last executing test programs:

6m43.929273906s ago: executing program 4 (id=134):
socket$nl_netfilter(0x10, 0x3, 0xc)
r0 = bpf$BPF_BTF_LOAD(0x12, 0x0, 0x0)
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2f, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
sendmsg$RDMA_NLDEV_CMD_GET_CHARDEV(0xffffffffffffffff, 0x0, 0x48010)
bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000900)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x35, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000180)='sched_switch\x00', r2}, 0x10)
r3 = openat(0xffffffffffffff9c, &(0x7f00000002c0)='./file2\x00', 0x42, 0x0)
sendmsg$TIPC_NL_LINK_GET(0xffffffffffffffff, 0x0, 0x0)
pwrite64(r3, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
r4 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
write$binfmt_format(r4, &(0x7f0000000100)='0\x00', 0x2)
creat(&(0x7f00000000c0)='./file0\x00', 0x80)

6m42.466722145s ago: executing program 4 (id=141):
r0 = socket(0x11, 0x3, 0x8000)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000100)={0x0, <r1=>0x0}, &(0x7f0000000140)=0xc)
semctl$IPC_SET(0x0, 0x0, 0x1, &(0x7f00000002c0)={{0x3, r1, 0x0, 0x0, 0xee01, 0x4, 0x7}, 0x5, 0x4, 0x0, 0x0, 0x0, 0x0, 0x2})

6m42.286495448s ago: executing program 4 (id=144):
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
ioctl$VHOST_SET_OWNER(0xffffffffffffffff, 0xaf01, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs={0x0, 0x0, 0x40}, 0x6e)
sendmmsg$unix(r2, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000440)={0x2, &(0x7f0000000300)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}, {0x8, 0x1b, 0xfe, 0x4}]})

6m40.493403714s ago: executing program 4 (id=147):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x10e, &(0x7f0000000280)={[{@init_itable_val={'init_itable', 0x3d, 0x957}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2a}}, {@stripe={'stripe', 0x3d, 0x8}}, {@orlov}, {@lazytime}]}, 0x4, 0x46b, &(0x7f00000009c0)="$eJzs289vFFUcAPDvTFt+IxXxBz/UKhobf2yhgHLwotHEgyYmXvBY20KQhRpaEyFE0Rg8GhITj8ajiX+BJ70Y9WTiVe+GhBguoqcxsztDd9fttsC2A93PJ9nueztv9r3vvHm7b+Z1AxhYY/mfJGJbRPweETua2fYCY82n69cuTP9z7cJ0Eln21l9Jo9zf1y5Ml0XL/bYWmfE0Iv00ib1d6p0/d/7UVL0+e7bITyycfm9i/tz5506enjoxe2L2zOTRo4cPHXzh+ckjfYnz3rytez6c27f7tbcvvzF97PI7P3+blPF3xNEnY702Ppllfa6uWttb0snwCnYYWsXGsGJ5N+TdNdIY/ztiKBY7b0e8+kmljQNWVVZYYvPFDFjHkqi6BUA1yi/6/Pq3fKzd7KN6V19qXgDlcV8vHs0tw5EWZUY6rm/7aSwijl3896v8EatzHwIAoM33+fzn2W7zvzQeaCl3T2xsrA2NFmspOyPivojYFRH3RzTKPhgRD3WrpMeCQOciyf/nP+mVW49uefn878Vibat9/lfO/mJ0qMhtb8R/JI2ozx5oHJOI8RjZePxkffZgjzp+eOW3z5fa1jr/yx95/eVcsGjHleGN7fvMTC1M3U7Mra5+HLFnuFv8yY2VgCQidkfEnlus4+TT3+xbatvy8fewknWmZWRfRzzV7P+L0RF/Kem9PjmxKT8fJvKz4EDXOn759dKbS9V/W/H3Qd7/W7qe/zfiH01a12vnb+bdm6P70h+fLXlNU7ul83/xhQ3F8wdTCwtnD0ZsSF5vNrr19cnFfct8WT6Pf3x/9/G/MxaPxN6IyE/ihyPikYh4tIjusYh4PCL29zgKP738xLu9jlD3+Df1eMf+yeOf6ej/0fYiHf2/mNgQna90Twyd+vG79ndcSfylvP8PN1LjxSuNz78ve8e1knbd7NkMAAAAd6s0IrZFktZupNO0Vmv+D/+u2JLW5+YXnjk+9/6ZmeZvBEZjJC3vdDXvB48k5f3P0Zb8ZEf+UHHf+IuhzY18bXquPlN18DDgtraO//KWb6359KffaMD614d1NOAuZfzD4DL+YXAZ/zC4uoz/zVW0A1h73b7/P6qgHcDa6xj/lv1ggLj+h8E1HFlSdRuAarR+//sggIExvzmW/5H8ekhkWZbdAc1YP4lI74hm9CeRrPIo2FZ1gDefqPqTCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoD/+CwAA//9lEuuH")
bind$inet(0xffffffffffffffff, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e21}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0)
setsockopt$sock_int(r0, 0x1, 0x31, &(0x7f0000000200), 0x4)
listen(r2, 0x1ffffffa)
setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000100)=0x819, 0x4)
r4 = accept$inet(0xffffffffffffffff, &(0x7f00000001c0)={0x2, 0x0, @loopback}, &(0x7f0000000240)=0x10)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000300)={{0x2, 0x4e23, @empty}, {0x306, @local}, 0x60, {0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x42}}, 'veth0_to_hsr\x00'})
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000400)='./file0/../file0\x00', &(0x7f0000000440)='./file0/file0\x00', 0x0, 0x1adc11, 0x0)
r5 = syz_open_procfs(0xffffffffffffffff, 0x0)
read$FUSE(r5, &(0x7f0000006b40)={0x2020}, 0x206e)
r6 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r6, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
connect$inet(r6, &(0x7f00000000c0)={0x2, 0x4e22, @broadcast}, 0x10)

6m38.401251385s ago: executing program 4 (id=153):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r0 = getpid()
r1 = syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, r1, 0x0, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r2, &(0x7f0000032680)=""/102400, 0x19000)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
mincore(&(0x7f0000000000/0x800000)=nil, 0x800000, &(0x7f0000000000)=""/188)
listen(0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x7c4f, 0x0, &(0x7f00000000c0), &(0x7f0000000180))
ptrace$getenv(0x4201, r0, 0x8, &(0x7f0000000100))
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8)

6m36.61953677s ago: executing program 4 (id=157):
getrusage(0x0, &(0x7f00000003c0))
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000740)=@bpf_tracing={0x1a, 0x18, &(0x7f0000000500)=@raw=[@jmp={0x5, 0x0, 0x5, 0xa, 0x5, 0xffffffffffffffed, 0x8}, @ldst={0x3, 0x3, 0x2, 0x2, 0x9, 0x80, 0x4}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x7, 0xb, 0x6, 0xffffffffffffffc0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8e8}, @alu={0x7, 0x1, 0x7, 0x9, 0x3, 0xfffffffffffffff8}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0x35}], &(0x7f00000005c0)='GPL\x00', 0xf70, 0x27, &(0x7f0000000600)=""/39, 0x41100, 0x10, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x7, 0x5, 0x40}, 0x10, 0x27e46, 0xffffffffffffffff, 0x2, &(0x7f00000006c0)=[0x1, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1], &(0x7f0000000700)=[{0x4, 0x4, 0x8}, {0x1, 0x3, 0xa, 0xa}], 0x10, 0x5}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000880)={{0x1}, &(0x7f0000000800), &(0x7f0000000840)='%pB    \x00'}, 0x20)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x194)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000140)=0xfffffdfb)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000000)={0xffffffff, 0xc9a, 0xfffff001, 0x6, 0x18, "5cadf0fa59ebc3cef90ac43c5c135252e5d962"})
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000040)={0x5, 0x2, 0x4, 0x8, 0xa, "4cb8b910acda715e64ee57062d59a56f2584c4"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24040041}, 0xc2)
r5 = semget$private(0x0, 0x2, 0x400)
semctl$SEM_STAT_ANY(r5, 0x4, 0x14, &(0x7f0000000040)=""/233)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000)=0x1, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000900), 0x200000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x4, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xdb}, [@ldst={0x1, 0x0, 0x3, 0x7, 0x3, 0xd62d08a1ddde01c1, 0xfffffffffffffffc}, @exit, @cb_func={0x18, 0x7}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3f, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0xd, 0x8}, 0x10, 0x0, r1, 0x3, &(0x7f0000000940), &(0x7f0000000980)=[{0x2, 0x2, 0x10, 0x3}, {0x5, 0x2, 0x9, 0x7}, {0x4, 0x1, 0xe, 0x2}], 0x10, 0x7ff}, 0x94)

6m36.276659916s ago: executing program 32 (id=157):
getrusage(0x0, &(0x7f00000003c0))
pipe(&(0x7f0000000000)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
bpf$BPF_GET_BTF_INFO(0xf, 0x0, 0x0)
r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000740)=@bpf_tracing={0x1a, 0x18, &(0x7f0000000500)=@raw=[@jmp={0x5, 0x0, 0x5, 0xa, 0x5, 0xffffffffffffffed, 0x8}, @ldst={0x3, 0x3, 0x2, 0x2, 0x9, 0x80, 0x4}, @tail_call={{0x18, 0x2, 0x1, 0x0, 0x1}}, @jmp={0x5, 0x1, 0x7, 0xb, 0x6, 0xffffffffffffffc0}, @initr0={0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x8e8}, @alu={0x7, 0x1, 0x7, 0x9, 0x3, 0xfffffffffffffff8}, @map_idx={0x18, 0xb, 0x5, 0x0, 0x8}, @kfunc={0x85, 0x0, 0x2, 0x0, 0x1}, @ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xf}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x1}}, @call={0x85, 0x0, 0x0, 0x35}], &(0x7f00000005c0)='GPL\x00', 0xf70, 0x27, &(0x7f0000000600)=""/39, 0x41100, 0x10, '\x00', 0x0, 0x1a, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x9, 0x5}, 0x8, 0x10, &(0x7f0000000680)={0x2, 0x7, 0x5, 0x40}, 0x10, 0x27e46, 0xffffffffffffffff, 0x2, &(0x7f00000006c0)=[0x1, 0x1, 0x1, 0xffffffffffffffff, 0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x1], &(0x7f0000000700)=[{0x4, 0x4, 0x8}, {0x1, 0x3, 0xa, 0xa}], 0x10, 0x5}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000880)={{0x1}, &(0x7f0000000800), &(0x7f0000000840)='%pB    \x00'}, 0x20)
r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x194)
r3 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0)
r4 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000080), 0x1, 0x0)
ioctl$TIOCMSET(r3, 0x5418, &(0x7f0000000140)=0xfffffdfb)
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000000)={0xffffffff, 0xc9a, 0xfffff001, 0x6, 0x18, "5cadf0fa59ebc3cef90ac43c5c135252e5d962"})
ioctl$TCSETSF(r4, 0x5404, &(0x7f0000000040)={0x5, 0x2, 0x4, 0x8, 0xa, "4cb8b910acda715e64ee57062d59a56f2584c4"})
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000b80)={&(0x7f0000000a80)={0x10, 0x0, 0x0, 0x80000}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x24040041}, 0xc2)
r5 = semget$private(0x0, 0x2, 0x400)
semctl$SEM_STAT_ANY(r5, 0x4, 0x14, &(0x7f0000000040)=""/233)
write$cgroup_int(0xffffffffffffffff, 0x0, 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000), 0x0)
futex(&(0x7f000000cffc), 0xc, 0x1, &(0x7f0000000040), &(0x7f0000048000)=0x1, 0x0)
fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000140), 0x0, 0x0, 0x0)
write$binfmt_script(0xffffffffffffffff, 0x0, 0x0)
fsmount(0xffffffffffffffff, 0x0, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000900), 0x200000, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000009c0)={0x4, 0x9, &(0x7f0000000040)=@framed={{0x18, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0xdb}, [@ldst={0x1, 0x0, 0x3, 0x7, 0x3, 0xd62d08a1ddde01c1, 0xfffffffffffffffc}, @exit, @cb_func={0x18, 0x7}, @map_idx_val={0x18, 0x0, 0x6, 0x0, 0x6, 0x0, 0x0, 0x0, 0x1}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x3f, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x3, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x5, 0xd, 0x8}, 0x10, 0x0, r1, 0x3, &(0x7f0000000940), &(0x7f0000000980)=[{0x2, 0x2, 0x10, 0x3}, {0x5, 0x2, 0x9, 0x7}, {0x4, 0x1, 0xe, 0x2}], 0x10, 0x7ff}, 0x94)

24.116219895s ago: executing program 2 (id=1577):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000400007b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='sched_switch\x00', r4}, 0x18)
close(0xffffffffffffffff)
timer_create(0x1, &(0x7f0000000080)={0x0, 0x11, 0x0, @tid=0xffffffffffffffff}, &(0x7f00000003c0)=<r5=>0x0)
timer_gettime(r5, &(0x7f0000000000))

20.309691417s ago: executing program 0 (id=1588):
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0x4011, &(0x7f0000000400)={[{@journal_dev={'journal_dev', 0x3d, 0x5}}, {@resgid}, {@journal_checksum}, {@usrquota}, {@bh}, {@dioread_nolock}]}, 0x0, 0x64f, &(0x7f0000000a40)="$eJzs3c1vG1sVAPAzYyfOR8FphYCyoBEItRI0adIWVQipzYZVVZWPHavQpFWp21RNEKRUIpHKBgmxYYHEigXlv4BKbFmxY8GGFapUPT118fpUvfpp7HHq2HHiOHXcOL+f5GZmrj33uvLxnbk+dyaAY2s6+yeNOB0RD5OIclNZMfLC6frzXn385Fb2SKJa/fFHSTz5TbLRvK8k/zuZv/izcn3LqUJ7vavrj+8tVirLj/L12bX7D2dX1x+fv3t/8c7yneUH89+dv3L50uUrcxcO9P6yFozky9ef/vyX5d/d+Olf//wmmfvbf28kcS3e5m3L3lfra0sHqjn7P5uOat3rbQVpxJUD7vtD8Um58TmpKWUfiKQ4yBaxH2lEXM1j5CtRjkK8C9Zy/PaHA20c0FfVJGp91HQVOH6S6Fh0dyz/kmg31tc2AYehcRzQOLff6Ty4XdrPQxLgkLxcqI/V1WN/JCIa8V+sjw3GWG1sYOJV0jzOUxtXO9jIXF1Wx7/+eeNp9ogO43BAf2xsNka5W/v/pBabU1E/B5h4lW6L/4X8KCDNfyf4UeuOuxw8n25ZF/9weDY2I+Kref8/Gl3Hf5rHbiP+f9Zj/T3G/4keqwMAAAAAAICh9nwhIr6zU/5fupX/M1poz/+ZjIhr76H+vX//S1/kC8l7qA5o8nIh4vs75v9u5fhOFfK1L9TyAUaS23cryxci4osRcS5GStn6XMt+mzOEz//+1J861d+c/5c9svobuYD5nl4UW3KJlhbXFg/6voGIl5sRX6vl/57Jt2zP/8n6/2Qr//dd2k0W3w+7rOPUt57d7FS2d/wD/VL9S8TZHfv/d4fbye7X55itHQ/MNo4K2n3913/4e6f6xT8MTtb/T+we/6Wk+Xo9q/vb/2hEXFwvVjuV93r8P5r8pNDYf+ZXi2trj+YiRpPr7dvn99dmGFaNeGjESxb/5765+/jf1vF/UxyOR8RGl3V++e3k/zqV6f9hcLL4X9q9/y9v7//3vzD/bOofneq/2VX/f6nWp5/Ltxj/g2bt1+PoNkAH0lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOOLSiDgRSTqztZymMzMRkxHxpZhIKyura9++vfKLB0tRu/v3VIykjTv9luvrSeP+/1NN6/Mt6xcj4mRE/LEwXlufubVSWRr0mwcAAAAAAAAAAAAAAAAAAIAPxGRtzn+11Dr/P/P/wqBbB/RdMf8r3uH4Kfb8ymqpq6eN91wB0Ge9xz9wlG3uK/5H+toW4PB1jv/Xb6o1LZt/8I2+twk4HF33///u7nQfODp6PP/3cwEMAeN/cFx1OaY31u92AIOg/wcAAAAAgKFy8szz/yQRsfG98dojM5qXmbUHwy3do9x3AAwvObxwfBVXBt0CYFBM6AeSraVPWyf713TO/k/60yAAAAAAAAAAAAAAoM3Z053n/5sbAMNt1/n/e10cADjSdpn/v9PEHpcLgCHS+dYf5vXBsHOOD+zV25v/DwAAAAAAAAAAAAAfgLHH9xYrleVHq+tHb+FqT68qRMQAG7+xeLD9VEuDavxYdCp6259KRyJi0J+x97aQBVulslytRuz95MYlOAbY5r2/Okp9/moCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqPg8AAP//rUoczw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = syz_open_procfs(0x0, &(0x7f0000000080)='net/if_inet6\x00')
read$FUSE(r2, &(0x7f0000003940)={0x2020}, 0x2020)

20.013518773s ago: executing program 2 (id=1589):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz0\x00', 0x1ff)
syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r2 = accept$alg(r1, 0x0, 0x0)
sendmmsg$alg(r2, &(0x7f0000006200)=[{0x0, 0x0, &(0x7f0000001540)=[{&(0x7f0000000080)="c253d0b5", 0x4}, {&(0x7f00000003c0)="80", 0x1}], 0x2, 0x0, 0x0, 0x40004}], 0x1, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r3, 0x3)
r4 = openat$cgroup_int(r0, &(0x7f0000000040)='notify_on_release\x00', 0x2, 0x0)
sendfile(r4, r4, 0x0, 0x100000000)
close(0x3)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f0000000400)={0x0, 0x0, 0x3, 0xfffffffffffffffd, 0x0, 0x100000001, 0x0, 0x400000}, 0x0, &(0x7f0000000240)={0xb, 0x0, 0x0, 0xa, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)
socket$nl_netfilter(0x10, 0x3, 0xc)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x6, 0xfffffffffffffffd, 0x9323, 0xfffffffffffffffe, 0x0, 0x916}, 0x0, &(0x7f00000002c0)={0x3ff, 0x0, 0x0, 0xb, 0x0, 0x0, 0x7ffffffb, 0x2}, 0x0, 0x0)
close(0x4)

18.671986227s ago: executing program 2 (id=1593):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MESH(r0, 0x0, 0x20000000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121480, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket(0x10, 0x80002, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)
fallocate(r1, 0x8, 0x4000, 0x4000)

15.84472834s ago: executing program 2 (id=1596):
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xe85fd000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
waitid(0x1, r1, 0x0, 0x20000000, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x2)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000140), 0xb, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f0000000780)={{0x3, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd451, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10000, 0x7785, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x3, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]})
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000a07000/0x4000)=nil)
brk(0x200000ffc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)

15.813355401s ago: executing program 0 (id=1597):
syz_mount_image$ext4(&(0x7f00000000c0)='ext3\x00', &(0x7f0000000140)='./file0\x00', 0x4011, &(0x7f0000000400)={[{@journal_dev={'journal_dev', 0x3d, 0x5}}, {@resgid}, {@journal_checksum}, {@usrquota}, {@bh}, {@dioread_nolock}]}, 0x0, 0x64f, &(0x7f0000000a40)="$eJzs3c1vG1sVAPAzYyfOR8FphYCyoBEItRI0adIWVQipzYZVVZWPHavQpFWp21RNEKRUIpHKBgmxYYHEigXlv4BKbFmxY8GGFapUPT118fpUvfpp7HHq2HHiOHXcOL+f5GZmrj33uvLxnbk+dyaAY2s6+yeNOB0RD5OIclNZMfLC6frzXn385Fb2SKJa/fFHSTz5TbLRvK8k/zuZv/izcn3LqUJ7vavrj+8tVirLj/L12bX7D2dX1x+fv3t/8c7yneUH89+dv3L50uUrcxcO9P6yFozky9ef/vyX5d/d+Olf//wmmfvbf28kcS3e5m3L3lfra0sHqjn7P5uOat3rbQVpxJUD7vtD8Um58TmpKWUfiKQ4yBaxH2lEXM1j5CtRjkK8C9Zy/PaHA20c0FfVJGp91HQVOH6S6Fh0dyz/kmg31tc2AYehcRzQOLff6Ty4XdrPQxLgkLxcqI/V1WN/JCIa8V+sjw3GWG1sYOJV0jzOUxtXO9jIXF1Wx7/+eeNp9ogO43BAf2xsNka5W/v/pBabU1E/B5h4lW6L/4X8KCDNfyf4UeuOuxw8n25ZF/9weDY2I+Kref8/Gl3Hf5rHbiP+f9Zj/T3G/4keqwMAAAAAAICh9nwhIr6zU/5fupX/M1poz/+ZjIhr76H+vX//S1/kC8l7qA5o8nIh4vs75v9u5fhOFfK1L9TyAUaS23cryxci4osRcS5GStn6XMt+mzOEz//+1J861d+c/5c9svobuYD5nl4UW3KJlhbXFg/6voGIl5sRX6vl/57Jt2zP/8n6/2Qr//dd2k0W3w+7rOPUt57d7FS2d/wD/VL9S8TZHfv/d4fbye7X55itHQ/MNo4K2n3913/4e6f6xT8MTtb/T+we/6Wk+Xo9q/vb/2hEXFwvVjuV93r8P5r8pNDYf+ZXi2trj+YiRpPr7dvn99dmGFaNeGjESxb/5765+/jf1vF/UxyOR8RGl3V++e3k/zqV6f9hcLL4X9q9/y9v7//3vzD/bOofneq/2VX/f6nWp5/Ltxj/g2bt1+PoNkAH0lwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOOLSiDgRSTqztZymMzMRkxHxpZhIKyura9++vfKLB0tRu/v3VIykjTv9luvrSeP+/1NN6/Mt6xcj4mRE/LEwXlufubVSWRr0mwcAAAAAAAAAAAAAAAAAAIAPxGRtzn+11Dr/P/P/wqBbB/RdMf8r3uH4Kfb8ymqpq6eN91wB0Ge9xz9wlG3uK/5H+toW4PB1jv/Xb6o1LZt/8I2+twk4HF33///u7nQfODp6PP/3cwEMAeN/cFx1OaY31u92AIOg/wcAAAAAgKFy8szz/yQRsfG98dojM5qXmbUHwy3do9x3AAwvObxwfBVXBt0CYFBM6AeSraVPWyf713TO/k/60yAAAAAAAAAAAAAAoM3Z053n/5sbAMNt1/n/e10cADjSdpn/v9PEHpcLgCHS+dYf5vXBsHOOD+zV25v/DwAAAAAAAAAAAAAfgLHH9xYrleVHq+tHb+FqT68qRMQAG7+xeLD9VEuDavxYdCp6259KRyJi0J+x97aQBVulslytRuz95MYlOAbY5r2/Okp9/moCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADqPg8AAP//rUoczw==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x7)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
syz_clone(0x600, 0x0, 0x33, 0x0, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
read$FUSE(0xffffffffffffffff, &(0x7f0000003940)={0x2020}, 0x2020)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0xc, 0x16, &(0x7f0000000200)=ANY=[@ANYBLOB="61124c00000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf67000000000000560602000f0200006706000020000000620a00ff0ee60000bf250000000000002d350000000000006507000002080000070700004c0000001f75000000000000bf54000000000000070400000400f9ffcd35010000000000ce040000000000001c000000000000009500000000000000db13d5d8b741f2cdaabc8383c8f56bb5df3083d20f8c2bf304000000815dcf0066d7ded3c5c49a08a503ea6d54f7f3125a8200578ac0836d6454745e70a27444003c5b20451b624db6f5320e9befc1e00b8b32917c4d30d16b7edb732bc3ac330b16c442aff70d27659bc58e296b16750c5577c848754b4894b07f15bab1c640a5c0c4fd62f9db829b301ef67fd2b2736f3af0c54af2412313b17c4c8081c4ed0572261960e227d34cfbfdb247bc2351c9d8363a8cb18b7330604da78b0aba47545f9a25a80dd7d28a5ae41824f611dd2de6dd581c52698f9542a444a8a3969946faded5275c00"/420], &(0x7f0000000100)='GPL\x00'}, 0x48)

13.738409759s ago: executing program 2 (id=1598):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x19, &(0x7f0000000080)={@link_local, @broadcast, @val={@val={0x88a8, 0x0, 0x0, 0x1}, {0x8100, 0x0, 0x0, 0x4}}, {@x25={0x9900, {0x2, 0x0, 0xfb}}}}, 0x0)
socket$inet6(0xa, 0x80000, 0x10000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x0, 0x2e0, 0x428, 0x2e0, 0x2e0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00', {}, {0xff}}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28, 'socket\x00', 0x3}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}, {0x0, 0x0, 0x0, [0x4]}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)

13.542595483s ago: executing program 5 (id=1600):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x275a, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xb, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000080)={0x1, &(0x7f0000000200)=[{0x200000000006, 0x0, 0x0, 0x7ffc0001}]})
r3 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
bind$bt_sco(r3, &(0x7f0000000100), 0x15)
getsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000280)=0x1, &(0x7f00000001c0)=0x4)
r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)
ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f0000002880)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0})

12.429737243s ago: executing program 5 (id=1602):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c000480080002400000000008000240df05007b08000240000007ff08"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="0500000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff0700010004"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280), 0x0, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

12.297330426s ago: executing program 3 (id=1603):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
sendmsg$netlink(r0, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000440)=ANY=[@ANYBLOB="1c0000001400010000008000000000000700"], 0x1c}], 0x1}, 0x0)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x0, 0x1}]}, 0x0, 0x5, 0x0, 0x0, 0x0, 0x5}, 0x94)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8b19, &(0x7f0000000000)={'wlan0\x00', @random="7cf1e97c9e4f"})
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_0\x00'})
r2 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
setsockopt$ax25_SO_BINDTODEVICE(0xffffffffffffffff, 0x101, 0x19, &(0x7f0000000000)=@bpq0, 0xfffffffffffffe1d)
ioctl$sock_netdev_private(r2, 0x8914, &(0x7f0000000000))
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r4 = socket$unix(0x1, 0x1, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00'})
r5 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
ioctl$sock_rose_SIOCADDRT(r5, 0x890b, &(0x7f0000000380)={@remote={0xcc, 0xcc, 0xcc, 0xcc, 0x0}, 0x6, @null, @bpq0, 0x0, [@bcast, @bcast, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @bcast, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]})
r6 = syz_init_net_socket$rose(0xb, 0x5, 0x0)
connect$rose(r6, &(0x7f0000000040)=@short={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, 0x1, @default}, 0x1c)
connect$rose(r6, &(0x7f0000000100)=@full={0xb, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, 0x0, [@null, @null, @null, @default, @bcast, @default]}, 0x40)

12.0935149s ago: executing program 1 (id=1604):
socket$nl_generic(0x10, 0x3, 0x10)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
setsockopt$inet6_IPV6_RTHDR(r1, 0x29, 0x39, &(0x7f0000000200)={0x1c, 0xa, 0x1, 0x7, 0x0, [@private2, @mcast1, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, @private0, @loopback]}, 0x58)
bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x16, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x0, 0x0, 0x0, 0xd}, [@call={0x85, 0x0, 0x0, 0x7b}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000000), 0xc0802, 0x0)
ioctl$PPPIOCSMAXCID(r2, 0x40047451, &(0x7f0000000200)=0x3)
pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000240)="00214717a70700000000030640710a069d317ebbaaa6721d5874f72cf86d73d32f462e5947e4ad380feb56a293", 0x2d}], 0x1, 0x7, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
sendmsg$NFULNL_MSG_CONFIG(r0, &(0x7f0000002340)={0x0, 0x0, &(0x7f0000002300)={&(0x7f00000022c0)={0x40, 0x1, 0x4, 0x801, 0x0, 0x0, {0x0, 0x0, 0x1}, [@NFULA_CFG_QTHRESH={0x8, 0x5, 0x1, 0x0, 0x1}, @NFULA_CFG_CMD={0x5, 0x1, 0x1}, @NFULA_CFG_NLBUFSIZ={0x8, 0x3, 0x1, 0x0, 0x2fdb}, @NFULA_CFG_TIMEOUT={0x8, 0x4, 0x1, 0x0, 0x3}, @NFULA_CFG_MODE={0xa, 0x2, {0xfff, 0x1}}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000800}, 0x4000)

11.955108572s ago: executing program 1 (id=1605):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c000480080002400000000008000240df05007b08000240000007ff080002"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYBLOB="050000000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

11.854194223s ago: executing program 5 (id=1606):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c000480080002400000000008000240df05007b080002"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff07000100"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

10.682471195s ago: executing program 0 (id=1607):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MESH(r0, 0x0, 0x20000000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121480, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket(0x10, 0x80002, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)
fallocate(r1, 0x8, 0x4000, 0x4000)

10.030802866s ago: executing program 5 (id=1608):
openat$dir(0xffffffffffffff9c, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8000, 0x20000000019}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000300)=0x4)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x3)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xe85fd000)
r1 = syz_clone(0x8000, 0x0, 0xfffffffffffffe7e, 0x0, 0x0, 0x0)
waitid(0x1, r1, 0x0, 0x20000000, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce)
r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
creat(&(0x7f00000003c0)='./file0\x00', 0x2)
read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_open_dev$sndpcmp(&(0x7f0000000140), 0xb, 0x0)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x1, 0x0)
ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r3, 0xc4c85512, &(0x7f0000000780)={{0x3, 0x0, 0x0, 0x0, 'syz0\x00'}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, 0x0, 0xfffffffffffffffd, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xd451, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x10000, 0x7785, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x80000000000, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x3, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001]})
socket$alg(0x26, 0x5, 0x0)
prctl$PR_SET_MM(0x23, 0x6, &(0x7f0000a07000/0x4000)=nil)
brk(0x200000ffc000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
getpid()
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs={0x0, 0x0, 0xfffffffc}, 0x6e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)

10.028306026s ago: executing program 3 (id=1609):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c000480080002400000000008000240df05007b08000240000007ff080002"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ff"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, 0x0, 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

6.597918851s ago: executing program 0 (id=1610):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
pipe2(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = inotify_init1(0x800)
inotify_add_watch(r3, &(0x7f0000000240)='.\x00', 0x60000526)
r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r4, 0xffffffffffffffff, 0x0)

6.597217581s ago: executing program 5 (id=1611):
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x0, 0x6}, 0x0)
ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_open_dev$MSR(0x0, 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, 0x0, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/56, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f0000000580)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0xdddd0000, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x800000f}, 0x94)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r2=>0xffffffffffffffff})
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
r3 = getpid()
sched_setscheduler(r3, 0x1, &(0x7f0000000100)=0x5)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x20044000)

6.061448413s ago: executing program 3 (id=1612):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MESH(r0, 0x0, 0x20000000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121480, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket(0x10, 0x80002, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)
fallocate(r1, 0x8, 0x4000, 0x4000)

5.990115564s ago: executing program 1 (id=1613):
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0xb, 0x8, 0xc, 0xffffffff, 0x1, 0x1}, 0x50)
socket$nl_route(0x10, 0x3, 0x0)
syz_emit_ethernet(0x19, &(0x7f0000000080)={@link_local, @broadcast, @val={@val={0x88a8, 0x0, 0x0, 0x1}, {0x8100, 0x0, 0x0, 0x4}}, {@x25={0x9900, {0x2, 0x0, 0xfb}}}}, 0x0)
socket$inet6(0xa, 0x80000, 0x10000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000280)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000180)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000040)='sched_switch\x00'}, 0x10)
r3 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x64, 0x6, 0x670, 0x0, 0x2e0, 0x428, 0x2e0, 0x2e0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x5a0, 0x6, 0x0, {[{{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x5}}}, {{@ipv6={@mcast1, @local, [], [], 'macvtap0\x00', 'ip6tnl0\x00', {}, {}, 0x6}, 0x0, 0xa8, 0xe8}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@broadcast}}}, {{@ipv6={@mcast2, @loopback, [], [], 'veth0_to_team\x00', 'syzkaller0\x00', {}, {0xff}}, 0x0, 0x100, 0x128, 0x0, {}, [@common=@unspec=@connmark={{0x30}}, @common=@inet=@socket1={{0x28, 'socket\x00', 0x3}}]}, @common=@unspec=@CONNSECMARK={0x28, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0x120, 0x148, 0x0, {}, [@common=@frag={{0x30}}, @common=@hbh={{0x48}, {0x0, 0x0, 0x0, [0x4]}}]}, @inet=@DSCP={0x28}}, {{@uncond, 0x0, 0x138, 0x178, 0x0, {}, [@common=@dst={{0x48}}, @common=@dst={{0x48}}]}, @inet=@TPROXY1={0x40, 'TPROXY\x00', 0x1, {0x0, 0x0, @ipv4=@dev}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x6d0)

4.968481513s ago: executing program 2 (id=1614):
syz_mount_image$btrfs(&(0x7f0000000000), &(0x7f0000000040)='./file1\x00', 0x800810, &(0x7f00000004c0)={[{@datacow}, {@nodatasum}, {@compress_force}, {@nossd_spread}, {@ssd}, {}, {@datacow}, {@nodiscard}]}, 0xfb, 0x50f9, &(0x7f0000005140)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734d2FpAqhUbJJahw38Xptk4daqqwpVSPSNOuGBlURxcZek8ULdmxTYhQiYxPRCEFpg5R8KMIoimo+QK1ARFJAuEhxhMojoioKIFBoDVEQKSWJSBOkUM3ee2bvnLvz8GONl/5+knfOzP887zw859475wIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwP8Ph75y1d82iz/82/Oefu7Cicv2rrvw5WvOO/3xECZnH+/Iwh3919868fM7z71r731rbrvnyPkf7M3L5fEwUP3Tmd+5LtZ6ZGkI93aE0J0GVg5mgZ78/mCs712DIZwW5gK1ElP9WYm04fD9vhD2h7lArarv9YUwWAhc8MRDD95YTdzSF8KyEEIlbePZStZGXxo4qzcL9KeBbd1Z4FdvZGqB73ZmAThu8c1Qe9EfnKzPMDJ/uQavv54T1rE3Vzq8rpgYaZzvZ+sWuFMFvekDk8f1tJWqY0GU3h6HvNsWwbuttJ1v9rQVv0jl31DemAtVQufmqS0br5zZFR/pDGNjXY1qWqDn+alXv7TpaNKL5nUYOzByQl6HNz227M6uFZ969J6Vy1488KF9Lx1vN39U2KTF9EKrhPw1t2iex2jC58kiePuVviWN+tIVQtjy+d/7dLN4af4/0nz+H1/O8bazLnes9fWhbG4eHxmMiVeGsrk5AAAALBqLYa/ptrEHPlYoPlxJ6ivN/0fbO/4fD/nnk/lstIdCmJhN7BsO4YzZx7PAHbG5S4ZDeO9sarI+sC4JHArhnbOJFbWqkhJLYonRJPCToTwwkQQOx8BkEvhWDNycBK6LgYNJYFMMHEoC58ZAmK4fx+8P5eNoO9AXAxuyjXgwnoXwi6HYWrKtnqlVBQAAcILks8Oe+ruFcx2ON0OcXh7sa5UhnoHdMEMlqSGdwdamVQ1r6G5VQ2erGmrj3tN8+KWaO1rVXDoNo6M+w62//JvPhCZK8//x5vP/yjwd6Sgd/w9h/ezfmLszj8zU4hsm6zIAAAAAx2Hgf5//ZrN4af4/0d75/3GfSFchc3gk7obYOhzCeH0gq/YPy4HsqPdAHgAAAIDFoHY8vnYsfDq/zU7RTufT5fyTR5k/HvifmDd/76H7NzTrb2n+P9ne+f/99bdZJw7HXnxtOIQlhcAPYi+rgVmjMfDjj9cH8vEfjhvghlhVfmJCraobYokNMTCeBPY3KvHDWokz6gP5k1VrfF9tHNN5iUIAAAAATrq4OyAel4/n/7/vN2uualauNP/fcHTn/8/Og0un988MhLCqO4Su9IcBj/RnCwPGwGBHnnigP6urK63q2v4QzqkOLK3q+Xz9/+50jcEn+rKqYuCM9x149axq4pt9IawqBp783O0friZ2JYFa43/ZF8J7qqNNG//OkqzxnrTxry8J4d2FQK2qS5aEUG2sN63qoUp+HYO0qn+uhPC2QqBW1UcqIewOACxS8b/SzcUHd+6+euvGmZmpHQuYiPvw+8KW6ZmpsU3bZjZXGvRpc9LnumWMri2Pqd0r3zyTL1H02bvXD7aTrv1OcLzYVr4fv3TiYH4/fhfqmR3nmp66u2vTIX/g/eUmQuGbVKMhdy7wkPuLlcw9iaX6Y/7eMBCWXLlzasfYFzfu2rVjdfa33exrsr/xMFO2rVan26p/vr618fJouFpW4li31fJiJat2Xb591c7dV6+cvnzjpVOXTl2x+iNrxs8eXzv+0bNXVUc1nv1tMdTl81WdDPWN29sc1wkc6pndhUpOxqeGhITEYktsG1je9P/k0vx/e/P5f/zUiZ/8+foMjY7/j8TD/Nnjc4f5N8TA/naP/480OppfOzFgNAnsiYE9DvMDAADw1hAn+XFvZtwr/dMV33mxWbnS/H9Pe7//P0Hr/9eWrj+/0TL/K2KJ8Ubr/6fL/NfW/9/TaP3/dJn/2vr/+9+E9f+vrAWSTfIL6/8DAABvBSdv/f+Wy/unFwgoZWi5vH96gYBShpbL+Ld7gYCjXv//2f/8q/8OTZTm/ze3N/+3cD8AAACcOr78Z1f9TrN4af6/v735/8lf/y80Ov9/tFFgstHCgNb/AwAAYJFqtP7fyPX9FzcrV5r/H2xv/h9Pu+isyx1rfX0oW9MupGvavTJU+8kAAAAALA6dYWysp828dSujrjv2Np/KlwJtli56/k+OHN35/4fam//X/S7jpseW3dm14lOPvn7PymUvHvjQvpfmjv8DAAAAC6fd/RIAAAAAAAAAAAAAAMCb7/n/2Lu2Wbz0+/+wfvbxRr//j9f9i78veHtd7lhr6/X/8vsXfPKu3bNLFj4yFML7i4Gte7eeFvJr8y8vBh68aMU7qom9aYn7nzv3hWri4jTwiZWnv1ZNnJMENsRFEt+ZBuJVFV9bmgTi8or/ngbi9jiYBnrzwFeXZuPoSLfVTwezbdWRbqunB0MYLgRq2+rewayNjnSAtySB2gC/kAbiAP88D3SmvbprIOtVDAzGorcNZL0CAOCUFb8F9oQt0zNT4/ErfLw9s7v+NqpbsuzacrUdbTb/TL402WfvXj/YTror/S46d63xnlCpDmF16etqMUvH7ChPTC0tNt3bGwy51WpvnQ3KpY520/U2HlFfNqKxTdtmNve0HPja1lnWdLfMsro02Slm6ZzdpG3U0kZf2hhRm9umjS7H+51hbKwryfUHMTgS6rR6RbT7e/3iOn+NXgXFPFcc2ferZvWV5v8j7c3/K8VxvZZfDGBPvLLe3w1b5h8AAAAW1lfX/fob8d9nrn/4yWZ5S/P/0fbm/3EPVn4oONvbcShe/3/fcAizl9YfyQJ3xOYuGQ7hvbOpyVgiu6D++bHEeBa4I+4wWRFLbJisr2pJDBxMAj8ZygOHksDhGMj3UhwI+a6cvx8K4cOzqfX1JbbHEiNJ4NMxMJoExmJgPAksjYGJJPDy0jwwmQT+LQbCdP22untpvq0AAACORj7P6qm/G9J53sHuVhk6WmXob5Whs1WGSqsMjUYR7387ZuhJTl7pKGTqSWvtS2opZYgXwz/qfpUyhB/W50wLlpqO5x/UzjfoqM9w38e6K6GJ0vx/vL35f3/9bdb64Tj/n7v+Xxb4Qeze1+Kp46Mx8OOP1wfyHQOH42T3hlpVk3mJfNJ+QywxEQOjSWB7DEwkgQ3r88D+d9QH8pl2rfF9tcan8xKFAAAAAJx0cQdB3E0T5/+37fzKQLNypfn/RHvz/9jeQLGx62KtR5aGcG/HXG9qgZWDWSDuxxiMP49/12AIpxV2cNRKTPVnJXqThsP3+7JfqPemVX2vL/vxQbx/wRMPPXhjNXFLXwjLCntfam08W8na6EsDZ/Vmgf40sK07C8Q9P7XAdzuzABy32l7B+ILKT3WpGZm/XIPX31vlmqDp8Er7QOfJN99vrhZKaYdrvk+15uietqb7bzlhSm+PQ95ti/HdNuLdVvwilX9DeWMuVAmdm6e2bLxyZld8pPhL1pIFep6Lv1JtJ30CXod7jr23rVXSDownHx/j85eb/3XYEau76bFld3at+NSj96xc9uKBD+17qe1uNBB/KPzQNf86+KPC5l1olZC/5hbd58mkz5NF8d9A8u4e9bSFENa//PUbmsVL8//J9ub/3cntrF/HjblzOIQPFDbuI3Hz//Fw9jlYCGSfkm8rB7JD7v811PCTEwAAAE602u6O2v6C6fw2OyE8nSeX808eZf64v2Ji3vzt9rv/ry9a1ixemv9vaD7/X5J00/F/x/9ZII7/z+tU3xW9JH1gz3Htii5Vx4Jw/H9ep/q7zfH/eTn+7/j/fBz/b8Hx/3md6k9b6VvSdl+6Qggv/tEDTzeLl+b/29ub/1v/b/5F+2rr/21otP7f9kbr/+2x/h8AALCgGiw0l87zSqv3lTKkq/eVMrRcILDlEoPW/zvq9f9eOPPZ34QmSvP/Pe3N/+PLYaDY+mJZ/290fYOqbo6B7RYGBAAA4FTUaAcBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAb677/uF/NjeLP/zb855+7sKJy/auu/Dla847/fEQpmcf78jCHf3X3zrx8zvPvWvvfWtuu+fI+R+s5OV68tvfrcsda319KIT9hUcGY+KVoeqducAFn7xrd3c18chQCO8vBrbu3XpaNfGtoRCWFwMPXrTiHdXE3rTE/c+d+0I1cXEa+MTK01+rJs7JAx1pd/9xadbdjrS7Ny4NYbgQqHX3sqX1VdXa+NM80Jm28U+DWRsxMBiLfmMwayMGZmKJ6SUhrOoOoSut6uFKVlVXWtW/VLKqutKqvlwJ4ZwQQnda1XO9WVXd6cgf782qioEz3nfg1bOqif29IawqBp783O0fria+kARqjf9Fbwjvqb5k0sa/3ZM13pM2fktPCO8OIfSmJX7ZnZXoTUs83x3C2wqBWuOf7w5hd+AtIX741H2i7dx99daNMzNTOxYw0Zu31Re2TM9MjW3aNrO5kvSpkY5C+o1rj33sz7z6pU3V28/evX6wnXR3Xq5ntstreururj3Vex/71V+sZO75KNUf8/eGgbDkyp1TO8a+uHHXrh2rs7/tZl+T/e3Ko9m2Wr1YttXyYiWrdl2+fdXO3VevnL5846VTl05dsfoja8bPHl87/tGzV1VHNZ79PRFDvf3kD/XM7kIlJ+MDQEJCYrElOus+3cZP9Q/y0hf9uY72hMrsB3RpWlHM0jE7yhMx6HXHOOJj+Z7SckSrSxOHUpY182S5tj7L2tJkYq6WvizL7Pe60uSw2Fjn7CaN9zvD2FhXo+0wUn+3uHl/dhyb96l807WbBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4P/YgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24FgAAAAAQJi/dRg9GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHApAAD//7IeJCA=")
truncate(&(0x7f0000000680)='./file1\x00', 0x2)
r0 = open$dir(&(0x7f00000000c0)='./file1\x00', 0x0, 0x146)
ioctl$BTRFS_IOC_LOGICAL_INO_V2(r0, 0xc038943b, &(0x7f0000000000)={0x50d017, 0x0, '\x00', 0x1, 0x0})

3.963085363s ago: executing program 1 (id=1615):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MESH(r0, 0x0, 0x20000000)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121480, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setaffinity(r3, 0x8, &(0x7f0000000240)=0x2)
r6 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r7 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r6}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r7}, 0x2d)
socket(0x10, 0x80002, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
close_range(r2, 0xffffffffffffffff, 0x0)
fallocate(r1, 0x8, 0x4000, 0x4000)

3.956024103s ago: executing program 3 (id=1616):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
pipe2(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x2a0000a, 0x0, 0x0, 0x0, 0x0)
inotify_init1(0x800)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

2.704278065s ago: executing program 3 (id=1617):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c16, &(0x7f0000000040)={[{@nobh}, {@usrjquota}]}, 0xff, 0x240, &(0x7f00000002c0)="$eJzs3T1oO2UcB/DvXRL/tg1SdRHEFxARLZS6CS51UShIKSKCChURF6UVaotb6+TioLNKJ5ciblZH6VJcFMGpaoe6CFocLA46RJJrpbYRX1Jz4n0+cLm75J77Pcfd97kQOBKgsaaTzCdpJZlJ0klSnN/gzmqaPl3dnthfTnq9x34oBttV65WzdlNJtpI8kGSvLPJCO9nYferop4NH7nl9vXP3u7tPToz1IE8dHx0+evLO4msfLNy/8dkX3y0WmU/3d8d19Yoh77WL5KZ/o9h/RNGuuwf8FUuvvP9lP/c3J7lrkP9OylQn74216/Y6ue/tP2r75vef3zrOvgJXr9fr9O+BWz2gccok3RTlbJJquSxnZ6vv8F+1JssXV9dennl+dX3lubpHKuCqdJPDhz+69uHUhfx/26ryD/xPVT9KHT6+tPN1f+GkVXeHgLG4rZr17/8zz2zeG/mHxpF/aC75h+aSf2gu+Yfmkn9oLvmH5pJ/aC75h+aSf2iu8/kHAJqld63uJ5CButQ9/gAAAAAAAAAAAAAAAAAAAJdtT+wvn03jqvnJW8nxQ0naw+q3Bv9HnFw/eJ38sehv9puiajaSp+8YcQcjeq/mp69v+Kbe+p/eXm/9zZVk69Ukc+325euvOL3+/rkb/+TzzrMjFvibigvrDz4x3voX/bJTb/2Fg+Tj/vgzN2z8KXPLYD58/On2z9+I9V/6ecQdAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMDa/BgAA//8YZW08")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$BATADV_CMD_GET_MESH(r0, 0x0, 0x20000000)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x441, 0x104)
r1 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x121480, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet6(0xa, 0x2, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000180)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0}, 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0xf, &(0x7f0000000340)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000001dc0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r6}, 0x2d)
socket(0x10, 0x80002, 0x0)
r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r7, &(0x7f0000000000)={0x1f, 0xffff, 0x2}, 0x6)
close_range(r1, 0xffffffffffffffff, 0x0)

1.486252241s ago: executing program 1 (id=1618):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c000480080002400000000008000240df05007b08000240000007ff080002"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffff"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9", 0x5, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

267.730315ms ago: executing program 0 (id=1619):
socket$nl_generic(0x10, 0x3, 0x10)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x0, 0x6}, 0x0)
ioctl$PPPIOCGIDLE(0xffffffffffffffff, 0x8010743f, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x7fff, 0x0, 0x1}}, 0x40)
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0)
r1 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f0000000240)=r1)
ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/56, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/231, &(0x7f0000000580)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0xdddd0000, 0x73, &(0x7f00000001c0)=""/115}]})
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000002c0)={0x1, r1})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)

262.237255ms ago: executing program 3 (id=1620):
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480), 0x4)
pipe2(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_mount_image$fuse(0x0, &(0x7f0000000140)='./file0\x00', 0x2a0000a, 0x0, 0x0, 0x0, 0x0)
inotify_init1(0x800)
r3 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
close_range(r3, 0xffffffffffffffff, 0x0)

121.509128ms ago: executing program 1 (id=1621):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c000480080002400000000008000240df05007b08000240000007ff080002"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000ffffffffffff0000feffffffffffffff07"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
r1 = add_key$user(0x0, &(0x7f0000000440), &(0x7f00000000c0), 0x0, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

18.98015ms ago: executing program 0 (id=1622):
sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="8000000003080101000000000000000003000009050003003a0000003c"], 0x80}, 0x1, 0x0, 0x0, 0x20000000}, 0x8000)
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="050000000000000000"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, 0x0, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r1 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r2 = ioctl$KVM_CREATE_VM(r1, 0xae01, 0x0)
r3 = dup(r2)
ioctl$KVM_SET_USER_MEMORY_REGION(r2, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r2, r4, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r4, 0xae80, 0x0)

0s ago: executing program 5 (id=1623):
sendmsg$NL80211_CMD_START_AP(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000100)=ANY=[@ANYRES16, @ANYBLOB="0500000000000000", @ANYBLOB="3d000e0080000000ffffffffffff080211000000"], 0x70}, 0x1, 0x0, 0x0, 0x20004090}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = add_key$user(&(0x7f00000002c0), &(0x7f0000000300)={'syz', 0x0}, &(0x7f0000000280)="d25a9850a9d7", 0x6, 0xfffffffffffffffe)
r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000140)={r0, r1, r0}, &(0x7f00000000c0)=""/83, 0xfffffffffffffe4f, 0x0)
r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x20042, 0x0)
add_key$user(&(0x7f0000000080), 0x0, 0x0, 0x0, 0x0)
r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)
r4 = dup(r3)
ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000040)=[@text64={0x40, 0x0}], 0x1, 0x11, 0x0, 0x0)
syz_kvm_setup_cpu$x86(r3, r5, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r5, 0xae80, 0x0)

kernel console output (not intermixed with test programs):

file0" dev="loop3" ino=1048627 res=1 errno=0
[  182.298705][   T26] audit: type=1800 audit(1759307262.442:43): pid=6015 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.453" name="bus" dev="loop5" ino=18 res=0 errno=0
[  182.363927][ T4308] Trying to write to read-only block-device loop5
[  182.377645][ T4883] Trying to write to read-only block-device loop5
[  182.384500][ T4308] Trying to write to read-only block-device loop5
[  182.404797][ T4883] Trying to write to read-only block-device loop5
[  182.429086][ T4308] Trying to write to read-only block-device loop5
[  182.436085][ T4883] Trying to write to read-only block-device loop5
[  182.454028][ T4308] Trying to write to read-only block-device loop5
[  182.488193][ T4308] Trying to write to read-only block-device loop5
[  182.579097][ T6001] udc-core: couldn't find an available UDC or it's busy
[  182.586635][ T6001] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  182.689872][ T4186] cdc_ether: probe of 2-1:1.0 failed with error -22
[  182.746235][ T4186] usb 2-1: USB disconnect, device number 17
[  182.923935][ T6034] device syz_tun entered promiscuous mode
[  182.938986][ T6034] device vlan3 entered promiscuous mode
[  183.037681][ T6041] binder: 6040:6041 unknown command 0
[  183.052794][ T6041] binder: 6040:6041 ioctl c0306201 200000000080 returned -22
[  183.084745][ T6041] binder: 6040:6041 ioctl c0306201 0 returned -14
[  183.092948][ T6041] binder: 6040:6041 ioctl c0306201 200000000000 returned -14
[  183.160536][ T6034] syz.0.462 (6034) used greatest stack depth: 20672 bytes left
[  183.229902][ T6047] loop3: detected capacity change from 0 to 128
[  183.267415][ T6050] loop0: detected capacity change from 0 to 128
[  183.290975][ T4186] usb 2-1: new full-speed USB device number 18 using dummy_hcd
[  183.389968][ T6050] attempt to access beyond end of device
[  183.389968][ T6050] loop0: rw=2049, want=250, limit=128
[  183.405115][   T26] audit: type=1804 audit(1759307263.712:44): pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.470" name="/newroot/75/file2/file0" dev="loop0" ino=1048629 res=1 errno=0
[  183.434402][   T26] audit: type=1804 audit(1759307263.742:45): pid=6050 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.470" name="/newroot/75/file2/file0" dev="loop0" ino=1048629 res=1 errno=0
[  183.502401][ T6061] netlink: 100 bytes leftover after parsing attributes in process `syz.3.474'.
[  183.603866][ T6063] smc: net device bond0 applied user defined pnetid SYZ0
[  183.608797][ T4234] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  183.616941][ T6063] smc: net device bond0 erased user defined pnetid SYZ0
[  183.753365][ T4186] usb 2-1: config index 0 descriptor too short (expected 301, got 72)
[  183.768720][ T4186] usb 2-1: config 16 has an invalid descriptor of length 0, skipping remainder of the config
[  183.792520][ T4186] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  183.803177][ T4186] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 1024, setting to 64
[  183.824363][ T4186] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  183.836132][ T4186] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  183.851849][ T4186] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1e, bcdDevice=61.23
[  183.878317][ T4186] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  183.967913][ T6074] loop0: detected capacity change from 0 to 2048
[  183.989493][ T4234] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  184.007309][ T6074] EXT4-fs (loop0): Ignoring removed bh option
[  184.014762][ T4234] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  184.056979][ T4234] usb 6-1: config 0 descriptor??
[  184.119802][ T6074] EXT4-fs (loop0): mounted filesystem without journal. Opts: discard,bh,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  184.120206][ T4186] usb 2-1: usb_control_msg returned -71
[  184.141009][ T4186] usbtmc 2-1:16.0: can't read capabilities
[  184.146897][ T4186] usbtmc 2-1:16.0: Failed to submit iin_urb
[  184.153277][ T4186] usbtmc: probe of 2-1:16.0 failed with error -90
[  184.172224][ T4186] usb 2-1: USB disconnect, device number 18
[  184.262786][ T6073] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  184.286409][ T6073] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  184.343588][ T6073] EXT4-fs (loop0): This should not happen!! Data will be lost
[  184.343588][ T6073] 
[  184.353810][ T6073] EXT4-fs (loop0): Total free blocks count 0
[  184.364373][ T6073] EXT4-fs (loop0): Free/Dirty block details
[  184.374280][ T6073] EXT4-fs (loop0): free_blocks=2415919104
[  184.399477][ T6073] EXT4-fs (loop0): dirty_blocks=16
[  184.405166][ T6073] EXT4-fs (loop0): Block reservation details
[  184.411358][ T6073] EXT4-fs (loop0): i_reserved_data_blocks=1
[  184.548900][ T4234] usb 6-1: Cannot set MAC address
[  184.563229][ T4234] MOSCHIP usb-ethernet driver: probe of 6-1:0.0 failed with error -71
[  184.608445][ T4234] usb 6-1: USB disconnect, device number 4
[  184.715561][   T26] audit: type=1326 audit(1759307265.022:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6094 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0765bbec9 code=0x7ffc0000
[  184.771876][   T26] audit: type=1326 audit(1759307265.022:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6094 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0765bbec9 code=0x7ffc0000
[  184.871801][   T26] audit: type=1326 audit(1759307265.052:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6094 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=235 compat=0 ip=0x7fb0765bbec9 code=0x7ffc0000
[  184.955627][   T26] audit: type=1326 audit(1759307265.052:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6094 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0765bbec9 code=0x7ffc0000
[  184.994882][   T26] audit: type=1326 audit(1759307265.052:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6094 comm="syz.2.489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fb0765bbec9 code=0x7ffc0000
[  185.038964][ T6108] binder: 6107:6108 unknown command 0
[  185.055353][ T6108] binder: 6107:6108 ioctl c0306201 200000000080 returned -22
[  185.167736][ T6115] binder: 6113:6115 unknown command 0
[  185.227439][ T6115] binder: 6113:6115 ioctl c0306201 200000000080 returned -22
[  186.093477][ T6126] netlink: 8 bytes leftover after parsing attributes in process `syz.2.500'.
[  186.164070][ T6128] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=3303861288 (422894244864 ns) > initial count (241705619456 ns). Using initial count to start timer.
[  186.210469][ T6134] Disabled LAPIC found during irq injection
[  186.678242][ T6156] loop2: detected capacity change from 0 to 1024
[  186.780329][ T6156] EXT4-fs (loop2): mounted filesystem without journal. Opts: barrier,nodioread_nolock,noquota,barrier,auto_da_alloc,nodioread_nolock,,errors=continue. Quota mode: none.
[  186.830206][ T6156] ext4 filesystem being mounted at /106/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  186.861359][ T4258] usb 2-1: new high-speed USB device number 19 using dummy_hcd
[  186.932641][ T6168] netlink: 20 bytes leftover after parsing attributes in process `syz.0.517'.
[  186.991800][ T6156] EXT4-fs error (device loop2): ext4_map_blocks:739: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 3)
[  187.006488][ T6166] loop5: detected capacity change from 0 to 128
[  187.030034][ T6156] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 3 with max blocks 3 with error 117
[  187.081765][ T6156] EXT4-fs (loop2): This should not happen!! Data will be lost
[  187.081765][ T6156] 
[  187.105005][ T6170] tipc: Started in network mode
[  187.122317][ T6170] tipc: Node identity 96c07b8d6d0b, cluster identity 4711
[  187.124613][ T4258] usb 2-1: Using ep0 maxpacket: 8
[  187.144327][ T6170] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  187.159739][ T6156] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.187840][ T6171] device syzkaller0 entered promiscuous mode
[  187.234023][ T6170] tipc: Resetting bearer <eth:syzkaller0>
[  187.253439][ T6169] tipc: Resetting bearer <eth:syzkaller0>
[  187.279828][ T6169] tipc: Disabling bearer <eth:syzkaller0>
[  187.289081][ T4258] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8D has an invalid bInterval 42, changing to 9
[  187.303105][ T6154] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.307692][ T4258] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  187.331813][ T6156] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.334132][ T4258] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  187.356944][ T6154] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.362642][ T4258] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x8B has invalid maxpacket 12592, setting to 1024
[  187.390061][ T4258] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 1024
[  187.404696][ T4258] usb 2-1: New USB device found, idVendor=05ac, idProduct=8215, bcdDevice=8f.58
[  187.411411][ T6156] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.417254][ T4258] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  187.442656][ T6154] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.458104][ T6156] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.474667][ T6154] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.501023][ T4258] usb 2-1: config 0 descriptor??
[  187.507049][ T6156] EXT4-fs error (device loop2): ext4_map_blocks:629: inode #15: block 3: comm syz.2.512: lblock 3 mapped to illegal pblock 3 (length 1)
[  187.531491][ T6153] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  187.585701][ T6176] loop3: detected capacity change from 0 to 2048
[  187.742165][ T4631] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 8 with max blocks 8 with error 117
[  187.773445][ T4631] EXT4-fs (loop2): This should not happen!! Data will be lost
[  187.773445][ T4631] 
[  188.036514][ T4194] Bluetooth: hci5: Received unexpected HCI Event 00000000
[  188.246105][ T4186] usb 2-1: USB disconnect, device number 19
[  188.361485][ T6191] capability: warning: `syz.2.526' uses 32-bit capabilities (legacy support in use)
[  188.903406][ T6199] loop0: detected capacity change from 0 to 256
[  188.918089][ T6198] loop2: detected capacity change from 0 to 128
[  188.929553][ T6202] loop1: detected capacity change from 0 to 256
[  188.944820][ T4234] hid-generic 0000:0000:0000.0005: unknown main item tag 0x0
[  188.954055][ T4234] hid-generic 0000:0000:0000.0005: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  188.964997][ T6204] loop5: detected capacity change from 0 to 1024
[  188.981484][ T6202] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  189.027667][ T6198] attempt to access beyond end of device
[  189.027667][ T6198] loop2: rw=2049, want=250, limit=128
[  189.077956][   T26] audit: type=1804 audit(1759307269.382:51): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.529" name="/newroot/109/file2/file0" dev="loop2" ino=1048632 res=1 errno=0
[  189.109408][   T26] audit: type=1804 audit(1759307269.412:52): pid=6198 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.529" name="/newroot/109/file2/file0" dev="loop2" ino=1048632 res=1 errno=0
[  189.343886][ T6204] Error parsing options; rc = [-22]
[  189.651549][ T6215] fido_id[6215]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  189.657387][ T6222] device syzkaller1 entered promiscuous mode
[  190.855306][ T6241] loop2: detected capacity change from 0 to 256
[  190.878459][ T6241] FAT-fs (loop2): Unrecognized mount option "fs" or missing value
[  191.836167][ T6242] crypto_alloc_aead failed rc=-2
[  191.877053][ T6256] netlink: 12 bytes leftover after parsing attributes in process `syz.5.547'.
[  191.907099][ T4258] Bluetooth: hci0: command 0x0406 tx timeout
[  191.913694][ T4258] Bluetooth: hci3: command 0x0406 tx timeout
[  191.920659][ T4258] Bluetooth: hci2: command 0x0406 tx timeout
[  192.329026][ T6237] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  192.789126][ T6237] usb 1-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  192.886836][ T6237] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  193.086655][ T6237] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  193.126412][ T6286] loop1: detected capacity change from 0 to 256
[  193.133361][ T6237] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  193.191808][ T6237] usb 1-1: config 0 descriptor??
[  193.210597][ T6284] loop5: detected capacity change from 0 to 4096
[  193.228824][ T4234] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  193.251435][ T6237] usbhid 1-1:0.0: couldn't find an input interrupt endpoint
[  193.259558][ T6286] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  193.308903][ T6284] /dev/loop5: Can't open blockdev
[  193.589059][ T4234] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  194.144540][ T6299] binder: 6298:6299 unknown command 0
[  194.165348][ T6299] binder: 6298:6299 ioctl c0306201 200000000080 returned -22
[  194.198817][ T6299] binder: 6298:6299 ioctl c0306201 0 returned -14
[  194.206121][ T6299] binder: 6298:6299 ioctl c0306201 200000000000 returned -14
[  194.277444][ T4234] usb 3-1: config 27 interface 0 altsetting 0 has an invalid endpoint with address 0x0, skipping
[  194.288551][ T4234] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  194.298394][ T4234] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  194.344105][ T4234] usb 3-1: invalid MIDI out EP 0
[  194.368784][ T6305] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  194.377491][ T6305] IPv6: NLM_F_CREATE should be set when creating new route
[  194.405037][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  194.411526][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  194.420710][ T4234] snd-usb-audio: probe of 3-1:27.0 failed with error -22
[  194.461538][ T4344] usb 4-1: new low-speed USB device number 11 using dummy_hcd
[  194.469285][ T6310] netlink: 'syz.5.565': attribute type 1 has an invalid length.
[  194.477361][ T6310] netlink: 16 bytes leftover after parsing attributes in process `syz.5.565'.
[  194.522992][ T6312] loop5: detected capacity change from 0 to 128
[  194.534260][ T4559] udevd[4559]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  195.582583][ T4235] usb 1-1: USB disconnect, device number 6
[  195.588935][ T4344] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  195.606334][ T4344] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.673861][ T4344] usb 4-1: config 0 descriptor??
[  195.843696][   T26] audit: type=1326 audit(1759307276.152:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6323 comm="syz.0.570" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e662bec9 code=0x7fc00000
[  195.960656][ T6330] netlink: 16 bytes leftover after parsing attributes in process `syz.0.572'.
[  196.668960][   T23] usb 3-1: USB disconnect, device number 6
[  196.826953][ T6358] binder: 6357:6358 unknown command 0
[  196.840092][ T6358] binder: 6357:6358 ioctl c0306201 200000000080 returned -22
[  196.877621][ T6358] binder: BINDER_SET_CONTEXT_MGR already set
[  196.894363][ T6358] binder: 6357:6358 ioctl 4018620d 2000000002c0 returned -16
[  196.909315][ T6358] binder: 6357:6358 ioctl c0306201 0 returned -14
[  197.010269][ T6360] netlink: 16 bytes leftover after parsing attributes in process `syz.5.583'.
[  197.174937][ T6366] loop5: detected capacity change from 0 to 64
[  197.222514][ T6368] netdevsim netdevsim2: Direct firmware load for �í failed with error -2
[  197.231725][ T6368] netdevsim netdevsim2: Falling back to sysfs fallback for: �í
[  197.308881][ T4344] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  197.322266][ T4344] asix 4-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  197.338174][ T4344] asix: probe of 4-1:0.0 failed with error -71
[  197.355827][ T4344] usb 4-1: USB disconnect, device number 11
[  197.642230][ T6375] netlink: 4 bytes leftover after parsing attributes in process `syz.0.590'.
[  197.805295][ T6379] loop1: detected capacity change from 0 to 256
[  197.944031][ T6382] binder: 6380:6382 unknown command 0
[  197.958821][ T6382] binder: 6380:6382 ioctl c0306201 200000000080 returned -22
[  197.969110][ T4344] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  197.987675][ T6382] binder: 6380:6382 ioctl c0306201 0 returned -14
[  198.052543][ T6385] loop3: detected capacity change from 0 to 2048
[  198.075922][ T6387] netlink: 16 bytes leftover after parsing attributes in process `syz.1.595'.
[  198.219020][ T6385] EXT4-fs (loop3): mounted filesystem without journal. Opts: bsdgroups,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  198.349017][ T4344] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  198.374531][ T4344] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  198.404508][ T4344] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  198.421698][ T4344] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  198.434388][ T4344] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.454611][ T6403] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 25 vs 150994969 free clusters
[  198.481529][ T6403] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 320 with error 28
[  198.513778][ T6403] EXT4-fs (loop3): This should not happen!! Data will be lost
[  198.513778][ T6403] 
[  198.553895][ T4344] snd-usb-audio: probe of 1-1:27.0 failed with error -12
[  198.557415][ T6403] EXT4-fs (loop3): Total free blocks count 0
[  198.588804][ T6403] EXT4-fs (loop3): Free/Dirty block details
[  198.605001][ T6403] EXT4-fs (loop3): free_blocks=2415919104
[  198.605896][ T6403] EXT4-fs (loop3): dirty_blocks=336
[  198.605916][ T6403] EXT4-fs (loop3): Block reservation details
[  198.605931][ T6403] EXT4-fs (loop3): i_reserved_data_blocks=21
[  198.611932][   T23] usb 6-1: new full-speed USB device number 5 using dummy_hcd
[  198.619968][ T4559] udevd[4559]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  198.671351][ T6410] mmap: syz.1.602 (6410) uses deprecated remap_file_pages() syscall. See Documentation/vm/remap_file_pages.rst.
[  198.676730][ T4234] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  198.678280][ T6410] loop1: detected capacity change from 0 to 512
[  198.719705][ T4308] EXT4-fs (loop3): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 2 with error 28
[  198.719739][ T4308] EXT4-fs (loop3): This should not happen!! Data will be lost
[  198.719739][ T4308] 
[  198.744098][ T6410] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  198.744205][ T6410] ext4 filesystem being mounted at /113/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  198.932222][ T4234] usb 3-1: Using ep0 maxpacket: 16
[  199.394085][   T23] usb 6-1: New USB device found, idVendor=13d3, idProduct=3224, bcdDevice=cb.0d
[  199.420398][   T23] usb 6-1: New USB device strings: Mfr=1, Product=12, SerialNumber=3
[  199.460146][   T23] usb 6-1: Product: syz
[  199.484530][   T23] usb 6-1: Manufacturer: syz
[  199.508344][   T23] usb 6-1: SerialNumber: syz
[  199.757977][   T23] dvb-usb: found a 'DigitalNow TinyUSB 2 DVB-t Receiver' in warm state.
[  199.783810][ T4631] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 96 vs 65376 free clusters
[  199.803548][ T4631] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 1 with max blocks 1029 with error 28
[  199.816279][ T4631] EXT4-fs (loop1): This should not happen!! Data will be lost
[  199.816279][ T4631] 
[  199.826356][ T4631] EXT4-fs (loop1): Total free blocks count 0
[  199.832612][ T4631] EXT4-fs (loop1): Free/Dirty block details
[  199.838598][ T4631] EXT4-fs (loop1): free_blocks=65280
[  199.845227][ T4631] EXT4-fs (loop1): dirty_blocks=1029
[  199.851650][ T4631] EXT4-fs (loop1): Block reservation details
[  199.857678][ T4631] EXT4-fs (loop1): i_reserved_data_blocks=1029
[  200.012353][ T6419] loop1: detected capacity change from 0 to 2048
[  200.033164][ T4234] usb 3-1: New USB device found, idVendor=0d49, idProduct=7010, bcdDevice= c.90
[  200.048862][ T4234] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  200.057460][ T4234] usb 3-1: Product: syz
[  200.061834][ T4234] usb 3-1: Manufacturer: syz
[  200.068923][ T4234] usb 3-1: SerialNumber: syz
[  200.081914][ T4234] usb 3-1: config 0 descriptor??
[  200.093548][ T6419]  loop1: p1 p2 p3
[  200.130307][ T4234] ums-onetouch 3-1:0.0: USB Mass Storage device detected
[  200.223543][ T4202] udevd[4202]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  200.243626][ T4174] udevd[4174]: inotify_add_watch(7, /dev/loop1p2, 10) failed: No such file or directory
[  200.247156][   T23] dvb-usb: This USB2.0 device cannot be run on a USB1.1 port. (it lacks a hardware PID filter)
[  200.255482][ T4559] udevd[4559]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  200.276612][   T23] dvb-usb: DigitalNow TinyUSB 2 DVB-t Receiver error while loading driver (-19)
[  200.361966][ T6423] loop1: detected capacity change from 0 to 4096
[  200.372006][ T4322] usb 3-1: USB disconnect, device number 7
[  200.443896][ T6424] NILFS (loop1): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  200.478564][ T4234] usb 6-1: USB disconnect, device number 5
[  200.767062][ T6430] netlink: 16 bytes leftover after parsing attributes in process `syz.1.608'.
[  200.829834][ T6432] loop1: detected capacity change from 0 to 256
[  200.956203][   T23] usb 1-1: USB disconnect, device number 7
[  200.960677][ T6432] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  202.740031][ T6461] netlink: 16 bytes leftover after parsing attributes in process `syz.1.619'.
[  202.743538][ T6456] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  202.917986][ T6469] loop1: detected capacity change from 0 to 1024
[  203.102567][    T7] usb 1-1: new high-speed USB device number 8 using dummy_hcd
[  203.283855][ T6476] loop1: detected capacity change from 0 to 256
[  203.333180][ T6476] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  203.603605][    T7] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  203.646209][    T7] usb 1-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  204.388350][    T7] usb 1-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  204.400364][    T7] usb 1-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  204.410108][    T7] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  204.622668][    T7] snd-usb-audio: probe of 1-1:27.0 failed with error -12
[  204.936402][ T4559] udevd[4559]: error opening ATTR{/sys/devices/platform/dummy_hcd.0/usb1/1-1/1-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  206.151128][ T6498] loop2: detected capacity change from 0 to 8
[  206.228105][    T7] usb 2-1: new high-speed USB device number 20 using dummy_hcd
[  206.292059][ T6498] SQUASHFS error: zlib decompression failed, data probably corrupt
[  206.314209][ T6498] SQUASHFS error: Failed to read block 0x4de: -5
[  206.326926][ T6498] SQUASHFS error: Failed to read block 0x4e2: -5
[  206.349203][ T6498] SQUASHFS error: Failed to read block 0x9ca: -5
[  206.356962][ T6498] SQUASHFS error: Failed to read block 0x2cf2: -5
[  206.371469][ T6498] SQUASHFS error: Failed to read block 0x52cf2: -5
[  206.381543][ T6498] SQUASHFS error: Failed to read block 0x535f2: -5
[  206.402339][   T26] audit: type=1800 audit(1759307286.198:54): pid=6498 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.629" name="file1" dev="loop2" ino=5 res=0 errno=0
[  206.576904][ T6503] netlink: 16 bytes leftover after parsing attributes in process `syz.2.631'.
[  207.369333][ T4234] usb 4-1: new low-speed USB device number 12 using dummy_hcd
[  207.377488][    T7] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  207.389458][ T4235] usb 1-1: USB disconnect, device number 8
[  207.419425][    T7] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 3
[  207.665887][ T6515] loop2: detected capacity change from 0 to 256
[  207.675335][ T6515] FAT-fs (loop2): Unrecognized mount option "fs" or missing value
[  208.468959][    T7] usb 2-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  208.479242][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=67
[  208.487727][    T7] usb 2-1: SerialNumber: syz
[  209.464673][    T7] usb 2-1: 0:2 : does not exist
[  209.514923][ T4234] usb 4-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  209.524021][ T4234] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  209.546808][    T7] usb 2-1: USB disconnect, device number 20
[  209.557064][    C1] sched: RT throttling activated
[  209.573466][ T6525] loop2: detected capacity change from 0 to 7
[  209.632846][ T4234] usb 4-1: config 0 descriptor??
[  209.685853][ T6525] Dev loop2: unable to read RDB block 7
[  209.738934][ T6525]  loop2: unable to read partition table
[  209.750411][ T6525] loop2: partition table beyond EOD, truncated
[  209.767903][ T6525] loop_reread_partitions: partition scan of loop2 (þ被xü—ŸÑà– ) failed (rc=-5)
[  209.877590][ T6529] loop3: detected capacity change from 0 to 8192
[  209.892897][ T4234] usb 4-1: can't set config #0, error -71
[  209.900014][ T4234] usb 4-1: USB disconnect, device number 12
[  210.957909][ T4201] udevd[4201]: error opening ATTR{/sys/devices/platform/dummy_hcd.1/usb2/2-1/2-1:1.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  211.030146][ T6541] loop0: detected capacity change from 0 to 1024
[  211.421125][ T4235] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  211.481582][ T6541] EXT4-fs (loop0): Ignoring removed nomblk_io_submit option
[  211.550718][ T6541] EXT4-fs (loop0): Ignoring removed bh option
[  211.941114][ T4235] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  211.962731][ T4235] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid wMaxPacketSize 0
[  211.979011][ T6547] loop1: detected capacity change from 0 to 1024
[  212.016934][ T4235] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 0
[  212.027227][ T4235] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  212.037445][ T4235] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  212.058194][ T6541] EXT4-fs (loop0): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x000000000000000a,data_err=ignore,grpquota,nomblk_io_submit,user_xattr,bh,errors=remount-ro,. Quota mode: writeback.
[  212.138996][   T26] audit: type=1800 audit(1759307291.568:55): pid=6541 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.644" name="file1" dev="loop0" ino=15 res=0 errno=0
[  212.171172][ T4235] snd-usb-audio: probe of 3-1:27.0 failed with error -12
[  212.196345][ T6547] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  212.291912][ T6541] EXT4-fs error (device loop0): ext4_mb_mark_diskspace_used:3871: comm syz.0.644: Allocating blocks 449-513 which overlap fs metadata
[  212.344865][ T6541] EXT4-fs (loop0): Remounting filesystem read-only
[  212.411592][ T6541] EXT4-fs (loop0): pa ffff88801fef0c40: logic 256, phys. 385, len 8
[  212.420976][ T6541] EXT4-fs error (device loop0): ext4_mb_release_inode_pa:4888: group 0, free 0, pa_free 4
[  214.476903][ T6541] EXT4-fs (loop0): Remounting filesystem read-only
[  215.592062][ T6572] loop3: detected capacity change from 0 to 8
[  215.623634][ T6564] vhci_hcd vhci_hcd.0: pdev(5) rhport(0) sockfd(3)
[  215.631014][ T6564] vhci_hcd vhci_hcd.0: devid(0) speed(1) speed_str(low-speed)
[  215.654706][ T4176] udevd[4176]: error opening ATTR{/sys/devices/platform/dummy_hcd.2/usb3/3-1/3-1:27.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  215.712873][ T6572] SQUASHFS error: zlib decompression failed, data probably corrupt
[  215.779720][ T6572] SQUASHFS error: Failed to read block 0x9b: -5
[  215.837036][ T6572] SQUASHFS error: Unable to read metadata cache entry [99]
[  215.889887][ T6572] SQUASHFS error: Unable to read inode 0x127
[  215.919692][ T6564] vhci_hcd vhci_hcd.0: Device attached
[  216.098194][ T4235] usb 3-1: USB disconnect, device number 8
[  216.312809][ T1111] usb 43-1: new low-speed USB device number 2 using vhci_hcd
[  216.329573][ T6564] loop5: detected capacity change from 0 to 1024
[  216.795942][ T6586] loop0: detected capacity change from 0 to 8
[  216.812680][ T6583] loop1: detected capacity change from 0 to 512
[  216.859395][ T6586] SQUASHFS error: Unable to read inode 0x11f
[  216.919737][ T6583] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  216.986897][ T6583] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  217.209022][ T6583] EXT4-fs (loop1): 1 truncate cleaned up
[  218.562080][ T6583] EXT4-fs (loop1): mounted filesystem without journal. Opts: nombcache,dioread_lock,nodiscard,nomblk_io_submit,noblock_validity,jqfmt=vfsv1,,errors=continue. Quota mode: none.
[  218.968844][ T6583] EXT4-fs (loop1): shut down requested (1)
[  221.489835][ T6620] cgroup: release_agent respecified
[  221.817985][ T4234] usb 6-1: new high-speed USB device number 6 using dummy_hcd
[  221.894142][ T6626] loop3: detected capacity change from 0 to 1024
[  222.113353][ T6626] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  222.192037][ T6626] ext4 filesystem being mounted at /132/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  222.234852][ T4234] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  223.675698][ T6629] EXT4-fs error (device loop3): ext4_mb_generate_buddy:1147: group 0, block bitmap and bg descriptor inconsistent: 21 vs 268369941 free clusters
[  223.710969][ T4234] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  223.743541][ T4234] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  223.771751][ T4234] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  223.818232][ T4234] usb 6-1: config 0 descriptor??
[  223.961134][ T6636] loop2: detected capacity change from 0 to 64
[  224.254911][ T4344] usb 4-1: new high-speed USB device number 13 using dummy_hcd
[  225.541184][ T4344] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  225.565898][ T4344] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  225.646438][ T4344] usb 4-1: config 0 descriptor??
[  225.965427][ T4344] [drm] vendor descriptor length:6 data:06 5f 00 00 00 00 00 00 00 00 00
[  225.988960][ T6651] loop2: detected capacity change from 0 to 1024
[  226.012494][ T4234] usbhid 6-1:0.0: can't add hid device: -71
[  226.036259][ T4344] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  226.044808][ T4234] usbhid: probe of 6-1:0.0 failed with error -71
[  226.051218][ T6651] EXT4-fs (loop2): Ignoring removed orlov option
[  226.083381][ T4234] usb 6-1: USB disconnect, device number 6
[  226.186887][ T6651] EXT4-fs (loop2): mounted filesystem without journal. Opts: min_batch_time=0x0000000000000009,journal_dev=0x0000000000001045,errors=continue,noquota,data_err=ignore,noblock_validity,delalloc,noauto_da_alloc,orlov,user_xattr,nodioread_nolock,mb_optimize_scan=0x0000000000000001,,errors=continue. Quota mode: none.
[  226.240173][ T4344] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  226.249052][ T4344] [drm] Initialized udl on minor 2
[  227.687095][ T4344] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffff92
[  227.701716][ T4344] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  227.771721][ T4234] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffe0
[  227.825301][ T4234] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffe0
[  227.873198][ T4234] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  227.892857][ T4249] usb 4-1: USB disconnect, device number 13
[  227.963424][ T6671] loop3: detected capacity change from 0 to 256
[  230.159192][ T6687] loop5: detected capacity change from 0 to 512
[  232.495488][ T6688] binder: 6686:6688 ioctl 4018620d 0 returned -22
[  233.319443][ T4344] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  233.575906][ T4344] usb 3-1: Using ep0 maxpacket: 32
[  233.594304][ T6701] loop0: detected capacity change from 0 to 512
[  233.704347][ T4344] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  233.725600][ T4344] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  233.779037][ T4344] usb 3-1: config 0 has no interface number 0
[  233.796879][ T4344] usb 3-1: config 0 interface 67 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  233.810370][ T6701] EXT4-fs (loop0): Test dummy encryption mode enabled
[  233.840258][ T4344] usb 3-1: config 0 interface 67 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  233.882905][ T6701] EXT4-fs (loop0): Ignoring removed nobh option
[  233.993112][ T6701] EXT4-fs (loop0): Test dummy encryption mode enabled
[  234.046491][ T6701] EXT4-fs (loop0): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  234.092883][ T4344] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  234.109100][ T4344] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  234.150848][ T4344] usb 3-1: Product: syz
[  234.155665][ T4344] usb 3-1: Manufacturer: syz
[  234.160518][ T4344] usb 3-1: SerialNumber: syz
[  234.186208][ T6701] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,nobh,minixdf,jqfmt=vfsv1,prjquota,dioread_nolock,barrier=0x000000000000000b,errors=remount-ro,auto_da_alloc,test_dummy_encryption,min_batch_time=0x0000000000000004,. Quota mode: writeback.
[  234.242940][ T4344] usb 3-1: config 0 descriptor??
[  234.309451][ T4344] smsc95xx v2.0.0
[  234.315490][ T4344] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): usbnet_get_endpoints failed: -22
[  234.389565][ T4344] smsc95xx: probe of 3-1:0.67 failed with error -22
[  235.799367][ T6716] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  235.835969][ T6716] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  238.240405][ T6716] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  238.316197][ T6716] syz.5.687 (6716) used greatest stack depth: 20160 bytes left
[  238.379290][   T21] usb 3-1: USB disconnect, device number 9
[  239.669719][ T6739] netlink: 116 bytes leftover after parsing attributes in process `syz.1.677'.
[  241.396932][ T6754] loop2: detected capacity change from 0 to 128
[  241.432675][   T21] usb 2-1: new high-speed USB device number 21 using dummy_hcd
[  241.504654][   T26] audit: type=1800 audit(1759307319.034:56): pid=6754 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.700" name="file2" dev="loop2" ino=1048637 res=0 errno=0
[  241.528952][ T6754] FAT-fs (loop2): error, invalid access to FAT (entry 0x00000100)
[  241.538191][ T6754] FAT-fs (loop2): Filesystem has been set read-only
[  242.129884][ T6749] loop0: detected capacity change from 0 to 4096
[  242.362513][   T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7
[  242.373845][   T21] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0
[  242.383555][   T21] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  242.397114][   T21] usb 2-1: New USB device found, idVendor=abcd, idProduct=cdee, bcdDevice= 5.b9
[  242.407132][   T21] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  242.417756][   T21] usb 2-1: config 0 descriptor??
[  242.460921][   T21] gspca_main: spca561-2.14.0 probing abcd:cdee
[  242.533660][ T6749] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  242.628221][ T6760] loop2: detected capacity change from 0 to 1024
[  245.430439][   T21] spca561: probe of 2-1:0.0 failed with error -22
[  246.030297][   T21] usb 2-1: MIDIStreaming interface descriptor not found
[  246.164050][ T4201] udevd[4201]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  246.277042][   T26] audit: type=1326 audit(1759307323.506:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  246.312316][ T4322] usb 2-1: USB disconnect, device number 21
[  246.366115][ T4557] udevd[4557]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  246.422763][   T26] audit: type=1326 audit(1759307323.562:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=334 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  246.432134][ T4201] udevd[4201]: inotify_add_watch(7, /dev/loop0, 10) failed: No such file or directory
[  247.968752][ T6786] loop3: detected capacity change from 0 to 1024
[  248.010998][ T6779] loop2: detected capacity change from 0 to 1024
[  248.027850][   T26] audit: type=1326 audit(1759307323.562:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.108323][ T6779] EXT4-fs (loop2): quotafile must be on filesystem root
[  248.167097][ T6786] EXT4-fs (loop3): mounted filesystem without journal. Opts: user_xattr,nogrpid,noinit_itable,nogrpid,block_validity,max_dir_size_kb=0x00000000000007b1,nojournal_checksum,errors=remount-ro,jqfmt=vfsold,jqfmt=vfsv0,data_err=ignore,. Quota mode: none.
[  248.199309][   T26] audit: type=1326 audit(1759307323.562:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.275774][   T26] audit: type=1326 audit(1759307323.562:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.403782][   T26] audit: type=1326 audit(1759307323.562:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.479721][   T26] audit: type=1326 audit(1759307323.562:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.578285][   T26] audit: type=1326 audit(1759307323.562:64): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=111 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.645066][   T26] audit: type=1326 audit(1759307323.562:65): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.681474][   T26] audit: type=1326 audit(1759307323.562:66): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.725238][   T26] audit: type=1326 audit(1759307323.619:67): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=434 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  248.754737][   T26] audit: type=1326 audit(1759307323.619:68): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6774 comm="syz.3.704" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  249.580246][ T6814] loop2: detected capacity change from 0 to 128
[  251.499797][ T6814] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  252.000721][ T6822] UDF-fs: error (device loop2): udf_bitmap_new_block: bitmap for partition 0 corrupted (block 264 marked as free, partition length is 40)
[  252.805555][ T6816] loop3: detected capacity change from 0 to 16384
[  253.927919][ T4186] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  255.349981][ T4249] Bluetooth: hci1: command 0x0405 tx timeout
[  255.595946][ T4186] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  255.617058][ T4186] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  255.638252][ T4186] usb 6-1: New USB device found, idVendor=28de, idProduct=1142, bcdDevice= 0.00
[  255.647858][ T4186] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  255.680176][ T4186] usb 6-1: config 0 descriptor??
[  256.280874][ T6865] loop1: detected capacity change from 0 to 8
[  257.156123][ T6865] SQUASHFS error: zlib decompression failed, data probably corrupt
[  257.186774][ T6865] SQUASHFS error: Failed to read block 0x4de: -5
[  257.212089][ T6865] SQUASHFS error: Failed to read block 0x4e2: -5
[  257.218943][ T6865] SQUASHFS error: Failed to read block 0x9ca: -5
[  257.246760][ T6865] SQUASHFS error: Failed to read block 0x2cf2: -5
[  257.249774][ T6872] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  257.270256][ T6881] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  257.288345][ T6865] SQUASHFS error: Failed to read block 0x52cf2: -5
[  257.325843][ T6872] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  257.348984][ T6865] SQUASHFS error: Failed to read block 0x535f2: -5
[  257.367176][   T26] kauditd_printk_skb: 4 callbacks suppressed
[  257.367193][   T26] audit: type=1800 audit(1759307333.872:73): pid=6865 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.731" name="file1" dev="loop1" ino=5 res=0 errno=0
[  257.434367][ T4186] usbhid 6-1:0.0: can't add hid device: -71
[  257.445223][ T4186] usbhid: probe of 6-1:0.0 failed with error -71
[  257.479900][ T4186] usb 6-1: USB disconnect, device number 7
[  259.742010][   T26] audit: type=1326 audit(1759307334.358:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  259.810291][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  259.816709][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  259.869875][   T26] audit: type=1326 audit(1759307334.358:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b2710 code=0x7ffc0000
[  259.962365][   T26] audit: type=1326 audit(1759307334.358:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  260.042410][   T26] audit: type=1326 audit(1759307334.358:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  260.115653][   T26] audit: type=1326 audit(1759307334.358:78): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  260.334125][   T26] audit: type=1326 audit(1759307334.368:79): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde1b8b2b2a code=0x7ffc0000
[  260.420273][   T26] audit: type=1326 audit(1759307334.368:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  260.734260][   T26] audit: type=1326 audit(1759307334.368:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  261.410621][   T26] audit: type=1326 audit(1759307334.368:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6883 comm="syz.5.736" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  264.216235][ T6942] loop3: detected capacity change from 0 to 8192
[  264.650152][ T6963] loop5: detected capacity change from 0 to 128
[  264.657440][ T6942] FAT-fs (loop3): error, clusters badly computed (2 != 1)
[  264.675697][ T6942] FAT-fs (loop3): Filesystem has been set read-only
[  266.526180][ T7012] netlink: 16 bytes leftover after parsing attributes in process `syz.0.783'.
[  266.683739][ T7018] loop3: detected capacity change from 0 to 512
[  266.722073][ T7018] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  267.123830][ T7026] loop2: detected capacity change from 0 to 128
[  267.344627][ T7040] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  267.387063][ T7043] netlink: 16 bytes leftover after parsing attributes in process `syz.5.795'.
[  267.731340][ T7049] loop3: detected capacity change from 0 to 128
[  268.578188][ T7052] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  268.581647][ T7057] loop1: detected capacity change from 0 to 128
[  268.658162][ T7052] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  269.126725][ T7071] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  269.134077][ T7071] IPv6: NLM_F_CREATE should be set when creating new route
[  269.141402][ T7071] IPv6: NLM_F_CREATE should be set when creating new route
[  269.462056][ T7074] netlink: 16 bytes leftover after parsing attributes in process `syz.0.807'.
[  270.510684][ T7084] IPv6: addrconf: prefix option has invalid lifetime
[  271.227654][ T7115] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  272.451098][ T7133] netlink: 48 bytes leftover after parsing attributes in process `syz.2.832'.
[  272.738996][ T7142] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  272.760562][ T7142] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  272.811913][ T7153] binder: 7152:7153 unknown command 0
[  272.827162][ T7153] binder: 7152:7153 ioctl c0306201 200000000080 returned -22
[  272.847452][ T7153] binder: BINDER_SET_CONTEXT_MGR already set
[  272.864541][ T7153] binder: 7152:7153 ioctl 4018620d 2000000002c0 returned -16
[  272.902780][ T7159] binder: 7152:7159 ioctl c0306201 200000000000 returned -22
[  272.914578][ T7159] binder_alloc: 7152: binder_alloc_buf, no vma
[  274.796261][ T7165] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  275.219165][ T7165] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  275.781764][ T7188] binder: 7186:7188 unknown command 0
[  275.821340][ T7188] binder: 7186:7188 ioctl c0306201 200000000080 returned -22
[  275.871267][ T7188] binder: BINDER_SET_CONTEXT_MGR already set
[  275.927368][ T7188] binder: 7186:7188 ioctl 4018620d 2000000002c0 returned -16
[  275.967245][ T7195] binder: 7186:7195 ioctl c0306201 200000000000 returned -22
[  276.000951][ T7188] binder_alloc: 7186: binder_alloc_buf, no vma
[  276.309918][ T7202] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  276.332957][ T7202] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  277.903597][ T7214] loop1: detected capacity change from 0 to 128
[  277.913093][ T7215] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  278.121907][   T26] kauditd_printk_skb: 11 callbacks suppressed
[  278.121923][   T26] audit: type=1800 audit(1759307353.293:94): pid=7214 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.856" name="file2" dev="loop1" ino=1048642 res=0 errno=0
[  278.135501][ T7214] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 550, start 00050006)
[  278.203447][ T7214] FAT-fs (loop1): Filesystem has been set read-only
[  278.947149][ T7234] binder: 7233:7234 unknown command 0
[  278.976587][ T7234] binder: 7233:7234 ioctl c0306201 200000000080 returned -22
[  279.013416][ T7234] binder: BINDER_SET_CONTEXT_MGR already set
[  279.037713][ T7234] binder: 7233:7234 ioctl 4018620d 200000000100 returned -16
[  279.058021][ T7234] binder: 7233:7234 ioctl c0306201 200000000000 returned -14
[  280.736013][   T26] audit: type=1326 audit(1759307355.735:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.048079][   T26] audit: type=1326 audit(1759307355.735:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.295272][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  281.352903][   T26] audit: type=1326 audit(1759307355.735:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.430006][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  281.541429][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  281.543421][   T26] audit: type=1326 audit(1759307355.735:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.575455][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  281.637861][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  281.718336][   T26] audit: type=1326 audit(1759307355.735:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.730800][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  281.759397][ T7272] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  281.816352][   T26] audit: type=1326 audit(1759307355.735:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.937358][ T7283] binder: 7282:7283 unknown command 0
[  281.944769][   T26] audit: type=1326 audit(1759307355.735:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  281.962033][ T7283] binder: 7282:7283 ioctl c0306201 200000000080 returned -22
[  282.006839][ T7283] binder: 7282:7283 ioctl c0306201 200000000000 returned -14
[  282.024070][   T26] audit: type=1326 audit(1759307355.735:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  283.484405][   T26] audit: type=1326 audit(1759307355.735:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  283.564365][   T26] audit: type=1326 audit(1759307355.735:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  283.608479][ T7297] loop5: detected capacity change from 0 to 256
[  283.642751][   T26] audit: type=1326 audit(1759307355.735:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  283.704337][   T26] audit: type=1326 audit(1759307355.735:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  283.781128][   T26] audit: type=1326 audit(1759307355.735:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=233 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  283.966743][   T26] audit: type=1326 audit(1759307355.735:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  284.325774][   T26] audit: type=1326 audit(1759307355.735:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  284.502075][   T26] audit: type=1326 audit(1759307355.735:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  284.580203][   T26] audit: type=1326 audit(1759307355.735:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  284.604366][   T26] audit: type=1326 audit(1759307355.735:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7257 comm="syz.5.873" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  284.912373][ T7328] loop3: detected capacity change from 0 to 256
[  284.982286][ T7328] FAT-fs (loop3): Unrecognized mount option "fs" or missing value
[  287.224743][ T7343] binder: 7342:7343 unknown command 0
[  287.246513][ T7343] binder: 7342:7343 ioctl c0306201 200000000080 returned -22
[  287.276032][ T7343] binder: 7342:7343 ioctl c0306201 200000000000 returned -14
[  287.700120][ T7362] loop2: detected capacity change from 0 to 128
[  287.710684][ T7350] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  287.719188][ T7350] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  290.228017][ T7398] binder: 7397:7398 unknown command 0
[  290.267104][ T7398] binder: 7397:7398 ioctl c0306201 200000000080 returned -22
[  290.379995][ T7396] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  290.431549][ T7396] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  291.783018][ T7421] loop3: detected capacity change from 0 to 256
[  291.950574][ T7421] FAT-fs (loop3): Unrecognized mount option "fs" or missing value
[  293.200363][ T7433] binder: 7431:7433 unknown command 0
[  293.205819][ T7433] binder: 7431:7433 ioctl c0306201 200000000080 returned -22
[  293.410716][ T7438] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  293.536755][   T26] kauditd_printk_skb: 25 callbacks suppressed
[  293.536789][   T26] audit: type=1326 audit(1759307367.719:138): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.3.928" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x0
[  294.550745][ T7457] loop2: detected capacity change from 0 to 256
[  294.709013][ T7457] FAT-fs (loop2): Unrecognized mount option "fs" or missing value
[  297.189147][ T7475] binder: 7474:7475 unknown command 0
[  297.194778][ T7475] binder: 7474:7475 ioctl c0306201 200000000080 returned -22
[  297.405062][ T7482] binder: 7477:7482 unknown command 0
[  297.436841][ T7482] binder: 7477:7482 ioctl c0306201 200000000080 returned -22
[  297.521403][ T7482] binder: BINDER_SET_CONTEXT_MGR already set
[  297.536949][ T7482] binder: 7477:7482 ioctl 4018620d 2000000002c0 returned -16
[  297.545663][ T7482] binder: 7477:7482 ioctl c0306201 200000000000 returned -14
[  297.905268][ T7494] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  297.935852][ T7494] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  300.300552][ T7522] loop1: detected capacity change from 0 to 256
[  300.425912][ T7525] binder: 7524:7525 unknown command 0
[  300.445057][ T7525] binder: 7524:7525 ioctl c0306201 200000000080 returned -22
[  300.504322][ T7525] binder: 7524:7525 ioctl c0306201 200000000000 returned -14
[  300.514171][ T7522] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  307.593853][ T7577] binder: 7576:7577 unknown command 0
[  307.630923][ T7577] binder: 7576:7577 ioctl c0306201 200000000080 returned -22
[  307.666475][ T7577] binder: BINDER_SET_CONTEXT_MGR already set
[  307.713546][ T7577] binder: 7576:7577 ioctl 4018620d 2000000002c0 returned -16
[  311.019699][   T26] audit: type=1326 audit(1759307383.885:139): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e662bec9 code=0x7ffc0000
[  311.182022][   T26] audit: type=1326 audit(1759307383.885:140): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7ff3e662a710 code=0x7ffc0000
[  311.454197][ T7610] loop5: detected capacity change from 0 to 128
[  311.475902][   T26] audit: type=1326 audit(1759307383.885:141): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff3e662d6f7 code=0x7ffc0000
[  311.575190][   T26] audit: type=1326 audit(1759307383.885:142): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7ff3e662bec9 code=0x7ffc0000
[  311.576822][ T7614] netlink: 'syz.3.978': attribute type 1 has an invalid length.
[  311.618522][   T26] audit: type=1326 audit(1759307383.885:143): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7ff3e662d6f7 code=0x7ffc0000
[  311.672275][   T26] audit: type=1326 audit(1759307383.885:144): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7ff3e662ab2a code=0x7ffc0000
[  311.718213][   T26] audit: type=1326 audit(1759307383.885:145): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e662bec9 code=0x7ffc0000
[  311.831385][ T7614] 8021q: adding VLAN 0 to HW filter on device bond1
[  311.883232][ T7612] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  311.967476][ T7616] bond1: (slave dummy0): making interface the new active one
[  311.975583][ T7612] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  311.992125][   T26] audit: type=1326 audit(1759307383.894:146): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7ff3e662bec9 code=0x7ffc0000
[  312.023445][   T26] audit: type=1326 audit(1759307383.894:147): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff3e662bec9 code=0x7ffc0000
[  312.046652][   T26] audit: type=1326 audit(1759307383.894:148): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7604 comm="syz.0.976" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7ff3e662bec9 code=0x7ffc0000
[  312.166405][ T7616] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  312.212838][ T4616] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  312.890115][ T7619] bond1 (unregistering): (slave dummy0): Releasing active interface
[  315.412162][ T7619] bond1 (unregistering): Released all slaves
[  315.847956][ T7637] binder: 7636:7637 unknown command 0
[  315.876144][ T7637] binder: 7636:7637 ioctl c0306201 200000000080 returned -22
[  316.489008][ T7641] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  316.522370][ T7641] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  317.396294][ T7649] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  317.408648][ T7649] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  317.701574][ T7660] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  317.716465][ T7660] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  318.145917][ T7675] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  318.155927][ T7675] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  319.009359][ T7682] binder: 7681:7682 unknown command 0
[  319.015207][ T7682] binder: 7681:7682 ioctl c0306201 200000000080 returned -22
[  319.245768][ T7686] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  319.272016][ T7686] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  320.642358][ T7706] loop2: detected capacity change from 0 to 128
[  320.708665][   T26] kauditd_printk_skb: 6 callbacks suppressed
[  320.708681][   T26] audit: type=1800 audit(1759307393.137:155): pid=7706 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1002" name="file1" dev="loop2" ino=1048644 res=0 errno=0
[  321.235219][ T7718] loop2: detected capacity change from 0 to 256
[  321.257679][ T7718] FAT-fs (loop2): Unrecognized mount option "fs" or missing value
[  321.510400][ T7723] trusted_key: encrypted_key: insufficient parameters specified
[  322.469425][ T7727] binder: 7726:7727 unknown command 0
[  322.543389][ T7735] binder: BINDER_SET_CONTEXT_MGR already set
[  322.554687][ T7727] binder: 7726:7727 ioctl c0306201 200000000080 returned -22
[  322.588646][ T7735] binder: 7726:7735 ioctl 4018620d 200000000100 returned -16
[  322.607908][ T7727] binder: BINDER_SET_CONTEXT_MGR already set
[  322.646217][ T7729] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  322.655048][ T7729] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  322.671210][ T7727] binder: 7726:7727 ioctl 4018620d 2000000002c0 returned -16
[  322.690414][ T7735] binder: 7726:7735 ioctl c0306201 200000000000 returned -14
[  322.775907][ T7732] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  322.806292][ T7732] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  326.989025][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  326.995577][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  327.591167][ T7777] trusted_key: encrypted_key: insufficient parameters specified
[  328.162930][ T7779] binder: 7778:7779 unknown command 0
[  328.218580][ T7780] binder: BINDER_SET_CONTEXT_MGR already set
[  328.224746][ T7780] binder: 7778:7780 ioctl 4018620d 200000000100 returned -16
[  328.234652][ T7780] binder: BINDER_SET_CONTEXT_MGR already set
[  328.235535][ T7779] binder: 7778:7779 ioctl c0306201 200000000080 returned -22
[  328.240805][ T7780] binder: 7778:7780 ioctl 4018620d 2000000002c0 returned -16
[  328.257876][ T7780] binder: 7778:7780 ioctl c0306201 200000000000 returned -14
[  328.294866][ T7782] netlink: 88 bytes leftover after parsing attributes in process `syz.3.1025'.
[  328.623254][ T7784] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  328.643339][ T7784] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  328.659929][ T7797] loop5: detected capacity change from 0 to 256
[  331.064038][ T7813] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0
[  331.247461][ T7809] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  331.350491][ T7809] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  331.765465][ T7827] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1036'.
[  331.904777][ T7829] trusted_key: encrypted_key: insufficient parameters specified
[  332.591707][ T7833] binder: 7830:7833 unknown command 0
[  332.626095][ T7833] binder: 7830:7833 ioctl c0306201 200000000080 returned -22
[  332.703937][ T7833] binder: BINDER_SET_CONTEXT_MGR already set
[  332.750834][ T7833] binder: 7830:7833 ioctl 4018620d 200000000100 returned -16
[  332.792802][ T7833] binder: BINDER_SET_CONTEXT_MGR already set
[  332.849636][ T7843] loop2: detected capacity change from 0 to 256
[  332.857740][ T7833] binder: 7830:7833 ioctl 4018620d 2000000002c0 returned -16
[  332.890034][ T7833] binder: 7830:7833 ioctl c0306201 200000000000 returned -14
[  332.912536][ T7843] FAT-fs (loop2): Unrecognized mount option "fs" or missing value
[  335.809645][ T7864] netlink: 88 bytes leftover after parsing attributes in process `syz.2.1047'.
[  336.170580][ T7878] trusted_key: encrypted_key: insufficient parameters specified
[  336.928805][ T7890] loop5: detected capacity change from 0 to 256
[  336.958633][ T7885] binder: 7884:7885 ioctl c0306201 200000000000 returned -14
[  337.263835][ T7887] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  337.290260][ T7887] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  338.791959][ T7914] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1060'.
[  339.241026][ T7925] trusted_key: encrypted_key: insufficient parameters specified
[  339.803571][ T7897] loop2: detected capacity change from 0 to 32768
[  340.141877][ T7937] binder: BINDER_SET_CONTEXT_MGR already set
[  340.184733][ T7931] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  340.209301][ T7937] binder: 7936:7937 ioctl 4018620d 200000000100 returned -16
[  340.217595][ T7931] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  340.250819][ T7938] binder: 7936:7938 ioctl c0306201 200000000000 returned -14
[  340.437187][ T7941] loop3: detected capacity change from 0 to 256
[  340.480356][ T7941] FAT-fs (loop3): Unrecognized mount option "fs" or missing value
[  342.034452][ T7954] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1074'.
[  343.255090][ T7976] binder: BINDER_SET_CONTEXT_MGR already set
[  343.276747][ T7976] binder: 7975:7976 ioctl 4018620d 200000000100 returned -16
[  343.355997][ T7976] binder: 7975:7976 ioctl c0306201 200000000000 returned -14
[  345.179679][ T7973] loop1: detected capacity change from 0 to 32768
[  346.724411][ T8023] binder: BINDER_SET_CONTEXT_MGR already set
[  346.764375][ T8023] binder: 8022:8023 ioctl 4018620d 200000000100 returned -16
[  346.779221][ T8023] binder: BINDER_SET_CONTEXT_MGR already set
[  346.779276][ T8023] binder: 8022:8023 ioctl 4018620d 2000000002c0 returned -16
[  346.779491][ T8023] binder: 8022:8023 ioctl c0306201 200000000000 returned -14
[  346.997007][ T8030] loop1: detected capacity change from 0 to 256
[  347.013408][ T8030] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  347.663389][ T8034] netlink: 52 bytes leftover after parsing attributes in process `syz.0.1096'.
[  347.786107][ T8036] loop3: detected capacity change from 0 to 128
[  347.903845][   T26] audit: type=1800 audit(1759307418.574:156): pid=8036 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1097" name="file1" dev="loop3" ino=1048645 res=0 errno=0
[  348.639308][ T8046] loop5: detected capacity change from 0 to 32768
[  350.552437][ T8076] netlink: 52 bytes leftover after parsing attributes in process `syz.5.1109'.
[  350.579685][ T8076] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1109'.
[  350.601179][ T8068] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  350.626460][ T8068] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  351.774014][ T8094] loop3: detected capacity change from 0 to 64
[  353.553700][ T4234] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  353.706813][   T26] audit: type=1326 audit(1759307424.000:157): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  353.739348][   T26] audit: type=1326 audit(1759307424.000:158): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  353.937741][ T4234] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  354.003271][ T4234] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  354.042682][   T26] audit: type=1326 audit(1759307424.000:159): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fca766b4710 code=0x7ffc0000
[  354.131481][ T4234] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  354.196662][ T8132] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0
[  354.342403][ T4234] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  354.396737][ T8115] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  354.464711][   T26] audit: type=1326 audit(1759307424.000:160): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fca766b76f7 code=0x7ffc0000
[  354.556695][   T26] audit: type=1326 audit(1759307424.000:161): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  354.598432][   T26] audit: type=1326 audit(1759307424.000:162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fca766b76f7 code=0x7ffc0000
[  354.626733][   T26] audit: type=1326 audit(1759307424.000:163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fca766b4b2a code=0x7ffc0000
[  354.726147][   T26] audit: type=1326 audit(1759307424.000:164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  354.912901][   T26] audit: type=1326 audit(1759307424.000:165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  355.037368][   T26] audit: type=1326 audit(1759307424.009:166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8121 comm="syz.3.1125" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  355.922817][ T6237] Bluetooth: hci1: command 0x0406 tx timeout
[  355.950170][ T8156] loop1: detected capacity change from 0 to 256
[  356.012408][ T8156] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  356.236808][ T4322] usb 6-1: USB disconnect, device number 8
[  358.351926][ T8191] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0
[  360.243418][ T8219] loop1: detected capacity change from 0 to 256
[  360.338669][ T8219] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  364.221059][ T8263] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  364.231816][ T8263] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  365.667954][ T8296] IPVS: sync thread started: state = MASTER, mcast_ifn = geneve0, syncid = 2, id = 0
[  366.574133][ T8302] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  366.669974][ T8302] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  368.276194][ T8329] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  368.284664][ T8329] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  368.448599][ T8347] binder: 8346:8347 unknown command 0
[  368.470251][ T8347] binder: 8346:8347 ioctl c0306201 200000000080 returned -22
[  368.503334][ T8347] binder: 8346:8347 ioctl c0306201 200000000000 returned -14
[  368.514057][ T8349] loop3: detected capacity change from 0 to 64
[  368.585994][ T8349] MINIX-fs: deleted inode referenced: 6
[  368.605579][ T8349] MINIX-fs: deleted inode referenced: 6
[  368.628050][ T8349] MINIX-fs: deleted inode referenced: 6
[  368.654941][ T8349] MINIX-fs: deleted inode referenced: 6
[  372.105119][ T8394] binder: 8393:8394 unknown command 0
[  372.126210][ T8396] loop3: detected capacity change from 0 to 64
[  372.132858][ T8394] binder: 8393:8394 ioctl c0306201 200000000080 returned -22
[  372.170201][ T8381] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  372.190066][ T8381] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  372.199767][ T8396] MINIX-fs: deleted inode referenced: 6
[  372.211789][ T8394] binder: 8393:8394 ioctl c0306201 200000000000 returned -14
[  372.215200][ T8396] MINIX-fs: deleted inode referenced: 6
[  372.232864][ T8396] MINIX-fs: deleted inode referenced: 6
[  372.253866][ T8396] MINIX-fs: deleted inode referenced: 6
[  374.459492][ T8437] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  374.533849][ T8450] binder: 8449:8450 unknown command 0
[  374.539465][ T8450] binder: 8449:8450 ioctl c0306201 200000000080 returned -22
[  374.551307][ T8450] binder: 8449:8450 ioctl c0306201 200000000000 returned -14
[  374.552924][ T8437] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  375.133109][ T8459] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  375.197127][ T8459] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  377.629300][ T8492] binder: 8491:8492 unknown command 0
[  377.635248][ T8492] binder: 8491:8492 ioctl c0306201 200000000080 returned -22
[  377.645907][ T8492] binder: 8491:8492 ioctl c0306201 200000000000 returned -14
[  377.952204][   T26] kauditd_printk_skb: 38 callbacks suppressed
[  377.952221][   T26] audit: type=1326 audit(1759307446.686:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5507eec9 code=0x7ffc0000
[  378.046960][   T26] audit: type=1326 audit(1759307446.686:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5507eec9 code=0x7ffc0000
[  378.100348][   T26] audit: type=1326 audit(1759307446.686:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f1d5507d710 code=0x7ffc0000
[  378.152902][   T26] audit: type=1326 audit(1759307446.686:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f1d550806f7 code=0x7ffc0000
[  378.197808][   T26] audit: type=1326 audit(1759307446.686:209): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f1d5507eec9 code=0x7ffc0000
[  378.252654][   T26] audit: type=1326 audit(1759307446.714:210): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7f1d550806f7 code=0x7ffc0000
[  378.310635][   T26] audit: type=1326 audit(1759307446.714:211): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7f1d5507db2a code=0x7ffc0000
[  378.374811][   T26] audit: type=1326 audit(1759307446.714:212): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5507eec9 code=0x7ffc0000
[  378.419491][   T26] audit: type=1326 audit(1759307446.714:213): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f1d5507eec9 code=0x7ffc0000
[  378.462759][   T26] audit: type=1326 audit(1759307446.714:214): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.1222" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7f1d5507eec9 code=0x7ffc0000
[  378.579011][ T8511] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  378.610259][ T8511] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  380.046392][ T8529] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  380.055547][ T8529] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  380.675166][ T8536] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  380.836894][ T8536] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  382.334800][ T8569] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  382.385651][ T8569] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  382.606624][ T8575] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  382.657755][ T8575] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  384.217972][ T8599] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  384.226094][ T8599] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  384.267086][   T26] kauditd_printk_skb: 37 callbacks suppressed
[  384.290414][   T26] audit: type=1326 audit(1759307452.599:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  384.390429][   T26] audit: type=1326 audit(1759307452.599:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  384.536944][   T26] audit: type=1326 audit(1759307452.599:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b2710 code=0x7ffc0000
[  385.279620][   T26] audit: type=1326 audit(1759307452.599:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  385.418475][   T26] audit: type=1326 audit(1759307452.599:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  385.643527][   T26] audit: type=1326 audit(1759307452.599:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  385.713660][   T26] audit: type=1326 audit(1759307452.599:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde1b8b2b2a code=0x7ffc0000
[  385.787849][   T26] audit: type=1326 audit(1759307452.599:259): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  386.509131][   T26] audit: type=1326 audit(1759307452.599:260): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  386.957725][   T26] audit: type=1326 audit(1759307452.599:261): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8602 comm="syz.5.1254" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  388.665034][ T8664] loop1: detected capacity change from 0 to 128
[  391.309047][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  391.712643][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  391.757279][ T8675] binder: 8674:8675 ioctl 4018620d 0 returned -22
[  391.905690][ T8675] binder: 8674:8675 ioctl c0306201 200000000000 returned -14
[  392.780270][ T8696] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1281'.
[  394.219597][ T8724] binder: 8719:8724 unknown command 0
[  395.582726][ T8724] binder: 8719:8724 ioctl c0306201 200000000080 returned -22
[  395.668526][ T8724] binder: 8719:8724 ioctl c0306201 200000000000 returned -14
[  396.049378][ T8739] netlink: 88 bytes leftover after parsing attributes in process `syz.5.1293'.
[  400.527881][ T8778] binder: 8776:8778 ioctl 4018620d 0 returned -22
[  400.575106][ T8778] binder: 8776:8778 ioctl c0306201 200000000000 returned -14
[  400.736068][ T8785] netlink: 88 bytes leftover after parsing attributes in process `syz.1.1305'.
[  400.774204][ T8780] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  400.841642][ T8780] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  405.598869][ T8840] binder: 8838:8840 ioctl 4018620d 0 returned -22
[  405.606723][ T8840] binder: 8838:8840 unknown command 0
[  405.612719][ T8840] binder: 8838:8840 ioctl c0306201 200000000080 returned -22
[  405.772324][ T8840] binder: BINDER_SET_CONTEXT_MGR already set
[  405.834533][ T8840] binder: 8838:8840 ioctl 4018620d 2000000002c0 returned -16
[  405.875247][ T8845] binder: 8838:8845 ioctl c0306201 200000000000 returned -14
[  406.258086][ T8851] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  406.305780][ T8851] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  408.696596][ T8873] binder: 8872:8873 ioctl c0306201 0 returned -14
[  410.146528][ T8896] binder: 8895:8896 ioctl 4018620d 0 returned -22
[  410.171065][ T8896] binder: 8895:8896 unknown command 0
[  410.201651][ T8896] binder: 8895:8896 ioctl c0306201 200000000080 returned -22
[  410.251555][ T8896] binder: 8895:8896 ioctl c0306201 200000000000 returned -14
[  415.042609][ T8945] binder: 8944:8945 ioctl c0306201 0 returned -14
[  415.120010][ T8941] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  415.129280][ T8941] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  418.922357][ T8987] loop3: detected capacity change from 0 to 256
[  419.005220][ T8987] FAT-fs (loop3): Unrecognized mount option "fs" or missing value
[  419.038871][ T8988] binder: 8983:8988 ioctl c0306201 0 returned -14
[  423.276095][ T9009] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  423.286471][ T9009] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  424.568093][ T9040] loop5: detected capacity change from 0 to 256
[  432.112436][ T9096] loop1: detected capacity change from 0 to 256
[  432.168460][ T9096] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  436.721305][ T9139] loop1: detected capacity change from 0 to 256
[  436.854156][ T9139] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  437.386118][ T9135] loop2: detected capacity change from 0 to 32768
[  438.059095][ T9146] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  438.115443][ T9146] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  442.574217][ T9181] loop3: detected capacity change from 0 to 256
[  442.607230][ T9181] FAT-fs (loop3): Unrecognized mount option "fs" or missing value
[  443.678514][ T9192] loop2: detected capacity change from 0 to 32768
[  444.404592][ T9206] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  444.443079][ T9206] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  448.924950][ T9232] loop1: detected capacity change from 0 to 256
[  449.504742][ T9232] FAT-fs (loop1): Unrecognized mount option "fs" or missing value
[  450.229535][ T9238] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1430'.
[  452.582432][    T7] Bluetooth: hci0: command 0x0c1a tx timeout
[  454.768953][    T7] Bluetooth: hci0: command 0x0406 tx timeout
[  455.036927][ T9306] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  455.059372][ T9306] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  456.875544][ T1422] ieee802154 phy0 wpan0: encryption failed: -22
[  456.882067][ T1422] ieee802154 phy1 wpan1: encryption failed: -22
[  458.017464][ T9339] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1456'.
[  458.506263][ T9348] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  458.538447][ T9348] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  459.404814][ T9350] bridge0: port 2(bridge_slave_1) entered disabled state
[  459.412873][ T9350] bridge0: port 1(bridge_slave_0) entered disabled state
[  460.098776][ T9361] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  460.106939][ T9361] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  460.368302][ T9350] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  460.430821][ T9350] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  460.944490][ T9350] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  460.954601][ T9350] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  460.964045][ T9350] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  460.974190][ T9350] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  461.311089][   T26] kauditd_printk_skb: 14 callbacks suppressed
[  461.311106][   T26] audit: type=1326 audit(1759307524.680:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9369 comm="syz.5.1463" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x0
[  461.788277][ T9378] binder: 9372:9378 ioctl c0306201 200000000000 returned -14
[  462.309161][ T9386] device syzkaller0 entered promiscuous mode
[  463.471161][ T9373] loop5: detected capacity change from 0 to 32768
[  463.525338][ T9373] /dev/loop5: Can't open blockdev
[  465.477546][ T9415] bridge0: port 2(bridge_slave_1) entered disabled state
[  465.485930][ T9415] bridge0: port 1(bridge_slave_0) entered disabled state
[  465.923600][ T9415] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  465.976416][ T9415] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  466.450381][ T9415] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.460451][ T9415] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.469757][ T9415] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.478927][ T9415] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  466.628105][ T9434] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1478'.
[  466.661961][ T9434] netlink: 28 bytes leftover after parsing attributes in process `syz.5.1478'.
[  467.433613][ T9442] bridge0: port 2(bridge_slave_1) entered disabled state
[  467.441653][ T9442] bridge0: port 1(bridge_slave_0) entered disabled state
[  467.955526][ T9442] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  468.014682][ T9442] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  468.529736][ T9442] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  468.540028][ T9442] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  468.549143][ T9442] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  468.559391][ T9442] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  468.691426][ T9459] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1484'.
[  468.713189][ T9459] netlink: 28 bytes leftover after parsing attributes in process `syz.0.1484'.
[  470.826299][ T9472] tipc: Started in network mode
[  470.853177][ T9472] tipc: Node identity 760cf5679b0d, cluster identity 4711
[  470.886638][ T9472] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  470.944944][ T9472] tipc: Resetting bearer <eth:syzkaller0>
[  470.979105][ T9475] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  470.993487][ T9475] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  471.105727][ T9471] tipc: Disabling bearer <eth:syzkaller0>
[  471.167942][ T9481] binder: 9480:9481 unknown command 0
[  471.186373][ T9481] binder: 9480:9481 ioctl c0306201 200000000080 returned -22
[  471.201709][ T9481] binder: 9480:9481 ioctl c0306201 0 returned -14
[  471.232180][ T9481] binder: 9480:9481 ioctl c0306201 200000000000 returned -14
[  471.414086][   T26] audit: type=1326 audit(1759307534.129:277): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  471.484682][   T26] audit: type=1326 audit(1759307534.166:278): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  471.646139][   T26] audit: type=1326 audit(1759307534.175:279): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fca766b4710 code=0x7ffc0000
[  471.744560][   T26] audit: type=1326 audit(1759307534.175:280): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fca766b76f7 code=0x7ffc0000
[  471.797748][   T26] audit: type=1326 audit(1759307534.175:281): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  471.884961][   T26] audit: type=1326 audit(1759307534.175:282): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fca766b76f7 code=0x7ffc0000
[  471.958844][   T26] audit: type=1326 audit(1759307534.185:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fca766b4b2a code=0x7ffc0000
[  472.062660][   T26] audit: type=1326 audit(1759307534.185:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  472.132865][   T26] audit: type=1326 audit(1759307534.185:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  472.210553][   T26] audit: type=1326 audit(1759307534.213:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9467 comm="syz.3.1489" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  472.235824][ T9491] bridge0: port 2(bridge_slave_1) entered disabled state
[  472.243318][ T9491] bridge0: port 1(bridge_slave_0) entered disabled state
[  475.623842][ T9491] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  475.711916][ T9491] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  476.191190][ T9491] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  476.200232][ T9491] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  476.209565][ T9491] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  476.218977][ T9491] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  476.376055][ T9499] device vlan2 entered promiscuous mode
[  476.398783][ T9500] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1497'.
[  476.476095][ T9506] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1500'.
[  476.618873][ T9521] binder: 9520:9521 unknown command 0
[  476.635505][ T9521] binder: 9520:9521 ioctl c0306201 200000000080 returned -22
[  476.932985][ T9526] binder: 9520:9526 ioctl c0306201 0 returned -14
[  478.187026][ T9521] binder: 9520:9521 ioctl c0306201 200000000000 returned -14
[  478.273360][ T9523] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  478.315517][ T9523] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  478.489556][ T9535] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  478.497615][ T9535] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  479.527531][   T26] kauditd_printk_skb: 10 callbacks suppressed
[  479.527547][   T26] audit: type=1326 audit(1759307541.716:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  479.608341][   T26] audit: type=1326 audit(1759307541.744:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b2710 code=0x7ffc0000
[  479.719656][   T26] audit: type=1326 audit(1759307541.744:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  479.802366][ T9562] netlink: 'syz.3.1513': attribute type 13 has an invalid length.
[  479.816210][ T9562] netlink: 'syz.3.1513': attribute type 17 has an invalid length.
[  479.824026][   T26] audit: type=1326 audit(1759307541.744:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  479.926179][   T26] audit: type=1326 audit(1759307541.744:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  480.003608][   T26] audit: type=1326 audit(1759307541.744:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde1b8b2b2a code=0x7ffc0000
[  480.106887][   T26] audit: type=1326 audit(1759307541.744:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  480.214224][   T26] audit: type=1326 audit(1759307541.744:304): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  480.293481][ T9562] 8021q: adding VLAN 0 to HW filter on device bond0
[  480.330051][   T26] audit: type=1326 audit(1759307541.744:305): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  480.330671][ T9562] 8021q: adding VLAN 0 to HW filter on device team0
[  480.446808][   T26] audit: type=1326 audit(1759307541.744:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9547 comm="syz.5.1510" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  480.627140][ T9562] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  480.727130][ T9571] netlink: 'syz.1.1514': attribute type 13 has an invalid length.
[  480.788264][ T9571] netlink: 'syz.1.1514': attribute type 17 has an invalid length.
[  480.840255][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  480.915148][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  480.937701][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  480.976027][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  481.011933][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  481.070569][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  481.086840][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  481.145877][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  481.163651][ T9588] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  481.175936][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  481.184912][ T9588] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  481.260441][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  481.278976][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  481.338792][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  481.353777][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  481.396395][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  481.504179][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  481.548040][ T9571] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  481.590816][ T9571] 8021q: adding VLAN 0 to HW filter on device bond0
[  481.621503][ T9571] 8021q: adding VLAN 0 to HW filter on device team0
[  481.683069][ T9571] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  481.700191][ T9595] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  481.712030][ T9599] binder: 9598:9599 unknown command 0
[  481.725144][ T9599] binder: 9598:9599 ioctl c0306201 200000000080 returned -22
[  481.739235][ T9595] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  481.797951][ T9599] binder: BINDER_SET_CONTEXT_MGR already set
[  481.859027][ T9599] binder: 9598:9599 ioctl 4018620d 200000000100 returned -16
[  481.913211][ T9601] binder: 9598:9601 ioctl c0306201 0 returned -14
[  481.935455][ T9599] binder: 9598:9599 ioctl c0306201 200000000000 returned -14
[  483.526716][ T9617] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  483.544492][ T9617] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  484.174476][ T9629] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  484.193812][ T9629] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  484.693011][ T9646] binder: 9644:9646 unknown command 0
[  484.713197][ T9646] binder: 9644:9646 ioctl c0306201 200000000080 returned -22
[  484.738936][ T9646] binder: 9644:9646 ioctl c0306201 200000000000 returned -14
[  485.124679][ T9652] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  485.144478][ T9652] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  485.168355][ T9658] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  485.229584][   T26] kauditd_printk_skb: 8 callbacks suppressed
[  485.229602][   T26] audit: type=1326 audit(1759307547.048:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  485.341860][   T26] audit: type=1326 audit(1759307547.048:316): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  485.453135][   T26] audit: type=1326 audit(1759307547.095:317): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fca766b4710 code=0x7ffc0000
[  485.554252][ T9665] netlink: 'syz.5.1538': attribute type 13 has an invalid length.
[  485.573569][ T9665] netlink: 'syz.5.1538': attribute type 17 has an invalid length.
[  485.584211][   T26] audit: type=1326 audit(1759307547.095:318): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fca766b76f7 code=0x7ffc0000
[  485.780515][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  485.913239][   T26] audit: type=1326 audit(1759307547.095:319): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  485.958608][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  486.070101][   T26] audit: type=1326 audit(1759307547.095:320): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fca766b76f7 code=0x7ffc0000
[  486.129561][   T26] audit: type=1326 audit(1759307547.095:321): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fca766b4b2a code=0x7ffc0000
[  486.167577][   T26] audit: type=1326 audit(1759307547.095:322): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  486.198697][   T26] audit: type=1326 audit(1759307547.095:323): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  487.628322][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  487.650793][ T9665] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  487.655336][   T26] audit: type=1326 audit(1759307547.104:324): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9632 comm="syz.3.1529" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fca766b5ec9 code=0x7ffc0000
[  487.682806][ T9665] 8021q: adding VLAN 0 to HW filter on device bond0
[  487.876085][ T9665] 8021q: adding VLAN 0 to HW filter on device team0
[  487.902239][ T9665] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  487.924551][ T9667] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  488.092269][ T9673] tipc: Disabling bearer <eth:syzkaller0>
[  488.336126][ T9690] netlink: 'syz.0.1545': attribute type 13 has an invalid length.
[  488.382214][ T9690] netlink: 'syz.0.1545': attribute type 17 has an invalid length.
[  488.567366][ T9690] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  488.599713][ T9690] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  488.696291][ T9693] device syzkaller0 entered promiscuous mode
[  488.736817][ T9695] tipc: Started in network mode
[  488.761259][ T9695] tipc: Node identity 8ef630a44da, cluster identity 4711
[  488.806259][ T9695] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  488.896426][ T9693] tipc: Resetting bearer <eth:syzkaller0>
[  488.913626][ T9700] sch_tbf: burst 274 is lower than device lo mtu (65550) !
[  488.948043][ T9692] tipc: Resetting bearer <eth:syzkaller0>
[  489.016206][ T9692] tipc: Disabling bearer <eth:syzkaller0>
[  489.142891][ T9701] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  489.153758][ T9704] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  489.188278][ T9701] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  489.208322][ T9704] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  489.460563][ T9713] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  489.489313][ T9713] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  489.540121][ T9719] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  489.594721][ T9719] device syzkaller0 entered promiscuous mode
[  489.646720][ T9719] tipc: Resetting bearer <eth:syzkaller0>
[  489.672438][ T9717] tipc: Resetting bearer <eth:syzkaller0>
[  489.712662][ T9717] tipc: Disabling bearer <eth:syzkaller0>
[  490.578128][   T26] kauditd_printk_skb: 15 callbacks suppressed
[  490.578196][   T26] audit: type=1326 audit(1759307551.988:340): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  491.112318][   T26] audit: type=1326 audit(1759307551.997:341): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b2710 code=0x7ffc0000
[  491.261961][   T26] audit: type=1326 audit(1759307551.997:342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  491.313118][   T26] audit: type=1326 audit(1759307551.997:343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  491.389880][   T26] audit: type=1326 audit(1759307551.997:344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  491.455943][   T26] audit: type=1326 audit(1759307551.997:345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde1b8b2b2a code=0x7ffc0000
[  491.539546][   T26] audit: type=1326 audit(1759307551.997:346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  491.636671][   T26] audit: type=1326 audit(1759307551.997:347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  491.709067][   T26] audit: type=1326 audit(1759307552.006:348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  491.873514][   T26] audit: type=1326 audit(1759307552.006:349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9732 comm="syz.5.1557" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  491.908920][ T9761] device syzkaller0 entered promiscuous mode
[  491.997917][ T9756] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  492.020094][ T9756] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  492.224926][ T9764] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1566'.
[  492.342025][ T9764] device hsr_slave_1 left promiscuous mode
[  493.696900][ T9785] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  493.721986][ T9785] device syzkaller0 entered promiscuous mode
[  493.740614][ T9789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1575'.
[  493.767208][ T9789] netlink: 28 bytes leftover after parsing attributes in process `syz.2.1575'.
[  493.824833][ T9784] tipc: Resetting bearer <eth:syzkaller0>
[  493.881603][ T9784] tipc: Disabling bearer <eth:syzkaller0>
[  494.467970][ T9779] loop3: detected capacity change from 0 to 32768
[  494.566783][ T9779] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.1573 (9779)
[  494.745352][ T9779] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[  494.777727][ T9783] loop1: detected capacity change from 0 to 32768
[  494.799129][ T9779] BTRFS info (device loop3): setting nodatasum
[  494.837867][ T9779] BTRFS info (device loop3): force zlib compression, level 3
[  494.882315][ T9779] BTRFS info (device loop3): enabling ssd optimizations
[  494.907542][ T9779] BTRFS info (device loop3): allowing degraded mounts
[  494.930178][ T9783] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  494.948939][ T9779] BTRFS info (device loop3): using free space tree
[  494.971143][ T9779] BTRFS info (device loop3): has skinny extents
[  494.994853][ T9783] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  495.171386][ T9808] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  495.203498][ T9783] gfs2: fsid=syz:syz.0: journal 0 mapped with 7 extents in 0ms
[  495.299718][ T9426] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  495.373953][ T9426] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  495.667401][ T9426] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 274ms
[  495.712412][ T9426] gfs2: fsid=syz:syz.0: jid=0: Done
[  495.731571][ T9783] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  495.805111][ T9783] gfs2: fsid=syz:syz.0: fatal: invalid metadata block
[  495.805111][ T9783]   bh = 18 (type: exp=2, found=5)
[  495.805111][ T9783]   function = gfs2_rgrp_bh_get, file = fs/gfs2/rgrp.c, line = 1224
[  495.907048][ T9783] gfs2: fsid=syz:syz.0: about to withdraw this file system
[  495.979359][ T9783] gfs2: fsid=syz:syz.0: Journal recovery skipped for jid 0 until next mount.
[  496.008628][ T9783] gfs2: fsid=syz:syz.0: Glock dequeues delayed: 0
[  496.027312][ T9783] gfs2: fsid=syz:syz.0: File system withdrawn
[  496.033782][ T9783] CPU: 0 PID: 9783 Comm: syz.1.1571 Not tainted syzkaller #0
[  496.041289][ T9783] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  496.051637][ T9783] Call Trace:
[  496.055057][ T9783]  <TASK>
[  496.058101][ T9783]  dump_stack_lvl+0x168/0x230
[  496.062799][ T9783]  ? kobject_uevent_env+0x371/0x890
[  496.068110][ T9783]  ? show_regs_print_info+0x20/0x20
[  496.073510][ T9783]  ? load_image+0x3b0/0x3b0
[  496.078385][ T9783]  ? kobject_uevent_env+0x371/0x890
[  496.083595][ T9783]  ? lockref_put_or_lock+0x6e/0xb0
[  496.088734][ T9783]  gfs2_withdraw+0x111b/0x1460
[  496.093629][ T9783]  ? gfs2_lm+0x220/0x220
[  496.097987][ T9783]  ? gfs2_meta_read+0x7d4/0xa50
[  496.102864][ T9783]  gfs2_metatype_check_ii+0x74/0x90
[  496.108092][ T9783]  gfs2_rgrp_bh_get+0x3a6/0x1350
[  496.113065][ T9783]  ? do_raw_spin_unlock+0x11d/0x230
[  496.118571][ T9783]  do_promote+0x741/0xab0
[  496.122946][ T9783]  finish_xmote+0x514/0xb70
[  496.127680][ T9783]  do_xmote+0x7b6/0x1120
[  496.132002][ T9783]  gfs2_glock_nq+0xc7a/0x1550
[  496.136823][ T9783]  gfs2_check_blk_type+0x2da/0x640
[  496.142084][ T9783]  ? __might_sleep+0xf0/0xf0
[  496.146732][ T9783]  ? gfs2_free_di+0x480/0x480
[  496.151692][ T9783]  ? gfs2_glock_nq+0xcb0/0x1550
[  496.156677][ T9783]  ? gfs2_check_blk_type+0x2d2/0x640
[  496.162074][ T9783]  gfs2_evict_inode+0x77b/0x11f0
[  496.167092][ T9783]  ? gfs2_drop_inode+0x290/0x290
[  496.172042][ T9783]  ? _raw_spin_unlock+0x24/0x40
[  496.177191][ T9783]  ? inode_wait_for_writeback+0x1b0/0x200
[  496.183226][ T9783]  ? gfs2_evict_inode+0x342/0x11f0
[  496.188400][ T9783]  ? bit_waitqueue+0x30/0x30
[  496.193021][ T9783]  ? do_raw_spin_unlock+0x11d/0x230
[  496.198228][ T9783]  ? gfs2_drop_inode+0x290/0x290
[  496.203454][ T9783]  evict+0x485/0x870
[  496.207427][ T9783]  ? __lock_acquire+0x7c60/0x7c60
[  496.212579][ T9783]  ? proc_nr_inodes+0x320/0x320
[  496.217552][ T9783]  ? do_raw_spin_unlock+0x11d/0x230
[  496.222848][ T9783]  ? _raw_spin_unlock+0x24/0x40
[  496.227707][ T9783]  ? iput+0x706/0x8a0
[  496.231702][ T9783]  init_per_node+0x244/0x3d0
[  496.236437][ T9783]  ? init_inodes+0x320/0x320
[  496.241145][ T9783]  ? init_inodes+0x26a/0x320
[  496.245839][ T9783]  gfs2_fill_super+0x1726/0x1f50
[  496.250892][ T9783]  ? gfs2_reconfigure+0xcd0/0xcd0
[  496.256227][ T9783]  ? gfs2_glock_nq_num+0x82/0x1b0
[  496.261270][ T9783]  ? preempt_count_add+0x8d/0x190
[  496.266321][ T9783]  ? sb_set_blocksize+0xa5/0xe0
[  496.271183][ T9783]  get_tree_bdev+0x3f1/0x610
[  496.275806][ T9783]  ? gfs2_reconfigure+0xcd0/0xcd0
[  496.280959][ T9783]  gfs2_get_tree+0x4d/0x1e0
[  496.285500][ T9783]  vfs_get_tree+0x88/0x270
[  496.290041][ T9783]  do_new_mount+0x24a/0xa40
[  496.294568][ T9783]  __se_sys_mount+0x2d6/0x3c0
[  496.299546][ T9783]  ? __x64_sys_mount+0xc0/0xc0
[  496.304516][ T9783]  ? lockdep_hardirqs_on+0x94/0x140
[  496.310159][ T9783]  ? __x64_sys_mount+0x1c/0xc0
[  496.314966][ T9783]  do_syscall_64+0x4c/0xa0
[  496.319509][ T9783]  ? clear_bhb_loop+0x30/0x80
[  496.324197][ T9783]  ? clear_bhb_loop+0x30/0x80
[  496.329008][ T9783]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  496.335031][ T9783] RIP: 0033:0x7f1d5508066a
[  496.339542][ T9783] Code: d8 64 89 02 48 c7 c0 ff ff ff ff eb a6 e8 de 1a 00 00 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  496.359446][ T9783] RSP: 002b:00007f1d532c4e68 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  496.368012][ T9783] RAX: ffffffffffffffda RBX: 00007f1d532c4ef0 RCX: 00007f1d5508066a
[  496.376119][ T9783] RDX: 0000200000000000 RSI: 00002000000002c0 RDI: 00007f1d532c4eb0
[  496.384255][ T9783] RBP: 0000200000000000 R08: 00007f1d532c4ef0 R09: 0000000000000000
[  496.392451][ T9783] R10: 0000000000000000 R11: 0000000000000246 R12: 00002000000002c0
[  496.400536][ T9783] R13: 00007f1d532c4eb0 R14: 00000000000126a0 R15: 00002000000003c0
[  496.408717][ T9783]  </TASK>
[  496.488108][ T9783] gfs2: fsid=syz:syz.0: can't lock local "qc" file: -5
[  498.058261][   T26] kauditd_printk_skb: 27 callbacks suppressed
[  498.058472][   T26] audit: type=1326 audit(1759307559.023:377): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  498.834501][   T26] audit: type=1326 audit(1759307559.023:378): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b2710 code=0x7ffc0000
[  498.897299][   T26] audit: type=1326 audit(1759307559.032:379): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  498.965922][   T26] audit: type=1326 audit(1759307559.032:380): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  499.030241][   T26] audit: type=1326 audit(1759307559.032:381): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  499.124505][   T26] audit: type=1326 audit(1759307559.032:382): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde1b8b2b2a code=0x7ffc0000
[  499.221994][   T26] audit: type=1326 audit(1759307559.032:383): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  499.265308][ T9870] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  499.288977][ T9870] device syzkaller0 entered promiscuous mode
[  499.328483][   T26] audit: type=1326 audit(1759307559.032:384): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  499.380200][ T9870] tipc: Resetting bearer <eth:syzkaller0>
[  499.433181][   T26] audit: type=1326 audit(1759307559.032:385): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  499.463780][ T9873] loop2: detected capacity change from 0 to 128
[  499.505867][   T26] audit: type=1326 audit(1759307559.032:386): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9843 comm="syz.5.1586" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  499.536815][ T9869] tipc: Resetting bearer <eth:syzkaller0>
[  499.571302][ T9873] EXT4-fs (loop2): Ignoring removed nobh option
[  499.621760][ T9869] tipc: Disabling bearer <eth:syzkaller0>
[  499.643352][ T9873] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  500.928421][ T9873] ext4 filesystem being mounted at /306/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  502.196115][ T9880] device syzkaller0 entered promiscuous mode
[  504.871163][   T26] kauditd_printk_skb: 8 callbacks suppressed
[  504.871309][   T26] audit: type=1326 audit(1759307565.403:395): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  505.570625][   T26] audit: type=1326 audit(1759307565.403:396): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b2710 code=0x7ffc0000
[  505.746007][   T26] audit: type=1326 audit(1759307565.403:397): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  505.845030][   T26] audit: type=1326 audit(1759307565.403:398): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  505.932882][ T9900] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  505.951958][   T26] audit: type=1326 audit(1759307565.403:399): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=308 compat=0 ip=0x7fde1b8b56f7 code=0x7ffc0000
[  505.973081][ T9900] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  506.036592][   T26] audit: type=1326 audit(1759307565.403:400): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fde1b8b2b2a code=0x7ffc0000
[  506.115637][   T26] audit: type=1326 audit(1759307565.403:401): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  506.204904][   T26] audit: type=1326 audit(1759307565.412:402): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=49 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  508.065736][   T26] audit: type=1326 audit(1759307565.412:403): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  508.150325][   T26] audit: type=1326 audit(1759307565.412:404): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=55 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  511.894107][ T9928] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  512.049688][   T26] audit: type=1326 audit(1759307565.412:405): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.104061][ T9944] loop3: detected capacity change from 0 to 128
[  512.347658][ T9944] EXT4-fs (loop3): Ignoring removed nobh option
[  512.410553][   T26] audit: type=1326 audit(1759307565.412:406): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.434075][   T26] audit: type=1326 audit(1759307565.412:407): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.514184][ T9950] x_tables: ip6_tables: TPROXY target: used from hooks FORWARD, but only usable from PREROUTING
[  512.527177][   T26] audit: type=1326 audit(1759307565.412:408): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=271 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.573840][   T26] audit: type=1326 audit(1759307565.412:409): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.611159][ T9944] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  512.679677][ T9944] ext4 filesystem being mounted at /339/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  512.816819][   T26] audit: type=1326 audit(1759307565.412:410): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.850530][   T26] audit: type=1326 audit(1759307565.422:411): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  512.881453][   T26] audit: type=1326 audit(1759307565.422:412): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9892 comm="syz.5.1600" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fde1b8b3ec9 code=0x7ffc0000
[  514.105385][ T9956] loop1: detected capacity change from 0 to 128
[  514.230097][ T9956] EXT4-fs (loop1): Ignoring removed nobh option
[  514.503193][ T9956] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  514.522094][ T9956] ext4 filesystem being mounted at /303/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  515.391680][ T9964] loop3: detected capacity change from 0 to 128
[  515.491756][ T9964] EXT4-fs (loop3): Ignoring removed nobh option
[  516.471144][ T9964] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  516.520380][ T9964] ext4 filesystem being mounted at /341/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  516.810411][ T9954] loop2: detected capacity change from 0 to 32768
[  517.770235][ T9954] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.1614 (9954)
[  518.210063][ T9954] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  518.218985][ T9954] BTRFS info (device loop2): setting nodatasum
[  518.231170][ T9954] BTRFS info (device loop2): force zlib compression, level 3
[  518.238812][ T9954] BTRFS info (device loop2): enabling ssd optimizations
[  518.349272][ T9954] BTRFS info (device loop2): allowing degraded mounts
[  518.391581][   T27] INFO: task kworker/1:2:1111 blocked for more than 143 seconds.
[  518.456427][ T9954] BTRFS info (device loop2): using free space tree
[  518.484806][   T27]       Not tainted syzkaller #0
[  518.648988][   T27] "echo 0 > /proc/sys/kernel/hung_task_timeout_secs" disables this message.
[  518.673539][ T9954] BTRFS info (device loop2): has skinny extents
[  519.025750][   T27] task:kworker/1:2     state:D stack:25600 pid: 1111 ppid:     2 flags:0x00004000
[  519.035954][   T27] Workqueue: usb_hub_wq hub_event
[  519.041277][   T27] Call Trace:
[  519.045122][   T27]  <TASK>
[  519.048101][   T27]  __schedule+0x11bb/0x4390
[  519.052650][   T27]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  519.058857][   T27]  ? mark_lock+0x94/0x320
[  519.063241][   T27]  ? release_firmware_map_entry+0x190/0x190
[  519.085042][   T27]  ? try_to_wake_up+0x6cf/0x1050
[  519.097192][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  519.102492][   T27]  ? lockdep_hardirqs_on+0x94/0x140
[  519.200573][   T27]  schedule+0x11b/0x1e0
[  519.212424][   T27]  usb_kill_urb+0x1c6/0x2f0
[  519.228079][   T27]  ? usb_unlink_urb+0xa0/0xa0
[  519.242513][   T27]  ? _raw_spin_lock_irq+0xab/0xe0
[  519.283215][   T27]  ? init_wait_entry+0xd0/0xd0
[  519.292923][   T27]  ? usb_hcd_submit_urb+0x32c/0x19c0
[  519.328416][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  519.357567][   T27]  usb_start_wait_urb+0x189/0x4b0
[  519.391217][   T27]  ? usb_api_blocking_completion+0xb0/0xb0
[  519.398657][   T27]  ? memset+0x1e/0x40
[  519.402924][   T27]  usb_control_msg+0x22f/0x3e0
[  519.417805][ T9954] BTRFS error (device loop2): open_ctree failed: -12
[  519.434060][   T27]  hub_port_init+0xb4d/0x28f0
[  519.438946][   T27]  ? mutex_unlock+0x10/0x10
[  519.444005][   T27]  hub_event+0x29b0/0x5560
[  519.448484][   T27]  ? hub_post_resume+0x120/0x120
[  519.459662][   T27]  ? read_lock_is_recursive+0x10/0x10
[  519.465375][   T27]  ? _raw_spin_unlock_irqrestore+0xaa/0x100
[  519.477755][   T27]  ? _raw_spin_unlock+0x40/0x40
[  519.483053][   T27]  ? _raw_spin_unlock_irq+0x1f/0x40
[  519.490582][   T27]  process_one_work+0x863/0x1000
[  519.501913][   T27]  ? worker_detach_from_pool+0x240/0x240
[  519.507730][   T27]  ? lockdep_hardirqs_off+0x70/0x100
[  519.513146][   T27]  ? _raw_spin_lock_irq+0xab/0xe0
[  519.525502][   T27]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  519.531034][   T27]  ? wq_worker_running+0x97/0x170
[  519.542059][   T27]  worker_thread+0xaa8/0x12a0
[  519.546891][   T27]  kthread+0x436/0x520
[  519.551091][   T27]  ? rcu_lock_release+0x20/0x20
[  519.556077][   T27]  ? kthread_blkcg+0xd0/0xd0
[  519.566623][   T27]  ret_from_fork+0x1f/0x30
[  519.571241][   T27]  </TASK>
[  519.574591][   T27] 
[  519.574591][   T27] Showing all locks held in the system:
[  519.589361][   T27] 1 lock held by khungtaskd/27:
[  519.594360][   T27]  #0: ffffffff8c11c660 (rcu_read_lock){....}-{1:2}, at: rcu_lock_acquire+0x0/0x30
[  519.617017][   T27] 5 locks held by kworker/1:2/1111:
[  519.642175][   T27]  #0: ffff8881419d5938 ((wq_completion)usb_hub_wq){+.+.}-{0:0}, at: process_one_work+0x760/0x1000
[  519.654627][   T27]  #1: ffffc90004a37d00 ((work_completion)(&hub->events)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000
[  519.667725][   T27]  #2: ffff8880245e1220 (&dev->mutex){....}-{3:3}, at: hub_event+0x1a7/0x5560
[  519.681863][   T27]  #3: ffff8880245e45c0 (&port_dev->status_lock){+.+.}-{3:3}, at: hub_event+0x2234/0x5560
[  519.694489][   T27]  #4: ffff888024491868 (hcd->address0_mutex){+.+.}-{3:3}, at: hub_event+0x226d/0x5560
[  519.708184][   T27] 2 locks held by getty/3948:
[  519.713111][   T27]  #0: ffff88802bbee098 (&tty->ldisc_sem){++++}-{0:0}, at: tty_ldisc_ref_wait+0x21/0x70
[  519.723253][   T27]  #1: ffffc900026562e8 (&ldata->atomic_read_lock){+.+.}-{3:3}, at: n_tty_read+0x5ba/0x1a30
[  519.733554][   T27] 1 lock held by udevd/4201:
[  519.738251][   T27] 2 locks held by kworker/1:7/4268:
[  519.743487][   T27]  #0: ffff888016872138 ((wq_completion)rcu_gp){+.+.}-{0:0}, at: process_one_work+0x760/0x1000
[  519.754191][   T27]  #1: ffffc900033ffd00 ((work_completion)(&rew.rew_work)){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000
[  519.759038][ T4201] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by udevd (4201)
[  519.774635][   T27] 4 locks held by kworker/u4:13/4616:
[  519.787929][   T27]  #0: ffff8880169cd938 ((wq_completion)netns){+.+.}-{0:0}, at: process_one_work+0x760/0x1000
[  519.801624][   T27]  #1: ffffc9000349fd00 (net_cleanup_work){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000
[  519.818133][   T27]  #2: ffffffff8d22c3d0 (pernet_ops_rwsem){++++}-{3:3}, at: cleanup_net+0x132/0xb80
[  519.828095][   T27]  #3: ffffffff8c1210e8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x320/0x6b0
[  519.845715][   T27] 3 locks held by kworker/1:18/9425:
[  519.851319][   T27]  #0: ffff888016870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x760/0x1000
[  519.868405][   T27]  #1: ffffc90003be7d00 (key_gc_work){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000
[  519.882256][   T27]  #2: ffffffff8c1210e8 (rcu_state.exp_mutex){+.+.}-{3:3}, at: synchronize_rcu_expedited+0x347/0x6b0
[  519.897768][   T27] 3 locks held by kworker/0:14/9852:
[  519.907383][   T27]  #0: ffff888016870938 ((wq_completion)events){+.+.}-{0:0}, at: process_one_work+0x760/0x1000
[  519.919971][   T27]  #1: ffffc900034ffd00 (fqdir_free_work){+.+.}-{0:0}, at: process_one_work+0x7a3/0x1000
[  519.929918][   T27]  #2: ffffffff8c120ff0 (rcu_state.barrier_mutex){+.+.}-{3:3}, at: rcu_barrier+0xa1/0x4b0
[  519.940221][   T27] 
[  519.953233][   T27] =============================================
[  519.953233][   T27] 
[  519.962251][   T27] NMI backtrace for cpu 1
[  519.966872][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  519.974103][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  519.984369][   T27] Call Trace:
[  519.987670][   T27]  <TASK>
[  519.990618][   T27]  dump_stack_lvl+0x168/0x230
[  519.995437][   T27]  ? show_regs_print_info+0x20/0x20
[  520.000799][   T27]  ? load_image+0x3b0/0x3b0
[  520.005441][   T27]  ? nmi_cpu_backtrace+0x1b6/0x3d0
[  520.010596][   T27]  nmi_cpu_backtrace+0x397/0x3d0
[  520.015761][   T27]  ? nmi_trigger_cpumask_backtrace+0x280/0x280
[  520.022211][   T27]  ? _printk+0xcc/0x110
[  520.026501][   T27]  ? load_image+0x3b0/0x3b0
[  520.031249][   T27]  ? load_image+0x3b0/0x3b0
[  520.035798][   T27]  ? arch_trigger_cpumask_backtrace+0x10/0x10
[  520.042171][   T27]  nmi_trigger_cpumask_backtrace+0x163/0x280
[  520.048200][   T27]  watchdog+0xe0f/0xe50
[  520.052445][   T27]  kthread+0x436/0x520
[  520.056799][   T27]  ? hungtask_pm_notify+0x40/0x40
[  520.061981][   T27]  ? kthread_blkcg+0xd0/0xd0
[  520.066618][   T27]  ret_from_fork+0x1f/0x30
[  520.071608][   T27]  </TASK>
[  520.075216][   T27] Sending NMI from CPU 1 to CPUs 0:
[  520.080676][    C0] NMI backtrace for cpu 0
[  520.080687][    C0] CPU: 0 PID: 4631 Comm: kworker/u4:18 Not tainted syzkaller #0
[  520.080705][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  520.080715][    C0] Workqueue: bat_events batadv_nc_worker
[  520.080741][    C0] RIP: 0010:rcu_is_watching+0x36/0xa0
[  520.080760][    C0] Code: e8 df 4e 45 08 89 c3 83 f8 08 73 5c 49 bf 00 00 00 00 00 fc ff df 4c 8d 34 dd 20 28 bc 8b 4c 89 f0 48 c1 e8 03 42 80 3c 38 00 <74> 08 4c 89 f7 e8 80 83 58 00 48 c7 c3 08 b3 03 00 49 03 1e 48 89
[  520.080774][    C0] RSP: 0018:ffffc90003b4faa0 EFLAGS: 00000246
[  520.080786][    C0] RAX: 1ffffffff1778504 RBX: 0000000000000000 RCX: 8861ae9a62276b00
[  520.080798][    C0] RDX: 0000000000000000 RSI: ffffffff8a59a460 RDI: ffffffff8a59a420
[  520.080810][    C0] RBP: ffffc90003b4fbd0 R08: dffffc0000000000 R09: fffffbfff1ad323e
[  520.080822][    C0] R10: fffffbfff1ad323e R11: 1ffffffff1ad323d R12: 000000000000005a
[  520.080833][    C0] R13: dffffc0000000000 R14: ffffffff8bbc2820 R15: dffffc0000000000
[  520.080846][    C0] FS:  0000000000000000(0000) GS:ffff8880b9000000(0000) knlGS:0000000000000000
[  520.080859][    C0] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  520.080870][    C0] CR2: 00007fff24012010 CR3: 000000002a42a000 CR4: 00000000003506f0
[  520.080885][    C0] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  520.080894][    C0] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  520.080904][    C0] Call Trace:
[  520.080909][    C0]  <TASK>
[  520.080916][    C0]  lock_release+0xba/0x870
[  520.080942][    C0]  ? rcu_lock_release+0x5/0x20
[  520.080958][    C0]  ? read_lock_is_recursive+0x10/0x10
[  520.080977][    C0]  ? __lock_acquire+0x7c60/0x7c60
[  520.080995][    C0]  ? lockdep_hardirqs_on_prepare+0x3fc/0x760
[  520.081019][    C0]  batadv_nc_worker+0x25b/0x5c0
[  520.081042][    C0]  process_one_work+0x863/0x1000
[  520.081067][    C0]  ? worker_detach_from_pool+0x240/0x240
[  520.081084][    C0]  ? lockdep_hardirqs_off+0x70/0x100
[  520.081103][    C0]  ? _raw_spin_lock_irq+0xab/0xe0
[  520.081122][    C0]  ? _raw_spin_lock_irqsave+0xf0/0xf0
[  520.081142][    C0]  ? wq_worker_running+0x97/0x170
[  520.081159][    C0]  worker_thread+0xaa8/0x12a0
[  520.081190][    C0]  kthread+0x436/0x520
[  520.081205][    C0]  ? rcu_lock_release+0x20/0x20
[  520.081220][    C0]  ? kthread_blkcg+0xd0/0xd0
[  520.081236][    C0]  ret_from_fork+0x1f/0x30
[  520.081261][    C0]  </TASK>
[  520.089349][   T27] Kernel panic - not syncing: hung_task: blocked tasks
[  520.332059][   T27] CPU: 1 PID: 27 Comm: khungtaskd Not tainted syzkaller #0
[  520.339350][   T27] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  520.349590][   T27] Call Trace:
[  520.352874][   T27]  <TASK>
[  520.355850][   T27]  dump_stack_lvl+0x168/0x230
[  520.360649][   T27]  ? show_regs_print_info+0x20/0x20
[  520.365998][   T27]  ? load_image+0x3b0/0x3b0
[  520.370707][   T27]  panic+0x2c9/0x7f0
[  520.374628][   T27]  ? schedule_preempt_disabled+0x20/0x20
[  520.380265][   T27]  ? bpf_jit_dump+0xd0/0xd0
[  520.384846][   T27]  ? __irq_work_queue_local+0x12c/0x190
[  520.390413][   T27]  ? nmi_trigger_cpumask_backtrace+0x260/0x280
[  520.396692][   T27]  watchdog+0xe4e/0xe50
[  520.400935][   T27]  kthread+0x436/0x520
[  520.405029][   T27]  ? hungtask_pm_notify+0x40/0x40
[  520.410387][   T27]  ? kthread_blkcg+0xd0/0xd0
[  520.414998][   T27]  ret_from_fork+0x1f/0x30
[  520.419453][   T27]  </TASK>
[  520.422871][   T27] Kernel Offset: disabled
[  520.427249][   T27] Rebooting in 86400 seconds..