last executing test programs:

10m20.055224752s ago: executing program 32 (id=308):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0x3, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @broadcast})
write$tun(r0, &(0x7f0000000ec0)={@val={0x8, 0x800}, @val={0x3, 0x0, 0x0, 0x0, 0x14}, @ipv4=@generic={{0x5, 0x4, 0x1, 0x2b, 0x1c, 0x68, 0x0, 0x60, 0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @broadcast}, "11f3305280f125e6"}}, 0x2a)

7m48.7813909s ago: executing program 33 (id=1350):
r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000380)=ANY=[], 0x8)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x0, @mcast2, 0x7}, 0x1c)
setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000080)='bridge0\x00', 0x10)
sendto$inet6(r0, &(0x7f0000000300), 0x16, 0x3b00, 0x0, 0xfffffffffffffdfd)

7m15.600809651s ago: executing program 34 (id=1582):
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
syz_mount_image$btrfs(&(0x7f0000005100), &(0x7f0000000180)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x200810, &(0x7f0000000240)={[{@ssd_spread}, {@nodatacow}, {@enospc_debug}, {@nossd}, {@nodatasum}, {@nodatasum}, {@user_subvol_rm}, {@max_inline={'max_inline', 0x3d, [0x6d, 0x33, 0x78, 0x39, 0x65, 0x36]}}]}, 0x1, 0x50f3, &(0x7f000000a2c0)="$eJzs3U+IVWUfB/Dnzp1x5lVw7isEtsoikGrh4CYioqtMUFF0y8VgBE4tgnThJEi0EMQW/Vt4S4paSK6kFsksjKA2LqQwArehYS7cKAaSi3Yac8957pz7HO+5d0ZtTD8fmTnnOb/zPOe5l7O43+uccwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACEEF74/bNDVfVT16bPnJtp7jywZebyvul1p0OodbbX8vqOrc++8ua2HS9OxA6zL2fLRqPfkFnX81ljVc/GhX69P6+HEMaSAer58pk1pVGLq3vKA1a6fnH30U17mxuPH27Xr146e7L80lkwsdITWCn5eXVh8Vxqdn6PJHt024VTr9Zzimb90xPuX3kRAMCSTLU6i+7H0fwjbre9P60n7WbSbift+AmhXWwsRzbuqn7z3JDWV2iezSwqjPedZ1LP3/9uu5X2T9pJ1FjCPHt3zSPNRL95ziX1lZonAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJ3kkbdHH6qqn7o2febcTHPngS0zl/dNrzsdQqOzvZaVa6vfP9z869utxw78uPmr4xeef6ye94vL0cLO4be48sRkCG8UKhfisBfXhtDqLXSa4cty4a3OynOxAAAAwN3k/s7vkW47i4NjPe1aJ03WOv+iLCxev7j76Ka9zY3HD7frVy+dPbn88Vp9xmvecLxuu7H4UysE4xh/0/EW63HXPaVxqqUjpnn+8fNTf1f1L+X/RnX+j++c/A8AAMDNkP/TcaoNyv/fvfbHJ1X9S/l/Q88hS/k/zjjm/5GwvPwPAAAAd7Lbnf+bpXGqDcr/4y+NfV3Vv5T/p4bL/6PFaceNv8YJ75oMYWrQ1AEAAIA+4v+7L361EPN69s1BmtefevTguarxSvm/OVz+H7ulrwoAAAC4GUe+2P5wVb2U/1vD5f/x2zprAAAAYCne+XDig6p6Kf/PDpf/V+fL/MqHrNNP8a8QDk2GMLGwMpcVfg7tp7sFAAAA4BaJOf3PT3f+ULVfKf/PVd//P97pIF7/33P/v9L1/4VCdte/J90YAAAAgHtR+Xr+eHv87MkF/Z6/P+z1/w/87+CrVccv5f/9w+X/enF5K5//BwAAAMvwX3v+3/bSONUG3f//vo/e/aWqfyn/t4fL/3G5pvjyTtRq2fvz3mQI6xdW8rsJfhMPtyspzI8VCh2tpMe22CMvzI8XCh1zSY/NkyE8uLCyPyn8PxbaSeHK2rxwJCmcjoX8fOgWjiWFE/FM+3xtPt208H0s5BdYzMcrKNZ0L4lIelzt12OhcMMeZ7sHBwAAuKfE8Jxn2bHeZkij7Hxt0A6rB+0wMmiH+qAdRpMd0h37bQ+zvYW4vX1m49Ke/39kuPwf34pV2aLf9f8hXv+fP9ewe/3/bCw0ksJ8LLTSOwa04jGysPtxPEajlfe4sr5bAAAAgLta/F6gvsLzAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP5h715j5KruA4CffY734fVCUoXQKNkkNY6beL22gUQtVdaUqhEpzbqhoCqi2NhrsnjBjm1KjEJkbCIaIShtkJIPRRhFUc0HqBWISAoIFymOUHlEVEUBBAqtIQoipSQRaYIUqtl7z+ydc3cefqzx0t9P8s6Z+Z/nnYfn3HvnXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+P/h4Feu+dtm8Ud/e96zL1w8fsWetRe/et15pz4ZwsTM4x1ZuKP/xtvHf373uffseWD1HfcdPv+jvXm5PB4Gqn868zs3xFoPLw7h/o4QutPAisEs0JPfH4z1vW8whFPCbKBWYrI/K5E2HL7fF8K+MBuoVfW9vhAGC4ELn3rk4Zuridv6QlgaQqikbTxfydroSwNn9GaB/jSwtTsL/OqtTC3w3c4sAMcsvhlqL/oDE/UZhucu1+D113PcOvb2SofXFRPDjfP9bO08d6qgN31g4pietlJ1zIvS2+Ogd9sCeLeVtvOtnrbiF6n8G8pbs6FK6Nw0uXnD1dM74yOdYXS0q1FN8/Q8P/P6lzYeSXrBvA5jB4aPy+vwlieW3t21/ILH71ux9OX9H9v7yrF280eFTVpMz7dKyF9zC+Z5jMZ9niyAt1/pW9KIL10hhM2f/73PNIuX5v/Dzef/8eUcbzvrcsda3xzK5ubxkcGYeG0om5sDAADAgrEQ9ppuHX3oE83qK83/R9o7/h8P+eeT+Wy0B0MYn0nsXRLCaTOPZ4G7YnOXLQnhgzOpifrA2iRwMIT3ziSW16pKSiyKJUaSwE+G8sB4EjgUAxNJ4FsxcGsSuCEGDiSBjTFwMAmcGwNhqn4cvz+Uj6PtQF8MrM824oF4FsIvhmJrybZ6rlYVAADAcZLPDnvq7xbOdTjWDHF6eaCvVYZ4BnbDDJWkhnQGW5tWNayhu1UNna1qqI17d/Phl2ruaFVz6TSMjvoMt//ybz4bmijN/8eaz/8rc3Sko3T8P4R1M39j7s48Ml2Lr5+oywAAAAAcg4H/ffGbzeKl+f94e+f/x30iXYXM4bG4G2LLkhDG6gNZtX9YDmRHvQfyAAAAACwEtePxtWPhU/ltdop2Op8u5584wvzxwP/4nPl7Dz64vll/S/P/ifbO/++vv806cSj24mtLQlhUCPwg9rIamDESAz/+ZH0gH/+huAFuilXlJybUqropllgfA2NJYF+jEj+slTitPpA/WbXG99bGMZWXKAQAAADghIu7A+Jx+Xj+/4d+s/qaZuVK8//1R3b+/8w8uHR6//RACCu7Q+hKfxjwWH+2MGAMDHbkiYf6s7q60qqu7w/hnOrA0qpezNf/707XGHyqL6sqBk770P7Xz6gmvtkXwspi4OnP3XlWNbEzCdQa/8u+ED5QHW3a+HcWZY33pI1/fVEI7y8EalVdtiiEamO9aVWPVPLrGKRV/XMlhHcVArWqzq6EsCsAsEDF/0o3FR/csevaLRumpye3z2Mi7sPvC5unpidHN26d3lRp0KdNSZ/rljG6vjymdq9881y+RNFF964bbCdd+53gWLGtfD9+6cTB/H78LtQzM87VPXV316RD/siHy02EwjepRkPunOch9xcrmX0SS/XH/L1hICy6esfk9tEvbti5c/uq7G+72Vdnf+NhpmxbrUq3Vf9cfWvj5dFwtazE0W6rZcVKVu68ctvKHbuuXTF15YbLJy+fvGrV2avHzhxbM/bxM1dWRzWW/W0x1GVzVZ0M9a072xzXcRzq6d2FSk7Ep4aEhMRCS2wdWNb0/+TS/H9b8/l//NSJn/z5+gyNjv8Px8P82eOzh/nXx8C+do//Dzc6ml87MWAkCeyOgd0O8wMAAPDOECf5cW9m3Cv90+XfeblZudL8f3d7v/8/Tuv/15auP7/RMv/LY4mxRuv/p8v819b/391o/f90mf/a+v/73ob1/6+uBZJN8gvr/wMAAO8EJ279/5bL+6cXCChlaLm8f3qBgFKGlsv4t3uBgCNe///5//yr/w5NlOb/t7Y3/7dwPwAAAJw8vvxn1/xOs3hp/r+vvfn/iV//LzQ6/3+kUWCi0cKA1v8DAABggWq0/t/wjf2XNitXmv8faG/+H0+76KzLHWt9cyhb0y6ka9q9NlT7yQAAAAAsDJ1hdLSnzbx1K6OuPfo2n8mXAm2WLnrxTw4f2fn/B9ub/9f9LuOWJ5be3bX8gsffvG/F0pf3f2zvK7PH/wEAAID50+5+CQAAAAAAAAAAAAAA4O334n/sWdMsXvr9f1g383ij3//H6/7F3xe8uy53rLX1+n/5/Qs/fc+umSULHxsK4cPFwJY9W04J+bX5lxUDD1+y/D3VxJ60xIMvnPtSNXFpGvjUilPfqCbOSQLr4yKJ700D8aqKbyxOAnF5xX9PA3F7HEgDvXngq4uzcXSk2+qng9m26ki31bODISwpBGrb6v7BrI2OdIC3JYHaAL+QBuIA/zwPdKa9umcg61UMDMaidwxkvQIA4KQVvwX2hM1T05Nj8St8vD29u/42qluy7PpytR1tNv9cvjTZRfeuG2wn3ZV+F5291nhPqFSHsKr0dbWYpWNmlMenlhab7t0NhtxqtbfOBuVSR7rpehuPqC8b0ejGrdObeloOfE3rLKu7W2ZZVZrsFLN0zmzSNmppoy9tjKjNbdNGl+P9zjA62pXk+oMYHA51Wr0i2v29fnGdv0avgmKeqw7v/VWz+krz/+H25v+V4rjeyC8GsDteWe/vlljmHwAAAObXV9f++hvx32dvfPTpZnlL8/+R9ub/cQ9Wfig429txMF7/f++SEGYurT+cBe6KzV22JIQPzqQmYonsgvrnxxJjWeCuuMNkeSyxfqK+qkUxcCAJ/GQoDxxMAodiIN9LsT/ku3L+fiiEs2ZS6+pLbIslhpPAZ2JgJAmMxsBYElgcA+NJ4NXFeWAiCfxbDISp+m117+J8WwEAAByJfJ7VU383pPO8A92tMnS0ytDfKkNnqwyVVhkajSLe/3bM0JOcvNJRyNST1tqX1FLKEC+Gf8T9KmUIP6zPmRYsNR3PP6idb9BRn+GBT3RXQhOl+f9Ye/P//vrbrPVDcf4/e/2/LPCD2L2vxVPHR2Lgx5+sD+Q7Bg7Fye5Ntaom8hL5pP2mWGI8BkaSwLYYGE8C69flgX3vqQ/kM+1a43trjU/lJQoBAAAAOOHiDoK4mybO/+/Y8ZWBZuVK8//x9ub/sb2BYmM3xFoPLw7h/o7Z3tQCKwazQNyPMRh/Hv++wRBOKezgqJWY7M9K9CYNh+/3Zb9Q702r+l5f9uODeP/Cpx55+OZq4ra+EJYW9r7U2ni+krXRlwbO6M0C/Wlga3cWiHt+aoHvdmYBOGa1vYLxBZWf6lIzPHe5Bq+/d8o1QdPhlfaBzpFvrt9czZfSDtd8n2rNkT1tTfffctyU3h4HvdsW4rtt2Lut+EUq/4by1myoEjo3TW7ecPX0zvhI8ZesJfP0PBd/pdpO+ji8DncffW9bq6QdGEs+PsbmLjf367AjVnfLE0vv7lp+weP3rVj68v6P7X2l7W40EH8o/Mh1/zr4o8LmnW+VkL/mFtznyYTPk4X438CIpy2EsO7Vr9/ULF6a/0+0N//vTm5n/DpuzB1LQvhIYeM+Fjf/Hy/JPgcLgexT8l3lQHbI/b+GGn5yAgAAwPFW291R218wld9mJ4Sn8+Ry/okjzB/3V4zPmb/dfvf/9SVLm8VL8//1zef/i5JuOv7v+D/zxPH/OZ3su6IXpQ/sPqZd0aXqmBeO/8/pZH+3Of4/J8f/Hf+fi+P/LTj+P6eT/WkrfUva5ktXCOHlP3ro2Wbx0vx/W3vzf+v/zb1oX239v/WN1v/b1mj9v93W/wMAAOZVg4Xm0nleafW+UoZ09b5ShpYLBLZcYtD6f0e8/t9Lpz//m9BEaf6/u735f3w5DBRbXyjr/42sa1DVrTGwzcKAAAAAnIwa7SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg7fXAP/zPpmbxR3973rMvXDx+xZ61F7963XmnPhnC1MzjHVm4o//G28d/fve59+x5YPUd9x0+/6OVvFxPfvu7dbljrW8OhbCv8MhgTLw2VL0zG7jw0/fs6q4mHhsK4cPFwJY9W06pJr41FMKyYuDhS5a/p5rYk5Z48IVzX6omLk0Dn1px6hvVxDl5oCPt7j8uzrrbkXb35sUhLCkEat29YnF9VbU2/jQPdKZt/NNg1kYMDMai3xjM2oiB6VhialEIK7tD6EqrerSSVdWVVvUvlayqrrSqL1dCOCeE0J1W9UJvVlV3OvIne7OqYuC0D+1//YxqYl9vCCuLgac/d+dZ1cQXkkCt8b/oDeED1ZdM2vi3e7LGe9LGb+sJ4f0hhN60xC+7sxK9aYkXu0N4VyFQa/zz3SHsCrwjxA+fuk+0Hbuu3bJhenpy+zwmevO2+sLmqenJ0Y1bpzdVkj410lFIv3X90Y/9ude/tLF6e9G96wbbSXfn5Xpmury6p+7umpO997Ff/cVKZp+PUv0xf28YCIuu3jG5ffSLG3bu3L4q+9tu9tXZ3648mm2rVQtlWy0rVrJy55XbVu7Yde2KqSs3XD55+eRVq85ePXbm2Jqxj5+5sjqqsezv8RjqnSd+qKd3Fyo5ER8AEhISCy3RWffpNnayf5CXvujPdrQnVGY+oEvTimKWjplRHo9Brz3KER/N95SWI1pVmjiUsqyeI8v19VnWlCYTs7X0ZVlmvteVJofFxjpnNmm83xlGR7sabYfh+rvFzfuzY9i8z+Sbrt00AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/HDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFXbgQAAAAAAAyP+1EaqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwA8cCAAAAAML8rcPo2QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgEsBAAD//+erI4o=")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='pids.current\x00', 0x275a, 0x0)
write$khugepaged_scan(r0, &(0x7f0000000b40), 0x8)
lseek(r0, 0x1, 0x4)

3m3.842872421s ago: executing program 8 (id=3598):
r0 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r0, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x81, 0x42}, 0x10)
connect$llc(r0, &(0x7f0000000340)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x0, @random="48bd00"}, 0x10)
r1 = syz_init_net_socket$llc(0x1a, 0x801, 0x0)
bind$llc(r1, &(0x7f0000000000)={0x1a, 0x0, 0x0, 0x0, 0x0, 0x42}, 0x10)
dup3(r0, r1, 0x0)

3m3.505356254s ago: executing program 8 (id=3601):
r0 = syz_io_uring_setup(0x507d, &(0x7f0000000480)={0x0, 0x0, 0x10100, 0x0, 0xffffffff}, &(0x7f0000000100)=<r1=>0x0, &(0x7f0000000140)=<r2=>0x0)
r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='net_prio.prioidx\x00', 0x275a, 0x0)
write$UHID_CREATE2(r3, &(0x7f00000001c0)=ANY=[@ANYBLOB='6'], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r3, 0x0)
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0})
io_uring_enter(r0, 0x2d3e, 0x0, 0x0, 0x0, 0x0)

3m3.209722318s ago: executing program 8 (id=3603):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000040)=@pppol2tp={0x18, 0x1, {0x0, r1, {0x2, 0x0, @local}, 0x2}}, 0x26)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000003c0)={0x34, r2, 0x1, 0x60bd27, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0xb}, @L2TP_ATTR_SESSION_ID={0x8, 0xb, 0x20}]}, 0x34}}, 0x20)

3m2.904326378s ago: executing program 8 (id=3605):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x1d0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000140)='ramfs\x00', 0x10, 0x0)
mount$fuse(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x104000, 0x0)
mount$9p_unix(&(0x7f0000000100)='./file0\x00', &(0x7f0000000040)='./file0\x00', 0x0, 0x12d7498, 0x0)
mount$bind(&(0x7f0000000040)='.\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x2a05004, 0x0)
umount2(&(0x7f00000000c0)='./file0/file0/../file0\x00', 0x1)

3m2.449278646s ago: executing program 8 (id=3608):
socket$nl_route(0x10, 0x3, 0x0)
syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x800)
r0 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec29, 0x800, 0x1, 0x40000337}, &(0x7f0000000dc0)=<r1=>0x0, &(0x7f00000001c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r0, 0x847ba, 0x0, 0xe, 0x0, 0x0)

3m1.444254175s ago: executing program 8 (id=3610):
r0 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad0196458046b81", 0xfffffffffffffe08, 0xebec93e830f96115})
io_uring_enter(r0, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0)
unshare(0x2c020400)
shutdown(r3, 0x0)

3m0.644373595s ago: executing program 35 (id=3610):
r0 = syz_io_uring_setup(0x23c, &(0x7f0000000080)={0x0, 0x0, 0x10100}, &(0x7f0000000180)=<r1=>0x0, &(0x7f0000000200)=<r2=>0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
syz_io_uring_submit(r1, r2, &(0x7f0000000000)=@IORING_OP_SEND={0x1a, 0x0, 0x0, r3, 0x0, &(0x7f0000000240)="352f1938d141676d9b6c59065f664735c08b9d697a645f85b19ba9030648cd046d1f26aad0196458046b81", 0xfffffffffffffe08, 0xebec93e830f96115})
io_uring_enter(r0, 0x7f5f, 0x4000000, 0x0, 0x0, 0x0)
unshare(0x2c020400)
shutdown(r3, 0x0)

2m51.79405121s ago: executing program 6 (id=3676):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
prlimit64(0x0, 0x9, &(0x7f0000000000)={0xfffffffffffffffb, 0xfffffffffffffffb}, 0x0)
brk(0x689d80000000)

2m49.063521081s ago: executing program 6 (id=3684):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000005c0)=@updpolicy={0xc4, 0x19, 0xfd3649826d894c67, 0x0, 0x0, {{@in6=@empty, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x800000, 0x0, 0xfffffffffffffffc}, {0x0, 0xacb0, 0x400000000}, 0x400}, [@policy_type={0xa, 0x10, {0x1}}]}, 0xc4}}, 0x4c050)
r1 = socket$key(0xf, 0x3, 0x2)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000001f40)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in6=@rand_addr=' \x01\x00', @in=@local, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa9, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {0x0, 0xa00, 0x40800000000000, 0x800000000000000}}}, 0xb8}}, 0x0)
sendmsg$key(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000240)=ANY=[@ANYBLOB="021600000a0000000000000000000000080012"], 0x50}}, 0x0)

2m48.517144754s ago: executing program 6 (id=3671):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x200, @loopback, 0x7}, 0x1c)
setsockopt$inet6_tcp_int(r0, 0x6, 0x2000000000000022, &(0x7f0000000200)=0x1, 0x4)
sendto$inet6(r0, &(0x7f0000000280)="32780f", 0x3, 0x20000045, &(0x7f00000001c0)={0xa, 0x2, 0xffff, @loopback, 0x3}, 0x1c)
setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000700)='illinois\x00', 0x4d)
shutdown(r0, 0x1)

2m47.783347391s ago: executing program 6 (id=3673):
mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0)
mount$bind(&(0x7f00000000c0)='./cgroup\x00', &(0x7f0000000080)='./file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000600)='./cgroup\x00', &(0x7f0000000200)='./file0\x00', 0x0, 0x101090, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)

2m47.380846663s ago: executing program 6 (id=3679):
r0 = io_uring_setup(0x70c3, &(0x7f0000000180)={0x0, 0x2c43, 0x0, 0x1, 0x2})
r1 = socket(0x2, 0x2, 0x0)
r2 = bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000440)=ANY=[@ANYBLOB="120000007d0000000800000002"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000740)={r2, &(0x7f0000000340), &(0x7f0000000200)=@tcp6=r1}, 0x20)
recvmmsg(r1, &(0x7f0000000800)=[{{0x0, 0x0, 0x0}, 0x44e}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000880)=""/181, 0xb5}], 0x1}, 0x5}], 0x2, 0x2, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

2m45.843110917s ago: executing program 6 (id=3695):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
fallocate(r0, 0x3, 0xc00, 0x10000)

2m45.215979544s ago: executing program 36 (id=3695):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file2\x00', 0x8, &(0x7f0000000080)={[{@nodioread_nolock}, {@sb={'sb', 0x3d, 0x1}}]}, 0x4, 0x523, &(0x7f00000018c0)="$eJzs3cFvG1kZAPBvnLhJs+mmC3sABGxZFgqq6iTubrTqhfYCQlUlRMWJQxsSN4pi11Hsiib0kB65V6ISJ+A/4MYBqScO3LjBjUs5IBWoQA0SB6MZT1I3sZNAnbiJfz9pMvPeTP29F/e953mR5wUwtC5ExGZEnImIOxExlecn+RbX2lt63csXDxe2XjxcSKLVuvX3JDuf5kXHv0m9k7/meER8/zsRP0r2xm2sb6zMV6uVtTw93aytTjfWNy4vF/Kc8tzs3MynVz4p962uH9R+/fzbyzd+8NvffOnZHza/+ZO0WJM/PZed66xHP7WrXozJjrzRiLhxFMEGZDT//8PJk7a2z0TEh1n7n4qR7N0EAE6zVmsqWlOdaQDgtEvv/ycjKZTyuYDJKBRKpfYc3vsxUajWG81LU/X79xYjm8M6H8XC3eVqZSafKzwfxSRNz2bHr9Ll19KPK1ci4r2IeDx2NjtfWqhXFwf5wQcAhtg7u8b/f421x/9OxUEVDgA4OuODLgAAcOyM/wAwfIz/ADB8/ofx37cDAeCUcP8PAMPH+A8Aw+fA8f/R8ZQDADgW37t5M91aW+3nX28/qfvyYqWxUqrdXygt1NdWS0v1+lK1UlpotQ56vWq9vjr78U6ysb5xu1a/f695e7k2v1S5XfEsAQAYvPc+ePqndNDfvHo226JjLQdjNZxuhUEXABiYkUEXABgY3+eB4XWIe3zTAHDKdVmity2fIEh6XfDE4q9wUl38vPl/GFZvMv9v7gBOtv9v/v9bfS8HcPyM4TC8Wq3Emv8AMGTM8QM9//6f6/mIkCf9LwsAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACcFJPZlhRK2Vrgm+nPQqkUcS4izkcxubtcrcxExLsR8cex4lianh10oQGAN1T4a5Kv/3Vx6qPJ3WfPJP8ey/YR8eOf3/rZg/lmc202zf/HTn7zSZp/trlWPjOICgAAna7tzcrG73K+77iRf/ni4cL2dpxFfH69vbhoGncr39pnRmM0249HMSIm/pnk6bb088pIH+JvPoqIz23XfzwedESYzOZA2iuf7o6fxj7X9/idv//d8Quv1beQnUv3xex38dnYVTjgQE+vt/vJvO2lTTxvf4W4kO27t//xrId6c2n/lzbXrT39X2Gn/xvZEz/J2vyFnfT+JXn+8e++uyezNdU+9yjiC6Pd4ic78ZPu/W/xo0PW8c9f/PKHvc61fhFxsWv9t1ekrmXd7HSztjrdWN+4vFybX6osVe6Vy3OzczOfXvmkPJ3NUbd//r5bjL9dvfRur/hp/Sd6xB/fv/7xtUPW/5f/ufPDr+wT/xtf7f7+v79P/HRM/Poh489PXOu5fHcaf7FH/Q94/+PSIeM/+8vG4iEvBQCOQWN9Y2W+Wq2sHXCQftY86BoHhz9I7+3fgmJkB7EZ0a8XzCYlIqLrNekn6rejykd1kAws+q/6/YKD7pmAo/aq0Q+6JAAAAAAAAAAAAAAAQC+N9Y2Vse7f1urbwaDrCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwOn13wAAAP//KHnENg==")
r0 = open(&(0x7f00000001c0)='./file1\x00', 0x14927e, 0x20)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000740)='./file1\x00', 0x183042, 0x15)
pwrite64(r1, &(0x7f0000000140)='2', 0xfdef, 0xe7c)
fallocate(r0, 0x3, 0xc00, 0x10000)

2m1.146500691s ago: executing program 0 (id=4066):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f0000000380)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast5-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f00000004c0)="2c385a7af3be7d6a14fc29", 0xb)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

2m0.711257423s ago: executing program 0 (id=4069):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x0)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000280)="ca0e808b257a0957", 0x8)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f00000001c0)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

2m0.313289364s ago: executing program 0 (id=4073):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000040)={'vxcan0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@can_newroute={0x24, 0x18, 0x1, 0x0, 0x25dfdbfe, {0x1d, 0x1, 0x6}, [@CGW_SRC_IF={0x8, 0x9, r2}, @CGW_DST_IF={0x8, 0xa, r2}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r3 = socket(0x10, 0x80002, 0x0)
sendmmsg$alg(r3, &(0x7f00000000c0), 0x492492492492627, 0x0)

1m59.530868154s ago: executing program 0 (id=4079):
syz_mount_image$minix(&(0x7f00000000c0), &(0x7f0000000040)='./file2\x00', 0x1200808, &(0x7f0000000440)=ANY=[@ANYRES64=0x0, @ANYRES64, @ANYRES64, @ANYRESOCT, @ANYRES8, @ANYRES16], 0x1, 0x1e7, &(0x7f0000000640)="$eJzs20tu00Acx/HfJGkSQ4HyXCCkILGADUmaikqsWs7BqmrTqqoLiLBJhIS5AJyBc3AZDgALdqww8iO49aM1E9y0zfez8di//u2xXWdGUSwAC2tTD2Vk1AxWHrRXPt82peqaVXcMQOX8ePnbt+FYVQE4L+q/0lviGYA3n/4AOCs/XkjfJH3/+X5b9eysPsi9aV5rZfOP0v1GnJu2nPT84ov0eFpvrmTrG9Eyyq/m7v/Jo+nxl3VN13VDK7qpW8aTCfOdv/X3rOZAAAAsGqPuaXlXqhek0eCdnRUklrT7NTuqJ5ra3XeHg1PytcK8Febd7dfuzglHAZCnVur5L1YPn79+QbokhflqvN627SaACozGk5Zcd/h2NA4G+bAxOdhy/6nhWFWVaZjK9pzfaKa2+B9qyYU62LTds69jW5yj17kz6szeeRN9S6N05JQprykvemnRjY1sFAwBs90U41mVL39S7nnN1thQqT/u5NwL60brjP75jzfm+7kEoHq9d4dveqPx5On+4dbecG/4atDvP19/tra6PuiFM/veSfN7ABdZMujryK+BAAAAAAAAAAAAAADARXJHd4NF+rVdAAAAAJfQf3tnqKHC163mfY4AAAAAAAAAAAAAAAAAAFw2fwIAAP//5bAEPQ==")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000380)='./bus\x00', 0x0, 0x5800, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x2, 0xf4a, 0x0, 0x0, 0x15, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1000000000000000edf1139c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a00400", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef3dc177e9b48b00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x204]})
syz_mount_image$fuse(0x0, &(0x7f0000000400)='./file4\x00', 0x1018000, 0x0, 0x1, 0x0, 0x0)

1m59.026132754s ago: executing program 0 (id=4082):
ioctl$COMEDI_DEVCONFIG(0xffffffffffffffff, 0x40946400, &(0x7f0000000300)={'adq12b\x00', [0x2f00, 0x5, 0xd09a, 0xfff7ffff, 0x3, 0x8, 0x20000044, 0x4000006, 0xffe, 0x9, 0x8, 0x11001, 0x9, 0x4, 0x0, 0x3, 0x1100005, 0x40000009, 0x830, 0x30000, 0x7fffffff, 0x2, 0x800, 0xe2dc, 0x2, 0x4, 0x7, 0x8, 0x4, 0xf358, 0x70f]})
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000000)={0x0, 0x0, 0x0, &(0x7f0000010040), 0x0, 0xffffffffffffffff, 0x4}, 0x38)
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000940)='hugetlb.2MB.usage_in_bytes\x00', 0x26e1, 0x0)
close(r0)
socket(0xa, 0x3, 0x3a)
ioctl$SIOCSIFHWADDR(r0, 0x8b34, &(0x7f0000000000)={'wlan1\x00', @random="000300000020"})

1m56.661297032s ago: executing program 0 (id=4100):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3", 0xffffffe4}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

1m56.071065953s ago: executing program 37 (id=4100):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048", 0x4d}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3", 0xffffffe4}], 0x3}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

38.900779382s ago: executing program 4 (id=4720):
r0 = fanotify_init(0x200, 0x0)
r1 = memfd_create(&(0x7f0000000180)='-B\xd5NI\xc5j\x9appp\xf0\b\x84\xa2m\x00\v\x18\x004\xa6Ey\xdb\xd1\xa7\xb1S\xf1:)\x00\xca\xd7Uw\x00\xbc\xfa2\xb3\xbb\x8d\xac\xac\xbe\xe1}knh#\xcf)\x0f\xc8\xc0\"\x9cc\x10d\xee\xa9\x8b\x06\x97k\xde\xc5\xe96\xddU)\xc98M\xcd\xfb\xcc\x82n=\x7f=\xcdJx\xaa\xcf~\xb90a\xa9\xb2\x04\x1d\xa1\xce\x8b\x19\xea\xef\xe3\x00\x00\x00\x00\x00\x00\x00\x00', 0x0)
r2 = dup(r1)
fanotify_mark(r0, 0x1, 0x48001059, r2, 0x0)
r3 = add_key(&(0x7f0000000000)='big_key\x00', &(0x7f0000000280)={'syz', 0x1}, &(0x7f00000002c0)="1d", 0xfe3a, 0xfffffffffffffffe)
keyctl$read(0xb, r3, &(0x7f0000001300)=""/4096, 0xffffffffffffffd2)

38.475414106s ago: executing program 4 (id=4724):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
sendmsg$NFT_MSG_GETSET(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000000)={0x14, 0xa, 0xa, 0x201, 0x0, 0x0, {0x2}}, 0x14}}, 0x4000000)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
dup3(r1, r0, 0x0)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000ac0)=0x8)
setsockopt$inet_sctp6_SCTP_DEFAULT_SEND_PARAM(r0, 0x84, 0xa, &(0x7f0000000540)={0x8, 0x8, 0x202, 0x17558e07, 0x6, 0x3, 0xffffffff, 0x7, r2}, 0x20)

38.110886573s ago: executing program 4 (id=4728):
r0 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000300)=ANY=[@ANYBLOB='-cpu'], 0x5)
write$cgroup_subtree(r2, &(0x7f00000001c0)={[{0x2b, 'cpu'}]}, 0x5)

37.498360557s ago: executing program 4 (id=4733):
syz_mount_image$udf(&(0x7f00000000c0), &(0x7f0000000180)='./file1\x00', 0x2000002, &(0x7f00000001c0)={[{@shortad}, {@adinicb}, {@unhide}, {}, {@volume={'volume', 0x3d, 0x401}}, {@gid_ignore}, {@anchor={'anchor', 0x3d, 0xe}}, {@anchor}, {@iocharset={'iocharset', 0x3d, 'iso8859-2'}}, {}, {@noadinicb}]}, 0x2, 0xc36, &(0x7f0000001a40)="$eJzs3U1sXNd9N+D/uRyKI/l9KyZ2FCeNi0lbpLJiufqKqViFO6pptgFkWQjF7AJwJI7UgSmSIKlGNtKC6aaLLgIURRdZEWiNAikaGE0RdMm0LpBsvCiy6opoYSMoumCLAFkFLO6dM9KQIm1GFCVKeh6b+s3cOefec+4Z3ysLOvcEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABDxe6+dP3EyPexWAAAP0sXxr5445f4PAE+Uy/7/HwAAAAAAAAAAAAAA9rsURTwdKeYurqXJ6n1X/UJn8OatidGxrasdTFXNgap8+VM/eer0mS+9NHK2lxc6Mx9R/377bLwxfvl849XZG3Pz7YWF9lRjYqZzdXaqveM97Lb+ZseqE9C48ebNqWvXFhqnXjy94eNbwx8OPXVk+NzI88ef65WdGB0bG79TpN5fvnbPDenabobHgSjieKR44Xs/Ta2IKGL356L+YMd+s4NVJ45VnZgYHas6Mt1pzSyWH17qnYgiotFXqdk7R1uPRdQGH2gftteMWCqbXzb4WNm98bnWfOvKdLtxqTW/2FnszM5cSt3Wlv1pRBFnU8RyRKwO3b27wSiiFim+c3gtXYmIgd55+GI1MXj7dhR72McdKNvZGIxYLh6BMdvHhqKI1yPFz947Glfzdaa61nwh4vUyfxDxTpmvRKTyi3Em4oMtvkc8mmpRxJ+X439uLU1V14PedeXC1xpfmbk221e2d135Je8Pd10pHtL94eCmfDBH3OfXpnoU0aqu+Gvp3n+zAwAAAAAAAAAAAAAAAMD9djCK+EykeO3f/qiaVxzVvPTD50Z+f/j/988Zf/Zj9lOWfTEiloqdzck9kCcGXkqXUnrIc4mfZPUo4o/z/L9vPezGAAAAAAAAAAAAAAAAAAAAPNGK+EmkePn9o2k5+tcU78xcb1xuXZnurgrbW/u3t2b6+vr6eiN1s5lzMudSzuWcKzlXc0aR6+ds5pzMuZRzOedKztWcMZDr52zmnMy5lHM550rO1ZxRy/VzNnNO5lzKuZxzJedqztgna/cCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADxOiijiF5Hi299YS5EiohkxGd1cGXrYrQMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASkOpiO9HisYfNG9vq0VEqv7tOlr+ciaaB8r8ZDRHynwlmudztqqsNb/1ENrP7gymIn4cKYbq794e8Dz+g913t78G8c4377z7bK2bA70Phz8ceurI4XMjY7/27Hav01YNOHahM3PzVmNidGxsvG9zLR/9k33bhvNxi/vTdSJi4a2332xNT7fn7/1F+RXYRfVH6EWqPSk99aJ6EbV90YyH03eeAOX9/4NI8dvv/3vvht+9/9fj/3Xf3b7Dx8//5M79/+XNO9rh/b+2uV6+/5f39K3u/0/3bXs5/25ksBZRX7wxN3gkor7w1tvHOzda19vX2zNnTpz48sjIl0+fGDwQUb/WmW73vbovpwsAAAAAAAAAAAAAAADgwUlF/G6kaP14LTUi4lY1X2v43Mjzx58biIFqvtWGedtvjF8+33h19sbcfHthoT3VmJjpXJ2dau/0cPVqutfE6NiedOZjHdzj9h+svzo799Z85/ofLm75+aH6+SsLi/Otq1t/HAejiGj2bzlWNXhidKxq9HSnNVNVvbTlZPpf3mAq4j8ixdUzjfT5vC3P/988w3/D/P+lzTvao/n/n+jbVh4zpSJ+Hil+6y+ejc9X7TwUd52zXO5vIsWxs5/L5eJAWa7Xhu5zBbozA8uy/xMp/uEXG8v25kM+fafsyR2f2EdEOf6HI8X3/+y78et528bnP2w9/oc272iPxv+Zvm2HNjyvYNddJ4//8UjxytPvxm/kbR/1/I/eszeO5sK3n8+xR+P/qb5tw/m4v3l/ug4AAAAAAAAAAPBIG0xF/G2k+OFYLb2Ut+3k7/9Nbd7RHv39r0/3bZu6P+sVfeyLXZ9UAAAAANgnBlMRP4kU1xffvT2HeuP87775n79zZ/7naNr0afXnfL9SPTfgfv75X7/hfNzJ3XcbAAAAAAAAAAAAAAAAAAAA9pWUingpr6c+Wc3nn9p2PfWVSPHaf72Qy6UjZbneOvDD1a/1i7Mzx89PT89ebS22rky3G+Nzravtsu4zkWLtrz+X6xbV+uq99ea7a7zfWYt9PlKM/V2vbHct9t7a5M/0yi61T5ZlPxEp/vPvN5btrWP9qTv7PVWW/atI8fV/2rrskTtlT5dlvxspfvT1Rq/sobJs7/mon75T9sWrs8UejAoAAAAAAAAAAAAAAAAAAABPmsFUxJ9Giv++sXx7Ln9e/3+w723lnW/2rfe/ya1qnf/hav3/7V7fy/r/1XMFlrY7KgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPJ5SFPF2pJi7uJZWhsr3XfULnZmbtyZGx7audjBVNQeq8uVP/eSp02e+9NLI2V5+dP377TPxxvjl841XZ2/MzbcXFtpTjYmZztXZqfaO97Db+psdq05A48abN6euXVtonHrx9IaPbw1/OPTUkeFzI88ff65XdmJ0bGy8r0xt8J6Pfpe0zfYDUcRfRooXvvfT9MOhiCJ2fy4+5ruz1w5WnThWdWJidKzqyHSnNbNYfnipdyKKiEZfpWbvHD2AsdiVZsRS2fyywcfK7o3PteZbV6bbjUut+cXOYmd25lLqtrbsTyOKOJsiliNideju3Q1GEW9Giu8cXkv/PBQx0DsPX7w4/tUTp7ZvR7GHfdyBsp2NwYjl4qPGbIsOs8FQFPGPkeJn7x2NfxmKqEX3J74Q8XqZP4h4J7rjncovxpmID5zWx0YtivjfcvzPraX3hsrrQe+6cuFrja/MXJvtK9u7rjzy94cHaZ/fT+pRxI+qK/5a+lf/XQMAAAAAAAAAAAAAAADsI0X8aqR4+f2jqZoffHtOcWfmeuNy68p0d1pfb+5fb870+vr6eiN1s5lzMudSzuWcKzlXc0aR6+dslllfX5/M75dyLudcybmaMwZy/ZzNnJM5l3Iu51zJuZozarl+zmbOyZxLOZdzruRczdmdJPnUQxwzAAAAAAAAAAAAAAAAAADgcVRU/6T49jfW0vpQtb70QO+zFeuBPvb+LwAA///wvPg9")
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x1000000, &(0x7f0000000400)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='pids.events\x00', 0x275a, 0x0)
write$UHID_CREATE2(r0, 0x0, 0x118)

36.532569588s ago: executing program 4 (id=4743):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x2000007, 0x401d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x1)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000000))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x1})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x110, &(0x7f0000000080)=0x80000001, 0x0, 0x4)
ioctl$UFFDIO_COPY(r1, 0xc028aa03, &(0x7f0000000400)={&(0x7f000092b000/0x1000)=nil, &(0x7f0000ffb000/0x2000)=nil, 0x1000})

36.13174529s ago: executing program 4 (id=4745):
unshare(0x20000400)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
getpgid(0x0)

35.774559293s ago: executing program 38 (id=4745):
unshare(0x20000400)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
getpgid(0x0)

4.573062967s ago: executing program 2 (id=4986):
unshare(0x8040600)
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
r2 = fanotify_init(0x200, 0x0)
fanotify_mark(r2, 0x39, 0x1a, r0, 0x0)

3.957470328s ago: executing program 7 (id=4990):
ioctl$sock_ipv6_tunnel_SIOCGETTUNNEL(0xffffffffffffffff, 0x89f0, &(0x7f00000001c0)={'syztnl2\x00', 0x0})
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = socket(0xa, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f00000000c0)={'ip6gretap0\x00', <r2=>0x0})
sendto$packet(r0, &(0x7f0000000080)="3303200071fd140000007ef52f555f2a0c9fe67025c1d97bfbf719143baa4b1f0f858c6632f47042195e", 0xfdef, 0x40008c1, &(0x7f00000000c0)={0x11, 0x86dd, r2, 0x1, 0x62}, 0x14)

3.756464933s ago: executing program 2 (id=4992):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
mkdir(&(0x7f0000001a80)='./file0\x00', 0x18b)
mount$bpf(0x200000000000, &(0x7f0000000440)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x100000, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000200)='./file0\x00', 0x0, 0x206002, 0x0)

3.657061797s ago: executing program 5 (id=4994):
r0 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000080), 0x400000000a882, 0x0)
r1 = dup(r0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000006, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15)
madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

3.497506152s ago: executing program 2 (id=4995):
prctl$PR_SET_SECUREBITS(0x1c, 0x2c)
setuid(0xee00)
r0 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./file1\x00', 0x281c2, 0x0)
fcntl$setlease(r0, 0x400, 0x1)
setresuid(0x0, 0xee01, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x1000, 0x80)

3.16168964s ago: executing program 3 (id=4997):
r0 = mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x4000002, 0x5d031, 0xffffffffffffffff, 0x0)
r1 = userfaultfd(0x801)
ioctl$UFFDIO_API(r1, 0xc018aa3f, &(0x7f0000000100))
ioctl$UFFDIO_REGISTER(r1, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x5})
syz_memcpy_off$IO_URING_METADATA_GENERIC(r0, 0x200000000000000, &(0x7f0000000140), 0x0, 0x4)
ioctl$UFFDIO_CONTINUE(r1, 0x8010aa01, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3000000})

3.160924359s ago: executing program 7 (id=4998):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000240)='./file0\x00', 0x8, &(0x7f0000000000), 0x1, 0x51a, &(0x7f0000001200)="$eJzs3U9sI1cZAPBvJsnam6ZNCj0AKnQphQWt1k68bVT1QjlVCFVC9MhhGxInimLHUeyUJuwhe+SORCVOcOLMAYkDUk/ckTjAjUs5IBVYgRokJFx5bGedP06sbGJv499PGvnNvLG/93Y071mfN/MCGFu3ImI/Im5ExLsRMds5nnS2eLO9tc775NGD5YNHD5aTaDbf+WeS1beORc97Wp7pfGY+In7wVsSPkmNB/xRR393bWKpUytudQ8VGdatY3927u15dWiuvlTdLpcWFxfnX771WurS+vlT9zcc3I+L3v/vyR3/c/9ZPWs2a6dT19uMytbs+dRinZTIivncVwUZgotOfGxd584XexGVKI+JzEfFydv/PxkR2NY86epm+PcTWAQBXodmcjeZs7z4AcN2lWQ4sSQudXMBMpGmh0M7hvRDTaaVWb9xZre1srrRzZXMxla6uV8rznVzhXEwlq+uT5YWs3N2vlEvH9u9FxPMR8bPczWy/sFyrrIzyiw8AjLFnjs3//8m1538A4JrLPy7mRtkOAGB48qNuAAAwdOZ/ABg/5n8AGD/mfwAYP+Z/ABg/5n8AGCvff/vt1tY86Dz/euW93Z2N2nt3V8r1jUJ1Z7mwXNveKqzVamvZM3uq531epVbbWng1dt4vNsr1RrG+u3e/WtvZbNzPnut9vzw1lF4BAGd5/qUP/5JExP4bN7Mtep73f+5c/eJVtw64SumoGwCMzMSoGwCMzMnVvoBxIR8P4+v/zWYzetbujYiHh6Weh4H2/S9CHwwUJrVuKDx9bn/xCfL/wGea/D+Mr4vl/32Xh+tA/h/GV7OZWPMfAMaMHD+QnFPf+/v/fLNnZ7Df/wEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBamsm2JC101gKfiTQtFCKejYi5mEpW1yvl+Yh4LiL+nJvKtfYXIsK6QQDwWZb+Pems/3V79pWZ47U3cv/NZa8R8eNfvPPz95caje2FiBvJvw6PNz7oHC+Nov0AwHm683R3Hu/65NGD5e42zPZ8/J324qKtuAedrV0zGZPZaz7LNUz/O+nst7W+r0xcQvz9hxHxhdP6n2S5kbnOyqfH47diPzvU+OmR+GlW135t/Vt8/hLaAuPmw9b48+Zp918at7LX0+//fDZCPbnu+HdwYvxLD8e/iT7j361BY7z6h++eONicbdc9jPjSZMRB98N7xp9u/KRP/FcGjP/XF7/ycr+65i8jbsdp/U+OxCo2qlvF+u7e3fXq0lp5rbxZKi0uLM6/fu+1UjHLURe7meqT/vHGnef6xW/1f7pP/Pw5/f/6gP3/1f/e/eFXz4j/za+dfv1fOCN+a078xoDxl6Z/m+9X14q/0qf/513/OwPG/+hveysDngoADEF9d29jqVIpbz95IX/mOellhBigkETsX3GIx4Xcr3/61vkn54bWngsWol/VxNPSwmtTyD0dzRigMOqRCbhqj2/6UbcEAAAAAAAAAAAAAADoZxh/TjTqPgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHB9fRoAAP//j4/W2A==")
readv(0xffffffffffffffff, 0x0, 0x0)
r0 = open$dir(&(0x7f0000001000)='.\x00', 0x20000, 0x50)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x151080, 0x0)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0x40086602, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x40086602, &(0x7f0000000080)={@id={0x2, 0x0, @d}})

2.990208155s ago: executing program 5 (id=5000):
r0 = memfd_create(&(0x7f0000000000)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x2)
ftruncate(r0, 0x80079a0)
mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
lseek(r0, 0x0, 0x4)
syz_genetlink_get_family_id$netlbl_unlabel(0x0, 0xffffffffffffffff)

2.88082563s ago: executing program 3 (id=5001):
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
memfd_create(0x0, 0x0)
open_tree(0xffffffffffffffff, 0x0, 0x1)

2.741143337s ago: executing program 7 (id=5003):
openat$sysfs(0xffffffffffffff9c, &(0x7f0000000640)='/sys/power/pm_test', 0x42, 0x0)
io_setup(0x20, 0x0)
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000080)=@ipv6_newroute={0x1c, 0x18, 0xffffffffffffffff, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, 0xff, 0x0, 0x0, 0x9}}, 0x1c}}, 0x0)
r1 = socket$inet6(0xa, 0x3, 0xff)
sendmmsg$inet6(r1, &(0x7f0000004f00)=[{{&(0x7f0000000080)={0xa, 0x0, 0x0, @private1}, 0x1c, 0x0}}], 0x1, 0x0)

2.38135362s ago: executing program 2 (id=5005):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

2.313503031s ago: executing program 7 (id=5006):
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
r0 = userfaultfd(0x801)
ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f0000000000)={0xaa, 0x280})
ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2})
ioctl$UFFDIO_WRITEPROTECT(r0, 0xc018aa06, &(0x7f00000000c0)={{&(0x7f000040a000/0x800000)=nil, 0x800000}, 0x1})
mbind(&(0x7f0000730000/0x2000)=nil, 0x2000, 0x0, 0x0, 0x400, 0x2)

2.008600048s ago: executing program 5 (id=5009):
r0 = socket$can_raw(0x1d, 0x3, 0x1)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000280)={'vcan0\x00', <r1=>0x0})
bind$can_raw(r0, &(0x7f00000005c0), 0x10)
recvmmsg(r0, &(0x7f0000000d00)=[{{0x0, 0x0, 0x0}, 0x8001}, {{0x0, 0x0, 0x0}, 0x10000}], 0x2, 0x600000a2, 0x0)
setsockopt$CAN_RAW_RECV_OWN_MSGS(r0, 0x65, 0x4, &(0x7f0000000580)=0x1, 0x4)
sendmsg$can_raw(r0, &(0x7f0000000240)={&(0x7f0000000540)={0x1d, r1}, 0x10, &(0x7f0000000480)={&(0x7f0000000000)=@can={{0x0, 0x0, 0x0, 0x1}, 0x0, 0x0, 0x0, 0x0, "000000000000001e"}, 0x10}}, 0x4040)

2.000707694s ago: executing program 2 (id=5021):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000002c0)='freezer.state\x00', 0x275a, 0x0)
r1 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58)
r2 = accept4(r1, 0x0, 0x0, 0x80800)
write$cgroup_int(r0, &(0x7f0000000000), 0xffffff6a)
sendfile(r2, r0, 0x0, 0xffffffa9)

1.728408235s ago: executing program 1 (id=5011):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e00000004000000080000000c"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000006000000050000000010"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000e00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000200)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x18)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x3, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.601552194s ago: executing program 9 (id=5012):
r0 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r0, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cts-cbc-aes-aesni\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r1 = accept4(r0, 0x0, 0x0, 0x800)
sendmmsg$alg(r1, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r1, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)

1.384661966s ago: executing program 1 (id=5013):
r0 = creat(&(0x7f00000002c0)='./file0\x00', 0x1)
r1 = open$dir(&(0x7f0000000080)='./file0\x00', 0x0, 0x8)
mmap$xdp(&(0x7f0000ffc000/0x4000)=nil, 0x4000, 0x0, 0x12, r1, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000fe020010850000000700000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x100, 0x70, '\x00', 0x0, @fallback=0x30, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
write$qrtrtun(r0, &(0x7f0000000600)="ca391cb1e0881b450a25", 0xa)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r2, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000180)=[0x7], 0x0, 0x0, 0x1}}, 0x40)

1.304211982s ago: executing program 9 (id=5014):
r0 = socket$nl_audit(0x10, 0x3, 0x9)
r1 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x82002)
ioctl$CEC_S_MODE(r1, 0x40046109, &(0x7f0000000180)=0xf0)
r2 = syz_open_dev$cec(&(0x7f0000000040), 0x0, 0x40040)
ioctl$CEC_S_MODE(r2, 0x40046109, &(0x7f0000000200)=0xf0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.208788205s ago: executing program 7 (id=5015):
socket$netlink(0x10, 0x3, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x5a}, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x3, 0x8, &(0x7f00000026c0)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd1200000000000085000000d0000000b70000000000000095000000000000003fba6a7d36d9b18ed812a2e2c49e8020a6f4e0e4a9446ca2b5f1cc1a100a9af698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f010c5077da80fb982c1e9400c603146cea484a415b76966118b64f751a0f241b072e90080008002d75593a280000c93e64c227c95aa0b784625704f07a72c2918451ebdcf4cef7f9606056fe5c34665c0af9360a1f7a5e6b607130c89f18c0c1089d8b85880000c29c48b45ef4adf634be763288d01aa27ae8b09e13e79ab20b0b8ed8fb7a68af2ad0000000000000006f803c6468082089b302d7bff8f06f7f918d65eae391cb41336023cdcedb5e0125ebbccbddcf10cb2364149215108355ee570f8078be5cab389cd65e7133719acd97cfa107d40224edc5465a932b77e74e712a0d42bc6099ad23000000803a90bce6dc3a13871765df961c2ed3b1006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f40cab87b1586602d985430cea0162ab3fcf4591c926abfb076719237c8d0e60b0eea24492a660583eecdbf5bcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9f081d6a08000000ea2b1a52496dfcaf99431412fd13f4cec49669e443dcb924cfe5f3185418d60532be9c4d2ec7c32f2095e63c8cdc28f74d043ef8dba2f23b01a9ae44cf945b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142bdda5e6c5d50b83bae616b5054d1e7c13b1355d6f4a8245eaa4997da9c77af40000000000000005f58351d599e9b61e8caab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a41326eea31ae4e0f75057df3c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57010000009700ce0b4b8bc22941330000000000000000000300000000000000000000000010008bc0d955f2a83366b99711e6e8861c46495ba585a4b2d02edc3e28dd279a896249ed85b9806f0b6c4a000000002b43dcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffff7f00000000df73be83bb7d5ad883ef07000000000000006da21b40216e14ba2d6af8656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff72943327d830689da6b53ffffffff631c7771429d1200000033ed846197fcff5e1c7c3d1d6e3a52872baef9753fffffffffffffe09fec2271fe010cd7bb2366fde4a59429738fcc917a57f94f6c453cea623cc5ee0c2a5ff870ce5dfd3467decb05cfd9fcd41df54cdbd9d10a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce978275d5bc8955778567bc79e13b78249788f11f708008b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe7d7fa29822aea68a660e717a04becff0f719107000000000000002d7e927123d8ecbbc55bf404571be54c72d978cf2804107f0238abccd32368e57040906df0042e19000000000000002c06f815312e086dd022c074eb8a322fb0bf47c0a8d154b405a07feaf3dd95f6ef44cd1fe582786105c7df8be4877084d4173731efe895efc71f665c4d75cf2458e35d2c9062ece84c99e061887a20639b41c8c12ee86c50804042b3eac1f879b136345cf67ca3fb2b5e518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad055e4af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457ac0eaaa99bf0bdc14ae358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df9b3fdf242b985bf16b99c9cc0ad1857036f1a985f369191ae954febb3df464bfe0f773ee9afe72f32a2befb89d3777399f5874c553a2ebe9061fe86e669642e09c0e5a3bb6d163118e4cbe024fd452277c3887d6116c6cc9d8046c216c1f8a9778cb26e22a2a998de5eaeadea10d3cfb41b92ecbb422a40da8daccf080842a486721737390cbf3a74cb2003efb9a101b51ab63e9600040000b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde6e4a4304e50c349f4f9ecee27defd83871c5191e10096e7e60fc3541a2c905a1a95e9571bf38aebd15172f94e3245c582909e2a3bce109b6000000000000000000d6d5210d7560eb92d6a97a27602b81f7636df1535bef1497f90100000000000000abf9010000007740890200d627e87306703be8672dc84eeadba6a41891c170d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e7a45319f18101288a0268893373750d10a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7ef8c08acaf30235b920500d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69b93e9960ff5f74562adae283d9756237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff85000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a31c72ad53bc19faa5401120000793ac48c1b539c75ab40743b00020000a1f68df75cf43f8ecc8d3726602111b40e761fd210a1920382f14d12ca3c3431ee97471c781d0d1280fb00818654a53b6df4b2c97cc1c98d85fda8f80fe908b65550b4412331d73062197655b7f0469250a5989cef0e10773920ed3ccee42d2c3eb80159da5c002511e6eb93842054cfce2ac306cb6e472db3fd67a49b6855a694a8d359add43907003223a47a7fae4f3748d5a432825bc40a03aaef1c8488d86dc211dd2a3ba71e0f45492ef1f8b65ccb3dcd251a61b152d02c29ca0a3328fa7753a5cddea1acaae55ae8263fb284b7a6ab2a8826c1b948207c498cf4824ab1ea3225a53072423b907c6682f8999e0311da5b8378bc841e1787e3a8128dda381a26cb2b365702ff8a27831375b2ddaa2f56e21169f7ca4fd9655ccd4a584acd244e965a0afedaff7c415ff682a4044b3381cc2df28278c9a6824c52048a7cfabda294925cc0956bffa8e950ff5e49f41ae600d830207bf728cd9807933c3c16d80bbea611a18becc2dc38ca0a6f5740f340b76edcd100fcffff007231dcef58c7b88b5aeedaf9626cb51ce1737c10ab37d4f98a934b0f900e0eb639878a1200629f5503cf679154d27681d7a3744cbcd42af59407c9c8e39c5271868917954e604352ba26171d004f1cb2976fab3fa19c7d3ef9678bff79f5155524f061378f94fb453786c3a6f78b10d383b49e31d1568bd43ee34ce6e6be235aa6207285665c2fba773671da41959f51610963b48930658e2d6125a26085001345b0473240b7e5e91811312c43663e76f711c6529ecdec75c7ea1cf0f8f8fff40247d59bbde2ebb8659197e0f37a71be1b12a182ed7de3acba28561a04b807f7a4647e2ea6d8fb92541d07c3d5e4ba077d3cad9f8ba1919592014c00c8eccb2ca5d48ba7b1c3fb185a4bb79700cf51f818b0c701c8de47d12281a67bdaf4b0c50bee9e8f5936250df2e15c1172e7ea6619f7db330700d1e9e42a035e6fd532f61fbfed9c4a7124a1e38eee50a6bbcd1d4e3f68c3f27dd9a70f1a7c6046237ddfb0b26e197322226367d998010458cd4df10af249ce717f6f45e5176e0ddae3054d7289d4e13ab0912703ee39ce264572b89194fdf7acecc35cf8309d4b680a08eed367dad855fce210f1a7c7222dd360eafb4bef7d58bf83362930af6e3f3f851abdc0003bdf9401b533019e90feb069189100007a82df8d9b5f44ebf9355e7b1b01c9470608d4f306d21004730396a4d6c6d46e1ffac97aa93c36123532a36186575266be4981c847160079421d0137801e553069f8d025c40f287378810defc7f2ed4e15f6af17b21153394f8bcfa6a23a77c8d61c9bbc127a57b8d631f36558d9093dee08bc53d97a8003363421738650a22c8fd87b13026799caf58e59951b125e7f161ca34e2c0dd65a23d01a3cb191e743de07247c7f993cf01166fa2ac1ba02f60550e63a7f50422e478c6b5d87f9bd0567a279a9d85a380db25c43bd0529ad783b9d64aaac1b793afb44b7126e17d2b7c0d6be650de7eeef3f3605af344015d03c3e7819145cb9fe1978c98bf9cf10773db59505ae33708c728844c872dfd2cb0b29008000000000000005ca18cb72f0944d0e4fea0a0abd0285bdaf1b000000c089d640c2facb0d1e6243873ac4b1e1068c45c715b68effb7d58d1f9e726dbf6bd910ca4ce0e075658ede42192cf393a50dcc197b03402fed75083628e5dd38213d353b9049e71f037064b05e73ec00c710f1ffc5737d397d555d1cf8859cc030ea8dc3c6a5b3b6fa1c81707479db1833d593a271253aa11efd936b74784f2fc286814848e92d8ee541bc179813297a0a4cc3c8f80c28701185bea091f32475e859479b734727afc110e1abcff460172fd1b42e3c0e2a4bf94a060069000010000087c7572a1e7596f89e5c3d5e70640c90815f77b7b13d0000000085a1e1e84900000000000000000000000000b422fc160a458ee5a91a2471e6e56fdabec6c73ce8983fc68f0b7cdcdde632e6f54a07620e8aa116ce9e84fc3cd5e8288a333dcebb233da9186796995ba69487d8f77d2f8800f02d690fc70a08b231cad1bdcf3740a95d4dd1cfe0f417f275493cf33b19ffff93dfdaf7eb00b8ad87cdf7c21bab5af8e2bac54ee5597e6508c1158124a538c36f9bb11fea7d8b8c7e954b1bc7811654a6636b33f271d0923e9ecd1b724b8feffadfc23c07000000f0785fb722f346d6a5dffe1884d4d0cd8f00000092c85ed44db68ab800001f00000000406e6ed9b219ad07125381087298e75965d1cc5932ddf9e66351b9332a34bee3e3d562c914c629933f0b8724cf680889ade72558d191d9890c69a718f9018586c5131c8dc8e0379bafda1a0fd2997ff115215ce23dca8db7236c1554cdaaadcce2f31834c1bd1908d8e1b361034db56be76acb7654a195bc3e98df3a5dffd5b0783883ef7da3433110e37f7c7cb7f3800de7f99abf910d6949e062747a9c87dcfcc716d6a9c0ec53b9cffe3cfd1df69a76f373d7f997edb9b80bdea1a99c2a6fbb25e035deadaadd7917ebfedd6304a19491769476208684e343f86b4d55a7dbbb07283cb1e35a138d24ebc5b4f8e35a82d3a7f84cb1e02a5a92b53567088be0b1ca023ccd518c0e0715b1c8760801a419ebd2e26440ff7493019bdb655cc88d72d6d7b6bca5a2e19b63ec52fce43d8c53a8031e64026e0d36b6401064c49a729f11ab377f7132c5232bb80195dd5d43d29646a9378eea0761b7ed9d2172e33ed87c7413c843b180cc00000000006bedf2ed716ca43a941119b96d82b26d9061de240d85ec2cfa462bd52104489bb7a7548d7cc53627031e909c69cb824233975a1ea645de63522407c3a240a37e946f30ebf075ea97846a0a8d2286f3f446b1b99ab83a12ddf8a1c06294eadc3eb3e339591afd5c00000000000000000000000000000000000000000000000000579dad8347a3d16976bb7483840b32db0158fb6c809349333325a7866ca5d3133e33ef1a183cefdb65a79fa71800988c8445029e024822dbcfcab49c3a0aec9bd43e6e14078b260700d849a2aa14c9b593f6dcb1de334c065ecfd65031606e55949c185bcda9fde4f9b46a76b8a24bbcd31b22373eb0473248150cd179405ee1af1183b0c0ce3483dc1d9bf732b0751b78fb211d6706b55960c6431afbc02b3c7e08086573939290bb9e590a3875f02a828b07f1dc7df9c8e5da22dfb9dacbf5529e4e994128d835f85465173ea7bbcc519a0c9798ce8b1b07567e3e07169c8c3e4da8bf725c050000000000000000000000000000000000000000004775abdf0c62728eb55a9e2849a1ce05bed60dfe4cc9fa43f9684297c02382c0a35829be7a86305792a9d2e80ca9e8fc50f31f6e0fa810303da03d8b74b42c1ebaf16bb343256405a3a07229a54de09a97b269cd29e8b2f0b0d46c51a6a93eec37f4bc6e29a8e19120ae050ab682662e9b2cc3263a4aba62b63ca9123a53c0f4bf3c4463b8144c89bf058a0af0ae9fc2b7cdfc4817703e267cddc193637d7fd97646090da37093657643daae3840c7f5c10f93524f7ae4791ec6e9d9722e5f670ccb358e051a"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls}, 0x48)
bpf$BPF_PROG_DETACH(0x1c, &(0x7f0000000a40)={@fallback=r0, r1, 0x2f}, 0x20)
bpf$LINK_GET_NEXT_ID(0x1f, &(0x7f00000001c0)={0x0, <r2=>0x0}, 0x8)
bpf$BPF_PROG_DETACH(0x8, &(0x7f0000000480)={@cgroup=r1, r1, 0x2f, 0x202c, 0x4, @void, @void, @value=r2}, 0x20)

1.057967156s ago: executing program 9 (id=5016):
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$IP_VS_SO_SET_ADD(r0, 0x0, 0x482, &(0x7f0000000040)={0x84, @dev={0xac, 0x14, 0x14, 0xb}, 0x15, 0x3, 'lc\x00', 0x1, 0x4, 0x8}, 0x2c)
setsockopt$IP_VS_SO_SET_ADDDEST(r0, 0x0, 0x487, &(0x7f0000000000)={{0x84, @loopback, 0x4e21, 0x3, 'lblcr\x00', 0xa, 0x81, 0x2f}, {@rand_addr=0x64010105, 0x4e25, 0x0, 0xc3, 0xfffffff8, 0x12d5d}}, 0x44)
r1 = socket$kcm(0xa, 0x2, 0x0)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e24, 0x0, @private2}, 0x80, 0x0, 0x0, &(0x7f0000000000)=[@mark={{0x14, 0x1, 0x24, 0x3}}], 0x18}, 0x0)
sendmsg$sock(r1, &(0x7f0000000400)={&(0x7f0000000580)=@in6={0x2, 0x4e22, 0x0, @dev}, 0x80, 0x0}, 0x4)

972.002115ms ago: executing program 1 (id=5017):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x0, 0x32, 0xfffffffd, 0x3}, 0x9c)
bind$inet6(r0, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
setsockopt$inet_sctp6_SCTP_PARTIAL_DELIVERY_POINT(r0, 0x84, 0x13, &(0x7f0000000440)=0x8, 0x4)
sendto$inet6(r0, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
read(r0, &(0x7f0000002a00)=""/4094, 0xffe)

923.264661ms ago: executing program 5 (id=5018):
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000000600)={&(0x7f00000001c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f0000000640)="80", 0x26892}], 0x1}, 0xfc)
sendmsg$inet(r0, &(0x7f0000000680)={&(0x7f0000000000)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000000540)=[{&(0x7f0000000240)="f9", 0x1}], 0x1}, 0x4000080)
sendmsg$inet(r0, &(0x7f00000010c0)={&(0x7f0000000f00)={0x2, 0x4e24, @rand_addr=0x64010102}, 0x10, &(0x7f0000001080)=[{&(0x7f0000000f40)='i', 0x1}], 0x1}, 0x8010)
timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000000))
timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0)

920.89328ms ago: executing program 7 (id=5019):
r0 = creat(&(0x7f0000000200)='./file0\x00', 0x100)
close(r0)
r1 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x3)
r2 = dup(r1)
sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000dc0), 0x6df8}}, 0x0)
mount$9p_fd(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000040), 0x200400, &(0x7f00000001c0)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}})

761.334193ms ago: executing program 9 (id=5020):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000002c0)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x80000001, '\x00', 0x0, 0x0}, 0x48)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f0000000280)={@val={0x6f01, 0x800}, @val={0x1, 0x0, 0x0, 0x0, 0x20}, @mpls={[], @ipv4=@tcp={{0x6, 0x4, 0x0, 0x0, 0x3f, 0x0, 0x0, 0x0, 0x84, 0x0, @empty=0x3fffffff, @local}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x5, 0xb, 0x0, 0x700, 0x0, 0x14, {[@window={0x9, 0xfffffffffffffec4}, @timestamp={0x5, 0x2}, @generic={0x0, 0x2, "d58838068b91"}]}}}}}}, 0x4e)

752.279862ms ago: executing program 2 (id=5022):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$kcm(0x2, 0x5, 0x84)
sendmsg$inet(r0, &(0x7f0000002980)={&(0x7f0000000180)={0x2, 0xe23, @remote}, 0x10, &(0x7f0000000680)=[{&(0x7f0000000380)="5f719d7a", 0x4}], 0x1}, 0x400c824)
setsockopt$sock_attach_bpf(r0, 0x84, 0x1e, &(0x7f0000000000), 0x10)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_inet_SIOCSIFADDR(r1, 0x891c, &(0x7f0000000540)={'batadv_slave_1\x00', {0x2, 0x0, @broadcast}})

625.446051ms ago: executing program 1 (id=5023):
r0 = socket$inet6(0xa, 0x3, 0x3c)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x5000, 0x0, @loopback, 0x5}, 0x1c)
writev(r0, &(0x7f00000000c0)=[{&(0x7f0000000140)=',<', 0x2}], 0x1)

593.465615ms ago: executing program 3 (id=5024):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz0\x00', 0x1ff)
openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0)
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000180)={0x0, 0xffffffffffffffff, 0x0, 0x7, &(0x7f0000000000)='cgroup\x00'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r1 = openat$cgroup_subtree(r0, &(0x7f0000000140), 0x2, 0x0)
write$cgroup_subtree(r1, &(0x7f0000000100)={[{0x2b, 'pids'}]}, 0x6)

473.022853ms ago: executing program 5 (id=5025):
r0 = syz_open_dev$dri(&(0x7f0000000000), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0})
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x2c040, 0x109)
sendmsg$unix(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000002480)=[{0x0}, {0x0}, {0x0}, {0x0}, {0x0}], 0x5, &(0x7f0000000040), 0xfffffffffffffeff}, 0x0)
setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000040), 0x4)
mount(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000000)='nfs4\x00', 0x0, &(0x7f00000001c0)='\x01')

395.207881ms ago: executing program 3 (id=5026):
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000340)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x25, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = syz_open_dev$usbfs(&(0x7f0000000040), 0x206, 0x3601)
ioctl$USBDEVFS_ALLOW_SUSPEND(r1, 0x5522)
ioctl$USBDEVFS_BULK(r1, 0x5523, 0x0)
ioctl$USBDEVFS_FORBID_SUSPEND(r1, 0x5521)

336.600456ms ago: executing program 9 (id=5027):
r0 = openat$iommufd(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$IOMMU_IOAS_ALLOC(r0, 0x3b81, &(0x7f0000000080)={0xc, 0x0, <r1=>0x0})
ioctl$IOMMU_VFIO_IOAS$GET(r0, 0x3b88, 0x0)
ioctl$IOMMU_VFIO_IOAS$SET(r0, 0x3b88, &(0x7f0000000200)={0xc, r1})
ioctl$IOMMU_VFIO_IOMMU_MAP_DMA(r0, 0x3b71, &(0x7f0000000280)={0x20, 0x0, 0x0, 0x1c, 0x1c})
ioctl$IOMMU_VFIO_IOMMU_UNMAP_DMA(r0, 0x3b72, &(0x7f0000000300)={0x18, 0x0, 0x1c, 0x1c})

303.307945ms ago: executing program 1 (id=5028):
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x181942, 0x0)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0)
mount$fuse(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r0}, 0x2c, {'rootmode', 0x3d, 0x1002}})
openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x40042, 0x1)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0, 0x42)
ioctl$FS_IOC_FSGETXATTR(r1, 0x801c581f, 0x0)

186.912253ms ago: executing program 5 (id=5029):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]})
r1 = openat$dma_heap(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
ioctl$DMA_HEAP_IOCTL_ALLOC(r1, 0xc0184800, &(0x7f0000000040)={0x4, <r2=>r0, 0x1})
ioctl$DMA_BUF_IOCTL_SYNC(r2, 0x40086201, &(0x7f0000000300)=0x2)
r3 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
pread64(r3, &(0x7f0000002140)=""/17, 0x11, 0x0)

186.129607ms ago: executing program 3 (id=5030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="0a00000004000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x5, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x20000}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000180)=r1, 0x4)
sendmsg$inet(r3, &(0x7f0000000100)={0x0, 0x0, 0x0}, 0x20000000)

158.997865ms ago: executing program 1 (id=5031):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0x4000, &(0x7f0000000c00)={[{@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nombcache}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x4}}, {@mblk_io_submit}, {@resuid}, {@norecovery}]}, 0x8, 0x445, &(0x7f0000001dc0)="$eJzs28tvG0UYAPBv105KX8RU5dEHECiIikfSpKX0wAEQSBxAQoJDOYYkrUrdBjVBolUFBaFyRJW4I45I/AWc4IKAExJX4IwqVSiXFk5Ga+82jmunSbDrEP9+0tYzu+POfJ4de3YnG8DAGs3+SSJ2RMRvETHSyC4vMNp4ubF4cfrvxYvTSdRqb/6V1MtdX7w4XRQt3re9yJQj0k+T2Nem3vnzF05PVauz5/L8+MKZ98bnz1945tSZqZOzJ2fPTh47duTwxHNHJ5/tSpxZXNf3fji3f8+rb195ffr4lXd++iYp4m+Jo0tG2+4tN14er9W6XF1/7WxKJ+U+NoQ1KeWn5FB9/I9EKZY6byRe+aSvjQN6qlar1e7rfPhSDdjEkuh3C4D+KH7os+vfYrtDU48N4dqLjQugLO4b+dY4Uo40LzPUcn3bTaMRcfzSP19mW7Teh9jao0oBgIH2XTb/ebrd/C+N5vtCd+drKJWIuCcidkXE0YjYHRH3RtTL3h8RD6yx/tZFklvnn+nVdQW2Stn87/l8bWv5/K+Y/UWllOd21uMfSk6cqs4eyj+TgzG0JctPrFDH9y//+nmnY83zv2zL6i/mgnk7rpa3LH/PzNTC1H+Judm1jyP2ltvFn9xcCUgiYk9EvLDOOk49+fX+Tsc6xD+8qv+4C+tMta8inmj0/6Voib+QrLw+OX5XVGcPjRdnxa1+/uXyG53qv33/91bW/9vanv9F/H9Ukub12vm113H59886XlOu9/wfTt5atu+DqYWFcxMRw8lr9Xylef9kS7nJpfJZ/AcPtB//u2Lpk9gXEdlJ/GBEPBQRD+dtfyQiHo2IAyvE/+NLj727/vh7K4t/ZsX+j5b+X0oMR+ue9onS6R++XVZpZS3xZ/1/pJ46mO9Zzfffatq1vrMZAAAA/n/SiNgRSTp2M52mY2ONv+HfHdvS6tz8wlMn5t4/O9N4RqASQ2lxp2uk6X7oRH5ZX+QnW/KH8/vGX5S21vNj03PVmX4HDwNue4fxn/mz1O/WAT3neS0YXMY/DC7jHwaX8Q+Dq8349+gZDIh2v/8f9aEdwJ3XMv5XXPYzMYDNxfU/DC7jHwaX8Q8DaX5r3P4h+c2RSCNiAzRjsyQi3RDNkOhRot/fTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAN3xbwAAAP//ynflmQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x40, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000400)='./bus\x00', 0x1c5042, 0x12)
write(r1, &(0x7f00000009c0)="3bf58d", 0x3)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7fffeffd)

121.89039ms ago: executing program 9 (id=5032):
syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000500)={0x34, &(0x7f0000000200)={0x0, 0x0, 0x1, "e9"}, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000000240)={0x24, 0x0, 0x0, 0x0, 0x0}, 0x0)
r0 = syz_open_dev$evdev(&(0x7f0000001540), 0x0, 0x0)
ioctl$EVIOCGLED(r0, 0x5452, &(0x7f0000000240)=""/77)
r1 = syz_open_dev$evdev(&(0x7f00000000c0), 0x78, 0x822b01)
write$char_usb(r1, &(0x7f0000000040)="e2", 0x1068)

0s ago: executing program 3 (id=5033):
r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000140), 0x2, 0x0)
ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000040)=0x90000)
ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000240)={@hyper})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000000)={{@my=0x1}, @my=0x1, 0x0, 0x0, 0x421})
ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f0000000080)={{@hyper, 0x2}, @any, 0x0, 0x0, 0x2, 0x6, 0x5, 0x10001, 0x8})
ioctl$IOCTL_VMCI_QUEUEPAIR_SETPF(r0, 0x7a9, &(0x7f00000003c0)={{@my=0x1}, 0xfff, 0xffffffffffffffff, 0x0, 0x0, 0x80000, 0x2, 0x1000000000ff6, 0x58df})

kernel console output (not intermixed with test programs):

illegal pblock 0 (length 1)
[  686.947868][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  687.029843][T17542] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  687.077983][T17542] EXT4-fs (loop4): This should not happen!! Data will be lost
[  687.077983][T17542] 
[  687.126119][T17542] EXT4-fs error (device loop4): ext4_map_blocks:814: inode #15: comm syz.4.4206: lblock 0 mapped to illegal pblock 0 (length 1)
[  687.178401][T17542] EXT4-fs (loop4): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 117
[  687.248484][T17542] EXT4-fs (loop4): This should not happen!! Data will be lost
[  687.248484][T17542] 
[  687.314001][   T44] hid-generic 0000:0000:0000.004A: unknown main item tag 0x0
[  687.339926][   T44] hid-generic 0000:0000:0000.004A: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  687.978012][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  688.338688][T17560] loop5: detected capacity change from 0 to 32768
[  688.366579][T17560] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  688.374943][T17560] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  688.384532][T17270] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  688.433559][T17560] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  688.477031][ T6008] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  688.494708][ T6008] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  688.603408][ T6008] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 108ms
[  688.618312][ T6008] gfs2: fsid=syz:syz.0: jid=0: Done
[  688.625254][T17560] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  688.667032][ T6012] usb 10-1: USB disconnect, device number 5
[  689.017969][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  689.771544][T17577] loop4: detected capacity change from 0 to 32768
[  689.839993][T17577] 
[  689.839993][T17577]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  689.839993][T17577] 
[  689.919296][T17577] ERROR: (device loop4): diWrite: ixpxd invalid
[  689.919296][T17577] 
[  689.938082][T17577] ERROR: (device loop4): txAbort: 
[  689.938082][T17577] 
[  690.018020][T17577] 
[  690.018020][T17577]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.018020][T17577] 
[  690.038247][T17577] 
[  690.038247][T17577]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  690.038247][T17577] 
[  690.057756][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  690.177109][T17577] ERROR: (device loop4): dtSearch: stack overrun!
[  690.177109][T17577] 
[  690.204037][T17577] btstack dump:
[  690.208135][T17577] bn = 0, index = 0
[  690.212012][T17577] bn = 30, index = 0
[  690.215984][T17577] bn = 0, index = 0
[  690.287709][T17577] bn = 30, index = 0
[  690.301615][T17577] bn = 0, index = 0
[  690.311832][T17577] bn = 30, index = 0
[  690.342468][T17577] bn = 0, index = 0
[  690.346309][T17577] bn = 0, index = 0
[  690.404164][T17577] jfs_lookup: dtSearch returned -5
[  690.523333][T17614] netlink: 'syz.9.4232': attribute type 10 has an invalid length.
[  690.560301][T17614] netlink: 40 bytes leftover after parsing attributes in process `syz.9.4232'.
[  690.602202][T17614] dummy0: entered promiscuous mode
[  690.635037][T17614] bridge0: port 3(dummy0) entered blocking state
[  690.667932][T17614] bridge0: port 3(dummy0) entered disabled state
[  690.692279][T17614] dummy0: entered allmulticast mode
[  690.725446][T17614] bridge0: port 3(dummy0) entered blocking state
[  690.731995][T17614] bridge0: port 3(dummy0) entered forwarding state
[  691.097778][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  691.238810][T17630] netlink: 96 bytes leftover after parsing attributes in process `syz.1.4239'.
[  691.277654][ T5956] usb 6-1: new high-speed USB device number 7 using dummy_hcd
[  691.450073][ T5956] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  691.483354][ T5956] usb 6-1: config 0 has no interfaces?
[  691.504959][ T5956] usb 6-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  691.554835][ T5956] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  691.597449][ T5956] usb 6-1: Product: syz
[  691.601688][ T5956] usb 6-1: Manufacturer: syz
[  691.646384][ T5956] usb 6-1: SerialNumber: syz
[  691.685615][ T3512] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  691.716930][T17634] loop9: detected capacity change from 0 to 32768
[  691.729178][ T5956] usb 6-1: config 0 descriptor??
[  691.767257][T17634] JBD2: Ignoring recovery information on journal
[  691.832701][T17634] ocfs2: Mounting device (7,9) on (node local, slot 0) with ordered data mode.
[  691.857540][ T5877] usb 5-1: new high-speed USB device number 14 using dummy_hcd
[  691.875153][   T30] audit: type=1800 audit(1758452163.554:753): pid=17634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4240" name="bus" dev="loop9" ino=17058 res=0 errno=0
[  691.923827][T17634] OCFS2: ERROR (device loop9): ocfs2_reserve_local_alloc_bits: local alloc inode 76 says it has 9 used bits, but a count shows 8
[  691.938197][T17634] On-disk corruption discovered. Please run fsck.ocfs2 once the filesystem is unmounted.
[  691.948100][T17634] OCFS2: File system is now read-only.
[  691.953569][T17634] (syz.9.4240,17634,1):ocfs2_reserve_local_alloc_bits:710 ERROR: status = -30
[  691.963304][T17634] (syz.9.4240,17634,1):ocfs2_reserve_clusters_with_limit:1172 ERROR: status = -30
[  691.972779][T17634] (syz.9.4240,17634,1):ocfs2_reserve_clusters_with_limit:1221 ERROR: status = -30
[  691.982094][T17634] (syz.9.4240,17634,1):ocfs2_lock_allocators:2775 ERROR: status = -30
[  691.990372][T17634] (syz.9.4240,17634,1):ocfs2_write_begin_nolock:1723 ERROR: status = -30
[  691.999711][T17634] (syz.9.4240,17634,1):ocfs2_dio_wr_get_block:2218 ERROR: status = -30
[  692.010221][T17634] (syz.9.4240,17634,1):ocfs2_dio_end_io:2400 ERROR: Direct IO failed, bytes = -30
[  692.097574][ T5877] usb 5-1: Using ep0 maxpacket: 8
[  692.118974][T15964] ocfs2: Unmounting device (7,9) on (node local)
[  692.123131][   T30] audit: type=1326 audit(1758452163.804:754): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.148637][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  692.165778][ T5877] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  692.193899][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  692.214459][ T5877] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  692.247725][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  692.276876][   T30] audit: type=1326 audit(1758452163.844:755): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.317819][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  692.366030][ T5877] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  692.367512][   T30] audit: type=1326 audit(1758452163.854:756): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.410569][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  692.465848][ T5877] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  692.495334][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  692.501077][   T30] audit: type=1326 audit(1758452163.854:757): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.530828][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  692.579540][ T5877] usb 5-1: config 168 descriptor has 1 excess byte, ignoring
[  692.587017][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11
[  692.635359][   T30] audit: type=1326 audit(1758452163.854:758): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.643817][ T5877] usb 5-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  692.726240][   T30] audit: type=1326 audit(1758452163.874:759): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=307 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.758815][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7
[  692.788459][ T5956] usb 6-1: USB disconnect, device number 7
[  692.797196][ T5877] usb 5-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024
[  692.831412][ T5877] usb 5-1: string descriptor 0 read error: -22
[  692.838013][ T5877] usb 5-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e
[  692.847071][ T5877] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  692.852160][   T30] audit: type=1326 audit(1758452163.944:760): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  692.926610][ T5877] adutux 5-1:168.0: ADU100  now attached to /dev/usb/adutux0
[  692.941784][   T30] audit: type=1326 audit(1758452163.984:761): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  693.025981][   T30] audit: type=1326 audit(1758452164.044:762): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17649 comm="syz.1.4244" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2e1bd8ec29 code=0x7ffc0000
[  693.177510][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  693.228587][ T5956] usb 5-1: USB disconnect, device number 14
[  693.617671][T17670] netlink: 'syz.5.4253': attribute type 1 has an invalid length.
[  693.850826][T17670] 8021q: adding VLAN 0 to HW filter on device bond1
[  694.050775][T17672] bond1: (slave geneve2): making interface the new active one
[  694.130723][T17672] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  694.227487][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  694.386072][T17659] loop2: detected capacity change from 0 to 32768
[  694.440204][T17659] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4249 (17659)
[  694.491740][T17659] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  694.521872][T17659] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  694.663248][T17659] BTRFS info (device loop2): enabling ssd optimizations
[  694.681953][T17659] BTRFS info (device loop2): turning on async discard
[  694.753080][T17659] BTRFS info (device loop2): enabling free space tree
[  694.765845][T17703] IPv4: Oversized IP packet from 127.202.26.0
[  695.040232][ T5869] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  695.257385][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  695.352309][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  695.359169][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  695.594171][T17723] loop5: detected capacity change from 0 to 2048
[  695.765973][T17723] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  695.848924][T17723] ext4 filesystem being mounted at /68/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  696.167273][ T5877] usb 10-1: new high-speed USB device number 6 using dummy_hcd
[  696.297527][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  696.339324][ T5877] usb 10-1: config 220 has an invalid interface number: 76 but max is 2
[  696.365116][ T5877] usb 10-1: config 220 contains an unexpected descriptor of type 0x2, skipping
[  696.389645][ T5877] usb 10-1: config 220 has an invalid descriptor of length 0, skipping remainder of the config
[  696.424251][ T5877] usb 10-1: config 220 has no interface number 2
[  696.478396][T17723] fs-verity (loop5, inode 13): Error -4 building Merkle tree
[  696.486036][ T5877] usb 10-1: config 220 interface 1 altsetting 5 has 0 endpoint descriptors, different from the interface descriptor's value: 12
[  696.518268][ T5877] usb 10-1: config 220 interface 0 has no altsetting 0
[  696.548789][ T5877] usb 10-1: config 220 interface 76 has no altsetting 0
[  696.555784][ T5877] usb 10-1: config 220 interface 1 has no altsetting 0
[  696.606822][ T5877] usb 10-1: New USB device found, idVendor=8086, idProduct=0b07, bcdDevice=6c.b9
[  696.626433][ T5877] usb 10-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  696.656619][ T5877] usb 10-1: Product: syz
[  696.661074][ T5877] usb 10-1: Manufacturer: syz
[  696.665771][ T5877] usb 10-1: SerialNumber: syz
[  696.721980][T16191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  696.837613][   T44] usb 3-1: new high-speed USB device number 34 using dummy_hcd
[  696.916945][ T5877] usb 10-1: Found UVC 7.01 device syz (8086:0b07)
[  696.951725][ T5877] usb 10-1: No valid video chain found.
[  696.963477][ T5877] usb 10-1: selecting invalid altsetting 0
[  697.000149][ T5877] usb 10-1: selecting invalid altsetting 0
[  697.014619][   T44] usb 3-1: New USB device found, idVendor=1a86, idProduct=7522, bcdDevice=35.36
[  697.027736][   T44] usb 3-1: New USB device strings: Mfr=241, Product=2, SerialNumber=3
[  697.057199][ T5877] usbtest 10-1:220.1: probe with driver usbtest failed with error -22
[  697.067414][T17761] input: syz0 as /devices/virtual/input/input72
[  697.074510][   T44] usb 3-1: Product: syz
[  697.088674][ T5877] usb 10-1: USB disconnect, device number 6
[  697.097184][   T44] usb 3-1: Manufacturer: syz
[  697.104792][   T44] usb 3-1: SerialNumber: syz
[  697.137588][   T44] usb 3-1: config 0 descriptor??
[  697.156353][   T44] ch341 3-1:0.0: ch341-uart converter detected
[  697.347284][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  698.090525][T17768] loop1: detected capacity change from 0 to 32768
[  698.126320][T17768] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  698.134637][T17768] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  698.224401][T17768] gfs2: fsid=syz:syz.0: journal 0 mapped with 1 extents in 1ms
[  698.238904][ T5877] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  698.246439][ T5877] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  698.317668][   T44] usb 3-1: ch341-uart converter now attached to ttyUSB0
[  698.387255][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  698.398485][ T5877] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 152ms
[  698.406132][ T5877] gfs2: fsid=syz:syz.0: jid=0: Done
[  698.411543][T17768] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  698.522846][ T5877] usb 3-1: USB disconnect, device number 34
[  698.533197][ T5877] ch341-uart ttyUSB0: ch341-uart converter now disconnected from ttyUSB0
[  698.551727][ T5877] ch341 3-1:0.0: device disconnected
[  699.417535][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  700.117601][ T6012] usb 10-1: new high-speed USB device number 7 using dummy_hcd
[  700.288243][ T6012] usb 10-1: Using ep0 maxpacket: 16
[  700.315385][ T6012] usb 10-1: config 0 has an invalid interface number: 232 but max is 0
[  700.337349][ T6012] usb 10-1: config 0 has no interface number 0
[  700.343603][ T6012] usb 10-1: config 0 interface 232 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  700.417022][ T6012] usb 10-1: config 0 interface 232 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  700.458559][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  700.478287][ T6012] usb 10-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[  700.519361][ T6012] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  700.565117][ T6012] usb 10-1: config 0 descriptor??
[  700.864349][T17824] loop4: detected capacity change from 0 to 4096
[  700.903296][T17824] ntfs3(loop4): Different NTFS sector size (1024) and media sector size (512).
[  701.272206][ T5959] usb 10-1: USB disconnect, device number 7
[  701.484268][T17830] netlink: 'syz.1.4315': attribute type 4 has an invalid length.
[  701.497090][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  701.544386][T17830] netlink: 17 bytes leftover after parsing attributes in process `syz.1.4315'.
[  702.537019][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  703.036420][T17868] loop2: detected capacity change from 0 to 32768
[  703.044030][T17868] BTRFS warning: excessive commit interval 2147483647, use with care
[  703.060159][T17868] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4329 (17868)
[  703.077900][T17868] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  703.088979][T17868] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  703.097617][T17868] BTRFS warning (device loop2): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  703.199998][T17868] BTRFS info (device loop2): rebuilding free space tree
[  703.214811][T17868] BTRFS info (device loop2): disabling free space tree
[  703.221810][T17868] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  703.231880][T17868] BTRFS info (device loop2): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  703.251529][T17868] BTRFS info (device loop2): setting nodatasum
[  703.257796][T17868] BTRFS info (device loop2): enabling ssd optimizations
[  703.265442][T17868] BTRFS info (device loop2): turning off barriers
[  703.272330][T17868] BTRFS info (device loop2): turning on flush-on-commit
[  703.279336][T17868] BTRFS info (device loop2): enabling disk space caching
[  703.286412][T17868] BTRFS info (device loop2): force clearing of disk cache
[  703.293596][T17868] BTRFS info (device loop2): doing ref verification
[  703.300312][T17868] BTRFS info (device loop2): max_inline set to 0
[  703.545587][T17890] syz.5.4333 (17890): drop_caches: 2
[  703.576903][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  703.815590][ T5869] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  704.532279][ T5956] usb 6-1: new high-speed USB device number 8 using dummy_hcd
[  704.617091][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  704.748770][ T5956] usb 6-1: Using ep0 maxpacket: 16
[  704.766999][ T5956] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  704.787252][ T5956] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  704.811454][ T5956] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 9
[  704.841516][ T5956] usb 6-1: New USB device found, idVendor=045e, idProduct=07da, bcdDevice= 0.00
[  704.863852][ T5956] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  704.903084][ T5956] usb 6-1: config 0 descriptor??
[  705.236116][   T30] kauditd_printk_skb: 8 callbacks suppressed
[  705.236143][   T30] audit: type=1326 audit(1758452176.915:771): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.336094][   T30] audit: type=1326 audit(1758452176.925:772): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.421701][ T5956] HID 045e:07da: Invalid code 65791 type 1
[  705.432972][   T30] audit: type=1326 audit(1758452176.945:773): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=435 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.480613][ T5956] input: HID 045e:07da as /devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/0003:045E:07DA.004C/input/input73
[  705.526719][   T30] audit: type=1326 audit(1758452177.095:774): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.583131][ T5956] microsoft 0003:045E:07DA.004C: input,hidraw0: USB HID v0.00 Device [HID 045e:07da] on usb-dummy_hcd.5-1/input0
[  705.598803][   T30] audit: type=1326 audit(1758452177.095:775): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.622809][   T30] audit: type=1326 audit(1758452177.095:776): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17952 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7f50aabc14e5 code=0x7ffc0000
[  705.645847][   T30] audit: type=1326 audit(1758452177.225:777): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.668414][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  705.675865][   T30] audit: type=1326 audit(1758452177.225:778): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.717916][   T30] audit: type=1326 audit(1758452177.235:779): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  705.750539][ T5877] usb 6-1: USB disconnect, device number 8
[  705.806290][   T30] audit: type=1326 audit(1758452177.235:780): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=17948 comm="syz.2.4356" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  706.083321][T17971] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  706.600997][T17991] loop5: detected capacity change from 0 to 2048
[  706.678950][T17991] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  706.696917][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  706.871571][T18005] loop4: detected capacity change from 0 to 256
[  706.898628][T18005] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xf4000b14, utbl_chksum : 0xe619d30d)
[  707.128054][ T5959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  707.316323][T18013] loop5: detected capacity change from 0 to 512
[  707.347410][T18013] EXT4-fs: Ignoring removed bh option
[  707.365102][T18013] EXT4-fs (loop5): mounting ext3 file system using the ext4 subsystem
[  707.365394][T18015] overlayfs: failed to clone upperpath
[  707.386747][ T5959] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  707.426948][T18013] EXT4-fs (loop5): 1 truncate cleaned up
[  707.452386][T18013] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  707.494201][T17995] loop1: detected capacity change from 0 to 32768
[  707.517401][T17995] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4376 (17995)
[  707.588169][T17995] BTRFS info (device loop1): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  707.634420][T17995] BTRFS info (device loop1): using xxhash64 (xxhash64-generic) checksum algorithm
[  707.737185][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  707.805435][T16191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  707.881528][T17995] BTRFS info (device loop1): enabling ssd optimizations
[  707.905154][T17995] BTRFS info (device loop1): enabling free space tree
[  708.038933][ T5874] BTRFS info (device loop1): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  708.227049][ T5877] usb 6-1: new high-speed USB device number 9 using dummy_hcd
[  708.397249][ T5877] usb 6-1: Using ep0 maxpacket: 16
[  708.425501][ T5877] usb 6-1: config 1 contains an unexpected descriptor of type 0x2, skipping
[  708.466577][ T5877] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  708.493060][ T5877] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 3
[  708.548899][ T5877] usb 6-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  708.570223][ T5877] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.596940][ T5877] usb 6-1: Product: syz
[  708.610197][ T5877] usb 6-1: Manufacturer: syz
[  708.625046][ T5877] usb 6-1: SerialNumber: syz
[  708.777106][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  708.812127][T18063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4393'.
[  708.864644][T18063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4393'.
[  708.931518][ T1149] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  708.941063][T18063] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4393'.
[  708.950236][ T1149] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  708.959739][T18063] netlink: 4 bytes leftover after parsing attributes in process `syz.1.4393'.
[  708.976727][ T1149] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  708.996735][T18054] loop9: detected capacity change from 0 to 32768
[  709.006082][ T1149] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  709.057130][ T5877] usb 6-1: 0:2 : does not exist
[  709.067842][T18054] ocfs2: Mounting device (7,9) on (node local, slot 0) with writeback data mode.
[  709.688424][T18077] loop4: detected capacity change from 0 to 32768
[  709.740197][T15964] ocfs2: Unmounting device (7,9) on (node local)
[  709.756961][ T5959] usb 2-1: new high-speed USB device number 54 using dummy_hcd
[  709.816619][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  709.870862][T18077] bcachefs (loop4): starting version 1.7: mi_btree_bitmap opts=compression=zstd,erasure_code,wide_macs,nojournal_transaction_names
[  709.870901][T18077]   allowing incompatible features above 0.0: (unknown version)
[  709.870924][T18077]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  709.906435][T18077] bcachefs (loop4): Using encoding defined by superblock: utf8-12.1.0
[  709.916052][T18077] bcachefs (loop4): recovering from clean shutdown, journal seq 14
[  709.924305][T18077] bcachefs (loop4): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive
[  709.924305][T18077]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  709.924541][ T5877] usb 6-1: USB disconnect, device number 9
[  709.968796][ T5959] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  709.979167][ T5876] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  710.009477][ T5959] usb 2-1: config 0 has no interfaces?
[  710.054330][ T5959] usb 2-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  710.075883][T18077] bcachefs (loop4): accounting_read...
[  710.096897][ T5959] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  710.125456][T18077]  done
[  710.128858][T18077] bcachefs (loop4): alloc_read... done
[  710.135892][T18077] bcachefs (loop4): snapshots_read... done
[  710.172372][T18077] bcachefs (loop4): check_allocations...
[  710.179960][T18077] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  710.180027][T18077]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 18efb381d2ec84b2 written 48 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[  710.216748][ T5959] usb 2-1: Product: syz
[  710.229607][T18077] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  710.229635][T18077]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq eb946090a3e301b5 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  710.259962][ T5959] usb 2-1: Manufacturer: syz
[  710.264594][ T5959] usb 2-1: SerialNumber: syz
[  710.275200][T18077] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  710.275230][T18077]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1b163e2cac54a139 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  710.307877][ T5959] usb 2-1: config 0 descriptor??
[  710.347828][T18077] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  710.347859][T18077]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c59150a5cc8748d6 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  710.374935][T18077] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  710.374965][T18077]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2e86b5535b69cce2 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  710.404156][T18077] bcachefs (loop4): btree ptr not marked in member info btree allocated bitmap
[  710.404186][T18077]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq af1b2a109e85bae1 written 48 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[  710.467924][T18077]  done
[  710.509976][T18077] bcachefs (loop4): going read-write
[  710.546115][T18077] bcachefs (loop4): journal_replay... done
[  710.797982][T18077] bcachefs (loop4): check_extents_to_backpointers...
[  710.800036][T18077] bcachefs (loop4): scanning for missing backpointers in 6/128 buckets
[  710.817556][T18077]  done
[  710.823939][T18077] bcachefs (loop4): check_inodes... done
[  710.833031][T18077] bcachefs (loop4): resume_logged_ops... done
[  710.841777][T18077] bcachefs (loop4): delete_dead_inodes... done
[  710.856547][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  710.875529][T18077] bcachefs (loop4): Fixed errors, running fsck a second time to verify fs is clean
[  710.885036][T18077] bcachefs (loop4): check_extents_to_backpointers... done
[  710.899258][T18077] bcachefs (loop4): check_inodes... done
[  710.906926][T18077] bcachefs (loop4): resume_logged_ops... done
[  710.914067][T18077] bcachefs (loop4): delete_dead_inodes... done
[  710.925127][T18077] bcachefs (loop4): done starting filesystem
[  711.053111][T18077] syz.4.4401 (18077) used greatest stack depth: 16104 bytes left
[  711.156783][T17270] bcachefs (loop4): shutting down
[  711.171970][T17270] bcachefs (loop4): going read-only
[  711.190588][T17270] bcachefs (loop4): finished waiting for writes to stop
[  711.224526][ T5959] usb 2-1: USB disconnect, device number 54
[  711.238757][T17270] bcachefs (loop4): flushing journal and stopping allocators, journal seq 22
[  711.268217][T17270] bcachefs (loop4): flushing journal and stopping allocators complete, journal seq 22
[  711.288929][T18112] loop5: detected capacity change from 0 to 64
[  711.305548][T17270] bcachefs (loop4): clean shutdown complete, journal seq 23
[  711.325493][T17270] bcachefs (loop4): marking filesystem clean
[  711.374854][   T30] kauditd_printk_skb: 4 callbacks suppressed
[  711.374880][   T30] audit: type=1800 audit(1758452183.055:785): pid=18112 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.4410" name="file1" dev="loop5" ino=21 res=0 errno=0
[  711.465301][T17270] bcachefs (loop4): shutdown complete
[  711.897238][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  712.946413][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  713.154574][T18128] loop2: detected capacity change from 0 to 32768
[  713.221292][T18128] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4420 (18128)
[  713.310575][T18128] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  713.328708][T18128] BTRFS info (device loop2): using crc32c (crc32c-lib) checksum algorithm
[  713.437894][T18179] netlink: 'syz.3.4433': attribute type 1 has an invalid length.
[  713.504716][T18128] BTRFS info (device loop2): enabling ssd optimizations
[  713.522020][T18128] BTRFS info (device loop2): enabling free space tree
[  713.568442][T18179] 8021q: adding VLAN 0 to HW filter on device bond1
[  713.639472][T18186] bond1: (slave geneve2): making interface the new active one
[  713.648854][T18186] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  713.733204][T18188] loop9: detected capacity change from 0 to 1024
[  713.755537][T18188] EXT4-fs: Ignoring removed orlov option
[  713.762879][T18188] EXT4-fs: Ignoring removed nobh option
[  713.792512][T18188] EXT4-fs: Ignoring removed bh option
[  713.899818][T18188] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  713.976480][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  714.079845][T18188] EXT4-fs error (device loop9): ext4_mb_mark_diskspace_used:4182: comm syz.9.4436: Allocating blocks 481-513 which overlap fs metadata
[  714.169277][ T5869] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  714.355815][T18188] EXT4-fs (loop9): pa ffff88803316f000: logic 352, phys. 465, len 3
[  714.365099][T18188] EXT4-fs error (device loop9): ext4_mb_release_inode_pa:5433: group 0, free 0, pa_free 1
[  714.735735][T15964] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  715.026275][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  715.051714][T18215] loop9: detected capacity change from 0 to 1024
[  715.109868][T18217] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  715.415520][T18225] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  716.056312][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  716.551852][T18253] loop2: detected capacity change from 0 to 32768
[  716.612599][T18254] loop1: detected capacity change from 0 to 32768
[  716.620381][T18254] BTRFS warning: excessive commit interval 2147483647, use with care
[  716.631721][T18254] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4462 (18254)
[  716.652306][T18254] BTRFS info (device loop1): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  716.666260][T18254] BTRFS info (device loop1): using crc32c (crc32c-lib) checksum algorithm
[  716.680729][T18254] BTRFS warning (device loop1): space cache v1 is being deprecated and will be removed in a future release, please use -o space_cache=v2
[  716.696281][ T5959] usb 5-1: new high-speed USB device number 15 using dummy_hcd
[  716.862407][T18253] bcachefs (loop2): starting version 1.7: mi_btree_bitmap opts=compression=zstd,erasure_code,wide_macs,nojournal_transaction_names
[  716.862446][T18253]   allowing incompatible features above 0.0: (unknown version)
[  716.862469][T18253]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  716.888227][ T5959] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  716.898861][T18253] bcachefs (loop2): Using encoding defined by superblock: utf8-12.1.0
[  716.917201][T18253] bcachefs (loop2): recovering from clean shutdown, journal seq 14
[  716.925287][T18253] bcachefs (loop2): Doing compatible version upgrade from 1.7: mi_btree_bitmap to 1.28: inode_has_case_insensitive
[  716.925287][T18253]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  716.997796][T18253] bcachefs (loop2): accounting_read...
[  717.009343][ T5959] usb 5-1: config 0 has no interfaces?
[  717.022877][T18253]  done
[  717.025702][T18253] bcachefs (loop2): alloc_read... done
[  717.048153][T18254] BTRFS info (device loop1): rebuilding free space tree
[  717.051010][T18253] bcachefs (loop2): snapshots_read... done
[  717.072845][T18253] bcachefs (loop2): check_allocations...
[  717.076429][T18253] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap
[  717.076461][T18253]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 18efb381d2ec84b2 written 48 min_key POS_MIN durability: 1 ptr: 0:26:0 gen 0, fixing
[  717.093536][T18254] BTRFS info (device loop1): disabling free space tree
[  717.106821][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  717.110887][T18253] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap
[  717.113948][T18254] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  717.120982][T18253]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq eb946090a3e301b5 written 24 min_key POS_MIN durability: 1 ptr: 0:38:0 gen 0, fixing
[  717.129759][T18254] BTRFS info (device loop1): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  717.135371][T18254] BTRFS info (device loop1): setting nodatasum
[  717.144336][T18253] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap
[  717.153774][T18254] BTRFS info (device loop1): enabling ssd optimizations
[  717.164006][T18253]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 1b163e2cac54a139 written 24 min_key POS_MIN durability: 1 ptr: 0:41:0 gen 0, fixing
[  717.170357][T18254] BTRFS info (device loop1): turning off barriers
[  717.170404][T18254] BTRFS info (device loop1): turning on flush-on-commit
[  717.170449][T18254] BTRFS info (device loop1): enabling disk space caching
[  717.170485][T18254] BTRFS info (device loop1): force clearing of disk cache
[  717.170522][T18254] BTRFS info (device loop1): doing ref verification
[  717.170553][T18254] BTRFS info (device loop1): max_inline set to 0
[  717.217447][T18253] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap
[  717.249041][ T5959] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  717.252974][T18253]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq c59150a5cc8748d6 written 16 min_key POS_MIN durability: 1 ptr: 0:35:0 gen 0, fixing
[  717.283323][T18253] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap
[  717.283355][T18253]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 2e86b5535b69cce2 written 16 min_key POS_MIN durability: 1 ptr: 0:32:0 gen 0, fixing
[  717.285474][ T5959] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  717.333325][T18253] bcachefs (loop2): btree ptr not marked in member info btree allocated bitmap
[  717.333355][T18253]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq af1b2a109e85bae1 written 48 min_key POS_MIN durability: 1 ptr: 0:29:0 gen 0, fixing
[  717.355325][ T5959] usb 5-1: Product: syz
[  717.361310][ T5959] usb 5-1: Manufacturer: syz
[  717.376625][T18253]  done
[  717.384859][T18253] bcachefs (loop2): going read-write
[  717.417128][ T5959] usb 5-1: SerialNumber: syz
[  717.418261][T18253] bcachefs (loop2): journal_replay...
[  717.464770][ T5959] usb 5-1: config 0 descriptor??
[  717.677283][T18253]  done
[  717.685692][T18253] bcachefs (loop2): check_extents_to_backpointers...
[  717.688157][T18253] bcachefs (loop2): scanning for missing backpointers in 6/128 buckets
[  717.717245][T18253]  done
[  717.725756][T18253] bcachefs (loop2): check_inodes... done
[  717.740294][T18253] bcachefs (loop2): resume_logged_ops... done
[  717.747765][T18253] bcachefs (loop2): delete_dead_inodes... done
[  717.807341][T18253] bcachefs (loop2): Fixed errors, running fsck a second time to verify fs is clean
[  717.816834][T18253] bcachefs (loop2): check_extents_to_backpointers... done
[  717.827867][T18253] bcachefs (loop2): check_inodes... done
[  717.836815][T18253] bcachefs (loop2): resume_logged_ops... done
[  717.844233][T18253] bcachefs (loop2): delete_dead_inodes... done
[  717.913902][T18253] bcachefs (loop2): done starting filesystem
[  717.916009][ T5874] BTRFS info (device loop1): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  717.941911][   T12] nci: nci_rf_discover_ntf_packet: unsupported rf_tech_and_mode 0x7d
[  718.026660][ T5869] bcachefs (loop2): shutting down
[  718.043578][ T5869] bcachefs (loop2): going read-only
[  718.049101][ T5869] bcachefs (loop2): finished waiting for writes to stop
[  718.065372][ T5869] bcachefs (loop2): flushing journal and stopping allocators, journal seq 22
[  718.100556][ T5869] bcachefs (loop2): flushing journal and stopping allocators complete, journal seq 22
[  718.156128][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  718.168114][ T5869] bcachefs (loop2): clean shutdown complete, journal seq 23
[  718.211543][ T5869] bcachefs (loop2): marking filesystem clean
[  718.369773][ T5869] bcachefs (loop2): shutdown complete
[  718.448057][T18310] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4475'.
[  718.490204][T18310] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4475'.
[  718.501159][ T5956] usb 5-1: USB disconnect, device number 15
[  718.569406][T18310] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4475'.
[  718.579662][ T1149] netdevsim netdevsim9 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  718.596174][T18310] netlink: 4 bytes leftover after parsing attributes in process `syz.9.4475'.
[  718.632736][ T1149] netdevsim netdevsim9 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  718.684124][ T1149] netdevsim netdevsim9 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  718.700542][   T36] netdevsim netdevsim9 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  719.176099][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  719.186987][T18325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4480'.
[  719.216058][T18325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.4480'.
[  719.885934][ T5959] usb 6-1: new high-speed USB device number 10 using dummy_hcd
[  720.146194][ T5959] usb 6-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  720.163465][ T5959] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  720.216045][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  720.230364][ T5959] usb 6-1: config 0 descriptor??
[  720.642161][T18331] loop4: detected capacity change from 0 to 32768
[  720.701077][T18345] netlink: 24 bytes leftover after parsing attributes in process `syz.1.4489'.
[  720.747001][T18345] netlink: 'syz.1.4489': attribute type 1 has an invalid length.
[  720.754318][T18331] XFS (loop4): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  720.772660][T18345] netlink: 'syz.1.4489': attribute type 2 has an invalid length.
[  720.780612][T18345] netlink: 16 bytes leftover after parsing attributes in process `syz.1.4489'.
[  720.930120][T18331] XFS (loop4): Ending clean mount
[  720.994011][T18331] XFS (loop4): Quotacheck needed: Please wait.
[  721.152204][T18331] XFS (loop4): Quotacheck: Done.
[  721.255955][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  721.412377][T17270] XFS (loop4): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  721.529946][ T5959] usb 6-1: Cannot set autoneg
[  721.551837][ T5959] MOSCHIP usb-ethernet driver 6-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  721.628619][ T5959] usb 6-1: USB disconnect, device number 10
[  721.856310][T18365] fuse: Bad value for 'fd'
[  722.295871][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  723.302643][T18405] loop5: detected capacity change from 0 to 8192
[  723.323944][T18411] loop4: detected capacity change from 0 to 512
[  723.345840][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  723.419018][T18411] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  723.444688][T18411] ext4 filesystem being mounted at /48/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  723.467419][T18404] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  723.512920][T18419] Invalid ELF header magic: != ELF
[  723.604059][   T30] audit: type=1800 audit(1758452195.286:786): pid=18420 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.4515" name="file1" dev="loop4" ino=15 res=0 errno=0
[  723.624660][    C1] vkms_vblank_simulate: vblank timer overrun
[  723.868153][T17270] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  724.309558][T18441] loop2: detected capacity change from 0 to 128
[  724.323342][T18441] EXT4-fs: Ignoring removed nobh option
[  724.372542][T18441] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  724.384834][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  724.416179][ T5956] usb 6-1: new low-speed USB device number 11 using dummy_hcd
[  724.462372][T18441] ext4 filesystem being mounted at /775/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  724.605806][ T5956] usb 6-1: New USB device found, idVendor=1557, idProduct=7720, bcdDevice=b7.eb
[  724.639837][ T5956] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  724.676851][ T5956] usb 6-1: config 0 descriptor??
[  724.739293][ T5869] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  724.987704][T18439] loop9: detected capacity change from 0 to 32768
[  725.024848][T18439] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4525 (18439)
[  725.082715][T18439] BTRFS info (device loop9): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  725.109597][T18439] BTRFS info (device loop9): using xxhash64 (xxhash64-generic) checksum algorithm
[  725.124799][T18459] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  725.132881][T18459] IPv6: NLM_F_CREATE should be set when creating new route
[  725.140164][T18459] IPv6: NLM_F_CREATE should be set when creating new route
[  725.351996][T18439] BTRFS info (device loop9): enabling ssd optimizations
[  725.359439][T18439] BTRFS info (device loop9): enabling free space tree
[  725.387945][T18486] loop2: detected capacity change from 0 to 512
[  725.398612][T18486] EXT4-fs: Ignoring removed orlov option
[  725.410039][T18486] EXT4-fs (loop2): mounting ext3 file system using the ext4 subsystem
[  725.425710][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  725.455551][T18486] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=8042c119, mo2=0002]
[  725.479307][T18486] EXT4-fs error (device loop2): ext4_iget_extra_inode:5103: inode #15: comm syz.2.4537: corrupted in-inode xattr: e_value size too large
[  725.512197][T18486] EXT4-fs error (device loop2): ext4_orphan_get:1395: comm syz.2.4537: couldn't read orphan inode 15 (err -117)
[  725.541299][T15964] BTRFS info (device loop9): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  725.579269][T18486] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  725.933628][ T5956] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to write reg index 0x0000: -71
[  725.955134][ T5956] asix 6-1:0.0 (unnamed net_device) (uninitialized): Failed to send software reset: ffffffb9
[  726.005034][ T5869] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  726.009461][ T5956] asix 6-1:0.0: probe with driver asix failed with error -71
[  726.106182][ T5956] usb 6-1: USB disconnect, device number 11
[  726.455632][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  726.663549][T18506] loop9: detected capacity change from 0 to 1024
[  726.804401][T18506] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  727.447849][T15964] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  727.495660][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  727.845272][T18532] loop9: detected capacity change from 0 to 128
[  727.901845][T18532] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  727.969427][T18532] ext4 filesystem being mounted at /144/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  728.103872][T18532] syz.9.4556 (pid 18532) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  728.278950][T15964] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  728.535558][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  728.648165][T18520] loop1: detected capacity change from 0 to 32768
[  728.710481][T18520] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.4552 (18520)
[  728.849893][T18520] BTRFS info (device loop1): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  728.907054][T18520] BTRFS info (device loop1): using blake2b (blake2b-256-generic) checksum algorithm
[  728.961614][T18522] loop2: detected capacity change from 0 to 32768
[  729.001083][T18522] BTRFS: device fsid e417788f-7a09-42b2-9266-8ddc5d5d35d2 devid 1 transid 8 /dev/loop2 (7:2) scanned by syz.2.4553 (18522)
[  729.084412][T18522] BTRFS info (device loop2): first mount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  729.120584][T18522] BTRFS info (device loop2): using xxhash64 (xxhash64-generic) checksum algorithm
[  729.222947][T18520] BTRFS info (device loop1): enabling ssd optimizations
[  729.261633][T18520] BTRFS info (device loop1): enabling free space tree
[  729.273640][T18520] BTRFS info (device loop1): use lzo compression, level 1
[  729.560453][T18522] BTRFS info (device loop2): enabling ssd optimizations
[  729.575772][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  729.605499][T18522] BTRFS info (device loop2): enabling free space tree
[  729.758284][ T5874] BTRFS info (device loop1): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  729.850074][ T5869] BTRFS info (device loop2): last unmount of filesystem e417788f-7a09-42b2-9266-8ddc5d5d35d2
[  730.141358][T18594] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4573'.
[  730.392370][ T6008] usb 5-1: new high-speed USB device number 16 using dummy_hcd
[  730.566717][ T6008] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  730.594751][ T6008] usb 5-1: config 0 has no interfaces?
[  730.624797][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  730.650292][ T6008] usb 5-1: New USB device found, idVendor=2294, idProduct=425b, bcdDevice=a2.10
[  730.704789][ T6008] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  730.712842][ T6008] usb 5-1: Product: syz
[  730.741288][ T6008] usb 5-1: Manufacturer: syz
[  730.766095][ T6008] usb 5-1: SerialNumber: syz
[  730.785827][ T6008] usb 5-1: config 0 descriptor??
[  731.363545][T18622] IPVS: lc: FWM 3 0x00000003 - no destination available
[  731.407365][    C1] IPVS: lc: FWM 3 0x00000003 - no destination available
[  731.445160][   T24] IPVS: starting estimator thread 0...
[  731.534241][T18623] IPVS: using max 21 ests per chain, 50400 per kthread
[  731.644730][T18615] loop1: detected capacity change from 0 to 65536
[  731.654176][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  731.690154][T18627] 9pnet_fd: Insufficient options for proto=fd
[  731.717129][T18615] XFS (loop1): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  731.770231][T18615] XFS (loop1): Ending clean mount
[  731.892118][T18642] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  731.952507][ T5874] XFS (loop1): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  731.960759][   T24] usb 5-1: USB disconnect, device number 16
[  732.002948][   T36] nci: nci_rsp_packet: unknown rsp opcode 0x15
[  732.706600][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  733.373173][ T5879] Bluetooth: hci1: command 0x0406 tx timeout
[  733.538157][T18671] netlink: 4 bytes leftover after parsing attributes in process `syz.4.4601'.
[  733.540850][T18667] vivid-007: =================  START STATUS  =================
[  733.651420][T18667] vivid-007: Enable Output Cropping: true grabbed
[  733.693189][T18667] vivid-007: Enable Output Composing: true grabbed
[  733.699866][T18667] vivid-007: Enable Output Scaler: true grabbed
[  733.733345][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  733.769421][T18667] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  733.822042][T18667] vivid-007: Transmit Mode: HDMI grabbed
[  733.867880][T18667] vivid-007: Hotplug Present: 0x00000000
[  733.910129][T18667] vivid-007: RxSense Present: 0x00000000
[  733.952973][T18667] vivid-007: EDID Present: 0x00000000
[  733.958445][T18667] vivid-007: ==================  END STATUS  ==================
[  734.338886][T18690] netlink: 40 bytes leftover after parsing attributes in process `syz.4.4619'.
[  734.373895][T18692] binder_alloc: binder_alloc_mmap_handler: 18691 200000ffc000-200001000000 already mapped failed -16
[  734.782495][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  735.143773][T18717] loop4: detected capacity change from 0 to 256
[  735.151980][T18718] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  735.212485][T18717] exfat: Deprecated parameter 'namecase'
[  735.254038][T18717] exfat: Deprecated parameter 'utf8'
[  735.340435][T18717] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d)
[  735.811869][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  736.776540][T18743] netlink: 4 bytes leftover after parsing attributes in process `syz.5.4629'.
[  736.861295][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  737.191763][T18732] loop9: detected capacity change from 0 to 32768
[  737.220981][T18732] BTRFS: device fsid c6b85f58-0c7e-41ca-a553-c8d9f94f6663 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4625 (18732)
[  737.315910][T18732] BTRFS info (device loop9): first mount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  737.350732][T18732] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[  737.579175][T18732] BTRFS info (device loop9): enabling ssd optimizations
[  737.617214][T18732] BTRFS info (device loop9): enabling free space tree
[  737.651580][T18732] BTRFS info (device loop9): use lzo compression, level 1
[  737.900705][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  738.112012][T18787] loop5: detected capacity change from 0 to 128
[  738.157417][T15964] BTRFS info (device loop9): last unmount of filesystem c6b85f58-0c7e-41ca-a553-c8d9f94f6663
[  738.176240][T18787] UDF-fs: error (device loop5): udf_read_tagged: read failed, block=256, location=256
[  738.306353][T18792] loop4: detected capacity change from 0 to 256
[  738.336965][T18792] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  738.417233][T18792] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[  738.493488][T18792] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  738.619769][T18792] exFAT-fs (loop4): abnormal access to deleted dentry
[  738.940121][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  739.072795][T18803] loop5: detected capacity change from 0 to 256
[  739.373090][T18813] loop4: detected capacity change from 0 to 512
[  739.390354][T18813] EXT4-fs: Ignoring removed oldalloc option
[  739.483968][T18813] EXT4-fs (loop4): 1 truncate cleaned up
[  739.588140][T18813] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  739.969584][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  740.407488][T18826] openvswitch: netlink: IPv4 tun info is not correct
[  740.545229][T17270] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  741.008981][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  742.049214][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  742.134045][T18868] loop5: detected capacity change from 0 to 256
[  742.168300][T18868] exfat: Deprecated parameter 'namecase'
[  742.187820][T18868] exfat: Deprecated parameter 'utf8'
[  742.283868][T18868] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x22785e93, utbl_chksum : 0xe619d30d)
[  743.087817][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  743.543626][T18867] loop4: detected capacity change from 0 to 32768
[  743.607754][T18867] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.4686 (18867)
[  743.671867][T18887] loop9: detected capacity change from 0 to 4096
[  743.678311][T18867] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  743.699565][T18867] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  743.729660][T18887] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (16), stripe is disabled
[  743.791854][T18887] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  743.815209][T18871] loop1: detected capacity change from 0 to 40427
[  743.877701][T18871] F2FS-fs (loop1): invalid crc value
[  743.982953][T15964] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  744.054942][T18867] BTRFS info (device loop4): enabling ssd optimizations
[  744.090449][T18867] BTRFS info (device loop4): enabling free space tree
[  744.091758][T18871] F2FS-fs (loop1): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  744.127226][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  744.135890][T18871] F2FS-fs (loop1): Start checkpoint disabled!
[  744.190795][T18871] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[  744.346833][T18871] syz.1.4688: attempt to access beyond end of device
[  744.346833][T18871] loop1: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  744.356589][T18925] netlink: 4 bytes leftover after parsing attributes in process `syz.3.4689'.
[  744.413410][   T30] audit: type=1804 audit(1758452216.108:787): pid=18927 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.4688" name="/newroot/765/file1/file1" dev="loop1" ino=10 res=1 errno=0
[  744.463498][T18927] syz.1.4688: attempt to access beyond end of device
[  744.463498][T18927] loop1: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  744.649398][T17270] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  744.754408][ T1149] kworker/u8:8: attempt to access beyond end of device
[  744.754408][ T1149] loop1: rw=2049, sector=45224, nr_sectors = 8 limit=40427
[  744.810523][ T1149] CPU: 0 UID: 0 PID: 1149 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  744.810574][ T1149] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  744.810600][ T1149] Workqueue: writeback wb_workfn (flush-7:1)
[  744.810663][ T1149] Call Trace:
[  744.810675][ T1149]  <TASK>
[  744.810690][ T1149]  dump_stack_lvl+0x16c/0x1f0
[  744.810753][ T1149]  f2fs_handle_critical_error+0x624/0x9f0
[  744.810806][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.810852][ T1149]  ? f2fs_build_fault_attr+0x53/0x1f0
[  744.810906][ T1149]  f2fs_write_end_io+0x958/0xcf0
[  744.810963][ T1149]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  744.811022][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.811080][ T1149]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  744.811131][ T1149]  bio_endio+0x713/0x860
[  744.811199][ T1149]  submit_bio_noacct+0x306/0x1ed0
[  744.811265][ T1149]  __submit_merged_bio+0x33c/0x770
[  744.811323][ T1149]  __submit_merged_write_cond+0x319/0x3f0
[  744.811389][ T1149]  f2fs_write_cache_pages+0x2067/0x2570
[  744.811485][ T1149]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  744.811559][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.811613][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.811657][ T1149]  ? __lock_acquire+0x62e/0x1ce0
[  744.811816][ T1149]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  744.811872][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.811916][ T1149]  ? arch_stack_walk+0x94/0x100
[  744.811964][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.812018][ T1149]  f2fs_write_data_pages+0x4ad/0xd90
[  744.812088][ T1149]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  744.812162][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.812206][ T1149]  ? __lock_acquire+0xb97/0x1ce0
[  744.812268][ T1149]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  744.812331][ T1149]  do_writepages+0x27a/0x600
[  744.812388][ T1149]  ? __pfx_do_writepages+0x10/0x10
[  744.812435][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.812483][ T1149]  ? reacquire_held_locks+0xcd/0x1f0
[  744.812541][ T1149]  ? writeback_sb_inodes+0x3b0/0xfa0
[  744.812600][ T1149]  __writeback_single_inode+0x160/0xfb0
[  744.812656][ T1149]  ? __pfx___writeback_single_inode+0x10/0x10
[  744.812706][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.812750][ T1149]  ? do_raw_spin_unlock+0x172/0x230
[  744.812792][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.812844][ T1149]  writeback_sb_inodes+0x60d/0xfa0
[  744.812923][ T1149]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  744.812976][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813020][ T1149]  ? do_raw_spin_lock+0x12c/0x2b0
[  744.813133][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813178][ T1149]  ? rcu_is_watching+0x12/0xc0
[  744.813224][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813268][ T1149]  ? queue_io+0x3f6/0x520
[  744.813317][ T1149]  wb_writeback+0x419/0xb70
[  744.813380][ T1149]  ? __pfx_wb_writeback+0x10/0x10
[  744.813426][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813491][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813535][ T1149]  ? mark_held_locks+0x49/0x80
[  744.813602][ T1149]  wb_workfn+0x14d/0xbe0
[  744.813660][ T1149]  ? _raw_spin_unlock_irqrestore+0x3b/0x80
[  744.813720][ T1149]  ? __pfx_wb_workfn+0x10/0x10
[  744.813777][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813826][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813878][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.813921][ T1149]  ? rcu_is_watching+0x12/0xc0
[  744.813977][ T1149]  process_one_work+0x9cf/0x1b70
[  744.814043][ T1149]  ? __pfx_process_one_work+0x10/0x10
[  744.814085][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.814143][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.814187][ T1149]  ? assign_work+0x1a0/0x250
[  744.814231][ T1149]  worker_thread+0x6c8/0xf10
[  744.814299][ T1149]  ? __pfx_worker_thread+0x10/0x10
[  744.814341][ T1149]  kthread+0x3c5/0x780
[  744.814381][ T1149]  ? __pfx_kthread+0x10/0x10
[  744.814421][ T1149]  ? srso_alias_return_thunk+0x5/0xfbef5
[  744.814470][ T1149]  ? rcu_is_watching+0x12/0xc0
[  744.814518][ T1149]  ? __pfx_kthread+0x10/0x10
[  744.814559][ T1149]  ret_from_fork+0x56d/0x730
[  744.814593][ T1149]  ? __pfx_kthread+0x10/0x10
[  744.814633][ T1149]  ret_from_fork_asm+0x1a/0x30
[  744.814707][ T1149]  </TASK>
[  744.814721][ T1149] F2FS-fs (loop1): Stopped filesystem due to reason: 3
[  745.171359][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  746.034115][T18921] loop9: detected capacity change from 0 to 40427
[  746.173813][T18952] vivid-007: =================  START STATUS  =================
[  746.205953][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  746.236169][T18952] vivid-007: Enable Output Cropping: true grabbed
[  746.275167][T18952] vivid-007: Enable Output Composing: true grabbed
[  746.286424][  T973] usb 3-1: new high-speed USB device number 35 using dummy_hcd
[  746.323073][T18952] vivid-007: Enable Output Scaler: true grabbed
[  746.365889][T18952] vivid-007: Tx RGB Quantization Range: Automatic grabbed
[  746.385708][T18921] F2FS-fs (loop9): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  746.424076][T18952] vivid-007: Transmit Mode: HDMI grabbed
[  746.431292][T18921] F2FS-fs (loop9): Mounted with checkpoint version = 48b305e5
[  746.456852][T18952] vivid-007: Hotplug Present: 0x00000000
[  746.487342][  T973] usb 3-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  746.509129][T18952] vivid-007: RxSense Present: 0x00000000
[  746.514848][T18952] vivid-007: EDID Present: 0x00000000
[  746.520435][  T973] usb 3-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  746.565828][T18952] vivid-007: ==================  END STATUS  ==================
[  746.609372][  T973] usb 3-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  746.658032][  T973] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  746.702738][T18946] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22
[  746.722842][  T973] usb 3-1: Quirk or no altset; falling back to MIDI 1.0
[  746.742120][T15964] syz-executor: attempt to access beyond end of device
[  746.742120][T15964] loop9: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  746.781214][T15964] CPU: 0 UID: 0 PID: 15964 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  746.781265][T15964] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  746.781289][T15964] Call Trace:
[  746.781302][T15964]  <TASK>
[  746.781317][T15964]  dump_stack_lvl+0x16c/0x1f0
[  746.781385][T15964]  f2fs_handle_critical_error+0x624/0x9f0
[  746.781439][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.781486][T15964]  ? f2fs_build_fault_attr+0x53/0x1f0
[  746.781541][T15964]  f2fs_write_end_io+0x958/0xcf0
[  746.781601][T15964]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  746.781661][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.781725][T15964]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  746.781777][T15964]  bio_endio+0x713/0x860
[  746.781844][T15964]  submit_bio_noacct+0x306/0x1ed0
[  746.781907][T15964]  __submit_merged_bio+0x33c/0x770
[  746.781969][T15964]  __submit_merged_write_cond+0x319/0x3f0
[  746.782037][T15964]  f2fs_write_cache_pages+0x2067/0x2570
[  746.782132][T15964]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  746.782206][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.782251][T15964]  ? __lock_acquire+0x62e/0x1ce0
[  746.782326][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.782396][T15964]  ? __lock_acquire+0x62e/0x1ce0
[  746.782504][T15964]  ? __pfx_stack_trace_consume_entry+0x10/0x10
[  746.782606][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.782663][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.782724][T15964]  f2fs_write_data_pages+0x4ad/0xd90
[  746.782795][T15964]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  746.782854][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.782913][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.782965][T15964]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  746.783029][T15964]  do_writepages+0x27a/0x600
[  746.783087][T15964]  ? __pfx_do_writepages+0x10/0x10
[  746.783133][T15964]  ? do_raw_spin_unlock+0x172/0x230
[  746.783177][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.783221][T15964]  ? _raw_spin_unlock+0x28/0x50
[  746.783280][T15964]  filemap_fdatawrite_wbc+0x104/0x160
[  746.783335][T15964]  __filemap_fdatawrite_range+0xb9/0x100
[  746.783399][T15964]  ? __pfx___filemap_fdatawrite_range+0x10/0x10
[  746.783531][T15964]  ? find_held_lock+0x2b/0x80
[  746.783583][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.783630][T15964]  ? do_raw_spin_unlock+0x172/0x230
[  746.783674][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.783734][T15964]  f2fs_sync_dirty_inodes+0x2a9/0x990
[  746.783823][T15964]  block_operations+0x2b0/0xfe0
[  746.783894][T15964]  ? __pfx___schedule+0x10/0x10
[  746.783954][T15964]  ? __pfx_block_operations+0x10/0x10
[  746.784085][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.784130][T15964]  ? down_write+0x14d/0x200
[  746.784169][T15964]  ? __pfx_down_write+0x10/0x10
[  746.784211][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.784256][T15964]  ? rcu_is_watching+0x12/0xc0
[  746.784313][T15964]  f2fs_write_checkpoint+0x2b8/0x4c60
[  746.784361][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.784406][T15964]  ? kfree+0x2b4/0x4d0
[  746.784452][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.784503][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.784548][T15964]  ? rcu_is_watching+0x12/0xc0
[  746.784594][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.784639][T15964]  ? kthread_stop+0x273/0x630
[  746.784682][T15964]  kill_f2fs_super+0x3c2/0x470
[  746.784728][T15964]  ? __pfx_kill_f2fs_super+0x10/0x10
[  746.784764][T15964]  ? lockdep_hardirqs_on+0x7c/0x110
[  746.784846][T15964]  deactivate_locked_super+0xc1/0x1a0
[  746.784907][T15964]  deactivate_super+0xde/0x100
[  746.784967][T15964]  cleanup_mnt+0x225/0x450
[  746.785033][T15964]  task_work_run+0x150/0x240
[  746.785078][T15964]  ? __pfx_task_work_run+0x10/0x10
[  746.785118][T15964]  ? srso_alias_return_thunk+0x5/0xfbef5
[  746.785167][T15964]  ? __pfx___x64_sys_umount+0x10/0x10
[  746.785217][T15964]  exit_to_user_mode_loop+0xeb/0x110
[  746.785262][T15964]  do_syscall_64+0x41c/0x4e0
[  746.785301][T15964]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  746.785340][T15964] RIP: 0033:0x7fa3b8d8ff57
[  746.785370][T15964] Code: a8 ff ff ff f7 d8 64 89 01 48 83 c8 ff c3 0f 1f 44 00 00 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 a8 ff ff ff f7 d8 64 89 02 b8
[  746.785408][T15964] RSP: 002b:00007ffca2a75578 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  746.785444][T15964] RAX: 0000000000000000 RBX: 00007fa3b8e11c2d RCX: 00007fa3b8d8ff57
[  746.785469][T15964] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffca2a75630
[  746.785493][T15964] RBP: 00007ffca2a75630 R08: 0000000000000000 R09: 0000000000000000
[  746.785517][T15964] R10: 00000000ffffffff R11: 0000000000000246 R12: 00007ffca2a766c0
[  746.785542][T15964] R13: 00007fa3b8e11c2d R14: 00000000000b649d R15: 00007ffca2a76700
[  746.785597][T15964]  </TASK>
[  747.245380][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  747.355891][T15964] F2FS-fs (loop9): Stopped filesystem due to reason: 3
[  747.528951][  T973] usb 3-1: USB disconnect, device number 35
[  748.284818][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  748.618692][ T5879] Bluetooth: hci2: command 0x0406 tx timeout
[  748.656832][T18983] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  748.977391][T18984] loop5: detected capacity change from 0 to 4096
[  749.058451][T18984] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  749.324239][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  749.469919][T16191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  749.885814][T19008] netlink: 212376 bytes leftover after parsing attributes in process `syz.3.4716'.
[  750.230433][T19021] ip6gre1: entered allmulticast mode
[  750.363783][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  750.874969][T19036] loop9: detected capacity change from 0 to 64
[  750.880450][   T30] audit: type=1326 audit(1758452222.571:788): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  750.903555][    C1] vkms_vblank_simulate: vblank timer overrun
[  750.928178][T19034] loop4: detected capacity change from 0 to 2048
[  750.933553][   T30] audit: type=1326 audit(1758452222.571:789): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.002932][T19034] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  751.044192][   T30] audit: type=1326 audit(1758452222.591:790): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.118169][   T30] audit: type=1326 audit(1758452222.591:791): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.159507][T19034] overlayfs: upper fs needs to support d_type.
[  751.192141][   T30] audit: type=1326 audit(1758452222.591:792): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.239949][T19034] overlayfs: upper fs does not support RENAME_WHITEOUT.
[  751.259439][T19034] overlayfs: failed to set xattr on upper
[  751.290398][T19034] overlayfs: ...falling back to redirect_dir=nofollow.
[  751.320008][T19034] overlayfs: ...falling back to index=off.
[  751.330113][   T30] audit: type=1326 audit(1758452222.591:793): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.333769][T19034] overlayfs: ...falling back to uuid=null.
[  751.352492][    C1] vkms_vblank_simulate: vblank timer overrun
[  751.403084][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  751.436265][   T30] audit: type=1326 audit(1758452222.591:794): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.469836][T19031] UDF-fs: warning (device loop4): udf_truncate_tail_extent: Too long extent after EOF in inode 1374: i_size: 0 lbcount: 512 extent 64+512
[  751.497046][   T30] audit: type=1326 audit(1758452222.591:795): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.519499][    C1] vkms_vblank_simulate: vblank timer overrun
[  751.579937][   T30] audit: type=1326 audit(1758452222.591:796): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.602529][    C1] vkms_vblank_simulate: vblank timer overrun
[  751.624397][   T30] audit: type=1326 audit(1758452222.591:797): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19032 comm="syz.2.4734" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f50aab8ec29 code=0x7ffc0000
[  751.668856][T17270] UDF-fs: error (device loop4): udf_read_inode: (ino 1440) failed !bh
[  751.698802][T17270] UDF-fs: error (device loop4): udf_read_inode: (ino 1440) failed !bh
[  752.179363][ T1149] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  752.368709][ T1149] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  752.442498][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  752.649336][ T1149] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  752.763208][T19070] loop2: detected capacity change from 0 to 512
[  752.859271][T19070] EXT4-fs warning (device loop2): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  752.907633][T19070] EXT4-fs warning (device loop2): dx_probe:848: Enable large directory feature to access it
[  753.002235][T19070] EXT4-fs warning (device loop2): dx_probe:933: inode #2: comm syz.2.4751: Corrupt directory, running e2fsck is recommended
[  753.041071][T19070] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -117
[  753.069357][T19070] EXT4-fs error (device loop2): ext4_iget_extra_inode:5103: inode #15: comm syz.2.4751: corrupted in-inode xattr: invalid ea_ino
[  753.090551][T19070] EXT4-fs (loop2): Remounting filesystem read-only
[  753.099713][T19070] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  753.233081][T19062] netdevsim netdevsim3 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  753.273837][T19070] EXT4-fs warning (device loop2): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  753.286985][T19062] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.315633][T19070] EXT4-fs warning (device loop2): dx_probe:848: Enable large directory feature to access it
[  753.344894][T19070] EXT4-fs warning (device loop2): dx_probe:933: inode #2: comm syz.2.4751: Corrupt directory, running e2fsck is recommended
[  753.398104][T19084] EXT4-fs warning (device loop2): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  753.433909][T19084] EXT4-fs warning (device loop2): dx_probe:848: Enable large directory feature to access it
[  753.466600][T19084] EXT4-fs warning (device loop2): dx_probe:933: inode #2: comm syz.2.4751: Corrupt directory, running e2fsck is recommended
[  753.482048][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  753.494708][T19088] EXT4-fs warning (device loop2): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  753.512788][T19088] EXT4-fs warning (device loop2): dx_probe:848: Enable large directory feature to access it
[  753.534008][T19070] EXT4-fs warning (device loop2): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  753.545797][T19088] EXT4-fs warning (device loop2): dx_probe:933: inode #2: comm syz.2.4751: Corrupt directory, running e2fsck is recommended
[  753.562964][ T1149] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.649430][ T5869] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  753.718400][ T5879] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  753.742081][ T5879] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  753.744398][T19062] netdevsim netdevsim3 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  753.751885][ T6012] usb 10-1: new full-speed USB device number 8 using dummy_hcd
[  753.767720][ T5879] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  753.781310][ T5879] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  753.788612][T19062] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  753.810806][ T5879] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  753.945484][ T6012] usb 10-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  753.994049][ T6012] usb 10-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  754.027820][ T6012] usb 10-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  754.041161][T19062] netdevsim netdevsim3 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  754.071749][ T6012] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  754.077775][T19062] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.097849][T19098] input: syz0 as /devices/virtual/input/input74
[  754.316112][ T6012] usb 10-1: usb_control_msg returned -32
[  754.332087][ T6012] usbtmc 10-1:16.0: can't read capabilities
[  754.362235][T19102] netlink: 276 bytes leftover after parsing attributes in process `syz.1.4763'.
[  754.374164][T19102] netlink: 276 bytes leftover after parsing attributes in process `syz.1.4763'.
[  754.435855][T19062] netdevsim netdevsim3 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  754.467639][T19062] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  754.521467][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  754.785305][T19106] loop1: detected capacity change from 0 to 4096
[  754.821932][T19106] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  755.078110][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  755.129083][T19104] loop5: detected capacity change from 0 to 40427
[  755.147684][T19104] F2FS-fs (loop5): invalid crc value
[  755.154845][ T1149] bridge_slave_1: left allmulticast mode
[  755.172599][ T1149] bridge_slave_1: left promiscuous mode
[  755.178597][ T1149] bridge0: port 2(bridge_slave_1) entered disabled state
[  755.200828][ T1149] bridge_slave_0: left allmulticast mode
[  755.206756][ T1149] bridge_slave_0: left promiscuous mode
[  755.221335][ T1149] bridge0: port 1(bridge_slave_0) entered disabled state
[  755.330056][T19104] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  755.351088][T19104] F2FS-fs (loop5): Start checkpoint disabled!
[  755.373811][T19104] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  755.463101][T19104] syz.5.4764: attempt to access beyond end of device
[  755.463101][T19104] loop5: rw=2049, sector=77824, nr_sectors = 136 limit=40427
[  755.488829][T19104] syz.5.4764: attempt to access beyond end of device
[  755.488829][T19104] loop5: rw=2049, sector=45096, nr_sectors = 128 limit=40427
[  755.560758][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  755.570840][   T24] usb 2-1: new high-speed USB device number 55 using dummy_hcd
[  755.594856][ T1083] kworker/u8:5: attempt to access beyond end of device
[  755.594856][ T1083] loop5: rw=2049, sector=45224, nr_sectors = 8 limit=40427
[  755.611124][ T1083] CPU: 1 UID: 0 PID: 1083 Comm: kworker/u8:5 Not tainted syzkaller #0 PREEMPT(full) 
[  755.611169][ T1083] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  755.611193][ T1083] Workqueue: writeback wb_workfn (flush-7:5)
[  755.611254][ T1083] Call Trace:
[  755.611267][ T1083]  <TASK>
[  755.611281][ T1083]  dump_stack_lvl+0x16c/0x1f0
[  755.611344][ T1083]  f2fs_handle_critical_error+0x624/0x9f0
[  755.611395][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.611440][ T1083]  ? f2fs_build_fault_attr+0x53/0x1f0
[  755.611501][ T1083]  f2fs_write_end_io+0x958/0xcf0
[  755.611559][ T1083]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  755.611618][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.611675][ T1083]  ? __pfx_f2fs_write_end_io+0x10/0x10
[  755.611725][ T1083]  bio_endio+0x713/0x860
[  755.611791][ T1083]  submit_bio_noacct+0x306/0x1ed0
[  755.611854][ T1083]  __submit_merged_bio+0x33c/0x770
[  755.611913][ T1083]  __submit_merged_write_cond+0x319/0x3f0
[  755.611981][ T1083]  f2fs_write_cache_pages+0x2067/0x2570
[  755.612075][ T1083]  ? __pfx_f2fs_write_cache_pages+0x10/0x10
[  755.612144][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.612188][ T1083]  ? ieee80211_inform_bss+0x781/0x1140
[  755.612246][ T1083]  ? __pfx_ieee80211_inform_bss+0x10/0x10
[  755.612314][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.612435][ T1083]  ? __schedule+0x11a3/0x5de0
[  755.612486][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.612535][ T1083]  ? finish_task_switch.isra.0+0x221/0xc10
[  755.612582][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.612635][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.612689][ T1083]  f2fs_write_data_pages+0x4ad/0xd90
[  755.612759][ T1083]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  755.612834][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.612877][ T1083]  ? __lock_acquire+0xb97/0x1ce0
[  755.612940][ T1083]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  755.613004][ T1083]  do_writepages+0x27a/0x600
[  755.613061][ T1083]  ? __pfx_do_writepages+0x10/0x10
[  755.613106][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.613150][ T1083]  ? reacquire_held_locks+0xcd/0x1f0
[  755.613209][ T1083]  ? writeback_sb_inodes+0x3b0/0xfa0
[  755.613267][ T1083]  __writeback_single_inode+0x160/0xfb0
[  755.613323][ T1083]  ? __pfx___writeback_single_inode+0x10/0x10
[  755.613364][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.613402][ T1083]  ? do_raw_spin_unlock+0x172/0x230
[  755.613438][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.613488][ T1083]  writeback_sb_inodes+0x60d/0xfa0
[  755.613573][ T1083]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  755.613627][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.613671][ T1083]  ? do_raw_spin_lock+0x12c/0x2b0
[  755.613786][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.613830][ T1083]  ? rcu_is_watching+0x12/0xc0
[  755.613877][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.613921][ T1083]  ? queue_io+0x3f6/0x520
[  755.613972][ T1083]  wb_writeback+0x419/0xb70
[  755.614035][ T1083]  ? __pfx_wb_writeback+0x10/0x10
[  755.614082][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614140][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614184][ T1083]  ? mark_held_locks+0x49/0x80
[  755.614251][ T1083]  wb_workfn+0x14d/0xbe0
[  755.614308][ T1083]  ? try_to_wake_up+0x160/0x1870
[  755.614355][ T1083]  ? __pfx_wb_workfn+0x10/0x10
[  755.614411][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614461][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614530][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614573][ T1083]  ? rcu_is_watching+0x12/0xc0
[  755.614629][ T1083]  process_one_work+0x9cf/0x1b70
[  755.614689][ T1083]  ? __pfx_batadv_nc_worker+0x10/0x10
[  755.614743][ T1083]  ? __pfx_process_one_work+0x10/0x10
[  755.614785][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614843][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.614887][ T1083]  ? assign_work+0x1a0/0x250
[  755.614931][ T1083]  worker_thread+0x6c8/0xf10
[  755.615001][ T1083]  ? __pfx_worker_thread+0x10/0x10
[  755.615042][ T1083]  kthread+0x3c5/0x780
[  755.615082][ T1083]  ? __pfx_kthread+0x10/0x10
[  755.615122][ T1083]  ? srso_alias_return_thunk+0x5/0xfbef5
[  755.615165][ T1083]  ? rcu_is_watching+0x12/0xc0
[  755.615212][ T1083]  ? __pfx_kthread+0x10/0x10
[  755.615253][ T1083]  ret_from_fork+0x56d/0x730
[  755.615287][ T1083]  ? __pfx_kthread+0x10/0x10
[  755.615326][ T1083]  ret_from_fork_asm+0x1a/0x30
[  755.615401][ T1083]  </TASK>
[  755.615415][ T1083] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  755.889915][T18100] Bluetooth: hci3: command tx timeout
[  755.980849][   T24] usb 2-1: Using ep0 maxpacket: 8
[  756.070181][   T24] usb 2-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  756.080083][   T24] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  756.095528][   T24] usb 2-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  756.105642][   T24] usb 2-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  756.133989][   T24] usb 2-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  756.146922][   T24] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  756.338650][ T1149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  756.358299][ T1149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  756.377205][   T24] usb 2-1: GET_CAPABILITIES returned 0
[  756.381181][ T1149] bond0 (unregistering): Released all slaves
[  756.382921][   T24] usbtmc 2-1:16.0: can't read capabilities
[  756.420424][T17484] netdevsim netdevsim3 eth0: set [0, 0] type 1 family 0 port 8472 - 0
[  756.429088][T17484] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  756.509853][ T5956] usb 10-1: USB disconnect, device number 8
[  756.600186][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  756.617685][ T3464] netdevsim netdevsim3 eth1: set [0, 0] type 1 family 0 port 8472 - 0
[  756.634181][ T3464] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  756.649709][   T24] usb 2-1: USB disconnect, device number 55
[  756.771743][ T1301] ieee802154 phy0 wpan0: encryption failed: -22
[  756.778094][ T1301] ieee802154 phy1 wpan1: encryption failed: -22
[  756.872123][T17484] netdevsim netdevsim3 eth2: set [0, 0] type 1 family 0 port 8472 - 0
[  756.882839][T17484] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  757.053297][T17484] netdevsim netdevsim3 eth3: set [0, 0] type 1 family 0 port 8472 - 0
[  757.069983][T17484] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  757.495658][T19135] loop9: detected capacity change from 0 to 32768
[  757.591539][T19135] XFS (loop9): Mounting V5 Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  757.639608][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  757.649803][ T1149] hsr_slave_0: left promiscuous mode
[  757.688334][ T1149] hsr_slave_1: left promiscuous mode
[  757.708993][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  757.716541][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_0
[  757.736046][ T1149] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  757.748664][ T1149] batman_adv: batadv0: Removing interface: batadv_slave_1
[  757.799185][T19135] XFS (loop9): Ending clean mount
[  757.809661][T19135] XFS (loop9): Quotacheck needed: Please wait.
[  757.812033][ T1149] veth1_macvtap: left promiscuous mode
[  757.879924][ T1149] veth0_macvtap: left promiscuous mode
[  757.885646][ T1149] veth1_vlan: left promiscuous mode
[  757.890608][T19135] XFS (loop9): Quotacheck: Done.
[  757.930004][ T1149] veth0_vlan: left promiscuous mode
[  758.028792][T15964] XFS (loop9): Unmounting Filesystem c496e05e-540d-4c72-b591-04d79d8b4eeb
[  758.048497][T18100] Bluetooth: hci3: command tx timeout
[  758.221408][T19164] loop5: detected capacity change from 0 to 512
[  758.279913][T19164] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  758.339666][T19164] ext4 filesystem being mounted at /150/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  758.679168][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  758.766987][T16191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  759.008400][T19176] loop9: detected capacity change from 0 to 32768
[  759.016211][T19176] btrfs: Deprecated parameter 'usebackuproot'
[  759.022378][T19176] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  759.032133][T19176] btrfs: Deprecated parameter 'usebackuproot'
[  759.038222][T19176] BTRFS warning: 'usebackuproot' is deprecated, use 'rescue=usebackuproot' instead
[  759.048613][T19176] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4783 (19176)
[  759.070474][T19176] BTRFS info (device loop9): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  759.080677][T19176] BTRFS info (device loop9): using sha256 (sha256-lib) checksum algorithm
[  759.090471][T19176] workqueue: max_active 40574 requested for btrfs-worker is out of range, clamping between 1 and 2048
[  759.106416][T19176] workqueue: max_active 40574 requested for btrfs-delalloc is out of range, clamping between 1 and 2048
[  759.175538][T19176] workqueue: max_active 40574 requested for btrfs-endio is out of range, clamping between 1 and 2048
[  759.195759][T19176] workqueue: max_active 40574 requested for btrfs-endio-meta is out of range, clamping between 1 and 2048
[  759.219439][T19176] workqueue: max_active 40574 requested for btrfs-rmw is out of range, clamping between 1 and 2048
[  759.241873][T19176] workqueue: max_active 40574 requested for btrfs-endio-write is out of range, clamping between 1 and 2048
[  759.258468][T19176] workqueue: max_active 40574 requested for btrfs-compressed-write is out of range, clamping between 1 and 2048
[  759.315715][T19176] BTRFS info (device loop9): rebuilding free space tree
[  759.333625][T19176] BTRFS info (device loop9): setting nodatasum
[  759.340093][T19176] BTRFS info (device loop9): enabling ssd optimizations
[  759.347070][T19176] BTRFS info (device loop9): enabling free space tree
[  759.354021][T19176] BTRFS info (device loop9): force clearing of disk cache
[  759.361690][T19176] BTRFS info (device loop9): doing ref verification
[  759.368301][T19176] BTRFS info (device loop9): trying to use backup root at mount time
[  759.625370][T15964] BTRFS info (device loop9): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  759.718440][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  760.001402][T19188] loop5: detected capacity change from 0 to 32768
[  760.033828][T19188] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.4785 (19188)
[  760.077406][T19188] BTRFS info (device loop5): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  760.089366][T19188] BTRFS info (device loop5): using blake2b (blake2b-256-generic) checksum algorithm
[  760.118928][T18100] Bluetooth: hci3: command tx timeout
[  760.275732][T19224] loop9: detected capacity change from 0 to 128
[  760.301780][   T30] kauditd_printk_skb: 5 callbacks suppressed
[  760.301803][   T30] audit: type=1800 audit(1758452232.006:803): pid=19224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.9.4792" name="bus" dev="loop9" ino=1048741 res=0 errno=0
[  760.305322][T19188] BTRFS info (device loop5): enabling ssd optimizations
[  760.317657][   T30] audit: type=1804 audit(1758452232.016:804): pid=19224 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.9.4792" name="/newroot/186/file0/bus" dev="loop9" ino=1048741 res=1 errno=0
[  760.331993][ T1149] team0 (unregistering): Port device team_slave_1 removed
[  760.338190][T19188] BTRFS info (device loop5): enabling free space tree
[  760.480006][ T1149] team0 (unregistering): Port device team_slave_0 removed
[  760.528877][   T24] usb 2-1: new high-speed USB device number 56 using dummy_hcd
[  760.599480][T19229] loop9: detected capacity change from 0 to 512
[  760.602438][T16191] BTRFS info (device loop5): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  760.624913][T19229] EXT4-fs warning (device loop9): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  760.649726][T19229] EXT4-fs warning (device loop9): dx_probe:848: Enable large directory feature to access it
[  760.670841][T19229] EXT4-fs warning (device loop9): dx_probe:933: inode #2: comm syz.9.4794: Corrupt directory, running e2fsck is recommended
[  760.686049][T19229] EXT4-fs (loop9): Cannot turn on journaled quota: type 1: error -117
[  760.695655][T19229] EXT4-fs error (device loop9): ext4_iget_extra_inode:5103: inode #15: comm syz.9.4794: corrupted in-inode xattr: invalid ea_ino
[  760.714510][   T24] usb 2-1: Using ep0 maxpacket: 16
[  760.726429][T19229] EXT4-fs (loop9): Remounting filesystem read-only
[  760.733946][   T24] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  760.744513][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  760.750428][T19229] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  760.756074][   T24] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x2 has invalid wMaxPacketSize 0
[  760.767921][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  760.777510][   T24] usb 2-1: config 0 interface 0 altsetting 0 bulk endpoint 0x2 has invalid maxpacket 0
[  760.802272][   T24] usb 2-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  760.817489][   T24] usb 2-1: New USB device found, idVendor=2040, idProduct=b138, bcdDevice= 1.42
[  760.863903][   T24] usb 2-1: New USB device strings: Mfr=4, Product=0, SerialNumber=0
[  760.872301][T19229] EXT4-fs warning (device loop9): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  760.895980][   T24] usb 2-1: Manufacturer: syz
[  760.902722][T19229] EXT4-fs warning (device loop9): dx_probe:848: Enable large directory feature to access it
[  760.914580][   T24] usb 2-1: config 0 descriptor??
[  760.924830][T19229] EXT4-fs warning (device loop9): dx_probe:933: inode #2: comm syz.9.4794: Corrupt directory, running e2fsck is recommended
[  760.947042][T19229] EXT4-fs warning (device loop9): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  760.967791][T19229] EXT4-fs warning (device loop9): dx_probe:848: Enable large directory feature to access it
[  760.978155][T19229] EXT4-fs warning (device loop9): dx_probe:933: inode #2: comm syz.9.4794: Corrupt directory, running e2fsck is recommended
[  761.014011][T19231] EXT4-fs warning (device loop9): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  761.026137][T19231] EXT4-fs warning (device loop9): dx_probe:848: Enable large directory feature to access it
[  761.037988][T19231] EXT4-fs warning (device loop9): dx_probe:933: inode #2: comm syz.9.4794: Corrupt directory, running e2fsck is recommended
[  761.067312][T19229] EXT4-fs warning (device loop9): dx_probe:843: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  761.227263][T15964] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.280309][   T24] rc_core: IR keymap rc-hauppauge not found
[  761.292546][   T24] Registered IR keymap rc-empty
[  761.297608][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.334477][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.359622][   T24] rc rc0: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0
[  761.393559][   T24] input: Conexant Hybrid TV (cx231xx) MCE IR no TX as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/rc/rc0/input75
[  761.422633][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.445971][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.478592][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.508838][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.519114][T19239] loop5: detected capacity change from 0 to 512
[  761.537879][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.548410][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.582078][T19239] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  761.594853][T19239] ext4 filesystem being mounted at /153/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  761.597945][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.668723][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.698843][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.741838][   T24] mceusb 2-1:0.0: Error: mce write submit urb error = -90
[  761.780865][   T24] mceusb 2-1:0.0: Registered 424242424242 with mce emulator interface version 1
[  761.796714][   T24] mceusb 2-1:0.0: 2 tx ports (0x0 cabled) and 2 rx sensors (0x0 active)
[  761.797296][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  761.813895][   T24] usb 2-1: USB disconnect, device number 56
[  761.875608][T16191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  761.888404][T19246] trusted_key: syz.9.4799 sent an empty control message without MSG_MORE.
[  762.197193][T18100] Bluetooth: hci3: command tx timeout
[  762.284060][T19090] chnl_net:caif_netlink_parms(): no params data found
[  762.814784][T19090] bridge0: port 1(bridge_slave_0) entered blocking state
[  762.836986][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  762.845887][T19090] bridge0: port 1(bridge_slave_0) entered disabled state
[  762.861176][T19090] bridge_slave_0: entered allmulticast mode
[  763.086904][T19090] bridge_slave_0: entered promiscuous mode
[  763.122022][T19090] bridge0: port 2(bridge_slave_1) entered blocking state
[  763.181029][T19090] bridge0: port 2(bridge_slave_1) entered disabled state
[  763.204855][T19090] bridge_slave_1: entered allmulticast mode
[  763.265179][T19090] bridge_slave_1: entered promiscuous mode
[  763.273426][T19250] loop9: detected capacity change from 0 to 32768
[  763.555503][T19273] loop2: detected capacity change from 0 to 2048
[  763.648849][T19273] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  763.687760][T19250] XFS (loop9): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  763.739844][T19090] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  763.781838][T19090] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  763.876142][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  763.896373][   T30] audit: type=1326 audit(1758452235.588:805): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  763.923247][T19250] XFS (loop9): Ending clean mount
[  763.931834][T19250] XFS (loop9): Quotacheck needed: Please wait.
[  764.008572][T19090] team0: Port device team_slave_0 added
[  764.010561][T19250] XFS (loop9): Quotacheck: Done.
[  764.037079][T19090] team0: Port device team_slave_1 added
[  764.227536][T19090] batman_adv: batadv0: Adding interface: batadv_slave_0
[  764.244744][T19090] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  764.328172][T19090] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  764.378433][T19090] batman_adv: batadv0: Adding interface: batadv_slave_1
[  764.385419][T19090] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  764.423180][T15964] XFS (loop9): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  764.456175][T19301] loop1: detected capacity change from 0 to 128
[  764.464156][T19090] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  764.502119][T19300] netlink: 'syz.2.4819': attribute type 12 has an invalid length.
[  764.518350][T19300] netlink: 'syz.2.4819': attribute type 29 has an invalid length.
[  764.535079][T19300] netlink: 'syz.2.4819': attribute type 1 has an invalid length.
[  764.538274][T19301] EXT4-fs (loop1): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  764.555280][T19301] ext4 filesystem being mounted at /801/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  764.589660][T19300] netlink: 'syz.2.4819': attribute type 37 has an invalid length.
[  764.598162][T19300] netlink: 80 bytes leftover after parsing attributes in process `syz.2.4819'.
[  764.607610][T19300] bridge0: port 1(bridge_slave_0) entered disabled state
[  764.619101][   T30] audit: type=1326 audit(1758452236.319:806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  764.647328][   T30] audit: type=1326 audit(1758452236.319:807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  764.670251][   T30] audit: type=1326 audit(1758452236.319:808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  764.755660][   T30] audit: type=1326 audit(1758452236.319:809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  764.846790][   T30] audit: type=1326 audit(1758452236.319:810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  764.892910][ T5874] EXT4-fs (loop1): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  764.915558][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  764.945000][   T30] audit: type=1326 audit(1758452236.319:811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  765.036559][   T30] audit: type=1326 audit(1758452236.319:812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=19283 comm="syz.3.4812" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7ff1eab8ec29 code=0x7fc00000
[  765.054177][T19090] hsr_slave_0: entered promiscuous mode
[  765.306557][T19090] hsr_slave_1: entered promiscuous mode
[  765.331921][T19090] debugfs: 'hsr0' already exists in 'hsr'
[  765.352647][T19090] Cannot create hsr debugfs directory
[  765.846916][T19335] loop5: detected capacity change from 0 to 1024
[  765.904261][T19335] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  765.954967][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  766.558222][T19349] loop1: detected capacity change from 0 to 256
[  766.669518][T19335] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4182: comm syz.5.4830: Allocating blocks 385-513 which overlap fs metadata
[  766.678785][T19349] netlink: 92 bytes leftover after parsing attributes in process `syz.1.4835'.
[  766.731153][T19349] netlink: 92 bytes leftover after parsing attributes in process `syz.1.4835'.
[  766.775615][T19349] FAT-fs (loop1): error, fat_get_cluster: invalid start cluster (i_pos 0, start 00000001)
[  766.790358][T19335] EXT4-fs (loop5): pa ffff88803316f1d0: logic 16, phys. 129, len 24
[  766.798873][T19335] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5433: group 0, free 0, pa_free 8
[  766.948993][T16191] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  766.996894][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  767.241053][T19090] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  767.288137][T19090] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  767.323419][T19090] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  767.367980][T19090] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  767.834550][T19090] 8021q: adding VLAN 0 to HW filter on device bond0
[  767.935224][T19090] 8021q: adding VLAN 0 to HW filter on device team0
[  767.977697][ T1154] bridge0: port 1(bridge_slave_0) entered blocking state
[  767.984929][ T1154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  768.033882][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  768.058589][   T13] bridge0: port 2(bridge_slave_1) entered blocking state
[  768.065822][   T13] bridge0: port 2(bridge_slave_1) entered forwarding state
[  768.171646][T19406] netlink: 'syz.2.4855': attribute type 11 has an invalid length.
[  768.232625][T19406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4855'.
[  768.321356][T19406] netlink: 'syz.2.4855': attribute type 11 has an invalid length.
[  768.335553][ T1154] netdevsim netdevsim2 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  768.362811][T19406] netlink: 4 bytes leftover after parsing attributes in process `syz.2.4855'.
[  768.382963][ T1154] netdevsim netdevsim2 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  768.403129][ T1154] netdevsim netdevsim2 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  768.422823][ T1154] netdevsim netdevsim2 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  768.586698][T19414] netlink: 8 bytes leftover after parsing attributes in process `syz.9.4858'.
[  768.651530][T19418] input: syz0 as /devices/virtual/input/input76
[  768.814418][T19090] 8021q: adding VLAN 0 to HW filter on device batadv0
[  768.954976][T19427] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4863'.
[  769.001712][T19427] netlink: 64 bytes leftover after parsing attributes in process `syz.2.4863'.
[  769.073329][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  769.277440][T19438] iommufd_mock iommufd_mock0: Adding to iommu group 0
[  769.700339][T19450] loop2: detected capacity change from 0 to 512
[  769.803893][T19450] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  769.884223][T19090] veth0_vlan: entered promiscuous mode
[  769.890534][T19450] UDF-fs: Scanning with blocksize 512 failed
[  769.926810][T19450] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  769.962950][T19450] UDF-fs: Scanning with blocksize 1024 failed
[  770.020712][T19450] UDF-fs: warning (device loop2): udf_load_vrs: No VRS found
[  770.030624][T19450] UDF-fs: Scanning with blocksize 2048 failed
[  770.048923][T19090] veth1_vlan: entered promiscuous mode
[  770.055357][T19450] UDF-fs: error (device loop2): udf_read_tagged: read failed, block=256, location=256
[  770.090963][T19450] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  770.112727][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  770.255527][T19090] veth0_macvtap: entered promiscuous mode
[  770.271006][ T1154] nci: nci_rsp_packet: unsupported rsp opcode 0xf05
[  770.316189][T19090] veth1_macvtap: entered promiscuous mode
[  770.387176][T19090] batman_adv: batadv0: Interface activated: batadv_slave_0
[  770.435720][T19090] batman_adv: batadv0: Interface activated: batadv_slave_1
[  770.526240][ T1149] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  770.566966][ T1149] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  770.607574][ T1149] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  770.642158][T19472] netlink: 212376 bytes leftover after parsing attributes in process `syz.5.4878'.
[  770.651918][ T1149] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  771.152263][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  771.173325][   T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.196605][   T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.344330][T19115] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  771.372332][T19115] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  771.694078][T19497] netlink: 'syz.7.4746': attribute type 16 has an invalid length.
[  771.731619][T19497] netlink: 'syz.7.4746': attribute type 2 has an invalid length.
[  771.761800][T19497] netlink: 64086 bytes leftover after parsing attributes in process `syz.7.4746'.
[  772.191500][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  772.473415][T19478] loop2: detected capacity change from 0 to 32768
[  772.655456][T19505] Invalid ELF header magic: != ELF
[  773.231026][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  773.769864][T19522] loop5: detected capacity change from 0 to 8192
[  773.810418][T19522] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  774.270389][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  774.693854][T19546] loop9: detected capacity change from 0 to 32768
[  774.716735][T19546] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  774.725424][T19546] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  774.764461][T19546] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  774.778414][ T5959] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  774.792958][ T5959] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  774.859884][ T5959] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 66ms
[  774.898448][ T5959] gfs2: fsid=syz:syz.0: jid=0: Done
[  774.914902][T19546] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  775.309936][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  775.420198][  T976] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  775.687376][  T976] usb 8-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f
[  775.720037][  T976] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  775.729869][  T976] usb 8-1: Product: syz
[  775.748753][  T976] usb 8-1: Manufacturer: syz
[  775.807659][  T976] usb 8-1: SerialNumber: syz
[  775.840024][  T976] usb 8-1: config 0 descriptor??
[  776.093361][ T5959] usb 8-1: USB disconnect, device number 3
[  776.349193][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  776.588534][T19598] loop9: detected capacity change from 0 to 512
[  776.619469][T19598] UDF-fs: warning (device loop9): udf_load_vrs: No VRS found
[  776.642068][T19598] UDF-fs: Scanning with blocksize 512 failed
[  776.664679][T19598] UDF-fs: warning (device loop9): udf_load_vrs: No VRS found
[  776.681710][T19598] UDF-fs: Scanning with blocksize 1024 failed
[  776.696540][T19598] UDF-fs: warning (device loop9): udf_load_vrs: No VRS found
[  776.716820][T19598] UDF-fs: Scanning with blocksize 2048 failed
[  776.733192][T19598] UDF-fs: error (device loop9): udf_read_tagged: read failed, block=256, location=256
[  776.746880][T19598] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  777.388602][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  777.769112][T19611] loop1: detected capacity change from 0 to 32768
[  777.794395][T19611] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  777.802698][T19611] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  777.834607][T19611] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  777.847362][ T6008] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  777.894623][ T6008] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  778.081567][ T5959] libceph: connect (1)[c::]:6789 error -101
[  778.091375][ T5959] libceph: mon0 (1)[c::]:6789 connect error
[  778.095805][T19622] loop5: detected capacity change from 0 to 16384
[  778.136501][ T6012] libceph: connect (1)[c::]:6789 error -101
[  778.157245][ T6012] libceph: mon0 (1)[c::]:6789 connect error
[  778.200057][ T6008] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 305ms
[  778.264503][ T6008] gfs2: fsid=syz:syz.0: jid=0: Done
[  778.278484][T19611] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  778.354822][T19622] bcachefs (loop5): starting version 1.13: inode_has_child_snapshots opts=errors=continue,metadata_checksum=none,data_checksum=none,grpquota,degraded=yes,fsck,norecovery
[  778.354867][T19622]   features: new_siphash,inline_data,new_extent_overwrite,btree_ptr_v2,new_varint,journal_no_flush,alloc_v2,extents_across_btree_nodes
[  778.385810][T19622] bcachefs (loop5): Using encoding defined by superblock: utf8-12.1.0
[  778.395009][T19622] bcachefs (loop5): invalid journal entry, version=1.13: inode_has_child_snapshots type=clock in superblock: bad size, fixing
[  778.408668][T19622] bcachefs (loop5): invalid journal entry, version=1.13: inode_has_child_snapshots type=btree_root in superblock: invalid btree root journal entry: wrong number of keys, fixing
[  778.423235][ T6012] libceph: connect (1)[c::]:6789 error -101
[  778.426250][T19622] bcachefs (loop5): recovering from clean shutdown, journal seq 18
[  778.432110][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  778.440344][T19622] bcachefs (loop5): Doing compatible version upgrade from 1.13: inode_has_child_snapshots to 1.28: inode_has_case_insensitive
[  778.440344][T19622]   running recovery passes: check_allocations,check_extents_to_backpointers,check_inodes
[  778.503171][T19622] bcachefs (loop5): btree node read error at btree alloc level 1/1
[  778.503201][T19622]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq 6418e625a07b578f written 24 min_key POS_MIN durability: 1 ptr: 0:147:0 gen 0
[  778.503232][T19622]   loop5 node offset 8/24 bset u64s 9: checksum error, type chacha20_poly1305_128: got 4f8984b2a9482b20a6858222464548fc should be 10e9a02dae2ac5c92967ce14957c4a14
[  778.503267][T19622]   loop5 btree validate error
[  778.503284][T19622]   flagging btree alloc lost data
[  778.503303][T19622]   running recovery pass check_topology (2), currently at recovery_pass_empty (0)
[  778.503326][T19622]   running recovery pass check_lrus (14), currently at recovery_pass_empty (0)
[  778.503350][T19622]   running recovery pass check_backpointers_to_extents (16), currently at recovery_pass_empty (0)
[  778.503377][T19622]   running recovery pass check_alloc_info (13), currently at recovery_pass_empty (0)
[  778.503402][T19622]   ret fsck_errors_not_fixed
[  778.591116][ T6012] libceph: mon0 (1)[c::]:6789 connect error
[  778.595514][T19622] bcachefs (loop5): error reading btree root btree=alloc level=1: btree_node_read_error, fixing
[  778.608765][ T5959] libceph: connect (1)[c::]:6789 error -101
[  778.612662][T19623] ceph: No mds server is up or the cluster is laggy
[  778.636710][T19615] ceph: No mds server is up or the cluster is laggy
[  778.648570][T19622] bcachefs (loop5): btree node read error at btree backpointers level 0/0
[  778.648599][T19622]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq dd412662cf0a3cdb written 24 min_key POS_MIN durability: 1 ptr: 0:177:0 gen 0
[  778.648630][T19622]   loop5 node offset 8/24 bset u64s 58: checksum error, type chacha20_poly1305_128: got 078c2e72d1fb2cf9a69f9a587b7c18a1 should be a24fdb1e3b0c54e0ee0bce67b808f3ff
[  778.648664][T19622]   loop5 btree validate error
[  778.648682][T19622]   flagging btree backpointers lost data
[  778.648702][T19622]   running recovery pass check_btree_backpointers (15), currently at recovery_pass_empty (0)
[  778.648728][T19622]   ret fsck_errors_not_fixed
[  778.677170][ T5959] libceph: mon0 (1)[c::]:6789 connect error
[  778.688146][T19622] bcachefs (loop5): error reading btree root btree=backpointers level=0: btree_node_read_error, fixing
[  778.692266][T19622] bcachefs (loop5): btree node read error at btree accounting level 0/0
[  778.740392][T19622]   u64s 11 type btree_ptr_v2 SPOS_MAX len 0 ver 0: seq bad08202889604e written 24 min_key POS_MIN durability: 1 ptr: 0:180:0 gen 0
[  778.754026][T19622]   loop5 node offset 0/24 bset u64s 108: checksum error, type chacha20_poly1305_128: got 08a56e53c0fd4b6f990a549c8279701e should be dee540208f34c03154ca4fb261e5b32c
[  778.770576][T19622]   loop5 btree validate error
[  778.775341][T19622]   flagging btree accounting lost data
[  778.780937][T19622]   ret fsck_errors_not_fixed
[  778.785830][T19622] bcachefs (loop5): error reading btree root btree=accounting level=0: btree_node_read_error, fixing
[  778.797075][T19622] bcachefs (loop5): check_topology... done
[  778.805218][T19622] bcachefs (loop5): accounting_read... done
[  778.840235][T19622] bcachefs (loop5): alloc_read... done
[  778.846315][T19622] bcachefs (loop5): snapshots_read... done
[  778.852886][T19622] bcachefs (loop5): Fixed errors, running fsck a second time to verify fs is clean
[  778.862219][T19622] bcachefs (loop5): reading quotas
[  778.869319][T19622] bcachefs (loop5): quotas done
[  778.874736][T19622] bcachefs (loop5): done starting filesystem
[  779.021903][T16191] bcachefs (loop5): shutting down
[  779.304176][T16191] bcachefs (loop5): shutdown complete
[  779.477349][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  779.554571][T19658] netlink: 212376 bytes leftover after parsing attributes in process `syz.7.4952'.
[  780.083531][T19670] input: syz0 as /devices/virtual/input/input77
[  780.420945][T19676] netlink: 8 bytes leftover after parsing attributes in process `syz.3.4961'.
[  780.506870][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  780.524329][T19651] loop9: detected capacity change from 0 to 32768
[  780.572063][T19651] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop9 (7:9) scanned by syz.9.4949 (19651)
[  780.800884][T19674] loop7: detected capacity change from 0 to 32768
[  780.876907][T19651] BTRFS info (device loop9): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  780.880126][T19674] gfs2: fsid=syz:syz: Trying to join cluster "lock_nolock", "syz:syz"
[  780.895243][T19674] gfs2: fsid=syz:syz: Now mounting FS (format 1801)...
[  780.917084][T19651] BTRFS info (device loop9): using blake2b (blake2b-256-generic) checksum algorithm
[  780.947738][T19674] gfs2: fsid=syz:syz.0: journal 0 mapped with 5 extents in 0ms
[  780.963233][ T5959] gfs2: fsid=syz:syz.0: jid=0, already locked for use
[  780.984551][ T5959] gfs2: fsid=syz:syz.0: jid=0: Looking at journal...
[  781.143504][ T5959] gfs2: fsid=syz:syz.0: jid=0: Journal head lookup took 159ms
[  781.151713][ T5959] gfs2: fsid=syz:syz.0: jid=0: Done
[  781.160099][T19674] gfs2: fsid=syz:syz.0: first mount done, others may mount
[  781.188290][T19651] BTRFS info (device loop9): enabling ssd optimizations
[  781.225095][T19651] BTRFS info (device loop9): enabling free space tree
[  781.546296][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  781.638620][T15964] BTRFS info (device loop9): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  782.479205][T19735] loop9: detected capacity change from 0 to 128
[  782.525937][  T976] usb 2-1: new high-speed USB device number 57 using dummy_hcd
[  782.585959][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  782.607832][T19735] EXT4-fs (loop9): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  782.671864][T19735] ext4 filesystem being mounted at /210/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  782.715721][  T976] usb 2-1: Using ep0 maxpacket: 32
[  782.758010][  T976] usb 2-1: config 0 has an invalid interface number: 184 but max is 0
[  782.775574][  T976] usb 2-1: config 0 has no interface number 0
[  782.794853][  T976] usb 2-1: config 0 interface 184 has no altsetting 0
[  782.825662][  T976] usb 2-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  782.851767][  T976] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  782.884629][  T976] usb 2-1: Product: syz
[  782.901508][  T976] usb 2-1: Manufacturer: syz
[  782.916959][  T976] usb 2-1: SerialNumber: syz
[  782.965575][  T976] usb 2-1: config 0 descriptor??
[  782.980094][  T976] smsc75xx v1.0.0
[  782.993953][T15964] EXT4-fs (loop9): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  783.296679][T19733] loop7: detected capacity change from 0 to 32768
[  783.340568][T19733] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop7 (7:7) scanned by syz.7.4969 (19733)
[  783.625874][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  783.677074][T19733] BTRFS info (device loop7): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  783.745168][T19733] BTRFS info (device loop7): using sha256 (sha256-lib) checksum algorithm
[  784.005555][  T976] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): EEPROM read operation timeout
[  784.045613][T19733] BTRFS info (device loop7): enabling ssd optimizations
[  784.052630][T19733] BTRFS info (device loop7): enabling free space tree
[  784.062070][T19773] loop9: detected capacity change from 0 to 2048
[  784.219004][  T976] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -71
[  784.272040][  T976] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -71
[  784.282081][  T976] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): device not ready in smsc75xx_reset
[  784.293060][  T976] smsc75xx 2-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  784.318912][  T976] smsc75xx 2-1:0.184: probe with driver smsc75xx failed with error -71
[  784.333998][T19090] BTRFS info (device loop7): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  784.365425][  T976] usb 2-1: USB disconnect, device number 57
[  784.437441][ T5959] usb 10-1: new high-speed USB device number 9 using dummy_hcd
[  784.645356][ T5959] usb 10-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  784.664562][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  784.674631][ T5959] usb 10-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  784.724293][ T5959] usb 10-1: config 0 descriptor??
[  784.739556][ T5959] cp210x 10-1:0.0: cp210x converter detected
[  785.139868][ T5959] cp210x 10-1:0.0: failed to get vendor val 0x0010 size 3: -32
[  785.147704][T19799] loop7: detected capacity change from 0 to 512
[  785.180631][ T5959] usb 10-1: cp210x converter now attached to ttyUSB0
[  785.206126][T19799] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  785.250544][T19799] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  785.382718][ T5959] usb 10-1: USB disconnect, device number 9
[  785.425779][ T5959] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[  785.455671][T19090] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  785.459782][ T5959] cp210x 10-1:0.0: device disconnected
[  785.486448][T19810] loop1: detected capacity change from 0 to 1024
[  785.535563][   T30] kauditd_printk_skb: 3 callbacks suppressed
[  785.535589][   T30] audit: type=1800 audit(1758452257.251:816): pid=19810 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.5002" name="file1" dev="loop1" ino=20 res=0 errno=0
[  785.704132][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  786.743399][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  787.782834][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  788.127026][T19883] loop1: detected capacity change from 0 to 512
[  788.150469][T19883] EXT4-fs: Ignoring removed mblk_io_submit option
[  788.172844][T19883] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  788.197034][T19886] 
[  788.197577][T19883] EXT4-fs (loop1): 1 truncate cleaned up
[  788.199399][T19886] =====================================================
[  788.199417][T19886] WARNING: SOFTIRQ-safe -> SOFTIRQ-unsafe lock order detected
[  788.199439][T19886] syzkaller #0 Not tainted
[  788.223779][T19886] -----------------------------------------------------
[  788.230712][T19886] syz.9.5032/19886 [HC0[0]:SC0[0]:HE0:SE1] is trying to acquire:
[  788.238435][T19886] ffff88804778a2b8 (&new->fa_lock){....}-{3:3}, at: kill_fasync+0x138/0x510
[  788.247178][T19886] 
[  788.247178][T19886] and this task is already holding:
[  788.254529][T19886] ffff8880281aa028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0
[  788.264395][T19886] which would create a new lock dependency:
[  788.270270][T19886]  (&client->buffer_lock){....}-{3:3} -> (&new->fa_lock){....}-{3:3}
[  788.278402][T19886] 
[  788.278402][T19886] but this new dependency connects a SOFTIRQ-irq-safe lock:
[  788.287846][T19886]  (&dev->event_lock#2){..-.}-{3:3}
[  788.287902][T19886] 
[  788.287902][T19886] ... which became SOFTIRQ-irq-safe at:
[  788.300763][T19886]   lock_acquire+0x179/0x350
[  788.305382][T19886]   _raw_spin_lock_irqsave+0x3a/0x60
[  788.310687][T19886]   input_event+0x74/0xd0
[  788.315024][T19886]   atp_complete_geyser_3_4+0xa2c/0x16f0
[  788.320681][T19886]   __usb_hcd_giveback_urb+0x38b/0x610
[  788.326152][T19886]   usb_hcd_giveback_urb+0x39b/0x450
[  788.331447][T19886]   dummy_timer+0x1814/0x3a30
[  788.336140][T19886]   __hrtimer_run_queues+0x202/0xad0
[  788.341475][T19886]   hrtimer_run_softirq+0x17d/0x350
[  788.346682][T19886]   handle_softirqs+0x219/0x8e0
[  788.351546][T19886]   __irq_exit_rcu+0x109/0x170
[  788.356318][T19886]   irq_exit_rcu+0x9/0x30
[  788.360661][T19886]   sysvec_apic_timer_interrupt+0xa4/0xc0
[  788.366401][T19886]   asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  788.372478][T19886]   _raw_spin_unlock_irqrestore+0x31/0x80
[  788.378220][T19886]   dummy_urb_enqueue+0x558/0x920
[  788.383267][T19886]   usb_hcd_submit_urb+0x25b/0x1c60
[  788.388478][T19886]   usb_submit_urb+0x890/0x1770
[  788.393343][T19886]   atp_open+0x60/0xd0
[  788.397427][T19886]   input_open_device+0x24c/0x3d0
[  788.402456][T19886]   mousedev_open_device+0xe0/0x140
[  788.407659][T19886]   mousedev_open+0x2fd/0x580
[  788.412333][T19886]   chrdev_open+0x234/0x6a0
[  788.416839][T19886]   do_dentry_open+0x982/0x1530
[  788.421710][T19886]   vfs_open+0x82/0x3f0
[  788.425874][T19886]   path_openat+0x1de4/0x2cb0
[  788.430551][T19886]   do_filp_open+0x20b/0x470
[  788.435138][T19886]   do_sys_openat2+0x11b/0x1d0
[  788.439908][T19886]   __x64_sys_openat+0x174/0x210
[  788.444854][T19886]   do_syscall_64+0xcd/0x4e0
[  788.449447][T19886]   entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.455431][T19886] 
[  788.455431][T19886] to a SOFTIRQ-irq-unsafe lock:
[  788.462441][T19886]  (tasklist_lock){.+.+}-{3:3}
[  788.462486][T19886] 
[  788.462486][T19886] ... which became SOFTIRQ-irq-unsafe at:
[  788.475089][T19886] ...
[  788.475102][T19886]   lock_acquire+0x179/0x350
[  788.482274][T19886]   _raw_read_lock+0x5f/0x70
[  788.486882][T19886]   __do_wait+0x105/0x890
[  788.491238][T19886]   do_wait+0x21e/0x5a0
[  788.495416][T19886]   kernel_wait+0x9f/0x160
[  788.499829][T19886]   call_usermodehelper_exec_work+0xf1/0x170
[  788.505822][T19886]   process_one_work+0x9cf/0x1b70
[  788.510861][T19886]   worker_thread+0x6c8/0xf10
[  788.515542][T19886]   kthread+0x3c5/0x780
[  788.519700][T19886]   ret_from_fork+0x56d/0x730
[  788.524377][T19886]   ret_from_fork_asm+0x1a/0x30
[  788.529239][T19886] 
[  788.529239][T19886] other info that might help us debug this:
[  788.529239][T19886] 
[  788.539456][T19886] Chain exists of:
[  788.539456][T19886]   &dev->event_lock#2 --> &client->buffer_lock --> tasklist_lock
[  788.539456][T19886] 
[  788.553056][T19886]  Possible interrupt unsafe locking scenario:
[  788.553056][T19886] 
[  788.561365][T19886]        CPU0                    CPU1
[  788.566719][T19886]        ----                    ----
[  788.572071][T19886]   lock(tasklist_lock);
[  788.576315][T19886]                                local_irq_disable();
[  788.583058][T19886]                                lock(&dev->event_lock#2);
[  788.590271][T19886]                                lock(&client->buffer_lock);
[  788.597648][T19886]   <Interrupt>
[  788.601092][T19886]     lock(&dev->event_lock#2);
[  788.605958][T19886] 
[  788.605958][T19886]  *** DEADLOCK ***
[  788.605958][T19886] 
[  788.614090][T19886] 7 locks held by syz.9.5032/19886:
[  788.619277][T19886]  #0: ffff8881473a8118 (&evdev->mutex){+.+.}-{4:4}, at: evdev_write+0x206/0x750
[  788.628466][T19886]  #1: ffff88801f74b230 (&dev->event_lock#2){..-.}-{3:3}, at: input_inject_event+0x9f/0x3b0
[  788.638622][T19886]  #2: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: input_inject_event+0xbb/0x3b0
[  788.648329][T19886]  #3: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: input_pass_values+0x80/0x880
[  788.657951][T19886]  #4: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: evdev_events+0x7b/0x390
[  788.667133][T19886]  #5: ffff8880281aa028 (&client->buffer_lock){....}-{3:3}, at: evdev_pass_values+0x10e/0x9b0
[  788.677451][T19886]  #6: ffffffff8e5c15a0 (rcu_read_lock){....}-{1:3}, at: kill_fasync+0x62/0x510
[  788.686548][T19886] 
[  788.686548][T19886] the dependencies between SOFTIRQ-irq-safe lock and the holding lock:
[  788.696945][T19886]  -> (&dev->event_lock#2){..-.}-{3:3} {
[  788.705866][T19886]     IN-SOFTIRQ-W at:
[  788.709942][T19886]                       lock_acquire+0x179/0x350
[  788.716297][T19886]                       _raw_spin_lock_irqsave+0x3a/0x60
[  788.723341][T19886]                       input_event+0x74/0xd0
[  788.729425][T19886]                       atp_complete_geyser_3_4+0xa2c/0x16f0
[  788.736825][T19886]                       __usb_hcd_giveback_urb+0x38b/0x610
[  788.744036][T19886]                       usb_hcd_giveback_urb+0x39b/0x450
[  788.751066][T19886]                       dummy_timer+0x1814/0x3a30
[  788.757501][T19886]                       __hrtimer_run_queues+0x202/0xad0
[  788.764538][T19886]                       hrtimer_run_softirq+0x17d/0x350
[  788.771483][T19886]                       handle_softirqs+0x219/0x8e0
[  788.778081][T19886]                       __irq_exit_rcu+0x109/0x170
[  788.784594][T19886]                       irq_exit_rcu+0x9/0x30
[  788.790671][T19886]                       sysvec_apic_timer_interrupt+0xa4/0xc0
[  788.798147][T19886]                       asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  788.805958][T19886]                       _raw_spin_unlock_irqrestore+0x31/0x80
[  788.813438][T19886]                       dummy_urb_enqueue+0x558/0x920
[  788.820217][T19886]                       usb_hcd_submit_urb+0x25b/0x1c60
[  788.827165][T19886]                       usb_submit_urb+0x890/0x1770
[  788.833772][T19886]                       atp_open+0x60/0xd0
[  788.839603][T19886]                       input_open_device+0x24c/0x3d0
[  788.846370][T19886]                       mousedev_open_device+0xe0/0x140
[  788.853307][T19886]                       mousedev_open+0x2fd/0x580
[  788.859723][T19886]                       chrdev_open+0x234/0x6a0
[  788.865966][T19886]                       do_dentry_open+0x982/0x1530
[  788.872580][T19886]                       vfs_open+0x82/0x3f0
[  788.878495][T19886]                       path_openat+0x1de4/0x2cb0
[  788.884929][T19886]                       do_filp_open+0x20b/0x470
[  788.891261][T19886]                       do_sys_openat2+0x11b/0x1d0
[  788.897773][T19886]                       __x64_sys_openat+0x174/0x210
[  788.904468][T19886]                       do_syscall_64+0xcd/0x4e0
[  788.910796][T19886]                       entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  788.918516][T19886]     INITIAL USE at:
[  788.922494][T19886]                      lock_acquire+0x179/0x350
[  788.928756][T19886]                      _raw_spin_lock_irqsave+0x3a/0x60
[  788.935716][T19886]                      input_inject_event+0x9f/0x3b0
[  788.942424][T19886]                      led_set_brightness+0x217/0x290
[  788.949190][T19886]                      kbd_led_trigger_activate+0xcb/0x110
[  788.956402][T19886]                      led_trigger_set+0x59a/0xc50
[  788.962913][T19886]                      led_trigger_set_default+0x1e0/0x2e0
[  788.970119][T19886]                      led_classdev_register_ext+0x7b8/0xa10
[  788.977493][T19886]                      input_leds_connect+0x552/0x8e0
[  788.984279][T19886]                      input_attach_handler.isra.0+0x176/0x250
[  788.991826][T19886]                      input_register_device+0xab9/0x1180
[  788.998943][T19886]                      atkbd_connect+0x5f8/0xa40
[  789.005291][T19886]                      serio_driver_probe+0x7f/0xd0
[  789.011883][T19886]                      really_probe+0x241/0xa90
[  789.018144][T19886]                      __driver_probe_device+0x1de/0x440
[  789.025185][T19886]                      driver_probe_device+0x4c/0x1b0
[  789.031965][T19886]                      __driver_attach+0x283/0x580
[  789.038487][T19886]                      bus_for_each_dev+0x13e/0x1d0
[  789.045085][T19886]                      serio_handle_event+0x335/0xc30
[  789.051852][T19886]                      process_one_work+0x9cf/0x1b70
[  789.058534][T19886]                      worker_thread+0x6c8/0xf10
[  789.064868][T19886]                      kthread+0x3c5/0x780
[  789.070673][T19886]                      ret_from_fork+0x56d/0x730
[  789.076998][T19886]                      ret_from_fork_asm+0x1a/0x30
[  789.083511][T19886]   }
[  789.086084][T19886]   ... key      at: [<ffffffff9b157680>] __key.7+0x0/0x40
[  789.093306][T19886] -> (&client->buffer_lock){....}-{3:3} {
[  789.099057][T19886]    INITIAL USE at:
[  789.102947][T19886]                    lock_acquire+0x179/0x350
[  789.109040][T19886]                    _raw_spin_lock+0x2e/0x40
[  789.115120][T19886]                    evdev_pass_values+0x10e/0x9b0
[  789.121630][T19886]                    evdev_events+0x1bb/0x390
[  789.127701][T19886]                    input_pass_values+0x74e/0x880
[  789.134210][T19886]                    input_handle_event+0xf00/0x14d0
[  789.140891][T19886]                    input_inject_event+0x1e8/0x3b0
[  789.147488][T19886]                    evdev_write+0x457/0x750
[  789.153479][T19886]                    vfs_write+0x2a0/0x11d0
[  789.159392][T19886]                    ksys_write+0x1f8/0x250
[  789.165306][T19886]                    do_syscall_64+0xcd/0x4e0
[  789.171373][T19886]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.178833][T19886]  }
[  789.181319][T19886]  ... key      at: [<ffffffff9b157b00>] __key.1+0x0/0x40
[  789.188432][T19886]  ... acquired at:
[  789.192225][T19886]    _raw_spin_lock+0x2e/0x40
[  789.196921][T19886]    evdev_pass_values+0x10e/0x9b0
[  789.202038][T19886]    evdev_events+0x1bb/0x390
[  789.206722][T19886]    input_pass_values+0x74e/0x880
[  789.211844][T19886]    input_handle_event+0xf00/0x14d0
[  789.217136][T19886]    input_inject_event+0x1e8/0x3b0
[  789.222340][T19886]    evdev_write+0x457/0x750
[  789.227023][T19886]    vfs_write+0x2a0/0x11d0
[  789.231547][T19886]    ksys_write+0x1f8/0x250
[  789.236068][T19886]    do_syscall_64+0xcd/0x4e0
[  789.240747][T19886]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.246822][T19886] 
[  789.249133][T19886] 
[  789.249133][T19886] the dependencies between the lock to be acquired
[  789.249149][T19886]  and SOFTIRQ-irq-unsafe lock:
[  789.262636][T19886]   -> (tasklist_lock){.+.+}-{3:3} {
[  789.267954][T19886]      HARDIRQ-ON-R at:
[  789.272102][T19886]                         lock_acquire+0x179/0x350
[  789.278631][T19886]                         _raw_read_lock+0x5f/0x70
[  789.285150][T19886]                         __do_wait+0x105/0x890
[  789.291416][T19886]                         do_wait+0x21e/0x5a0
[  789.297504][T19886]                         kernel_wait+0x9f/0x160
[  789.303838][T19886]                         call_usermodehelper_exec_work+0xf1/0x170
[  789.311746][T19886]                         process_one_work+0x9cf/0x1b70
[  789.318696][T19886]                         worker_thread+0x6c8/0xf10
[  789.325293][T19886]                         kthread+0x3c5/0x780
[  789.331361][T19886]                         ret_from_fork+0x56d/0x730
[  789.337948][T19886]                         ret_from_fork_asm+0x1a/0x30
[  789.344723][T19886]      SOFTIRQ-ON-R at:
[  789.348875][T19886]                         lock_acquire+0x179/0x350
[  789.355399][T19886]                         _raw_read_lock+0x5f/0x70
[  789.361923][T19886]                         __do_wait+0x105/0x890
[  789.368190][T19886]                         do_wait+0x21e/0x5a0
[  789.374277][T19886]                         kernel_wait+0x9f/0x160
[  789.380605][T19886]                         call_usermodehelper_exec_work+0xf1/0x170
[  789.388507][T19886]                         process_one_work+0x9cf/0x1b70
[  789.395453][T19886]                         worker_thread+0x6c8/0xf10
[  789.402047][T19886]                         kthread+0x3c5/0x780
[  789.408116][T19886]                         ret_from_fork+0x56d/0x730
[  789.414707][T19886]                         ret_from_fork_asm+0x1a/0x30
[  789.421483][T19886]      INITIAL USE at:
[  789.425551][T19886]                        lock_acquire+0x179/0x350
[  789.431985][T19886]                        _raw_write_lock_irq+0x36/0x50
[  789.438850][T19886]                        copy_process+0x4caf/0x7690
[  789.445454][T19886]                        kernel_clone+0xfc/0x930
[  789.451797][T19886]                        user_mode_thread+0xc7/0x110
[  789.458496][T19886]                        rest_init+0x23/0x2b0
[  789.464575][T19886]                        start_kernel+0x3ee/0x4d0
[  789.471001][T19886]                        x86_64_start_reservations+0x18/0x30
[  789.478387][T19886]                        x86_64_start_kernel+0x130/0x190
[  789.485432][T19886]                        common_startup_64+0x13e/0x148
[  789.492288][T19886]      INITIAL READ USE at:
[  789.496790][T19886]                             lock_acquire+0x179/0x350
[  789.503666][T19886]                             _raw_read_lock+0x5f/0x70
[  789.510536][T19886]                             __do_wait+0x105/0x890
[  789.517145][T19886]                             do_wait+0x21e/0x5a0
[  789.523579][T19886]                             kernel_wait+0x9f/0x160
[  789.530254][T19886]                             call_usermodehelper_exec_work+0xf1/0x170
[  789.538505][T19886]                             process_one_work+0x9cf/0x1b70
[  789.545800][T19886]                             worker_thread+0x6c8/0xf10
[  789.552743][T19886]                             kthread+0x3c5/0x780
[  789.559164][T19886]                             ret_from_fork+0x56d/0x730
[  789.566100][T19886]                             ret_from_fork_asm+0x1a/0x30
[  789.573224][T19886]    }
[  789.575882][T19886]    ... key      at: [<ffffffff8e20c098>] tasklist_lock+0x18/0x40
[  789.583797][T19886]    ... acquired at:
[  789.587760][T19886]    _raw_read_lock+0x5f/0x70
[  789.592450][T19886]    send_sigurg+0xed/0xc80
[  789.596960][T19886]    sk_send_sigurg+0x76/0x360
[  789.601739][T19886]    unix_stream_sendmsg+0xfa5/0x1340
[  789.607149][T19886]    ____sys_sendmsg+0xa98/0xc70
[  789.612091][T19886]    ___sys_sendmsg+0x134/0x1d0
[  789.616959][T19886]    __sys_sendmsg+0x16d/0x220
[  789.621747][T19886]    do_syscall_64+0xcd/0x4e0
[  789.626427][T19886]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.632497][T19886] 
[  789.634806][T19886]  -> (&f_owner->lock){....}-{3:3} {
[  789.640121][T19886]     INITIAL USE at:
[  789.644096][T19886]                      lock_acquire+0x179/0x350
[  789.650361][T19886]                      _raw_write_lock_irq+0x36/0x50
[  789.657065][T19886]                      __f_setown+0x61/0x3c0
[  789.663052][T19886]                      fcntl_dirnotify+0x7b1/0xb60
[  789.669564][T19886]                      do_fcntl+0xe62/0x15a0
[  789.675550][T19886]                      __x64_sys_fcntl+0x163/0x200
[  789.682059][T19886]                      do_syscall_64+0xcd/0x4e0
[  789.688297][T19886]                      entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.695930][T19886]     INITIAL READ USE at:
[  789.700339][T19886]                           lock_acquire+0x179/0x350
[  789.707044][T19886]                           _raw_read_lock_irqsave+0x74/0x90
[  789.714430][T19886]                           send_sigio+0x31/0x3e0
[  789.720853][T19886]                           kill_fasync+0x214/0x510
[  789.727453][T19886]                           lease_break_callback+0x23/0x30
[  789.734659][T19886]                           __break_lease+0x674/0x1810
[  789.741528][T19886]                           do_dentry_open+0x91f/0x1530
[  789.748491][T19886]                           vfs_open+0x82/0x3f0
[  789.754746][T19886]                           path_openat+0x1de4/0x2cb0
[  789.761510][T19886]                           do_filp_open+0x20b/0x470
[  789.768188][T19886]                           do_sys_openat2+0x11b/0x1d0
[  789.775049][T19886]                           __x64_sys_openat+0x174/0x210
[  789.782082][T19886]                           do_syscall_64+0xcd/0x4e0
[  789.788758][T19886]                           entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.796826][T19886]   }
[  789.799397][T19886]   ... key      at: [<ffffffff9ae953e0>] __key.1+0x0/0x40
[  789.806625][T19886]   ... acquired at:
[  789.810503][T19886]    _raw_read_lock_irqsave+0x74/0x90
[  789.815900][T19886]    send_sigio+0x31/0x3e0
[  789.820324][T19886]    kill_fasync+0x214/0x510
[  789.824923][T19886]    lease_break_callback+0x23/0x30
[  789.830142][T19886]    __break_lease+0x674/0x1810
[  789.835008][T19886]    do_dentry_open+0x91f/0x1530
[  789.839967][T19886]    vfs_open+0x82/0x3f0
[  789.844212][T19886]    path_openat+0x1de4/0x2cb0
[  789.848973][T19886]    do_filp_open+0x20b/0x470
[  789.853649][T19886]    do_sys_openat2+0x11b/0x1d0
[  789.858511][T19886]    __x64_sys_openat+0x174/0x210
[  789.863550][T19886]    do_syscall_64+0xcd/0x4e0
[  789.868225][T19886]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.874294][T19886] 
[  789.876605][T19886] -> (&new->fa_lock){....}-{3:3} {
[  789.881745][T19886]    INITIAL USE at:
[  789.885635][T19886]                    lock_acquire+0x179/0x350
[  789.891722][T19886]                    _raw_write_lock_irq+0x36/0x50
[  789.898241][T19886]                    fasync_insert_entry+0x1ca/0x2a0
[  789.904927][T19886]                    lease_setup+0x9d/0x160
[  789.910830][T19886]                    generic_setlease+0xef2/0x1300
[  789.917349][T19886]                    kernel_setlease+0x106/0x140
[  789.923706][T19886]                    vfs_setlease+0x258/0x2d0
[  789.929790][T19886]                    fcntl_setlease+0x3ed/0x5a0
[  789.936047][T19886]                    do_fcntl+0x751/0x15a0
[  789.941860][T19886]                    __x64_sys_fcntl+0x163/0x200
[  789.948198][T19886]                    do_syscall_64+0xcd/0x4e0
[  789.954265][T19886]                    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  789.961730][T19886]    INITIAL READ USE at:
[  789.966059][T19886]                         lock_acquire+0x179/0x350
[  789.972583][T19886]                         _raw_read_lock_irqsave+0x74/0x90
[  789.979799][T19886]                         kill_fasync+0x138/0x510
[  789.986224][T19886]                         lease_break_callback+0x23/0x30
[  789.993259][T19886]                         __break_lease+0x674/0x1810
[  789.999952][T19886]                         do_dentry_open+0x91f/0x1530
[  790.006736][T19886]                         vfs_open+0x82/0x3f0
[  790.012811][T19886]                         path_openat+0x1de4/0x2cb0
[  790.019397][T19886]                         do_filp_open+0x20b/0x470
[  790.025906][T19886]                         do_sys_openat2+0x11b/0x1d0
[  790.032592][T19886]                         __x64_sys_openat+0x174/0x210
[  790.039452][T19886]                         do_syscall_64+0xcd/0x4e0
[  790.045952][T19886]                         entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.053848][T19886]  }
[  790.056337][T19886]  ... key      at: [<ffffffff9ae953a0>] __key.0+0x0/0x40
[  790.063480][T19886]  ... acquired at:
[  790.067271][T19886]    lock_acquire+0x179/0x350
[  790.071976][T19886]    _raw_read_lock_irqsave+0x74/0x90
[  790.077365][T19886]    kill_fasync+0x138/0x510
[  790.081972][T19886]    evdev_pass_values+0x619/0x9b0
[  790.087088][T19886]    evdev_events+0x1bb/0x390
[  790.091771][T19886]    input_pass_values+0x74e/0x880
[  790.096892][T19886]    input_handle_event+0xf00/0x14d0
[  790.102185][T19886]    input_inject_event+0x1e8/0x3b0
[  790.107391][T19886]    evdev_write+0x457/0x750
[  790.111998][T19886]    vfs_write+0x2a0/0x11d0
[  790.116520][T19886]    ksys_write+0x1f8/0x250
[  790.121047][T19886]    do_syscall_64+0xcd/0x4e0
[  790.125724][T19886]    entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.131797][T19886] 
[  790.134108][T19886] 
[  790.134108][T19886] stack backtrace:
[  790.139990][T19886] CPU: 0 UID: 0 PID: 19886 Comm: syz.9.5032 Not tainted syzkaller #0 PREEMPT(full) 
[  790.140031][T19886] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 08/18/2025
[  790.140052][T19886] Call Trace:
[  790.140065][T19886]  <TASK>
[  790.140079][T19886]  dump_stack_lvl+0x116/0x1f0
[  790.140134][T19886]  check_irq_usage+0x7dc/0x920
[  790.140186][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.140227][T19886]  ? tracing_record_taskinfo_sched_switch+0x54/0x400
[  790.140276][T19886]  ? check_path.constprop.0+0x24/0x50
[  790.140330][T19886]  ? __lock_acquire+0x12bc/0x1ce0
[  790.140380][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.140439][T19886]  __lock_acquire+0x12bc/0x1ce0
[  790.140500][T19886]  lock_acquire+0x179/0x350
[  790.140559][T19886]  ? kill_fasync+0x138/0x510
[  790.140602][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.140643][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.140687][T19886]  _raw_read_lock_irqsave+0x74/0x90
[  790.140735][T19886]  ? kill_fasync+0x138/0x510
[  790.140775][T19886]  kill_fasync+0x138/0x510
[  790.140818][T19886]  evdev_pass_values+0x619/0x9b0
[  790.140864][T19886]  evdev_events+0x1bb/0x390
[  790.140902][T19886]  input_pass_values+0x74e/0x880
[  790.140941][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.140984][T19886]  input_handle_event+0xf00/0x14d0
[  790.141022][T19886]  ? _copy_from_user+0x59/0xd0
[  790.141057][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141102][T19886]  input_inject_event+0x1e8/0x3b0
[  790.141144][T19886]  evdev_write+0x457/0x750
[  790.141187][T19886]  ? __pfx_evdev_write+0x10/0x10
[  790.141228][T19886]  ? common_file_perm+0x1a9/0x340
[  790.141271][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141311][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141350][T19886]  ? security_file_permission+0x71/0x210
[  790.141397][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141446][T19886]  ? rw_verify_area+0xcf/0x6c0
[  790.141494][T19886]  ? __pfx_evdev_write+0x10/0x10
[  790.141542][T19886]  vfs_write+0x2a0/0x11d0
[  790.141595][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141637][T19886]  ? __pfx_vfs_write+0x10/0x10
[  790.141686][T19886]  ? find_held_lock+0x2b/0x80
[  790.141726][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141771][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141810][T19886]  ? __fget_files+0x20e/0x3c0
[  790.141847][T19886]  ksys_write+0x1f8/0x250
[  790.141898][T19886]  ? __pfx_ksys_write+0x10/0x10
[  790.141950][T19886]  ? srso_alias_return_thunk+0x5/0xfbef5
[  790.141995][T19886]  do_syscall_64+0xcd/0x4e0
[  790.142029][T19886]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  790.142062][T19886] RIP: 0033:0x7fa3b8d8ec29
[  790.142088][T19886] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  790.142121][T19886] RSP: 002b:00007fa3b9ba7038 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[  790.142153][T19886] RAX: ffffffffffffffda RBX: 00007fa3b8fd5fa0 RCX: 00007fa3b8d8ec29
[  790.142176][T19886] RDX: 0000000000001068 RSI: 0000200000000040 RDI: 0000000000000004
[  790.142197][T19886] RBP: 00007fa3b8e11e41 R08: 0000000000000000 R09: 0000000000000000
[  790.142218][T19886] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  790.142239][T19886] R13: 00007fa3b8fd6038 R14: 00007fa3b8fd5fa0 R15: 00007ffca2a762e8
[  790.142273][T19886]  </TASK>
[  790.142340][    C0] vkms_vblank_simulate: vblank timer overrun
[  790.146780][T19883] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  790.152573][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  790.410046][   T30] audit: type=1804 audit(1758452261.943:817): pid=19883 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.5031" name="/newroot/838/bus/bus" dev="loop1" ino=18 res=1 errno=0
[  790.416941][    C0] vkms_vblank_simulate: vblank timer overrun
[  790.536245][T19893] loop2: detected capacity change from 0 to 64
[  790.610398][   T30] audit: type=1804 audit(1758452262.323:818): pid=19893 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.5034" name=2F6E6577726F6F742F3836302F66696C65302FF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF2FFFFFFF
[  790.621653][ T5874] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  791.220919][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  792.261196][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  793.299800][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  794.349164][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  795.388614][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  796.418235][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available
[  797.467657][    C0] IPVS: sh: UDP 224.0.0.2:0 - no destination available