.897238][T13884] xt_HMARK: spi-set and port-set can't be combined
[ 1062.080074][T13903] loop4: detected capacity change from 0 to 8
[ 1062.181825][T13903] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1062.247060][T13903] SQUASHFS error: Failed to read block 0x108: -5
[ 1062.284114][T13903] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1062.333827][T13903] SQUASHFS error: Unable to read inode 0x11f
[ 1064.318871][T13915] IPVS: sync thread started: state = MASTER, mcast_ifn = veth1_to_bridge, syncid = 32, id = 0
[ 1064.608010][T13919] loop0: detected capacity change from 0 to 256
[ 1064.653031][T13919] FAT-fs (loop0): Directory bread(block 64) failed
[ 1064.664635][T13919] FAT-fs (loop0): Directory bread(block 65) failed
[ 1064.672519][T13919] FAT-fs (loop0): Directory bread(block 66) failed
[ 1064.686577][T13919] FAT-fs (loop0): Directory bread(block 67) failed
[ 1064.693792][T13919] FAT-fs (loop0): Directory bread(block 68) failed
[ 1064.709727][T13919] FAT-fs (loop0): Directory bread(block 69) failed
[ 1064.898952][T13919] FAT-fs (loop0): Directory bread(block 70) failed
[ 1064.907204][T13919] FAT-fs (loop0): Directory bread(block 71) failed
[ 1064.919020][T13919] FAT-fs (loop0): Directory bread(block 72) failed
[ 1064.925870][T13919] FAT-fs (loop0): Directory bread(block 73) failed
[ 1065.553126][T13924] netlink: 12 bytes leftover after parsing attributes in process `syz.0.2335'.
[ 1066.011068][T13927] loop1: detected capacity change from 0 to 8192
[ 1066.125389][T13927] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1066.138774][T13927] REISERFS (device loop1): found reiserfs format "3.6" with non-standard journal
[ 1066.148127][T13927] REISERFS (device loop1): using ordered data mode
[ 1066.154622][T13927] reiserfs: using flush barriers
[ 1066.176234][T13927] REISERFS (device loop1): journal params: device loop1, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1066.193010][T13927] REISERFS (device loop1): checking transaction log (loop1)
[ 1066.473509][T13927] REISERFS (device loop1): Using tea hash to sort names
[ 1066.483519][T13927] REISERFS (device loop1): Created .reiserfs_priv - reserved for xattr storage.
[ 1069.139194][T13942] loop4: detected capacity change from 0 to 32768
[ 1070.307684][T13942] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1070.374600][T13942] XFS (loop4): Ending clean mount
[ 1070.393674][T13942] XFS (loop4): Quotacheck needed: Please wait.
[ 1070.495731][T13942] XFS (loop4): Quotacheck: Done.
[ 1070.514042][T13941] xfs: Unknown parameter '0000000000000551123511501777777777777777777777ÿ18446744073709551615'
[ 1070.529418][   T28] audit: type=1800 audit(2000000179.850:207): pid=13941 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.2344" name="file2" dev="loop4" ino=6151 res=0 errno=0
[ 1070.722252][ T6257] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[ 1070.879320][T13958] loop1: detected capacity change from 0 to 8
[ 1070.959383][T13958] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1070.987854][T13958] SQUASHFS error: Failed to read block 0x108: -5
[ 1070.994236][T13958] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1071.027850][T13958] SQUASHFS error: Unable to read inode 0x11f
[ 1076.843748][T13992] loop3: detected capacity change from 0 to 256
[ 1076.977694][T13992] FAT-fs (loop3): Directory bread(block 64) failed
[ 1076.985656][T13992] FAT-fs (loop3): Directory bread(block 65) failed
[ 1076.994702][T13992] FAT-fs (loop3): Directory bread(block 66) failed
[ 1077.010028][T13992] FAT-fs (loop3): Directory bread(block 67) failed
[ 1077.028122][T14001] tmpfs: Bad value for 'mpol'
[ 1077.079243][T13992] FAT-fs (loop3): Directory bread(block 68) failed
[ 1077.085888][T13992] FAT-fs (loop3): Directory bread(block 69) failed
[ 1077.092778][T13992] FAT-fs (loop3): Directory bread(block 70) failed
[ 1077.099371][T13992] FAT-fs (loop3): Directory bread(block 71) failed
[ 1077.106203][T13992] FAT-fs (loop3): Directory bread(block 72) failed
[ 1077.118142][T13992] FAT-fs (loop3): Directory bread(block 73) failed
[ 1078.151347][T14007] loop1: detected capacity change from 0 to 8
[ 1078.214620][T14010] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2357'.
[ 1078.420014][T14007] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1078.427896][T14007] SQUASHFS error: Failed to read block 0x108: -5
[ 1078.434282][T14007] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1078.441626][T14007] SQUASHFS error: Unable to read inode 0x11f
[ 1078.642087][T14015] FAULT_INJECTION: forcing a failure.
[ 1078.642087][T14015] name failslab, interval 1, probability 0, space 0, times 0
[ 1078.659611][T14015] CPU: 1 PID: 14015 Comm: syz.4.2360 Not tainted syzkaller #0
[ 1078.667123][T14015] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1078.677244][T14015] Call Trace:
[ 1078.680538][T14015]  <TASK>
[ 1078.683484][T14015]  dump_stack_lvl+0x16c/0x230
[ 1078.688185][T14015]  ? show_regs_print_info+0x20/0x20
[ 1078.693400][T14015]  ? load_image+0x3b0/0x3b0
[ 1078.697934][T14015]  ? __might_sleep+0xe0/0xe0
[ 1078.702553][T14015]  ? __lock_acquire+0x7c80/0x7c80
[ 1078.707606][T14015]  should_fail_ex+0x39d/0x4d0
[ 1078.712316][T14015]  should_failslab+0x9/0x20
[ 1078.716845][T14015]  slab_pre_alloc_hook+0x59/0x310
[ 1078.721889][T14015]  ? __request_region+0x5f/0xd0
[ 1078.726736][T14015]  __kmem_cache_alloc_node+0x53/0x260
[ 1078.732109][T14015]  ? __request_region+0x5f/0xd0
[ 1078.736957][T14015]  kmalloc_trace+0x2a/0xe0
[ 1078.741368][T14015]  __request_region+0x5f/0xd0
[ 1078.746038][T14015]  comedi_request_region+0x6d/0x180
[ 1078.751230][T14015]  dt2801_attach+0x5d/0xf30
[ 1078.755825][T14015]  comedi_device_attach+0x518/0x710
[ 1078.761026][T14015]  comedi_unlocked_ioctl+0x606/0xfe0
[ 1078.766314][T14015]  ? tomoyo_path_number_perm+0x477/0x590
[ 1078.771946][T14015]  ? comedi_poll+0x8c0/0x8c0
[ 1078.776570][T14015]  ? __fget_files+0x28/0x4d0
[ 1078.781159][T14015]  ? bpf_lsm_file_ioctl+0x9/0x10
[ 1078.786089][T14015]  ? security_file_ioctl+0x80/0xa0
[ 1078.791196][T14015]  ? comedi_poll+0x8c0/0x8c0
[ 1078.795783][T14015]  __se_sys_ioctl+0xfd/0x170
[ 1078.800367][T14015]  do_syscall_64+0x55/0xb0
[ 1078.804773][T14015]  ? clear_bhb_loop+0x40/0x90
[ 1078.809445][T14015]  ? clear_bhb_loop+0x40/0x90
[ 1078.814115][T14015]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1078.819999][T14015] RIP: 0033:0x7fde6fd8f749
[ 1078.824433][T14015] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1078.844032][T14015] RSP: 002b:00007fde70c68038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1078.852442][T14015] RAX: ffffffffffffffda RBX: 00007fde6ffe6090 RCX: 00007fde6fd8f749
[ 1078.860405][T14015] RDX: 00002000000003c0 RSI: 0000000040946400 RDI: 0000000000000004
[ 1078.868372][T14015] RBP: 00007fde70c68090 R08: 0000000000000000 R09: 0000000000000000
[ 1078.876336][T14015] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1078.884296][T14015] R13: 00007fde6ffe6128 R14: 00007fde6ffe6090 R15: 00007ffddcfcba58
[ 1078.892277][T14015]  </TASK>
[ 1078.913752][T14015] comedi comedi3: dt2801: I/O port conflict (0x4f23,2)
[ 1079.817036][T14017] gfs2: gfs2 mount does not exist
[ 1080.342518][T14031] loop1: detected capacity change from 0 to 128
[ 1080.368515][T14031] VFS: Found a Xenix FS (block size = 512) on device loop1
[ 1080.392808][T14031] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1080.593348][T14031] sysv_count_free_inodes: unable to read inode table
[ 1080.693144][ T5762] sysv_free_block: trying to free block not in datazone
[ 1080.726961][ T5762] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1084.074195][T14063] FAULT_INJECTION: forcing a failure.
[ 1084.074195][T14063] name failslab, interval 1, probability 0, space 0, times 0
[ 1084.095393][T14063] CPU: 1 PID: 14063 Comm: syz.4.2376 Not tainted syzkaller #0
[ 1084.102900][T14063] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1084.112969][T14063] Call Trace:
[ 1084.116253][T14063]  <TASK>
[ 1084.119182][T14063]  dump_stack_lvl+0x16c/0x230
[ 1084.123860][T14063]  ? show_regs_print_info+0x20/0x20
[ 1084.129060][T14063]  ? load_image+0x3b0/0x3b0
[ 1084.133562][T14063]  ? __might_sleep+0xe0/0xe0
[ 1084.138154][T14063]  ? __lock_acquire+0x7c80/0x7c80
[ 1084.143170][T14063]  ? _copy_from_iter+0x8c0/0x1290
[ 1084.148190][T14063]  should_fail_ex+0x39d/0x4d0
[ 1084.152862][T14063]  should_failslab+0x9/0x20
[ 1084.157362][T14063]  slab_pre_alloc_hook+0x59/0x310
[ 1084.162386][T14063]  kmem_cache_alloc_node+0x60/0x330
[ 1084.167584][T14063]  ? __alloc_skb+0x108/0x2c0
[ 1084.172170][T14063]  __alloc_skb+0x108/0x2c0
[ 1084.176587][T14063]  alloc_skb_with_frags+0xca/0x7c0
[ 1084.181707][T14063]  ? is_bpf_text_address+0x26/0x2a0
[ 1084.186900][T14063]  ? __lock_acquire+0x7c80/0x7c80
[ 1084.191928][T14063]  tcp_send_rcvq+0x13f/0x510
[ 1084.196522][T14063]  ? tcp_sack_compress_send_ack+0x1c0/0x1c0
[ 1084.202412][T14063]  ? tcp_rate_check_app_limited+0x1ab/0x350
[ 1084.208305][T14063]  tcp_sendmsg_locked+0x46fa/0x4af0
[ 1084.213504][T14063]  ? __kernel_text_address+0xd/0x30
[ 1084.218699][T14063]  ? stack_trace_save+0xe0/0xe0
[ 1084.223544][T14063]  ? arch_stack_walk+0x160/0x190
[ 1084.228485][T14063]  ? stack_trace_save+0x9c/0xe0
[ 1084.233332][T14063]  ? __stack_depot_save+0x1f/0x630
[ 1084.238441][T14063]  ? kasan_set_track+0x5f/0x70
[ 1084.243197][T14063]  ? kasan_set_track+0x4e/0x70
[ 1084.247951][T14063]  ? kasan_save_free_info+0x2e/0x50
[ 1084.253143][T14063]  ? ____kasan_slab_free+0x126/0x1e0
[ 1084.258416][T14063]  ? slab_free_freelist_hook+0x130/0x1b0
[ 1084.264040][T14063]  ? tls_tx_records+0x228/0x5b0
[ 1084.268892][T14063]  ? tls_push_record+0x20e5/0x37a0
[ 1084.273995][T14063]  ? bpf_exec_tx_verdict+0xefc/0x15e0
[ 1084.279361][T14063]  ? tls_sw_sendmsg+0x1c40/0x2790
[ 1084.284378][T14063]  ? sock_write_iter+0x2bb/0x3f0
[ 1084.289311][T14063]  ? do_writev+0x252/0x410
[ 1084.293723][T14063]  ? do_syscall_64+0x55/0xb0
[ 1084.298305][T14063]  ? entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1084.304366][T14063]  ? tcp_set_state+0x650/0x650
[ 1084.309134][T14063]  ? __asan_memset+0x22/0x40
[ 1084.313720][T14063]  ? iov_iter_bvec+0xd4/0x1b0
[ 1084.318398][T14063]  tls_push_sg+0x243/0x770
[ 1084.322826][T14063]  ? wait_on_pending_writer+0x510/0x510
[ 1084.328370][T14063]  ? lockdep_hardirqs_on+0x98/0x150
[ 1084.333574][T14063]  ? __asan_memset+0x22/0x40
[ 1084.338158][T14063]  ? tls_tx_records+0x228/0x5b0
[ 1084.343007][T14063]  ? __kmem_cache_free+0xba/0x1f0
[ 1084.348036][T14063]  tls_tx_records+0x36f/0x5b0
[ 1084.352718][T14063]  tls_push_record+0x20e5/0x37a0
[ 1084.357666][T14063]  ? _compound_head+0x120/0x120
[ 1084.362505][T14063]  ? internal_get_user_pages_fast+0x1fa2/0x2730
[ 1084.368745][T14063]  ? tls_sw_recvmsg+0x1890/0x1890
[ 1084.373768][T14063]  ? internal_get_user_pages_fast+0x210e/0x2730
[ 1084.380005][T14063]  bpf_exec_tx_verdict+0xefc/0x15e0
[ 1084.385222][T14063]  ? tls_sw_splice_eof+0x460/0x460
[ 1084.390394][T14063]  tls_sw_sendmsg+0x1c40/0x2790
[ 1084.395270][T14063]  ? tls_tx_records+0x5b0/0x5b0
[ 1084.400124][T14063]  ? aa_af_perm+0x2b0/0x2b0
[ 1084.404972][T14063]  ? tomoyo_socket_sendmsg_permission+0x1e1/0x2f0
[ 1084.411385][T14063]  ? sock_rps_record_flow+0x19/0x400
[ 1084.416671][T14063]  ? inet_getname+0x397/0x3c0
[ 1084.421344][T14063]  ? inet6_sendmsg+0x5f/0xd0
[ 1084.425925][T14063]  sock_write_iter+0x2bb/0x3f0
[ 1084.430690][T14063]  ? sock_read_iter+0x3b0/0x3b0
[ 1084.435543][T14063]  ? common_file_perm+0x198/0x1f0
[ 1084.440578][T14063]  do_iter_write+0x79a/0xc70
[ 1084.445183][T14063]  ? __asan_memset+0x22/0x40
[ 1084.449765][T14063]  ? vfs_iter_write+0xa0/0xa0
[ 1084.454433][T14063]  ? __import_iovec+0x5f2/0x860
[ 1084.459284][T14063]  ? import_iovec+0x73/0xa0
[ 1084.463784][T14063]  do_writev+0x252/0x410
[ 1084.468024][T14063]  ? do_readv+0x3e0/0x3e0
[ 1084.472359][T14063]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1084.478419][T14063]  ? lock_chain_count+0x20/0x20
[ 1084.483263][T14063]  ? lockdep_hardirqs_on+0x98/0x150
[ 1084.488456][T14063]  do_syscall_64+0x55/0xb0
[ 1084.492862][T14063]  ? clear_bhb_loop+0x40/0x90
[ 1084.497545][T14063]  ? clear_bhb_loop+0x40/0x90
[ 1084.502368][T14063]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1084.508273][T14063] RIP: 0033:0x7fde6fd8f749
[ 1084.512683][T14063] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1084.532301][T14063] RSP: 002b:00007fde70c89038 EFLAGS: 00000246 ORIG_RAX: 0000000000000014
[ 1084.540720][T14063] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8f749
[ 1084.548685][T14063] RDX: 0000000000000001 RSI: 0000200000000240 RDI: 0000000000000003
[ 1084.556647][T14063] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[ 1084.564615][T14063] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1084.572578][T14063] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[ 1084.580578][T14063]  </TASK>
[ 1084.977617][T14070] loop3: detected capacity change from 0 to 8
[ 1085.169239][T14070] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1085.177447][T14070] SQUASHFS error: Failed to read block 0x108: -5
[ 1085.183962][T14070] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1085.191498][T14070] SQUASHFS error: Unable to read inode 0x11f
[ 1088.363785][T14083] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1088.370671][T14083] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1088.377479][T14083] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1088.384392][T14083] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1088.391795][T14083] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1089.717209][T14091] sp0: Synchronizing with TNC
[ 1090.399897][T14088] [U] è
[ 1094.841752][T11829] Bluetooth: hci0: command 0x0406 tx timeout
[ 1094.931762][T14121] loop4: detected capacity change from 0 to 256
[ 1094.959542][T14121] FAT-fs (loop4): Unrecognized mount option "uni_xlate}0" or missing value
[ 1095.777950][ T5846] usb 1-1: new high-speed USB device number 30 using dummy_hcd
[ 1095.981802][ T5846] usb 1-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[ 1096.001519][ T5846] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1096.038304][ T5846] usb 1-1: Product: syz
[ 1096.042516][ T5846] usb 1-1: Manufacturer: syz
[ 1096.047126][ T5846] usb 1-1: SerialNumber: syz
[ 1096.089262][ T5846] usb 1-1: config 0 descriptor??
[ 1096.113524][ T5846] gspca_main: sunplus-2.14.0 probing 055f:c230
[ 1096.418203][ T5846] gspca_sunplus: reg_r err -71
[ 1096.423593][ T5846] sunplus: probe of 1-1:0.0 failed with error -71
[ 1096.458107][ T5846] usb 1-1: USB disconnect, device number 30
[ 1096.830594][T14136] loop4: detected capacity change from 0 to 256
[ 1096.922412][T14136] FAT-fs (loop4): Directory bread(block 64) failed
[ 1096.938592][T14136] FAT-fs (loop4): Directory bread(block 65) failed
[ 1096.958019][T14136] FAT-fs (loop4): Directory bread(block 66) failed
[ 1096.964609][T14136] FAT-fs (loop4): Directory bread(block 67) failed
[ 1097.002183][T14136] FAT-fs (loop4): Directory bread(block 68) failed
[ 1097.008881][T14136] FAT-fs (loop4): Directory bread(block 69) failed
[ 1097.015516][T14136] FAT-fs (loop4): Directory bread(block 70) failed
[ 1097.022124][T14136] FAT-fs (loop4): Directory bread(block 71) failed
[ 1097.029410][T14136] FAT-fs (loop4): Directory bread(block 72) failed
[ 1097.035976][T14136] FAT-fs (loop4): Directory bread(block 73) failed
[ 1097.086786][T14141] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2395'.
[ 1097.107697][T14142] Invalid option length (57448) for dns_resolver key
[ 1097.661450][T14144] loop0: detected capacity change from 0 to 16
[ 1097.689303][T14144] MTD: Attempt to mount non-MTD device "/dev/loop0"
[ 1097.964763][T14149] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2394'.
[ 1099.364949][T14163] loop1: detected capacity change from 0 to 128
[ 1099.425127][T14163] VFS: Found a Xenix FS (block size = 512) on device loop1
[ 1099.478001][T14163] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1099.730507][T14163] sysv_count_free_inodes: unable to read inode table
[ 1100.555174][ T5762] sysv_free_block: trying to free block not in datazone
[ 1100.576219][ T5762] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1100.679351][T14175] loop1: detected capacity change from 0 to 256
[ 1100.686682][T14175] FAT-fs (loop1): Unrecognized mount option "uni_xlate}0" or missing value
[ 1102.511686][T14183] loop3: detected capacity change from 0 to 256
[ 1102.556007][T14183] FAT-fs (loop3): Directory bread(block 64) failed
[ 1102.573004][T14183] FAT-fs (loop3): Directory bread(block 65) failed
[ 1102.583238][T14183] FAT-fs (loop3): Directory bread(block 66) failed
[ 1102.597839][T14183] FAT-fs (loop3): Directory bread(block 67) failed
[ 1102.614841][T14183] FAT-fs (loop3): Directory bread(block 68) failed
[ 1102.624907][T14183] FAT-fs (loop3): Directory bread(block 69) failed
[ 1102.637948][T14183] FAT-fs (loop3): Directory bread(block 70) failed
[ 1102.644509][T14183] FAT-fs (loop3): Directory bread(block 71) failed
[ 1102.668250][T14183] FAT-fs (loop3): Directory bread(block 72) failed
[ 1102.687934][T14183] FAT-fs (loop3): Directory bread(block 73) failed
[ 1103.076241][T14187] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2407'.
[ 1103.783560][T14189] netdevsim netdevsim3 netdevsim0: entered promiscuous mode
[ 1104.145575][T14196] loop0: detected capacity change from 0 to 128
[ 1104.156344][T14196] VFS: Found a Xenix FS (block size = 512) on device loop0
[ 1104.160719][T14200] FAULT_INJECTION: forcing a failure.
[ 1104.160719][T14200] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1104.165975][T14196] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1104.189996][T14200] CPU: 0 PID: 14200 Comm: syz.4.2411 Not tainted syzkaller #0
[ 1104.197511][T14200] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1104.207592][T14200] Call Trace:
[ 1104.210889][T14200]  <TASK>
[ 1104.213833][T14200]  dump_stack_lvl+0x16c/0x230
[ 1104.218539][T14200]  ? show_regs_print_info+0x20/0x20
[ 1104.223751][T14200]  ? load_image+0x3b0/0x3b0
[ 1104.228277][T14200]  ? __might_fault+0xaa/0x120
[ 1104.232968][T14200]  ? __lock_acquire+0x7c80/0x7c80
[ 1104.238010][T14200]  should_fail_ex+0x39d/0x4d0
[ 1104.242710][T14200]  _copy_from_iter+0x1d3/0x1290
[ 1104.247578][T14200]  ? slab_post_alloc_hook+0x8a/0x4d0
[ 1104.252885][T14200]  ? __virt_addr_valid+0x18c/0x540
[ 1104.258042][T14200]  ? __lock_acquire+0x7c80/0x7c80
[ 1104.263091][T14200]  ? rcu_is_watching+0x15/0xb0
[ 1104.267878][T14200]  ? copyout_mc+0x70/0x70
[ 1104.272226][T14200]  ? __virt_addr_valid+0x18c/0x540
[ 1104.277357][T14200]  ? __virt_addr_valid+0x18c/0x540
[ 1104.282495][T14200]  ? __virt_addr_valid+0x469/0x540
[ 1104.287630][T14200]  ? __check_object_size+0x506/0xa30
[ 1104.292943][T14200]  netlink_sendmsg+0x75c/0xbe0
[ 1104.297728][T14200]  ? netlink_getsockopt+0x580/0x580
[ 1104.302938][T14200]  ? aa_sock_msg_perm+0x94/0x150
[ 1104.307898][T14200]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1104.313200][T14200]  ? security_socket_sendmsg+0x80/0xa0
[ 1104.318677][T14200]  ? netlink_getsockopt+0x580/0x580
[ 1104.323889][T14200]  ____sys_sendmsg+0x5bf/0x950
[ 1104.328677][T14200]  ? __asan_memset+0x22/0x40
[ 1104.333283][T14200]  ? __sys_sendmsg_sock+0x30/0x30
[ 1104.338319][T14200]  ? __import_iovec+0x5f2/0x860
[ 1104.343286][T14200]  ? import_iovec+0x73/0xa0
[ 1104.347805][T14200]  ___sys_sendmsg+0x220/0x290
[ 1104.352501][T14200]  ? __sys_sendmsg+0x270/0x270
[ 1104.357294][T14200]  ? __lock_acquire+0x7c80/0x7c80
[ 1104.362348][T14200]  __se_sys_sendmsg+0x1a5/0x270
[ 1104.367210][T14200]  ? __x64_sys_sendmsg+0x80/0x80
[ 1104.372155][T14200]  ? lockdep_hardirqs_on+0x98/0x150
[ 1104.377351][T14200]  do_syscall_64+0x55/0xb0
[ 1104.381766][T14200]  ? clear_bhb_loop+0x40/0x90
[ 1104.386439][T14200]  ? clear_bhb_loop+0x40/0x90
[ 1104.391124][T14200]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1104.397012][T14200] RIP: 0033:0x7fde6fd8f749
[ 1104.401423][T14200] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1104.421034][T14200] RSP: 002b:00007fde70c89038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1104.429444][T14200] RAX: ffffffffffffffda RBX: 00007fde6ffe5fa0 RCX: 00007fde6fd8f749
[ 1104.437414][T14200] RDX: 0000000024040800 RSI: 0000200000000280 RDI: 0000000000000003
[ 1104.445382][T14200] RBP: 00007fde70c89090 R08: 0000000000000000 R09: 0000000000000000
[ 1104.453346][T14200] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1104.461313][T14200] R13: 00007fde6ffe6038 R14: 00007fde6ffe5fa0 R15: 00007ffddcfcba58
[ 1104.469285][T14200]  </TASK>
[ 1104.523069][T14196] sysv_count_free_inodes: unable to read inode table
[ 1104.531694][ T5799] hid (null): unknown global tag 0xe
[ 1104.570958][ T5799] hid-generic 0003:FFFF8001:0005.0009: unknown global tag 0xe
[ 1104.642676][ T5799] hid-generic 0003:FFFF8001:0005.0009: item 0 0 1 14 parsing failed
[ 1105.131789][ T5799] hid-generic: probe of 0003:FFFF8001:0005.0009 failed with error -22
[ 1105.320425][ T5766] sysv_free_block: trying to free block not in datazone
[ 1105.332876][ T5766] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1105.356110][T14213] loop4: detected capacity change from 0 to 256
[ 1105.405016][T14213] FAT-fs (loop4): Directory bread(block 64) failed
[ 1105.422113][T14213] FAT-fs (loop4): Directory bread(block 65) failed
[ 1106.507807][T14217] kthread_run failed with err -4
[ 1106.740521][T14213] FAT-fs (loop4): Directory bread(block 66) failed
[ 1106.747211][T14213] FAT-fs (loop4): Directory bread(block 67) failed
[ 1106.754216][T14213] FAT-fs (loop4): Directory bread(block 68) failed
[ 1106.759450][T14216] FAULT_INJECTION: forcing a failure.
[ 1106.759450][T14216] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1106.760872][T14213] FAT-fs (loop4): Directory bread(block 69) failed
[ 1106.780606][T14216] CPU: 1 PID: 14216 Comm: syz.0.2417 Not tainted syzkaller #0
[ 1106.780629][T14216] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1106.780638][T14216] Call Trace:
[ 1106.780645][T14216]  <TASK>
[ 1106.780653][T14216]  dump_stack_lvl+0x16c/0x230
[ 1106.780678][T14216]  ? show_regs_print_info+0x20/0x20
[ 1106.780693][T14216]  ? load_image+0x3b0/0x3b0
[ 1106.780714][T14216]  ? __might_fault+0xaa/0x120
[ 1106.780732][T14216]  ? __lock_acquire+0x7c80/0x7c80
[ 1106.780753][T14216]  should_fail_ex+0x39d/0x4d0
[ 1106.780779][T14216]  _copy_from_iter+0x1d3/0x1290
[ 1106.780801][T14216]  ? slab_post_alloc_hook+0x8a/0x4d0
[ 1106.780823][T14216]  ? __virt_addr_valid+0x18c/0x540
[ 1106.780844][T14216]  ? __lock_acquire+0x7c80/0x7c80
[ 1106.817920][T14213] FAT-fs (loop4): Directory bread(block 70) failed
[ 1106.818950][T14216]  ? rcu_is_watching+0x15/0xb0
[ 1106.818981][T14216]  ? copyout_mc+0x70/0x70
[ 1106.819000][T14216]  ? __virt_addr_valid+0x18c/0x540
[ 1106.819022][T14216]  ? __virt_addr_valid+0x18c/0x540
[ 1106.819038][T14216]  ? __virt_addr_valid+0x469/0x540
[ 1106.819060][T14216]  ? __check_object_size+0x506/0xa30
[ 1106.819088][T14216]  netlink_sendmsg+0x75c/0xbe0
[ 1106.819113][T14216]  ? netlink_getsockopt+0x580/0x580
[ 1106.819133][T14216]  ? aa_sock_msg_perm+0x94/0x150
[ 1106.819153][T14216]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1106.819170][T14216]  ? security_socket_sendmsg+0x80/0xa0
[ 1106.819186][T14216]  ? netlink_getsockopt+0x580/0x580
[ 1106.819200][T14216]  ____sys_sendmsg+0x5bf/0x950
[ 1106.819230][T14216]  ? __asan_memset+0x22/0x40
[ 1106.824409][T14213] FAT-fs (loop4): Directory bread(block 71) failed
[ 1106.828895][T14216]  ? __sys_sendmsg_sock+0x30/0x30
[ 1106.828916][T14216]  ? __import_iovec+0x5f2/0x860
[ 1106.828944][T14216]  ? import_iovec+0x73/0xa0
[ 1106.828968][T14216]  ___sys_sendmsg+0x220/0x290
[ 1106.828986][T14216]  ? __sys_sendmsg+0x270/0x270
[ 1106.829018][T14216]  ? __lock_acquire+0x7c80/0x7c80
[ 1106.842379][T14213] FAT-fs (loop4): Directory bread(block 72) failed
[ 1106.843776][T14216]  __se_sys_sendmsg+0x1a5/0x270
[ 1106.976393][T14216]  ? __x64_sys_sendmsg+0x80/0x80
[ 1106.981344][T14216]  ? lockdep_hardirqs_on+0x98/0x150
[ 1106.986540][T14216]  do_syscall_64+0x55/0xb0
[ 1106.990951][T14216]  ? clear_bhb_loop+0x40/0x90
[ 1106.995622][T14216]  ? clear_bhb_loop+0x40/0x90
[ 1107.000295][T14216]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1107.006180][T14216] RIP: 0033:0x7f81f858f749
[ 1107.010594][T14216] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1107.030203][T14216] RSP: 002b:00007f81f9384038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1107.038616][T14216] RAX: ffffffffffffffda RBX: 00007f81f87e5fa0 RCX: 00007f81f858f749
[ 1107.046580][T14216] RDX: 0000000024040800 RSI: 0000200000000280 RDI: 0000000000000003
[ 1107.054545][T14216] RBP: 00007f81f9384090 R08: 0000000000000000 R09: 0000000000000000
[ 1107.062511][T14216] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1107.070476][T14216] R13: 00007f81f87e6038 R14: 00007f81f87e5fa0 R15: 00007ffcb879b7a8
[ 1107.078453][T14216]  </TASK>
[ 1107.088361][T14213] FAT-fs (loop4): Directory bread(block 73) failed
[ 1107.150900][T14222] loop0: detected capacity change from 0 to 256
[ 1107.159605][T14222] FAT-fs (loop0): Unrecognized mount option "uni_xlate}0" or missing value
[ 1107.496013][T14224] netlink: 12 bytes leftover after parsing attributes in process `syz.4.2416'.
[ 1108.285293][T14228] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1108.364506][T14231] loop3: detected capacity change from 0 to 1024
[ 1108.372185][T14231] hfsplus: unable to parse mount options
[ 1110.715572][T14244] loop1: detected capacity change from 0 to 2048
[ 1110.783062][T14244] NILFS (loop1): broken superblock, retrying with spare superblock (blocksize = 1024)
[ 1110.808699][T14244] NILFS (loop1): segment count 8142508126285856831 exceeds upper limit (1152921504606846975 segments)
[ 1110.969512][T14253] netdevsim netdevsim0 netdevsim0: entered promiscuous mode
[ 1113.897078][T14265] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1113.903921][T14265] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1113.910707][T14265] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1113.917324][T14265] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1113.924122][T14265] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1115.204197][T14264] loop1: detected capacity change from 0 to 32768
[ 1115.234265][T14264] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1115.262118][T14264] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[ 1115.283769][T14264] BTRFS info (device loop1): doing ref verification
[ 1115.297980][T14264] BTRFS info (device loop1): allowing degraded mounts
[ 1115.304804][T14264] BTRFS info (device loop1): using free space tree
[ 1115.514778][T14289] loop3: detected capacity change from 0 to 256
[ 1115.551520][T14289] FAT-fs (loop3): Unrecognized mount option "uni_xlate}0" or missing value
[ 1115.822580][T14264] BTRFS info (device loop1): enabling ssd optimizations
[ 1115.950545][T14264] BTRFS info (device loop1): auto enabling async discard
[ 1116.192197][ T1290] ieee802154 phy0 wpan0: encryption failed: -22
[ 1116.330336][ T5762] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[ 1116.702959][T14301] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1117.275550][T14303] sp0: Synchronizing with TNC
[ 1117.967899][T14300] [U] è
[ 1118.276032][T14308] binder: 14307:14308 ioctl 4018620d 0 returned -22
[ 1120.287575][T14312] loop4: detected capacity change from 0 to 1024
[ 1120.315125][T14312] EXT4-fs: Ignoring removed nobh option
[ 1120.325379][T14312] EXT4-fs: inline encryption not supported
[ 1120.339390][T14312] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[ 1120.389361][T14312] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[ 1120.689146][ T6257] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1122.890132][T14350] loop4: detected capacity change from 0 to 256
[ 1122.928568][T14350] FAT-fs (loop4): Unrecognized mount option "uni_xlate}0" or missing value
[ 1123.067944][T14352] binder: 14351:14352 ioctl 4018620d 0 returned -22
[ 1125.254002][T14360] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1127.550834][T14376] netlink: 'syz.1.2453': attribute type 4 has an invalid length.
[ 1127.621087][   T28] audit: type=1326 audit(2000000236.930:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14373 comm="syz.1.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc74d8f749 code=0x7ffc0000
[ 1127.661567][   T28] audit: type=1326 audit(2000000236.930:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14373 comm="syz.1.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fdc74d8f749 code=0x7ffc0000
[ 1127.684160][   T28] audit: type=1326 audit(2000000236.930:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14373 comm="syz.1.2453" exe="/root/syz-executor" sig=0 arch=c000003e syscall=317 compat=0 ip=0x7fdc74d8f749 code=0x7ffc0000
[ 1127.706687][   T28] audit: type=1326 audit(2000000236.930:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14373 comm="syz.1.2453" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdc74d8f749 code=0x0
[ 1127.731005][T14377] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2453'.
[ 1127.764460][T14377] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2453'.
[ 1127.779709][T14362] loop3: detected capacity change from 0 to 32768
[ 1127.828100][T14362] XFS (loop3): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1127.958751][T14362] XFS (loop3): Ending clean mount
[ 1127.991344][T14362] XFS (loop3): Quotacheck needed: Please wait.
[ 1128.111009][T14394] FAULT_INJECTION: forcing a failure.
[ 1128.111009][T14394] name failslab, interval 1, probability 0, space 0, times 0
[ 1128.142164][T14394] CPU: 0 PID: 14394 Comm: syz.1.2459 Not tainted syzkaller #0
[ 1128.149686][T14394] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1128.159927][T14394] Call Trace:
[ 1128.163199][T14394]  <TASK>
[ 1128.166129][T14394]  dump_stack_lvl+0x16c/0x230
[ 1128.170829][T14394]  ? show_regs_print_info+0x20/0x20
[ 1128.176028][T14394]  ? load_image+0x3b0/0x3b0
[ 1128.180531][T14394]  ? __lock_acquire+0x7c80/0x7c80
[ 1128.185811][T14394]  ? __local_bh_enable_ip+0x12e/0x1c0
[ 1128.191179][T14394]  ? _local_bh_enable+0xa0/0xa0
[ 1128.196026][T14394]  should_fail_ex+0x39d/0x4d0
[ 1128.200715][T14394]  should_failslab+0x9/0x20
[ 1128.205219][T14394]  slab_pre_alloc_hook+0x59/0x310
[ 1128.210243][T14394]  ? ____sys_sendmsg+0x735/0x950
[ 1128.215208][T14394]  ? io_alloc_async_data+0xb7/0x1c0
[ 1128.220405][T14394]  ? io_alloc_async_data+0xb7/0x1c0
[ 1128.225614][T14394]  __kmem_cache_alloc_node+0x53/0x260
[ 1128.230993][T14394]  ? io_alloc_async_data+0xb7/0x1c0
[ 1128.236188][T14394]  __kmalloc+0xa4/0x240
[ 1128.240383][T14394]  io_alloc_async_data+0xb7/0x1c0
[ 1128.245415][T14394]  io_setup_async_msg+0x20c/0x550
[ 1128.250442][T14394]  io_sendmsg_zc+0x82d/0xcc0
[ 1128.255032][T14394]  ? io_sg_from_iter_iovec+0xf0/0xf0
[ 1128.260333][T14394]  ? io_sg_from_iter+0xb00/0xb00
[ 1128.265269][T14394]  ? __fget_files+0x44a/0x4d0
[ 1128.269947][T14394]  ? rcu_is_watching+0x15/0xb0
[ 1128.274708][T14394]  ? io_file_get_normal+0xe0/0x300
[ 1128.279828][T14394]  io_issue_sqe+0x2c5/0xc90
[ 1128.284339][T14394]  io_submit_sqes+0xa8a/0x1d00
[ 1128.289120][T14394]  __se_sys_io_uring_enter+0x2de/0x22e0
[ 1128.294685][T14394]  ? ksys_write+0x1c1/0x250
[ 1128.299185][T14394]  ? __lock_acquire+0x7c80/0x7c80
[ 1128.304298][T14394]  ? file_end_write+0x159/0x250
[ 1128.309147][T14394]  ? vfs_write+0x586/0x940
[ 1128.313562][T14394]  ? __x64_sys_io_uring_enter+0xf0/0xf0
[ 1128.319114][T14394]  ? mutex_unlock+0x10/0x10
[ 1128.323611][T14394]  ? __fget_files+0x44a/0x4d0
[ 1128.328298][T14394]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[ 1128.334276][T14394]  ? lock_chain_count+0x20/0x20
[ 1128.339126][T14394]  ? __x64_sys_io_uring_enter+0x21/0xf0
[ 1128.344673][T14394]  do_syscall_64+0x55/0xb0
[ 1128.349083][T14394]  ? clear_bhb_loop+0x40/0x90
[ 1128.353756][T14394]  ? clear_bhb_loop+0x40/0x90
[ 1128.358429][T14394]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1128.364321][T14394] RIP: 0033:0x7fdc74d8f749
[ 1128.368733][T14394] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1128.388341][T14394] RSP: 002b:00007fdc75b63038 EFLAGS: 00000246 ORIG_RAX: 00000000000001aa
[ 1128.396836][T14394] RAX: ffffffffffffffda RBX: 00007fdc74fe6090 RCX: 00007fdc74d8f749
[ 1128.404804][T14394] RDX: 0000000000007721 RSI: 0000000000002219 RDI: 0000000000000000
[ 1128.412774][T14394] RBP: 00007fdc75b63090 R08: 0000000000000000 R09: 0000000000000000
[ 1128.420739][T14394] R10: 0000000000000016 R11: 0000000000000246 R12: 0000000000000001
[ 1128.428793][T14394] R13: 00007fdc74fe6128 R14: 00007fdc74fe6090 R15: 00007ffd726431a8
[ 1128.436777][T14394]  </TASK>
[ 1128.452523][T14362] XFS (loop3): Quotacheck: Done.
[ 1128.492504][   T28] audit: type=1800 audit(2000000237.820:212): pid=14362 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2452" name="bus" dev="loop3" ino=4428 res=0 errno=0
[ 1128.765767][T12592] XFS (loop3): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[ 1128.838283][T14379] loop0: detected capacity change from 0 to 32768
[ 1128.936468][T14379] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[ 1129.163919][T14403] binder: 14402:14403 ioctl 4018620d 0 returned -22
[ 1131.068409][ T5766] ocfs2: Unmounting device (7,0) on (node local)
[ 1131.162351][ T5761] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[ 1131.178230][ T5761] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[ 1131.187539][ T5761] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[ 1131.199275][ T5761] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[ 1131.207662][ T5761] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[ 1131.216900][ T5761] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[ 1131.488004][   T12] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1131.511879][T14412] loop0: detected capacity change from 0 to 256
[ 1131.539387][T14412] FAT-fs (loop0): Unrecognized mount option "uni_xlate}0" or missing value
[ 1131.858084][   T12] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.191372][   T12] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1132.411942][T14423] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1132.939861][   T12] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[ 1133.695286][T14431] sp0: Synchronizing with TNC
[ 1134.398086][T11829] Bluetooth: hci1: command tx timeout
[ 1134.443192][T14425] [U] è
[ 1134.517003][T14407] chnl_net:caif_netlink_parms(): no params data found
[ 1134.616787][T14436] loop0: detected capacity change from 0 to 128
[ 1134.653536][T14436] VFS: Found a Xenix FS (block size = 512) on device loop0
[ 1134.697188][   T12] tipc: Left network mode
[ 1134.706706][T14436] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1134.793896][T14436] sysv_count_free_inodes: unable to read inode table
[ 1135.002755][T14407] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1135.015600][T14407] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1135.025402][T14407] bridge_slave_0: entered allmulticast mode
[ 1135.042297][T14407] bridge_slave_0: entered promiscuous mode
[ 1135.086948][T14407] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1135.101045][T14407] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1135.110915][T14407] bridge_slave_1: entered allmulticast mode
[ 1135.122359][T14407] bridge_slave_1: entered promiscuous mode
[ 1135.774113][T14451] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1135.780949][T14451] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1135.787585][T14451] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1135.794449][T14451] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1135.801912][T14451] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1136.493263][T11829] Bluetooth: hci1: command tx timeout
[ 1136.505597][T14407] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[ 1136.526789][T14407] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[ 1136.591937][ T5766] sysv_free_block: trying to free block not in datazone
[ 1136.612822][ T5766] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1136.673122][T14407] team0: Port device team_slave_0 added
[ 1136.687045][T14407] team0: Port device team_slave_1 added
[ 1137.840012][   T12] erspan0 (unregistering): left promiscuous mode
[ 1138.558392][T11829] Bluetooth: hci1: command tx timeout
[ 1139.463639][T14407] batman_adv: batadv0: Adding interface: batadv_slave_0
[ 1139.478273][T14407] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1139.536241][T14407] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[ 1139.630173][T14407] batman_adv: batadv0: Adding interface: batadv_slave_1
[ 1139.647621][T14407] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[ 1139.720249][T14407] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[ 1139.865647][T14463] FAULT_INJECTION: forcing a failure.
[ 1139.865647][T14463] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1139.885285][T14463] CPU: 0 PID: 14463 Comm: syz.0.2475 Not tainted syzkaller #0
[ 1139.892794][T14463] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1139.902879][T14463] Call Trace:
[ 1139.906177][T14463]  <TASK>
[ 1139.909119][T14463]  dump_stack_lvl+0x16c/0x230
[ 1139.913824][T14463]  ? show_regs_print_info+0x20/0x20
[ 1139.919131][T14463]  ? load_image+0x3b0/0x3b0
[ 1139.923657][T14463]  ? __might_fault+0xaa/0x120
[ 1139.928342][T14463]  ? __lock_acquire+0x7c80/0x7c80
[ 1139.933370][T14463]  should_fail_ex+0x39d/0x4d0
[ 1139.938055][T14463]  _copy_from_iter+0x1d3/0x1290
[ 1139.942897][T14463]  ? slab_post_alloc_hook+0x8a/0x4d0
[ 1139.948176][T14463]  ? __virt_addr_valid+0x18c/0x540
[ 1139.953277][T14463]  ? __lock_acquire+0x7c80/0x7c80
[ 1139.958292][T14463]  ? rcu_is_watching+0x15/0xb0
[ 1139.963065][T14463]  ? copyout_mc+0x70/0x70
[ 1139.967383][T14463]  ? __virt_addr_valid+0x18c/0x540
[ 1139.972486][T14463]  ? __virt_addr_valid+0x18c/0x540
[ 1139.977598][T14463]  ? __virt_addr_valid+0x469/0x540
[ 1139.982697][T14463]  ? __check_object_size+0x506/0xa30
[ 1139.988149][T14463]  netlink_sendmsg+0x75c/0xbe0
[ 1139.992914][T14463]  ? netlink_getsockopt+0x580/0x580
[ 1139.998117][T14463]  ? aa_sock_msg_perm+0x94/0x150
[ 1140.003058][T14463]  ? bpf_lsm_socket_sendmsg+0x9/0x10
[ 1140.008330][T14463]  ? security_socket_sendmsg+0x80/0xa0
[ 1140.013776][T14463]  ? netlink_getsockopt+0x580/0x580
[ 1140.018966][T14463]  ____sys_sendmsg+0x5bf/0x950
[ 1140.023721][T14463]  ? __asan_memset+0x22/0x40
[ 1140.028298][T14463]  ? __sys_sendmsg_sock+0x30/0x30
[ 1140.033308][T14463]  ? __import_iovec+0x5f2/0x860
[ 1140.038153][T14463]  ? import_iovec+0x73/0xa0
[ 1140.042646][T14463]  ___sys_sendmsg+0x220/0x290
[ 1140.047313][T14463]  ? __sys_sendmsg+0x270/0x270
[ 1140.052074][T14463]  ? __lock_acquire+0x7c80/0x7c80
[ 1140.057098][T14463]  __se_sys_sendmsg+0x1a5/0x270
[ 1140.061941][T14463]  ? __x64_sys_sendmsg+0x80/0x80
[ 1140.066902][T14463]  ? lockdep_hardirqs_on+0x98/0x150
[ 1140.072089][T14463]  do_syscall_64+0x55/0xb0
[ 1140.076491][T14463]  ? clear_bhb_loop+0x40/0x90
[ 1140.081175][T14463]  ? clear_bhb_loop+0x40/0x90
[ 1140.085858][T14463]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1140.091740][T14463] RIP: 0033:0x7f81f858f749
[ 1140.096140][T14463] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1140.115744][T14463] RSP: 002b:00007f81f9384038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1140.124152][T14463] RAX: ffffffffffffffda RBX: 00007f81f87e5fa0 RCX: 00007f81f858f749
[ 1140.132115][T14463] RDX: 0000000000000000 RSI: 0000200000000200 RDI: 0000000000000003
[ 1140.140086][T14463] RBP: 00007f81f9384090 R08: 0000000000000000 R09: 0000000000000000
[ 1140.148049][T14463] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1140.156014][T14463] R13: 00007f81f87e6038 R14: 00007f81f87e5fa0 R15: 00007ffcb879b7a8
[ 1140.163990][T14463]  </TASK>
[ 1140.251203][T14466] loop0: detected capacity change from 0 to 128
[ 1140.270226][T14407] hsr_slave_0: entered promiscuous mode
[ 1140.277129][T14407] hsr_slave_1: entered promiscuous mode
[ 1140.291777][T14407] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[ 1140.304342][T14466] VFS: Found a Xenix FS (block size = 512) on device loop0
[ 1140.317106][T14407] Cannot create hsr debugfs directory
[ 1140.392127][T14466] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1140.585322][T14466] sysv_count_free_inodes: unable to read inode table
[ 1140.647840][ T5761] Bluetooth: hci1: command tx timeout
[ 1140.747525][   T12] team0: left promiscuous mode
[ 1140.774434][   T12] hsr_slave_0: left promiscuous mode
[ 1140.800529][   T12] hsr_slave_1: left promiscuous mode
[ 1140.847403][   T12] veth1_macvtap: left promiscuous mode
[ 1140.853227][   T12] veth0_macvtap: left promiscuous mode
[ 1140.859229][   T12] veth1_vlan: left promiscuous mode
[ 1140.865000][   T12] veth0_vlan: left promiscuous mode
[ 1141.226019][ T5766] sysv_free_block: trying to free block not in datazone
[ 1141.234870][ T5766] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1141.323013][   T12] bond1 (unregistering): Released all slaves
[ 1141.875001][T14480] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1141.881879][T14480] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1141.888679][T14480] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1141.895382][T14480] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1141.902207][T14480] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1146.696327][T14502] Falling back ldisc for ttyprintk.
[ 1147.168404][   T12] bond0 (unregistering): Released all slaves
[ 1147.500542][T14483] kthread_run failed with err -4
[ 1147.931798][T14511] loop0: detected capacity change from 0 to 8192
[ 1147.965753][T14511] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[ 1147.985446][T14511] REISERFS (device loop0): found reiserfs format "3.6" with non-standard journal
[ 1147.995201][T14511] REISERFS (device loop0): using ordered data mode
[ 1148.006886][T14511] reiserfs: using flush barriers
[ 1148.014962][T14511] REISERFS (device loop0): journal params: device loop0, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[ 1148.055284][T14511] REISERFS (device loop0): checking transaction log (loop0)
[ 1149.224416][T14519] comedi comedi3: 8255: I/O port conflict (0x5,4)
[ 1149.231300][T14519] comedi comedi3: 8255: I/O port conflict (0x3,4)
[ 1149.238095][T14519] comedi comedi3: 8255: I/O port conflict (0x4,4)
[ 1149.244704][T14519] comedi comedi3: 8255: I/O port conflict (0x1,4)
[ 1149.251450][T14519] comedi comedi3: 8255: I/O port conflict (0xb,4)
[ 1150.074770][T14511] REISERFS (device loop0): Using tea hash to sort names
[ 1150.085271][T14511] REISERFS (device loop0): Created .reiserfs_priv - reserved for xattr storage.
[ 1150.152762][   T12] IPVS: stop unused estimator thread 0...
[ 1150.236785][T14511] REISERFS warning (device loop0): vs-13060 reiserfs_update_sd_size: stat data of object [2 5 0x0 SD] (nlink == 2) not found (pos 4)
[ 1150.320678][T14511] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent
[ 1150.351943][T14407] netdevsim netdevsim1 netdevsim0: renamed from eth0
[ 1150.363538][T14407] netdevsim netdevsim1 netdevsim1: renamed from eth1
[ 1150.375335][T14407] netdevsim netdevsim1 netdevsim2: renamed from eth2
[ 1150.386356][T14407] netdevsim netdevsim1 netdevsim3: renamed from eth3
[ 1150.548305][T14407] 8021q: adding VLAN 0 to HW filter on device bond0
[ 1150.574118][T14407] 8021q: adding VLAN 0 to HW filter on device team0
[ 1150.593442][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[ 1150.600657][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[ 1150.641141][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[ 1150.648363][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[ 1151.647581][T14546] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2494'.
[ 1151.986554][T14407] 8021q: adding VLAN 0 to HW filter on device batadv0
[ 1152.105850][T14407] veth0_vlan: entered promiscuous mode
[ 1152.143623][T14407] veth1_vlan: entered promiscuous mode
[ 1152.232079][T14407] veth0_macvtap: entered promiscuous mode
[ 1152.269926][T14407] veth1_macvtap: entered promiscuous mode
[ 1152.339297][T14407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1152.370769][T14407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.389887][T14407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[ 1152.421248][T14407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.449425][T14407] batman_adv: batadv0: Interface activated: batadv_slave_0
[ 1152.482581][T14407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1152.526434][T14407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.563596][T14407] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[ 1152.604669][T14407] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[ 1152.647646][T14407] batman_adv: batadv0: Interface activated: batadv_slave_1
[ 1152.685816][T14407] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.726595][T14407] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.769903][T14407] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[ 1152.814733][T14407] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[ 1153.244143][ T3463] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1153.277232][ T3463] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1153.399808][ T3463] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[ 1153.438260][ T3463] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[ 1153.618877][T12230] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[ 1154.479391][T14578] loop0: detected capacity change from 0 to 128
[ 1154.684471][T14578] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[ 1154.701776][T14578] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[ 1155.161063][T12230] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[ 1155.165289][T14582] loop3: detected capacity change from 0 to 128
[ 1155.182143][T12230] usb 5-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[ 1155.211383][T12230] usb 5-1: New USB device found, idVendor=0bfd, idProduct=010c, bcdDevice=2d.16
[ 1155.220909][T12230] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1155.235278][T14582] VFS: Found a Xenix FS (block size = 512) on device loop3
[ 1155.246811][T12230] usb 5-1: Product: syz
[ 1155.256029][T12230] usb 5-1: Manufacturer: syz
[ 1155.256831][T14582] sysv_count_free_blocks: free block count was -2041545935, correcting to 3
[ 1155.267765][T12230] usb 5-1: SerialNumber: syz
[ 1155.287655][T12230] usb 5-1: config 0 descriptor??
[ 1155.295065][T12230] kvaser_usb 5-1:0.0: Cannot get usb endpoint(s)
[ 1155.322333][T14582] sysv_count_free_inodes: unable to read inode table
[ 1155.357556][T12592] sysv_free_block: trying to free block not in datazone
[ 1155.366636][T12592] sysv_free_inode: inode 0,1,2 or nonexistent inode
[ 1155.514161][T14561] iommufd_mock iommufd_mock1: Adding to iommu group 0
[ 1155.757806][ T5847] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[ 1155.806927][ T5799] usb 5-1: USB disconnect, device number 27
[ 1155.951596][ T5847] usb 4-1: Using ep0 maxpacket: 16
[ 1155.969231][ T5847] usb 4-1: config 188 has too many interfaces: 219, using maximum allowed: 32
[ 1155.987808][ T5847] usb 4-1: config 188 has an invalid interface descriptor of length 5, skipping
[ 1155.996883][ T5847] usb 4-1: config 188 has an invalid descriptor of length 161, skipping remainder of the config
[ 1156.027801][ T5847] usb 4-1: config 188 has 0 interfaces, different from the descriptor's value: 219
[ 1156.061078][ T5847] usb 4-1: New USB device found, idVendor=061c, idProduct=c0a4, bcdDevice=b4.21
[ 1156.091684][ T5847] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1156.111699][ T5847] usb 4-1: Product: syz
[ 1156.115913][ T5847] usb 4-1: Manufacturer: syz
[ 1156.137779][ T5847] usb 4-1: SerialNumber: syz
[ 1156.388152][ T5847] usb 4-1: USB disconnect, device number 3
[ 1157.239321][T14604] FAULT_INJECTION: forcing a failure.
[ 1157.239321][T14604] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1157.267193][T14604] CPU: 1 PID: 14604 Comm: syz.1.2510 Not tainted syzkaller #0
[ 1157.274704][T14604] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1157.284785][T14604] Call Trace:
[ 1157.288091][T14604]  <TASK>
[ 1157.291030][T14604]  dump_stack_lvl+0x16c/0x230
[ 1157.295726][T14604]  ? show_regs_print_info+0x20/0x20
[ 1157.300937][T14604]  ? load_image+0x3b0/0x3b0
[ 1157.305466][T14604]  ? __might_fault+0xaa/0x120
[ 1157.310156][T14604]  ? __lock_acquire+0x7c80/0x7c80
[ 1157.315213][T14604]  should_fail_ex+0x39d/0x4d0
[ 1157.319922][T14604]  _copy_from_user+0x2f/0xe0
[ 1157.324534][T14604]  ___sys_sendmsg+0x159/0x290
[ 1157.329235][T14604]  ? __sys_sendmsg+0x270/0x270
[ 1157.334029][T14604]  ? __lock_acquire+0x7c80/0x7c80
[ 1157.339090][T14604]  __se_sys_sendmsg+0x1a5/0x270
[ 1157.343967][T14604]  ? __x64_sys_sendmsg+0x80/0x80
[ 1157.348939][T14604]  ? lockdep_hardirqs_on+0x98/0x150
[ 1157.354158][T14604]  do_syscall_64+0x55/0xb0
[ 1157.358595][T14604]  ? clear_bhb_loop+0x40/0x90
[ 1157.363273][T14604]  ? clear_bhb_loop+0x40/0x90
[ 1157.367957][T14604]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1157.373849][T14604] RIP: 0033:0x7f296478f749
[ 1157.378256][T14604] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1157.397857][T14604] RSP: 002b:00007f2965585038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1157.406267][T14604] RAX: ffffffffffffffda RBX: 00007f29649e5fa0 RCX: 00007f296478f749
[ 1157.414231][T14604] RDX: 0000000000000010 RSI: 00002000000000c0 RDI: 0000000000000003
[ 1157.422196][T14604] RBP: 00007f2965585090 R08: 0000000000000000 R09: 0000000000000000
[ 1157.430159][T14604] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1157.438127][T14604] R13: 00007f29649e6038 R14: 00007f29649e5fa0 R15: 00007ffd35b41568
[ 1157.446109][T14604]  </TASK>
[ 1157.513968][T14612] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2513'.
[ 1157.623712][T14612] netlink: 28 bytes leftover after parsing attributes in process `syz.0.2513'.
[ 1157.742942][T14612] team0: entered promiscuous mode
[ 1157.753790][T14612] team0: left promiscuous mode
[ 1157.933584][T14623] loop3: detected capacity change from 0 to 8
[ 1158.055907][T14623] SQUASHFS error: xz decompression failed, data probably corrupt
[ 1158.063801][T14623] SQUASHFS error: Failed to read block 0x108: -5
[ 1158.070331][T14623] SQUASHFS error: Unable to read metadata cache entry [106]
[ 1158.077656][T14623] SQUASHFS error: Unable to read inode 0x11f
[ 1159.198751][T14626] FAULT_INJECTION: forcing a failure.
[ 1159.198751][T14626] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1159.211912][T14626] CPU: 1 PID: 14626 Comm: syz.0.2517 Not tainted syzkaller #0
[ 1159.219371][T14626] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1159.229419][T14626] Call Trace:
[ 1159.232690][T14626]  <TASK>
[ 1159.235611][T14626]  dump_stack_lvl+0x16c/0x230
[ 1159.240297][T14626]  ? show_regs_print_info+0x20/0x20
[ 1159.245494][T14626]  ? load_image+0x3b0/0x3b0
[ 1159.250017][T14626]  ? __lock_acquire+0x7c80/0x7c80
[ 1159.255129][T14626]  ? snprintf+0xdb/0x120
[ 1159.259374][T14626]  should_fail_ex+0x39d/0x4d0
[ 1159.264053][T14626]  _copy_to_user+0x2f/0xa0
[ 1159.268460][T14626]  simple_read_from_buffer+0xe7/0x150
[ 1159.273829][T14626]  proc_fail_nth_read+0x1e3/0x250
[ 1159.278851][T14626]  ? proc_fault_inject_write+0x340/0x340
[ 1159.284480][T14626]  ? fsnotify_perm+0x271/0x5e0
[ 1159.289249][T14626]  ? proc_fault_inject_write+0x340/0x340
[ 1159.294877][T14626]  vfs_read+0x27e/0x920
[ 1159.299027][T14626]  ? kernel_read+0x1e0/0x1e0
[ 1159.303614][T14626]  ? __fget_files+0x28/0x4d0
[ 1159.308201][T14626]  ? __fget_files+0x44a/0x4d0
[ 1159.312886][T14626]  ? __fdget_pos+0x2a3/0x330
[ 1159.317462][T14626]  ? ksys_read+0x75/0x250
[ 1159.321781][T14626]  ksys_read+0x147/0x250
[ 1159.326013][T14626]  ? vfs_write+0x940/0x940
[ 1159.330423][T14626]  ? lockdep_hardirqs_on+0x98/0x150
[ 1159.335609][T14626]  do_syscall_64+0x55/0xb0
[ 1159.340010][T14626]  ? clear_bhb_loop+0x40/0x90
[ 1159.344694][T14626]  ? clear_bhb_loop+0x40/0x90
[ 1159.349361][T14626]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1159.355245][T14626] RIP: 0033:0x7f81f858e15c
[ 1159.359652][T14626] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1159.379268][T14626] RSP: 002b:00007f81f9384030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1159.387692][T14626] RAX: ffffffffffffffda RBX: 00007f81f87e5fa0 RCX: 00007f81f858e15c
[ 1159.395663][T14626] RDX: 000000000000000f RSI: 00007f81f93840a0 RDI: 0000000000000005
[ 1159.403623][T14626] RBP: 00007f81f9384090 R08: 0000000000000000 R09: 0000000000000000
[ 1159.411580][T14626] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1159.419537][T14626] R13: 00007f81f87e6038 R14: 00007f81f87e5fa0 R15: 00007ffcb879b7a8
[ 1159.427509][T14626]  </TASK>
[ 1161.817899][ T5799] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[ 1162.050624][ T5799] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[ 1162.080367][ T5799] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[ 1162.107282][ T5799] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[ 1162.127149][ T5799] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[ 1162.140800][ T5799] usb 4-1: Product: syz
[ 1162.149502][ T5799] usb 4-1: Manufacturer: syz
[ 1162.158598][ T5799] usb 4-1: SerialNumber: syz
[ 1162.224587][T14646] loop4: detected capacity change from 0 to 32768
[ 1162.289408][T14646] jfs_readdir called with invalid offset!
[ 1162.437178][T14662] ea_get: invalid extended attribute
[ 1162.443013][T14662] ffff8880401eb170: 04 00 00 00                                      ....
[ 1163.238868][ T5799] usb 4-1: 0:2 : does not exist
[ 1163.244492][T14667] FAULT_INJECTION: forcing a failure.
[ 1163.244492][T14667] name failslab, interval 1, probability 0, space 0, times 0
[ 1163.275654][ T5799] usb 4-1: USB disconnect, device number 4
[ 1163.277745][T14667] CPU: 0 PID: 14667 Comm: syz.0.2529 Not tainted syzkaller #0
[ 1163.288959][T14667] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1163.299035][T14667] Call Trace:
[ 1163.302329][T14667]  <TASK>
[ 1163.305360][T14667]  dump_stack_lvl+0x16c/0x230
[ 1163.310063][T14667]  ? show_regs_print_info+0x20/0x20
[ 1163.315273][T14667]  ? load_image+0x3b0/0x3b0
[ 1163.319799][T14667]  ? __might_sleep+0xe0/0xe0
[ 1163.324412][T14667]  ? __lock_acquire+0x7c80/0x7c80
[ 1163.329457][T14667]  should_fail_ex+0x39d/0x4d0
[ 1163.334172][T14667]  should_failslab+0x9/0x20
[ 1163.338690][T14667]  slab_pre_alloc_hook+0x59/0x310
[ 1163.343719][T14667]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1163.349432][T14667]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1163.355179][T14667]  __kmem_cache_alloc_node+0x53/0x260
[ 1163.360551][T14667]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[ 1163.366260][T14667]  __kmalloc+0xa4/0x240
[ 1163.370427][T14667]  tomoyo_realpath_from_path+0xe3/0x5d0
[ 1163.375970][T14667]  tomoyo_path_number_perm+0x1ea/0x590
[ 1163.381423][T14667]  ? tomoyo_path_number_perm+0x1ba/0x590
[ 1163.387561][T14667]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[ 1163.393033][T14667]  ? ksys_write+0x1c1/0x250
[ 1163.397549][T14667]  ? __fget_files+0x28/0x4d0
[ 1163.402137][T14667]  security_file_ioctl+0x70/0xa0
[ 1163.407076][T14667]  __se_sys_ioctl+0x48/0x170
[ 1163.411924][T14667]  do_syscall_64+0x55/0xb0
[ 1163.416327][T14667]  ? clear_bhb_loop+0x40/0x90
[ 1163.420995][T14667]  ? clear_bhb_loop+0x40/0x90
[ 1163.425663][T14667]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1163.431548][T14667] RIP: 0033:0x7f81f858f749
[ 1163.435958][T14667] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1163.455559][T14667] RSP: 002b:00007f81f9363038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1163.463972][T14667] RAX: ffffffffffffffda RBX: 00007f81f87e6090 RCX: 00007f81f858f749
[ 1163.471953][T14667] RDX: 0000000000000000 RSI: 0000000040049366 RDI: 0000000000000005
[ 1163.479929][T14667] RBP: 00007f81f9363090 R08: 0000000000000000 R09: 0000000000000000
[ 1163.487896][T14667] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1163.495859][T14667] R13: 00007f81f87e6128 R14: 00007f81f87e6090 R15: 00007ffcb879b7a8
[ 1163.503840][T14667]  </TASK>
[ 1163.516565][T14667] ERROR: Out of memory at tomoyo_realpath_from_path.
[ 1163.993603][T14672] loop4: detected capacity change from 0 to 764
[ 1165.496883][T14683] FAULT_INJECTION: forcing a failure.
[ 1165.496883][T14683] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1165.499619][T14683] 
[ 1165.499626][T14683] ======================================================
[ 1165.499632][T14683] WARNING: possible circular locking dependency detected
[ 1165.499649][T14683] syzkaller #0 Not tainted
[ 1165.499656][T14683] ------------------------------------------------------
[ 1165.499661][T14683] syz.3.2534/14683 is trying to acquire lock:
[ 1165.499669][T14683] ffffffff8cd241e0 (console_owner){-.-.}-{0:0}, at: console_flush_all+0x10f/0xd00
[ 1165.499712][T14683] 
[ 1165.499712][T14683] but task is already holding lock:
[ 1165.499716][T14683] ffff8880b8e3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1165.499754][T14683] 
[ 1165.499754][T14683] which lock already depends on the new lock.
[ 1165.499754][T14683] 
[ 1165.499759][T14683] 
[ 1165.499759][T14683] the existing dependency chain (in reverse order) is:
[ 1165.499763][T14683] 
[ 1165.499763][T14683] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 1165.499783][T14683]        _raw_spin_lock_nested+0x32/0x50
[ 1165.499801][T14683]        raw_spin_rq_lock_nested+0x2a/0x140
[ 1165.499820][T14683]        task_fork_fair+0x62/0x1f0
[ 1165.499833][T14683]        sched_cgroup_fork+0x333/0x3c0
[ 1165.499844][T14683]        copy_process+0x21e4/0x3d70
[ 1165.499857][T14683]        kernel_clone+0x21b/0x840
[ 1165.499871][T14683]        user_mode_thread+0xde/0x130
[ 1165.499885][T14683]        rest_init+0x27/0x300
[ 1165.499902][T14683]        arch_call_rest_init+0xe/0x10
[ 1165.499921][T14683]        start_kernel+0x459/0x4e0
[ 1165.499938][T14683]        x86_64_start_reservations+0x2a/0x30
[ 1165.499953][T14683]        copy_bootdata+0x0/0xe0
[ 1165.499967][T14683]        secondary_startup_64_no_verify+0x179/0x17b
[ 1165.499986][T14683] 
[ 1165.499986][T14683] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 1165.500005][T14683]        _raw_spin_lock_irqsave+0xa8/0xf0
[ 1165.500021][T14683]        try_to_wake_up+0x60/0x1140
[ 1165.500039][T14683]        __wake_up_common+0x2a4/0x4e0
[ 1165.500053][T14683]        __wake_up+0x112/0x190
[ 1165.500066][T14683]        tty_port_default_wakeup+0xa2/0xf0
[ 1165.500083][T14683]        serial8250_tx_chars+0x6bd/0x8a0
[ 1165.500099][T14683]        serial8250_handle_irq+0x534/0x6e0
[ 1165.500116][T14683]        serial8250_default_handle_irq+0xb8/0x1a0
[ 1165.500134][T14683]        serial8250_interrupt+0x9f/0x1c0
[ 1165.500150][T14683]        __handle_irq_event_percpu+0x276/0x930
[ 1165.500168][T14683]        handle_irq_event+0x8b/0x1e0
[ 1165.500186][T14683]        handle_edge_irq+0x247/0xb30
[ 1165.500200][T14683]        __common_interrupt+0x13b/0x230
[ 1165.500216][T14683]        common_interrupt+0xb4/0xd0
[ 1165.500230][T14683]        asm_common_interrupt+0x26/0x40
[ 1165.500245][T14683]        __sanitizer_cov_trace_pc+0x36/0x60
[ 1165.500261][T14683]        unwind_next_frame+0x4d9/0x2970
[ 1165.500281][T14683]        arch_stack_walk+0x144/0x190
[ 1165.500293][T14683]        stack_trace_save+0x9c/0xe0
[ 1165.500309][T14683]        kasan_set_track+0x4e/0x70
[ 1165.500322][T14683]        __kasan_kmalloc+0x8f/0xa0
[ 1165.500336][T14683]        __kmalloc_node_track_caller+0xb2/0x230
[ 1165.500355][T14683]        kmalloc_reserve+0x116/0x240
[ 1165.500369][T14683]        __alloc_skb+0x138/0x2c0
[ 1165.500382][T14683]        alloc_skb_with_frags+0xca/0x7c0
[ 1165.500400][T14683]        sock_alloc_send_pskb+0x857/0x990
[ 1165.500420][T14683]        unix_dgram_sendmsg+0x5a1/0x1720
[ 1165.500435][T14683]        sock_write_iter+0x2bb/0x3f0
[ 1165.500449][T14683]        do_iter_write+0x79a/0xc70
[ 1165.500467][T14683]        do_writev+0x252/0x410
[ 1165.500484][T14683]        do_syscall_64+0x55/0xb0
[ 1165.500496][T14683]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1165.500512][T14683] 
[ 1165.500512][T14683] -> #2 (&tty->write_wait){-...}-{2:2}:
[ 1165.500532][T14683]        _raw_spin_lock_irqsave+0xa8/0xf0
[ 1165.500548][T14683]        __wake_up+0xf8/0x190
[ 1165.500561][T14683]        tty_port_default_wakeup+0xa2/0xf0
[ 1165.500574][T14683]        serial8250_tx_chars+0x6bd/0x8a0
[ 1165.500597][T14683]        serial8250_handle_irq+0x534/0x6e0
[ 1165.500614][T14683]        serial8250_default_handle_irq+0xb8/0x1a0
[ 1165.500633][T14683]        serial8250_interrupt+0x9f/0x1c0
[ 1165.500649][T14683]        __handle_irq_event_percpu+0x276/0x930
[ 1165.500668][T14683]        handle_irq_event+0x8b/0x1e0
[ 1165.500685][T14683]        handle_edge_irq+0x247/0xb30
[ 1165.500699][T14683]        __common_interrupt+0x13b/0x230
[ 1165.500714][T14683]        common_interrupt+0xb4/0xd0
[ 1165.500728][T14683]        asm_common_interrupt+0x26/0x40
[ 1165.500743][T14683]        _raw_spin_unlock_irqrestore+0xa9/0x110
[ 1165.500758][T14683]        uart_write+0x45b/0x5d0
[ 1165.500770][T14683]        n_tty_write+0xd27/0x11d0
[ 1165.500791][T14683]        file_tty_write+0x54b/0x980
[ 1165.500806][T14683]        vfs_write+0x43b/0x940
[ 1165.500823][T14683]        ksys_write+0x147/0x250
[ 1165.500838][T14683]        do_syscall_64+0x55/0xb0
[ 1165.500850][T14683]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1165.500866][T14683] 
[ 1165.500866][T14683] -> #1 (&port_lock_key){-.-.}-{2:2}:
[ 1165.500884][T14683]        _raw_spin_lock_irqsave+0xa8/0xf0
[ 1165.500900][T14683]        serial8250_console_write+0x16d/0x17a0
[ 1165.500918][T14683]        console_flush_all+0x6cd/0xd00
[ 1165.500933][T14683]        console_unlock+0xae/0x340
[ 1165.500947][T14683]        vprintk_emit+0x477/0x600
[ 1165.500962][T14683]        _printk+0xd0/0x110
[ 1165.500979][T14683]        register_console+0x91b/0xe60
[ 1165.500994][T14683]        univ8250_console_init+0x45/0x50
[ 1165.501011][T14683]        console_init+0x17b/0x5e0
[ 1165.501027][T14683]        start_kernel+0x2c0/0x4e0
[ 1165.501043][T14683]        x86_64_start_reservations+0x2a/0x30
[ 1165.501059][T14683]        copy_bootdata+0x0/0xe0
[ 1165.501073][T14683]        secondary_startup_64_no_verify+0x179/0x17b
[ 1165.501091][T14683] 
[ 1165.501091][T14683] -> #0 (console_owner){-.-.}-{0:0}:
[ 1165.501108][T14683]        __lock_acquire+0x2ddb/0x7c80
[ 1165.501123][T14683]        lock_acquire+0x197/0x410
[ 1165.501136][T14683]        console_flush_all+0x693/0xd00
[ 1165.501151][T14683]        console_unlock+0xae/0x340
[ 1165.501165][T14683]        vprintk_emit+0x477/0x600
[ 1165.501179][T14683]        _printk+0xd0/0x110
[ 1165.501195][T14683]        should_fail_ex+0x37e/0x4d0
[ 1165.501213][T14683]        strncpy_from_user+0x36/0x2e0
[ 1165.501225][T14683]        strncpy_from_user_nofault+0x71/0x140
[ 1165.501243][T14683]        bpf_bprintf_prepare+0xb9b/0x1400
[ 1165.501259][T14683]        bpf_trace_printk+0xdc/0x190
[ 1165.501278][T14683]        bpf_prog_7c77c7e0f6645ad8+0x3d/0x3f
[ 1165.501292][T14683]        bpf_trace_run2+0x1d1/0x3e0
[ 1165.501305][T14683]        __bpf_trace_contention_begin+0xdd/0x130
[ 1165.501325][T14683]        trace_contention_begin+0xe9/0x110
[ 1165.501341][T14683]        __pv_queued_spin_lock_slowpath+0xe0/0x9d0
[ 1165.501358][T14683]        do_raw_spin_lock+0x24e/0x2c0
[ 1165.501374][T14683]        raw_spin_rq_lock_nested+0xad/0x140
[ 1165.501393][T14683]        __schedule+0x2dd/0x44d0
[ 1165.501411][T14683]        schedule+0xbd/0x170
[ 1165.501429][T14683]        schedule_hrtimeout_range_clock+0x1fd/0x3a0
[ 1165.501445][T14683]        do_select+0x166a/0x1840
[ 1165.501461][T14683]        core_sys_select+0x71c/0x950
[ 1165.501478][T14683]        __se_sys_pselect6+0x285/0x310
[ 1165.501494][T14683]        do_syscall_64+0x55/0xb0
[ 1165.501506][T14683]        entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1165.501521][T14683] 
[ 1165.501521][T14683] other info that might help us debug this:
[ 1165.501521][T14683] 
[ 1165.501526][T14683] Chain exists of:
[ 1165.501526][T14683]   console_owner --> &p->pi_lock --> &rq->__lock
[ 1165.501526][T14683] 
[ 1165.501547][T14683]  Possible unsafe locking scenario:
[ 1165.501547][T14683] 
[ 1165.501551][T14683]        CPU0                    CPU1
[ 1165.501554][T14683]        ----                    ----
[ 1165.501558][T14683]   lock(&rq->__lock);
[ 1165.501566][T14683]                                lock(&p->pi_lock);
[ 1165.501576][T14683]                                lock(&rq->__lock);
[ 1165.501585][T14683]   lock(console_owner);
[ 1165.501600][T14683] 
[ 1165.501600][T14683]  *** DEADLOCK ***
[ 1165.501600][T14683] 
[ 1165.501603][T14683] 4 locks held by syz.3.2534/14683:
[ 1165.501611][T14683]  #0: ffff8880b8e3c018 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0xad/0x140
[ 1165.501651][T14683]  #1: ffffffff8cd2ffa0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0xde/0x3e0
[ 1165.501685][T14683]  #2: ffffffff8cd242c0 (console_lock){+.+.}-{0:0}, at: _printk+0xd0/0x110
[ 1165.501722][T14683]  #3: ffffffff8cc0bad0 (console_srcu){....}-{0:0}, at: console_flush_all+0x10f/0xd00
[ 1165.501759][T14683] 
[ 1165.501759][T14683] stack backtrace:
[ 1165.501763][T14683] CPU: 1 PID: 14683 Comm: syz.3.2534 Not tainted syzkaller #0
[ 1165.501778][T14683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1165.501787][T14683] Call Trace:
[ 1165.501792][T14683]  <TASK>
[ 1165.501799][T14683]  dump_stack_lvl+0x16c/0x230
[ 1165.501815][T14683]  ? load_image+0x3b0/0x3b0
[ 1165.501833][T14683]  ? show_regs_print_info+0x20/0x20
[ 1165.501851][T14683]  ? print_circular_bug+0x12b/0x1a0
[ 1165.501869][T14683]  check_noncircular+0x2bd/0x3c0
[ 1165.501889][T14683]  ? print_deadlock_bug+0x5d0/0x5d0
[ 1165.501905][T14683]  ? lockdep_lock+0xe0/0x220
[ 1165.501926][T14683]  __lock_acquire+0x2ddb/0x7c80
[ 1165.501953][T14683]  ? verify_lock_unused+0x140/0x140
[ 1165.501979][T14683]  lock_acquire+0x197/0x410
[ 1165.501994][T14683]  ? console_flush_all+0x10f/0xd00
[ 1165.502014][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1165.502029][T14683]  ? do_raw_spin_lock+0x121/0x2c0
[ 1165.502047][T14683]  ? read_lock_is_recursive+0x20/0x20
[ 1165.502063][T14683]  ? __rwlock_init+0x150/0x150
[ 1165.502082][T14683]  ? do_raw_spin_unlock+0x121/0x230
[ 1165.502101][T14683]  console_flush_all+0x693/0xd00
[ 1165.502117][T14683]  ? console_flush_all+0x10f/0xd00
[ 1165.502135][T14683]  ? console_flush_all+0x10f/0xd00
[ 1165.502157][T14683]  ? is_console_locked+0x20/0x20
[ 1165.502174][T14683]  ? check_buffer+0x745/0x950
[ 1165.502195][T14683]  console_unlock+0xae/0x340
[ 1165.502212][T14683]  ? other_cpu_in_panic+0xf0/0xf0
[ 1165.502234][T14683]  vprintk_emit+0x477/0x600
[ 1165.502251][T14683]  ? printk_sprint+0x460/0x460
[ 1165.502273][T14683]  _printk+0xd0/0x110
[ 1165.502295][T14683]  ? load_image+0x3b0/0x3b0
[ 1165.502314][T14683]  ? mark_lock+0x94/0x320
[ 1165.502331][T14683]  ? __lock_acquire+0x1260/0x7c80
[ 1165.502348][T14683]  should_fail_ex+0x37e/0x4d0
[ 1165.502369][T14683]  strncpy_from_user+0x36/0x2e0
[ 1165.502386][T14683]  strncpy_from_user_nofault+0x71/0x140
[ 1165.502408][T14683]  bpf_bprintf_prepare+0xb9b/0x1400
[ 1165.502426][T14683]  ? verify_lock_unused+0x140/0x140
[ 1165.502445][T14683]  ? bpf_bprintf_cleanup+0xc0/0xc0
[ 1165.502463][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1165.502479][T14683]  ? mark_lock+0x94/0x320
[ 1165.502493][T14683]  ? bpf_trace_printk+0xc2/0x190
[ 1165.502515][T14683]  bpf_trace_printk+0xdc/0x190
[ 1165.502537][T14683]  ? bpf_probe_write_user+0xe0/0xe0
[ 1165.502578][T14683]  ? mark_lock+0x94/0x320
[ 1165.502612][T14683]  bpf_prog_7c77c7e0f6645ad8+0x3d/0x3f
[ 1165.502628][T14683]  bpf_trace_run2+0x1d1/0x3e0
[ 1165.502642][T14683]  ? bpf_trace_run2+0xde/0x3e0
[ 1165.502656][T14683]  ? bpf_trace_run1+0x3d0/0x3d0
[ 1165.502671][T14683]  ? __bpf_trace_contention_begin+0xce/0x130
[ 1165.502695][T14683]  __bpf_trace_contention_begin+0xdd/0x130
[ 1165.502717][T14683]  ? __bpf_trace_lock+0x140/0x140
[ 1165.502738][T14683]  ? verify_lock_unused+0x140/0x140
[ 1165.502753][T14683]  ? register_lock_class+0xb5/0x890
[ 1165.502771][T14683]  ? is_dynamic_key+0x260/0x260
[ 1165.502788][T14683]  trace_contention_begin+0xe9/0x110
[ 1165.502806][T14683]  __pv_queued_spin_lock_slowpath+0xe0/0x9d0
[ 1165.502827][T14683]  ? mark_lock+0x94/0x320
[ 1165.502844][T14683]  ? __pv_queued_spin_unlock_slowpath+0x2a0/0x2a0
[ 1165.502868][T14683]  do_raw_spin_lock+0x24e/0x2c0
[ 1165.502887][T14683]  ? __rwlock_init+0x150/0x150
[ 1165.502909][T14683]  raw_spin_rq_lock_nested+0xad/0x140
[ 1165.502931][T14683]  __schedule+0x2dd/0x44d0
[ 1165.502952][T14683]  ? verify_lock_unused+0x140/0x140
[ 1165.502968][T14683]  ? verify_lock_unused+0x140/0x140
[ 1165.502990][T14683]  ? asan.module_dtor+0x20/0x20
[ 1165.503020][T14683]  schedule+0xbd/0x170
[ 1165.503040][T14683]  schedule_hrtimeout_range_clock+0x1fd/0x3a0
[ 1165.503059][T14683]  ? hrtimer_nanosleep_restart+0x1a0/0x1a0
[ 1165.503076][T14683]  ? __might_sleep+0xe0/0xe0
[ 1165.503092][T14683]  ? __fget_files+0x44a/0x4d0
[ 1165.503116][T14683]  do_select+0x166a/0x1840
[ 1165.503140][T14683]  ? do_select+0xef/0x1840
[ 1165.503163][T14683]  ? core_sys_select+0x950/0x950
[ 1165.503188][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503209][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503230][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503251][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503272][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503293][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503314][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503335][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503356][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1165.503378][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1165.503393][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1165.503410][T14683]  ? __might_fault+0xaa/0x120
[ 1165.503423][T14683]  ? __might_fault+0xc6/0x120
[ 1165.503436][T14683]  ? __might_fault+0xaa/0x120
[ 1165.503451][T14683]  core_sys_select+0x71c/0x950
[ 1165.503476][T14683]  ? poll_select_set_timeout+0x160/0x160
[ 1165.503504][T14683]  ? sigprocmask+0x190/0x190
[ 1165.503518][T14683]  ? __fget_files+0x44a/0x4d0
[ 1165.503539][T14683]  __se_sys_pselect6+0x285/0x310
[ 1165.503560][T14683]  ? __x64_sys_pselect6+0xf0/0xf0
[ 1165.503581][T14683]  ? __x64_sys_pselect6+0x21/0xf0
[ 1165.503607][T14683]  do_syscall_64+0x55/0xb0
[ 1165.503620][T14683]  ? clear_bhb_loop+0x40/0x90
[ 1165.503637][T14683]  ? clear_bhb_loop+0x40/0x90
[ 1165.503655][T14683]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1165.503673][T14683] RIP: 0033:0x7f6247f8f749
[ 1165.503686][T14683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1165.503699][T14683] RSP: 002b:00007f6248e4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1165.503714][T14683] RAX: ffffffffffffffda RBX: 00007f62481e6090 RCX: 00007f6247f8f749
[ 1165.503726][T14683] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1165.503736][T14683] RBP: 00007f6248e4e090 R08: 0000000000000000 R09: 0000000000000000
[ 1165.503745][T14683] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1165.503755][T14683] R13: 00007f62481e6128 R14: 00007f62481e6090 R15: 00007fff3b86ee08
[ 1165.503772][T14683]  </TASK>
[ 1166.903606][T14683] CPU: 1 PID: 14683 Comm: syz.3.2534 Not tainted syzkaller #0
[ 1166.911052][T14683] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1166.921094][T14683] Call Trace:
[ 1166.924366][T14683]  <TASK>
[ 1166.927290][T14683]  dump_stack_lvl+0x16c/0x230
[ 1166.931970][T14683]  ? show_regs_print_info+0x20/0x20
[ 1166.937157][T14683]  ? load_image+0x3b0/0x3b0
[ 1166.941651][T14683]  ? mark_lock+0x94/0x320
[ 1166.945974][T14683]  ? __lock_acquire+0x1260/0x7c80
[ 1166.950992][T14683]  should_fail_ex+0x39d/0x4d0
[ 1166.955663][T14683]  strncpy_from_user+0x36/0x2e0
[ 1166.960504][T14683]  strncpy_from_user_nofault+0x71/0x140
[ 1166.966041][T14683]  bpf_bprintf_prepare+0xb9b/0x1400
[ 1166.971239][T14683]  ? verify_lock_unused+0x140/0x140
[ 1166.976427][T14683]  ? bpf_bprintf_cleanup+0xc0/0xc0
[ 1166.981524][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1166.986537][T14683]  ? mark_lock+0x94/0x320
[ 1166.990873][T14683]  ? bpf_trace_printk+0xc2/0x190
[ 1166.995812][T14683]  bpf_trace_printk+0xdc/0x190
[ 1167.000569][T14683]  ? bpf_probe_write_user+0xe0/0xe0
[ 1167.005763][T14683]  ? mark_lock+0x94/0x320
[ 1167.010087][T14683]  bpf_prog_7c77c7e0f6645ad8+0x3d/0x3f
[ 1167.015537][T14683]  bpf_trace_run2+0x1d1/0x3e0
[ 1167.020211][T14683]  ? bpf_trace_run2+0xde/0x3e0
[ 1167.024961][T14683]  ? bpf_trace_run1+0x3d0/0x3d0
[ 1167.029801][T14683]  ? __bpf_trace_contention_begin+0xce/0x130
[ 1167.035780][T14683]  __bpf_trace_contention_begin+0xdd/0x130
[ 1167.041587][T14683]  ? __bpf_trace_lock+0x140/0x140
[ 1167.046603][T14683]  ? verify_lock_unused+0x140/0x140
[ 1167.051790][T14683]  ? register_lock_class+0xb5/0x890
[ 1167.056980][T14683]  ? is_dynamic_key+0x260/0x260
[ 1167.061820][T14683]  trace_contention_begin+0xe9/0x110
[ 1167.067181][T14683]  __pv_queued_spin_lock_slowpath+0xe0/0x9d0
[ 1167.073155][T14683]  ? mark_lock+0x94/0x320
[ 1167.077475][T14683]  ? __pv_queued_spin_unlock_slowpath+0x2a0/0x2a0
[ 1167.083886][T14683]  do_raw_spin_lock+0x24e/0x2c0
[ 1167.088727][T14683]  ? __rwlock_init+0x150/0x150
[ 1167.093491][T14683]  raw_spin_rq_lock_nested+0xad/0x140
[ 1167.098858][T14683]  __schedule+0x2dd/0x44d0
[ 1167.103266][T14683]  ? verify_lock_unused+0x140/0x140
[ 1167.108450][T14683]  ? verify_lock_unused+0x140/0x140
[ 1167.113639][T14683]  ? asan.module_dtor+0x20/0x20
[ 1167.118488][T14683]  schedule+0xbd/0x170
[ 1167.122554][T14683]  schedule_hrtimeout_range_clock+0x1fd/0x3a0
[ 1167.128609][T14683]  ? hrtimer_nanosleep_restart+0x1a0/0x1a0
[ 1167.134404][T14683]  ? __might_sleep+0xe0/0xe0
[ 1167.138986][T14683]  ? __fget_files+0x44a/0x4d0
[ 1167.143660][T14683]  do_select+0x166a/0x1840
[ 1167.148073][T14683]  ? do_select+0xef/0x1840
[ 1167.152486][T14683]  ? core_sys_select+0x950/0x950
[ 1167.157504][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.163745][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.169975][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.176208][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.182448][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.188700][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.195031][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.201265][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.207502][T14683]  ? __ia32_compat_sys_ppoll_time64+0x300/0x300
[ 1167.213739][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1167.218756][T14683]  ? __lock_acquire+0x7c80/0x7c80
[ 1167.223768][T14683]  ? __might_fault+0xaa/0x120
[ 1167.228432][T14683]  ? __might_fault+0xc6/0x120
[ 1167.233095][T14683]  ? __might_fault+0xaa/0x120
[ 1167.237769][T14683]  core_sys_select+0x71c/0x950
[ 1167.242529][T14683]  ? poll_select_set_timeout+0x160/0x160
[ 1167.248158][T14683]  ? sigprocmask+0x190/0x190
[ 1167.252743][T14683]  ? __fget_files+0x44a/0x4d0
[ 1167.257411][T14683]  __se_sys_pselect6+0x285/0x310
[ 1167.262341][T14683]  ? __x64_sys_pselect6+0xf0/0xf0
[ 1167.267364][T14683]  ? __x64_sys_pselect6+0x21/0xf0
[ 1167.272465][T14683]  do_syscall_64+0x55/0xb0
[ 1167.276873][T14683]  ? clear_bhb_loop+0x40/0x90
[ 1167.281541][T14683]  ? clear_bhb_loop+0x40/0x90
[ 1167.286210][T14683]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[ 1167.292092][T14683] RIP: 0033:0x7f6247f8f749
[ 1167.296499][T14683] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1167.316267][T14683] RSP: 002b:00007f6248e4e038 EFLAGS: 00000246 ORIG_RAX: 000000000000010e
[ 1167.324671][T14683] RAX: ffffffffffffffda RBX: 00007f62481e6090 RCX: 00007f6247f8f749
[ 1167.332633][T14683] RDX: 0000000000000000 RSI: 00002000000001c0 RDI: 0000000000000040
[ 1167.340590][T14683] RBP: 00007f6248e4e090 R08: 0000000000000000 R09: 0000000000000000
[ 1167.348546][T14683] R10: 00002000000002c0 R11: 0000000000000246 R12: 0000000000000001
[ 1167.356504][T14683] R13: 00007f62481e6128 R14: 00007f62481e6090 R15: 00007fff3b86ee08
[ 1167.364562][T14683]  </TASK>