last executing test programs:

1m8.939713705s ago: executing program 0 (id=722):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[], 0x5c}}, 0x0)

1m8.765764419s ago: executing program 0 (id=724):
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udp(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x8, 0x3, &(0x7f0000000380)=ANY=[@ANYBLOB], 0x0, 0x8, 0x0, 0x0, 0x0, 0x42}, 0x94)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0xc0}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f0000000640)=<r2=>0x0)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2f, 0x8, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x47bc, 0x20, 0x0, 0x0, 0x0)

1m8.746672456s ago: executing program 0 (id=725):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000500)={0x6, 0x0, 0x0, 0x0, 0x6, 0xa8, &(0x7f0000001ec0)=""/168, 0x40f00, 0x1, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xb}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000)=r1, 0x40)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000100)=@hci={0x1f, 0x0, 0x4}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000003c21c00b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722475ca5", 0x72}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b700c9e37eed5653ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d33330e2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb00"/135, 0x87}, {&(0x7f0000001400)="7f4ba13c5a27118dc920175650f0c9ba1809dd13a6e2d5b38f40adfa278c09e0e3bd05add4d780cd753b50f06f3b51f43761c7783f38ceaefc2dad57889d8b3a2d21314410f64ec2fa92e3a14b0141b39c020021d1edd011fbccb808a317fff4cf49aab12da619d67102048ec43c76cdb9d395e8b7b6e589d788aeeecb5080fc3d5ec6ccd656e49c0a642671d3fc363b46240bbc46ad965399b71db3c8f2b269b20870a3d2a6a8de5213b0f9d41c510c827056b7284391da244ec7653648b670f9a3483b314d861992ed7fb369eda093e1643c300b94d996fc592adb22c379be070ce5cd806da85a492dd4199cceb4c5b750222485325cf1073bf87e93bdf7da8af8f5f626541afd142e24ee8f4be9f038453c0edf500deabfe4d1a7a9de51df012bc2f3b767b3c03be6ace8c37ad571323cd363116e01f98a8ff8148d3900a65b788e99ddf9d9a2383f1730c7868d2dd031034bce5a77bd1ef3385105968be7bd830bde788092f657be36f89ea55ced486e18982d01339ed04a934a43c7b3be5e6bd03cbe773a938f621809345ec07cfceb013e3d76d500d97c8bee6ff54980ac3d221fcb35724ba64adb29ae8db909e097d78ff9542196635a14266944b850c9d436e96cc806a88090cbfc9db7ce83231bc043ded67966cfd68b800f6030a85f6bb070a2a5b372be2dacea7884b42e76e164af04e47f90ce0694623dce23cd1471f1a6029f68331317073e1a2d8cfb16f821c867d35a609649cf36aa781fa0a381f934844366d4e3ab8dd239c6ec35c15f307a7ed07869aacec38d787fd9c08e9dda1a28bf1a15b004bb1d88aa429ee8e927f5a1e1445685d8923cad92c90c79726d5e73dfe741de35498842cf51a4f09b97b1c14d33213705b95e84a8853fab4e1ced6faecea9d9203b038594bceb202a9d47f862c4f1853db9a0a7bf98ed9d2e3012358b38d092bd1ed7efb1a9e582ac5ef30c9b476e185f537f40ae8189528b480436122a939967e8d862e01172245ebced9f5251dd302e7e974c1db40be1e9e79799c27384caf6485e7c469b77cd6b28f71e39f84d2adbe074dd2bed6636e6853655adc3d1a47eff697e8edba53e6b281aea94798d82da7d3e86d09d869e5e345316eeeced4e15fc39234a0b0104e0b205c95eda632d0e86b095b284f441a62cb0e7262bc1967ee75f5c2d459011b0c15f4c85b02150a8834eda7f84cc96dde04e4abbdf5985a9c7218797820251b5804cae80c9a726afddf36793ae52cfb38e4e19740d6e07e4ed7c01001ab87b7fb12d5b70a75938d234c83d863b1763aec37b41d204fc319c6e802734ed681ea179fe6cad4857c3ca0e236e7b9867688d8bd7749e919f2d4f57f2249c9ccaf76a23760569b0fbde2db12ca0169e74982c1f4f0494aae13f4838b3f50d9ab0f6e328250d6fc34c0156e4b754c5c648b4ef8af32c91859f9706048f029634cefd0d767e8b7743262cb8a468ad37dfa47a745495e3f03cfa1d4ed71af55453c0a25fa1122a9054bcc4d9960c9a54f36b6db55154ab7dd19890d9f8ff3549e0fbd5a655319566b7f9c72be0242e7ffb59020356c3ffb5b9c43858e69d7b677a9bc5b8a64721a51b75a254e07199a73726834bea05901455ad53b38116b953c970b2002d0d1f91deb73ccb7266fbb21aa8555599daed7585575ef3efbd737f2523018ba4645d862889d5c3d91b12f04166db8bffecde54ee278d0d5351f3bf1f8902ff3f4c24a8c0c8a4e6addc9baadc471813589324d3128a1b193137c15c01be9f367317b1c885301ff8e9df728efa37df27f65eb0464055091f2ed469fdab48f413e3978f73ff9dffeb85453e841f86594612ac91b50add8d14910748bfa903033662f3e735ce6d299ce52338a96035aa89f63bd59d151fb20c38125236cbc0d795ac6f8da4cafc74714ed62a23b017e15adcaade58385b78c6945fb30a2539c42b1e415879433b9fb6966c6d19ed19f9f90cbd360d936a8b9f8e03bca5a83c063651b4636a7783bbda6417c83e470a16dfb115344a527436242ace9341432b5816b5e6609d97d600e142ca3cf74cbc00e1d9ee203cdfad339ce460b294f3931c5bd8ae6da8fc14d66a01bae4a212ef3d914e58c13217c8ad91628636b56257c7ca41b404cc2d4b5d50e26ebefc74656c62b1b4e9b6c5b6cc8d79101460f719d95925630bf99e042018439c50026513d680ea573620132ded57dea9e2da4e16f17dbc171642b1e80a3f41311ee73441302285668792160db6614fdb30d25a5719d2ae03ab98ea167597c48dd8197e7faf6189d801134462027901506c5ff1ae2558d96722217f65131d2f429693ae9fae19c101319473608976d08cc1c0d98f789b0c364e8aca574321ab2857af1015f1588afd313503085db4d99961a9391db06c10477ceb44199f1648594e8f9b452fafdab49b1962d02ee77ebd31b7931174a729fa943cb18102130e7e08eaba77df066069c2c3564fc85881ba0dad12c4f06a9e6dea9fea53931ff85e38505eb7ad60a52e2a8a248b3f4d0d55eee31f75f110c70e3b12409a79a5a98b0156c6d2a5d94604b8fa202b12746a365c708c671316cc0ffff6e9b7139b337953be22672a4910e1eb28cccc023b77028e20a6d377a339372f0dc235069f41c2692b0a3a7e0f315f4aebeef435a46b2e8b8462739293f9184c01b1434e87bf3fd48be54bf437056a1d2cff0c7aa52578013f96b1d5100ca936ff029cfd6f9a093621f684196ed7e1d363a97c647c34fe5f2370e7ab9dc718a1fc317779ab8a04bc12c01b778d17eea0b546bce03475fc6373c860714df0322dde550186c553ebd61ed18c0b80655f0827a63d209117ca23b026c1ad30bac4d43a4611292c7049f855b829a3a17fd2b83c142078beed8ca07b7cb7cd624705ccc160246c81174a4d3a9f2057caffe84b1ac073375e065c1ff4e9e22e7d87b3adb40ff796132e4ed86e5fc9f9616f8e4116be96497621692fb516e9316cfd15ad01742a1de4aa35fe02861236295823edf4c48fc37faf55226044e393a3733d58e8ef0f0c7941bc30f09739f37dea2f395f2e9e9b2c31a11923a2d6c9b14f1bacce15094cbbd6445f3581c6d45b76943b4d0db8fd4d4acbdb91780f57c872827abd7a1f13290a0d17dda220493476c92ce65e33f07afcf763aec0e67450f547101f1a5ada0f760c8f12137679324e22c7a13fdf78575115acb0ae4a2818b7b3ead27eea5eccba6f7a34c61819382eebfad742a3c603c6d2f332726996b3e8fcbdfd56b436c1173b1b3bc1ab66a717e31f2f918f0bea3f4801e04c14c881c59324fd9bc38745dd0e47da6bc8e98fe74a760304d74f17cd3cfceb33503397cf592d2b6a51b641d559ba8d6dc449e19b289fd1a4b3772b3998181e787723fe3893362d8f3e346c0ab0abe933e9bdd9a82b377914018377af9d2cbc58ab4fc08cea2623174239cea585603b8acd20da923a44799b1745c3bd65640508f96a0d92a6a2fd8314573f10b4f6e6cbf61e8828bd6e69b1b0c47f5795917a5035b3424dc3cadd2aadbbafb9d18349fab41d79ba13660f2c9400ff87784b26c3e88785db8522c93d3d4f12608736a235c8b9fff98a17934fe36792cb1992ea1b72b5e151cfe82b4ebc4f510882e4b34ee9f6ada188b104ba36e8acbd7bafe39b32f957da45c2743017545fd61667d36d58952de0cdbacb3abc549e1001bf6d9b19f9a353bb84bd152e04c061c691b514d6f1b36a8895424ce210a4cd75d537443a2791dc68e9fff510358f7586d3b73ed04223e683adf6a1c79d3bc92a", 0xa8c}], 0x3}, 0x0)

1m8.724470502s ago: executing program 0 (id=726):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000080)='./file0/file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f0000000240)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000180)='./file0/file0\x00', &(0x7f00000003c0)='./file0\x00', 0x0, 0x2243005, 0x0)

1m8.660769808s ago: executing program 0 (id=728):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x127, &(0x7f0000000040)=ANY=[], 0x0)

1m7.514423496s ago: executing program 0 (id=733):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="81fdb318098e31b8ee1f0050b65c4993b8000000230001002a"], 0xb8}}, 0x0)
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x42a}}, {{0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x321}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000600)=""/128, 0x80}], 0x1, 0x111, 0x0)

1m7.43715558s ago: executing program 32 (id=733):
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="81fdb318098e31b8ee1f0050b65c4993b8000000230001002a"], 0xb8}}, 0x0)
r0 = socket$inet6(0xa, 0x80001, 0x0)
setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000fca000)={0x100000001, {{0xa, 0x4e20, 0x0, @mcast1}}}, 0x88)
setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000240)=ANY=[@ANYBLOB="01000000000000000a0000000000ff00ff010000000000000000000000000001000001000000000000000000e0ff00000000000000bd0000000000000000001300e4ec010000000040000000000000000000000000000000000000013da51fd47aa2e2f70000000000000000000000000000000000000000000000000000000000000067ff0000000000000005"], 0x310)
setsockopt$inet6_group_source_req(r0, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x42a}}, {{0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x321}}}, 0x108)
r1 = syz_open_procfs(0x0, &(0x7f00000003c0)='net/mcfilter6\x00')
preadv(r1, &(0x7f00000000c0)=[{&(0x7f0000000600)=""/128, 0x80}], 0x1, 0x111, 0x0)

3.388673273s ago: executing program 2 (id=1371):
syz_mount_image$hfs(&(0x7f0000000000), &(0x7f00000000c0)='./file0\x00', 0x10012, &(0x7f00000004c0)=ANY=[@ANYBLOB='codepage=cp775,umask=00000000007777,iocharset=koi8-ru,\x00'/64, @ANYBLOB="7b467be6d2ffd5dbc39d475a3efbcc1a8227f7877fce1eaf2d016780277d325666f07a12652e81e75be5e881b521fcda9e61566e2b548201f553091a16ad9bb6888f170e5d63f7a84c585f22f2397bf6c9fe0ad346d27e428fa6322e2a05eddacbf8af7162ea449789312db3927438", @ANYRES8], 0x4, 0x339, &(0x7f0000000140)="$eJzs3U9P1EwcB/DvtLtL94EHK2BIPBmUxBMBPGi8QAzxNXgwRIQlIayYKCZKTETPxngzMfHIzbPRt6AX4xvQEwfjSS/EgzUzne5Ol5m2C7iF7PeTuHbb+fObttPO7GYpiKhvXVv4unNpV/4TVQA+gKuAByAAKgDOYDx4sLGZW5DfWhKIc4p9aZY3GrasAXQOLZTvKhgy19G/EUVR9C031c+exELlEWYPNnjAgO6danvQ88gObc62cjtuV38xjrDYwx4eYrjMcIiIqHz6/u/pu8SQHr97HjCpx+En9f6fSI1v9sqL41ho3f+9+H0k5P45pTbJ+d7aZrOxEk/h5NH3klmirSzrORG1d3cN8ZnlDxpDLqMWOxWLV19dazamtlUBzzCnGcnG1OsKkoYormhrwAyACcvcNENW27MNqjZUZRtmHfGPZtVonQB/+I5X9uoWPxWISXwUn8WiCPEaK63xXyUScueoIxV2dJU4/ml3iaqVYZwq1cp2+KdVJWd1DXj/tt3Kumu/BvBlLDayFNE5fg+TOF/W3LkwgvTHCnHrZtytU7lGgYpQswYz12wr0W9rrrHOuuqr1WZjavlu03XSHy3rjE68EDfEBH7gHRaM8b8nU0/C3TNTvVyolPrMyGxPRaV0HMcU1YHvdNUzSbmeuvgV8xy3cQXD9x9trS81m4175S8kXeWA2c8dcTzxiahPR7lG/m+kQSAXqgCc5VTdm6wLf6Iosm6qoBeHoKqaevlNu8lb60tCX/MOV4W8cnZsmncnBjAPQK9JrggHqf1JK9dAu8BC2X/Jo63W2E/IJKoedJCkqtQmHwOFekp935qdnFyP/z/YVYhOoPbRx/jNsoOhMsixg4jnf8Z8ZVpddeRLmDH/ifIKN0qcccyARtTrf8VmcK1inePEwWQhZ851/iJwoaNGD0mNTzuLDXWcOI7fSnb/VYZYwBfc4uf/REREREREREREREREREREREREREQnTbe/Rtj/c4L8hXSNu334hzeIiIiIiIiIiIiIiIiIiIiIiIiIiIiIiA7HeP4v4KsnxtRsz//NelKT4sdPiAmO4vm/foHn/4rtLlpJRDZ/AwAA//9eD1xQ")
open(&(0x7f0000000040)='./file0\x00', 0x40, 0x0)
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x181)
getdents64(r0, &(0x7f0000000f80)=""/4096, 0x1000)

3.2732345s ago: executing program 2 (id=1374):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r1}, 0x0, &(0x7f0000000640)=r0}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r1, &(0x7f00000004c0)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r1, 0x0, 0x0}, 0x20)

3.254910076s ago: executing program 5 (id=1375):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = openat(r2, &(0x7f0000000000)='./file0\x00', 0x44804, 0x2)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x109c02, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x5100, 0x0)
getdents64(r3, 0x0, 0x0)
r5 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r5, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x7d, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000940)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000003100)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000001cc0)=""/252, 0xfc}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)}}], 0x4, 0x400000a0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

3.249767525s ago: executing program 2 (id=1376):
r0 = socket$kcm(0x10, 0x2, 0x4)
close(r0)
socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000011c0)=[{&(0x7f0000000780)="5c00000013006bcc9e3be35c6e17aa31076b876c1d0000007ea6f464160af36514001ac00800020004000200060003000364bc24eab556a705251e618294ff0051f60a84c9f4d4938037e786a6d0001000", 0x51}], 0x1, 0x0, 0x0, 0x1f00c00e}, 0x0)

3.200708105s ago: executing program 2 (id=1378):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, &(0x7f0000001600), 0xfc, 0x559e, &(0x7f0000005680)="$eJzs3X9sVeX9B/BzWwoN+C39jhUYfxAgBoMkyJYtjqB4MQa24eKlgsKcCEQlBivYRDcYqUWSZcaghU4EF5GQaDJjscM/FMywy7CMZfzY5hZjs4JSaZZsAzVrHDG69N77XO49l9tembNOXy/SnvPcz3me+9yT88d9X/qcGwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAURUcSc9+d0f3i0ZE1X77/Hz+e+OjGn4zfvX/roVvu23T/gjMjbto5a1nf+mlN8zdsbDjS/PS+ObdGUSLdL5Htf9u136q/88bbvlsdBly+MLOtrS31lJmuJzON4QUP9vcr/FkRRVFVbIDK7PbV7E5FwQC53cbiAQf0Tuui6O7J8ya1dT01bklyYU/xS6df9VBPYKhkr6ue89dSMv27InZErp136SUKLtFM//gF96m8CADgY5mZSm9yb0ezb3Fz7eZ4PdZOxtotsXZ4h9CS37gYmXGHl5rnpHh9iOaZzESFESXnGatnz3+unYr3j7VjUeNjzLPw0GykqS41z7Wx+lDNEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOCzZOzxo2tWtD2y575fdtQceff9OVc+8KWOw22LT4y8eunKHWum/HTWsr7105rmb9jYcKT56X1zbo2i2nS/RKZ74kTL5b9NjZ3fvXfcG427n6vpq8yOG7bD8g6OXg87s0ZH0cq8Sk8Y9q81UZQqLKSb0Y7iwl3pnW+HAgAAAJ8nX0n/rsi1M3GwqqCdSKfJRPpfkAmL77Quiu6ePG9SW9dT45YkF/Zc/HipEuMlLzherl17/ieRF4xD/I2Pd74eDm0sGmdg8RHjef7SMWPefmty/eSvT5v7xA3PjOru+r8nZ2xJ/bGu5oUrru+tf/a6ovxfO3D+D2dO/gcAAOA/If/HxxnYYPn/jqVTt7z+i2Grft3a8MTB+h1/bv3OMzsXneq54Ud9L09N3v7o1UX5f1LBUxbl/zDjkP8roovL/wAAAPBZ9t/O/8micQY2WP5vONM3+wcHX6vr+PucxXt+9dAVi8+e/tv8U7t3DV9zR8v6uoeuLMr/M8vL/8Pypx0e/F2Y8OrRUTSz/JMKAAAAFAj/737+o4WQ1zOfHMTz+rX/vKp5380ffPMbD97zpzff/s2xA7MnrdteN/PgyzfVf1j5ve3dRfk/WV7+r/p0Xi4AAABQhuePrpw773jPucfPvtB18vDu3pMznjyzrqnvdOslLatXbTr2WlH+T5WX/0cMzcsBAAAALuDeO59bsfnVl/oe2H/X2Ck9FVc1XpK4ZduOqU0TPuq8tPfy7VuL8v/y8vL/yOw2u/Ih06kz/BVC6+goqu7fWZspHIparskVAAAAgE9IyOlbP1ixbOzOsb3jj59+rObQG4dn/2Vt55yN13RXdW/uXNZ4WdH9AkJiL3X//3Cng7D+v+D+f0Xr//MKmbv+zXZjAAAAAL6Iitfzh9vjZ765oNT375e7/n9J3cQTiba33lv11XMHzo1ZsP/7129aV9/be8+El37/wz9M/6i6KP83l5f/K/O3n+T3/wEAAMBF+F/7/r+lReMMbLD7/zdV9DWsWrd3+uota7csTCw7UH3qwdV731+w5l9Tb36+qea6A0X5v6W8/B+2o/JfXkc4P5tGR9H4/p3s3QR/Hqa7OlZor8orZE58rMeNoUe20D4ir5C2Ntbja6OjaHL/TnOs8P+h0BIrnK3JFnbFCsdCIXs95Ap7YoWOcKVtq8lON154MRSyCyzawwqKUbklEbEe75Xq0V+4YI+u3JMDAAB8oYTwnM2yVYXNKB5l2xODHTBysAMqBjugcrADhsUOiB9Y6vFoeWEhPH575yMbNjVMSb7y8NzHfvbms40T9j1+WV3v5g9f2XbvxJ3TW6YW5f9d5eX/cCqGZzal1v9HYf1/9nsNc+v/l4dCbazQHgqp+B0DUuE5MmH34fActalsj7PjcwUAAAD4XAufC1QO8TwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/s3evcdJVd0JAj/d9INumqaNE9GMk3TUgGakaWwNw+AoaoxGRZpZddxkNBBoEGmE8FgFURtQZxziZ3ztrJnoCAoiu+qHGFeDwUhcxIw6iWLiA/Cxjq7r+h6VGM2E/XTfOkXVrS67EFDa+X7/6DpVv/O89eg69946FwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACA/xjuPfjlk4YunP0PHzace8nqqqmL/kfH6Mv+cNW3vvjUPy5b9G9h/i9GnLll3kEXHjd/wbR/6Vi++ogzQmjtKleWFC977oqvPtS613HP3jFw48wbb63fUpWpNxMP/Tr/lGfuXBxbfbF/CHeXhVCRDgypSwKVmft1sb5960LYI2wLZEu01SYl0g2HB2pCWBK2BbJVra4JoS4ncMqG+++7vDNxTU0IXwkhVKfbeKY6aaMmHRhUlQRq04HpFUngt1sT2cBPypMA7LD4Zsi+6Fe15mdo6L5ckddf5U7r2KcrPbw+MdFQPN/rR+3iTuWoSj/QukNPW0F17BIFb4+13m294N1WsJ2v8LTlfpHKfEPZui1UHcontk0aP6d9dnykPDQ19SlW0y56np9+e/6E7Un3mtdh7EDDTnkdXvrYiun9lo2+9OrNvxqz4ayaA3a0m0/lbNLc9K5WHTKvuV7zPEajfJ70grdfwbekRl+6Qghbzz17xtfnTDz7iD63PLnu1QcfrNty9pwFvzhz4nmLLj55w7/Pf6lg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MvFmfzM0BAACg1+gNe01Xnv/6X73+/bWtMxed/u23Dj73w71afz3i/gFVB7yxrqn1/I2ff6Vg/t9Y2vH/eMi/Lne0a0MY1ZVYNCCEvbseTwIrY3e+OyCEL3elWvMDR6UCa0PYpytxULaqVIm+sURjKvByfSYwKhVYHwOtqcDyGLgiFbg4BlalAhNiYG0qcHQMhCn54/hqfWYcJQdqYmBcshFXxbMQ3qmPraW21aZsVQAAADtJZnZYmX8351yHHc0Qp5eranrKEM/ALpqhOlVDegabnVYVraGipxrKe6ohO+6Ojx5+Qc1lPdVccBpGWX6GG9f85X2LXjzsC2P3mvj5xUMvmPKz8eGst++uerx5yYtv7XvEzesK5v/NHz3/r+6mI2UFx/9DGNv1N+Yuz0Tas/FxrXkZAAAAgB1w0R//xR61Lw85oGHT+2X3zl/7xKMrfrl5j1NOf3/c8a//8PCaxnsL5v+jSjv/P+4T6ZOTOTwSd0NMHRBCc34gqXZkYSA56t0vEwAAAIDeIHs8PnssfErmNjlFOz2fLszfup3544H/Ud3m//09/7P2jq3/+mLZBd89d0TNgKX/9GrHhBNOPvqW47/1zj4VB/yyvGD+31ra+f+1+bdJJ9bHXlw9IIS+OYEHYy87A10aY+D5I/MDmfGvjxtgcawqc2JCtqrFscS4GGhOBZYUK/FotsTe+YHMk5VtfFF2HFMyJXICAAAA8ImLuwPicfl4/n/LGSNO++vvzfrbha88eN7qCy75q+Ed80eedP/THzbMvXJp2PTmEQXz/3Hbd/5/1zy44PT+9n4hDK0IoU/6hwGP1CYLA8ZAXVkmcW9tUlefdFULa0MY2TmwdFUvZNb/r0ivMfh4TVJVDOy93y1vD+pMLKsJYWhu4IlvLz2sMzEnFcg2flpNCF/qHG268bv6Jo1Xphu/tm8IX8wJZKua0DeEzsaq0lX9r+rMdQzSVa2qDmHPnEC2quHVIcwNAPRW8X/pxNwHZ82dN3V8e3vbzF2YiDvxa8KkKe1tTROmt0+sLtKniak+561jtKBwTKVe+mZTZo2ixSsnV5aSzv5QsDm3rcyO/IIzBzP345ehyq5xHlKZd7clPeQD9y9sIuR8lSo25PJdPOTa3Eq2PYkF9cf8VaFf6DtnVtvMpvPGz549c1jyt9TshyR/43GmZFsNS2+r2u76VsLLo+hyWSkfd1sNyq1k6OxpM4bOmjtvyJRp4ye3TW47p+XQP2sZMXz410YM7RxUc/K3h5EO6q7m1Ei3Li1xWDtxpF+oyKnkk/jQkJCQ6G2J/f7L5odH77n+nOt/9tqPz+/3zdPu3fvImT889KqpD1Xve/ji24ccWDD/n/HR8//4qRM/+DPrMxQ7/t8QD/Mnj287zD8uBpaUevy/odjR/OyJAY2pQEcMdDjMDwAAwGdD3B0Z92bGndKbb1m/buOSlrk/aHin5dY17Utvuum+U39y58ATvjQ47LXhuhM+VzD/7yjt9/87af3/7NL1JxRb5v+gWKK52Pr/6WX+s+v/dxRb/z+9zH92/f8ln8L6/3OygdQmecf6/wAAwGfBJ7f+f4/L+6cvEFCQocfl/dMXCCjI0OMy/qVeIGC71/9f8+Bff6Wq35g7/qTlN/WXvPZ39xzWeuS6zTP/5Etb10+877qxt6wpmP9fUdr838L9AAAAsPv4z5ddU3H02Xff0bJu6sZxbw5+98m3lgzq80HF0Q+3j3xh4Bu3nlcw/19S2vz/k1//LxQ7/7+xWKC12MKA1v8DAACglyq2/t89Q1sa/zCm/x+eHvab5Q/ePPqnj/z898v3+/mJPyvfZ8Gxz8+8bFLB/H9VafP/eNpFeV7u2JsP65M17UJ6Tbs367M/GQAAAIDeoTw0NVWWmDdvYdSjPn6bT2eWAv2odK7vvXLt2ZtfmH7c46ev+7uaEwbvOWHaBasa/2b4gXd+ftQley7ddGrB/H9tafP/vN9lXPrYiun9lo2+9MOrN/9qzIazag7YdvwfAAAA2HVK3S8BAAAAAAAAAAAAAAB8+s7tWHzhI8uOfe+bt//F/kcseXXwbXcd+Lsh/V664qoHJq1648zJXy/4/X8Y21Wu2O//43X/4u8L/igvd2y15/X/MvdPOfH2uV1LFj5SH8L+uYGpC6fuETLX5h+cG7jvjIMGdiYWpkusefbolzoT30kHjh/yuS2dicNTgXFxkcR90oF4VcUt/VOBuLzi4+lA3B6r0oGqTOCy/sk4ytLb6pW6ZFuVpbfVxroQBuQEstvq7rqkjbL0AK9JBbID/F46EAd4ciZQnu7V7f2SXsVAXSx6Q7+kVwAA7Lbit8DKMGlKe1tz/Aofb79QkX8b5S1ZtqCw2rISm9+UWZps8crJlaWk+6S/i2671nhlqO4cwrCCr6u5Wcq6Rrlzaulh0/1RkSH3tNpbeZFyadu76aqKj6gmGVHThOntEyt7HHhLz1kOqegxy7CCyU5ulvKuTVpCLSX0pYQRlbhtSuhyvF8empr6pHL9eQw2hDw9vSJK/b1+7jp/xV4FuXluO/TKt758zE+f++CfP/9E/2+cVnP7rO+/e+KvX7//wEOOuG5C05otBfP/htLm/9W549qSuRhAR7yy3sgBIYwrcUQAAADw2XfbRbfecfr09a9MWlvx5GOPTS0fc3rl1vl3zp93ycZ7Fx9/2cErdjR+2Fm//f5vBu//b89e9dJPR+7zwA03/58nD3v8z3//8I8eeqduZZ+x7xXM/xtLm//HPViZQ8HJ3o618fr/iwaE0HVp/YYksDIO97sDQvhyV6o1lkguqH9CLNGcBFbGHSYHxRLjWvOr6hsDq1KBl+szgbWpwPoYyOyluCVkduVcWR/CYV2psfklZsQSDanAmBhoTAWaYqA5FegfA6NSgdf6ZwKtqcDDMRCm5G+rH/fPbCsAAIDtkZlnVebfDel53qqKnjKU9ZShtqcM5T1lqO4pQ7FRxPt3xAyVqZNXynIyVaZrrUnVUpAhXgx/u/tVkCE8mp8zXbCg6Xj+QfZ8g7L8DFf+4NlT1w+e/tDqzcd8beBt/zhkz4Obp9e9t+CGp3475pzrnv/TQQXz/+bS5v+1+bdJ6+vj/H/b9f+SwIOxe1fHU8cbY+D5I/MDmR0D6+Nkd3G2qtZMicykfXEsMSoGGlOBGTEwKhUYNzYTWDIwP5CZaWcbX5RtfEqmRE4AAAAAPnFxB0HcTRPn/zce9YOr3x8wccuyeTPvH9vyxMmjv3H1XT+6d/9ld767YvCAce99p2D+P6q0+X9sr19uYxfH3rzYP4S7y7b1JhsYUpcE4n6Muvjz+H3rQtgjZwdHtkRbbVKiKtVweKAm+YV6Vbqq1TXJGgPx/ikb7r/v8s7ENTUhfCVn70u2jWeqkzZq0oFBVUmgNh2YXpEE4p6fbOAn5UkAdlh2r2B8QWVOdclq6L5ckdffZ+WaoOnhFewD7SZfd7+52lWq0w9k9qlmbd/TVlAdu0TB22Otd1tvfLc1eLflfpHKfEPZui1UHcontk0aP6d9dnwk95esBXbR85z7K9VS0jvhddjx8Xvbs+p0B5pTHx/N3Zfr/nVYFqu79LEV0/stG33p1Zt/NWbDWTUHlNyNIuIPhX+05X9XPpWzeXe16pB5zfW6z5NWnye98d9Ao6cthHDZ9cfsu+TdX+/33A3Pnbqu7Maxr/7lrHs2Lf+bysNHrXv/yaGjLy+Y/7eWNv+vSN12+V3cmLMGhHBgzsZ9JG7+YwYkn4M5geRTcs/CQHLI/V/ri35yAgAAwM6W3d2R3V8wJXObnBCenicX5m/dzvxxf8WobvOX2u9j121cedLQN6474G8vOPGNv7/28Kceuv6ysnXL//vYD1avuXzxe08UzP/HffT8v2+qm47/O/7PLuL4f7d2913RfdMPdOzQruiC6tglHP/v1u7+bnP8v1uO/zv+3x3H/3vg+H+3dvenreBb0gxfujonwdff+fPfTbzpg7mN+x180lPPHDrxun+6quXuu0555b+de9601761uWD+P6O0+b/1/7pftC+7/t+4Yuv/zSi2/l+H9f8AAIBdqshCc+l5XsHqfQUZ0qv3FWTocYHAHpcYtP7fdq//t3Dkv1904Q+fb7n2nTvHXb5m07Fnvvr0utXPzFpx3Lnnv9V6112tBfP/jtLm//Hl0C+39d6y/l/j2CJVXREDMywMCAAAwO6o2A4CAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPl2HnvbO+5d8/R/aBv1ixc1/f+v/+7/P1q594JvfuGn4L6f86RllazZcM+LMLfMOuvC4+Qum/UvH8tVHnBHClK5yZUnxsueu+OpDrXsd9+wdAzfOvPHW+i3VmXorM7d/nJc7tvphfQhLch6pi4k36zvvbAuccuLtcys6E4/Uh7B/bmDqwql7dCaW14cwODdw3xkHDexMLEyXWPPs0S91Jr6TDhw/5HNbOhOHZwJl6e5e1z/pblm6u5f3D2FATiDb3bP751eVbeO4TKA83caKuqSNGKiLRa+tS9qIgfZYYkrfEIZWhNAnXdU/VydV9UlXdU91UlWfdFUXVYcwMoRQka7quaqkqor0yB+tSqqKgb33u+XtQZ2JpVUhDM0NPPHtpYd1JmamAtnG/1NVCF/qfMmkG/9xZdJ4Zbrx/1oZwhdDCFXpEu9VJCWq0iVeqAhhz5zAto1YEcLcwGdD/PSZmPvgrLnzpo5vb2+buQsTVZm2asKkKe1tTROmt0+sTvWpmLKc9NYFH3/sm96eP6HzdvHKyZWlpCsy5Sq7unxIZd7dlt2997FftbmVbHs+CuqP+atCv9B3zqy2mU3njZ89e+aw5G+p2Q9J/vbJRJNtNay3bKtBuZUMnT1txtBZc+cNmTJt/OS2yW3ntBz6Zy0jhg//2oihnYNqTv7ujJEu/eRH+oWKnEo+ife/hIREb0uU5326Ne/un+MFX/S3dbQyVHd9QBdMK3KzlHWNcmcM+qiPOeKP8zWlxxENK5g4FGQ5pOcsLQWTiW1ZapIsXV/rCiaHuTWVd23SeL88NDX1KbYdGvLv5m7e13dg8z6d2XSlpgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/swIEAAAAAAJD/ayNUVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYQcOBAAAAACA/F8boaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqgo7cCwAAAAAIMzfOoyeDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4FAAA//8fSxmR")
fchmodat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0xfffffffb)
mount$overlay(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000b80), 0x0, &(0x7f0000000180)={[{@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
syz_mount_image$vfat(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x10040, &(0x7f0000001140)=ANY=[@ANYBLOB="757466383d312c757466383d302c71756965742c7379735f696d6ddb41a8ac757461626c652c636f6465706167653d313235302c6e6f6e756d7461696c3d302c756e695f786c6174653d312c756e695f786c6174653d302c756e695f786c6174653d312c696f636861727365743d6d61636963656c616e642c756e695f786c6174653d302c73686f72746e616d653d77696e6e742c757466383d302c6572726f72733d72656d6f756e742d"], 0x26, 0x347, &(0x7f00000006c0)="$eJzs3T9oJNUfAPDvZpJsLnC/TfGDQ6vVTpDjErHQKuE44TCFniz+awxezj/Z9SCLC7HIXhrFUrERtLK7QsurxULEzsLWE+RUbLzu4IIjuzvZ2dndmATcPT0/nyJ8+b73nffezJCZJOTtK6uxdXkurty+fSsWFkoxu3p+Ne6UYilmIomeawEA3E/upGn8nvYUGpJxvT9cPIjmpzA3AGAyus//107nifK9nA0AMA2H/vxf9MzY7NWJTQsAmKCR5//DheahX/PPjv+zAADwr/Lciy89vbYecalaXYhovNeqtWrxZN6+diXeiHpsxrmoxH5E70Wh97bQ+frUxfUL56odPy9FrVPRqkU02q1a701hLenWl2M5KrGU1af9+qRTv9ytr0bEtXZ3/GiUWrW5WMzG/2ExNmMlKvH/kfqIi+sXVqrZAWqNg/p2xF4sHCyiM/+zUYnvXo2rUY/L0anN57+7XK2eT9cL9a3r5W6/I8xN5KIAAAAAAAAAAAAAAAAAAAAAAHDfO1vtW+rvf5M22q13Lw13WCrsj1PrNWf7A+3FYlRiPy0f7M7zfjK8P1Bxf55WbTZm7unKAQAAAAAAAAAAAAAAAAAA4J+juTMfG/X65nZz552twaA9kHnrm8+/OhXDfd5M8kzM9g5X6JPlYqAqiX552i9Pk0KfLEgi8s7Xb2THmikMUe6vYqS8E5RHmkrZnDbq9dMP/fTJuKo/8kwSI6elGJSy8QeaGv/rpf6i6vBg5Yg+N9M0Pax89+PRqihFzI5cuL8j+PrW6w881jzzeDfzZbbpwyOPVp6/+dFnv25t1CM7NfX6/HZzPz3JEKudsvwS5PdGKTvPB2f96APu5Zm97ebORvL9by88+MG3Q52T8fdPOph5+/CxvhjOzPeCzjSPs+S5MTf/+ODlu/279+QX7synqxs3dn/85bhVA98kbNQBAAAAAAAAAAAAAAAAAABTMfC/4ifwxLOTmxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAATF/++f8Dwd5I5jjB3XaMNpU3t5uHDn5qqksFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOA/7M8AAAD//8jnd14=")
fchownat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0xee01, 0x0, 0x1000)

2.329646732s ago: executing program 3 (id=1381):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x5, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, 0x0, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x84c, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x4, 0x92, 0xd, 0x11f4, 0xf, 0x100, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x80, 0x479, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0xd05, 0x7a, 0x11dc294f, 0x7, 0x5, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0xc31, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x5, 0x6, 0x4, 0x1, 0x3, 0xb9, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0xc, 0x5, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x5, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x2, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x7, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x7ff, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0x9, 0x66c, 0x7fc, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x2, 0x9, 0x2823, 0x8, 0xffffffff, 0x0, 0xffffffff, 0x8001, 0x0, 0x9, 0xd, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x5, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x17, 0x2, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffffff1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x6, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0x9, 0xce3a, 0x21f1, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x1, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0xc24, 0x2, 0x5, 0x1f, 0x7, 0x0, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x7ff, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x10, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x400009, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e9, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x5, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x2, 0x10, 0x3, 0x3, 0xbd, 0x9, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x53ad, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0xe4, 0xbcba, 0x80, 0x8, 0xc6, 0x9, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x80, 0x8, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0xffffffff, 0x401, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)

2.193267885s ago: executing program 4 (id=1383):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$L2TP_CMD_TUNNEL_CREATE(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000540)=ANY=[@ANYBLOB='\\\x00\x00', @ANYRES16=r1, @ANYBLOB="1709a70000000000000101000000080009003f00000014001f00000000000000ffe400000000000000011400200000000000000000000000ffff000000000500070000000000060002000100000008000a"], 0x5c}}, 0x0)

2.117021431s ago: executing program 4 (id=1384):
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

2.043574045s ago: executing program 4 (id=1385):
r0 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe, 0xd}}, [@TCA_RATE={0x4, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0x0, 0x491, 0x0, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00)
syz_emit_ethernet(0x72, &(0x7f0000000140)={@local, @random="c6eb8947e4e4", @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x64, 0x0, 0x0, 0x0, 0x1, 0x0, @rand_addr=0x64010100, @local}, @time_exceeded={0xb, 0xe0dbf46ca9d044ba, 0x0, 0x3, 0x0, 0x0, {0x12, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x89, 0x0, @private, @multicast1, {[@cipso={0x86, 0x1f, 0x3, [{0x2, 0x2}, {0x0, 0x5, "4eb8a6"}, {0x0, 0x12, "9606053d0006ff00800000b61af93a93"}]}, @lsrr={0x83, 0x13, 0x0, [@dev, @loopback, @multicast1, @multicast2]}]}}}}}}}, 0x0)

2.029050023s ago: executing program 3 (id=1386):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x50)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r1}, 0x0, &(0x7f0000000640)=r0}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1}, &(0x7f0000000240), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r1, &(0x7f00000004c0)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r1, 0x0, 0x0}, 0x20)

1.980996913s ago: executing program 5 (id=1387):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1000000, &(0x7f0000000000), 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, r1, 0xbff4, 0x100000002})

1.958442909s ago: executing program 1 (id=1388):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x81}, 0x2000c004)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xc, 0xa}, {0x0, 0x9}, {0xffff, 0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_OPTS={0x8, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4010}, 0x20000080)

1.933969044s ago: executing program 3 (id=1389):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000400)="14", 0x2, 0x0, 0x4}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})

1.933082304s ago: executing program 4 (id=1390):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x181002, 0x0)
ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000140)={0x49db, 0x0, 0x7, 0x201, 0x19})
write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e)
ioctl$TCSETS(r0, 0x40045431, &(0x7f00000001c0)={0x0, 0x6c6, 0x1, 0xb2, 0x10, "1b090000401400000a94c9355ab28b8725fd00"})
ioctl$TCSETSW2(r0, 0x402c542c, &(0x7f0000000000)={0x0, 0x6, 0xf0, 0x800937, 0x2, "516b238ddf008f4436106d6269bd9200", 0x3, 0x3})
r1 = syz_open_pts(r0, 0x20800)
readv(r1, &(0x7f0000000940)=[{&(0x7f0000000200)=""/231, 0xe7}], 0x1)

1.886828974s ago: executing program 3 (id=1391):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './bus\x00'}, 0x6e)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x5, 0xc, 0x43, 0x40, 0xc0, 0x1}, 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000100), &(0x7f00000001c0), 0x10f0, r2}, 0x38)

1.849376887s ago: executing program 1 (id=1392):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, 0x0)
write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="080008000600090000001400000045"], 0xfce)

1.848394137s ago: executing program 5 (id=1393):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x802, &(0x7f0000000100)={[{@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {@rodir}, {@fat=@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@shortname_mixed}, {@utf8no}, {@fat=@dmask={'dmask', 0x3d, 0x8}}, {@shortname_lower}, {@shortname_mixed}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@utf8no}]}, 0x29, 0x33e, &(0x7f0000000480)="$eJzs3T1sW1UUAODjPidOIpVkQEIwGTYkVDVBDDAlqopUkQGKLP4WIppAyTOVYmEpDHWzFDGCWJDY2DrAyIwYEGJjYKUDKiAWulVqxUP2e7aff0JThMPf9w3V6bnn+N13cxW/RMnNq+uxe2Eudm7evBELC5Worp9Zj1uVWIkTkUTuSgAA/yW3six+zXJ3r/5gqR/Nz3heAMDs9N7/Xz+Z/yeNiFosTq+8eqzzAgBm54hf/z87NXtpZtMCAGZo4v3/kZHhsW/zVwc/EwAA/Hs9/9LLz2xsRpyv1xcimu+2G+1GPDUcX4y4GGlsx+lYjjsR+YNC/rTQ/ffpc5tnT9e7flyJRrej3YhodtqN/ElhI+n112I1lmOl6M8G/Um3f7XXX4+IK53e9aNZaTfmYqnbvxMXv1+K7ViL5bh/oj/i3ObZtXrxAo1mv78TcRAL/Zvozv9ULMe3r8WlSONCdHuH87+8Wq+fyTZH+tvXar06AAAAAAAAAAAAAAAAAAAAAACYhVP1gZXB+TdZs9O+en68YGXkfJxGPryx0zvf5yA/Hyir9U/neS8ZPx9o9HyedqMaJ/7WOwcAAAAAAAAAAAAAAAAAAIB/jtb+fGyl6fZea/+d3XLQKWXe+vrTLxdjvObNZJiJav5yIzVFLkpdSQzas0F7lozUFEESMSy+9vlgxuWa2uAuJtq7QW1iqFLMaStNTz78w8fTun4bZpKYWJbRoFJcvzTUvC9P/UHX4cHaXWquZ1l2WPvljya7ohJRnfjA/RXBVzfeePDx1gNP9DJfFIc+PPrY8gvXP/zk592tNIqlSdP5vdad7E9fKyntn0qxzpUpO2F6cDDMHOy19reS73558aH3v+nXVPOdkEzfP1k58/bh1/psPDOfB91pHuVO56Zs/unBK7cHu/eeF3O+WLSfjtpV+iThoA4AAAAAAAAAAAAAAAAAADgWpd8VvwdPPje7GQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8Rv+/f9ScDCROUpwuxOTQ7XtvdahF1881lsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7PcAAAD//9Yzc50=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
open(0x0, 0x0, 0x100)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)

1.702627928s ago: executing program 5 (id=1394):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(0xffffffffffffffff, 0x6, 0x80000000000002, 0x0, 0x0)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x10)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000280)='nv', 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = openat$procfs(0xffffffffffffff9c, &(0x7f0000004180)='/proc/mdstat\x00', 0x0, 0x0)
read$FUSE(r4, &(0x7f0000006200)={0x2020}, 0x2020)
r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, 0x0)
prctl$PR_SET_TAGGED_ADDR_CTRL(0x37, 0x1)
socket$inet(0x2, 0x80000, 0x9)
timer_settime(0x0, 0x0, 0x0, 0x0)
ioctl$HCIINQUIRY(r5, 0x400448ca, 0x0)
connect$inet(r0, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r0, &(0x7f00000000c0), 0xffffffffffffffef, 0x0, 0x0, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)

1.684128834s ago: executing program 1 (id=1395):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000003c0)={'netdevsim0\x00', <r1=>0x0})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000001800)={0x6, 0x3, &(0x7f00000006c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', r1}, 0x94)

1.574763303s ago: executing program 2 (id=1396):
sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x20000080)
r0 = socket(0x10, 0x803, 0x0)
sendto(r0, &(0x7f0000000740)="120000001200e7ef007b00000000000000a1", 0x12, 0x0, 0x0, 0x0)
recvmmsg(r0, &(0x7f00000037c0)=[{{&(0x7f00000004c0)=@ethernet={0x0, @random}, 0xfdf4, &(0x7f0000000380)=[{&(0x7f0000000140)=""/100, 0x365}, {&(0x7f0000000280)=""/85, 0x7c}, {&(0x7f0000000fc0)=""/4096, 0x197}, {&(0x7f0000000400)=""/106, 0x645}, {&(0x7f0000000980)=""/73, 0x1b}, {&(0x7f0000000200)=""/77, 0x14}, {&(0x7f00000007c0)=""/154, 0x21}, {&(0x7f00000001c0)=""/17, 0x1d8}], 0x21, &(0x7f0000000600)=""/191, 0xffffffffffffff2f, 0xa1}}], 0x4000000000003b4, 0x2040000, &(0x7f0000003700)={0x77359400})

1.119583262s ago: executing program 2 (id=1397):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000000)='source', &(0x7f00000000c0)='%(:2', 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f00000000c0)='debugfs\x00', 0x1214040, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000003c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
r3 = openat(r2, &(0x7f0000000000)='./file0\x00', 0x44804, 0x2)
r4 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000040), 0x109c02, 0x0)
ioctl$BTRFS_IOC_GET_SUBVOL_INFO(r4, 0x5100, 0x0)
getdents64(r3, 0x0, 0x0)
r5 = socket(0x840000000002, 0x3, 0xff)
connect$inet(r5, &(0x7f0000000540)={0x2, 0x4e60, @dev={0xac, 0x14, 0x14, 0x28}}, 0x10)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7813, 0x3, 0x0, 0x7d, 0x1ff, 0x1, 0x1}, 0x1c)
recvmmsg$unix(0xffffffffffffffff, &(0x7f0000002d00)=[{{0x0, 0x0, &(0x7f0000000840)=[{&(0x7f0000000940)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000000380)=[{&(0x7f0000003100)=""/4096, 0x1000}], 0x1}}, {{0x0, 0x0, &(0x7f0000001dc0)=[{&(0x7f0000001cc0)=""/252, 0xfc}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)}}], 0x4, 0x400000a0, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000)

994.718907ms ago: executing program 4 (id=1398):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000008c0)={0x0, 0x0, &(0x7f0000000900)={&(0x7f0000000140)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x2}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x4000000}, 0x0)
r2 = socket(0x400000000010, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000004400)=@getchain={0x24, 0x66, 0xfff1, 0x70bd2b, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, {0xe, 0xfff2}, {0xa, 0xfff1}, {0x9, 0x1ffef}}}, 0x24}, 0x1, 0x0, 0x0, 0x10}, 0x800)

993.342507ms ago: executing program 3 (id=1399):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
r4 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000700)=@newtfilter={0x87c, 0x2c, 0xd3f, 0x70b524, 0x25dfdbfb, {0x0, 0x0, 0x0, r5, {0xfff3, 0xffe0}, {}, {0x7, 0xfff2}}, [@filter_kind_options=@f_flow={{0x9}, {0x84c, 0x2, [@TCA_FLOW_POLICE={0x848, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0x4, 0x9, 0x2, 0x2, 0x1ff, 0x4, 0x4, 0x92, 0xd, 0x11f4, 0xf, 0x100, 0x0, 0xfffffffe, 0x4, 0x7f, 0x9, 0x4, 0xa0000, 0x80, 0xc, 0x0, 0x6, 0xf290, 0x8e3, 0x6, 0x20a, 0x0, 0xfffffff3, 0x2b, 0x4, 0x4, 0x7, 0x6, 0xffff8001, 0x80, 0x479, 0x7, 0x1, 0x3, 0x4050732b, 0x1, 0xf5c8, 0x5e, 0x4, 0xf0, 0x7, 0x946, 0x5, 0x8001, 0xffff, 0xfffffff5, 0xbf2, 0x10001, 0x2, 0x8, 0xfffffffd, 0x8001, 0x6, 0x1, 0x7fffffff, 0xd05, 0x7a, 0x11dc294f, 0x7, 0x5, 0x0, 0x9, 0x1, 0x7, 0x1e8, 0x4, 0xc31, 0x8, 0x20000000, 0x80000000, 0x1, 0x9, 0x5, 0x5, 0x80000000, 0x3e64, 0x5, 0x8, 0x6, 0xfffffff6, 0x4, 0x10, 0x9, 0x8, 0xd, 0x2, 0x2, 0x2941, 0x1000, 0x8, 0xff, 0x4, 0x9, 0xf6e2, 0x5, 0x6, 0x4, 0x1, 0x3, 0xb9, 0x2ee, 0x444, 0x2, 0x9, 0xb966, 0xb2000, 0x33, 0x9a6d, 0x9, 0x8, 0x200, 0xc, 0x5, 0x89, 0x8, 0x100e, 0x7, 0x4, 0x3, 0x8, 0x3, 0x0, 0x6, 0xbfe8, 0x5, 0x8, 0x3, 0x6, 0x4, 0x4e8d, 0x2, 0x8e, 0xffffff42, 0x5, 0xe, 0x1, 0x6, 0xe, 0x2, 0x4, 0x8, 0x6, 0x1, 0x5, 0x9, 0xffffffff, 0x7, 0x5, 0x160000, 0x9, 0x8, 0x1640, 0x6, 0x6, 0x0, 0xaa, 0x2, 0xedd5, 0xfff, 0x8, 0x7fffffff, 0x8, 0x1, 0x2, 0x3, 0x8, 0x3, 0x0, 0x3, 0x34, 0x9, 0x3, 0x2, 0xffffcd43, 0x7, 0x8, 0x486, 0x1, 0x2, 0x5ca0, 0x3, 0x1000, 0x4, 0x7, 0x8, 0x5, 0x7, 0xfffffffd, 0x7, 0x8, 0xffffffff, 0x22, 0x4, 0x2, 0x0, 0x3, 0x1e, 0x3, 0x8, 0xa1, 0x81, 0x5, 0x1, 0x2, 0x2, 0x7ff, 0xf43, 0x3, 0x8, 0x3, 0x3, 0x4, 0x100000, 0x9, 0x66c, 0x7fc, 0x3, 0x0, 0x10001, 0x5, 0x0, 0x81, 0x2, 0x9, 0x2823, 0x8, 0xffffffff, 0x0, 0xffffffff, 0x8001, 0x0, 0x9, 0xd, 0x1, 0x9, 0x5, 0x1ff, 0xc79, 0x80000001, 0x200, 0xede5, 0x3, 0x3, 0x0, 0x3, 0x7, 0x8, 0x8, 0x1]}, @TCA_POLICE_TBF={0x3c, 0x1, {0x1, 0x5, 0x7, 0x7, 0x7, {0x4, 0x2, 0xfe00, 0xfe42, 0x4, 0x7}, {0x17, 0x2, 0xcf, 0x1, 0x800, 0x2}, 0x7, 0xa6, 0x3}}, @TCA_POLICE_RATE={0x404, 0x2, [0x5, 0x4, 0x0, 0x7, 0xfffffff1, 0x796, 0x5, 0xd2c1, 0x7ff, 0x20, 0x6, 0x9, 0x101, 0x5, 0x2, 0x9, 0xc, 0x800, 0x695, 0x401, 0x2, 0x7, 0x1000, 0x343d41f0, 0x0, 0x3, 0x3, 0x3, 0xc94, 0xa0, 0x1, 0x5, 0x81a, 0x1666, 0x80c, 0x9, 0xce3a, 0x21f1, 0x81, 0x5f82, 0x5ff, 0x3, 0xed, 0x4, 0x81, 0x401, 0x1, 0x5fb2, 0x8, 0xfffffe01, 0xc, 0x6, 0x2, 0x0, 0x6, 0x1, 0xffffffff, 0xb1e5, 0x0, 0x8, 0x4, 0x1, 0x0, 0x3, 0x9, 0x3, 0x1, 0xc24, 0x2, 0x5, 0x1f, 0x7, 0x0, 0x4, 0x3, 0x2, 0x4d, 0xffffffff, 0x4, 0x3, 0x6, 0x40, 0x1, 0x3, 0x2, 0x5, 0x1ff, 0x101, 0x8, 0xf48, 0x9, 0xffffffff, 0x200, 0x5, 0x76, 0x6, 0x3, 0x8000, 0x6, 0x9, 0x80000000, 0x6, 0x8001, 0xbe39, 0x7b7, 0x5, 0x7ff, 0xb, 0x4, 0x1, 0x8, 0x9, 0xb, 0x6, 0xdfcf, 0x0, 0x442ff558, 0xb481, 0x6, 0x3, 0x4, 0xe, 0x10000, 0x0, 0x31fe, 0xfffff2c1, 0xb, 0x3, 0x6, 0x7b, 0x21d, 0x6, 0xc, 0x10, 0xf91, 0x0, 0x62e, 0x2, 0xfffffffc, 0x5d8, 0x4, 0x5, 0x7, 0x1, 0x3, 0x7, 0x9, 0x5, 0xfffffff7, 0x0, 0x2, 0x7fff, 0x400009, 0x5, 0x8, 0x3, 0x0, 0x200, 0xdfb, 0x7, 0x9, 0x223ec3e9, 0xdaa, 0x0, 0x101, 0x1000, 0x4, 0x8, 0x8, 0xf, 0xb, 0x4, 0xfffffffb, 0x491, 0xfffffffb, 0xfffffff9, 0x9c, 0x3, 0x1, 0x4005, 0x5, 0x8001, 0x6, 0x10001, 0x1, 0x3, 0x80000000, 0x4, 0x38, 0x401, 0x2, 0x10, 0x3, 0x3, 0xbd, 0x9, 0x4, 0x5, 0x5, 0x81, 0x3, 0x202, 0x5, 0x9, 0x81, 0x6, 0x8, 0x79, 0x6, 0x8, 0x1, 0xea58, 0x29dc6e7b, 0x53ad, 0x7, 0xd77, 0xff, 0x8, 0x5, 0x0, 0x0, 0x12, 0x0, 0xf, 0xbb4f, 0x8, 0xe4, 0xbcba, 0x80, 0x8, 0xc6, 0x9, 0x81, 0x10000, 0x70, 0x3, 0x4, 0x80, 0x8, 0x3ff, 0xffffffff, 0x5, 0x7, 0x6, 0x5, 0x8001, 0xffffffff, 0x401, 0x7, 0xd, 0x81, 0x7, 0x5, 0xf417, 0x6, 0x5]}]}]}}]}, 0x87c}, 0x1, 0x0, 0x0, 0x4008848}, 0xc884)

231.143626ms ago: executing program 5 (id=1400):
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000240)={0x1b, 0x0, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x44, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="01000000120000007f00000001"], 0x48)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000680)={{r0}, &(0x7f00000007c0), 0x0}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000240), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000001380)={r0, &(0x7f00000004c0)}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f00000004c0)={r0, 0x0, 0x0}, 0x20)

227.485705ms ago: executing program 1 (id=1401):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000640), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000440))
sendmsg$BATADV_CMD_GET_NEIGHBORS(r0, &(0x7f0000004340)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x400c080}, 0x0)

157.953521ms ago: executing program 4 (id=1402):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000001c0)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff5653f, 0x70bd2a, 0x25dfdbfe, {0x0, 0x0, 0x0, r2, {0x0, 0x9}, {0xffff, 0xffff}}}, 0x24}, 0x1, 0x0, 0x0, 0x81}, 0x2000c004)
sendmsg$nl_route_sched(r1, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000200)=@newtfilter={0x44, 0x2c, 0xd27, 0x70bd28, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0xc, 0xa}, {0x0, 0x9}, {0xffff, 0x6}}, [@filter_kind_options=@f_flower={{0xb}, {0x14, 0x2, [@TCA_FLOWER_KEY_ETH_TYPE={0x6, 0x8, 0x8847}, @TCA_FLOWER_KEY_MPLS_OPTS={0x8, 0x63, 0x0, 0x1, @TCA_FLOWER_KEY_MPLS_OPTS_LSE={0x4}}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0x4010}, 0x20000080)

146.122179ms ago: executing program 1 (id=1403):
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000400)="14", 0x2, 0x0, 0x4}, 0x50)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8b18, &(0x7f0000000000)={'wlan0\x00'})

38.163647ms ago: executing program 1 (id=1404):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000480)='./file1\x00', 0x1000000, &(0x7f0000000000), 0x1, 0x7b9, &(0x7f00000007c0)="$eJzs3d9rHNUeAPDvbJLmR3tvcuFy7+1b4EJvoHRzU2Or4EPFBxEsFPTZNmy2oWaTLdlNaULAFhF8EVR8EPSlz/6ob776A3zS/8IHaamaFis+SGR2Z5M02c2vJtloPh+YzDkzsznnO+fMzNmdYTeAQ2sw/ZOLOB4RbycR/dnyJCK6aqnOiHP17R4uLvRERCGJpaWXfkpq2zxYXCjEqtekjmaZ/0TEV29EnMytL7cyNz85VioVZ7L8cHXq6nBlbv7UlamxieJEcfrMyOjo6bNPnj2ze7H+8t38sbvvPP+/T8/99vq/b7/1dRLn4li2bnUcu2UwBrN90pXuwkc8t9uFtVnS7gqwI+mh2VE/yuN49EdHLdVC737WDADYK69FxBIAcMgkrv8AcMg0Pgd4sLhQaEzt/URif917NiJ66vE/zKb6ms7snl1P7T5o34PkkTsjSUQM7EL5gxHx4eevnOjI8mk93EsD9sONmxFxaWBw/fk/WffMwnb9f6OVS9212eCaxYft+gPt9EU6/nmq2fgvtzz+iSbjn+76sfuvxy1/8+M/d+dxy9hIOv57pv5s25rx3/JDawMdWe5vtTFfV3L5SqmYntv+HhFD0dWd5kdqmzYfuQ3d//1+q/Kz8d/H6fTzu69+lJafzle2yN3p7H70NeNj1c5vHjfwzL2b0Zcl18SfLLd/0mL8e2GLZbzw9JsftFqXxp/G25jWx7+3lm5FnGja/ittmWz4fOJwrTsMNzpFE599/35fq/JXt386peWn892PtLl7N6PWAZJkZR/U1yzHP5Csfl6zsv0yvr3V/2WrdZvH37T/jx1JXq6lj2TLro9VqzMjEUeSF9cvP73y2ka+sX0a/9B/mx//9WKb9//0PeGlLcbfeffHT3Ye/95K4x/fuP+vaf+ebPHKks0Stx9OdrQqf2vtP1pLDWVL0vbfLK6t1GtnvRkAAAAAAAAAAAAAAAAAAAAAAAAAti8XEcciyeWX07lcPl//De9/Rl+uVK5UT14uz06PR+23sgeiK9f4qsv+Vd+HOpJ9H34jf3pN/omI+EdEvNfdW8vnC+XSeLuDBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDM0Ra//5/6obvdtQMA9kxPuysAAOw7138AOHy2d/3v3bN6AAD7x/t/ADh8tnz9v7S39QAA9o/3/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOyxC+fPp9PSr4sLhTQ/fm1udrJ87dR4sTKZn5ot5Avlmav5iXJ5olTMF8pTLf/RjfqsVC5fHY3p2evD1WKlOlyZm784VZ6drl68MjU2UbxY7Nq3yAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABg6ypz85NjpVJx5i+RuLES2C7/5962xtV3MHbvqkRnHIhqHOhEdxyIauwwsfos0duGMxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAn8MfAQAA//94WBdi")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000240)={0x17c04, r1, 0xbff4, 0x100000002})

1.382011ms ago: executing program 5 (id=1405):
r0 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000000)={0x0, 0x8000}, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r2 = socket$kcm(0x2, 0x3, 0x2)
openat$tcp_congestion(0xffffffffffffff9c, &(0x7f00000000c0), 0x1, 0x0)
ioctl$SIOCSIFHWADDR(r2, 0x8914, 0x0)
write$tun(r1, &(0x7f00000000c0)=ANY=[@ANYBLOB="080008000600090000001400000045"], 0xfce)

0s ago: executing program 3 (id=1406):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$vfat(&(0x7f00000000c0), &(0x7f0000000000)='./file0\x00', 0x802, &(0x7f0000000100)={[{@uni_xlateno}, {@iocharset={'iocharset', 0x3d, 'cp861'}}, {@rodir}, {@fat=@errors_continue}, {@iocharset={'iocharset', 0x3d, 'cp850'}}, {@shortname_mixed}, {@utf8no}, {@fat=@dmask={'dmask', 0x3d, 0x8}}, {@shortname_lower}, {@shortname_mixed}, {@shortname_winnt}, {@rodir}, {@utf8no}, {@utf8no}]}, 0x29, 0x33e, &(0x7f0000000480)="$eJzs3T1sW1UUAODjPidOIpVkQEIwGTYkVDVBDDAlqopUkQGKLP4WIppAyTOVYmEpDHWzFDGCWJDY2DrAyIwYEGJjYKUDKiAWulVqxUP2e7aff0JThMPf9w3V6bnn+N13cxW/RMnNq+uxe2Eudm7evBELC5Worp9Zj1uVWIkTkUTuSgAA/yW3six+zXJ3r/5gqR/Nz3heAMDs9N7/Xz+Z/yeNiFosTq+8eqzzAgBm54hf/z87NXtpZtMCAGZo4v3/kZHhsW/zVwc/EwAA/Hs9/9LLz2xsRpyv1xcimu+2G+1GPDUcX4y4GGlsx+lYjjsR+YNC/rTQ/ffpc5tnT9e7flyJRrej3YhodtqN/ElhI+n112I1lmOl6M8G/Um3f7XXX4+IK53e9aNZaTfmYqnbvxMXv1+K7ViL5bh/oj/i3ObZtXrxAo1mv78TcRAL/Zvozv9ULMe3r8WlSONCdHuH87+8Wq+fyTZH+tvXar06AAAAAAAAAAAAAAAAAAAAAACYhVP1gZXB+TdZs9O+en68YGXkfJxGPryx0zvf5yA/Hyir9U/neS8ZPx9o9HyedqMaJ/7WOwcAAAAAAAAAAAAAAAAAAIB/jtb+fGyl6fZea/+d3XLQKWXe+vrTLxdjvObNZJiJav5yIzVFLkpdSQzas0F7lozUFEESMSy+9vlgxuWa2uAuJtq7QW1iqFLMaStNTz78w8fTun4bZpKYWJbRoFJcvzTUvC9P/UHX4cHaXWquZ1l2WPvljya7ohJRnfjA/RXBVzfeePDx1gNP9DJfFIc+PPrY8gvXP/zk592tNIqlSdP5vdad7E9fKyntn0qxzpUpO2F6cDDMHOy19reS73558aH3v+nXVPOdkEzfP1k58/bh1/psPDOfB91pHuVO56Zs/unBK7cHu/eeF3O+WLSfjtpV+iThoA4AAAAAAAAAAAAAAAAAADgWpd8VvwdPPje7GQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA8Rv+/f9ScDCROUpwuxOTQ7XtvdahF1881lsFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB/7PcAAAD//9Yzc50=")
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_route(0x10, 0x3, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x3)
sched_setaffinity(0x0, 0x8, &(0x7f0000000580)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
bind$inet6(r1, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000000640)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000)
open(0x0, 0x0, 0x100)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x0, 0x0})
openat$rtc(0xffffffffffffff9c, 0x0, 0x0, 0x0)
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
openat$comedi(0xffffffffffffff9c, &(0x7f0000000080)='/dev/comedi3\x00', 0x400, 0x0)

kernel console output (not intermixed with test programs):

vsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.074247][ T4327] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.078305][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   30.079830][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   30.081432][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   30.082925][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   30.085027][ T4320] device veth0_macvtap entered promiscuous mode
[   30.087307][ T4321] device veth0_vlan entered promiscuous mode
[   30.098889][ T4320] device veth1_macvtap entered promiscuous mode
[   30.105941][ T4321] device veth1_vlan entered promiscuous mode
[   30.117868][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   30.119475][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   30.123360][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   30.124806][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   30.126403][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   30.134638][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.136229][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.137708][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.139265][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.142728][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.146673][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   30.148138][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   30.149642][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   30.152771][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   30.154378][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.157865][ T4328] device veth0_vlan entered promiscuous mode
[   30.173197][ T4328] device veth1_vlan entered promiscuous mode
[   30.175911][  T283] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.177146][  T283] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.178787][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   30.181075][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.190311][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.192199][ T1604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.193399][ T1604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.195018][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.196430][ T4320] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.197963][ T4320] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.203677][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.205238][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   30.206823][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   30.208285][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.209736][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   30.212626][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   30.233331][ T1604] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.234219][ T4321] device veth0_macvtap entered promiscuous mode
[   30.234635][ T1604] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.237515][ T4320] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.238775][ T4320] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.239952][ T4320] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.243148][ T4320] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.246691][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   30.248331][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   30.249742][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.252398][ T4321] device veth1_macvtap entered promiscuous mode
[   30.255760][ T4376] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.256963][ T4376] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.258567][ T4328] device veth0_macvtap entered promiscuous mode
[   30.262117][ T4328] device veth1_macvtap entered promiscuous mode
[   30.264365][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   30.265808][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.267216][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   30.268710][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   30.270445][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   30.271694][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   30.299314][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.302539][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.304035][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.305454][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.306804][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.308304][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.311687][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.313786][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   30.315383][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.318377][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.324286][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.325791][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.327339][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.328777][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.334315][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.335873][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   30.337444][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.339698][ T4321] batman_adv: batadv0: Interface activated: batadv_slave_0
[   30.342740][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.344280][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.345719][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.347227][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.348629][ T4321] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.350548][ T4321] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.352837][ T4321] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.358072][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   30.359838][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   30.361464][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   30.363062][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   30.365797][ T4321] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.367198][ T4321] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.368535][ T4321] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.369824][ T4321] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.386764][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.388415][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.389917][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.393910][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.395385][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.397001][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.398394][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   30.398463][ T4403] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3'.
[   30.399942][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   30.405328][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_1
[   30.409200][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   30.411168][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   30.415051][ T4376] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.416290][ T4376] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.417671][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.469906][ T4328] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   30.472927][ T4328] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   30.474770][ T4328] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   30.476259][ T4328] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   30.480091][ T4395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.481239][ T4395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.483876][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.495373][ T4395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.496591][ T4395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.497923][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.546650][ T1604] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.547966][ T1604] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.549186][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.569591][ T1604] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.571440][ T1604] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.576949][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   30.594861][ T4395] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   30.596095][ T4395] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   30.597319][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   30.656164][ T4419] syz.1.2 uses obsolete (PF_INET,SOCK_PACKET)
[   30.731499][ T4369] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   30.759303][ T4425] device syzkaller0 entered promiscuous mode
[   30.886054][ T4436] loop2: detected capacity change from 0 to 512
[   30.908218][ T4436] EXT4-fs (loop2): 1 truncate cleaned up
[   30.909104][ T4436] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   30.910546][ T4369] usb 1-1: Using ep0 maxpacket: 32
[   30.915669][ T4369] usb 1-1: New USB device found, idVendor=17cc, idProduct=1021, bcdDevice= 0.40
[   30.916998][ T4369] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   30.918502][ T4369] usb 1-1: Product: syz
[   30.919108][ T4369] usb 1-1: Manufacturer: syz
[   30.919770][ T4369] usb 1-1: SerialNumber: syz
[   30.938249][ T4333] EXT4-fs (loop2): unmounting filesystem.
[   31.133046][ T4446] loop2: detected capacity change from 0 to 512
[   31.135507][ T4446] FAT-fs (loop2): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   31.196988][ T4451] loop2: detected capacity change from 0 to 128
[   31.210315][ T4331] Bluetooth: hci3: command 0x041b tx timeout
[   31.211368][ T4331] Bluetooth: hci0: command 0x041b tx timeout
[   31.212394][ T4331] Bluetooth: hci2: command 0x041b tx timeout
[   31.213372][ T4331] Bluetooth: hci1: command 0x041b tx timeout
[   31.214318][ T4331] Bluetooth: hci4: command 0x041b tx timeout
[   33.300063][ T4325] Bluetooth: hci4: command 0x040f tx timeout
[   33.301129][ T4325] Bluetooth: hci1: command 0x040f tx timeout
[   33.302049][ T4325] Bluetooth: hci2: command 0x040f tx timeout
[   33.303136][ T4325] Bluetooth: hci0: command 0x040f tx timeout
[   33.304069][ T4325] Bluetooth: hci3: command 0x040f tx timeout
[   35.370044][ T4331] Bluetooth: hci3: command 0x0419 tx timeout
[   35.371091][ T4331] Bluetooth: hci0: command 0x0419 tx timeout
[   35.372018][ T4331] Bluetooth: hci2: command 0x0419 tx timeout
[   35.372941][ T4331] Bluetooth: hci1: command 0x0419 tx timeout
[   35.373858][ T4331] Bluetooth: hci4: command 0x0419 tx timeout
[   35.943106][ T4369] usb 1-1: 1:1 : UAC_AS_GENERAL descriptor not found
[   35.945105][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.946418][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.947636][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.948935][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.950290][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.951608][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.953352][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   35.954668][ T4369] usb 1-1: unable to issue vendor read request (ret = -32)
[   41.701718][ T4369] usb 1-1: USB disconnect, device number 2
[   41.787527][ T4473] loop3: detected capacity change from 0 to 256
[   41.789022][ T4473] FAT-fs (loop3): Unrecognized mount option "0xffffffffffffffffÿÿÿÿÿÿÿÿÿÿ18446744073709551615ÿÿÿÿÿÿÿÿ" or missing value
[   41.915990][ T4476] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   42.238966][ T4492] loop1: detected capacity change from 0 to 512
[   42.240680][ T4492] =======================================================
[   42.240680][ T4492] WARNING: The mand mount option has been deprecated and
[   42.240680][ T4492]          and is ignored by this kernel. Remove the mand
[   42.240680][ T4492]          option from the mount to silence this warning.
[   42.240680][ T4492] =======================================================
[   42.249641][ T4492] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   42.354724][ T4501] device syzkaller0 entered promiscuous mode
[   42.356826][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   42.443288][ T4509] loop4: detected capacity change from 0 to 512
[   42.481443][ T4509] EXT4-fs error (device loop4): ext4_validate_block_bitmap:429: comm syz.4.41: bg 0: block 5: invalid block bitmap
[   42.484335][ T4509] EXT4-fs error (device loop4) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   42.486117][ T4509] EXT4-fs error (device loop4): ext4_free_branches:1030: inode #11: comm syz.4.41: invalid indirect mapped block 3 (level 2)
[   42.496116][ T4509] EXT4-fs (loop4): 1 orphan inode deleted
[   42.498882][ T4509] EXT4-fs (loop4): 1 truncate cleaned up
[   42.499799][ T4509] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   42.521174][ T4513] binder: 4512:4513 tried to acquire reference to desc 0, got 1 instead
[   42.534317][ T4328] EXT4-fs (loop4): unmounting filesystem.
[   42.602699][ T4505] loop1: detected capacity change from 0 to 512
[   42.618111][ T4505] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   42.623102][ T4505] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   42.627034][ T4505] EXT4-fs (loop1): 1 truncate cleaned up
[   42.628232][ T4505] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   42.718094][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   43.333829][ T4370] binder: release 4512:4513 transaction 5 out, still active
[   43.335619][ T4370] binder: undelivered TRANSACTION_COMPLETE
[   43.340107][ T4369] binder: send failed reply for transaction 5, target dead
[   43.441071][ T4543] loop3: detected capacity change from 0 to 512
[   43.456056][ T4543] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   43.503945][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   53.544402][ T4549] loop4: detected capacity change from 0 to 164
[   53.693455][ T4565] vcan0: tx drop: invalid sa for name 0xffffffffffffffff
[   54.452090][ T4572] binder: 4571:4572 tried to acquire reference to desc 0, got 1 instead
[   54.547004][ T4578] loop3: detected capacity change from 0 to 512
[   54.583280][ T4578] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   54.615958][   T22] binder: release 4571:4572 transaction 14 out, still active
[   54.617174][   T22] binder: undelivered TRANSACTION_COMPLETE
[   54.628393][   T22] binder: send failed reply for transaction 14, target dead
[   54.978118][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   55.052708][ T4591] netlink: 60 bytes leftover after parsing attributes in process `syz.4.65'.
[   55.069181][ T4591] netlink: 60 bytes leftover after parsing attributes in process `syz.4.65'.
[   55.076754][ T4591] netlink: 60 bytes leftover after parsing attributes in process `syz.4.65'.
[   55.361996][ T4608] loop3: detected capacity change from 0 to 1024
[   55.363402][ T4608] EXT4-fs: inline encryption not supported
[   55.382768][ T4608] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   55.425092][ T4608] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   55.461722][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   56.323196][ T4629] binder: 4628:4629 tried to acquire reference to desc 0, got 1 instead
[   56.336182][ T4629] binder: 4628:4629 got new transaction with bad transaction stack, transaction 23 has target 4628:0
[   56.344515][ T4629] binder: 4628:4629 transaction call to 4628:0 failed 28/29201/-71, size 0-0 line 3105
[   56.352588][ T4629] binder: 4628:4629 ioctl c0306201 0 returned -14
[   56.358154][ T4370] binder: release 4628:4629 transaction 23 out, still active
[   56.359394][ T4370] binder: undelivered TRANSACTION_COMPLETE
[   56.360715][ T4370] binder: undelivered TRANSACTION_ERROR: 29201
[   56.389923][ T4370] binder: send failed reply for transaction 23, target dead
[   56.933395][ T4638] device vlan2 entered promiscuous mode
[   56.934380][ T4638] device bridge0 entered promiscuous mode
[   57.030557][  T283] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[   57.104398][ T4642] loop0: detected capacity change from 0 to 512
[   57.127067][ T4642] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.82: bg 0: block 4: invalid block bitmap
[   57.129814][ T4642] EXT4-fs (loop0): Remounting filesystem read-only
[   57.143304][ T4642] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   57.154027][ T4642] EXT4-fs (loop0): Remounting filesystem read-only
[   57.163985][ T4642] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.82: invalid indirect mapped block 1 (level 1)
[   57.166243][ T4642] EXT4-fs (loop0): Remounting filesystem read-only
[   57.167296][ T4642] EXT4-fs (loop0): 1 truncate cleaned up
[   57.168193][ T4642] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   57.242398][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   58.022214][ T4659] binder: 4658:4659 tried to acquire reference to desc 0, got 1 instead
[   58.024233][ T4659] binder: 4658:4659 got new transaction with bad transaction stack, transaction 33 has target 4658:0
[   58.025982][ T4659] binder: 4658:4659 transaction call to 4658:0 failed 38/29201/-71, size 0-0 line 3105
[   58.027890][ T4659] binder: 4658:4659 ioctl c0306201 0 returned -14
[   58.029283][ T4370] binder: release 4658:4659 transaction 33 out, still active
[   59.252973][ T4680] loop2: detected capacity change from 0 to 128
[   59.255096][ T4679] netlink: 12 bytes leftover after parsing attributes in process `syz.3.97'.
[   59.477045][ T4688] binder: 4685:4688 tried to acquire reference to desc 0, got 1 instead
[   59.485149][ T4688] binder: 4685:4688 got new transaction with bad transaction stack, transaction 43 has target 4685:0
[   59.569158][ T4690] loop3: detected capacity change from 0 to 512
[   59.628163][ T4690] EXT4-fs: Ignoring removed bh option
[   59.640878][ T4690] EXT4-fs (loop3): mounting ext3 file system using the ext4 subsystem
[   59.694412][ T4690] EXT4-fs (loop3): 1 truncate cleaned up
[   59.695449][ T4690] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   59.787128][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   59.906463][ T4700] netlink: 4 bytes leftover after parsing attributes in process `syz.3.104'.
[   60.654551][ T4713] netlink: 12 bytes leftover after parsing attributes in process `syz.3.110'.
[   60.728586][ T4717] binder: 4714:4717 tried to acquire reference to desc 0, got 1 instead
[   60.731287][ T4717] binder: 4714:4717 got new transaction with bad transaction stack, transaction 53 has target 4714:0
[   60.732996][ T4717] binder_debug: 8 callbacks suppressed
[   60.733009][ T4717] binder: 4714:4717 transaction call to 4714:0 failed 58/29201/-71, size 0-0 line 3105
[   60.740682][   T22] binder: release 4714:4717 transaction 53 out, still active
[   60.741812][   T22] binder: undelivered TRANSACTION_COMPLETE
[   60.742842][   T22] binder: undelivered TRANSACTION_ERROR: 29201
[   60.757969][   T22] binder: send failed reply for transaction 53, target dead
[   60.853969][ T4723] netlink: 4 bytes leftover after parsing attributes in process `syz.0.115'.
[   61.216585][ T4738] netlink: 12 bytes leftover after parsing attributes in process `syz.0.122'.
[   61.304335][ T4742] binder: 4741:4742 tried to acquire reference to desc 0, got 1 instead
[   61.316212][ T4742] binder: 4741:4742 got new transaction with bad transaction stack, transaction 63 has target 4741:0
[   61.322677][ T4742] binder: 4741:4742 transaction call to 4741:0 failed 68/29201/-71, size 0-0 line 3105
[   61.324505][ T4366] binder: release 4741:4742 transaction 63 out, still active
[   61.325615][ T4366] binder: undelivered TRANSACTION_COMPLETE
[   61.326437][ T4366] binder: undelivered TRANSACTION_ERROR: 29201
[   61.342342][ T4366] binder: send failed reply for transaction 63, target dead
[   61.369293][ T4744] loop0: detected capacity change from 0 to 1024
[   61.441428][ T4744] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   61.443521][ T4748] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6erspan0
[   61.456373][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   61.560662][ T4753] loop1: detected capacity change from 0 to 1764
[   61.609423][ T4555] I/O error, dev loop1, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   61.966489][ T4771] binder: 4770:4771 tried to acquire reference to desc 0, got 1 instead
[   61.971917][ T4771] binder: 4770:4771 got new transaction with bad transaction stack, transaction 73 has target 4770:0
[   62.248272][ T4774] loop0: detected capacity change from 0 to 512
[   62.365536][ T4774] Zero length message leads to an empty skb
[   62.900263][ T4782] loop2: detected capacity change from 0 to 512
[   62.915743][ T4782] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.139: bg 0: block 5: invalid block bitmap
[   62.918090][ T4782] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   62.919751][ T4782] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.139: invalid indirect mapped block 3 (level 2)
[   62.922851][ T4782] EXT4-fs (loop2): 1 orphan inode deleted
[   62.925016][ T4782] EXT4-fs (loop2): 1 truncate cleaned up
[   62.925923][ T4782] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   62.951432][ T4786] batman_adv: Cannot find parent device. Skipping batadv-on-batadv check for ip6erspan0
[   62.956604][ T4333] EXT4-fs (loop2): unmounting filesystem.
[   63.006120][ T4788] loop2: detected capacity change from 0 to 1024
[   63.014323][ T4788] EXT4-fs: inline encryption not supported
[   63.015242][ T4788] EXT4-fs: Ignoring removed i_version option
[   63.020517][ T4788] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   63.050149][ T4788] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   63.076896][ T4333] EXT4-fs (loop2): unmounting filesystem.
[   63.104868][ T4796] binder: 4795:4796 tried to acquire reference to desc 0, got 1 instead
[   63.124573][ T4796] binder: 4795:4796 got new transaction with bad transaction stack, transaction 83 has target 4795:0
[   63.427191][ T4814] loop0: detected capacity change from 0 to 512
[   63.458144][ T4814] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.151: bg 0: block 5: invalid block bitmap
[   63.464041][ T4814] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   63.466078][ T4814] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.151: invalid indirect mapped block 3 (level 2)
[   63.478983][ T4814] EXT4-fs (loop0): 1 orphan inode deleted
[   63.482186][ T4814] EXT4-fs (loop0): 1 truncate cleaned up
[   63.483068][ T4814] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   63.522696][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   63.554082][ T4818] loop0: detected capacity change from 0 to 128
[   63.619222][ T4820] loop0: detected capacity change from 0 to 256
[   63.686580][ T4822] IPVS: fo: FWM 3 0x00000003 - no destination available
[   64.185442][ T4838] netlink: 12 bytes leftover after parsing attributes in process `syz.4.162'.
[   64.226928][ T4841] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.163: bg 0: block 5: invalid block bitmap
[   64.229339][ T4841] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   64.231542][ T4841] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.163: invalid indirect mapped block 3 (level 2)
[   64.233917][ T4841] EXT4-fs (loop2): 1 orphan inode deleted
[   64.234890][ T4841] EXT4-fs (loop2): 1 truncate cleaned up
[   64.235914][ T4841] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   64.263850][ T4333] EXT4-fs (loop2): unmounting filesystem.
[   64.274805][ T4844] set_capacity_and_notify: 1 callbacks suppressed
[   64.274815][ T4844] loop4: detected capacity change from 0 to 128
[   64.481368][ T4857] netlink: 'syz.4.170': attribute type 13 has an invalid length.
[   64.491315][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[   64.492517][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[   64.595325][ T4857] bridge0: port 2(bridge_slave_1) entered disabled state
[   64.596865][ T4857] bridge0: port 1(bridge_slave_0) entered disabled state
[   65.352060][ T4872] netlink: 12 bytes leftover after parsing attributes in process `syz.0.174'.
[   65.459182][ T4857] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   65.477950][ T4857] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   65.776843][ T4857] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   65.778364][ T4857] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   65.779731][ T4857] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   65.781425][ T4857] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   66.008005][ T4870] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check.
[   66.060992][ T4881] loop3: detected capacity change from 0 to 128
[   66.071005][ T4877] netlink: 4 bytes leftover after parsing attributes in process `syz.0.175'.
[   66.093637][ T4879] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[   66.197107][ T4895] Cannot find del_set index 0 as target
[   66.236806][ T4898] loop1: detected capacity change from 0 to 512
[   66.247870][ T4898] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   66.259689][ T4903] netlink: 12 bytes leftover after parsing attributes in process `syz.4.187'.
[   66.676833][ T4931] device syzkaller0 entered promiscuous mode
[   66.787539][ T4934] netlink: 12 bytes leftover after parsing attributes in process `syz.4.200'.
[   67.092008][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   67.328487][ T4950] loop0: detected capacity change from 0 to 512
[   67.347404][ T4950] EXT4-fs error (device loop0): ext4_validate_block_bitmap:429: comm syz.0.206: bg 0: block 5: invalid block bitmap
[   67.349394][ T4950] EXT4-fs error (device loop0) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   67.353044][ T4950] EXT4-fs error (device loop0): ext4_free_branches:1030: inode #11: comm syz.0.206: invalid indirect mapped block 3 (level 2)
[   67.359279][ T4950] EXT4-fs (loop0): 1 orphan inode deleted
[   67.362646][ T4950] EXT4-fs (loop0): 1 truncate cleaned up
[   67.363495][ T4950] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   67.403993][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   67.583177][ T4956] device syzkaller0 entered promiscuous mode
[   67.585520][ T4366] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   68.573029][ T4965] netlink: 12 bytes leftover after parsing attributes in process `syz.3.211'.
[   68.847030][ T4974] loop3: detected capacity change from 0 to 512
[   68.852461][ T4974] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   69.287599][ T4982] loop2: detected capacity change from 0 to 512
[   69.291291][ T4982] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm syz.2.217: bg 0: block 5: invalid block bitmap
[   69.293465][ T4982] EXT4-fs error (device loop2) in ext4_mb_clear_bb:6181: Corrupt filesystem
[   69.295154][ T4982] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.217: invalid indirect mapped block 3 (level 2)
[   69.297462][ T4982] EXT4-fs (loop2): 1 orphan inode deleted
[   69.298392][ T4982] EXT4-fs (loop2): 1 truncate cleaned up
[   69.299313][ T4982] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   69.316976][ T4333] EXT4-fs (loop2): unmounting filesystem.
[   69.612973][   T24] cfg80211: failed to load regulatory.db
[   69.738404][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   69.920403][ T4936] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[   70.119626][ T4998] netlink: 12 bytes leftover after parsing attributes in process `syz.4.223'.
[   70.231501][ T5002] capability: warning: `syz.0.224' uses 32-bit capabilities (legacy support in use)
[   70.482103][ T5019] loop0: detected capacity change from 0 to 512
[   70.506871][ T5019] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   70.510673][ T5017] device syzkaller0 entered promiscuous mode
[   71.286971][ T5032] loop2: detected capacity change from 0 to 128
[   71.324823][ T4327] EXT4-fs (loop0): unmounting filesystem.
[   71.421602][ T5040] netlink: 12 bytes leftover after parsing attributes in process `syz.0.237'.
[   71.911099][ T5053] device syzkaller0 entered promiscuous mode
[   73.086398][ T5072] loop2: detected capacity change from 0 to 512
[   73.118960][ T5072] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   73.179507][ T5076] loop4: detected capacity change from 0 to 128
[   73.291322][ T5078] netlink: 12 bytes leftover after parsing attributes in process `syz.4.250'.
[   73.611514][ T5093] device syzkaller0 entered promiscuous mode
[   73.613956][ T4371] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   73.634495][ T5095] xt_hashlimit: size too large, truncated to 1048576
[   73.676700][ T4333] EXT4-fs (loop2): unmounting filesystem.
[   73.719486][ T5104] loop2: detected capacity change from 0 to 128
[   73.822416][ T5108] netlink: 24 bytes leftover after parsing attributes in process `syz.2.261'.
[   73.876782][ T5110] netlink: 328 bytes leftover after parsing attributes in process `syz.2.263'.
[   73.917996][ T5112] loop3: detected capacity change from 0 to 512
[   73.935758][ T5112] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   74.354812][ T5112] EXT4-fs (loop3): 1 truncate cleaned up
[   74.356022][ T5112] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   74.365807][ T5121] netlink: 12 bytes leftover after parsing attributes in process `syz.2.265'.
[   75.247056][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   75.302009][ T5133] loop1: detected capacity change from 0 to 512
[   75.344926][ T5133] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   75.412195][ T5135] device syzkaller0 entered promiscuous mode
[   75.414551][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[   75.557961][ T5141] device netdevsim0 entered promiscuous mode
[   75.563155][ T5143] loop3: detected capacity change from 0 to 128
[   76.197047][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   76.279071][ T5160] netlink: 12 bytes leftover after parsing attributes in process `syz.1.280'.
[   76.844725][ T5177] loop1: detected capacity change from 0 to 512
[   76.863598][ T5177] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[   76.974195][ T5177] EXT4-fs (loop1): 1 truncate cleaned up
[   76.975717][ T5177] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   77.102683][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   77.703642][ T5204] loop3: detected capacity change from 0 to 512
[   77.736241][ T5204] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   78.533058][ T4320] EXT4-fs (loop3): unmounting filesystem.
[   78.554291][ T5219] netlink: 12 bytes leftover after parsing attributes in process `syz.3.295'.
[   89.037422][ T5250] loop0: detected capacity change from 0 to 512
[   89.077281][ T5250] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   89.516733][ T5268] loop1: detected capacity change from 0 to 512
[   89.557998][ T5268] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[   89.559386][ T5268] System zones: 1-12
[   89.561457][ T5268] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.314: corrupted in-inode xattr
[   89.564480][ T5268] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.314: couldn't read orphan inode 15 (err -117)
[   89.572671][ T5268] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[   89.607271][ T5268] process 'syz.1.314' launched '/dev/fd/4' with NULL argv: empty string added
[   89.626646][ T4321] EXT4-fs (loop1): unmounting filesystem.
[   89.749851][ T5283] loop1: detected capacity change from 0 to 512
[   89.756889][ T5283] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[   89.783940][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  100.350322][ T5269] device syzkaller0 entered promiscuous mode
[  100.355833][ T5286] netlink: 'syz.0.319': attribute type 13 has an invalid length.
[  100.370475][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  100.414043][ T5290] loop1: detected capacity change from 0 to 128
[  100.546184][ T5286] bridge0: port 2(bridge_slave_1) entered disabled state
[  100.547509][ T5286] bridge0: port 1(bridge_slave_0) entered disabled state
[  101.313350][ T5302] RDS: rds_bind could not find a transport for ::a:0:0, load rds_tcp or rds_rdma?
[  101.477198][ T5286] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  101.497885][ T5286] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  101.553747][ T5310] loop2: detected capacity change from 0 to 512
[  101.555134][ T5310] EXT4-fs: Ignoring removed nobh option
[  101.562448][ T5310] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  101.574940][ T5310] EXT4-fs warning (device loop2): ext4_expand_extra_isize_ea:2800: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  101.577503][ T5310] EXT4-fs (loop2): 1 truncate cleaned up
[  101.578380][ T5310] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  101.634666][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  102.888204][ T5286] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.889577][ T5286] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.891623][ T5286] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  102.892873][ T5286] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  103.471287][ T5341] loop1: detected capacity change from 0 to 512
[  103.487929][ T5341] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  103.489174][ T5341] System zones: 1-12
[  103.496656][ T5341] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.335: corrupted in-inode xattr
[  103.499218][ T5341] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.335: couldn't read orphan inode 15 (err -117)
[  103.511285][ T5341] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  103.572475][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  115.402014][ T5357] netlink: 'syz.0.339': attribute type 13 has an invalid length.
[  115.457800][ T5369] device syzkaller0 entered promiscuous mode
[  115.459575][ T4370] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  115.505299][ T5375] loop2: detected capacity change from 0 to 8192
[  115.523415][ T5383] loop3: detected capacity change from 0 to 512
[  115.614411][ T5383] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  115.615597][ T5383] System zones: 1-12
[  115.628931][ T5383] EXT4-fs error (device loop3): ext4_iget_extra_inode:4756: inode #15: comm syz.3.347: corrupted in-inode xattr
[  117.896367][ T5383] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.347: couldn't read orphan inode 15 (err -117)
[  117.909711][ T5383] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  118.005464][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  118.019443][ T5398] loop4: detected capacity change from 0 to 1024
[  118.041561][ T5398] EXT4-fs: Ignoring removed mblk_io_submit option
[  118.042973][ T5398] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  118.053919][ T5398] EXT4-fs error (device loop4): ext4_ext_check_inode:520: inode #11: comm syz.4.353: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  118.059769][ T5398] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.353: couldn't read orphan inode 11 (err -117)
[  118.065836][ T5398] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  118.079453][ T5398] capability: warning: `syz.4.353' uses deprecated v2 capabilities in a way that may be insecure
[  118.117865][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  119.469965][    C0] sched: RT throttling activated
[  120.922563][ T5446] netlink: 36 bytes leftover after parsing attributes in process `syz.1.370'.
[  120.924324][ T5446] netlink: 24 bytes leftover after parsing attributes in process `syz.1.370'.
[  120.945471][ T5449] loop1: detected capacity change from 0 to 128
[  123.489558][ T5475] loop1: detected capacity change from 0 to 4096
[  123.506762][ T5475] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  123.532199][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  123.568028][ T5481] loop1: detected capacity change from 0 to 128
[  123.645382][ T5485] loop1: detected capacity change from 0 to 512
[  123.646763][ T5485] EXT4-fs: Ignoring removed nobh option
[  123.648290][ T5485] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  123.654701][ T5485] EXT4-fs (loop1): 1 truncate cleaned up
[  123.655688][ T5485] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  123.713298][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  124.673358][ T5494] loop1: detected capacity change from 0 to 512
[  124.687796][ T5494] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  125.512953][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  125.930399][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  125.931519][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  126.728758][ T5506] netlink: 8 bytes leftover after parsing attributes in process `syz.1.391'.
[  126.777713][ T5510] loop1: detected capacity change from 0 to 128
[  126.873568][ T5514] loop1: detected capacity change from 0 to 512
[  126.874962][ T5514] EXT4-fs: Ignoring removed nobh option
[  126.876157][ T5514] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  126.882364][ T5514] EXT4-fs (loop1): 1 truncate cleaned up
[  126.883304][ T5514] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  126.930555][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  127.909275][ T5526] loop1: detected capacity change from 0 to 512
[  127.915540][ T5526] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  128.753866][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  132.909603][ T5550] loop4: detected capacity change from 0 to 512
[  132.924771][ T5554] loop2: detected capacity change from 0 to 512
[  132.958460][ T5554] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  132.959755][ T5554] System zones: 1-12
[  132.965803][ T5559] loop0: detected capacity change from 0 to 512
[  132.969263][ T5550] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  132.990656][ T5559] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  132.992909][ T5554] EXT4-fs error (device loop2): ext4_iget_extra_inode:4756: inode #15: comm syz.2.407: corrupted in-inode xattr
[  133.002852][ T5554] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.407: couldn't read orphan inode 15 (err -117)
[  133.009216][ T5554] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  133.018081][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  133.095012][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  135.070449][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  135.424228][ T5598] loop2: detected capacity change from 0 to 512
[  135.434121][ T5601] loop4: detected capacity change from 0 to 512
[  135.437234][ T5598] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  135.732000][ T5601] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  135.735158][ T5601] System zones: 1-12
[  135.745367][ T5601] EXT4-fs error (device loop4): ext4_iget_extra_inode:4756: inode #15: comm syz.4.423: corrupted in-inode xattr
[  135.748355][ T5601] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.423: couldn't read orphan inode 15 (err -117)
[  135.753865][ T5601] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  135.786700][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  135.806527][ T5608] loop4: detected capacity change from 0 to 512
[  135.815710][ T5608] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  135.853948][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  147.584915][ T5586] device syzkaller0 entered promiscuous mode
[  147.595264][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  147.633528][ T5622] loop0: detected capacity change from 0 to 736
[  148.033817][ T5619] batman_adv: batadv0: Removing interface: batadv_slave_1
[  148.579633][ T5637] loop1: detected capacity change from 0 to 512
[  148.625623][ T5637] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  148.697734][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  148.754129][ T5651] loop3: detected capacity change from 0 to 512
[  148.770758][ T5651] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  148.792939][ T5646] device syzkaller1 entered promiscuous mode
[  148.823645][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  148.923380][ T5660] loop4: detected capacity change from 0 to 1024
[  148.954511][ T5660] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  148.977206][ T5662] loop1: detected capacity change from 0 to 4096
[  148.989271][ T5662] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  149.308361][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  149.330976][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  153.610467][ T4331] Bluetooth: hci3: command 0x0406 tx timeout
[  153.610655][ T4325] Bluetooth: hci4: command 0x0406 tx timeout
[  153.611415][ T4331] Bluetooth: hci2: command 0x0406 tx timeout
[  153.612338][ T4325] Bluetooth: hci0: command 0x0406 tx timeout
[  153.613218][ T4331] Bluetooth: hci1: command 0x0406 tx timeout
[  160.612554][ T5718] loop4: detected capacity change from 0 to 512
[  160.660607][ T5718] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  160.764458][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  161.932344][ T5737] device syzkaller0 entered promiscuous mode
[  162.012253][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  162.214376][ T5775] loop0: detected capacity change from 0 to 512
[  162.227809][ T5775] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  162.320793][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  174.123763][ T5793] bridge0: port 3(gretap0) entered blocking state
[  174.124851][ T5793] bridge0: port 3(gretap0) entered disabled state
[  174.126230][ T5793] device gretap0 entered promiscuous mode
[  174.127037][ T5796] loop3: detected capacity change from 0 to 1024
[  174.127390][ T5796] EXT4-fs: Ignoring removed nomblk_io_submit option
[  174.128651][ T5793] bridge0: port 3(gretap0) entered blocking state
[  174.130072][ T5793] bridge0: port 3(gretap0) entered forwarding state
[  174.185064][ T5802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.485'.
[  174.217063][ T5796] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  174.290695][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  174.372334][ T5826] loop3: detected capacity change from 0 to 512
[  174.387795][ T5826] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  175.588090][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  175.677690][ T5841] netlink: 12 bytes leftover after parsing attributes in process `syz.4.499'.
[  175.682337][ T5845] loop3: detected capacity change from 0 to 512
[  175.684687][ T5835] device syzkaller0 entered promiscuous mode
[  175.694614][ T5845] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  175.715128][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  175.728098][ T5850] loop1: detected capacity change from 0 to 1024
[  175.740596][ T5850] EXT4-fs: Ignoring removed nomblk_io_submit option
[  175.773831][ T5853] loop3: detected capacity change from 0 to 512
[  175.775419][ T5853] EXT4-fs: Ignoring removed nobh option
[  175.776612][ T5853] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  175.784115][ T5853] EXT4-fs (loop3): 1 truncate cleaned up
[  175.784968][ T5853] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  175.796723][ T5850] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  175.812492][ T5861] loop4: detected capacity change from 0 to 512
[  175.816253][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  175.824566][ T5861] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  175.924692][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  175.950955][ T5867] binder: 5866:5867 ioctl c0306201 0 returned -14
[  176.552580][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  187.371453][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  187.372501][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  187.474386][ T5890] netlink: 12 bytes leftover after parsing attributes in process `syz.3.514'.
[  187.535157][ T5898] loop4: detected capacity change from 0 to 512
[  187.548512][ T5900] loop3: detected capacity change from 0 to 512
[  187.562553][ T5900] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  187.607865][ T5898] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  188.431184][ T5915] netlink: 12 bytes leftover after parsing attributes in process `syz.0.522'.
[  188.432634][ T5915] netlink: 32 bytes leftover after parsing attributes in process `syz.0.522'.
[  188.435101][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  188.447153][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  188.822786][ T5923] binder: 5922:5923 ioctl c0306201 0 returned -14
[  188.893381][ T5926] netlink: 40 bytes leftover after parsing attributes in process `syz.0.526'.
[  200.315593][ T5938] netlink: 'syz.4.529': attribute type 13 has an invalid length.
[  200.396205][ T5966] loop0: detected capacity change from 0 to 512
[  200.449377][ T5966] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  200.458822][ T5971] loop3: detected capacity change from 0 to 512
[  200.463658][ T5973] netlink: 12 bytes leftover after parsing attributes in process `syz.4.536'.
[  200.466161][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  200.470822][ T5973] netlink: 32 bytes leftover after parsing attributes in process `syz.4.536'.
[  200.807006][ T5971] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  200.824838][ T5983] netlink: 40 bytes leftover after parsing attributes in process `syz.2.538'.
[  200.851187][ T5973] netlink: 12 bytes leftover after parsing attributes in process `syz.4.536'.
[  200.852885][ T5973] netlink: 32 bytes leftover after parsing attributes in process `syz.4.536'.
[  200.875527][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  200.910587][ T5990] binder: 5989:5990 ioctl c0306201 0 returned -14
[  200.935325][ T5993] netlink: 'syz.0.542': attribute type 13 has an invalid length.
[  201.017835][ T5973] netlink: 12 bytes leftover after parsing attributes in process `syz.4.536'.
[  201.019423][ T5973] netlink: 32 bytes leftover after parsing attributes in process `syz.4.536'.
[  201.449223][ T6003] device syzkaller0 entered promiscuous mode
[  201.618514][ T6010] loop4: detected capacity change from 0 to 512
[  201.701707][ T6010] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  201.724945][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  201.785437][ T6018] netlink: 40 bytes leftover after parsing attributes in process `syz.3.550'.
[  201.809926][ T6020] loop3: detected capacity change from 0 to 512
[  201.832365][ T6020] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  201.894837][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  212.973533][ T6027] netlink: 'syz.0.553': attribute type 13 has an invalid length.
[  213.046586][ T6049] netlink: 12 bytes leftover after parsing attributes in process `syz.0.558'.
[  213.047947][ T6049] netlink: 32 bytes leftover after parsing attributes in process `syz.0.558'.
[  213.050830][ T6051] loop1: detected capacity change from 0 to 512
[  213.054343][ T6051] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  213.073759][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  213.126236][ T6063] netlink: 24 bytes leftover after parsing attributes in process `syz.3.563'.
[  213.174641][ T6049] netlink: 12 bytes leftover after parsing attributes in process `syz.0.558'.
[  213.176021][ T6049] netlink: 32 bytes leftover after parsing attributes in process `syz.0.558'.
[  213.192454][ T6072] netlink: 'syz.2.566': attribute type 13 has an invalid length.
[  213.193596][ T6072] netlink: 'syz.2.566': attribute type 27 has an invalid length.
[  213.593037][ T6049] netlink: 12 bytes leftover after parsing attributes in process `syz.0.558'.
[  213.595362][ T6049] netlink: 32 bytes leftover after parsing attributes in process `syz.0.558'.
[  213.603102][ T6082] device syzkaller0 entered promiscuous mode
[  214.139801][ T6090] loop0: detected capacity change from 0 to 512
[  214.143225][ T6090] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  214.156159][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  215.510494][ T6114] netlink: 24 bytes leftover after parsing attributes in process `syz.0.576'.
[  215.528951][ T6116] netlink: 40 bytes leftover after parsing attributes in process `syz.0.577'.
[  226.048434][ T6134] netlink: 12 bytes leftover after parsing attributes in process `syz.3.584'.
[  226.050201][ T6134] netlink: 32 bytes leftover after parsing attributes in process `syz.3.584'.
[  226.850353][ T6142] overlayfs: unrecognized mount option "/" or missing value
[  227.322681][ T6134] netlink: 12 bytes leftover after parsing attributes in process `syz.3.584'.
[  227.324136][ T6134] netlink: 32 bytes leftover after parsing attributes in process `syz.3.584'.
[  227.878756][ T6152] netlink: 40 bytes leftover after parsing attributes in process `syz.4.588'.
[  227.886528][ T6148] netlink: 24 bytes leftover after parsing attributes in process `syz.0.587'.
[  228.042913][ T6163] device syzkaller0 entered promiscuous mode
[  228.976587][ T6191] overlayfs: unrecognized mount option "/" or missing value
[  240.778192][ T6204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.601'.
[  240.779581][ T6204] netlink: 32 bytes leftover after parsing attributes in process `syz.1.601'.
[  240.835717][ T6204] netlink: 12 bytes leftover after parsing attributes in process `syz.1.601'.
[  240.837203][ T6204] netlink: 32 bytes leftover after parsing attributes in process `syz.1.601'.
[  240.845203][ T6212] netlink: 40 bytes leftover after parsing attributes in process `syz.0.604'.
[  240.888520][ T6218] netlink: 'syz.4.607': attribute type 13 has an invalid length.
[  240.889750][ T6218] netlink: 28 bytes leftover after parsing attributes in process `syz.4.607'.
[  242.393868][ T6243] device syzkaller0 entered promiscuous mode
[  242.888620][ T6262] netlink: 20 bytes leftover after parsing attributes in process `syz.0.621'.
[  242.937358][ T6262] netlink: 20 bytes leftover after parsing attributes in process `syz.0.621'.
[  243.007107][ T6262] netlink: 20 bytes leftover after parsing attributes in process `syz.0.621'.
[  244.118856][ T6278] netlink: 12 bytes leftover after parsing attributes in process `syz.0.625'.
[  248.810478][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  248.811510][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  253.951771][ T6250] netlink: 'syz.2.617': attribute type 1 has an invalid length.
[  253.956724][ T6251] __nla_validate_parse: 5 callbacks suppressed
[  253.956744][ T6251] netlink: 8 bytes leftover after parsing attributes in process `syz.2.617'.
[  253.958998][ T6251] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  253.965175][ T6254] netlink: 'syz.1.618': attribute type 13 has an invalid length.
[  253.966351][ T6254] netlink: 28 bytes leftover after parsing attributes in process `syz.1.618'.
[  254.115219][ T6306] netlink: 20 bytes leftover after parsing attributes in process `syz.0.632'.
[  254.191492][ T6306] netlink: 20 bytes leftover after parsing attributes in process `syz.0.632'.
[  255.340086][ T6310] Can't find ip_set type hash:i
[  256.110685][ T6327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.636'.
[  256.112168][ T6327] netlink: 32 bytes leftover after parsing attributes in process `syz.2.636'.
[  256.174248][ T6333] netlink: 'syz.1.638': attribute type 13 has an invalid length.
[  256.187868][ T6327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.636'.
[  256.189372][ T6327] netlink: 32 bytes leftover after parsing attributes in process `syz.2.636'.
[  256.329707][ T6327] netlink: 12 bytes leftover after parsing attributes in process `syz.2.636'.
[  256.331845][ T6327] netlink: 32 bytes leftover after parsing attributes in process `syz.2.636'.
[  256.732573][ T6333] bridge0: port 2(bridge_slave_1) entered disabled state
[  256.733902][ T6333] bridge0: port 1(bridge_slave_0) entered disabled state
[  257.162616][ T6333] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  257.176827][ T6333] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  257.456558][ T6333] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.457933][ T6333] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.459215][ T6333] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.460839][ T6333] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  257.724929][ T6367] netlink: 'syz.4.643': attribute type 1 has an invalid length.
[  257.764892][ T6367] 8021q: adding VLAN 0 to HW filter on device bond1
[  257.795589][ T6368] bond1: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  258.739823][ T6381] loop0: detected capacity change from 0 to 512
[  258.779371][ T6381] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  259.299107][ T6392] loop1: detected capacity change from 0 to 512
[  259.308338][ T6392] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a803c198, mo2=0002]
[  259.309689][ T6392] System zones: 1-12
[  259.329387][ T6392] EXT4-fs error (device loop1): ext4_iget_extra_inode:4756: inode #15: comm syz.1.650: corrupted in-inode xattr
[  259.331636][ T6392] EXT4-fs error (device loop1): ext4_orphan_get:1404: comm syz.1.650: couldn't read orphan inode 15 (err -117)
[  259.334717][ T6392] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  259.384469][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  259.385646][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  259.393482][ T6396] __nla_validate_parse: 2 callbacks suppressed
[  259.393493][ T6396] netlink: 20 bytes leftover after parsing attributes in process `syz.3.651'.
[  259.427746][ T6403] netlink: 'syz.0.654': attribute type 13 has an invalid length.
[  259.834989][ T6396] netlink: 20 bytes leftover after parsing attributes in process `syz.3.651'.
[  259.913665][ T6396] netlink: 20 bytes leftover after parsing attributes in process `syz.3.651'.
[  259.956877][ T6416] device syzkaller0 entered promiscuous mode
[  272.759595][ T6455] loop4: detected capacity change from 0 to 512
[  272.777040][ T6459] netlink: 'syz.0.666': attribute type 13 has an invalid length.
[  272.804598][ T6455] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  272.836433][ T6468] netlink: 8 bytes leftover after parsing attributes in process `syz.2.668'.
[  272.930545][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  272.985643][ T6474] netlink: 'syz.4.672': attribute type 1 has an invalid length.
[  273.322176][ T6474] 8021q: adding VLAN 0 to HW filter on device bond2
[  273.324767][ T6478] netlink: 8 bytes leftover after parsing attributes in process `syz.4.672'.
[  273.328084][ T6478] bond2: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  273.480062][ T6485] device syzkaller1 entered promiscuous mode
[  274.284111][ T6492] loop3: detected capacity change from 0 to 512
[  274.408255][ T6492] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  274.540536][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  274.614628][ T6505] loop2: detected capacity change from 0 to 128
[  274.618203][ T6506] loop0: detected capacity change from 0 to 512
[  274.628684][ T6508] netlink: 'syz.3.680': attribute type 13 has an invalid length.
[  274.644774][ T6505] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  274.658057][ T6506] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  274.704743][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  274.753122][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  274.826086][ T6508] bridge0: port 2(bridge_slave_1) entered disabled state
[  274.827417][ T6508] bridge0: port 1(bridge_slave_0) entered disabled state
[  275.291613][ T6508] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  275.308495][ T6508] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  275.598802][ T6508] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.600222][ T6508] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.601495][ T6508] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.602722][ T6508] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  275.860153][ T6521] netlink: 8 bytes leftover after parsing attributes in process `syz.0.686'.
[  275.861609][ T6521] netlink: 12 bytes leftover after parsing attributes in process `syz.0.686'.
[  276.037960][ T6533] netlink: 'syz.1.691': attribute type 1 has an invalid length.
[  276.043152][ T6533] 8021q: adding VLAN 0 to HW filter on device bond1
[  276.050975][ T6528] device syzkaller0 entered promiscuous mode
[  276.054707][ T6533] netlink: 8 bytes leftover after parsing attributes in process `syz.1.691'.
[  276.056072][ T6533] bond1: up delay (136) is not a multiple of miimon (100), value rounded to 100 ms
[  277.005597][ T6544] loop2: detected capacity change from 0 to 128
[  277.032476][ T6544] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  277.061841][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  277.079728][ T6548] loop1: detected capacity change from 0 to 512
[  277.089245][ T6548] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  277.199232][ T6551] loop2: detected capacity change from 0 to 4096
[  277.249633][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  277.257662][ T6551] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  277.303334][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  277.398990][ T6569] netlink: 'syz.0.703': attribute type 1 has an invalid length.
[  277.409113][ T6569] 8021q: adding VLAN 0 to HW filter on device bond1
[  278.143135][ T6569] bond1: (slave ip6gretap1): making interface the new active one
[  278.155765][ T6569] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  278.171135][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  278.820129][ T6586] loop0: detected capacity change from 0 to 128
[  278.822956][ T6586] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  278.884552][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  278.887783][ T6593] loop1: detected capacity change from 0 to 512
[  278.902946][ T6593] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  278.974497][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  279.140279][ T6615] netlink: 'syz.2.716': attribute type 13 has an invalid length.
[  279.246229][ T6615] bridge0: port 3(gretap0) entered disabled state
[  280.137429][ T6615] bridge0: port 2(bridge_slave_1) entered disabled state
[  280.138863][ T6615] bridge0: port 1(bridge_slave_0) entered disabled state
[  280.322755][ T6638] loop0: detected capacity change from 0 to 128
[  280.341315][ T6638] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  280.355787][ T4327] EXT4-fs (loop0): unmounting filesystem.
[  280.524909][ T6641] loop1: detected capacity change from 0 to 512
[  280.539112][ T6641] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  280.584701][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  280.716823][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  280.730611][ T6615] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  281.016973][ T6615] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.018370][ T6615] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.019744][ T6615] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.021313][ T6615] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  281.252898][ T6621] device syzkaller0 entered promiscuous mode
[  282.051823][ T4325] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  282.054240][ T4325] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  282.056098][ T4325] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  282.058142][ T4325] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  282.059712][ T4325] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  282.063262][ T4325] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  282.182417][ T6683] loop4: detected capacity change from 0 to 512
[  282.193445][ T6683] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  282.245155][ T6683] EXT4-fs (loop4): 1 truncate cleaned up
[  282.246067][ T6683] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  282.331143][ T6683] mmap: syz.4.738 (6683) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  282.359200][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  282.471565][ T6703] device syzkaller0 entered promiscuous mode
[  282.477334][   T24] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  282.478990][ T6674] chnl_net:caif_netlink_parms(): no params data found
[  283.619613][ T6720] netlink: 12 bytes leftover after parsing attributes in process `syz.3.748'.
[  283.629009][ T6720] 8021q: adding VLAN 0 to HW filter on device bond1
[  283.638850][ T6721] bond1: option resend_igmp: invalid value (2805)
[  283.639895][ T6721] bond1: option resend_igmp: allowed values 0 - 255
[  284.023829][ T6739] loop1: detected capacity change from 0 to 512
[  284.045416][ T6674] bridge0: port 1(bridge_slave_0) entered blocking state
[  284.047996][ T6739] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  284.058752][ T6739] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 97 vs 96 free clusters
[  284.061560][ T6739] Quota error (device loop1): write_blk: dquota write failed
[  284.062022][ T6674] bridge0: port 1(bridge_slave_0) entered disabled state
[  284.062677][ T6739] Quota error (device loop1): find_free_dqentry: Can't write quota data block 5
[  284.065202][ T6739] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  284.065379][ T6674] device bridge_slave_0 entered promiscuous mode
[  284.066519][ T6739] EXT4-fs error (device loop1): ext4_acquire_dquot:6835: comm syz.1.753: Failed to acquire dquot type 1
[  284.085458][ T6674] bridge0: port 2(bridge_slave_1) entered blocking state
[  284.086748][ T6674] bridge0: port 2(bridge_slave_1) entered disabled state
[  284.089499][ T6674] device bridge_slave_1 entered promiscuous mode
[  284.090729][ T4325] Bluetooth: hci2: command 0x0409 tx timeout
[  284.150883][ T6674] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  284.166664][ T6674] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  284.183519][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  284.239185][ T6674] team0: Port device team_slave_0 added
[  284.248585][ T6674] team0: Port device team_slave_1 added
[  284.274478][ T6674] batman_adv: batadv0: Adding interface: batadv_slave_0
[  284.284713][ T6674] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  284.296091][ T6674] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  285.275113][ T6787] loop3: detected capacity change from 0 to 512
[  285.294134][ T6787] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[  285.559946][ T4588] bond1: (slave ip6gretap1): Releasing active interface
[  285.564950][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  285.614388][ T6674] batman_adv: batadv0: Adding interface: batadv_slave_1
[  285.615478][ T6674] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  285.619127][ T6674] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  285.648906][ T6786] netlink: 8 bytes leftover after parsing attributes in process `syz.4.762'.
[  285.657169][ T6786] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  286.083450][ T6674] device hsr_slave_0 entered promiscuous mode
[  286.120617][ T6674] device hsr_slave_1 entered promiscuous mode
[  286.151253][ T6674] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  286.152430][ T6674] Cannot create hsr debugfs directory
[  286.170266][ T4336] Bluetooth: hci2: command 0x041b tx timeout
[  286.270995][ T6808] device syzkaller0 entered promiscuous mode
[  286.345235][ T6832] loop2: detected capacity change from 0 to 512
[  286.357133][ T6832] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  286.400900][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  286.549348][ T6674] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  286.613009][ T6674] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  286.622914][ T6859] loop1: detected capacity change from 0 to 512
[  286.626812][ T6859] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  286.703130][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  286.707101][ T6674] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  286.805232][ T6674] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  286.912115][ T6864] device syzkaller0 entered promiscuous mode
[  287.016721][ T6674] 8021q: adding VLAN 0 to HW filter on device bond0
[  287.026709][ T6674] 8021q: adding VLAN 0 to HW filter on device team0
[  287.056053][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  287.057531][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  287.058851][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  287.061175][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  287.062720][ T1604] bridge0: port 1(bridge_slave_0) entered blocking state
[  287.063929][ T1604] bridge0: port 1(bridge_slave_0) entered forwarding state
[  287.066928][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  287.073040][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  287.075708][ T1604] bridge0: port 2(bridge_slave_1) entered blocking state
[  287.076830][ T1604] bridge0: port 2(bridge_slave_1) entered forwarding state
[  287.079388][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  287.093093][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  287.098340][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  287.103590][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  287.108733][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  287.112775][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  287.115091][ T6893] loop1: detected capacity change from 0 to 1024
[  287.116577][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  287.119104][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  287.127506][ T6674] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  287.129431][ T6674] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  287.155272][ T6893] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  287.185450][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  287.187264][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  287.193509][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  287.197472][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  287.433368][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  287.434747][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  287.437757][ T6674] 8021q: adding VLAN 0 to HW filter on device batadv0
[  287.763231][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  287.765122][ T4395] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  287.772582][ T6674] device veth0_vlan entered promiscuous mode
[  287.776814][ T6674] device veth1_vlan entered promiscuous mode
[  287.785175][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  287.786800][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  287.788335][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  287.789899][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  287.793264][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  287.839277][ T4588] device hsr_slave_0 left promiscuous mode
[  287.880169][ T4588] device hsr_slave_1 left promiscuous mode
[  287.944151][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  287.960302][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_0
[  287.963364][ T4588] batman_adv: batadv0: Removing interface: batadv_slave_1
[  287.965597][ T4588] device bridge_slave_1 left promiscuous mode
[  287.967440][ T4588] bridge0: port 2(bridge_slave_1) entered disabled state
[  287.981653][ T4588] device bridge_slave_0 left promiscuous mode
[  287.982806][ T4588] bridge0: port 1(bridge_slave_0) entered disabled state
[  288.250013][ T4325] Bluetooth: hci2: command 0x040f tx timeout
[  288.611082][ T6955] loop4: detected capacity change from 0 to 2048
[  288.624692][ T6955] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  288.629676][ T6955] EXT4-fs error (device loop4): ext4_find_extent:936: inode #2: comm syz.4.800: pblk 1 bad header/extent: invalid magic - magic 2, entries 0, max 3(0), depth 0(4)
[  288.634803][ T6955] EXT4-fs (loop4): Remounting filesystem read-only
[  288.647250][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  288.674410][ T6960] loop4: detected capacity change from 0 to 512
[  288.681467][ T6960] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  288.688792][ T6960] EXT4-fs (loop4): 1 truncate cleaned up
[  288.689748][ T6960] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  288.704737][ T4588] bond1 (unregistering): Released all slaves
[  288.726335][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  288.818153][ T6967] loop4: detected capacity change from 0 to 512
[  288.826317][ T6967] EXT4-fs: Ignoring removed oldalloc option
[  288.827936][ T6967] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  288.831777][ T6967] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.804: inode has both inline data and extents flags
[  288.834050][ T6967] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.804: couldn't read orphan inode 15 (err -117)
[  288.836300][ T6967] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  288.857561][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  290.257581][ T6910] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  290.330025][ T4336] Bluetooth: hci2: command 0x0419 tx timeout
[  290.358276][ T6981] loop2: detected capacity change from 0 to 512
[  290.361484][ T6981] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  290.374408][ T6981] EXT4-fs (loop2): 1 truncate cleaned up
[  290.375406][ T6981] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  290.413239][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  290.493146][ T6994] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  290.494741][ T6994] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  290.712348][ T4588] team0 (unregistering): Port device team_slave_1 removed
[  290.881344][ T4588] team0 (unregistering): Port device team_slave_0 removed
[  291.070956][ T4588] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  291.480561][ T4588] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  291.935814][ T7004] netlink: 44 bytes leftover after parsing attributes in process `syz.2.818'.
[  292.931042][ T4588] bond0 (unregistering): Released all slaves
[  293.135974][ T6674] device veth0_macvtap entered promiscuous mode
[  293.138985][ T6674] device veth1_macvtap entered promiscuous mode
[  293.140716][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  293.142250][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  293.143819][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  293.145289][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  293.146644][ T4376] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  293.160666][ T6991] netlink: 8 bytes leftover after parsing attributes in process `syz.4.810'.
[  293.179220][ T6674] batman_adv: batadv0: Interface activated: batadv_slave_0
[  293.193772][ T6674] batman_adv: batadv0: Interface activated: batadv_slave_1
[  293.196161][ T6674] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  293.201533][ T6674] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  293.202883][ T6674] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  293.204124][ T6674] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  293.220705][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  293.222433][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  293.224102][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  293.225647][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  293.303254][ T7021] loop1: detected capacity change from 0 to 512
[  293.320115][ T4395] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.321406][ T4395] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.336248][ T7021] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  293.341836][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  293.347791][ T7021] EXT4-fs (loop1): 1 truncate cleaned up
[  293.348664][ T7021] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  293.418379][ T4655] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  293.419618][ T4655] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  293.426505][ T1604] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  293.451323][ T7030] device syzkaller1 entered promiscuous mode
[  293.776417][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  293.787938][ T7037] lo speed is unknown, defaulting to 1000
[  293.789266][ T7037] lo speed is unknown, defaulting to 1000
[  293.791043][ T7037] lo speed is unknown, defaulting to 1000
[  293.793390][ T7037] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  293.796610][ T7037] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98
[  293.810741][ T7037] lo speed is unknown, defaulting to 1000
[  293.811938][ T7037] lo speed is unknown, defaulting to 1000
[  293.813146][ T7037] lo speed is unknown, defaulting to 1000
[  293.814233][ T7037] lo speed is unknown, defaulting to 1000
[  293.815353][ T7037] lo speed is unknown, defaulting to 1000
[  293.898504][ T7050] netlink: 'syz.1.827': attribute type 13 has an invalid length.
[  293.956243][ T7054] netlink: 24 bytes leftover after parsing attributes in process `syz.5.829'.
[  294.081811][ T7063] device syzkaller0 entered promiscuous mode
[  294.085241][ T7064] netlink: 'syz.1.831': attribute type 3 has an invalid length.
[  294.087026][ T7064] netlink: 16 bytes leftover after parsing attributes in process `syz.1.831'.
[  294.274674][ T7074] loop5: detected capacity change from 0 to 4096
[  294.285454][ T7076] loop3: detected capacity change from 0 to 4096
[  294.291509][ T7074] ntfs3: loop5: ino=3, Correct links count -> 2.
[  294.343433][ T7088] netlink: 'syz.4.841': attribute type 13 has an invalid length.
[  294.348139][ T7076] ntfs3: loop3: Mark volume as dirty due to NTFS errors
[  294.350335][ T7086] device syzkaller1 entered promiscuous mode
[  294.353160][ T7076] ntfs3: loop3: Failed to load $Extend.
[  294.523669][ T7101] netlink: 24 bytes leftover after parsing attributes in process `syz.3.843'.
[  294.912071][ T7107] loop4: detected capacity change from 0 to 1764
[  294.927203][ T7107] iso9660: Corrupted directory entry in block 2 of inode 1920
[  294.937510][ T7115] netlink: 'syz.3.848': attribute type 1 has an invalid length.
[  294.956400][ T7115] 8021q: adding VLAN 0 to HW filter on device bond2
[  294.964774][ T7115] netlink: 8 bytes leftover after parsing attributes in process `syz.3.848'.
[  294.966183][ T7115] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  295.046643][ T7123] loop4: detected capacity change from 0 to 128
[  295.048226][ T7123] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  295.101717][ T7123] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  295.110212][ T7131] netlink: 'syz.2.852': attribute type 13 has an invalid length.
[  295.121218][ T7134] loop5: detected capacity change from 0 to 2048
[  295.154211][   T24] libceph: connect (1)[c::]:6789 error -101
[  295.155334][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  295.157433][ T7134] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  295.157872][   T24] libceph: connect (1)[c::]:6789 error -101
[  295.159827][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  295.171986][ T6674] EXT4-fs (loop5): unmounting filesystem.
[  295.184318][ T7142] binder: 7139:7142 ioctl c0306201 20000080 returned -14
[  295.199634][ T4588] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  295.211518][ T7142] binder: 7139:7142 tried to acquire reference to desc 0, got 1 instead
[  295.214200][ T7142] binder: 7139:7142 got transaction with invalid offsets ptr
[  295.215525][ T7142] binder_debug: 10 callbacks suppressed
[  295.215534][ T7142] binder: 7139:7142 transaction call to 7139:0 failed 93/29201/-22, size 104-24 line 3576
[  295.222876][ T4372] binder: undelivered TRANSACTION_ERROR: 29201
[  295.298159][ T7153] netlink: 24 bytes leftover after parsing attributes in process `syz.2.858'.
[  295.345882][ T7163] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  295.350434][ T7163] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  295.392143][ T7166] netlink: 'syz.3.862': attribute type 1 has an invalid length.
[  295.405028][ T7166] 8021q: adding VLAN 0 to HW filter on device bond3
[  295.417254][ T7166] netlink: 8 bytes leftover after parsing attributes in process `syz.3.862'.
[  295.418726][ T7166] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  295.421338][   T24] libceph: connect (1)[c::]:6789 error -101
[  295.422368][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  295.662903][ T7182] loop3: detected capacity change from 0 to 2048
[  295.695144][ T7187] netlink: 'syz.5.866': attribute type 13 has an invalid length.
[  295.712881][ T7182] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  295.784841][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  295.908810][ T7126] ceph: No mds server is up or the cluster is laggy
[  295.914529][ T7199] loop3: detected capacity change from 0 to 40427
[  295.924365][ T7199] F2FS-fs (loop3): invalid crc value
[  295.945548][   T24] libceph: connect (1)[c::]:6789 error -101
[  295.946524][   T24] libceph: mon0 (1)[c::]:6789 connect error
[  295.949452][ T7199] F2FS-fs (loop3): Found nat_bits in checkpoint
[  295.965919][ T7199] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  296.049135][ T7187] bridge0: port 2(bridge_slave_1) entered disabled state
[  296.050524][ T7187] bridge0: port 1(bridge_slave_0) entered disabled state
[  296.722413][ T7187] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  296.745222][ T7187] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  297.096551][ T7187] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.097966][ T7187] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.099460][ T7187] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.103690][ T7187] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  297.414914][ T7222] netlink: 8 bytes leftover after parsing attributes in process `syz.5.871'.
[  297.443636][ T7226] loop5: detected capacity change from 0 to 512
[  297.464714][ T4320] syz-executor: attempt to access beyond end of device
[  297.464714][ T4320] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  297.547943][ T7226] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  297.554029][ T7237] loop1: detected capacity change from 0 to 2048
[  297.628395][ T7237] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  297.665759][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  297.673359][ T6674] EXT4-fs (loop5): unmounting filesystem.
[  297.728651][ T7258] netlink: 'syz.5.881': attribute type 13 has an invalid length.
[  298.566183][ T7267] netlink: 8 bytes leftover after parsing attributes in process `syz.1.884'.
[  298.928090][ T7269] loop1: detected capacity change from 0 to 4096
[  299.055478][ T7293] bridge: RTM_NEWNEIGH bridge0 with NTF_USE is not supported
[  299.058908][ T7295] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  299.269581][ T7301] netlink: 'syz.4.893': attribute type 13 has an invalid length.
[  299.430834][ T7305] netlink: 8 bytes leftover after parsing attributes in process `syz.4.895'.
[  299.438922][ T7307] loop3: detected capacity change from 0 to 256
[  299.497202][ T7307] FAT-fs (loop3): Directory bread(block 64) failed
[  299.498333][ T7307] FAT-fs (loop3): Directory bread(block 65) failed
[  299.499367][ T7307] FAT-fs (loop3): Directory bread(block 66) failed
[  299.532541][ T7307] FAT-fs (loop3): Directory bread(block 67) failed
[  299.533621][ T7307] FAT-fs (loop3): Directory bread(block 68) failed
[  299.534566][ T7307] FAT-fs (loop3): Directory bread(block 69) failed
[  299.535490][ T7307] FAT-fs (loop3): Directory bread(block 70) failed
[  299.536451][ T7307] FAT-fs (loop3): Directory bread(block 71) failed
[  299.537381][ T7307] FAT-fs (loop3): Directory bread(block 72) failed
[  299.538381][ T7307] FAT-fs (loop3): Directory bread(block 73) failed
[  299.569930][ T7307] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  299.574762][ T7307] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  300.021297][ T7331] netlink: 'syz.2.905': attribute type 13 has an invalid length.
[  300.108930][ T7338] netlink: 8 bytes leftover after parsing attributes in process `syz.2.908'.
[  300.193748][ T7344] loop2: detected capacity change from 0 to 256
[  300.271308][ T7348] netlink: 'syz.1.914': attribute type 1 has an invalid length.
[  300.277668][ T7348] 8021q: adding VLAN 0 to HW filter on device bond2
[  300.290922][ T7348] bond2: (slave ip6gretap1): making interface the new active one
[  300.293134][ T7348] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[  300.295214][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  300.533701][ T7360] xt_hashlimit: size too large, truncated to 1048576
[  300.546023][ T7362] netlink: 'syz.1.917': attribute type 13 has an invalid length.
[  301.330917][ T7372] loop1: detected capacity change from 0 to 256
[  301.374649][ T7375] netlink: 8 bytes leftover after parsing attributes in process `syz.2.921'.
[  302.142513][ T7391] netlink: 'syz.4.927': attribute type 1 has an invalid length.
[  302.154946][ T7391] 8021q: adding VLAN 0 to HW filter on device bond3
[  302.219833][ T7396] netlink: 'syz.5.931': attribute type 13 has an invalid length.
[  302.291707][ T7403] loop1: detected capacity change from 0 to 4096
[  302.300895][ T7403] ntfs3: loop1: ino=3, Correct links count -> 2.
[  302.718624][ T7407] loop5: detected capacity change from 0 to 4096
[  302.794979][ T7407] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  302.803147][ T7407] ntfs3: loop5: Failed to load $Extend.
[  303.192062][ T7422] loop4: detected capacity change from 0 to 1024
[  303.198747][ T7422] EXT4-fs: Ignoring removed nomblk_io_submit option
[  303.270413][ T7422] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  303.450413][ T7435] netlink: 'syz.1.940': attribute type 1 has an invalid length.
[  303.767015][ T7435] 8021q: adding VLAN 0 to HW filter on device bond3
[  303.912563][ T7451] netlink: 'syz.5.944': attribute type 13 has an invalid length.
[  303.983870][ T7454] loop5: detected capacity change from 0 to 1024
[  303.998132][ T7454] EXT4-fs: Ignoring removed bh option
[  303.999115][ T7454] EXT4-fs: Ignoring removed oldalloc option
[  304.052216][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  304.066850][ T7454] EXT4-fs: Ignoring removed nobh option
[  304.076983][ T7454] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  304.143831][ T7454] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  304.199154][ T6674] EXT4-fs (loop5): unmounting filesystem.
[  304.229009][ T7468] loop4: detected capacity change from 0 to 4096
[  304.270496][ T7468] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  304.273525][ T7468] ntfs3: loop4: Failed to load $Extend.
[  304.632301][ T7488] netlink: 'syz.4.953': attribute type 1 has an invalid length.
[  304.656840][ T7488] 8021q: adding VLAN 0 to HW filter on device bond4
[  304.672614][ T7488] netlink: 8 bytes leftover after parsing attributes in process `syz.4.953'.
[  304.674086][ T7488] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  304.781986][ T7496] netlink: 'syz.4.956': attribute type 13 has an invalid length.
[  304.861752][ T7500] xt_hashlimit: size too large, truncated to 1048576
[  305.533689][ T7511] loop5: detected capacity change from 0 to 4096
[  305.579484][ T7511] ntfs3: loop5: Mark volume as dirty due to NTFS errors
[  305.580835][ T7511] ntfs3: loop5: Failed to load $Extend.
[  305.696766][ T7520] netlink: 'syz.5.964': attribute type 1 has an invalid length.
[  305.737854][ T7520] 8021q: adding VLAN 0 to HW filter on device bond1
[  305.743847][ T7520] netlink: 8 bytes leftover after parsing attributes in process `syz.5.964'.
[  305.745301][ T7520] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  305.954946][ T7532] netlink: 'syz.2.968': attribute type 13 has an invalid length.
[  306.113142][ T7541] loop5: detected capacity change from 0 to 256
[  306.136601][ T7541] FAT-fs (loop5): Directory bread(block 64) failed
[  306.137662][ T7541] FAT-fs (loop5): Directory bread(block 65) failed
[  306.138682][ T7541] FAT-fs (loop5): Directory bread(block 66) failed
[  306.139653][ T7541] FAT-fs (loop5): Directory bread(block 67) failed
[  306.140712][ T7541] FAT-fs (loop5): Directory bread(block 68) failed
[  306.141650][ T7541] FAT-fs (loop5): Directory bread(block 69) failed
[  306.142593][ T7541] FAT-fs (loop5): Directory bread(block 70) failed
[  306.143513][ T7541] FAT-fs (loop5): Directory bread(block 71) failed
[  306.144497][ T7541] FAT-fs (loop5): Directory bread(block 72) failed
[  306.145359][ T7541] FAT-fs (loop5): Directory bread(block 73) failed
[  307.063638][ T7550] netlink: 'syz.4.976': attribute type 1 has an invalid length.
[  307.102417][ T7552] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  307.103766][ T7552] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  307.152725][ T7550] 8021q: adding VLAN 0 to HW filter on device bond5
[  307.154237][ T7553] netlink: 8 bytes leftover after parsing attributes in process `syz.4.976'.
[  307.155588][ T7553] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  307.374080][ T7563] netlink: 'syz.4.981': attribute type 13 has an invalid length.
[  307.516472][ T7572] binder: 7571:7572 got reply transaction with no transaction stack
[  307.517711][ T7572] binder: 7571:7572 transaction reply to 0:0 failed 94/29201/-71, size 0-0 line 2946
[  307.533572][   T24] binder: undelivered TRANSACTION_ERROR: 29201
[  307.544561][ T7576] device batadv_slave_0 entered promiscuous mode
[  307.838838][ T7599] serio: Serial port ptm0
[  309.466133][ T7608] netlink: 'syz.5.992': attribute type 13 has an invalid length.
[  309.567144][ T7616] netlink: 'syz.2.994': attribute type 1 has an invalid length.
[  309.959258][ T7616] 8021q: adding VLAN 0 to HW filter on device bond1
[  309.974774][ T7625] netlink: 8 bytes leftover after parsing attributes in process `syz.2.994'.
[  309.976471][ T7625] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  310.093611][ T7634] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.095127][ T7634] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.167704][ T7643] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  310.174467][ T7643] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  310.250752][ T2061] ieee802154 phy0 wpan0: encryption failed: -22
[  310.252062][ T2061] ieee802154 phy1 wpan1: encryption failed: -22
[  310.562726][ T7651] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1002'.
[  310.569779][ T7651] device macvtap1 entered promiscuous mode
[  310.571821][ T7651] device team0 entered promiscuous mode
[  310.574126][ T7651] device team_slave_0 entered promiscuous mode
[  310.575276][ T7651] device team_slave_1 entered promiscuous mode
[  310.577480][ T7651] 8021q: adding VLAN 0 to HW filter on device macvtap1
[  310.643398][ T7651] device team0 left promiscuous mode
[  310.644340][ T7651] device team_slave_0 left promiscuous mode
[  310.645384][ T7651] device team_slave_1 left promiscuous mode
[  310.855645][ T7681] netlink: 'syz.5.1006': attribute type 13 has an invalid length.
[  310.967159][ T7693] netlink: 'syz.4.1010': attribute type 1 has an invalid length.
[  311.002075][ T7693] 8021q: adding VLAN 0 to HW filter on device bond6
[  311.012405][ T7693] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1010'.
[  311.013959][ T7693] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  311.252626][ T7722] netlink: 'syz.4.1018': attribute type 13 has an invalid length.
[  311.326014][ T7730] loop3: detected capacity change from 0 to 512
[  311.327503][ T7730] EXT4-fs: Ignoring removed oldalloc option
[  311.328890][ T7730] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  311.364565][ T7733] loop1: detected capacity change from 0 to 256
[  311.388196][ T7733] FAT-fs (loop1): Invalid FSINFO signature: 0x00fffff8, 0x00000000 (sector = 1)
[  311.408216][ T7730] EXT4-fs error (device loop3): ext4_orphan_get:1399: inode #15: comm syz.3.1021: inode has both inline data and extents flags
[  311.419113][ T7730] EXT4-fs error (device loop3): ext4_orphan_get:1404: comm syz.3.1021: couldn't read orphan inode 15 (err -117)
[  311.428718][ T7730] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  311.764747][ T7742] netlink: 'syz.5.1024': attribute type 1 has an invalid length.
[  311.776383][ T4320] EXT4-fs (loop3): unmounting filesystem.
[  311.786210][ T7742] 8021q: adding VLAN 0 to HW filter on device bond2
[  311.792498][ T7742] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1024'.
[  311.794002][ T7742] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  311.917388][ T7760] binder: 7758:7760 ioctl c0306201 0 returned -14
[  311.929616][ T7760] binder: 7758:7760 ioctl c0306201 0 returned -14
[  312.217289][ T7775] loop4: detected capacity change from 0 to 512
[  312.221229][ T7775] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  312.242777][ T7775] EXT4-fs (loop4): 1 truncate cleaned up
[  312.243704][ T7775] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  312.305845][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  312.389193][ T7794] loop4: detected capacity change from 0 to 512
[  312.396038][ T7794] EXT4-fs: Ignoring removed oldalloc option
[  312.398665][ T7794] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  312.466284][ T7795] siw: device registration error -23
[  312.689112][ T7794] EXT4-fs error (device loop4): ext4_orphan_get:1399: inode #15: comm syz.4.1036: inode has both inline data and extents flags
[  312.696752][ T7794] EXT4-fs error (device loop4): ext4_orphan_get:1404: comm syz.4.1036: couldn't read orphan inode 15 (err -117)
[  312.700370][ T7794] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  312.721486][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  312.922770][ T7824] loop1: detected capacity change from 0 to 512
[  312.929262][ T7824] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  312.944254][ T7824] EXT4-fs (loop1): 1 truncate cleaned up
[  312.946467][ T7824] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  312.985918][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  313.098375][ T7836] loop2: detected capacity change from 0 to 512
[  313.106695][ T4588] Bluetooth: hci5: Frame reassembly failed (-84)
[  313.108157][    T9] Bluetooth: hci5: received HCILL_GO_TO_SLEEP_ACK in state 0
[  313.111226][ T7836] EXT4-fs: Ignoring removed oldalloc option
[  313.112591][ T7836] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  313.129864][ T7836] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1050: inode has both inline data and extents flags
[  313.134445][ T7836] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1050: couldn't read orphan inode 15 (err -117)
[  313.138806][ T7836] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  313.187390][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  313.243752][ T7843] netlink: 'syz.2.1052': attribute type 13 has an invalid length.
[  313.382533][ T7858] loop2: detected capacity change from 0 to 512
[  313.387965][ T7858] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  313.398025][ T7858] EXT4-fs (loop2): 1 truncate cleaned up
[  313.398930][ T7858] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  313.406326][ T7863] loop5: detected capacity change from 0 to 512
[  313.407848][ T7863] EXT4-fs: Ignoring removed oldalloc option
[  313.409191][ T7863] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  313.433657][ T7863] EXT4-fs error (device loop5): ext4_orphan_get:1399: inode #15: comm syz.5.1062: inode has both inline data and extents flags
[  313.447174][ T7863] EXT4-fs error (device loop5): ext4_orphan_get:1404: comm syz.5.1062: couldn't read orphan inode 15 (err -117)
[  313.457788][ T7863] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  313.468695][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  313.494135][ T6674] EXT4-fs (loop5): unmounting filesystem.
[  313.566963][ T7871] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  313.569507][ T7871] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  313.624110][ T7875] netlink: 'syz.2.1066': attribute type 13 has an invalid length.
[  313.696494][ T7882] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1070'.
[  313.729127][ T7877] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  313.745150][ T7877] 8021q: adding VLAN 0 to HW filter on device bond0
[  313.749643][ T7877] 8021q: adding VLAN 0 to HW filter on device team0
[  313.781395][ T7879] loop2: detected capacity change from 0 to 32768
[  313.786592][ T7879] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  313.788020][ T7879] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  313.796595][ T7879] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  313.799887][   T14] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  313.801129][   T14] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  313.809737][   T14] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 8ms
[  313.812619][   T14] gfs2: fsid=syz:syz.0: jid=0: Done
[  313.814312][ T7879] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  313.821616][ T7877] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  313.868209][ T7879] gfs2: fsid=syz:syz.0: found 1 quota changes
[  313.890590][ T7886] gfs2: fsid=syz:syz.0: fatal: filesystem consistency error
[  313.890590][ T7886]   inode = 11 2339
[  313.890590][ T7886]   function = gfs2_dinode_in, file = fs/gfs2/glops.c, line = 464
[  313.893538][ T7886] gfs2: fsid=syz:syz.0: G:  s:EX n:2/923 f:qobnN t:EX d:EX/0 a:0 v:0 r:3 m:20 p:1
[  313.894915][ T7886] gfs2: fsid=syz:syz.0:  H: s:EX f:H e:0 p:7886 [gfs2_quotad] gfs2_quota_sync+0x2cc/0x500
[  313.917530][ T7886] gfs2: fsid=syz:syz.0:  I: n:11/2339 t:0 f:0x00 d:0x00000000 s:0 p:0
[  313.918810][ T7886] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  313.993774][ T7900] netlink: 'syz.4.1079': attribute type 13 has an invalid length.
[  314.073255][ T7904] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1081'.
[  314.169929][ T7914] loop4: detected capacity change from 0 to 256
[  314.187298][ T7914] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  314.194229][ T7914] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=512, location=512
[  314.195790][ T7914] UDF-fs: warning (device loop4): udf_load_vrs: No anchor found
[  314.197024][ T7914] UDF-fs: Scanning with blocksize 512 failed
[  314.208468][ T7914] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[  314.209735][ T7916] IPv6: NLM_F_CREATE should be specified when creating new route
[  314.214999][ T7914] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  314.217809][ T7916] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1086'.
[  314.342453][ T7926] netlink: 'syz.3.1091': attribute type 13 has an invalid length.
[  314.543317][ T7939] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  314.546366][ T7939] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  314.746807][ T7947] FAT-fs (loop3): Directory bread(block 64) failed
[  314.747954][ T7947] FAT-fs (loop3): Directory bread(block 65) failed
[  314.750788][ T7947] FAT-fs (loop3): Directory bread(block 66) failed
[  314.751825][ T7947] FAT-fs (loop3): Directory bread(block 67) failed
[  314.753081][ T7947] FAT-fs (loop3): Directory bread(block 68) failed
[  314.754139][ T7947] FAT-fs (loop3): Directory bread(block 69) failed
[  314.755138][ T7947] FAT-fs (loop3): Directory bread(block 70) failed
[  314.756113][ T7947] FAT-fs (loop3): Directory bread(block 71) failed
[  314.757192][ T7947] FAT-fs (loop3): Directory bread(block 72) failed
[  314.758119][ T7947] FAT-fs (loop3): Directory bread(block 73) failed
[  315.130108][ T4325] Bluetooth: hci5: command 0x1003 tx timeout
[  315.130159][ T4336] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  315.257996][ T7959] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 scanned by syz.4.1104 (7959)
[  315.264693][ T7959] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  315.266444][ T7959] BTRFS info (device loop4): using sha256 (sha256-ce) checksum algorithm
[  315.267727][ T7959] BTRFS info (device loop4): using free space tree
[  315.297759][ T7959] BTRFS info (device loop4): enabling ssd optimizations
[  315.298446][ T7976] device syzkaller1 entered promiscuous mode
[  315.516259][ T7987] overlayfs: missing 'workdir'
[  316.343377][ T8010] set_capacity_and_notify: 4 callbacks suppressed
[  316.343388][ T8010] loop5: detected capacity change from 0 to 64
[  316.360405][ T8010] hfs: type requires a 4 character value
[  316.361809][ T8010] hfs: unable to parse mount options
[  316.404323][ T4328] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  317.391520][ T8046] lo speed is unknown, defaulting to 1000
[  318.184172][ T8053] device ipvlan2 entered promiscuous mode
[  319.178614][ T7886] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  319.195055][ T8072] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  319.196910][ T7886] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  319.204787][ T7886] gfs2: fsid=syz:syz.0: File system withdrawn
[  319.224587][ T7886] CPU: 1 PID: 7886 Comm: gfs2_quotad Not tainted syzkaller #0
[  319.225817][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  319.227250][ T7886] Call trace:
[  319.227748][ T7886]  dump_backtrace+0x1c0/0x1ec
[  319.228415][ T7886]  show_stack+0x2c/0x3c
[  319.229092][ T7886]  __dump_stack+0x30/0x40
[  319.229733][ T7886]  dump_stack_lvl+0xf4/0x15c
[  319.230405][ T7886]  dump_stack+0x1c/0x5c
[  319.231021][ T7886]  gfs2_withdraw+0xfa4/0x1390
[  319.231724][ T7886]  gfs2_consist_inode_i+0xf0/0x10c
[  319.232509][ T7886]  gfs2_inode_refresh+0x918/0xd64
[  319.233242][ T7886]  inode_go_instantiate+0x4c/0x68
[  319.233990][ T7886]  gfs2_instantiate+0x178/0x2b4
[  319.234661][ T7886]  gfs2_glock_wait+0x1b4/0x298
[  319.235345][ T7886]  gfs2_glock_nq+0x8bc/0x11c4
[  319.235969][ T7886]  do_sync+0x41c/0xaec
[  319.236561][ T7886]  gfs2_quota_sync+0x2cc/0x500
[  319.237283][ T7886]  gfs2_quotad+0x2d8/0x500
[  319.237947][ T7886]  kthread+0x250/0x2d8
[  319.238545][ T7886]  ret_from_fork+0x10/0x20
[  319.265619][ T4333] gfs2: fsid=syz:syz.0: warning: assertion "!qd->qd_change" failed at function = gfs2_quota_cleanup, file = fs/gfs2/quota.c, line = 1485
[  319.267900][ T4333] CPU: 1 PID: 4333 Comm: syz-executor Not tainted syzkaller #0
[  319.269013][ T4333] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  319.270493][ T4333] Call trace:
[  319.270994][ T4333]  dump_backtrace+0x1c0/0x1ec
[  319.271661][ T4333]  show_stack+0x2c/0x3c
[  319.272387][ T4333]  __dump_stack+0x30/0x40
[  319.273071][ T4333]  dump_stack_lvl+0xf4/0x15c
[  319.273745][ T4333]  dump_stack+0x1c/0x5c
[  319.274351][ T4333]  gfs2_assert_warn_i+0x16c/0x26c
[  319.274726][ T8080] netlink: 'syz.5.1148': attribute type 13 has an invalid length.
[  319.275109][ T4333]  gfs2_quota_cleanup+0x464/0x668
[  319.277137][ T4333]  gfs2_put_super+0x1f0/0x760
[  319.277812][ T4333]  generic_shutdown_super+0x130/0x324
[  319.278627][ T4333]  kill_block_super+0x70/0xdc
[  319.279323][ T4333]  gfs2_kill_sb+0xc0/0xd4
[  319.279942][ T4333]  deactivate_locked_super+0xac/0x120
[  319.280741][ T4333]  deactivate_super+0xe4/0x104
[  319.281485][ T4333]  cleanup_mnt+0x390/0x418
[  319.282159][ T4333]  __cleanup_mnt+0x20/0x30
[  319.282880][ T4333]  task_work_run+0x1ec/0x278
[  319.283622][ T4333]  do_notify_resume+0x1fa0/0x2aa4
[  319.284441][ T4333]  el0_svc+0x98/0x128
[  319.285097][ T4333]  el0t_64_sync_handler+0x84/0xf0
[  319.285849][ T4333]  el0t_64_sync+0x18c/0x190
[  319.319676][ T8082] device ipvlan2 entered promiscuous mode
[  319.443307][ T8093] loop2: detected capacity change from 0 to 512
[  319.458387][ T8093] EXT4-fs: Ignoring removed oldalloc option
[  319.463781][ T8093] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  319.482071][ T8093] EXT4-fs error (device loop2): ext4_orphan_get:1399: inode #15: comm syz.2.1075: inode has both inline data and extents flags
[  320.254609][ T8093] EXT4-fs error (device loop2): ext4_orphan_get:1404: comm syz.2.1075: couldn't read orphan inode 15 (err -117)
[  320.267333][ T8093] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  320.331787][ T4333] EXT4-fs (loop2): unmounting filesystem.
[  320.338591][ T8103] device syzkaller1 entered promiscuous mode
[  320.624800][ T8115] netlink: 'syz.4.1161': attribute type 13 has an invalid length.
[  320.665851][ T8121] loop1: detected capacity change from 0 to 512
[  320.679109][ T8121] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  320.752303][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  320.955682][ T8145] device syzkaller1 entered promiscuous mode
[  321.114721][ T8152] netlink: 'syz.4.1175': attribute type 13 has an invalid length.
[  321.203875][ T8156] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1177'.
[  321.205378][ T8156] (unnamed net_device) (uninitialized): Unable to set up delay as MII monitoring is disabled
[  321.378248][ T8170] loop4: detected capacity change from 0 to 512
[  321.385575][ T8170] EXT4-fs: Ignoring removed oldalloc option
[  321.386582][ T8170] EXT4-fs: quotafile must be on filesystem root
[  321.418891][ T8172] device syzkaller1 entered promiscuous mode
[  321.486186][ T8174] netlink: 'syz.3.1186': attribute type 13 has an invalid length.
[  321.513439][ T8178] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1188'.
[  321.515014][ T8178] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1188'.
[  321.534785][ T8178] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1188'.
[  321.536426][ T8178] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1188'.
[  321.767406][   T27] audit: type=1326 audit(321.750:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.771864][   T27] audit: type=1326 audit(321.760:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.778532][   T27] audit: type=1326 audit(321.760:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.790785][ T8192] loop5: detected capacity change from 0 to 32768
[  321.791031][   T27] audit: type=1326 audit(321.760:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.804555][   T27] audit: type=1326 audit(321.760:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.809220][   T27] audit: type=1326 audit(321.760:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=25 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.817279][   T27] audit: type=1326 audit(321.760:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.825426][   T27] audit: type=1326 audit(321.760:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8196 comm="syz.4.1196" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8cb77ee8 code=0x7ffc0000
[  321.833218][ T8199] loop4: detected capacity change from 0 to 128
[  321.923569][ T8202] netlink: 'syz.4.1199': attribute type 13 has an invalid length.
[  322.072531][ T8211] device syzkaller1 entered promiscuous mode
[  322.455366][ T8233] netlink: 'syz.1.1211': attribute type 13 has an invalid length.
[  323.737923][ T8255] device syzkaller1 entered promiscuous mode
[  323.818278][ T8260] netlink: 'syz.5.1222': attribute type 13 has an invalid length.
[  323.854604][ T8263] loop2: detected capacity change from 0 to 2048
[  323.921175][ T8263] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  324.040115][ T8269] loop1: detected capacity change from 0 to 40427
[  324.043835][ T8269] F2FS-fs (loop1): invalid crc value
[  324.048118][ T8269] F2FS-fs (loop1): Found nat_bits in checkpoint
[  324.140159][ T8280] device syzkaller1 entered promiscuous mode
[  324.146153][ T8269] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  324.149750][ T8281] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  324.163913][ T8281] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 960 with error 28
[  324.165800][ T8281] EXT4-fs (loop2): This should not happen!! Data will be lost
[  324.165800][ T8281] 
[  324.167137][ T8281] EXT4-fs (loop2): Total free blocks count 0
[  324.168018][ T8281] EXT4-fs (loop2): Free/Dirty block details
[  324.169859][ T8281] EXT4-fs (loop2): free_blocks=2415919104
[  324.171383][ T8281] EXT4-fs (loop2): dirty_blocks=960
[  324.172200][ T8281] EXT4-fs (loop2): Block reservation details
[  324.173127][ T8281] EXT4-fs (loop2): i_reserved_data_blocks=60
[  324.455661][ T4321] syz-executor: attempt to access beyond end of device
[  324.455661][ T4321] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  324.714227][ T6783] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 960 with max blocks 2048 with error 28
[  324.752653][ T8297] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  324.756366][ T8297] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  324.836714][ T8301] netlink: 'syz.2.1234': attribute type 13 has an invalid length.
[  324.944014][ T8305] device syzkaller1 entered promiscuous mode
[  325.143155][ T8318] device syzkaller1 entered promiscuous mode
[  325.567704][ T8322] device syzkaller0 entered promiscuous mode
[  326.006559][ T8341] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  326.007997][ T8341] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  336.632225][ T8337] netlink: 76 bytes leftover after parsing attributes in process `syz.4.1249'.
[  336.639539][ T8340] device gretap0 left promiscuous mode
[  336.640618][ T8340] bridge0: port 3(gretap0) entered disabled state
[  336.671502][ T8340] device bridge_slave_0 left promiscuous mode
[  336.672578][ T8340] bridge0: port 1(bridge_slave_0) entered disabled state
[  336.714734][ T8340] device bridge_slave_1 left promiscuous mode
[  336.715859][ T8340] bridge0: port 2(bridge_slave_1) entered disabled state
[  336.733381][ T8359] loop1: detected capacity change from 0 to 512
[  336.735189][ T8359] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  336.763431][ T8340] bond0: (slave bond_slave_0): Releasing backup interface
[  336.771914][ T8359] EXT4-fs (loop1): 1 truncate cleaned up
[  336.772804][ T8359] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: writeback.
[  336.803242][ T8340] bond0: (slave bond_slave_1): Releasing backup interface
[  336.840850][ T8367] trusted_key: encrypted_key: insufficient parameters specified
[  336.844672][ T4321] EXT4-fs (loop1): unmounting filesystem.
[  336.854728][ T8340] team0: Port device team_slave_0 removed
[  336.856859][ T8340] team0: Port device team_slave_1 removed
[  336.857950][ T8340] batman_adv: batadv0: Removing interface: batadv_slave_0
[  336.863631][ T8340] batman_adv: batadv0: Removing interface: batadv_slave_1
[  336.869612][ T8363] device syzkaller1 entered promiscuous mode
[  337.114185][ T8388] loop1: detected capacity change from 0 to 22
[  337.125209][ T8388] MTD: Attempt to mount non-MTD device "/dev/loop1"
[  337.134343][ T8388] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  337.975548][ T8397] netlink: 76 bytes leftover after parsing attributes in process `syz.2.1264'.
[  338.079066][ T8400] device syzkaller0 entered promiscuous mode
[  338.150254][ T8406] loop5: detected capacity change from 0 to 64
[  338.309888][ T8415] device syzkaller1 entered promiscuous mode
[  338.330011][ T8408] loop5: detected capacity change from 0 to 32768
[  338.337588][ T8408] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 scanned by syz.5.1269 (8408)
[  338.349791][ T8408] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  338.352641][ T8408] BTRFS info (device loop5): using sha256 (sha256-ce) checksum algorithm
[  338.353927][ T8408] BTRFS info (device loop5): using free space tree
[  338.469528][ T8408] BTRFS info (device loop5): enabling ssd optimizations
[  338.503216][ T6674] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  338.982245][ T8452] netlink: 76 bytes leftover after parsing attributes in process `syz.5.1276'.
[  339.034787][ T8458] loop5: detected capacity change from 0 to 64
[  339.085756][ T8461] device syzkaller0 entered promiscuous mode
[  339.279127][ T8471] loop4: detected capacity change from 0 to 512
[  339.291134][ T8471] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  339.317624][ T8471] EXT4-fs (loop4): 1 truncate cleaned up
[  339.318560][ T8471] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  339.333713][ T8479] device syzkaller1 entered promiscuous mode
[  339.400497][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  339.419289][ T8485] loop4: detected capacity change from 0 to 64
[  339.437809][ T8485] hfs: request for non-existent node 131072 in B*Tree
[  339.443295][ T8485] hfs: request for non-existent node 131072 in B*Tree
[  339.544212][ T8493] device syzkaller0 entered promiscuous mode
[  339.816753][ T8511] netlink: 'syz.4.1300': attribute type 13 has an invalid length.
[  339.861551][ T8517] loop2: detected capacity change from 0 to 64
[  339.875168][ T8517] hfs: request for non-existent node 131072 in B*Tree
[  339.876261][ T8517] hfs: request for non-existent node 131072 in B*Tree
[  339.938112][ T8523] device syzkaller1 entered promiscuous mode
[  340.128440][ T8530] VFS: Can't find a Minix filesystem V1 | V2 | V3 on device nullb0.
[  340.563093][ T8536] device syzkaller0 entered promiscuous mode
[  340.723047][ T8545] netlink: 'syz.5.1313': attribute type 13 has an invalid length.
[  340.819411][ T8559] loop4: detected capacity change from 0 to 64
[  340.854059][ T8559] hfs: request for non-existent node 131072 in B*Tree
[  340.855225][ T8559] hfs: request for non-existent node 131072 in B*Tree
[  341.417123][ T8584] netlink: 'syz.1.1325': attribute type 13 has an invalid length.
[  341.468200][ T8588] device syzkaller0 entered promiscuous mode
[  341.734443][ T8608] loop2: detected capacity change from 0 to 256
[  341.741650][ T8608] FAT-fs (loop2): Directory bread(block 64) failed
[  341.742746][ T8608] FAT-fs (loop2): Directory bread(block 65) failed
[  341.743842][ T8608] FAT-fs (loop2): Directory bread(block 66) failed
[  341.744823][ T8608] FAT-fs (loop2): Directory bread(block 67) failed
[  341.745835][ T8608] FAT-fs (loop2): Directory bread(block 68) failed
[  341.746821][ T8608] FAT-fs (loop2): Directory bread(block 69) failed
[  341.747871][ T8608] FAT-fs (loop2): Directory bread(block 70) failed
[  341.748852][ T8608] FAT-fs (loop2): Directory bread(block 71) failed
[  341.749892][ T8608] FAT-fs (loop2): Directory bread(block 72) failed
[  341.750955][ T8608] FAT-fs (loop2): Directory bread(block 73) failed
[  341.898738][ T8611] serio: Serial port ptm0
[  343.579050][ T8634] netlink: 'syz.2.1343': attribute type 13 has an invalid length.
[  344.168042][ T8644] device syzkaller0 entered promiscuous mode
[  344.310588][ T8655] loop1: detected capacity change from 0 to 256
[  344.317819][ T8655] FAT-fs (loop1): Directory bread(block 64) failed
[  344.318919][ T8655] FAT-fs (loop1): Directory bread(block 65) failed
[  344.320012][ T8655] FAT-fs (loop1): Directory bread(block 66) failed
[  344.321040][ T8655] FAT-fs (loop1): Directory bread(block 67) failed
[  344.322090][ T8655] FAT-fs (loop1): Directory bread(block 68) failed
[  344.323088][ T8655] FAT-fs (loop1): Directory bread(block 69) failed
[  344.324022][ T8655] FAT-fs (loop1): Directory bread(block 70) failed
[  344.324962][ T8655] FAT-fs (loop1): Directory bread(block 71) failed
[  344.325932][ T8655] FAT-fs (loop1): Directory bread(block 72) failed
[  344.326878][ T8655] FAT-fs (loop1): Directory bread(block 73) failed
[  344.376832][ T8658] loop4: detected capacity change from 0 to 64
[  344.504095][ T8667] netlink: 'syz.4.1354': attribute type 13 has an invalid length.
[  345.467750][ T8682] device syzkaller0 entered promiscuous mode
[  345.788067][ T8691] loop5: detected capacity change from 0 to 512
[  345.789874][ T8691] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  345.826532][ T8694] loop4: detected capacity change from 0 to 256
[  345.827447][ T8691] EXT4-fs (loop5): 1 truncate cleaned up
[  345.828514][ T8691] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  345.843616][ T8694] FAT-fs (loop4): Directory bread(block 64) failed
[  345.844694][ T8694] FAT-fs (loop4): Directory bread(block 65) failed
[  345.845677][ T8694] FAT-fs (loop4): Directory bread(block 66) failed
[  345.846657][ T8694] FAT-fs (loop4): Directory bread(block 67) failed
[  345.847629][ T8694] FAT-fs (loop4): Directory bread(block 68) failed
[  345.848677][ T8694] FAT-fs (loop4): Directory bread(block 69) failed
[  345.849659][ T8694] FAT-fs (loop4): Directory bread(block 70) failed
[  345.850684][ T8694] FAT-fs (loop4): Directory bread(block 71) failed
[  345.851725][ T8694] FAT-fs (loop4): Directory bread(block 72) failed
[  345.852751][ T8694] FAT-fs (loop4): Directory bread(block 73) failed
[  345.914643][ T8703] loop2: detected capacity change from 0 to 64
[  345.919434][ T6674] EXT4-fs (loop5): unmounting filesystem.
[  345.967666][ T8711] netlink: 'syz.5.1367': attribute type 13 has an invalid length.
[  346.165195][ T8726] loop4: detected capacity change from 0 to 512
[  346.169111][ T8726] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  346.179283][ T8726] EXT4-fs (loop4): 1 truncate cleaned up
[  346.180476][ T8726] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  346.212207][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  347.029775][ T8735] loop4: detected capacity change from 0 to 256
[  347.036815][ T8735] FAT-fs (loop4): Directory bread(block 64) failed
[  347.037850][ T8735] FAT-fs (loop4): Directory bread(block 65) failed
[  347.038839][ T8735] FAT-fs (loop4): Directory bread(block 66) failed
[  347.039848][ T8735] FAT-fs (loop4): Directory bread(block 67) failed
[  347.040824][ T8735] FAT-fs (loop4): Directory bread(block 68) failed
[  347.041712][ T8735] FAT-fs (loop4): Directory bread(block 69) failed
[  347.042754][ T8735] FAT-fs (loop4): Directory bread(block 70) failed
[  347.043748][ T8735] FAT-fs (loop4): Directory bread(block 71) failed
[  347.044737][ T8735] FAT-fs (loop4): Directory bread(block 72) failed
[  347.045673][ T8735] FAT-fs (loop4): Directory bread(block 73) failed
[  347.306538][ T8745] netlink: 'syz.4.1385': attribute type 13 has an invalid length.
[  347.309105][ T8725] loop2: detected capacity change from 0 to 32768
[  347.343320][ T8748] loop5: detected capacity change from 0 to 2048
[  347.349688][ T8725] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.1378 (8725)
[  347.372139][ T8725] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  347.374963][ T8725] BTRFS info (device loop2): using sha256 (sha256-ce) checksum algorithm
[  347.376441][ T8725] BTRFS info (device loop2): using free space tree
[  347.413078][ T8748] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  347.419715][ T8748] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1113: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  347.509393][ T6674] EXT4-fs (loop5): unmounting filesystem.
[  347.545977][ T8776] loop5: detected capacity change from 0 to 256
[  347.553056][ T8776] FAT-fs (loop5): Directory bread(block 64) failed
[  347.554153][ T8776] FAT-fs (loop5): Directory bread(block 65) failed
[  347.555222][ T8776] FAT-fs (loop5): Directory bread(block 66) failed
[  347.556297][ T8776] FAT-fs (loop5): Directory bread(block 67) failed
[  347.557360][ T8776] FAT-fs (loop5): Directory bread(block 68) failed
[  347.558350][ T8776] FAT-fs (loop5): Directory bread(block 69) failed
[  347.559355][ T8776] FAT-fs (loop5): Directory bread(block 70) failed
[  347.560455][ T8776] FAT-fs (loop5): Directory bread(block 71) failed
[  347.561478][ T8776] FAT-fs (loop5): Directory bread(block 72) failed
[  347.562547][ T8776] FAT-fs (loop5): Directory bread(block 73) failed
[  347.623018][ T8725] BTRFS info (device loop2): enabling ssd optimizations
[  347.632981][ T8725] overlayfs: missing 'workdir'
[  347.731802][ T4333] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  348.121441][ T8351] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop2 scanned by udevd (8351)
[  349.359525][ T8826] loop3: detected capacity change from 0 to 256
[  349.369530][ T8826] FAT-fs (loop3): Directory bread(block 64) failed
[  349.370579][ T8826] FAT-fs (loop3): Directory bread(block 65) failed
[  349.371602][ T8826] FAT-fs (loop3): Directory bread(block 66) failed
[  349.372630][ T8826] FAT-fs (loop3): Directory bread(block 67) failed
[  349.373672][ T8826] FAT-fs (loop3): Directory bread(block 68) failed
[  349.374684][ T8826] FAT-fs (loop3): Directory bread(block 69) failed
[  349.375690][ T8826] FAT-fs (loop3): Directory bread(block 70) failed
[  349.376716][ T8826] FAT-fs (loop3): Directory bread(block 71) failed
[  349.377742][ T8826] FAT-fs (loop3): Directory bread(block 72) failed
[  349.378872][ T8826] FAT-fs (loop3): Directory bread(block 73) failed
[  349.383949][ T7886] ==================================================================
[  349.385140][ T7886] BUG: KASAN: use-after-free in __lock_acquire+0x104/0x6800
[  349.386314][ T7886] Read of size 8 at addr ffff0000ce85cbb0 by task gfs2_quotad/7886
[  349.387507][ T7886] 
[  349.387910][ T7886] CPU: 1 PID: 7886 Comm: gfs2_quotad Not tainted syzkaller #0
[  349.388990][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  349.390429][ T7886] Call trace:
[  349.390915][ T7886]  dump_backtrace+0x1c0/0x1ec
[  349.391559][ T7886]  show_stack+0x2c/0x3c
[  349.392185][ T7886]  __dump_stack+0x30/0x40
[  349.392787][ T7886]  dump_stack_lvl+0xf4/0x15c
[  349.393456][ T7886]  print_address_description+0x88/0x218
[  349.394194][ T7886]  print_report+0x50/0x68
[  349.394846][ T7886]  kasan_report+0xa8/0xfc
[  349.395529][ T7886]  __asan_report_load8_noabort+0x2c/0x38
[  349.396329][ T7886]  __lock_acquire+0x104/0x6800
[  349.396977][ T7886]  lock_acquire+0x20c/0x63c
[  349.397607][ T7886]  _raw_spin_lock_irqsave+0x6c/0xb0
[  349.398416][ T7886]  finish_wait+0xc8/0x1ac
[  349.399051][ T7886]  gfs2_quotad+0x390/0x500
[  349.399697][ T7886]  kthread+0x250/0x2d8
[  349.400286][ T7886]  ret_from_fork+0x10/0x20
[  349.400727][ T8823] loop1: detected capacity change from 0 to 2048
[  349.400909][ T7886] 
[  349.400914][ T7886] Allocated by task 8483:
[  349.402950][ T7886]  kasan_set_track+0x4c/0x80
[  349.403601][ T7886]  kasan_save_alloc_info+0x24/0x30
[  349.404309][ T7886]  __kasan_kmalloc+0xa0/0xb8
[  349.404999][ T7886]  __kmalloc_node_track_caller+0xe0/0x16c
[  349.405844][ T7886]  __alloc_skb+0x264/0x714
[  349.406522][ T7886]  netlink_dump+0x160/0xb18
[  349.407150][ T7886]  netlink_recvmsg+0x504/0xae0
[  349.407854][ T7886]  ____sys_recvmsg+0x678/0x768
[  349.408494][ T7886]  do_recvmmsg+0x388/0xa0c
[  349.409162][ T7886]  __arm64_sys_recvmmsg+0x19c/0x23c
[  349.409954][ T7886]  invoke_syscall+0x98/0x2b4
[  349.410600][ T7886]  el0_svc_common+0x138/0x258
[  349.411277][ T7886]  do_el0_svc+0x58/0x130
[  349.411947][ T7886]  el0_svc+0x58/0x128
[  349.412559][ T7886]  el0t_64_sync_handler+0x84/0xf0
[  349.413295][ T7886]  el0t_64_sync+0x18c/0x190
[  349.413921][ T7886] 
[  349.414258][ T7886] The buggy address belongs to the object at ffff0000ce85c000
[  349.414258][ T7886]  which belongs to the cache kmalloc-8k of size 8192
[  349.416217][ T7886] The buggy address is located 2992 bytes inside of
[  349.416217][ T7886]  8192-byte region [ffff0000ce85c000, ffff0000ce85e000)
[  349.418174][ T7886] 
[  349.418520][ T7886] The buggy address belongs to the physical page:
[  349.419484][ T7886] page:0000000039aeca61 refcount:1 mapcount:0 mapping:0000000000000000 index:0xffff0000ce85c000 pfn:0x10e858
[  349.421179][ T7886] head:0000000039aeca61 order:3 compound_mapcount:0 compound_pincount:0
[  349.422355][ T7886] flags: 0x5ffc00000010200(slab|head|node=0|zone=2|lastcpupid=0x7ff)
[  349.423546][ T7886] raw: 05ffc00000010200 fffffc0003717008 fffffc0003567808 ffff0000c0002c00
[  349.424757][ T7886] raw: ffff0000ce85c000 0000000000020001 00000001ffffffff 0000000000000000
[  349.425983][ T7886] page dumped because: kasan: bad access detected
[  349.426941][ T7886] 
[  349.427295][ T7886] Memory state around the buggy address:
[  349.428059][ T7886]  ffff0000ce85ca80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.429158][ T7886]  ffff0000ce85cb00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.430314][ T7886] >ffff0000ce85cb80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.431539][ T7886]                                      ^
[  349.432301][ T7886]  ffff0000ce85cc00: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.433462][ T7886]  ffff0000ce85cc80: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb
[  349.434657][ T7886] ==================================================================
[  349.435829][ T7886] Disabling lock debugging due to kernel taint
[  349.436741][ T7886] INFO: trying to register non-static key.
[  349.437567][ T7886] The code is fine but needs lockdep annotation, or maybe
[  349.438524][ T7886] you didn't initialize this object before use?
[  349.439377][ T7886] turning off the locking correctness validator.
[  349.440266][ T7886] CPU: 1 PID: 7886 Comm: gfs2_quotad Tainted: G    B              syzkaller #0
[  349.441508][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  349.442986][ T7886] Call trace:
[  349.443511][ T7886]  dump_backtrace+0x1c0/0x1ec
[  349.444190][ T7886]  show_stack+0x2c/0x3c
[  349.444773][ T7886]  __dump_stack+0x30/0x40
[  349.445369][ T7886]  dump_stack_lvl+0xf4/0x15c
[  349.446086][ T7886]  dump_stack+0x1c/0x5c
[  349.446735][ T7886]  assign_lock_key+0x230/0x264
[  349.447461][ T7886]  register_lock_class+0x1ac/0x694
[  349.448220][ T7886]  __lock_acquire+0x164/0x6800
[  349.448931][ T7886]  lock_acquire+0x20c/0x63c
[  349.449647][ T7886]  _raw_spin_lock_irqsave+0x6c/0xb0
[  349.450429][ T7886]  finish_wait+0xc8/0x1ac
[  349.451050][ T7886]  gfs2_quotad+0x390/0x500
[  349.451683][ T7886]  kthread+0x250/0x2d8
[  349.452301][ T7886]  ret_from_fork+0x10/0x20
[  349.452925][ T7886] list_del corruption. prev->next should be ffff800021a57d98, but was 0000000000000000. (prev=ffff0000ce85cbd8)
[  349.454793][ T7886] ------------[ cut here ]------------
[  349.455605][ T7886] kernel BUG at lib/list_debug.c:61!
[  349.456407][ T7886] Internal error: Oops - BUG: 00000000f2000800 [#1] PREEMPT SMP
[  349.457572][ T7886] Modules linked in:
[  349.458158][ T7886] CPU: 1 PID: 7886 Comm: gfs2_quotad Tainted: G    B              syzkaller #0
[  349.459414][ T7886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  349.460882][ T7886] pstate: 624000c5 (nZCv daIF +PAN -UAO +TCO -DIT -SSBS BTYPE=--)
[  349.462120][ T7886] pc : __list_del_entry_valid+0x13c/0x158
[  349.462943][ T7886] lr : __list_del_entry_valid+0x13c/0x158
[  349.463826][ T7886] sp : ffff800021a57c70
[  349.464630][ T7886] x29: ffff800021a57c70 x28: 0000000000000000 x27: 0000000000000bb8
[  349.465809][ T7886] x26: 0000000000001770 x25: dfff800000000000 x24: dfff800000000000
[  349.466941][ T7886] x23: ffff0000ce85c7c0 x22: dfff800000000000 x21: ffff0000ce85cbd8
[  349.468081][ T7886] x20: ffff0000ce85cbd8 x19: ffff800021a57d98 x18: ffff800011b8bf60
[  349.469262][ T7886] x17: 20747562202c3839 x16: ffff8000082ef028 x15: 0000000000000000
[  349.470498][ T7886] x14: 0000000000000001 x13: 1ffff0000434aee4 x12: 0000000000ff0100
[  349.471666][ T7886] x11: ff00800008311710 x10: 0000000000000000 x9 : ea0c2f65143f8500
[  349.472865][ T7886] x8 : ea0c2f65143f8500 x7 : 0000000000000001 x6 : 0000000000000001
[  349.474005][ T7886] x5 : ffff800021a57738 x4 : ffff8000152f4cc0 x3 : ffff800008319720
[  349.475233][ T7886] x2 : 0000000000000001 x1 : 0000000100000001 x0 : 000000000000006d
[  349.476439][ T7886] Call trace:
[  349.476984][ T7886]  __list_del_entry_valid+0x13c/0x158
[  349.477792][ T7886]  finish_wait+0xd4/0x1ac
[  349.478475][ T7886]  gfs2_quotad+0x390/0x500
[  349.479133][ T7886]  kthread+0x250/0x2d8
[  349.479717][ T7886]  ret_from_fork+0x10/0x20
[  349.480406][ T7886] Code: 912d0000 aa1303e1 aa1503e3 95c1b7e6 (d4210000) 
[  349.481392][ T7886] ---[ end trace 0000000000000000 ]---
[  349.815919][ T7886] Kernel panic - not syncing: Oops - BUG: Fatal exception
[  349.817007][ T7886] SMP: stopping secondary CPUs
[  349.817685][ T7886] Kernel Offset: disabled
[  349.818315][ T7886] CPU features: 0x080000,000f0097,a65bfea7
[  349.819231][ T7886] Memory Limit: none
[  350.167076][ T7886] Rebooting in 86400 seconds..