last executing test programs:

7m9.056004964s ago: executing program 0 (id=30):
syz_mount_image$btrfs(&(0x7f0000000040), &(0x7f00000000c0)='./file1\x00', 0x16, &(0x7f0000000140)={[{}, {@nossd_spread}, {@nodatasum}, {@notreelog}, {@max_inline={'max_inline', 0x3d, [0x6b, 0x78, 0x67, 0x3d, 0x67]}}, {@skip_balance}]}, 0x9, 0x50f6, &(0x7f0000000340)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75pcNWjiAAAAQF/x/90Xv1qIeT375iDN6089evBc1Xil/N8cLv+P3dJXBQAAANyMI19sf7iqXsr/reHy//htnTUAAACwFO98OPFBVb2U/2dvnP/rSf5fnS/zKx+yTj/Fv0I4NBnCxMLKXFb4ObSf7hYAAACAWyTm9D8/3flD1X6l/D9Xff//eKeDeP1/z/3/Ctf/hzDVW8ju+vdkXgAAAIB7Svl6/nh7/OzJBf2evz/s9f8P/O/gq1XHL+X//cPl/3pxeSuf/wcAAADL8F97/t/20jjVBt3//76P3v2lqn8p/7eHy/9xuab48k7E9+e9yRDWL6zkdxP8Jh5uV1KYHysUOlpJj22xR16YHy8UOuaSHpsnQ3hwYWV/Uvh/LLSTwpW1eeFIUjgdC/n50C0cSwon4pn2+dp8umnh+1jIL7CYj1dQrOleEpH0uNqvx0Lhhj3Odg8OAABwT4nhOc+yY73NkEbZ+dqgHVYP2mFk0A71QTuMJjukO/bbHmZ7C3F7+8zGpT3//8hw+T++Fflz/vpd/x/i9f/5cw271//PxkIjKczHQiu9Y0ArHiMLux/HYzRaeY8r67sFAAAAuKvF7wXqKzwPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+Ie9e42Rq7oPAH72Od6H1wtJFUKjZJPUOG7i9doGErVUWVOqRqQ064aCqohiY6/J4gU7tikxCpGxiWiEoLRBSj4UYRRFNR+gViAiKSBcpDhC5RFRFQUQKLSGKIiUkkSkCVKoZu89s3fO3Xn4scZLfz/JO2fmf553Hp5z751zAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/x8OfuWav20Wf/S35z37wsXjV+xZe/Gr15136pMhTMw83pGFO/pvvH3853efe8+eB1bfcd/h8z/am5fL42Gg+qczv3NDrPXw4hDu7wihOw2sGMwCPfn9wVjf+wZDOCXMBmolJvuzEmnD4ft9IewLs4FaVd/rC2GwELjwqUcevrmauK0vhKUhhEraxvOVrI2+NHBGbxboTwNbu7PAr97K1ALf7cwCcMzim6H2oj8wUZ9heO5yDV5/PcetY2+vdHhdMTHcON/P1s5zpwp60wcmjulpK1XHvCi9PQ56ty2Ad1tpO9/qaSt+kcq/obw1G6qEzk2TmzdcPb0zPtIZRke7GtU0T8/zM69/aeORpBfM6zB2YPi4vA5veWLp3V3LL3j8vhVLX97/sb2vHGs3f1TYpMX0fKuE/DW3YJ7HaNznyQJ4+5W+JY340hVC2Pz53/tMs3hp/j/cfP4fX87xtrMud6z1zaFsbh4fGYyJ14ayuTkAAAAsGAthr+nW0Yc+0ay+0vx/pL3j//GQfz6Zz0Z7MITxmcTeJSGcNvN4FrgrNnfZkhA+OJOaqA+sTQIHQ3jvTGJ5raqkxKJYYiQJ/GQoD4wngUMxMJEEvhUDtyaBG2LgQBLYGAMHk8C5MRCm6sfx+0P5ONoO9MXA+mwjHohnIfxiKLaWbKvnalUBAAAcJ/nssKf+buFch2PNEKeXB/paZYhnYDfMUElqSGewtWlVwxq6W9XQ2aqG2rh3Nx9+qeaOVjWXTsPoqM9w+y//5rOhidL8f6z5/L8yR0c6Ssf/Q1g38zfm7swj07X4+om6DAAAAMAxGPjfF7/ZLF6a/4+3d/5/3CfSVcgcHou7IbYsCWGsPpBV+4flQHbUeyAPAAAAwEJQOx5fOxY+ld9mp2in8+ly/okjzB8P/I/Pmb/34IPrm/W3NP+faO/8//7626wTh2IvvrYkhEWFwA9iL6uBGSMx8ONP1gfy8R+KG+CmWFV+YkKtqptiifUxMJYE9jUq8cNaidPqA/mTVWt8b20cU3mJQgAAAABOuLg7IB6Xj+f/f+g3q69pVq40/19/ZOf/z8yDS6f3Tw+EsLI7hK70hwGP9WcLA8bAYEeeeKg/q6srrer6/hDOqQ4srerFfP3/7nSNwaf6sqpi4LQP7X/9jGrim30hrCwGnv7cnWdVEzuTQK3xv+wL4QPV0aaNf2dR1nhP2vjXF4Xw/kKgVtVli0KoNtabVvVIJb+OQVrVP1dCeFchUKvq7EoIuwIAC1T8r3RT8cEdu67dsmF6enL7PCbiPvy+sHlqenJ049bpTZUGfdqU9LluGaPry2Nq98o3z+VLFF1077rBdtK13wmOFdvK9+OXThzM78fvQj0z41zdU3d3TTrkj3y43EQofJNqNOTOeR5yf7GS2SexVH/M3xsGwqKrd0xuH/3ihp07t6/K/rabfXX2Nx5myrbVqnRb9c/VtzZeHg1Xy0oc7bZaVqxk5c4rt63csevaFVNXbrh88vLJq1advXrszLE1Yx8/c2V1VGPZ3xZDXTZX1clQ37qzzXEdx6Ge3l2o5ER8akhISCy0xNaBZU3/Ty7N/7c1n//HT534yZ+vz9Do+P9wPMyfPT57mH99DOxr9/j/cKOj+bUTA0aSwO4Y2O0wPwAAAO8McZIf92bGvdI/Xf6dl5uVK83/d7f3+//jtP5/ben68xst8788lhhrtP5/usx/bf3/3Y3W/0+X+a+t/7/vbVj//+paINkkv7D+PwAA8E5w4tb/b7m8f3qBgFKGlsv7pxcIKGVouYx/uxcIOOL1/5//z7/679BEaf5/a3vzfwv3AwAAwMnjy392ze80i5fm//vam/+f+PX/QqPz/0caBSYaLQxo/T8AAAAWqEbr/w3f2H9ps3Kl+f+B9ub/8bSLzrrcsdY3h7I17UK6pt1rQ7WfDAAAAMDC0BlGR3vazFu3Murao2/zmXwp0Gbpohf/5PCRnf9/sL35f93vMm55YundXcsvePzN+1YsfXn/x/a+Mnv8HwAAAJg/7e6XAAAAAAAAAAAAAAAA3n4v/seeNc3ipd//h3Uzjzf6/X+87l/8fcG763LHWluv/5ffv/DT9+yaWbLwsaEQPlwMbNmz5ZSQX5t/WTHw8CXL31NN7ElLPPjCuS9VE5emgU+tOPWNauKcJLA+LpL43jQQr6r4xuIkEJdX/Pc0ELfHgTTQmwe+ujgbR0e6rX46mG2rjnRbPTsYwpJCoLat7h/M2uhIB3hbEqgN8AtpIA7wz/NAZ9qrewayXsXAYCx6x0DWKwAATlrxW2BP2Dw1PTkWv8LH29O762+juiXLri9X29Fm88/lS5NddO+6wXbSXel30dlrjfeESnUIq0pfV4tZOmZGeXxqabHp3t1gyK1We+tsUC51pJuut/GI+rIRjW7cOr2pp+XA17TOsrq7ZZZVpclOMUvnzCZto5Y2+tLGiNrcNm10Od7vDKOjXUmuP4jB4VCn1Sui3d/rF9f5a/QqKOa56vDeXzWrrzT/H25v/l8pjuuN/GIAu+OV9f5uiWX+AQAAYH59de2vvxH/ffbGR59ulrc0/x9pb/4f92Dlh4KzvR0H4/X/9y4JYebS+sNZ4K7Y3GVLQvjgTGoilsguqH9+LDGWBe6KO0yWxxLrJ+qrWhQDB5LAT4bywMEkcCgG8r0U+0O+K+fvh0I4aya1rr7EtlhiOAl8JgZGksBoDIwlgcUxMJ4EXl2cByaSwL/FQJiq31b3Ls63FQAAwJHI51k99XdDOs870N0qQ0erDP2tMnS2ylBplaHRKOL9b8cMPcnJKx2FTD1prX1JLaUM8WL4R9yvUobww/qcacFS0/H8g9r5Bh31GR74RHclNFGa/4+1N//vr7/NWj8U5/+z1//LAj+I3ftaPHV8JAZ+/Mn6QL5j4FCc7N5Uq2oiL5FP2m+KJcZjYCQJbIuB8SSwfl0e2Pee+kA+0641vrfW+FReohAAAACAEy7uIIi7aeL8/44dXxloVi6f/4/U5v/j7c3/Y3sDxcZuiLUeXhzC/R2zvakFVgxmgbgfYzD+PP59gyGcUtjBUSsx2Z+V6E0aDt/vy36h3ptW9b2+7McH8f6FTz3y8M3VxG19ISwt7H2ptfF8JWujLw2c0ZsF+tPA1u4sEPf81ALf7cwCcMxqewXjCyo/1aVmeO5yDV5/75RrgqbDK+0DnSPfXL+5mi+lHa75PtWaI3vamu6/5bgpvT0OerctxHfbsHdb8YtU/g3lrdlQJXRumty84erpnfGR4i9ZS+bpeS7+SrWd9HF4He4++t62Vkk7MJZ8fIzNXW7u12FHrO6WJ5be3bX8gsfvW7H05f0f2/tK291oIP5Q+JHr/nXwR4XNO98qIX/NLbjPkwmfJwvxv4ERT1sIYd2rX7+pWbx0/H+ivfl/d3I749dxY+5YEsJHChv3sbj5/3hJ9jlYCGSfku8qB7JD7v811PCTEwAAAI632u6O2v6Cqfw2OyE8nSeX808cYf64v2J8zvzt9rv/ry9Z2ixemv+vbz7/X5R00/F/x/+ZJ47/z+lk3xW9KH1g9zHtii5Vx7xw/H9OJ/u7zfH/OTn+7/j/XBz/b8Hx/zmd7E9b6VvSNl+6Qggv/9FDzzaLl+b/29qb/1v/b+5F+2rr/61vtP7ftkbr/+22/h8AADCvGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvi9f9eOv3534QmSvP/3e3N/+PLYaDY+kJZ/29kXYOqbo2BbRYGBAAA4GTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb68H/uF/NjWLP/rb85594eLxK/asvfjV68479ckQpmYe78jCHf033j7+87vPvWfPA6vvuO/w+R+t5OV68tvfrcsda31zKIR9hUcGY+K1oeqd2cCFn75nV3c18dhQCB8uBrbs2XJKNfGtoRCWFQMPX7L8PdXEnrTEgy+c+1I1cWka+NSKU9+oJs7JAx1pd/9xcdbdjrS7Ny8OYUkhUOvuFYvrq6q18ad5oDNt458GszZiYDAW/cZg1kYMTMcSU4tCWNkdQlda1aOVrKqutKp/qWRVdaVVfbkSwjkhhO60qhd6s6q605E/2ZtVFQOnfWj/62dUE/t6Q1hZDDz9uTvPqia+kARqjf9FbwgfqL5k0sa/3ZM13pM2fltPCO8PIfSmJX7ZnZXoTUu82B3CuwqBWuOf7w5hV+AdIX741H2i7dh17ZYN09OT2+cx0Zu31Rc2T01Pjm7cOr2pkvSpkY5C+q3rj37sz73+pY3V24vuXTfYTro7L9cz0+XVPXV315zsvY/96i9WMvt8lOqP+XvDQFh09Y7J7aNf3LBz5/ZV2d92s6/O/nbl0WxbrVoo22pZsZKVO6/ctnLHrmtXTF254fLJyyevWnX26rEzx9aMffzMldVRjWV/j8dQ7zzxQz29u1DJifgAkJCQWGiJzrpPt7GT/YO89EV/tqM9oTLzAV2aVhSzdMyM8ngMeu1Rjvhovqe0HNGq0sShlGV16yxrSpOJ2Sx9WZaZ73WlyWGxps6ZTRrvd4bR0a5G22G4/m5x8/7sGDbvM/mmazcNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8H/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4FIAAAD//wqqIhQ=")
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000100)='./mnt\x00', 0x2200054, &(0x7f0000000000)={[{@jqfmt_vfsold}, {@bh}]}, 0x1, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
ioctl$FITRIM(r0, 0xc4009420, &(0x7f0000000200)={0x2, 0x5, 0x4000000000000000})

7m1.064030495s ago: executing program 0 (id=44):
r0 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), r0)
r1 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'macsec0\x00', <r3=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000500)=ANY=[@ANYBLOB="3c0000001000000410000000ffdbdf2500000000", @ANYRES32=r3, @ANYBLOB="000000000000a3ab4a7900001c0012800b0001006d616373256300000c00028005000f0002000000756f686f7cb6ba4b71e5c30436153006525abde7da96f1035e1f8df239585b75f68447b7c826fa5c064cdeadbe7ca396a11a213044d380caa302b992fad0d1ea8aca7745cf07b28bbcb69a44a1c524e422e4e855f937355845bfdde067412f56fcb2fb57d635cc4b150300abb1133bc756a821bdbaf579459be1669b3a9bd0416a0bb633f072fdd68a7dce1a036c9f7c82cccdfa8af06d780512533d692e8be4fc14142fb5727ad3f3e4d095a4a1b784c3b84a2096df5f36f2e9d0d5d14de0f5d0b03a766c98378e9ab5f0e30e947027a4c3fa2c"], 0x3c}}, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
openat$dsp(0xffffffffffffff9c, 0x0, 0x600200, 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x8080}, 0x20004450)
sendmsg$NFT_BATCH(r5, 0x0, 0x24000840)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x8ad01, 0x0)
r6 = openat$ttynull(0xffffff9c, &(0x7f0000000280), 0x8000, 0x0)
ioctl$TCXONC(r6, 0x540a, 0x0)
r7 = openat$snapshot(0xffffffffffffff9c, &(0x7f0000000100), 0x1, 0x0)
write$snapshot(r7, 0x0, 0xd)
ioctl$SNAPSHOT_FREE(r7, 0x3305)
r8 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_tx_ring(r8, 0x107, 0xd, &(0x7f0000000100)=@req3={0x10000, 0x100000001, 0x10000, 0x1}, 0x1c)
mmap(&(0x7f0000ff0000/0x10000)=nil, 0x10000, 0x7fa962bffff3, 0x12, r8, 0x0)
munmap(&(0x7f0000ff9000/0x2000)=nil, 0x2000)
mremap(&(0x7f0000ff8000/0x1000)=nil, 0x1000, 0x2000, 0x0, &(0x7f0000ff8000/0x2000)=nil)
recvfrom(r0, 0x0, 0x4f, 0x40002021, 0x0, 0x0)

6m58.844958486s ago: executing program 0 (id=50):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x30000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x1, 0x8010000000000084)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000280)={@mcast2}, &(0x7f00000002c0)=0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb, 0x1000)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002)
ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000000180)=0xf0)
ioctl$CEC_S_MODE(r4, 0x40046109, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000014000101a4bd7000fddbdf25011f88104e"], 0x4c}, 0x1, 0x0, 0x0, 0x40480cc}, 0x40000)

6m56.869404968s ago: executing program 0 (id=51):
open(0x0, 0x713640, 0x40)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0xc0)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
r3 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x401)
ioctl$SG_SET_RESERVED_SIZE(r3, 0x2275, &(0x7f0000000100)=0x2c0000)

6m55.749284733s ago: executing program 0 (id=56):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
recvmmsg(r0, 0x0, 0x0, 0x2, 0x0)
r1 = syz_open_dev$sg(&(0x7f00000002c0), 0x0, 0x5)
ioctl$SG_GET_REQUEST_TABLE(r1, 0x2286, &(0x7f0000000440))

6m51.7061953s ago: executing program 0 (id=63):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
fchdir(0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x143042, 0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, 0xfffffffffffffffe, 0x4)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_usbip_server_init(0x1)

6m36.48509942s ago: executing program 32 (id=63):
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
sched_setscheduler(0x0, 0x1, &(0x7f0000000040)=0x8)
r0 = getpid()
fchdir(0xffffffffffffffff)
openat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x143042, 0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000001700)=0x4)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r3, 0x6, 0x13, &(0x7f0000000180)=0x100000001, 0x4)
connect$inet6(r3, &(0x7f0000000080)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r3, 0x6, 0x1f, &(0x7f0000000540), 0x3c)
setsockopt$inet6_tcp_TLS_TX(r3, 0x11a, 0x1, 0xfffffffffffffffe, 0x4)
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffcb5, 0x2, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000400), 0xffffffffffffffff)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
syz_usbip_server_init(0x1)

3m41.877340125s ago: executing program 3 (id=528):
r0 = syz_open_dev$dvb_frontend(0x0, 0x0, 0x40002)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0xe9, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00', 0x0, 0xb, 0x0, 0x80, 0x0})
ioctl$FE_GET_EVENT(r0, 0x80286f4e, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)

3m41.71700637s ago: executing program 3 (id=530):
r0 = syz_usb_connect(0x2, 0x24, &(0x7f00000007c0)=ANY=[@ANYBLOB="12010000ed3ec908cd0cb300ea2d010203010902120001000000000904"], 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ecm(r0, 0x0, &(0x7f0000000000)={0x1c, 0x0, 0x0, 0x0})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f00000003c0)={0x44, &(0x7f0000000000)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0)
syz_usb_control_io$uac1(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$rtl8150(r0, 0x0, 0x0)
syz_usb_control_io$printer(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, 0x0, 0x0)
syz_usb_control_io$lan78xx(r0, 0x0, &(0x7f0000000400)={0x34, &(0x7f0000000280)={0x40, 0x18, 0x2, 'w`'}, 0x0, 0x0, 0x0, 0x0, 0x0})

3m38.177076342s ago: executing program 3 (id=547):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$unix(0x1, 0x1, 0x0)
r5 = socket$kcm(0x11, 0x3, 0x0)
r6 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r6)
socket$tipc(0x1e, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r6, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x8c, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, r8, {0x0, 0x4}, {}, {0x8, 0xfff2}}, [@filter_kind_options=@f_matchall={{0xd}, {0x58, 0x2, [@TCA_MATCHALL_ACT={0x54, 0x2, [@m_tunnel_key={0x50, 0x1, 0x0, 0x0, {{0xf}, {0x20, 0x2, 0x0, 0x1, [@TCA_TUNNEL_KEY_PARMS={0x1c, 0x2, {{0x7cff, 0xbd, 0x4, 0x6, 0x1ff}, 0x2}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc}}}]}]}}]}, 0x8c}, 0x1, 0x0, 0x0, 0x8000}, 0x20000000)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r9, 0x3e}, 0x80, &(0x7f0000000340)=[{}, {&(0x7f00000001c0)="f058050000007f8f", 0x8}], 0x2}, 0x34000054)

3m37.986065638s ago: executing program 3 (id=550):
syz_mount_image$vfat(&(0x7f0000000080), &(0x7f0000000240)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x804, &(0x7f0000002400)=ANY=[@ANYBLOB="726f6469722c6e6f6e756d7461696c3d302c757466383d302c756e695f786c6174653d302c73686f72746e616d653d6d697865642c757466383d302c756e695f786c6174653d312c757466383d302c636865636b3d6e6f726d616c2c636f6465706167653d3836362c73686f72746e616d653d6c6f7765722c73686f72746e616d653d77696e6e742c73686f72746e616d653d77696e6e742c696f636861727365743d6b6f69382d72752c757466383d302c726f6469722c73686f72746e616d653d6d697865642c756e695f786c6174653d312c756e695f786c6174653d302c756e695f786c6174653d302c756e695f786c6174653d312c00c5ce73a5b07f42c987243e66e4235177879575d62481eb04d82aee3b4d09b99cc7122d2f2d89e8200db5ce142862d400"/306], 0x1, 0x27e, &(0x7f0000000380)="$eJzs3c9qY1UYAPDvNkmT6CJZuBKhF3ThqrQ+QYtUEAuCkoW60GJbkCYULASqYuzKJ/AJfAPfw80wLzAPMMPspoth7pDcmz8dbtppJ23KzO+36cd3znfPd3sPyeqe/PRR72j/+OTw7I9H0WgksbIVW3GeRDtWYuyvKPXwSXkeALjnzrMsnma5ep46vTijNqeyunLrzQEAt2L2+3/ZvQAAd+Pb777/ant3d+ebNG1E9P7ud5LI/+bj24fxS3TjIDaiFc8jsok8/uLL3Z2opkPt+KQ36HeGlb0f/y+uv/04YlS/Ga1ol9dvprmZ+kG/U4v3ivW3unHw9b/Rig/K6z8rqY/Oanz68Uz/69GKBz/HcXRjv+htXP/nZpp+nv3z7PcfhtlhfTLod+qTecXsyp0+GAAAAAAAAAAAAAAAAAAAAAAA3mrr6UT74vk744P/Lxm/5Hygwcz5PBtpmmZJPn9aX40Pq1Fd5r0DAAAAAAAAAAAAAAAAAADAfXFy+tvRXrd78OtCg/Fr/SVD8eJiph4RN19r7bpVUSla6yYR11urFvVR5dWTK0Xw32teuRkRtXFfC3oEySTTnB1aG62RZ5p5MJN54w3QiFEw3l1He8lVD7dRtkkWEGQl268yt2r11UyzuIOSyc1LVl99/0Y9Z605Q8nMzrjqOrXF/g/v5vMHAAAAAAAAAAAAAAAAAACYmr70WzJ4toSGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAJpr//f41gUBTPm5NVhkE1isySbxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB3wMsAAAD//yWPZig=")
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901)
fchdir(r0)
close(r0)
mount$fuse(0x0, &(0x7f00000001c0)='./file0/../file0\x00', 0x0, 0x20000, 0x0)

3m37.678314597s ago: executing program 3 (id=551):
r0 = syz_open_dev$dvb_frontend(0x0, 0x0, 0x40002)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
fcntl$lock(0xffffffffffffffff, 0x5, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8002)
r2 = fcntl$dupfd(r1, 0x0, r1)
ioctl$SG_IO(r2, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0xe9, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00', 0x0, 0xb, 0x0, 0x80, 0x0})
ioctl$FE_GET_EVENT(r0, 0x80286f4e, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)

3m35.777095547s ago: executing program 3 (id=555):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
fcntl$dupfd(r2, 0x406, r2)
r3 = epoll_create1(0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_SNDMTU(r8, 0x112, 0xc, &(0x7f0000000300)=0x2, 0x2)
connect$unix(r6, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x38, r10, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000580)={0xa0002008})
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r11, &(0x7f00000000c0)={0x10})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001ec0)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x28)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0)

3m35.35705341s ago: executing program 33 (id=555):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = epoll_create1(0x0)
r2 = epoll_create1(0x0)
fcntl$dupfd(r2, 0x406, r2)
r3 = epoll_create1(0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r5 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r5, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffd000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r6=>0xffffffffffffffff, <r7=>0xffffffffffffffff})
r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
setsockopt$bt_BT_SNDMTU(r8, 0x112, 0xc, &(0x7f0000000300)=0x2, 0x2)
connect$unix(r6, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r7, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r6, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r9 = socket$nl_generic(0x10, 0x3, 0x10)
r10 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)={0x38, r10, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0xc, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x4}, @ETHTOOL_A_BITSET_NOMASK={0x4}]}]}, 0x38}}, 0x0)
sendmsg$nl_route(r4, 0x0, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r3, &(0x7f0000000580)={0xa0002008})
pipe2$9p(&(0x7f0000001900)={0xffffffffffffffff, <r11=>0xffffffffffffffff}, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r3, 0x1, r11, &(0x7f00000000c0)={0x10})
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000001ec0)={0x0, 0x0, 0x0, 0x0, 0x3}, 0x28)
sendmsg$nl_route_sched(r0, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40000}, 0x0)

2m9.403999401s ago: executing program 2 (id=844):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$TCFLSH(r4, 0x400455c8, 0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000015, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff3}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4044080}, 0x400000000000000)
socket$inet_tcp(0x2, 0x1, 0x0)
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff)

2m8.105983302s ago: executing program 2 (id=851):
syz_mount_image$exfat(&(0x7f0000000280), &(0x7f00000000c0)='./bus\x00', 0x2218050, &(0x7f0000000140)=ANY=[], 0x1, 0x1528, &(0x7f0000001800)="$eJzs3Au4TtX2MPAx5pyLTS5vkvsacyze5DJJklwScqkkSUjuCUmSJKnEJrckJEmuO8l1h9zTTu73W+6hnSNJkpCQZH7PTn061fn6n/PvHH1nj9/zrGfPsdYac421x/u+a633efb+suvQGo1qVq3PzPCv0D8P8OKPRABIAIABAJAdAAIAKJOjTI607Zk0Jv5LBxH/Jg2mXe4KxOUk/U/fpP/pm/Q/fZP+p2/S//RN+p++Sf/TN+m/EOlact4rZUm/i3z///859b9Jluv/fx/E3676R/tK///b6H9qb+l/upHh91ZK/9OL378ESP/TN+l/ehZc7gLEZSbv//RN+i9Euvanf6e87uw/s3/wb6nhP7xouPw1/KuLEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgjxH3DWX2IA4Ofx5a5LCCGEEEIIIYQQfx7/zuWuQAghhBBCCCGEEP9+CAo0GAggA2SEBMgEmeEKyAJZIRtkhxhcCTngKsgJV0MuyA15IC/kg/xQAEIgsMAQQUEoBHG4BgrDtVAEikIxKA4OSkBJuA5KwfVQGm6AMnAjlIWboByUhwpQEW6GSnALVIYqUBVuhWpQHWpATbgNboc7oBbcCbXhLqgDd0NduAfqwb1QHxpAQ7gPGsH90BiaQFNoBs2hBbT8g/yk7L+X/yx0h+egB/SEROgFveF56AN9oR/0hwHwAgyEF2EQvASDYQgMhZdhGLwCw+FVGAGvwUh4HUbBaBgDY2EcjIckeAMmwJswEd66PytMhikwFabBdEiGt2EGzIRZ8A7MhjkwF5IyzYcFsBDehUXwHqTA+7AYPoAlsBSWwXJYASthFayGNbAW1sF62AAbYRNshi3wIWyFbbAddsBO2AW74SPYA3thH3wMqfjJP5l/5u/zoRsCAipUaNBgBsyACZiAmTEzZsEsmA2zYQxjmANzYE7MibkwF+bBPJgP82EBLICEhIyMBbEgxjGOhbEwFsEiWAyLoUOHJbEklsLrsTSWxjJYBstiWSyH5bE8VsSKWAkrYWWsjFWxKlbDalgDa+BteBvegbWwFtbG2lgH62BdrIv1sB7Wx/rYEBtiI2yEjbExNsWm2BybY0tsia2wFbbG1tgW22I7bIftsT12wA7YETtiJ+yEnbEzdsEu2BW7Yjd8Gp/GZ/FZfA6fw55YTfXC3tgb+2Af7If9sT++gAPxRXwRX8LBOASH4sv4Mr6Cw/E0jsDXcCSOxEpqNI7BschqPCZhEmaECTgRJ+IknIyTcSpOw+mYjMk4A2fiTHwHZ+McnIPzcB4uwIW4EBfhe5iCKbgYz+ASXIrLcDmuwJW4AlfjGlyN63A9rsONuBE342b8ED/EbbgNd+AO3IW78CP8CPfiXhyMqZiK+3E/HsADeBAP4iE8hIfxMB7BI3gUj+IxPIbH8QSexBN4Ck/haTyDZwHgHJ7D83geL+CFtDe/SmOUURlUBpWgElRmlVllUVlUNpVNxVRM5VA5VE6VU+VSuVQelUflU/lUAVVAkSLFKlIFVUEVV3FVWBVWRVQRVUwVU045VVKVVKVUKVValVZl1I1ny6qbVDlVXrVxFVVFVUm1dZVVFVVVVVXVVHVVQ9VUNdXt6nZVS9VStVVtVUfVUXXVPaqe6oX9sIFK60wjNQQbq6HYVDVTzVUL9Qo+oFqp4dhatVFt1UPqNRyB7VUr10E9qjqqMdhJPa7G4hOqixqPXdVTqpt6Wj2jnlXdVWvXQ/VUk7CX6q2mYh/VV/VT/dUMrK7SOlZDvaQGqyFqqHpZLcBX1HD16l68+IGpRqnRaowaq8ap8SpJvaEmqDfVRPWWmqQmqylqqpqmpqtk9baaoWaqWeodNVvNUXPVPDVfLVAL1btqkXpPpaj31WL1gVqilqplarlaoVaqVWq1WqPWqnVqvdqgNqpNarPaoj5UW9U2tV3tUDvVLrVbfaT2qL1qn/pYpapP1H71N3VAfaoOqs/UIfW5Oqy+UEfUl+qo+kodU1+r4+qEOqm+UafUt+q0OqPOqu/UOfW9Oq9+UBeUV6BRK6210YHOoDPqBJ1JZ9ZX6Cw6q86ms+uYvlLn0FfpnPpqnUvn1nlMXp1P59cFdKhJW8060gV1IR3X1+jC+lpdRBfVxXRx7XQJXVJfp0vp63VpfYMuo2/UZfVNupwuryt40DfrSvoWXVlX0VX1rbqarq5r6Jr6Nn27vkPX0nfq2vouXUffrevqe3Q9fa+urxvohvo+3UjfrxvrJrqpbqab6xa6pX5At9IP6kC30W31Q7qdfli314/oDvpR3VE/pjvpx3Vn/YTuop/UXfVTupuuAgA/6Ava6x66p07UvXRv/bzuo/vqfrq/HqBf0AP1i3qQfkkP1kP0UP2yHqZf0cP1q3qEfk2P1K/rUXq0HqPH6nF6vE7Sb+gJ+k09Ub+lJ+nJeoqeqqfp6bpf2kygLr5i/iD/zd/JH/Tj0TfrLfpDvVVv09v1Dr1T79K79W69R+/R+/Q+napT9X69Xx/QB/RBfVAf0of0YX1YH9FH9FF9VB/Tx/RxfUJ/p7/Rp/S3+rQ+o8/o7/Q5fU6f1xd/B2DQKKONMYHJYDKaBJPJZDZXmCwmq8lmspuYudLkMFeZnOZqk8vkNnlMXpPP5DcFTGjIWMMmMgVNIRM315jC5lpTxBQ1xUxx40wJU9Jc97/O/6P6WpqWppVpZVqb1qataWvamXamvWlvOpgOpqPpaDqZTqaz6Wy6mC6mq+lquplu5hnzjOluupsepodJNImmt3ne9DF9TT/T3wwwL5iBZqAZZAaZwWawGWqGmmFmmBluhpsRCT/dMplRZowZY8aZcSbJZzcTzAQz0Uw0k8wkM2VAdjPNTDPJJtnMMDPMLDPLzDazzVwz18w3881Cs9AsMotMikkxi81is8QsNUvNcrPcrDQrzWqz2qw1a816s95sNBvNErPFbDFbzVaz3Ww3O81Os9vsNnvMHrPP7DOpJtXsN/vNAXPAHDQHzSFzyBw2h80Rc8QcNUfNMXPMHDfHzUlz0pwyp8xpc9qcNWfNOXPOnDfnzQVzIe22L1CBCkxgggxBhiAhSAgyB5mDLEGWIFuQLYgFsSBHkCPIGVwd5ApyB3mCvEG+IH9QIAgDCmzAQRQUDAoF8eCaoHBwbVAkKBoUC4oHLigRlAyuC0oF1welgxuCMsGNQdngpqBcUD6oEFQMbg4qBbcElYMqQdXg1qBaUD2oEdQMbgtuD+4IagV3BrWDu4I6wd1B3eCeoF5wb1A/aBA0DO4LGgX3B42DJkHToFnQPGgRtPxT5/f+dO4HXY+wZ5gY9gp7h8+HfcK+Yb+wfzggfCEcGL4YDgpfCgeHQ8Kh4cvhsPCVcHj4ajgifC0cGb4ejgpHh2PCseG4cHyYFL4RTgjfDCeGb4WTwsnhlGBqOC2cHiaHb4czwpnhrPCdcHY4J5wbzgvnhwtC/OnikhK+Hy4OPwiXhEvDZeHycEW4MlwVrg7XhGvDdeH6cEO4sczAi7uGW8Nt4fZwR7gz3BXuDj8K94R7w33hx2Fq+Em4P/xbeCD8NDwYfhYeCj8PD4dfhEfCL8Oj4VfhsfDr8Hh4IhOE34Snwm/D0+GZ8Gz4XXgu/D48H/4QXgh92s192uWdDBnKQBkogRIoM2WmLJSFslE2ilGMclAOykk5KRflojyUh/JRPipABSgNE1NBKkhxilNhKkxFqAgVo2LkyFFJKkmlqBSVptJUhspQWSpL5chSBapAN9PNdAvdQlWoCt1Kt1J1qk41qSYh3k61qBbVptpUh+pQXapL9age1af61JAaUiNqRI2pMTWlptScmlNLakmtqBW1ptbUltpSO2pH7ak9daAO1JE6UifqRJ2pM3WhLtSVulI36kbP0DPUnbpTD+pBiZRIvak39aE+1I/60QAaQANpIA2iQTSYBtNQGkrDaBgNp+E0gl6jkfQ6jaLRNIbG0jgaT0mURBNoAk2kiTSJJtEUmkLTaBolUzLNoBk0i2bRbJpNc2kuzaf5tJAW0iJaRCmUQotpMS2hJbSMltEKWkGraBWtoTW0jtbRBtpAm2gTbaEttJW20nbaTjtpJ+2m3bSH9tA+2keplEr7aT8doAN0kA7SITpEh+kwHaEjdJSO0jE6RsfpOJ2kk3SKTtFpOk1n6Sydo+/pPP1AF8hTgs1kM9srbBab1Waz2e2v4zw2r81n89sCNrS5bG6bCQB+jslaW8QWtcVscetsCVvSXvebuJwtbyvYivZmW8neYivbcjYT/DK+3d5ha9k7bW17l61pb/u7uI6929a199t6tomtb5vZhraFbWTvt41tE9vUNrPNbQvbzj5s29tHbAf7qO1oH/tNvMi+Z9fYtXadXW/32L32rP3OHrFf2nP2e9vD9rQD7At2oH3RDrIv2cF2yN/HAHakfd2OsqPtGDvWjrPjfxNPsVPtNDvdJtu37Qw78zfxQvuunW1T7Fw7z863C36M02pKse/bxfYD7723y+xyu8KutKvs6v9b63K70W6ym+1u+5HdarfZ7XaH3Wl3/Rinncc++7FNtZ/Yw/YLe8B+ag/ao/aQ/fzHOO38jtqv7DH7tT1uT9iT9ht7yn5rT9szP55/2rl/Y3+wF6y3wMiKNRsOOANn5ATOxJn5Cs7CWTkbZ+cYX8k5+CrOyVdzLs7NeTgv5+P8XIBDJrbMHHFBLsRxvoYL87VchItyMS7OjktwSb6OS/H1XJpv4DJ8I5flm7gcl+cKXJFv5kp8C1fmKlyVb+VqXH3bHRc/7fgOrsV3cm2+i+vw3VyX7+F6fC/X5wbckO/jRnw/N+Ym3JSbcXNuwS35AW7FD3JrbsNt+SFuxw9ze36EO/Cj3JEf4078OHfmJ7gLP8ld+Snuxk/zM/wsd+fnuAf35ETuxb35ee7Dfbkf9+cB/AIP5Bd5EL/Eg3kID+WXmfkVHs6v8gh+jUfy6zyKR/MYHsvjeDwn8Rs8gd/kifwWT+LJPIWn8jSezsn8Ns/gmTyL3+HZPIfn8jyezwt4Ib/Li/g9TuH3eTF/wEt4KS/j5byCV/IqXs1reC2v4/W8gTfyJt7MW/hD3srbeDvv4J28i3fzR7yH9/I+/phT+RPez3/jA/wpH+TP+BB/zof5Cz7CX/JR/oqP8dd8nE/wSf6GT/G3fJrP8Fn+js/x93yef+AL7BkijFSkIxMFUYYoY5QQZYoyR1dEWaKsUbYoexSLroxyRFdFOaOro1xR7ihPlDfKF+WPCkRhRJGNOIqiglGhKB5dExWOro2KREWjYlHxyEUlopLRdVGp6PqodHRDVCa6MSob3RSVi8pHFaKK0c1RpeiWqHJUJaoa3RpVi6pHNaKa0W3R7dEdUa3ozqh2dFdUOro7qhvdE9WL7o3qRw2ihtF9UaPo/qhx1CRqGjWLmkctopbRA1Gr6MGoddQmahs9FLWLHo7aR49EHaJHo47RY5e2Fw0uvr5+tT0x6hXpn2737tTz4wviC+PvxhfF34unxN+PL45/EF8SXxpfFl8eXxFfGV8VXx1fE18bXxdfH98Q3xjfFN8c975mRnCY9iAMxgUug8voElwml9ld4bK4rC6by+5i7kqXw13lcrqrXS6X2+VxeV0+l98VcKEjZx27yBV0hVzcXeMKu2tdEVfUFXPFnXMlXEnXwrV0LV0r96Br7dq4tu4h95B72D3sHnGPuEddR/eY6+Qed53dE66Le9I96Z5y3dzT7hn3rOvunnM9XE+X6BJdb9fb9XF9XD/Xzw1wA9xAN9ANcoPcYDfYDXVD3TA3zA13w90IN8KNdCPdKDfKjXFj3Dg3ziW5JDfBTXAT3UQ3yU1yU9wUN81Nc8ku2c1wM9wsN8vNdrPdXDfXzXfz3UK30C1yi1yKS3GL3WK3xC1xy9wyt8KtcKvcKrfGrXHr3Dq3wW1wm9wmt8VtcVvdVrfdbXc73U632+12e9wet8/tc6ku1e13+90Bd8AddJ+5Q+5zd9h94Y64L91R95U75r52x90Jd9J94065b91pd8addd+5c+57d9794C4475Jib8QmxN6MTYy9FZsUmxybEpsamxabHkuOvR2bEZsZmxV7JzY7Nic2NzYvNj+2ILYw9m5sUey9WErs/dji2AexJbGlsWWx5bEVsZUx7/NvjXxBX8jH/TW+sL/WF/FFfTFf3Dtfwpf01/lS/npf2t/gy/gbfVl/ky/ny/sKvolv6pv55r6Fb+kf8K38g761b+Pb+od8O/+wb+8f8R38o76jf8x38o/7zv4J38U/6bv6p+b89PL03f1zvofv6RN9L9/bP+/7+L6+n+/vB/gX/ED/oh/kX/KD/RA/1L/sh/lX/HD/qh/hX/Mj/et+lB/tx/ixfpwf75P8G36Cf9NP9G/5SX6yn+Kn+ml+uk/2b/sZfqaf5d/xs/0cP9fP8/P9Ar/Qv+sX+fd8in/fL/Yf+CV+qV/ml/sVfqVf5Vf7NX6tX+fX+w1+o9/kN/stPiNs9dv8dr/D7/S7/G7/kd/j9/p9/mOf6j/x+/3f/AH/qT/oP/OH/Of+sP/CH/Ff+qP+K3/Mf+2P+xP+pP/Gn/Lf+tP+jD/rv/Pn/Pf+vP/BX5C/WRNCCCGE+B9J/IPtvX5nnfppMQDQGwCybst76Jfb056bNuS6OO6r9nSMAcCjPbs2+Hlp0CAx8efjLtEQFJoHALFL+RngUrwU2sLDP45K/W59fVUF5F/NH/xie9r88RsBMgNk+nldAvwY/2L+DtAGrv8H8zd599fz/7r++DyAIoUu5aQd6Of40vyl/8H8u9r9wfyZPk0CaP2LnCxwKb40f0l4EB6DDn+3pxBCCCGEEEIIcVFfda7bHz3fpj2f5zOXcjLCpfjS8+fvP5//gcp/xjkIIYQQQgghhBDi/+2Jp5955IEOHdp0/m8eZPxrlPEXGCAA/AXKkMFff3C5P5mEEEIIIYQQf7ZLN/2XuxIhhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEECL9+tf/Q5j6H+/8y+Ppy3eqQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghhBBCCCGEEEIIIYQQQgghxGXzfwIAAP//mQVHMg==")
truncate(&(0x7f0000000140)='./file2\x00', 0x6400)
openat(0xffffffffffffff9c, &(0x7f00000021c0)='./file1\x00', 0x9742, 0xee)

2m5.252233681s ago: executing program 2 (id=857):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x30000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x1, 0x8010000000000084)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cgroup.controllers\x00', 0x275a, 0x0)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x14, &(0x7f0000000280)={@mcast2}, &(0x7f00000002c0)=0x14)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb, 0x1000)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
r4 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002)
ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000000180)=0xf0)
ioctl$CEC_S_MODE(r4, 0x40046109, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x40)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000014000101a4bd7000fddbdf25011f88104e"], 0x4c}, 0x1, 0x0, 0x0, 0x40480cc}, 0x40000)

2m4.206475374s ago: executing program 2 (id=860):
syz_mount_image$vfat(&(0x7f0000000540), &(0x7f0000000080)='./file1\x00', 0xa18c14, &(0x7f0000000640)=ANY=[@ANYBLOB="6e6f6e756d7461696c3d302c696f636861727365743d63703933322c757466383d312c636f6465706167653d383635002ed07d787b07dc2c73686f72746e616d653d6c6f7765722c6e6f6e756d7461696c3d302c6e6f6e756d7461696c3d302c757466383d312c73686f72746e616d653d6c6f7765722c6572726f72733d636f6e74696ea593525436924475652c73686f72746e616d543d6d697865642c726f6469722c696f636861727365743d63703934392c73686f72746e616d653d77692a916b3bcabebfd9d175fed7817c716e6e74157566bc7d321f749de2e645185611aff00bf0230b90602e311671cee4aa30a37355f6bec47cbce15351ec5f6c5fb14cf492cec318343c9efcbc753f3e4e92720e"], 0x81, 0x2a6, &(0x7f0000000180)="$eJzs3U9rI2UYAPBn0kmaqpAcPInggB48ld39BBukwmJOSg560cXtgiRhoYGAfzDuybvgye/gd/ADePEbePAoeLMHcSSZmSRNpu1WYla6v99lnsz7PPP+ydsWCnnzyevj4aMnk8dPv/o12u0kGvfjfpwn0Y1GVL4JAOA2Oc/z+CMvXJebRisi8k75qrGH4QEA/4HzPD941r//AMDt8MGHH73X6/dP3s+ydsT42+kgieJatPcex2cxitO4E534KyJfKuJXHvRPIs2y6p8B06MYRIw//rl83fs9YlF/NzrR3axvlVnZQrw1nk0H857n12a8lET08qRIuRedeDUib0b5kOLy7oP+yb1suz4GrXj7zR/K8f99GsfRiV8+jScxikeLR6zqv76bZe/k3//5ZTGDQUQymw4OF3kr+cFe3hAAAAAAAAAAAAAAAAAAAAAAAF4Ix9lSd/38nOo0wOPj+vZLzwcqT/iZrZ2vcyfLsuoYn+mgGUV9Gq+lkT6/mQMAAAAAAAAAAAAAAAAAAMD/x+TzL4YPR6PTswvBT/k8OLoyZzNI1+5UH+u/vqo+GP4YcfOqZwnioBzaKNnqIqmadtDX4U2Sj+o6jcZla5iOohj8dzcf2Bu7muCVQbW7hg+TuCa5Xb9J1nZdtQ3PJkndhkwXTVtPzmuW7uDSYbR2NPfWy/+2/Kh2oeYzbi4X82JVe/5Ort1p7vgnZUOy8989AAAAAAAAAAAAAAAAAADARasP/cZvW41Pn8uQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGDvVt//vwyiu3lnM5iVxYs7jauTD88mNd129zxNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbrl/AgAA//9BoFPu")
r0 = creat(&(0x7f0000000100)='./bus\x00', 0x1fb978507dcbbbd6)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x7fffffffffffffff, 0x8005, 0x0, 0x0, 0x12, 0xd, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
write$cgroup_int(r0, &(0x7f00000000c0), 0x12)

2m3.138417118s ago: executing program 2 (id=863):
r0 = syz_open_dev$dvb_frontend(0x0, 0x0, 0x40002)
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000340)=<r1=>0x0)
fcntl$lock(0xffffffffffffffff, 0x5, 0x0)
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r2 = syz_open_dev$sg(&(0x7f0000000000), 0x0, 0x8002)
r3 = fcntl$dupfd(r2, 0x0, r2)
ioctl$SG_IO(r3, 0x2285, &(0x7f0000000400)={0x53, 0xfffffffffffffffd, 0x6, 0xe9, @buffer={0x0, 0x0, 0x0}, &(0x7f0000000180)='\x00\x00\x00\x00\x00\x00', 0x0, 0xb, 0x0, 0x80, 0x0})
ioctl$FE_GET_EVENT(r0, 0x80286f4e, 0x0)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xa, 0x0)

2m2.651176563s ago: executing program 2 (id=867):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x1c1102)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_TOL(r1, &(0x7f0000004140)={0x0, 0x0, &(0x7f0000004100)={0x0}, 0x1, 0x0, 0x0, 0xc0000}, 0x40080)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r1, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x21c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}]}, 0x44}}, 0x40000a4)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f0000000200)=0x188, 0x4)
sendto$inet(r3, &(0x7f0000000000)="f461c5bbd75c3583", 0xffc7, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r3, &(0x7f000000ae80)=[{{0x0, 0x0, 0x0}, 0xe26}], 0x1, 0x10000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000021c0)=@newtaction={0x14, 0x76, 0x1, 0x0, 0x3}, 0x14}, 0x1, 0x0, 0x0, 0x40044}, 0x0)
ioctl$SIOCX25GSUBSCRIP(0xffffffffffffffff, 0x89e0, &(0x7f00000003c0)={'bond_slave_0\x00', 0x5})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000880)={{r3}, 0x0, 0x0, @inherit={0x60, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000003000000000000000700000000000000030000000000000012000000000000000000fb10ce320000000000000000000006000000000000000600000000000000ec0500000000000080030000000000000004000000000000"]}, @subvolid=0x81})
ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000000100)={0x7, 0x2, 0x0, {0x5, 0xfffffffe, 0x27, 0x7}})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xe)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

2m2.12165257s ago: executing program 34 (id=867):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x1c1102)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$TIPC_CMD_SET_LINK_TOL(r1, &(0x7f0000004140)={0x0, 0x0, &(0x7f0000004100)={0x0}, 0x1, 0x0, 0x0, 0xc0000}, 0x40080)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x28000, 0x0)
r3 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
sendmsg$NL80211_CMD_SET_MCAST_RATE(r1, &(0x7f00000005c0)={&(0x7f0000000240)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000580)={&(0x7f0000000500)={0x44, 0x0, 0x400, 0x70bd2b, 0x25dfdbfc, {{}, {@void, @void}}, [@NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0xa}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x21c}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x168}, @NL80211_ATTR_MCAST_RATE={0x8, 0x6b, 0x14}]}, 0x44}}, 0x40000a4)
setsockopt$inet_int(r3, 0x0, 0x14, &(0x7f0000000200)=0x188, 0x4)
sendto$inet(r3, &(0x7f0000000000)="f461c5bbd75c3583", 0xffc7, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvmmsg(r3, &(0x7f000000ae80)=[{{0x0, 0x0, 0x0}, 0xe26}], 0x1, 0x10000, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0x2)
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000700)={&(0x7f00000021c0)=@newtaction={0x14, 0x76, 0x1, 0x0, 0x3}, 0x14}, 0x1, 0x0, 0x0, 0x40044}, 0x0)
ioctl$SIOCX25GSUBSCRIP(0xffffffffffffffff, 0x89e0, &(0x7f00000003c0)={'bond_slave_0\x00', 0x5})
ioctl$BTRFS_IOC_SUBVOL_CREATE_V2(0xffffffffffffffff, 0x50009418, &(0x7f0000000880)={{r3}, 0x0, 0x0, @inherit={0x60, &(0x7f0000000180)=ANY=[@ANYBLOB="000000000000000003000000000000000700000000000000030000000000000012000000000000000000fb10ce320000000000000000000006000000000000000600000000000000ec0500000000000080030000000000000004000000000000"]}, @subvolid=0x81})
ioctl$VIDIOC_G_SELECTION(0xffffffffffffffff, 0xc040565e, &(0x7f0000000100)={0x7, 0x2, 0x0, {0x5, 0xfffffffe, 0x27, 0x7}})
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xe)
ioctl$TIOCVHANGUP(r2, 0x5437, 0x0)

8.403379326s ago: executing program 7 (id=1277):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x14b442, 0x82)
pwritev2(r0, &(0x7f0000000100)=[{&(0x7f0000000080)="ff", 0xabfb}], 0x1, 0x5412, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x20085e, &(0x7f0000000100)={[{@grpjquota}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0xa32}}, {@noinit_itable}]}, 0x1, 0x548, &(0x7f00000008c0)="$eJzs3c9vI1cdAPDvOLGT3U2bbekBELRLW1jQap2Nt11VPUA5IYQqIXoEaRsSbxTFjqPYKU1YifTMFYlKnODIH8C5J+5cENy4lAMSPyJQg8Rh0IwnWSexk7SbxJH9+WhHnjdjz/e9Tea98dfxvADG1q2I2ImISkS8GxGzxfakWOKt7pI975Pdx4t7u48Xk0jTd/6Z5PuzbdHzmsyN4pjTEfGD70T8ODket721vbrQaNQ3ivJcp7k+197avrvSXFiuL9fXarUH8w/uvXH/9dqnaM30iXtfalaKtS9//Iedb/w0q9ZMsaW3Heep2/TyQZzMZER87yKCDcFE0Z7KsCvCZ1KKiOcj4uX8/J+NifynCQCMsjSdjXS2twwAjLpuDiwpVYtcwEyUStVqN4f3QlwvNVrtzp1Hrc21pW6u7GaUS49WGvV7Ra7wZpSTrDyfrz8p146U70fEcxHxi6nIy9XFVmNpmBc+ADDGbhwZ//8z1R3/AYARd/KfzQAAo8j4DwDjx/gPAOPH+A8A46c7/l/7tC9L0/RnF1EdAOAS5ON/n5t0AQCjS/4fAMbK999+O1vSveL+10vvbW2utt67u1Rvr1abm4vVxdbGenW51VrO79nTPO14jVZrff612Hz/5jfX25259tb2w2Zrc63zML+v98N6OX/WziW0DAAY5LmXPvpzko3Ib17Ll+iZy6E81JoBF6007AoAQzNxfJNPA2BMdGf78rc/MI6evMcfNOwPnNlRegBGxGlXANP9viCUpml6cVUCLtjtL8j/w7gq8v+T8n4wfvrk/w/J5wb2ISGMpMlhVwAYmjRNzjrnf5z1iQDA1XZCjv/mZV6HAMMz4PP/54vH3xYfDvxo6egzPrzIWgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDVtj//b7WY5ncmSqVqNeKZfAKgcvJopVG/FxHPRsSfpspTWXl+yHUGAJ5W6W9JMf/X7dlXZw7tevHGwWolIn7yq3d++f5Cp7Pxx4hK8q+p/e2dD4vttVODTV9ECwCAk+2P0/ljzxv5T3YfL+4vl1mfv3+7e1WQxd3brcTeQfzJmMwfp6McEdf/nRTlrqQnd/E0dj6IiM/3a38SM3kOpHvJcjR+FvuZc4o/cab4pUPxS8UEzaXi/+Jz51AXGDcfZf3PW/3Ov1Lcyh/7n//TeQ/19Ir+LzvU4l7eBz6Jv9//TQzo/24dP9xU3xiv/f673bVrx/d9EPHFyYj92Hs9/c/+HPHJgPivnrGNf/nSiy8P2pf+OuJ29I/fG2uu01yfa29t311pLizXl+trtdqD+Qf33rj/em0uz1HPDR4N/vHmnWePbCr3tv/6gPjdn/x0DGr/VweNQUfe5f7mf+/+8CsD6pbF//or/eKX4oUT4mcN+NrAFh+2cP13A993Z/GXjrc/yf5NntL+O2eM//Fft49NGw4ADE97a3t1odGob1gZ0ZXK1ajG+axkv7JXoBp9V751WbEq0X/Xz1/pntNHdqXpiQesRN9XNQb1GOeRdQOugoOTPiL+O+zKAAAAAAAAAAAAAAAAfV3GN5aG3UYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABG1/8DAAD//6XW2Bk=")
r1 = creat(&(0x7f00000000c0)='./bus\x00', 0x182)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x80642, 0x150)
pwrite64(r2, &(0x7f0000000140)='2', 0xfdef, 0xfecc)
fallocate(r1, 0x0, 0xbf5, 0x2000402)
ioctl$EXT4_IOC_MOVE_EXT(r2, 0xc028660f, &(0x7f0000000040)={0xc, r1, 0x0, 0x0, 0x0, 0xfffffffffdffffff})

7.333692329s ago: executing program 7 (id=1284):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
listen(r2, 0x0)
r6 = openat$cgroup_subtree(r1, &(0x7f0000000200), 0x2, 0x0)
write$cgroup_subtree(r6, &(0x7f0000000040), 0x0)

7.160099065s ago: executing program 1 (id=1288):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$P9_RWALK(0xffffffffffffffff, 0x0, 0x23)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0285629, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)

6.170859136s ago: executing program 7 (id=1292):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x36, [0xfffffff8, 0x8, 0x5, 0x109, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x1, 0x81, 0x8a, 0x79, 0x2, 0x8, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x7ff, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc68, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffe, 0x809, 0x4, 0xa7, 0x8, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0xffff8001, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0xc7c, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x9, 0x8, 0x3fc, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x4005, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x8, 0x9d26, 0x10000, 0x1, 0x2, 0x8922, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa776, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0xc, 0x140f2, 0x5396, 0x3, 0x80000001, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x110009, 0xc, 0x3, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x4, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000740)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@data_err_ignore}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@errors_remount}, {@lazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0x1, 0x481, &(0x7f0000003380)="$eJzs3MtvFdUfAPDv3D54/9of4gMEqaKR+GhpecjCjUYTFpqY6ALjqraFVAo1tCZCiFYXuDQk7o3/hXGlG6NuNHGre0NCDDEBdTNm7szApdwpt/S2F3o/n2Tac2ZO7znfOXNuz8xpbwBdayj7kkRsjYjfImIgz95aYCj/dv3qhYm/r16YSCJN3/wzqZe7dvXCRFm0/LkteSZNi/yGJvVefCdifGZm6myRH5k//f7I3Lnzz0+fHj85dXLqzNjRo4cO7uk/Mna4LXFmcV3b9dHs7p3H3r70+sTxS+/+mNQijzsWxdEuQ/nZbeqpdlfWYdsa0klv45G9P99MN7sS6KSeiMi6q68+/geiJzbdODYQr37a0cYBqypN03SJd+WFFFjHkuh0C4DOKH/RZ/e/5bZGU497wpWX8hugLO7rxZYf6Y1antjbt+j+dmsb6x+KiOML/3yZbbFKzyEAABp9m81/nms2/6vFQ3miP/vyv2INZTAi/h8R2yPigYjYEREPRtTLPhwRjyyz/sUrJLfPf2qX7zq4FmTzvxeLta1b53+1sshgT5HbVo+/LzkxPTN1oDgn+6Nvw4npZGp0iTq+e+XXz6uONc7/si2rv5wLFu243LvoAd3k+Pz4SmJudOWTiF29zeJPolzGSSJiZ0Tsuss6pp/prTx25/iXUP2yLUu/ing67/+FWBR/Kalcnxx94cjY4ZGNMTN1YKS8Km730y8X36iqf0Xxt0HW/5ubXv834h9MNkbMnTt/qr5eO7esl8+GTlz8/bPKe5oi/mx4tXL9H9tWXP/9yVv1Hf3FgQ/H5+fPjkb0J6/dvn/s5quV+bJ8Fv/+fc3H//a4eSYejYjdEbEnIh7LbgqLtj8eEU9ExL4lTsIPLz/53h3ib9L/a7NWmsU/Wd3/f6VZ/0dj/y8/0XPq+2/uHP/GiKjq/0P11P5iTyvvf602cKXnDwAAAO4H+d/AJ7XhG+labXg4/xv+HbG5NjM7N//sidkPzkzm696D0Vcrn3QNNDwPHS2eDZf5sUX5g8Vz4y96NtXzwxOzM5OdDh663JaK8Z/5o6fTrQNWXRvW0YD7lPEP3cv4h+6UGP/Q1Yx/6F7Nxv/HlaWHv17VxgBryu9/6F4tjP+F/Fv1rAC4PzUb/wMdaAew9sz/oStV/m98bUX/8r/miX+LzzO8V9qz/hNRuyeasf4TvS1/mMUyEmkxv8/2bGhaptPvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO3xXwAAAP//2Y/lXQ==")
openat(0xffffffffffffff9c, &(0x7f0000000480)='.\x00', 0x10000, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x31}}, 0x2, 0x0, 0x4}}, 0x2e)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

5.353661562s ago: executing program 5 (id=1295):
syz_open_dev$dvb_demux(0x0, 0x13, 0x41)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sendmsg$IPVS_CMD_GET_DAEMON(0xffffffffffffffff, 0x0, 0x40)
ioctl$FBIOPUT_VSCREENINFO(0xffffffffffffffff, 0x4601, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_REG(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000000)={0x14, r2, 0x701, 0x70bd2c, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8000}, 0x8814)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_open_dev$tty1(0xc, 0x4, 0x4)
write$UHID_INPUT(r3, &(0x7f0000001040)={0x9, {"a2e3ad21ed0d09f90e3d090987f70e06d038e7ff7fc6e5539b0d5b0e8b099b3f36006e090890e0878f0e1ac6e7f89b334d959b639a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d074a0936cd3b78130daa61d8e8040000005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0a6193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000400000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617679314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec230911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918c91243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac5a4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4b333bd5bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3be3b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ce0700c7e658828163e2d25c4aa348561f927eff7f3aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f05004b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d486046b2c0e2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee6157eb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de225727aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d78749a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29c60acebdbe8ddbd75c2f998d8a57f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95ff80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8870b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513007000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae8489d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60299473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d946a2daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810300000000000000a12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf000000800000000007b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae0e797e8bd1f4108b7807fb36207685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ad50dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b9048017848416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1db44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b00f1000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de9c0587c2cb5fe36d7d3e5db21b013b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cf4b23329072e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06810002000000000000957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f3e90d5943dbc10360a1a49700d1dfbf66d69f6fbafe1e83cdde8bb0d872a02238926407a4eddd5d0fc5a752f900000000000000100", 0x35e}}, 0x1006)

5.243047875s ago: executing program 6 (id=1297):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
r1 = inotify_init()
sched_setscheduler(0x0, 0x2, 0x0)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
openat$cgroup_procs(0xffffffffffffffff, 0x0, 0x2, 0x0)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r5, 0x800448d2, 0x0)
inotify_add_watch(r1, &(0x7f0000000340)='.\x00', 0xa50003d1)
readv(r1, &(0x7f0000000140), 0x0)
readv(r1, 0x0, 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)

4.840018838s ago: executing program 5 (id=1298):
r0 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000280), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r0, &(0x7f00000000c0)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000080)={<r1=>0xffffffffffffffff}, 0x111, 0x6}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r0, &(0x7f0000000380)={0x3, 0x40, 0xfa00, {{0xa, 0x4e20, 0xb, @empty, 0x1}, {0xa, 0x4e22, 0x2, @remote, 0x80000000}, r1, 0xfffffe4d}}, 0x48)
r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f00000004c0), 0x2, 0x0)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000000)={0x0, 0x18, 0xfa00, {0x0, &(0x7f0000000100)={<r3=>0xffffffffffffffff}, 0x111, 0x8}}, 0x20)
write$RDMA_USER_CM_CMD_RESOLVE_IP(r2, &(0x7f0000000180)={0x3, 0x40, 0xfa00, {{0xa, 0x4e23, 0xe, @empty, 0x2}, {0xa, 0x4e23, 0x7, @remote, 0x3}, r3, 0x7}}, 0x48)

4.676175203s ago: executing program 5 (id=1299):
r0 = io_uring_setup(0x7272, &(0x7f0000000440)={0x0, 0xf2ab, 0x40, 0x1, 0x117})
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000340)=""/141, 0x8d}], 0x113e)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x6, 0x4, &(0x7f0000002180)=ANY=[], 0x0}, 0x94)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
io_uring_register$IORING_REGISTER_FILES(r0, 0x2, &(0x7f0000000200)=[r0], 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0)
fstat(r1, &(0x7f0000000640))
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r2, 0x0, 0x0)
write$tcp_mem(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=ANY=[@ANYBLOB="6a0ac4ff02"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4f, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)
io_uring_register$IORING_REGISTER_FILES(r0, 0x1e, &(0x7f0000000000)=[r0], 0x1)
syz_emit_ethernet(0x76, &(0x7f0000000480)={@local, @link_local, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "120008", 0x40, 0x3a, 0x0, @remote, @local, {[], @pkt_toobig={0x8, 0x2, 0x0, 0x0, {0x0, 0x6, "000810", 0x0, 0x11, 0x0, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010102}, @private2, [@dstopts={0x0, 0x0, '\x00', [@padn]}]}}}}}}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f00000001c0)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x4, 0x0, 0x300, 0x41002}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_MASTER={0x8}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4}, 0x8044)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_emit_ethernet(0x42, &(0x7f0000000240)=ANY=[@ANYBLOB], 0x0)
pipe2(&(0x7f0000000000)={0x0, <r4=>0x0}, 0x0)
close_range(r4, 0xffffffffffffffff, 0x80000000000)

4.603958165s ago: executing program 7 (id=1301):
syz_emit_ethernet(0x36, &(0x7f0000000200)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0xfc, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x5, 0x10, 0xca, 0x0, 0x1001}}}}}}, 0x0)

4.520924478s ago: executing program 5 (id=1303):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ptrace$poke(0x4, r0, 0x0, 0x917)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$TCFLSH(r4, 0x400455c8, 0x2)
ioctl$TIOCSETD(r4, 0x5412, &(0x7f0000000140)=0xffffffc0)

4.336158784s ago: executing program 7 (id=1304):
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000300)='./file0\x00', 0x8410, &(0x7f0000000740)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x6000}}, 0x0, 0x0, 0x0)
r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x80, &(0x7f00000002c0)={{'fd', 0x3d, r1}, 0x2c, {'rootmode', 0x3d, 0x4000}})
mount$fuse(0x0, &(0x7f00000000c0)='./file0/../file0\x00', &(0x7f0000000140), 0x8, &(0x7f0000002400)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0xa000}})

3.52239926s ago: executing program 4 (id=1305):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000018c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000a00)=ANY=[@ANYBLOB="280000001e000100000000000000000007000000", @ANYRES32=0x0, @ANYBLOB="000002e509"], 0x28}}, 0x0)

3.439811302s ago: executing program 4 (id=1306):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
ptrace$poke(0x4, r0, &(0x7f0000000380), 0x917)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
ioctl$TIOCSETD(r3, 0x5423, &(0x7f00000000c0)=0xf)
r4 = fcntl$dupfd(r3, 0x0, r3)
ioctl$TCFLSH(r4, 0x400455c8, 0x2)
ioctl$TIOCSETD(r4, 0x5412, &(0x7f0000000140)=0xffffffc0)
syz_open_procfs(0xffffffffffffffff, &(0x7f00000001c0)='status\x00')
mount$binderfs(0x0, &(0x7f00000023c0)='./binderfs\x00', &(0x7f0000002400), 0x2004000, 0x0)
kcmp$KCMP_EPOLL_TFD(0xffffffffffffffff, r0, 0x7, 0xffffffffffffffff, &(0x7f0000000000)={0xffffffffffffffff, r4, 0x2})
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x6)
r5 = socket$netlink(0x10, 0x3, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)=ANY=[], 0x48)
sendmsg$nl_route_sched(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000001c0)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x10000015, {0x0, 0x0, 0x0, 0x0, {0x1, 0xfff3}, {}, {0xe}}, [@TCA_INGRESS_BLOCK={0x8}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000000, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x4044080}, 0x400000000000000)
socket$inet_tcp(0x2, 0x1, 0x0)
request_key(&(0x7f0000000100)='encrypted\x00', &(0x7f0000000280)={'syz', 0x3}, &(0x7f0000000340)='-@\x00', 0xffffffffffffffff)
add_key$keyring(&(0x7f0000000080), 0x0, 0x0, 0x0, 0xffffffffffffffff)

3.433253183s ago: executing program 7 (id=1307):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000005c0)=ANY=[], 0x50)
bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYRESHEX=r0], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYRES32=r0, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xccbe5daed33c195, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = accept4(r1, 0x0, 0x0, 0x800)
accept4$bt_l2cap(r3, &(0x7f0000000080)={0x1f, 0x0, @none}, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
shmctl$SHM_LOCK(0x0, 0xb)
shmat(0x0, &(0x7f0000ffb000/0x2000)=nil, 0x4000)
shmctl$SHM_INFO(0x0, 0xe, &(0x7f0000000000)=""/64)
shmctl$SHM_UNLOCK(0x0, 0xc)
syz_mount_image$hfsplus(&(0x7f0000000000), &(0x7f00000000c0)='./file1\x00', 0x1008400, &(0x7f0000000100)=ANY=[], 0x85, 0x676, &(0x7f0000001240)="$eJzs3c1vHGcdB/DvbNZONpTUbZM2RZUSNRIgIhI7Vgrm0oAQyqFCVTlwthInsbJJi+0it0LUvF97yB9QDr5xQEjcI8qFC9x69bESgksvmNOimZ1db/y6bhOvHT6favw8M888z/ye387s7EujDfB/6/rFNB+myPWLbyyX62ur0+211el7vXqS40kaSbNbpPhPp9P5OLmW7pKXy431cMVOx3kwP/PWJ5+tfdpda9ZLtX9jt37DWamXnE9yrC4f13g39hrvxF7DFf0Zlgm70EscjNpYkk7lXw+6W37yt2f6LQNa2/Xe88wHjoCie9/cYiI5WV/o5euA7l2xe88+0lZGHQAAAAAcgGfXs57lnBp1HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHCU1L//X9RLo1c/n6L3+//j9bbU9cPl3P52f/ik4gAAAAAAAACAA3RuPetZzqneeqeovvN/tVo5Xf39Ut7NYuaykEtZzmyWspSFTCWZGBhofHl2aWlhqt+z938GbO15ZdueV/YI9Hhdth7HrAEAAAAAAADgqfPLXN/4/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6DIjnWLarldK8+kUYzyYkk4+V+K8k/evWj7OGoAwAAAIAvoDPkfs+uZz3LOdXvV1Tv+V+s3vefyLu5n6XMZyntzOVm9VlA911/Y211ur22On2vXLaO+91/7yvcasR0P3vY/shnqz1auZX5asul3MjbKYqbaVQ9S2d78Wwf1y/KmIrXu8aGjOxmXZYz/7Aut/hgX5PdyT4/TJmoMjLWz8hkHVuZjed2z8Q+H53NR5pKox/s6U1H2jSJR3L++pDHO1mX5Xx+u1POR2JzJq4MnH0v7p7z5Gt//sOP77Tv371za/Hi4ZnScI7VZfd5pbU1E9MDmXjpac7EFpNVJs7016/nB/lRLuZ83sxC5vPTzGYpczmf71e12fp8LgYu+R0yde2RtTf3imS8PkO7D9ajMWWPmF6t+p7KfH6Yt3Mzc3mt+u9KpvKtXM3VzAw8wmeGeKZt7HDVd768bfAXvl5XWkl+V5eV2829Jv6ElXl9biCvg8+5E1Xb4JaNLD2/j/tRL0t/3D2U5lfqSnmMX9Xl4bA5E1MDmXhh90z8vnpaWWzfv7twZ/ad4Q73/Id1pbyOfnOo7hLl+fJ8+WBVa4+eHWXbC3XbWLVs5Gu8/sal26+xpe1Mv617pa7seKWO16/hto50pWp7adu26art7EDb5tdb7f7roafhyx+Ap9bJb5wcb/2z9ffWR61ft+603jjxvePfPv7KeMb+Ovad5uSxrzZeKf6Uj/Lzjff/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA57f43vt3Z9vtuYVNlU6n88EOTUe50vs5swM86MvPJKOa8niSw5H5/3Y6nXpLcRji2b3SKR1P53N2/0uS4XZuJtmu6dzokzDiJybgibu8dO+dy4vvvf/N+Xuzt+duz92fuXp1ZnLm6mvTl2/Nt+cmu39HHSXwJGzc9EcdCQAAAAAAAAAAADCsg/jnBDsf/cRBThUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4oq5fTPNhikxNXpos19dWp9vl0qtv7NlM0khS/CwpPk6upbtkYmC4YqfjPJifeeuTz9Y+3Rir2du/sVu/4azUS84nOVaXj2u8G194vKI/wzJhF3qJg1H7XwAAAP//DJEGHw==")
rename(&(0x7f0000000440)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', &(0x7f0000000b00)='./file3\x00')

2.497579692s ago: executing program 1 (id=1308):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_devices(r0, &(0x7f00000002c0)='devices.deny\x00', 0x2, 0x0)
write$cgroup_devices(r1, &(0x7f0000000400)={'b', ' *:* ', 'w\x00'}, 0x8)

2.448136373s ago: executing program 4 (id=1309):
r0 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_INIT(r0, 0x0, 0xc8, &(0x7f0000003d40), 0x4)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
r2 = socket$igmp(0x2, 0x3, 0x2)
setsockopt$MRT_ADD_VIF(r2, 0x0, 0xca, &(0x7f00000000c0)={0x8, 0x0, 0x0, 0xc, @vifc_lcl_addr=@local, @dev={0xac, 0x14, 0x14, 0x3c}}, 0x10)
setsockopt$inet_mreq(r1, 0x0, 0x23, &(0x7f0000000000)={@multicast1=0xe0000300, @local}, 0x8)
syz_emit_ethernet(0x2a, &(0x7f0000000080)={@local, @remote, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x1c, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast1=0xe0000300}, @address_request}}}}, 0x0)
setsockopt$MRT_ADD_MFC_PROXY(r2, 0x0, 0xd2, &(0x7f0000000200)={@initdev={0xac, 0x1e, 0x0, 0x0}, @multicast2=0xe0000300, 0x0, "028a3f6c58b274e6d8451697efe42811ee1df06e9264f7d866b1970548fc3c7b", 0xb2, 0xfffffff7, 0x4, 0x40000006}, 0x3c)

2.332221717s ago: executing program 4 (id=1310):
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000f40)=ANY=[@ANYBLOB="73686f72746e616d653d6d697865642c757466383d302c696f636861727365743d63703836302c696f636861727365743d6d616363726f617469616e2c756e695f786c6174653d312c747a3d5554432c6e6f6e756d7461696c3d302c756e695f786c6174653d312c696f636861727365743d63703433372c73686f72746e616d653d77696e6e742c726f6469722c73686f72746e616d653d6d697865642c6e6f636173652c73686f72746e616d653d6c6f7765722c73686f72746e616d653d6d697865642c6572726f72733d72656d6f756e742d726f2c6e6f6e756d7461696c3d302c736d61636b66736465663d757466383d302c64697273796e632c736d61636b66736861743d262c657569643e807d6dc634ae06b292a3825c7626caa45b7a39a81660437a556646a082c54e8cf9c81260f6a760b9f06d5738818ee5a4503b0364b0f4c56abfe2", @ANYRES32=0x0, @ANYRESOCT], 0x26, 0x359, &(0x7f0000000bc0)="$eJzs3T1onHUYAPDn+ia5JFiTQSg6nW6ClCbioFNCqVDMoJXDr8XDpn7kzkIOD+KQyy1KcVJcBJ3cOujYWRxE3BxcrSBVcbFbocFX3rv3vnJ3Jhkutvj7DeXh+f+f+z/vB33fhOSf15uxdXk2rty+fSvm5wsxs3Z+Le4UYjlORRIdezHWR3Pj8wDAPe5OmsZfacfhsz9Z7Eae/QBw/2o//9883U8Uj1F87YFptAQATNkRv/5/fmz26tTaAgCmaOT5/9jQ8IFv88/0fiYAALh/vfjKq8+tb0RcKpXmI2ofNsqNcjzTH1+/Em9HNTbjXCzFfkTnRaHztpD9++zFjQvnSpnflqOcVTTKEbVmo9x5U1hP2vXFWImlWM7r0159ktWvtOtLEbHXbK8ftUKjPBuL+fo/L8ZmrMZSPDRSH3Fx48JqKf+Acq1b34xoxXz3ILL+z8ZS/PhGXI1qXI6stt//7kqpdD7dGKpvXC+25wEAAAAAAAAAAAAAAAAAAAAAwDScLfUs9/a/SWvNxgeXDk7ojRfb+/t0hvP9gVqd/YHSYnd3nmvJwf2BhvfnaZRn4tR/euQAAAAAAAAAAAAAAAAAAABw76jvzEWlWt3cru+8vzUYNAcy737/1bcL0R2ayUvfSfpVkSeHPqc7ceCTk+gtkfbK02RoTh4kEd3Je5XrN3odD84p9o5ipDwLiiNDhbynSrV6+tFfPx9X9XcW7LUzSYycluGgkK8/MFR7MEvMR8T+pKrJweohc26maTqpfPezXqbbVj0KETNx7DaOEHx3662Hn6yfeaqd+Sbf9OHxJ5Zeuvnpl39sVarR6rRQrc5t1/fTSVcnvxZZJut1dK1k4P4p5Oe5MOZOGB+0+pnWdn2nkvz058uPfPzDgcnJ+PsnHcy8N3mtrw9m5jpBIWK5exL+rdXZMTf/+OC1u0Nn7LCqhaHMmS/WKjd2f/n9qFd54D8JG3UAAAAAAAAAAAAAAAAAAMCJ6P/S73Gqnn5heh0BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMnr//3/gaA1kjlKcLcZo0PFze36xMUXTvRQAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD4H/snAAD//82Fa84=")
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='.\x00', 0x101000, 0x108)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

2.309943808s ago: executing program 1 (id=1311):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_EXP_GET(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000280)={0x18, 0x1, 0x2, 0x301, 0x0, 0x0, {0xa, 0x0, 0x8}, [@CTA_EXPECT_MASTER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x24000000}, 0x20058800)

2.192582661s ago: executing program 1 (id=1312):
openat$kvm(0xffffffffffffff9c, &(0x7f0000000300), 0x800, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000cc0)={'syz1\x00', {0xfff9, 0x2, 0x248, 0x9b99}, 0x36, [0xfffffff8, 0x8, 0x5, 0x109, 0x8, 0x155f, 0x6, 0x4, 0x25cd, 0x1, 0xb4, 0xa, 0xa2b9, 0x6, 0x7, 0xe4, 0x6, 0xfc000000, 0x3, 0xbbf, 0x4a732f64, 0x1, 0x8, 0xd, 0x0, 0x12a3, 0x6, 0x1, 0x2, 0x6, 0x1, 0x81, 0x8a, 0x79, 0x2, 0x8, 0x0, 0x91, 0x4, 0x4, 0x16, 0x8, 0x5, 0x401, 0xfffffff5, 0x405, 0xa7, 0x81, 0x7ff, 0xf9a2, 0x80000001, 0xff, 0x0, 0x2, 0x2, 0x2, 0x7, 0x1, 0x7ff, 0x4, 0x4007f, 0xffffffff, 0x9, 0x4], [0x9, 0x3, 0x6, 0x9, 0x4, 0xc68, 0xa8a9, 0x20000073, 0x8e, 0xd50, 0x7, 0x5, 0xfffffffe, 0x809, 0x4, 0xa7, 0x8, 0x0, 0x200b398, 0x400080, 0x1, 0x4, 0x1c, 0x7, 0x1, 0xffff8001, 0x3, 0x8, 0xffffff7f, 0x400, 0x6, 0xc7c, 0x4, 0x0, 0xfffffff8, 0x401, 0x46, 0xf1, 0x4, 0xab00060, 0x5, 0x6, 0x2, 0x1, 0x3ff, 0x1ff, 0x1, 0x7fff, 0x1, 0x1cb, 0x1, 0x80000004, 0x6, 0x438, 0x2, 0x9, 0x95, 0x7fffffff, 0x4, 0xfffffff9, 0x1, 0x1000, 0xfffff801, 0x5], [0x2, 0xfffffffe, 0xffff, 0xc, 0x2, 0x2e6bf783, 0x80000001, 0x5, 0x5, 0x491, 0x8d3, 0x9, 0x8, 0x3fc, 0x2, 0x400, 0x41, 0x6, 0xee4b, 0x2000004, 0x1, 0x8000003, 0x4e, 0x9, 0x3, 0x3, 0x9, 0x3, 0xc7, 0xfff, 0x10000a, 0x2, 0x400, 0x3e55, 0x4005, 0xd3, 0x8, 0x97f7, 0x3, 0xd, 0x7, 0x601, 0x101, 0xdd80, 0x60a0, 0x8, 0x9d26, 0x10000, 0x1, 0x2, 0x8922, 0x6, 0x8000, 0xf45, 0x3, 0xd500, 0x8, 0x77, 0x9, 0x6, 0x10000, 0xfffffffd, 0x5, 0x1], [0xa776, 0x6, 0x5, 0x1afa, 0xbfc, 0x8, 0x5, 0x7f, 0x55, 0x40, 0xff, 0x1005, 0x1, 0x7, 0x1e, 0x9, 0x81, 0x3, 0x9d82, 0xd, 0xfffffff7, 0xc, 0x140f2, 0x5396, 0x3, 0x80000001, 0x80008001, 0x7777, 0x1, 0x2, 0x100, 0xd8ce, 0x7fffffff, 0x110009, 0xc, 0x3, 0x3, 0x1ff, 0x2000803, 0xffffffff, 0x10000, 0x0, 0x8004, 0x7fff, 0x3, 0x4, 0xf, 0xe, 0x1, 0x26d, 0x6, 0xfffffff9, 0x4, 0xfffffff9, 0x9, 0x4, 0x463f, 0x4, 0xdab, 0x6, 0x8, 0x14000, 0x1, 0x9]}, 0x45c)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000840)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x2, &(0x7f0000000740)={[{@jqfmt_vfsold}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000000}}, {@data_err_ignore}, {@noload}, {@delalloc}, {@mblk_io_submit}, {@commit}, {@errors_remount}, {@lazytime}, {@init_itable_val={'init_itable', 0x3d, 0x4}}]}, 0x1, 0x481, &(0x7f0000003380)="$eJzs3MtvFdUfAPDv3D54/9of4gMEqaKR+GhpecjCjUYTFpqY6ALjqraFVAo1tCZCiFYXuDQk7o3/hXGlG6NuNHGre0NCDDEBdTNm7szApdwpt/S2F3o/n2Tac2ZO7znfOXNuz8xpbwBdayj7kkRsjYjfImIgz95aYCj/dv3qhYm/r16YSCJN3/wzqZe7dvXCRFm0/LkteSZNi/yGJvVefCdifGZm6myRH5k//f7I3Lnzz0+fHj85dXLqzNjRo4cO7uk/Mna4LXFmcV3b9dHs7p3H3r70+sTxS+/+mNQijzsWxdEuQ/nZbeqpdlfWYdsa0klv45G9P99MN7sS6KSeiMi6q68+/geiJzbdODYQr37a0cYBqypN03SJd+WFFFjHkuh0C4DOKH/RZ/e/5bZGU497wpWX8hugLO7rxZYf6Y1antjbt+j+dmsb6x+KiOML/3yZbbFKzyEAABp9m81/nms2/6vFQ3miP/vyv2INZTAi/h8R2yPigYjYEREPRtTLPhwRjyyz/sUrJLfPf2qX7zq4FmTzvxeLta1b53+1sshgT5HbVo+/LzkxPTN1oDgn+6Nvw4npZGp0iTq+e+XXz6uONc7/si2rv5wLFu243LvoAd3k+Pz4SmJudOWTiF29zeJPolzGSSJiZ0Tsuss6pp/prTx25/iXUP2yLUu/ing67/+FWBR/Kalcnxx94cjY4ZGNMTN1YKS8Km730y8X36iqf0Xxt0HW/5ubXv834h9MNkbMnTt/qr5eO7esl8+GTlz8/bPKe5oi/mx4tXL9H9tWXP/9yVv1Hf3FgQ/H5+fPjkb0J6/dvn/s5quV+bJ8Fv/+fc3H//a4eSYejYjdEbEnIh7LbgqLtj8eEU9ExL4lTsIPLz/53h3ib9L/a7NWmsU/Wd3/f6VZ/0dj/y8/0XPq+2/uHP/GiKjq/0P11P5iTyvvf602cKXnDwAAAO4H+d/AJ7XhG+labXg4/xv+HbG5NjM7N//sidkPzkzm696D0Vcrn3QNNDwPHS2eDZf5sUX5g8Vz4y96NtXzwxOzM5OdDh663JaK8Z/5o6fTrQNWXRvW0YD7lPEP3cv4h+6UGP/Q1Yx/6F7Nxv/HlaWHv17VxgBryu9/6F4tjP+F/Fv1rAC4PzUb/wMdaAew9sz/oStV/m98bUX/8r/miX+LzzO8V9qz/hNRuyeasf4TvS1/mMUyEmkxv8/2bGhaptPvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO3xXwAAAP//2Y/lXQ==")
openat(0xffffffffffffff9c, &(0x7f0000000480)='.\x00', 0x10000, 0x0)
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0xfff, 0xfffffffffffffffe, 0x40000000000180, 0x2, 0x6, 0xf2, 0xd, 0x7fffffffffffe, 0x7, 0x5, 0x7, 0x4, 0x5, 0x4, 0x8], 0x25000, 0x304})
connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x31}}, 0x2, 0x0, 0x4}}, 0x2e)
ioctl$KVM_RUN(0xffffffffffffffff, 0xae80, 0x0)
r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x3000, 0x2000, &(0x7f0000003000/0x2000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text32={0x20, &(0x7f00000000c0)="c20000361e0f01c3660fd2eff30f10f1b961020000b80e000000ba000000000f30b98d0200000f320b99f3530000660f6af7c4e2f91d20", 0x37}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text32={0x20, 0x0}], 0x1, 0x50, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

2.191968251s ago: executing program 6 (id=1313):
r0 = syz_genetlink_get_family_id$nfc(&(0x7f0000000a00), 0xffffffffffffffff)
sendmsg$NFC_CMD_LLC_SET_PARAMS(0xffffffffffffffff, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000040)=ANY=[@ANYRES16=r0, @ANYBLOB="07002bbd7000ffdbdf2510", @ANYRES32=0x0], 0x2c}, 0x1, 0x0, 0x0, 0x81}, 0xc008010)
r1 = socket$inet(0x2, 0x2, 0x0)
setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0xc)
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$NFC_CMD_LLC_GET_PARAMS(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000000}, 0x4000000)
writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1)
setsockopt$inet_mreqsrc(r1, 0x0, 0x24, &(0x7f0000000440)={@multicast2, @loopback, @empty}, 0xc)

2.032135956s ago: executing program 1 (id=1314):
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
socket(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0x0, 0x1}, 0x50)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
syz_open_pts(0xffffffffffffffff, 0x8182)
munlockall()
mremap(&(0x7f0000097000/0x2000)=nil, 0x2000, 0x3000, 0x3, &(0x7f000013c000/0x3000)=nil)
mremap(&(0x7f00003ef000/0x3000)=nil, 0x3000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)

1.859516132s ago: executing program 6 (id=1315):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xd, 0x30000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
r3 = socket$nl_sock_diag(0x10, 0x3, 0x4)
preadv(0xffffffffffffffff, 0x0, 0x0, 0xb, 0x1000)
r4 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002)
ioctl$CEC_S_MODE(r4, 0x40046109, &(0x7f0000000180)=0xf0)
ioctl$CEC_S_MODE(r4, 0x40046109, 0x0)
epoll_pwait(0xffffffffffffffff, 0x0, 0x0, 0xfffffffd, 0x0, 0x0)
sendmsg$TCPDIAG_GETSOCK(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000001340)={&(0x7f0000000000)=ANY=[@ANYBLOB="4c00000014000101a4bd7000fddbdf25011f88104e"], 0x4c}, 0x1, 0x0, 0x0, 0x40480cc}, 0x40000)

1.003000599s ago: executing program 4 (id=1316):
r0 = socket$kcm(0x29, 0x2, 0x0)
syz_genetlink_get_family_id$SEG6(&(0x7f0000000640), r0)
sendmmsg(r0, &(0x7f0000007dc0)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, 0x0}}], 0x2, 0x80)

912.196441ms ago: executing program 6 (id=1317):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x8004, &(0x7f0000000080)={[{@init_itable}, {@acl}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}]}, 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioprio_set$uid(0x3, 0x0, 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000001400)='./file1\x00', 0x4c142, 0x0)
sendfile(r0, r0, 0x0, 0xe3aa6ea)

849.369654ms ago: executing program 1 (id=1318):
bpf$MAP_CREATE(0x0, 0x0, 0x48)
write$P9_RWALK(0xffffffffffffffff, 0x0, 0x23)
socket$netlink(0x10, 0x3, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
ioctl$vim2m_VIDIOC_G_FMT(0xffffffffffffffff, 0xc0285629, 0x0)
bind$alg(0xffffffffffffffff, 0x0, 0x0)
setsockopt$ALG_SET_KEY(0xffffffffffffffff, 0x117, 0x1, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0xffffffffffffffff)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r3, &(0x7f00000003c0)={0xa, 0x4e22, 0x0, @empty}, 0x1c)
listen(r3, 0x0)
r4 = socket$netlink(0x10, 0x3, 0x4)
writev(r4, &(0x7f0000000080)=[{&(0x7f0000000200)="a10100001500add427323b470c45b4560a067fffffff81004e22000d00ff0028925aa80020007b00090080000efffeffe809000000ff0000f03ac7100003ffffffffffffffffffffffe7ee00000000000000000200000000", 0x1a1}], 0x1)

550.077233ms ago: executing program 6 (id=1319):
sendmsg$MPTCP_PM_CMD_GET_LIMITS(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0xffffffffffffffb4, 0x0, 0x1, 0x0, 0x0, 0x41}, 0x809d)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000300)='blkio.bfq.io_merged_recursive\x00', 0x275a, 0x0)
syz_emit_ethernet(0x36, &(0x7f0000000100)=ANY=[@ANYBLOB="000002f0d31209000000bc2e79e995"], 0x0)
write$binfmt_script(r2, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0)
preadv(r2, &(0x7f00000015c0)=[{&(0x7f0000000080)=""/124, 0xffffff23}], 0x3e, 0x0, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil})
syz_mount_image$squashfs(&(0x7f0000000040), &(0x7f00000001c0)='./file0\x00', 0x803, &(0x7f0000000300)=ANY=[], 0x29, 0x1ad, &(0x7f0000000440)="$eJzKKC4sZmBgYPj7sSaZwYEBDNgY+BhuMzIysDAwMMgzQsTc2CH0KzYIrQflv2CB0JpQ8UVQ+j8UFFdWZSfm5KQW0ZCBXY4J4hAGUkwEqUeXuvIxlp9Uc4YUg5GMgBplYDLimSHhSB0Dvwy0d4pYBkWoEs9gxJRCcO0bmRjeglP69Y81ySBGArSUAomlQDAjshpQbB5BUiPFAsaMzAz/4WpAhR+Io87AwKBfklugX1xZpZuZm5iemp6aZ2RkbGZgYmBgaqSflpmTagAhGZGsgBVRIBpU9oLKVE4keVYGBoZ70AKWiwEJvIRYC3MaVJ4RWS+oHP4PLaQ1lBlQABOSXhjNznBAAKYXqg1scwiDGgMHAwNDeQOsnAAFjArYFBYGsJc8GBgZmKEcQ6hzGRjhdnGAJfSS83NS2hkYGRhh2pYzsMDNMHzMwArmsCHcCJExtmiACbVDaRUo7QGll0Ppx1AaVmfB6iIWsAlPoDyNBpATKxJLSooM2c5DtRiCaj2wmBEbTNZIoAE5wEC2fmJD9ZwMO8MoGAWjYBSMglEwCkbBEAOAAAAA//+TRlkJ")
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000499000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, &(0x7f0000000180)="66b9800000c00f326635000800000f300f0f1c9a65660ff3b20618baa000ec672e660f38803d004000000f285473f61366b9800000c00f320f300f20e06635800000000f22e02b6aa6c8", 0x4a}], 0x1, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20004840}, 0x14)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000240)=[@text32={0x20, 0x0}], 0x1, 0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0xf, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x35, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

426.101917ms ago: executing program 5 (id=1320):
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
r0 = openat$ipvs(0xffffffffffffff9c, &(0x7f00000001c0)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
write$cgroup_int(r0, &(0x7f0000000080)=0x2, 0x12)

293.544841ms ago: executing program 5 (id=1321):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000ac0)=@base={0x5, 0x5, 0x9fd, 0x85, 0x41}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0xffffffffffffffff, 0x0, &(0x7f00000000c0), &(0x7f0000000240), 0x800, r0}, 0x38)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000280)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}, @call={0x85, 0x0, 0x0, 0xf}]}, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000080)={r1}, 0xc)

292.871071ms ago: executing program 6 (id=1322):
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0xa1300)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
openat$sndseq(0xffffffffffffff9c, &(0x7f0000000300), 0x20042)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]})
close_range(r3, 0xffffffffffffffff, 0x0)

0s ago: executing program 4 (id=1323):
r0 = openat(0xffffffffffffff9c, &(0x7f0000001700)='./cgroup/pids.max\x00', 0x2, 0x15)
write$cgroup_subtree(r0, &(0x7f0000000000)=ANY=[@ANYBLOB='-0'], 0x6)
syz_clone(0x80040000, 0x0, 0x0, 0x0, 0x0, 0x0)

kernel console output (not intermixed with test programs):

Device= 0.00
[  254.250439][ T4978] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  254.273569][ T4978] usb 2-1: config 0 descriptor??
[  254.367596][ T4978] usb 2-1: can't set config #0, error -71
[  254.435096][ T4978] usb 2-1: USB disconnect, device number 8
[  254.732316][ T6313] loop5: detected capacity change from 0 to 2048
[  254.965379][ T5232] Bluetooth: (null): Invalid header checksum
[  254.984255][ T5232] Bluetooth: (null): Invalid header checksum
[  255.149121][ T5212] Bluetooth: (null): Invalid header checksum
[  255.159987][ T6316] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  255.178915][ T6316] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  255.349911][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  255.377556][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  256.147009][ T6313] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  256.478565][ T6331] loop1: detected capacity change from 0 to 1024
[  257.678093][ T6334] netlink: 4 bytes leftover after parsing attributes in process `syz.3.462'.
[  258.008195][ T5232] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  258.129949][ T5232] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  258.147663][ T4237] usb 2-1: new high-speed USB device number 9 using dummy_hcd
[  258.353805][ T5232] EXT4-fs (loop5): This should not happen!! Data will be lost
[  258.353805][ T5232] 
[  258.495041][ T5232] EXT4-fs (loop5): Total free blocks count 0
[  258.582055][ T5232] EXT4-fs (loop5): Free/Dirty block details
[  258.701951][ T5232] EXT4-fs (loop5): free_blocks=4096
[  258.777910][ T4237] usb 2-1: New USB device found, idVendor=1235, idProduct=8215, bcdDevice= 0.40
[  258.846860][ T5232] EXT4-fs (loop5): dirty_blocks=32
[  258.892304][ T4237] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  258.981907][ T5232] EXT4-fs (loop5): Block reservation details
[  259.088905][ T4237] usb 2-1: Product: syz
[  259.128875][ T5232] EXT4-fs (loop5): i_reserved_data_blocks=2
[  259.190954][ T4237] usb 2-1: Manufacturer: syz
[  260.391103][ T5232] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  261.242826][ T5232] EXT4-fs (loop5): This should not happen!! Data will be lost
[  261.242826][ T5232] 
[  262.096878][ T6359] netlink: 104 bytes leftover after parsing attributes in process `syz.1.471'.
[  262.753788][ T4237] usb 2-1: SerialNumber: syz
[  263.347627][ T4237] usb 2-1: can't set config #1, error -71
[  263.367615][ T4237] usb 2-1: USB disconnect, device number 9
[  263.395987][ T6364] loop2: detected capacity change from 0 to 512
[  264.566874][ T6370] device syzkaller0 entered promiscuous mode
[  264.597095][ T6364] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  264.652448][ T6364] ext4 filesystem being mounted at /105/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  265.108689][ T6382] loop3: detected capacity change from 0 to 1024
[  266.473285][ T6393] loop4: detected capacity change from 0 to 16
[  267.910942][ T6393] erofs: (device loop4): mounted with root inode @ nid 36.
[  268.096102][ T6393] attempt to access beyond end of device
[  268.096102][ T6393] loop4: rw=0, want=304, limit=16
[  268.164283][ T6393] erofs: (device loop4): erofs_readdir: fail to readdir of logical block 0 of nid 36
[  268.613494][ T6399] overlayfs: failed to clone lowerpath
[  269.268129][ T4435] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  269.701926][ T6421] fuse: Bad value for 'fd'
[  270.818538][ T6444] loop2: detected capacity change from 0 to 1024
[  271.481847][ T6443] loop4: detected capacity change from 0 to 256
[  271.860333][ T4435] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  271.879129][ T6443] FAT-fs (loop4): Directory bread(block 64) failed
[  271.885771][ T4435] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  271.894289][ T6443] FAT-fs (loop4): Directory bread(block 65) failed
[  271.901456][ T4435] usb 6-1: Product: syz
[  271.907362][ T6443] FAT-fs (loop4): Directory bread(block 66) failed
[  271.915109][ T4435] usb 6-1: config 0 descriptor??
[  271.941694][ T6443] FAT-fs (loop4): Directory bread(block 67) failed
[  271.968592][ T6443] FAT-fs (loop4): Directory bread(block 68) failed
[  271.977735][ T4435] usb 6-1: can't set config #0, error -71
[  271.984592][ T6443] FAT-fs (loop4): Directory bread(block 69) failed
[  271.992021][ T4435] usb 6-1: USB disconnect, device number 5
[  272.040191][ T6443] FAT-fs (loop4): Directory bread(block 70) failed
[  272.046889][ T6443] FAT-fs (loop4): Directory bread(block 71) failed
[  272.144356][ T6443] FAT-fs (loop4): Directory bread(block 72) failed
[  272.448878][ T6443] FAT-fs (loop4): Directory bread(block 73) failed
[  275.005948][ T6480] device syzkaller0 entered promiscuous mode
[  275.131482][ T6485] loop2: detected capacity change from 0 to 1024
[  283.587063][ T6540] loop3: detected capacity change from 0 to 2048
[  283.693565][ T6540]  loop3: p3 < > p4 < >
[  283.713111][ T6540] loop3: partition table partially beyond EOD, truncated
[  283.773570][ T6540] loop3: p3 start 4284289 is beyond EOD, truncated
[  283.940458][ T5015] udevd[5015]: inotify_add_watch(7, /dev/loop3p4, 10) failed: No such file or directory
[  284.517593][ T4236] usb 4-1: new full-speed USB device number 15 using dummy_hcd
[  284.940744][ T6564] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  285.088004][ T4236] usb 4-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  285.202491][ T6567] device syzkaller0 entered promiscuous mode
[  285.307139][ T4236] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  285.315418][ T4236] usb 4-1: Product: syz
[  285.319661][ T4236] usb 4-1: Manufacturer: syz
[  285.324276][ T4236] usb 4-1: SerialNumber: syz
[  285.339812][ T4236] usb 4-1: config 0 descriptor??
[  285.598269][ T4236] usb 4-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  285.987642][ T4236] dvb_usb_rtl28xxu: probe of 4-1:0.0 failed with error -32
[  287.653844][ T4236] usb 4-1: USB disconnect, device number 15
[  287.746724][ T6608] loop4: detected capacity change from 0 to 16
[  287.818013][ T6608] erofs: (device loop4): mounted with root inode @ nid 36.
[  287.863346][ T6608] attempt to access beyond end of device
[  287.863346][ T6608] loop4: rw=0, want=40, limit=16
[  287.880229][ T6608] attempt to access beyond end of device
[  287.880229][ T6608] loop4: rw=0, want=40, limit=16
[  287.912619][ T6614] loop3: detected capacity change from 0 to 256
[  288.054755][ T4192] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  288.068696][ T4192] FAT-fs (loop3): Filesystem has been set read-only
[  288.086397][ T4192] FAT-fs (loop3): error, corrupted directory (invalid entries)
[  288.234624][ T6617] Option '2O€ÉÇ—Wz
[  288.234624][ T6617] ­ f:ó–ã5úÉùÔAŠÀ-
[  288.234624][ T6617] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  288.343357][ T6618] attempt to access beyond end of device
[  288.343357][ T6618] loop4: rw=0, want=40, limit=16
[  288.417499][ T6618] attempt to access beyond end of device
[  288.417499][ T6618] loop4: rw=0, want=40, limit=16
[  288.437911][ T6618] attempt to access beyond end of device
[  288.437911][ T6618] loop4: rw=0, want=40, limit=16
[  288.456582][ T6618] attempt to access beyond end of device
[  288.456582][ T6618] loop4: rw=0, want=40, limit=16
[  288.478994][ T6618] attempt to access beyond end of device
[  288.478994][ T6618] loop4: rw=0, want=40, limit=16
[  290.097919][ T5221] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.270560][ T5221] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.534931][ T5221] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  290.657134][ T5221] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  291.278144][ T6636] lo speed is unknown, defaulting to 1000
[  291.367653][ T4348] usb 5-1: new full-speed USB device number 8 using dummy_hcd
[  291.888148][ T4348] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  291.938853][ T4348] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  292.042876][ T4348] usb 5-1: Product: syz
[  292.094835][ T4348] usb 5-1: Manufacturer: syz
[  292.161924][ T4348] usb 5-1: SerialNumber: syz
[  292.268638][ T4348] usb 5-1: config 0 descriptor??
[  292.412933][ T6636] chnl_net:caif_netlink_parms(): no params data found
[  292.514381][ T6657] device syzkaller0 entered promiscuous mode
[  292.527687][ T4348] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  292.739150][ T5221] device hsr_slave_0 left promiscuous mode
[  292.765658][ T5221] device hsr_slave_1 left promiscuous mode
[  292.777593][ T5221] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  292.785098][ T5221] batman_adv: batadv0: Removing interface: batadv_slave_0
[  292.818068][ T5221] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  292.837549][ T5221] batman_adv: batadv0: Removing interface: batadv_slave_1
[  292.866819][ T5221] device bridge_slave_1 left promiscuous mode
[  292.880018][ T5221] bridge0: port 2(bridge_slave_1) entered disabled state
[  292.905714][ T5221] device bridge_slave_0 left promiscuous mode
[  292.917694][ T5221] bridge0: port 1(bridge_slave_0) entered disabled state
[  292.948048][ T5221] device veth1_macvtap left promiscuous mode
[  292.967596][ T5221] device veth0_macvtap left promiscuous mode
[  292.973691][ T5221] device veth1_vlan left promiscuous mode
[  292.990437][ T5221] device veth0_vlan left promiscuous mode
[  293.187500][ T4187] Bluetooth: hci1: command 0x0409 tx timeout
[  293.216073][ T5221] bond1 (unregistering): Released all slaves
[  293.257854][ T4348] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -32
[  294.177487][ T5221] team0 (unregistering): Port device team_slave_1 removed
[  294.203808][ T5221] team0 (unregistering): Port device team_slave_0 removed
[  294.235936][ T5221] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  294.303608][ T4348] usb 5-1: USB disconnect, device number 8
[  294.383473][ T5221] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  294.416714][ T6685] loop4: detected capacity change from 0 to 256
[  295.275758][ T1108] Bluetooth: hci1: command 0x041b tx timeout
[  295.429667][ T6694] Option '2O€ÉÇ—Wz
[  295.429667][ T6694] ­ f:ó–ã5úÉùÔAŠÀ-
[  295.429667][ T6694] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  295.454741][ T5221] bond0 (unregistering): Released all slaves
[  295.742415][ T4433] lo speed is unknown, defaulting to 1000
[  295.742048][ T6636] bridge0: port 1(bridge_slave_0) entered blocking state
[  295.765800][ T6636] bridge0: port 1(bridge_slave_0) entered disabled state
[  295.785744][ T6636] device bridge_slave_0 entered promiscuous mode
[  295.810380][ T6636] bridge0: port 2(bridge_slave_1) entered blocking state
[  295.820508][ T6636] bridge0: port 2(bridge_slave_1) entered disabled state
[  295.829861][ T6636] device bridge_slave_1 entered promiscuous mode
[  295.854368][ T6636] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  295.877715][ T6636] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  295.967530][ T4348] usb 5-1: new full-speed USB device number 9 using dummy_hcd
[  296.004651][ T6636] team0: Port device team_slave_0 added
[  296.188081][ T6636] team0: Port device team_slave_1 added
[  296.254294][ T6636] batman_adv: batadv0: Adding interface: batadv_slave_0
[  296.294392][ T6636] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.377715][ T4348] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  296.404487][ T4348] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  296.451101][ T6636] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  296.521000][ T4348] usb 5-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  296.534384][ T6636] batman_adv: batadv0: Adding interface: batadv_slave_1
[  296.551762][ T4348] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  296.563793][ T6636] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  296.607707][ T4348] usb 5-1: Manufacturer: syz
[  296.636122][ T4348] usb 5-1: config 0 descriptor??
[  296.677585][ T6636] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  296.814213][ T6636] device hsr_slave_0 entered promiscuous mode
[  296.838135][ T6636] device hsr_slave_1 entered promiscuous mode
[  296.864831][ T6636] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  296.890806][ T6698] udc-core: couldn't find an available UDC or it's busy
[  296.906826][ T6636] Cannot create hsr debugfs directory
[  296.907730][ T6698] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  297.190692][ T4348] cougar 0003:060B:700A.0002: unknown main item tag 0x0
[  297.217548][ T4348] cougar 0003:060B:700A.0002: unknown main item tag 0x0
[  297.254014][ T4348] cougar 0003:060B:700A.0002: unknown main item tag 0x0
[  297.284558][ T4348] cougar 0003:060B:700A.0002: unknown main item tag 0x0
[  297.319615][ T4348] cougar 0003:060B:700A.0002: unknown main item tag 0x0
[  297.339051][ T6636] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  297.354334][ T4348] cougar 0003:060B:700A.0002: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.4-1/input0
[  297.425712][ T4348] usb 5-1: USB disconnect, device number 9
[  297.481062][   T21] Bluetooth: hci1: command 0x040f tx timeout
[  297.549878][ T6636] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  297.580925][ T6636] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  297.630711][ T6636] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  297.640101][ T6735] fido_id[6735]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.4/usb5/report_descriptor': No such file or directory
[  297.675062][ T6740] loop2: detected capacity change from 0 to 512
[  297.762569][ T6740] EXT4-fs (loop2): mounting ext2 file system using the ext4 subsystem
[  297.836875][ T6636] 8021q: adding VLAN 0 to HW filter on device bond0
[  297.873216][ T6740] EXT4-fs error (device loop2): mb_free_blocks:1889: group 0, inode 11: block 64:freeing already freed block (bit 63); block bitmap corrupt.
[  297.933945][ T5212] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  297.962251][ T5212] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  298.017762][ T6740] EXT4-fs error (device loop2): ext4_do_update_inode:5229: inode #11: comm syz.2.581: corrupted inode contents
[  298.030464][ T6636] 8021q: adding VLAN 0 to HW filter on device team0
[  298.057499][ T6740] EXT4-fs error (device loop2): ext4_dirty_inode:6077: inode #11: comm syz.2.581: mark_inode_dirty error
[  298.080376][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  298.098396][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  298.116485][ T4360] bridge0: port 1(bridge_slave_0) entered blocking state
[  298.123668][ T4360] bridge0: port 1(bridge_slave_0) entered forwarding state
[  298.220017][ T6740] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.581: invalid indirect mapped block 1 (level 1)
[  298.288103][ T6740] EXT4-fs error (device loop2): ext4_do_update_inode:5229: inode #11: comm syz.2.581: corrupted inode contents
[  298.342679][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  298.392817][ T6740] EXT4-fs error (device loop2) in ext4_orphan_del:303: Corrupt filesystem
[  298.402360][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  298.462199][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  298.482601][ T6740] EXT4-fs error (device loop2): ext4_do_update_inode:5229: inode #11: comm syz.2.581: corrupted inode contents
[  298.569791][ T6740] EXT4-fs error (device loop2): ext4_truncate:4286: inode #11: comm syz.2.581: mark_inode_dirty error
[  298.607933][ T6740] EXT4-fs error (device loop2) in ext4_process_orphan:345: Corrupt filesystem
[  298.617134][ T4360] bridge0: port 2(bridge_slave_1) entered blocking state
[  298.624251][ T4360] bridge0: port 2(bridge_slave_1) entered forwarding state
[  298.647809][ T6740] EXT4-fs (loop2): 1 truncate cleaned up
[  298.668049][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  298.676366][ T6740] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  298.705097][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  298.763694][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  298.802189][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  298.827587][ T6740] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #2: block 13: comm syz.2.581: bad entry in directory: directory entry too close to block end - offset=76, inode=16, rec_len=940, size=1024 fake=0
[  298.878736][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  298.901306][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  298.958207][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  298.992758][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  299.019741][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  299.175936][ T6636] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  299.330959][ T6636] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  299.465521][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  299.520219][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  299.619877][ T1108] Bluetooth: hci1: command 0x0419 tx timeout
[  300.850350][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  300.875674][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  300.920692][ T6636] 8021q: adding VLAN 0 to HW filter on device batadv0
[  300.938915][ T4341] usb 3-1: new full-speed USB device number 10 using dummy_hcd
[  301.433759][ T6812] Option '2O€ÉÇ—Wz
[  301.433759][ T6812] ­ f:ó–ã5úÉùÔAŠÀ-
[  301.433759][ T6812] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  301.587938][ T4341] usb 3-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  301.614068][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  301.622472][ T4341] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  301.638428][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  301.659359][ T4341] usb 3-1: Product: syz
[  301.681672][ T4341] usb 3-1: Manufacturer: syz
[  301.695840][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  301.707886][ T4341] usb 3-1: SerialNumber: syz
[  301.715408][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  301.741238][ T4341] usb 3-1: config 0 descriptor??
[  301.750643][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  301.772711][  T156] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  301.817889][ T6636] device veth0_vlan entered promiscuous mode
[  301.861307][ T6636] device veth1_vlan entered promiscuous mode
[  302.026100][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  302.037655][ T4341] usb 3-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  302.066872][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  302.465497][ T6636] device veth0_macvtap entered promiscuous mode
[  302.475721][ T6636] device veth1_macvtap entered promiscuous mode
[  302.492072][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.502665][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.512543][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.534020][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.575079][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.597990][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  302.622738][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  302.637123][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.050871][ T6636] batman_adv: batadv0: Interface activated: batadv_slave_0
[  303.266855][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.478740][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.507851][ T4341] dvb_usb_rtl28xxu: probe of 3-1:0.0 failed with error -32
[  303.518584][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.557490][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.567322][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.617453][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.627302][ T6636] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  303.667750][ T6636] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  303.719756][ T6636] batman_adv: batadv0: Interface activated: batadv_slave_1
[  303.749430][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  303.788278][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  303.828613][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  303.877939][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  303.907096][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  303.936768][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  303.983177][ T6636] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  304.020704][ T6636] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  304.057478][ T6636] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  304.066205][ T6636] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  304.282067][ T5212] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.295679][ T5212] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.321514][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  304.362529][ T5212] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  304.374781][ T5212] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  304.394900][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  304.414135][ T4236] usb 3-1: USB disconnect, device number 10
[  304.547741][ T4341] usb 5-1: new high-speed USB device number 10 using dummy_hcd
[  305.367479][ T4341] usb 5-1: Using ep0 maxpacket: 16
[  305.927992][ T4341] usb 5-1: New USB device found, idVendor=064b, idProduct=7825, bcdDevice=62.b8
[  306.394635][ T6880] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  307.002809][ T6880] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  307.523371][ T6884] udc-core: couldn't find an available UDC or it's busy
[  307.699615][ T6884] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  307.757696][ T4341] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  307.765741][ T4341] usb 5-1: Product: syz
[  307.798639][ T4341] usb 5-1: Manufacturer: syz
[  307.814189][ T4341] usb 5-1: SerialNumber: syz
[  308.645543][ T4341] usb 5-1: can't set config #8, error -71
[  308.845010][ T4341] usb 5-1: USB disconnect, device number 10
[  309.573846][ T6923] Option '2O€ÉÇ—Wz
[  309.573846][ T6923] ­ f:ó–ã5úÉùÔAŠÀ-
[  309.573846][ T6923] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  310.144361][ T6941] loop5: detected capacity change from 0 to 1024
[  310.192313][ T6941] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  310.255774][ T6941] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e05dc01c, mo2=0002]
[  310.287531][ T6941] System zones: 0-1, 3-36
[  310.330519][ T6941] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpquota,lazytime,nobarrier,debug,dioread_nolock,bsddf,quota,noauto_da_alloc,,errors=continue. Quota mode: writeback.
[  311.187520][ T4978] Bluetooth: hci0: command 0x0401 tx timeout
[  311.187526][ T4432] Bluetooth: hci4: command 0x1003 tx timeout
[  311.289315][ T4190] Bluetooth: hci4: sending frame failed (-49)
[  311.788519][ T6957] input: syz1 as /devices/virtual/input/input7
[  312.102821][ T6969] loop5: detected capacity change from 0 to 2048
[  313.312072][ T6970] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  313.347520][ T4348] Bluetooth: hci4: command 0x1001 tx timeout
[  313.419994][ T4190] Bluetooth: hci4: sending frame failed (-49)
[  314.120774][ T6983] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  314.288037][ T5232] Bluetooth: (null): Invalid header checksum
[  314.294145][ T5232] Bluetooth: (null): Invalid header checksum
[  314.327993][ T6983] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  314.647384][ T6986] lo speed is unknown, defaulting to 1000
[  314.676892][ T6986] lo speed is unknown, defaulting to 1000
[  314.739477][ T6986] lo speed is unknown, defaulting to 1000
[  315.079461][ T6986] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  315.108556][ T6986] lo speed is unknown, defaulting to 1000
[  315.408064][ T6986] lo speed is unknown, defaulting to 1000
[  315.453863][ T6986] lo speed is unknown, defaulting to 1000
[  315.479329][ T6986] lo speed is unknown, defaulting to 1000
[  315.507871][ T4432] Bluetooth: hci4: command 0x1009 tx timeout
[  315.518780][ T6986] lo speed is unknown, defaulting to 1000
[  316.135585][ T7014] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  316.737386][ T7014] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  316.829364][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  316.845032][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  318.232544][ T7031] loop5: detected capacity change from 0 to 1764
[  318.495919][ T7036] Option '2O€ÉÇ—Wz
[  318.495919][ T7036] ­ f:ó–ã5úÉùÔAŠÀ-
[  318.495919][ T7036] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  318.831106][ T7039] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  318.998450][ T4360] Bluetooth: (null): Invalid header checksum
[  319.004524][ T4360] Bluetooth: (null): Invalid header checksum
[  319.241330][ T7039] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  319.649142][ T7049] loop4: detected capacity change from 0 to 16
[  319.741345][ T7049] erofs: (device loop4): mounted with root inode @ nid 36.
[  319.829713][ T7049] erofs: (device loop4): z_erofs_extent_lookback: unknown type 3 @ lcn 9 of nid 36
[  319.883309][ T7056] erofs: (device loop4): find_target_block_classic: corrupted dir block 8200 @ nid 36
[  319.968516][ T7049] erofs: (device loop4): z_erofs_readahead: readahead error at page 10 @ nid 36
[  320.048004][ T7049] erofs: (device loop4): z_erofs_map_blocks_iter: unknown type 3 @ offset 40959 of nid 36
[  320.061683][ T7058] netlink: 20 bytes leftover after parsing attributes in process `syz.5.642'.
[  320.079800][ T7049] erofs: (device loop4): z_erofs_readahead: readahead error at page 9 @ nid 36
[  320.109667][ T7049] attempt to access beyond end of device
[  320.109667][ T7049] loop4: rw=524288, want=67108888, limit=16
[  320.157667][ T7049] attempt to access beyond end of device
[  320.157667][ T7049] loop4: rw=524288, want=728, limit=16
[  320.338934][ T7062] loop6: detected capacity change from 0 to 2048
[  320.441075][ T7064] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  321.674280][ T7074] loop4: detected capacity change from 0 to 1764
[  322.251859][ T7093] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  322.259738][ T7093] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  322.450584][ T7093] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  322.800305][ T7100] loop6: detected capacity change from 0 to 256
[  325.218810][ T7112] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  326.724155][ T7121] loop2: detected capacity change from 0 to 2048
[  326.880322][ T7123] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  327.370055][ T7129] loop6: detected capacity change from 0 to 1764
[  327.887184][ T7140] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  328.073525][ T7140] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  328.860700][ T7157] Option '2O€ÉÇ—Wz
[  328.860700][ T7157] ­ f:ó–ã5úÉùÔAŠÀ-
[  328.860700][ T7157] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  330.046595][ T7165] loop4: detected capacity change from 0 to 16
[  330.112994][ T7165] erofs: (device loop4): mounted with root inode @ nid 36.
[  330.647166][ T7176] bridge0: port 1(bridge_slave_0) entered disabled state
[  330.661001][ T7176] bridge0: port 2(bridge_slave_1) entered disabled state
[  332.502639][ T7183] loop4: detected capacity change from 0 to 2048
[  333.372530][ T7187] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  334.580558][ T7205] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  334.744801][ T7190] loop5: detected capacity change from 0 to 40427
[  334.868484][ T7190] F2FS-fs (loop5): Invalid SB checksum offset: 0
[  334.874871][ T7190] F2FS-fs (loop5): Can't find valid F2FS filesystem in 2th superblock
[  335.011983][ T7190] F2FS-fs (loop5): invalid crc value
[  335.099615][ T7190] F2FS-fs (loop5): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  335.349327][ T7190] F2FS-fs (loop5): Try to recover 2th superblock, ret: 0
[  335.356539][ T7190] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  336.275030][ T7233] syz.4.682 (7233) used greatest stack depth: 17656 bytes left
[  336.668859][ T7243] loop4: detected capacity change from 0 to 8
[  336.753242][ T7243] squashfs: Unknown parameter '#! 
[  336.753242][ T7243] '
[  337.654058][ T7251] loop6: detected capacity change from 0 to 512
[  337.840306][ T7251] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  337.938504][ T7249] xt_CT: No such helper "snmp_trap"
[  339.016429][ T7265] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  339.029202][ T7265] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  339.185276][ T7265] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  339.434906][ T7251] EXT4-fs error (device loop6): ext4_iget_extra_inode:4573: inode #15: comm syz.6.687: corrupted in-inode xattr
[  339.468152][ T7251] EXT4-fs (loop6): Remounting filesystem read-only
[  339.485101][ T7251] EXT4-fs error (device loop6): ext4_orphan_get:1411: comm syz.6.687: couldn't read orphan inode 15 (err -117)
[  339.568988][ T7251] EXT4-fs (loop6): Remounting filesystem read-only
[  339.585060][ T7251] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  341.918604][ T7312] Option '2O€ÉÇ—Wz
[  341.918604][ T7312] ­ f:ó–ã5úÉùÔAŠÀ-
[  341.918604][ T7312] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  341.964014][ T7315] loop2: detected capacity change from 0 to 8
[  342.324302][ T7279] loop4: detected capacity change from 0 to 40427
[  342.423060][ T7323] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  342.585529][ T7323] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  342.611582][ T7279] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[  342.628518][ T7279] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  342.707719][   T26] audit: type=1326 audit(2000000213.690:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  342.739540][ T7279] F2FS-fs (loop4): invalid crc value
[  342.768378][ T7279] F2FS-fs (loop4): Failed to start F2FS issue_checkpoint_thread (-12)
[  342.949885][   T26] audit: type=1326 audit(2000000213.780:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=253 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  342.986088][   T26] audit: type=1326 audit(2000000213.780:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.087497][   T26] audit: type=1326 audit(2000000213.780:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.142147][ T7336] loop2: detected capacity change from 0 to 2048
[  343.207492][   T26] audit: type=1326 audit(2000000213.780:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=254 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.245276][ T7341] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  343.431540][   T26] audit: type=1326 audit(2000000213.780:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.473334][ T4432] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  343.572268][   T26] audit: type=1326 audit(2000000213.780:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.684055][   T26] audit: type=1326 audit(2000000213.780:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=255 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.757483][ T4432] usb 6-1: Using ep0 maxpacket: 16
[  343.783389][   T26] audit: type=1326 audit(2000000213.790:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7325 comm="syz.2.702" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3e517b4e59 code=0x7ffc0000
[  343.887918][ T4432] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  343.907532][ T4432] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  343.937728][ T4432] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  343.997461][ T4432] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  344.015732][ T7360] loop2: detected capacity change from 0 to 128
[  344.039989][ T4432] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  344.074330][ T4432] usb 6-1: config 0 descriptor??
[  344.423911][ T7372] loop2: detected capacity change from 0 to 512
[  344.586166][ T4432] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.0003/input/input8
[  344.714989][ T4432] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  344.818336][ T4432] usb 6-1: USB disconnect, device number 6
[  344.998366][ T7380] fido_id[7380]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.5/usb6/report_descriptor': No such file or directory
[  345.011811][ T7384] loop4: detected capacity change from 0 to 512
[  345.200510][ T7384] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  345.238806][ T7384] ext4 filesystem being mounted at /141/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  345.322449][   T26] audit: type=1800 audit(2000000216.310:12): pid=7384 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.714" name="file2" dev="loop4" ino=16 res=0 errno=0
[  345.810294][ T7405] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  345.826839][ T7405] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  346.674175][ T7417] loop4: detected capacity change from 0 to 256
[  347.058297][ T7417] exfat: Unknown parameter 'keep_last_dots'
[  347.162205][ T7425] device syzkaller0 entered promiscuous mode
[  347.443274][ T7437] loop5: detected capacity change from 0 to 512
[  347.514891][ T7432] Option '2O€ÉÇ—Wz
[  347.514891][ T7432] ­ f:ó–ã5úÉùÔAŠÀ-
[  347.514891][ T7432] ¶ÉØ)‰dÁÕ::ûÞl]GYï;ŸÌmÁ~RãN+o¸ý{j\°' to dns_resolver key: bad/missing value
[  347.767633][ T7437] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  348.382817][ T7437] EXT4-fs error (device loop5): xattr_find_entry:297: inode #15: comm syz.5.726: corrupted xattr entries
[  348.474904][ T7437] EXT4-fs (loop5): Remounting filesystem read-only
[  348.607881][ T7437] EXT4-fs (loop5): 1 truncate cleaned up
[  348.651954][ T7437] EXT4-fs (loop5): mounted filesystem without journal. Opts: journal_ioprio=0x0000000000000001,errors=remount-ro,debug_want_extra_isize=0x000000000000006c,lazytime,nodioread_nolock,minixdf,. Quota mode: none.
[  348.758714][ T7462] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  350.075670][ T7471] loop4: detected capacity change from 0 to 2048
[  350.111867][ T7477] loop2: detected capacity change from 0 to 512
[  350.173040][ T7479] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  350.315120][ T7477] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c118, mo2=0002]
[  350.326798][ T7477] System zones: 1-12
[  350.344668][ T7477] EXT4-fs (loop2): 1 truncate cleaned up
[  350.360411][ T7477] EXT4-fs (loop2): mounted filesystem without journal. Opts: noload,nodiscard,jqfmt=vfsv1,nojournal_checksum,jqfmt=vfsv1,barrier=0x0000000000000006,data_err=ignore,debug,,errors=continue. Quota mode: none.
[  350.552160][ T7477] EXT4-fs warning (device loop2): verify_group_input:165: Last group not full
[  350.887481][ T4433] usb 7-1: new full-speed USB device number 2 using dummy_hcd
[  351.175717][ T7517] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  351.349299][ T7517] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  351.741982][ T4433] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  351.753140][ T4433] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  351.847756][ T4433] usb 7-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  351.865838][ T4433] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  351.919766][ T4433] usb 7-1: Manufacturer: syz
[  351.955829][ T4433] usb 7-1: config 0 descriptor??
[  352.222687][ T7496] udc-core: couldn't find an available UDC or it's busy
[  352.230591][ T7531] netlink: 8 bytes leftover after parsing attributes in process `syz.4.748'.
[  352.251237][ T7496] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  352.520699][ T4433] cougar 0003:060B:700A.0004: unknown main item tag 0x0
[  352.543778][ T4433] cougar 0003:060B:700A.0004: unknown main item tag 0x0
[  352.566698][ T4433] cougar 0003:060B:700A.0004: unknown main item tag 0x0
[  352.581439][ T4433] cougar 0003:060B:700A.0004: unknown main item tag 0x0
[  352.590364][ T4433] cougar 0003:060B:700A.0004: unknown main item tag 0x0
[  352.602934][ T4433] cougar 0003:060B:700A.0004: hidraw0: USB HID v0.00 Device [syz] on usb-dummy_hcd.6-1/input0
[  352.721663][ T4348] usb 7-1: USB disconnect, device number 2
[  352.784249][ T7546] fido_id[7546]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.6/usb7/report_descriptor': No such file or directory
[  352.816822][ T7548] device syzkaller0 entered promiscuous mode
[  353.195463][ T7566] loop4: detected capacity change from 0 to 512
[  353.240046][ T7568] loop5: detected capacity change from 0 to 8
[  353.253833][ T7564] loop2: detected capacity change from 0 to 2048
[  353.568635][ T7564] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  353.632105][ T7566] EXT4-fs (loop4): mounted filesystem without journal. Opts: i_version,nogrpid,quota,,errors=continue. Quota mode: writeback.
[  353.645746][ T7564] ext4 filesystem being mounted at /155/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  353.660810][ T7566] ext4 filesystem being mounted at /155/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  354.437483][   T21] usb 6-1: new full-speed USB device number 7 using dummy_hcd
[  355.147620][   T21] usb 6-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  355.273455][   T21] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  355.352375][   T21] usb 6-1: Product: syz
[  355.365374][   T21] usb 6-1: Manufacturer: syz
[  355.380806][   T21] usb 6-1: SerialNumber: syz
[  355.431282][   T21] usb 6-1: config 0 descriptor??
[  355.803405][   T21] usb 6-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  356.378026][ T7645] input: syz1 as /devices/virtual/input/input9
[  356.701508][ T7633] loop6: detected capacity change from 0 to 40427
[  356.767280][ T7633] F2FS-fs (loop6): Invalid log_blocksize (268), supports only 12
[  356.787528][ T7633] F2FS-fs (loop6): Can't find valid F2FS filesystem in 1th superblock
[  356.820833][ T7633] F2FS-fs (loop6): invalid crc value
[  356.852184][ T7633] F2FS-fs (loop6): Found nat_bits in checkpoint
[  357.058057][ T7633] F2FS-fs (loop6): Try to recover 1th superblock, ret: 0
[  357.127857][ T7633] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  357.296156][ T7655] loop4: detected capacity change from 0 to 128
[  357.904265][   T21] dvb_usb_rtl28xxu: probe of 6-1:0.0 failed with error -71
[  357.913899][   T21] usb 6-1: USB disconnect, device number 7
[  359.889366][ T7684] loop2: detected capacity change from 0 to 512
[  360.149824][ T7684] EXT4-fs (loop2): mounted filesystem without journal. Opts: lazytime,errors=remount-ro,. Quota mode: writeback.
[  360.187616][ T7684] ext4 filesystem being mounted at /162/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  360.311630][   T26] audit: type=1800 audit(2000000231.300:13): pid=7684 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.787" name="file1" dev="loop2" ino=15 res=0 errno=0
[  360.951463][ T7701] loop5: detected capacity change from 0 to 8
[  361.267457][ T4348] usb 5-1: new full-speed USB device number 11 using dummy_hcd
[  361.392691][ T7697] loop2: detected capacity change from 0 to 40427
[  361.409530][ T7697] F2FS-fs (loop2): Invalid SB checksum offset: 0
[  361.416135][ T7697] F2FS-fs (loop2): Can't find valid F2FS filesystem in 2th superblock
[  361.436221][ T7697] F2FS-fs (loop2): invalid crc value
[  361.444924][ T7708] binder: 7707:7708 ioctl c018620b 200000000040 returned -14
[  361.455696][ T7697] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 585327988383614437)
[  361.598361][ T7697] F2FS-fs (loop2): Try to recover 2th superblock, ret: 0
[  361.605473][ T7697] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  361.750746][ T7709] attempt to access beyond end of device
[  361.750746][ T7709] loop2: rw=2049, want=45104, limit=40427
[  361.837757][ T4348] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  361.857132][ T4348] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  361.897612][ T4348] usb 5-1: Product: syz
[  361.904889][ T4348] usb 5-1: Manufacturer: syz
[  361.919525][ T4348] usb 5-1: SerialNumber: syz
[  361.937287][ T4348] usb 5-1: config 0 descriptor??
[  362.135528][ T7721] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  362.257549][ T4348] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  363.386035][ T7721] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  363.958811][ T7736] loop6: detected capacity change from 0 to 2048
[  364.088171][ T7739] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  364.698457][ T7731] loop5: detected capacity change from 0 to 40427
[  364.738005][ T7731] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  364.758218][ T7731] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  364.785543][ T7731] F2FS-fs (loop5): invalid crc value
[  364.847954][ T7731] F2FS-fs (loop5): Found nat_bits in checkpoint
[  365.047602][ T4348] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[  365.061609][ T7758] loop6: detected capacity change from 0 to 1024
[  365.071373][ T4348] usb 5-1: USB disconnect, device number 11
[  365.218711][ T7731] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  365.266501][ T7731] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  366.147707][ T1111] usb 7-1: new full-speed USB device number 3 using dummy_hcd
[  366.189389][ T7770] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  366.197820][ T7770] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  366.220009][ T7770] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  366.287829][ T4450] Bluetooth: (null): Invalid header checksum
[  366.294364][ T4450] Bluetooth: (null): Invalid header checksum
[  366.399862][  T156] Bluetooth: (null): Invalid header checksum
[  366.507800][ T4450] Bluetooth: (null): Invalid header checksum
[  366.531237][ T1111] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  366.552671][ T1111] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  366.617987][ T4343] Bluetooth: (null): Invalid header checksum
[  366.648104][ T1111] usb 7-1: New USB device found, idVendor=060b, idProduct=700a, bcdDevice= 0.00
[  366.667533][ T1111] usb 7-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  366.698024][ T1111] usb 7-1: Manufacturer: syz
[  366.726552][ T1111] usb 7-1: config 0 descriptor??
[  366.741420][  T156] Bluetooth: (null): Invalid header checksum
[  367.105196][ T7765] udc-core: couldn't find an available UDC or it's busy
[  367.150312][ T7765] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  367.508374][ T1111] usbhid 7-1:0.0: can't add hid device: -71
[  367.524630][ T1111] usbhid: probe of 7-1:0.0 failed with error -71
[  367.544472][ T1111] usb 7-1: USB disconnect, device number 3
[  368.849022][ T7801] loop4: detected capacity change from 0 to 8
[  368.903404][ T7801] squashfs: Unknown parameter '#! 
[  368.903404][ T7801] Ó	'
[  369.822893][ T7797] loop6: detected capacity change from 0 to 40427
[  369.902990][ T7797] F2FS-fs (loop6): build fault injection attr: rate: 771, type: 0x1ffff
[  369.951035][ T7797] F2FS-fs (loop6): invalid crc value
[  370.015986][ T7797] F2FS-fs (loop6): Found nat_bits in checkpoint
[  370.206299][ T7797] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e5
[  370.263093][ T7812] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  370.409451][ T6636] attempt to access beyond end of device
[  370.409451][ T6636] loop6: rw=2049, want=45104, limit=40427
[  370.549633][ T7812] loop4: detected capacity change from 0 to 4096
[  371.185549][   T26] audit: type=1800 audit(2000000242.170:14): pid=7812 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.823" name="file2" dev="loop4" ino=31 res=0 errno=0
[  373.508478][ T7837] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  373.837513][ T4343] Bluetooth: (null): Invalid header checksum
[  373.844058][ T4343] Bluetooth: (null): Invalid header checksum
[  373.891760][ T7837] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  374.622421][ T7847] loop6: detected capacity change from 0 to 2048
[  374.644215][ T7859] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  374.761508][ T7862] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  374.991652][ T7843] loop4: detected capacity change from 0 to 40427
[  375.005912][ T7859] loop2: detected capacity change from 0 to 4096
[  375.166395][ T7843] F2FS-fs (loop4): invalid crc value
[  375.263198][ T7843] F2FS-fs (loop4): Found nat_bits in checkpoint
[  376.197978][ T7843] F2FS-fs (loop4): Inconsistent segment (8) type [1, 0] in SSA and SIT
[  376.299029][   T26] audit: type=1800 audit(2000000247.290:15): pid=7859 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.838" name="file2" dev="loop2" ino=31 res=0 errno=0
[  376.910189][ T7882] loop6: detected capacity change from 0 to 1024
[  377.205710][ T7885] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  377.217845][ T7885] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  377.501856][ T7888] loop4: detected capacity change from 0 to 8
[  377.541452][ T7888] squashfs: Unknown parameter '#! 
[  377.541452][ T7888] Ó	'
[  377.569190][ T7885] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  377.790998][ T7900] loop2: detected capacity change from 0 to 256
[  378.028108][ T7900] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  378.069850][ T7900] exFAT-fs (loop2): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  378.147518][ T7903] loop5: detected capacity change from 0 to 2048
[  378.230775][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  378.237352][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  378.273764][ T7908] attempt to access beyond end of device
[  378.273764][ T7908] loop2: rw=524288, want=408, limit=256
[  378.309279][ T7900] exFAT-fs (loop2): hint_cluster is invalid (17)
[  380.025712][ T7913] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  380.310640][ T7908] attempt to access beyond end of device
[  380.310640][ T7908] loop2: rw=524288, want=664, limit=256
[  380.341422][ T7908] attempt to access beyond end of device
[  380.341422][ T7908] loop2: rw=0, want=288, limit=256
[  380.357472][   T26] audit: type=1800 audit(2000000251.350:16): pid=7908 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.851" name="file1" dev="loop2" ino=1048640 res=0 errno=0
[  381.714209][ T7933] loop2: detected capacity change from 0 to 256
[  381.742681][ T7932] input: syz1 as /devices/virtual/input/input10
[  382.363775][ T4360] Bluetooth: (null): Invalid header checksum
[  382.372865][ T4360] Bluetooth: (null): Invalid header checksum
[  382.379477][ T7939] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  382.407549][ T7933] loop_set_status: loop2 () has still dirty pages (nrpages=2)
[  382.466477][ T4360] Bluetooth: (null): Invalid header checksum
[  382.670085][ T4188] FAT-fs (loop2): error, corrupted directory (invalid entries)
[  382.694094][ T4188] FAT-fs (loop2): Filesystem has been set read-only
[  382.708622][ T4188] FAT-fs (loop2): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  382.853344][ T7944] process 'syz.1.854' launched './file2' with NULL argv: empty string added
[  383.207584][ T4360] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.305027][ T7948] loop4: detected capacity change from 0 to 2048
[  383.608902][ T7958] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  384.236122][ T7953] bridge0: port 2(bridge_slave_1) entered disabled state
[  384.244481][ T7953] bridge0: port 1(bridge_slave_0) entered disabled state
[  385.599288][ T7983] loop4: detected capacity change from 0 to 1024
[  385.609265][ T7953] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  385.728841][ T7953] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  385.731613][ T7983] EXT4-fs (loop4): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  385.760369][ T7983] EXT4-fs (loop4): ext4_check_descriptors: Checksum for group 0 failed (38281!=20869)
[  385.787841][ T7983] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #3: comm syz.4.874: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  385.827077][ T7983] EXT4-fs (loop4): no journal found
[  385.838463][ T7983] EXT4-fs (loop4): can't get journal size
[  385.857060][ T7983] EXT4-fs error (device loop4): ext4_ext_check_inode:501: inode #3: comm syz.4.874: pblk 82 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  385.896045][ T7983] EXT4-fs (loop4): failed to initialize system zone (-117)
[  385.909233][ T7983] EXT4-fs (loop4): mount failed
[  386.356195][ T4433] Bluetooth: hci2: command 0x0409 tx timeout
[  386.613637][ T7986] loop4: detected capacity change from 0 to 40427
[  386.644750][ T7986] F2FS-fs (loop4): Corrupted extension count (64 + 1 > 64)
[  386.654670][ T7986] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[  386.697957][ T7986] F2FS-fs (loop4): invalid crc value
[  386.745853][ T7986] F2FS-fs (loop4): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  386.823682][ T7986] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[  386.830874][ T7986] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  386.870545][ T7986] F2FS-fs (loop4): Corrupted max_depth of 3: 513
[  387.047882][ T7953] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  387.057911][ T7953] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  387.066816][ T7953] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  387.091679][ T7953] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  387.760129][ T4360] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.487540][ T7978] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  388.511412][ T8006] loop6: detected capacity change from 0 to 2048
[  388.549797][ T7978] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  388.631812][ T4341] Bluetooth: hci2: command 0x041b tx timeout
[  388.775789][ T8012] loop5: detected capacity change from 0 to 2048
[  388.792563][ T4360] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  388.863098][ T8014] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  389.085528][ T8017] NILFS (loop5): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  389.264788][ T4360] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  389.323157][ T7973] lo speed is unknown, defaulting to 1000
[  389.360118][ T8023] loop5: detected capacity change from 0 to 256
[  389.410725][ T8026] loop6: detected capacity change from 0 to 256
[  389.421618][ T8023] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  389.446538][ T8023] FAT-fs (loop5): Filesystem has been set read-only
[  389.472909][ T8023] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  389.514132][ T8023] FAT-fs (loop5): error, fat_get_cluster: invalid start cluster (i_pos 196, start 00000001)
[  389.588131][   T26] audit: type=1800 audit(2000000260.580:17): pid=8023 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.886" name="file1" dev="loop5" ino=1048649 res=0 errno=0
[  389.940927][ T7973] chnl_net:caif_netlink_parms(): no params data found
[  389.949198][ T8033] loop5: detected capacity change from 0 to 2048
[  389.993240][ T4360] tipc: Left network mode
[  390.062328][ T8033] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  390.328265][ T7973] bridge0: port 1(bridge_slave_0) entered blocking state
[  390.417222][ T7973] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.192284][ T4284] Bluetooth: hci2: command 0x040f tx timeout
[  391.453680][ T7973] device bridge_slave_0 entered promiscuous mode
[  392.107901][ T7973] bridge0: port 2(bridge_slave_1) entered blocking state
[  392.115004][ T7973] bridge0: port 2(bridge_slave_1) entered disabled state
[  392.158057][ T7973] device bridge_slave_1 entered promiscuous mode
[  392.281547][ T7973] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  392.829613][ T7973] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  393.267588][ T4284] Bluetooth: hci2: command 0x0419 tx timeout
[  393.642968][ T7973] team0: Port device team_slave_0 added
[  393.712734][ T7973] team0: Port device team_slave_1 added
[  393.805460][ T7973] batman_adv: batadv0: Adding interface: batadv_slave_0
[  393.842401][ T7973] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  393.893968][ T4284] usb 5-1: new full-speed USB device number 12 using dummy_hcd
[  393.957978][ T7973] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  394.025725][ T7973] batman_adv: batadv0: Adding interface: batadv_slave_1
[  394.044266][ T7973] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  394.118615][ T7973] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  394.258498][ T7973] device hsr_slave_0 entered promiscuous mode
[  394.278261][ T7973] device hsr_slave_1 entered promiscuous mode
[  394.337196][ T7973] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  394.358012][ T7973] Cannot create hsr debugfs directory
[  394.367606][ T4284] usb 5-1: unable to get BOS descriptor or descriptor too short
[  394.437628][ T4284] usb 5-1: not running at top speed; connect to a high speed hub
[  394.527647][ T4284] usb 5-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  394.557474][ T4284] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 3
[  394.636462][ T8096] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  394.646042][ T8096] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  394.834899][ T8107] loop6: detected capacity change from 0 to 2048
[  394.947702][ T4284] usb 5-1: string descriptor 0 read error: -22
[  394.954999][ T8107] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  394.967832][ T4284] usb 5-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  394.977760][ T4284] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  395.030393][ T4284] usb 5-1: 0:2 : does not exist
[  395.304710][ T4360] device hsr_slave_0 left promiscuous mode
[  395.322184][ T4360] device hsr_slave_1 left promiscuous mode
[  395.379054][ T4360] batman_adv: batadv0: Interface deactivated: dummy0
[  395.393198][ T4360] batman_adv: batadv0: Removing interface: dummy0
[  395.422672][ T4360] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  395.447527][ T4360] batman_adv: batadv0: Removing interface: batadv_slave_0
[  395.473897][ T4360] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  395.487620][ T4360] batman_adv: batadv0: Removing interface: batadv_slave_1
[  395.505581][ T4360] device bridge_slave_1 left promiscuous mode
[  395.516357][ T4360] bridge0: port 2(bridge_slave_1) entered disabled state
[  395.539877][ T4360] device bridge_slave_0 left promiscuous mode
[  395.554437][ T4360] bridge0: port 1(bridge_slave_0) entered disabled state
[  395.588031][ T4360] device veth1_macvtap left promiscuous mode
[  395.597716][ T4360] device veth0_macvtap left promiscuous mode
[  395.603811][ T4360] device veth1_vlan left promiscuous mode
[  395.627165][ T4360] device veth0_vlan left promiscuous mode
[  395.667636][ T4433] Bluetooth: hci5: command 0x0406 tx timeout
[  396.063887][ T4360] team0 (unregistering): Port device team_slave_1 removed
[  396.109598][ T4360] team0 (unregistering): Port device team_slave_0 removed
[  396.137272][ T4360] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  396.179941][ T4360] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  396.351026][ T4360] bond0 (unregistering): Released all slaves
[  396.360574][ T4284] usb 5-1: 5:0: bogus dB values (-12337/-10690), disabling dB reporting
[  396.567767][ T4284] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  396.736750][ T8124] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  396.757680][ T5232] Bluetooth: (null): Invalid header checksum
[  396.763792][ T5232] Bluetooth: (null): Invalid header checksum
[  396.808183][ T4450] Bluetooth: (null): Invalid header checksum
[  396.815364][ T7973] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  396.845337][ T7973] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  397.135146][ T7973] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  397.148280][ T8136] loop4: detected capacity change from 0 to 512
[  397.207604][ T4284] usb 5-1: 5:0: cannot get min/max values for control 3 (id 5)
[  397.230488][ T7973] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  397.248310][ T4284] usb 5-1: USB disconnect, device number 12
[  397.282035][ T8136] EXT4-fs (loop4): mounted filesystem without journal. Opts: errors=remount-ro,grpquota,. Quota mode: writeback.
[  397.298200][ T8136] ext4 filesystem being mounted at /186/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  397.474156][ T4245] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  397.510865][ T4245] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  397.523598][ T4245] EXT4-fs (loop6): This should not happen!! Data will be lost
[  397.523598][ T4245] 
[  397.688027][ T4245] EXT4-fs (loop6): Total free blocks count 0
[  397.694101][ T4245] EXT4-fs (loop6): Free/Dirty block details
[  397.700852][ T4245] EXT4-fs (loop6): free_blocks=4096
[  397.706584][ T4245] EXT4-fs (loop6): dirty_blocks=32
[  397.711772][ T4245] EXT4-fs (loop6): Block reservation details
[  397.718897][ T4245] EXT4-fs (loop6): i_reserved_data_blocks=2
[  397.719877][ T8136] EXT4-fs error (device loop4): ext4_empty_dir:3139: inode #12: comm syz.4.907: Directory hole found for htree leaf block 0
[  397.739308][ T4245] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  397.795522][ T4245] EXT4-fs (loop6): This should not happen!! Data will be lost
[  397.795522][ T4245] 
[  397.831119][ T8136] EXT4-fs (loop4): Remounting filesystem read-only
[  398.087450][ T8157] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  398.129700][ T8157] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  398.255546][ T7973] 8021q: adding VLAN 0 to HW filter on device bond0
[  398.309513][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  398.319620][ T4450] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  398.360564][ T7973] 8021q: adding VLAN 0 to HW filter on device team0
[  398.380957][ T8171] loop4: detected capacity change from 0 to 256
[  398.487801][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  398.518257][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  398.572988][ T4349] bridge0: port 1(bridge_slave_0) entered blocking state
[  398.580261][ T4349] bridge0: port 1(bridge_slave_0) entered forwarding state
[  398.620763][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  398.706294][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  398.746146][ T4349] bridge0: port 2(bridge_slave_1) entered blocking state
[  398.753374][ T4349] bridge0: port 2(bridge_slave_1) entered forwarding state
[  398.822050][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  398.855220][ T8179] loop4: detected capacity change from 0 to 1024
[  398.896655][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  398.930292][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  398.970020][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  399.017573][ T8179] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e000c01c, mo2=0002]
[  399.035955][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  399.036234][ T8179] System zones: 0-1, 3-36
[  399.064418][ T8179] EXT4-fs error (device loop4): ext4_orphan_get:1432: comm syz.4.916: bad orphan inode 134217728
[  399.108639][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  399.147973][ T8179] EXT4-fs (loop4): mounted filesystem without journal. Opts: max_batch_time=0x0000000000000004,debug,resgid=0x0000000000000000,,errors=continue. Quota mode: writeback.
[  399.216579][ T7973] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  399.297678][ T7973] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  399.634158][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  399.665286][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  399.767861][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  399.818147][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  399.869525][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  399.918726][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  399.958732][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  400.011147][ T8186] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  400.020716][ T8186] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  400.215500][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  400.234740][ T5224] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  400.270702][ T7973] 8021q: adding VLAN 0 to HW filter on device batadv0
[  401.267664][ T8219] netlink: 236 bytes leftover after parsing attributes in process `syz.1.921'.
[  402.559759][ T8214] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  402.691135][ T8225] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  402.721978][ T8222] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  402.728505][ T8225] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  402.787804][ T4349] Bluetooth: (null): Invalid header checksum
[  402.797220][ T4349] Bluetooth: (null): Invalid header checksum
[  403.208404][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  403.227525][ T4266] usb 5-1: new high-speed USB device number 13 using dummy_hcd
[  404.528379][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  404.644160][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  404.668679][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  404.719926][ T7973] device veth0_vlan entered promiscuous mode
[  404.748739][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  404.768202][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  404.803161][ T7973] device veth1_vlan entered promiscuous mode
[  404.834020][ T4266] usb 5-1: unable to get BOS descriptor set
[  404.911805][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  404.928557][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  404.964296][ T7973] device veth0_macvtap entered promiscuous mode
[  404.982641][ T7973] device veth1_macvtap entered promiscuous mode
[  405.030743][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  405.053169][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.083573][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  405.094516][ T4266] usb 5-1: New USB device found, idVendor=1235, idProduct=8215, bcdDevice= 0.40
[  405.107526][ T4266] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  405.125719][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.137472][ T4266] usb 5-1: Product: syz
[  405.141673][ T4266] usb 5-1: Manufacturer: syz
[  405.156548][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  405.167599][ T4266] usb 5-1: SerialNumber: syz
[  405.195211][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.237990][ T7973] batman_adv: batadv0: Interface activated: batadv_slave_0
[  405.246687][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  405.261580][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  405.278875][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  405.298526][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  405.563007][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.583553][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.607753][ T4266] usb 5-1: 1:1 : UAC_AS_GENERAL descriptor not found
[  405.628469][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.639397][ T4266] usb 5-1: 2:1 : UAC_AS_GENERAL descriptor not found
[  405.663987][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.698519][ T4266] usb 5-1: USB disconnect, device number 13
[  405.711738][ T7973] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  405.773948][ T7973] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  405.805807][ T7973] batman_adv: batadv0: Interface activated: batadv_slave_1
[  405.837840][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  405.855555][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  405.894363][ T7973] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  405.917637][ T7973] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  405.946811][ T7973] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  405.971248][ T7973] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  406.128027][ T5015] udevd[5015]: error opening ATTR{/sys/devices/platform/dummy_hcd.4/usb5/5-1/5-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  406.369176][ T4343] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.377176][ T4343] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.458030][ T8267] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  406.487652][ T8267] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  406.533715][ T5232] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  406.582149][ T4343] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  406.613301][ T4343] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  406.648635][ T4343] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  406.769936][ T8280] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  407.661373][ T8280] loop6: detected capacity change from 0 to 4096
[  407.918491][   T26] audit: type=1800 audit(2000000278.910:18): pid=8279 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.936" name="file2" dev="loop6" ino=31 res=0 errno=0
[  408.580445][ T5232] Bluetooth: (null): Invalid header checksum
[  408.617222][ T5232] Bluetooth: (null): Invalid header checksum
[  408.678668][ T5232] Bluetooth: (null): Invalid header checksum
[  408.768408][ T5232] Bluetooth: (null): Invalid header checksum
[  408.855042][ T8300] siw: device registration error -23
[  408.890548][ T5224] Bluetooth: (null): Invalid header checksum
[  410.029699][ T4266] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  411.017602][ T4266] usb 8-1: Using ep0 maxpacket: 32
[  411.137899][ T4266] usb 8-1: config index 0 descriptor too short (expected 29220, got 36)
[  411.157938][ T4266] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  411.223556][ T4266] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81
[  411.288358][ T4266] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  411.315385][ T4266] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  411.507205][ T8328] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  411.516620][ T8328] 8021q: adding VLAN 0 to HW filter on device bond0
[  411.525430][ T8328] 8021q: adding VLAN 0 to HW filter on device team0
[  411.539811][ T4266] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  411.553120][ T4266] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  411.562195][ T4266] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  411.664602][ T4266] usb 8-1: config 0 descriptor??
[  411.672113][ T8328] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  411.940637][ T8338] loop5: detected capacity change from 0 to 2048
[  411.951218][ T4266] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  412.053883][ T8338] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  412.776083][ T8356] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  413.179181][ T8363] siw: device registration error -23
[  413.729255][ T4266] usb 8-1: USB disconnect, device number 2
[  413.755370][ T4266] usblp0: removed
[  413.876503][ T8373] loop7: detected capacity change from 0 to 512
[  414.078987][ T8373] EXT4-fs (loop7): Test dummy encryption mode enabled
[  414.124676][ T8379] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  414.183522][ T8373] EXT4-fs error (device loop7): ext4_orphan_get:1406: inode #15: comm syz.7.954: inode has both inline data and extents flags
[  414.276280][ T8373] EXT4-fs error (device loop7): ext4_orphan_get:1411: comm syz.7.954: couldn't read orphan inode 15 (err -117)
[  414.364728][ T8373] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  414.465888][ T8386] loop4: detected capacity change from 0 to 512
[  414.549205][ T8386] EXT4-fs (loop4): Ignoring removed oldalloc option
[  414.555957][ T8386] EXT4-fs (loop4): Ignoring removed nomblk_io_submit option
[  414.616459][ T8386] EXT4-fs (loop4): revision level too high, forcing read-only mode
[  414.634469][ T8386] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=c040e118, mo2=0002]
[  414.648621][ T8386] EXT4-fs (loop4): orphan cleanup on readonly fs
[  414.676714][ T8386] Quota error (device loop4): v2_read_header: Failed header read: expected=8 got=0
[  414.703380][ T8386] EXT4-fs warning (device loop4): ext4_enable_quotas:6488: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[  414.733423][ T8373] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  414.747818][ T8390] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  414.777656][ T8386] EXT4-fs (loop4): Cannot turn on quotas: error -22
[  414.818672][ T8386] EXT4-fs error (device loop4): ext4_validate_block_bitmap:438: comm syz.4.957: bg 0: block 40: padding at end of block bitmap is not set
[  414.915595][ T8386] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6191: Corrupt filesystem
[  414.958211][ T8386] EXT4-fs (loop4): 1 truncate cleaned up
[  414.963975][ T8386] EXT4-fs (loop4): mounted filesystem without journal. Opts: journal_dev=0x0000000000000001,noload,noblock_validity,oldalloc,nouid32,nomblk_io_submit,,errors=continue. Quota mode: writeback.
[  415.087647][ T8386] syz.4.957 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  415.141252][ T8409] fscrypt (loop4, inode 16): Error -61 getting encryption context
[  415.229272][ T8414] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  416.523897][ T4450] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  417.730636][ T4450] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  418.456376][ T4450] EXT4-fs (loop5): This should not happen!! Data will be lost
[  418.456376][ T4450] 
[  418.485126][ T4450] EXT4-fs (loop5): Total free blocks count 0
[  418.491791][ T4450] EXT4-fs (loop5): Free/Dirty block details
[  418.497805][ T4450] EXT4-fs (loop5): free_blocks=4096
[  418.503034][ T4450] EXT4-fs (loop5): dirty_blocks=32
[  418.508241][ T4450] EXT4-fs (loop5): Block reservation details
[  418.514268][ T4450] EXT4-fs (loop5): i_reserved_data_blocks=2
[  418.520972][ T4343] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  418.549221][ T4343] EXT4-fs (loop5): This should not happen!! Data will be lost
[  418.549221][ T4343] 
[  418.895848][ T8445] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  418.905490][ T8445] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  419.662051][ T8458] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  419.676783][ T8460] loop7: detected capacity change from 0 to 512
[  419.852526][ T8458] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  419.928943][ T8460] EXT4-fs (loop7): mounted filesystem without journal. Opts: nojournal_checksum,,errors=continue. Quota mode: writeback.
[  419.972372][ T8460] cgroup: Unknown subsys name 'smackfsroot'
[  420.022656][ T8475] loop6: detected capacity change from 0 to 2048
[  420.138598][ T8475] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  420.763329][ T8486] loop7: detected capacity change from 0 to 4096
[  421.651057][ T8496] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  421.679618][ T8496] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  421.814939][ T8486] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  423.666826][ T8523] ipt_CLUSTERIP: Please specify destination IP
[  424.482408][ T8542] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  424.496512][ T8542] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  424.671612][ T8557] loop5: detected capacity change from 0 to 256
[  424.777750][ T8557] FAT-fs (loop5): Directory bread(block 64) failed
[  424.784407][ T8557] FAT-fs (loop5): Directory bread(block 65) failed
[  424.791022][ T8557] FAT-fs (loop5): Directory bread(block 66) failed
[  424.797563][ T8557] FAT-fs (loop5): Directory bread(block 67) failed
[  424.804142][ T8557] FAT-fs (loop5): Directory bread(block 68) failed
[  424.810712][ T8557] FAT-fs (loop5): Directory bread(block 69) failed
[  424.817262][ T8557] FAT-fs (loop5): Directory bread(block 70) failed
[  424.823875][ T8557] FAT-fs (loop5): Directory bread(block 71) failed
[  424.830471][ T8557] FAT-fs (loop5): Directory bread(block 72) failed
[  424.837256][ T8557] FAT-fs (loop5): Directory bread(block 73) failed
[  425.913058][ T5224] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  426.864561][ T5224] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  426.877909][ T5224] EXT4-fs (loop6): This should not happen!! Data will be lost
[  426.877909][ T5224] 
[  426.888689][ T5224] EXT4-fs (loop6): Total free blocks count 0
[  426.894808][ T5224] EXT4-fs (loop6): Free/Dirty block details
[  426.903364][ T5224] EXT4-fs (loop6): free_blocks=4096
[  426.908833][ T5224] EXT4-fs (loop6): dirty_blocks=32
[  426.917394][ T5224] EXT4-fs (loop6): Block reservation details
[  426.923475][ T5224] EXT4-fs (loop6): i_reserved_data_blocks=2
[  426.930429][ T5224] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  426.943026][ T5224] EXT4-fs (loop6): This should not happen!! Data will be lost
[  426.943026][ T5224] 
[  427.275505][ T8585] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  427.351762][ T8591] siw: device registration error -23
[  428.168129][ T8585] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  430.078793][ T8600] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  431.198727][ T8611] loop5: detected capacity change from 0 to 16
[  431.355075][ T8611] erofs: (device loop5): mounted with root inode @ nid 36.
[  431.410236][ T8611] erofs: (device loop5): find_target_block_classic: corrupted dir block 8200 @ nid 36
[  431.690644][ T8618] loop7: detected capacity change from 0 to 16
[  431.770318][ T8618] erofs: (device loop7): mounted with root inode @ nid 36.
[  431.806373][ T8618] erofs: (device loop7): find_target_block_classic: corrupted dir block 8200 @ nid 36
[  431.838745][ T8618] erofs: (device loop7): z_erofs_extent_lookback: unknown type 3 @ lcn 9 of nid 36
[  431.887238][ T8627] loop5: detected capacity change from 0 to 512
[  431.893889][ T8618] erofs: (device loop7): z_erofs_readahead: readahead error at page 10 @ nid 36
[  431.930041][ T8618] attempt to access beyond end of device
[  431.930041][ T8618] loop7: rw=524288, want=67108888, limit=16
[  431.972988][ T8618] attempt to access beyond end of device
[  431.972988][ T8618] loop7: rw=524288, want=736, limit=16
[  432.004176][ T8631] loop6: detected capacity change from 0 to 2048
[  432.017610][ T8618] attempt to access beyond end of device
[  432.017610][ T8618] loop7: rw=524288, want=525152, limit=16
[  432.079677][ T8627] EXT4-fs (loop5): mounted filesystem without journal. Opts: usrquota,grpjquota=,nodelalloc,,errors=continue. Quota mode: writeback.
[  432.117524][ T8627] ext4 filesystem being mounted at /150/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  432.171397][ T8631] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  432.561364][ T8642] loop7: detected capacity change from 0 to 2048
[  432.737327][ T8642] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  433.382194][ T5232] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  433.608719][ T5232] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 160 with error 28
[  433.894496][ T5232] EXT4-fs (loop7): This should not happen!! Data will be lost
[  433.894496][ T5232] 
[  434.365164][ T5232] EXT4-fs (loop7): Total free blocks count 0
[  434.436405][ T5232] EXT4-fs (loop7): Free/Dirty block details
[  434.905087][ T5232] EXT4-fs (loop7): free_blocks=4096
[  434.978096][ T5232] EXT4-fs (loop7): dirty_blocks=160
[  434.983359][ T5232] EXT4-fs (loop7): Block reservation details
[  435.042508][ T5232] EXT4-fs (loop7): i_reserved_data_blocks=10
[  435.150430][ T8685] input: syz1 as /devices/virtual/input/input11
[  435.426227][ T8690] loop7: detected capacity change from 0 to 512
[  435.510844][ T8696] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  435.534836][ T8690] EXT4-fs (loop7): Test dummy encryption mode enabled
[  435.553453][ T8695] loop4: detected capacity change from 0 to 256
[  435.598076][ T8695] exfat: Deprecated parameter 'utf8'
[  435.607822][ T8696] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  435.629171][ T8690] EXT4-fs error (device loop7): ext4_orphan_get:1406: inode #15: comm syz.7.1014: inode has both inline data and extents flags
[  435.659061][ T8695] exFAT-fs (loop4): failed to load upcase table (idx : 0x0001fe89, chksum : 0xc232f927, utbl_chksum : 0xe619d30d)
[  435.717706][ T8690] EXT4-fs error (device loop7): ext4_orphan_get:1411: comm syz.7.1014: couldn't read orphan inode 15 (err -117)
[  435.796405][ T8690] EXT4-fs (loop7): mounted filesystem without journal. Opts: test_dummy_encryption,,errors=continue. Quota mode: writeback.
[  435.831915][ T8695] overlayfs: failed to resolve 'éq‰Y’3aK': -2
[  435.925352][ T8706] loop5: detected capacity change from 0 to 2048
[  435.933594][ T4343] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  435.966946][ T4343] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  436.014851][ T4343] EXT4-fs (loop6): This should not happen!! Data will be lost
[  436.014851][ T4343] 
[  436.025156][ T4343] EXT4-fs (loop6): Total free blocks count 0
[  436.028742][ T8706] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  436.037813][ T4343] EXT4-fs (loop6): Free/Dirty block details
[  436.062266][ T4343] EXT4-fs (loop6): free_blocks=4096
[  436.077595][ T8690] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  436.119007][ T4343] EXT4-fs (loop6): dirty_blocks=32
[  436.124178][ T4343] EXT4-fs (loop6): Block reservation details
[  436.202192][ T4343] EXT4-fs (loop6): i_reserved_data_blocks=2
[  436.252732][ T8709] fscrypt (loop7): Missing crypto API support for AES-256-CTS-CBC (API name: "cts(cbc(aes))")
[  436.268473][ T8710] fscrypt (loop7): Missing crypto API support for AES-256-XTS (API name: "xts(aes)")
[  436.348250][ T4450] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  436.371059][ T4343] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  436.449585][ T4450] EXT4-fs (loop6): This should not happen!! Data will be lost
[  436.449585][ T4450] 
[  436.479241][ T4343] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 160 with error 28
[  436.582442][ T4343] EXT4-fs (loop5): This should not happen!! Data will be lost
[  436.582442][ T4343] 
[  436.639420][ T8738] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1028'.
[  436.658478][ T4343] EXT4-fs (loop5): Total free blocks count 0
[  436.664523][ T4343] EXT4-fs (loop5): Free/Dirty block details
[  436.707448][ T4343] EXT4-fs (loop5): free_blocks=4096
[  436.713008][ T4343] EXT4-fs (loop5): dirty_blocks=160
[  436.731915][ T4343] EXT4-fs (loop5): Block reservation details
[  436.750909][ T4343] EXT4-fs (loop5): i_reserved_data_blocks=10
[  438.323029][ T8758] loop6: detected capacity change from 0 to 1024
[  438.390691][ T8754] loop7: detected capacity change from 0 to 2048
[  438.645369][ T8758] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  438.676160][ T8754] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  438.730852][ T8754] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  438.741576][ T8758] ext4 filesystem being mounted at /76/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  438.817669][ T8768] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  438.924789][ T8771] loop5: detected capacity change from 0 to 512
[  438.980458][ T8771] EXT4-fs (loop5): Ignoring removed nobh option
[  438.987662][ T8771] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  439.052482][ T8771] EXT4-fs (loop5): 1 truncate cleaned up
[  439.058423][ T8771] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,nobh,debug_want_extra_isize=0x0000000000000068,mb_optimize_scan=0x0000000000000001,max_batch_time=0x0000000000000007,dioread_lock,. Quota mode: none.
[  439.099014][   T26] audit: type=1800 audit(2000000310.090:19): pid=8771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1033" name="file2" dev="loop5" ino=16 res=0 errno=0
[  439.490907][ T8773] EXT4-fs error (device loop6): ext4_free_blocks:6231: comm syz.6.1032: Freeing blocks not in datazone - block = 0, count = 16
[  439.670146][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  439.676487][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  439.740834][ T8755] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm syz.6.1032: bg 0: block 112: padding at end of block bitmap is not set
[  439.804365][ T8755] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28
[  439.820960][ T8755] EXT4-fs (loop6): This should not happen!! Data will be lost
[  439.820960][ T8755] 
[  439.830748][ T8755] EXT4-fs (loop6): Total free blocks count 0
[  439.836830][ T8755] EXT4-fs (loop6): Free/Dirty block details
[  439.843343][ T8755] EXT4-fs (loop6): free_blocks=0
[  439.848514][ T8755] EXT4-fs (loop6): dirty_blocks=16
[  439.853751][ T8755] EXT4-fs (loop6): Block reservation details
[  439.861138][ T8755] EXT4-fs (loop6): i_reserved_data_blocks=1
[  440.073692][ T8782] loop5: detected capacity change from 0 to 2048
[  440.217801][ T8790] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  440.250040][ T8782] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  440.965442][ T5245] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  441.140571][ T8805] siw: device registration error -23
[  441.158026][ T5245] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  441.291097][ T5245] EXT4-fs (loop5): This should not happen!! Data will be lost
[  441.291097][ T5245] 
[  441.448695][ T5245] EXT4-fs (loop5): Total free blocks count 0
[  441.538052][ T5245] EXT4-fs (loop5): Free/Dirty block details
[  441.648338][ T5245] EXT4-fs (loop5): free_blocks=4096
[  441.727082][ T5245] EXT4-fs (loop5): dirty_blocks=32
[  441.762700][ T5245] EXT4-fs (loop5): Block reservation details
[  441.768930][ T5245] EXT4-fs (loop5): i_reserved_data_blocks=2
[  441.779756][ T5245] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  441.796080][ T5245] EXT4-fs (loop5): This should not happen!! Data will be lost
[  441.796080][ T5245] 
[  441.830124][ T8809] netlink: 104 bytes leftover after parsing attributes in process `syz.6.1044'.
[  442.105632][ T8815] loop6: detected capacity change from 0 to 2048
[  442.379122][ T8815] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  443.834524][ T8836] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  443.843677][ T5245] EXT4-fs error (device loop6): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  443.949164][ T8833] loop4: detected capacity change from 0 to 2048
[  443.964950][ T5245] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 160 with error 28
[  443.982652][ T5245] EXT4-fs (loop6): This should not happen!! Data will be lost
[  443.982652][ T5245] 
[  443.995708][ T5245] EXT4-fs (loop6): Total free blocks count 0
[  444.001808][ T5245] EXT4-fs (loop6): Free/Dirty block details
[  444.073863][ T8844] siw: device registration error -23
[  444.749634][ T5245] EXT4-fs (loop6): free_blocks=4096
[  444.856036][ T8847] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  445.023423][ T8847] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  445.051971][ T8833] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  445.072828][ T5245] EXT4-fs (loop6): dirty_blocks=160
[  445.110011][ T5245] EXT4-fs (loop6): Block reservation details
[  445.407605][ T5245] EXT4-fs (loop6): i_reserved_data_blocks=10
[  445.438940][ T5212] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  445.469078][ T8853] netlink: 'syz.1.1055': attribute type 10 has an invalid length.
[  445.505281][ T5212] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  445.697306][ T5212] EXT4-fs (loop4): This should not happen!! Data will be lost
[  445.697306][ T5212] 
[  445.868811][ T5212] EXT4-fs (loop4): Total free blocks count 0
[  445.890460][ T8853] team0: Port device netdevsim0 added
[  446.399399][ T5212] EXT4-fs (loop4): Free/Dirty block details
[  446.405309][ T5212] EXT4-fs (loop4): free_blocks=4096
[  446.437162][ T5212] EXT4-fs (loop4): dirty_blocks=32
[  446.442979][ T5212] EXT4-fs (loop4): Block reservation details
[  446.449631][ T5212] EXT4-fs (loop4): i_reserved_data_blocks=2
[  446.466043][ T4343] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  446.487545][ T4343] EXT4-fs (loop4): This should not happen!! Data will be lost
[  446.487545][ T4343] 
[  446.510212][ T8862] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  446.596818][ T8862] loop6: detected capacity change from 0 to 4096
[  446.675884][ T8871] loop4: detected capacity change from 0 to 2048
[  446.805583][   T26] audit: type=1800 audit(2000000317.790:20): pid=8877 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1046" name="file2" dev="loop6" ino=31 res=0 errno=0
[  446.910487][ T8871] EXT4-fs (loop4): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  447.578224][ T4349] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  447.720541][ T4349] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 160 with error 28
[  447.823546][ T4349] EXT4-fs (loop4): This should not happen!! Data will be lost
[  447.823546][ T4349] 
[  448.246851][ T8900] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  448.273220][ T8888] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  448.408767][ T4349] EXT4-fs (loop4): Total free blocks count 0
[  448.419098][ T8900] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  448.478101][ T4349] EXT4-fs (loop4): Free/Dirty block details
[  448.534019][ T4349] EXT4-fs (loop4): free_blocks=4096
[  448.556868][ T4349] EXT4-fs (loop4): dirty_blocks=160
[  448.612992][ T4349] EXT4-fs (loop4): Block reservation details
[  448.667437][ T4349] EXT4-fs (loop4): i_reserved_data_blocks=10
[  448.732110][ T8907] loop6: detected capacity change from 0 to 1024
[  448.793400][ T8908] loop7: detected capacity change from 0 to 2048
[  449.138604][ T8907] EXT4-fs (loop6): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  449.178488][ T8908] EXT4-fs (loop7): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  449.217291][ T8907] ext4 filesystem being mounted at /84/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  449.307572][ T8917] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm ext4lazyinit: bg 0: block 112: padding at end of block bitmap is not set
[  449.331684][ T8907] EXT4-fs error (device loop6): ext4_map_blocks:741: inode #15: block 3: comm syz.6.1068: lblock 3 mapped to illegal pblock 3 (length 3)
[  449.485394][ T5245] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1176: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  449.537644][ T8907] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  449.577211][ T5245] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  449.590484][ T8907] EXT4-fs (loop6): This should not happen!! Data will be lost
[  449.590484][ T8907] 
[  449.615397][ T5245] EXT4-fs (loop7): This should not happen!! Data will be lost
[  449.615397][ T5245] 
[  449.655362][ T5245] EXT4-fs (loop7): Total free blocks count 0
[  449.668580][ T8930] EXT4-fs error (device loop6): ext4_map_blocks:631: inode #15: block 3: comm syz.6.1068: lblock 3 mapped to illegal pblock 3 (length 1)
[  449.690573][ T5245] EXT4-fs (loop7): Free/Dirty block details
[  449.696679][ T5245] EXT4-fs (loop7): free_blocks=4096
[  449.706830][ T5245] EXT4-fs (loop7): dirty_blocks=32
[  449.733757][ T5245] EXT4-fs (loop7): Block reservation details
[  449.768564][ T5245] EXT4-fs (loop7): i_reserved_data_blocks=2
[  449.775344][ T5232] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 159 with max blocks 1 with error 28
[  449.808801][ T5232] EXT4-fs (loop7): This should not happen!! Data will be lost
[  449.808801][ T5232] 
[  449.991671][ T8932] EXT4-fs error (device loop6): ext4_ext_remove_space:2929: inode #15: comm syz.6.1068: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 2, max 4(4), depth 0(0)
[  450.204003][ T8907] EXT4-fs error (device loop6): ext4_map_blocks:741: inode #15: comm syz.6.1068: lblock 0 mapped to illegal pblock 0 (length 1)
[  450.335485][ T8932] EXT4-fs error (device loop6) in ext4_setattr:5645: Corrupt filesystem
[  450.944148][ T8962] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  453.953218][ T8990] hub 8-0:1.0: USB hub found
[  453.979076][ T8990] hub 8-0:1.0: 1 port detected
[  453.985367][ T8989] No such timeout policy "syz1"
[  454.173486][ T8973] sctp: failed to load transform for md5: -2
[  454.418165][ T9004] loop4: detected capacity change from 0 to 512
[  454.455217][ T9004] EXT4-fs (loop4): Ignoring removed mblk_io_submit option
[  454.508003][ T9004] EXT4-fs error (device loop4): ext4_iget_extra_inode:4573: inode #15: comm syz.4.1089: corrupted in-inode xattr
[  454.674405][ T9004] EXT4-fs (loop4): Remounting filesystem read-only
[  454.787498][ T9004] EXT4-fs error (device loop4): ext4_orphan_get:1411: comm syz.4.1089: couldn't read orphan inode 15 (err -117)
[  454.917664][ T9004] EXT4-fs (loop4): Remounting filesystem read-only
[  454.939370][ T9024] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  454.979519][ T9004] EXT4-fs (loop4): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  455.038827][ T9003] loop7: detected capacity change from 0 to 8192
[  455.048569][ T9017] siw: device registration error -23
[  455.064355][ T9024] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  457.835650][ T9049] loop4: detected capacity change from 0 to 8192
[  459.360064][ T9060] loop7: detected capacity change from 0 to 1024
[  460.908897][ T9073] siw: device registration error -23
[  460.947243][ T9081] loop5: detected capacity change from 0 to 512
[  461.065412][ T9081] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  461.097988][ T9081] EXT4-fs error (device loop5): ext4_iget_extra_inode:4573: inode #15: comm syz.5.1107: corrupted in-inode xattr
[  461.130985][ T9081] EXT4-fs (loop5): Remounting filesystem read-only
[  461.147600][ T9081] EXT4-fs error (device loop5): ext4_orphan_get:1411: comm syz.5.1107: couldn't read orphan inode 15 (err -117)
[  461.187515][ T9081] EXT4-fs (loop5): Remounting filesystem read-only
[  461.202584][ T9081] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  461.242891][ T9089] lo speed is unknown, defaulting to 1000
[  465.585345][ T9125] loop6: detected capacity change from 0 to 256
[  465.856237][ T9127] loop5: detected capacity change from 0 to 8
[  469.305012][ T9175] loop6: detected capacity change from 0 to 1024
[  469.408034][ T9175] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a802e018, mo2=0002]
[  469.423149][ T9175] System zones: 0-1, 3-8
[  469.434112][ T9175] EXT4-fs (loop6): mounted filesystem without journal. Opts: nouid32,jqfmt=vfsv1,noquota,debug,journal_dev=0x0000000000000005,nodioread_nolock,,errors=continue. Quota mode: none.
[  469.453384][ T9178] loop5: detected capacity change from 0 to 512
[  469.457780][ T9175] ext4 filesystem being mounted at /93/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  469.536648][   T26] audit: type=1800 audit(2000000340.520:21): pid=9175 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1136" name="file1" dev="loop6" ino=15 res=0 errno=0
[  469.562031][ T9178] EXT4-fs (loop5): Ignoring removed mblk_io_submit option
[  469.600435][ T9178] EXT4-fs error (device loop5): ext4_iget_extra_inode:4573: inode #15: comm syz.5.1137: corrupted in-inode xattr
[  469.620168][ T9178] EXT4-fs (loop5): Remounting filesystem read-only
[  469.633635][ T9175] EXT4-fs error (device loop6): ext4_free_blocks:6231: comm syz.6.1136: Freeing blocks not in datazone - block = 0, count = 16
[  469.647503][ T9178] EXT4-fs error (device loop5): ext4_orphan_get:1411: comm syz.5.1137: couldn't read orphan inode 15 (err -117)
[  469.688965][ T9178] EXT4-fs (loop5): Remounting filesystem read-only
[  469.712196][ T5232] EXT4-fs error (device loop6): ext4_validate_block_bitmap:438: comm kworker/u4:19: bg 0: block 112: padding at end of block bitmap is not set
[  469.741420][ T9178] EXT4-fs (loop5): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  469.795763][ T5232] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 4 with error 28
[  469.959272][ T5232] EXT4-fs (loop6): This should not happen!! Data will be lost
[  469.959272][ T5232] 
[  470.017012][ T5232] EXT4-fs (loop6): Total free blocks count 0
[  470.094376][ T5232] EXT4-fs (loop6): Free/Dirty block details
[  470.181532][ T5232] EXT4-fs (loop6): free_blocks=16
[  470.260047][ T5232] EXT4-fs (loop6): dirty_blocks=16
[  470.332518][ T5232] EXT4-fs (loop6): Block reservation details
[  470.410503][ T5232] EXT4-fs (loop6): i_reserved_data_blocks=1
[  472.499299][ T9229] loop5: detected capacity change from 0 to 8
[  472.578162][ T9229] squashfs: Unknown parameter '#! 
[  472.578162][ T9229] Ó	'
[  472.707472][ T9237] loop7: detected capacity change from 0 to 128
[  473.069383][ T9242] loop7: detected capacity change from 0 to 2048
[  473.125005][ T9243] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  473.157456][ T7066] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  473.397411][ T7066] usb 6-1: Using ep0 maxpacket: 16
[  473.677714][ T7066] usb 6-1: New USB device found, idVendor=064b, idProduct=7825, bcdDevice=62.b8
[  473.707741][ T7066] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  473.715887][ T7066] usb 6-1: Product: syz
[  473.757447][ T7066] usb 6-1: Manufacturer: syz
[  473.762136][ T7066] usb 6-1: SerialNumber: syz
[  474.035010][ T9239] udc-core: couldn't find an available UDC or it's busy
[  474.063983][ T9259] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  474.172213][ T9239] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  474.372796][ T9239] udc-core: couldn't find an available UDC or it's busy
[  474.515210][ T9239] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  474.844092][ T9239] udc-core: couldn't find an available UDC or it's busy
[  474.897396][ T9239] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  474.940144][ T9239] udc-core: couldn't find an available UDC or it's busy
[  475.001751][ T9239] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  475.099237][ T7066] upd78f0730 6-1:8.0: upd78f0730 converter detected
[  475.142132][ T7066] usb 6-1: upd78f0730 converter now attached to ttyUSB0
[  475.160443][ T7066] usb 6-1: USB disconnect, device number 8
[  475.179506][ T7066] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0
[  475.191588][ T7066] upd78f0730 6-1:8.0: device disconnected
[  475.242626][ T9277] netlink: 'syz.7.1169': attribute type 39 has an invalid length.
[  475.316912][ T9282] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1172'.
[  475.362585][ T9282] netlink: 20 bytes leftover after parsing attributes in process `syz.1.1172'.
[  475.694814][ T9288] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  476.491986][ T9294] fuse: Bad value for 'fd'
[  476.499094][ T9294] fuse: Bad value for 'fd'
[  476.503943][ T9294] fuse: Bad value for 'fd'
[  476.565063][ T9292] netlink: 36 bytes leftover after parsing attributes in process `syz.5.1174'.
[  477.696459][ T9304] loop7: detected capacity change from 0 to 2048
[  477.809289][ T9314] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  478.317459][ T4284] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  478.731476][ T9329] fuse: Bad value for 'fd'
[  478.793729][ T9329] fuse: Bad value for 'fd'
[  478.927440][ T4284] usb 7-1: Using ep0 maxpacket: 16
[  479.228754][ T9342] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  479.385602][ T9342] loop7: detected capacity change from 0 to 4096
[  479.467950][ T4284] usb 7-1: New USB device found, idVendor=064b, idProduct=7825, bcdDevice=62.b8
[  479.500409][ T4284] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  479.557695][   T26] audit: type=1800 audit(2000000350.540:22): pid=9346 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.7.1193" name="file2" dev="loop7" ino=31 res=0 errno=0
[  479.579008][ T4284] usb 7-1: Product: syz
[  479.623594][ T4284] usb 7-1: Manufacturer: syz
[  479.671349][ T4284] usb 7-1: SerialNumber: syz
[  480.029107][ T9317] udc-core: couldn't find an available UDC or it's busy
[  480.057644][ T9317] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  480.086002][ T9351] capability: warning: `syz.1.1197' uses 32-bit capabilities (legacy support in use)
[  480.098503][ T9317] udc-core: couldn't find an available UDC or it's busy
[  480.127520][ T9317] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  480.218085][ T9317] udc-core: couldn't find an available UDC or it's busy
[  480.225073][ T9317] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  480.308361][ T9317] udc-core: couldn't find an available UDC or it's busy
[  480.336646][ T9317] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  480.717619][ T9368] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1202'.
[  480.733494][ T9372] fuse: Bad value for 'fd'
[  480.739533][ T4284] upd78f0730 7-1:8.0: upd78f0730 converter detected
[  480.752529][ T9370] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1204'.
[  480.762061][ T4284] usb 7-1: upd78f0730 converter now attached to ttyUSB0
[  480.771517][ T9372] fuse: Bad value for 'fd'
[  480.776397][ T9372] fuse: Bad value for 'fd'
[  480.785569][ T4284] usb 7-1: USB disconnect, device number 4
[  480.809167][ T4284] upd78f0730 ttyUSB0: upd78f0730 converter now disconnected from ttyUSB0
[  480.824215][ T4284] upd78f0730 7-1:8.0: device disconnected
[  481.307202][ T9384] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  481.947459][ T9385] loop7: detected capacity change from 0 to 8
[  482.027883][ T9385] squashfs: Unknown parameter '#! 
[  482.027883][ T9385] Ó	'
[  482.882245][ T9407] fuse: Bad value for 'fd'
[  482.966380][ T9407] fuse: Bad value for 'fd'
[  484.695467][ T9422] loop7: detected capacity change from 0 to 512
[  484.784142][ T9431] loop5: detected capacity change from 0 to 512
[  484.809259][ T9422] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  484.880061][ T9431] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,grpquota,,errors=continue. Quota mode: writeback.
[  484.892615][ T9422] EXT4-fs error (device loop7): ext4_iget_extra_inode:4573: inode #15: comm syz.7.1223: corrupted in-inode xattr
[  484.948024][ T9422] EXT4-fs (loop7): Remounting filesystem read-only
[  484.954920][ T9431] ext4 filesystem being mounted at /197/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  484.981201][ T9422] EXT4-fs error (device loop7): ext4_orphan_get:1411: comm syz.7.1223: couldn't read orphan inode 15 (err -117)
[  485.054884][ T9422] EXT4-fs (loop7): Remounting filesystem read-only
[  485.078732][ T9441] loop4: detected capacity change from 0 to 8
[  485.085580][ T9422] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  487.711984][ T9456] lo speed is unknown, defaulting to 1000
[  487.777331][ T9458] loop7: detected capacity change from 0 to 2048
[  487.885353][ T9461] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1232'.
[  487.929258][ T9461] bridge0: port 2(bridge_slave_1) entered disabled state
[  487.940894][ T9465] siw: device registration error -23
[  487.958302][ T9458] EXT4-fs (loop7): mounted filesystem without journal. Opts: dioread_lock,,errors=continue. Quota mode: none.
[  488.042784][ T9461] device bridge_slave_1 left promiscuous mode
[  488.069781][ T9461] bridge0: port 2(bridge_slave_1) entered disabled state
[  490.074435][ T9493] loop4: detected capacity change from 0 to 8
[  490.088366][ T9489] loop6: detected capacity change from 0 to 512
[  490.109906][ T9495] hub 8-0:1.0: USB hub found
[  490.116444][ T9495] hub 8-0:1.0: 1 port detected
[  490.582465][ T9501] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1243'.
[  490.671117][ T9506] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1244'.
[  490.680617][ T9501] 8021q: adding VLAN 0 to HW filter on device bond1
[  490.689400][ T9489] EXT4-fs (loop6): Ignoring removed mblk_io_submit option
[  490.864555][ T9489] EXT4-fs error (device loop6): ext4_iget_extra_inode:4573: inode #15: comm syz.6.1240: corrupted in-inode xattr
[  490.884618][ T9503] bond1: (slave gretap1): Enslaving as an active interface with an up link
[  490.895038][ T4245] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  490.898943][ T9489] EXT4-fs (loop6): Remounting filesystem read-only
[  490.931173][ T9489] EXT4-fs error (device loop6): ext4_orphan_get:1411: comm syz.6.1240: couldn't read orphan inode 15 (err -117)
[  490.951166][ T9489] EXT4-fs (loop6): Remounting filesystem read-only
[  490.970072][ T9489] EXT4-fs (loop6): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  491.126809][ T9520] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  491.689739][ T9525] loop7: detected capacity change from 0 to 128
[  491.985911][ T9533] attempt to access beyond end of device
[  491.985911][ T9533] loop7: rw=2049, want=577, limit=128
[  492.063248][ T9538] loop6: detected capacity change from 0 to 1024
[  492.108783][ T4343] Bluetooth: (null): Invalid header checksum
[  492.117599][ T4343] Bluetooth: (null): Invalid header checksum
[  492.138318][ T9538] EXT4-fs (loop6): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  492.287612][ T9538] ext4 filesystem being mounted at /112/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  492.308131][ T4343] Bluetooth: (null): Invalid header checksum
[  492.347465][ T4349] Bluetooth: (null): Invalid header checksum
[  492.409141][ T9538] EXT4-fs error (device loop6): ext4_map_blocks:741: inode #15: block 3: comm syz.6.1253: lblock 3 mapped to illegal pblock 3 (length 3)
[  492.437953][ T4343] Bluetooth: (null): Invalid header checksum
[  492.468762][ T9538] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  492.567517][ T4245] Bluetooth: (null): Invalid header checksum
[  492.750186][ T4245] Bluetooth: (null): Invalid header checksum
[  492.778240][ T9538] EXT4-fs (loop6): This should not happen!! Data will be lost
[  492.778240][ T9538] 
[  492.796658][ T4245] Bluetooth: (null): Invalid header checksum
[  492.816831][ T9550] loop7: detected capacity change from 0 to 2048
[  492.882800][ T4349] Bluetooth: (null): Invalid header checksum
[  492.940002][ T9552] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  492.987649][ T4349] Bluetooth: (null): Invalid header checksum
[  493.022220][ T4349] EXT4-fs error (device loop6): ext4_map_blocks:741: inode #15: block 8: comm kworker/u4:7: lblock 8 mapped to illegal pblock 8 (length 8)
[  493.265840][ T4343] Bluetooth: (null): Invalid header checksum
[  493.281112][ T4343] Bluetooth: (null): Invalid header checksum
[  493.321212][ T4349] EXT4-fs (loop6): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  493.347369][ T4349] EXT4-fs (loop6): This should not happen!! Data will be lost
[  493.347369][ T4349] 
[  493.368046][ T4343] Bluetooth: (null): Invalid header checksum
[  493.477631][ T4245] Bluetooth: (null): Invalid header checksum
[  493.662526][ T4245] Bluetooth: (null): Invalid header checksum
[  493.690792][ T9556] loop7: detected capacity change from 0 to 2048
[  493.699021][ T4245] Bluetooth: (null): Invalid header checksum
[  494.463888][ T5232] Bluetooth: (null): Invalid header checksum
[  494.561785][ T9561] NILFS (loop7): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  494.579752][ T5232] Bluetooth: (null): Invalid header checksum
[  494.627311][ T5232] Bluetooth: (null): Invalid header checksum
[  494.653980][ T5232] Bluetooth: (null): Invalid header checksum
[  494.716127][ T5232] Bluetooth: (null): Invalid header checksum
[  494.734824][ T5232] Bluetooth: (null): Invalid header checksum
[  494.752876][ T5232] Bluetooth: (null): Invalid header checksum
[  494.752970][ T5232] Bluetooth: (null): Invalid header checksum
[  494.770097][ T5232] Bluetooth: (null): Invalid header checksum
[  494.877652][ T5232] Bluetooth: (null): Invalid header checksum
[  495.006385][ T4349] Bluetooth: (null): Invalid header checksum
[  495.039122][ T9570] ip_tunnel: non-ECT from 0.0.0.0 with TOS=0x3
[  495.093372][ T9573] loop7: detected capacity change from 0 to 512
[  495.168883][ T9573] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  495.232242][ T9573] EXT4-fs error (device loop7): ext4_iget_extra_inode:4573: inode #15: comm syz.7.1260: corrupted in-inode xattr
[  495.264512][ T9570] loop4: detected capacity change from 0 to 4096
[  495.317858][ T9573] EXT4-fs (loop7): Remounting filesystem read-only
[  495.324482][ T9573] EXT4-fs error (device loop7): ext4_orphan_get:1411: comm syz.7.1260: couldn't read orphan inode 15 (err -117)
[  495.408886][ T9573] EXT4-fs (loop7): Remounting filesystem read-only
[  495.415809][ T9573] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  495.581600][   T26] audit: type=1800 audit(2000000366.570:23): pid=9580 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.1262" name="file2" dev="loop4" ino=31 res=0 errno=0
[  497.746628][ T5232] Bluetooth: (null): Invalid header checksum
[  497.753847][ T9611] netlink: 56 bytes leftover after parsing attributes in process `syz.6.1276'.
[  497.806450][ T5232] Bluetooth: (null): Invalid header checksum
[  497.817478][ T9612] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  497.862467][ T9615] loop7: detected capacity change from 0 to 512
[  497.869105][ T5232] Bluetooth: (null): Invalid header checksum
[  497.890818][  T156] Bluetooth: (null): Invalid header checksum
[  498.008442][ T4343] Bluetooth: (null): Invalid header checksum
[  498.062781][ T9615] EXT4-fs (loop7): mounted filesystem without journal. Opts: grpjquota=,max_dir_size_kb=0x0000000000000a32,noinit_itable,,errors=continue. Quota mode: writeback.
[  498.093552][ T9615] ext4 filesystem being mounted at /70/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  498.668211][   T26] audit: type=1326 audit(2000000369.660:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  498.939287][ T9650] siw: device registration error -23
[  498.949238][   T26] audit: type=1326 audit(2000000369.680:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  499.809540][   T26] audit: type=1326 audit(2000000369.680:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  499.839303][ T9661] loop7: detected capacity change from 0 to 512
[  499.865972][   T26] audit: type=1326 audit(2000000369.680:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=437 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  500.307335][   T26] audit: type=1326 audit(2000000369.680:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  500.354937][ T9665] loop6: detected capacity change from 0 to 2048
[  500.367726][ T9661] EXT4-fs (loop7): Ignoring removed mblk_io_submit option
[  500.382166][ T9666] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  500.446904][ T9672] NILFS (loop6): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  500.548862][ T9661] EXT4-fs error (device loop7): ext4_iget_extra_inode:4573: inode #15: comm syz.7.1292: corrupted in-inode xattr
[  500.557527][   T26] audit: type=1326 audit(2000000369.680:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  500.597872][ T9661] EXT4-fs (loop7): Remounting filesystem read-only
[  500.604455][ T9661] EXT4-fs error (device loop7): ext4_orphan_get:1411: comm syz.7.1292: couldn't read orphan inode 15 (err -117)
[  500.657879][   T26] audit: type=1326 audit(2000000369.680:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  500.685664][ T9661] EXT4-fs (loop7): Remounting filesystem read-only
[  500.707705][ T9661] EXT4-fs (loop7): mounted filesystem without journal. Opts: jqfmt=vfsold,inode_readahead_blks=0x0000000004000000,data_err=ignore,noload,delalloc,mblk_io_submit,commit=0x0000000000000000,errors=remount-ro,lazytime,init_itable=0x0000000000000004,. Quota mode: none.
[  500.866214][   T26] audit: type=1326 audit(2000000369.680:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9639 comm="syz.6.1286" exe="/root/ci2-linux-5-15-kasan/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f78f5982e59 code=0x7ffc0000
[  500.911971][ T9675] loop4: detected capacity change from 0 to 8192
[  501.110572][ T1420] ieee802154 phy0 wpan0: encryption failed: -22
[  501.116912][ T1420] ieee802154 phy1 wpan1: encryption failed: -22
[  501.978811][ T4349] Bluetooth: (null): Invalid header checksum
[  501.993153][ T4349] Bluetooth: (null): Invalid header checksum
[  502.189206][ T4349] Bluetooth: (null): Invalid header checksum
[  502.992933][ T9709] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  503.320259][ T9713] loop7: detected capacity change from 0 to 1024
[  503.557647][ T9719] loop4: detected capacity change from 0 to 256
[  503.683715][ T9719] FAT-fs (loop4): Directory bread(block 64) failed
[  503.711359][ T9725] netlink: 'syz.6.1313': attribute type 4 has an invalid length.
[  503.723892][ T9719] FAT-fs (loop4): Directory bread(block 65) failed
[  503.752130][ T9719] FAT-fs (loop4): Directory bread(block 66) failed
[  503.775598][ T9719] FAT-fs (loop4): Directory bread(block 67) failed
[  503.797083][ T9719] FAT-fs (loop4): Directory bread(block 68) failed
[  503.880095][ T9719] FAT-fs (loop4): Directory bread(block 69) failed
[  503.904019][ T9719] FAT-fs (loop4): Directory bread(block 70) failed
[  503.939875][ T9719] FAT-fs (loop4): Directory bread(block 71) failed
[  503.946528][ T9719] FAT-fs (loop4): Directory bread(block 72) failed
[  504.035306][ T9719] FAT-fs (loop4): Directory bread(block 73) failed
[  504.961649][ T9736] loop6: detected capacity change from 0 to 2048
[  505.124050][ T9736] EXT4-fs (loop6): mounted filesystem without journal. Opts: init_itable,acl,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  505.192192][   T26] audit: type=1800 audit(2000000376.180:32): pid=9736 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.1317" name="file1" dev="loop6" ino=15 res=0 errno=0
[  505.665320][ T9754] ------------[ cut here ]------------
[  505.758336][ T9754] trace type BPF program uses run-time allocation
[  505.814373][ T9754] WARNING: CPU: 1 PID: 9754 at kernel/bpf/verifier.c:11756 check_map_prog_compatibility+0x6cf/0x870
[  506.025323][ T9754] Modules linked in:
[  506.201645][ T9754] CPU: 0 PID: 9754 Comm: syz.5.1321 Not tainted syzkaller #0
[  506.459205][ T9754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  506.471636][ T9759] cgroup: fork rejected by pids controller in /syz4
[  506.510354][ T9754] RIP: 0010:check_map_prog_compatibility+0x6cf/0x870
[  506.540817][ T9754] Code: ff e8 d5 b6 ef ff 48 c7 c6 00 4c 31 8a e9 0d fd ff ff e8 c4 b6 ef ff c6 05 04 d0 ec 0b 01 48 c7 c7 60 48 31 8a e8 01 5a 28 08 <0f> 0b e9 9f fb ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c a5 f9
[  506.578970][ T9754] RSP: 0018:ffffc900034ff450 EFLAGS: 00010246
[  506.585133][ T9754] RAX: d1622daeb1aae000 RBX: 0000000000000001 RCX: 0000000000080000
[  506.593194][ T9754] RDX: ffffc90017008000 RSI: 0000000000002e03 RDI: 0000000000002e04
[  506.601833][ T9754] RBP: ffff88804d920000 R08: ffff8880b9133d7f R09: 1ffff110172267af
[  506.610058][ T9754] R10: dffffc0000000000 R11: ffffed10172267b0 R12: ffffc90002fb5038
[  506.618252][ T9754] R13: 0000000000000011 R14: dffffc0000000000 R15: 1ffff920005f6a07
[  506.626254][ T9754] FS:  00007efe2bdb36c0(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  506.635470][ T9754] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  506.657424][ T9754] CR2: 0000200000a00000 CR3: 000000004db08000 CR4: 00000000003506e0
[  506.665431][ T9754] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  506.692345][ T9754] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  506.715790][ T9754] Call Trace:
[  506.719730][ T9754]  <TASK>
[  506.722874][ T9754]  resolve_pseudo_ldimm64+0x681/0x1040
[  506.728707][ T9754]  ? check_attach_btf_id+0xe70/0xe70
[  506.734168][ T9754]  ? __mark_reg_known+0x1a0/0x1a0
[  506.739714][ T9754]  bpf_check+0x4e00/0xf270
[  506.744283][ T9754]  ? mark_lock+0x94/0x320
[  506.748919][ T9754]  ? __lock_acquire+0x13bc/0x7d10
[  506.754077][ T9754]  ? bpf_get_btf_vmlinux+0x10/0x10
[  506.760539][ T9754]  ? mark_lock+0x94/0x320
[  506.765020][ T9754]  ? verify_lock_unused+0x140/0x140
[  506.770628][ T9754]  ? __mutex_trylock_common+0x155/0x260
[  506.776288][ T9754]  ? verify_lock_unused+0x140/0x140
[  506.781957][ T9754]  ? rcu_lock_release+0x5/0x20
[  506.786912][ T9754]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  506.793312][ T9754]  ? lock_chain_count+0x20/0x20
[  506.801145][ T9754]  ? seqcount_lockdep_reader_access+0x127/0x1d0
[  506.808216][ T9754]  ? lockdep_hardirqs_on+0x94/0x140
[  506.813581][ T9754]  ? ktime_get_with_offset+0xff/0x320
[  506.819344][ T9754]  ? seqcount_lockdep_reader_access+0x18d/0x1d0
[  506.825688][ T9754]  ? ktime_get_real_ts64+0x440/0x440
[  506.831636][ T9754]  ? pcpu_alloc+0x1121/0x1770
[  506.836435][ T9754]  ? __might_fault+0xb3/0x110
[  506.841643][ T9754]  ? memset+0x1e/0x40
[  506.845817][ T9754]  ? bpf_obj_name_cpy+0x190/0x1d0
[  506.851164][ T9754]  bpf_prog_load+0xfec/0x1510
[  506.856007][ T9754]  ? map_freeze+0x350/0x350
[  506.861438][ T9754]  ? __might_fault+0xb7/0x110
[  506.866843][ T9754]  ? __might_fault+0xb3/0x110
[  506.872318][ T9754]  ? bpf_lsm_bpf+0x5/0x10
[  506.876854][ T9754]  ? security_bpf+0x7a/0xa0
[  506.881751][ T9754]  __sys_bpf+0x532/0x6f0
[  506.886128][ T9754]  ? bpf_link_show_fdinfo+0x380/0x380
[  506.892000][ T9754]  ? vtime_user_exit+0x2c8/0x3e0
[  506.897112][ T9754]  __x64_sys_bpf+0x78/0x90
[  506.902008][ T9754]  do_syscall_64+0x4c/0xa0
[  506.906533][ T9754]  ? clear_bhb_loop+0x30/0x80
[  506.914372][ T9754]  ? clear_bhb_loop+0x30/0x80
[  506.919346][ T9754]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  506.925378][ T9754] RIP: 0033:0x7efe2db7ae59
[  506.933351][ T9754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  506.967405][ T9754] RSP: 002b:00007efe2bdb3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  506.976796][ T9754] RAX: ffffffffffffffda RBX: 00007efe2ddf4090 RCX: 00007efe2db7ae59
[  506.994083][ T9754] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  507.011063][ T9754] RBP: 00007efe2dc10d6f R08: 0000000000000000 R09: 0000000000000000
[  507.032575][ T9754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  507.050763][ T9754] R13: 00007efe2ddf4128 R14: 00007efe2ddf4090 R15: 00007ffc33343778
[  507.068989][ T9754]  </TASK>
[  507.075459][ T9754] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  507.082771][ T9754] CPU: 0 PID: 9754 Comm: syz.5.1321 Not tainted syzkaller #0
[  507.090168][ T9754] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 04/18/2026
[  507.100240][ T9754] Call Trace:
[  507.103531][ T9754]  <TASK>
[  507.106476][ T9754]  dump_stack_lvl+0x188/0x250
[  507.111214][ T9754]  ? show_regs_print_info+0x20/0x20
[  507.116434][ T9754]  ? load_image+0x400/0x400
[  507.120968][ T9754]  panic+0x2e5/0x810
[  507.124931][ T9754]  ? bpf_jit_dump+0xd0/0xd0
[  507.129465][ T9754]  ? check_map_prog_compatibility+0x6cf/0x870
[  507.135554][ T9754]  __warn+0x248/0x2b0
[  507.139555][ T9754]  ? check_map_prog_compatibility+0x6cf/0x870
[  507.145640][ T9754]  report_bug+0x1b7/0x2e0
[  507.150053][ T9754]  handle_bug+0x3a/0x70
[  507.154225][ T9754]  exc_invalid_op+0x16/0x40
[  507.158747][ T9754]  asm_exc_invalid_op+0x16/0x20
[  507.163630][ T9754] RIP: 0010:check_map_prog_compatibility+0x6cf/0x870
[  507.170410][ T9754] Code: ff e8 d5 b6 ef ff 48 c7 c6 00 4c 31 8a e9 0d fd ff ff e8 c4 b6 ef ff c6 05 04 d0 ec 0b 01 48 c7 c7 60 48 31 8a e8 01 5a 28 08 <0f> 0b e9 9f fb ff ff 44 89 e9 80 e1 07 80 c1 03 38 c1 0f 8c a5 f9
[  507.190058][ T9754] RSP: 0018:ffffc900034ff450 EFLAGS: 00010246
[  507.196246][ T9754] RAX: d1622daeb1aae000 RBX: 0000000000000001 RCX: 0000000000080000
[  507.204267][ T9754] RDX: ffffc90017008000 RSI: 0000000000002e03 RDI: 0000000000002e04
[  507.212256][ T9754] RBP: ffff88804d920000 R08: ffff8880b9133d7f R09: 1ffff110172267af
[  507.220247][ T9754] R10: dffffc0000000000 R11: ffffed10172267b0 R12: ffffc90002fb5038
[  507.228244][ T9754] R13: 0000000000000011 R14: dffffc0000000000 R15: 1ffff920005f6a07
[  507.236257][ T9754]  resolve_pseudo_ldimm64+0x681/0x1040
[  507.241780][ T9754]  ? check_attach_btf_id+0xe70/0xe70
[  507.247100][ T9754]  ? __mark_reg_known+0x1a0/0x1a0
[  507.252156][ T9754]  bpf_check+0x4e00/0xf270
[  507.256620][ T9754]  ? mark_lock+0x94/0x320
[  507.260973][ T9754]  ? __lock_acquire+0x13bc/0x7d10
[  507.266128][ T9754]  ? bpf_get_btf_vmlinux+0x10/0x10
[  507.271271][ T9754]  ? mark_lock+0x94/0x320
[  507.275633][ T9754]  ? verify_lock_unused+0x140/0x140
[  507.280849][ T9754]  ? __mutex_trylock_common+0x155/0x260
[  507.286426][ T9754]  ? verify_lock_unused+0x140/0x140
[  507.291649][ T9754]  ? rcu_lock_release+0x5/0x20
[  507.296449][ T9754]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  507.302457][ T9754]  ? lock_chain_count+0x20/0x20
[  507.307332][ T9754]  ? seqcount_lockdep_reader_access+0x127/0x1d0
[  507.313589][ T9754]  ? lockdep_hardirqs_on+0x94/0x140
[  507.318819][ T9754]  ? ktime_get_with_offset+0xff/0x320
[  507.324209][ T9754]  ? seqcount_lockdep_reader_access+0x18d/0x1d0
[  507.330465][ T9754]  ? ktime_get_real_ts64+0x440/0x440
[  507.335760][ T9754]  ? pcpu_alloc+0x1121/0x1770
[  507.340505][ T9754]  ? __might_fault+0xb3/0x110
[  507.345201][ T9754]  ? memset+0x1e/0x40
[  507.349192][ T9754]  ? bpf_obj_name_cpy+0x190/0x1d0
[  507.354236][ T9754]  bpf_prog_load+0xfec/0x1510
[  507.358941][ T9754]  ? map_freeze+0x350/0x350
[  507.363465][ T9754]  ? __might_fault+0xb7/0x110
[  507.368165][ T9754]  ? __might_fault+0xb3/0x110
[  507.372859][ T9754]  ? bpf_lsm_bpf+0x5/0x10
[  507.377223][ T9754]  ? security_bpf+0x7a/0xa0
[  507.381781][ T9754]  __sys_bpf+0x532/0x6f0
[  507.386052][ T9754]  ? bpf_link_show_fdinfo+0x380/0x380
[  507.391460][ T9754]  ? vtime_user_exit+0x2c8/0x3e0
[  507.396427][ T9754]  __x64_sys_bpf+0x78/0x90
[  507.400870][ T9754]  do_syscall_64+0x4c/0xa0
[  507.405310][ T9754]  ? clear_bhb_loop+0x30/0x80
[  507.410025][ T9754]  ? clear_bhb_loop+0x30/0x80
[  507.414742][ T9754]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  507.420661][ T9754] RIP: 0033:0x7efe2db7ae59
[  507.425107][ T9754] Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 44 00 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  507.444823][ T9754] RSP: 002b:00007efe2bdb3028 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  507.453275][ T9754] RAX: ffffffffffffffda RBX: 00007efe2ddf4090 RCX: 00007efe2db7ae59
[  507.461271][ T9754] RDX: 0000000000000094 RSI: 00002000000000c0 RDI: 0000000000000005
[  507.469267][ T9754] RBP: 00007efe2dc10d6f R08: 0000000000000000 R09: 0000000000000000
[  507.477262][ T9754] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  507.485250][ T9754] R13: 00007efe2ddf4128 R14: 00007efe2ddf4090 R15: 00007ffc33343778
[  507.493268][ T9754]  </TASK>
[  507.496529][ T9754] Kernel Offset: disabled
[  507.512253][ T9754] Rebooting in 86400 seconds..