last executing test programs:

2m11.740262064s ago: executing program 3 (id=120):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x1, &(0x7f0000000100)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c02600004100070100000000ff000000017c000004"], 0x26c0}}, 0x4c000)
syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I3GccBvD3Lh6BZMiSKUuTFDKULAkZc0MS7i4JFo5TF7soKCLedIJw0qOCDnqD4g3i6CLCLVYnzxucFIXORRwsgoNLiy6Ci1esb6EU+wd7LQ18PvDjy/vyvO/DO9x4gU9aMvzUarUSIYTW3ZsTE39yuqeeyX54nH9T6A4hEVohhJGvPv/lnkRM/Hrr07g+jOvlpXvNmbP3qfpB1/mzvu1q8jdtV9/9lUZPWx7Iv2o1vfNgcqqUmy2nh/dzlePp77/78tvTTKHRWa2tfUy9G4i53Tg74hwN5TAeRkJ/KIZiGAylNvUv1o9eXD7K1TeGXl9km3NbL2Mu/w/f+Xf7x57M99Yqb5+vP1x4Vd7cK5zcuc4V/+DXBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8tqeufB5FQpN1tOD+/nksfTYyGE00yh0VmtrX1MvRuIud04O+IcDeUwHkZCfyiGRBgMpbb0V44X60cvLh/l6htDry+yzbmtlzGX//3BjlsW/kX/2JP53lrl7fP1hwuvypt7hZM717ni3fb0AQAAAAAAAAAAAAAAAAAAwE0y2Q+P828K3d/E9Rc/fp28mq34f/fP4v7TOA/j/vLSvebM2ftU/aDr/FnfdvWHuD8Rv/srjZ7/9CHcys8BAAD//4Mnkx8=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
syz_clone(0x2211000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)="d8b07da8a079e98f7663074742d57c4d12f7ca8dabf267b0617ef36c3f0682b946f2270ab4edbe20facf6f1d6052d5fe92744ca46439ef57")
r2 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000900d0000000000000600000000000010fa5e413f0000001b9b363669cdee2b715768ee778653002b6a8727e77b6de2b93ee79ce0efff4f37c7ce502a823f634d41090ec476b29b86ff2f9001a9a5a2c994c5c798dcd77c9a8d0081291511725147cb354499e99e720389b5f866575a29d6b0a82fa3289ceec3f2a94b1fe4396f003269666a9bb744c6259f862c1a3dca9e3e6f77dac7d4d4b6"])
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r6, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000340), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011}})

2m10.430344045s ago: executing program 3 (id=123):
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$batadv(&(0x7f0000000180), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
syz_open_dev$sndmidi(0x0, 0x2, 0x151102)
timer_create(0x0, 0x0, 0x0)
socket$l2tp6(0xa, 0x2, 0x73)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xa8f94000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01030000000000000000010000000900010073797a300000000040000000030a01020000000000000000010000000900030073797a32000000001400048008000240326565a708000140000000000900010073797a300000000048000000060a010400000000000000000100000008000b40000000000900010073797a3000000000200004801c0001800b00010072656a65637400000c0002800800014000000001140000001100"], 0xd0}}, 0x0)

2m9.079093006s ago: executing program 3 (id=125):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000580)=ANY=[], 0x54}, 0x1, 0x0, 0x0, 0x4810}, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x1, &(0x7f0000000100)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], &(0x7f0000000000)='GPL\x00', 0x2, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x26c0}}, 0x4c000)
syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I3GccBvD3Lh6BZMiSKUuTFDKULAkZc0MS7i4JFo5TF7soKCLedIJw0qOCDnqD4g3i6CLCLVYnzxucFIXORRwsgoNLiy6Ci1esb6EU+wd7LQ18PvDjy/vyvO/DO9x4gU9aMvzUarUSIYTW3ZsTE39yuqeeyX54nH9T6A4hEVohhJGvPv/lnkRM/Hrr07g+jOvlpXvNmbP3qfpB1/mzvu1q8jdtV9/9lUZPWx7Iv2o1vfNgcqqUmy2nh/dzlePp77/78tvTTKHRWa2tfUy9G4i53Tg74hwN5TAeRkJ/KIZiGAylNvUv1o9eXD7K1TeGXl9km3NbL2Mu/w/f+Xf7x57M99Yqb5+vP1x4Vd7cK5zcuc4V/+DXBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8tqeufB5FQpN1tOD+/nksfTYyGE00yh0VmtrX1MvRuIud04O+IcDeUwHkZCfyiGRBgMpbb0V44X60cvLh/l6htDry+yzbmtlzGX//3BjlsW/kX/2JP53lrl7fP1hwuvypt7hZM717ni3fb0AQAAAAAAAAAAAAAAAAAAwE0y2Q+P828K3d/E9Rc/fp28mq34f/fP4v7TOA/j/vLSvebM2ftU/aDr/FnfdvWHuD8Rv/srjZ7/9CHcys8BAAD//4Mnkx8=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140))
syz_clone(0x2211000, 0x0, 0x0, 0x0, 0x0, 0x0)
r2 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000900d0000000000000600000000000010fa5e413f0000001b9b363669cdee2b715768ee778653002b6a8727e77b6de2b93ee79ce0efff4f37c7ce502a823f634d41090ec476b29b86ff2f9001a9a5a2c994c5c798dcd77c9a8d0081291511725147cb354499e99e720389b5f866575a29d6b0a82fa3289ceec3f2a94b1fe4396f003269666a9bb744c6259f862c1a3dca9e3e6f77dac7d4d4b6"])
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r6, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000340), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011}})

2m6.655884663s ago: executing program 3 (id=129):
r0 = syz_mount_image$hfsplus(&(0x7f0000000180), &(0x7f0000000100)='./file1\x00', 0x0, &(0x7f0000000040)=ANY=[@ANYRES32=0x0], 0x91, 0x6f2, &(0x7f0000001f80)="$eJzs3U9sHFcdB/DvrNd/NpVct03/IFWqaaWCiGjjWC6ESwNCKEgVqoIEXK3Gaaxs0uC4KO2BOIDElQNXpHIIFziBEBISUqRyhluBk8WpEhKXntIeGDSzs/ba2Y3tuLEd+Hyi8bw3b+fNb347+2Z2lNUE+L919kTat9PJ2ROvXa/q67fmu+u35i/3yq1ukskkraTdm6W4khTvJ2fSm/KZamHTXTFqOz9fPn3ug4/WP+zV2tnsr/rTGR1gezd7sdZMmU0y1sz3YUt/b9xff5ObxWIjM1XCXugnLsnE/uKE/RlPUm7x/ac2W4YpxwYqIz/vwMOj6J03B/Q+/zPJsSRT/RPaWq+xdfAR7mhPY9Hag4sDAAAAjoxH79xIrmf6sOMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAh0nz/P+imVr98myK/vP/JwaesT9xyOGOdu/IpvqF262DCAYAAAAAAAAAHqzn7uTX58pyul8vi7S+M9ZUOs387VzLUjt5KdezmNWsZiVzyfhgRxPXF1dXV+byfF07/klZlnmkt2ZWtqx5KsnMXWue2mXAnX3uMAAAAAAAAAD8b3l1YbKe/yhnM33YwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKAiGevN6ul4vzyTVjvJVJKJ6nVryV/75YfZ7cMOAAAAAA7Ao3dyJ9cz3a+XRf2d/6n6e/9U3s6VrGY5q+lmKefrewG9b/2t9Vvz3fVb85er6e5+v/rvzfLvpncMo+4xvXsPw7f8TP2KTi5kuV7yUt7IW+nmfFr1mpVn+vEMj+tmFVPxak9ZZnI3CTpfJWWsdxfkZ83dkKNhps7I+EZGTlaxFb08PnbvTAy+O/expbm0Nu78HB+9pXa/0M/5q/fcSvGfsuyVjvWXJI98c+ecj+9pZ+7L35r59kycGjj6nrp3zpPP/f43373YvXLpYrF24ugcRsM8N3zx5D/771A/Ez1rWcp8WvXdwcrTu87EhWtHPBMjtbfUWnlyo3w238i3cyKzeT0rWc4PspjVLGX25tfr0mJzPFd/Z7ZnqrWl2zNbaq/vFNNE876MbYvps4/25kNiSj+m5+t1p7Ocb+WtnM9SXqn/ncpcvpSFLOT0wLH+5C5G2taQT/0fRgf/wuebQifJT5v50VDl9bEqr3Vit465M3Xb4JJWyubM8vgezkf3Hhv7Nk9Z1Tvx44HP4OHbyMRUNs4S/eie6GdgfGgmflkPK9e6Vy6tXFy8uq3fYm349l7M1t0/OgNJdbw8vjFGbD06qrYnhrbN1W3HN9pa29t+1dlo2+mTOtFcw93d06m67ekkv2iirdoq1RhetT0zsF51vTVVt31SlmXvemurXV1EAXCwjn3h2ETnX52/dN7r/KRzsfPa1Ncmvzz57ETG/zz+lfbJsRdbzxa/zXv5YXb+hg4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOzo2jvvXlrsdpdWthXKsrwxoumBFNJOtiz50x8HXlM/ayzJDv1c/kdvp7pLK9XsTCupm9ppCnsL7Mb97c7N+03C35v35EAS/qkUpkYeP9sLH5dleeAR9p/VtufVy8ZRyfN+C/1HZO1lrSGDxfce/HgEHJyXVy9fffnaO+9+cfny4ptLby5dOb2wcPrk6YVX5l++sNydOuzwgAeoPtfX1zmHHQkAAAAAAAAAAACwW7v7cU6xsaS9x18R+J+FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH6dPZH27RSZO/nSyaq+fmu+W0398uYrP07SSlLMJsX7yZn0pswMdFeM2s5acu6Dj9Y/7NXazVS/vrX/vVhrpswmGWvmQ0wNW1jeGNVfUfdzdXR/u1Q009jGkjP76g8+Jf8NAAD//6TIDQE=")
fsopen(0x0, 0x0)
openat(r0, 0x0, 0x0, 0xd1)
socket$inet_icmp_raw(0x2, 0x3, 0x1)
prctl$PR_GET_NAME(0x10, &(0x7f0000000040)=""/40)
syz_open_dev$vim2m(0x0, 0x800, 0x2)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
openat$vimc0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
syz_usb_control_io(0xffffffffffffffff, 0x0, 0x0)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_mount_image$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000140)='./file0/../file0\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101097, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x510, 0x0, 0x1b8, 0x428, 0x428, 0x2e0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x11, 0x0, 0x0, 0xa0}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xfffffffffffffffc}}, {{@uncond, 0x0, 0xa8, 0xd0}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x570)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000380)='./file0\x00', &(0x7f0000000300)='./file0\x00', 0x0, 0x2125099, 0x0)
r2 = getuid()
r3 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x2, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x4000}})
write$FUSE_INIT(r3, &(0x7f0000004200)={0x50, 0x0, 0x0, {0x7, 0x29, 0x0, 0xffffffff80802840, 0x0, 0x0, 0x0, 0x4000000, 0x0, 0x0, 0x4}}, 0x50)
syz_fuse_handle_req(r3, 0x0, 0x0, &(0x7f0000001240)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
lsetxattr$system_posix_acl(&(0x7f0000000040)='./file0\x00', &(0x7f0000000080)='system.posix_acl_access\x00', &(0x7f0000000100)={{}, {0x1, 0x2}, [{0x2, 0x6, r2}], {0x4, 0x4}, [{0x8, 0x4}], {}, {0x20, 0x3}}, 0x34, 0x2)
umount2(&(0x7f00000000c0)='./file0\x00', 0x9)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x3000, 0x7, &(0x7f0000ffb000/0x3000)=nil)
semget$private(0x0, 0x6, 0x0)
openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)

2m4.579108925s ago: executing program 3 (id=133):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f0000004dc0)={0x100000900, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$rdma_cm(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setregid(0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_usbip_server_init(0x3)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f91b23090987f70e06d038e7ff7fc6e5539b3264078b089b0c08384d090890e0878f0e1ac6e7049b334a959b4b9a240a5b67f3988f7ef319520100ffe8d178708c523c921b1b6d31310d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa17d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe2c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a605608057228652a449df466c63d36770243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1008892fd6b21ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928900d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b03000000cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f632a70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171608bdc00fbbd0385075465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c113d12a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571ebff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4804afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa34046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b08005f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d789364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c220300000007b3d5bd3b01faffd0a5dbed2881a970fbf561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000000000000000000000000000000000000000000000000000000000000000000ebffffffffffffff00", 0x1000}}, 0xffffffffffffff90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000004c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m3.023790218s ago: executing program 3 (id=135):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
write$FUSE_NOTIFY_RESEND(r0, &(0x7f00000043c0)={0x14}, 0x14)

2m2.28844434s ago: executing program 32 (id=135):
r0 = openat$cuse(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
read$FUSE(r0, &(0x7f0000000240)={0x2020}, 0x2020)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
write$FUSE_NOTIFY_RESEND(r0, &(0x7f00000043c0)={0x14}, 0x14)

16.810787732s ago: executing program 2 (id=299):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

15.435404403s ago: executing program 2 (id=302):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
msgget$private(0x0, 0x722)
msgsnd(0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX], 0x2000, 0x0)

15.338475794s ago: executing program 4 (id=303):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="05000000000000397c049d00000008000300", @ANYRES32, @ANYBLOB="33010e0080000300ffffffffffff0802"], 0x21c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe")
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000f9ffffff000000001100000018110000", @ANYRES32, @ANYBLOB="0000000000000060b7"], 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x4b, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000700)=ANY=[], 0x381, 0x2)

13.993531025s ago: executing program 2 (id=305):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])

13.399056264s ago: executing program 4 (id=306):
socket$inet(0x2, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x5, &(0x7f00000002c0)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_wireguard(0xffffffffffffffff, 0x8933, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r4 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r4, 0x0)
setpgid(0x0, r4)
bpf$OBJ_GET_MAP(0x7, &(0x7f00000003c0)=@generic={&(0x7f0000000440)='./file0/file0\x00'}, 0x18)
r5 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/power/resume', 0x149a82, 0x0)
add_key$fscrypt_v1(0x0, &(0x7f0000000080)={'fscrypt:', @desc2}, 0x0, 0x0, 0xffffffffffffffff)
add_key$fscrypt_v1(0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe)
sendmsg$NFULNL_MSG_CONFIG(r3, &(0x7f0000000340)={&(0x7f00000000c0)={0x10, 0x0, 0x0, 0x800}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4040000}, 0x0)
write$cgroup_int(r5, &(0x7f0000000040)=0x1c9, 0x12)
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r5, 0xc01864c6, &(0x7f0000000480)={&(0x7f0000000400)=[0x0, 0x0, 0x0, 0x0], 0x4, 0x80000})

11.952536546s ago: executing program 4 (id=308):
r0 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r0, 0x0, 0x9, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000f3ffffffff4f89bde08334ed692a002c08ff1a92d4a964b11e44b0576dba48baf8c1abdabe5d40d0257a7c9d2a4039228f68cc53760cda77df6304000000cb50cc290a32f42ad54a5308345972"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$unix(0x1, 0x1, 0x0)
pipe2$watch_queue(&(0x7f0000000040), 0x80)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x0)
dup(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'})
dup(0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000004050003000000000008000140000000092c00018008000100636d7000200002800c00038005000100ac000000080001400000000c08000240000000000900010073797a300000000014000000110001"], 0xf8}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

10.338814971s ago: executing program 4 (id=309):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="1801000000000000000000000000ea04850000005000000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10)
sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
r5 = syz_genetlink_get_family_id$tipc2(&(0x7f00000001c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_KEY_SET(r4, 0x0, 0x0)
sendmsg$TIPC_NL_BEARER_ADD(r3, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000080)={0x60, r5, 0x4c1dad3e3d6a7499, 0x70bd2d, 0x25dfdbfb, {}, [@TIPC_NLA_BEARER={0x4c, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_UDP_OPTS={0x38, 0x4, {{0x14, 0x1, @in={0x2, 0x4e20, @dev={0xac, 0x14, 0x14, 0x1d}}}, {0x20, 0x2, @in6={0xa, 0x4e23, 0x2, @private2, 0x5}}}}, @TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz2\x00'}]}]}, 0x60}, 0x1, 0x0, 0x0, 0x4000080}, 0x2400c000)
bpf$BPF_PROG_TEST_RUN(0x1c, &(0x7f00000005c0)={0xffffffffffffffff, 0x0, 0x24, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, 0xa)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f0000000d00)={0x0, <r6=>0x0}, 0x8)
r7 = bpf$LINK_GET_FD_BY_ID(0x1e, &(0x7f0000000000)=r6, 0x4)
bpf$BPF_LINK_UPDATE(0x1d, &(0x7f0000000040)={r7}, 0x10)
read$msr(0xffffffffffffffff, &(0x7f00000004c0)=""/137, 0x89)
r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0)
r9 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r9, &(0x7f0000000300)={0x26, 'hash\x00', 0x0, 0x0, 'streebog256\x00'}, 0x58)
accept4(r9, 0x0, 0x0, 0x800)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0)

9.425100875s ago: executing program 2 (id=311):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)

9.412668956s ago: executing program 0 (id=312):
pipe(0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r5 = socket(0x27, 0x3, 0x80000000)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000340)={r2, r1, 0x0, 0x1, &(0x7f00000000c0)='\x00'}, 0x30)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040))
r8 = timerfd_create(0x0, 0x0)
timerfd_settime(r8, 0x3, &(0x7f0000000440)={{0x0, 0x989680}}, 0x0)
close_range(r7, 0xffffffffffffffff, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000001a00), r5)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_TRAP_POLICER_GET(r6, 0x0, 0x48044)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_GET(0xffffffffffffffff, 0x0, 0x20000001)
syz_clone(0x101e, 0x0, 0x0, 0x0, 0x0, 0x0)
ioctl$F2FS_IOC_COMPRESS_FILE(r4, 0xf518, 0x0)
socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
creat(0x0, 0x114)

8.168329845s ago: executing program 0 (id=313):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x1, &(0x7f0000000100)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c02600004100070100000000ff000000017c00000400fc80a72601"], 0x26c0}}, 0x4c000)
syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I3GccBvD3Lh6BZMiSKUuTFDKULAkZc0MS7i4JFo5TF7soKCLedIJw0qOCDnqD4g3i6CLCLVYnzxucFIXORRwsgoNLiy6Ci1esb6EU+wd7LQ18PvDjy/vyvO/DO9x4gU9aMvzUarUSIYTW3ZsTE39yuqeeyX54nH9T6A4hEVohhJGvPv/lnkRM/Hrr07g+jOvlpXvNmbP3qfpB1/mzvu1q8jdtV9/9lUZPWx7Iv2o1vfNgcqqUmy2nh/dzlePp77/78tvTTKHRWa2tfUy9G4i53Tg74hwN5TAeRkJ/KIZiGAylNvUv1o9eXD7K1TeGXl9km3NbL2Mu/w/f+Xf7x57M99Yqb5+vP1x4Vd7cK5zcuc4V/+DXBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8tqeufB5FQpN1tOD+/nksfTYyGE00yh0VmtrX1MvRuIud04O+IcDeUwHkZCfyiGRBgMpbb0V44X60cvLh/l6htDry+yzbmtlzGX//3BjlsW/kX/2JP53lrl7fP1hwuvypt7hZM717ni3fb0AQAAAAAAAAAAAAAAAAAAwE0y2Q+P828K3d/E9Rc/fp28mq34f/fP4v7TOA/j/vLSvebM2ftU/aDr/FnfdvWHuD8Rv/srjZ7/9CHcys8BAAD//4Mnkx8=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
syz_clone(0x2211000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)="d8b07da8a079e98f7663074742d57c4d12f7ca8dabf267b0617ef36c3f0682b946f2270ab4edbe20facf6f1d6052d5fe92744ca46439ef57")
r2 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000900d0000000000000600000000000010fa5e413f0000001b9b363669cdee2b715768ee778653002b6a8727e77b6de2b93ee79ce0efff4f37c7ce502a823f634d41090ec476b29b86ff2f9001a9a5a2c994c5c798dcd77c9a8d0081291511725147cb354499e99e720389b5f866575a29d6b0a82fa3289ceec3f2a94b1fe4396f003269666a9bb744c6259f862c1a3dca9e3e6f77dac7d4d4b6"])
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r6, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000340), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011}})

8.168008034s ago: executing program 1 (id=314):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00', r0}, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
unshare(0x2c020400)
msgget$private(0x0, 0x722)
msgsnd(0x0, &(0x7f0000000400)=ANY=[@ANYRESHEX], 0x2000, 0x0)

7.650009483s ago: executing program 2 (id=315):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000700)=ANY=[@ANYBLOB="01000000040000000800"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
socket(0x1e, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(0x0, 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)
r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000f4751f2100000000002020207b1af8ff00000000bfa1", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb7"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000005c0)={&(0x7f0000000080)='kfree\x00', r5}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)

6.896540884s ago: executing program 1 (id=316):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000440), 0xffffffffffffffff)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x48802)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet_mptcp(0x2, 0x1, 0x106)
bind$inet(r3, &(0x7f0000000040)={0x2, 0x4e21, @multicast2}, 0x10)
connect$inet(r3, &(0x7f0000000080)={0x2, 0x4e21, @empty}, 0x10)
r4 = syz_genetlink_get_family_id$mptcp(&(0x7f0000003040), 0xffffffffffffffff)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r5, &(0x7f0000003180)={0x0, 0x0, &(0x7f0000003140)={&(0x7f0000003080)={0x28, r4, 0xe6e964277ae08d57, 0x70bd2a, 0x25dfdbfb, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @loopback}, @MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x8040000}, 0x90)

5.636948043s ago: executing program 1 (id=317):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
setsockopt$inet_tcp_TCP_REPAIR(0xffffffffffffffff, 0x6, 0x13, 0x0, 0x0)
bind$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x4e22, @local}, 0x10)
syz_emit_ethernet(0x36, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYRES32=0x41424344, @ANYRESOCT=r0, @ANYRESDEC], 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
syz_mount_image$ocfs2(&(0x7f0000004440), &(0x7f0000000240)='./file1\x00', 0x8c0, &(0x7f0000000100)=ANY=[@ANYBLOB="61636c2c6865617274626561743d6e6f6e652c6572726f72733d72656d6f756e742d726f2c636f686572656e63793d66756c6c2c636f686572656e63793d66756c6c2c6c6f63616c666c6f636b732c696e74722c6e6f61636c2c001967b9b8a6cdd636d75428f2c5e8054d01858eef552755576e749526b36860cf2511040d1ce5a743ffd83d29d1ba3a54a59d8c7aa249f08d3c8c6d04ac105d67934db6190d59f2323b55a5a4"], 0x1, 0x444a, &(0x7f0000004480)="$eJzs3b1PHGcaAPB3BnwGfx32ufBJJ91KZ+k+hcDV3WHpMMbGYHOOnNhFmvUCa5tkYS1YohQuSGcpVaQUUQorkdJRWUhp0jh/QpqUTm0pKdJEimSFaHdnMTPsmg3ZhWD9fsXOzvv5wLMzvGNp/caJyr355dz8cq6wmCvP3lk+l3unXFpZKIZ4jzSd/9DezU97uvE5edmYn3cscpq5fvHy67fOhfDl3NfPNjY2NkJVb2hqeMv7H75/MLv12BBn+lTHbTLUoeYz7MabIYTT2+Kq6gkh9IUQohDChaRsLDn2hxCOJ3W3Hrx/O9ehaB4/LZ7PP59+uD5ydmrt0Xqzn70uCuHj0h//dXfh27/0jHzzj9YjfnG0Q6EBAAAAAAAAAAAAAAAAAHAATNy4fvO1oeHwJAq9a9H27+tOJMcW34/t3eiYP78szL+f6NyPDAAAAAAAAAAAAAAAAAAAAL85L77/n4tONfn+/3hyHG3Rf+N/3Y+R7pn8//XxS0PDyf7v0bb6fydF313oCSeb7Pue3f/9QqZ/8/3ft8+zW434GvMOhCgeTJ3H8eBgCJ8mG7+fiY7EpfJy5Z93yiuLcx0L48BK57++e38qO8mG/m3mPx7LjN9i//8O+sO2T1P1/HbnPmKvtHT+e1q2++y9qK3r/2Km317kn91L57+3Vta/tcFo/QZQzf8HvTvnfzwzfrfyfyKEkIuqseZSd4DqGqZa3mq9Qlo6/4dqZalbZ/KLbHX9/5jJ/6XM+Pt1/1/N/iGiqXT+f1cr60u1OFx7reU/3vn6v5wZfz/yX41/tV640d25D750/uu5Dr2pJrXfZLv3/4nM+C3zf/jXxX0zTuI8EaU+AWtRvbzF/1dHRjr/fdvqXzz/xW2t/65k+u/V819j3sbzX+P2/7eo/vxHc+n897ds1+71P5np1+37/2ht/cdupfN/pFaWXjsP1F7bzf9UZvxu5b/2VNLXyP+L+8lPh+vln1j/tSWd/6P1wnhri9Xaa239F+28/r+aGX8/1n/V+Ffj7s76qkjn/1jLdtX8f9XG3/9rmX7dz38IQ/6tb9fS+T/esl3t+u/bOf/Tm+/qY3U7/3/t5uAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB8BYchwIUTyYOo/jwcEQLibnZ8KRaKYwl58plWffXg5hPCnPhVPR3VJ5plDKzy+W54r5QqlUng3hUlJ/OvRFy6VyJb9QuH95c6z+6F6xsFSZKRYqIYSJpPxP4XhjrJn5ykLhfgjhymbd7+Py0v17hcX83PzSf4eGhobC5GYMJ6Piu5XiYqU+e702hKnNvgPRluBq1Vc3YzkWvVVeWVoslGrl17b0KZVnC6UtfaaTug/DyaiytLI4W6gU86Xy3cZ8+2k0OY5P3njjxrXhbfW3o/pxbG/DAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOAXejLyn49CCL31sziEMNp4EzVr//hp8Xz++fTD9ZGzU2uP1p+1agcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DM7cCAAAAAAAOT/2ghVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVV2KVj1ASCKAzAbyZFki7HSLUkXdoNgZAU2SB4Aj2Gh9GjeAnvYGFhayGC7KKuu7CNVt/XPJifmfdgHgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAw3yPqvH/23tEiqf9Y8Ryulqf5791nX9233+4w4zczs9f9XX6w3SVf9RHmzIf0912NomO2li09qS9T5d9nnvn6tu3vvmavi+RchERZZ2/ppyLYthbAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcGAHDgQAAAAAgPxfG6GqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqoKO3AsAAAAACDM3zqKvg0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+BUAAP//hkEdVg==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, 0x0, 0x0)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getpid()
r4 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./bus\x00', 0x141842, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='cpuacct.usage_user\x00', 0x275a, 0x0)
write$binfmt_script(r5, &(0x7f00000000c0), 0xfea7)
copy_file_range(r5, &(0x7f00000001c0), r4, 0x0, 0x81, 0x10000000000000)

4.503426761s ago: executing program 0 (id=318):
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_clone3(&(0x7f0000004dc0)={0x100000900, 0x0, 0x0, 0x0, {0x13}, 0x0, 0x0, 0x0, 0x0}, 0x58)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$rdma_cm(0xffffff9c, &(0x7f00000001c0), 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0)
setregid(0x0, 0x0)
setsockopt$packet_tx_ring(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000140)=@req3={0x7fffffff, 0x400, 0x1, 0xd, 0x1, 0x6, 0x6}, 0x1c)
r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r1, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$tty1(0xc, 0x4, 0x1)
syz_usbip_server_init(0x3)
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001040)={0xc, {"a2e3ad21ed0d52f91b23090987f70e06d038e7ff7fc6e5539b3264078b089b0c08384d090890e0878f0e1ac6e7049b334a959b4b9a240a5b67f3988f7ef319520100ffe8d178708c523c921b1b6d31310d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa17d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe2c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a605608057228652a449df466c63d36770243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1008892fd6b21ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928900d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b03000000cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f632a70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171608bdc00fbbd0385075465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c113d12a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571ebff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4804afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa34046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b08005f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d789364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c220300000007b3d5bd3b01faffd0a5dbed2881a970fbf561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000900000000000000000000000000000000000000000000000000000000000000000000ebffffffffffffff00", 0x1000}}, 0xffffffffffffff90)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)={0x30, 0x3c, 0x107, 0x0, 0x0, {0x1, 0x7c}, [@nested={0x4, 0xfc}, @nested={0xc, 0x1, 0x0, 0x1, [@typed={0x6, 0x6, 0x0, 0x0, @str='\x80\n'}]}, @nested={0x4, 0x2}, @typed={0x8, 0x7, 0x0, 0x0, @fd=r2}]}, 0x30}, 0x1, 0x0, 0x0, 0xc000}, 0xc010)
r3 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f00000004c0)={'trans=fd,', {}, 0x2c, {'wfdno', 0x3d, r3}})
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x20000000000, 0xfffffffffffffffd, 0x0, 0x0, 0x1000001000, 0x49}, 0x0, 0x0, 0x0, 0x0)
r4 = syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r4, 0xc04064a0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000340)=[0x0], 0x0, 0x0, 0x0, 0x1})
ioctl$DRM_IOCTL_MODE_CREATE_LEASE(r4, 0xc01864c6, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

4.100516577s ago: executing program 2 (id=319):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x141)
mount$9p_virtio(&(0x7f00000001c0), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="56c78e3c733d76697274696f2c6e6f657874656e642c6163638173733d616e792c63616368653d667363616368652c76"])

3.2363336s ago: executing program 1 (id=320):
r0 = memfd_create(&(0x7f0000000540)='\x01\xfd\xae.+\xa6\x8c\xb6?2\x199\x94S,|x?Ue[\xbd\xe1!\x033\xbc\'#\xff\x17\x9b%\xf3[d \x06\x00\x00\x00\x97A\xc2\xd8\xf0Uq!\xe4\xc4\xb1\xa2\x1c\xffC;\x94Q\r\xb6}\x9c\xecC\v\xcf\xeb\xe4\x9aR\xe5,\x82\x03\x00\x19\x8d\xe8\xc6\xb9\xe4\xb4\x99\x8a\x19P\xb8\x8cx\b\x99\x04R\x05\xaf\xa2\xea5\f\xcc\x1a\x9b\x00Uf\xa5\xf7\x80Tgiz\nX\b\x91\xfd0\x8e\xb6\xa3\v#\x16\xdf\xb4\xc0\xe6\xb4\xef\xa8i\xd8\xa2\xd2(\x98\x9bA\x8f\x13\xeb\xf4b/\xef!\x8f\xf6]-\xf1k\xb62\x89gEv\x13\xf4\xc7\xb2\xf5\\\x17\x90\xb5\xa6\xa8\xb8o\x0f\xe2 \xe7\x9c$\xd7\xf2@\xf7cdv[\t\x00\x8d\xf3\xcc1\r$\x1e\xff\xf0P\xb2\x97\xb8\xbc\xeb\x91\x87\x8bu\xbf\xd4\'\xff\x1f\f\x016\x9dQ\xeeT\xe8\bY\x00\xb2\x06\xa6\xbel\x9b.o\xbe\x80\x9dx\xd5O\xd6h\\I\xc9\x8d\a\x1d\xc9k\x83\xfc\xa4\xad4\x03\xa2X\x0f\x82\xdbs\xc7\x83L\x9e\xa2\xd1\xb3\xac\x8d\xd8\xb4\xb4\xea\x90Q\xd8\xc7\xeb%\x8bOp\x1ab\x96\xcf\xbb\x15\xcf\xfcN\xed\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00s\xaf\xa2\x14]p+\x96\x1ei|n\xda\xee\\\xae\x96*\x82*\xb8j\xda\xaa\x14\x1f\x1d\xf8\xf8\xae\xfcH\xc4\xb3j\xe8\xcfO\xef\x0e\xafe\xb5*\x89\x18\xb2w\x96\b\x1by\xeaT\xdd\xb3g6\xbc\x85\xb2Y\xccv\x06\x00\x00\x00\xc5e\x90\xc51\x9f\v_# \b\xa5\xbcP,|\xe9\xd6s\x1f\x1f\xbe\xd3\x80\xb1\xa8 \xce|df\x903\v\x02\xea.\x03X\xb5\xe4,8\xb7\xadEI\xdcA\xa7\xcc\xd7\xf9n\x1b\x95\xf8\x11Z\xe6:\x03\xce\xfe\x02\x8ctdy~_oC\x9e\xef\xf0\xa2K\xe9;\x8e:\x01\x03C\x92\xeb\x16\x1c\xbf\xbe\xef\xccUxhg\xdfY\xe6\x83\xa6z\xff\x01\x9d o_{!O\xaajU\x84 \xe9\xb59r\x9cw\x18Z\xd3\xcd\x0e\xba\\\xdb\xf0\xe1\x86\t\xaf\vi\xdc\xbf?\xf5\n\xbd^\x05\xc0\xceuC}\xa8\xc7\xad\x86\xd7\x15&\xb9]1\x05J\x96\xf0\x84\xc1\f\xa6p\x96?\x00\x00\x00\x00\x00\x00\x00\x12\x88\xc8\x9c\xc9Cn\xd4\xa47V\'+\xcc\xbf\r\xa9\x10\x1d\xcf\xebKlb\xe5:\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00G\xdf\xbb\xc0_\x99F\xf4n]\x14\xbc\xcd\xd3\x9f\x9fe\xc5\xe6\xe8Mb\xc6\x82\x82\xcb\xcaXe\xe1\xa2\xaa\x02\x86\xb8\x18\xe2C\xeb\xa9\x17&\x01&\'w\xa1t0\x80\xf0\x93\x80\x9f\x9b\xe0\x9f\xea\xb9\x9eD]#V\xda\x92\xca\xc6\xfa.\xd6\xe31\xfe\xe8\x02\xebX\xbd\nz\x01O\xd3r\xa2\xa9u\x93>m\xd7q\'\xdf\xfajo\xd8n\xa7\xecJi\xde\xdf\x7f\xe3\xc4*Z 4\xe8S$\xa1H=\xdf\x05\xf3\xe3T\xd1\xdd\xc6f\xa4\xb4\x96\\\xa0\xf9\x0f\x17\x11{\xb6\x9d\xd21\xc1\x90Vj\x13r\x00\x00\xde\x03\xab\xff\x8as0\xc6E\xca\"\xd9*\x9a\x15\xb95r\x8f\xaaj\x82\xd6\xd2%\xed\xa2WQ\xec2\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xccX\xfdRB\xffU\xe9\xfa\x1f\xf6\xce\b\xde@\x061\xc6z\xe4\xe0\xc9?\xa7\x94>\x9c\xd1\xa5o\x04\xaaim\xae\xfe\xc7f\xa3\x96\xd7\xb4c)r{\r#\xddI&\n\xf2\xec\xd4\xff\x9f\x136zZ-2\x80\xfbH+\x9b8\xf3\xed\xdf\xa2my\xb28c[\xc3\xfe\xb5M\x84\x97\xa5\'s\xe9\xdc=)I\xabLt2\x9c\v\xd9S', 0x6)
fallocate(r0, 0x0, 0x9, 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000f3ffffffff4f89bde08334ed692a002c08ff1a92d4a964b11e44b0576dba48baf8c1abdabe5d40d0257a7c9d2a4039228f68cc53760cda77df6304000000cb50cc290a32f42ad54a5308345972"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
bpf$PROG_LOAD(0x5, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffe}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r4 = socket$unix(0x1, 0x1, 0x0)
pipe2$watch_queue(&(0x7f0000000040), 0x80)
close_range(r4, 0xffffffffffffffff, 0x0)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
bind$netlink(r5, &(0x7f0000000000)={0x10, 0x0, 0x0, 0x80065c9}, 0xc)
sendmsg$NFT_BATCH(r5, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010200000000000000020000000900010073797a300000000040000000030a01010000000000000000020000000900010073797a30000000000900030073797a320000000014000480080001400000000008000240000000002c000000030a03000000000000000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x400c0d1}, 0x0)
dup(0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000080)={'batadv_slave_1\x00'})
dup(0xffffffffffffffff)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r6, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a05000000000000000000010000000900010073797a30000000002c000000030a01020000000000000000010000000900010073797a30000000000900030073797a310000000084000000060a010400000000000000000100000008000b40000000005c0004802c000180090001007866726d000000001c0002800800024000000004050003000000000008000140000000092c00018008000100636d7000200002800c00038005000100ac000000080001400000000c08000240000000000900010073797a300000000014000000110001"], 0xf8}, 0x1, 0x0, 0x0, 0x40010}, 0x0)

2.247713485s ago: executing program 0 (id=321):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000280)=ANY=[@ANYBLOB="440000001300a7cc4a372eaf541d002007000000", @ANYRES32, @ANYBLOB="00000000100000001c001a80080002"], 0x44}}, 0x0)
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000000)={'bridge0\x00'})
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)=ANY=[], 0xa0}, 0x1, 0x0, 0x0, 0x20040884}, 0x40000)
r1 = socket(0x10, 0x3, 0x0)
sendmmsg(r1, &(0x7f0000000000), 0x4000000000001f2, 0x0)

2.222109776s ago: executing program 4 (id=322):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000004c0)={0x18, 0x4, 0x0, &(0x7f00000002c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x8, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount(&(0x7f0000000300)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000012c0)='./file0\x00', &(0x7f0000001300)='gfs2\x00', 0x0, 0x0)

2.083429958s ago: executing program 0 (id=323):
bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x2710}, 0x10)
r1 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x20000000}, 0x50)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{r1, <r2=>0xffffffffffffffff}, 0x0, &(0x7f00000003c0)='%ps    \x00'}, 0x20)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000040)={r2}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2}, 0x94)
prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
keyctl$clear(0x7, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r6 = socket(0x15, 0x5, 0x0)
getsockopt(r6, 0x200000000114, 0x2714, 0x0, &(0x7f0000000000))
socket$inet6_sctp(0xa, 0x5, 0x84)

1.194183572s ago: executing program 1 (id=324):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000040)='cgroup2\x00', 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f00000001c0)={[{@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000340)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@xino_on}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000080)='sched_switch\x00'}, 0x10)
chdir(&(0x7f00000003c0)='./bus\x00')
r4 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0)
getdents(r4, &(0x7f0000001fc0)=""/184, 0x20002078)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000280)=ANY=[@ANYBLOB, @ANYRES32=r0], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)

1.185530402s ago: executing program 4 (id=325):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000007c0)=ANY=[@ANYBLOB="1c020000", @ANYRES16, @ANYBLOB="05000000000000397c049d00000008000300", @ANYBLOB="33010e0080000300ffffffffffff080211"], 0x21c}, 0x1, 0x0, 0x0, 0x90}, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000200)={[{@delalloc}, {@nojournal_checksum}, {@barrier_val={'barrier', 0x3d, 0x10002}}, {@dioread_lock}, {@data_err_ignore}, {@mb_optimize_scan}, {@dioread_nolock}, {@nobarrier}, {@abort}, {@journal_dev={'journal_dev', 0x3d, 0x2}}, {@norecovery}, {@errors_remount}]}, 0x1, 0x570, &(0x7f00000019c0)="$eJzs3c1rHOUfAPDvbF76+vs1hVJURAI9WNFumsSXCh7qUbRY0HtdkjGUbLoluylNLLQ92IsXKYKIBfHgTe8ei/+Af0VBi0VK0IOXyGxm022zm2zTbXbrfj4w4XlmZvM835l5nn1mn1k2gIE1nv0pRDwfEV8mEYciIsm3DUe+cXx9v9X7V2ayJYm1tY/+TOr7ZfnG/2q87kCeeS4ifvk84tXC5nKryyvzpXI5XczzE7WFixPV5ZUT5xdKc+lcemFqevrUG9NTb7/1ZtdifeXs3998ePu9U18cW/36p7uHbyZxOg7m25rjeALXmjPjMZ4fk5E4/ciOk10orJ8kva4AOzKUt/ORyPqAQzGUt3rgv+9qRKwBAyrR/mFANcYBjXv7Lt0HPzPuvbt+A7Q5/uH1z0Zib/3eaP9q8tCdUXa/O9aF8rMyfv791s1sie59DgGwrWvXI+Lk8PDm/i/J+7+dO9nBPo+Wof+D3XM7G/+81mr8U9gY/0SL8c+BFm13J7Zv/4W7XSimrWz8907L8e/GpNXYUJ77X33MN5J8er6cZn3b/yPieIzsyfJbzeecWr2z1m5b8/gvW7LyG2PBvB53h/c8/JrZUq30JDE3u3c94oWW499k4/wnLc5/djzOdljG0fTWS+22bR//07X2fcTLLc//gxmtZOv5yYn69TDRuCo2++vG0V/blb85/tHYzfiz879/6/jHkub52urjl/Hd3n/Sdtseij86v/5Hk4/r6dF83eVSrbY4GTGafLB5/dSD1zbyjf2z+I8f27r/a3X974uITzqM/8aRH1/sKP4eXP9Z/LOPdf4fP3Hn/c++bVd+Z/3f6/XU8XxNJ/1fpxV8kmMHAAAAAAAA/aYQEQcjKRQ30oVCsbj+fMeR2F8oj60//xGzUf+u7FiMFBoz3YeanoeYzJ+HbeSnHslPR8ThiPhqaF89X5yplGd7HTwAAAAAAAAAAAAAAAAAAAD0iQNtvv+f+W2o17UDnjo/+Q2Da9v2341fegL6kvd/GFzaPwwu7R8Gl/YPg6up/e/pZT2A3ef9HwaX9g+DS/sHAAAAAAAAAAAAAAAAAAAAAAAAAACArjp75ky2rK3evzKT5WcvLS/NVy6dmE2r88WFpZniTGXxYnGuUpkrp8WZysJ2/69cqVycnIqlyxO1tFqbqC6vnFuoLF2onTu/UJpLz6UjuxIVAAAAAAAAAAAAAAAAAAAAPFuqyyvzpXI5XZSQ2FFiuD+qsZ7ILummNVd7XZ+tEn/80BfVaJfodc8EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/8GwAA//9ITzKe")
setxattr$trusted_overlay_upper(&(0x7f0000000000)='./file1\x00', &(0x7f00000001c0), &(0x7f0000000140)=ANY=[], 0x841, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000b80)={0x1, 0xf, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000f9ffffff000000001100000018110000", @ANYRES32, @ANYBLOB="0000000000000060b7"], 0x0, 0x8000, 0x0, 0x0, 0x40f00, 0x4b, '\x00', 0x0, @fallback=0x17, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
setxattr$trusted_overlay_nlink(&(0x7f0000000080)='./file1\x00', &(0x7f0000000140), 0x0, 0x0, 0x0)
setxattr$trusted_overlay_upper(&(0x7f00000000c0)='./file1\x00', &(0x7f0000000100), &(0x7f0000000700)=ANY=[], 0x381, 0x2)

1.051841114s ago: executing program 0 (id=326):
fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, 0x0, &(0x7f0000000100)='0\x00#\x00\xd0\x00 \x00\x00qS\x00\x00\x00\x00\x00\x00\x00\x00$\xf6_\xbdI\x1c\xf2\xa9]\xcc\xe0*\xef\x01\x8d\x15\xd2h\x93\xc9\xb57\xc3\xea\\Eb\xf8\xe6,\xdf\xd4\xfae\x84\xcc\xd5\"d\xf0D-\x98\x9f\x81{\xfc$\xc4\xbcF\xf8\xc8\x8d\xcb\xb8\xf2\x1e\xe4\'U\xb3\xb8\xd3\xe6\xd7\x80=\x8a\xeb\n\xb8_\xe8\x96YY\xe3\xc7\xe6\xf28\x19\xa6\xa7\xfa\xdb\x1ce\xc1\x03\x86J\xb2fh\x19\xee#\xcc\x0f\xed\xfea\xdc\x88\xcb%bW\xd35\xda=\xac\x1d\xae\x93\xfd\'T6\x94\n\xa4\x9cU\xc4\fA~[\xbf\x8b\x90\xfe\x04\xe7U\xf3h\x81\x14l7u\x95\x96t\\\x0f\xef;\x03\xa4C\xbc(Vc!a\xc1\xe39\xc6b\x905\x1f\x03\x00\x00\x00\x00\x00\x00\xdf9\xaf5\xc8a:z\xe4\xcbag&67\x814\xf6}\xe10v6l\xd6,\x1e\xa0\xcc\xbf\xfdkm\b?\x839\x85N\x1c\xc1\xcb\xfc\x85\xd2\n\x02\"\xf2\x81g\x90\x01n%\x7f_\xe1.f>>\xa5\xfb\"\xab\xdb\x06\x12e\x14\x11~\x9a\bR-\x85\xc3\xa9\xe6\xf6R\x11\"\xc3\xc9\xfc\x14s X\xec\xdd\xc2qB\x85\xf0\xd7\x04\xdd<\x9ak\x00\x00\x00\x00\x00\x00\x00\n\xa72\xa3\xef^\xe7\x8f', 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x4000000)
prlimit64(0x0, 0xe, &(0x7f00000007c0)={0xc, 0x86}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000007c0)={0x10, 0x1, &(0x7f0000000100)=@raw=[@jmp={0x5, 0x0, 0x9, 0x0, 0x6, 0xfffffffffffffe88}], 0x0, 0x2, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x1}, 0x94)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000000c0)=ANY=[@ANYBLOB="c02600004100070100000000ff000000017c00000400fc80a72601"], 0x26c0}}, 0x4c000)
syz_read_part_table(0x5c2, &(0x7f0000000f00)="$eJzs2z9I3GccBvD3Lh6BZMiSKUuTFDKULAkZc0MS7i4JFo5TF7soKCLedIJw0qOCDnqD4g3i6CLCLVYnzxucFIXORRwsgoNLiy6Ci1esb6EU+wd7LQ18PvDjy/vyvO/DO9x4gU9aMvzUarUSIYTW3ZsTE39yuqeeyX54nH9T6A4hEVohhJGvPv/lnkRM/Hrr07g+jOvlpXvNmbP3qfpB1/mzvu1q8jdtV9/9lUZPWx7Iv2o1vfNgcqqUmy2nh/dzlePp77/78tvTTKHRWa2tfUy9G4i53Tg74hwN5TAeRkJ/KIZiGAylNvUv1o9eXD7K1TeGXl9km3NbL2Mu/w/f+Xf7x57M99Yqb5+vP1x4Vd7cK5zcuc4V/+DXBQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/8tqeufB5FQpN1tOD+/nksfTYyGE00yh0VmtrX1MvRuIud04O+IcDeUwHkZCfyiGRBgMpbb0V44X60cvLh/l6htDry+yzbmtlzGX//3BjlsW/kX/2JP53lrl7fP1hwuvypt7hZM717ni3fb0AQAAAAAAAAAAAAAAAAAAwE0y2Q+P828K3d/E9Rc/fp28mq34f/fP4v7TOA/j/vLSvebM2ftU/aDr/FnfdvWHuD8Rv/srjZ7/9CHcys8BAAD//4Mnkx8=")
write$binfmt_script(0xffffffffffffffff, &(0x7f0000000100), 0xfffffd9d)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, 0x0)
syz_clone(0x2211000, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000140)="d8b07da8a079e98f7663074742d57c4d12f7ca8dabf267b0617ef36c3f0682b946f2270ab4edbe20facf6f1d6052d5fe92744ca46439ef57")
r2 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a98", 0x3, 0xfffffffffffffffe)
r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000840), 0x0, 0x0)
r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0)
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x0)
ioctl$KVM_SET_MSRS(r5, 0xc008ae88, &(0x7f0000000540)=ANY=[@ANYBLOB="0100000000000000900d0000000000000600000000000010fa5e413f0000001b9b363669cdee2b715768ee778653002b6a8727e77b6de2b93ee79ce0efff4f37c7ce502a823f634d41090ec476b29b86ff2f9001a9a5a2c994c5c798dcd77c9a8d0081291511725147cb354499e99e720389b5f866575a29d6b0a82fa3289ceec3f2a94b1fe4396f003269666a9bb744c6259f862c1a3dca9e3e6f77dac7d4d4b6"])
r6 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r2, r6, r2}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x20042, 0x0)
r7 = syz_open_dev$video4linux(&(0x7f0000000340), 0x145, 0x0)
ioctl$VIDIOC_SUBDEV_S_FMT(r7, 0xc0585605, &(0x7f0000000000)={0x0, 0x0, {0x0, 0x0, 0x3011}})

0s ago: executing program 1 (id=327):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0)
openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
socket$nl_crypto(0x10, 0x3, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000000000000000000095980000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f0ffffffb702000005000000b703000000000000850000007300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x11, 0xb, &(0x7f00000006c0)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000000)='rxrpc_local\x00', r1}, 0x10)
r2 = socket$kcm(0x21, 0x2, 0x2)
sendmsg$kcm(r2, &(0x7f0000000000)={&(0x7f0000000080)=@rxrpc=@in4={0x21, 0x0, 0x2, 0x10, {0x2, 0x4e22, @dev}}, 0x80, 0x0, 0x0, &(0x7f0000001a00)=ANY=[], 0x10b8}, 0x0)

kernel console output (not intermixed with test programs):

Warning: Permanently added '10.128.1.237' (ED25519) to the list of known hosts.
[   64.375539][ T5775] cgroup: Unknown subsys name 'net'
[   64.510630][ T5775] cgroup: Unknown subsys name 'rlimit'
Setting up swapspace version 1, size = 127995904 bytes
[   65.922068][ T5775] Adding 124996k swap on ./swap-file.  Priority:0 extents:1 across:124996k 
[   67.416709][ T5794] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   67.424938][ T5794] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[   67.433928][ T5794] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[   67.442163][ T5794] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[   67.450508][ T5794] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[   67.458016][ T5794] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   67.466607][ T5794] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   67.471138][ T5798] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[   67.473948][ T5794] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[   67.482108][ T5799] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[   67.489262][ T5794] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[   67.498119][ T5799] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[   67.503787][ T5794] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   67.516713][ T5794] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[   67.517084][ T5799] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   67.531074][ T5801] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[   67.539098][ T5801] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   67.546765][ T5799] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[   67.554126][ T5801] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[   67.562716][ T5799] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[   67.563952][ T5103] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[   67.577254][ T5799] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[   67.579081][ T5103] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3
[   67.597703][ T5794] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[   68.000126][ T5785] chnl_net:caif_netlink_parms(): no params data found
[   68.097197][ T5786] chnl_net:caif_netlink_parms(): no params data found
[   68.122909][ T5787] chnl_net:caif_netlink_parms(): no params data found
[   68.210849][ T5785] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.218181][ T5785] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.225991][ T5785] bridge_slave_0: entered allmulticast mode
[   68.234583][ T5785] bridge_slave_0: entered promiscuous mode
[   68.260686][ T5785] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.268538][ T5785] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.276109][ T5785] bridge_slave_1: entered allmulticast mode
[   68.282799][ T5785] bridge_slave_1: entered promiscuous mode
[   68.318016][ T5785] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.350150][ T5788] chnl_net:caif_netlink_parms(): no params data found
[   68.361510][ T5785] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.417019][ T5787] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.424977][ T5787] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.432131][ T5787] bridge_slave_0: entered allmulticast mode
[   68.439478][ T5787] bridge_slave_0: entered promiscuous mode
[   68.447752][ T5786] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.455025][ T5786] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.462197][ T5786] bridge_slave_0: entered allmulticast mode
[   68.470836][ T5786] bridge_slave_0: entered promiscuous mode
[   68.496765][ T5785] team0: Port device team_slave_0 added
[   68.503672][ T5787] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.510847][ T5787] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.518375][ T5787] bridge_slave_1: entered allmulticast mode
[   68.525133][ T5787] bridge_slave_1: entered promiscuous mode
[   68.531599][ T5786] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.542346][ T5786] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.549719][ T5786] bridge_slave_1: entered allmulticast mode
[   68.557840][ T5786] bridge_slave_1: entered promiscuous mode
[   68.569284][ T5785] team0: Port device team_slave_1 added
[   68.657699][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_0
[   68.665136][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.691212][ T5785] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   68.705197][ T5785] batman_adv: batadv0: Adding interface: batadv_slave_1
[   68.712251][ T5785] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   68.738647][ T5785] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   68.754045][ T5787] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.765715][ T5786] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   68.777743][ T5786] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.800606][ T5788] bridge0: port 1(bridge_slave_0) entered blocking state
[   68.808316][ T5788] bridge0: port 1(bridge_slave_0) entered disabled state
[   68.816237][ T5788] bridge_slave_0: entered allmulticast mode
[   68.824179][ T5788] bridge_slave_0: entered promiscuous mode
[   68.832801][ T5787] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   68.866542][ T5786] team0: Port device team_slave_0 added
[   68.872787][ T5788] bridge0: port 2(bridge_slave_1) entered blocking state
[   68.880222][ T5788] bridge0: port 2(bridge_slave_1) entered disabled state
[   68.887548][ T5788] bridge_slave_1: entered allmulticast mode
[   68.894925][ T5788] bridge_slave_1: entered promiscuous mode
[   68.923973][ T5786] team0: Port device team_slave_1 added
[   68.980453][ T5787] team0: Port device team_slave_0 added
[   68.989464][ T5787] team0: Port device team_slave_1 added
[   69.006182][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.014118][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.040095][ T5786] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.069487][ T5785] hsr_slave_0: entered promiscuous mode
[   69.075992][ T5785] hsr_slave_1: entered promiscuous mode
[   69.097002][ T5786] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.104485][ T5786] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.130938][ T5786] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.153960][ T5788] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   69.166120][ T5788] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   69.212409][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.219520][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.245810][ T5787] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.295280][ T5787] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.302257][ T5787] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.329289][ T5787] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.344181][ T5788] team0: Port device team_slave_0 added
[   69.375282][ T5786] hsr_slave_0: entered promiscuous mode
[   69.381481][ T5786] hsr_slave_1: entered promiscuous mode
[   69.388632][ T5786] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.397150][ T5786] Cannot create hsr debugfs directory
[   69.405358][ T5788] team0: Port device team_slave_1 added
[   69.487646][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_0
[   69.495507][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.521738][ T5788] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   69.534100][ T5794] Bluetooth: hci3: command tx timeout
[   69.538484][ T5788] batman_adv: batadv0: Adding interface: batadv_slave_1
[   69.546649][ T5788] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   69.572830][ T5788] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   69.613200][ T5794] Bluetooth: hci2: command tx timeout
[   69.620283][ T5787] hsr_slave_0: entered promiscuous mode
[   69.626762][ T5787] hsr_slave_1: entered promiscuous mode
[   69.632766][ T5787] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.640535][ T5787] Cannot create hsr debugfs directory
[   69.693973][ T5794] Bluetooth: hci0: command tx timeout
[   69.693987][ T5791] Bluetooth: hci1: command tx timeout
[   69.700513][ T5788] hsr_slave_0: entered promiscuous mode
[   69.711832][ T5788] hsr_slave_1: entered promiscuous mode
[   69.718528][ T5788] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[   69.726448][ T5788] Cannot create hsr debugfs directory
[   69.992660][ T5785] netdevsim netdevsim1 netdevsim0: renamed from eth0
[   70.005285][ T5785] netdevsim netdevsim1 netdevsim1: renamed from eth1
[   70.035242][ T5785] netdevsim netdevsim1 netdevsim2: renamed from eth2
[   70.044697][ T5785] netdevsim netdevsim1 netdevsim3: renamed from eth3
[   70.105694][ T5786] netdevsim netdevsim0 netdevsim0: renamed from eth0
[   70.125641][ T5786] netdevsim netdevsim0 netdevsim1: renamed from eth1
[   70.136988][ T5786] netdevsim netdevsim0 netdevsim2: renamed from eth2
[   70.147249][ T5786] netdevsim netdevsim0 netdevsim3: renamed from eth3
[   70.234577][ T5787] netdevsim netdevsim2 netdevsim0: renamed from eth0
[   70.247088][ T5787] netdevsim netdevsim2 netdevsim1: renamed from eth1
[   70.257440][ T5787] netdevsim netdevsim2 netdevsim2: renamed from eth2
[   70.266969][ T5787] netdevsim netdevsim2 netdevsim3: renamed from eth3
[   70.378089][ T5788] netdevsim netdevsim3 netdevsim0: renamed from eth0
[   70.387648][ T5788] netdevsim netdevsim3 netdevsim1: renamed from eth1
[   70.398081][ T5788] netdevsim netdevsim3 netdevsim2: renamed from eth2
[   70.415401][ T5788] netdevsim netdevsim3 netdevsim3: renamed from eth3
[   70.505917][ T5785] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.515984][ T5786] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.575093][ T5785] 8021q: adding VLAN 0 to HW filter on device team0
[   70.600813][ T5786] 8021q: adding VLAN 0 to HW filter on device team0
[   70.614092][   T11] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.621414][   T11] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.646814][   T42] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.654028][   T42] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.680032][ T5787] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.697641][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.704778][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.728494][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.735676][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.806893][ T5787] 8021q: adding VLAN 0 to HW filter on device team0
[   70.820350][ T5788] 8021q: adding VLAN 0 to HW filter on device bond0
[   70.848798][ T5785] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   70.890946][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   70.898276][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   70.926656][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   70.933853][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   70.987517][ T5788] 8021q: adding VLAN 0 to HW filter on device team0
[   71.036001][   T12] bridge0: port 1(bridge_slave_0) entered blocking state
[   71.043203][   T12] bridge0: port 1(bridge_slave_0) entered forwarding state
[   71.081357][   T12] bridge0: port 2(bridge_slave_1) entered blocking state
[   71.088568][   T12] bridge0: port 2(bridge_slave_1) entered forwarding state
[   71.152019][ T5787] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   71.297883][ T5785] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.318183][ T5786] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.452681][ T5785] veth0_vlan: entered promiscuous mode
[   71.460962][ T5786] veth0_vlan: entered promiscuous mode
[   71.493465][ T5785] veth1_vlan: entered promiscuous mode
[   71.504518][ T5786] veth1_vlan: entered promiscuous mode
[   71.587856][ T5786] veth0_macvtap: entered promiscuous mode
[   71.614676][ T5794] Bluetooth: hci3: command tx timeout
[   71.622043][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[   71.636849][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[   71.656033][ T5786] veth1_macvtap: entered promiscuous mode
[   71.670131][ T5785] veth0_macvtap: entered promiscuous mode
[   71.680479][ T5785] veth1_macvtap: entered promiscuous mode
[   71.695115][ T5794] Bluetooth: hci2: command tx timeout
[   71.708103][ T5787] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.734018][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.756325][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   71.767538][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.777731][ T5794] Bluetooth: hci1: command tx timeout
[   71.783361][ T5794] Bluetooth: hci0: command tx timeout
[   71.792604][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_0
[   71.803497][ T5786] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.816189][ T5786] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.825624][ T5786] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.836436][ T5786] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.845404][ T5786] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   71.862536][ T5785] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   71.874185][ T5785] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   71.885887][ T5785] batman_adv: batadv0: Interface activated: batadv_slave_1
[   71.902507][ T5788] 8021q: adding VLAN 0 to HW filter on device batadv0
[   71.952396][ T5785] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   71.962638][ T5785] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   71.971788][ T5785] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   71.981548][ T5785] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.059370][ T5787] veth0_vlan: entered promiscuous mode
[   72.082216][ T5787] veth1_vlan: entered promiscuous mode
[   72.196000][ T3486] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.207352][ T3486] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.217648][ T5788] veth0_vlan: entered promiscuous mode
[   72.242659][ T5787] veth0_macvtap: entered promiscuous mode
[   72.279537][   T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.286881][ T5788] veth1_vlan: entered promiscuous mode
[   72.294184][   T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.311553][ T5787] veth1_macvtap: entered promiscuous mode
[   72.376594][   T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.386483][   T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.436608][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.447644][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.458074][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.468803][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.480322][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_0
[   72.498179][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   72.507236][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   72.510721][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.530030][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.540161][ T5787] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   72.550696][ T5787] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.562982][ T5787] batman_adv: batadv0: Interface activated: batadv_slave_1
[   72.601070][ T5788] veth0_macvtap: entered promiscuous mode
[   72.626827][ T5788] veth1_macvtap: entered promiscuous mode
[   72.646366][ T5787] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   72.662908][ T5787] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   72.682549][ T5787] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   72.691868][ T5787] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   72.738233][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.759809][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.773214][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.791457][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.824060][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   72.841076][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   72.913579][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   72.929314][ T5884] syz.1.2[5884]: memfd_create() called without MFD_EXEC or MFD_NOEXEC_SEAL set
[   73.020750][ T5884] loop1: detected capacity change from 0 to 2048
[   73.296871][ T5885] kvm_intel: L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   73.341717][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   73.693456][ T5794] Bluetooth: hci3: command tx timeout
[   73.699064][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_0
[   73.769743][ T5884]  loop1: unable to read partition table
[   73.779167][ T5794] Bluetooth: hci2: command tx timeout
[   73.853949][ T5794] Bluetooth: hci0: command tx timeout
[   73.859411][ T5794] Bluetooth: hci1: command tx timeout
[   73.874069][ T5884] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[   73.907365][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.092233][ T5878] loop0: detected capacity change from 0 to 32768
[   74.123109][ T5878] (syz.0.1,5878,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xfaa975d8, computed 0xe948bc9f. Applying ECC.
[   74.136590][ T5878] (syz.0.1,5878,0):ocfs2_block_check_validate:416 ERROR: Fixed CRC32 failed: stored: 0xfaa975d8, computed 0xe948bc9f
[   74.148992][ T5878] (syz.0.1,5878,0):ocfs2_verify_volume:2389 ERROR: status = -5
[   74.156636][ T5878] (syz.0.1,5878,0):ocfs2_fill_super:990 ERROR: superblock probe failed!
[   74.165214][ T5878] (syz.0.1,5878,0):ocfs2_fill_super:1178 ERROR: status = -5
[   74.220452][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.299371][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.309928][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.321015][ T5788] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   74.331740][ T5788] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   74.345909][ T5788] batman_adv: batadv0: Interface activated: batadv_slave_1
[   74.383723][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.392262][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.451626][ T5788] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   74.505304][ T5788] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   74.514213][ T5788] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   74.522931][ T5788] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   74.544680][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   74.855738][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   74.889258][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.543524][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.599367][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.724524][   T58] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.754134][   T58] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.775579][ T5794] Bluetooth: hci3: command tx timeout
[   75.791728][ T5904] loop0: detected capacity change from 0 to 4096
[   75.835057][   T58] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   75.844712][   T58] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   75.854519][ T5794] Bluetooth: hci2: command tx timeout
[   75.934164][ T5791] Bluetooth: hci0: command tx timeout
[   75.936507][ T5905] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   75.939749][ T5794] Bluetooth: hci1: command tx timeout
[   76.070286][   T28] audit: type=1800 audit(1752901308.165:2): pid=5904 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7" name="file2" dev="loop0" ino=16 res=0 errno=0
[   76.113583][    T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!!
[   76.233198][   T28] audit: type=1800 audit(1752901308.325:3): pid=5914 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.7" name="file2" dev="loop0" ino=16 res=0 errno=0
[   76.925650][    T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!!
[   77.533774][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   77.745226][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   77.933551][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   78.665522][ T5936] iommufd_mock iommufd_mock1: Adding to iommu group 0
[   78.905530][ T5933] loop0: detected capacity change from 0 to 32768
[   78.913707][ T5933] =======================================================
[   78.913707][ T5933] WARNING: The mand mount option has been deprecated and
[   78.913707][ T5933]          and is ignored by this kernel. Remove the mand
[   78.913707][ T5933]          option from the mount to silence this warning.
[   78.913707][ T5933] =======================================================
[   79.014395][ T5933] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[   79.052211][ T5933] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   79.222820][ T5944] loop1: detected capacity change from 0 to 1024
[   79.322138][ T5944] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   79.828009][ T5944] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   80.126491][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[   80.413470][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   81.700271][ T5792] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   81.864690][    T8] cfg80211: failed to load regulatory.db
[   81.882176][ T5971] loop0: detected capacity change from 0 to 128
[   81.923322][ T5971] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=16, mo=a80ec018, mo2=0002]
[   81.931418][ T5971] System zones: 1-3, 19-19, 35-36
[   81.968207][ T5971] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[   81.972841][ T5792] usb 2-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[   82.003703][ T5971] ext4 filesystem being mounted at /6/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   82.051451][ T5792] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   82.098343][ T5792] usb 2-1: config 0 descriptor??
[   82.172249][ T5971] EXT4-fs warning (device loop0): verify_group_input:151: Cannot add at group 1768304430 (only 1 groups)
[   82.192677][ T5792] cp210x 2-1:0.0: cp210x converter detected
[   82.332421][ T5978] overlayfs: missing 'lowerdir'
[   82.943224][ T5792] cp210x 2-1:0.0: failed to get vendor val 0x000e size 3: -32
[   82.962965][ T5792] usb 2-1: cp210x converter now attached to ttyUSB0
[   83.000249][ T5786] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[   83.328523][ T5854] usb 2-1: USB disconnect, device number 2
[   83.384050][ T5854] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[   83.458228][ T5854] cp210x 2-1:0.0: device disconnected
[   83.474680][ T5983] loop3: detected capacity change from 0 to 32768
[   83.524921][ T5983] ocfs2: Slot 0 on device (7,3) was already allocated to this node!
[   83.554176][ T5983] ocfs2: Mounting device (7,3) on (node local, slot 0) with ordered data mode.
[   85.443809][ T5981] loop2: detected capacity change from 0 to 32768
[   86.640987][ T5780] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   86.672010][ T5788] ocfs2: Unmounting device (7,3) on (node local)
[   90.718686][ T6025] loop3: detected capacity change from 0 to 128
[   90.765429][ T6025] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[   90.777393][ T6022] loop0: detected capacity change from 0 to 32768
[   90.810952][ T6022] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[   90.878395][ T6022] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   92.543823][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[   92.594752][ T6036] loop3: detected capacity change from 0 to 2048
[   92.659785][ T6038] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[   92.821344][ T6036] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   93.905592][    T8] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[   94.100121][    T8] usb 4-1: New USB device found, idVendor=0bda, idProduct=8153, bcdDevice=e2.3d
[   94.153548][    T8] usb 4-1: New USB device strings: Mfr=13, Product=2, SerialNumber=3
[   94.275949][    T8] usb 4-1: Product: syz
[   94.323266][    T8] usb 4-1: Manufacturer: syz
[   94.392683][    T8] usb 4-1: SerialNumber: syz
[   94.587216][    T8] r8152-cfgselector 4-1: config 0 descriptor??
[   95.273738][ T6054] netlink: 72 bytes leftover after parsing attributes in process `syz.0.44'.
[   95.509906][ T6054] syz.0.44: attempt to access beyond end of device
[   95.509906][ T6054] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[   95.525708][ T6054] syz.0.44: attempt to access beyond end of device
[   95.525708][ T6054] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[   95.539272][ T6054] Mount JFS Failure: -5
[   98.924347][    T8] r8152-cfgselector 4-1: Unknown version 0x0000
[   98.945542][    T8] r8152-cfgselector 4-1: USB disconnect, device number 2
[   99.427301][ T6072] Zero length message leads to an empty skb
[   99.895925][ T6080] loop2: detected capacity change from 0 to 128
[  100.742269][ T6084] dummy0 speed is unknown, defaulting to 1000
[  100.755966][ T6084] dummy0 speed is unknown, defaulting to 1000
[  100.777107][ T6084] dummy0 speed is unknown, defaulting to 1000
[  100.936805][ T6091] loop1: detected capacity change from 0 to 2048
[  101.702135][ T6084] iwpm_register_pid: Unable to send a nlmsg (client = 2)
[  102.032033][ T6098] netlink: 156 bytes leftover after parsing attributes in process `syz.0.51'.
[  102.032650][ T6084] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98
[  102.148132][ T6100] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  102.988131][ T6084] dummy0 speed is unknown, defaulting to 1000
[  103.017466][ T6084] dummy0 speed is unknown, defaulting to 1000
[  103.152981][ T6084] dummy0 speed is unknown, defaulting to 1000
[  103.333189][ T6084] dummy0 speed is unknown, defaulting to 1000
[  105.267634][ T6135] loop3: detected capacity change from 0 to 2048
[  105.331140][ T6135] Alternate GPT is invalid, using primary GPT.
[  105.337726][ T6135]  loop3: p1 p2 p3
[  106.333184][ T6145] syz.0.64: attempt to access beyond end of device
[  106.333184][ T6145] nbd0: rw=4096, sector=128, nr_sectors = 8 limit=0
[  106.346620][ T6145] gfs2: error 10 reading superblock
[  107.497712][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  107.534769][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  107.561148][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  107.750112][ T6152] loop2: detected capacity change from 0 to 32768
[  107.762110][ T6152] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.66 (6152)
[  107.796478][ T6152] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  107.807242][ T6152] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  107.816785][ T6152] BTRFS info (device loop2): allowing degraded mounts
[  107.823637][ T6152] BTRFS info (device loop2): metadata ratio 1
[  107.829779][ T6152] BTRFS info (device loop2): ignoring bad roots
[  107.836193][ T6152] BTRFS info (device loop2): force zlib compression, level 3
[  107.843623][ T6152] BTRFS info (device loop2): allowing degraded mounts
[  107.851040][ T6152] BTRFS info (device loop2): using free space tree
[  107.949358][ T6159] 9pnet_fd: Insufficient options for proto=fd
[  107.995693][ T6153] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  108.002585][ T6153] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  108.055991][ T6153] vhci_hcd vhci_hcd.0: Device attached
[  108.130406][ T6157] vhci_hcd: connection closed
[  108.161619][ T3440] vhci_hcd: stop threads
[  108.320011][ T3440] vhci_hcd: release socket
[  108.420254][ T3440] vhci_hcd: disconnect device
[  108.790674][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  108.866074][ T6152] BTRFS error (device loop2): failed to load root extent
[  108.896574][ T3486] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  108.970805][ T6152] BTRFS error (device loop2): failed to load root free space
[  109.026655][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  109.139671][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  109.333245][ T6152] BTRFS info (device loop2): enabling ssd optimizations
[  109.547904][ T5787] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  109.638100][ T6188] loop1: detected capacity change from 0 to 2048
[  109.733262][ T6188] Alternate GPT is invalid, using primary GPT.
[  109.740714][ T6188]  loop1: p1 p2 p3
[  111.794126][ T6202] loop1: detected capacity change from 0 to 128
[  112.138407][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  112.157446][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  112.186772][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  112.397568][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  112.414599][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  112.424545][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  113.475342][ T6214] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  113.754914][ T6209] sched: RT throttling activated
[  114.037951][ T6216] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  114.044522][ T6216] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  114.052343][ T6216] vhci_hcd vhci_hcd.0: Device attached
[  114.078966][ T6219] 9pnet_fd: Insufficient options for proto=fd
[  114.216301][ T6221] loop0: detected capacity change from 0 to 1024
[  114.284704][ T6217] vhci_hcd: connection closed
[  114.286656][ T3486] vhci_hcd: stop threads
[  114.426052][ T3486] vhci_hcd: release socket
[  114.459145][ T5792] usb 37-1: new high-speed USB device number 2 using vhci_hcd
[  114.510910][ T3486] vhci_hcd: disconnect device
[  114.587107][ T5792] usb 37-1: enqueue for inactive port 0
[  114.752170][ T6221] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  114.803657][ T5792] vhci_hcd: vhci_device speed not set
[  116.801088][ T6229] loop1: detected capacity change from 0 to 32768
[  116.809309][ T6229] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.80 (6229)
[  117.286062][ T6229] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  117.296394][ T6229] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  117.306081][ T6229] BTRFS info (device loop1): allowing degraded mounts
[  117.312950][ T6229] BTRFS info (device loop1): metadata ratio 1
[  117.319141][ T6229] BTRFS info (device loop1): ignoring bad roots
[  117.325607][ T6229] BTRFS info (device loop1): force zlib compression, level 3
[  117.333174][ T6229] BTRFS error (device loop1): unrecognized mount option 'thread_pool=	'
[  117.411192][ T6229] BTRFS error (device loop1): open_ctree failed: -22
[  117.604326][ T5780] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by udevd (5780)
[  118.437070][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  119.369943][ T6253] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  119.541922][ T6256] loop1: detected capacity change from 0 to 128
[  120.912825][ T6266] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  121.705458][ T6268] dummy0 speed is unknown, defaulting to 1000
[  123.207147][ T6289] loop3: detected capacity change from 0 to 256
[  123.338654][ T6291] loop1: detected capacity change from 0 to 256
[  123.380889][ T6291] exfat: Deprecated parameter 'utf8'
[  123.398736][ T6291] exfat: Deprecated parameter 'utf8'
[  123.414480][ T6291] exfat: Deprecated parameter 'utf8'
[  123.447488][ T6291] exfat: Deprecated parameter 'utf8'
[  123.557040][ T6291] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xac5c0b1f, utbl_chksum : 0xe619d30d)
[  126.635433][ T6298] netlink: 8 bytes leftover after parsing attributes in process `syz.3.97'.
[  128.343503][ T6306] loop2: detected capacity change from 0 to 1024
[  131.736684][   T12] hfsplus: b-tree write err: -5, ino 4
[  133.133758][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  133.140108][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  133.389805][ T6326] loop0: detected capacity change from 0 to 40427
[  133.496916][ T6326] F2FS-fs (loop0): invalid crc value
[  133.520913][ T6326] F2FS-fs (loop0): Found nat_bits in checkpoint
[  133.546797][ T6311] loop1: detected capacity change from 0 to 64
[  133.554945][ T6311] hfs: unable to parse mount options
[  133.573740][ T6326] F2FS-fs (loop0): Start checkpoint disabled!
[  133.623913][ T6326] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  134.058110][ T6329] loop2: detected capacity change from 0 to 2048
[  134.488320][ T6330] syz.0.105: attempt to access beyond end of device
[  134.488320][ T6330] loop0: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  134.503790][ T6330] syz.0.105: attempt to access beyond end of device
[  134.503790][ T6330] loop0: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  134.960714][ T6337] loop3: detected capacity change from 0 to 128
[  135.134443][   T12] kworker/u4:1: attempt to access beyond end of device
[  135.134443][   T12] loop0: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  135.156084][ T6329] Alternate GPT is invalid, using primary GPT.
[  135.173212][   T12] F2FS-fs (loop0): Stopped filesystem due to reason: 3
[  135.181998][ T6329]  loop2: p1 p2 p3
[  135.305204][ T6339] siw: device registration error -23
[  135.384669][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  135.402036][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  135.413621][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  135.450214][ T6340] netlink: 156 bytes leftover after parsing attributes in process `syz.1.110'.
[  136.021554][ T6344] loop2: detected capacity change from 0 to 1024
[  136.149647][ T6346] dummy0 speed is unknown, defaulting to 1000
[  136.411942][ T6344] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  140.492511][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  140.914661][   T23] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  141.903157][   T23] usb 1-1: Using ep0 maxpacket: 16
[  141.975770][   T23] usb 1-1: config 0 has an invalid interface number: 215 but max is 0
[  141.994625][   T23] usb 1-1: config 0 has no interface number 0
[  142.006765][   T23] usb 1-1: New USB device found, idVendor=1a0a, idProduct=0108, bcdDevice=dd.14
[  142.023181][   T23] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  142.041862][   T23] usb 1-1: Product: syz
[  142.076776][   T23] usb 1-1: Manufacturer: syz
[  142.226953][ T6370] loop2: detected capacity change from 0 to 40427
[  142.292750][ T6370] F2FS-fs (loop2): invalid crc value
[  142.300954][ T6370] F2FS-fs (loop2): Found nat_bits in checkpoint
[  142.313379][   T23] usb 1-1: SerialNumber: syz
[  142.394688][ T6377] loop1: detected capacity change from 0 to 128
[  142.413660][ T6370] F2FS-fs (loop2): Start checkpoint disabled!
[  142.513191][ T6370] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  142.680295][   T23] usb 1-1: config 0 descriptor??
[  142.737580][ T6380] netlink: 9896 bytes leftover after parsing attributes in process `syz.3.120'.
[  142.757471][ T6376] loop3: detected capacity change from 0 to 2048
[  142.789822][   T23] usb_ehset_test: probe of 1-1:0.215 failed with error -32
[  142.808767][ T6376] Alternate GPT is invalid, using primary GPT.
[  142.815392][ T6376]  loop3: p1 p2 p3
[  143.365360][   T23] usb 1-1: USB disconnect, device number 2
[  143.437793][ T5158] Alternate GPT is invalid, using primary GPT.
[  143.476958][ T5158]  loop3: p1 p2 p3
[  143.741845][ T5778] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  144.092280][   T42] kworker/u4:2: attempt to access beyond end of device
[  144.092280][   T42] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  144.280070][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  144.911464][   T42] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  144.916270][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  145.009582][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  145.114174][ T6396] netlink: 72 bytes leftover after parsing attributes in process `syz.0.124'.
[  145.538300][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  145.560324][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  145.576826][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  145.623785][ T6396] syz.0.124: attempt to access beyond end of device
[  145.623785][ T6396] nbd0: rw=0, sector=64, nr_sectors = 8 limit=0
[  145.691993][ T6399] loop3: detected capacity change from 0 to 2048
[  146.464824][ T6396] syz.0.124: attempt to access beyond end of device
[  146.464824][ T6396] nbd0: rw=0, sector=120, nr_sectors = 8 limit=0
[  146.478766][ T6396] Mount JFS Failure: -5
[  146.505579][ T6399] Alternate GPT is invalid, using primary GPT.
[  146.590662][ T6399]  loop3: p1 p2 p3
[  147.432476][ T5158] Alternate GPT is invalid, using primary GPT.
[  147.441758][ T5158]  loop3: p1 p2 p3
[  147.467264][ T6408] netlink: 156 bytes leftover after parsing attributes in process `syz.0.127'.
[  147.625044][ T6412] loop3: detected capacity change from 0 to 1024
[  148.787452][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  148.831536][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  148.884221][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  149.121814][ T6418] loop1: detected capacity change from 0 to 40427
[  149.158591][ T6418] F2FS-fs (loop1): invalid crc value
[  149.182224][ T6418] F2FS-fs (loop1): Found nat_bits in checkpoint
[  149.216687][ T6418] F2FS-fs (loop1): Start checkpoint disabled!
[  149.257423][ T6418] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  149.982526][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  149.988355][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  150.336721][ T6430] loop2: detected capacity change from 0 to 32768
[  150.426677][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  150.472835][ T6430] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  150.484913][ T6430] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  150.495335][ T6430] BTRFS info (device loop2): allowing degraded mounts
[  150.502106][ T6430] BTRFS info (device loop2): metadata ratio 1
[  150.508245][ T6430] BTRFS info (device loop2): ignoring bad roots
[  150.514579][ T6430] BTRFS info (device loop2): force zlib compression, level 3
[  150.521941][ T6430] BTRFS info (device loop2): allowing degraded mounts
[  150.528839][ T6430] BTRFS info (device loop2): using free space tree
[  150.685393][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  150.744259][ T6430] BTRFS error (device loop2): failed to load root extent
[  150.775258][   T58] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  150.824186][ T6430] BTRFS error (device loop2): failed to load root free space
[  150.832808][   T48] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  150.895014][ T1095] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  150.911576][  T985] kworker/u4:5: attempt to access beyond end of device
[  150.911576][  T985] loop1: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  150.981608][  T985] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  150.997836][ T6430] BTRFS info (device loop2): enabling ssd optimizations
[  151.190061][ T5787] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  151.340700][   T48] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  151.689161][   T48] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.037700][   T48] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.268772][   T48] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.311534][ T6458] loop0: detected capacity change from 0 to 2048
[  154.064242][ T6458]  loop0: unable to read partition table
[  154.070029][ T6458] loop_reread_partitions: partition scan of loop0 () failed (rc=-5)
[  154.549651][ T5158] Alternate GPT is invalid, using primary GPT.
[  154.557743][ T5158]  loop0: p1 p2 p3
[  154.597442][ T5158] Alternate GPT is invalid, using primary GPT.
[  154.604062][ T5158]  loop0: p1 p2 p3
[  154.716357][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  154.735137][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  154.796998][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  154.838603][ T5791] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  154.850162][ T5791] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  154.862430][ T5791] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  154.872479][ T5791] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  154.981754][ T5791] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  155.021958][ T5791] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  155.699854][ T6476] dummy0 speed is unknown, defaulting to 1000
[  155.714067][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  155.760520][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  155.785783][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  155.825520][ T6468] dummy0 speed is unknown, defaulting to 1000
[  156.453460][ T6485] loop1: detected capacity change from 0 to 32768
[  157.133326][ T5791] Bluetooth: hci0: command tx timeout
[  157.780435][ T6485] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.142 (6485)
[  157.815941][ T6497] 9pnet_fd: Insufficient options for proto=fd
[  158.464732][ T6491] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  158.471273][ T6491] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  158.479240][ T6491] vhci_hcd vhci_hcd.0: Device attached
[  158.534049][ T6495] vhci_hcd: connection closed
[  158.717394][ T1087] vhci_hcd: stop threads
[  158.891693][ T1087] vhci_hcd: release socket
[  158.893781][ T6485] BTRFS error (device loop1): open_ctree failed: -4
[  158.896336][ T1087] vhci_hcd: disconnect device
[  159.210565][ T6508] loop0: detected capacity change from 0 to 1024
[  159.224445][ T5791] Bluetooth: hci0: command tx timeout
[  159.286218][ T6511] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  159.292793][ T6511] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  159.301025][ T6511] vhci_hcd vhci_hcd.0: Device attached
[  159.309885][ T6506] siw: device registration error -23
[  159.323817][ T6511] 9pnet_fd: Insufficient options for proto=fd
[  159.332151][ T6508] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  159.408539][ T5780] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by udevd (5780)
[  159.471697][ T6512] vhci_hcd: connection closed
[  159.505866][   T12] vhci_hcd: stop threads
[  160.625585][   T12] vhci_hcd: release socket
[  160.650876][ T6508] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.653160][ T5891] usb 37-1: new high-speed USB device number 3 using vhci_hcd
[  160.673221][   T12] vhci_hcd: disconnect device
[  160.754877][ T5891] usb 37-1: enqueue for inactive port 0
[  160.970204][ T6506] netlink: 156 bytes leftover after parsing attributes in process `syz.1.145'.
[  161.017037][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  161.220985][ T6527] block device autoloading is deprecated and will be removed.
[  161.413279][ T5891] vhci_hcd: vhci_device speed not set
[  161.418876][ T5791] Bluetooth: hci0: command tx timeout
[  161.920758][ T6468] chnl_net:caif_netlink_parms(): no params data found
[  162.147319][ T6536] loop1: detected capacity change from 0 to 256
[  162.255004][ T6540] overlayfs: missing 'lowerdir'
[  163.551168][ T5791] Bluetooth: hci0: command tx timeout
[  163.683968][ T6554] netlink: 8 bytes leftover after parsing attributes in process `syz.1.153'.
[  164.387416][ T6548] loop2: detected capacity change from 0 to 32768
[  164.406085][ T6548] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  164.416383][ T6548] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  164.425856][ T6548] BTRFS info (device loop2): allowing degraded mounts
[  164.432621][ T6548] BTRFS info (device loop2): metadata ratio 1
[  164.438758][ T6548] BTRFS info (device loop2): ignoring bad roots
[  164.445059][ T6548] BTRFS info (device loop2): force zlib compression, level 3
[  164.452463][ T6548] BTRFS info (device loop2): allowing degraded mounts
[  164.459249][ T6548] BTRFS info (device loop2): using free space tree
[  164.496568][ T6555] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  164.503131][ T6555] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  164.511028][ T6555] vhci_hcd vhci_hcd.0: Device attached
[  164.528136][ T6555] 9pnet_fd: Insufficient options for proto=fd
[  164.623244][ T6557] vhci_hcd: connection closed
[  164.636623][ T3486] vhci_hcd: stop threads
[  164.796408][ T3486] vhci_hcd: release socket
[  164.867121][ T3486] vhci_hcd: disconnect device
[  164.913470][   T23] usb 33-1: new high-speed USB device number 2 using vhci_hcd
[  165.037929][   T23] usb 33-1: enqueue for inactive port 0
[  165.204582][ T6468] bridge0: port 1(bridge_slave_0) entered blocking state
[  165.223533][   T23] vhci_hcd: vhci_device speed not set
[  165.237368][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  165.263865][ T6468] bridge0: port 1(bridge_slave_0) entered disabled state
[  165.271131][ T6468] bridge_slave_0: entered allmulticast mode
[  165.278659][ T6468] bridge_slave_0: entered promiscuous mode
[  165.287250][ T6548] BTRFS error (device loop2): failed to load root extent
[  165.302585][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  165.325905][ T6548] BTRFS error (device loop2): failed to load root free space
[  165.340633][   T42] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  165.441322][ T1087] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  165.464131][    C1] vkms_vblank_simulate: vblank timer overrun
[  165.539102][ T6576] syz.1.155: attempt to access beyond end of device
[  165.539102][ T6576] nbd1: rw=4096, sector=128, nr_sectors = 8 limit=0
[  165.552456][ T6576] gfs2: error 10 reading superblock
[  166.073313][ T6468] bridge0: port 2(bridge_slave_1) entered blocking state
[  166.080411][ T6468] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.178935][ T6548] BTRFS info (device loop2): enabling ssd optimizations
[  166.190759][ T6468] bridge_slave_1: entered allmulticast mode
[  166.226875][ T6468] bridge_slave_1: entered promiscuous mode
[  166.473770][ T6580] loop1: detected capacity change from 0 to 1024
[  166.529462][ T5787] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  166.551728][ T6580] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  166.584873][ T6585] netlink: 36 bytes leftover after parsing attributes in process `syz.0.157'.
[  166.667093][ T6580] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  166.814711][ T6468] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  166.881700][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  166.950236][ T6468] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  168.178963][ T6610] overlayfs: missing 'lowerdir'
[  169.387921][ T6468] team0: Port device team_slave_0 added
[  169.431160][ T6468] team0: Port device team_slave_1 added
[  169.442519][ T6619] loop2: detected capacity change from 0 to 256
[  170.158279][ T6623] loop1: detected capacity change from 0 to 1024
[  170.203605][ T6468] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.210603][ T6468] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  170.261491][ T6468] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.290944][ T6623] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  170.309955][   T48] hsr_slave_0: left promiscuous mode
[  170.318033][   T48] hsr_slave_1: left promiscuous mode
[  170.637140][ T6635] syz.0.164: attempt to access beyond end of device
[  170.637140][ T6635] nbd0: rw=4096, sector=128, nr_sectors = 8 limit=0
[  170.650528][ T6635] gfs2: error 10 reading superblock
[  171.190165][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  171.198585][   T48] batman_adv: batadv0: Removing interface: batadv_slave_0
[  171.229278][   T48] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  171.477593][   T48] batman_adv: batadv0: Removing interface: batadv_slave_1
[  171.623211][ T6637] loop2: detected capacity change from 0 to 32768
[  171.640792][ T6637] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.165 (6637)
[  171.669763][   T48] bridge_slave_1: left allmulticast mode
[  171.700022][   T48] bridge_slave_1: left promiscuous mode
[  171.707924][ T6637] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  171.718177][ T6637] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  171.727645][ T6637] BTRFS info (device loop2): allowing degraded mounts
[  171.734467][ T6637] BTRFS info (device loop2): metadata ratio 1
[  171.740565][ T6637] BTRFS info (device loop2): ignoring bad roots
[  171.747048][ T6637] BTRFS info (device loop2): force zlib compression, level 3
[  171.755428][ T6637] BTRFS info (device loop2): allowing degraded mounts
[  171.762231][ T6637] BTRFS info (device loop2): using free space tree
[  171.867254][   T48] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.888893][   T48] bridge_slave_0: left allmulticast mode
[  171.983507][ T6642] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  171.990164][ T6642] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  171.998231][ T6642] vhci_hcd vhci_hcd.0: Device attached
[  172.016328][ T6642] 9pnet_fd: Insufficient options for proto=fd
[  172.225924][ T6643] vhci_hcd: connection closed
[  173.038560][   T48] bridge_slave_0: left promiscuous mode
[  173.050306][   T48] bridge0: port 1(bridge_slave_0) entered disabled state
[  173.099035][ T1087] vhci_hcd: stop threads
[  173.108939][ T1087] vhci_hcd: release socket
[  173.154362][ T1074] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  173.177948][ T1087] vhci_hcd: disconnect device
[  173.202704][   T48] veth1_macvtap: left promiscuous mode
[  173.209890][ T6637] BTRFS error (device loop2): failed to load root extent
[  173.210196][   T48] veth0_macvtap: left promiscuous mode
[  173.225868][ T5792] vhci_hcd: vhci_device speed not set
[  173.235584][ T1087] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  173.282935][ T6637] BTRFS error (device loop2): failed to load root free space
[  173.283428][   T48] veth1_vlan: left promiscuous mode
[  173.301920][ T1074] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  173.305903][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  173.333463][   T48] veth0_vlan: left promiscuous mode
[  173.384298][ T1087] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  173.496541][ T6637] BTRFS info (device loop2): enabling ssd optimizations
[  173.735727][ T5787] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  173.784762][ T6667] loop1: detected capacity change from 0 to 128
[  174.732961][ T6672] netlink: 72 bytes leftover after parsing attributes in process `syz.2.170'.
[  174.746383][ T6672] syz.2.170: attempt to access beyond end of device
[  174.746383][ T6672] nbd2: rw=0, sector=64, nr_sectors = 8 limit=0
[  174.760391][ T6672] syz.2.170: attempt to access beyond end of device
[  174.760391][ T6672] nbd2: rw=0, sector=120, nr_sectors = 8 limit=0
[  174.773347][ T6672] Mount JFS Failure: -5
[  176.499586][ T6690] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(9)
[  176.506329][ T6690] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  176.514394][ T6690] vhci_hcd vhci_hcd.0: Device attached
[  176.533677][ T6694] 9pnet_fd: Insufficient options for proto=fd
[  176.631031][ T6692] vhci_hcd: connection closed
[  176.648007][   T12] vhci_hcd: stop threads
[  176.735765][   T12] vhci_hcd: release socket
[  176.774525][   T12] vhci_hcd: disconnect device
[  176.824920][ T6695] loop1: detected capacity change from 0 to 1024
[  176.835585][ T5792] usb 37-1: new high-speed USB device number 4 using vhci_hcd
[  176.903720][ T5792] usb 37-1: enqueue for inactive port 0
[  177.065105][ T5792] vhci_hcd: vhci_device speed not set
[  177.670669][   T58] hfsplus: b-tree write err: -5, ino 4
[  177.995601][ T6700] loop2: detected capacity change from 0 to 1024
[  178.044146][ T6700] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  178.061980][   T48] team0 (unregistering): Port device team_slave_1 removed
[  178.910963][ T6700] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  178.956729][   T48] team0 (unregistering): Port device team_slave_0 removed
[  178.987033][ T6704] loop1: detected capacity change from 0 to 32768
[  178.995414][ T6704] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.175 (6704)
[  179.023686][ T6704] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  179.035149][ T6704] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  179.044856][ T6704] BTRFS info (device loop1): allowing degraded mounts
[  179.051773][ T6704] BTRFS info (device loop1): metadata ratio 1
[  179.058049][ T6704] BTRFS info (device loop1): ignoring bad roots
[  179.064531][ T6704] BTRFS info (device loop1): force zlib compression, level 3
[  179.071979][ T6704] BTRFS info (device loop1): allowing degraded mounts
[  179.078934][ T6704] BTRFS info (device loop1): using free space tree
[  179.119763][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  179.192685][ T1087] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  179.261887][ T6704] BTRFS error (device loop1): failed to load root extent
[  179.274514][   T12] BTRFS warning (device loop1): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  179.351741][ T6704] BTRFS error (device loop1): failed to load root free space
[  179.360545][   T12] BTRFS warning (device loop1): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  179.408802][   T48] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  179.445123][   T12] BTRFS warning (device loop1): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  179.817613][ T6724] loop2: detected capacity change from 0 to 32768
[  179.884955][ T6724] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.177 (6724)
[  179.898532][ T6704] BTRFS info (device loop1): enabling ssd optimizations
[  179.907299][   T48] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  180.032158][ T5780] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by udevd (5780)
[  180.196653][ T5785] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  180.279831][ T6727] autofs4:pid:6727:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e)
[  181.020565][ T6732] loop1: detected capacity change from 0 to 32768
[  181.033612][ T6732] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.178 (6732)
[  181.064833][ T6732] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  181.075697][ T6732] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  181.087902][ T6732] BTRFS info (device loop1): allowing degraded mounts
[  181.094782][ T6732] BTRFS info (device loop1): metadata ratio 1
[  181.100957][ T6732] BTRFS info (device loop1): ignoring bad roots
[  181.107328][ T6732] BTRFS info (device loop1): force zlib compression, level 3
[  181.114793][ T6732] BTRFS info (device loop1): allowing degraded mounts
[  181.121640][ T6732] BTRFS info (device loop1): using free space tree
[  181.230913][   T12] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  181.292584][ T6732] BTRFS error (device loop1): failed to load root extent
[  181.300896][ T1095] BTRFS warning (device loop1): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  181.327296][ T6728] loop2: detected capacity change from 0 to 40427
[  181.334005][ T6732] BTRFS error (device loop1): failed to load root free space
[  181.342282][ T1095] BTRFS warning (device loop1): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  181.379637][   T12] BTRFS warning (device loop1): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  181.402466][    C0] vkms_vblank_simulate: vblank timer overrun
[  181.421171][ T6728] F2FS-fs (loop2): invalid crc value
[  181.446082][ T6732] BTRFS info (device loop1): enabling ssd optimizations
[  181.453671][ T6728] F2FS-fs (loop2): Found nat_bits in checkpoint
[  181.612689][ T6728] F2FS-fs (loop2): Start checkpoint disabled!
[  181.641123][ T6728] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  181.689583][ T5785] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  182.084033][ T6728] syz.2.179: attempt to access beyond end of device
[  182.084033][ T6728] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  182.179280][ T6728] syz.2.179: attempt to access beyond end of device
[  182.179280][ T6728] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  182.361469][   T48] bond0 (unregistering): Released all slaves
[  182.856276][   T42] kworker/u4:2: attempt to access beyond end of device
[  182.856276][   T42] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  183.001825][   T42] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  183.122593][ T6468] batman_adv: batadv0: Adding interface: batadv_slave_1
[  183.254362][ T6468] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  183.324123][ T6468] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  183.618985][ T6765] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  183.625553][ T6765] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  183.633967][ T6765] vhci_hcd vhci_hcd.0: Device attached
[  183.651307][ T6765] 9pnet_fd: Insufficient options for proto=fd
[  183.847918][ T6769] vhci_hcd: connection closed
[  183.879623][   T11] vhci_hcd: stop threads
[  183.981610][ T5840] usb 35-1: new high-speed USB device number 2 using vhci_hcd
[  184.075058][   T11] vhci_hcd: release socket
[  184.748912][   T11] vhci_hcd: disconnect device
[  184.851423][ T6772] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  184.857999][ T6772] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  184.866864][ T6772] vhci_hcd vhci_hcd.0: Device attached
[  184.890790][ T6772] 9pnet_fd: Insufficient options for proto=fd
[  184.984795][ T6775] vhci_hcd: connection closed
[  185.019525][ T3486] vhci_hcd: stop threads
[  185.118773][ T3486] vhci_hcd: release socket
[  185.190488][ T3486] vhci_hcd: disconnect device
[  185.223384][ T1968] usb 33-1: new high-speed USB device number 4 using vhci_hcd
[  185.255612][ T6468] hsr_slave_0: entered promiscuous mode
[  185.304193][ T1968] usb 33-1: enqueue for inactive port 0
[  185.377173][ T6468] hsr_slave_1: entered promiscuous mode
[  185.459909][ T1968] vhci_hcd: vhci_device speed not set
[  185.520689][ T6468] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  185.582632][ T6468] Cannot create hsr debugfs directory
[  185.956802][ T6782] netlink: 36 bytes leftover after parsing attributes in process `syz.1.184'.
[  186.237499][ T6468] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  186.264171][ T6468] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  186.294511][ T6468] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  186.314525][ T6468] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  186.331045][ T6784] netlink: 156 bytes leftover after parsing attributes in process `syz.0.185'.
[  186.510445][ T6468] 8021q: adding VLAN 0 to HW filter on device bond0
[  187.310857][ T6806] loop2: detected capacity change from 0 to 32768
[  187.328321][ T6468] 8021q: adding VLAN 0 to HW filter on device team0
[  187.356454][ T6806] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.186 (6806)
[  187.467155][ T6807] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  187.478975][ T6807] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  187.930391][ T6806] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  187.940903][ T6806] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  187.950363][ T6806] BTRFS info (device loop2): allowing degraded mounts
[  187.957174][ T6806] BTRFS info (device loop2): metadata ratio 1
[  187.963444][ T6806] BTRFS info (device loop2): ignoring bad roots
[  187.969687][ T6806] BTRFS info (device loop2): force zlib compression, level 3
[  187.977090][ T6806] BTRFS info (device loop2): allowing degraded mounts
[  187.983888][ T6806] BTRFS info (device loop2): using free space tree
[  188.040660][ T1074] bridge0: port 1(bridge_slave_0) entered blocking state
[  188.047828][ T1074] bridge0: port 1(bridge_slave_0) entered forwarding state
[  188.108454][ T3486] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  188.168770][ T6806] BTRFS error (device loop2): failed to load root extent
[  188.177434][ T3486] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  188.203578][ T6806] BTRFS error (device loop2): failed to load root free space
[  188.214169][  T985] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  188.236926][    C0] vkms_vblank_simulate: vblank timer overrun
[  188.293557][ T1074] bridge0: port 2(bridge_slave_1) entered blocking state
[  188.300776][ T1074] bridge0: port 2(bridge_slave_1) entered forwarding state
[  188.389809][  T985] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  188.518596][ T6806] BTRFS info (device loop2): enabling ssd optimizations
[  188.717943][ T6827] loop1: detected capacity change from 0 to 32768
[  188.742244][ T5787] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  188.756919][ T6827] BTRFS warning: duplicate device /dev/loop1 devid 1 generation 8 scanned by syz.1.188 (6827)
[  188.841804][ T5797] I/O error, dev loop1, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  189.303128][ T5840] vhci_hcd: vhci_device speed not set
[  189.482619][ T6838] loop2: detected capacity change from 0 to 2048
[  189.615222][ T6838] Alternate GPT is invalid, using primary GPT.
[  189.621819][ T6838]  loop2: p1 p2 p3
[  190.759147][ T6468] 8021q: adding VLAN 0 to HW filter on device batadv0
[  191.051240][ T6850] loop2: detected capacity change from 0 to 128
[  191.468154][ T5103] Bluetooth: hci3: command 0x0406 tx timeout
[  191.475067][ T5103] Bluetooth: hci2: command 0x0406 tx timeout
[  191.481960][ T5799] Bluetooth: hci1: command 0x0406 tx timeout
[  191.607648][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  191.742355][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  191.872025][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  192.402969][ T6865] loop1: detected capacity change from 0 to 1024
[  192.469733][ T6389] udevd[6389]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  192.510211][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  192.544112][ T6865] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  192.738034][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  192.870561][ T6865] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  192.897717][ T6876] loop0: detected capacity change from 0 to 256
[  193.202520][ T5785] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  194.038819][ T6884] loop2: detected capacity change from 0 to 32768
[  194.048185][ T6884] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.197 (6884)
[  194.065479][ T6884] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  194.076622][ T6884] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  194.086359][ T6884] BTRFS info (device loop2): allowing degraded mounts
[  194.093275][ T6884] BTRFS info (device loop2): metadata ratio 1
[  194.099401][ T6884] BTRFS info (device loop2): ignoring bad roots
[  194.105795][ T6884] BTRFS info (device loop2): force zlib compression, level 3
[  194.113289][ T6884] BTRFS info (device loop2): allowing degraded mounts
[  194.120085][ T6884] BTRFS info (device loop2): using free space tree
[  194.378554][ T6468] veth0_vlan: entered promiscuous mode
[  194.521924][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  194.553782][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  195.050335][ T6899] loop1: detected capacity change from 0 to 2048
[  195.151913][ T6468] veth1_vlan: entered promiscuous mode
[  195.186014][ T6899] Alternate GPT is invalid, using primary GPT.
[  195.192596][ T6899]  loop1: p1 p2 p3
[  195.487306][   T11] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  195.566649][ T6468] veth0_macvtap: entered promiscuous mode
[  195.572628][ T6884] BTRFS error (device loop2): failed to load root extent
[  195.582450][   T12] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  195.620078][ T6468] veth1_macvtap: entered promiscuous mode
[  195.669807][ T6884] BTRFS error (device loop2): failed to load root free space
[  195.737111][ T6914] loop0: detected capacity change from 0 to 128
[  195.963813][   T11] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  196.032795][   T11] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  196.082337][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.150438][ T6884] BTRFS error (device loop2): open_ctree failed: -4
[  196.163428][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.174147][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.185027][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.195246][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  196.206045][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.218212][ T6468] batman_adv: batadv0: Interface activated: batadv_slave_0
[  196.231198][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.246060][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.355412][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.366452][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.379116][ T6468] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  196.389755][ T6468] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  196.407239][ T6468] batman_adv: batadv0: Interface activated: batadv_slave_1
[  196.488413][ T6922] autofs4:pid:6922:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e)
[  196.719742][ T6922] loop2: detected capacity change from 0 to 40427
[  196.755971][ T6922] F2FS-fs (loop2): invalid crc value
[  196.763676][ T6922] F2FS-fs (loop2): Found nat_bits in checkpoint
[  196.826438][ T6922] F2FS-fs (loop2): Start checkpoint disabled!
[  196.843965][ T6922] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  196.849824][ T6468] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  196.904329][ T6468] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  197.463992][ T6468] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  197.510531][ T6468] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  197.567615][ T6920] netlink: 156 bytes leftover after parsing attributes in process `syz.0.201'.
[  198.037935][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.075903][  T985] kworker/u4:5: attempt to access beyond end of device
[  198.075903][  T985] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  198.093284][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  198.131661][  T985] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  198.267213][ T3440] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  198.283365][ T3440] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  200.400133][ T6957] netlink: 36 bytes leftover after parsing attributes in process `syz.1.207'.
[  200.926955][ T6956] loop2: detected capacity change from 0 to 1024
[  200.988007][ T6956] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  201.072778][ T6956] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  201.347283][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  202.274849][ T6973] loop0: detected capacity change from 0 to 32768
[  202.287054][ T6973] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.209 (6973)
[  202.310303][ T6973] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  202.320574][ T6973] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  202.330115][ T6973] BTRFS info (device loop0): allowing degraded mounts
[  202.337006][ T6973] BTRFS info (device loop0): metadata ratio 1
[  202.343162][ T6973] BTRFS info (device loop0): ignoring bad roots
[  202.349471][ T6973] BTRFS info (device loop0): force zlib compression, level 3
[  202.356986][ T6973] BTRFS info (device loop0): allowing degraded mounts
[  202.363867][ T6973] BTRFS info (device loop0): using free space tree
[  202.500237][   T12] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  202.579157][ T6989] autofs4:pid:6989:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e)
[  202.609874][ T6973] BTRFS error (device loop0): failed to load root extent
[  202.620029][ T3440] BTRFS warning (device loop0): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  202.726392][ T6973] BTRFS error (device loop0): failed to load root free space
[  202.735503][   T12] BTRFS warning (device loop0): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  202.827587][   T48] BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  202.976776][ T6973] BTRFS info (device loop0): enabling ssd optimizations
[  203.000238][ T6989] loop2: detected capacity change from 0 to 40427
[  203.015580][ T6989] F2FS-fs (loop2): invalid crc value
[  203.042932][ T6989] F2FS-fs (loop2): Found nat_bits in checkpoint
[  203.098395][ T6989] F2FS-fs (loop2): Start checkpoint disabled!
[  203.107127][ T6989] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  203.507469][ T7002] loop4: detected capacity change from 0 to 128
[  203.767253][ T7003] syz.2.211: attempt to access beyond end of device
[  203.767253][ T7003] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  203.782791][ T7003] syz.2.211: attempt to access beyond end of device
[  203.782791][ T7003] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  204.080367][ T5786] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  204.412801][   T48] kworker/u4:3: attempt to access beyond end of device
[  204.412801][   T48] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  204.573605][   T48] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  205.018258][ T7014] loop0: detected capacity change from 0 to 32768
[  205.057913][ T7014] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.212 (7014)
[  205.081343][ T7014] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  205.091644][ T7014] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  205.101191][ T7014] BTRFS info (device loop0): allowing degraded mounts
[  205.108094][ T7014] BTRFS info (device loop0): metadata ratio 1
[  205.114283][ T7014] BTRFS info (device loop0): ignoring bad roots
[  205.120579][ T7014] BTRFS info (device loop0): force zlib compression, level 3
[  205.128086][ T7014] BTRFS info (device loop0): allowing degraded mounts
[  205.136968][ T7014] BTRFS info (device loop0): using free space tree
[  205.247289][  T985] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  205.303246][ T7014] BTRFS error (device loop0): failed to load root extent
[  205.327847][   T48] BTRFS warning (device loop0): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  205.443569][ T7014] BTRFS error (device loop0): failed to load root free space
[  205.451868][   T48] BTRFS warning (device loop0): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  205.532936][ T3440] BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  205.639995][ T7014] BTRFS info (device loop0): enabling ssd optimizations
[  205.917743][ T5786] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  206.456249][ T5780] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by udevd (5780)
[  207.055651][ T7048] netlink: 36 bytes leftover after parsing attributes in process `syz.1.217'.
[  207.504235][ T7055] siw: device registration error -23
[  208.113101][ T7055] netlink: 156 bytes leftover after parsing attributes in process `syz.1.218'.
[  210.700698][ T7084] loop1: detected capacity change from 0 to 2048
[  210.754921][ T7084] Alternate GPT is invalid, using primary GPT.
[  210.761592][ T7084]  loop1: p1 p2 p3
[  211.684985][ T7090] loop4: detected capacity change from 0 to 32768
[  211.735318][ T7090] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  211.745575][ T7090] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  211.755122][ T7090] BTRFS info (device loop4): allowing degraded mounts
[  211.761974][ T7090] BTRFS info (device loop4): metadata ratio 1
[  211.768159][ T7090] BTRFS info (device loop4): ignoring bad roots
[  211.775268][ T7090] BTRFS info (device loop4): force zlib compression, level 3
[  211.782698][ T7090] BTRFS info (device loop4): allowing degraded mounts
[  211.790069][ T7090] BTRFS info (device loop4): using free space tree
[  212.117406][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  212.132551][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  212.146981][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  212.173396][ T3440] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  212.262202][ T7113] loop2: detected capacity change from 0 to 128
[  212.283409][ T7090] BTRFS error (device loop4): failed to load root extent
[  212.302107][   T12] BTRFS warning (device loop4): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  212.388465][ T7090] BTRFS error (device loop4): failed to load root free space
[  212.397027][   T12] BTRFS warning (device loop4): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  212.509040][ T3486] BTRFS warning (device loop4): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  212.883396][ T7090] BTRFS info (device loop4): enabling ssd optimizations
[  213.357364][ T6468] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  213.501330][ T5780] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by udevd (5780)
[  215.033388][ T7146] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  215.045154][ T7146] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  216.878299][ T7156] autofs4:pid:7156:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e)
[  217.283479][ T7157] loop4: detected capacity change from 0 to 40427
[  217.295817][ T7157] F2FS-fs (loop4): invalid crc value
[  217.319711][ T7157] F2FS-fs (loop4): Found nat_bits in checkpoint
[  217.366544][ T7157] F2FS-fs (loop4): Start checkpoint disabled!
[  217.385619][ T7157] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  217.719256][ T7157] syz.4.232: attempt to access beyond end of device
[  217.719256][ T7157] loop4: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  217.733663][ T7157] syz.4.232: attempt to access beyond end of device
[  217.733663][ T7157] loop4: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  217.940776][ T7172] netlink: 'syz.2.234': attribute type 1 has an invalid length.
[  218.023331][ T7172] loop2: detected capacity change from 0 to 2048
[  220.299714][ T3440] kworker/u4:9: attempt to access beyond end of device
[  220.299714][ T3440] loop4: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  220.365970][ T7195] loop2: detected capacity change from 0 to 1024
[  220.374927][ T7191] 9pnet_virtio: no channels available for device syz
[  220.383949][ T3440] F2FS-fs (loop4): Stopped filesystem due to reason: 3
[  220.456370][ T7195] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.541110][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.000392][ T7236] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  226.011615][ T7236] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  226.414361][ T7240] autofs4:pid:7240:validate_dev_ioctl: path string terminator missing for cmd(0xc018937e)
[  226.940776][ T7240] loop2: detected capacity change from 0 to 40427
[  227.175695][ T7240] F2FS-fs (loop2): invalid crc value
[  227.337208][ T7240] F2FS-fs (loop2): Found nat_bits in checkpoint
[  227.388784][ T7240] F2FS-fs (loop2): Start checkpoint disabled!
[  227.532649][ T7248] netlink: 'syz.1.247': attribute type 1 has an invalid length.
[  227.570914][ T7240] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  227.629830][ T7248] loop1: detected capacity change from 0 to 2048
[  228.190691][ T7248] Alternate GPT is invalid, using primary GPT.
[  228.222243][ T7248]  loop1: p1 p2 p3
[  228.326022][ T7240] syz.2.245: attempt to access beyond end of device
[  228.326022][ T7240] loop2: rw=524288, sector=45064, nr_sectors = 8 limit=40427
[  228.339978][ T7240] syz.2.245: attempt to access beyond end of device
[  228.339978][ T7240] loop2: rw=0, sector=45064, nr_sectors = 8 limit=40427
[  228.479387][ T7259] loop4: detected capacity change from 0 to 1024
[  228.583931][ T7259] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  228.739322][ T7259] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  228.799776][ T1074] kworker/u4:6: attempt to access beyond end of device
[  228.799776][ T1074] loop2: rw=2049, sector=40960, nr_sectors = 8 limit=40427
[  228.814041][ T1074] F2FS-fs (loop2): Stopped filesystem due to reason: 3
[  229.051592][ T7270] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  229.058164][ T7270] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  229.066747][ T7270] vhci_hcd vhci_hcd.0: Device attached
[  229.777168][ T7270] 9pnet_fd: Insufficient options for proto=fd
[  229.874791][ T7271] vhci_hcd: connection closed
[  229.890471][ T1074] vhci_hcd: stop threads
[  229.935595][ T1074] vhci_hcd: release socket
[  229.940482][ T1074] vhci_hcd: disconnect device
[  230.390452][ T6468] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  230.673335][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  232.427566][ T7294] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  232.438762][ T7294] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  232.516307][ T7299] loop2: detected capacity change from 0 to 32768
[  232.537631][ T7299] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  232.548488][ T7299] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  232.558043][ T7299] BTRFS info (device loop2): allowing degraded mounts
[  232.564898][ T7299] BTRFS info (device loop2): metadata ratio 1
[  232.571063][ T7299] BTRFS info (device loop2): ignoring bad roots
[  232.578698][ T7299] BTRFS info (device loop2): force zlib compression, level 3
[  232.586175][ T7299] BTRFS info (device loop2): allowing degraded mounts
[  232.592961][ T7299] BTRFS info (device loop2): using free space tree
[  232.662256][ T7308] netlink: 36 bytes leftover after parsing attributes in process `syz.4.257'.
[  233.149983][ T7205] BTRFS warning (device loop2): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  233.461281][ T7299] BTRFS error (device loop2): failed to load root extent
[  233.476045][ T7205] BTRFS warning (device loop2): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  233.564004][ T7299] BTRFS error (device loop2): failed to load root free space
[  233.583819][ T1087] BTRFS warning (device loop2): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  233.700577][ T1087] BTRFS warning (device loop2): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  233.878476][ T7333] syz.4.258: attempt to access beyond end of device
[  233.878476][ T7333] nbd4: rw=4096, sector=128, nr_sectors = 8 limit=0
[  233.891953][ T7333] gfs2: error 10 reading superblock
[  234.011986][ T7332] loop0: detected capacity change from 0 to 2048
[  234.582119][ T7299] BTRFS info (device loop2): enabling ssd optimizations
[  235.163496][ T7341] netlink: 'syz.1.260': attribute type 1 has an invalid length.
[  235.218298][ T5787] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  235.264823][ T7341] loop1: detected capacity change from 0 to 2048
[  235.352164][ T7341] Alternate GPT is invalid, using primary GPT.
[  235.359046][ T7341]  loop1: p1 p2 p3
[  235.729426][ T5158] Alternate GPT is invalid, using primary GPT.
[  235.773403][ T5158]  loop1: p1 p2 p3
[  236.691324][ T7360] loop2: detected capacity change from 0 to 1024
[  237.715130][ T7360] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  237.779826][ T7364] loop0: detected capacity change from 0 to 32768
[  237.791883][ T7364] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop0 scanned by syz.0.264 (7364)
[  237.812984][ T7364] BTRFS info (device loop0): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  237.823352][ T7364] BTRFS info (device loop0): using blake2b (blake2b-256-generic) checksum algorithm
[  237.832808][ T7364] BTRFS info (device loop0): allowing degraded mounts
[  237.839757][ T7364] BTRFS info (device loop0): metadata ratio 1
[  237.845968][ T7364] BTRFS info (device loop0): ignoring bad roots
[  237.852281][ T7364] BTRFS info (device loop0): force zlib compression, level 3
[  237.859789][ T7364] BTRFS info (device loop0): allowing degraded mounts
[  237.866696][ T7364] BTRFS info (device loop0): using free space tree
[  237.945529][ T7360] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  238.185310][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  238.210257][ T6470] udevd[6470]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  238.247393][ T1087] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  238.297163][ T7387] dummy0 speed is unknown, defaulting to 1000
[  238.385712][ T6389] udevd[6389]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  238.415218][ T7364] BTRFS error (device loop0): failed to load root extent
[  238.424355][ T5787] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  238.438336][ T1087] BTRFS warning (device loop0): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  238.497214][ T7364] BTRFS error (device loop0): failed to load root free space
[  238.507112][  T985] BTRFS warning (device loop0): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  238.551211][ T5956] udevd[5956]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  238.563836][ T6389] udevd[6389]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  238.564049][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  238.630059][  T985] BTRFS warning (device loop0): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  238.725011][ T7364] BTRFS info (device loop0): enabling ssd optimizations
[  239.050446][ T5786] BTRFS info (device loop0): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  242.849199][ T7424] loop4: detected capacity change from 0 to 32768
[  242.863631][ T7424] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.270 (7424)
[  242.897725][ T7424] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  242.908957][ T7424] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  242.919034][ T7424] BTRFS info (device loop4): allowing degraded mounts
[  242.926116][ T7424] BTRFS info (device loop4): metadata ratio 1
[  242.932548][ T7424] BTRFS info (device loop4): ignoring bad roots
[  242.939114][ T7424] BTRFS info (device loop4): force zlib compression, level 3
[  242.946705][ T7424] BTRFS info (device loop4): allowing degraded mounts
[  242.953676][ T7424] BTRFS info (device loop4): using free space tree
[  243.037575][ T7426] loop2: detected capacity change from 0 to 2048
[  243.135580][ T7426] Alternate GPT is invalid, using primary GPT.
[  243.180266][ T7426]  loop2: p1 p2 p3
[  244.751195][ T1074] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  244.955402][ T7455] loop0: detected capacity change from 0 to 32768
[  244.965760][ T7424] BTRFS error (device loop4): failed to load root extent
[  244.986603][   T42] BTRFS warning (device loop4): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  245.010329][ T7424] BTRFS error (device loop4): failed to load root free space
[  245.018704][   T42] BTRFS warning (device loop4): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  245.097920][ T7455] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  245.112511][ T3440] BTRFS warning (device loop4): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  245.169609][ T7455] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  245.476909][ T7424] BTRFS error (device loop4): open_ctree failed: -4
[  245.498326][ T7455] syz.0.275 (7455) used greatest stack depth: 19664 bytes left
[  246.258502][ T6389] udevd[6389]: inotify_add_watch(7, /dev/loop2p3, 10) failed: No such file or directory
[  246.288267][ T5956] udevd[5956]: inotify_add_watch(7, /dev/loop2p2, 10) failed: No such file or directory
[  246.314911][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  246.381054][ T5786] ocfs2: Unmounting device (7,0) on (node local)
[  246.485575][ T7465] dummy0 speed is unknown, defaulting to 1000
[  246.713001][ T5797] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by udevd (5797)
[  246.970829][ T7479] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  246.977388][ T7479] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  246.992527][ T7479] vhci_hcd vhci_hcd.0: Device attached
[  247.016028][ T7479] 9pnet_fd: Insufficient options for proto=fd
[  247.105092][ T7480] vhci_hcd: connection closed
[  247.128292][ T3440] vhci_hcd: stop threads
[  247.333007][ T3440] vhci_hcd: release socket
[  247.430551][ T3440] vhci_hcd: disconnect device
[  248.174524][ T7489] loop0: detected capacity change from 0 to 1024
[  248.436756][ T7489] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  249.102671][ T7509] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  249.113975][ T7509] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  251.240235][ T7528] loop1: detected capacity change from 0 to 2048
[  251.296763][ T7528] Alternate GPT is invalid, using primary GPT.
[  251.303145][ T7528]  loop1: p1 p2 p3
[  251.714781][ T5786] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  251.885393][ T5158] Alternate GPT is invalid, using primary GPT.
[  251.934650][ T5158]  loop1: p1 p2 p3
[  253.034007][ T7536] loop4: detected capacity change from 0 to 32768
[  253.088688][ T7536] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  253.099334][ T7536] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  253.109733][ T7536] BTRFS info (device loop4): allowing degraded mounts
[  253.116632][ T7536] BTRFS info (device loop4): metadata ratio 1
[  253.122766][ T7536] BTRFS info (device loop4): ignoring bad roots
[  253.129168][ T7536] BTRFS info (device loop4): force zlib compression, level 3
[  253.137306][ T7536] BTRFS info (device loop4): allowing degraded mounts
[  253.144213][ T7536] BTRFS info (device loop4): using free space tree
[  253.349236][ T1074] BTRFS warning (device loop4): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  253.374858][ T7536] BTRFS error (device loop4): failed to load root extent
[  253.382819][ T1074] BTRFS warning (device loop4): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  253.433183][ T7536] BTRFS error (device loop4): failed to load root free space
[  253.445791][ T1074] BTRFS warning (device loop4): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  253.509660][ T1074] BTRFS warning (device loop4): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  253.661905][ T7536] BTRFS info (device loop4): enabling ssd optimizations
[  253.665573][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  253.691645][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  253.764731][ T5797] udevd[5797]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  254.471354][ T6468] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  254.574440][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  254.593844][ T5780] udevd[5780]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  254.659400][ T7577] loop2: detected capacity change from 0 to 32768
[  254.683485][ T6389] udevd[6389]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  254.716184][ T7577] BTRFS warning: duplicate device /dev/loop2 devid 1 generation 8 scanned by syz.2.291 (7577)
[  254.891176][ T5797] I/O error, dev loop2, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  256.370945][ T7596] dummy0 speed is unknown, defaulting to 1000
[  256.433664][ T1279] ieee802154 phy0 wpan0: encryption failed: -22
[  256.433746][ T1279] ieee802154 phy1 wpan1: encryption failed: -22
[  257.135939][ T7612] netlink: 'syz.0.296': attribute type 1 has an invalid length.
[  257.286481][ T7606] loop0: detected capacity change from 0 to 2048
[  257.335887][ T7606] Alternate GPT is invalid, using primary GPT.
[  257.342197][ T7606]  loop0: p1 p2 p3
[  258.110686][ T7622] overlayfs: overlapping lowerdir path
[  258.210848][ T7623] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  259.967778][ T7635] loop1: detected capacity change from 0 to 32768
[  259.982371][ T7635] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by syz.1.301 (7635)
[  260.004533][ T7634] loop4: detected capacity change from 0 to 1024
[  260.024904][ T7634] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  260.039783][ T7635] BTRFS info (device loop1): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  260.050037][ T7635] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  260.059570][ T7635] BTRFS info (device loop1): allowing degraded mounts
[  260.066436][ T7635] BTRFS info (device loop1): metadata ratio 1
[  260.072560][ T7635] BTRFS info (device loop1): ignoring bad roots
[  260.078887][ T7635] BTRFS info (device loop1): force zlib compression, level 3
[  260.086815][ T7635] BTRFS info (device loop1): allowing degraded mounts
[  260.094143][ T7635] BTRFS info (device loop1): using free space tree
[  260.202245][ T7634] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  260.450508][ T7661] loop0: detected capacity change from 0 to 128
[  260.542591][  T985] BTRFS warning (device loop1): checksum verify failed on logical 5337088 mirror 1 wanted 0x324c5e2d0cac2dc8f61cbfdfc8cd69d9816061b1498b9e1bff7d10a59610160b found 0xf8bb6bdef03b64ff3b11a2a87ba7a2aeacfdb41cc49a87adad5cc1644d216b29 level 0
[  260.567493][ T7635] BTRFS error (device loop1): failed to load root extent
[  260.579518][ T7205] BTRFS warning (device loop1): checksum verify failed on logical 5341184 mirror 1 wanted 0xc53d3c5bb04ba5dfc01f4c277f0b81815915cb99da5074f609a3f7f617cf284a found 0xd34891a64d32c06b063fbbf3d26e09cb4d5acf5ade8dc51c4cd532bb53f895d0 level 0
[  260.632175][ T5778] udevd[5778]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  260.648896][ T5956] udevd[5956]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  260.662749][ T6389] udevd[6389]: inotify_add_watch(7, /dev/loop0p3, 10) failed: No such file or directory
[  260.699635][ T7667] 9pnet_virtio: no channels available for device syz
[  260.700571][ T7635] BTRFS error (device loop1): failed to load root free space
[  260.717243][ T7205] BTRFS warning (device loop1): checksum verify failed on logical 5287936 mirror 1 wanted 0x31987782e3a542b4b1826f4a60605b79838e23bf27075900db4b92202c72b2fd found 0xcc73edc8ee24564a8c6ce1ce085684ad2f9862e56f948f195b5cd36555a6be2f level 0
[  260.739483][ T6468] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  260.834590][ T7205] BTRFS warning (device loop1): checksum verify failed on logical 5292032 mirror 1 wanted 0xcbbb23d5b53a3b4892a5068ee5011732ffcd94742b434497e3f11d7ca86a6d23 found 0x6ab87e71a537053373402d980abd70276b583e303a68e0dd0a46bb41cfc306c8 level 0
[  260.966202][ T7635] BTRFS info (device loop1): enabling ssd optimizations
[  261.223467][ T5785] BTRFS info (device loop1): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  262.397769][ T5780] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop1 scanned by udevd (5780)
[  262.419899][ T7685] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(9)
[  262.426461][ T7685] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  262.434369][ T7685] vhci_hcd vhci_hcd.0: Device attached
[  262.442610][ T7689] 9pnet_fd: Insufficient options for proto=fd
[  262.535541][ T7687] vhci_hcd: connection closed
[  262.538329][   T12] vhci_hcd: stop threads
[  262.665286][   T12] vhci_hcd: release socket
[  262.750460][   T12] vhci_hcd: disconnect device
[  262.799310][    T9] usb 35-1: new high-speed USB device number 4 using vhci_hcd
[  262.932792][    T9] usb 35-1: enqueue for inactive port 0
[  263.181340][    T9] vhci_hcd: vhci_device speed not set
[  265.815796][ T7718] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  265.826975][ T7718] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  267.160387][ T7724] netlink: 'syz.0.313': attribute type 1 has an invalid length.
[  267.187932][ T7724] loop0: detected capacity change from 0 to 2048
[  267.320281][ T7724] Alternate GPT is invalid, using primary GPT.
[  267.326578][ T7724]  loop0: p1 p2 p3
[  269.905013][ T7747] loop1: detected capacity change from 0 to 32768
[  270.018964][ T7747] ocfs2: Slot 0 on device (7,1) was already allocated to this node!
[  270.149188][ T7747] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[  270.708121][ T7761] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(9)
[  270.714692][ T7761] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  270.722531][ T7761] vhci_hcd vhci_hcd.0: Device attached
[  270.739734][ T7769] 9pnet_fd: Insufficient options for proto=fd
[  270.814057][ T7770] 9pnet_virtio: no channels available for device syz
[  270.866699][ T7766] vhci_hcd: connection closed
[  270.887996][ T1074] vhci_hcd: stop threads
[  271.031441][ T1074] vhci_hcd: release socket
[  271.090396][   T23] usb 33-1: new high-speed USB device number 6 using vhci_hcd
[  271.122231][ T1074] vhci_hcd: disconnect device
[  271.184736][ T5785] ocfs2: Unmounting device (7,1) on (node local)
[  272.327969][ T7786] syz.4.322: attempt to access beyond end of device
[  272.327969][ T7786] nbd4: rw=4096, sector=128, nr_sectors = 8 limit=0
[  272.341129][ T7786] gfs2: error 10 reading superblock
[  273.011533][ T7793] loop4: detected capacity change from 0 to 1024
[  273.091397][ T7793] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  273.264543][ T7793] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  273.437554][ T7803] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  273.449408][ T7803] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  274.019916][ T7804] netlink: 'syz.0.326': attribute type 1 has an invalid length.
[  274.123734][ T7804] loop0: detected capacity change from 0 to 2048
[  274.251120][ T7804] Alternate GPT is invalid, using primary GPT.
[  274.258033][ T7804]  loop0: p1 p2 p3
[  274.336723][ T7790] ==================================================================
[  274.344837][ T7790] BUG: KASAN: out-of-bounds in ext4_xattr_set_entry+0x94b/0x1e90
[  274.352604][ T7790] Read of size 18446744073709551588 at addr ffff88807a62c840 by task syz.4.325/7790
[  274.361981][ T7790] 
[  274.364325][ T7790] CPU: 1 PID: 7790 Comm: syz.4.325 Not tainted 6.6.99-syzkaller #0
[  274.372236][ T7790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  274.382314][ T7790] Call Trace:
[  274.385606][ T7790]  <TASK>
[  274.388552][ T7790]  dump_stack_lvl+0x16c/0x230
[  274.393245][ T7790]  ? read_lock_is_recursive+0x20/0x20
[  274.398633][ T7790]  ? show_regs_print_info+0x20/0x20
[  274.403845][ T7790]  ? load_image+0x3b0/0x3b0
[  274.408371][ T7790]  ? _raw_spin_lock_irqsave+0xb4/0xf0
[  274.413772][ T7790]  ? __virt_addr_valid+0x18c/0x540
[  274.418984][ T7790]  ? __virt_addr_valid+0x469/0x540
[  274.424107][ T7790]  print_report+0xac/0x200
[  274.428535][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  274.434010][ T7790]  kasan_report+0x117/0x150
[  274.438526][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  274.443999][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  274.449471][ T7790]  kasan_check_range+0x288/0x290
[  274.454417][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  274.459903][ T7790]  __asan_memmove+0x29/0x70
[  274.464425][ T7790]  ext4_xattr_set_entry+0x94b/0x1e90
[  274.469736][ T7790]  ext4_xattr_block_set+0xae3/0x32a0
[  274.475036][ T7790]  ? ext4_destroy_inode+0xe8/0x1b0
[  274.480159][ T7790]  ? ext4_destroy_inode+0x1b0/0x1b0
[  274.485381][ T7790]  ? proc_nr_inodes+0x230/0x230
[  274.490247][ T7790]  ? do_raw_spin_unlock+0x121/0x230
[  274.495461][ T7790]  ? _raw_spin_unlock+0x28/0x40
[  274.500332][ T7790]  ? ext4_xattr_block_find+0x350/0x350
[  274.505808][ T7790]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  274.511199][ T7790]  ext4_xattr_set_handle+0xbff/0x1290
[  274.516596][ T7790]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  274.522596][ T7790]  ? __ext4_journal_start_sb+0x259/0x570
[  274.528243][ T7790]  ext4_xattr_set+0x22d/0x320
[  274.532936][ T7790]  ? end_current_label_crit_section+0x170/0x170
[  274.539195][ T7790]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  274.544760][ T7790]  ? posix_xattr_acl+0x93/0xb0
[  274.549544][ T7790]  ? evm_protect_xattr+0x36d/0x7a0
[  274.554731][ T7790]  ? ext4_xattr_trusted_get+0x40/0x40
[  274.560139][ T7790]  __vfs_setxattr+0x431/0x470
[  274.564842][ T7790]  __vfs_setxattr_noperm+0x12d/0x5e0
[  274.570151][ T7790]  vfs_setxattr+0x16c/0x2f0
[  274.574674][ T7790]  ? xattr_permission+0x470/0x470
[  274.579711][ T7790]  ? __mnt_want_write+0x223/0x2a0
[  274.584776][ T7790]  ? path_setxattr+0x314/0x550
[  274.589588][ T7790]  path_setxattr+0x362/0x550
[  274.594210][ T7790]  ? simple_xattrs_free+0x150/0x150
[  274.599440][ T7790]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  274.605440][ T7790]  ? lock_chain_count+0x20/0x20
[  274.610310][ T7790]  __x64_sys_setxattr+0xbb/0xd0
[  274.615192][ T7790]  do_syscall_64+0x55/0xb0
[  274.619622][ T7790]  ? clear_bhb_loop+0x40/0x90
[  274.624306][ T7790]  ? clear_bhb_loop+0x40/0x90
[  274.628990][ T7790]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  274.634917][ T7790] RIP: 0033:0x7fa9d478e9a9
[  274.639361][ T7790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  274.658987][ T7790] RSP: 002b:00007fa9d56a4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  274.667433][ T7790] RAX: ffffffffffffffda RBX: 00007fa9d49b5fa0 RCX: 00007fa9d478e9a9
[  274.675470][ T7790] RDX: 0000200000000140 RSI: 00002000000001c0 RDI: 0000200000000000
[  274.683452][ T7790] RBP: 00007fa9d4810d69 R08: 0000000000000001 R09: 0000000000000000
[  274.691444][ T7790] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000
[  274.699426][ T7790] R13: 0000000000000000 R14: 00007fa9d49b5fa0 R15: 00007ffdc0c4a738
[  274.707424][ T7790]  </TASK>
[  274.710447][ T7790] 
[  274.712784][ T7790] Allocated by task 7790:
[  274.717114][ T7790]  kasan_set_track+0x4e/0x70
[  274.721713][ T7790]  __kasan_kmalloc+0x8f/0xa0
[  274.726308][ T7790]  __kmalloc_node_track_caller+0xb2/0x230
[  274.732037][ T7790]  kmemdup+0x2b/0x70
[  274.735938][ T7790]  ext4_xattr_block_set+0x9e5/0x32a0
[  274.741231][ T7790]  ext4_xattr_set_handle+0xbff/0x1290
[  274.746615][ T7790]  ext4_xattr_set+0x22d/0x320
[  274.751301][ T7790]  __vfs_setxattr+0x431/0x470
[  274.755982][ T7790]  __vfs_setxattr_noperm+0x12d/0x5e0
[  274.761272][ T7790]  vfs_setxattr+0x16c/0x2f0
[  274.765785][ T7790]  path_setxattr+0x362/0x550
[  274.770395][ T7790]  __x64_sys_setxattr+0xbb/0xd0
[  274.775255][ T7790]  do_syscall_64+0x55/0xb0
[  274.779674][ T7790]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  274.785582][ T7790] 
[  274.787906][ T7790] The buggy address belongs to the object at ffff88807a62c800
[  274.787906][ T7790]  which belongs to the cache kmalloc-1k of size 1024
[  274.801963][ T7790] The buggy address is located 64 bytes inside of
[  274.801963][ T7790]  1024-byte region [ffff88807a62c800, ffff88807a62cc00)
[  274.815244][ T7790] 
[  274.817575][ T7790] The buggy address belongs to the physical page:
[  274.823992][ T7790] page:ffffea0001e98a00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x7a628
[  274.834146][ T7790] head:ffffea0001e98a00 order:3 entire_mapcount:0 nr_pages_mapped:0 pincount:0
[  274.843082][ T7790] flags: 0xfff00000000840(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  274.851074][ T7790] page_type: 0xffffffff()
[  274.855419][ T7790] raw: 00fff00000000840 ffff888017841dc0 ffffea0001ab8200 dead000000000002
[  274.864011][ T7790] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  274.872600][ T7790] page dumped because: kasan: bad access detected
[  274.879022][ T7790] page_owner tracks the page as allocated
[  274.884732][ T7790] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x152820(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_HARDWALL), pid 1087, tgid 1087 (kworker/u4:7), ts 80617846620, free_ts 80578935153
[  274.905408][ T7790]  post_alloc_hook+0x1cd/0x210
[  274.910275][ T7790]  get_page_from_freelist+0x195c/0x19f0
[  274.915835][ T7790]  __alloc_pages+0x1e3/0x460
[  274.920435][ T7790]  alloc_slab_page+0x5d/0x170
[  274.925124][ T7790]  new_slab+0x87/0x2e0
[  274.929215][ T7790]  ___slab_alloc+0xc6d/0x12f0
[  274.933899][ T7790]  __kmem_cache_alloc_node+0x1a2/0x260
[  274.939365][ T7790]  __kmalloc+0xa4/0x240
[  274.943537][ T7790]  ieee802_11_parse_elems_full+0xb9/0x2080
[  274.949380][ T7790]  ieee80211_ibss_rx_queued_mgmt+0x49b/0x2ac0
[  274.955454][ T7790]  ieee80211_iface_work+0x717/0xc70
[  274.960662][ T7790]  cfg80211_wiphy_work+0x225/0x260
[  274.965782][ T7790]  process_scheduled_works+0xa45/0x15b0
[  274.971338][ T7790]  worker_thread+0xa55/0xfc0
[  274.975943][ T7790]  kthread+0x2fa/0x390
[  274.980014][ T7790]  ret_from_fork+0x48/0x80
[  274.984439][ T7790] page last free stack trace:
[  274.989116][ T7790]  free_unref_page_prepare+0x7ce/0x8e0
[  274.994593][ T7790]  free_unref_page+0x32/0x2e0
[  274.999280][ T7790]  __slab_free+0x35e/0x410
[  275.003706][ T7790]  qlist_free_all+0x75/0xe0
[  275.008219][ T7790]  kasan_quarantine_reduce+0x143/0x160
[  275.013688][ T7790]  __kasan_slab_alloc+0x22/0x80
[  275.018541][ T7790]  slab_post_alloc_hook+0x6e/0x4d0
[  275.023660][ T7790]  __kmem_cache_alloc_node+0x13e/0x260
[  275.029125][ T7790]  kmalloc_trace+0x2a/0xe0
[  275.033552][ T7790]  kobject_uevent_env+0x274/0x8c0
[  275.038587][ T7790]  __loop_clr_fd+0x2df/0x660
[  275.043189][ T7790]  blkdev_put+0x5bd/0x760
[  275.047520][ T7790]  bdev_release+0x57/0x70
[  275.051851][ T7790]  ext4_kill_sb+0x68/0xa0
[  275.056181][ T7790]  deactivate_locked_super+0x97/0x100
[  275.061563][ T7790]  cleanup_mnt+0x429/0x4c0
[  275.065982][ T7790] 
[  275.068303][ T7790] Memory state around the buggy address:
[  275.073938][ T7790]  ffff88807a62c700: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  275.082001][ T7790]  ffff88807a62c780: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  275.090072][ T7790] >ffff88807a62c800: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  275.098133][ T7790]                                            ^
[  275.104286][ T7790]  ffff88807a62c880: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  275.112350][ T7790]  ffff88807a62c900: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  275.120416][ T7790] ==================================================================
[  275.128852][    C1] vkms_vblank_simulate: vblank timer overrun
[  275.166330][ T7790] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  275.173572][ T7790] CPU: 0 PID: 7790 Comm: syz.4.325 Not tainted 6.6.99-syzkaller #0
[  275.181483][ T7790] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 05/07/2025
[  275.191558][ T7790] Call Trace:
[  275.194846][ T7790]  <TASK>
[  275.197792][ T7790]  dump_stack_lvl+0x16c/0x230
[  275.202491][ T7790]  ? show_regs_print_info+0x20/0x20
[  275.207712][ T7790]  ? load_image+0x3b0/0x3b0
[  275.212237][ T7790]  panic+0x2c0/0x710
[  275.216147][ T7790]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  275.222324][ T7790]  ? bpf_jit_dump+0xd0/0xd0
[  275.226838][ T7790]  ? _raw_spin_unlock_irqrestore+0xfa/0x110
[  275.232739][ T7790]  ? _raw_spin_unlock+0x40/0x40
[  275.237616][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.243085][ T7790]  check_panic_on_warn+0x84/0xa0
[  275.248017][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.253463][ T7790]  end_report+0x6f/0x140
[  275.257690][ T7790]  kasan_report+0x128/0x150
[  275.262190][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.267632][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.273078][ T7790]  kasan_check_range+0x288/0x290
[  275.278038][ T7790]  ? ext4_xattr_set_entry+0x94b/0x1e90
[  275.283496][ T7790]  __asan_memmove+0x29/0x70
[  275.287997][ T7790]  ext4_xattr_set_entry+0x94b/0x1e90
[  275.293330][ T7790]  ext4_xattr_block_set+0xae3/0x32a0
[  275.298626][ T7790]  ? ext4_destroy_inode+0xe8/0x1b0
[  275.303719][ T7790]  ? ext4_destroy_inode+0x1b0/0x1b0
[  275.308909][ T7790]  ? proc_nr_inodes+0x230/0x230
[  275.313741][ T7790]  ? do_raw_spin_unlock+0x121/0x230
[  275.318920][ T7790]  ? _raw_spin_unlock+0x28/0x40
[  275.323756][ T7790]  ? ext4_xattr_block_find+0x350/0x350
[  275.329227][ T7790]  ? ext4_xattr_ibody_set+0x50d/0x6a0
[  275.334596][ T7790]  ext4_xattr_set_handle+0xbff/0x1290
[  275.339965][ T7790]  ? ext4_xattr_inode_free_quota+0x1b0/0x1b0
[  275.345931][ T7790]  ? __ext4_journal_start_sb+0x259/0x570
[  275.351550][ T7790]  ext4_xattr_set+0x22d/0x320
[  275.356213][ T7790]  ? end_current_label_crit_section+0x170/0x170
[  275.362454][ T7790]  ? ext4_xattr_set_credits+0x2f0/0x2f0
[  275.367984][ T7790]  ? posix_xattr_acl+0x93/0xb0
[  275.372734][ T7790]  ? evm_protect_xattr+0x36d/0x7a0
[  275.377833][ T7790]  ? ext4_xattr_trusted_get+0x40/0x40
[  275.383192][ T7790]  __vfs_setxattr+0x431/0x470
[  275.387856][ T7790]  __vfs_setxattr_noperm+0x12d/0x5e0
[  275.393127][ T7790]  vfs_setxattr+0x16c/0x2f0
[  275.397613][ T7790]  ? xattr_permission+0x470/0x470
[  275.402616][ T7790]  ? __mnt_want_write+0x223/0x2a0
[  275.407627][ T7790]  ? path_setxattr+0x314/0x550
[  275.412373][ T7790]  path_setxattr+0x362/0x550
[  275.416949][ T7790]  ? simple_xattrs_free+0x150/0x150
[  275.422134][ T7790]  ? lockdep_hardirqs_on_prepare+0x400/0x760
[  275.428095][ T7790]  ? lock_chain_count+0x20/0x20
[  275.432924][ T7790]  __x64_sys_setxattr+0xbb/0xd0
[  275.437759][ T7790]  do_syscall_64+0x55/0xb0
[  275.442155][ T7790]  ? clear_bhb_loop+0x40/0x90
[  275.446809][ T7790]  ? clear_bhb_loop+0x40/0x90
[  275.451463][ T7790]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  275.457347][ T7790] RIP: 0033:0x7fa9d478e9a9
[  275.461746][ T7790] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  275.481365][ T7790] RSP: 002b:00007fa9d56a4038 EFLAGS: 00000246 ORIG_RAX: 00000000000000bc
[  275.489771][ T7790] RAX: ffffffffffffffda RBX: 00007fa9d49b5fa0 RCX: 00007fa9d478e9a9
[  275.497732][ T7790] RDX: 0000200000000140 RSI: 00002000000001c0 RDI: 0000200000000000
[  275.505687][ T7790] RBP: 00007fa9d4810d69 R08: 0000000000000001 R09: 0000000000000000
[  275.513642][ T7790] R10: 0000000000000841 R11: 0000000000000246 R12: 0000000000000000
[  275.521595][ T7790] R13: 0000000000000000 R14: 00007fa9d49b5fa0 R15: 00007ffdc0c4a738
[  275.529555][ T7790]  </TASK>
[  275.532837][ T7790] Kernel Offset: disabled
[  275.537151][ T7790] Rebooting in 86400 seconds..