last executing test programs:

19.380600735s ago: executing program 3 (id=942):
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r0 = getpid()
process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x36}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{0x0}], 0x1, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x1000, 0x7, 0x0, 0xffffffffffffffff, 0x1, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x800000}, 0x48)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = getpid()
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)

18.168976083s ago: executing program 3 (id=946):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000005c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e98ed78ad62ceef1884366a578bb3fb7dbbd", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

17.928011841s ago: executing program 3 (id=952):
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f00000000c0))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46)
rt_sigreturn()
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x77359400}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f0000000140)={0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r3=>0xffffffffffffffff})
tee(r3, r2, 0x8, 0x0)

17.712966775s ago: executing program 3 (id=956):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x2000c10, &(0x7f0000000040)={[{@nobh}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x8000}}]}, 0xff, 0x23f, &(0x7f0000000540)="$eJzs3T1oLFUYBuB3Zne95t5FrtoI4g+IiAbCtRNsYqMQkBBEBBUiIjZKIsQEu8TKxkJrlVQ2QeyMlpIm2CiCVdQUsRE0WBgstFiZnURisuLPxh1xngdmZ2b3nPnOMPOe3WbYAK11Nclskk6S6SS9JMXpBnfWy9Xj3c2p3cVkMHjsh2LYrt6vnfS7kmQjyQNJdsoiL3STte2nDn7ae+Se11d7d7+7/eTURE/y2OHB/qNH78y/9sHc/WufffHdfJHZ9H93XhevGPFet0hu+jeK/UcU3aZHwF+x8Mr7X1a5vznJXcP891KmvnhvrFy308t9b/9R3ze///zWSY4VuHiDQa/6DtwYAK1TJumnKGeS1NtlOTNT/4b/qnO5fHF55eXp55dXl55reqYCLko/2X/4o0sfXjmT/287df6B/68q/48vbH1dbR91mh4NMBG31asq/9PPrN8b+YfWkX9oL/mH9pJ/aC/5h/aSf2gv+Yf2kn9oL/mH9pJ/aK/T+QcA2mVwqeknkIGmND3/AAAAAAAAAAAAAAAAAAAA521O7S6eLJOq+clbyeFDSbqj6neG/0ecXD98vfxjUTX7TVF3G8vTd4x5gDG91/DT1zd802z9T29vtv76UrLxapJr3e75+684vv/+uRv/5PPes2MW+JuKM/sPPjHZ+mf9stVs/bm95ONq/rk2av4pc8twPXr+6VfXb8z6L/085gEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACYmF8DAAD//xFQbUc=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101042, 0x0)
creat(&(0x7f0000000300)='./bus\x00', 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0)
ioctl$LOOP_SET_STATUS64(r1, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x0, 0x0, 0x0, "ef359f413bb93852f7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e737ff0edf110ff4117639c2eb4b78c660e677df701905b9aafab4afaaf755a3f6a004", "036c47c6780820d1cbf7966d61fdcf335263bd9bffbcc2542ded71038259ca171ce1a311ef54ec32d71e14ef9cc093fce47d85272036dc78388e3dc177e9b496", "f28359738e229a0500000000000000d300e6d602000000000000000000000001"})
io_submit(0x0, 0x3, &(0x7f00000002c0)=[&(0x7f0000000280)={0xffffff7f00000000, 0x0, 0x0, 0x1, 0x0, r0, &(0x7f0000000140)='i', 0x1}])

16.456641878s ago: executing program 3 (id=963):
getrlimit(0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x2, 0x0, @ipv4={'\x00', '\xff\xff', @local}}, 0x1c)
listen(r0, 0x2)
r1 = socket$inet_tcp(0x2, 0x1, 0x0)
connect$inet(r1, &(0x7f0000000040)={0x2, 0x2, @local}, 0x10)
close_range(r0, 0xffffffffffffffff, 0x0)

15.780786295s ago: executing program 3 (id=969):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x0, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d000000070000000000000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x9e)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
personality(0x4000005)

11.620948326s ago: executing program 5 (id=990):
bpf$MAP_DELETE_ELEM(0x2, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
mkdirat(r0, &(0x7f0000000000)='./file0\x00', 0x0)
r1 = openat2$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000080), 0x18)
ioctl$FS_IOC_SET_ENCRYPTION_POLICY(r1, 0x800c6613, &(0x7f00000002c0)=@v2={0x2, @adiantum, 0x0, '\x00', @d})
getdents64(r1, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000040)='kmem_cache_free\x00'}, 0x10)
write$P9_RVERSION(0xffffffffffffffff, &(0x7f0000000080)=ANY=[@ANYBLOB], 0x15)
write$FUSE_BMAP(0xffffffffffffffff, 0x0, 0x0)

11.419192503s ago: executing program 5 (id=992):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x17, 0x0, 0x4, 0xff, 0x0, 0x1}, 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000000000850000005700000095"], 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000100)='kmem_cache_free\x00', r1}, 0x10)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000008000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000058"], 0x0}, 0x90)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@bloom_filter={0x1e, 0x4, 0x8000, 0x1ff, 0x1060, 0x1, 0x2, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x4}, 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b74500000000000085000000030000009500000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r4 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
connect$unix(r5, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r6, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRESDEC=0x0, @ANYBLOB="0000000000000000b702000003000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f00000001c0)='mm_lru_activate\x00', r3}, 0x10)
r7 = socket$inet6(0xa, 0x3, 0x3a)
setsockopt$inet6_int(r7, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4)
setsockopt$inet6_mreq(r7, 0x29, 0x14, &(0x7f0000000080)={@mcast2}, 0x14)
setsockopt$inet6_mreq(r7, 0x29, 0x14, &(0x7f0000000200)={@mcast1}, 0x14)
bind$inet6(r7, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback={0xfec0ffff00000000}}, 0x1c)
syz_emit_ethernet(0x246, &(0x7f0000000a40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, '\x00', 0x210, 0x3a, 0x0, @dev, @mcast2, {[@srh={0x2f, 0x0, 0x4, 0x0, 0xca, 0x60, 0xffff}, @srh={0x0, 0x12, 0x4, 0x9, 0x0, 0x50, 0x2, [@ipv4={'\x00', '\xff\xff', @remote}, @private0, @private0, @remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @loopback, @dev={0xfe, 0x80, '\x00', 0x1e}, @private1={0xfc, 0x1, '\x00', 0x1}, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01']}, @dstopts={0x3c, 0xc, '\x00', [@ra={0x5, 0x2, 0xa307}, @calipso={0x7, 0x50, {0x1, 0x12, 0x45, 0x7, [0x80, 0x6, 0x6, 0x6, 0x1, 0x3, 0x80000000, 0x3, 0xfffffffffffff001]}}, @pad1, @pad1, @padn={0x1, 0x6, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1]}, @fragment={0x2c, 0x0, 0x20, 0x0, 0x0, 0x4, 0x67}, @routing={0x33, 0xc, 0x2, 0x3f, 0x0, [@ipv4={'\x00', '\xff\xff', @broadcast}, @private2={0xfc, 0x2, '\x00', 0x1}, @mcast1, @private0={0xfc, 0x0, '\x00', 0x1}, @mcast1, @private1]}, @srh={0x487862af394a0fab, 0x8, 0x4, 0x4, 0x2, 0x20, 0x40, [@private2, @private1, @mcast2, @ipv4={'\x00', '\xff\xff', @multicast2}]}, @dstopts={0x5c, 0x6, '\x00', [@enc_lim={0x4, 0x1, 0x9}, @hao={0xc9, 0x10, @private0={0xfc, 0x0, '\x00', 0x1}}, @ra={0x5, 0x2, 0x3f}, @enc_lim={0x4, 0x1, 0x7f}, @padn={0x1, 0x7, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0]}, @pad1, @padn={0x1, 0x3, [0x0, 0x0, 0x0]}, @pad1]}], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200000}}}}}}, 0x0)

7.17489116s ago: executing program 5 (id=1000):
mlockall(0x1)
socket$inet6_udp(0xa, 0x2, 0x0)
mlockall(0x0)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
setsockopt$inet_int(r0, 0x0, 0x3, &(0x7f0000000000), 0x4)

6.244161421s ago: executing program 1 (id=1001):
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000fce000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xc)
r2 = accept(r1, 0x0, 0x0)
sendto$inet6(r2, &(0x7f0000000000)='\x00', 0x1, 0x0, 0x0, 0x0)

6.088764512s ago: executing program 1 (id=1003):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480d, &(0x7f0000000100))

5.903762009s ago: executing program 4 (id=1004):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$inet_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f0000000180)='cdg\x00', 0x9)
bind$inet(r0, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x3e8, 0x200007fd, &(0x7f0000000040), 0x10)

5.797558592s ago: executing program 4 (id=1006):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f0000000400)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000040)=0x1b3a, 0x4)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.events\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000100), 0xfecc)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1000001, 0x12, r1, 0x0)
sendto$inet(r0, &(0x7f0000000080)='m', 0x1, 0x0, 0x0, 0x0)
recvmsg(r0, &(0x7f0000001180)={0x0, 0x0, 0x0}, 0x2000)

5.597285167s ago: executing program 4 (id=1007):
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(0xffffffffffffffff, 0x84, 0x6f, 0x0, 0x0)
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
openat$dir(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0)
r1 = socket$inet(0x2, 0x80001, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_CONTEXT(r0, 0x84, 0x11, &(0x7f0000000440)={r2}, 0x8)

5.510523263s ago: executing program 4 (id=1009):
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000880)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nobh}, {@block_validity}, {@orlov}, {@user_xattr}, {@quota}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)

4.881575296s ago: executing program 4 (id=1011):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=@framed={{}, [@printk={@p, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x71}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000240)='jbd2_checkpoint\x00', r0}, 0x10)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='memory.swap.events\x00', 0x26e1, 0x0)
ioctl$TUNSETOFFLOAD(r1, 0x40086607, 0x20001417)

3.293561747s ago: executing program 4 (id=1016):
poll(0x0, 0x0, 0x64)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r0, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
r3 = fcntl$dupfd(r1, 0x0, r2)
write$FUSE_NOTIFY_POLL(r3, &(0x7f00000003c0)={0xffffffffffffff93}, 0xfffffc33)
r4 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f0000bbdffc))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000100)={'ipvlan0\x00', 0x2})
preadv2(r5, 0x0, 0x0, 0x0, 0x0, 0x0)
close(r5)
openat(0xffffffffffffff9c, &(0x7f0000000100)='.\x00', 0x0, 0x0)
rt_sigreturn()
clock_gettime(0x0, &(0x7f0000000380)={<r6=>0x0, <r7=>0x0})
timer_settime(0x0, 0x1, &(0x7f000006b000)={{0x77359400}, {r6, r7+60000000}}, 0x0)
write$FUSE_DIRENT(r3, &(0x7f0000000100)={0x10}, 0x10)

2.916476619s ago: executing program 0 (id=1018):
mknod(&(0x7f0000000040)='./file0\x00', 0x1000, 0x0)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x1)
openat$incfs(0xffffffffffffff9c, &(0x7f0000000040)='.pending_reads\x00', 0x0, 0x0)

2.913577754s ago: executing program 1 (id=1019):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, 0x0, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000780)={&(0x7f0000000140)='kfree\x00', r0}, 0x10)
personality(0x4000005)

2.897300246s ago: executing program 2 (id=1020):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff})
write$binfmt_script(r1, &(0x7f0000000340), 0xffffff46)
timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
rt_sigreturn()
mlockall(0x1)
mremap(&(0x7f0000ff5000/0x2000)=nil, 0x2000, 0x5000000, 0x3, &(0x7f0000ffd000/0x1000)=nil)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000040)='/sys/kernel/address_bits', 0x0, 0x0)
dup2(r2, r3)
getsockopt$IP_VS_SO_GET_SERVICES(r3, 0x0, 0x482, 0x0, 0x0)

2.81184557s ago: executing program 1 (id=1021):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$inet_tcp_int(r0, 0x6, 0x12, &(0x7f0000000380)=0x8, 0x4)
bind$inet(r0, &(0x7f0000000000)={0x2, 0x4e21, @local}, 0x10)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x4e21, @local}, 0x10)
sendto$inet(r0, &(0x7f0000000780)="fbbf0b5044e308cb7bd572aa2b42e9678bcf30eff9f3aed14dc94a114bd2b45956aebe2b108a87e865501a5f9e0383611afdd3f8bac3d5cfd7772a3ab48d0ba4b600731e357e38716c449fae7c28548a4f2105f44b8fd9b33041270ae01f1a405e3f650fc3b0926d481c364fca00000000000000006d3a3ede9fc738b8d862b9d055aa2d89fe3458720724853a876448d4a1fe9ef0569ad98a05ab5df763923b4e2c576e00000000000000000000000000002000002090666159e3ef5f7244cf4ec3d7814c0c934f44e200219e6dd7bc23397d5f2f2c76a5baddd0fd8c340362691ef226f7a0ac51b74b6be5ed6737948514cd466943d08eeb3895b80499da2b209da4f3ec5e3744ce3e863b0e04d0ec2f39edf50b6e08c4b47e448a35414763d687fbe3792ee15c5b9791310a346472723c100bf77a310b0ced8004b5ac1b3fca19fc0a9e346a78c12e5c3c6d48c40439f512e8ef34a53d65f55563f68136a577736ca5f6f66e01ef4ec2cdc8db34f6de50713adaa3f70189958263fddc1314f8a28ccdef6e1390c5fbaeadc3035d019f0dc75de307de6c0d010000000000000027ec3d1d5b4b013c503b863b560688d94de886b6dc73d5da2dfeff4bed1a49a975a6c8dbb480e4415ddca5657a5a8e3b111015499e952bb5e8d8f60de3d688df7802c6e8b27b31fac4e199038b79a3999920e634a5af16aa9581b0e6647e410700246548234acacf9cb43ab332a37bbc926c39897395c974fda31536be523bf4260300730ae6136fecae5f0fa6ab2df8d98128b24589e314f57d9507dc5e0d65cc397e3f8204d48e59e8e294a6d7008ba8fba28cd5009fe1a7c569ce740078bf1c7389a6ba0f89257f06ac417aac0d2d89b05ee5dafa2f1d936c87264d077b2c0d5abdce943f895dd45045d4ec932366c67dfad087fa8dc104644828440bdf67dd97ebccb3bda8847e37f3c3d49018ecb97ce1a4a6cbd7c3ec5029d938b18a206f7f9bf678dfef1758d6a1ec0000000000000000000000000000003454686fbafb46bef43449725b85cfd3547fa97111e037819af7a0c21b15f4c3e3e4b64e130528d055cfc5fe1fe26307ea8e352cd098d8eac5d0ba0514556a9ca4534518f51bd41f43f21afe183a6233650514ca340a899a28d7784b747af027e7c986b1e66d0ea260b9a4bc4e6da64d984dc79646c6c61c4cd5458a0b8e14f9abc0ddb9cc164a22f6", 0x54e676f5, 0xc000, 0x0, 0xffffffffffffff59)
r1 = dup(r0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x42, 0x0)
r3 = dup3(r1, r2, 0x0)
sendmmsg$inet(r3, &(0x7f0000004000)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0)

2.727245241s ago: executing program 2 (id=1022):
r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000040)=ANY=[@ANYBLOB="120100005938d74010973077339600000001090212000100001e000904"], 0x0)
syz_usb_control_io(r0, &(0x7f0000000240)={0x2c, &(0x7f0000000080)={0x20, 0x30, 0x67, {0x67, 0x22, "1db48aeada0640713219d23e6779be718c7f359c125e3e127d8676920b50d49db1defcc3c40dedbc57193996ae1a77a197223d264782fa0af0792767274027c0db8d6545490681d0001516918faabd45c695bbfc7d1b20c83ee4f1bd08a6f2e7f98c5aa8e7"}}, &(0x7f0000000100)={0x0, 0x3, 0x9a, @string={0x9a, 0x3, "3ccec742f5164902b9f2b101afd47f7a0ac82058f4027bdbb4cd8dd1de0dfb9fd49ff74f8694a590257c56a5ec41c3c8a2d7874bfbafa07da53ee82f4860ec759105a1101dc20796b59b6c4281d8922638c11d8e65d78d032fad187abd7c6de82df7807aea24fe09df99ed6576d1616b817fa2afcd03f38173572cd2d188e60220d3ab632e06a76263641b55611b74519f799c1ac5ba5998"}}, &(0x7f0000000000)={0x0, 0xf, 0x5, {0x5, 0xf, 0x5}}, &(0x7f00000001c0)={0x20, 0x29, 0xf, {0xf, 0x29, 0x9, 0x60, 0x0, 0x2, "bf47aba1", "4f1fd040"}}, &(0x7f0000000200)={0x20, 0x2a, 0xc, {0xc, 0x2a, 0x0, 0x76, 0x80, 0x81, 0x7, 0x5, 0x7f}}}, &(0x7f0000000740)={0x84, &(0x7f0000000280)={0x20, 0x17, 0xa4, "10e8d9d486e8cf151755af3e1b54f7aa0968c02b9f60788546e66e957757e9d83f22629836cd5cd1a7d8e68725bde145abcfb5c36f4e95e3bff621325f2f9bdfddf24f7d10b7a3d2d982f458838fe06b76f803170ee429bd91364030de600a9ac02abfbcd3ab739f3d5151e0b9cdba43c501c50e9d748883d51afd6473b313239fe7805d4b97fe9f4e9cd3d0441c7503dca532635bf8089a7103bf1e42d147003e19cbb0"}, &(0x7f0000000340)={0x0, 0xa, 0x1, 0x1f}, &(0x7f00000003c0)={0x0, 0x8, 0x1, 0x1}, &(0x7f0000000400)={0x20, 0x0, 0x4, {0x2, 0x7}}, &(0x7f0000000440)={0x20, 0x0, 0x8, {0x200, 0x0, [0xf00]}}, &(0x7f0000000480)={0x40, 0x7, 0x2, 0x7f}, &(0x7f00000004c0)={0x40, 0x9, 0x1}, &(0x7f0000000500)={0x40, 0xb, 0x2, 's^'}, &(0x7f0000000540)={0x40, 0xf, 0x2, 0xdec}, &(0x7f0000000580)={0x40, 0x13, 0x6, @multicast}, &(0x7f00000005c0)={0x40, 0x17, 0x6, @random="25089f2035dd"}, &(0x7f0000000600)={0x40, 0x19, 0x2, "9866"}, &(0x7f0000000640)={0x40, 0x1a, 0x2, 0xfff}, &(0x7f0000000680)={0x40, 0x1c, 0x1, 0x80}, &(0x7f00000006c0)={0x40, 0x1e, 0x1, 0x1}, &(0x7f0000000700)={0x40, 0x21, 0x1, 0x7f}})
syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0)

1.961132467s ago: executing program 5 (id=1023):
syz_mount_image$ext4(&(0x7f0000000480)='ext4\x00', &(0x7f0000000200)='./file0\x00', 0x3000006, &(0x7f0000000880)={[{@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x1000}}, {@abort}, {@block_validity}, {@init_itable_val={'init_itable', 0x3d, 0x6}}, {@block_validity}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x7b1}}, {@nobh}, {@block_validity}, {@orlov}, {@user_xattr}, {@quota}]}, 0x1, 0x556, &(0x7f0000001100)="$eJzs3d1rW+UfAPDvSdu9/37rYAwVkcIunMyltvVlghfzUnQ40PsZ2rMymi6jScdaB24X7sYbGYKIA/Fe770c/gP+FQMtDBlFL7ypnPSky9akybL0ZebzgbM9zzknfc4353yfPCdPQgIYWGPZP4WIFyPi6yTiaNO24cg3jq3vt/rwxnS2JLG29smfSST5usb+Sf7/4bzyQkT8+mXE6cLmdqtLy3OlcjldyOvjtfmr49Wl5TOX50uz6Wx6ZXJq6uxbU5PvvvN232J97cLf331874OzX51c/fbnlWN3kjgXR/JtzXE8g5vNlbEYy5+TkTj3xI4TfWhsL0l2+wDoyVCe5yOR9QFHYyjPeuC/74uIWAMGVCL/YUA1xgGNe/s+3Qc/Nx68v34DtDn+4fX3RuJA/d7o0Gry2J1Rdr872of2szZ++ePunWyJ/r0PAdDRzVsRK0PDw5v7vyTv/3r3Rhf7PNmG/g92zr1s/PN6q/FPYWP8Ey3GP4db5G4vOud/YaUPzbSVjf/eazn+3Zi0Gh3Ka/+rj/lGkkuXy2nWt/0/Ik7FyP6svtV8ztnV+2vttjWP/7Ila78xFsyPY2V4/+OPmSnVSs8Sc7MHtyJeajn+TTbOf9Li/GfPx4Uu2ziR3n2l3bbO8W+vtR8jXm15/h/NaCVbz0+O16+H8cZVsdlft0/81q793Y4/O/+Hto5/NGmer60+fRs/HPgnbbet1+t/X/JpvbwvX3e9VKstTETsSz7avH7y0WMb9cb+WfynTm7d/7W6/g9GxGddxn/7+E8v9x7/9srin3mq8//0hfsffv59u/a7O/9v1kun8jXd9H/dHuCzPHcAAAAAAACw1xQi4kgkheJGuVAoFtc/33E8DhXKlWrt9KXK4pWZqH9XdjRGCo2Z7qNNn4eYyD8P26hPPlGfiohjEfHN0MF6vThdKc/sdvAAAAAAAAAAAAAAAAAAAACwRxxu8/3/zO9Du310wLbzk98wuDrmfz9+6QnYk7z+w+CS/zC45D8MLvkPg0v+w+DqkP/JTh0HsPO8/sPgkv8AAAAAAAAAAAAAAAAAAAAAAAAAAADQVxfOn8+WtdWHN6az+sy1pcW5yrUzM2l1rji/OF2crixcLc5WKrPltDhdme/098qVytWJyVi8Pl5Lq7Xx6tLyxfnK4pXaxcvzpdn0YjqyI1EBAAAAAAAAAAAAAAAAAADA86W6tDxXKpfTBQWFngrDe+MwFPpc2O2eCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAe+TcAAP//Z7w5Vw==")
fallocate(0xffffffffffffffff, 0x0, 0x0, 0x0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000440)='./file0/../file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(&(0x7f0000000100)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1adc51, 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
r1 = syz_open_procfs(0x0, &(0x7f0000000100)='mountinfo\x00')
r2 = open(&(0x7f0000000080)='./file1\x00', 0x10b942, 0x0)
sendfile(r2, r1, 0x0, 0x80000000)

1.946269413s ago: executing program 0 (id=1024):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]})
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000003b810000850000006d00000007"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00', r0}, 0x10)
syz_mount_image$ext4(&(0x7f0000000180)='ext4\x00', &(0x7f0000000480)='./file0\x00', 0x200014, &(0x7f00000001c0)={[{@discard}, {@nobarrier}, {@bsdgroups}, {@data_writeback}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x1}}, {@journal_dev={'journal_dev', 0x3d, 0x3}}]}, 0xf6, 0x484, &(0x7f0000000940)="$eJzs3MtvVFUYAPBvptMXD4uIDxC0Ckbio6XlIYluNJq40GiiC4yrOi0EKdTQmgghii4wxoUhcW9cmvgXuNKNUVcmbnFvSIhhA7oac2bupZ3pTOnQ6QPn90sunHPvHc757rln5txzZgigaw2nPwoRWyLiSkQMRUSp8YTh2l83r18o/3P9QrkQlcpbfxfSy+LG9Qvl7J+obsnm2o5KJcv3Nyn30rsRE9PTU2ez/Ojc6Q9GZ8+df/bk6YkTUyemzowfPXro4J6+I+OHOxJniuvGro9ndu989Z3Lr5ePXX7v1+9Tfbdkx/M4Omm4dnWbeqLTha2zrQvShdI6VoS2pHbrzbYrMRQ9MXjr2FC88tm6Vg5YbaVmn8+ZixXgfywN1IFulH/Qp+fffFujcceGcO3F2oRHivtmttWOlKKYndPb8HzbSQMRceziv9+kLVZpHgIAYKEf0/jnmWbjv2I8sOC8e7I1lG0RcW9EbI+I+yJiR0TcH1E998GIeKjN8htXSBaPf4pX67KVnjZLWFoa/72QrW3Vj//y0V9s68lyW6vx9xaOn5yeOpBdk/3R25/yY3UvqffTy3981bjvy2yafXjB+C9tqfz6CItXGyfoJifmJlYeec21TyN2lZrFX7i1DliIiJ0RsesOyzj51He7Wx1rFn8+Fr6tDqwzVb6NeLLW/hejIf5coeX65NhzR8YPjw7E9NSB0fyuWOy33y+92ar8FcXfAan9NzW9/2vxp2fEwkDE7Lnzp6rrtbPtl3Hpz8/LhRbHdtw2/sX3f3lfRF/h7Wq6L9v30cTc3NmxtP+1lB2s2z8+/9o8n5+f4t+/dz7+iZjv/9trj2fVK/FwRKSbeE9EPBIRj2Zt91hEPB4Re5eI/5eX9r3f6ljr9l9iVr6DUvyTS7R/estLqfn2bz/Rc+rnH1qVX1lW+x+qpvZne5bz/rfcCq7k2gEAAMDdolj9DnyhONKfp4vFkZHad/h3xKbi9Mzs3NPHZz48M1n7rvy26C3mM11DC+ZDx7K54Tw/3pA/mM0bf90zWM2PlGemJ9c7eOhym/P+H/X9P/mrs0stwEbk91rQvdru/72rUw9g7WX9/3njfeg+xv/QvfR/6FJ9zXd/stb1ANZF+5//A6tSD2DtGf9D99L/oXvp/9CVWv42vriin/zfrYnSxqhG08TgxqhGnojihqhG5xJvfFHrEhulPnmitOz/zOIOE/1ND633OxMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBn/BcAAP//gIHexw==")
r1 = inotify_init1(0x0)
unshare(0x60480)
inotify_add_watch(r1, &(0x7f0000000140)='./file0\x00', 0x50000101)

1.870239097s ago: executing program 1 (id=1025):
r0 = gettid()
timer_create(0x0, &(0x7f0000000240)={0x0, 0x21, 0x0, @tid=r0}, &(0x7f0000bbdffc))
poll(0x0, 0x0, 0x64)
pipe2$9p(&(0x7f0000000280)={0xffffffffffffffff, <r1=>0xffffffffffffffff}, 0x0)
write$P9_RSETATTR(r1, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
timer_settime(0x0, 0x0, &(0x7f0000000100)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r2, &(0x7f0000000000)={0xa, 0x0, 0x0, @empty}, 0x1c)
write$P9_RLOCK(r2, 0x0, 0x0)
write$P9_RSYMLINK(r1, 0x0, 0x0)
dup3(r2, r1, 0x0)

1.677790017s ago: executing program 5 (id=1026):
r0 = socket$l2tp6(0xa, 0x2, 0x73)
bind$l2tp6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @remote}, 0x20)
r1 = syz_open_dev$dri(&(0x7f0000000080), 0x1, 0x0)
ioctl$DRM_IOCTL_SET_CLIENT_CAP(r1, 0x4010640d, &(0x7f0000000000)={0x3, 0x2})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x0, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r5 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000640), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r5, 0xaf01, 0x0)
r6 = eventfd(0x0)
syz_emit_ethernet(0x46, &(0x7f0000000340)=ANY=[@ANYBLOB="3c82bf073aaebbbbbbbbbbbb86dd6001010000101100fe8000000000000000000000000000bbfe8000000000000000000000000000aa00000000001090780200000000"], 0x0)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000002c0)=""/138, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r5, 0x4008af03, &(0x7f0000000940)={0x1, 0x0, [{0x0, 0xc3, &(0x7f0000000540)=""/195}]})
ioctl$VHOST_SET_LOG_FD(r5, 0x4004af07, &(0x7f0000000240)=r6)
ioctl$VHOST_SET_VRING_KICK(r5, 0x4008af20, &(0x7f0000000040)={0x1, r6})
setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, &(0x7f0000000080)=@broute={'broute\x00', 0x20, 0x2, 0x230, [], 0x0, 0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000050000000000000000000000000000feffffff01000000030000000000000081006e7230000000000000002000000000007465616d300000000000000000000020766c616e30000000000000004000000076657468305f746f5f7465616d000000aaaaaaf991bb000000000000aaaaaaaaaabb000000000000000000020000d0"]}, 0x111)
ioctl$VHOST_SET_VRING_ADDR(r5, 0x4028af11, &(0x7f0000000680)={0x1, 0x1, &(0x7f0000000380)=""/233, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/74})
ioctl$VHOST_VSOCK_SET_RUNNING(r5, 0x4004af61, &(0x7f0000000000)=0x20000)

1.410167895s ago: executing program 0 (id=1027):
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
ioctl$sock_SIOCGIFVLAN_ADD_VLAN_CMD(0xffffffffffffffff, 0x8982, 0x0)
open(0x0, 0x0, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
setfsgid(0x0)
timer_settime(0x0, 0x1, 0x0, 0x0)
mq_open(&(0x7f0000000100)='!selinuxselinux\x00', 0x0, 0x0, 0x0)
r2 = socket(0x10, 0x803, 0x0)
getsockname$packet(r2, &(0x7f0000000600)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c00000010008506eb9afc4cd8d06e754a0081c5", @ANYRES32=r3, @ANYBLOB="2377f292252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000240)={0x0, 0xb00, &(0x7f0000000680)={&(0x7f0000000280)=ANY=[@ANYBLOB="3c00000010001fff00"/20, @ANYRES32=0x0, @ANYBLOB="0000000000000000140012800b00010062726964676500000400028008000a00", @ANYRES32=r3], 0x3c}}, 0x0)

1.029810683s ago: executing program 0 (id=1028):
r0 = socket$inet_icmp(0x2, 0x2, 0x1)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
r2 = dup2(r1, r0)
openat$cgroup_int(r2, &(0x7f0000002800)='memory.swap.max\x00', 0x2, 0x0)

945.399283ms ago: executing program 0 (id=1029):
write$P9_RSETATTR(0xffffffffffffffff, &(0x7f0000000000)={0x7}, 0x69ff9a93bfc25838)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4)
mknod(&(0x7f0000000000)='./file0\x00', 0x1000, 0x0)
openat$null(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)

916.727852ms ago: executing program 1 (id=1030):
r0 = syz_usb_connect$hid(0x0, 0x36, &(0x7f0000000580)=ANY=[@ANYBLOB="12013f00000000407f04ffff000000000001090224000100000000090400001503000000092140000001220f00090581", @ANYRES16], 0x0)
syz_usb_control_io(r0, 0x0, 0x0)
syz_usb_control_io$hid(r0, &(0x7f0000000000)={0x24, 0x0, 0x0, &(0x7f0000000140)=ANY=[@ANYBLOB="00220f"], 0x0}, 0x0)
r1 = syz_open_dev$hiddev(&(0x7f0000000080), 0x0, 0x0)
ioctl$HIDIOCGUSAGE(r1, 0xc018480d, &(0x7f0000000100))

845.600454ms ago: executing program 5 (id=1031):
dup(0xffffffffffffffff)
gettid()
r0 = memfd_create(&(0x7f0000000740)='\xc0\x87:*\x18\xc1k\xa7\x87[\xa0o8\xaaK\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xeae)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8\x80kR\xfc\xcb%u3\xec\xde%\x00\xb1\x9aF\xe2\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)W\x9c\x82\x91\x17\xd8\xda@4\x9f\xc5\xe3\x8d.\xd1=\xcf\xbf\x81\xb5\x8d%K\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89>\xc9\xf2/\x13{\x1a\x7f\x00\x00\x00\x00+$\xedX\xb7KV\x90D\x82`\xea\x16\xc6\xcef\xab\x05\x19\x96\xb9_6*-\xf3\x8c\x9a\x15\x9c\xf5\xb4O\x17@d\x81+\xf6\xe6+\xed\r\xd2\xb3\xaa\x9b\x7fC\'\xa2\xf6\x12\xa1\x15Punfo\x7f\x92G\x0e.\xce\xd8h\xb9p2\xccC\xbaH\xc4\xdc\xe2\xa1%)\x85\xc7O]\'9\x92\xad\xfbJ\x02\x1d\x91-\xc99\t&\xbdq\x06`T\xc8\x92\xaf\xad3\xd8b\x90\xeb\x05\x9f\t5\x06\xdd\xaf\x84\xf4\"\x13\xcf\xe5\x93D\xad~F\xe5\x19\xaa\xaa\xb2\xb1\x03m\x82+\x06\x1bF^\xd3n\xc4F\xc1\xc08\x94\xe6\xe5\x1f\xa7\xf6\xcaA\x90T\x1b\xe6\xb9\xe7\xff\xc5H\x04\x8d\xca\xad\x17UlY\x9a}\r4\xac\x93\xac\v2\xc6\xf9\xbe\xfeI\x8b\xd4/`\xab\x1e\xcf\x7f\b\x94 2.{\xc1\xbe\x9b\x04\x00\x00\x00\xb9E\x10W\xed\xed51[\xc5\xeb\xb1ux\x94\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xf9\xdem\xe3+q:3\xfa*\x98o\'f\xbcY\x8e?\xf9\x84\x1f\x94\xc2\xdb\xbaG\xa6UD\x88Y6\x11Y\xd4\xd1\xde\x9a{]\xe2\x98W\xb9\x13\xfe;\x8b!?\x8e\xbc\xae\xf9\xcc\b\x90n\x15\x7f\xd5WS\xfbN\xec)B\xe7R\xa5\xd7O\x83\x80}\xcc5\x99\xdb\xd6\xbd\x9c\x05\t\x00.\xf4\xbbeF\xa3\xea}\xf1\x86z\xca\xad\x82\xd9IRV5\xa77\'\x1a\x1c\x89\xef:\xee\x10\xb2\xd6\xc8\xf4\xb5\xdd\xd8c!@JRY\xa3|Pjk\xdc\xa5d\xc2\xecn\xc9X\xfc\xd4D\x13\"\xb2\x06\xbd&\xee0\x89\xc2\xf0\xed\xfco\xf86\xddXv\xc9\x1322L\xd6\x99\xf6\t\x9d\xbeZ\x02\xc0\xa41\xf9sNG\x02\x83\xe6Bl\xd2\x02\xfb[\x82\xc0I\xb7\xf6\xe5Z\xa1}\xee}\x8b\x89\x04\x8a\'\xc7J\xca\xdf:\x8ft\xe0\xf8\a]>\x9b6\xd0B\xa9\x1a\xb6\xfd}\x9cU[\x01W3C\xef\xfd\xef#\x8292\xf3P\x0e\x17\xa6a=\xbeZ\x87\xbe\xa2\xb1|\xb8\xa88?\xc3v#|\xf9\xcf\x1fut\xc2\xc0\xbci\xbb\xf7c\xb6\x94\x8e*', 0x0)
close(0xffffffffffffffff)
rt_sigreturn()
futex(&(0x7f0000000700)=0x2, 0x0, 0x2, &(0x7f0000000740)={0x0, 0x3938700}, 0x0, 0x0)
timer_settime(0x0, 0x0, 0x0, 0x0)
rt_sigreturn()
mlockall(0x1)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0, 0x11, r0, 0x0)
restart_syscall()

832.399353ms ago: executing program 2 (id=1032):
r0 = memfd_create(&(0x7f0000000280)='\xc0\x87:*\x18\xc1\xa5\xd3\v\x86\xca<\x7f\xfd6\x8d}\xd8\xf2G\xb8\xea\x93aG\xd4\xfd\x1eB\xdc`b\xce\xbbHe)\x90\x86\xe3\x96\b\xe0\xfa\xb1\xd8N\xb2W\xcb\x8d}3lm8\xa57\xc9\x00HOA\xc8mCR\xfc\xcb$u3\xec\xde%\xd0]\xd8\xebD\x82S\x17?\xd6As\xe3\xb1\x9aF\xe6\xba[\xc7%\x88 \xeeQR\x9f\x81\x8b\xdc\xc7\xdc\xdem\xbe\x7f2\x11)\xfb\xe0\x00\x04\x17\xd8\xda@4\xbdj*T\x1e^\xf7o\xee\xdf\r\xb8w\x1d\xe7_\xde\x87\xdd\xc1\xf0\x91\x1a!\x9c\xd3\v\xc9\x95d\xe3*\xa9\xfa\x99\x9d\xb8\x89>\xc9\xf2\x16\x13{\x1aRo:\x16\x00+$\xedX\xb7KVqU\x18\xe2k\xbd\x0eV\x16\x14g\x1b\xb0\xcf\x93', 0x0)
write(r0, &(0x7f0000000000)='/', 0x1)
sendfile(r0, r0, &(0x7f0000001000), 0xff0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x4, 0x11, r0, 0x0)
syz_read_part_table(0x4019, &(0x7f0000000000)="$eJzszzEOAUEAheE3G1FwA5fQqInSUbbRSTQaV1E5hkTjIC7gBBqSJRNBu99XzUtm/mTG1+MySZlu1u02L5rOedEkJcnssUv65/3Pl2R+SjL6JTLsjvZWvTP4WNjta6lvPdurw+T8z3sAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAuLMDBwIAAAAAQP6vjVBVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVWFHTgQAAAAAADyf22EqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqKuzAgQwAAACAMH/rPNoPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALwUAAD//xe4ClM=")

442.989321ms ago: executing program 2 (id=1034):
r0 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$inet6(r0, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c)

282.384293ms ago: executing program 2 (id=1035):
r0 = syz_open_procfs(0x0, &(0x7f0000000040)='coredump_filter\x00')
writev(r0, &(0x7f0000000100)=[{&(0x7f00000004c0)='4', 0x1}], 0x9)

120.294281ms ago: executing program 2 (id=1036):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=@base={0xb, 0x5, 0x2, 0x4, 0x5}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000680)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000240)='ext4_fc_commit_stop\x00', r1}, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000240), 0xffffffffffffffff)
getsockopt$inet6_mreq(0xffffffffffffffff, 0x29, 0x1b, &(0x7f00000004c0)={@empty, <r4=>0x0}, &(0x7f0000000500)=0x14)
bpf$MAP_CREATE(0x0, &(0x7f0000001700)=@bloom_filter={0x1e, 0x4, 0x3, 0x0, 0x0, 0xffffffffffffffff, 0xa91, '\x00', r4, 0xffffffffffffffff, 0x0, 0x0, 0x2, 0xa}, 0x48)
r5 = socket$netlink(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000040)={'batadv_slave_1\x00', <r6=>0x0})
sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)=ANY=[@ANYBLOB="380000006c0015000000d9fece23b82000000000", @ANYRES32=r6, @ANYBLOB="000000000000000018003480050035"], 0x38}, 0x1, 0x300}, 0x0)
r7 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000580)='memory.events\x00', 0x100002, 0x0)
write$cgroup_type(r7, &(0x7f0000000000), 0x9)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r8=>0x0})
r9 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000000)='/sys/kernel/profiling', 0x22042, 0x0)
getresuid(&(0x7f00000003c0)=<r10=>0x0, &(0x7f0000000500), &(0x7f0000000380))
setsockopt$inet6_IPV6_XFRM_POLICY(r7, 0x29, 0x23, &(0x7f0000000700)={{{@in6=@private0={0xfc, 0x0, '\x00', 0x1}, @in6=@private0, 0x4e24, 0x1cf, 0x4e21, 0x7, 0xa, 0x20, 0x0, 0x2c, 0x0, r10}, {0x6, 0x7, 0x8, 0x6, 0x1, 0xffffffffffffffff, 0x4, 0x2}, {0x1, 0x8, 0x1f, 0x800}, 0xfffffffa, 0x6e6bbd, 0x2, 0x0, 0x4, 0x1}, {{@in=@dev={0xac, 0x14, 0x14, 0x27}, 0x4d6, 0x33}, 0x0, @in=@empty, 0x0, 0x2, 0x1, 0x12, 0x9, 0x9, 0xa87e}}, 0xe8)
write$tun(r9, &(0x7f0000000040)=ANY=[@ANYRESDEC=r9], 0x15)
bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x1, 0x81, 0x7fffffff, 0x8, r7, 0x2, '\x00', r8, r9, 0x0, 0x3, 0x5}, 0x48)
sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, &(0x7f0000000300)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000280)={&(0x7f00000006c0)=ANY=[@ANYBLOB="a8020000", @ANYRES16=r3, @ANYBLOB="000829bd7000ffdbdf2501000000b80002802400018008000100060000000800010008000000080001000700000008000100030000004c000180080001000300000008000100020000000800010085de886e080001000200000008000100080000000800010005000000080001001da426b1080001000400000008000100070000002400018008000100080000000800010003000000080001000100000008000100070000000c00018008000100010000001400018008000100010000000800010000000000040003004000018008000100", @ANYRES32=r4, @ANYBLOB="08000100", @ANYRES32=r6, @ANYBLOB="08000100", @ANYRES32=0x0, @ANYBLOB="480003000300000008000100", @ANYRES32=r8, @ANYBLOB="14000200766c616e300000000000000000000000040003006401028024000180080001000100000008000100050000000800010008000000080001000400000014000180080001000400000008000100010000002c000180080001000300000008000100000000000800010005dce2eb080001000400000008000100010000002400018008000100040000000800010002000000080001000200000008000100030000004c0001800800010002000000080001000700000008000100060000000800010005000000080001000500000008000100010000000800010007000000080001000200000008000100020000002c000180080001000600000008000100030000000800010003000000080001000200000008000100010000002c000180080001000800000008000100010000000800010006000000080001000500000008000100060000003400018008000100000000000800010004000000080001000b000000080001000300000008000100000000000800010001000000300002802c000180080001000c0000000800010006000000080001000500000008000100070000000800010006000000"], 0x2a8}, 0x1, 0x0, 0x0, 0x10}, 0x44004)
sendmsg$ETHTOOL_MSG_STRSET_GET(r2, &(0x7f00000003c0)={&(0x7f0000000300), 0xc, &(0x7f0000000380)={&(0x7f0000000340)={0x2c, r3, 0x1, 0x70bd2c, 0x25dfdbfc, {}, [@ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}, @ETHTOOL_A_STRSET_COUNTS_ONLY={0x4}]}, 0x2c}, 0x1, 0x0, 0x0, 0x20040004}, 0x20004840)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0)

0s ago: executing program 0 (id=1037):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000000)={0x0, 0x10, &(0x7f0000000500)=[@in={0x2, 0x0, @rand_addr=0x64010100}]}, &(0x7f0000000180)=0x10)
prctl$PR_SET_MM(0x41555856, 0x20000000, &(0x7f0000ffd000/0x2000)=nil)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000140)='cgroup.controllers\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f00000000c0), 0x6db6e559)
mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1, 0x10012, r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x7d, &(0x7f0000000040), &(0x7f0000000080)=0xfffffffffffffff1)

kernel console output (not intermixed with test programs):

  230.899810][ T6749] NILFS (loop2): invalid segment: Checksum error in segment payload
[  230.907886][ T6749] NILFS (loop2): unable to fall back to spare super block
[  230.915071][ T6749] NILFS (loop2): error -22 while searching super root
[  231.053827][   T29] audit: type=1326 audit(1719423478.728:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6744 comm="syz.1.313" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x0
[  231.132201][ T6743] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.251755][ T6743] ext4 filesystem being mounted at /root/syzkaller.brU9wS/44/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.509881][ T6757] netlink: 16 bytes leftover after parsing attributes in process `syz.3.314'.
[  231.553859][ T5346] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.603969][ T6761] loop4: detected capacity change from 0 to 8
[  231.675793][ T6755] loop1: detected capacity change from 0 to 2048
[  231.679338][ T6761] SQUASHFS error: zlib decompression failed, data probably corrupt
[  231.767091][ T6761] SQUASHFS error: Failed to read block 0x9b: -5
[  231.810862][ T6761] SQUASHFS error: Unable to read metadata cache entry [99]
[  231.821353][  T925] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  231.854019][ T6761] SQUASHFS error: Unable to read inode 0x127
[  231.885326][ T6755] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.972452][ T6755] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.086963][  T925] usb 4-1: Using ep0 maxpacket: 8
[  232.101698][  T925] usb 4-1: New USB device found, idVendor=07c4, idProduct=a109, bcdDevice= f.59
[  232.117643][  T925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  232.151350][  T925] usb 4-1: Product: syz
[  232.155525][  T925] usb 4-1: Manufacturer: syz
[  232.160305][  T925] usb 4-1: SerialNumber: syz
[  232.174212][  T925] usb 4-1: config 0 descriptor??
[  232.180491][ T5113] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[  232.189224][  T925] ums-datafab 4-1:0.0: USB Mass Storage device detected
[  232.201545][ T5113] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[  232.211275][ T5113] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[  232.219627][ T5113] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[  232.256277][ T5113] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[  232.271704][ T5113] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[  232.388188][ T6770] loop5: detected capacity change from 0 to 2048
[  232.472495][ T6761] loop4: detected capacity change from 0 to 4096
[  232.504933][  T925] ums-sddr55 4-1:0.0: USB Mass Storage device detected
[  232.611433][ T6770] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  232.632468][  T925] usb 4-1: USB disconnect, device number 4
[  232.649606][ T6781] NILFS (loop4): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  232.671705][   T35] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  232.752319][   T29] audit: type=1800 audit(1719423480.438:41): pid=6779 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.320" name="file0" dev="sda1" ino=2016 res=0 errno=0
[  233.170908][ T6786] NILFS (loop4): bad btree node (ino=3, blocknr=0): level = 0, flags = 0x0, nchildren = 0
[  233.181327][ T6786] NILFS error (device loop4): nilfs_bmap_lookup_at_level: broken bmap (inode number=3)
[  233.703728][ T6786] Remounting filesystem read-only
[  233.943356][   T35] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.115635][ T6794] loop4: detected capacity change from 0 to 256
[  234.147305][ T6794] exFAT-fs (loop4): failed to load upcase table (idx : 0x000104d0, chksum : 0x60d18cac, utbl_chksum : 0xe619d30d)
[  234.237641][   T35] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.331897][ T5113] Bluetooth: hci2: command tx timeout
[  234.548606][ T6803] loop5: detected capacity change from 0 to 2048
[  234.559968][ T6803] udf: Bad value for 'gid'
[  234.565134][   T35] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  234.630864][ T5225] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  234.718265][ T6780] loop1: detected capacity change from 0 to 32768
[  235.084412][ T6780] bcachefs (loop1): mounting version 1.7: mi_btree_bitmap opts=metadata_checksum=crc64,data_checksum=xxhash,str_hash=crc32c,nojournal_transaction_names
[  235.193383][ T6821] loop2: detected capacity change from 0 to 256
[  235.246360][ T6821] exFAT-fs (loop2): failed to load upcase table (idx : 0x00010000, chksum : 0x360fd2d4, utbl_chksum : 0xe619d30d)
[  235.276660][ T6780] bcachefs (loop1): recovering from clean shutdown, journal seq 8
[  235.319935][ T6771] chnl_net:caif_netlink_parms(): no params data found
[  235.435555][   T35] bridge_slave_1: left allmulticast mode
[  235.450702][   T35] bridge_slave_1: left promiscuous mode
[  235.460713][   T35] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.494721][ T6780] bcachefs (loop1): alloc_read... done
[  235.509808][   T35] bridge_slave_0: left allmulticast mode
[  235.521193][ T6780] bcachefs (loop1): stripes_read... done
[  235.527042][   T35] bridge_slave_0: left promiscuous mode
[  235.547694][ T6780] bcachefs (loop1): snapshots_read... done
[  235.554282][   T35] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.573521][ T6780] bcachefs (loop1): journal_replay... done
[  235.579666][ T6780] bcachefs (loop1): resume_logged_ops... done
[  235.588583][ T6780] bcachefs (loop1): going read-write
[  235.608569][ T6780] bcachefs (loop1): done starting filesystem
[  235.763879][ T5338] bcachefs (loop1): shutting down
[  235.777233][ T5338] bcachefs (loop1): going read-only
[  235.811474][ T5338] bcachefs (loop1): finished waiting for writes to stop
[  235.877082][ T5338] bcachefs (loop1): flushing journal and stopping allocators, journal seq 8
[  235.911714][ T5338] bcachefs (loop1): flushing journal and stopping allocators complete, journal seq 8
[  236.139261][ T5338] bcachefs (loop1): shutdown complete, journal seq 9
[  236.420159][ T6843] loop3: detected capacity change from 0 to 2048
[  236.430390][ T5113] Bluetooth: hci2: command tx timeout
[  237.112370][ T5338] bcachefs (loop1): marking filesystem clean
[  237.155625][ T6843] Alternate GPT is invalid, using primary GPT.
[  237.163346][ T6843]  loop3: p1 p2 p3
[  237.290416][ T6839] loop2: detected capacity change from 0 to 2048
[  237.394048][ T6839] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  237.431390][ T5225] udevd[5225]: inotify_add_watch(7, /dev/loop3p1, 10) failed: No such file or directory
[  237.611837][ T6846] loop4: detected capacity change from 0 to 256
[  237.629911][ T5338] bcachefs (loop1): shutdown complete
[  237.671477][ T5225] udevd[5225]: inotify_add_watch(7, /dev/loop3p2, 10) failed: No such file or directory
[  237.772486][ T6846] loop4: detected capacity change from 0 to 256
[  237.845601][ T5225] udevd[5225]: inotify_add_watch(7, /dev/loop3p3, 10) failed: No such file or directory
[  237.859920][ T6850] loop5: detected capacity change from 0 to 1024
[  238.012813][   T29] audit: type=1326 audit(1719423485.698:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6847 comm="syz.3.339" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x0
[  238.492940][ T5113] Bluetooth: hci2: command tx timeout
[  238.561896][ T6852] loop3: detected capacity change from 0 to 2048
[  238.763755][ T6852] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  239.092463][ T6852] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.120164][ T6878] loop2: detected capacity change from 0 to 64
[  240.478541][   T35] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  240.486825][ T6881] syz.2.346: attempt to access beyond end of device
[  240.486825][ T6881] loop2: rw=34817, sector=168, nr_sectors = 538 limit=64
[  240.661254][ T5113] Bluetooth: hci2: command tx timeout
[  240.682216][   T35] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  240.710925][   T35] bond0 (unregistering): Released all slaves
[  240.997092][ T6885] loop4: detected capacity change from 0 to 2048
[  241.735782][ T6885] NILFS (loop4): broken superblock, retrying with spare superblock (blocksize = 1024)
[  241.754658][ T6885] NILFS (loop4): invalid segment: Checksum error in segment payload
[  241.762846][ T6885] NILFS (loop4): unable to fall back to spare super block
[  241.770013][ T6885] NILFS (loop4): error -22 while searching super root
[  241.780056][ T5225] udevd[5225]: incorrect nilfs2 checksum on /dev/loop4
[  242.269418][ T6896] loop3: detected capacity change from 0 to 512
[  242.417773][ T6896] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  242.472212][ T6896] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a00ec019, mo2=0002]
[  242.481436][ T6896] System zones: 1-12
[  242.505755][ T6896] EXT4-fs (loop3): 1 truncate cleaned up
[  242.516415][ T6896] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  242.573123][ T6891] loop1: detected capacity change from 0 to 2048
[  242.771275][ T6891] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  243.209026][ T5337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  243.509300][ T6771] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.567075][ T6771] bridge0: port 1(bridge_slave_0) entered disabled state
[  243.633881][ T6771] bridge_slave_0: entered allmulticast mode
[  243.706330][ T6771] bridge_slave_0: entered promiscuous mode
[  243.754808][ T6915] loop5: detected capacity change from 0 to 2048
[  243.856819][   T35] hsr_slave_0: left promiscuous mode
[  243.871451][ T6588] kworker/u8:10: attempt to access beyond end of device
[  243.871451][ T6588] loop2: rw=1, sector=65, nr_sectors = 1 limit=64
[  243.921381][ T6588] Buffer I/O error on dev loop2, logical block 65, lost async page write
[  243.961561][ T6915] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  243.974300][   T35] hsr_slave_1: left promiscuous mode
[  244.001272][ T6588] kworker/u8:10: attempt to access beyond end of device
[  244.001272][ T6588] loop2: rw=1, sector=66, nr_sectors = 1 limit=64
[  244.052841][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  244.060329][ T6588] Buffer I/O error on dev loop2, logical block 66, lost async page write
[  244.100815][   T35] batman_adv: batadv0: Removing interface: batadv_slave_0
[  244.317711][ T6588] kworker/u8:10: attempt to access beyond end of device
[  244.317711][ T6588] loop2: rw=1, sector=67, nr_sectors = 1 limit=64
[  244.362447][   T35] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  244.463878][   T35] batman_adv: batadv0: Removing interface: batadv_slave_1
[  245.278937][ T6588] Buffer I/O error on dev loop2, logical block 67, lost async page write
[  245.298273][ T6588] kworker/u8:10: attempt to access beyond end of device
[  245.298273][ T6588] loop2: rw=1, sector=68, nr_sectors = 1 limit=64
[  245.311878][   T35] veth1_macvtap: left promiscuous mode
[  245.318775][   T35] veth0_macvtap: left promiscuous mode
[  245.332371][   T35] veth1_vlan: left promiscuous mode
[  245.337777][ T6588] Buffer I/O error on dev loop2, logical block 68, lost async page write
[  245.348647][   T35] veth0_vlan: left promiscuous mode
[  245.354034][ T6588] kworker/u8:10: attempt to access beyond end of device
[  245.354034][ T6588] loop2: rw=1, sector=72, nr_sectors = 1 limit=64
[  245.385915][ T6588] Buffer I/O error on dev loop2, logical block 72, lost async page write
[  245.420642][ T6588] kworker/u8:10: attempt to access beyond end of device
[  245.420642][ T6588] loop2: rw=1, sector=73, nr_sectors = 1 limit=64
[  245.461248][ T6588] Buffer I/O error on dev loop2, logical block 73, lost async page write
[  245.510535][ T6588] kworker/u8:10: attempt to access beyond end of device
[  245.510535][ T6588] loop2: rw=1, sector=76, nr_sectors = 1 limit=64
[  245.566236][ T6588] Buffer I/O error on dev loop2, logical block 76, lost async page write
[  245.609044][ T6588] kworker/u8:10: attempt to access beyond end of device
[  245.609044][ T6588] loop2: rw=1, sector=77, nr_sectors = 1 limit=64
[  245.893274][ T6588] Buffer I/O error on dev loop2, logical block 77, lost async page write
[  246.130299][ T6588] kworker/u8:10: attempt to access beyond end of device
[  246.130299][ T6588] loop2: rw=1, sector=78, nr_sectors = 89 limit=64
[  246.407710][ T6938] loop2: detected capacity change from 0 to 8
[  246.409585][ T6937] loop5: detected capacity change from 0 to 256
[  246.433937][ T6940] loop1: detected capacity change from 0 to 64
[  246.493270][ T6937] netlink: 104 bytes leftover after parsing attributes in process `syz.5.360'.
[  246.505416][ T6938] SQUASHFS error: zlib decompression failed, data probably corrupt
[  246.529831][ T6938] SQUASHFS error: Failed to read block 0x9b: -5
[  246.578808][ T6938] SQUASHFS error: Unable to read metadata cache entry [99]
[  246.647680][ T6938] SQUASHFS error: Unable to read inode 0x127
[  246.663898][   T29] audit: type=1326 audit(1719423494.358:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6941 comm="syz.3.362" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x0
[  246.729858][ T6943] syz.1.361: attempt to access beyond end of device
[  246.729858][ T6943] loop1: rw=34817, sector=168, nr_sectors = 538 limit=64
[  246.950557][ T6949] loop5: detected capacity change from 0 to 2048
[  247.000198][ T6949] udf: Bad value for 'gid'
[  247.083425][ T6945] loop3: detected capacity change from 0 to 2048
[  247.096063][ T6938] loop2: detected capacity change from 0 to 4096
[  247.118081][ T5225] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  247.197451][ T6952] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  247.285753][ T6945] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  247.368355][ T6945] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.958388][ T6959] NILFS (loop2): bad btree node (ino=3, blocknr=0): level = 0, flags = 0x0, nchildren = 0
[  247.968633][ T6959] NILFS error (device loop2): nilfs_bmap_lookup_at_level: broken bmap (inode number=3)
[  247.986687][ T6959] Remounting filesystem read-only
[  248.993558][ T6964] loop2: detected capacity change from 0 to 8
[  248.999727][ T5331] kworker/u8:9: attempt to access beyond end of device
[  248.999727][ T5331] loop1: rw=1048577, sector=65, nr_sectors = 1 limit=64
[  249.081529][ T5331] Buffer I/O error on dev loop1, logical block 65, lost async page write
[  249.131256][ T5331] kworker/u8:9: attempt to access beyond end of device
[  249.131256][ T5331] loop1: rw=1048577, sector=66, nr_sectors = 1 limit=64
[  249.222363][ T5331] Buffer I/O error on dev loop1, logical block 66, lost async page write
[  249.252050][ T5331] kworker/u8:9: attempt to access beyond end of device
[  249.252050][ T5331] loop1: rw=1048577, sector=67, nr_sectors = 1 limit=64
[  249.323662][ T5331] Buffer I/O error on dev loop1, logical block 67, lost async page write
[  249.361367][ T5331] kworker/u8:9: attempt to access beyond end of device
[  249.361367][ T5331] loop1: rw=1048577, sector=68, nr_sectors = 1 limit=64
[  249.427027][ T5331] Buffer I/O error on dev loop1, logical block 68, lost async page write
[  249.463028][ T5331] kworker/u8:9: attempt to access beyond end of device
[  249.463028][ T5331] loop1: rw=1048577, sector=72, nr_sectors = 1 limit=64
[  249.571200][ T5331] Buffer I/O error on dev loop1, logical block 72, lost async page write
[  249.602821][ T5331] kworker/u8:9: attempt to access beyond end of device
[  249.602821][ T5331] loop1: rw=1048577, sector=73, nr_sectors = 1 limit=64
[  249.646107][ T6969] loop3: detected capacity change from 0 to 2048
[  249.650968][ T5331] Buffer I/O error on dev loop1, logical block 73, lost async page write
[  249.731854][ T5331] Buffer I/O error on dev loop1, logical block 76, lost async page write
[  249.744037][ T5331] Buffer I/O error on dev loop1, logical block 77, lost async page write
[  249.769639][ T6951] loop4: detected capacity change from 0 to 32768
[  249.857598][ T6969] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  249.891179][ T5225] I/O error, dev loop4, sector 32640 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  250.203324][   T35] team0 (unregistering): Port device team_slave_1 removed
[  250.451721][   T35] team0 (unregistering): Port device team_slave_0 removed
[  250.744878][ T6962] loop5: detected capacity change from 0 to 32768
[  250.788538][ T6982] loop4: detected capacity change from 0 to 8
[  250.826793][ T6982] MTD: Attempt to mount non-MTD device "/dev/loop4"
[  250.999996][ T6986] loop3: detected capacity change from 0 to 256
[  251.050506][ T6985] cramfs: Error -5 while decompressing!
[  251.061482][ T6986] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fe7f, chksum : 0x39626d3b, utbl_chksum : 0xe619d30d)
[  251.075133][ T6985] cramfs: ffffffff948d0a48(26)->ffff888058078000(4096)
[  251.096231][ T6985] cramfs: Error -3 while decompressing!
[  251.102515][ T6985] cramfs: ffffffff948d0a62(26)->ffff888058079000(4096)
[  251.152456][ T6985] cramfs: Error -3 while decompressing!
[  251.158863][ T6985] cramfs: ffffffff948d0a7c(16)->ffff88805807a000(4096)
[  251.170234][ T6985] cramfs: Error -5 while decompressing!
[  251.364116][ T6985] cramfs: ffffffff948d0a48(26)->ffff888058078000(4096)
[  251.834524][ T6995] loop4: detected capacity change from 0 to 256
[  251.896324][ T6995] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x360fd2d4, utbl_chksum : 0xe619d30d)
[  251.985119][ T6988] loop1: detected capacity change from 0 to 32768
[  252.011044][ T6988] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 (7:1) scanned by syz.1.375 (6988)
[  252.058243][ T6988] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  252.098190][ T6988] BTRFS info (device loop1): using sha256 (sha256-ni) checksum algorithm
[  252.131513][ T6988] BTRFS info (device loop1): using free-space-tree
[  252.280503][ T6771] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.318720][ T6771] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.354353][ T6771] bridge_slave_1: entered allmulticast mode
[  252.403238][ T6771] bridge_slave_1: entered promiscuous mode
[  252.416853][ T6988] BTRFS info (device loop1): setting incompat feature flag for SIMPLE_QUOTA (0x10000)
[  252.458323][ T6986] netlink: 88 bytes leftover after parsing attributes in process `syz.3.374'.
[  253.029484][ T6771] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  253.115322][ T6771] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  253.237490][ T5338] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  253.289468][ T6771] team0: Port device team_slave_0 added
[  253.392030][ T6771] team0: Port device team_slave_1 added
[  253.545739][    T9] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  253.771336][    T9] usb 4-1: Using ep0 maxpacket: 8
[  253.779213][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  253.831585][    T9] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  253.831646][    T9] usb 4-1: New USB device found, idVendor=1038, idProduct=1410, bcdDevice= 0.00
[  253.831677][    T9] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  253.841547][    T9] usb 4-1: config 0 descriptor??
[  253.874358][ T6771] batman_adv: batadv0: Adding interface: batadv_slave_0
[  253.874379][ T6771] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.874413][ T6771] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  253.876862][ T6771] batman_adv: batadv0: Adding interface: batadv_slave_1
[  253.876880][ T6771] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  253.876913][ T6771] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  254.197048][ T6771] hsr_slave_0: entered promiscuous mode
[  254.267686][    T9] steelseries 0003:1038:1410.0001: unknown main item tag 0x0
[  254.267770][    T9] steelseries 0003:1038:1410.0001: unknown main item tag 0x0
[  254.267796][    T9] steelseries 0003:1038:1410.0001: unknown main item tag 0x0
[  254.267821][    T9] steelseries 0003:1038:1410.0001: unknown main item tag 0x0
[  254.289422][    T9] steelseries 0003:1038:1410.0001: missing HID_OUTPUT_REPORT 0
[  254.321467][   T29] audit: type=1326 audit(1719423502.008:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7fc00000
[  254.376872][   T29] audit: type=1800 audit(1719423502.008:45): pid=7061 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.385" name="file0" dev="sda1" ino=2012 res=0 errno=0
[  254.376933][   T29] audit: type=1326 audit(1719423502.008:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fac00175ae9 code=0x7fc00000
[  254.402652][ T6771] hsr_slave_1: entered promiscuous mode
[  254.434353][ T7059] loop4: detected capacity change from 0 to 512
[  254.452950][ T7059] EXT4-fs: Ignoring removed oldalloc option
[  254.465433][ T7059] ext4: Unknown parameter 'nog'
[  254.483767][    T9] usb 4-1: USB disconnect, device number 5
[  254.495234][ T6771] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  254.495298][ T6771] Cannot create hsr debugfs directory
[  254.535727][ T5225] I/O error, dev loop4, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  254.934370][ T7068] loop5: detected capacity change from 0 to 256
[  254.990341][ T7068] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x205ad3fc, utbl_chksum : 0xe619d30d)
[  255.024279][   T29] audit: type=1326 audit(1719423502.698:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7056 comm="syz.1.385" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7fc00000
[  255.112221][ T7068] fuse: Bad value for 'fd'
[  255.411789][ T1236] ieee802154 phy0 wpan0: encryption failed: -22
[  255.423144][ T1236] ieee802154 phy1 wpan1: encryption failed: -22
[  255.802551][ T7079] loop2: detected capacity change from 0 to 4096
[  255.840806][ T7079] ntfs3: Bad value for 'gid'
[  255.958149][ T5225] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  256.380800][ T7079] loop2: detected capacity change from 0 to 4096
[  256.406011][ T7079] ntfs3: Unknown parameter '��������������`'
[  257.214281][ T6771] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  257.265364][ T6771] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  257.310748][ T6771] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  257.372769][ T6771] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  257.885061][ T6771] 8021q: adding VLAN 0 to HW filter on device bond0
[  257.978614][ T6771] 8021q: adding VLAN 0 to HW filter on device team0
[  258.014293][ T5148] bridge0: port 1(bridge_slave_0) entered blocking state
[  258.021493][ T5148] bridge0: port 1(bridge_slave_0) entered forwarding state
[  258.119805][ T5238] bridge0: port 2(bridge_slave_1) entered blocking state
[  258.127017][ T5238] bridge0: port 2(bridge_slave_1) entered forwarding state
[  258.967144][ T7154] loop2: detected capacity change from 0 to 512
[  258.981367][ T7154] EXT4-fs: Ignoring removed oldalloc option
[  258.988571][ T7154] ext4: Unknown parameter 'nog'
[  260.024579][ T6771] 8021q: adding VLAN 0 to HW filter on device batadv0
[  260.335439][ T6771] veth0_vlan: entered promiscuous mode
[  260.402141][ T6771] veth1_vlan: entered promiscuous mode
[  260.577116][ T6771] veth0_macvtap: entered promiscuous mode
[  260.653363][ T6771] veth1_macvtap: entered promiscuous mode
[  260.779660][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  260.868835][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  260.961809][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.010911][ T7197] loop5: detected capacity change from 0 to 512
[  261.013902][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.047727][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.062117][ T7197] EXT4-fs: Ignoring removed oldalloc option
[  261.068417][ T7197] ext4: Unknown parameter 'nog'
[  261.116590][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.148659][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.188458][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.229305][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  261.252388][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.312583][ T6771] batman_adv: batadv0: Interface activated: batadv_slave_0
[  261.378898][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.385383][ T5225] I/O error, dev loop5, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 0
[  261.451207][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.481730][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.542475][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.611710][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.653510][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.692250][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.741188][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  261.803699][ T6771] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  261.973820][ T6771] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  262.074087][ T6771] batman_adv: batadv0: Interface activated: batadv_slave_1
[  262.095508][ T6771] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  262.136275][ T6771] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  262.973742][ T6771] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  263.037018][ T6771] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  263.697071][   T35] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.750674][   T35] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  263.919518][   T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  263.961864][   T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.078333][ T7254] pim6reg1: entered promiscuous mode
[  264.118822][ T7254] pim6reg1: entered allmulticast mode
[  264.589231][ T7269] vhci_hcd: invalid port number 16
[  264.626698][ T7269] vhci_hcd: default hub control req: 2300 v0000 i0010 l0
[  265.232692][   T29] audit: type=1800 audit(1719423512.928:48): pid=7287 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.447" name="bus" dev="sda1" ino=2006 res=0 errno=0
[  265.420614][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.510780][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.581228][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.761178][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.791426][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.823098][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.830502][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.841847][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.849983][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.881571][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.882458][ T7300] loop1: detected capacity change from 0 to 2048
[  265.888994][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.889067][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  265.889093][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.031188][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.038645][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.039267][ T7300] Alternate GPT is invalid, using primary GPT.
[  266.109075][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.111630][ T7300]  loop1: p1 p2 p3
[  266.151240][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.183551][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.191002][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.319985][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.391745][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.464570][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.519710][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.623134][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.677016][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.750049][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.788228][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.860710][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.923104][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  266.930670][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.039453][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.101603][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.109065][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.173775][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.201265][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.240812][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.281369][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.316206][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.365301][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.400406][   T57] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0
[  267.465144][   T57] hid-generic 0000:0000:0000.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz0] on syz0
[  269.224412][ T7313] loop1: detected capacity change from 0 to 32768
[  269.267980][ T7313] XFS: attr2 mount option is deprecated.
[  269.306993][ T7313] XFS: noikeep mount option is deprecated.
[  269.438690][   T29] audit: type=1800 audit(1719423517.128:49): pid=7353 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.461" name="file0" dev="sda1" ino=2006 res=0 errno=0
[  269.456292][ T7313] XFS (loop1): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  269.506576][ T7359] loop5: detected capacity change from 0 to 16
[  269.514235][ T7359] erofs: Unknown parameter '����'
[  269.551352][ T7328] netlink: 20 bytes leftover after parsing attributes in process `syz.3.458'.
[  269.634064][   T29] audit: type=1800 audit(1719423517.308:50): pid=7361 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.461" name="file0" dev="sda1" ino=2006 res=0 errno=0
[  269.709924][ T7359] hub 6-0:1.0: USB hub found
[  269.793133][ T7359] hub 6-0:1.0: 1 port detected
[  269.880880][   T29] audit: type=1326 audit(1719423517.348:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7fc00000
[  269.971289][ T7313] XFS (loop1): Ending clean mount
[  270.041246][   T29] audit: type=1326 audit(1719423517.368:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fc63f775ae9 code=0x7fc00000
[  270.085622][ T7313] XFS (loop1): Quotacheck needed: Please wait.
[  270.216534][   T29] audit: type=1326 audit(1719423517.908:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7345 comm="syz.2.461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7fc00000
[  270.407067][ T7313] XFS (loop1): Quotacheck: Done.
[  270.590858][ T5338] XFS (loop1): Unmounting Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  272.298546][ T7393] loop2: detected capacity change from 0 to 1024
[  273.047246][ T7408] Invalid ELF header magic: != ELF
[  273.049369][ T7411] loop1: detected capacity change from 0 to 512
[  273.123224][ T7411] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  273.209115][ T7411] ext4 filesystem being mounted at /root/syzkaller.BsHbrQ/77/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  273.347897][ T7411] EXT4-fs error (device loop1): ext4_readdir:260: inode #2: block 3: comm syz.1.484: path /root/syzkaller.BsHbrQ/77/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  273.412652][   T29] audit: type=1326 audit(1719423521.108:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  273.555812][   T29] audit: type=1326 audit(1719423521.138:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  273.643950][ T5338] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  273.656941][   T29] audit: type=1326 audit(1719423521.138:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  273.725823][   T29] audit: type=1326 audit(1719423521.138:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  273.757932][   T29] audit: type=1326 audit(1719423521.148:58): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  273.821607][   T29] audit: type=1326 audit(1719423521.148:59): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  273.876620][   T29] audit: type=1326 audit(1719423521.148:60): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f90d136cb67 code=0x7ffc0000
[  273.950819][   T29] audit: type=1326 audit(1719423521.148:61): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f90d1311539 code=0x7ffc0000
[  274.720831][   T29] audit: type=1326 audit(1719423521.148:62): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f90d136cb67 code=0x7ffc0000
[  274.929813][ T7403] loop3: detected capacity change from 0 to 32768
[  274.991243][   T29] audit: type=1326 audit(1719423521.148:63): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7416 comm="syz.0.485" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f90d1311539 code=0x7ffc0000
[  275.017131][ T7403] XFS: attr2 mount option is deprecated.
[  275.031254][ T7403] XFS: noikeep mount option is deprecated.
[  275.176787][ T7403] XFS (loop3): Mounting V5 Filesystem a2f82aab-77f8-4286-afd4-a8f747a74bab
[  276.277908][ T7449] loop0: detected capacity change from 0 to 512
[  276.285769][ T7449] EXT4-fs: Ignoring removed oldalloc option
[  276.292097][ T7449] ext4: Unknown parameter 'nog'
[  276.866954][ T7403] workqueue: Failed to create a rescuer kthread for wq "xfs-cil/loop3": -EINTR
[  276.872287][ T7403] XFS (loop3): log mount failed
[  277.586368][ T7461] loop2: detected capacity change from 0 to 512
[  277.600042][ T7461] EXT4-fs: Ignoring removed oldalloc option
[  277.607259][ T7461] ext4: Unknown parameter 'nog'
[  278.482595][ T7468] loop2: detected capacity change from 0 to 512
[  278.608056][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  278.608079][   T29] audit: type=1800 audit(1719423526.298:87): pid=7475 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.496" name="file0" dev="sda1" ino=2016 res=0 errno=0
[  278.929480][   T29] audit: type=1800 audit(1719423526.448:89): pid=7477 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.496" name="file0" dev="sda1" ino=2016 res=0 errno=0
[  279.177617][ T7468] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  279.261310][   T29] audit: type=1326 audit(1719423526.448:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x7fc00000
[  279.287669][ T7468] ext4 filesystem being mounted at /root/syzkaller.PbXZcY/72/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  279.399355][   T29] audit: type=1326 audit(1719423526.578:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f23a4375ae9 code=0x7fc00000
[  279.500145][   T29] audit: type=1326 audit(1719423527.128:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7474 comm="syz.3.496" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x7fc00000
[  279.500179][ T7468] EXT4-fs error (device loop2): ext4_readdir:260: inode #2: block 3: comm syz.2.500: path /root/syzkaller.PbXZcY/72/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  279.790320][ T7497] loop4: detected capacity change from 0 to 512
[  279.869411][ T7497] EXT4-fs: Ignoring removed i_version option
[  279.899413][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  280.012162][ T7503] loop3: detected capacity change from 0 to 512
[  280.025929][ T7503] EXT4-fs: Ignoring removed oldalloc option
[  280.033829][ T7503] ext4: Unknown parameter 'nog'
[  280.153423][ T7497] EXT4-fs: Mount option(s) incompatible with ext3
[  281.250047][ T7494] veth0_vlan: left promiscuous mode
[  281.272816][ T7494] veth0_vlan: entered promiscuous mode
[  281.392519][ T7494] syz.4.508 (7494) used greatest stack depth: 18288 bytes left
[  281.489721][ T7546] loop3: detected capacity change from 0 to 512
[  281.500579][ T7544] loop2: detected capacity change from 0 to 2048
[  281.550064][ T7546] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  281.571763][ T7546] ext4 filesystem being mounted at /root/syzkaller.llzeoE/81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  281.612338][ T7544] Alternate GPT is invalid, using primary GPT.
[  281.645191][ T7544]  loop2: p1 p2 p3
[  281.745218][ T7546] EXT4-fs error (device loop3): ext4_readdir:260: inode #2: block 3: comm syz.3.524: path /root/syzkaller.llzeoE/81/file0: bad entry in directory: rec_len is smaller than minimal - offset=60, inode=113, rec_len=0, size=2048 fake=0
[  281.980072][    C1] TCP: request_sock_TCP: Possible SYN flooding on port 127.0.0.1:20002. Sending cookies.
[  282.148900][ T5337] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  283.357501][  T925] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  283.552665][  T925] usb 6-1: Using ep0 maxpacket: 16
[  283.572507][  T925] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 8
[  283.602262][  T925] usb 6-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 6.00
[  283.634967][  T925] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  283.650938][  T925] usb 6-1: Product: syz
[  283.659984][  T925] usb 6-1: Manufacturer: syz
[  283.669649][  T925] usb 6-1: SerialNumber: syz
[  283.688668][  T925] usb 6-1: config 0 descriptor??
[  283.710785][  T925] ftdi_sio 6-1:0.0: FTDI USB Serial Device converter detected
[  283.738453][  T925] usb 6-1: Detected FT232R
[  283.914492][  T925] ftdi_sio ttyUSB0: Unable to read latency timer: -32
[  284.410473][  T925] usb 6-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  285.535920][ T7584] syz.5.536[7584] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  285.536108][ T7584] syz.5.536[7584] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  285.599808][ T7658] loop1: detected capacity change from 0 to 512
[  285.681671][ T7658] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  285.757510][ T7658] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.559: iget: bad i_size value: -67835469387268086
[  285.817953][ T7658] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.559: couldn't read orphan inode 15 (err -117)
[  285.839229][ T7658] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  285.853277][ T7658] ext2 filesystem being mounted at /root/syzkaller.BsHbrQ/92/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  285.895660][ T7662] can: request_module (can-proto-0) failed.
[  285.909297][ T1151] usb 6-1: USB disconnect, device number 3
[  285.975881][ T1151] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  286.003415][ T1151] ftdi_sio 6-1:0.0: device disconnected
[  286.408964][ T7680] netlink: 8 bytes leftover after parsing attributes in process `syz.3.564'.
[  286.435146][ T7680] tc_dump_action: action bad kind
[  287.108197][ T5338] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  287.698789][ T7710] can: request_module (can-proto-0) failed.
[  288.183570][ T5099] Bluetooth: hci1: command 0x0406 tx timeout
[  288.272542][ T7727] loop3: detected capacity change from 0 to 512
[  288.285500][ T7727] EXT4-fs (loop3): mounting ext2 file system using the ext4 subsystem
[  288.362660][ T7727] EXT4-fs error (device loop3): ext4_orphan_get:1394: inode #15: comm syz.3.582: iget: bad i_size value: -67835469387268086
[  288.396258][ T7727] EXT4-fs error (device loop3): ext4_orphan_get:1399: comm syz.3.582: couldn't read orphan inode 15 (err -117)
[  288.483137][ T7727] EXT4-fs (loop3): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  288.511344][ T7727] ext2 filesystem being mounted at /root/syzkaller.llzeoE/97/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  288.560277][   T29] audit: type=1326 audit(1719423536.248:92): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  288.691234][   T29] audit: type=1326 audit(1719423536.248:93): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  288.876490][   T29] audit: type=1326 audit(1719423536.288:94): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  289.017013][   T29] audit: type=1326 audit(1719423536.288:95): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  289.240242][   T29] audit: type=1326 audit(1719423536.288:96): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  289.487450][   T29] audit: type=1326 audit(1719423536.318:97): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  289.620583][   T29] audit: type=1326 audit(1719423536.318:98): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7734 comm="syz.0.584" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  289.622306][ T5337] EXT4-fs (loop3): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  290.835547][ T7765] loop3: detected capacity change from 0 to 128
[  291.058283][ T7765] EXT4-fs: Ignoring removed i_version option
[  291.075664][ T7765] EXT4-fs (loop3): Test dummy encryption mode enabled
[  291.095496][ T7765] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[  291.132199][ T5154] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  291.281304][ T5157] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[  291.333418][ T5154] usb 2-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  291.352341][ T5154] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  291.380634][ T5154] usb 2-1: config 0 descriptor??
[  291.533361][   T29] audit: type=1326 audit(1719423539.218:99): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7764 comm="syz.3.595" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x0
[  292.209902][ T5157] usb 5-1: Using ep0 maxpacket: 8
[  292.245955][ T5157] usb 5-1: config 179 has an invalid interface number: 65 but max is 0
[  292.254658][ T5157] usb 5-1: config 179 has no interface number 0
[  292.260984][ T5157] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  292.273519][ T5157] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  292.285047][ T5157] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  292.296571][ T5157] usb 5-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  292.308156][ T5157] usb 5-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  292.326945][ T5157] usb 5-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  292.336507][ T5157] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  292.402999][ T7775] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  292.464322][ T7784] pim6reg1: entered promiscuous mode
[  292.505473][ T7784] pim6reg1: entered allmulticast mode
[  292.893145][ T5157] input: Generic X-Box pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:179.65/input/input5
[  293.102037][ T7775] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  293.165830][ T7775] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  293.269142][ T7789] pim6reg1: entered promiscuous mode
[  293.277636][ T7789] pim6reg1: entered allmulticast mode
[  293.572320][ T5238] usb 5-1: USB disconnect, device number 2
[  293.572398][    C0] xpad 5-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  293.586565][    C0] xpad 5-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  293.611505][ T5238] xpad 5-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  294.140868][ T7801] loop3: detected capacity change from 0 to 2048
[  294.203817][ T5154] usb 2-1: Cannot set autoneg
[  294.219521][ T5154] MOSCHIP usb-ethernet driver 2-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  294.253318][ T7801] Alternate GPT is invalid, using primary GPT.
[  294.275568][ T5154] usb 2-1: USB disconnect, device number 4
[  294.280004][ T7801]  loop3: p1 p2 p3
[  295.524855][ T7807] loop1: detected capacity change from 0 to 40427
[  295.697576][ T7807] F2FS-fs (loop1): Invalid log_blocksize (268), supports only 12
[  295.705582][ T7807] F2FS-fs (loop1): Can't find valid F2FS filesystem in 1th superblock
[  295.879702][ T7807] F2FS-fs (loop1): Found nat_bits in checkpoint
[  296.092960][ T7807] F2FS-fs (loop1): Try to recover 1th superblock, ret: 0
[  296.100167][ T7807] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e5
[  296.116886][ T7805] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  296.135461][ T7805] F2FS-fs (loop1): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  296.671058][ T7821] loop4: detected capacity change from 0 to 128
[  296.735317][ T7821] EXT4-fs: Ignoring removed i_version option
[  297.039012][ T7821] EXT4-fs (loop4): Test dummy encryption mode enabled
[  297.283149][ T7821] EXT4-fs (loop4): can't mount with journal_checksum, fs mounted w/o journal
[  297.940543][ T7838] netlink: 4 bytes leftover after parsing attributes in process `syz.0.615'.
[  297.950984][ T7838] openvswitch: netlink: Flow key attr not present in new flow.
[  298.013674][   T29] audit: type=1326 audit(1719423545.698:100): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7820 comm="syz.4.613" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5696175ae9 code=0x0
[  298.812675][ T7844] EXT4-fs warning (device sda1): ext4_group_extend:1861: can't shrink FS - resize aborted
[  300.206557][ T7863] loop3: detected capacity change from 0 to 164
[  300.262327][ T7865] loop1: detected capacity change from 0 to 512
[  300.295536][ T7865] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  300.512458][ T7865] EXT4-fs error (device loop1): ext4_orphan_get:1394: inode #15: comm syz.1.623: iget: bad i_size value: -67835469387268086
[  300.570543][ T7865] EXT4-fs error (device loop1): ext4_orphan_get:1399: comm syz.1.623: couldn't read orphan inode 15 (err -117)
[  300.625640][ T7865] EXT4-fs (loop1): mounted filesystem f7ff0000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  300.679831][ T7865] ext2 filesystem being mounted at /root/syzkaller.BsHbrQ/98/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  301.779070][ T7871] loop2: detected capacity change from 0 to 40427
[  301.787655][ T7871] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  301.795477][ T7871] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  301.901189][ T7871] F2FS-fs (loop2): Found nat_bits in checkpoint
[  302.100353][ T7871] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  302.108753][ T7871] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  302.182254][ T7870] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  302.209861][ T7870] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  304.134523][ T7884] usb usb7: Requested nonsensical USBDEVFS_URB_ZERO_PACKET.
[  304.475290][ T5338] EXT4-fs (loop1): unmounting filesystem f7ff0000-0000-0000-0000-000000000000.
[  304.544945][   T29] audit: type=1326 audit(1719423552.238:101): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.5.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  304.631935][   T29] audit: type=1326 audit(1719423552.238:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.5.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=310 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  304.732235][   T29] audit: type=1326 audit(1719423552.238:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7890 comm="syz.5.631" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  306.168414][ T7905] loop5: detected capacity change from 0 to 40427
[  306.177054][ T7905] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  306.184849][ T7905] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  306.250122][ T7905] F2FS-fs (loop5): Found nat_bits in checkpoint
[  306.311880][ T7905] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  306.318979][ T7905] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  306.352540][ T7904] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  306.362757][ T7904] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  309.056034][ T7940] loop5: detected capacity change from 0 to 40427
[  309.071335][ T7940] F2FS-fs (loop5): Invalid log_blocksize (268), supports only 12
[  309.079122][ T7940] F2FS-fs (loop5): Can't find valid F2FS filesystem in 1th superblock
[  309.155295][ T7940] F2FS-fs (loop5): Found nat_bits in checkpoint
[  309.241687][ T7940] F2FS-fs (loop5): Try to recover 1th superblock, ret: 0
[  309.248774][ T7940] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e5
[  309.280400][ T7939] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  309.293900][ T7939] F2FS-fs (loop5): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  310.510160][   T29] audit: type=1804 audit(1719423558.198:104): pid=7960 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.651" name="/root/syzkaller.llzeoE/115/bus" dev="sda1" ino=1996 res=1 errno=0
[  310.829118][ T7974] loop4: detected capacity change from 0 to 2048
[  310.863564][ T7974] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  310.900166][ T7974] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  312.642043][ T7993] can: request_module (can-proto-0) failed.
[  312.742942][ T7994] loop3: detected capacity change from 0 to 40427
[  312.783723][ T7994] F2FS-fs (loop3): Invalid log_blocksize (268), supports only 12
[  312.792196][ T7994] F2FS-fs (loop3): Can't find valid F2FS filesystem in 1th superblock
[  312.832287][ T7994] F2FS-fs (loop3): Found nat_bits in checkpoint
[  312.886286][ T7994] F2FS-fs (loop3): Try to recover 1th superblock, ret: 0
[  312.893969][ T7994] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  312.927528][ T7990] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  312.993173][ T7990] F2FS-fs (loop3): f2fs_check_nid_range: out-of-range nid=2, run fsck to fix.
[  314.627774][ T8016] fuse: Bad value for 'fd'
[  315.381431][ T8050] can: request_module (can-proto-0) failed.
[  316.831709][ T1236] ieee802154 phy0 wpan0: encryption failed: -22
[  316.838059][ T1236] ieee802154 phy1 wpan1: encryption failed: -22
[  317.037220][   T29] audit: type=1326 audit(1719423564.728:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8077 comm="syz.4.690" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5696175ae9 code=0x0
[  319.218555][ T8121] vlan0: entered promiscuous mode
[  319.231357][ T8121] team0: entered promiscuous mode
[  319.251324][ T8121] team_slave_0: entered promiscuous mode
[  319.273962][ T8121] team_slave_1: entered promiscuous mode
[  319.280165][ T8121] vlan0: entered allmulticast mode
[  319.306830][ T8121] team0: entered allmulticast mode
[  319.341655][ T8121] team_slave_0: entered allmulticast mode
[  319.365480][ T8121] team_slave_1: entered allmulticast mode
[  319.402563][ T8121] team0: left allmulticast mode
[  319.409570][ T8121] team_slave_0: left allmulticast mode
[  319.422603][ T8121] team_slave_1: left allmulticast mode
[  319.445106][ T8121] team0: left promiscuous mode
[  319.463597][ T8121] team_slave_0: left promiscuous mode
[  319.484103][ T8121] team_slave_1: left promiscuous mode
[  319.754402][ T8142] loop4: detected capacity change from 0 to 512
[  319.788980][ T8138] loop2: detected capacity change from 0 to 8192
[  320.241556][ T5172] usb 5-1: new high-speed USB device number 3 using dummy_hcd
[  321.223851][ T5172] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  321.271673][ T5172] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  321.326011][ T5172] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  321.381378][ T5172] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  322.569177][ T5172] usb 5-1: config 0 descriptor??
[  322.661488][ T8173] loop3: detected capacity change from 0 to 256
[  322.767536][ T8173] exFAT-fs (loop3): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3289bd7c, utbl_chksum : 0xe619d30d)
[  322.815260][ T8175] loop1: detected capacity change from 0 to 8192
[  322.875918][ T8181] loop0: detected capacity change from 0 to 512
[  322.929029][ T8181] EXT4-fs (loop0): blocks per group (95) and clusters per group (32768) inconsistent
[  323.035121][ T5172] hid (null): bogus close delimiter
[  323.571358][   T29] audit: type=1800 audit(1719423571.228:106): pid=8177 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.726" name="bus" dev="sda1" ino=1990 res=0 errno=0
[  323.653304][ T8177] loop2: detected capacity change from 0 to 256
[  323.990161][ T5172] usb 5-1: language id specifier not provided by device, defaulting to English
[  324.029701][ T5172] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0003/input/input6
[  324.159769][ T5172] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0003/input/input7
[  324.465985][ T8213] loop0: detected capacity change from 0 to 2048
[  324.479973][ T5172] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0003/input/input8
[  324.510905][ T5172] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.4/usb5/5-1/5-1:0.0/0003:256C:006D.0003/input/input9
[  324.511917][ T8213] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  325.174600][ T5172] uclogic 0003:256C:006D.0003: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.4-1/input0
[  325.308417][ T5172] usb 5-1: USB disconnect, device number 3
[  325.341291][   T29] audit: type=1800 audit(1719423572.938:107): pid=8229 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.743" name="bus" dev="loop0" ino=18 res=0 errno=0
[  325.459958][ T6771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.548433][ T8239] loop1: detected capacity change from 0 to 256
[  325.575092][ T8239] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3289bd7c, utbl_chksum : 0xe619d30d)
[  325.921439][  T925] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  326.208379][  T925] usb 4-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  326.501553][  T925] usb 4-1: config 1 has 2 interfaces, different from the descriptor's value: 3
[  326.533895][  T925] usb 4-1: config 1 has no interface number 1
[  326.540022][  T925] usb 4-1: too many endpoints for config 1 interface 2 altsetting 0: 209, using maximum allowed: 30
[  326.578113][  T925] usb 4-1: config 1 interface 2 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 209
[  326.662063][  T925] usb 4-1: string descriptor 0 read error: -22
[  326.693212][  T925] usb 4-1: New USB device found, idVendor=1d6b, idProduct=0101, bcdDevice= 0.40
[  326.744492][  T925] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  326.966642][  T925] hub 4-1:1.2: bad descriptor, ignoring hub
[  326.989835][  T925] hub 4-1:1.2: probe with driver hub failed with error -5
[  327.059073][  T925] usb 4-1: USB disconnect, device number 6
[  327.133644][ T8270] loop2: detected capacity change from 0 to 2048
[  327.203658][ T8270] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  327.435110][ T8270] syz.2.761 (8270) used greatest stack depth: 17168 bytes left
[  327.496739][ T8284] syz.1.766[8284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  327.496947][ T8284] syz.1.766[8284] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  327.563435][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  327.635618][   T29] audit: type=1326 audit(1719423575.318:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  327.799946][   T29] audit: type=1326 audit(1719423575.318:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  327.806837][ T8294] loop5: detected capacity change from 0 to 256
[  327.843341][   T29] audit: type=1326 audit(1719423575.368:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  327.875360][   T29] audit: type=1326 audit(1719423575.368:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  327.916097][   T29] audit: type=1326 audit(1719423575.368:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  327.973329][ T8294] exFAT-fs (loop5): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  328.004496][   T29] audit: type=1326 audit(1719423575.368:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  328.032004][   T29] audit: type=1326 audit(1719423575.368:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=428 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  328.087346][   T29] audit: type=1326 audit(1719423575.368:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8290 comm="syz.0.769" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  328.141280][ T5172] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[  328.281619][ T5098] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  328.329786][ T5172] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  328.354605][ T5172] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  328.379098][ T5172] usb 4-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  328.400580][ T5172] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.428369][ T5172] usb 4-1: config 0 descriptor??
[  328.473402][ T5098] usb 1-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  328.491321][ T5098] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  328.511461][ T5098] usb 1-1: config 0 descriptor??
[  328.761336][ T5157] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  328.889011][ T5172] hid (null): bogus close delimiter
[  328.941795][ T8330] IPv6: sit1: Disabled Multicast RS
[  328.959069][ T8330] sit1: entered allmulticast mode
[  328.961921][ T5157] usb 6-1: Using ep0 maxpacket: 8
[  328.988848][ T5157] usb 6-1: config 1 has an invalid descriptor of length 102, skipping remainder of the config
[  329.002003][ T5157] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 18
[  329.019189][ T5157] usb 6-1: New USB device found, idVendor=0001, idProduct=8000, bcdDevice= 0.00
[  329.123055][ T5157] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  329.137982][ T5172] usb 4-1: language id specifier not provided by device, defaulting to English
[  329.147221][ T5157] usb 6-1: SerialNumber: syz
[  329.247124][ T5157] hub 6-1:1.0: bad descriptor, ignoring hub
[  329.271713][ T5157] hub 6-1:1.0: probe with driver hub failed with error -5
[  329.341336][ T5098] usb 1-1: Cannot set autoneg
[  329.353540][ T5098] MOSCHIP usb-ethernet driver 1-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  329.363845][ T5157] usb 6-1: bad CDC descriptors
[  329.369884][ T5098] usb 1-1: USB disconnect, device number 4
[  329.983094][ T5157] usb 6-1: USB disconnect, device number 4
[  329.995305][ T5172] input: HID 256c:006d Pen as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0004/input/input10
[  330.029307][ T8337] IPv6: sit1: Disabled Multicast RS
[  330.036665][ T8337] sit1: entered allmulticast mode
[  330.148271][ T5172] input: HID 256c:006d Pad as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0004/input/input11
[  330.168867][ T5172] input: HID 256c:006d Touch Strip as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0004/input/input12
[  330.246756][ T5172] input: HID 256c:006d Dial as /devices/platform/dummy_hcd.3/usb4/4-1/4-1:0.0/0003:256C:006D.0004/input/input13
[  330.285438][ T5172] uclogic 0003:256C:006D.0004: input,hidraw0: USB HID v0.00 Keypad [HID 256c:006d] on usb-dummy_hcd.3-1/input0
[  330.470865][ T5172] usb 4-1: USB disconnect, device number 7
[  330.501279][    T8] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  330.751991][    T8] usb 1-1: Using ep0 maxpacket: 8
[  330.822540][    T8] usb 1-1: config 179 has an invalid interface number: 65 but max is 0
[  330.851368][    T8] usb 1-1: config 179 has no interface number 0
[  330.871453][    T8] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has an invalid bInterval 0, changing to 7
[  330.918521][    T8] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0xF has invalid maxpacket 1025, setting to 1024
[  330.949600][    T8] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  331.000168][    T8] usb 1-1: config 179 interface 65 altsetting 0 endpoint 0x83 has invalid maxpacket 41728, setting to 1024
[  331.029787][    T8] usb 1-1: config 179 interface 65 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 23
[  331.104548][    T8] usb 1-1: New USB device found, idVendor=12ab, idProduct=90a3, bcdDevice=1e.eb
[  331.180104][    T8] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  331.248080][ T8343] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22
[  331.666167][    T8] input: Generic X-Box pad as /devices/platform/dummy_hcd.0/usb1/1-1/1-1:179.65/input/input14
[  331.826371][ T8343] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  331.906236][ T8343] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  332.232747][ T5098] usb 1-1: USB disconnect, device number 5
[  332.232821][    C0] xpad 1-1:179.65: xpad_irq_in - usb_submit_urb failed with result -19
[  332.246885][    C0] xpad 1-1:179.65: xpad_irq_out - usb_submit_urb failed with result -19
[  332.264093][ T5098] xpad 1-1:179.65: xpad_try_sending_next_out_packet - usb_submit_urb failed with result -19
[  333.360688][ T8369] Driver unsupported XDP return value 0 on prog  (id 203) dev N/A, expect packet loss!
[  333.972014][ T5238] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  334.051209][   T29] kauditd_printk_skb: 61 callbacks suppressed
[  334.051377][   T29] audit: type=1800 audit(1719423581.608:177): pid=8377 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.802" name="bus" dev="sda1" ino=2019 res=0 errno=0
[  334.434417][ T5238] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  334.474410][ T5238] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  334.548968][ T5238] usb 3-1: config 0 descriptor??
[  335.329679][ T8381] syzkaller0: entered promiscuous mode
[  335.351204][ T8381] syzkaller0: entered allmulticast mode
[  335.413862][ T5238] usb 3-1: Cannot set autoneg
[  335.418766][ T5238] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  335.456302][ T5238] usb 3-1: USB disconnect, device number 2
[  335.722732][   T29] audit: type=1326 audit(1719423583.418:178): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  335.811183][   T29] audit: type=1326 audit(1719423583.448:179): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  335.901348][   T29] audit: type=1326 audit(1719423583.448:180): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  335.914692][ T8394] loop4: detected capacity change from 0 to 128
[  335.941707][   T29] audit: type=1326 audit(1719423583.448:181): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  335.972833][ T8394] EXT4-fs: Ignoring removed nobh option
[  336.022706][ T8394] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  336.023631][   T29] audit: type=1326 audit(1719423583.448:182): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  336.047965][ T8394] ext4 filesystem being mounted at /root/syzkaller.PVUpNI/147/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  336.111680][   T29] audit: type=1326 audit(1719423583.448:183): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  337.200192][   T29] audit: type=1326 audit(1719423583.448:184): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  337.401510][   T29] audit: type=1326 audit(1719423583.448:185): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=115 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  337.491578][   T29] audit: type=1326 audit(1719423583.448:186): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8387 comm="syz.0.807" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  337.539542][ T8407] loop1: detected capacity change from 0 to 256
[  337.594666][ T8407] exFAT-fs (loop1): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3963664b, utbl_chksum : 0xe619d30d)
[  337.734384][ T5341] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /root/syzkaller.PVUpNI/147/mnt/lost+found: directory fails checksum at offset 1024
[  337.784407][ T5341] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  337.826024][ T5341] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /root/syzkaller.PVUpNI/147/mnt/lost+found: directory fails checksum at offset 1024
[  337.845722][ T5341] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  337.988051][ T8412] fuse: Bad value for 'fd'
[  338.060927][ T5341] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /root/syzkaller.PVUpNI/147/mnt/lost+found: directory fails checksum at offset 1024
[  338.506965][ T5341] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  338.582992][ T5341] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /root/syzkaller.PVUpNI/147/mnt/lost+found: directory fails checksum at offset 1024
[  338.690747][ T5341] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  338.754056][ T5341] EXT4-fs error (device loop4): ext4_readdir:220: inode #11: comm syz-executor: path /root/syzkaller.PVUpNI/147/mnt/lost+found: directory fails checksum at offset 1024
[  338.793831][ T5341] EXT4-fs error (device loop4): ext4_empty_dir:3116: inode #11: block 1: comm syz-executor: Directory block failed checksum
[  341.177311][ T8424] loop0: detected capacity change from 0 to 256
[  341.208124][ T8420] IPv6: sit1: Disabled Multicast RS
[  341.225937][ T8420] sit1: entered allmulticast mode
[  341.808762][ T8424] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000fd4f, chksum : 0x3289bd7c, utbl_chksum : 0xe619d30d)
[  343.456284][ T8439] loop5: detected capacity change from 0 to 256
[  344.393002][ T5341] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  344.511865][ T5331] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  344.733746][ T5331] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.005142][ T5331] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.141789][ T8454] loop2: detected capacity change from 0 to 128
[  345.180699][ T8454] FAT-fs (loop2): Unrecognized mount option "syzkaller" or missing value
[  345.194905][ T5331] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  345.801173][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  345.825034][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  345.838582][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  345.852792][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  345.870134][ T5099] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  345.875160][ T8481] loop3: detected capacity change from 0 to 128
[  345.883914][ T5099] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  345.934503][ T8481] EXT4-fs: Ignoring removed i_version option
[  345.966908][ T8481] EXT4-fs (loop3): Test dummy encryption mode enabled
[  346.018553][ T8481] EXT4-fs (loop3): can't mount with journal_checksum, fs mounted w/o journal
[  346.034998][   T29] kauditd_printk_skb: 48 callbacks suppressed
[  346.035020][   T29] audit: type=1326 audit(1719423593.728:235): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  346.074246][ T5331] bridge_slave_1: left allmulticast mode
[  346.099163][ T5331] bridge_slave_1: left promiscuous mode
[  346.123930][ T5331] bridge0: port 2(bridge_slave_1) entered disabled state
[  346.139066][ T8481] loop3: detected capacity change from 0 to 512
[  346.162705][   T29] audit: type=1326 audit(1719423593.738:236): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  346.194859][ T8481] EXT4-fs (loop3): couldn't mount as ext2 due to feature incompatibilities
[  346.207451][ T5331] bridge_slave_0: left allmulticast mode
[  346.241273][ T5331] bridge_slave_0: left promiscuous mode
[  346.248531][ T5331] bridge0: port 1(bridge_slave_0) entered disabled state
[  346.256645][   T29] audit: type=1326 audit(1719423593.738:237): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  346.295432][   T29] audit: type=1326 audit(1719423593.738:238): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  347.122485][ T8503] fuse: Bad value for 'user_id'
[  347.833907][   T29] audit: type=1326 audit(1719423593.738:239): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  347.933504][ T5099] Bluetooth: hci3: command tx timeout
[  347.989684][   T29] audit: type=1326 audit(1719423593.738:240): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  348.011954][    C0] vkms_vblank_simulate: vblank timer overrun
[  348.019227][   T29] audit: type=1326 audit(1719423593.738:241): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  348.045519][   T29] audit: type=1326 audit(1719423593.738:242): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8485 comm="syz.1.844" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  348.069451][   T29] audit: type=1326 audit(1719423594.318:243): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  348.101221][   T29] audit: type=1326 audit(1719423594.318:244): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8493 comm="syz.1.848" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fac00175ae9 code=0x7ffc0000
[  350.014510][ T5099] Bluetooth: hci3: command tx timeout
[  351.470946][ T5331] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  351.485372][ T5331] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  351.509285][ T5331] bond0 (unregistering): Released all slaves
[  351.526578][ T8522] loop2: detected capacity change from 0 to 40427
[  351.549628][ T8522] F2FS-fs (loop2): Invalid log_blocksize (268), supports only 12
[  351.715407][ T8522] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  351.781942][ T8522] F2FS-fs (loop2): Found nat_bits in checkpoint
[  351.839454][   T29] kauditd_printk_skb: 4 callbacks suppressed
[  351.839477][   T29] audit: type=1326 audit(1719423599.528:249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  351.941685][   T29] audit: type=1326 audit(1719423599.528:250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  351.975419][ T8522] F2FS-fs (loop2): f2fs_check_nid_range: out-of-range nid=1, run fsck to fix.
[  352.031630][   T29] audit: type=1326 audit(1719423599.578:251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=188 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  352.091690][ T5099] Bluetooth: hci3: command tx timeout
[  353.217650][   T29] audit: type=1326 audit(1719423599.578:252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  353.463241][   T29] audit: type=1326 audit(1719423599.578:253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=189 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  353.636976][   T29] audit: type=1326 audit(1719423599.578:254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  353.710739][   T29] audit: type=1326 audit(1719423599.578:255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=192 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  353.821396][   T29] audit: type=1326 audit(1719423599.578:256): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  353.873869][   T29] audit: type=1326 audit(1719423599.578:257): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8540 comm="syz.5.859" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  353.936325][   T29] audit: type=1326 audit(1719423600.708:258): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8549 comm="syz.0.862" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x0
[  354.022291][ T5331] hsr_slave_0: left promiscuous mode
[  354.046490][ T5331] hsr_slave_1: left promiscuous mode
[  354.088382][ T5331] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  354.113792][ T5331] batman_adv: batadv0: Removing interface: batadv_slave_0
[  354.132591][ T5331] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  354.179231][ T5113] Bluetooth: hci3: command tx timeout
[  354.191863][ T5331] batman_adv: batadv0: Removing interface: batadv_slave_1
[  354.229913][ T5331] veth1_macvtap: left promiscuous mode
[  354.238196][ T5331] veth0_macvtap: left promiscuous mode
[  354.647755][ T8584] loop0: detected capacity change from 0 to 512
[  354.668579][ T8584] EXT4-fs: Ignoring removed oldalloc option
[  354.699579][ T8584] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  354.720966][ T8584] EXT4-fs (loop0): 1 truncate cleaned up
[  354.734777][ T8584] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  354.880914][ T6771] EXT4-fs error (device loop0): mb_free_blocks:1948: group 0, inode 16: block 35:freeing already freed block (bit 34); block bitmap corrupt.
[  354.935456][ T6771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  354.974568][ T5113] Bluetooth: hci2: command 0x0406 tx timeout
[  355.123075][ T5331] team0 (unregistering): Port device team_slave_1 removed
[  355.254768][ T5331] team0 (unregistering): Port device team_slave_0 removed
[  357.262842][   T29] kauditd_printk_skb: 23 callbacks suppressed
[  357.262895][   T29] audit: type=1800 audit(1719423604.938:282): pid=8625 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.883" name="bus" dev="sda1" ino=2020 res=0 errno=0
[  357.289287][    C1] vkms_vblank_simulate: vblank timer overrun
[  357.479698][ T8627] loop0: detected capacity change from 0 to 256
[  359.334105][ T8474] chnl_net:caif_netlink_parms(): no params data found
[  359.435999][ T8642] netlink: 'syz.0.890': attribute type 1 has an invalid length.
[  359.514128][ T8642] bond1: entered promiscuous mode
[  359.543759][ T8642] 8021q: adding VLAN 0 to HW filter on device bond1
[  359.600776][ T8648] bond1: (slave bridge2): making interface the new active one
[  359.608586][ T8648] bridge2: entered promiscuous mode
[  359.615534][ T8648] bond1: (slave bridge2): Enslaving as an active interface with an up link
[  361.008508][ T8474] bridge0: port 1(bridge_slave_0) entered blocking state
[  361.085196][ T8474] bridge0: port 1(bridge_slave_0) entered disabled state
[  361.118621][ T8474] bridge_slave_0: entered allmulticast mode
[  361.189493][ T8474] bridge_slave_0: entered promiscuous mode
[  361.243506][ T8474] bridge0: port 2(bridge_slave_1) entered blocking state
[  361.289918][ T8474] bridge0: port 2(bridge_slave_1) entered disabled state
[  361.298041][ T8474] bridge_slave_1: entered allmulticast mode
[  361.312703][ T8474] bridge_slave_1: entered promiscuous mode
[  361.379888][ T8474] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  361.396479][ T8474] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  361.496570][ T8474] team0: Port device team_slave_0 added
[  361.515973][ T8474] team0: Port device team_slave_1 added
[  361.628749][ T8474] batman_adv: batadv0: Adding interface: batadv_slave_0
[  361.651313][ T8474] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.671368][ T8695] loop5: detected capacity change from 0 to 1024
[  361.685823][ T8474] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  361.707780][ T8695] EXT4-fs (loop5): blocks per group (131072) and clusters per group (8192) inconsistent
[  361.731014][ T8474] batman_adv: batadv0: Adding interface: batadv_slave_1
[  361.756253][ T8474] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  361.784169][ T8474] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  361.868481][ T8693] loop5: detected capacity change from 0 to 512
[  361.880295][   T29] audit: type=1326 audit(1719423609.568:283): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8699 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x7ffc0000
[  361.941050][   T29] audit: type=1326 audit(1719423609.598:284): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8699 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=333 compat=0 ip=0x7f23a4375ae9 code=0x7ffc0000
[  362.126016][   T29] audit: type=1326 audit(1719423609.598:285): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8699 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x7ffc0000
[  362.196335][   T29] audit: type=1326 audit(1719423609.598:286): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8699 comm="syz.3.908" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f23a4375ae9 code=0x7ffc0000
[  362.358870][   T29] audit: type=1800 audit(1719423610.038:287): pid=8710 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.909" name="bus" dev="sda1" ino=1985 res=0 errno=0
[  362.587943][ T8713] loop0: detected capacity change from 0 to 256
[  363.235273][ T8474] hsr_slave_0: entered promiscuous mode
[  363.325203][ T8474] hsr_slave_1: entered promiscuous mode
[  363.351426][ T8474] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  363.393425][ T8474] Cannot create hsr debugfs directory
[  364.162221][ T8741] loop0: detected capacity change from 0 to 512
[  364.633883][ T8741] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  364.766285][ T8741] ext4 filesystem being mounted at /root/syzkaller.braB50/94/w��5�T��)�`)Y�F�nA��@T<�3�ڂ$���r�cnH�<�p�r��>�wC�" ��-������8 supports timestamps until 2038-01-19 (0x7fffffff)
[  365.029402][ T6771] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  365.288801][   T29] audit: type=1326 audit(1719423612.978:288): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8758 comm="syz.0.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  365.427131][   T29] audit: type=1326 audit(1719423612.978:289): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8758 comm="syz.0.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  365.581213][   T29] audit: type=1326 audit(1719423613.018:290): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8758 comm="syz.0.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=116 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  365.664565][   T29] audit: type=1326 audit(1719423613.018:291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8758 comm="syz.0.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  365.972319][ T8771] loop1: detected capacity change from 0 to 256
[  366.020087][   T29] audit: type=1326 audit(1719423613.018:292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8758 comm="syz.0.926" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f90d1375ae9 code=0x7ffc0000
[  366.635281][   T29] audit: type=1800 audit(1719423613.428:293): pid=8769 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.928" name="bus" dev="sda1" ino=2021 res=0 errno=0
[  366.891212][   T29] audit: type=1800 audit(1719423614.548:294): pid=8774 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.930" name="bus" dev="sda1" ino=1995 res=0 errno=0
[  367.072977][ T8776] loop0: detected capacity change from 0 to 256
[  367.798897][ T8781] IPv6: sit1: Disabled Multicast RS
[  367.840299][ T8781] sit1: entered allmulticast mode
[  368.413195][ T8790] loop5: detected capacity change from 0 to 128
[  368.430632][ T8790] EXT4-fs: Ignoring removed i_version option
[  368.460025][ T8790] EXT4-fs (loop5): Test dummy encryption mode enabled
[  368.494554][ T8790] EXT4-fs (loop5): can't mount with journal_checksum, fs mounted w/o journal
[  368.627310][ T8790] loop5: detected capacity change from 0 to 512
[  368.669976][ T8790] EXT4-fs (loop5): couldn't mount as ext2 due to feature incompatibilities
[  368.877548][ T8474] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  368.952822][ T8474] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  368.997232][ T8474] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  369.114434][ T8474] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  369.218648][ T8806] fuse: Bad value for 'user_id'
[  369.261946][   T29] audit: type=1326 audit(1719423616.948:295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8789 comm="syz.5.936" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x0
[  369.719734][ T8809] mmap: syz.1.941 (8809) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  369.917296][ T8811] loop2: detected capacity change from 0 to 512
[  369.958355][ T8808] netlink: 'syz.1.941': attribute type 21 has an invalid length.
[  370.019679][ T8808] netlink: 168 bytes leftover after parsing attributes in process `syz.1.941'.
[  370.053665][ T8811] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  370.092673][ T8811] ext4 filesystem being mounted at /root/syzkaller.PbXZcY/140/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  370.248851][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  370.428256][ T8474] 8021q: adding VLAN 0 to HW filter on device bond0
[  370.506980][ T8474] 8021q: adding VLAN 0 to HW filter on device team0
[  370.525429][   T29] audit: type=1326 audit(1719423618.218:296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  370.554994][ T5154] bridge0: port 1(bridge_slave_0) entered blocking state
[  370.562227][ T5154] bridge0: port 1(bridge_slave_0) entered forwarding state
[  370.575867][ T8843] loop3: detected capacity change from 0 to 128
[  370.584847][   T29] audit: type=1326 audit(1719423618.218:297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  370.620134][ T8843] EXT4-fs: Ignoring removed nobh option
[  370.634612][    T8] bridge0: port 2(bridge_slave_1) entered blocking state
[  370.641818][    T8] bridge0: port 2(bridge_slave_1) entered forwarding state
[  370.664407][ T8843] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  370.695262][   T29] audit: type=1326 audit(1719423618.228:298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  370.731963][ T8843] ext4 filesystem being mounted at /root/syzkaller.llzeoE/158/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  370.783665][   T29] audit: type=1326 audit(1719423618.228:299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  370.908747][   T29] audit: type=1326 audit(1719423618.228:300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  371.005875][   T29] audit: type=1326 audit(1719423618.228:301): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  371.028327][   T29] audit: type=1326 audit(1719423618.228:302): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  371.051813][   T29] audit: type=1326 audit(1719423618.228:303): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8838 comm="syz.5.955" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  371.306652][ T8860] loop5: detected capacity change from 0 to 256
[  371.360841][   T29] audit: type=1804 audit(1719423618.538:304): pid=8846 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.957" name="/root/syzkaller.braB50/103/file0" dev="sda1" ino=1992 res=1 errno=0
[  371.625687][ T8843] loop3: detected capacity change from 128 to 0
[  371.698042][ T8865] syz.0.962[8865] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  371.749842][ T5337] bio_check_eod: 3 callbacks suppressed
[  371.749862][ T5337] syz-executor: attempt to access beyond end of device
[  371.749862][ T5337] loop3: rw=12288, sector=8, nr_sectors = 2 limit=0
[  371.894697][ T5337] EXT4-fs warning (device loop3): htree_dirblock_to_tree:1082: inode #2: lblock 0: comm syz-executor: error -5 reading directory block
[  371.951574][    T8] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  371.963333][ T5337] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  371.981915][ T5191] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  372.020073][ T5337] syz-executor: attempt to access beyond end of device
[  372.020073][ T5337] loop3: rw=145409, sector=2, nr_sectors = 2 limit=0
[  372.051315][ T5337] Buffer I/O error on dev loop3, logical block 1, lost sync page write
[  372.059607][ T5337] EXT4-fs (loop3): I/O error while writing superblock
[  372.149738][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.178913][    T8] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  372.191656][ T5191] usb 2-1: Using ep0 maxpacket: 32
[  372.206667][    T8] usb 3-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  372.221806][ T5191] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  372.245280][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.249274][ T5191] usb 2-1: config 4 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  372.268348][    T8] usb 3-1: config 0 descriptor??
[  372.275282][ T5191] usb 2-1: New USB device found, idVendor=046d, idProduct=c314, bcdDevice= 0.40
[  372.295826][ T5191] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  372.320165][ T8474] 8021q: adding VLAN 0 to HW filter on device batadv0
[  372.326073][ T5191] hub 2-1:4.0: USB hub found
[  372.559681][ T5191] hub 2-1:4.0: 8 ports detected
[  372.595158][ T5191] hub 2-1:4.0: insufficient power available to use all downstream ports
[  372.605174][ T6751] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.695946][    T8] hid (null): bogus close delimiter
[  372.761063][ T5191] hub 2-1:4.0: hub_hub_status failed (err = -71)
[  372.767923][ T5191] hub 2-1:4.0: config failed, can't get hub status (err -71)
[  372.834208][ T6751] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  372.882465][ T5191] usb 2-1: USB disconnect, device number 5
[  373.009135][ T6751] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.119853][    T8] uclogic 0003:256C:006D.0005: failed retrieving Huion firmware version: -71
[  373.160019][ T6751] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  373.165300][    T8] uclogic 0003:256C:006D.0005: failed probing parameters: -71
[  373.191324][    T8] uclogic 0003:256C:006D.0005: probe with driver uclogic failed with error -71
[  373.243329][    T8] usb 3-1: USB disconnect, device number 3
[  373.310199][ T8474] veth0_vlan: entered promiscuous mode
[  373.373941][ T8474] veth1_vlan: entered promiscuous mode
[  373.534791][ T8474] veth0_macvtap: entered promiscuous mode
[  373.554809][ T8896] loop1: detected capacity change from 0 to 2048
[  373.573923][ T6751] bridge_slave_1: left allmulticast mode
[  373.579596][ T6751] bridge_slave_1: left promiscuous mode
[  373.596612][ T6751] bridge0: port 2(bridge_slave_1) entered disabled state
[  373.599949][ T8896] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  373.632242][ T6751] bridge_slave_0: left allmulticast mode
[  373.648055][ T6751] bridge_slave_0: left promiscuous mode
[  373.672165][ T6751] bridge0: port 1(bridge_slave_0) entered disabled state
[  373.777640][ T5113] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  373.787975][ T5113] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  373.798783][ T5113] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  373.821683][ T5113] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  373.832635][ T5113] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  373.840944][ T5113] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  373.899632][ T5338] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  375.364583][ T6751] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  375.429272][ T6751] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  375.490271][ T6751] bond0 (unregistering): Released all slaves
[  375.513580][   T29] kauditd_printk_skb: 1 callbacks suppressed
[  375.513599][   T29] audit: type=1326 audit(1719423623.198:306): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.544208][ T8474] veth1_macvtap: entered promiscuous mode
[  375.600435][   T29] audit: type=1326 audit(1719423623.198:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.665691][   T29] audit: type=1326 audit(1719423623.208:308): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.730467][   T29] audit: type=1326 audit(1719423623.208:309): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.753360][   T29] audit: type=1326 audit(1719423623.208:310): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.797350][   T29] audit: type=1326 audit(1719423623.268:311): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.919002][   T29] audit: type=1326 audit(1719423623.268:312): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  375.951859][ T5113] Bluetooth: hci0: command tx timeout
[  375.971589][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  375.988896][   T29] audit: type=1326 audit(1719423623.268:313): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  376.013948][   T29] audit: type=1326 audit(1719423623.268:314): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  376.036464][   T29] audit: type=1326 audit(1719423623.268:315): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8920 comm="syz.5.982" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f3aa4f75ae9 code=0x7ffc0000
[  376.059149][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.069365][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.088829][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.088848][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.088869][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.088894][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.088912][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.088933][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  376.088952][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.093182][ T8474] batman_adv: batadv0: Interface activated: batadv_slave_0
[  376.226162][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.249027][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.264381][ T8935] loop2: detected capacity change from 0 to 512
[  376.299348][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.336094][ T8935] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  376.362393][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.377485][ T8935] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  376.390620][ T8935] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.983: Corrupt directory, running e2fsck is recommended
[  376.463840][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.505036][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.547184][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.577305][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.586537][ T8935] EXT4-fs (loop2): Cannot turn on journaled quota: type 1: error -2
[  376.590075][ T8474] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  376.622288][ T8474] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  376.636872][ T8474] batman_adv: batadv0: Interface activated: batadv_slave_1
[  376.679866][ T8935] EXT4-fs error (device loop2): ext4_xattr_ibody_find:2234: inode #15: comm syz.2.983: corrupted in-inode xattr: invalid ea_ino
[  376.745459][ T8935] EXT4-fs (loop2): Remounting filesystem read-only
[  376.783135][ T8935] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  376.832997][ T8934] EXT4-fs warning (device loop2): dx_probe:877: Directory (ino: 2) htree depth 0x0002 exceedsupported value
[  376.866863][ T8934] EXT4-fs warning (device loop2): dx_probe:880: Enable large directory feature to access it
[  376.890693][ T8934] EXT4-fs warning (device loop2): dx_probe:965: inode #2: comm syz.2.983: Corrupt directory, running e2fsck is recommended
[  377.762667][ T6751] hsr_slave_0: left promiscuous mode
[  378.031463][ T5113] Bluetooth: hci0: command tx timeout
[  378.037022][ T6751] hsr_slave_1: left promiscuous mode
[  378.063691][ T6751] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  378.086201][ T6751] batman_adv: batadv0: Removing interface: batadv_slave_0
[  378.097395][ T6751] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  378.117112][ T6751] batman_adv: batadv0: Removing interface: batadv_slave_1
[  378.186698][ T6751] veth1_macvtap: left promiscuous mode
[  378.203145][ T6751] veth0_macvtap: left promiscuous mode
[  378.219391][ T6751] veth1_vlan: left promiscuous mode
[  378.235147][ T6751] veth0_vlan: left promiscuous mode
[  378.255468][ T1236] ieee802154 phy0 wpan0: encryption failed: -22
[  378.262083][ T1236] ieee802154 phy1 wpan1: encryption failed: -22
[  378.613662][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  378.924165][ T8965] loop2: detected capacity change from 0 to 1024
[  378.933852][ T8965] EXT4-fs: Ignoring removed orlov option
[  378.949885][ T8965] EXT4-fs (loop2): Test dummy encryption mode enabled
[  378.983381][ T8965] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  379.011497][ T8965] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.220937][ T8965] fscrypt: AES-256-CBC-CTS using implementation "cts-cbc-aes-aesni"
[  379.367296][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.543955][ T8971] loop2: detected capacity change from 0 to 1024
[  379.556434][ T8971] EXT4-fs: Ignoring removed orlov option
[  379.569391][ T8971] EXT4-fs (loop2): Test dummy encryption mode enabled
[  379.579548][ T8971] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  379.617066][ T8971] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  379.683563][ T8974] capability: warning: `syz.0.997' uses 32-bit capabilities (legacy support in use)
[  379.761337][ T6588] Bluetooth: hci5: Frame reassembly failed (-84)
[  379.906171][ T8971] fscrypt: AES-256-XTS using implementation "xts-aes-vaes-avx2"
[  380.094774][ T5099] Bluetooth: hci0: command tx timeout
[  380.173050][ T5157] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  380.254907][ T6751] team0 (unregistering): Port device team_slave_1 removed
[  380.300341][ T6751] team0 (unregistering): Port device team_slave_0 removed
[  380.371384][ T5157] usb 1-1: Using ep0 maxpacket: 32
[  380.383508][ T5157] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  380.392093][ T5157] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  380.400798][ T5157] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  380.410087][ T5157] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  380.420055][ T5157] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  380.429943][ T5157] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  380.443517][ T5157] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  380.452716][ T5157] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  380.477627][ T5157] usb 1-1: config 0 descriptor??
[  380.714911][ T5157] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 6 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  380.730701][ T5157] usb 1-1: USB disconnect, device number 6
[  380.752010][ T5157] usblp0: removed
[  380.835716][ T8474] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  380.851383][ T8474] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  380.860162][ T8474] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  380.869099][ T8474] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  381.351787][ T5157] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  381.490992][   T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.499075][   T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.561433][ T5157] usb 1-1: Using ep0 maxpacket: 32
[  381.593234][ T5157] usb 1-1: config index 0 descriptor too short (expected 29220, got 36)
[  381.627199][ T5157] usb 1-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  381.649612][ T5157] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 81
[  381.659030][ T5157] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  381.677643][ T5157] usb 1-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  381.688493][ T5157] usb 1-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  381.704188][   T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  381.731463][   T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  381.747134][ T8899] chnl_net:caif_netlink_parms(): no params data found
[  381.762340][ T5157] usb 1-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  381.771670][ T5113] Bluetooth: hci5: Opcode 0x1003 failed: -110
[  381.782965][ T5157] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  381.793893][ T5157] usb 1-1: config 0 descriptor??
[  382.027198][ T5157] usblp 1-1:0.0: usblp0: USB Bidirectional printer dev 7 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  382.155018][ T8899] bridge0: port 1(bridge_slave_0) entered blocking state
[  382.168237][ T8899] bridge0: port 1(bridge_slave_0) entered disabled state
[  382.175614][ T5113] Bluetooth: hci0: command tx timeout
[  382.200499][ T8899] bridge_slave_0: entered allmulticast mode
[  382.212486][ T8899] bridge_slave_0: entered promiscuous mode
[  382.226567][ T8899] bridge0: port 2(bridge_slave_1) entered blocking state
[  382.234037][ T8899] bridge0: port 2(bridge_slave_1) entered disabled state
[  382.241552][ T8899] bridge_slave_1: entered allmulticast mode
[  382.252667][ T8899] bridge_slave_1: entered promiscuous mode
[  382.335978][ T8899] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  382.370503][ T8899] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  382.384919][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  382.471289][  T925] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  382.540305][ T8899] team0: Port device team_slave_0 added
[  382.565017][ T8899] team0: Port device team_slave_1 added
[  382.566745][   T29] kauditd_printk_skb: 11 callbacks suppressed
[  382.566761][   T29] audit: type=1326 audit(1719423630.258:327): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  382.667584][   T29] audit: type=1326 audit(1719423630.298:328): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  382.701916][ T8899] batman_adv: batadv0: Adding interface: batadv_slave_0
[  382.708877][ T8899] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.747962][  T925] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  382.759516][   T29] audit: type=1326 audit(1719423630.298:329): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  382.768935][  T925] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  382.804081][ T9018] program syz.2.1008 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  382.812601][ T8899] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  382.828535][   T29] audit: type=1326 audit(1719423630.308:330): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  382.833391][ T9017] loop4: detected capacity change from 0 to 1024
[  382.860028][ T8899] batman_adv: batadv0: Adding interface: batadv_slave_1
[  382.869095][  T925] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  382.879647][ T8899] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  382.912839][ T9017] EXT4-fs: Ignoring removed nobh option
[  382.922442][  T925] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  382.938804][ T9017] EXT4-fs: Ignoring removed orlov option
[  382.946472][   T29] audit: type=1326 audit(1719423630.308:331): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  382.974286][ T8899] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  382.980119][  T925] usb 2-1: config 0 descriptor??
[  382.991330][ T9017] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.004152][   T29] audit: type=1326 audit(1719423630.308:332): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  383.026840][   T29] audit: type=1326 audit(1719423630.308:333): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  383.054121][ T9023] loop2: detected capacity change from 0 to 1024
[  383.063010][ T9023] EXT4-fs: Ignoring removed orlov option
[  383.069908][ T9023] EXT4-fs (loop2): Test dummy encryption mode enabled
[  383.078422][ T9023] EXT4-fs (loop2): stripe (7) is not aligned with cluster size (16), stripe is disabled
[  383.091865][   T29] audit: type=1326 audit(1719423630.308:334): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  383.114452][   T29] audit: type=1326 audit(1719423630.308:335): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=135 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  383.130183][ T9023] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  383.137116][   T29] audit: type=1326 audit(1719423630.308:336): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9011 comm="syz.2.1005" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fc63f775ae9 code=0x7ffc0000
[  383.347810][ T8899] hsr_slave_0: entered promiscuous mode
[  383.370246][ T8899] hsr_slave_1: entered promiscuous mode
[  383.398566][ T5866] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  383.418554][ T8899] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  383.437468][ T8899] Cannot create hsr debugfs directory
[  383.485570][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.497899][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.522469][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.533242][ T5098] usb 1-1: USB disconnect, device number 7
[  383.564184][ T5098] usblp0: removed
[  383.581418][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.603188][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.623538][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.631022][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.669343][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.701459][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.716356][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  383.731172][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  384.768195][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  384.803405][ T8474] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  384.821588][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  384.873102][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  384.916720][  T925] plantronics 0003:047F:FFFF.0006: unknown main item tag 0x0
[  384.943310][  T925] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  384.976963][  T925] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  384.998325][  T925] usb 2-1: USB disconnect, device number 6
[  385.136311][ T3883] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.452116][ T3883] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.577510][ T3883] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.720250][ T3883] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.811527][    T8] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  386.008833][ T3883] bridge_slave_1: left allmulticast mode
[  386.028000][    T8] usb 3-1: New USB device found, idVendor=9710, idProduct=7730, bcdDevice=96.33
[  386.039560][ T5099] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  386.041679][ T3883] bridge_slave_1: left promiscuous mode
[  386.053263][ T5099] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  386.061788][ T5099] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  386.064423][    T8] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.085405][ T3883] bridge0: port 2(bridge_slave_1) entered disabled state
[  386.093977][ T5099] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  386.104313][ T5099] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  386.112677][ T5099] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  386.116054][    T8] usb 3-1: config 0 descriptor??
[  386.126357][ T3883] bridge_slave_0: left allmulticast mode
[  386.140864][ T3883] bridge_slave_0: left promiscuous mode
[  386.157089][ T3883] bridge0: port 1(bridge_slave_0) entered disabled state
[  386.288423][ T9054] loop5: detected capacity change from 0 to 1024
[  386.297140][ T9054] EXT4-fs: Ignoring removed nobh option
[  386.302921][ T9054] EXT4-fs: Ignoring removed orlov option
[  386.352233][ T9054] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  386.409499][ T9059] loop0: detected capacity change from 0 to 512
[  386.419470][ T9059] EXT4-fs (loop0): external journal device major/minor numbers have changed
[  386.619252][ T9059] EXT4-fs (loop0): failed to open journal device unknown-block(0,3) -6
[  386.757966][    T8] usb 3-1: Cannot set autoneg
[  386.769335][    T8] MOSCHIP usb-ethernet driver 3-1:0.0: probe with driver MOSCHIP usb-ethernet driver failed with error -71
[  386.796862][    T8] usb 3-1: USB disconnect, device number 4
[  386.947840][ T3883] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  386.959649][ T3883] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  386.971275][ T3883] bond0 (unregistering): Released all slaves
[  387.055037][ T9066] netlink: 'syz.0.1027': attribute type 1 has an invalid length.
[  387.096813][ T9066] bond2: entered promiscuous mode
[  387.102696][ T9066] 8021q: adding VLAN 0 to HW filter on device bond2
[  387.252578][ T5346] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  387.454307][ T8899] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  387.494375][ T8899] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  387.550773][ T8899] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  387.580339][ T8899] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  387.628310][ T3883] hsr_slave_0: left promiscuous mode
[  387.634088][ T5157] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  387.658086][ T3883] hsr_slave_1: left promiscuous mode
[  387.677349][ T3883] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  387.697440][ T3883] batman_adv: batadv0: Removing interface: batadv_slave_0
[  387.718808][ T3883] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  387.726370][ T3883] batman_adv: batadv0: Removing interface: batadv_slave_1
[  387.764891][ T3883] veth1_macvtap: left promiscuous mode
[  387.770463][ T3883] veth0_macvtap: left promiscuous mode
[  387.776642][ T3883] veth1_vlan: left promiscuous mode
[  387.782178][ T3883] veth0_vlan: left promiscuous mode
[  387.844745][ T5157] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  387.879765][ T5157] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  387.903386][ T5157] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  387.929582][ T5157] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  387.953070][ T5157] usb 2-1: config 0 descriptor??
[  388.171467][ T5099] Bluetooth: hci3: command tx timeout
[  388.306137][ T5113] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  388.325046][ T5113] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  388.335403][ T5113] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  388.359002][ T9092] kernel profiling enabled (shift: 0)
[  388.384868][ T5113] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  388.388004][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.407122][ T5113] Bluetooth: hci5: unexpected cc 0x0c25 length: 249 > 3
[  388.414755][ T5113] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  388.440837][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.451531][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.459294][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.467394][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.478064][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.488304][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.557613][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.600911][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.629300][ T5157] plantronics 0003:047F:FFFF.0007: unknown main item tag 0x0
[  388.651108][    C0] ==================================================================
[  388.659214][    C0] BUG: KASAN: stack-out-of-bounds in profile_pc+0xd2/0x170
[  388.666469][    C0] Read of size 8 at addr ffffc9000bcd7260 by task kworker/u8:8/3883
[  388.674458][    C0] 
[  388.676788][    C0] CPU: 0 PID: 3883 Comm: kworker/u8:8 Not tainted 6.10.0-rc5-syzkaller-00018-g55027e689933 #0
[  388.687042][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  388.697119][    C0] Workqueue: netns cleanup_net
[  388.701923][    C0] Call Trace:
[  388.705218][    C0]  <IRQ>
[  388.708082][    C0]  dump_stack_lvl+0x241/0x360
[  388.712806][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  388.718039][    C0]  ? __pfx__printk+0x10/0x10
[  388.722655][    C0]  ? _printk+0xd5/0x120
[  388.726837][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.732493][    C0]  print_report+0x169/0x550
[  388.737024][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.742675][    C0]  ? __virt_addr_valid+0x44e/0x520
[  388.747815][    C0]  ? profile_pc+0xd2/0x170
[  388.752252][    C0]  kasan_report+0x143/0x180
[  388.756783][    C0]  ? profile_pc+0xd2/0x170
[  388.761223][    C0]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  388.767153][    C0]  profile_pc+0xd2/0x170
[  388.771420][    C0]  profile_tick+0xd7/0x150
[  388.775867][    C0]  tick_nohz_handler+0x386/0x500
[  388.780838][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  388.786325][    C0]  __hrtimer_run_queues+0x553/0xd50
[  388.791550][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  388.797559][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  388.803304][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.808948][    C0]  ? ktime_get_update_offsets_now+0x22d/0x250
[  388.815039][    C0]  hrtimer_interrupt+0x396/0x990
[  388.820018][    C0]  __sysvec_apic_timer_interrupt+0x112/0x3f0
[  388.826027][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  388.831681][    C0]  </IRQ>
[  388.834621][    C0]  <TASK>
[  388.837559][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  388.843565][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  388.850098][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 1e 21 6b f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> d3 e9 d4 f5 65 8b 05 44 23 73 74 85 c0 74 43 48 c7 04 24 0e 36
[  388.869725][    C0] RSP: 0018:ffffc9000bcd7260 EFLAGS: 00000206
[  388.875813][    C0] RAX: bbc8f4d5797fbc00 RBX: 1ffff9200179ae50 RCX: ffffffff8172d80a
[  388.883799][    C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb80 RDI: 0000000000000001
[  388.891799][    C0] RBP: ffffc9000bcd72f0 R08: ffffffff92fa758f R09: 1ffffffff25f4eb1
[  388.899870][    C0] R10: dffffc0000000000 R11: fffffbfff25f4eb2 R12: dffffc0000000000
[  388.907854][    C0] R13: 1ffff9200179ae4c R14: ffffc9000bcd7280 R15: 0000000000000246
[  388.915849][    C0]  ? mark_lock+0x9a/0x350
[  388.920210][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  388.926586][    C0]  debug_object_active_state+0x239/0x360
[  388.932250][    C0]  ? __pfx_debug_object_active_state+0x10/0x10
[  388.938433][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.944088][    C0]  ? __pfx_kernfs_free_rcu+0x10/0x10
[  388.949393][    C0]  call_rcu+0xb5/0xa70
[  388.953482][    C0]  ? kernfs_put+0x1c6/0x370
[  388.957996][    C0]  ? __pfx_lock_release+0x10/0x10
[  388.963038][    C0]  ? __pfx_call_rcu+0x10/0x10
[  388.967733][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  388.973384][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  388.978618][    C0]  kernfs_put+0x1dc/0x370
[  388.982998][    C0]  kernfs_remove_by_name_ns+0xe4/0x160
[  388.988512][    C0]  sysfs_remove_group+0xfe/0x2c0
[  388.993481][    C0]  sysfs_remove_groups+0x54/0xb0
[  388.998450][    C0]  device_remove_attrs+0x1dc/0x290
[  389.003595][    C0]  ? __pfx_device_remove_attrs+0x10/0x10
[  389.009257][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.014923][    C0]  ? kernfs_remove_by_name_ns+0x11b/0x160
[  389.020686][    C0]  device_del+0x572/0x9b0
[  389.025296][    C0]  ? __pfx_device_del+0x10/0x10
[  389.030160][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.035791][    C0]  ? netdev_unregister_kobject+0x178/0x250
[  389.041612][    C0]  unregister_netdevice_many_notify+0x11b7/0x16b0
[  389.048044][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  389.054818][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.060451][    C0]  ? unregister_netdevice_queue+0x26b/0x370
[  389.066350][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  389.072599][    C0]  ? batadv_softif_destroy_netlink+0x1e0/0x270
[  389.078758][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.084395][    C0]  default_device_exit_batch+0xa0f/0xa90
[  389.090048][    C0]  ? __pfx___might_resched+0x10/0x10
[  389.095340][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  389.101509][    C0]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  389.107007][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.112637][    C0]  ? cfg802154_pernet_exit+0xc3/0xe0
[  389.117928][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  389.124095][    C0]  cleanup_net+0x89f/0xcc0
[  389.128520][    C0]  ? __pfx_cleanup_net+0x10/0x10
[  389.133466][    C0]  ? process_scheduled_works+0x945/0x1830
[  389.139186][    C0]  process_scheduled_works+0xa2e/0x1830
[  389.144749][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  389.150734][    C0]  ? assign_work+0x364/0x3d0
[  389.155326][    C0]  worker_thread+0x86d/0xd70
[  389.159925][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  389.165838][    C0]  ? __kthread_parkme+0x169/0x1d0
[  389.170869][    C0]  ? __pfx_worker_thread+0x10/0x10
[  389.175985][    C0]  kthread+0x2f2/0x390
[  389.180058][    C0]  ? __pfx_worker_thread+0x10/0x10
[  389.185169][    C0]  ? __pfx_kthread+0x10/0x10
[  389.189766][    C0]  ret_from_fork+0x4d/0x80
[  389.194193][    C0]  ? __pfx_kthread+0x10/0x10
[  389.198791][    C0]  ret_from_fork_asm+0x1a/0x30
[  389.203575][    C0]  </TASK>
[  389.206586][    C0] 
[  389.208902][    C0] The buggy address belongs to stack of task kworker/u8:8/3883
[  389.216434][    C0]  and is located at offset 0 in frame:
[  389.221967][    C0]  _raw_spin_unlock_irqrestore+0x0/0x140
[  389.227610][    C0] 
[  389.229924][    C0] This frame has 1 object:
[  389.234328][    C0]  [32, 40) 'flags.i.i.i.i'
[  389.234344][    C0] 
[  389.241141][    C0] The buggy address belongs to the virtual mapping at
[  389.241141][    C0]  [ffffc9000bcd0000, ffffc9000bcd9000) created by:
[  389.241141][    C0]  copy_process+0x5d1/0x3dc0
[  389.258765][    C0] 
[  389.261080][    C0] The buggy address belongs to the physical page:
[  389.267491][    C0] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x2d5ad
[  389.276245][    C0] flags: 0xfff00000000000(node=0|zone=1|lastcpupid=0x7ff)
[  389.283354][    C0] raw: 00fff00000000000 0000000000000000 dead000000000122 0000000000000000
[  389.291938][    C0] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000
[  389.300512][    C0] page dumped because: kasan: bad access detected
[  389.306911][    C0] page_owner tracks the page as allocated
[  389.312645][    C0] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x2dc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_NOWARN|__GFP_ZERO), pid 12, tgid 12 (kworker/u8:1), ts 19866162866, free_ts 0
[  389.330619][    C0]  post_alloc_hook+0x1f3/0x230
[  389.335391][    C0]  get_page_from_freelist+0x2e43/0x2f00
[  389.340943][    C0]  __alloc_pages_noprof+0x256/0x6c0
[  389.346150][    C0]  alloc_pages_mpol_noprof+0x3e8/0x680
[  389.351618][    C0]  __vmalloc_node_range_noprof+0x971/0x1460
[  389.357510][    C0]  dup_task_struct+0x444/0x8c0
[  389.362273][    C0]  copy_process+0x5d1/0x3dc0
[  389.366863][    C0]  kernel_clone+0x226/0x8f0
[  389.371365][    C0]  user_mode_thread+0x132/0x1a0
[  389.376222][    C0]  call_usermodehelper_exec_work+0x5c/0x230
[  389.382110][    C0]  process_scheduled_works+0xa2e/0x1830
[  389.387656][    C0]  worker_thread+0x86d/0xd70
[  389.392247][    C0]  kthread+0x2f2/0x390
[  389.396317][    C0]  ret_from_fork+0x4d/0x80
[  389.400741][    C0]  ret_from_fork_asm+0x1a/0x30
[  389.405512][    C0] page_owner free stack trace missing
[  389.410867][    C0] 
[  389.413181][    C0] Memory state around the buggy address:
[  389.418810][    C0]  ffffc9000bcd7100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  389.426873][    C0]  ffffc9000bcd7180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
[  389.434927][    C0] >ffffc9000bcd7200: 00 00 00 00 00 00 00 00 00 00 00 00 f1 f1 f1 f1
[  389.442978][    C0]                                                        ^
[  389.450161][    C0]  ffffc9000bcd7280: 00 f3 f3 f3 00 00 00 00 00 00 00 00 00 00 00 00
[  389.458217][    C0]  ffffc9000bcd7300: 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 f3 f3 f3
[  389.466358][    C0] ==================================================================
[  389.474411][    C0] Kernel panic - not syncing: KASAN: panic_on_warn set ...
[  389.481597][    C0] CPU: 0 PID: 3883 Comm: kworker/u8:8 Not tainted 6.10.0-rc5-syzkaller-00018-g55027e689933 #0
[  389.491831][    C0] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 06/07/2024
[  389.501890][    C0] Workqueue: netns cleanup_net
[  389.506664][    C0] Call Trace:
[  389.509938][    C0]  <IRQ>
[  389.512784][    C0]  dump_stack_lvl+0x241/0x360
[  389.517474][    C0]  ? __pfx_dump_stack_lvl+0x10/0x10
[  389.522684][    C0]  ? __pfx__printk+0x10/0x10
[  389.527282][    C0]  ? rcu_is_watching+0x15/0xb0
[  389.532051][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.537682][    C0]  ? vscnprintf+0x5d/0x90
[  389.542010][    C0]  panic+0x349/0x860
[  389.545910][    C0]  ? __pfx_lock_release+0x10/0x10
[  389.550938][    C0]  ? check_panic_on_warn+0x21/0xb0
[  389.556058][    C0]  ? __pfx_panic+0x10/0x10
[  389.560481][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.566112][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  389.571327][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.576958][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  389.582868][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.589212][    C0]  check_panic_on_warn+0x86/0xb0
[  389.594161][    C0]  ? profile_pc+0xd2/0x170
[  389.598588][    C0]  end_report+0x77/0x160
[  389.602841][    C0]  kasan_report+0x154/0x180
[  389.607361][    C0]  ? profile_pc+0xd2/0x170
[  389.611792][    C0]  ? _raw_spin_unlock_irqrestore+0xd8/0x140
[  389.617700][    C0]  profile_pc+0xd2/0x170
[  389.621949][    C0]  profile_tick+0xd7/0x150
[  389.626377][    C0]  tick_nohz_handler+0x386/0x500
[  389.631331][    C0]  ? __pfx_tick_nohz_handler+0x10/0x10
[  389.636801][    C0]  __hrtimer_run_queues+0x553/0xd50
[  389.642010][    C0]  ? ktime_get_update_offsets_now+0x3c/0x250
[  389.648003][    C0]  ? __pfx___hrtimer_run_queues+0x10/0x10
[  389.653730][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.659359][    C0]  ? ktime_get_update_offsets_now+0x22d/0x250
[  389.665433][    C0]  hrtimer_interrupt+0x396/0x990
[  389.670396][    C0]  __sysvec_apic_timer_interrupt+0x112/0x3f0
[  389.676390][    C0]  sysvec_apic_timer_interrupt+0xa1/0xc0
[  389.682032][    C0]  </IRQ>
[  389.684958][    C0]  <TASK>
[  389.687881][    C0]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  389.693874][    C0] RIP: 0010:_raw_spin_unlock_irqrestore+0xd8/0x140
[  389.700393][    C0] Code: 9c 8f 44 24 20 42 80 3c 23 00 74 08 4c 89 f7 e8 1e 21 6b f6 f6 44 24 21 02 75 52 41 f7 c7 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> d3 e9 d4 f5 65 8b 05 44 23 73 74 85 c0 74 43 48 c7 04 24 0e 36
[  389.720002][    C0] RSP: 0018:ffffc9000bcd7260 EFLAGS: 00000206
[  389.726073][    C0] RAX: bbc8f4d5797fbc00 RBX: 1ffff9200179ae50 RCX: ffffffff8172d80a
[  389.734045][    C0] RDX: dffffc0000000000 RSI: ffffffff8bcabb80 RDI: 0000000000000001
[  389.742016][    C0] RBP: ffffc9000bcd72f0 R08: ffffffff92fa758f R09: 1ffffffff25f4eb1
[  389.749987][    C0] R10: dffffc0000000000 R11: fffffbfff25f4eb2 R12: dffffc0000000000
[  389.757955][    C0] R13: 1ffff9200179ae4c R14: ffffc9000bcd7280 R15: 0000000000000246
[  389.765931][    C0]  ? mark_lock+0x9a/0x350
[  389.770269][    C0]  ? __pfx__raw_spin_unlock_irqrestore+0x10/0x10
[  389.776613][    C0]  debug_object_active_state+0x239/0x360
[  389.782259][    C0]  ? __pfx_debug_object_active_state+0x10/0x10
[  389.788421][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.794059][    C0]  ? __pfx_kernfs_free_rcu+0x10/0x10
[  389.799344][    C0]  call_rcu+0xb5/0xa70
[  389.803509][    C0]  ? kernfs_put+0x1c6/0x370
[  389.808014][    C0]  ? __pfx_lock_release+0x10/0x10
[  389.813044][    C0]  ? __pfx_call_rcu+0x10/0x10
[  389.817727][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.823356][    C0]  ? do_raw_spin_unlock+0x13c/0x8b0
[  389.828568][    C0]  kernfs_put+0x1dc/0x370
[  389.832901][    C0]  kernfs_remove_by_name_ns+0xe4/0x160
[  389.838365][    C0]  sysfs_remove_group+0xfe/0x2c0
[  389.843316][    C0]  sysfs_remove_groups+0x54/0xb0
[  389.848265][    C0]  device_remove_attrs+0x1dc/0x290
[  389.853390][    C0]  ? __pfx_device_remove_attrs+0x10/0x10
[  389.859036][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.864669][    C0]  ? kernfs_remove_by_name_ns+0x11b/0x160
[  389.870393][    C0]  device_del+0x572/0x9b0
[  389.874741][    C0]  ? __pfx_device_del+0x10/0x10
[  389.879602][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.885234][    C0]  ? netdev_unregister_kobject+0x178/0x250
[  389.891054][    C0]  unregister_netdevice_many_notify+0x11b7/0x16b0
[  389.897488][    C0]  ? __pfx_unregister_netdevice_many_notify+0x10/0x10
[  389.904260][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.909892][    C0]  ? unregister_netdevice_queue+0x26b/0x370
[  389.915793][    C0]  ? __pfx_unregister_netdevice_queue+0x10/0x10
[  389.922043][    C0]  ? batadv_softif_destroy_netlink+0x1e0/0x270
[  389.928200][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.933833][    C0]  default_device_exit_batch+0xa0f/0xa90
[  389.939487][    C0]  ? __pfx___might_resched+0x10/0x10
[  389.944776][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  389.950941][    C0]  ? __pfx_rdma_dev_exit_net+0x10/0x10
[  389.956408][    C0]  ? srso_alias_return_thunk+0x5/0xfbef5
[  389.962040][    C0]  ? cfg802154_pernet_exit+0xc3/0xe0
[  389.967331][    C0]  ? __pfx_default_device_exit_batch+0x10/0x10
[  389.973496][    C0]  cleanup_net+0x89f/0xcc0
[  389.977917][    C0]  ? __pfx_cleanup_net+0x10/0x10
[  389.982866][    C0]  ? process_scheduled_works+0x945/0x1830
[  389.988585][    C0]  process_scheduled_works+0xa2e/0x1830
[  389.994152][    C0]  ? __pfx_process_scheduled_works+0x10/0x10
[  390.000137][    C0]  ? assign_work+0x364/0x3d0
[  390.004730][    C0]  worker_thread+0x86d/0xd70
[  390.009367][    C0]  ? _raw_spin_unlock_irqrestore+0xdd/0x140
[  390.015279][    C0]  ? __kthread_parkme+0x169/0x1d0
[  390.020306][    C0]  ? __pfx_worker_thread+0x10/0x10
[  390.025419][    C0]  kthread+0x2f2/0x390
[  390.029497][    C0]  ? __pfx_worker_thread+0x10/0x10
[  390.034609][    C0]  ? __pfx_kthread+0x10/0x10
[  390.039203][    C0]  ret_from_fork+0x4d/0x80
[  390.043629][    C0]  ? __pfx_kthread+0x10/0x10
[  390.048222][    C0]  ret_from_fork_asm+0x1a/0x30
[  390.053008][    C0]  </TASK>
[  390.056128][    C0] Kernel Offset: disabled
[  390.060440][    C0] Rebooting in 86400 seconds..