last executing test programs:

1m33.1763254s ago: executing program 0 (id=459):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d1, &(0x7f0000000440)="$eJzslj2v0lAYx//nlBQwGhNHFwdJ1MHSFjUuJLI4OZj4QhxMJFIJUsRAByEx6Cdwd3Nw9wuY6OqHMOiiC04615yXliOhCNwL3OQ+v4Sn/1POy9PnNP9TEARxbPn+7c8k/l39UQBwEiXk9f2f1qwPN/p/Lfx6+fnWzfqbh++/5CdOcdGccbz6+jkAn2oWonTsv6NL+noXPNX3wHFJ6zoYHK0fgeO+1gEYHmj91NA90d9xnrTDwHncC5tCuCJ4IvgiVObzm75maBr5MeP/wXDUaYRh0N+i+F/9pjWOqpGfuV8OVLauUT8PHJ7WFTDc0fo68kltVEmM5z+bm81vLX1+G9uuiEhljVFnTmVulQ1gszQAdlh7j1f6ld3mO5QhLEiR7OiOV9+BQO5IpLGG2GQvPt5QY5I78Vi1ZZ/TGRPG4xWXsLFR5VN/it8xXDD8SVnJW3nUlKPu8/JgOLrc7jZaQSt45vuVa+4V173ql6URqbjE/4rSn07M5l94JglsZuNFI4r6nopp21dxkeNy6X8cF8+rtnBTe27egqGZ/nF5ld7b+ZCZPUEQxP44ByY9WfpyIvRpAuNb9/YecyQIgiAIgiAIgiAI4mD8DQAA//80kEvd")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x12, 0x4, &(0x7f0000000000)=@framed={{}, [@ldst={0x1, 0x2, 0x3, 0x4, 0x1, 0x15}]}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x9, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getrlimit(0xd, &(0x7f0000000300))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x4, <r3=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0xfffffffffffffde8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r4}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
keyctl$session_to_parent(0x12)

1m31.624418189s ago: executing program 0 (id=467):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020700000000000002030207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000100850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='sched_switch\x00', r3}, 0x10)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x40084)
socket(0x1f, 0x3, 0x4)
r4 = syz_open_procfs(0x0, &(0x7f0000000080)='smaps\x00')
preadv(r4, &(0x7f00000000c0)=[{&(0x7f0000000640)=""/4112, 0x1010}], 0x1, 0x4000, 0x0)

1m30.391001884s ago: executing program 0 (id=472):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x4000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x4085, 0x0, 0x0)
r3 = fanotify_init(0x0, 0x0)
r4 = open$dir(&(0x7f0000000000)='.\x00', 0x0, 0x0)
fanotify_mark(r3, 0x641, 0x48001018, r4, 0x0)
fanotify_mark(r3, 0x2, 0x4000103b, r4, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x9, 0x4, &(0x7f0000000000)=@framed={{}, [@alu={0x8000000201a7f19, 0x0, 0x6, 0x2, 0x1}]}, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70)
bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000040)={r5, 0xffffffffffffffff, 0x2, 0xc00}, 0x10)
read(0xffffffffffffffff, &(0x7f0000000080)=""/1, 0xdb751c018d11ea14)
write$cgroup_pid(0xffffffffffffffff, &(0x7f0000000100), 0xffffffffffffff89)

1m28.531113477s ago: executing program 0 (id=475):
syz_mount_image$ext4(&(0x7f0000000080)='ext3\x00', &(0x7f0000000340)='./file0\x00', 0xc0ed000e, &(0x7f0000000180)={[{@jqfmt_vfsold}, {@test_dummy_encryption}, {@debug}, {@noload}, {@inlinecrypt}, {@commit={'commit', 0x3d, 0x5}}, {@init_itable_val={'init_itable', 0x3d, 0x601}}, {@minixdf}], [{@flag='ro'}, {@flag='posixacl'}, {@context={'context', 0x3d, 'sysadm_u'}}, {@uid_lt={'uid<', 0xffffffffffffffff}}]}, 0x1, 0x46d, &(0x7f0000000f00)="$eJzs3M1vFOUfAPDvTF94+/FrRXwBQapoJL60tLzIwYtGEw6amOgB46m2hVQKNbQmQohWD3g0JN6N/4XxpBejXjTxqndDQgwXUC9rZmemLMtu2aXbLnQ/n2S6zzPzdJ/nOzPP7jPz7G4APWsk+5NE/C8ifo+IoTx7a4GR/OHGtYtTf1+7OJVEpfLWX0m13PVrF6fKouX/bcszlUqR39Sg3kvvRkzOzc2cK/Jji2c+GFs4f+GF2TOTp2ZOzZydOHbs8KG9g0cnjnQkziyu67s/nt+z6/g7l9+YOnH5vZ+S/sjjjro4OmUk37sNPd3pyrpse026umOX7fvlZrrRmUA39UVEdrgGqv1/KPpiy/K2oXjts642DlhTlUqlssKr8lIF2MCS6HYLgO4o3+iz699yWaehxz3h6sv5BVAW941iybf0R5on9g3UXd920khEnFj656tsiTW6DwEAUOu7bPzzfKPxXxoP54nB7M//izmU4Yh4ICJ2RMSDEbEzIh6KqJZ9JCIebbP++hmS28c/6ZW7Dq4F2fjvpWJu69bxX1oWGe4rctur8Q8kJ2fnZg4W++RADGw6OZvMjK9Qx/ev/vZFs221479syeovx4JFO670192gm55cnFxNzLWufhqxu79R/EmU0zhJROyKiN13Wcfss/1Nt905/hU0f9qWVb6OeCY//ktRF38paTo/Of7i0YkjY5tjbubgWHlW3O7nXy+92az+VcXfAdnx39rw/F+OfzjZHLFw/sLp6nztQvt1XPrj86bXNG2e/8e3F+f/YPJ2dcVgseGjycXFc+MRg8nrt6+fuPlsZb4sn8V/YH/j/r8jbu6JxyJiT0TsjYjHs4vCou1PRMSTEbF/hfh/fOWp99uPf33mSrP4p+90/KP2+Lef6Dv9w7d3jn9zRDQ7/oerqQPFmlZe/1pt4Gr2HQAAANwv0upn4JN0dDmdpqOj+Wf4d8bWdG5+YfG5k/Mfnp3OPys/HANpeadrqOZ+6Hhxb7jMT9TlDxX3jb/s21LNj07Nz013O3jocdua9P/Mn33dbh2w5jowjwbcp/R/6F36P/SmRP+Hnqb/Q+9q1P8/aVp69Js1bQywrrz/Q+9qof8v5Q/NRwXA/cn7P/Qu/R96UtPvxqer+sr/uif+LX7P8F5pz8ZPRHpPNGPjJ/pb/jGLNhKVobz/Z2s2NSzT7VcmAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAzvgvAAD//w3J5b0=")
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000100)={0x26, 'hash\x00', 0x0, 0x0, 'poly1305\x00'}, 0x58)
accept4(r0, 0x0, 0x0, 0x0)
mount(0x0, &(0x7f00000003c0)='./file0\x00', &(0x7f0000000040)='devtmpfs\x00', 0x0, 0x0)
chroot(&(0x7f0000000300)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000300)='./file0\x00', 0x0)
pivot_root(&(0x7f0000000440)='./file0\x00', &(0x7f00000003c0)='./file0/../file0/../file0/../file0\x00')

1m27.351512301s ago: executing program 0 (id=479):
pselect6(0x0, 0x0, &(0x7f00000003c0)={0x9, 0xffffffffffffffff, 0x80000001}, 0x0, 0x0, 0x0)
syz_mount_image$udf(&(0x7f0000000940), &(0x7f0000000100)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x200000, &(0x7f0000000680)=ANY=[@ANYBLOB="6d6f64653d30303030303030303030303030303030303030303030372c6e6f7374726963742c7569643d69676e6f72652c6769643d666f726765742c6c6f6e6761642c6e6f7672732c756e64656c6574652c6d6f64653d30303030303030303030303030303030303033353031362c646d6f64653d30303030303030303030303030303030303030303031312c00e3cc6abaa52ef118fcbe734b47a6bf66bdd357c81c22ed4c07659e40ba6f24e50fafda55f8d6b01f7fa9505996c5c8e5fac082523b41c69e892f8f3372228da85b089c449c8243489693fc724dc3a34a1c85226b306f86ba0484aad17849d21905bbe3dbc20bf4c98777720c05637db44ef1224790223b183be4cbccef28b6dc7701cf3b6d45babe7a0177b34116f8033c0614d351a01526a5e4626159b2d7a3176575b87ce23efc23d6fc182ecb01ea4d182720d93ab9a99e432ce3c68dcdeec61f9cc21345ccd818e18d6d9c4bb97e0f79e4cfb80641"], 0x1, 0xc56, &(0x7f0000002680)="$eJzs3U9sHNd9B/DfGy21S7mtmdhVnDQONm2Ryorl6l9MxSrcVU2zLSDLQijmFoArkVIXpkiCpBrZSAumlx56CFAUPeREoDUKpGhgNEXQI9O6QHLxocipJ6KFjaDogS0CBCgQMJjZt+KKIhNaFEVK/nxs6Ts7897MezPrGVrQmxcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQMTvvXrh5Km0xYZD+9AYAOChuDT2pZOnt3r+AwCPrSvb/f8/AAAAAAAAAAAAAABwUKQo4qlIMXdpLU1Un7saFzsDt26Pj4xuXW0wVTUPVeXLX41Tp8+c/cKLw+d6ebEz83PqP2ifitfHrlxovjJ7c25+amFharI5PtO5Njs5teM97Lb+ZserE9C8+catyevXF5qnXzhz1+bbQx/Unzg6dH74uRPP9sqOj4yOjm0UafSXr913Q7q2G+FxOIo4ESme//aPUjsiitj9uWg83Gu/2WDVieNVJ8ZHRquOTHfaM4vlxsu9E1FENPsqtXrnaOtrEbWBh9qH7bUilsrmlw0+XnZvbK493746PdW83J5f7Cx2Zmcup25ry/40o4hzKWI5Ilbr9+5uIIqoRYpvPrmWrua3flTn4fPVwODt21HsYR93oGxncyBiuXgErtkBVo8iXosUP373WFzL95nqXvO5iNfK/G7E22W+HJHKL8bZiPe3+B7xaKpFEX9RXv/za2myuh/07isXv9z8w5nrs31le/eVD/l8uOdOsU/Ph8FN+XAc8HtTI4poV3f8tXT/P+wAAAAAAAAAAAAAAAAA8KANRhGfjBSv/vsfV+OKoxqX/uT54d8f+uX+MePP/IL9lGVfiIilYmdjcg/ngYGX0+WU9nks8UdZI4r4kzz+7+v73RgAAAAAAAAAAAAAAAAAAICPtCJ+GCleeu9YWo7+OcU7MzeaV9pXp7uzwvbm/u3Nmb6+vr7eTN1s5ZzIuZRzOedKztWcUeT69e6OWvnzRM6lnMs5V3Ku5oxDuX7OVs6JnEs5l3Ou5FzNGbVcP2cr50TOpZzLOVdyruaMAzJ3LwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA46SIIn4aKb7x1bUUKSJaERPRzZX6frcOAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACjVUxHfiRTNP2jdWVeLiFT923Ws/O1stA6X+fFoDZf5crQu5GxXWWt9fR/az+4MpCJ+ECnqjXfuXPB8/Qe6n+58DeLtr0UM5uVP1bp5qLdx6IP6E0efPD88+plntltOWzXg+MXOzK3bzfGR0dGxvtW1fPSP960bysctHkzXiYiFN996oz09PTV/PwuHq4XyK3Bf1R+5hVTbh57WPzKn9+AtRO1ANGN/+n6Xxn7doNhT5fP//Ujx2+/9R++B333+N+KXup/uPOHjJ3+68dPAS5t3tMPnf21zvfz8L5/pWz3/n+pb91L+aWSgFtFYvDk3cDSisfDmWyc6N9s3pm5MzZw9efKLw8NfPHNy4HBE43pneqpv6YGcLgAAAAAAAAAAAAAAAICHJxXxu5Gi/YO11IyI29V4raHzw8+dePZQHKrGW901bvv1sSsXmq/M3pybn1pYmJpsjs90rs1OTu30cI1quNf4yOiedOYXGtzj9g82Xpmde3O+c+OPFrfcfqRx4erC4nz72tabYzCKiFb/muNVg8dHRqtGT3faM1XVy1sOpv/wBlIR/xkprp1tps/mdXn8/+YR/tX4/95hlzbv6AGO///MkY3xfx/rK1oeM6UifhIpfusvn4nPVu08Evecs1zubyPF8XOfzuXicFmu14buewW6IwPLsv8bKf7xp3eX7Y2HfGqj7KkPdXIfAeX1fzJSfOfPvxW/ntfd/f6Hra//kc072qP3Pzzdt+7IXe8r2HXXydf/RKR4+al34jeqNf//c9//0Xv3xrFu4Y33c+zR9f/VvnVD+bi/+aA6DwAAAAAAAAAA8AgbSEX8XaT43mgtvZjX7eTv/01u3tEe/f2vT/Stm9ztfEU7XNj1SQUAAACAA2IgFfHDSHFj8Z07Y6jvHv/dN/7zdzbGf46kTVurP+f7leq9AQ/yz//6DeXjTuy+2wAAAAAAAAAAAAAAAAAAAHCgpFTEi3k+9YlqPP/ktvOpr0SKV//7+VwuHS3L9eaBH6p+b1yanTlxYXp6thGL7avTU82xufa1qbLu05Fi7W8+nesW1fzqvfnmu3O8b8zFPh8pRv++V7Y7F3tvbvKnN8qeKst+LFL81z/cXTZPTZ3njq7Kni7L/nWk+Mo/b1326EbZM2XZb0WK73+l2St7pCzbez/qJzbKvnBtttiDqwIAAAAAAAAAAAAAAAAAAMBHzUAq4s8ixf/cXL4zlj/P/z/Q97Hy9tf65vvf5HY1z/9QNf//dsv3M/9/9V6Bpe2OCgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj6cURbwVKeYuraWVevm5q3GxU8Tt8ZHRrasNpqrmoap8+atx6vSZs194cfhcLy92Zm5tX/9B+2S8PnblQvOV2Ztz81MLC1OTzfGZzrXZyakd72G39Tc7Xp2A5s03bk1ev77QPP3Cmbs23x76oP7E0aHzw8+deLZXdnxkdHSsr0xt4L6Pfo+0zfrDUcRfRYrnv/2j9L16RBG7PxeNh3vtNxusOnG86sT4yGjVkelOe2ax3Hi5dyKKiGZfpVbvHD2Ea7ErrYilsvllg4+X3Ruba8+3r05PNS+35xc7i53Zmcup29qyP80o4lyKWI6I1fq9uxuIIt6IFN98ci39Sz3iUO88fP7S2JdOnt6+HcUe9nEHynY2ByKWi+2v2eF9bN+joh5F/FOk+PG7x+Jf6xG16P6Kz0W8VuZ3I96O7vVO5RfjbMT7W3yPeDTVooj/K6//+bX0br28H/TuKxe/nJYiZvvK9u4rj/zz4WE64M+TRhTx/eqOv5b+zX/XAAAAAAAAAAAAAAAAAAdIEb8WKV5671iqxgffGVPcmbnRvNK+Ot0d1tcb+9cbM72+vr7eTN1s5ZzIuZRzOedKztWcUeT6OVtlNtbXJ/LnpZzLOVdyruaMQ7l+zlbOiZxLOZdzruRczRm1XD9nK+dEzqWcyzlXcq7mjAMydg8AAAAAAAAAAAAAAAAAAHi8FNU/Kb7x1bW0Xu/OLz0R3VwxH+hj72cBAAD///9X9JQ=")
r0 = epoll_create1(0x0)
r1 = openat$rfkill(0xffffffffffffff9c, &(0x7f0000000000), 0x400, 0x0)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0x60000003})
epoll_wait(r0, &(0x7f0000000040)=[{}], 0x1, 0x400)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
syz_mount_image$vfat(&(0x7f0000000000), &(0x7f0000000100)='./file0\x00', 0x0, 0x0, 0x0, 0x0, &(0x7f0000000000))
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x31)

1m26.859751037s ago: executing program 0 (id=486):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
futex(0x0, 0xb, 0x0, 0x0, 0x0, 0x0)

1m26.648243339s ago: executing program 32 (id=486):
openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000300)=@abs={0x0, 0x0, 0xb}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10)
r4 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0)
mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r4, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
openat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x20c01, 0x0)
futex(0x0, 0xb, 0x0, 0x0, 0x0, 0x0)

2.504375359s ago: executing program 3 (id=1005):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000200)=0xa0000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000280)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f0000000080)={{@hyper}, 0x2, 0x10000, 0xe9dd83fc0, 0x0, 0x1ff, 0xffffffff, 0x200000, 0x9})

2.363556652s ago: executing program 3 (id=1009):
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
link(&(0x7f0000000000)='./file1\x00', &(0x7f0000000040)='./bus\x00')
linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0)
creat(&(0x7f00000002c0)='./file0\x00', 0x6)

2.186861383s ago: executing program 3 (id=1014):
r0 = socket$nl_route(0x10, 0x3, 0x0)
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000100), 0xffffffffffffffff)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL802154_CMD_GET_SEC_DEVKEY(r1, 0x0, 0x8004)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$nl802154(&(0x7f0000000000), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_802154(r2, 0x8933, 0x0)
bpf$OBJ_GET_MAP(0x7, &(0x7f0000000240)=@o_path={&(0x7f00000001c0)='./file0\x00', 0x0, 0x10, r0}, 0x18)
socket$phonet_pipe(0x23, 0x5, 0x2)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$inet6_mptcp(0xa, 0x1, 0x106)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000080)='cdg\x00', 0x4)
bind$inet6(r3, &(0x7f0000000000)={0xa, 0x3, 0x0, @loopback}, 0x1c)
connect$inet6(r3, &(0x7f0000000040)={0xa, 0x3, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, &(0x7f00000018c0)=[{{0x0, 0x0, &(0x7f0000002c40)=[{&(0x7f00000002c0)=';', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f0000000380)="12", 0x1}], 0x1}}, {{&(0x7f0000000580)={0xa, 0x4f21, 0xffff, @mcast1, 0x1}, 0x1c, &(0x7f0000000f80)}}, {{0x0, 0x0, &(0x7f00000016c0)=[{0x0}, {&(0x7f0000001340)}, {&(0x7f0000001400)="204a8567cb1126579765f5a12e32429311a2bfbaf6d824e9dd862d0883a31b4e00f5ed56b675f2d18756c8cc", 0x2c}, {&(0x7f0000001480)}, {0x0}, {&(0x7f00000015c0)="792d685d156c4a019e0eabea5a975306af8a6b0977e638bedad19c6f800ee1eaa9e2ee03f14e6b8be56453b7", 0x2c}, {&(0x7f0000001640)}], 0x7, &(0x7f00000017c0)}}], 0x4, 0x10)
syz_usb_disconnect(0xffffffffffffffff)
setsockopt$inet6_tcp_TCP_CONGESTION(r3, 0x6, 0xd, &(0x7f0000000100)='hybla\x00', 0x6)
shutdown(r3, 0x2)

2.120705554s ago: executing program 1 (id=1015):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r3, {0x0, 0x1}, {0xffff, 0xffff}, {0xffff, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x4000)
sendmsg$nl_route_sched(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000140)=@newtfilter={0x3c, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfc, {0x0, 0x0, 0x0, r3, {0xfff3}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0xc, 0x2, [@TCA_FLOWER_KEY_CT_STATE={0x6, 0x5b, 0x7}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x24000014}, 0x20084084)

2.002717306s ago: executing program 1 (id=1018):
mkdir(&(0x7f00000002c0)='./file0\x00', 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000040), 0x42, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=0000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
lchown(&(0x7f0000000240)='./file0\x00', 0x0, 0xee00)

1.69568804s ago: executing program 4 (id=1024):
socket$inet_tcp(0x2, 0x1, 0x0)
rt_sigaction(0x16, 0x0, 0x0, 0x8, &(0x7f0000000200))
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000140)='/sys/power/pm_trace', 0x2, 0x0)
write$FUSE_NOTIFY_STORE(r1, &(0x7f00000001c0)=ANY=[@ANYBLOB='-'], 0x28)
r2 = socket$alg(0x26, 0x5, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000080)='./cgroup.cpu/syz1\x00', 0x200002, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_route(r0, 0x0, 0x0)
ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000500)={"e28ad59c401cbbd270e8a9bdcaa6084ca4ae2d35e2f6ab63ce165fd69eac33f045f1fce7f4c1b66513f74fbef4548a2c0b416a0645969aae5e717c1b4f630021176a0d6ea642e179198f4054fa8419c11490112fa8c745703b577267723df21320acc41193360cf752be2aeff3ff5c632a41f9093c4f01a866beb586a73faeaa517d702a9653aebfe73fac3612897ada7676b1a3e055bda09ec0481d21d89111ad41fa8a66bed7badba8404cc2232a31256f43c149588d4686fcdd4832267c73dc903c33c6d686d0eefff0eaf5648cadb8fe59eb917f3e0314184e569ae0c182645c05505847199e37d7f46d6c40f988741e79d0ef87a59ed50d59a7ff9be5cd1c5cba570021dabc8c150a078ded369f4f9e87c3778e4cb9eb30a517ad1a14bdcd4c80654307bafc53c87b5243e1cede86d2deccb53b4acc63bc12a5ade625d0856167fd3d56b0db62e0a174437b8b2ddf6d5e1143987463a1596181eb0798113072f78d01ca165f8bc77f4722ad42aa717104f3983cc6f270bc81bfe2d2c04ce6da48822a594f591782d5e9bcde97a6eee4e7988535c79dc0457ceb294be4eab1dacb1f91d859b8f57f8c8a115f88ecd2fc851d943023e3bc0bb17235d22ab1068c97bde5a82d9ae2e6d6a1d7fe3eb2b4bb4049a5bb52801810f64fa1b82db9ab8f4bcdb06028bc4e15c17f3125ce5bba3abd5ce65ca32a88a29917abfd75241a579a84294ba4cbae215bba584a14dc8f0d659ac28029558ac8799a003bbc8feafb89f1bab8de0f8a8793b417ef5ef80cfd70fbfcdd67a93424139a3aba46ab47d92038235e57d81cc38549cbaf616d4cf1e6f357f79cca7527007d334a4c6db7b50a9f2dff6ae44c4b162b27f3543cc05ea8d984ad2de476eb9d1df4569d889c6e58f9b44ea1d9eabf7a75146cfecc8e50e08e19c407adca939d244dbdffaf10fc528ddb66afe12c019a776f430df87bc30974e6d749940f68e7fec70473a899970e1854a02875a1e7faa472913655f2ff96d30de6519358986c7de186a8902f24e5d79c537b3abfc54608d81c92a42f5c332c226e01c67d9732e358c3377b9cb5c5231bbd167fd2c9ef5c3ad62e9b935e18e3dcb7912bc88b698ee1d5bef06dcb402b70485118557bb36ffe8de8748d44e71b71f8bcf227d9de2d95d971c254114ec943167b9f80289180db3442bacac0a90fbfc8fd2de5756a85e5b17c7dca0649e61531b428e07f2e8e6a69e99c0c3f79822d7ab85615f162c4463cb1218940c4ebe13ea980acf23de0ffc334245a7b3a0e34fe1b0595fd64285b393d842df64e1ee4c99f698e6b08e09fd8eadf1d6f0e96254fca503a8d82857e07543e6b72510a3ffd36d45c8faf09ab09aee41a9e8ba6551a93993222a6dc7733de1c2f3b81c02d5c3f68162e81285c792d977416bc6a0c63f13b803bb07054bd0744"})
fsconfig$FSCONFIG_SET_FD(0xffffffffffffffff, 0x5, 0x0, 0x0, 0xffffffffffffffff)
r3 = syz_open_dev$ptys(0xc, 0x3, 0x1)
ioctl$TCFLSH(r3, 0x540b, 0x0)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bind$inet6(r4, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c)
listen(r4, 0xfffffffc)
r5 = socket$inet_mptcp(0x2, 0x1, 0x106)
connect$inet(r5, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10)
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_DEL_ADDR(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r7, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0)
r8 = socket$nl_generic(0x10, 0x3, 0x10)
r9 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r8, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000004c0)={0x30, r9, 0x1, 0x70bd2c, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x1c, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @dev={0xac, 0x14, 0x14, 0x1c}}, @MPTCP_PM_ADDR_ATTR_FLAGS={0x8, 0x6, 0x3}]}]}, 0x30}, 0x1, 0xff07}, 0x0)

1.68243049s ago: executing program 2 (id=1026):
mknod$loop(&(0x7f0000000080)='./file0\x00', 0x0, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0)
mount$fuseblk(&(0x7f0000002440), &(0x7f0000002480)='./file0\x00', &(0x7f00000024c0), 0x0, &(0x7f0000000380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
syz_fuse_handle_req(r0, &(0x7f0000000400)="53fb74f623dcdf37b3dfdbc1258fcfbd0a6baac68f53d559b9a0de916ae0fd36eab99795cf66415289f626bd47eea657083f5dccc23311b9730edaad7a8f7c0f8bdb968ee7e5d121712bd99d66a305a4fa15fabfdd3e13d3642311c2daee2c3426c5b30c95e8b82c78387694bfb3d8cd7d6ca91524342baaf8e6a77a97b388c91fc31343a887881561e351310dfd384f4649b84d6fd766779837a28324a70a9f02b34e9f506c5b3e1db1f29d64f100c4ae70a4bab8805e86063a0cfba90c843f0f35622e05aa073e5b6f0113622c8abb2d1bc1a4d2f573766c580cdcf359ac3487cdbcb1d2f033caafe8d9839f618f0ccbd1e3102c02f45d7a2287f7b827dbe82967f66a53cc9be5e407c2e30dcaa91f4f3330fcba12c492172dbf87cb60b9fe280f0f9c1cd01702fa2202e9c4250d95259c7ecbec617e0bcef4bb7838db8cc7dea6928c05825ee68692755c085dcc2efe1335469a774e230dba422b9d8f06da49f54c6132c69effaff47db2c10d3cb3b20fd6af876af75496c0051f2e2cf4e71e31525156092a936f3d2c85bd5027f6459022f4023d095d31583fa761a826ff09dd004079a6a5daac63047d1102eaca557794654c60c3b339e84b7080d57c96a9e5675e0923a27c6b423b174371b29ea71add72e72c4ce296d6f92e8b7dd1f41f9704549e760cb47a10829331c9dbc25fd6e4daca79203b767aa2a5f34bb98fff96b6c1af60524e65aa0dc3b0ed21e00eac02b9bc12de720bb0aac22e2ae2e19fe5f43c6b2f73429d1796b3d334f4964e212455d7a402d46ba4b06f8ec5b0779931d3279cb9fc90e0ded60003c6174d2ef671a22c64b5a2e177f4310a507d20297209592379ae0203e97c67ba6c4c1146f3bcdcb5072058a08d85e893bf44276d49a4a616c8bc814abd7e4c0dd583fc277bfd148567c29da149eba7153960b2d1dc1e0ad9d45f7b880bf5a54b674d2115039cdd7e8c790afebd25de6c3e37119008842a4d058c3cebaf7d0a2358a2fa0353fb8c9234ce9b6313bdd3cbcb3bd162ba5d86fa6f42adc5e808072bc3cd183ed7e5732b04eea5ec1c93a63b3b69de76ad75344726b83dec68180696f30f67ffa3506e410de7588972a5b7cf352c311671db0764c45139e10dc40deeb8e610fc6189c632dfa6e09ba9f48a0c7f697c640ad3f7460a6eb2bc442850d01ed17c497c42002a911676b368d68f27dfae41b42461c56ec8499aaaa45a01fcb470cd535a6fc36be80cc52fc37147c7736a7521558fd8accc0a1a7ba2774a0da15469c3eb15910794d48b750636b728999c62a3b9080396e44d493017a6f304e2685fc60723b98128f76d36cb379235514297166265cea41d8c28fe7c70e7eca9f1e92066b70b94455923fcf1cfab371840c02b55a45195bcc73dd98f997a23f2c2816284ae60c303cc7305059069af52c3d7f53e175e19d1df9a08f09aa5a92506be550a13c2940bd9f12637d898db138ab94c67015a91e48a529bc58ae82982d3d34bf3e3c233b0a6e810db3b4f8bc0ad05a701b5283d3e9320f01d3d2553e742c85248e59d716645e42c5eea1b9b89add012ff3df1617ce07c20c12b867c49c0bceeb7de1ed74d3b544a5567882cdf950fb24897dbf3df2ba9ddc676447cbc0ab99745ab677cafa175bf2b11060fbe18ee9b9713b24a0425b5694b063a7d40e7ca59145c34674c872fc02448b044820292d2cf6046332f2bfa56b232f1ff8163888ad23f1ad5c4752cb6846503a630d05e33c50dced451c6a4e07b3ddc81bb14673c296a2ab9585a6986c436aeb483a5945d818f8834227f557ffbabdbd0fd73d9db911c96eb93dbdd572dce06e3e03696c7da3560c72147c5a1a342fcf07d0d8d0c47f4948f5f80ed66599855b46454368ea979dd31755e6cd019e2671359d8ebdd8d74e02c2be3803d84c47860bdc6b876c87c2cc429a4314c4564810eabf0ad74636e7fff48d56aeec678fabba97ad62ec9bf42e229861d620f62564112ef92703c0fc9bb99bfc653d15182c4e5386ec46a3cf171ea615dbae77ce224e03b616bdd983e44607ad91d3fda2d1a2b819cefbbd9cbfdb0e631d41b254465b44f55ec4293cc2e3ff45bbec7fafa656af784dd1aaaece7e0def1cf2dce73a4fb99944a48561462a8dc3baa173266761e1eb721442c000e07a18a812cb83a901de36b9b803b10b12b8fb520b68ee02d1394893b405fc0b478bcda5ac814bbb0d4c957fd7ee5caa5214444b6704f7a14313e39e3b1998a51579d597dffd3bc4876e6b6ba3d093de1fde96472618292b9d730ce2af5ec8eb10bc6ec70d7296d9e677b1bc3898b11379d1acb6925dd409499643c1575be0064899b712f78aea27c8f7cc6ca118cf2f2891197f89e5fee16ef18979326644d084fbaafe491f7a46a06ae8bb6a908ad58b7cf8ebca402176bd2b14d61a9cef9ba24dc9a9a48c65777dae87054cdd9b118390531863ba45224fac3029e841d86ab5ae9d222340c77b670238eca8981269b88559d1ce134de32bde9342c5dfaa019885e4687b051afa65ee977cc7e79944d953762aecaddfdbc92afb53afcc76e3fdc26e66852a88d61909b1f5c7a5b35852aa5735fbfcbbbeb8032fd1c0a4cb91b6cc525bff44dd03529997a624ddb53e3abc1231eb3ae8840ed0b433849c63d606053685f1d3c538f2db00b5f468cd8228de91e193fde0c4ed4fd42f5f9ea53337e63bc6eac21cebda1267084090a4d60e47601cac8ce6306d0c50b6f44efbd6851f6e2b0da057247efdaf62408069079eccff734a809576230bf255333d6ccd6fce91cd3212511c35b8025b1d028cd42908ecb6013438200f2b117391310bbdb9f566840e991e564138d343ead4dd9206a203da473b7d05ceedfe8f8077af311fde6108598c358bf6d1f5512c49b3f0193617b8662de6bdb28fad832a649774534c70c7ed40f43b10ce89cf7cec8f6ae3437e4ae624d0df75915793906664316641b74a02e3270b785147c45731faf62f8a7703df15ac4ef54e1babf8f4eea5b85364250d7ee3ea52358a6c4735a7769f016731fedfd696624b7eb4cbf074050de6843e62efa8ee0172cfac1dbc3907478c2192dbe2636fffbdb09221e945ba5fd3ef3019e8516daec8780497981d0bb52b56843336cbf4978bd05eb1097b89c3fd83fcf5d16a7bfde4c83aedf450e6af1c75241b161baaa2898959b6fd08c57de01be430fb5c0117db87c28c6050345ec374e069fd7a8d57caa215aa3fa5628da1a04cf9b1822d60b79969200b4d2aae08ca3b588b02e2b70ba80fee1be5663de2dfcc44cb95546c4984ea60c5862b04a664d472226333d750e86201555735098075919bad9037e1be7df02bb2d02cc6c023855d40c642da1ba40da40143838c03e2f208ea10122d8ccae3938239c8092e7e50c2ed4abd154d893a28ce199548fd67ec6c77a5ffa02431366a8f58c6bf551c702b2e9e50f131549040e95dffc3a9d820e7a8f5c6098763d57fd71770766205da7af26c503e530c0ca0fb6e2300ebb14858087fcecf9841d4c78e8ba45855df27fae6a647cbc20427c9832788dcdae36ff637f1f5cd1991d9fa5bc3071cde0cc861272bc91d78828c017846e543bcee7280c121e97af72cf2a61347342f7d24eacd9f37a539630cdc968cc8bcf93fc5fc5db99748aab956b5026ae01e7f2a98e0f08ceb947f8dbd261b7c7330207b3a736d9088b46cba94c346eee75de70d6abcdd08b36f25d03dfe67dae3effb37c87d1182dcbd14df6cc05767f15cb993cc591fffa7c2a1db1ff5483af69d0479e65ba1b7186b7baf1cf626b8290ce8c7485e013d572b80f7b7d19cdeb0bf08769f2f53422a16b23905abc23bef8d7a4aadb73693f7eb0415335cda5e8ccfc3ea9713596eecce95c8cf533258720d24782da0182eaed20a4e5d0dd53b93998adc84320793c4b7ba9b6e21d3f29a6f050e7dbf5259a7e1b37dbbb3b3301622dafc0e16a0b284da91958d2a142e840c109a3121b95cb5c9755b55ee0c119d0b21b37a1acc280b2589f19dfad0e76377d97e63e102695449c234031da21b305dfe9b0ed9dc5c8e0360074049867ba0c1f3955b9470d81dd08f1ec04f02ec4164ff975a547e5f262426cf495e09b4f591e8b56310f8147583c8ccef4adc3cde3f3f99501114a544141c36c570bace560b43794e688e04eaffbc64011e5b7ded328d5e68d3fba17538d9fee7d3946cfb777f2bfbfc70199504225646b9bd05cf6b816d3cb69146a61567cef8d6ef141685fe423b6a00a41c021c2f02e8115bfdcafa9c548a17ce1e4ef64b74c79d2e0242eea75caf50a5f4c5f90f2bbf1b31e25e18ed2f5568482fa17917432b9adab08c84e0c689191d12c32dad923e25824194e7c1e2892a291b8561b7201d6c97b5f55100db74f1627fd6f79e29578df8703042ccde5a29046f1163540dfd6975124d3bfb537ff108259b8bf29341c1dd60e48ee207ec5592c198d7bc0166524a1070e2148227e3b5f45f8733abdfead261fed1beb1b0ca9f6d103d2f81e1b5cc4b4d69d87a509e0049c391c95ce0ed3e0e76767decbbf906c957aa5137480d32cbd44fe81b35ecaf109b1917fd5fae884ce6af47a90d8f5cd6b9d38f169e11be62790f5db65ca6491957f077b44101d5a11b0fe4addd11190f97a1292529a04a58d68242ea65b76ef99f46be1d11964ddd1ab98dd6aff18abca6fefebaedfafabf6c98c69455e9502333c6bc742d7a17aa84771c041fe7f5dba88becf0c486978f660d15620aa7c90b15c3bec50558f02140d1e532d308c62a2a6265b00d5a1867753eb07c20b3c0f6128f1f17c13d7f97fd394a02042285d2b731091cb77045d9718eb003b1391b6c36e42d9a1d87ff4542346c3f4e5ffedb8e51152e7cc75e4a4b6d359fc42a2ed92f54403d340ce62a49e868a256bd2c13a9dad212e36c9df0020bc2025d9406d748667aa03a345ea7cb7b9a3c898502d3376a52760704a41a35ac12589121f4e0af76b2d9f2dafffda2026f7ecb01fa5d358eb5f87f1f57e0e4845e4d2be20c18cc0ba24770979d7cd634eb16e6073ca7d39e3e81a17e81b55c46b57a56c9969edefd45b877f3ba6640c9d57d35ac9f759b02bf83533180ad98c6b28604c403f7e7d79ed51210746289f2519f89d8c6180151488652235b430ff82e849388fd8c13399e14db3f4c6670526e15e478d3626f39d23aa29bee0c2cde0fc31b114548f064c3374239b1dab14371392dea5490cdfe144b06a54df4a6430fd120b0cfc5d31c7a7cac65479e9d084b9fb8c899303c83624da6b91f2356353be8a35ed2c79fac6e23d4b0cd827ee413be67f0559fbf0477e0f27454cf89effdb2104f89625a6b063250d97692ebe46dc323208f151ddf08a48fbf264d577a8cb00cdb4bcdfefeeb96e5ad1dde5752710a3632bb63b31d32fa44a36361bcce4020f39517d7c0eb9b8e2029cb786493efb2f9b3a040726e13e3da36563365ae7022237ec5e76602c7008538d2abbd7d749f972dc3ab9910fcb8755c794ae4ccdcb756f8c2655ebf7e5a1c900075fc9ddece862e35a48b01f47c1fd5eea90f36e6c3ff349c17392bbdffb4ca46627348e22fab10fcfdd4ed5587bde9c927d7c6b57be0f6e56a648cb3199406c68ec68b85e2e9f6dafa3838dc77c6c4ccbccd5d847c4379beabcf5b9b237b26411c6c9047400b392199f898c915a41a8a4f013ef7d4f7735c9c83dcae8568f1c99703f61f3c020f2b07b37f897309af23c1f0218421fd4209ae696e0c3ca165d96025c02cd37d38eef598d101df0373ad1fea2964ce9e4d19f3ca3dbd6d2e934b2edd46fad9a606684f3213619292c444011476fc70d4fe944fc7253806ceca23f845c51d4b241ddbfb761bfb361fed19b7300bbaa071a3369fa74b586d4002d94f8fdfe3c2ce83a095f38d312fd89e556cbca20825981cbd1491c0ca7c6fda3c3f62d4b42c608eaa2719f8af01314577df3935cee6e3af18e4c573c267a8324c531a29663f44b70ee6cbad03054cff49d686e510196bd772ee33c65da7b7132b4d1f2b6368e526ec2de591963dcf69227dfa7c536261508221febbd00b5f55e54b82727825bf4c141a8a9817a53aa6e67fea03c74ffcd1d4fe243dec35e8413db0ca4bb13cfa86824621cbabb2e5c0993fa561a8d0224ff08e91f704e68fd0f62c040de7dccef3ecc908421ebfd17362d50ecb091b193f68b2ba3855b26c09673fe5824a2fa16403b21ecfd9b7c5e5078b72c2852a267fdbdafa51b2e0d33dcb7119b115f0d33d06f9acda359d10b374860dcff0e757d65b61818f1b6159a416c9f09c6501d9385d2f72b5b494a2c61da1dde306d79b36761039e0f9344a03f1254cadc56614b74aa1f5b22c37c4117d212ff6e0bd38171c5d9649f71fa54d65466455b39647918c0df028426d7d95bc3a83f5ef52ad813e154993914af805dba5b6dc9c0e835e4e570f54439de5287dcd1237fe591c94b688a74db1bbbbf135bcfb6ff6b136d7cc1d26f0b5b2fab4fe0b0e5eb7f4b6a9324191ccff26d936dd05cffca1b40953e9e9176b1ca8f11a10075afbd2df501b8060a5a6d777b1ab1a66cb2e071b2a34472c2233bb5f619fcb675179a44771bb027d102afc8b2d9f553d4bafa5f253056564ac0c20b654705da5aa8e7fa43ded20d1276a3764306bd251dd08a9a6fdb0259d74e311ae35ada53b30fd1d4a007d882454babc735ed6be5376eb2e3ae57731ec2c3517091153cb3131074e47094b46e1fd4e2f7c4a9d610d0113b9af40d8ad0feac779dfbdfaaa11f87c8b5bb2f4a62dcebaa4b247b9c52f1f38225fe157b8580df8a4c2907fe514db85c38fad9c3303cad1cbfbc0217b97e6887733002b7b7225aa42feaaf5d7bca21b895288b9b5ffe374a86cc626020d3661c7ad2ba2d727e337face900ba4c772236f03048b85e894f7667bfed665a289c321921b64361b08bd5c022ea81b046a926e03ed0f326b6a1e79a390af5095a302a69ecdf3f13448cbddd25bc6cf0a9ee47fd8424384076ba0e2b0875a9c51a3825b4e981aa63923462a18e79340e12cd613c2e66672dfd5caa58da79cdd9abd8b1cceae042fa6e42e62725866523125fc0544aac1422c4def15fa46dcd4e4e2470821741044f3cc32eb402fcf237ecd020b0175ac3a3e9ef628c373c4b4aabe5d8e6484102428d3834f4778555b9312161fcd966767e239072ceed6819531c2a0ebd836f83e28c5f709800d4d529b9ed735bf5a1c8911cc2cc9f84c003c4c1255b1c0f414b7b62835e225f28250860325c4752e59b810bb8482f2d46ba15ba41e21e26152e2953ce8855b947c9387ea782c4e26c1eced58ba690803645516646143a4dba91c595c1fc174589eba5ee45b076d48004592f137e2b70928cc9f0740a8792c2c2cab628859d3caa751f75d8651ab5a288b4bdffacdebb401fa1c0f23f14e072d829513812a172d72f42f0451c28e79b0814fc1d0b99011bd939dd0cbfe585a0025fe387e957a7a94827f6361fb460ea4e16c6df3971bbc0210f08776b8f8c1ab39bf21b0945e6118fff597cb978ed21c3478d39ff6ae1e36a8d28e3040f534c853942750104e42a1b2c63910e7f5238dea2b76f563542d7e4a63bf48768687f72c63d9360c77f2e61234b89db164c5aa328670cce829dfc7a17fce2585b5ccd6b1c61960571362b9808cd167addf7e9456bd66f8d4558d00148a0051bb2c69a2441287abb903fddb10f721fdb3dc6e81a90fde047c979a6aabf0c0abf823001f2828cafc0682b2adf04eb26643bd04a214c1a2d8f458ba3049ebba7f187d1f904384092c0cec83df0664ae7d27de4d3988fcb39d34bac67e089731baf090727ae4ca0bafb30556e0b822824094309bee1791af1b2f2cc516e625f1cea09360b4de04b2980c8ebefce33dd6ab399f5f348b0f89d73e4bfb3ea3ad80b48a4592f1b318a746124f046067dece8384ebc686f491734d4a572b1796a51d41325c056871a66e6245931340fd1775ba59fc22c235bb6a0209704cb780c08246f23574e9d30609c004507f3b6ab385ddf31c1d34c8facd364f3da507eb432dcd4fe4d7bccd2ca47088e192dfaba36146010548e2b4104f51a3f5143a27335cd3ceb7e12647c135c02a7f19fae0bf269521268cc83fe3bd4dfedafe5409a46ce448a50fe73741aa282488c55db83453e6bd3f4efc7dac4e72240050d8f56ac5f21203876992e50c85019d5980ccfcf249184890b80de601fe56bc3e237fbf733ac9c06cc8998a19f8fef9d4270e43bc536a0abbec00ae0f7073c080a908f261c7e940cce1d99e90a3ee5bbeef6db80f433303f6144184f950e6240ca80e48aaccebeefbec752d0018b7b4ebad86fa07088740f0f6d4efa9f58df1952431748e2ea31ba76c71576bfe606a893cad289c29c5d441b952a6a6007e2297280de8f3c6d327e460c8f04aed7481df67de245415b26362c1e8441217c4a66fdd435aebd7cc990c75569d464bd996eb266edfc10e48945223bcb88e2dea0a36cb6abee4ac4aee0d4e8e4944046151847ee0eb0c0ac3c74956949e3a8e7da198d9e7b8961f0326e1831f0557f78611eb61d0276889de8085206970e9791cabf7f5819da8fa6c1857c8e0d8e20871096a3e723225b6e7ce72719a3c531e41b92a2e02c8c2c4c0799b0f7009ca0c6cf7af871db76f99a6267a45de8d2bc56eb4d9b786af62ffe3b57eeaee4d34ac564d14c4da90893f0d87cd138e24382f457ccbd1d388c8a79be7f5cf0b8777b6843cee7862082fc7ce0250227c0b2eaa4a5ba93cea3ddd266f68c5f4d209fcb85f8292fef6dc7c88b299bed9024c3d9534afa9760ceb659661b7cbe46846a657aae7f75ce4b90545d3ff5b4220b09f4fbc164e7bf6f126c343cd7e2529c688827e6945a18ef09cd7c86822d6395b8f933206697fb21ea84bef9b841683490ec3601081448d48fea7245c09a5936e56fbfc9a5c02a52d0b3731cfa6dce1af3103e82696e8b4a832ca10f8d097ac9e26d0e36f6d73d2ef267e6be7a5b9c3445487971706d25266af70040f7618abbe8bee1cbdd094f1e3b9819d2d901d3adb023d62b835a6a488e87b38847d8cd0e03b8b68947094844dcb430f7a40569da81d372919a3da158fec22a257d3f66d0af7eb7704e5f76ac3d009188ae429c10cbf1d05f94b06e4e981102a557d1789cb5ad2ec5c2aa14791996877be8634060254e55a105d207003f3fcd752be90c4124c3459300c28d172d7b8617b6bdc999cbf0fba4552fb94931afc978576d0dbdfc6f6b51591439a82c7600fbcc8fbc684390425116e37a416246aaf525d7c5a9550d369cfedc4af7920cb3020c16032e9aa3082d7c0bae2663b43cb83e353956fcd2b1e2ef2019799547db81e376ee0f0a2883277de5e6eeef9ea35b53e4a580dc2d2393ff0fe9ae885b2a6e592951df3b6020ff82fb0cc6a6d8802224df98e14541ed95abdb7344d734483904d6e65b2f8bc94c2c2e2d6aa04a31181ebea82f0b65ee04347a692d854acac4d574400371754e3269bf3aeda5d763f92d0c2b6fcd21dd1dfa0d1b657e964d5a9305b54be67b12ff110f531c0d096e034c214583e31aa6225f230b938bb8fd4cd21ba183bc8c06137b87e30f14aa5bab19dd7d7c846f95b53823d2971b97a556d8a58dac888167948149820170b7a09be95cb47f4297da3ce976b2309ac96127b36c5b300fd0bbb512cd27db4bef4ba9b72f220d2296646c143c7ac09397f1149b91d1a1df24b8453c070f224612cd5dae460ba6083e49eabe7907d072ae975c9cbb18366c122e2ca747e47899faa0eb09b35f374efa29c5c0ac4edc7919f57a8ff3fa8bf284c456033626f6707843d6437fa0c9c93dc1c024695d1fd18708ab73bbf2ee7885d75f7259a1d425858bc126602f28c252402c3cb8dd7585bea93cfa01badb92a34d60776555a9ec311e95336014b9049c04590859542fd13e001309b5fcc65755ab4060017b0955b5dd7a8b38ec510274fd5473f2332110a5330aeeb5ee486e54cf2a66a7716aa91e3dfc275141435ab646293e95c39b97f83389fe29bdd9ce9739df0ef077f26f673e8d11bfad80f35564bc789fe45556d207016780c9eefd1e3bb99bce85ac6f5c104881a84ecd114a75125a76af3b99460d9aed6aaf4f364a905fce39bb69161da3bd3362656e43a2af2d08f13e76844cfdad010ce1fada5628a6d16fd3b190b5d233b0c94af65da466b3771db0bb3e4bfa274c318eaaf14c653fa50a574cbe75e25c8f183bcf1c9b19d66e5b08292f4ff4e5eb783f6a88e252c228487e834d06e1ce1c93e3ff1d7f39f93cebaa2cde356b226b1abc4344cde9308735c3f47a02561fd1b2e5072c455adfbbc92e0154207ab3efcc3b5ec651a66614ade0d9f8749e61161925bb6a4b72ca37810cef00f679d102dd9c28bf6db5583992b1d1a505fb7fab44ada1f475ba98021a8302aa6db410a8b243690dfa69e0435caff800b17e20dee4fd4d5e93d373dc6d66a14414b3e9ee0f55d74e78dff65cdc7720f33ae2f7f7a1eaf1e6118779d6806956337845562a8f93753eff58c1fa30cc8a66cff6b4dd231a04903fc33ce34c2f664981c96dc5816b291b16e9a3ba8740f6ce0ca9a86d58d797e93b3624b9addbcafa56d17f18a84fa7e24ac8c11d52d3a124d03afd994aaf8e65b2a8136e7624f89d428070c2171ed583e2d63d2f63e21aa5210caea20be38581058e0d9ae455957b82aecadac4a15d8d04a4cc395d9d5486e0e2a0131ef4feb0077ee21ff1226598a2b09862d1f5b75fb8ace92f8c2af9211e8bad321696a0c5c3c6beb18dc18310a6180535a70b04f6a0b61a997e23d9b888e84049950446de0a4fdcd2777dbf9d33bc6cd6cc2d6ca22dbe3a1a4ed70fbf8111da3a2f53b08d95a21e8c1f780e1826c4e120b47bb98920f195694d72d9be71055616d70f87caa3bbd161de86235c6dd15d35a6111822cbf85e0b68f89fc35aca4b16144f7c74902943196ac3d93ddca796131da80ee2799a055d7417f1e89d1305e27d16934a9177d1b25bc958ee217d3c0a7a448ae58d597a824128b5ae7076313a0c0d7c7aea954e5ae01f21669f4959e030b6d5d2e6453418f131130a5edf3de31693bdf9a6da13284286cda47ac5cd1853897ce003c9a62b9e75706c7971cd2b45d1123799b1e9d5d9b9082f8c41f7c7ee5ada6eaef44ef475823c8566c6eab81aaf3849517f71e4c87f77f9323cd70c85f3cb9784716389b25176333b94d386fb8898b714f7f5bb273dd805395314b7d757121d43eddbb03df11e1414a66f25cd566f2e43b8f3afec4f1d477282ae095a411d823483ff2d10d786d5da8eb04233f36facf63fd5cb710a3cb47644b85b6ceb9ef45487851f918ab61420d39e38fe0e8f1f69f37185c7ca4a6a2df43d9475f35592a25371017fe52f28e5d55a60257fd5caa8ca3cc6b2a8723778dd3cb2a5362993638e50d59ad7ed2d1048b7b1b7c8a010090bfee1f3bc2b69dcdef7e632bd7507c167f766fce3aa9ddf785e17c8e2ef2f8917381c", 0x2000, &(0x7f0000003480)={&(0x7f0000000100)={0x50, 0x0, 0x0, {0x7, 0x2b, 0x6, 0x0, 0xa177, 0x3, 0xba, 0x2, 0x0, 0x0, 0x4, 0x3}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
umount2(&(0x7f0000000000)='./file0\x00', 0x9)

1.622468351s ago: executing program 2 (id=1027):
write$dsp(0xffffffffffffffff, &(0x7f0000000280), 0x0)
syz_open_dev$sndctrl(&(0x7f0000001440), 0xa, 0x290400)
r0 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65)
ioctl$SNDRV_PCM_IOCTL_REWIND(r0, 0x40084146, &(0x7f0000000040)=0x72b)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
socket$packet(0x11, 0x3, 0x300)
r1 = syz_open_dev$tty1(0xc, 0x4, 0x1)
r2 = dup(r1)
write$UHID_INPUT(r2, 0x0, 0x0)
syz_open_dev$evdev(0x0, 0x2, 0x3c9402)
ioctl$TIOCL_PASTESEL(r2, 0x541c, &(0x7f0000001100))
sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB="2000000011000100"/20, @ANYRES32], 0x20}}, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0x3c1, 0x3, 0x430, 0x250, 0x268, 0x300, 0x250, 0x268, 0x360, 0x460, 0x460, 0x360, 0x460, 0x9, 0x0, {[{{@uncond, 0x0, 0x228, 0x250, 0x0, {0x9401}, [@common=@inet=@hashlimit2={{0x150}, {'hsr0\x00', {0x0, 0x9, 0x24, 0x0, 0x0, 0x5, 0x9, 0x0, 0x18}}}, @common=@frag={{0x30}, {[0x2, 0x4], 0x8, 0x30, 0x4}}]}, @common=@unspec=@NFQUEUE2={0x28, 'NFQUEUE\x00', 0x2, {0x0, 0x2}}}, {{@ipv6={@private2, @mcast2, [], [], 'vlan0\x00', 'ipvlan0\x00'}, 0x0, 0xa8, 0x110}, @unspec=@CT1={0x68, 'CT\x00', 0x1, {0x1a, 0x0, 0x20000000, 0x0, 'netbios-ns\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x490)

1.559707432s ago: executing program 4 (id=1028):
r0 = openat$sequencer(0xffffffffffffff9c, &(0x7f0000000040), 0x8002, 0x0)
sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(0xffffffffffffffff, 0x0, 0x4)
r1 = syz_open_dev$vbi(&(0x7f0000000000), 0x2, 0x2)
ioctl$VIDIOC_S_CTRL(r1, 0xc008561c, &(0x7f0000000080)={0xf0f041})
close_range(r0, 0xffffffffffffffff, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)

1.556254991s ago: executing program 4 (id=1029):
syz_usb_connect$hid(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000000000020ac050f02220001828301090224000101000000090400000203010200092100050001220000090581", @ANYBLOB='#T'], 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x4, 0x0)
ioctl$EVIOCGABS0(r0, 0x80184540, 0x0)

1.546973561s ago: executing program 2 (id=1030):
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge_slave_0\x00', <r1=>0x0})
r2 = socket$netlink(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=ANY=[@ANYBLOB="3800000013002f0a25bd70000000000007006800", @ANYRES32=r1, @ANYBLOB="000900001020060018001a8009000100000000000800048004000480"], 0x38}}, 0x0)

1.463564273s ago: executing program 2 (id=1031):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_udplite(0x2, 0x2, 0x88)
r2 = openat2(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000140)={0x80100, 0x15e, 0x1}, 0x18)
syz_io_uring_setup(0x69e0, &(0x7f0000000240)={0x0, 0xc2af, 0x20, 0x3, 0x130, 0x0, r2}, &(0x7f0000000180), &(0x7f00000002c0))
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="60000000020601080000000000000000000000080900020073797a310000000005"], 0x60}}, 0x0)
setrlimit(0x0, &(0x7f0000000300)={0x0, 0x1})
r3 = openat$misdntimer(0xffffffffffffff9c, &(0x7f0000000000), 0x80000, 0x0)
ioctl$IMADDTIMER(r3, 0x80044940, &(0x7f0000000080)=0xf4240)
ioctl$IMDELTIMER(r3, 0x80044941, &(0x7f0000000040)=0x3)
r4 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r4, &(0x7f0000fe7000/0x18000)=nil, &(0x7f0000000040)=[@text16={0x10, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_SET_MSRS(r4, 0x4008ae89, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r5=>0x0})
bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@bloom_filter={0x1e, 0x35, 0x2, 0x9, 0x40300, 0x1, 0x3ebd3d6e, '\x00', r5, r2, 0x1, 0x3, 0x3, 0x2, @void, @value, @void, @value}, 0x50)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x2000, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
r6 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
migrate_pages(r6, 0x7, 0x0, 0x0)
r7 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r7, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYBLOB="440000001300290a000000000000000007000000", @ANYRES32=r5, @ANYBLOB="00000000000000001c001a800800028008000200080000003e120000080002001040e5"], 0x44}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@getchain={0x24, 0x11, 0x1, 0x2000000, 0x0, {0x0, 0x0, 0x0, r5, {}, {}, {0xfff3}}}, 0x24}}, 0x0)

1.251739515s ago: executing program 3 (id=1034):
r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x13d883, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
close(0xffffffffffffffff)
sendmsg$nl_route(r1, 0x0, 0x0)
r2 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000080)=0xe)
r3 = accept4$unix(0xffffffffffffffff, &(0x7f00000002c0)=@abs, 0x0, 0x80800)
ioctl$FS_IOC_GETVERSION(0xffffffffffffffff, 0x80087601, &(0x7f0000000440))
bind$unix(r3, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x1, 0x0, 0x0, 0x0, 0x58000000, 0x0, 0x0, 0x40f00, 0x48, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94)
r4 = openat$ppp(0xffffffffffffff9c, &(0x7f0000000040), 0xe0100, 0x0)
ioctl$EVIOCGPROP(r4, 0x40047438, &(0x7f0000000180)=""/246)
ioctl$PPPIOCSMRU1(r4, 0x40047452, &(0x7f0000000280))
r5 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r5, 0x4020ae46, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0xe8, 0x0, 0x0)
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/rcu_expedited', 0x0, 0x0)
add_key(&(0x7f0000000ac0)='asymmetric\x00', &(0x7f0000000b00)={'syz', 0x2}, &(0x7f0000000b40)="fc479c5868cc5f3be60ca131267200c06c823825055e14240e97093029f9654a25f0f3", 0x23, 0xffffffffffffffff)
eventfd(0x0)
syz_open_dev$vcsn(&(0x7f00000001c0), 0x1, 0x0)

1.227509985s ago: executing program 3 (id=1035):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000140), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x2, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000300)=[@text64={0x40, 0x0}], 0xffff, 0x0, 0x0, 0x0)
open(&(0x7f0000000000)='./file0\x00', 0x0, 0x0)
ioctl$BTRFS_IOC_RM_DEV(r2, 0x5000940b, &(0x7f0000000a80)={{r0}, "fad7b9428d93038f63c4dafa1da7e07527fe756bde6d960d81bfd34ba5cca803ad5bdebe227152d43a607faa0dc407fc189b0d7e7468ab55f146ff0337aed82849987da5e1ab963dda992d377e4eacce0e342581ab9962694df4a98aef6d7813fb8b796948ff95415e9d71a47ede207b1794f624b034487af5832e243034017f4f93e15abf71e2dc1e26f97de375b5a1f1a24f98467d2d07d33c06c55c3f89c8d5282a18faedb7595cdedc33c345c89deca5b925cf8467200094111705e71154b451ed8407d1c89255b27d9b243d3a333b099595c33db04682ac22a418c49f5c39a0918c015e8393d2cb7c20feb2c54c82b6387812412e3237e938369453e1e8030d49fcd1c91bf36f2422d1a72f49b31ec3889ebc0d28c929b0c6736f00b53b9ccfd3934a7d933a8202fd2bdb2a8b0d58d6180c1a69b7fb41255ce92795786d10a8c7d9e4f680517f4e34b1e8f884e81e09bd5ec5ecf38b7b8f1637afb0aee0e708c4074eec24e3141b9e12ced6b4beaedec6d55dbae69d5a63142b3e81997458d7151a84d0d7cd4ebd25d24f3d2a3b4c403ab707fe38aa61cab1b070d4730625f76dc37f201e8698204637fe62fe52ed11ae0d8f98f69d4f92762bcba03b8b42feeca7a9fa9300ca4759ff9d7e9162479f954b1316775fcbfc6640b91dd1cb976ceaf2f9f28040ecfdc0e28bb9705a1b985274c7d08bd96aacd6a00f865f3a22f86ef2ace146c4f40bb20798e0bc2db4ce62f0873c09a85e7892729489a7b9c8c9a2939812595942b1ca2d3260315bc723ac2edf24d88f0f49d586a8065817ad936dc8161e438eb5b845df96b2c9a56eb7535ee9e255f41def5d9e9720857fbfd84b4bf1c97c574f568933df8f25d6df5d74a374e4f9a6a2e76644df77da621a8c9ce947af8f20feda0e22ef467eb210665589823025c9144ec05d80276574d3cae61c639d3b12438e012ffe1ca3823b4b79185ce1896b7a41aa36a47776fade667af70c25d9543bc036f40aec1c521f39239cdbf2748883f86b89349ffee1f528f955bdf6f29686c57a49b66ebfc26ee604316f27f9547cf3c21c221581458246b04d627e29e8b846e099e5d8234ce0db1d3e77130147580622b8eeaa34707ea25369c250ce5f5adc14b7afcfbce3c25e5e65d04858dc056456e2f2d2bd6afb59afae8d63b7ab5b8b6ad3386d52dbcee60c7f0945517a77edeeda33789acdb3b7b3242704d6c51940c004cde1d3a342477607581a92a50716caf93495cbc1a6b2f1be20081f7ba8a013416e6b8433383299b752feabd1455bc336b868b38f5ad73f397f0381a51748ffa8550510837d9128ab095629b7a159c6b0dfadfd8a8bff53c80481c59d861954790c593524d8a53cd8b2f2c234b850ec7576a46074293453a86cb3c0c346a8cbbac65eda4a2130e00053f5a054603776ea1d2975e4badbaa83518dad9274c22ac17f20686f56315340e5581c787a2f71ab3a2063664bcc82c7380a13cc8eb106c036800c7b0f14ed667f39af9a5cc01dcdd5809b534fad505858508845d9c547e19c632cd8024ecd777e193c2258312b7a5998a875d33dd8b861500946852af487bbefa54e9b16a83b6131ac343eacb2558e759a9b6ce5db0f1ab173d457d144fd5a65f092e553e1d0e3f9972ec57d27bb48c78332c7a6fab0d5958c61898b3a5ae8810e2246ae36291cd5f79f9475e697c9da84d05cc8dc197485ad790d2a8da5400583dce8ffa3c8adfe276884ed5d33f0e7bc4fb1748e83884213c10ec673dbbbf55670da7fbdd6d8927cd41106064ce22cd2ae14084c439e8f07e4e261667507c0acb03033f30665dbf928d31ff9cf38f61a46d6d1286065bfad5839b0247c975673839f6f685ebaad9396c5f93b3a5f346202a40969ab5c72d0355fd609d33b9443093a53dfbf8052a405389ce269f71da8ae1fb39b30f6a701f56838ca11527de58850f17b4fcc6397614da8e2e331f06024f1ee7f6a8b2f910711526361244a585dfacb4bab57738d7938adb436cf17cfeceb95016e339aa5f2ba30515f289ba35118d32504f52710044e78666dd2834fc2d9fad35e2df29b10e0557ab4789c7dc718d2d03434062bb58fd824c13a0bc6298ed9bdc3d0cc79d008972fcc9f751af4824b2be0823313581cd2fd2b436f84b14719b93dd95a38941c11af5b51f3b0503f3db3569ac847a93ea9124622044b37b083fcf8882a788041289905296e1bf2eb12aadb5228f366a925269a20f7ca9db7f317d5117a70d93f90b402993a7f84328409bda0fdc6306dd5c126fdb179fde4e4d7314d2ee419c8635e62895f8dffdf73f38188121f7b24dae40531b6e43054d3b9b459df2f2613536819643e6b7038de55ffa43bc9edc72e2038e2bf9da70a4a24a3fce0b8673f7f8f5099fcf0d23ab90c7f8770bdfd23e6aaabf7d110768ff08c8754ff6d962e43ff215d78d2ebd882353490da27dabd92ab08291338eaacf3e1ebe6a7da8286d3d57e272b9eac7c70a9a1bd67fb3f4e3052779422a7e19b7cfb01760f949ce4562ce5ad5292cb607e42d513d1facd0903a87836d5c30c181b5728db474154d3cb4e524ba5e03336534ca9f6b093fd6d9e5b89ede5becc677996321d65e9022d1c00e2907767a51c75c9f0688e4e82e045dc972e6be8948c7fc8a84ca8e1a992d44ac8e7a962a931d8eb3d0c4756b838c1339758a4a563d108d35940366b582c48567b5ca539839fbd327361ed76f4204f8ec84ec6401079a189b271747129c3d0025ccc25c9d7fbea0aa4f6a0e5f10422e9866e42ab0f86d6e9022688652536eef7fd28dc5961670a4058eaec61ba3e11273111be9cc3da57edc16321e1382d20f4cf52827032b5f79e395e742113303b0aa595f7188a417ddfdc3b6259b56f9f8f7b133774bfb5c181f1288713e3144ac4ff69fc146cc633dc70c8aee1da2384b72115b49cdbdfe9508b2e06fcd02df78d895e12cf6f0cf4171c7570809b949c6bfbff07da4018935a186630be06d42a4844521428afbed6b3a34aa0226a948fa12e8bdfbb27d13fd5627093511f52a51a6dcd33e0122d2dd1736885c797e1d1c65c06739790767be42582349c147d52e377732742f176b79243edd2c6b585d5512702ce4a7395835e2ab038a5deff84f7ff0d4622aebcd31c58d2dbbaad54638473e5fb428b827a577215460489001af429b40d0dae3521be9a381913740ea72a8b707d2ed4a12f5791fc2d0ea9674d59d68ff02a7b7dda9b9a1917db6093bf8ba4a186c952434dfd664cf9607d9b194b874c24ad03b04148d6f1951d4127146b22783be7eceefc686c4bef899e6cce8ce1344e9e49cfc0d43633098983a40276b4b4fcbe4ce0b695d58471afcfcce714ff1da6e975bd1494d127fbcda25c0110f596e4e0882e01acc674446d2c6e3d08d8034eebd4432968b1aab2e825eba0f76612ae6617667ad6c823fb8234363d5bb341c440fe0a0cad018b6c36ca317e3473eedbcc5f6740a7fad23b55a6fb626d8093ea62d6f35d2babd391e138b24a4ddfa86fef5487a710289f2994f36e87fadd178a5e139455d398a8809e30d2569650ceee90ad6b68942087ae0e33c49c6f7952b08da8762be2c9066e56d27a69a926fc58c82565877e913bff08e0827c45f9e74c964f282d5023efb21e976b93177464a686150ef09a32c352505c534e467ce014fec144dbbdcc8e2d28b6bf619ddf63a48054406dfa33aa541cb9beafa70cabcd8600cabf93d138de261f6f5b63273691669e363e06bc583bdee1ed210179f2ab50a6bc0a727475551e90b0265e1e8ca02acabe93b596b7a782151d792a5679e21e730b7e964c38a49717d0a1385bbb1b0459916424133149720bf47ac38687178a8b351ae3f29bf4a6ea369c90f85f4f123416c8c09c3f25b133ddcdb71b1289821d81581b78ae66c075c535e30151ae1bd48e787b55cc45951c83b5ce097711df0764feab81f24d63940915c471479c24222bd5569201ac4c56577168b76c1f0684f981df516cf5ac5d4307ef2bf429d818c9809f6669f43b1eb160bdcb817154bc36cd8bd24cd6c75e037edab6fa0fe9a0f19b6dbaf99dd68f0318382ccf8d20fe2fdc08134a86b5b0794a534992751fca4ec726dfca985cc239bae2b04ce49416e07e14f752767d05f6584479b5da973fa22477be64fef48b5f3c07936c2be9fa8b92c9e8a0412a2718932edf53382efe2aa1531bbde87363fee5a15501a490c16d26354c0ffeeccf0d05705a6b68a0b88de1e15736092014273f7494474a24555e7e7a6b4e274a9dd4d534cac979a0e99758203f74309af7b221e925c592ad25e13c7907c1030fc79bb728bce4437047470cf97ebc48f45ef67695585caa73178057802a24e3e4fea0a55111275c738d2b09aa7e7a00e91be43ee507b6533c6c6e9d1848e708240d7547b08bb9121fc024caed12805a0a8bfb72f72c6787b760ccd3657328507050f8ad3e348597b38685ad6d44125266382dbf433a9628c548f89eea1691e92fc755502e4656d2faa2077ab1d749a3d2d0543cd5248db49cdb1a60f006ec8cb5b3ecfc1b6b38ed802a6885c6733dbdfbe9d6c0a0daacda38f9bdbd728bfae407e2be620cd8e66743c70073e38e87ede0daf00e7e6205bc0f5cc3ff5657ad559ad13a865d01357215e2e813153212d13d6817ff2badace7edac682ea459e30b476b98ea7ca540c9ec3f8a0550ab51340e04425e3eb0d36fcfa6612bfe947263322afb876ef4a86edf8adf41f4bf4fd617c2cc57c0639baa79f4e6468258e53b76ae51c83f37b6d128cbe4eaf3e58e7d24a7c24451289c991984bed04ce060e4ee13a0c0e43fc98baae2352366672075a6c8c26165aa538b1bac0765ffda39bfafaa401cea38646e418fc99704540acd08e128121bb0b8ab8e316f924cfdae1002d54e2ef3cf3477558d77881beaa3c31cb9cc2429eaf858ebaf06709910faf26d7433290a3250cca586c0e49c3d2456a6409da11259bc7b7e2345146a360404f3d7333487343d9dfbb2813bbeba56a1e1f90d421aca2d1e6ca075b1fcb5733df856fc45de7fe5dbe6174ebc4a6241576e46503a3f7e4ad18b5965c0525faa3d031b09b2b9aa1874285c874382359e93775a69701bb63fccc33d095aac42e79a74ec9700218add3c93114c0686f6897f3228cf3bee05ca63f709075df1b5e89e44c05feb00356c0de06190b84e09285443e58a361840e93da22a3ab64d8a4a0474466d13738c07c71847b6b2e47adb22db94e92524a08ca0dbb02de2e0eb5c2edb7e29d89ed5c2d76bb2fc5da5cd57b89bfd47465b5a57ebd72261ddfb443a141415670a59ae82acde715d73b4ab62602b9a347764a05a15159d25abfa2e26531efc90cce8692bb61d859ef6ecb4d9d6d44813085915e8d97916127241aa470b55cdf629ad52b7ad48d4253b2539726f26cf169c208a591ed4a3d4c0474446493a2da85d1226e58d988bcd484ed94d8b18f3298815be6627d1eb5bde9a2f8a3864b2e0c772502854afab501e8cbf1425028bebc3aece71cae8fc40f1606902d0ebcb124be02fcfb6a2810f580942e9f6a2871f9e9bd4a43bb3428c8e4cc16c5b7f3f6cf92bc0aec8c7826c2e759d6062c7409e2e770e3780bbff8e390bc9b551d12c5d295dda72b46cbf9a20c76f6881d69ec27a003b6edb5b2983483d06b246cc3cbd2c8524e601ce0d45c7441bb9e1dcd676ccb5ac3a9e59e6d65c4eee6b120b6bb71eafc80f9ca5de3529ff04fc2f3546"})
ioctl$KVM_RUN(r3, 0xae80, 0x0)
r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0)
r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x7)
syz_kvm_setup_cpu$x86(r6, r6, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000600)=[@text64={0x40, 0x0}], 0x1, 0x50, 0x0, 0x0)

1.104856667s ago: executing program 1 (id=1036):
renameat(0xffffffffffffffff, &(0x7f00000004c0)='./cgroup.net/devices.allow\x00', 0xffffffffffffffff, &(0x7f0000000500)='./cgroup.net/cgroup.procs\x00')
syz_open_dev$rtc(&(0x7f0000000000), 0x52, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$mptcp(0x0, 0xffffffffffffffff)
sendmsg$MPTCP_PM_CMD_ADD_ADDR(r0, 0x0, 0x0)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e0408240cf8"], 0x7)

1.015728758s ago: executing program 5 (id=1037):
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="040e"], 0x7)

939.748369ms ago: executing program 1 (id=1038):
mkdir(&(0x7f0000000040)='./file0\x00', 0x1e0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180), 0x0, 0x0)
chdir(&(0x7f0000000280)='./file0\x00')
mkdir(&(0x7f0000000340)='./file0\x00', 0x0)
mkdir(&(0x7f0000000040)='./file1\x00', 0x0)
mkdir(&(0x7f0000000000)='./bus\x00', 0x1)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f00000002c0)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}, {@volatile}]})

939.500739ms ago: executing program 4 (id=1039):
mkdir(&(0x7f00000020c0)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f00000004c0)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000280)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x0, 0x0)
r1 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0)
mknodat$loop(r0, &(0x7f0000001640)='./file1\x00', 0x0, 0x0)
chdir(&(0x7f0000000140)='./bus\x00')
mkdir(&(0x7f0000000140)='./file1\x00', 0xd3)
linkat(r0, &(0x7f0000000100)='./file1\x00', r1, &(0x7f0000000240)='./file0\x00', 0x0)
mount$9p_fd(0x0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0, 0x0)

939.069219ms ago: executing program 3 (id=1040):
socket$inet6_tcp(0xa, 0x1, 0x0)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000000)='./file0\x00', 0x10008, &(0x7f0000000580)=ANY=[@ANYRES32=0x0, @ANYRES64, @ANYRES8, @ANYRESHEX], 0x1, 0x29f, &(0x7f0000000100)="$eJzs3EtrO1UUAPAzTfrvQyRdCEURHHHjKrQVF+5apIIYUJQgiguLjSiZWmihkCz62Cj4EUTxG+jSreBC3LjwC4ggVXDjUkSI5DE1TSdJVdKg/99vM5c799xz5tFOGab3zUcPmvuHK9GXRDmJ7fg9Yi0WohQAwP/Rb51O/Nrpm3ctAMDdGP/8X5lXSQDAjBU//8ujw17qb87usjQAYEb+3ft/7wgA4L/olddef2GnVtt9OU2XIw4+OKmf1Hvb/NH+drwbWTRiIyrxR0TnSr/93PO13Y2066e1qB+cDeLPTur9rwd38vjNqMRaUXyyu5n2XYtfXIzVQfz3q9GIrajEQ8X5t4ri6/fiySeG8lejEt+9FYeRxX50Y/+KP91M02dfrKVRjqH4pd64nuI/c3wvAQAAAAAAAAAAAAAAAAAAAADAP1btrZzzQKRpWrh+T7Wa5kb29+N3xq8PtHx9faDR9XnK8ciNZYYBAAAAAAAAAAAAAAAAAADg/nTcajf3sqxxNKnx3jeffRUxeUzr8tvzV6fM02o3k0He6Uln3Xjw8R8/Hj/mIpl+fpIpKUqDOf5mYV8+NtLzRql4noXhnuT8FimWB2d/ehmlKaV+ffnOw08drz99c1eeo9dz1RgJX5rBNV2cdGv9UokojLoYM+GHH43PlXYvxlXP591GftR3fhvnRz3081U8eP2T7b0vTn/4+bYzz/xXDwAAAAAAAAAAAAAAAAAAMKL3b+S38v4zs64FAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAObluNVu7mVZ41602p9GljWO8p5JjSQi8p6FwUzjo+Z8iAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEH8GAAD//ydbe88=")
pipe2(&(0x7f00000000c0), 0x880)
openat$random(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
r0 = socket(0x80000000000000a, 0x2, 0x0)
r1 = socket$inet(0x2, 0x4000000000000001, 0x0)
sendto$inet(r1, 0x0, 0x0, 0x200007fd, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r5 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
read$FUSE(r5, &(0x7f00000024c0)={0x2020}, 0x2020)
lseek(r5, 0xfffffffffffffff5, 0x1)
socket$pppl2tp(0x18, 0x1, 0x1)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFMTU(r0, 0x8922, 0x0)
close(r0)

925.030999ms ago: executing program 5 (id=1041):
r0 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2)
ioctl$vim2m_VIDIOC_G_FMT(r0, 0xc0285629, &(0x7f0000000080)={0x3, @win={{0x6}, 0x7, 0x0, &(0x7f0000000040), 0x0, 0x0}})

887.98858ms ago: executing program 2 (id=1042):
syz_mount_image$erofs(&(0x7f0000000180), &(0x7f0000000400)='./file3\x00', 0x210048, &(0x7f00000003c0)=ANY=[], 0xfd, 0x1d1, &(0x7f0000000440)="$eJzslj2v0lAYx//nlBQwGhNHFwdJ1MHSFjUuJLI4OZj4QhxMJFIJUsRAByEx6Cdwd3Nw9wuY6OqHMOiiC04615yXliOhCNwL3OQ+v4Sn/1POy9PnNP9TEARxbPn+7c8k/l39UQBwEiXk9f2f1qwPN/p/Lfx6+fnWzfqbh++/5CdOcdGccbz6+jkAn2oWonTsv6NL+noXPNX3wHFJ6zoYHK0fgeO+1gEYHmj91NA90d9xnrTDwHncC5tCuCJ4IvgiVObzm75maBr5MeP/wXDUaYRh0N+i+F/9pjWOqpGfuV8OVLauUT8PHJ7WFTDc0fo68kltVEmM5z+bm81vLX1+G9uuiEhljVFnTmVulQ1gszQAdlh7j1f6ld3mO5QhLEiR7OiOV9+BQO5IpLGG2GQvPt5QY5I78Vi1ZZ/TGRPG4xWXsLFR5VN/it8xXDD8SVnJW3nUlKPu8/JgOLrc7jZaQSt45vuVa+4V173ql6URqbjE/4rSn07M5l94JglsZuNFI4r6nopp21dxkeNy6X8cF8+rtnBTe27egqGZ/nF5ld7b+ZCZPUEQxP44ByY9WfpyIvRpAuNb9/YecyQIgiAIgiAIgiAI4mD8DQAA//80kEvd")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
getrlimit(0xd, &(0x7f0000000300))
bpf$BPF_BTF_GET_NEXT_ID(0x17, &(0x7f0000000040)={0x4, <r3=>0x0}, 0x8)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2500000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0x0, 0xfffffffffffffde8, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='module_request\x00', r4}, 0x10)
socketpair(0x0, 0x0, 0x0, &(0x7f00000006c0))
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90)
keyctl$session_to_parent(0x12)

799.687741ms ago: executing program 1 (id=1043):
mknodat$null(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0, 0x103)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000002540)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002380)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x2000}})
llistxattr(0x0, 0x0, 0x0)
r1 = open_tree(0xffffffffffffff9c, 0x0, 0x89901)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r3 = getpid()
lchown(&(0x7f00000006c0)='./file1\x00', 0x0, 0x0)
lchown(&(0x7f0000000500)='./file0\x00', 0x0, 0x0)
epoll_create(0xbe)
accept$unix(r1, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r4 = syz_pidfd_open(r3, 0x0)
setns(r4, 0x24020000)
close_range(r2, 0xffffffffffffffff, 0x0)
write$cgroup_pressure(0xffffffffffffffff, &(0x7f0000000080)={'some', 0x20, 0x56, 0x20, 0xe}, 0x19)

799.39741ms ago: executing program 5 (id=1044):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x400, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2)
ioctl$KVM_SET_SIGNAL_MASK(r2, 0x4004ae8b, 0x0)

799.22829ms ago: executing program 4 (id=1045):
mkdir(&(0x7f0000000580)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000400)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
chdir(&(0x7f0000000140)='./bus\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1/file4\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1/file4/file6\x00', 0x1c0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file1/file4/file7\x00', 0x1c0)
renameat2(0xffffffffffffff9c, &(0x7f0000000580)='./file1/file4/file6\x00', 0xffffffffffffff9c, &(0x7f00000005c0)='./file1/file4/file7/file6\x00', 0x0)

768.079701ms ago: executing program 5 (id=1046):
r0 = creat(&(0x7f0000000580)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r1 = fanotify_init(0xf00, 0x0)
fanotify_mark(r1, 0x105, 0x40009975, r0, 0x0)
r2 = syz_open_procfs(0x0, &(0x7f0000000040)='fdinfo/4\x00')
pread64(r2, &(0x7f000001a240)=""/102400, 0x19000, 0x80000000000000)

652.703262ms ago: executing program 5 (id=1047):
ioctl$sock_ax25_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f00000000c0)={@default, @default, 0x0, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @null, @bcast, @bcast]})
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0xa0042, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
r2 = dup(r1)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000840)={0x1fe, 0x2, 0x2000, 0x1000, &(0x7f0000003000/0x1000)=nil})
add_key$keyring(&(0x7f0000000040), 0x0, 0x0, 0x0, 0xfffffffffffffffe)
r3 = ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x2)
syz_kvm_setup_cpu$x86(r1, r3, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000200)=[@text64={0x40, 0x0}], 0x1, 0x0, 0x0, 0x0)
ioctl$KVM_RUN(r3, 0xae80, 0x0)

579.644363ms ago: executing program 5 (id=1048):
syz_mount_image$ext4(&(0x7f0000001140)='ext4\x00', &(0x7f00000007c0)='./file1\x00', 0x410c84, &(0x7f0000000340), 0x1, 0x775, &(0x7f0000001180)="$eJzs3c9rXNUeAPDvnSRNm/a95MGD9+oqIGigdGJqbBVcVFyIYKGga9thMg01k0zJTEoTAlpEcCOouBB007U/6s6tP7b6X7gQS9W0WHEhkTu5t502M2mSJpnqfD5wM+fceyfnfOf+OGfmHu4NoGeNpn8KEYcj4t0kYjibn0TEQDPVH3Fybb1bK8vldEpidfXlX5LmOjdXlsvR8p7UwSzz/4j45q2II4X15dYXl2ZK1WplPsuPN2YvjNcXl46eny1NV6Yrc8cnJiePnXjqxPGdi/W375cOXXvvhcc/P/nHm/+7+s63SZyMQ9my1jh2ymiMZp/JQPoR3uX5nS6sy5JuV4BtSQ/NvrWjPA7HcPQ1UwDAP9nrEbEKAPSYRPsPAD0m/x3g5spyOZ+6+4vE3rr+XETsX4s/v765tqQ/u2a3v3kddOhmcteVkSQiRnag/NGI+PjLVz9Np9il65AA7bxxOSLOjoyuP/8n68YsbNUTGyzbl72O3jPf+Q/2zldp/+fpdv2/wu3+T7Tp/wy2OXa3477H/4EdKGQDaf/v2Zaxbbda4s+M9GW5fzX7fAPJufPVSnpu+3dEjMXAYJqf2KCMsRt/3ui0rLX/9+v7r32Slp++3lmj8FP/4N3vmSo1Sg8Sc6vrlyMe6W8Xf3J7+ycd+r+nN1nGi8+8/VGnZWn8abz5tD7+yEYn7Y7VKxGPtd3+d0a0JRuOTxxv7g7j+U7Rxhc/fDjUqfzW7Z9Oafn5d4G9kG7/oY3jH0lax2vWt17Gd1eGv+607P7xt9//9yWvNNN5P+JSqdGYn4jYl7y0fv6xO+/N8/n6afxjj7Y//jfa/9PvhGc3GX//tZ8/2378uyuNf2pL23/riau3Zvo6lb+57T/ZTI1lczZz/ttsBR/kswMAAAAAAAAAAAAAAAAAAAAAAACAzSpExKFICsXb6UKhWFx7hvd/Y6hQrdUbR87VFuamovms7JEYKOS3uhxuuR/qRHY//Dx/7J78kxHxn4j4YPBAkt9HcarLsQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA7mCH5/+nfhzsdu0AgF2zv9sVAAD2nPYfAHqP9h8Aeo/2HwB6j/YfAHqP9h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIBddvrUqXRa/X1luZzmpy4uLszULh6dqtRnirML5WK5Nn+hOF2rTVcrxXJt9n7/r1qrXZiMuYVL441KvTFeX1w6M1tbmGucOT9bmq6cqQzsSVQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAsDX1xaWZUrVamZfYRmL14ahG9xN92e70sNRnTxPJw1GNHU50+cQEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8DfxVwAAAP//02Ii/w==")
ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0)
r0 = open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x88882, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
socket$inet_udplite(0x2, 0x2, 0x88)
ioprio_set$uid(0x3, 0x0, 0x6000)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file0\x00', 0x1c917, &(0x7f0000000480)={[{@bsdgroups}, {@noblock_validity}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x4000}}, {@max_batch_time={'max_batch_time', 0x3d, 0xe1}}, {@block_validity}, {@auto_da_alloc_val={'auto_da_alloc', 0x3d, 0x2}}, {@acl}, {@noinit_itable}, {@journal_dev={'journal_dev', 0x3d, 0x7}, 0x32}]}, 0x9b, 0x4f2, &(0x7f0000000a40)="$eJzs3V1rHNcZAOB3Rlp/ypVMe+Ea6praRXJb70pWbYteuB+U9srQ1r2urUorIbTSCu3KtoRpZfoDCqW0hUKhV7kJ5AcEgn9CCBiS+5CEhJDYyYUvEm/YL3/Iu5KMV1qhfR4YzTlnZvSed5ed3TMzzATQs05HxJmIeFypVM5FxGCjPW1MP6pW1uvrPXxwZ6o6JVGpXPssiUjqbdVVRp75n0frm8ShiPjDbyP+nLwYt7S6Nj9ZKOSXG/VceWEpV1pdOz+3MDmbn80vjo+PXZq4PHFxYrQjeQ5ExJVff/Svv7/2mytv/eTW+9c/GflL0miPeJpHp9VTz9Rei6b+iFjeiWBd0NfIJ9NsaPFeAwCwdzR/5/8gIs7FYPTVfs0BAAAA+0nl5wPxVRJRAQAAAPattHYNbJJmG9cBDESaZrP1a3i/E0fSQrFU/vFMcWVxun6t7FBk0pm5Qn60ca3wUGSSan2sVn5av7ChPh4RxyPin4OHa/XsVLEw3e2DHwAAANAjjm4Y/385WB//AwAAAPvMULc7AAAAAOw4438AAADY/4z/AQAAYF/73dWr1anSfP719M3VlfnizfPT+dJ8dmFlKjtVXF7KzhaLs7V79i1s9f8KxeLST2Nx5XaunC+Vc6XVtesLxZXF8vW55x6BDQAAAOyi49+/914SEes/O1ybqg50u1PAruh/mZU/3Ll+ALuvr9sdALrmpb7/gX0l0+0OAF2XRMT/Nlne9uKdt3emPwAAQOcNf7f1+f9ky2MD6+kudRHYIY7/Qe9y/h96l/P/0Lsy0RcG8tDbki2Wv/r5/0rlpToEAAB03EBtStJsRO04wECkaTYbcaz2WIBMMjNXyI9GxLci4t3BzMFqfay2ZbLlmAEAAAAAAAAAAAAAAAAAAAAAAAAAqKtUkqgAAAAA+1pE+nHSeP7X8ODZgY3HBw4kjwZr84i49d9r/749WS4vj1XbP3/SXv5Po/1CN45gAAAAABs1x+nNcTwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAdNLDB3emmtNuxv30lxEx1Cp+fxyqzQ9FJiKOfJFE/zPbJRHR14H463cj4ld/ahE/qXYrhhq9aBX/cKfin2iV/+bx04g42oH40MvuVfc/v2j1+UvjdG2+8fN38Mm2/R2I337/lz7Z//W12f8c22aMk/ffyLWNfzfiZH/r/U8zftIm/pltxr/xx7W1dssq/48Ybvn9kzwXK1deWMqVVtfOzy1MzuZn84vj42OXJi5PXJwYzc3MFfKNvy1j/ON7bz7eLP8jbeIPbZH/2W3m//X92w++XS9mWsUfOdP6/T/RJn7a+O77YaNcXT7cLK/Xy8869fo7pzbLf7pN/lu9/yPbzP/c7//2wTZXBQB2QWl1bX6yUMgv93ThlV6N6s+iPZGFwlaFSmPw1mz5617p2B4sND8Tj7qzYwIAADruxTHwdtzYuQ4BAAAAAAAAAAAAAAAAAABAD+rMPcOa98Te/O56Tev12Qv3QgYAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6KZvAgAA//9F0tDB")
syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0)
fallocate(r0, 0x0, 0x0, 0x1001f0)
r4 = open(&(0x7f0000000040)='./bus\x00', 0x145142, 0x0)
sendfile(r4, r4, 0x0, 0x800000009)

341.826657ms ago: executing program 1 (id=1049):
mkdir(&(0x7f0000001c00)='./file0\x00', 0x8)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB='dyn'])
chdir(&(0x7f0000000340)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000280)='.\x00', 0x8000, 0x1f7)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x201, 0x4800003e, r0, 0x0)

314.966317ms ago: executing program 4 (id=1050):
connect$inet6(0xffffffffffffffff, &(0x7f0000000480)={0xa, 0xfffe, 0x3, @loopback, 0x5}, 0x1c)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0xffffffffffffffba)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000002fc0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a000000000000000000000002001000000000000000000008"], 0x24}}, 0x0)
syz_emit_vhci(&(0x7f0000000000)=ANY=[@ANYBLOB="043e1a0d"], 0x1d)
r0 = socket$inet6(0xa, 0x3, 0x1)
setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, 0x0, 0x0)

0s ago: executing program 2 (id=1051):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='kmem_cache_free\x00', r0}, 0x10)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c)
listen(r1, 0x7d)
shutdown(r1, 0x0)
syz_emit_ethernet(0x4a, &(0x7f0000000280)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, "8a9646", 0x14, 0x6, 0x0, @empty, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x1, 0x0, 0x0, 0xffff}}}}}}}, 0x0)

kernel console output (not intermixed with test programs):

(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   67.316622][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   67.332904][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   67.342619][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   67.371802][ T4172] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   67.383761][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   67.392208][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   67.400873][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.411109][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.419340][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.430135][ T4175] device veth0_vlan entered promiscuous mode
[   67.440967][ T4177] device veth0_macvtap entered promiscuous mode
[   67.473803][ T4168] device veth0_macvtap entered promiscuous mode
[   67.490964][ T4175] device veth1_vlan entered promiscuous mode
[   67.508916][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   67.517182][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   67.526435][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   67.535872][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   67.544389][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   67.553751][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   67.563041][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   67.577858][ T4168] device veth1_macvtap entered promiscuous mode
[   67.600870][ T4177] device veth1_macvtap entered promiscuous mode
[   67.630326][ T4168] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.644198][ T4169] device veth0_vlan entered promiscuous mode
[   67.661690][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   67.673000][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   67.681728][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   67.690302][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   67.699412][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   67.708719][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   67.717328][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   67.726251][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   67.734124][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   67.746783][ T4168] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.779644][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   67.791644][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.803406][ T4177] batman_adv: batadv0: Interface activated: batadv_slave_0
[   67.812312][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   67.821539][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   67.830325][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   67.838256][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   67.847716][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   67.856738][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   67.866335][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   67.875159][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   67.887914][ T4175] device veth0_macvtap entered promiscuous mode
[   67.899491][ T4175] device veth1_macvtap entered promiscuous mode
[   67.912480][ T4172] 8021q: adding VLAN 0 to HW filter on device batadv0
[   67.926525][ T4177] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   67.938441][ T4177] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   67.951871][ T4177] batman_adv: batadv0: Interface activated: batadv_slave_1
[   67.962555][ T4168] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   67.971933][ T4168] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   67.981080][ T4168] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   67.990362][ T4168] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.002447][ T4169] device veth1_vlan entered promiscuous mode
[   68.025808][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   68.033901][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   68.042401][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   68.051458][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   68.059990][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   68.068974][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   68.079623][ T4177] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.090032][ T4177] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.099582][ T4177] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.108659][ T4177] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.159416][ T4175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.178679][ T4175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.189010][ T4175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.199801][ T4175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.211140][ T4175] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.233256][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   68.242121][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   68.284524][ T4175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.295925][ T4175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.306334][ T4175] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.317087][ T4175] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.329384][ T4175] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.352650][ T4169] device veth0_macvtap entered promiscuous mode
[   68.362180][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   68.371353][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   68.380394][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   68.389483][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   68.399427][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   68.408414][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   68.428903][ T4175] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   68.438737][ T4175] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   68.448079][ T4175] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   68.457661][ T4175] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   68.493010][ T4169] device veth1_macvtap entered promiscuous mode
[   68.504641][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   68.513128][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   68.537212][  T144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.556212][  T144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.568072][ T4218] Bluetooth: hci3: command 0x040f tx timeout
[   68.574198][ T4218] Bluetooth: hci2: command 0x040f tx timeout
[   68.584929][ T4218] Bluetooth: hci0: command 0x040f tx timeout
[   68.591033][ T4218] Bluetooth: hci1: command 0x040f tx timeout
[   68.597480][ T4218] Bluetooth: hci4: command 0x040f tx timeout
[   68.611795][ T4172] device veth0_vlan entered promiscuous mode
[   68.629963][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   68.640345][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   68.649975][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   68.659809][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   68.668573][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   68.692357][ T3054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.713180][ T3054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.719428][ T4172] device veth1_vlan entered promiscuous mode
[   68.735595][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.747052][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.757344][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.770786][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.781004][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   68.793222][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.806820][ T4169] batman_adv: batadv0: Interface activated: batadv_slave_0
[   68.820185][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   68.832579][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   68.841874][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   68.851058][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   68.869918][ T3054] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.883348][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.898620][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.899753][ T3054] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.909005][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.927471][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.937669][ T4169] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   68.948460][ T4169] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   68.960109][ T4169] batman_adv: batadv0: Interface activated: batadv_slave_1
[   68.977359][ T3054] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   68.989996][ T3054] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   68.999458][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   69.009982][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.019187][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   69.028085][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.038172][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   69.049727][ T4169] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.058704][ T4169] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.068597][ T4169] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.077655][ T4169] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.106362][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   69.116323][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   69.144908][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.169954][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.183633][ T4172] device veth0_macvtap entered promiscuous mode
[   69.227338][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.246696][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   69.258364][ T4172] device veth1_macvtap entered promiscuous mode
[   69.293123][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.307553][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.317895][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.328671][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.338840][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.350727][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.360647][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   69.371826][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.383243][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_0
[   69.410567][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.419201][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   69.425815][    T9] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.435075][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.447859][    T9] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.455848][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   69.461782][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   69.472999][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   69.491681][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   69.503806][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.521007][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.536731][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.554177][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.564263][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.581674][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.612336][ T4172] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   69.640827][ T4172] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   69.652841][ T4172] batman_adv: batadv0: Interface activated: batadv_slave_1
[   69.695488][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   69.704516][ T3054] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   69.742302][ T4172] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   69.751592][ T4172] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   69.760879][ T4172] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   69.771986][ T4172] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   69.852228][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   69.861502][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   69.893448][  T154] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   70.092000][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.138599][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.263390][ T1173] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   70.291020][ T1173] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   70.323853][ T1173] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   70.392543][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   70.656019][ T4245] Bluetooth: hci4: command 0x0419 tx timeout
[   70.669614][ T4245] Bluetooth: hci1: command 0x0419 tx timeout
[   70.704936][ T4245] Bluetooth: hci0: command 0x0419 tx timeout
[   70.718072][ T4245] Bluetooth: hci2: command 0x0419 tx timeout
[   70.746841][ T4245] Bluetooth: hci3: command 0x0419 tx timeout
[   71.292177][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[   71.299037][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[   71.791538][ T4317] device syzkaller0 entered promiscuous mode
[   77.863288][ T4480] loop1: detected capacity change from 0 to 8192
[   77.863295][ T4478] loop3: detected capacity change from 0 to 8192
[   77.968725][ T4478]  loop3: p1 < > p3 < p5 > p4
[   77.982647][   T26] audit: type=1800 audit(1745510804.460:2): pid=4480 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.100" name="file1" dev="loop1" ino=1048590 res=0 errno=0
[   78.032859][ T4478] loop3: partition table partially beyond EOD, truncated
[   78.069510][ T4478] loop3: p1 start 4294967040 is beyond EOD, truncated
[   78.642770][ T4499] loop3: detected capacity change from 0 to 2048
[   78.722077][ T4499] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   79.166404][ T4499] UDF-fs: bad mount option "noadi/dev/kvm" or missing value
[   79.654303][ T4510] loop3: detected capacity change from 0 to 16
[   79.690647][ T4512] loop0: detected capacity change from 0 to 512
[   79.785451][ T4510] =======================================================
[   79.785451][ T4510] WARNING: The mand mount option has been deprecated and
[   79.785451][ T4510]          and is ignored by this kernel. Remove the mand
[   79.785451][ T4510]          option from the mount to silence this warning.
[   79.785451][ T4510] =======================================================
[   79.828260][ T4512] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   79.978319][ T4516] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[   80.594281][ T4510] erofs: (device loop3): mounted with root inode @ nid 36.
[   81.090262][ T4512] EXT4-fs error (device loop0): ext4_do_update_inode:5174: inode #16: comm syz.0.112: corrupted inode contents
[   81.142941][ T4512] EXT4-fs error (device loop0): ext4_dirty_inode:6010: inode #16: comm syz.0.112: mark_inode_dirty error
[   81.205288][ T4512] EXT4-fs error (device loop0): ext4_do_update_inode:5174: inode #16: comm syz.0.112: corrupted inode contents
[   81.253145][ T4512] EXT4-fs error (device loop0): __ext4_ext_dirty:183: inode #16: comm syz.0.112: mark_inode_dirty error
[   81.358818][ T4512] EXT4-fs error (device loop0): ext4_do_update_inode:5174: inode #16: comm syz.0.112: corrupted inode contents
[   81.382759][ T4542] loop4: detected capacity change from 0 to 512
[   81.518438][ T4512] EXT4-fs error (device loop0) in ext4_orphan_del:305: Corrupt filesystem
[   81.538528][ T1108] cfg80211: failed to load regulatory.db
[   81.567537][ T4542] EXT4-fs (loop4): mounted filesystem without journal. Opts: data_err=ignore,,errors=continue. Quota mode: writeback.
[   81.639115][ T4512] EXT4-fs error (device loop0): ext4_do_update_inode:5174: inode #16: comm syz.0.112: corrupted inode contents
[   81.654886][ T4218] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   81.655657][ T4542] ext4 filesystem being mounted at /26/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   81.726187][ T4512] EXT4-fs error (device loop0): ext4_truncate:4272: inode #16: comm syz.0.112: mark_inode_dirty error
[   81.745913][ T4512] EXT4-fs error (device loop0) in ext4_process_orphan:347: Corrupt filesystem
[   81.768875][ T4512] EXT4-fs (loop0): 1 truncate cleaned up
[   81.774657][ T4512] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   81.875098][ T4512] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[   82.051435][ T4218] usb 2-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[   82.094770][ T4218] usb 2-1: config 1 has 1 interface, different from the descriptor's value: 2
[   82.103681][ T4218] usb 2-1: config 1 has no interface number 0
[   82.160881][ T4218] usb 2-1: config 1 interface 1 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   82.202094][ T4218] usb 2-1: Duplicate descriptor for config 1 interface 1 altsetting 0, skipping
[   82.243166][ T4555] loop2: detected capacity change from 0 to 256
[   82.303906][ T4558] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   82.635085][ T4218] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   82.651059][ T4218] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   82.669466][ T4566] loop0: detected capacity change from 0 to 512
[   82.678031][ T4218] usb 2-1: Product: syz
[   82.686823][ T4218] usb 2-1: Manufacturer: syz
[   82.698711][ T4218] usb 2-1: SerialNumber: syz
[   82.980344][ T4566] EXT4-fs (loop0): Test dummy encryption mode enabled
[   83.028257][ T4576] device bridge1 entered promiscuous mode
[   83.037783][ T4566] EXT4-fs (loop0): Test dummy encryption mode enabled
[   83.214805][   T13] usb 3-1: new full-speed USB device number 2 using dummy_hcd
[   83.227064][ T4581] loop3: detected capacity change from 0 to 16
[   83.231136][ T4537] loop1: detected capacity change from 0 to 512
[   83.240733][ T4566] EXT4-fs error (device loop0): ext4_find_inline_data_nolock:163: inode #12: comm syz.0.125: inline data xattr refers to an external xattr inode
[   83.308352][ T4581] erofs: (device loop3): mounted with root inode @ nid 36.
[   83.325234][ T4566] EXT4-fs (loop0): Remounting filesystem read-only
[   83.342151][ T4566] EXT4-fs error (device loop0): ext4_orphan_get:1406: comm syz.0.125: couldn't read orphan inode 12 (err -117)
[   83.455705][ T4537] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   83.528592][ T4537] ext4 filesystem being mounted at /20/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   83.545217][ T4566] EXT4-fs (loop0): Remounting filesystem read-only
[   83.575243][ T4566] EXT4-fs (loop0): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable=0x0000000000000000,minixdf,sysvgroups,prjquota,stripe=0x00000000000093a4,barrier=0x000000000000000b,errors=remount-ro,auto_da_alloc,test_dummy_encryption,. Quota mode: writeback.
[   83.602011][   T13] usb 3-1: not running at top speed; connect to a high speed hub
[   83.670373][ T4566] EXT4-fs error (device loop0): htree_dirblock_to_tree:1083: inode #2: comm syz.0.125: Directory hole found for htree leaf block 0
[   83.685796][   T13] usb 3-1: config 95 has an invalid interface number: 1 but max is 0
[   83.700009][   T13] usb 3-1: config 95 has no interface number 0
[   83.706826][   T13] usb 3-1: config 95 interface 1 has no altsetting 0
[   83.722406][ T4566] EXT4-fs (loop0): Remounting filesystem read-only
[   83.875360][ T4587] loop0: detected capacity change from 0 to 256
[   83.885500][   T13] usb 3-1: New USB device found, idVendor=0763, idProduct=2031, bcdDevice=ad.3f
[   83.898969][   T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   83.916648][   T13] usb 3-1: Product: syz
[   83.926244][   T13] usb 3-1: Manufacturer: syz
[   83.947522][   T13] usb 3-1: SerialNumber: syz
[   83.964915][ T4587] FAT-fs (loop0): Directory bread(block 64) failed
[   83.971816][ T4587] FAT-fs (loop0): Directory bread(block 65) failed
[   83.994921][ T4587] FAT-fs (loop0): Directory bread(block 66) failed
[   84.011801][ T4587] FAT-fs (loop0): Directory bread(block 67) failed
[   84.024937][ T4587] FAT-fs (loop0): Directory bread(block 68) failed
[   84.035057][ T4218] cdc_ncm 2-1:1.1: SET_NTB_FORMAT failed
[   84.054503][ T4587] FAT-fs (loop0): Directory bread(block 69) failed
[   84.064779][ T4587] FAT-fs (loop0): Directory bread(block 70) failed
[   84.071362][ T4587] FAT-fs (loop0): Directory bread(block 71) failed
[   84.078572][ T4218] cdc_ncm 2-1:1.1: bind() failure
[   84.100012][ T4218] usb 2-1: USB disconnect, device number 2
[   84.130872][ T4587] FAT-fs (loop0): Directory bread(block 72) failed
[   84.142933][ T4587] FAT-fs (loop0): Directory bread(block 73) failed
[   84.489554][ T4593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.133'.
[   84.529239][ T4593] netlink: 12 bytes leftover after parsing attributes in process `syz.0.133'.
[   84.554952][   T13] usb 3-1: USB disconnect, device number 2
[   85.043967][ T4610] loop4: detected capacity change from 0 to 1024
[   85.066167][ T4614] loop2: detected capacity change from 0 to 16
[   85.101492][ T4614] erofs: (device loop2): mounted with root inode @ nid 36.
[   85.116276][ T4610] EXT4-fs error (device loop4): ext4_read_block_bitmap_nowait:476: comm syz.4.139: Invalid block bitmap block 0 in block_group 0
[   85.139399][ T4610] Quota error (device loop4): write_blk: dquota write failed
[   85.151589][ T4610] Quota error (device loop4): qtree_write_dquot: Error -117 occurred while creating quota
[   85.211367][ T4610] EXT4-fs error (device loop4): ext4_acquire_dquot:6204: comm syz.4.139: Failed to acquire dquot type 0
[   85.233655][ T4610] EXT4-fs error (device loop4): ext4_free_blocks:6223: comm syz.4.139: Freeing blocks not in datazone - block = 0, count = 4096
[   85.259725][ T4610] EXT4-fs error (device loop4): ext4_read_inode_bitmap:140: comm syz.4.139: Invalid inode bitmap blk 0 in block_group 0
[   85.283012][ T4444] Quota error (device loop4): remove_tree: Getting block too big (0 >= 9)
[   85.301645][ T4444] EXT4-fs error (device loop4): ext4_release_dquot:6227: comm kworker/u4:10: Failed to release dquot type 0
[   85.310277][ T4610] EXT4-fs error (device loop4) in ext4_free_inode:362: Corrupt filesystem
[   85.369466][ T4610] EXT4-fs (loop4): 1 orphan inode deleted
[   85.383283][ T4610] EXT4-fs (loop4): mounted filesystem without journal. Opts: €�; ,errors=continue. Quota mode: writeback.
[   85.451992][ T4610] EXT4-fs error (device loop4): ext4_lookup:1858: inode #16: comm syz.4.139: iget: bad extra_isize 65535 (inode size 256)
[   85.456106][ T4620] loop3: detected capacity change from 0 to 8
[   85.485466][ T4610] syz.4.139 (4610) used greatest stack depth: 19024 bytes left
[   85.692743][ T4626] loop3: detected capacity change from 0 to 512
[   85.793422][ T4626] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[   85.820005][ T4626] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[   85.862401][ T4626] EXT4-fs (loop3): warning: checktime reached, running e2fsck is recommended
[   85.908709][ T4626] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[   85.923481][ T4626] System zones: 0-2, 18-18, 34-34
[   85.945634][ T4626] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[   85.994261][ T4626] EXT4-fs (loop3): 1 truncate cleaned up
[   86.001854][ T4626] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x000000000000a04d,errors=continue,,errors=continue. Quota mode: none.
[   86.547721][   T26] audit: type=1800 audit(1745510813.030:3): pid=4626 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.144" name="file1" dev="loop3" ino=15 res=0 errno=0
[   87.221005][ T4652] loop2: detected capacity change from 0 to 40427
[   87.788064][ T4652] F2FS-fs (loop2): invalid crc value
[   87.844127][ T4652] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   88.168316][ T4652] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   88.178276][ T4652] F2FS-fs (loop2): Start checkpoint disabled!
[   88.234386][ T4652] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   88.253720][ T4666] loop4: detected capacity change from 0 to 16
[   88.608020][ T4666] erofs: (device loop4): mounted with root inode @ nid 36.
[   88.869274][ T4674] loop1: detected capacity change from 0 to 2048
[   88.969683][ T4674] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_lock,usrjquota=,quota,norecovery,auto_da_alloc,noquota,grpquota,barrier=0x0000000000000000,grpjquota=,jqfmt=vfsold,,errors=continue. Quota mode: writeback.
[   89.344061][ T4674] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.163: bg 0: block 234: padding at end of block bitmap is not set
[   89.377455][ T4674] EXT4-fs (loop1): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 212 with error 117
[   89.987620][ T4674] EXT4-fs (loop1): This should not happen!! Data will be lost
[   89.987620][ T4674] 
[   90.070995][ T4695] loop3: detected capacity change from 0 to 1024
[   90.212720][ T4695] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps superblock
[   90.246653][ T4695] EXT4-fs (loop3): group descriptors corrupted!
[   90.649249][ T4704] loop2: detected capacity change from 0 to 40427
[   90.717047][ T4695] loop3: detected capacity change from 0 to 8
[   90.742538][ T4704] F2FS-fs (loop2): invalid crc value
[   90.755680][ T4704] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   90.817529][ T4704] F2FS-fs (loop2): Cannot turn on quotas: -2 on 0
[   90.824920][ T4704] F2FS-fs (loop2): Start checkpoint disabled!
[   90.845808][ T4704] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[   91.274617][ T4695] unable to read id index table
[   91.318655][   T13] usb 2-1: new full-speed USB device number 3 using dummy_hcd
[   91.698894][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[   91.728288][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   91.742210][   T13] usb 2-1: New USB device found, idVendor=04d9, idProduct=a055, bcdDevice= 0.00
[   91.758032][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   91.780375][   T13] usb 2-1: config 0 descriptor??
[   92.062987][ T4218] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   92.325265][   T13] usbhid 2-1:0.0: can't add hid device: -71
[   92.342691][   T13] usbhid: probe of 2-1:0.0 failed with error -71
[   92.374636][   T13] usb 2-1: USB disconnect, device number 3
[   92.490522][ T4725] loop3: detected capacity change from 0 to 16
[   92.779814][ T4218] usb 1-1: config 220 has an invalid interface number: 76 but max is 2
[   92.838964][ T4725] erofs: (device loop3): mounted with root inode @ nid 36.
[   92.903242][ T4218] usb 1-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[   93.080598][ T4218] usb 1-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[   93.457803][ T4218] usb 1-1: config 220 has no interface number 2
[   93.464195][ T4218] usb 1-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[   93.480802][ T4218] usb 1-1: config 220 interface 0 has no altsetting 0
[   93.487957][ T4218] usb 1-1: config 220 interface 76 has no altsetting 0
[   93.488362][ T4734] loop4: detected capacity change from 0 to 256
[   93.495388][ T4218] usb 1-1: config 220 interface 1 has no altsetting 0
[   93.557668][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   93.574726][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   93.584710][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   93.594711][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.604711][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.614708][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.624706][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.634709][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.644710][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.654711][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #82!!!
[   93.825869][ T4741] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[   93.834383][ T4741] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[   94.301079][ T4738] loop1: detected capacity change from 0 to 128
[   94.393051][ T4218] usb 1-1: string descriptor 0 read error: -71
[   94.399451][ T1108] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   94.408283][ T4218] usb 1-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[   94.421775][ T4218] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   94.433049][ T4738] FAT-fs (loop1): Directory bread(block 32) failed
[   94.460572][ T4738] FAT-fs (loop1): Directory bread(block 33) failed
[   94.492161][ T4738] FAT-fs (loop1): Directory bread(block 34) failed
[   94.516206][ T4738] FAT-fs (loop1): Directory bread(block 35) failed
[   94.543707][ T4738] FAT-fs (loop1): Directory bread(block 36) failed
[   94.557323][ T4738] FAT-fs (loop1): Directory bread(block 37) failed
[   94.574256][ T4738] FAT-fs (loop1): Directory bread(block 38) failed
[   94.638264][ T4218] usb 1-1: can't set config #220, error -71
[   94.645574][ T4218] usb 1-1: USB disconnect, device number 2
[   94.676732][ T4738] FAT-fs (loop1): Directory bread(block 39) failed
[   94.683382][ T4738] FAT-fs (loop1): Directory bread(block 40) failed
[   94.870302][ T4746] loop3: detected capacity change from 0 to 40427
[   94.914893][ T4738] FAT-fs (loop1): Directory bread(block 41) failed
[   95.190504][ T4738] attempt to access beyond end of device
[   95.190504][ T4738] loop1: rw=524288, want=4112, limit=128
[   95.232751][ T4738] attempt to access beyond end of device
[   95.232751][ T4738] loop1: rw=0, want=4112, limit=128
[   95.281559][   T26] audit: type=1800 audit(1745510821.760:4): pid=4738 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.180" name="file1" dev="loop1" ino=1048591 res=0 errno=0
[   96.064683][    C1] sched: RT throttling activated
[   96.097559][ T4746] F2FS-fs (loop3): invalid crc value
[   96.142079][ T4746] F2FS-fs (loop3): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[   96.197065][ T4746] F2FS-fs (loop3): Cannot turn on quotas: -2 on 0
[   96.206124][ T4746] F2FS-fs (loop3): Start checkpoint disabled!
[   96.230070][ T4746] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[   96.971994][ T4774] loop1: detected capacity change from 0 to 16
[   97.213782][ T4778] loop2: detected capacity change from 0 to 512
[   97.295839][ T4774] erofs: (device loop1): mounted with root inode @ nid 36.
[   97.579253][ T4778] EXT4-fs (loop2): mounted filesystem without journal. Opts: grpquota,lazytime,,errors=continue. Quota mode: writeback.
[   97.599090][ T4786] loop4: detected capacity change from 0 to 512
[   97.628046][ T4778] ext4 filesystem being mounted at /42/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[   97.680732][ T4786] EXT4-fs (loop4): Mount option "nouser_xattr" will be removed by 3.5
[   97.680732][ T4786] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[   97.680732][ T4786] 
[   98.038413][ T4786] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[   98.126307][ T4786] EXT4-fs (loop4): invalid journal inode
[   98.139421][ T4786] EXT4-fs (loop4): can't get journal size
[   98.146751][ T4778] EXT4-fs error (device loop2): ext4_ext_check_inode:501: inode #12: comm syz.2.194: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 0(0)
[   98.192256][ T4786] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a0168118, mo2=0002]
[   98.207806][ T4786] System zones: 1-12, 13-13
[   98.218983][ T4786] EXT4-fs (loop4): 1 truncate cleaned up
[   98.221365][ T4797] loop1: detected capacity change from 0 to 4096
[   98.229495][ T4786] EXT4-fs (loop4): mounted filesystem without journal. Opts: norecovery,grpquota,debug,nouser_xattr,,errors=continue. Quota mode: writeback.
[   98.327251][ T4797] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[   98.449764][ T4801] loop4: detected capacity change from 0 to 128
[   98.529717][ T4801] UDF-fs: error (device loop4): udf_read_tagged: read failed, block=256, location=256
[   98.572982][ T4801] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   98.602013][ T4804] loop3: detected capacity change from 0 to 512
[   98.719022][ T4804] EXT4-fs (loop3): Ignoring removed orlov option
[   98.825819][ T4804] EXT4-fs (loop3): orphan cleanup on readonly fs
[   98.832371][ T4804] EXT4-fs error (device loop3): ext4_find_extent:893: inode #4: comm syz.3.201: inode has invalid extent depth: 7
[   98.898806][ T4804] Quota error (device loop3): v2_read_header: Failed header read: expected=8 got=-117
[   98.931007][ T4804] EXT4-fs warning (device loop3): ext4_enable_quotas:6439: Failed to enable quota tracking (type=1, err=-22, ino=4). Please run e2fsck to fix.
[   99.011911][ T4804] EXT4-fs (loop3): Cannot turn on quotas: error -22
[   99.037339][ T4804] EXT4-fs (loop3): mounted filesystem without journal. Opts: orlov,sysvgroups,,errors=continue. Quota mode: writeback.
[   99.102312][ T4815] loop0: detected capacity change from 0 to 128
[   99.181221][ T4804] EXT4-fs error (device loop3): ext4_lookup:1855: inode #2: comm syz.3.201: 'file0' linked to parent dir
[  101.096855][ T4815] FAT-fs (loop0): Directory bread(block 162) failed
[  101.113893][ T4815] FAT-fs (loop0): Directory bread(block 163) failed
[  101.133819][ T4815] FAT-fs (loop0): Directory bread(block 164) failed
[  101.153001][ T4815] FAT-fs (loop0): Directory bread(block 165) failed
[  101.166389][ T4815] FAT-fs (loop0): Directory bread(block 166) failed
[  101.173311][ T4815] FAT-fs (loop0): Directory bread(block 167) failed
[  101.181173][ T4815] FAT-fs (loop0): Directory bread(block 168) failed
[  101.188422][ T4815] FAT-fs (loop0): Directory bread(block 169) failed
[  101.210637][ T4815] FAT-fs (loop0): Directory bread(block 162) failed
[  101.224627][ T4815] FAT-fs (loop0): Directory bread(block 163) failed
[  101.236018][ T4815] attempt to access beyond end of device
[  101.236018][ T4815] loop0: rw=3, want=232, limit=128
[  101.250202][ T4815] attempt to access beyond end of device
[  101.250202][ T4815] loop0: rw=2051, want=234, limit=128
[  101.328567][ T4841] loop2: detected capacity change from 0 to 256
[  101.513388][ T4841] exFAT-fs (loop2): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  101.637595][ T4852] netlink: 28 bytes leftover after parsing attributes in process `syz.4.215'.
[  102.203449][   T13] usb 2-1: new low-speed USB device number 4 using dummy_hcd
[  102.263858][ T4866] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  102.586018][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  102.616717][   T13] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 32, setting to 8
[  102.653159][   T13] usb 2-1: New USB device found, idVendor=05ac, idProduct=0240, bcdDevice= 0.00
[  102.704565][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  102.837274][   T13] usb 2-1: config 0 descriptor??
[  102.856260][ T4836] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  102.900446][   T13] input: bcm5974 as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/input/input5
[  103.203560][ T4212] usb 2-1: USB disconnect, device number 4
[  103.215004][ T3532] bcm5974 2-1:0.0: could not read from device
[  103.239422][ T4875] loop0: detected capacity change from 0 to 1024
[  104.285788][ T4881] loop3: detected capacity change from 0 to 128
[  104.499771][ T4881] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpquota,nouid32,,errors=continue. Quota mode: writeback.
[  104.525745][ T4881] ext4 filesystem being mounted at /45/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  104.884617][ T4902] loop3: detected capacity change from 0 to 256
[  104.994720][ T4902] FAT-fs (loop3): bogus logical sector size 0
[  105.000930][ T4902] FAT-fs (loop3): Can't find a valid FAT filesystem
[  105.229494][ T4914] loop2: detected capacity change from 0 to 512
[  105.894341][ T4914] EXT4-fs (loop2): 1 orphan inode deleted
[  105.924817][ T4914] EXT4-fs (loop2): mounted filesystem without journal. Opts: errors=remount-ro,nodiscard,noquota,init_itable,stripe=0x0000000000000079,resgid=0x0000000000000000,sysvgroups,delalloc,usrquota,. Quota mode: writeback.
[  106.014953][ T4914] ext4 filesystem being mounted at /46/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  106.441458][ T4940] loop3: detected capacity change from 0 to 512
[  106.461882][ T4942] loop2: detected capacity change from 0 to 1024
[  106.597314][ T4940] EXT4-fs (loop3): Ignoring removed mblk_io_submit option
[  106.693123][ T4948] loop0: detected capacity change from 0 to 512
[  106.715916][ T4940] EXT4-fs (loop3): mounted filesystem without journal. Opts: usrquota,bsddf,commit=0x0000000000000000,mblk_io_submit,barrier=0x0000000000000fff,,errors=continue. Quota mode: writeback.
[  106.798669][ T4948] EXT4-fs (loop0): Quota format mount options ignored when QUOTA feature is enabled
[  106.908011][ T4959] loop2: detected capacity change from 0 to 764
[  106.979703][ T4948] EXT4-fs (loop0): mounted filesystem without journal. Opts: noauto_da_alloc,jqfmt=vfsold,noquota,norecovery,bsddf,,errors=continue. Quota mode: writeback.
[  107.125101][ T4948] ext4 filesystem being mounted at /37/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  107.135889][   T26] audit: type=1800 audit(1745510833.600:5): pid=4940 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.3.246" name="file1" dev="loop3" ino=15 res=0 errno=0
[  107.236157][ T4959] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  107.245018][ T4948] EXT4-fs error (device loop0): ext4_xattr_block_get:546: inode #15: comm syz.0.249: corrupted xattr block 32
[  107.971200][ T4959] netlink: 16 bytes leftover after parsing attributes in process `syz.2.250'.
[  108.017931][ T4969] loop1: detected capacity change from 0 to 256
[  108.118426][ T4969] FAT-fs (loop1): bogus logical sector size 0
[  108.124546][ T4969] FAT-fs (loop1): Can't find a valid FAT filesystem
[  108.790997][ T4989] loop3: detected capacity change from 0 to 512
[  108.962207][ T4989] EXT4-fs error (device loop3): ext4_orphan_get:1401: inode #15: comm syz.3.262: iget: bad extended attribute block 1
[  109.022346][ T4989] EXT4-fs error (device loop3): ext4_orphan_get:1406: comm syz.3.262: couldn't read orphan inode 15 (err -117)
[  109.350067][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  109.429253][ T4989] EXT4-fs (loop3): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[  109.461055][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  109.480031][   T26] audit: type=1800 audit(1745510835.960:6): pid=4989 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.262" name="file2" dev="loop3" ino=16 res=0 errno=0
[  109.511575][ T4988] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  109.646808][ T5006] loop1: detected capacity change from 0 to 128
[  109.672385][ T5008] loop3: detected capacity change from 0 to 512
[  109.795636][ T5008] EXT4-fs (loop3): Mount option "noacl" will be removed by 3.5
[  109.795636][ T5008] Contact linux-ext4@vger.kernel.org if you think we should keep it.
[  109.795636][ T5008] 
[  109.858273][ T5008] EXT4-fs (loop3): Ignoring removed oldalloc option
[  111.788904][ T5008] EXT4-fs (loop3): mounted filesystem without journal. Opts: min_batch_time=0x000000000000008b,dioread_lock,nodelalloc,noacl,noquota,oldalloc,nobarrier,,errors=continue. Quota mode: none.
[  111.839469][ T5020] loop2: detected capacity change from 0 to 512
[  111.902991][ T5020] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  111.936393][ T5020] EXT4-fs (loop2): 1 truncate cleaned up
[  111.940106][ T5025] loop1: detected capacity change from 0 to 256
[  111.950945][ T5022] loop0: detected capacity change from 0 to 164
[  111.950946][ T5020] EXT4-fs (loop2): mounted filesystem without journal. Opts: minixdf,max_dir_size_kb=0x00000000000001ff,stripe=0x0000000000000000,noblock_validity,debug_want_extra_isize=0x0000000000000006,,errors=continue. Quota mode: none.
[  111.996158][ T5020] syz.2.272 (pid 5020) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  112.022455][ T5020] EXT4-fs (loop2): shut down requested (1)
[  112.031777][ T5020] fscrypt (loop2, inode 18): Error -5 getting encryption context
[  112.082936][ T5025] FAT-fs (loop1): bogus logical sector size 0
[  112.094852][ T5022] ISOFS: primary root directory is empty. Disabling Rock Ridge and switching to Joliet.
[  112.119764][ T5025] FAT-fs (loop1): Can't find a valid FAT filesystem
[  112.629231][ T5037] netlink: 8 bytes leftover after parsing attributes in process `syz.0.278'.
[  113.438357][ T5050] capability: warning: `syz.1.283' uses deprecated v2 capabilities in a way that may be insecure
[  113.594092][ T5043] netlink: 52 bytes leftover after parsing attributes in process `syz.4.281'.
[  114.490913][ T5065] loop3: detected capacity change from 0 to 512
[  114.491103][ T5067] loop1: detected capacity change from 0 to 8
[  114.783460][ T5076] loop0: detected capacity change from 0 to 256
[  114.880662][ T5076] FAT-fs (loop0): bogus logical sector size 0
[  114.896273][ T5065] EXT4-fs (loop3): mounted filesystem without journal. Opts: data_err=ignore,,errors=continue. Quota mode: writeback.
[  114.914400][ T5076] FAT-fs (loop0): Can't find a valid FAT filesystem
[  114.947148][ T5065] ext4 filesystem being mounted at /54/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  114.982462][ T5082] loop1: detected capacity change from 0 to 256
[  115.158551][ T5086] loop2: detected capacity change from 0 to 2048
[  117.073468][ T5107] loop1: detected capacity change from 0 to 512
[  117.108102][ T5110] netlink: 148 bytes leftover after parsing attributes in process `syz.0.304'.
[  117.303098][ T5107] EXT4-fs (loop1): Ignoring removed nomblk_io_submit option
[  117.357370][ T5110] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  117.403539][ T5107] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  117.917607][ T5107] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  117.934846][ T5107] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=1842c01c, mo2=0002]
[  117.982344][ T5107] EXT4-fs (loop1): couldn't mount RDWR because of unsupported optional features (80)
[  118.034860][ T5107] EXT4-fs (loop1): Skipping orphan cleanup due to unknown ROCOMPAT features
[  118.088052][ T5107] EXT4-fs (loop1): mounted filesystem without journal. Opts: dioread_nolock,noinit_itable,nomblk_io_submit,noblock_validity,data_err=abort,jqfmt=vfsold,jqfmt=vfsv0,barrier=0x000000000000d95a,debug,,errors=continue. Quota mode: none.
[  118.164767][ T5125] loop2: detected capacity change from 0 to 256
[  118.207882][ T5107] EXT4-fs warning (device loop1): dx_probe:893: inode #2: comm syz.1.303: dx entry: limit 65535 != root limit 120
[  118.240884][ T5107] EXT4-fs warning (device loop1): dx_probe:966: inode #2: comm syz.1.303: Corrupt directory, running e2fsck is recommended
[  118.345117][ T5125] FAT-fs (loop2): bogus logical sector size 0
[  118.358115][ T5125] FAT-fs (loop2): Can't find a valid FAT filesystem
[  118.776048][ T5131] netlink: 8 bytes leftover after parsing attributes in process `syz.1.311'.
[  119.626376][   T13] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  119.891139][ T5157] loop0: detected capacity change from 0 to 16
[  119.974844][ T5157] erofs: (device loop0): mounted with root inode @ nid 36.
[  120.289858][   T13] usb 2-1: New USB device found, idVendor=046d, idProduct=ca04, bcdDevice= 0.00
[  120.309479][   T13] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  120.340516][   T13] usb 2-1: config 0 descriptor??
[  120.719654][ T5175] process 'syz.2.327' launched './cgroup.cpu/cpuset.cpus' with NULL argv: empty string added
[  120.896368][   T13] logitech 0003:046D:CA04.0001: hidraw0: USB HID v1.01 Device [HID 046d:ca04] on usb-dummy_hcd.1-1/input0
[  120.955328][ T5181] loop2: detected capacity change from 0 to 1024
[  120.968127][   T13] logitech 0003:046D:CA04.0001: no inputs found
[  121.758692][   T21] usb 2-1: USB disconnect, device number 5
[  121.771685][ T5181] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  123.525970][ T5207] fuse: Bad value for 'fd'
[  123.601960][ T5209] loop3: detected capacity change from 0 to 8
[  123.692032][ T5209] unable to read xattr id index table
[  124.773358][ T5243] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  124.819892][ T5243] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  124.900833][ T5243] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  125.940730][ T5254] loop1: detected capacity change from 0 to 1024
[  126.083636][ T5264] loop2: detected capacity change from 0 to 512
[  126.409023][ T5254] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  126.422449][ T5264] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  126.765853][ T5254] EXT4-fs (loop1): mounted filesystem without journal. Opts: errors=remount-ro,min_batch_time=0x0000000000000005,dioread_nolock,. Quota mode: none.
[  127.086244][ T5254] ext4 filesystem being mounted at /63/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  127.099651][ T5264] EXT4-fs error (device loop2): ext4_xattr_inode_iget:404: comm syz.2.355: inode #1: comm syz.2.355: iget: illegal inode #
[  127.158709][ T5264] EXT4-fs error (device loop2): ext4_xattr_inode_iget:409: comm syz.2.355: error while reading EA inode 1 err=-117
[  127.212248][ T5264] EXT4-fs (loop2): 1 orphan inode deleted
[  127.221924][ T5264] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobarrier,discard,norecovery,dioread_nolock,resgid=0x0000000000000000,minixdf,usrjquota=,noquota,jqfmt=vfsold,abort,discard,noquota,,errors=continue. Quota mode: none.
[  127.295587][ T5275] loop0: detected capacity change from 0 to 512
[  127.412475][ T5275] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  127.444864][ T5275] ext4 filesystem being mounted at /57/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  128.339393][ T5290] loop0: detected capacity change from 0 to 128
[  128.439002][ T5290] FAT-fs (loop0): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  128.475070][ T5290] FAT-fs (loop0): FAT read failed (blocknr 255)
[  130.259048][ T5313] netlink: 148 bytes leftover after parsing attributes in process `syz.2.370'.
[  130.284781][ T5313] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  132.324442][ T5338] netlink: 196 bytes leftover after parsing attributes in process `syz.1.378'.
[  133.143000][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  133.149681][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  133.271593][ T5355] loop2: detected capacity change from 0 to 16
[  133.628394][ T5355] erofs: (device loop2): mounted with root inode @ nid 36.
[  133.658885][ T5359] loop3: detected capacity change from 0 to 128
[  133.909714][ T5359] EXT4-fs (loop3): Ignoring removed nobh option
[  133.997398][ T5359] EXT4-fs (loop3): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  134.019299][ T5359] ext4 filesystem being mounted at /69/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  134.392805][   T26] audit: type=1326 audit(1745510860.870:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5358 comm="syz.3.386" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d81f27969 code=0x0
[  134.537228][ T5379] loop1: detected capacity change from 0 to 256
[  134.662201][ T5379] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x76dfe2a7, utbl_chksum : 0xe619d30d)
[  134.720942][ T5384] xt_NFQUEUE: number of queues (32767) out of range (got 96758)
[  134.758676][ T5379] exFAT-fs (loop1): failed to load alloc-bitmap
[  134.794425][ T5379] exFAT-fs (loop1): failed to recognize exfat type
[  135.285202][ T4212] usb 1-1: new full-speed USB device number 3 using dummy_hcd
[  135.970971][ T4212] usb 1-1: unable to get BOS descriptor or descriptor too short
[  136.171361][ T5402] fuse: Bad value for 'fd'
[  136.184897][ T4212] usb 1-1: not running at top speed; connect to a high speed hub
[  136.496079][ T4212] usb 1-1: New USB device found, idVendor=16d8, idProduct=6804, bcdDevice=68.d5
[  136.559524][ T4212] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  136.649875][ T4212] usb 1-1: Product: syz
[  136.654080][ T4212] usb 1-1: Manufacturer: syz
[  136.689457][ T4212] usb 1-1: SerialNumber: syz
[  136.780459][ T5405] syz_tun: refused to change device tx_queue_len
[  136.962844][ T5408] netlink: 32 bytes leftover after parsing attributes in process `syz.3.401'.
[  136.995500][ T4212] hub 1-1:9.0: bad descriptor, ignoring hub
[  137.010906][ T4212] hub: probe of 1-1:9.0 failed with error -5
[  137.037711][ T5410] netlink: 20 bytes leftover after parsing attributes in process `syz.2.402'.
[  137.038350][ T4212] option 1-1:9.0: GSM modem (1-port) converter detected
[  137.107290][ T4212] usb 1-1: USB disconnect, device number 3
[  137.118804][ T4212] option 1-1:9.0: device disconnected
[  137.197370][ T5414] loop2: detected capacity change from 0 to 128
[  137.258012][ T5414] EXT4-fs (loop2): Ignoring removed nobh option
[  137.303197][ T5414] EXT4-fs (loop2): mounted filesystem without journal. Opts: nobh,usrjquota=,,errors=continue. Quota mode: none.
[  137.335752][ T5420] netlink: 56 bytes leftover after parsing attributes in process `syz.3.406'.
[  137.368271][ T5414] ext4 filesystem being mounted at /81/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  137.492634][ T5425] loop3: detected capacity change from 0 to 2048
[  137.554970][ T5425] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  137.665984][   T26] audit: type=1326 audit(1745510864.150:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5413 comm="syz.2.403" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f88d9860969 code=0x0
[  137.739186][ T5433] loop1: detected capacity change from 0 to 512
[  137.791316][ T5433] EXT4-fs (loop1): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  137.872527][ T5436] fuse: Bad value for 'fd'
[  138.664448][ T5433] EXT4-fs error (device loop1): ext4_xattr_inode_iget:404: comm syz.1.411: inode #1: comm syz.1.411: iget: illegal inode #
[  138.710496][ T5444] loop2: detected capacity change from 0 to 512
[  138.744260][ T5433] EXT4-fs error (device loop1): ext4_xattr_inode_iget:409: comm syz.1.411: error while reading EA inode 1 err=-117
[  138.792893][ T5433] EXT4-fs (loop1): 1 orphan inode deleted
[  138.826664][ T5433] EXT4-fs (loop1): mounted filesystem without journal. Opts: nobarrier,discard,norecovery,dioread_nolock,resgid=0x0000000000000000,minixdf,usrjquota=,noquota,jqfmt=vfsold,abort,discard,noquota,,errors=continue. Quota mode: none.
[  138.880629][ T5444] EXT4-fs (loop2): feature flags set on rev 0 fs, running e2fsck is recommended
[  139.757050][   T26] audit: type=1326 audit(1745510866.160:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5464 comm="syz.4.424" exe="/root/syz-executor" sig=31 arch=c000003e syscall=39 compat=0 ip=0x7fdcb59c0927 code=0x0
[  140.674979][ T5472] fuse: Bad value for 'fd'
[  141.555203][ T5476] IPv6: ADDRCONF(NETDEV_CHANGE): syzkaller0: link becomes ready
[  141.884955][ T1111] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  142.130418][ T5487] loop1: detected capacity change from 0 to 512
[  142.238244][ T5487] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  142.290788][ T1111] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  142.298191][ T5487] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 56 vs 41 free clusters
[  142.312970][ T1111] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  142.334732][ T1111] usb 1-1: New USB device found, idVendor=046d, idProduct=c222, bcdDevice= 0.00
[  142.344051][ T1111] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  142.365814][ T1111] usb 1-1: config 0 descriptor??
[  142.408408][ T5487] EXT4-fs (loop1): Remounting filesystem read-only
[  142.422587][ T5487] Quota error (device loop1): write_blk: dquota write failed
[  142.430323][ T5487] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  142.440860][ T5487] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.432: Failed to acquire dquot type 0
[  142.479114][ T5487] EXT4-fs (loop1): Remounting filesystem read-only
[  142.489551][ T5487] Quota error (device loop1): write_blk: dquota write failed
[  142.507632][ T5487] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  142.534957][ T5487] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.432: Failed to acquire dquot type 0
[  142.638767][ T5487] EXT4-fs (loop1): Remounting filesystem read-only
[  142.652865][ T5487] Quota error (device loop1): write_blk: dquota write failed
[  142.695114][ T5487] Quota error (device loop1): qtree_write_dquot: Error -28 occurred while creating quota
[  142.755071][ T5487] EXT4-fs error (device loop1): ext4_acquire_dquot:6204: comm syz.1.432: Failed to acquire dquot type 0
[  142.787234][ T5487] EXT4-fs (loop1): Remounting filesystem read-only
[  142.793938][ T5487] EXT4-fs (loop1): 1 orphan inode deleted
[  142.820902][ T5487] EXT4-fs (loop1): mounted filesystem without journal. Opts: i_version,noblock_validity,acl,noinit_itable,errors=remount-ro,init_itable,noauto_da_alloc,usrquota,resgid=0x000000000000ee002. Quota mode: writeback.
[  142.854032][ T1111] hid (null): unknown global tag 0xd
[  142.882877][ T1111] lg-g15 0003:046D:C222.0002: unknown main item tag 0x0
[  142.903882][ T1111] lg-g15 0003:046D:C222.0002: unknown global tag 0xd
[  142.929792][ T1111] lg-g15 0003:046D:C222.0002: item 0 0 1 13 parsing failed
[  142.950700][ T1111] lg-g15: probe of 0003:046D:C222.0002 failed with error -22
[  143.091776][   T13] usb 1-1: USB disconnect, device number 4
[  144.006012][ T5517] loop1: detected capacity change from 0 to 256
[  144.052753][   T26] audit: type=1800 audit(1745510870.530:10): pid=5517 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.441" name="file1" dev="loop1" ino=1048595 res=0 errno=0
[  144.072000][ T5517] FAT-fs (loop1): error, clusters badly computed (0 != 128)
[  144.121903][ T5517] FAT-fs (loop1): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  144.255272][ T4212] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  144.365718][ T5523] netlink: 16 bytes leftover after parsing attributes in process `syz.1.445'.
[  144.494862][ T4212] usb 3-1: Using ep0 maxpacket: 16
[  144.608199][   T26] audit: type=1400 audit(1745510871.090:11): apparmor="DENIED" operation="setprocattr" info="fscreate" error=-22 profile="unconfined" pid=5528 comm="syz.0.447"
[  144.615324][ T4212] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  144.680708][ T4212] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  144.877670][ T4212] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  144.935923][ T4212] usb 3-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  144.970604][ T4212] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  145.807671][ T4212] usb 3-1: config 0 descriptor??
[  146.298439][ T4212] HID 045e:07da: Invalid code 65791 type 1
[  146.320584][ T4212] input: HID 045e:07da as /devices/platform/dummy_hcd.2/usb3/3-1/3-1:0.0/0003:045E:07DA.0003/input/input6
[  146.537470][ T4212] microsoft 0003:045E:07DA.0003: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.2-1/input0
[  147.072611][ T4212] usb 3-1: USB disconnect, device number 4
[  147.086488][ T5562] loop0: detected capacity change from 0 to 16
[  147.193416][ T5562] erofs: (device loop0): mounted with root inode @ nid 36.
[  147.389311][ T5574] loop1: detected capacity change from 0 to 2048
[  147.442529][ T5574] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  148.124438][ T5588] loop2: detected capacity change from 0 to 256
[  148.185604][ T5594] netlink: 156 bytes leftover after parsing attributes in process `syz.1.464'.
[  148.340305][   T26] audit: type=1800 audit(1745510874.820:12): pid=5588 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.469" name="file1" dev="loop2" ino=1048596 res=0 errno=0
[  148.345464][ T5588] FAT-fs (loop2): error, clusters badly computed (0 != 128)
[  148.556683][ T5588] FAT-fs (loop2): error, fat_bmap_cluster: request beyond EOF (i_pos 196)
[  151.215666][ T5609] loop0: detected capacity change from 0 to 512
[  151.251013][ T5609] EXT4-fs (loop0): test_dummy_encryption requires encrypt feature
[  151.715919][ T5619] loop2: detected capacity change from 0 to 16
[  151.842280][ T5619] erofs: (device loop2): mounted with root inode @ nid 36.
[  152.852747][ T4661] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.919179][ T4661] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.078372][ T4661] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  153.184468][   T26] audit: type=1107 audit(1745510879.660:13): pid=5647 uid=0 auid=4294967295 ses=4294967295 subj=unconfined msg=''
[  153.246855][ T4661] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  154.725192][ T5664] IPv6: NLM_F_REPLACE set, but no existing node found!
[  155.170458][ T5655] chnl_net:caif_netlink_parms(): no params data found
[  155.365077][ T4504] usb 4-1: new high-speed USB device number 2 using dummy_hcd
[  155.511108][ T5655] bridge0: port 1(bridge_slave_0) entered blocking state
[  155.525238][ T5655] bridge0: port 1(bridge_slave_0) entered disabled state
[  155.554036][ T5655] device bridge_slave_0 entered promiscuous mode
[  155.605042][ T1326] Bluetooth: hci0: command 0x0409 tx timeout
[  156.482775][ T5655] bridge0: port 2(bridge_slave_1) entered blocking state
[  156.490782][ T5655] bridge0: port 2(bridge_slave_1) entered disabled state
[  156.507697][ T5655] device bridge_slave_1 entered promiscuous mode
[  156.544881][ T4504] usb 4-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  156.555027][ T4504] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  156.572529][ T4504] usb 4-1: config 0 descriptor??
[  156.585330][ T5655] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  156.617770][ T5655] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  156.628179][ T4504] cp210x 4-1:0.0: cp210x converter detected
[  156.680761][ T5655] team0: Port device team_slave_0 added
[  156.709512][ T5655] team0: Port device team_slave_1 added
[  156.837572][ T5655] batman_adv: batadv0: Adding interface: batadv_slave_0
[  156.850495][ T4504] usb 4-1: cp210x converter now attached to ttyUSB0
[  156.871258][ T5655] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.905431][ T5655] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  156.912798][ T5702] loop1: detected capacity change from 0 to 2048
[  156.927765][ T5655] batman_adv: batadv0: Adding interface: batadv_slave_1
[  156.942022][ T5655] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  156.978441][ T5655] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  157.028105][ T5702] EXT4-fs (loop1): Ignoring removed mblk_io_submit option
[  157.049149][ T4214] usb 4-1: USB disconnect, device number 2
[  157.072432][ T4214] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  157.102708][ T4214] cp210x 4-1:0.0: device disconnected
[  157.127943][ T5702] EXT4-fs (loop1): mounted filesystem without journal. Opts: mblk_io_submit,journal_ioprio=0x0000000000000003,abort,,errors=continue. Quota mode: none.
[  157.167598][ T5655] device hsr_slave_0 entered promiscuous mode
[  157.185166][ T5655] device hsr_slave_1 entered promiscuous mode
[  157.202197][ T5655] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  157.221548][ T5655] Cannot create hsr debugfs directory
[  157.283395][ T4661] device hsr_slave_0 left promiscuous mode
[  157.316239][ T4661] device hsr_slave_1 left promiscuous mode
[  157.335736][ T4661] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  157.367383][ T4661] batman_adv: batadv0: Removing interface: batadv_slave_0
[  157.412803][ T4661] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  157.430838][ T4661] batman_adv: batadv0: Removing interface: batadv_slave_1
[  157.449545][ T4661] device bridge_slave_1 left promiscuous mode
[  157.467111][ T4661] bridge0: port 2(bridge_slave_1) entered disabled state
[  157.519116][ T4661] device bridge_slave_0 left promiscuous mode
[  157.538253][ T4661] bridge0: port 1(bridge_slave_0) entered disabled state
[  157.622290][ T4661] device veth1_macvtap left promiscuous mode
[  157.641564][ T4661] device veth0_macvtap left promiscuous mode
[  157.656236][ T4661] device veth1_vlan left promiscuous mode
[  157.662985][ T4661] device veth0_vlan left promiscuous mode
[  157.684867][   T13] Bluetooth: hci0: command 0x041b tx timeout
[  158.184596][ T4661] team0 (unregistering): Port device team_slave_1 removed
[  158.201369][ T4661] team0 (unregistering): Port device team_slave_0 removed
[  158.219116][ T4661] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  158.239804][ T4661] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  158.382559][ T4661] bond0 (unregistering): Released all slaves
[  159.641558][ T5731] loop2: detected capacity change from 0 to 1764
[  159.680293][ T5734] loop3: detected capacity change from 0 to 1024
[  159.764893][ T1111] Bluetooth: hci0: command 0x040f tx timeout
[  159.784432][ T5655] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  159.816749][ T5655] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  159.849695][ T5655] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  159.880354][ T5655] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  159.881359][ T5736] loop2: detected capacity change from 0 to 512
[  159.959203][ T5736] EXT4-fs (loop2): Cannot turn on journaled quota: type 0: error -2
[  159.973082][ T5736] EXT4-fs (loop2): 1 truncate cleaned up
[  159.989462][ T5736] EXT4-fs (loop2): mounted filesystem without journal. Opts: jqfmt=vfsold,usrjquota="errors=continue,noload,data_err=ignore,usrjquota="errors=continue,errors=remount-ro,noblock_validity,. Quota mode: writeback.
[  160.013453][ T5736] EXT4-fs error (device loop2): ext4_append:79: inode #2: comm syz.2.517: Logical block already allocated
[  160.037951][ T5736] EXT4-fs (loop2): Remounting filesystem read-only
[  160.193905][ T5655] 8021q: adding VLAN 0 to HW filter on device bond0
[  160.243073][ T5655] 8021q: adding VLAN 0 to HW filter on device team0
[  160.295080][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  160.303690][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  160.320714][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  160.370048][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  160.407046][ T4261] bridge0: port 1(bridge_slave_0) entered blocking state
[  160.414253][ T4261] bridge0: port 1(bridge_slave_0) entered forwarding state
[  160.422203][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  160.431347][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  160.440077][ T4261] bridge0: port 2(bridge_slave_1) entered blocking state
[  160.447201][ T4261] bridge0: port 2(bridge_slave_1) entered forwarding state
[  160.456412][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  160.465603][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  160.486156][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  160.525908][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  160.554170][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  160.718790][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  161.116408][ T5655] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  161.177743][ T5655] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  161.277252][ T5749] loop1: detected capacity change from 0 to 256
[  162.546599][ T5655] 8021q: adding VLAN 0 to HW filter on device batadv0
[  163.258101][ T1111] Bluetooth: hci0: command 0x0419 tx timeout
[  163.270752][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  163.326663][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  163.350171][ T5749] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0x905a013b, utbl_chksum : 0xe619d30d)
[  163.359719][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  163.381168][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  163.407984][ T5772] loop3: detected capacity change from 0 to 16
[  163.415369][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  163.432398][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  163.460805][ T5772] erofs: (device loop3): mounted with root inode @ nid 36.
[  163.475510][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  163.483104][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  163.500972][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  163.930565][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  163.945568][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  164.032162][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  164.061345][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  164.121671][ T5655] device veth0_vlan entered promiscuous mode
[  164.879677][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  164.898180][ T4261] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  164.950285][ T5655] device veth1_vlan entered promiscuous mode
[  165.111295][ T5655] device veth0_macvtap entered promiscuous mode
[  165.137123][ T5795] loop2: detected capacity change from 0 to 1024
[  165.170868][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  165.188903][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  165.235766][ T5655] device veth1_macvtap entered promiscuous mode
[  165.275778][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  165.320952][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  165.382664][ T5795] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  165.413868][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.476861][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.507476][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.518272][ T5795] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  165.538204][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.554840][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.565809][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.576787][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  165.587759][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.599920][ T5655] batman_adv: batadv0: Interface activated: batadv_slave_0
[  165.632628][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.714688][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  165.804715][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  165.857529][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.209389][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  166.507237][ T5794] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  166.536914][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.604807][ T5655] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  166.615564][ T5794] EXT4-fs (loop2): This should not happen!! Data will be lost
[  166.615564][ T5794] 
[  166.625509][ T5794] EXT4-fs (loop2): Total free blocks count 0
[  166.631507][ T5794] EXT4-fs (loop2): Free/Dirty block details
[  166.645081][ T5794] EXT4-fs (loop2): free_blocks=68451041280
[  166.655849][ T5794] EXT4-fs (loop2): dirty_blocks=1408
[  166.661165][ T5794] EXT4-fs (loop2): Block reservation details
[  166.674685][ T5655] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  166.686909][ T5655] batman_adv: batadv0: Interface activated: batadv_slave_1
[  166.703200][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  166.715869][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  166.737038][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  166.751953][ T5794] EXT4-fs (loop2): i_reserved_data_blocks=89
[  166.779273][ T4442] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  166.843163][ T5655] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  166.874692][ T5655] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  167.060041][ T5655] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  167.221672][ T5655] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  167.406935][ T4501] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 36 with max blocks 1596 with error 28
[  167.627533][ T4501] EXT4-fs (loop2): This should not happen!! Data will be lost
[  167.627533][ T4501] 
[  167.788323][ T5817] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  167.822444][ T4501] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  167.854732][ T4501] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  167.889310][ T4349] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  167.997871][ T4349] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  168.017793][ T4349] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  168.070447][ T4443] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  168.725700][ T4218] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  169.064999][ T4218] usb 3-1: Using ep0 maxpacket: 32
[  169.186297][ T4218] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  169.354757][ T4218] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  169.436379][ T4218] usb 3-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  169.466487][ T4218] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  169.496442][ T4218] usb 3-1: config 0 descriptor??
[  170.345664][ T4218] savu 0003:1E7D:2D5A.0004: unknown main item tag 0x0
[  170.444312][ T4218] savu 0003:1E7D:2D5A.0004: unknown main item tag 0x5
[  170.669300][ T4218] savu 0003:1E7D:2D5A.0004: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.2-1/input0
[  170.752307][ T4218] usb 3-1: USB disconnect, device number 5
[  173.068146][ T5875] netlink: 156 bytes leftover after parsing attributes in process `syz.2.555'.
[  174.545143][ T5885] xt_CT: You must specify a L4 protocol and not use inversions on it
[  176.029292][ T5904] loop5: detected capacity change from 0 to 512
[  176.054768][ T4214] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  176.074480][ T5909] loop1: detected capacity change from 0 to 256
[  176.088966][ T5904] EXT4-fs (loop5): Test dummy encryption mode enabled
[  176.100968][ T5904] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  176.119691][ T5912] netlink: 156 bytes leftover after parsing attributes in process `syz.4.568'.
[  176.141776][ T5904] EXT4-fs (loop5): 1 truncate cleaned up
[  176.157184][ T5909] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  176.185378][ T5904] EXT4-fs (loop5): mounted filesystem without journal. Opts: test_dummy_encryption,usrquota,nombcache,,errors=continue. Quota mode: writeback.
[  176.260245][ T5904] EXT4-fs (loop5): Online resizing not supported with sparse_super2
[  176.495848][ T4214] usb 4-1: Using ep0 maxpacket: 32
[  176.685112][ T4214] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  176.818797][ T4214] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  176.999964][ T4214] usb 4-1: New USB device found, idVendor=1e7d, idProduct=2d5a, bcdDevice= 0.00
[  177.099496][ T4214] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.118463][ T4214] usb 4-1: config 0 descriptor??
[  177.227215][ T5932] loop5: detected capacity change from 0 to 1024
[  177.424726][ T1108] usb 3-1: new high-speed USB device number 6 using dummy_hcd
[  177.429096][ T5934] loop5: detected capacity change from 0 to 16
[  177.488312][ T5934] erofs: (device loop5): mounted with root inode @ nid 36.
[  177.676882][ T4214] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x0
[  177.697842][ T4214] savu 0003:1E7D:2D5A.0005: unknown main item tag 0x5
[  177.734292][ T4214] savu 0003:1E7D:2D5A.0005: hidraw0: USB HID v0.00 Device [HID 1e7d:2d5a] on usb-dummy_hcd.3-1/input0
[  177.845028][ T1108] usb 3-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  177.868010][ T1108] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  177.940891][ T1108] usb 3-1: config 0 descriptor??
[  177.987026][ T4214] usb 4-1: USB disconnect, device number 3
[  178.188644][ T5941] loop1: detected capacity change from 0 to 8
[  178.246345][ T5941] SQUASHFS error: zlib decompression failed, data probably corrupt
[  178.254316][ T5941] SQUASHFS error: Failed to read block 0x9b: -5
[  178.282642][ T5941] SQUASHFS error: Unable to read metadata cache entry [99]
[  178.284917][ T1108] [drm] vendor descriptor length:b9 data:00 00 00 00 00 00 00 00 00 00 00
[  178.299537][ T5941] SQUASHFS error: Unable to read inode 0x127
[  178.308599][ T1108] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor
[  178.346526][ T1108] [drm:udl_init] *ERROR* Selecting channel failed
[  178.390109][ T1108] [drm] Initialized udl 0.0.1 20120220 for 3-1:0.0 on minor 2
[  178.427046][ T1108] [drm] Initialized udl on minor 2
[  178.464990][ T1108] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  178.501099][ T1108] udl 3-1:0.0: [drm] Cannot find any crtc or sizes
[  178.538631][ T1108] usb 3-1: USB disconnect, device number 6
[  178.575319][ T5949] netlink: 156 bytes leftover after parsing attributes in process `syz.1.581'.
[  178.577260][ T5947] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  178.709835][ T5954] Zero length message leads to an empty skb
[  181.155217][ T5986] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  181.157440][ T5986] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  181.157572][ T5986] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  181.766674][ T5996] loop1: detected capacity change from 0 to 8192
[  181.812706][ T6006] loop5: detected capacity change from 0 to 2048
[  181.871803][ T6006] EXT4-fs (loop5): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  181.988042][ T6006] EXT4-fs (loop5): mounted filesystem without journal. Opts: errors=remount-ro,resuid=0x0000000000000000,block_validity,min_batch_time=0x0000000000000007,nobarrier,noblock_validity,dioread_nolock,. Quota mode: writeback.
[  182.477175][ T6006] EXT4-fs error (device loop5): ext4_search_dir:1549: inode #12: block 9: comm syz.5.600: bad entry in directory: rec_len % 4 != 0 - offset=0, inode=13, rec_len=21, size=56 fake=0
[  182.768506][ T6006] EXT4-fs (loop5): Remounting filesystem read-only
[  182.789601][ T6006] EXT4-fs error (device loop5): ext4_read_inline_dir:1600: inode #12: block 9: comm syz.5.600: path /5/file1/file0: bad entry in directory: rec_len % 4 != 0 - offset=24, inode=13, rec_len=21, size=80 fake=0
[  182.874767][ T6006] EXT4-fs (loop5): Remounting filesystem read-only
[  182.964452][ T6021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.606'.
[  183.000217][ T6023] loop2: detected capacity change from 0 to 256
[  183.013880][ T6021] netlink: 8 bytes leftover after parsing attributes in process `syz.4.606'.
[  183.074687][ T6023] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  183.090519][ T6027] loop5: detected capacity change from 0 to 256
[  183.198733][ T6027] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  183.262293][ T6027] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  183.321654][ T6027] exFAT-fs (loop5): failed to load upcase table (idx : 0x0001203e, chksum : 0xee1a3015, utbl_chksum : 0xe619d30d)
[  184.094726][   T26] audit: type=1800 audit(1745510910.080:14): pid=6027 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.607" name="bus" dev="loop5" ino=1048602 res=0 errno=0
[  184.122999][ T6034] loop2: detected capacity change from 0 to 1024
[  184.374868][ T6034] EXT4-fs (loop2): ext4_check_descriptors: Inode bitmap for group 0 overlaps superblock
[  184.394885][ T6034] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (42152!=20869)
[  184.543290][ T6034] EXT4-fs error (device loop2): ext4_get_journal_inode:5160: inode #5: comm syz.2.612: unexpected bad inode w/o EXT4_IGET_BAD
[  184.775819][ T6034] EXT4-fs (loop2): no journal found
[  184.883955][ T6034] EXT4-fs (loop2): can't get journal size
[  185.159081][ T6034] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,stripe=0x0000000000000002,norecovery,min_batch_time=0x000000000000071d,quota,,errors=continue. Quota mode: writeback.
[  185.222647][ T6044] loop5: detected capacity change from 0 to 512
[  185.325596][ T6044] EXT4-fs error (device loop5): ext4_orphan_get:1401: inode #15: comm syz.5.613: iget: bad extended attribute block 1
[  185.365680][ T6044] EXT4-fs error (device loop5): ext4_orphan_get:1406: comm syz.5.613: couldn't read orphan inode 15 (err -117)
[  185.397650][ T6044] EXT4-fs (loop5): mounted filesystem without journal. Opts: noblock_validity,resgid=0x000000000000ee00,acl,noload,journal_dev=0x0000000000000003,nodiscard,,errors=continue. Quota mode: none.
[  185.779618][ T6065] loop2: detected capacity change from 0 to 2048
[  185.957881][ T4218] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  186.022370][ T6065] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  188.397234][ T4212] Bluetooth: hci4: command 0x0406 tx timeout
[  188.403372][ T4212] Bluetooth: hci1: command 0x0406 tx timeout
[  188.441951][ T4212] Bluetooth: hci3: command 0x0406 tx timeout
[  188.467270][ T4212] Bluetooth: hci2: command 0x0406 tx timeout
[  188.622789][ T4218] usb 2-1: Using ep0 maxpacket: 8
[  189.113664][ T6087] loop5: detected capacity change from 0 to 128
[  189.225016][ T4218] usb 2-1: device descriptor read/all, error -71
[  190.376302][ T6105] usb usb1: usbfs: process 6105 (syz.3.634) did not claim interface 6 before use
[  190.444160][ T6107] loop2: detected capacity change from 0 to 1024
[  190.573450][ T6114] loop3: detected capacity change from 0 to 256
[  190.675820][ T6114] exfat: Deprecated parameter 'namecase'
[  190.682716][ T6114] exfat: Deprecated parameter 'namecase'
[  190.745252][ T6114] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  190.848210][ T6114] exFAT-fs (loop3): invalid start cluster (4278190088)
[  190.863604][ T6121] loop1: detected capacity change from 0 to 256
[  190.954858][ T4504] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  191.226072][ T6127] loop1: detected capacity change from 0 to 16
[  191.303986][ T6127] erofs: (device loop1): mounted with root inode @ nid 36.
[  191.314780][ T4504] usb 3-1: Using ep0 maxpacket: 8
[  191.414780][ T1111] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  191.455187][ T4504] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  191.490990][ T4504] usb 3-1: New USB device found, idVendor=0e8d, idProduct=2000, bcdDevice=21.c6
[  191.536854][ T4504] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  191.567852][ T4504] usb 3-1: config 0 descriptor??
[  192.384957][ T1111] usb 4-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08
[  192.404391][ T1111] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  192.426253][ T4218] usb 3-1: USB disconnect, device number 7
[  192.469176][ T1111] usb 4-1: config 0 descriptor??
[  192.768119][ T6141] loop1: detected capacity change from 0 to 2048
[  192.834932][ T6141] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  193.055133][ T1111] [drm:udl_init] *ERROR* Selecting channel failed
[  193.078914][ T1111] [drm] Initialized udl 0.0.1 20120220 for 4-1:0.0 on minor 2
[  193.913230][ T1111] [drm] Initialized udl on minor 2
[  193.942119][ T1111] [drm:udl_get_edid_block] *ERROR* Read EDID byte 0 failed err ffffffb9
[  193.981441][ T1111] udl 4-1:0.0: [drm] Cannot find any crtc or sizes
[  194.008924][ T1111] usb 4-1: USB disconnect, device number 4
[  194.052145][ T6156] loop5: detected capacity change from 0 to 512
[  194.170797][ T1423] ieee802154 phy0 wpan0: encryption failed: -22
[  194.194080][ T1423] ieee802154 phy1 wpan1: encryption failed: -22
[  194.250287][ T6156] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #16: comm syz.5.651: corrupted inode contents
[  194.277452][ T6156] EXT4-fs error (device loop5): ext4_dirty_inode:6010: inode #16: comm syz.5.651: mark_inode_dirty error
[  194.300302][ T6156] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #16: comm syz.5.651: corrupted inode contents
[  194.312858][ T6156] EXT4-fs error (device loop5): __ext4_ext_dirty:183: inode #16: comm syz.5.651: mark_inode_dirty error
[  194.398471][ T6156] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #16: comm syz.5.651: corrupted inode contents
[  194.411829][ T6166] loop3: detected capacity change from 0 to 1024
[  194.462482][ T6156] EXT4-fs error (device loop5) in ext4_orphan_del:305: Corrupt filesystem
[  194.479368][ T6166] EXT4-fs (loop3): Ignoring removed nomblk_io_submit option
[  194.504482][ T6166] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  194.533808][ T6156] EXT4-fs error (device loop5): ext4_do_update_inode:5174: inode #16: comm syz.5.651: corrupted inode contents
[  194.560343][ T6156] EXT4-fs error (device loop5): ext4_truncate:4272: inode #16: comm syz.5.651: mark_inode_dirty error
[  194.681713][ T6156] EXT4-fs error (device loop5) in ext4_process_orphan:347: Corrupt filesystem
[  194.699766][ T6156] EXT4-fs (loop5): 1 truncate cleaned up
[  194.712737][ T6166] EXT4-fs (loop3): mounted filesystem without journal. Opts: abort,barrier,sysvgroups,discard,dioread_nolock,stripe=0x0000000000000004,dioread_nolock,noauto_da_alloc,nomblk_io_submit,bsdgroups,,errors=continue. Quota mode: none.
[  194.744062][ T6156] EXT4-fs (loop5): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  194.786312][ T6156] ext4 filesystem being mounted at /16/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  194.973679][ T6180] loop1: detected capacity change from 0 to 1024
[  195.068658][ T6180] EXT4-fs (loop1): ext4_check_descriptors: Checksum for group 0 failed (32298!=35945)
[  195.107459][ T6180] EXT4-fs (loop1): revision level too high, forcing read-only mode
[  195.151082][ T6180] EXT4-fs (loop1): orphan cleanup on readonly fs
[  195.170815][   T26] audit: type=1800 audit(1745510921.650:15): pid=6156 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.5.651" name="file1" dev="loop5" ino=15 res=0 errno=0
[  195.216304][ T6180] EXT4-fs error (device loop1): ext4_read_inode_bitmap:168: comm syz.1.657: Inode bitmap for bg 0 marked uninitialized
[  195.229225][ T1111] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  195.282793][ T6180] EXT4-fs (loop1): mounted filesystem without journal. Opts: inode_readahead_blks=0x0000000000000080,bsddf,usrjquota=,lazytime,,errors=continue. Quota mode: writeback.
[  195.315244][ T6156] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.651: inode #59392: comm syz.5.651: iget: illegal inode #
[  195.345669][ T6156] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.651: error while reading EA inode 59392 err=-117
[  195.359961][ T6156] EXT4-fs error (device loop5): ext4_xattr_inode_iget:404: comm syz.5.651: inode #59392: comm syz.5.651: iget: illegal inode #
[  195.379969][ T6156] EXT4-fs error (device loop5): ext4_xattr_inode_iget:409: comm syz.5.651: error while reading EA inode 59392 err=-117
[  195.397517][ T6180] EXT4-fs (loop1): shut down requested (1)
[  195.475874][ T6195] usb usb1: usbfs: interface 0 claimed by hub while 'syz.3.665' sets config #9
[  195.630753][ T1111] usb 3-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  195.646072][ T1111] usb 3-1: config 1 has 1 interface, different from the descriptor's value: 3
[  195.756582][ T1111] usb 3-1: New USB device found, idVendor=08b7, idProduct=0000, bcdDevice= 0.00
[  195.772943][ T1111] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=3
[  195.787278][ T1111] usb 3-1: SerialNumber: syz
[  196.052966][ T6229] loop5: detected capacity change from 0 to 256
[  196.245339][ T6229] exFAT-fs (loop5): failed to load upcase table (idx : 0x00011a39, chksum : 0xd54015fb, utbl_chksum : 0xe619d30d)
[  196.532291][ T6261] loop3: detected capacity change from 0 to 16
[  196.637431][ T6261] erofs: (device loop3): mounted with root inode @ nid 36.
[  198.361313][ T6286] netlink: 8 bytes leftover after parsing attributes in process `syz.5.680'.
[  198.381982][ T6286] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2
[  198.394095][ T6286] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  198.489008][ T6288] loop3: detected capacity change from 0 to 1024
[  198.527724][ T1111] usb 3-1: 0:2 : does not exist
[  198.550875][ T6288] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.561187][ T1111] usb 3-1: USB disconnect, device number 8
[  198.582676][   T26] audit: type=1800 audit(1745510925.060:16): pid=6288 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.681" name="file1" dev="loop3" ino=839 res=0 errno=0
[  199.043831][ T6299] loop3: detected capacity change from 0 to 2048
[  199.275771][ T6299] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  199.505414][ T6308] Device name cannot be null; rc = [-22]
[  199.560062][ T6310] loop1: detected capacity change from 0 to 164
[  200.648281][ T6318] loop1: detected capacity change from 0 to 16
[  200.764566][ T6318] erofs: (device loop1): mounted with root inode @ nid 36.
[  200.848562][ T6326] loop5: detected capacity change from 0 to 128
[  200.879870][ T6329] x_tables: duplicate underflow at hook 2
[  200.903340][ T6326] FAT-fs (loop5): error, corrupted file size (i_pos 548, 512)
[  200.917689][ T6326] FAT-fs (loop5): Filesystem has been set read-only
[  201.076631][ T6333] netlink: 16 bytes leftover after parsing attributes in process `syz.3.696'.
[  201.101544][ T6333] netlink: 8 bytes leftover after parsing attributes in process `syz.3.696'.
[  201.195366][ T6337] loop3: detected capacity change from 0 to 128
[  201.273546][   T13] usb 3-1: new high-speed USB device number 9 using dummy_hcd
[  201.314775][ T6337] FAT-fs (loop3): Invalid FSINFO signature: 0x41615252, 0x614101ff (sector = 1)
[  201.326724][ T6337] FAT-fs (loop3): FAT read failed (blocknr 255)
[  202.007683][   T13] usb 3-1: Using ep0 maxpacket: 32
[  202.145202][   T13] usb 3-1: config 0 has an invalid interface number: 67 but max is 0
[  202.163717][   T13] usb 3-1: config 0 has no interface number 0
[  202.370812][   T13] usb 3-1: New USB device found, idVendor=0424, idProduct=9901, bcdDevice=c2.57
[  202.400585][   T13] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  202.416152][ T6356] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  202.438063][   T13] usb 3-1: Product: syz
[  202.442269][   T13] usb 3-1: Manufacturer: syz
[  202.461383][ T6356] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  202.475165][   T13] usb 3-1: SerialNumber: syz
[  202.486057][   T13] usb 3-1: config 0 descriptor??
[  202.512687][ T6356] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  202.535839][   T13] smsc95xx v2.0.0
[  202.849226][ T6365] loop1: detected capacity change from 0 to 512
[  203.075909][   T13] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000030: -32
[  203.086707][   T13] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  203.109441][ T6365] EXT4-fs (loop1): Test dummy encryption mode enabled
[  203.119205][ T6369] IPv6: NLM_F_REPLACE set, but no existing node found!
[  203.135418][ T6365] EXT4-fs (loop1): Test dummy encryption mode enabled
[  203.186342][ T6365] EXT4-fs error (device loop1): ext4_find_inline_data_nolock:163: inode #12: comm syz.1.708: inline data xattr refers to an external xattr inode
[  203.314281][ T6365] EXT4-fs (loop1): Remounting filesystem read-only
[  203.331646][ T6365] EXT4-fs error (device loop1): ext4_orphan_get:1406: comm syz.1.708: couldn't read orphan inode 12 (err -117)
[  203.358549][   T13] smsc95xx 3-1:0.67 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  203.380640][   T13] smsc95xx: probe of 3-1:0.67 failed with error -71
[  203.395127][ T6365] EXT4-fs (loop1): Remounting filesystem read-only
[  203.415054][ T6365] EXT4-fs (loop1): mounted filesystem without journal. Opts: test_dummy_encryption,init_itable=0x0000000000000000,minixdf,sysvgroups,prjquota,stripe=0x00000000000093a4,barrier=0x000000000000000b,errors=remount-ro,auto_da_alloc,test_dummy_encryption,. Quota mode: writeback.
[  203.633105][ T6365] EXT4-fs error (device loop1): ext4_empty_dir:3139: inode #2: comm syz.1.708: Directory hole found for htree leaf block 0
[  203.709338][ T6365] EXT4-fs (loop1): Remounting filesystem read-only
[  203.903827][ T6381] EXT4-fs error (device loop1): htree_dirblock_to_tree:1083: inode #2: comm syz.1.708: Directory hole found for htree leaf block 0
[  203.907850][   T13] usb 3-1: USB disconnect, device number 9
[  204.261273][ T6381] EXT4-fs (loop1): Remounting filesystem read-only
[  204.825437][ T6392] loop1: detected capacity change from 0 to 16
[  204.911532][ T6396] loop5: detected capacity change from 0 to 1024
[  204.929599][ T6392] erofs: (device loop1): mounted with root inode @ nid 36.
[  205.007222][ T6396] hfsplus: xattr searching failed
[  206.297391][ T6415] loop2: detected capacity change from 0 to 256
[  206.576719][ T1326] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  206.620584][ T6415] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  206.834729][ T1326] usb 6-1: Using ep0 maxpacket: 16
[  206.872827][   T26] audit: type=1326 audit(1745510933.350:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6428 comm="syz.3.731" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5d81f27969 code=0x0
[  206.975217][ T1326] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  206.997930][ T1326] usb 6-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  207.037349][ T1326] usb 6-1: config 0 interface 0 has no altsetting 0
[  207.067460][ T1326] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  207.102144][ T1326] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  207.147388][ T1326] usb 6-1: config 0 descriptor??
[  207.710535][ T1326] hid (null): nested delimiters
[  207.747848][ T1326] hid (null): report_id 24797 is invalid
[  207.796083][ T1326] hid (null): bogus close delimiter
[  207.830026][ T6439] loop3: detected capacity change from 0 to 256
[  207.899382][ T1326] usb 6-1: USB disconnect, device number 2
[  207.914314][ T6439] FAT-fs (loop3): bogus logical sector size 0
[  207.924178][ T6439] FAT-fs (loop3): Can't find a valid FAT filesystem
[  208.548222][ T6457] loop3: detected capacity change from 0 to 2048
[  208.635941][ T6457] UDF-fs: bad mount option "adinic" or missing value
[  209.551170][ T6457] loop3: detected capacity change from 0 to 512
[  209.629167][ T6457] EXT4-fs (loop3): filesystem is read-only
[  209.651513][ T6457] EXT4-fs (loop3): ext4_check_descriptors: Block bitmap for group 0 overlaps block group descriptors
[  209.887013][ T6457] EXT4-fs (loop3): filesystem is read-only
[  209.892871][ T6457] EXT4-fs (loop3): orphan cleanup on readonly fs
[  209.921235][ T6457] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.742: bg 0: block 64: padding at end of block bitmap is not set
[  210.013402][ T6457] EXT4-fs (loop3): Remounting filesystem read-only
[  210.051122][ T6457] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  210.077834][ T6457] EXT4-fs (loop3): Remounting filesystem read-only
[  210.086336][ T6457] EXT4-fs (loop3): 1 orphan inode deleted
[  210.093192][ T6457] EXT4-fs (loop3): mounted filesystem without journal. Opts: grpjquota=,noblock_validity,auto_da_alloc=0x0000000000000001,inode_readahead_blks=0x0000000000040000,user_xattr,nombcache,resuid=0x000000000000ee00,data_err=abort,quota,errors=remount-ro,. Quota mode: writeback.
[  212.248299][ T6527] loop3: detected capacity change from 0 to 512
[  212.456625][ T6527] EXT4-fs (loop3): orphan cleanup on readonly fs
[  212.476130][ T6527] Quota error (device loop3): find_block_dqentry: Quota for id 0 referenced but not present
[  212.505928][ T6527] Quota error (device loop3): qtree_read_dquot: Can't read quota structure for id 0
[  212.524708][ T1108] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  212.557700][ T6527] EXT4-fs error (device loop3): ext4_acquire_dquot:6204: comm syz.3.767: Failed to acquire dquot type 1
[  212.616637][ T6527] EXT4-fs (loop3): 1 truncate cleaned up
[  212.640931][ T6527] EXT4-fs (loop3): mounted filesystem without journal. Opts: barrier,,errors=continue. Quota mode: writeback.
[  212.774791][ T1108] usb 3-1: Using ep0 maxpacket: 32
[  212.894963][ T1108] usb 3-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  212.914194][ T1108] usb 3-1: config 1 has no interface number 1
[  212.939779][ T1108] usb 3-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0
[  213.084035][ T6553] loop3: detected capacity change from 0 to 256
[  213.144865][ T1108] usb 3-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  213.157265][ T1108] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  213.172907][ T1108] usb 3-1: Product: syz
[  213.177729][ T1108] usb 3-1: Manufacturer: syz
[  213.182757][ T1108] usb 3-1: SerialNumber: syz
[  213.410241][ T6558] loop3: detected capacity change from 0 to 512
[  213.473490][ T6558] EXT4-fs (loop3): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  213.531736][ T6562] netlink: 16 bytes leftover after parsing attributes in process `syz.5.779'.
[  213.545447][ T1108] usb 3-1: 2:1 : no UAC_FORMAT_TYPE desc
[  213.586333][ T1108] usb 3-1: USB disconnect, device number 10
[  213.854981][ T6577] device veth3 entered promiscuous mode
[  213.887738][ T6570] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  213.897279][ T6570] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  213.904862][ T6570] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  215.952014][ T6624] loop3: detected capacity change from 0 to 256
[  216.279978][ T6635] x_tables: ip6_tables: CT target: only valid in raw table, not 
[  216.654851][   T26] audit: type=1326 audit(1745510943.110:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6609 comm="syz.1.798" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd057f57969 code=0x7fc00000
[  218.249860][ T6688] netlink: 92 bytes leftover after parsing attributes in process `syz.5.831'.
[  218.368589][ T6690] loop3: detected capacity change from 0 to 512
[  218.452953][ T6696] netlink: 'syz.2.835': attribute type 1 has an invalid length.
[  218.606490][ T6702] loop1: detected capacity change from 0 to 1024
[  218.732991][ T6702] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  218.758155][ T6705] loop3: detected capacity change from 0 to 2048
[  218.980526][ T6705] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=4096, location=4096
[  219.124234][ T6705] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  219.357005][ T6705] UDF-fs: error (device loop3): udf_process_sequence: Primary Volume Descriptor not found!
[  219.560715][ T6705] UDF-fs: Scanning with blocksize 512 failed
[  219.602954][ T6705] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  219.687563][ T6705] UDF-fs: Scanning with blocksize 1024 failed
[  219.728985][ T6705] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  219.771749][ T6705] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  219.803592][ T6705] UDF-fs: Scanning with blocksize 2048 failed
[  219.823274][ T6724] loop2: detected capacity change from 0 to 8
[  219.842115][ T6705] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=256, location=256
[  219.868116][ T6705] UDF-fs: error (device loop3): udf_read_tagged: read failed, block=512, location=512
[  219.894758][ T6705] UDF-fs: warning (device loop3): udf_load_vrs: No anchor found
[  219.915908][ T6724] SQUASHFS error: lzo decompression failed, data probably corrupt
[  219.924577][ T6705] UDF-fs: Scanning with blocksize 4096 failed
[  219.930757][ T6705] UDF-fs: warning (device loop3): udf_fill_super: No partition found (1)
[  219.964825][ T6724] SQUASHFS error: Failed to read block 0x91: -5
[  219.975932][ T6724] SQUASHFS error: Unable to read metadata cache entry [8f]
[  219.983343][ T6724] SQUASHFS error: Unable to read inode 0x11f
[  220.152963][ T6735] loop3: detected capacity change from 0 to 1024
[  220.300498][ T6735] EXT4-fs (loop3): Ignoring removed nobh option
[  220.319486][ T6735] EXT4-fs (loop3): Ignoring removed bh option
[  220.351497][ T6735] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  220.405818][ T6740] loop2: detected capacity change from 0 to 1024
[  220.485031][ T6735] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,data_err=ignore,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,,errors=continue. Quota mode: writeback.
[  220.549448][ T6748] netlink: 68 bytes leftover after parsing attributes in process `syz.4.854'.
[  220.636299][ T6740] EXT4-fs (loop2): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  220.683089][ T6740] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  221.181805][ T6763] netlink: 156 bytes leftover after parsing attributes in process `syz.1.863'.
[  221.712981][ T6778] loop1: detected capacity change from 0 to 512
[  221.770314][ T6778] EXT4-fs (loop1): feature flags set on rev 0 fs, running e2fsck is recommended
[  221.794814][ T6778] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  222.571568][ T6778] EXT4-fs (loop1): warning: checktime reached, running e2fsck is recommended
[  222.601973][ T6778] [EXT4 FS bs=4096, gc=1, bpg=32768, ipg=32, mo=a042c01c, mo2=0002]
[  222.612768][ T6778] System zones: 0-2, 18-18, 34-34
[  222.622900][ T6778] EXT4-fs warning (device loop1): ext4_update_dynamic_rev:1062: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  222.693047][ T6778] EXT4-fs error (device loop1): ext4_validate_block_bitmap:438: comm syz.1.868: bg 0: block 145: padding at end of block bitmap is not set
[  222.749165][ T6778] EXT4-fs error (device loop1) in ext4_mb_clear_bb:6183: Corrupt filesystem
[  222.767151][ T6778] EXT4-fs (loop1): 1 truncate cleaned up
[  222.773952][ T6778] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  222.794457][ T6778] EXT4-fs error (device loop1): ext4_find_dest_de:2115: inode #2: block 3: comm syz.1.868: bad entry in directory: inode out of bounds - offset=0, inode=63, rec_len=12, size=4096 fake=1
[  223.038717][ T6804] netlink: 156 bytes leftover after parsing attributes in process `syz.5.875'.
[  223.053877][ T6802] loop1: detected capacity change from 0 to 1024
[  223.525340][ T6810] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  223.535059][ T6810] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  223.542551][ T6810] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  223.709922][ T6815] netlink: 100 bytes leftover after parsing attributes in process `syz.5.881'.
[  223.917560][ T6821] loop3: detected capacity change from 0 to 1024
[  223.960562][ T6821] EXT4-fs (loop3): Ignoring removed nobh option
[  223.978416][ T6821] EXT4-fs (loop3): Ignoring removed bh option
[  225.124132][ T6821] EXT4-fs (loop3): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  225.521538][ T6821] EXT4-fs (loop3): mounted filesystem without journal. Opts: delalloc,data_err=abort,barrier=0x0000000000000002,dioread_lock,errors=remount-ro,max_dir_size_kb=0x00000000004007b1,data_err=ignore,grpquota,nobh,user_xattr,bh,dioread_nolock,. Quota mode: writeback.
[  225.558128][ T6829] loop1: detected capacity change from 0 to 1024
[  225.665398][ T6821] netlink: 116 bytes leftover after parsing attributes in process `syz.3.882'.
[  225.813250][ T6834] netlink: 156 bytes leftover after parsing attributes in process `syz.5.885'.
[  225.854508][ T6829] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  225.940241][ T6839] netlink: 156 bytes leftover after parsing attributes in process `syz.2.886'.
[  226.035505][ T6829] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1152: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  226.061138][ T6829] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 21 with max blocks 43 with error 28
[  226.114728][ T6829] EXT4-fs (loop1): This should not happen!! Data will be lost
[  226.114728][ T6829] 
[  226.121367][ T6841] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 64 with max blocks 1 with error 28
[  226.146371][ T6829] EXT4-fs (loop1): Total free blocks count 0
[  226.156299][ T6829] EXT4-fs (loop1): Free/Dirty block details
[  226.174835][ T6829] EXT4-fs (loop1): free_blocks=68451041280
[  226.190664][ T6841] EXT4-fs (loop1): This should not happen!! Data will be lost
[  226.190664][ T6841] 
[  226.191523][ T6829] EXT4-fs (loop1): dirty_blocks=80
[  226.229289][ T6854] netlink: 'syz.2.892': attribute type 4 has an invalid length.
[  226.254844][ T6841] EXT4-fs (loop1): Total free blocks count 0
[  226.265126][ T6829] EXT4-fs (loop1): Block reservation details
[  226.355764][   T13] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  226.594807][   T13] usb 4-1: Using ep0 maxpacket: 16
[  226.698725][ T6867] loop1: detected capacity change from 0 to 128
[  226.734939][   T13] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  226.748578][   T13] usb 4-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0
[  226.760084][   T13] usb 4-1: config 0 interface 0 has no altsetting 0
[  226.772484][ T6867] EXT4-fs (loop1): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  226.783591][   T13] usb 4-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  226.793415][ T6867] ext4 filesystem being mounted at /169/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.804491][   T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  226.836102][   T13] usb 4-1: config 0 descriptor??
[  228.687161][ T6903] loop2: detected capacity change from 0 to 16
[  228.854513][ T6903] erofs: (device loop2): mounted with root inode @ nid 36.
[  228.887526][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 360447 of nid 36
[  228.898126][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 87 @ nid 36
[  228.907294][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 86 @ nid 36
[  228.919880][ T6903] erofs: (device loop2): z_erofs_extent_lookback: unknown type 3 @ lcn 84 of nid 36
[  228.929365][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 85 @ nid 36
[  228.938923][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 348159 of nid 36
[  228.949144][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 84 @ nid 36
[  228.958264][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 344063 of nid 36
[  228.968348][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 83 @ nid 36
[  228.977508][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  228.986879][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 82 @ nid 36
[  228.996081][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 81 @ nid 36
[  229.005558][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 79 @ nid 36
[  229.014678][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 78 @ nid 36
[  229.023819][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 77 @ nid 36
[  229.032938][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 315391 of nid 36
[  229.043173][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 76 @ nid 36
[  229.052304][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  229.061673][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 75 @ nid 36
[  229.070794][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 307199 of nid 36
[  229.080862][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 74 @ nid 36
[  229.090035][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 73 @ nid 36
[  229.099208][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 72 @ nid 36
[  229.108325][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 71 @ nid 36
[  229.117485][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 290815 of nid 36
[  229.127606][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 70 @ nid 36
[  229.136764][ T6903] erofs: (device loop2): z_erofs_extent_lookback: unknown type 3 @ lcn 64 of nid 36
[  229.146182][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 65 @ nid 36
[  229.156923][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 266239 of nid 36
[  229.166991][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 64 @ nid 36
[  229.173865][ T4216] usb 4-1: USB disconnect, device number 5
[  229.176091][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 262143 of nid 36
[  229.191907][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 63 @ nid 36
[  229.201048][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 61 @ nid 36
[  229.210141][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 60 @ nid 36
[  229.219234][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 59 @ nid 36
[  229.228394][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  229.238374][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 58 @ nid 36
[  229.247518][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 57 @ nid 36
[  229.256610][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 56 @ nid 36
[  229.265716][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 55 @ nid 36
[  229.274808][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 54 @ nid 36
[  229.283866][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 221183 of nid 36
[  229.293915][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 53 @ nid 36
[  229.303042][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 217087 of nid 36
[  229.313105][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 52 @ nid 36
[  229.322187][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 212991 of nid 36
[  229.332239][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 51 @ nid 36
[  229.341695][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 208895 of nid 36
[  229.351804][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 50 @ nid 36
[  229.360938][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 204799 of nid 36
[  229.371523][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 49 @ nid 36
[  229.380630][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 200703 of nid 36
[  229.390670][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 48 @ nid 36
[  229.399766][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 196607 of nid 36
[  229.409801][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 47 @ nid 36
[  229.418920][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  229.428280][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 46 @ nid 36
[  229.437411][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 45 @ nid 36
[  229.446498][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 44 @ nid 36
[  229.455622][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 43 @ nid 36
[  229.464709][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  229.474009][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 42 @ nid 36
[  229.483124][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 41 @ nid 36
[  229.492222][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  229.501591][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 40 @ nid 36
[  229.510684][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 39 @ nid 36
[  229.520953][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 38 @ nid 36
[  229.530597][ T6903] erofs: (device loop2): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  229.539973][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 31 @ nid 36
[  229.549573][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 27 @ nid 36
[  229.558669][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 26 @ nid 36
[  229.567747][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 106495 of nid 36
[  229.577948][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 25 @ nid 36
[  229.587038][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 24 @ nid 36
[  229.596356][ T6903] erofs: (device loop2): z_erofs_extent_lookback: unknown type 3 @ lcn 15 of nid 36
[  229.605824][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 16 @ nid 36
[  229.614896][ T6903] erofs: (device loop2): z_erofs_map_blocks_iter: unknown type 3 @ offset 65535 of nid 36
[  229.624838][ T6903] erofs: (device loop2): z_erofs_readahead: readahead error at page 15 @ nid 36
[  229.634059][ T6903] attempt to access beyond end of device
[  229.634059][ T6903] loop2: rw=524288, want=848, limit=16
[  229.645211][ T6903] attempt to access beyond end of device
[  229.645211][ T6903] loop2: rw=524288, want=13478624104, limit=16
[  229.657384][ T6903] attempt to access beyond end of device
[  229.657384][ T6903] loop2: rw=524288, want=13478624080, limit=16
[  229.669195][ T6903] attempt to access beyond end of device
[  229.669195][ T6903] loop2: rw=524288, want=40, limit=16
[  229.680150][ T6903] attempt to access beyond end of device
[  229.680150][ T6903] loop2: rw=524288, want=96, limit=16
[  229.691398][ T6903] attempt to access beyond end of device
[  229.691398][ T6903] loop2: rw=524288, want=32, limit=16
[  230.774542][ T6923] loop2: detected capacity change from 0 to 256
[  230.811127][ T6901] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  230.845831][ T6901] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  230.873861][ T6901] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  230.980400][ T6923] FAT-fs (loop2): bogus logical sector size 0
[  231.005983][ T6923] FAT-fs (loop2): Can't find a valid FAT filesystem
[  231.797025][ T6943] fuse: Bad value for 'fd'
[  232.071112][ T6957] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  232.998976][ T6985] loop1: detected capacity change from 0 to 256
[  233.006293][   T26] audit: type=1326 audit(1745510959.490:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6976 comm="syz.4.935" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fdcb59c9969 code=0x0
[  233.098020][ T6985] FAT-fs (loop1): bogus logical sector size 0
[  233.105536][ T6985] FAT-fs (loop1): Can't find a valid FAT filesystem
[  233.138079][ T6993] fuse: Bad value for 'fd'
[  233.173512][ T6995] netlink: 156 bytes leftover after parsing attributes in process `syz.4.940'.
[  233.313997][ T7000] device batadv0 entered promiscuous mode
[  233.320713][ T7000] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  233.341900][ T7000] bond0: (slave macvlan2): Enslaving as an active interface with an up link
[  233.558140][ T7010] binder_alloc: 7009: binder_alloc_buf, no vma
[  233.661216][ T7016] overlayfs: unrecognized mount option "verity=on" or missing value
[  233.713064][ T7018] pit: kvm: requested 4190 ns i8254 timer period limited to 200000 ns
[  233.739312][ T7018] kvm: pic: non byte read
[  233.754288][ T7018] kvm: pic: level sensitive irq not supported
[  233.754451][ T7018] kvm: pic: non byte read
[  233.796290][ T7024] fuse: Bad value for 'fd'
[  233.801345][ T7018] kvm: pic: level sensitive irq not supported
[  233.801446][ T7018] kvm: pic: non byte read
[  233.825283][ T7018] kvm: pic: level sensitive irq not supported
[  233.825366][ T7018] kvm: pic: non byte read
[  233.851494][ T7018] kvm: pic: level sensitive irq not supported
[  233.851593][ T7018] kvm: pic: non byte read
[  233.869302][ T7018] kvm: pic: level sensitive irq not supported
[  233.869818][ T7018] kvm: pic: non byte read
[  233.912474][ T7018] kvm: pic: level sensitive irq not supported
[  233.912544][ T7018] kvm: pic: non byte read
[  233.933641][ T7018] kvm: pic: level sensitive irq not supported
[  233.953080][ T7018] kvm: pic: non byte read
[  233.995485][ T7018] kvm: pic: level sensitive irq not supported
[  233.995571][ T7018] kvm: pic: non byte read
[  234.085908][ T7030] netlink: 156 bytes leftover after parsing attributes in process `syz.1.954'.
[  234.094903][   T13] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  234.374768][   T13] usb 4-1: Using ep0 maxpacket: 8
[  234.675620][   T13] usb 4-1: config 0 has an invalid interface number: 55 but max is 0
[  234.683802][   T13] usb 4-1: config 0 has no interface number 0
[  235.079408][   T13] usb 4-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0x80, skipping
[  235.574666][   T13] usb 4-1: config 0 interface 55 altsetting 0 has an invalid endpoint with address 0xAB, skipping
[  235.618206][ T7064] netlink: 156 bytes leftover after parsing attributes in process `syz.5.969'.
[  235.640767][   T13] usb 4-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  235.684107][   T13] usb 4-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  235.704738][   T13] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  235.739317][   T13] usb 4-1: config 0 descriptor??
[  235.775630][ T7068] kvm: pic: level sensitive irq not supported
[  235.776000][ T7068] kvm: pic: single mode not supported
[  235.782452][ T7068] kvm: pic: level sensitive irq not supported
[  235.788093][ T7068] kvm: pic: single mode not supported
[  235.794753][ T7068] kvm: pic: single mode not supported
[  235.797102][   T13] ldusb 4-1:0.55: Interrupt in endpoint not found
[  235.800294][ T7068] kvm: pic: single mode not supported
[  235.812218][ T7068] kvm: pic: single mode not supported
[  235.817834][ T7068] kvm: pic: single mode not supported
[  235.825645][ T7068] kvm: pic: single mode not supported
[  235.831144][ T7068] kvm: pic: single mode not supported
[  235.840193][ T7068] kvm: pic: single mode not supported
[  235.847974][ T7077] 9pnet_virtio: no channels available for device syz
[  235.862324][ T7068] kvm: pic: single mode not supported
[  235.863770][ T7068] kvm: pic: non byte write
[  235.884880][ T7068] kvm: pic: non byte write
[  236.000950][ T1111] usb 4-1: USB disconnect, device number 6
[  236.001088][ T7087] sp0: Synchronizing with TNC
[  236.025908][ T7087] 9pnet_virtio: no channels available for device syz
[  236.035217][ T7086] [U] è
[  236.272986][ T7101] 9pnet_virtio: no channels available for device syz
[  236.368742][ T7108] overlayfs: failed to clone upperpath
[  236.623444][ T7119] tmpfs: Unknown parameter 'quota'
[  236.764146][ T7125] use of bytesused == 0 is deprecated and will be removed in the future,
[  236.807205][ T7125] use the actual size instead.
[  236.949528][ T7138] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1000'.
[  237.187207][ T7156] Context (ID=0x0) not attached to queue pair (handle=0x0:0x0)
[  237.216832][ T7161] fuse: Bad value for 'fd'
[  237.425917][ T7171] syz.1.1010 uses obsolete (PF_INET,SOCK_PACKET)
[  238.275894][ T7225] netlink: 'syz.5.1033': attribute type 4 has an invalid length.
[  238.308115][ T7220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1031'.
[  238.327622][ T7220] device bridge_slave_1 left promiscuous mode
[  238.335987][ T7220] bridge0: port 2(bridge_slave_1) entered disabled state
[  238.359211][ T7220] device bridge_slave_0 left promiscuous mode
[  238.371881][ T7220] bridge0: port 1(bridge_slave_0) entered disabled state
[  238.553611][ T7225] netlink: 'syz.5.1033': attribute type 4 has an invalid length.
[  238.723266][ T7243] loop3: detected capacity change from 0 to 256
[  238.726260][ T7242] overlayfs: failed to clone upperpath
[  238.753438][ T7241] overlayfs: upper fs does not support tmpfile.
[  238.900046][ T7243] FAT-fs (loop3): bogus logical sector size 0
[  238.911125][ T7257] overlayfs: failed to clone upperpath
[  238.929817][ T7243] FAT-fs (loop3): Can't find a valid FAT filesystem
[  240.120973][ T4174] ==================================================================
[  240.129442][ T4174] BUG: KASAN: slab-out-of-bounds in hci_le_meta_evt+0x11d6/0x3f50
[  240.137275][ T4174] Read of size 1 at addr ffff88805fbf9e02 by task kworker/u5:2/4174
[  240.145266][ T4174] 
[  240.147598][ T4174] CPU: 1 PID: 4174 Comm: kworker/u5:2 Not tainted 5.15.180-syzkaller #0
[  240.155937][ T4174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.166010][ T4174] Workqueue: hci4 hci_rx_work
[  240.170725][ T4174] Call Trace:
[  240.174013][ T4174]  <TASK>
[  240.176954][ T4174]  dump_stack_lvl+0x1e3/0x2d0
[  240.181657][ T4174]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  240.187304][ T4174]  ? _printk+0xd1/0x120
[  240.191479][ T4174]  ? __wake_up_klogd+0xcc/0x100
[  240.196342][ T4174]  ? panic+0x860/0x860
[  240.200463][ T4174]  ? _raw_spin_lock_irqsave+0xdd/0x120
[  240.205954][ T4174]  print_address_description+0x63/0x3b0
[  240.211524][ T4174]  ? hci_le_meta_evt+0x11d6/0x3f50
[  240.216661][ T4174]  kasan_report+0x16b/0x1c0
[  240.221192][ T4174]  ? hci_le_meta_evt+0x11d6/0x3f50
[  240.226441][ T4174]  hci_le_meta_evt+0x11d6/0x3f50
[  240.231408][ T4174]  ? __lock_acquire+0x1ff0/0x1ff0
[  240.236477][ T4174]  ? hci_remote_host_features_evt+0x280/0x280
[  240.242584][ T4174]  ? __mutex_unlock_slowpath+0x218/0x750
[  240.248232][ T4174]  ? hci_event_packet+0x3b4/0x1550
[  240.253371][ T4174]  ? mutex_unlock+0x10/0x10
[  240.257900][ T4174]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  240.263910][ T4174]  ? print_irqtrace_events+0x210/0x210
[  240.269394][ T4174]  hci_event_packet+0xc41/0x1550
[  240.274371][ T4174]  ? rcu_lock_release+0x20/0x20
[  240.279266][ T4174]  ? hci_send_to_monitor+0x99/0x4d0
[  240.284489][ T4174]  hci_rx_work+0x237/0xa10
[  240.288946][ T4174]  process_one_work+0x8a1/0x10c0
[  240.293921][ T4174]  ? worker_detach_from_pool+0x260/0x260
[  240.299581][ T4174]  ? _raw_spin_lock_irqsave+0x120/0x120
[  240.305138][ T4174]  ? kthread_data+0x4e/0xc0
[  240.309656][ T4174]  ? wq_worker_running+0x97/0x170
[  240.314688][ T4174]  worker_thread+0xaca/0x1280
[  240.319393][ T4174]  kthread+0x3f6/0x4f0
[  240.323462][ T4174]  ? rcu_lock_release+0x20/0x20
[  240.328315][ T4174]  ? kthread_blkcg+0xd0/0xd0
[  240.332937][ T4174]  ret_from_fork+0x1f/0x30
[  240.337372][ T4174]  </TASK>
[  240.340386][ T4174] 
[  240.342708][ T4174] Allocated by task 7274:
[  240.347037][ T4174]  ____kasan_kmalloc+0xba/0xf0
[  240.351805][ T4174]  __kmalloc_node_track_caller+0x195/0x390
[  240.357788][ T4174]  __alloc_skb+0x12c/0x590
[  240.362205][ T4174]  vhci_write+0xbc/0x430
[  240.366447][ T4174]  vfs_write+0xacd/0xe50
[  240.370685][ T4174]  ksys_write+0x1a2/0x2c0
[  240.375009][ T4174]  do_syscall_64+0x3b/0x80
[  240.379526][ T4174]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  240.385417][ T4174] 
[  240.387733][ T4174] Last potentially related work creation:
[  240.393433][ T4174]  kasan_save_stack+0x36/0x60
[  240.398107][ T4174]  kasan_record_aux_stack+0xba/0x100
[  240.403384][ T4174]  insert_work+0x54/0x3e0
[  240.407705][ T4174]  __queue_work+0x963/0xd00
[  240.412198][ T4174]  call_timer_fn+0x16d/0x560
[  240.416803][ T4174]  __run_timers+0x6a8/0x890
[  240.421319][ T4174]  run_timer_softirq+0x63/0xf0
[  240.426169][ T4174]  handle_softirqs+0x3a7/0x930
[  240.430928][ T4174]  __irq_exit_rcu+0x157/0x240
[  240.435602][ T4174]  irq_exit_rcu+0x5/0x20
[  240.439843][ T4174]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  240.445472][ T4174]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  240.451451][ T4174] 
[  240.453783][ T4174] The buggy address belongs to the object at ffff88805fbf9c00
[  240.453783][ T4174]  which belongs to the cache kmalloc-512 of size 512
[  240.467837][ T4174] The buggy address is located 2 bytes to the right of
[  240.467837][ T4174]  512-byte region [ffff88805fbf9c00, ffff88805fbf9e00)
[  240.481493][ T4174] The buggy address belongs to the page:
[  240.487134][ T4174] page:ffffea00017efe00 refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x5fbf8
[  240.497283][ T4174] head:ffffea00017efe00 order:2 compound_mapcount:0 compound_pincount:0
[  240.505605][ T4174] flags: 0xfff00000010200(slab|head|node=0|zone=1|lastcpupid=0x7ff)
[  240.513602][ T4174] raw: 00fff00000010200 dead000000000100 dead000000000122 ffff888017441c80
[  240.522182][ T4174] raw: 0000000000000000 0000000080100010 00000001ffffffff 0000000000000000
[  240.530839][ T4174] page dumped because: kasan: bad access detected
[  240.537245][ T4174] page_owner tracks the page as allocated
[  240.542955][ T4174] page last allocated via order 2, migratetype Unmovable, gfp_mask 0xd2a20(GFP_ATOMIC|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 1111, ts 68278764718, free_ts 68271183519
[  240.561456][ T4174]  get_page_from_freelist+0x3b78/0x3d40
[  240.567003][ T4174]  __alloc_pages+0x272/0x700
[  240.571587][ T4174]  new_slab+0xbb/0x4b0
[  240.575652][ T4174]  ___slab_alloc+0x6f6/0xe10
[  240.580232][ T4174]  __kmalloc_node_track_caller+0x1f6/0x390
[  240.586035][ T4174]  __alloc_skb+0x12c/0x590
[  240.590447][ T4174]  __ipv6_ifa_notify+0x2e5/0x11d0
[  240.595478][ T4174]  addrconf_dad_completed+0x188/0xcc0
[  240.600894][ T4174]  addrconf_dad_work+0xdda/0x16f0
[  240.605912][ T4174]  process_one_work+0x8a1/0x10c0
[  240.610849][ T4174]  worker_thread+0xaca/0x1280
[  240.615524][ T4174]  kthread+0x3f6/0x4f0
[  240.619589][ T4174]  ret_from_fork+0x1f/0x30
[  240.624005][ T4174] page last free stack trace:
[  240.628666][ T4174]  free_unref_page_prepare+0xc34/0xcf0
[  240.634124][ T4174]  free_unref_page+0x95/0x2d0
[  240.638800][ T4174]  stack_depot_save+0x3ef/0x440
[  240.643649][ T4174]  __kasan_slab_alloc+0xa5/0xc0
[  240.648502][ T4174]  slab_post_alloc_hook+0x53/0x380
[  240.653607][ T4174]  kmem_cache_alloc+0xf3/0x280
[  240.658388][ T4174]  new_inode_pseudo+0x78/0x210
[  240.663146][ T4174]  new_inode+0x25/0x1d0
[  240.667299][ T4174]  __debugfs_create_file+0x147/0x500
[  240.672585][ T4174]  ieee80211_register_hw+0x29ae/0x39d0
[  240.678039][ T4174]  mac80211_hwsim_new_radio+0x2242/0x4200
[  240.683757][ T4174]  hwsim_new_radio_nl+0xbae/0x1090
[  240.688869][ T4174]  genl_rcv_msg+0xfc2/0x14a0
[  240.693454][ T4174]  netlink_rcv_skb+0x1cf/0x410
[  240.698264][ T4174]  genl_rcv+0x24/0x40
[  240.702238][ T4174]  netlink_unicast+0x7c0/0x990
[  240.706999][ T4174] 
[  240.709312][ T4174] Memory state around the buggy address:
[  240.714956][ T4174]  ffff88805fbf9d00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  240.723011][ T4174]  ffff88805fbf9d80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  240.731064][ T4174] >ffff88805fbf9e00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  240.739122][ T4174]                    ^
[  240.743195][ T4174]  ffff88805fbf9e80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  240.751256][ T4174]  ffff88805fbf9f00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc
[  240.759412][ T4174] ==================================================================
[  240.767486][ T4174] Disabling lock debugging due to kernel taint
[  240.778874][ T4174] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  240.786102][ T4174] CPU: 1 PID: 4174 Comm: kworker/u5:2 Tainted: G    B             5.15.180-syzkaller #0
[  240.795928][ T4174] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2025
[  240.805999][ T4174] Workqueue: hci4 hci_rx_work
[  240.810696][ T4174] Call Trace:
[  240.813974][ T4174]  <TASK>
[  240.816905][ T4174]  dump_stack_lvl+0x1e3/0x2d0
[  240.821594][ T4174]  ? io_uring_drop_tctx_refs+0x1a0/0x1a0
[  240.827246][ T4174]  ? panic+0x860/0x860
[  240.831323][ T4174]  ? preempt_schedule_irq+0x155/0x1c0
[  240.836706][ T4174]  panic+0x318/0x860
[  240.840613][ T4174]  ? check_panic_on_warn+0x1d/0xa0
[  240.845732][ T4174]  ? fb_is_primary_device+0xd0/0xd0
[  240.850943][ T4174]  ? asm_sysvec_reschedule_ipi+0x16/0x20
[  240.856584][ T4174]  ? check_panic_on_warn+0x1d/0xa0
[  240.861708][ T4174]  ? check_panic_on_warn+0x6a/0xa0
[  240.866827][ T4174]  check_panic_on_warn+0x7e/0xa0
[  240.871770][ T4174]  ? hci_le_meta_evt+0x11d6/0x3f50
[  240.876886][ T4174]  end_report+0x6d/0xf0
[  240.881051][ T4174]  kasan_report+0x18e/0x1c0
[  240.885561][ T4174]  ? hci_le_meta_evt+0x11d6/0x3f50
[  240.890682][ T4174]  hci_le_meta_evt+0x11d6/0x3f50
[  240.895622][ T4174]  ? __lock_acquire+0x1ff0/0x1ff0
[  240.900664][ T4174]  ? hci_remote_host_features_evt+0x280/0x280
[  240.906734][ T4174]  ? __mutex_unlock_slowpath+0x218/0x750
[  240.912368][ T4174]  ? hci_event_packet+0x3b4/0x1550
[  240.917485][ T4174]  ? mutex_unlock+0x10/0x10
[  240.921991][ T4174]  ? lockdep_hardirqs_on_prepare+0x438/0x7a0
[  240.928062][ T4174]  ? print_irqtrace_events+0x210/0x210
[  240.933532][ T4174]  hci_event_packet+0xc41/0x1550
[  240.938475][ T4174]  ? rcu_lock_release+0x20/0x20
[  240.943431][ T4174]  ? hci_send_to_monitor+0x99/0x4d0
[  240.948632][ T4174]  hci_rx_work+0x237/0xa10
[  240.953058][ T4174]  process_one_work+0x8a1/0x10c0
[  240.958010][ T4174]  ? worker_detach_from_pool+0x260/0x260
[  240.963648][ T4174]  ? _raw_spin_lock_irqsave+0x120/0x120
[  240.969202][ T4174]  ? kthread_data+0x4e/0xc0
[  240.973712][ T4174]  ? wq_worker_running+0x97/0x170
[  240.978741][ T4174]  worker_thread+0xaca/0x1280
[  240.983433][ T4174]  kthread+0x3f6/0x4f0
[  240.987502][ T4174]  ? rcu_lock_release+0x20/0x20
[  240.992519][ T4174]  ? kthread_blkcg+0xd0/0xd0
[  240.997125][ T4174]  ret_from_fork+0x1f/0x30
[  241.001556][ T4174]  </TASK>
[  241.004682][ T4174] Kernel Offset: disabled
[  241.009007][ T4174] Rebooting in 86400 seconds..