last executing test programs:

1m6.494648861s ago: executing program 3 (id=82):
sendmmsg$inet(0xffffffffffffffff, &(0x7f0000003240)=[{{&(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10, &(0x7f00000016c0)=[{&(0x7f0000001540)="94", 0xffe3}], 0x1}}], 0x1, 0x4000800)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
set_mempolicy(0x3, &(0x7f0000000040)=0x10000000005, 0x7)
setsockopt$SO_ATTACH_FILTER(r1, 0x1, 0x1a, &(0x7f0000ab9ff0)={0x1, &(0x7f0000000000)=[{0x6}]}, 0x10)
sendmmsg$inet(r0, &(0x7f0000002c40)=[{{0x0, 0x2c, &(0x7f0000000e80)=[{&(0x7f0000000a80)="2a73ed35", 0x732a}], 0x1}}], 0x400000000000292, 0x0)

1m5.778505115s ago: executing program 3 (id=86):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
fcntl$setpipe(r1, 0x407, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x20202, 0x0)
writev(r3, &(0x7f00000013c0)=[{&(0x7f0000000180)="a044b2cfa90a", 0x6}], 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0xa, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r5, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x1071)
clock_gettime(0x0, &(0x7f00000000c0)={<r10=>0x0, <r11=>0x0})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000180)=<r12=>0xffffffffffffffff)
r13 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r13, 0x2, &(0x7f0000000280))
ioctl$vim2m_VIDIOC_PREPARE_BUF(r8, 0xc058565d, &(0x7f00000003c0)=@multiplanar_mmap={0xca, 0x1, 0x4, 0x100, 0x10, {r10, r11/1000+10000}, {0x3, 0x8, 0x9, 0x4, 0x7, 0x40, "6d0345c2"}, 0x9, 0x1, {&(0x7f0000000340)=[{0x6, 0x40000000, {0x9}, 0x8}, {0x0, 0x9, {0x28000000}, 0x2}]}, 0x1, 0x0, r12})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001a40)=@newtfilter={0x38, 0x2c, 0xd2b, 0x800, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x10, 0xfff1}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xb, 0xfff2}}]}}]}, 0x38}}, 0x24044094)

1m4.518213942s ago: executing program 3 (id=88):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x22000414, &(0x7f00000000c0)={[{@noblock_validity}, {@journal_ioprio}, {@jqfmt_vfsv1}, {@oldalloc}, {@noquota}, {@grpjquota, 0x2e}, {@usrquota}, {@grpid}, {@grpid}, {@delalloc}], [], 0x2c}, 0x84, 0x4c8, &(0x7f0000000e40)="$eJzs3MuPFMUfAPBv9z54LczCj5/KQxlfcSO6yy6oHDyg0YSLiYke8LguK0EWMOyaCCECxuDR6D+gHk1MPHnxpIkx6knjVe/GhBguoAczpme62RnmsbNvZT6fZGaruqum+tvdNVPTtT0B9Kxy9pREDEXELxFRqmUbC5Rrf25evzj15/WLU0lUKi/9kVTL3bh+caooWtTbkmdG0oj03ST2tGh39vyFU5MzM9Pn8vzY3Ok3xmbPX3j85OnJE9Mnps9MHD586OD4U09OPNFVHJcWWJ/FdWP322f37jr6ygcvTFXi1e8/y7Z3KF9fH0fNcFftdlKOclRy80sHq88PL/vV/1221qWT/nXcEBalLyKywzVQ7f+l6Iv5g1eK59+5lfmmue6Ha7WRwKrIPpu2Ny3tq/3pzwsAd6hEF4ceVXziZ99/i8eaDkDW2bVnsufpavw380dtTX+k2XfZ4do39r429e/q/PKV0gLtD0XEsct/fZQ9ouV1CACAlfVVNv55rNX4L20Y22zL51CGI2J/ROyIiP9FxM6I+H8+Dro7Iu5ZZPvl2/LN45+fNi0psC5tjoin87mtxvFfmpdIbuW2VuMfSF47OTN9IN8nIzGwIcuPd2jj6+d+fr/dunLd+C97ZO0XY8F8O37v39BY5/jk3OQyQm5w7UrE7v5W8Se3ZgKyPbArInYv4fWzfXby0U/3ZultW5rXLxx/Byswz1T5JOKR2vG/HLfFX0hqLbWbnxzbGDPTB8aKs6LZDz9efbE+P1CXno8/4tjG7mLauNRgW8iO/+aW538ef9ENivna2cW3cfXX99p+p2k+/klk+2Jefv7XvQtk5/9g8nI1PZgve2tybu7ceMRgvqBh+cR83SJflM/iH3mwdf/fEfH3x3m9PRGRncT3RsR9EbEv3/b7I+KBBY7Id88+9HrnPVQX/5Ho/vyPK90V6yCL/3in4x8xnNTP1y8h0Xfq2y/btd/d+9+hamokX9LN+1+3G7icfQcAAAD/FWmlFEORpKP5pZ6huotTO2NzOnN2dm5/Od48c7w2Vz0cA2lxpatUdz10PL82XOQnbssfjIjt1f802lTNj06dndm6noED1Xt1Gvp/pOnoaG3db+3+6QW4cyxqHq3+7sDPv1j5jQHWlPs1oXfp/9C79H/oXfo/9K5W/f9SxM112BRgjfn8h96l/0Pv0v+hd+n/0JOab4kvfmhhKXf6zyd2HF1W9VVPVEqr8sqXF1+rb5Uijfof7WibSCJiaU1E2rnMYBetr1siXbDMkYV2y8CyfhMjS+zLExsiottal9ZsrxbvEEmybm9OAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK+CfAAAA//9TiNqu")
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f00000000c0)='./file0\x00', 0x0, &(0x7f0000000100), 0x1, 0x500, &(0x7f0000000500)="$eJzs3U9sI1cZAPBvJn/sTdMmhR4AFbqUwoJWayfeNqp6oZwqhCoheuSwDYkTRbHjKHZKE/aQPXJHohInOHHmgMQBqSfuSBzgxqUckAqsQA0SByOP7V3njzfWbmzvxr+fNJo38+L53tvRvGd91s4LYGJdj4ijiJiNiPcjYqFzPuls8XZ7a/3dZ/fvrh3fv7uWRLP53j+TrL51Lno+0/Jc55r5iPjBOxE/Sk4F/VNE/eBwe7VSKe91ThUb1d1i/eDw1lZ1dbO8Wd4plVaWV5bevP1G6dL6+kr1N59ei4jf/+7Ln/zx6Fs/aTVrvlPX24/L1O76zIM4LdMR8b1hBBuDqU5/Zh/nw4/1IS5TGhGfi4hXs+d/Iaayu3nSydv07RG2DgAYhmZzIZoLvccAwFWXZjmwJC10cgHzkaaFQjuH91LMpZVavXFzo7a/s97OlS3GTLqxVSkvdXKFizGTbGxNl5ezcve4Ui6dOr4dES9GxM9y17Ljwlqtsj7OLz4AMMGeOzX//yfXnv8BgCsu/7CYG2c7AIDRyY+7AQDAyJn/AWDymP8BYPKY/wFg8pj/AWDymP8BYKJ8/913W1vzuPP+6/UPDva3ax/cWi/XtwvV/bXCWm1vt7BZq21m7+ypXnS9Sq22u/x67H9YbJTrjWL94PBOtba/07iTvdf7TnlmJL0CAB7lxVc+/ksSEUdvXcu26Hnf/4Vz9cvDbh0wTOm4GwCMzdS4GwCMzdnVvoBJIR8P9CzRe6/ndP5M4bSPBrp8at1QePrc+OIT5P+BZ5r8P0yux8v/+y4PV4H8P0yuZjOx5j8ATBg5fiC5oL739/+lZs/BYL//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJU0n21JWuisBT4faVooRDwfEYsxk2xsVcpLEfFCRPw5N5NrHS9HhHWDAOBZlv496az/dWPhtfnTtbO5/+ayfUT8+Bfv/fzD1UZjbzliNvnXg/ONjzrnS+NoPwBwke483Z3Huz67f3etu42yPZ9+p724aCvucWdr10zHdLbPZ7mGuX8nneO21veVqUuIf3QvIr5wXv+TLDey2Fn59HT8VuznRxo/PRE/zera+9a/xecvoS0waT5ujT9vn/f8pXE925///OezEerJdce/4zPjX/pg/JvqM/5dHzTG63/47pmTzYV23b2IL01HHHcv3jP+dOMnfeK/NmD8v778lVf71TV/GXEjzut/ciJWsVHdLdYPDm9tVVc3y5vlnVJpZXll6c3bb5SKWY662M1Un/WPt26+0C9+q/9zfeLnL+j/1wfs/6/+9/4Pv/qI+N/82vn3/6VHxG/Nid8YMP7q3G/z/epa8df79P+i+39zwPif/O1wfcA/BQBGoH5wuL1aqZT3hl1Ihx8iKyQRRyPoTruQ+/VP3xlVrCEW4ulohsLTVBj3yAQM28OHftwtAQAAAAAAAAAAAAAA+hnFfycadx8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC4uv4fAAD//5iA1Hs=")
mkdir(&(0x7f0000000280)='./bus\x00', 0x54)
mkdir(&(0x7f00000020c0)='./file1\x00', 0x28c)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})

1m3.481327699s ago: executing program 3 (id=92):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./bus\x00', 0xe, &(0x7f0000000200)={[{@quota}, {@oldalloc}, {@barrier_val={'barrier', 0x3d, 0x3}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x7c}}, {@block_validity}, {@jqfmt_vfsv1}]}, 0x3, 0x434, &(0x7f0000000940)="$eJzs289vFFUcAPDvzLZFKNiK+IOCWkVj44+WFlQOXjSaeNDERA94rG0hlYUaWhMhjVZj8GhIvBuPJv4FnvRi1JOJV70bEmJ6AT2tmd2ZdrvdLW3ZdtH9fJKB92be5n2/O/N238zrBtC1hrN/koj9EfF7RAzUqmsbDNf+u7m8OPX38uJUEpXKW38l1XY3lheniqbF6/rzykgakX6WxJEm/c5funxuslyeuZjXxxbOvz82f+nys7PnJ8/OnJ25MHHq1MkT4y88P/FcW/LMYrox9NHc0cOvvXP1janTV9/9+dukyL8hjzYZ3ujgE5VKm7vrrAN15aSng4GwJaWIyE5Xb3X8D0QpVk/eQLz6aUeDA3ZUpVKp9Lc+vFQB/seS6HQEQGcUX/TZ/W+x7dLU445w/aXaDVCW9818qx3piTRv09twf9tOwxFxeumfr7ItduY5BADAGt9n859nms3/0ri/rt3d+drQYETcExEHI+LeiDgUEfdFVNs+EBEPbrH/xkWS9fOf9Nq2EtukbP73Yr62tXb+V8z+YrCU1w5U8+9NzsyWZ47n78lI9O7J6uMb9PHDK7990epY/fwv27L+i7lgHse1nj1rXzM9uTB5OznXu/5JxFBPs/yTlZWAJCIOR8TQNvuYfeqbo62O3Tr/DbRhnanydcSTtfO/FA35F5KN1yfH7oryzPGx4qpY75dfr7zZqv/byr8NsvO/r+n1v5L/YFK/Xju/9T6u/PF5y3ua7V7/fcnb1XJfvu/DyYWFi+MRfcnrtaDr90+svraoF+2z/EeONR//B2P1nTgSEdlF/FBEPBwRj+SxPxoRj0XEsQ3y/+nlx9/bfv47K8t/ekvnf7XQF417mhdK5378bk2ng1vJPzv/J6ulkXzPZj7/NhPX9q5mAAAA+O9JI2J/JOnoSjlNR0drfy9/KPal5bn5hafPzH1wYbr2G4HB6E2LJ10Ddc9Dx/Pb+qI+0VA/kT83/rK0t1ofnZorT3c6eehy/S3Gf+bPUqejA3ac32tB9zL+oXsZ/9C9jH/oXk3G/95OxAHsvmbf/x93IA5g9zWMf8t+0EXc/0P3Mv6hexn/0JXm98atfySvoLCuEOkdEYbCDhU6/ckEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADQHv8GAAD//5LX5s8=")
mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x109041, 0x0)
mount$bind(0x0, &(0x7f0000000140)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0/file0\x00', &(0x7f0000000340)='./file0/file0\x00', 0x0, 0x81105a, 0x0)
mount$bind(&(0x7f0000000100)='./file0/../file0\x00', &(0x7f0000000080)='./file0/file0/file0\x00', 0x0, 0x887008, 0x0)

1m2.721582383s ago: executing program 3 (id=100):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
fcntl$setpipe(r1, 0x407, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x20202, 0x0)
writev(r3, &(0x7f00000013c0)=[{&(0x7f0000000180)="a044b2cfa90a", 0x6}], 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0xa, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r5, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}}, 0x24}}, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x1071)
clock_gettime(0x0, &(0x7f00000000c0)={<r10=>0x0, <r11=>0x0})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000180)=<r12=>0xffffffffffffffff)
r13 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r13, 0x2, &(0x7f0000000280))
ioctl$vim2m_VIDIOC_PREPARE_BUF(r8, 0xc058565d, &(0x7f00000003c0)=@multiplanar_mmap={0xca, 0x1, 0x4, 0x100, 0x10, {r10, r11/1000+10000}, {0x3, 0x8, 0x9, 0x4, 0x7, 0x40, "6d0345c2"}, 0x9, 0x1, {&(0x7f0000000340)=[{0x6, 0x40000000, {0x9}, 0x8}, {0x0, 0x9, {0x28000000}, 0x2}]}, 0x1, 0x0, r12})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001a40)=@newtfilter={0x38, 0x2c, 0xd2b, 0x800, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x10, 0xfff1}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xb, 0xfff2}}]}}]}, 0x38}}, 0x24044094)

1m1.908688608s ago: executing program 3 (id=105):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00')
pread64(r0, &(0x7f0000000180)=""/43, 0xfd8a, 0x3c)
open(&(0x7f0000000040)='./bus\x00', 0x145943, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount(0x0, &(0x7f0000000500)='./bus\x00', &(0x7f0000000540)='virtiofs\x00', 0x80c000, &(0x7f0000000580)='dax,always')

1m1.42751076s ago: executing program 32 (id=105):
r0 = syz_open_procfs(0x0, &(0x7f00000000c0)='net/igmp\x00')
pread64(r0, &(0x7f0000000180)=""/43, 0xfd8a, 0x3c)
open(&(0x7f0000000040)='./bus\x00', 0x145943, 0x80)
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
mount(0x0, &(0x7f0000000500)='./bus\x00', &(0x7f0000000540)='virtiofs\x00', 0x80c000, &(0x7f0000000580)='dax,always')

4.577645213s ago: executing program 0 (id=419):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000000)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000fc0)={&(0x7f00000001c0)={0x30, r1, 0x1, 0x0, 0x0, {{0x2}, {@val={0x8, 0x3, r3}, @val={0xc}}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x1743}]]}, 0x30}, 0x1, 0x0, 0x0, 0xc804}, 0x0)

4.420835164s ago: executing program 0 (id=422):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r0, 0x84, 0x6b, &(0x7f00000020c0)=[@in6={0xa, 0x4e20, 0x6, @ipv4={'\x00', '\xff\xff', @rand_addr=0x64010100}, 0x1}], 0x1c)
setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(r0, 0x84, 0xc, &(0x7f0000000200), 0x4)
listen(r0, 0xfff)
accept4(r0, &(0x7f0000000240)=@x25, 0x0, 0x800)

4.229549375s ago: executing program 5 (id=423):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
r1 = syz_io_uring_setup(0x234, &(0x7f0000000580)={0x0, 0x2, 0x1000, 0x2, 0x2}, &(0x7f0000000000)=<r2=>0x0, &(0x7f0000000100)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000009c0)=@IORING_OP_WRITE={0x17, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0xffffffffffffff31})
io_uring_enter(r1, 0x207a98, 0x0, 0x0, 0x0, 0x0)

4.016961686s ago: executing program 5 (id=426):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000002c0), 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r3=>0x0})
sendmsg$NL80211_CMD_JOIN_MESH(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000140)={0x38, r1, 0x201, 0x70bd28, 0x25dfdc00, {{}, {@val={0x8, 0x3, r3}, @void}}, [@chandef_params=[@NL80211_ATTR_WIPHY_FREQ={0x8, 0x26, @random=0x16ad}], @NL80211_ATTR_MESH_ID={0xa}, @NL80211_ATTR_BSS_BASIC_RATES={0x5, 0x24, [{0x36, 0x1}]}]}, 0x38}, 0x1, 0x0, 0x0, 0x24004880}, 0x0)

3.832996797s ago: executing program 5 (id=429):
r0 = syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESDEC], 0x0)
syz_usb_control_io$cdc_ncm(r0, 0x0, &(0x7f0000000b80)={0x44, &(0x7f0000000900)=ANY=[@ANYBLOB="00150b"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
syz_usb_ep_write(r0, 0x81, 0x8, &(0x7f0000000080)="00012c615bc20000")
r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0)
read$char_usb(r1, 0x0, 0x0)

3.516427329s ago: executing program 2 (id=433):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000023c0)=@base={0x5, 0x4, 0x8, 0x1, 0x0, 0xffffffffffffffff, 0x7fff}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r0}, &(0x7f0000000240), &(0x7f00000002c0)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x11, 0xd, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001000000850000002a00000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r1}, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)

3.38959869s ago: executing program 0 (id=434):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)=ANY=[@ANYBLOB="940000000001050500000000000000000a0000003c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c00028005000100000000003c0001800c00028005000100000000002c000180"], 0x94}, 0x1, 0x0, 0x0, 0x4041}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_CT_GET(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="580000000001050500000000000000000a0000053c0002802c00018014000300ff01000000000000000000000000000114000400ff0200000000000000000000000000010c0002800500010000000000080008409aba480168cd6b9720ecdf4e16"], 0x58}, 0x1, 0x0, 0x0, 0x4010}, 0x0)
splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x200000000622c, 0x0)

3.155061732s ago: executing program 2 (id=436):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x25dfdbfe, {{@in=@broadcast, @in6=@remote, 0x0, 0x0, 0x4e25, 0x0, 0x2, 0x20, 0x20}, {0x0, 0x7, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x0, 0x0, 0xfffffffffffffffd}, 0x0, 0x0, 0x1, 0x1}}, 0xb8}}, 0x0)
r1 = socket(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendto$inet(r1, 0x0, 0x17, 0x48890, &(0x7f0000000000)={0x2, 0x4e24, @broadcast}, 0x10)

3.015982722s ago: executing program 0 (id=438):
r0 = socket(0x2, 0x3, 0xff)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000080)=0x6, 0x4)
setsockopt$inet_int(r0, 0x0, 0x3, 0x0, 0x0)
sendto$inet(r0, 0x0, 0x0, 0x0, &(0x7f0000000100)={0x2, 0x4e23, @empty}, 0x10)
recvfrom$inet(r0, 0x0, 0x0, 0x10120, 0x0, 0x0)

2.963467102s ago: executing program 2 (id=439):
r0 = fsopen(&(0x7f00000000c0)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
r2 = openat$cgroup_subtree(r1, &(0x7f0000000100), 0x2, 0x0)
write$cgroup_subtree(r2, &(0x7f0000000140)=ANY=[@ANYBLOB='-rdma'], 0xe)

2.852157853s ago: executing program 0 (id=440):
syz_usb_connect(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="120100009ac0b620110f211066865578ac0109029c000100000400090400bf900b64ea00090587033b"], 0x0)
syz_open_dev$char_usb(0xc, 0xb4, 0x10000)
sendmsg$TIPC_CMD_SET_NODE_ADDR(0xffffffffffffffff, 0x0, 0x0)
write$uinput_user_dev(0xffffffffffffffff, &(0x7f0000000400)={'syz0\x00', {0x3, 0xb, 0x6, 0xff}, 0x3a, [0x8000, 0xc95a, 0xf, 0x8, 0x80, 0x2, 0x3, 0x10007f, 0x20000006, 0x4d, 0x6, 0x3, 0x9, 0x2, 0xffff2d34, 0xffffff01, 0x6, 0x3, 0xfffffffc, 0x5, 0x4, 0x2, 0x7, 0x3c5b, 0x80000001, 0x24, 0xd, 0x1, 0x0, 0xffffffff, 0xe661, 0x4, 0x7, 0x3, 0x8, 0x4c74, 0x80000000, 0x0, 0x3, 0xe, 0x8, 0x8000806e, 0x7, 0x17, 0x1, 0x7, 0x200, 0x3e, 0x8c, 0x6, 0x6, 0x0, 0x5, 0x4, 0x8, 0x400, 0x80, 0x1, 0x5, 0x6, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0x9, 0x8000012f, 0x8004, 0x5, 0xfffffff3, 0x129432e6, 0xc8, 0xf9, 0xe, 0x7, 0x6c7, 0x9, 0xfffffffc, 0x3, 0x0, 0x0, 0x5, 0x2f, 0xe, 0x312, 0x78, 0xea4, 0x0, 0x4, 0x7, 0x7fff, 0x6, 0x400, 0x401, 0x6, 0x1, 0xff, 0x5, 0x1000005, 0x5f31, 0xd, 0x4e0, 0x2, 0x4, 0xb, 0x1, 0x9, 0x8, 0x9, 0x6, 0x47, 0x8020, 0x1, 0xfe000000, 0xffff, 0x2, 0x4, 0x9, 0x3, 0x3, 0x9, 0x1, 0x3, 0x3, 0xbc45, 0x48c93690, 0x43, 0x103], [0x7, 0xa, 0x4, 0x5, 0xfffffffe, 0x100, 0x8d2, 0x9, 0x5, 0x7fff, 0x0, 0x5, 0xf, 0x4, 0x6, 0x5, 0x0, 0x6, 0x5, 0x1, 0x86, 0x3, 0x303c, 0x3e7, 0xb, 0x5, 0x2, 0x2, 0x3, 0x20000008, 0x2, 0x6d03, 0x6, 0x38, 0x800003, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x1000, 0xa2, 0x7, 0xa9, 0x5, 0x6, 0xac8, 0xc2, 0x2, 0x3, 0x7ff, 0x12b, 0x4, 0x1, 0x1000000a, 0x0, 0x5, 0x1c, 0x120000, 0x3, 0x2006, 0x80a2ed, 0x4, 0x25], [0x9, 0xbb33, 0x80000000, 0xb, 0x5, 0x93a, 0x6, 0x1000006, 0x0, 0xb9, 0xce7, 0x1ff, 0x2, 0x57, 0x4, 0x3, 0x101, 0x10000, 0x4, 0x7fff, 0x10000, 0x7f, 0x2, 0x5, 0x1, 0x2, 0x14c, 0x60a7, 0x6, 0x96, 0xffffffff, 0x80000000, 0x0, 0x4, 0xc8, 0x1, 0xfffff000, 0x10080, 0x3, 0x7e, 0x100, 0x1000, 0x7, 0xaf, 0x8, 0x6, 0x226, 0x5, 0x5, 0x1, 0x30b1d693, 0xa1f, 0xf40, 0x7, 0x1, 0x6c1b, 0x0, 0x4, 0x5, 0xb1e, 0xd7, 0x200, 0xffff3441, 0xfff]}, 0x45c)
ppoll(&(0x7f00000000c0)=[{}, {}], 0x20000000000000dc, 0x0, 0x0, 0x0)

2.850437403s ago: executing program 2 (id=441):
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={0x0}, 0x18)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB="180000001800ff0f00000000001b0000850000006d000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000680)=ANY=[@ANYBLOB="4c00000010004b0422000000000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000800157fff000000050016"], 0x4c}, 0x1, 0x0, 0x0, 0x200400a0}, 0x0)

2.713201444s ago: executing program 1 (id=442):
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x3014850, &(0x7f00000000c0), 0x2, 0x506, &(0x7f0000000c00)="$eJzs3c9vG1kdAPDvOHGTNFmcBQ7LSiwVLEpXbO1kw+5Ge1iChOC0Esty4RRC4kRRnDiKnW0TVSgVfwAS4pfgxIkLEmeEhPonIKRKcEcIgSpoy4EDYDT2uE1TJ3G2cdzGn480nTfvzcz3vTp+9ps38gQwsK5ExHxEDEXEaxFRyPJz2RL7rSXd7/69m0vpkkRj5IN/JJFkee1zJdl6PDtsNCK+8bWI7yRPxq3t7q0vVirl18db26X6xlaptrt3bW1jcbW8Wt6cn515a+7tuTfnps+sre9+5a8//v4vv/ru716//ueFv1/9blqtiazsYDu6sd/lfq2m55v/F23DEbF9mmDPsKGsPfl+VwQAgK6k3/E/HhGfjYgHP+t3bQAAAIBeaHxpIv6TRDQAAACACyvXvAc2yRWzewEmIpcrFlv38H4yLucq1Vr9CyvVnc3l1r2yk5HPraxVytPZvcKTkU/S7Zlm+tH2G4e2ZyPixYj4YWGsuV1cqlaW+33xAwAAAAbE+KHx/78KrfE/AAAAcMFM9rsCAAAAQM8Z/wMAAMDFd+T4Pxk+34oAAAAAvfD1995Ll0b7+dfLH+7urFc/vLZcrq0XN3aWikvV7a3iarW62vzNvo2TzlepVre+GJs7N0r1cq1equ3uLWxUdzbrC83nei+UG4VzaRYAAABwwIufuf2nJCL23xmL/UiaeZeysvzJh8/3tnZAL+VOt3vSq3oA52+o3xUA+sYNvjC4uhjjAxfcCQP7Hx3aPuVlAwAA4Fkw9akD8//vjDXzTjH/bz4QnmMG8jC4hswBwMAy/w+Dy2c/DLiRk3cZParg92dcFwAAoGcmmkuSK2ZzgRORyxWLES80HwuQT1bWKuXpiPhYRPyxkB9Jt2f6XWkAAAAAAAAAAAAAAAAAAAAAAAAAeM40Gkk0AAAAgAstIve3JHuQ/1Th1YnD1wcuJf8uNNcRcf3nH/zkxmK9vj2T5v/zYX79p1n+G+2c1LfO+UoGAAAA0NYep7fH8QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwlu7fu7nUXs4z7t0vR8Rkp/jDMdpcj/6mEBGXHyQxfOC4JCKGziD+/q2IeKlT/CStVkxmtTgcPxcRY32OP34G8WGQ3U77n/n0/Zc/9P7LxZXmuvP7bzhbntbdK0f1f7l2/9fs5zr1fy8cf+rRduLlO78uPVFayOLfinh5uHP/046fdIp/qfs2fvube3tHlTV+ETF1wudPGr9U39gq1Xb3rq1tLK6WV8ubs7Mzb829Pffm3HRpZa1Szv7tGOMHn/7t/46Kn7b/csf4rf73yPZHxKtdtv+/d27c+8Qx8a9+rvPr/9Ix8dO/ic9nnwNp+VQ7vd9KH/TKr/7wynHtXz6i/ce+/hFxtcv2v/b+9/7S5a4AwDmo7e6tL1Yq5e0zTAw/zBk74zNLPJ6obp60T/o98SOHyPfwj0TifBLvZ6/hqQ/vY6cEAAD0xKMv/YdLTjHBAwAAAAAAAAAAAAAAAAAAADyVnv8I2cjjvyww2r+mAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAc6/8BAAD//zk4zNw=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x42)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r0, 0x8004587d, &(0x7f0000000080)={@desc={0x1, 0x0, @desc2}})
setsockopt$netlink_NETLINK_BROADCAST_ERROR(0xffffffffffffffff, 0x10e, 0x4, 0x0, 0x0)
llistxattr(&(0x7f0000000000)='./file1\x00', 0x0, 0x0)

2.515945415s ago: executing program 2 (id=444):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x101080, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_GET_SREGS2(r2, 0x8140aecc, &(0x7f0000000140))

2.408927496s ago: executing program 1 (id=445):
r0 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0)
r1 = syz_io_uring_setup(0x890, &(0x7f0000000140)={0x0, 0xaee2, 0x800, 0x2, 0xbffffffc}, &(0x7f0000000100)=<r2=>0x0, &(0x7f0000000280)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3})
io_uring_enter(r1, 0x47f6, 0x0, 0x2, 0x0, 0x0)
ioctl$TCSBRKP(r0, 0x5425, 0x0)

2.365375526s ago: executing program 4 (id=446):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
fcntl$setpipe(r1, 0x407, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x20202, 0x0)
writev(r3, &(0x7f00000013c0)=[{&(0x7f0000000180)="a044b2cfa90a", 0x6}], 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0xa, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r5, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x5, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x1071)
clock_gettime(0x0, &(0x7f00000000c0)={<r10=>0x0, <r11=>0x0})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000180)=<r12=>0xffffffffffffffff)
r13 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r13, 0x2, &(0x7f0000000280))
ioctl$vim2m_VIDIOC_PREPARE_BUF(r8, 0xc058565d, &(0x7f00000003c0)=@multiplanar_mmap={0xca, 0x1, 0x4, 0x100, 0x10, {r10, r11/1000+10000}, {0x3, 0x8, 0x9, 0x4, 0x7, 0x40, "6d0345c2"}, 0x9, 0x1, {0x0}, 0x1, 0x0, r12})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001a40)=@newtfilter={0x38, 0x2c, 0xd2b, 0x800, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x10, 0xfff1}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xb, 0xfff2}}]}}]}, 0x38}}, 0x24044094)

1.66734202s ago: executing program 2 (id=447):
syz_mount_image$btrfs(&(0x7f00000055c0), &(0x7f0000000000)='./file2\x00', 0x8, &(0x7f0000000240)={[{@autodefrag}, {@autodefrag}, {@barrier}, {@max_inline={'max_inline', 0x3d, [0x6d]}}, {@clear_cache}, {@discard}, {@noenospc_debug}, {@space_cache_v2}, {@thread_pool={'thread_pool', 0x3d, 0x1}}]}, 0x1, 0x55a3, &(0x7f000000ac40)="$eJzs3X9snHUdB/DnruvaFdeWMOuArGwDJFtEOjdNCCR2bNNpYTnphE3I+gNH0DmtY8NVCCtinIERijWMwQoLbn9MEYqucyiJBewqul8IJtNFBbPFNWOkOBExYTG9u+d299zaHhMpwuu1tM/zvc/z/d73njx/3PvW73MBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABEHwx+N3TL/t3roJ26+ru++8a85e+2D3kuMX3rq1avND20v2dTz31aNVq1qPLF1w0/2JpkfW93d3BkEs2S+W7t9w2fwrr69vuKI0HLDxc6ltZeVQT5nq+mKqMTbnwcF+uT9NQRAURwYoSm/npXfiOQNkdlfkDzisayf1tE4dP69x28qujc8uu3xL/ktnUOloT2C0pK+rgyeupdrk73jkiEw769KL5Vyiqf7RC+4deREAwFtSk0huMm9H029xM+22aD3Sro202yPt8B1Ce3bjVKTGHTvUPCdH66M0z9pUVCgZcp6Revr8Z9qJaP9IOxI13sI8cw9NR5rSoebZEqmP1jwBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA3k0uuH5m/d49D7/8ldbf/u7h17/16sePrGq8ZaC7/qJ1ix/v2PG9vx2tWtV6ZOmCm+5PND2yvr+7Mwgqk/1iqe6xZ6ri8ZkDddseu6e3puFDC9cUpccNt2OyDg72hzsXVwRBc1blYDhsf3kQJHILyWawIb/wpeTOZ8ICAAAA7yVnJn/HM+1UHCzOaceSaTKW/BdKhcVrJ/W0Th0/r3Hbyq6Nzy67fMupj5cYYrzak46XaVee+IllBeMw/kbHO1EPD12RN87woiNG8/zpx/qnNdfdUHrl7gsWzphdv+XS4CfTD3csX3TfhBfHL9nXXpOX/yuHz//hmZP/AQAA+G/I/9FxhjdS/m+uqZh0cOp3ix67rur44fkP/Lyz7/kn4w8VD3Q//dLYcbf9cnVe/p+c85R5+T+ccZj/48Gp5X8AAAB4N/tf5//avHGGN1L+/8X+zZ//98pvTDk84187Xnj69xdvnVI+/7WyGTe8+cSCVxp2tf0pL//XFJb/x2RPO3xwVzjhZRVBUFP4SQUAAAByhP/vfuKjhTCvpz45iOb1y+4qe3LXG+tvjJ/V8o8zFvfPqv7i7tVf37ApNrChc92O5XNX5OX/2sLyf/E783IBAACAAvxm+y13V395ydYtew7N2XFnYvPYS+a+uuennVf1vXwsUfT8zX15+T9RWP4vGZ2XAwAAAJzEU+MmPnfo0UNfm7177YS9q9rmPD5t3+qFD/xz9t+veOnPxzddWJ6X/xsLy/9l6W165UOq087wrxA6KoKgdHCnJVXoC9o/mSkAAAAAb5Mwpzc1revduX7MrNfOPvzDNSuW/2rvpd++a2P1zQd+XXX7ucf2996Yl/9bhr//f3ing3D9f879//LW/2cVUnf9u8SNAQAAAHg/yl/PH94eP/XNBUN9/36h6/8/euaBko7m8ysnx7dVz3rig31Xra1+fVHHRZ/YfusbH46V//VTefm/rbD8X5S9fTu//w8AAABOwf/b9/8tzhtneCPd/79v3DPnrPnsPT+o/WbZU+e+eXfzd9oPTj9v87QzPlJ0fvecmX/4fl7+by8s/4fb07JfXk94fm6vCIKJgzvpuwluDae7LFLoKs4qpE58pEd92CNd6CrJKiS1RHp8rCIIpgzutEUKp4eF9khhoDxd2BQp7A0L6eshU3g0UugJr7R7y9PTjRZ+FhbSCyy6whUUp2WWRER6HBuqx2DhpD0OZJ4cAADgfSUMz+ksW5zbDKJRtis20gFlIx0QH+mAopEOGBM5IHrgUI8HjbmF8PEfz+1e+so1D9b1Xt1w9KzZe5bc0faBnkW9O7/wo55z/nL1Cws/nZf/NxWW/8NTMTa1GWr9fxCu/09/r2Fm/X9jWKiMFLrCQiJ6x4BE+BypsHtn+ByViXSPgYmZAgAAALynhZ8LFI3yPAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAID/sHfvcVJVd4LATzf9oJum6YgBY4ygRkR3aZomGEQcUXRXo4tNJKtjhtAIjXZoAwq4YsyKr3GV6GLUmBjZwY+jJg6r+CDqRIXoiElGJfE5Kz4HnciqS9BR45gs++m+dYqqW112IaC0+/3+0XWqfud569F17r11LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/P/hsiX3Nrw58H9965ffW/f697409TdTD9m8y19uqHt3yDlPbT5ocN0tbw1asPCNtklnXtsyffk1G1YuDaGlq1xZUrzsoUHl5aP/cMxdt13xcNO0wVPOrcrUm4mHfp1/yjN3Loytvto/hLvLQqhIB0bUJYHKzP26WN8edSF8LmwJZEu01SYl0g2Hh2tCWBa2BLJV3VsTQl1OYMoTD666rDNxVU0I+4YQqtNtvFCdtFGTDgyrSgK16cCciiTw/uZENnBPeRKAbRbfDNkX/YqW/AwN3Zcr8vqr3G4d+3Slh9cnJhqK53vrsB3cqRxV6QdatulpK6iOHaLg7bHau60XvNsKtvMST1vuF6nMN5TNW0LVoXxm26zpCzrmx0fKQ2Njn2I17aDned2mc2ZsTbrXvA5jBxq2y+vwgdpJ9Ze9PfHglSf/8fR956+duq3dfC5nk+amd7TqkHnN9ZrnMZrg86QXvP0KviUN9aUrhHD8nz5f9sycl3bf+MGrJ068/YWLr5628JopE58d9Iux/3jtLndPu7xg/t/w0fP/+HKOt+V5uWOrH9Ync/P4SF1MbKxP5uYAAADQa/SGvaZfHf3qS6c+dPeiF5cfV/Hdcb86abf6irO/33H8rivHf/HSK9sf36Vg/j+0tOP/8ZB/Xe5oV4cwoStxwYAQdut6PAn8LHbn5AEh7NWVaskPHJYKrA7hC12J/bNVpUr0jSWGpgK/r88EJqQCa2KgJRW4MQaWpAIXxsCKVGBGDKxOBQ6PgdCeP44D6jPjKDlQEwOtyUZcEc9CeKc+tpbaVuuyVQEAAGwnmdlhZf7dnHMdtjVDnF6uqOkpQzwDu2iG6lQN6RlsdlpVtIaKnmoo76mG7LgXffTwC2ou66nmgtMwyvIzfDjkO+UDJu79o7tuHHFT84sTv/vu2OO/8uc33129/z/993vOmX/dAQXz/6aPnv9Xd9ORsoLj/yFM7vobc5dnIh3ZeGtLXgYAAABgG1z12NInbzjgqP9z38v33fmla28oX3311//vKxsv2HvUccPL+v7dt1cUzP8nlHb+f9wn0icnc3g07oaYPSCEpvxAUu3BhYHkqHe/TAAAAAB6g+zx+Oyx8PbMbXKKdno+XZi/ZSvzxwP/E7rNf/mmv372y9c+eeLCYftsuOK/nflB2efH/m6XY9eOfPytPYf9Q0PfwvP/W0o7/782/zbpxJrYiysHhNA3J/BI7GVnoMvQGHj50PxAZvxr4gZYHKvKnJiQrWpxLNEaA02pwLJiJX6bLbFbfiDzZGUbvyA7jvZMiZwAAAAAfOLi7oB4XD6e/3/P5AO+tP+gl8a8uOe9C1+bsPSEU2t/uM8tu74+oGPSmAMnHHLEMwXz/9atO/+/ax5ccHp/R78QRlaE0Cf9w4BHa5OFAWOgriyTuL82qatPuqrzakMY3zmwdFWvZNb/r0ivMfhETVJVDOy29083DetM3FATwsjcwDPfvH5MZ2J+KpBt/Bs1IQzpHG268ZV9k8Yr041f0zeEPXMC2apO7htCZ2NV6aoerM5cxyBd1W3VIQzMCWSrOrA6hIUBgF4q/iudmfvgvIVnz57e0dF2xg5MxH34NWFWe0db44w5HTOri/RpZqrPecsYnVc4plKvfPN8ZomiqUNuH15KOvs7wabctjL78QtOHMzcj9+FKrvG2VyZd3d0esjD9ylsIuR8kyo25PIdPOTa3Eq2PIkF9cf8VaFf6LtgXtsZjWdNnz//jFHJ31KzNyd/42GmZFuNSm+r2u76VsLLo+hqWSkfd1vtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbkbw9D3a+7qlND3Xx9iePajkPdvSKnkk/iU0NCQqK3JaYvKTt/wrRf3/+tPdacdtZJe/z9HjNHnPRXl/9m7omNh0z+1fV/ubZg/j/3o+f/8VMnfvJn1mcodvy/IR7mTx7fcpi/NQaWlXr8v6HY0fzsiQFDU4FFMbDIYX4AAAA+G+LuyLg3M+6Vvq7un+4+cuaMQ97/5QlTrv7bseNOPWv9vg0XX33skv+w/p0lq454u2D+v6i03/9vp/X/s0vXf63YMv/7xxJNxdb/Ty/zn13/f1Gx9f/Ty/xn1/9f9ims/78gG0htknes/w8AAHwWfHLr//e4vH/6AgEFGXpc3j99gYCCDD0u41/qBQK2ev3/OR1/UTvo8jnjDh0x98ePrNp7ycDbvvT8xF/vs/SgEfeuvOW9UbcWzP+XlDb/t3A/AAAA7Dwe+mXfb1/87rD7n3rk/SPLLv3txpuO/6u2Aw75w8DmUyYfXfP9m/6tYP6/rLT5/ye//l8odv7/0GKBlmILA1r/DwAAgF6q2Pp/Nw98eejq+SNufOznb97yUusvZo5/7d8t+cFXpg9runnNut80zFhfMP9fUdr8P552UZ6XO/bmw/pkTbuQXtNuY332JwMAAADQO5SHxsbKEvPmrYx62Mdvc11mKdCPSud6+r5BqxaUP3RVWfXGH1wy7ZDGc489c86RF63/fu2TP6md2lh9RsH8f3Vp8/+832U8UDup/rK3Jx784cqT/3j6vvPXTt1y/B8AAADYcUrdLwEAAAAAAAAAAAAAAHz6nmpdetAHo45+Y+Zeo/70jWNf+MHiL37zkb+59s9n/vzw+/Zq3zxsSsHv/8PkrnLFfv8fr/sXf1+wa17u2GrP6/9l7k855taFXUsWPlofwj65gdnnz/5cyFybf7/cwKqp+w/uTJyfLnHfi4e/1pmYlg4cNWKX9zoT41OB1rhI4hfSgXhVxff6pwJxecUn04G4PVakA1WZwCX9k3GUpbfVhrpkW5Wlt9VzdSEMyAlkt9XddUkbZekBXpUKZAd4ejoQBzgpEyhP9+rWfkmvYqAuFv2bfkmvAADYacVvgZVhVntHW1P8Ch9vd6/Iv43yliw7r7DashKbfz6zNNnUIbcPLyXdJ/1ddMu1xitDdecQRhV8Xc3NUtY1yu1TSw+bbtciQ+5ptbfyIuXStnbTVRUfUU0yosYZczpmVvY48NE9Z2mu6DHLqILJTm6W8q5NWkItJfSlhBGVuG1K6HK8Xx4aG/ukco2LwYaQp6dXRKm/189d56/YqyA3z9/WXHtpn8F93v+38Rc99OCAyo5TJ7ddtPtj/zxw1Mwf//DB1mt+XzD/byht/l+dO673MhcDWBSvrHfwgBBaSxwRAAAAfPb9z3OX33HinDUbZq2uePZ3v5tdftyJlZvPueucsy967v7FR13y72/e1viKsqc2nfjGprP++o2ffOW6h8966fAZZ901ad0h69uqb/zuXyw/dUjB/H9oafP/uAcrcyg42duxOl7//4IBIXRdWr8hCfwsDvfkASHs1ZVqiSWSC+p/LZZoSgI/iztM9o8lWlvyq+obAytSgd/XZwKrU4E1MZDZS/HTkNmVc0V9CGO6UpPzS8yNJRpSgeNiYGgq0BgDTalA/xiYkAq82T8TaEkF/jEGQnv+trqzf2ZbAQAAbI3MPKsy/25Iz/NWVPSUoaynDLU9ZSjvKUN1TxmKjSLevyNmqEydvFKWk6kyXWtNqpaCDPFi+Fvdr4IM4bf5OdMFC5qO5x9kzzcoy88w7od3tB70tXk/3nTxjx4/8sALj1xy5duXHt1v8JXP/u/2c/v131RbMP9vKm3+X5t/m7S+Js7/t1z/Lwk8Ert3ZTx1fGgMvHxofiCzY2BNnOwuzlbVkimRmbQvjiUmxMDQVGBuDExIBVonZwLLBucHMjPtbOMXZBtvz5TICQAAAMAnLu4giLtp4vx/5bjwzh5Hvt+8+5UD5457/JHzjphes2t1zT+PX7t0/KXVD+3Xt2D+P6G0+X9sr19uYxfG3rzaP4S7y7b0JhsYUZcE4n6Muvjz+D3qQvhczg6ObIm22qREVarh8HBN8gv1qnRV99YkawzE+1OeeHDVZZ2Jq2pC2Ddn70u2jReqkzZq0oFhVUmgNh2YU5EE4p6fbOCe8iQA2yy7VzC+oDKnumQ1dF+uyOvvs3JN0PTwCvaBdpOvu99c7SjV6Qcy+1Sztu5pK6iOHaLg7bHau603vtsavNtyv0hlvqFs3hKqDuUz22ZNX9AxPz6S+0vWAjvoec79lWop6e3wOlz08Xvbs+p0B5pSHx9N3Zfr/nVYFqt7oHZS/WVvTzx45cl/PH3f+WunltyNIuIPhQ++de4Bz+Vs3h2tOmRec73u86TF50lv/Dcw1NMWQlh+wawnn/iX95+vWN/8Xw4cu/y2Nx9b/pODHpg14gsbLvnyxrfePapg/t9S2vy/InXb5YO4MecNCGF4zsZ9NG7+iQOSz8GcQPIpObAwkBxyX19f9JMTAAAAtrfs7o7s/oL2zG1yQnh6nlyYv2Ur88f9FRO6zV9qvweO+YfvHXrV69/4+vrdL3906VPr/tObrxwx7dAHNj29YuXrzcd+/umC+X/rR8//+6a66fi/4//sII7/d2tn3xXdN/3Aom3aFV1QHTuE4//d2tnfbY7/d8vxf8f/u+P4fw8c/+/Wzv60FXxLmutLVwihdcANt/+idvrwflec860Za3/+9DtN416oO/foO//H4YvDNeet+nPB/H9uafN/6/91v2hfdv2/1mLr/80ttv7fIuv/AQAAO1SRhebS87yC1fsKMqRX7yvI0OMCgT0uMWj9v61e/6/2pLNPeqX+rb2umXj7f75z+oXPn3Tis/v2ef6E20+4aeTVw1/68oaC+f+i0ub/8eXQL7f13rL+39DJRapaEgNzLQwIAADAzqjYDgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+XSseXPzFzYv3OeimZz9/0+H/umzNrL1/dcDm0WNObhy+eGDZlX/3L28NWrDwjbZJZ17bMn35NRtWLg2hvatcWVK87KFB5eWj/3DMXbdd8XDTtMFTzq3O1FuZuf1iXu7Y6of1ISzLeaQuJjbWd97ZEphyzK0LKzoTj9aHsE9uYPb5sz/XmbixPoT9cgOrpu4/uDNxfrrEfS8e/lpnYlo6cNSIXd7rTIzPBMrS3b2uf9LdsnR3L+sfwoCcQLa73+6fX1W2jf+YCZSn27i5LmkjBupi0R/VJW3EQEcs0d43hJEVIfRJV/Xr6qSqPumq/r46qapPuqr/Wh3C+BBCRbqqF6uSqirSI19blVQVA7vt/dNNwzoTy6pCGJkbeOab14/pTJyeCmQb/3pVCEM6XzLpxu+oTBqvTDd+VWUIe4YQqtIl/rUiKVGVLvFKRQgDcwLZxk+tCGFh4DMhfvjMzH1w3sKzZ0/v6Gg7YwcmqjJt1YRZ7R1tjTPmdMysTvWpmLKc9ObzPv7Yn990zozO26lDbh9eSroiU66yq8vNlXl3R+/svY/9qs2tZMvzUVB/zF8V+oW+C+a1ndF41vT5888YlfwtNXtz8rdPJppsq1G9ZVvtl1vJyPmnzR05b+HZI9pPm35K2ylt32keO6q5ecxXx45pHtk5qqbk7/YY6vWf/FB3r8ip5JP4AJCQkOhtifK8T7emnf2DvOCL/paOVobqrg/ogmlFbpayrlFuj0Ef9jFH/HG+p/Q4olEFE4eCLM09ZxldMJnYkqUmydL1va5gcphbU3nXJo33y0NjY59i26Eh/27u5n1rGzbvusymKzUNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/D924EAAAAAAAMj/tRGqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqsAMHAgAAAABA/q+NUFVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVYUdOBYAAAAAEOZvHUbPBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwKUAAAD//5twzl8=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000d80)='./file1\x00', 0x143042, 0x0)
pwrite64(r0, &(0x7f0000000080)="8e", 0x1, 0x709c)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
fallocate(r1, 0x0, 0x400, 0xffff)

1.469485001s ago: executing program 1 (id=448):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x9, 0x3, 0x10004, 0x5}, 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000240)=@base={0x6, 0x4, 0x4, 0x1}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x14, &(0x7f0000000580)=ANY=[@ANYBLOB="1802000008000000000000000000000018010000786c6c2500000000070000007b1af8ff00000000bfa100000000000007010000f8ffffffb700000000000000b7030000000000fd850000002d00000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000680)='sys_exit\x00', r1}, 0x10)

1.218790003s ago: executing program 4 (id=449):
ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000040)={0x2, @vbi={0x0, 0x0, 0x0, 0x0, [], [0x2]}})
syz_emit_vhci(&(0x7f0000000240)=ANY=[@ANYBLOB="0413090200160000c9"], 0xc)
sendmsg$NFQNL_MSG_CONFIG(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0}, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, 0x0)

1.169533693s ago: executing program 5 (id=450):
r0 = socket$inet6(0xa, 0x802, 0x0)
setsockopt$inet6_buf(r0, 0x29, 0x39, &(0x7f0000000040)="ff02040000ffffffffffffffff1f2be82db1af0000000000", 0x18)
recvmmsg(r0, &(0x7f0000002180)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000480)=""/200, 0xc8}, 0xf51}], 0x1, 0x40002105, 0x0)
connect$inet6(r0, &(0x7f0000000240)={0xa, 0x6e23, 0xfffffdff, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x9}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000001840), 0x3b, 0x0)

1.124524333s ago: executing program 1 (id=451):
mkdirat(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x8)
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000400), 0x800000, &(0x7f0000000300)={[{@huge_advise}]})
r0 = syz_open_procfs(0x0, &(0x7f00000003c0)='mountinfo\x00')
r1 = open(&(0x7f0000000200)='./bus\x00', 0x141a42, 0x0)
sendfile(r1, r0, 0x0, 0xffffffff)

1.030765294s ago: executing program 4 (id=452):
syz_mount_image$minix(&(0x7f0000000040), &(0x7f0000000240)='./file0\x00', 0x11, &(0x7f0000000400)=ANY=[], 0xfe, 0x228, &(0x7f00000004c0)="$eJzs28tOE2EUAODTUmliTNy7cSGJLpQW1AgrJcH7/fICBCohFm+4EGKibHwPnkyWblj4Aoxhqta2TC9SOhK+L2nmz5z/zH+mmTMzXTSA46sUUYhCzEdEkiSfP04k5bxLAkYj6WfS+OGtv5sM6trAGUCWsb023M67CmD0dubS/o/tiPj249Pi7898n8/vnbliuv3Sln+z3/zNQro9U2rNvxURt3tmF3aTrUb++bb17wy4/sm2/Lt95zfO/8K51vx7EXE/Ih5ExMOIeBQRjyPiSUQ83Wf9pbb1X7Stk5zusyAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIB/VIjJzp3fk7/j+0xoKsbLlXqtmhk/kcanMqJbp8bT+HRmfiN+OTNeTuOTi2/qS0m5W6FAh2JL/xc74r36f6xH/5e69j+Qp7X1jVcL9Xrt/QEHe7eOYRznYhz0ONeHUUbH4F1EdJ2zOawvcyIihly8wZ9BeYjX/GCDG92vn/9ukPedCThslQ+rbytr6xuXVlYXlmvLtddTs9PVKzMzs9WrlfTNvpL5fu/nNhxxzYd+c9/XX9uzeRUFAAAAAAAAAAzkWUQ8z7sIAABgJEbxd6K8zxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAo+9nAAAA//9zGM9s")
syz_mount_image$msdos(&(0x7f0000000f40), &(0x7f0000000f00)='.\x00', 0x1a4a438, &(0x7f0000000f80)=ANY=[], 0xb, 0x0, &(0x7f0000000000))
syz_mount_image$msdos(&(0x7f0000000940), &(0x7f0000001cc0)='.\x00', 0x1a4a438, &(0x7f0000000300)=ANY=[], 0xb, 0x0, &(0x7f0000000300))
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
write$uinput_user_dev(r0, &(0x7f000001fa80)={'syz1\x00', {0x12, 0x63, 0x2, 0x3}, 0x54, [0xffffffff, 0x3, 0x7ff, 0x343a, 0x7df, 0x9, 0x8, 0x4, 0x2, 0x8000, 0x8, 0x2, 0xffffff38, 0x35, 0x3e, 0x2, 0x2, 0x6, 0x100, 0x5, 0x7, 0x4, 0x8, 0xb, 0x4, 0x29, 0x73, 0xe, 0x401, 0x6, 0x2, 0x7, 0x1a14, 0x8, 0x10001, 0x8, 0x824f, 0xaf, 0x7, 0x40, 0x2, 0x7, 0x0, 0x2, 0x5, 0x7, 0x5, 0xe4e9, 0xfffffe75, 0x81, 0xf, 0x8, 0x80000000, 0x1f1, 0x8, 0xf1, 0x5, 0x4, 0xd, 0x9, 0x7, 0x80000001, 0x9, 0x9], [0xd4b7, 0xfffffffe, 0xc76, 0x8001, 0x1, 0xa87, 0x80000000, 0x6, 0x81, 0xa, 0x8, 0x297c, 0x6, 0x7, 0x1, 0x1, 0x0, 0x1ff, 0xf8d3, 0x76, 0x8aeb, 0x5, 0xdc3, 0x7f7b, 0x0, 0x0, 0xff, 0x5, 0xc55, 0xf2, 0x9, 0x1, 0x1, 0x2, 0xe, 0xe, 0xfffffffa, 0x0, 0x7, 0x8, 0x7, 0x0, 0x3280d89d, 0x53445b00, 0x1, 0x9, 0xfff, 0x80000000, 0x6f, 0x1000, 0x1f9, 0x0, 0x10000, 0x0, 0x6, 0x9, 0x100, 0x10000, 0x0, 0x6, 0x6, 0x7ff, 0x9, 0x3], [0x7fffffff, 0x6, 0x4, 0x7, 0x1, 0x7, 0x4, 0xfffffffa, 0x96c, 0x0, 0x2, 0x8712, 0x5, 0x5, 0x9b, 0xe, 0x6, 0x7ff, 0x8, 0x1, 0x3, 0x2, 0xfffffff9, 0x1b6, 0x6, 0x6, 0x80, 0x1ff, 0x8, 0x4, 0x5, 0x5, 0x7, 0x4b1e, 0x7, 0x2, 0x9, 0x7, 0x2d, 0x10001, 0x2, 0x2d, 0xaae9, 0xffff0930, 0x40082, 0x6, 0x9da, 0x6, 0x5, 0x6, 0xffff, 0x1, 0x6, 0x8ff9, 0xfffffe66, 0x7ff, 0x1, 0x83, 0x0, 0x1ff, 0x7, 0x1c, 0x0, 0x6], [0xb, 0x6, 0x81, 0x2, 0xc392, 0x3, 0x548, 0x7, 0x8, 0x3, 0x4, 0xee8, 0x2, 0xffff, 0x9, 0x6, 0x9, 0x3, 0x1, 0x6, 0xfd1, 0x2a, 0x6, 0x10c2, 0x10, 0x3, 0x10, 0x9, 0x9, 0x8, 0x9, 0xc75d, 0xc, 0x9, 0xfffffffa, 0x25, 0x7, 0x9, 0x78f, 0x101, 0x3, 0x2, 0x2, 0xffff, 0x6337ed4, 0xffffffff, 0x2, 0x0, 0x9, 0x2873, 0x6, 0x200, 0x6040, 0xfa5, 0x2, 0x10001, 0x9, 0xffffff80, 0x0, 0xf, 0x0, 0x9, 0x4, 0x7]}, 0x45c)

893.931154ms ago: executing program 1 (id=453):
bpf$TOKEN_CREATE(0x24, &(0x7f0000000080), 0x8)
syz_mount_image$udf(&(0x7f0000000f00), &(0x7f00000000c0)='./file1\x00', 0x800, &(0x7f0000001040)=ANY=[@ANYBLOB='uid=', @ANYRESDEC=0x0, @ANYBLOB="2c756e64656c6574652c6e6f7672732c6164696e6963622c766f6c756d653d30303030303030303030303030303030303030322c7569643d666f726765742c6769643d666f726765742c6e6f7374726963742c6e6f7672732c0085f95733019d784ca386da1fd41ffabd4b47acca2b8d488be702157dd8711c31732d"], 0xff, 0xc2d, &(0x7f00000001c0)="$eJzs3U9sHNd9B/DfGy3FldxWTOwoThoXm7ZIZcVy9S+mYhXuqqbZBpBlIhRzC8AVSakLUyRBUo1spAXTSw89BCiKHnIi0BoFUjQwmiLokWldILn4UOTUE9HCRlD0wBYBcgoYzOxbcUmRNi2KEmV9Pjb13Z19b+a9eesZWdCbFwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAxB+8cun0mfSwWwEAPEhXRr96+qz7PwA8Vq76/38AAAAAAAAAAAAAADjoUhTxZKSYu7KWxqv3HfXL7b5bt8eGhrevdiRVNQ9V5cuf+pmz585/6YXBC9283J75gPr322fjtdGrlxovz96cm59aWJiabIzNtCdmJ6d2vYe91t/qZHUCGjdfvzV5/fpC4+zz5zZ9fHvg/f4njg9cHHz21DPdsmNDw8OjG0XqveVr99yQjp1meByOIk5Fiue+99PUiogi9n4u6g927Lc6UnXiZNWJsaHhqiPT7dbMYvnhSPdEFBGNnkrN7jnafiyi1vdA+7CzZsRS2fyywSfL7o3OteZb16anGiOt+cX2Ynt2ZiR1Wlv2pxFFXEgRyxGx2n/37vqiiFqk+M6xtXQtIg51z8MXq4nBO7ej2Mc+7kLZzkZfxHLxCIzZAdYfRbwaKX72zomYyNeZ6lrzhYhXy/xBxFtlvhSRyi/G+Yj3tvke8WiqRRF/WY7/xbU0WV0PuteVy19rfGXm+mxP2e515SPeH+66Ujyk+8ORLflgHPBrUz2KaFVX/LV077/ZAQAAAAAAAAAAAAAAAOB+OxJFfCZSvPIff1LNK45qXvqxi4N/OPCrvXPGn/6Q/ZRln4+IpWJ3c3IP54mBI2kkpYc8l/hxVo8i/jTP//vWw24MAAAAAAAAAAAAAAAAAADAY62In0SKF989kZajd03x9syNxtXWtenOqrDdtX+7a6avr6+vN1InmznHcy7lXM65knM1ZxS5fs5mzvGcSzmXc67kXM0Zh3L9nM2c4zmXci7nXMm5mjNquX7OZs7xnEs5l3Ou5FzNGQdk7V4AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgI+TIor4RaT49jfWUqSIaEaMRydX+h926wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAUn8q4vuRovFHzTvbahGRqn87TpS/nI/m4TI/Gc3BMl+K5qWcrSprzW89hPazN32piB9Hiv7623cGPI9/X+fdna9BvPXNjXefrXXyUPfDgff7nzh+7OLg8G88vdPrtF0DTl5uz9y63RgbGh4e7dlcy0f/ZM+2gXzc4v50nYhYeOPN11vT01Pz9/6i/Arsofoj9CLVHpeeelG9iNqBaMbD6TuPgfL+/16k+N13/7N7w+/c/+vxK513d+7w8fM/27j/v7h1R7u8/9e21sv3//Kevt39/8mebS/m34301SLqizfn+o5H1BfeePNU+2brxtSNqZnzp09/eXDwy+dO9x2OqF9vT0/1vLovpwsAAAAAAAAAAAAAAADgwUlF/H6kaP14LTUi4nY1X2vg4uCzp545FIeq+Vab5m2/Nnr1UuPl2Ztz81MLC1OTjbGZ9sTs5NRuD1evpnuNDQ3vS2c+1JF9bv+R+suzc2/Mt2/88eK2nx+tX7q2sDjfmtj+4zgSRUSzd8vJqsFjQ8NVo6fbrZmq6si2k+k/ur5UxH9FionzjfT5vC3P/986w3/T/P+lrTvap/n/n+jZVh4zpSJ+Hil+56+ejs9X7Twad52zXO7vIsXJC5/L5eJwWa7bhs5zBTozA8uy/xcp/ukXm8t250M+uVH2zK5P7COiHP9jkeL7f/Hd+M28bfPzH7Yf/6Nbd7RP4/9Uz7ajm55XsOeuk8f/VKR46cm347fytg96/kf32RsncuE7z+fYp/H/VM+2gXzc374/XQcAAAAAAAAAAHik9aUi/j5S/HC4ll7I23bz9/8mt+5on/7+16d7tk3en/WKPvTFnk8qAAAAABwQfamIn0SKG4tv35lDvXn+d8/8z9/bmP85lLZ8Wv05369Vzw24n3/+12sgH3d8790GAAAAAAAAAAAAAAAAAACAAyWlIl7I66mPV/P5J3dcT30lUrzyP8/lcul4Wa67DvxA9Wv9yuzMqUvT07MTrcXWtempxuhca2KqrPtUpFj728/lukW1vnp3vfnOGu8ba7HPR4rhf+iW7azF3l2b/KmNsmfKsp+IFP/9j5vLdtex/tRG2bNl2b+JFF//l+3LHt8oe64s+91I8aOvN7plj5Zlu89H/fRG2ecnZot9GBUAAAAAAAAAAAAAAAAAAAAeN32piD+PFP97c/nOXP68/n9fz9vKW9/sWe9/i9vVOv8D1fr/O72+l/X/q+cKLO10VAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA+HhKUcSbkWLuylpa6S/fd9Qvt2du3R4bGt6+2pFU1TxUlS9/6mfOnjv/pRcGL3Tzg+vfb5+J10avXmq8PHtzbn5qYWFqsjE2056YnZza9R72Wn+rk9UJaNx8/dbk9esLjbPPn9v08e2B9/ufOD5wcfDZU890y44NDQ+P9pSp9d3z0e+Sdth+OIr460jx3Pd+mn7YH1HE3s/Fh3x39tuRqhMnq06MDQ1XHZlut2YWyw9HuieiiGj0VGp2z9EDGIs9aUYslc0vG3yy7N7oXGu+dW16qjHSml9sL7ZnZ0ZSp7VlfxpRxIUUsRwRq/13764ving9Unzn2Fr61/6IQ93z8MUro189fXbndhT72MddKNvZ6ItYLh6BMTvA+qOIf44UP3vnRPxbf0QtOj/xhYhXy/xBxFvRGe9UfjHOR7y3zfeIR1Mtivj/cvwvrqV3+svrQfe6cvlrja/MXJ/tKdu9rjzy94cH6YBfm+pRxI+qK/5a+nf/XQMAAAAAAAAAAAAAAAAcIEX8eqR48d0TqZoffGdOcXvmRuNq69p0Z1pfd+5fd870+vr6eiN1splzPOdSzuWcKzlXc0aR6+dslllfXx/P75dyLudcybmaMw7l+jmbOcdzLuVczrmSczVn1HL9nM2c4zmXci7nXMm5mjMOyNw9AAAAAAAAAAAAAAAAAADg46Wo/knx7W+spfX+zvrS49HJFeuBfuz9MgAA//8hX/ir")
rename(&(0x7f0000000000)='./file1\x00', &(0x7f00000000c0)='./file0/file0\x00')
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000100)='.\x02\x00')
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000040)='./file0\x00', 0x1118e58, &(0x7f0000000100)={[{@noquota}, {@noblock_validity}, {@mblk_io_submit}, {@data_err_ignore}, {@test_dummy_encryption}, {@inlinecrypt}]}, 0x6, 0x615, &(0x7f0000000c00)="$eJzs3c9rHGUfAPDvzCZp0uZ90768ii2KAQ8tSNOkFqtebOvBHgoW7EHEQ0OT1NDtD5oUbC2YggcFBRGvIr34D3iX4tWbCOrNs1BFKgoqXZnd2XST7CZrmt1NMp8PbHaeZ2b3eb47efI8M5NnJ4DCGs1+pBF7I+6fTSJGGtYNR23laL7dvV8r+ZpK5dVfkkiqeTfP1bdP8uddeWIwIr45EfG/0spy567fuDBZrtS8E3Fo/uKVQ3PXbxycvTh5fvr89KWJw88dOTr+/MSRiQ2Jc1f+fPLUK49/+O6bz858Wz6YxLE40//2VCyLY6OMxmjcz0NszO+LiKPZQpPPZavZBiEUWin/feyPiEdjJErVVM1IzH7Q08oBHVUpZb15Wwbb3RDYKpJ1NusdG10RoMvq44Ds+Lf+WHvUcKbDo5LuuXu8dgC0Mv6+2rmRGKweG+28lzQcGdXObezegPKzMv6+ue/T7BFLzkP8sbh3+jagnFYWbkXEY83iT6p1212NNIs/XVKPJCLGI2Igr99LD1GHpGG5E+dhVrPe+NOIOJY/Z/kn1ln+6LJ0t+MHoJjuHM878oUstdj/fRWLfVO9/1s6/hlu0netR6/7v9bjv3p/P1g9R54uG4dlY5bTzd+yf3nGj++f/LhV+Y3jv+yRlV8fC3bD3VsR+5bF/14WbD7+yeJPmuz/bJOzx9or4+Xvfj7Zal2v46/cjtjf9Pjnwag0W1rl+uShmdny9HjtZ9Myvvz6jc9bld/r+LP9v7NF/A37P13+uuwzudJmGV+cvn2x1brhNeNPfxpIasebA3nOW5Pz81cnIgaSU/kmDfmHV69LfZv6e2TxH3iqeftf8vt/a+n7DNX/ZLbhymsX7rVat57933Ax+X6lzTq0ksU/tfb+X9H+s7yP2izj99evPdFq3WrxDz1MYAAAAAAAAFBAafUabJKOLS6n6dhYbb7s/2NnWr48N//0zOVrl6YiDlT/H7I/rV/pHqmlkyw9kf8/bD19eFn6mYjYExGflIaq6bFzl8tTvQ4eAAAAAAAAAAAAAAAAAAAANold+fz/+n2qfyvV5v8DBdHJG8wBm5v2D8VVbf8rbvEEFIH+H4pL+4fi0v6huLR/KC7tH4pL+4fi0v6huLR/AAAAANiW9jx554ckIhZeGKo+MgP5OjOCYHvr73UFgJ4p9boCQM8sXvo32IfCaWv8/2f+5YCdrw7QA0mzzOrgoLJ647/T9JUAAAAAAAAAAAAAQAfs39t6/r+5wbC9mfYHxfUQ8/99dQBscb76H4rLMT6w1iz+wVYrzP8HAAAAAAAAAAAAgK4Zrj6SdCyfCzwcaTo2FvGfiNgd/cnMbHl6PCL+GxHfl/p3ZOmJXlcaAAAAAAAAAAAAAAAAAAAAtpm56zcuTJbL01cbF/5akbP5FkprbfNItP2G9bugdqHyL8a/fFUk3f94hyJic+zlTiz0NeQkEQvZnt8UFbs6F5ujGtWFHv9hAgAAAAAAAAAAAAAAAACAAmqYe9zcvs+6XCMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6L4H9//v3EKvYwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAtqZ/AgAA//9ffTgl")

893.115594ms ago: executing program 5 (id=454):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000027c00000400c2800c0001800600060086dd"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000740)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000500)={0xd8, r3, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x20, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}]}, @TIPC_NLA_SOCK={0x68, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3ee3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xc8e}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3ff}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4a}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4db378e6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x50}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x28, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfff}]}]}, 0xd8}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10)
r5 = dup2(r1, r0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000080)={0x0, @initdev, @remote}, &(0x7f0000000180)=0xc)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @private=0xa010102}, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f0000000000)="05000000010000", 0x7)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmmsg$inet6(r8, &(0x7f0000004280)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="12952a45c8c5fc", 0x7}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x800)
r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x8c0483, 0x0)
ioctl$AUTOFS_IOC_FAIL(r9, 0x4c81, 0x8)
r10 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r11, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0x6})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r13 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0x1, &(0x7f0000000780)=@raw=[@exit], &(0x7f00000007c0)='syzkaller\x00', 0x7, 0xef, &(0x7f0000000800)=""/239, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000980)={0x2, 0x8, 0x8000, 0xe3c6}, 0x10, 0x1c1ba, 0xffffffffffffffff, 0x0, &(0x7f00000009c0)=[r1], 0x0, 0x10, 0x1}, 0x94)
write(r13, &(0x7f0000000ac0)="20901e953a0ab1fb10e3cae0bb7ad1476b5c7003d1986f02c4bc78fe98cc5d2f0927198e4ca50c0231ab6d7d3053d1c6bcf128bb17803d2b587f1223933bf3e684ea2b0de232b1464c1eb6732cdf9dffa626a4d048cc1f5b12e9213ed1c85287183d220a6c725924db734e52a12e3a5ccba509d09343", 0x76)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000b80)={0x200000000000037a, &(0x7f0000000b40)=[{0x6, 0x9, 0x3, 0x3}, {0xff, 0x9, 0x40, 0x2}, {0x5, 0x7, 0x8, 0x6}, {0xfffe, 0xb, 0x8, 0x1}, {0x6, 0xa4, 0x9, 0x2e4}, {0x7f, 0xf, 0xf}]})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43, 0x3}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)

666.627566ms ago: executing program 4 (id=455):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="0500000007000000480000000c"], 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0x11, 0xd, &(0x7f0000000280)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000500000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000000)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000240)={{r0}, &(0x7f0000000840), &(0x7f0000000880)}, 0x20)
socket$kcm(0x2, 0xa, 0x2)

544.998037ms ago: executing program 4 (id=456):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xa, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=@base={0xa, 0x4, 0xdd, 0xa}, 0x50)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)=ANY=[@ANYBLOB="bc1b0000400007012bbd700000000000027c00000400c2800c0001800600060086dd"], 0x1bbc}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
r3 = syz_genetlink_get_family_id$tipc2(&(0x7f00000004c0), 0xffffffffffffffff)
sendmsg$TIPC_NL_MEDIA_SET(r2, &(0x7f0000000740)={&(0x7f00000003c0)={0x10, 0x0, 0x0, 0x800}, 0xc, &(0x7f0000000700)={&(0x7f0000000500)={0xe0, r3, 0x100, 0x70bd26, 0x25dfdbfe, {}, [@TIPC_NLA_MEDIA={0x20, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0x1c, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_WIN={0x8, 0x3, 0x1}, @TIPC_NLA_PROP_TOL={0x8, 0x2, 0x8}, @TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x7}]}]}, @TIPC_NLA_SOCK={0x68, 0x2, 0x0, 0x1, [@TIPC_NLA_SOCK_REF={0x8, 0x2, 0x5}, @TIPC_NLA_SOCK_ADDR={0x8, 0x1, 0x5}, @TIPC_NLA_SOCK_CON={0x1c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_NODE={0x8, 0x2, 0x3ee3}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0xc8e}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x3ff}]}, @TIPC_NLA_SOCK_CON={0x2c, 0x3, 0x0, 0x1, [@TIPC_NLA_CON_FLAG={0x8, 0x1, 0x4a}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0xa}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4db378e6}, @TIPC_NLA_CON_FLAG={0x8, 0x1, 0x50}, @TIPC_NLA_CON_NODE={0x8, 0x2, 0x4}]}, @TIPC_NLA_SOCK_REF={0x8, 0x2, 0x2}, @TIPC_NLA_SOCK_HAS_PUBL={0x4}]}, @TIPC_NLA_MEDIA={0x30, 0x5, 0x0, 0x1, [@TIPC_NLA_MEDIA_PROP={0xc, 0x2, 0x0, 0x1, [@TIPC_NLA_PROP_PRIO={0x8, 0x1, 0x19}]}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'eth\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}, @TIPC_NLA_MEDIA_NAME={0x7, 0x1, 'ib\x00'}, @TIPC_NLA_MEDIA_NAME={0x8, 0x1, 'udp\x00'}]}, @TIPC_NLA_NODE={0x14, 0x6, 0x0, 0x1, [@TIPC_NLA_NODE_REKEYING={0x8}, @TIPC_NLA_NODE_ADDR={0x8, 0x1, 0xfff}]}]}, 0xe0}}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r4}, 0x10)
r5 = dup2(r1, r0)
getsockopt$inet_pktinfo(r5, 0x0, 0x8, &(0x7f0000000080)={0x0, @initdev, @remote}, &(0x7f0000000180)=0xc)
connect$inet(r5, &(0x7f0000000040)={0x2, 0x4e20, @private=0xa010102}, 0x10)
r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
bind$bt_hci(r6, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6)
write(r6, &(0x7f0000000000)="05000000010000", 0x7)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000001c0)={0x26, 'hash\x00', 0x0, 0x0, 'rmd160\x00'}, 0x58)
r8 = accept4(r7, 0x0, 0x0, 0x0)
sendmmsg$inet6(r8, &(0x7f0000004280)=[{{0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000180)="12952a45c8c5fc", 0x7}], 0x1}}, {{0x0, 0x0, 0x0}}], 0x2, 0x800)
r9 = openat$loop_ctrl(0xffffffffffffff9c, &(0x7f0000000040), 0x8c0483, 0x0)
ioctl$AUTOFS_IOC_FAIL(r9, 0x4c81, 0x8)
r10 = openat$kvm(0xffffff9c, &(0x7f0000000100), 0x41, 0x0)
r11 = ioctl$KVM_CREATE_VM(r10, 0xae01, 0x0)
ioctl$KVM_CAP_X86_DISABLE_EXITS(r11, 0x4068aea3, &(0x7f0000000200)={0x8f, 0x0, 0x6})
r12 = ioctl$KVM_CREATE_VCPU(r11, 0xae41, 0x0)
r13 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000a00)=@bpf_ext={0x1c, 0x1, &(0x7f0000000780)=@raw=[@exit], &(0x7f00000007c0)='syzkaller\x00', 0x7, 0xef, &(0x7f0000000800)=""/239, 0x40f00, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000900)={0x1, 0x4}, 0x8, 0x10, &(0x7f0000000980)={0x2, 0x8, 0x8000, 0xe3c6}, 0x10, 0x1c1ba, 0xffffffffffffffff, 0x0, &(0x7f00000009c0)=[r1], 0x0, 0x10, 0x1}, 0x94)
write(r13, &(0x7f0000000ac0)="20901e953a0ab1fb10e3cae0bb7ad1476b5c7003d1986f02c4bc78fe98cc5d2f0927198e4ca50c0231ab6d7d3053d1c6bcf128bb17803d2b587f1223933bf3e684ea2b0de232b1464c1eb6732cdf9dffa626a4d048cc1f5b12e9213ed1c85287183d220a6c725924db734e52a12e3a5ccba509d09343", 0x76)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0xc, &(0x7f0000000b80)={0x200000000000037a, &(0x7f0000000b40)=[{0x6, 0x9, 0x3, 0x3}, {0xff, 0x9, 0x40, 0x2}, {0x5, 0x7, 0x8, 0x6}, {0xfffe, 0xb, 0x8, 0x1}, {0x6, 0xa4, 0x9, 0x2e4}, {0x7f, 0xf, 0xf}]})
ioctl$KVM_RUN(r12, 0xae80, 0x0)
ioctl$KVM_RUN(r12, 0xae80, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x3, 0x3, &(0x7f0000000000)=@framed={{0x7a, 0xa, 0x0, 0xff00, 0x0, 0x71, 0x10, 0x43, 0x3}}, &(0x7f0000000480)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x10}, 0x94)

429.538587ms ago: executing program 1 (id=457):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
pipe(&(0x7f00000002c0)={<r1=>0xffffffffffffffff})
vmsplice(r1, &(0x7f0000000080)=[{&(0x7f0000000500)='|', 0x1}], 0x1, 0x0)

358.937468ms ago: executing program 5 (id=458):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
fcntl$setpipe(r1, 0x407, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x20202, 0x0)
writev(r3, &(0x7f00000013c0)=[{&(0x7f0000000180)="a044b2cfa90a", 0x6}], 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0xa, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r5, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x5, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x1071)
clock_gettime(0x0, &(0x7f00000000c0)={<r10=>0x0, <r11=>0x0})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000180)=<r12=>0xffffffffffffffff)
r13 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r13, 0x2, &(0x7f0000000280))
ioctl$vim2m_VIDIOC_PREPARE_BUF(r8, 0xc058565d, &(0x7f00000003c0)=@multiplanar_mmap={0xca, 0x1, 0x4, 0x100, 0x10, {r10, r11/1000+10000}, {0x3, 0x8, 0x9, 0x4, 0x7, 0x40, "6d0345c2"}, 0x9, 0x1, {&(0x7f0000000340)=[{0x6, 0x40000000, {0x9}, 0x8}, {0x0, 0x9, {0x28000000}, 0x2}]}, 0x1, 0x0, r12})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x24044094)

237.628308ms ago: executing program 0 (id=459):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0xfe, 0x0, 0x7ffc9ffe}]})
r0 = syz_open_dev$evdev(&(0x7f0000000000), 0x0, 0x0)
syz_usb_disconnect(r0)
syz_usb_connect(0x4, 0x65, &(0x7f0000000500)=ANY=[], 0x0)
ioctl$EVIOCRMFF(r0, 0xc0085508, &(0x7f00000000c0)=0x7)

0s ago: executing program 4 (id=460):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000080)={0x8, 0x9}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
r1 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x0)
fcntl$setpipe(r1, 0x407, 0x4)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x101402, 0x0)
r3 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000000), 0x20202, 0x0)
writev(r3, &(0x7f00000013c0)=[{&(0x7f0000000180)="a044b2cfa90a", 0x6}], 0x1)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r4 = socket(0x10, 0xa, 0x0)
r5 = socket$inet6_sctp(0xa, 0x801, 0x84)
connect$inet6(r5, &(0x7f0000000100)={0xa, 0x0, 0x0, @private1, 0x200000}, 0x1c)
sendto$inet6(r5, &(0x7f00000001c0)='O', 0x1, 0x80, &(0x7f0000000280)={0xa, 0x4e23, 0x0, @private2}, 0x1c)
shutdown(r5, 0x1)
getsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r5, 0x84, 0x7c, &(0x7f00000000c0), &(0x7f0000000180)=0x8)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000440)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x5, 0x3, 0xc06a2f6, 0x1, 0x7}, 0x6, 0x0, 0xa, 0x4, 0x6, 0x8, 0x18, 0x9, 0x3, 0x4, {0x0, 0x2, 0x9, 0x800, 0x8704, 0x27000000}}}}]}, 0x78}}, 0x0)
r8 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/drop_packet\x00', 0x2, 0x0)
r9 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0)
sendfile(r8, r9, 0x0, 0x1071)
clock_gettime(0x0, &(0x7f00000000c0)={<r10=>0x0, <r11=>0x0})
ioctl$MEDIA_IOC_REQUEST_ALLOC(0xffffffffffffffff, 0x80047c05, &(0x7f0000000180)=<r12=>0xffffffffffffffff)
r13 = getpid()
prctl$PR_SCHED_CORE(0x3e, 0x3, r13, 0x2, &(0x7f0000000280))
ioctl$vim2m_VIDIOC_PREPARE_BUF(r8, 0xc058565d, &(0x7f00000003c0)=@multiplanar_mmap={0xca, 0x1, 0x4, 0x100, 0x10, {r10, r11/1000+10000}, {0x3, 0x8, 0x9, 0x4, 0x7, 0x40, "6d0345c2"}, 0x9, 0x1, {0x0}, 0x1, 0x0, r12})
sendmsg$nl_route_sched(r4, &(0x7f0000006040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000001a40)=@newtfilter={0x38, 0x2c, 0xd2b, 0x800, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x10, 0xfff1}, {}, {0x7, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0xc, 0x2, [@TCA_FW_CLASSID={0x8, 0x1, {0xb, 0xfff2}}]}}]}, 0x38}}, 0x24044094)

kernel console output (not intermixed with test programs):


[   59.861557][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   59.871111][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   59.879666][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   59.907714][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   59.918460][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   59.929013][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   59.942807][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   59.953312][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   59.963791][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   59.973215][ T1070] bridge0: port 1(bridge_slave_0) entered blocking state
[   59.980542][ T1070] bridge0: port 1(bridge_slave_0) entered forwarding state
[   59.988578][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   59.997942][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.006911][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   60.017176][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   60.029356][ T1070] bridge0: port 1(bridge_slave_0) entered blocking state
[   60.036532][ T1070] bridge0: port 1(bridge_slave_0) entered forwarding state
[   60.045862][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   60.054763][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.063490][ T1070] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.070635][ T1070] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.079075][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   60.088923][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   60.097598][ T1070] bridge0: port 2(bridge_slave_1) entered blocking state
[   60.104712][ T1070] bridge0: port 2(bridge_slave_1) entered forwarding state
[   60.112657][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   60.114233][ T4278] Bluetooth: hci2: command 0x041b tx timeout
[   60.120632][ T4273] Bluetooth: hci0: command 0x041b tx timeout
[   60.132626][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   60.140599][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   60.177948][ T4279] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[   60.189609][ T4279] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.200192][ T4268] Bluetooth: hci3: command 0x041b tx timeout
[   60.204567][ T4273] Bluetooth: hci4: command 0x041b tx timeout
[   60.212550][ T4273] Bluetooth: hci1: command 0x041b tx timeout
[   60.216362][ T4266] 8021q: adding VLAN 0 to HW filter on device batadv0
[   60.237493][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   60.251435][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   60.260862][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   60.276870][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.291499][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   60.301164][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.314938][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   60.322498][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   60.335912][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   60.345054][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   60.353554][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.362770][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   60.371018][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   60.392646][ T4271] device veth0_vlan entered promiscuous mode
[   60.413668][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   60.440156][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   60.459056][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   60.486610][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   60.521889][ T4271] device veth1_vlan entered promiscuous mode
[   60.531013][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   60.539898][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   60.552932][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   60.567124][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   60.579809][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.590761][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   60.607526][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.616195][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   60.625553][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   60.634146][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   60.642518][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   60.658600][ T4274] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   60.669998][ T4274] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.686685][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   60.698002][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   60.709534][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.719679][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   60.729123][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   60.747506][ T4267] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   60.793947][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   60.810452][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   60.840092][ T4271] device veth0_macvtap entered promiscuous mode
[   60.870674][ T4271] device veth1_macvtap entered promiscuous mode
[   60.932302][ T4271] batman_adv: batadv0: Interface activated: batadv_slave_0
[   60.948651][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   60.959303][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   60.988416][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   61.016943][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   61.049076][ T4271] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.081657][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   61.091069][ T1070] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   61.111064][ T4271] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.123014][ T4271] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.138991][ T4271] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.149183][ T4271] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.193906][ T4279] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.203102][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   61.211901][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   61.225819][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   61.240025][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   61.251172][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   61.260419][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.282618][ T4266] device veth0_vlan entered promiscuous mode
[   61.305570][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.313395][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   61.338427][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   61.349188][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   61.361123][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   61.369149][   T33] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   61.398623][ T4266] device veth1_vlan entered promiscuous mode
[   61.416581][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   61.430435][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   61.439517][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   61.449795][ T4274] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.467261][ T4267] 8021q: adding VLAN 0 to HW filter on device batadv0
[   61.517423][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.526713][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.539948][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   61.549180][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   61.559124][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   61.593257][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   61.603417][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.613395][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.621874][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   61.658501][ T4279] device veth0_vlan entered promiscuous mode
[   61.673718][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   61.682806][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   61.691643][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   61.701467][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   61.710704][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   61.720269][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.730247][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.738530][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   61.747105][ T4266] device veth0_macvtap entered promiscuous mode
[   61.759052][ T4267] device veth0_vlan entered promiscuous mode
[   61.772603][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.779471][ T4279] device veth1_vlan entered promiscuous mode
[   61.786736][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.800684][ T4266] device veth1_macvtap entered promiscuous mode
[   61.820979][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   61.829477][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   61.839132][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   61.847980][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.868214][ T4267] device veth1_vlan entered promiscuous mode
[   61.882526][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.898570][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.911174][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.919346][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   61.934913][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   61.943140][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   61.952467][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   61.961276][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   61.970680][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   61.981374][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   61.990015][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   62.000531][ T4274] device veth0_vlan entered promiscuous mode
[   62.016967][ T4266] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.027623][ T4266] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.042376][ T4266] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.081676][ T4279] device veth0_macvtap entered promiscuous mode
[   62.104951][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.113645][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.130577][ T4375] mmap: syz.3.3 (4375) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[   62.130586][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.158093][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.168145][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.182119][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.192217][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.200886][ T4273] Bluetooth: hci2: command 0x040f tx timeout
[   62.207904][ T4268] Bluetooth: hci0: command 0x040f tx timeout
[   62.225969][ T4266] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.235579][ T4266] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.250649][ T4266] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.259974][ T4266] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.272058][ T4274] device veth1_vlan entered promiscuous mode
[   62.278937][ T4268] Bluetooth: hci1: command 0x040f tx timeout
[   62.279479][ T4273] Bluetooth: hci4: command 0x040f tx timeout
[   62.285241][ T4268] Bluetooth: hci3: command 0x040f tx timeout
[   62.299926][ T4267] device veth0_macvtap entered promiscuous mode
[   62.311268][ T4279] device veth1_macvtap entered promiscuous mode
[   62.320313][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   62.333777][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.342937][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.360922][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.396442][ T4267] device veth1_macvtap entered promiscuous mode
[   62.413795][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.436861][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.447447][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.458095][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.470702][ T4279] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.483229][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   62.491815][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.500657][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.510363][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.547019][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.561449][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.571890][ T4279] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.582553][ T4279] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.596584][ T4279] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.611384][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.622091][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.644192][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.655425][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.665298][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.677138][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.687357][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   62.699070][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.710620][ T4267] batman_adv: batadv0: Interface activated: batadv_slave_0
[   62.719771][ T4279] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.728842][ T4279] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.738079][ T4279] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.747163][ T4279] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   62.759269][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   62.768228][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   62.777401][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   62.786849][   T46] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   62.814717][ T4274] device veth0_macvtap entered promiscuous mode
[   62.833263][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.845560][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.856034][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.866734][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.876891][ T4267] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   62.887386][ T4267] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   62.899836][ T4267] batman_adv: batadv0: Interface activated: batadv_slave_1
[   62.910368][ T4274] device veth1_macvtap entered promiscuous mode
[   62.928574][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   62.938558][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   62.946808][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   62.956799][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   62.968987][ T4267] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   62.979674][ T4267] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   62.988572][ T4267] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   62.997801][ T4267] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.017978][   T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.028784][   T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.058828][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.070835][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.081219][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.091840][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.102033][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.113205][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.123565][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   63.134950][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.147041][ T4274] batman_adv: batadv0: Interface activated: batadv_slave_0
[   63.157293][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.166270][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   63.175437][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   63.206040][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.218895][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.230018][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.242627][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.253360][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.264091][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.273914][ T4274] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   63.284639][ T4274] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   63.296158][ T4274] batman_adv: batadv0: Interface activated: batadv_slave_1
[   63.308939][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.311330][ T4274] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   63.317662][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.333489][ T4274] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   63.343392][ T4274] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   63.352309][ T4274] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   63.373913][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.383508][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   63.392786][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   63.457143][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.466266][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.479815][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.517492][   T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.528919][   T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.542048][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.599281][   T75] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.626528][ T4380] loop3: detected capacity change from 0 to 256
[   63.640677][ T4360] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.653016][   T75] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.666149][ T4380] =======================================================
[   63.666149][ T4380] WARNING: The mand mount option has been deprecated and
[   63.666149][ T4380]          and is ignored by this kernel. Remove the mand
[   63.666149][ T4380]          option from the mount to silence this warning.
[   63.666149][ T4380] =======================================================
[   63.671746][ T4360] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.744355][    T9] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.754911][   T33] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   63.762928][   T33] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.776176][    T9] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   63.784567][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.795530][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.806401][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   63.832092][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   63.851329][ T4380] exFAT-fs (loop3): failed to load upcase table (idx : 0x00011bf5, chksum : 0xdfba1b89, utbl_chksum : 0xe619d30d)
[   63.869532][ T4380] exFAT-fs (loop3): bogus allocation bitmap size(need : 2, cur : 17179869186)
[   64.096927][ T4386] netlink: 'syz.0.1': attribute type 1 has an invalid length.
[   64.140148][ T4386] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.1'.
[   64.166909][ T4386] syz.0.1[4386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.167105][ T4386] syz.0.1[4386] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   64.230596][ T4388] loop1: detected capacity change from 0 to 4096
[   64.232117][ T4386] Bluetooth: MGMT ver 1.22
[   64.276043][ T4268] Bluetooth: hci2: command 0x0419 tx timeout
[   64.276050][ T4278] Bluetooth: hci0: command 0x0419 tx timeout
[   64.291749][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   64.349770][ T4386] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   64.356461][   T41] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   64.366608][ T4268] Bluetooth: hci4: command 0x0419 tx timeout
[   64.373490][ T4278] Bluetooth: hci1: command 0x0419 tx timeout
[   64.379428][ T4268] Bluetooth: hci3: command 0x0419 tx timeout
[   64.400828][ T4382] loop4: detected capacity change from 0 to 32768
[   64.443113][ T4382] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop4 scanned by syz.4.5 (4382)
[   64.494172][   T26] audit: type=1800 audit(1761774933.146:2): pid=4391 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.2" name="file1" dev="loop1" ino=33 res=0 errno=0
[   64.550239][ T4382] BTRFS info (device loop4): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   64.568128][   T41] usb 3-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   64.584354][   T41] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x82 has invalid maxpacket 512, setting to 64
[   64.601769][ T4382] BTRFS info (device loop4): using crc32c (crc32c-intel) checksum algorithm
[   64.623274][   T41] usb 3-1: config 1 interface 1 altsetting 1 endpoint 0x3 has invalid wMaxPacketSize 0
[   64.678308][ T4382] BTRFS info (device loop4): using free space tree
[   64.704535][   T41] usb 3-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[   64.732765][   T41] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   64.751427][   T41] usb 3-1: Product: syz
[   64.774811][   T41] usb 3-1: Manufacturer: syz
[   64.779463][   T41] usb 3-1: SerialNumber: syz
[   64.996321][ T4310] usb 4-1: new low-speed USB device number 2 using dummy_hcd
[   65.003922][ T4382] BTRFS info (device loop4): enabling ssd optimizations
[   65.138330][ T4416] loop0: detected capacity change from 0 to 2048
[   65.153607][ T4416] EXT4-fs: Ignoring removed nobh option
[   65.205933][ T4310] usb 4-1: config 0 has an invalid interface number: 1 but max is 0
[   65.224245][ T4310] usb 4-1: config 0 has no interface number 0
[   65.262445][ T4416] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   65.265280][ T4310] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[   65.281467][ T4416] ext4 filesystem being mounted at /2/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[   65.328536][   T26] audit: type=1800 audit(1761774933.986:3): pid=4416 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.9" name="file0" dev="loop0" ino=13 res=0 errno=0
[   65.352240][ T4416] fs-verity: sha256 using implementation "sha256-avx2"
[   65.394824][ T4310] usb 4-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[   65.459998][ T4310] usb 4-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   65.501225][ T4310] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   65.533902][ T4418] loop1: detected capacity change from 0 to 32768
[   65.538017][ T4310] usb 4-1: config 0 descriptor??
[   65.597415][ T4267] EXT4-fs (loop0): unmounting filesystem.
[   65.609235][ T4393] raw-gadget.1 gadget.3: fail, usb_ep_enable returned -22
[   65.650247][ T4266] BTRFS info (device loop4): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   65.721744][ T4310] iowarrior 4-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[   65.821749][   T41] cdc_ncm 3-1:1.0: bind() failure
[   65.846545][   T41] cdc_ncm: probe of 3-1:1.1 failed with error -71
[   65.875398][   T41] cdc_mbim: probe of 3-1:1.1 failed with error -71
[   65.930540][   T41] usbtest: probe of 3-1:1.1 failed with error -71
[   65.962050][   T41] usb 3-1: USB disconnect, device number 2
[   66.014362][    C0] iowarrior 4-1:0.1: iowarrior_callback - usb_submit_urb failed with result -1
[   66.087185][ T4437] loop0: detected capacity change from 0 to 2048
[   66.106334][ T4418] XFS (loop1): Mounting V5 Filesystem
[   66.108411][ T4441] usb 4-1: USB disconnect, device number 2
[   66.178842][ T4437] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[   66.247145][ T4418] XFS (loop1): Ending clean mount
[   66.252515][ T4447] syz.4.11 uses obsolete (PF_INET,SOCK_PACKET)
[   66.280164][ T4418] XFS (loop1): Quotacheck needed: Please wait.
[   66.331177][ T4437] UDF-fs: error (device loop0): udf_verify_fi: directory (ino 1376) has entry where CRC length (32) does not match entry length (24)
[   66.354616][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[   66.382056][ T4418] XFS (loop1): Quotacheck: Done.
[   66.421721][   T26] audit: type=1800 audit(1761774935.076:4): pid=4418 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.6" name="file1" dev="loop1" ino=9286 res=0 errno=0
[   66.722616][ T4460] loop2: detected capacity change from 0 to 128
[   66.807754][ T4460] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   66.845183][ T4464] netlink: 24 bytes leftover after parsing attributes in process `syz.3.16'.
[   66.875142][ T4460] hpfs: filesystem error: improperly stopped
[   66.881826][ T4460] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   66.937279][ T4460] hpfs: You really don't want any checks? You are crazy...
[   66.962381][ T4460] hpfs: hpfs_map_sector(): read error
[   66.968881][ T4274] XFS (loop1): Unmounting Filesystem
[   67.017026][ T4460] hpfs: code page support is disabled
[   67.023606][ T4460] hpfs: hpfs_map_4sectors(): unaligned read
[   67.041187][ T4460] hpfs: hpfs_map_4sectors(): unaligned read
[   67.041789][ T4466] loop4: detected capacity change from 0 to 64
[   67.119034][ T4460] hpfs: filesystem error: unable to find root dir
[   67.139403][ T4470] loop0: detected capacity change from 0 to 764
[   67.209075][ T4470] rock: directory entry would overflow storage
[   67.236697][ T4460] hpfs: hpfs_map_4sectors(): unaligned read
[   67.268438][ T4470] rock: sig=0x5245, size=8, remaining=5
[   67.589681][ T4476] netlink: 'syz.0.23': attribute type 1 has an invalid length.
[   67.619714][ T4476] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.23'.
[   67.657959][ T4478] netlink: 'syz.1.18': attribute type 5 has an invalid length.
[   67.661593][ T4476] syz.0.23[4476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.677369][ T4476] syz.0.23[4476] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   67.764539][  T129] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[   67.889946][    T0] NOHZ tick-stop error: local softirq work is pending, handler #01!!!
[   67.899757][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[   67.908669][    T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!!
[   68.024202][  T129] usb 3-1: Using ep0 maxpacket: 16
[   68.034612][    T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!!
[   68.067916][  T129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[   68.114260][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[   68.122665][    T0] NOHZ tick-stop error: local softirq work is pending, handler #108!!!
[   68.131847][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[   68.144762][    T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!!
[   68.153346][    T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!!
[   68.161771][    T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!!
[   68.345662][  T129] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[   68.473592][  T129] usb 3-1: New USB device found, idVendor=6161, idProduct=4d15, bcdDevice= 0.00
[   68.589086][  T129] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   68.850956][  T129] usb 3-1: config 0 descriptor??
[   69.401686][ T4469] loop3: detected capacity change from 0 to 32768
[   69.467876][ T4469] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop3 scanned by syz.3.20 (4469)
[   69.514775][ T4469] BTRFS info (device loop3): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   69.544302][ T4469] BTRFS info (device loop3): using crc32c (crc32c-intel) checksum algorithm
[   69.578580][ T4469] BTRFS info (device loop3): turning on sync discard
[   69.601705][ T4469] BTRFS info (device loop3): setting nodatasum
[   69.624215][ T4469] BTRFS info (device loop3): disabling tree log
[   69.640862][ T4469] BTRFS info (device loop3): using free space tree
[   69.653371][ T4492] loop0: detected capacity change from 0 to 32768
[   69.680149][ T4492] BTRFS: device fsid 24c7a497-3402-47dd-bef8-82358f5f30e0 devid 1 transid 8 /dev/loop0 scanned by syz.0.25 (4492)
[   69.709556][ T4492] BTRFS info (device loop0): first mount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   69.712144][ T4472] loop4: detected capacity change from 0 to 32768
[   69.734240][ T4492] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[   69.743190][ T4492] BTRFS info (device loop0): using free space tree
[   69.774085][  T129] usb 3-1: language id specifier not provided by device, defaulting to English
[   69.794636][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[   69.801241][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   69.844432][ T4472] XFS (loop4): Mounting V5 Filesystem
[   69.925875][ T4492] BTRFS info (device loop0): enabling ssd optimizations
[   69.959818][   T26] audit: type=1800 audit(1761774938.616:5): pid=4469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.20" name="file0" dev="loop3" ino=258 res=0 errno=0
[   69.982278][  T129] letsketch 0003:6161:4D15.0001: Device info: ᑔ
[   69.983296][ T4472] XFS (loop4): Ending clean mount
[   70.019104][ T4469] BTRFS info (device loop3): setting compat-ro feature flag for VERITY (0x4)
[   70.061539][ T4472] XFS (loop4): Quotacheck needed: Please wait.
[   70.110189][   T26] audit: type=1800 audit(1761774938.766:6): pid=4469 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.20" name="file0" dev="loop3" ino=258 res=0 errno=0
[   70.172288][ T4472] XFS (loop4): Quotacheck: Done.
[   70.233063][  T129] usb 3-1: Max retries (5) exceeded reading string descriptor 201
[   70.248084][  T129] letsketch: probe of 0003:6161:4D15.0001 failed with error -71
[   70.265529][ T4267] BTRFS info (device loop0): last unmount of filesystem 24c7a497-3402-47dd-bef8-82358f5f30e0
[   70.304444][  T129] usb 3-1: USB disconnect, device number 3
[   70.521306][ T4271] BTRFS info (device loop3): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   70.766647][ T4553] loop1: detected capacity change from 0 to 128
[   70.792044][ T4553] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[   70.869438][ T4553] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[   70.871105][ T4266] XFS (loop4): Unmounting Filesystem
[   71.290273][ T4568] loop0: detected capacity change from 0 to 2048
[   71.317926][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[   71.324577][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[   71.330449][ T4570] netlink: 'syz.3.34': attribute type 1 has an invalid length.
[   71.348153][ T4570] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.34'.
[   71.404914][ T4570] syz.3.34[4570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.405012][ T4570] syz.3.34[4570] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   71.447903][ T4574] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   71.505030][ T4441] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[   71.672318][ T4574] NILFS (loop0): vblocknr = 23 has abnormal lifetime: start cno (= 4294967298) > current cno (= 3)
[   71.692306][ T4574] NILFS error (device loop0): nilfs_bmap_propagate: broken bmap (inode number=4)
[   71.712199][ T4574] Remounting filesystem read-only
[   71.719945][ T4577] loop3: detected capacity change from 0 to 128
[   71.724931][ T4441] usb 2-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[   71.742990][ T4441] usb 2-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[   71.754860][ T4441] usb 2-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[   71.755021][ T4267] NILFS (loop0): disposed unprocessed dirty file(s) when stopping log writer
[   71.763905][ T4441] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   71.786371][ T4577] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   71.802698][ T4566] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22
[   71.854132][ T4577] hpfs: filesystem error: improperly stopped
[   71.860463][ T4577] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   71.913139][ T4577] hpfs: You really don't want any checks? You are crazy...
[   71.933390][ T4572] loop4: detected capacity change from 0 to 32768
[   71.942207][ T4577] hpfs: hpfs_map_sector(): read error
[   71.960013][ T4577] hpfs: code page support is disabled
[   71.984715][ T4577] hpfs: hpfs_map_4sectors(): unaligned read
[   71.994248][ T4577] hpfs: hpfs_map_4sectors(): unaligned read
[   72.000195][ T4577] hpfs: filesystem error: unable to find root dir
[   72.124185][ T4572] XFS (loop4): Mounting V5 Filesystem
[   72.147953][ T4558] usb 2-1: USB disconnect, device number 2
[   72.327472][ T4572] XFS (loop4): Ending clean mount
[   72.345661][ T4572] XFS (loop4): Quotacheck needed: Please wait.
[   72.404886][ T4572] XFS (loop4): Quotacheck: Done.
[   72.429924][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.442583][   T26] audit: type=1800 audit(1761774941.096:7): pid=4572 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.29" name="file1" dev="loop4" ino=9286 res=0 errno=0
[   72.448618][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.510862][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.531936][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.534970][ T4600] loop0: detected capacity change from 0 to 2048
[   72.543252][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.554914][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.565027][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.571317][ T4600] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   72.573803][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.593466][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.606846][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.614614][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.622158][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.641703][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.671188][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.691254][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.710030][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.726558][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.734345][  T126] hid-generic 000B:0003:0004.0002: unknown main item tag 0x0
[   72.772742][  T126] hid-generic 000B:0003:0004.0002: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz1
[   73.474096][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[   73.480299][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   73.679442][ T4266] XFS (loop4): Unmounting Filesystem
[   73.796137][ T4611] netlink: 'syz.1.46': attribute type 1 has an invalid length.
[   73.884900][ T4611] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.46'.
[   73.906947][ T4616] syz.1.46[4616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.907039][ T4616] syz.1.46[4616] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   73.962440][ T4614] loop2: detected capacity change from 0 to 2048
[   74.000586][ T4614] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   74.028704][ T4612] fido_id[4612]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[   74.441654][ T4632] loop0: detected capacity change from 0 to 512
[   74.511578][ T4632] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   74.580355][ T4636] netlink: 'syz.3.56': attribute type 1 has an invalid length.
[   74.591396][ T4636] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.56'.
[   74.592599][ T4632] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.55: iget: bad i_size value: 38620345925642
[   74.603313][ T4636] syz.3.56[4636] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.613324][ T4636] syz.3.56[4636] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.650886][ T4632] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.55: couldn't read orphan inode 15 (err -117)
[   74.692578][ T4632] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   74.818384][ T4641] netlink: 'syz.2.57': attribute type 1 has an invalid length.
[   74.837046][ T4267] EXT4-fs (loop0): unmounting filesystem.
[   74.874558][ T4641] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.57'.
[   74.918815][ T4643] syz.2.57[4643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   74.918905][ T4643] syz.2.57[4643] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   75.954146][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[   75.954190][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   76.438304][   T14] cfg80211: failed to load regulatory.db
[   77.341113][ T4668] netlink: 'syz.3.63': attribute type 1 has an invalid length.
[   77.350010][ T4668] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.63'.
[   77.362387][ T4668] syz.3.63[4668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.362480][ T4668] syz.3.63[4668] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   77.389978][ T4669] loop2: detected capacity change from 0 to 256
[   77.458114][ T4669] exFAT-fs (loop2): failed to load upcase table (idx : 0x00002e7f, chksum : 0x03279930, utbl_chksum : 0xe619d30d)
[   77.601368][ T4672] loop4: detected capacity change from 0 to 2048
[   77.717974][ T4672] UDF-fs: error (device loop4): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[   77.774624][ T4672] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[   77.859132][ T4678] loop2: detected capacity change from 0 to 512
[   77.901578][ T4678] EXT4-fs: Ignoring removed nobh option
[   77.978677][ T4678] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   78.022092][ T4676] loop3: detected capacity change from 0 to 8192
[   78.033949][ T4678] ext4 filesystem being mounted at /12/bus supports timestamps until 2038-01-19 (0x7fffffff)
[   78.082778][ T4676] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[   78.165621][ T4660] loop0: detected capacity change from 0 to 32768
[   78.192556][ T4676] REISERFS (device loop3): found reiserfs format "3.5" with non-standard journal
[   78.223090][ T4678] EXT4-fs error (device loop2): ext4_find_dest_de:2115: inode #2: block 3: comm syz.2.67: bad entry in directory: inode out of bounds - offset=92, inode=117440528, rec_len=16, size=2048 fake=0
[   78.271412][ T4676] REISERFS (device loop3): using ordered data mode
[   78.342906][ T4676] reiserfs: using flush barriers
[   78.406659][ T4660] XFS (loop0): Mounting V5 Filesystem
[   78.419405][ T4676] REISERFS (device loop3): journal params: device loop3, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[   78.568964][ T4676] REISERFS (device loop3): checking transaction log (loop3)
[   78.577785][ T4660] XFS (loop0): Ending clean mount
[   78.645192][ T4660] XFS (loop0): Quotacheck needed: Please wait.
[   78.673886][ T4676] REISERFS (device loop3): Using r5 hash to sort names
[   78.742753][ T4660] XFS (loop0): Quotacheck: Done.
[   78.776537][ T4676] REISERFS (device loop3): Created .reiserfs_priv - reserved for xattr storage.
[   78.925743][   T26] audit: type=1800 audit(1761774947.586:8): pid=4660 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.59" name="file1" dev="loop0" ino=9286 res=0 errno=0
[   79.404147][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[   79.410332][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   80.194491][ T4279] EXT4-fs (loop2): unmounting filesystem.
[   80.208050][ T4267] XFS (loop0): Unmounting Filesystem
[   80.796979][ T4715] netlink: 'syz.1.78': attribute type 1 has an invalid length.
[   80.814160][ T4715] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.78'.
[   80.847182][ T4715] syz.1.78[4715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.847278][ T4715] syz.1.78[4715] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   80.847779][ T4717] netlink: 'syz.3.73': attribute type 1 has an invalid length.
[   80.975866][ T4717] netlink: 7064 bytes leftover after parsing attributes in process `syz.3.73'.
[   81.030052][ T4717] syz.3.73[4717] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.030148][ T4717] syz.3.73[4717] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   81.046715][ T4722] loop0: detected capacity change from 0 to 2048
[   81.130796][ T4722] Dev loop0: RDB in block 1 has bad checksum
[   81.272627][ T4709] loop2: detected capacity change from 0 to 32768
[   81.292393][ T4709] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.76 (4709)
[   81.354065][ T4709] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   81.374343][ T4709] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[   81.393369][ T4709] BTRFS info (device loop2): turning on sync discard
[   81.434149][ T4709] BTRFS info (device loop2): setting nodatasum
[   81.440377][ T4709] BTRFS info (device loop2): disabling tree log
[   81.484078][ T4709] BTRFS info (device loop2): using free space tree
[   81.775061][ T4721] loop4: detected capacity change from 0 to 32768
[   81.857083][ T4721] XFS (loop4): Mounting V5 Filesystem
[   81.895714][   T26] audit: type=1800 audit(1761774950.556:9): pid=4709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.76" name="file0" dev="loop2" ino=258 res=0 errno=0
[   81.920679][ T4709] BTRFS info (device loop2): setting compat-ro feature flag for VERITY (0x4)
[   81.982479][   T26] audit: type=1800 audit(1761774950.626:10): pid=4709 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.76" name="file0" dev="loop2" ino=258 res=0 errno=0
[   82.025460][ T4721] XFS (loop4): Ending clean mount
[   82.091466][ T4279] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   82.109440][ T4767] netlink: 8 bytes leftover after parsing attributes in process `syz.1.95'.
[   82.122044][ T4746] loop0: detected capacity change from 0 to 32768
[   82.924135][ T4278] Bluetooth: hci0: command 0x0c1a tx timeout
[   82.930344][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   83.121720][ T4746] JBD2: Ignoring recovery information on journal
[   83.189784][ T4746] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   83.354972][ T4266] XFS (loop4): Unmounting Filesystem
[   83.439336][ T4774] loop3: detected capacity change from 0 to 512
[   83.514694][ T4774] EXT4-fs: Ignoring removed oldalloc option
[   83.615750][ T4774] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.88: dx entry: limit 1024 != root limit 124
[   83.684108][ T4774] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.88: Corrupt directory, running e2fsck is recommended
[   83.707277][ T4774] EXT4-fs (loop3): Cannot turn on journaled quota: type 1: error -117
[   83.715922][ T4774] EXT4-fs error (device loop3): ext4_xattr_ibody_find:2196: inode #15: comm syz.3.88: corrupted in-inode xattr
[   83.734539][ T4774] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.88: couldn't read orphan inode 15 (err -117)
[   83.794090][ T4774] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   83.891374][ T4781] loop4: detected capacity change from 0 to 512
[   83.902462][ T4267] ocfs2: Unmounting device (7,0) on (node local)
[   83.939329][ T4774] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.88: dx entry: limit 1024 != root limit 124
[   83.984139][ T4774] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.88: Corrupt directory, running e2fsck is recommended
[   84.008180][ T4781] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x61000000 (sector = 1)
[   84.059445][ T4782] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.88: dx entry: limit 1024 != root limit 124
[   84.124124][ T4782] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.88: Corrupt directory, running e2fsck is recommended
[   84.194127][ T4774] EXT4-fs warning (device loop3): dx_probe:893: inode #2: comm syz.3.88: dx entry: limit 1024 != root limit 124
[   84.274340][ T4774] EXT4-fs warning (device loop3): dx_probe:966: inode #2: comm syz.3.88: Corrupt directory, running e2fsck is recommended
[   84.345012][ T4271] EXT4-fs (loop3): unmounting filesystem.
[   84.388687][ T4772] loop1: detected capacity change from 0 to 32768
[   84.447925][ T4772] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop1 scanned by syz.1.87 (4772)
[   84.488436][ T4776] loop2: detected capacity change from 0 to 32768
[   84.524414][ T4772] BTRFS info (device loop1): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   84.549103][ T4772] BTRFS info (device loop1): using crc32c (crc32c-intel) checksum algorithm
[   84.568193][ T4772] BTRFS info (device loop1): using free space tree
[   84.579871][ T4794] loop3: detected capacity change from 0 to 512
[   84.590563][ T4794] EXT4-fs: Ignoring removed oldalloc option
[   84.651163][ T4794] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   84.666911][ T4794] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   84.679179][ T4804] input: syz1 as /devices/virtual/input/input5
[   84.698567][ T4776] XFS (loop2): Mounting V5 Filesystem
[   84.731265][ T4794] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2819: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   84.784153][ T4794] EXT4-fs (loop3): 1 truncate cleaned up
[   84.789860][ T4794] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   84.938899][ T4776] XFS (loop2): Ending clean mount
[   84.994926][ T4772] BTRFS info (device loop1): enabling ssd optimizations
[   85.002382][ T4776] XFS (loop2): Quotacheck needed: Please wait.
[   85.061588][ T4776] XFS (loop2): Quotacheck: Done.
[   85.134992][   T26] audit: type=1800 audit(1761774953.786:11): pid=4776 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.85" name="file1" dev="loop2" ino=9286 res=0 errno=0
[   85.306746][ T4274] BTRFS info (device loop1): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[   85.369370][ T4832] loop4: detected capacity change from 0 to 1024
[   85.454613][ T4832] EXT4-fs (loop4): revision level too high, forcing read-only mode
[   85.476914][ T4832] EXT4-fs (loop4): orphan cleanup on readonly fs
[   85.524900][ T4832] EXT4-fs error (device loop4): ext4_free_blocks:6205: comm syz.4.101: Freeing blocks not in datazone - block = 0, count = 4096
[   85.650374][ T4832] EXT4-fs (loop4): 1 orphan inode deleted
[   85.672064][ T4279] XFS (loop2): Unmounting Filesystem
[   85.704244][ T4832] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[   85.816603][ T4271] EXT4-fs (loop3): unmounting filesystem.
[   85.870350][ T4266] EXT4-fs (loop4): unmounting filesystem.
[   86.067109][ T4838] loop4: detected capacity change from 0 to 128
[   86.109950][ T4655] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.150054][ T4827] loop0: detected capacity change from 0 to 32768
[   86.291317][ T4827] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[   86.312532][ T4655] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.449393][ T4849] loop4: detected capacity change from 0 to 512
[   86.582982][ T4655] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.667234][ T4855] netlink: 'syz.2.110': attribute type 1 has an invalid length.
[   86.687174][ T4267] ocfs2: Unmounting device (7,0) on (node local)
[   86.717230][ T4855] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.110'.
[   86.770329][ T4655] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[   86.810914][ T4856] syz.2.110[4856] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   86.811010][ T4856] syz.2.110[4856] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   87.081751][ T4851] device syzkaller1 entered promiscuous mode
[   87.487789][ T4273] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1
[   87.497763][ T4273] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9
[   87.506570][ T4273] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9
[   87.515437][ T4273] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4
[   87.523170][ T4273] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3
[   87.531412][ T4273] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2
[   87.585353][ T4868] loop2: detected capacity change from 0 to 32768
[   87.640252][ T4868] 
[   87.640252][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.640252][ T4868] 
[   87.683435][ T4868] 
[   87.683435][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.683435][ T4868] 
[   87.694563][ T4868] 
[   87.694563][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.694563][ T4868] 
[   87.705315][ T4868] 
[   87.705315][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.705315][ T4868] 
[   87.725408][  T108] 
[   87.725408][  T108]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.725408][  T108] 
[   87.750550][ T4868] 
[   87.750550][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.750550][ T4868] 
[   87.761507][ T4868] 
[   87.761507][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.761507][ T4868] 
[   87.772030][ T4868] 
[   87.772030][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.772030][ T4868] 
[   87.783492][ T4868] 
[   87.783492][ T4868]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.783492][ T4868] 
[   87.808257][  T108] 
[   87.808257][  T108]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.808257][  T108] 
[   87.920608][ T4279] 
[   87.920608][ T4279]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.920608][ T4279] 
[   87.982381][ T4279] 
[   87.982381][ T4279]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[   87.982381][ T4279] 
[   88.914100][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   88.914165][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[   89.555275][ T4275] Bluetooth: hci2: command 0x0409 tx timeout
[   89.987543][ T4909] netlink: 'syz.1.122': attribute type 1 has an invalid length.
[   90.044115][ T4909] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.122'.
[   90.093120][ T4909] syz.1.122[4909] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   90.095721][ T4909] syz.1.122[4909] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   90.521093][ T4929] loop0: detected capacity change from 0 to 1024
[   90.600541][ T4869] chnl_net:caif_netlink_parms(): no params data found
[   91.634059][ T4268] Bluetooth: hci2: command 0x041b tx timeout
[   91.738737][ T4932] device syzkaller1 entered promiscuous mode
[   91.750793][   T75] hfsplus: b-tree write err: -5, ino 4
[   91.842073][ T4950] capability: warning: `syz.2.131' uses deprecated v2 capabilities in a way that may be insecure
[   92.165481][ T4869] bridge0: port 1(bridge_slave_0) entered blocking state
[   92.172671][ T4869] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.184132][ T4348] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[   92.194088][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   92.194183][ T4268] Bluetooth: hci0: command 0x0c1a tx timeout
[   92.263687][ T4869] device bridge_slave_0 entered promiscuous mode
[   92.307212][ T4869] bridge0: port 2(bridge_slave_1) entered blocking state
[   92.321641][ T4869] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.359324][ T4869] device bridge_slave_1 entered promiscuous mode
[   92.374045][ T4348] usb 3-1: Using ep0 maxpacket: 8
[   92.391492][ T4348] usb 3-1: config 32 has an invalid interface number: 32 but max is 0
[   92.420202][ T4348] usb 3-1: config 32 has an invalid descriptor of length 0, skipping remainder of the config
[   92.453608][ T4348] usb 3-1: config 32 has no interface number 0
[   92.469473][ T4971] netlink: 'syz.1.137': attribute type 1 has an invalid length.
[   92.486007][ T4348] usb 3-1: New USB device found, idVendor=19b5, idProduct=0021, bcdDevice=98.c7
[   92.504078][ T4348] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   92.512226][ T4971] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.137'.
[   92.557479][ T4348] hub 3-1:32.32: bad descriptor, ignoring hub
[   92.563623][ T4348] hub: probe of 3-1:32.32 failed with error -5
[   92.602315][ T4971] syz.1.137[4971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.602435][ T4971] syz.1.137[4971] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[   92.625515][ T4655] device hsr_slave_0 left promiscuous mode
[   92.678008][ T4978] loop4: detected capacity change from 0 to 256
[   92.684599][ T4655] device hsr_slave_1 left promiscuous mode
[   92.695599][ T4655] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   92.722454][ T4655] batman_adv: batadv0: Removing interface: batadv_slave_0
[   92.758461][ T4978] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 256)
[   92.775642][ T4655] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   92.793504][ T4655] batman_adv: batadv0: Removing interface: batadv_slave_1
[   92.847252][ T4655] device bridge_slave_1 left promiscuous mode
[   92.860990][ T4655] bridge0: port 2(bridge_slave_1) entered disabled state
[   92.884995][ T4655] device bridge_slave_0 left promiscuous mode
[   92.891448][ T4655] bridge0: port 1(bridge_slave_0) entered disabled state
[   92.922014][ T4965] loop0: detected capacity change from 0 to 32768
[   93.050276][   T26] audit: type=1800 audit(1761774961.706:12): pid=4965 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.132" name="file1" dev="loop0" ino=7 res=0 errno=0
[   93.071873][ T4655] device veth1_macvtap left promiscuous mode
[   93.095307][ T4655] device veth0_macvtap left promiscuous mode
[   93.099866][ T4984] loop4: detected capacity change from 0 to 1024
[   93.102484][ T4655] device veth1_vlan left promiscuous mode
[   93.112040][ T4348] usb 3-1: reset high-speed USB device number 4 using dummy_hcd
[   93.125412][ T4655] device veth0_vlan left promiscuous mode
[   93.169714][ T4965] ERROR: (device loop0): dbAllocAG: Corrupt dmapctl page
[   93.169714][ T4965] 
[   93.202618][ T4965] ERROR: (device loop0): remounting filesystem as read-only
[   93.251718][ T4984] hfsplus: xattr search failed
[   93.370805][ T4360] hfsplus: b-tree write err: -5, ino 3
[   93.480260][ T4988] futex_wake_op: syz.4.142 tries to shift op by -1; fix this program
[   93.715437][ T4268] Bluetooth: hci2: command 0x040f tx timeout
[   94.557084][ T4997] loop2: detected capacity change from 0 to 2048
[   94.575099][ T4434] usb 3-1: USB disconnect, device number 4
[   94.653820][ T4997] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[   94.754180][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[   94.760574][ T4273] Bluetooth: hci0: command 0x0c1a tx timeout
[   94.787654][ T4279] EXT4-fs (loop2): unmounting filesystem.
[   95.048439][ T4655] team0 (unregistering): Port device team_slave_1 removed
[   95.091891][ T4655] team0 (unregistering): Port device team_slave_0 removed
[   95.135249][ T4655] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[   95.178544][ T4655] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[   95.621153][ T4655] bond0 (unregistering): Released all slaves
[   95.757824][ T4869] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[   95.777260][ T4869] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[   95.794874][ T4275] Bluetooth: hci2: command 0x0419 tx timeout
[   95.973326][ T5014] loop4: detected capacity change from 0 to 128
[   95.998511][ T4869] team0: Port device team_slave_0 added
[   96.023738][ T4869] team0: Port device team_slave_1 added
[   96.040095][ T5014] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   96.087779][ T5014] hpfs: filesystem error: improperly stopped
[   96.113657][ T5014] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   96.130318][ T5014] hpfs: You really don't want any checks? You are crazy...
[   96.146840][ T4869] batman_adv: batadv0: Adding interface: batadv_slave_0
[   96.162320][ T5014] hpfs: hpfs_map_sector(): read error
[   96.166619][ T4869] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.199067][ T5014] hpfs: code page support is disabled
[   96.224872][   T22] usb 2-1: new high-speed USB device number 3 using dummy_hcd
[   96.226477][ T5014] hpfs: hpfs_map_4sectors(): unaligned read
[   96.242665][ T4869] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[   96.265500][ T5020] device syzkaller1 entered promiscuous mode
[   96.274429][ T5014] hpfs: hpfs_map_4sectors(): unaligned read
[   96.280380][ T5014] hpfs: filesystem error: unable to find root dir
[   96.302287][ T4869] batman_adv: batadv0: Adding interface: batadv_slave_1
[   96.321978][ T4869] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   96.391386][ T4869] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[   96.418351][   T22] usb 2-1: Using ep0 maxpacket: 32
[   96.426758][   T22] usb 2-1: New USB device found, idVendor=055f, idProduct=d001, bcdDevice=88.92
[   96.463887][   T22] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   96.492133][   T22] usb 2-1: config 0 descriptor??
[   96.516009][   T22] gspca_main: nw80x-2.14.0 probing 055f:d001
[   96.617427][ T4869] device hsr_slave_0 entered promiscuous mode
[   96.651707][ T4869] device hsr_slave_1 entered promiscuous mode
[   97.116463][ T4869] netdevsim netdevsim5 netdevsim0: renamed from eth0
[   97.177029][ T4869] netdevsim netdevsim5 netdevsim1: renamed from eth1
[   97.202624][ T4869] netdevsim netdevsim5 netdevsim2: renamed from eth2
[   97.233086][ T4869] netdevsim netdevsim5 netdevsim3: renamed from eth3
[   97.539791][ T4869] 8021q: adding VLAN 0 to HW filter on device bond0
[   97.541655][   T22] gspca_nw80x: reg_w err -71
[   97.559469][ T5060] loop2: detected capacity change from 0 to 128
[   97.568407][   T22] nw80x: probe of 2-1:0.0 failed with error -71
[   97.583158][ T5060] hpfs: filesystem error: invalid number of hotfixes: 2066844986, used: 2066844985; already mounted read-only
[   97.606186][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[   97.620155][   T22] usb 2-1: USB disconnect, device number 3
[   97.628856][ T4360] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[   97.672716][ T5060] hpfs: filesystem error: improperly stopped
[   97.677219][ T4869] 8021q: adding VLAN 0 to HW filter on device team0
[   97.685723][ T5060] hpfs: filesystem error: warning: spare dnodes used, try chkdsk
[   97.693531][ T5060] hpfs: You really don't want any checks? You are crazy...
[   97.704629][ T5060] hpfs: hpfs_map_sector(): read error
[   97.716554][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[   97.717972][ T5060] hpfs: code page support is disabled
[   97.731964][ T5060] hpfs: hpfs_map_4sectors(): unaligned read
[   97.735724][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[   97.747109][ T5060] hpfs: hpfs_map_4sectors(): unaligned read
[   97.762232][ T5060] hpfs: filesystem error: unable to find root dir
[   97.764834][ T4655] bridge0: port 1(bridge_slave_0) entered blocking state
[   97.776679][ T4655] bridge0: port 1(bridge_slave_0) entered forwarding state
[   97.857207][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[   97.880878][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[   97.897121][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[   97.921455][ T4655] bridge0: port 2(bridge_slave_1) entered blocking state
[   97.928667][ T4655] bridge0: port 2(bridge_slave_1) entered forwarding state
[   97.943822][ T4308] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   97.955508][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[   97.964983][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[   98.003580][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[   98.015992][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[   98.027182][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[   98.038019][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[   98.061861][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   98.069966][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   98.082418][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   98.093567][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   98.127370][ T4655] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   98.135341][ T4308] usb 1-1: Using ep0 maxpacket: 16
[   98.162576][ T4308] usb 1-1: config 0 interface 0 has no altsetting 0
[   98.179679][ T4308] usb 1-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[   98.194901][ T4869] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   98.224482][ T4308] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   98.258906][ T4308] usb 1-1: config 0 descriptor??
[   98.691055][ T4308] hid (null): report_id 0 is invalid
[   98.909593][   T41] usb 1-1: USB disconnect, device number 2
[   98.912845][ T4654] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   98.932239][ T4654] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   98.948081][ T4869] 8021q: adding VLAN 0 to HW filter on device batadv0
[   99.011441][ T5082] loop1: detected capacity change from 0 to 32768
[   99.024225][ T4308] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   99.047949][ T5082] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop1 scanned by syz.1.167 (5082)
[   99.096850][ T5082] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   99.110302][ T5082] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[   99.142876][ T5082] BTRFS info (device loop1): using free space tree
[   99.254131][ T4308] usb 5-1: Using ep0 maxpacket: 8
[   99.260949][ T4308] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[   99.277352][ T4308] usb 5-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[   99.288867][ T4308] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   99.305947][ T4308] usb 5-1: config 0 descriptor??
[   99.446598][ T5082] BTRFS info (device loop1): enabling ssd optimizations
[   99.522583][ T4308] iowarrior 5-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0
[   99.889055][ T4274] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[   99.928887][ T4308] usb 5-1: USB disconnect, device number 2
[   99.987127][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  100.020792][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  100.097537][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  100.128034][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  100.182243][ T4869] device veth0_vlan entered promiscuous mode
[  100.189631][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  100.207079][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  100.234812][ T4869] device veth1_vlan entered promiscuous mode
[  100.286034][ T4423] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 10 /dev/loop1 scanned by udevd (4423)
[  100.291642][ T4869] device veth0_macvtap entered promiscuous mode
[  100.307601][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[  100.326441][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[  100.366280][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  100.382869][ T5123] loop2: detected capacity change from 0 to 40427
[  100.390470][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  100.399261][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  100.416891][ T5123] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  100.442926][ T4869] device veth1_macvtap entered promiscuous mode
[  100.469729][ T5123] F2FS-fs (loop2): invalid crc value
[  100.503081][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.524034][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.567037][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.572102][ T5123] F2FS-fs (loop2): Found nat_bits in checkpoint
[  100.611440][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.634114][ T5140] usb 2-1: new high-speed USB device number 4 using dummy_hcd
[  100.658626][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.679952][ T5152] loop4: detected capacity change from 0 to 256
[  100.684721][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.734370][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  100.763570][ T5152] exfat: Deprecated parameter 'utf8'
[  100.791491][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  100.804866][ T5152] exfat: Deprecated parameter 'utf8'
[  100.837371][ T5140] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  100.844472][ T5123] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  100.858912][ T5140] usb 2-1: New USB device found, idVendor=056a, idProduct=0015, bcdDevice= 0.00
[  100.869878][ T5152] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x36e00b20, utbl_chksum : 0xe619d30d)
[  100.879903][ T4869] batman_adv: batadv0: Interface activated: batadv_slave_0
[  100.928836][ T5140] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.947747][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  100.966614][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  100.987359][ T5140] usb 2-1: config 0 descriptor??
[  101.014276][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  101.051882][ T5147] f2fs_ckpt-7:2: attempt to access beyond end of device
[  101.051882][ T5147] loop2: rw=2049, sector=45096, nr_sectors = 16 limit=40427
[  101.088203][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.139848][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.192972][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.213568][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.229167][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.252671][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.262900][ T4869] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  101.280741][ T4869] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  101.350285][ T4869] batman_adv: batadv0: Interface activated: batadv_slave_1
[  101.391757][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  101.420941][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  101.436922][ T4869] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  101.467471][ T5140] wacom 0003:056A:0015.0004: Unknown device_type for 'HID 056a:0015'. Assuming pen.
[  101.476247][ T4869] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  101.511182][ T4869] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  101.521359][ T5140] wacom 0003:056A:0015.0004: hidraw0: USB HID v9.14 Device [HID 056a:0015] on usb-dummy_hcd.1-1/input0
[  101.550017][ T4869] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  101.550086][ T5140] input: Wacom Graphire4 4x5 Pen as /devices/platform/dummy_hcd.1/usb2/2-1/2-1:0.0/0003:056A:0015.0004/input/input6
[  101.714982][ T5140] usb 2-1: USB disconnect, device number 4
[  101.895353][   T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  101.903557][   T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  101.987884][   T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  102.002759][ T4490] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  102.032967][   T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  102.042565][ T5170] fido_id[5170]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  102.113425][   T75] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  102.331645][ T5182] Bluetooth: hci5: Frame reassembly failed (-84)
[  102.384018][ T4332] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  102.574058][ T4332] usb 1-1: Using ep0 maxpacket: 8
[  102.583137][ T4332] usb 1-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  102.604048][ T4332] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  102.612086][ T4332] usb 1-1: Product: syz
[  102.624137][ T4332] usb 1-1: Manufacturer: syz
[  102.634280][ T4332] usb 1-1: SerialNumber: syz
[  102.662952][ T4332] usb 1-1: config 0 descriptor??
[  102.673000][ T4332] gspca_main: se401-2.14.0 probing 047d:5003
[  102.724117][    T7] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  102.903666][ T5191] loop2: detected capacity change from 0 to 32768
[  102.918836][    T7] usb 2-1: Using ep0 maxpacket: 32
[  102.928353][    T7] usb 2-1: config 0 interface 0 has no altsetting 0
[  102.954086][    T7] usb 2-1: New USB device found, idVendor=1b1c, idProduct=0c10, bcdDevice= 0.00
[  102.991829][    T7] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  103.006713][ T5191] JBD2: Ignoring recovery information on journal
[  103.023297][    T7] usb 2-1: config 0 descriptor??
[  103.127735][ T5191] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  103.281505][ T4332] input: se401 as /devices/platform/dummy_hcd.0/usb1/1-1/input/input9
[  103.356354][ T4279] ocfs2: Unmounting device (7,2) on (node local)
[  103.529071][ T4332] usb 1-1: USB disconnect, device number 3
[  103.816102][    T7] corsair-cpro 0003:1B1C:0C10.0005: hidraw0: USB HID v4.06 Device [HID 1b1c:0c10] on usb-dummy_hcd.1-1/input0
[  103.905974][ T5208] loop4: detected capacity change from 0 to 32768
[  103.933557][ T5208] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 scanned by syz.4.184 (5208)
[  103.965982][ T5208] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  103.985216][ T5208] BTRFS info (device loop4): using sha256 (sha256-avx2) checksum algorithm
[  104.002846][ T5208] BTRFS info (device loop4): enabling auto defrag
[  104.011290][ T5208] BTRFS info (device loop4): use no compression
[  104.024233][ T5208] BTRFS info (device loop4): force clearing of disk cache
[  104.024363][    T7] corsair-cpro: probe of 0003:1B1C:0C10.0005 failed with error -71
[  104.041244][ T5208] BTRFS info (device loop4): max_inline at 4096
[  104.097900][ T5208] BTRFS info (device loop4): disabling free space tree
[  104.286967][ T5208] BTRFS info (device loop4): enabling ssd optimizations
[  104.303045][ T5208] BTRFS info (device loop4): rebuilding free space tree
[  104.347750][ T5208] BTRFS info (device loop4): disabling free space tree
[  104.354143][ T4273] Bluetooth: hci5: command 0xfc11 tx timeout
[  104.362896][ T4275] Bluetooth: hci5: Entering manufacturer mode failed (-110)
[  104.362979][ T5208] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE (0x1)
[  104.394099][ T5208] BTRFS info (device loop4): clearing compat-ro feature flag for FREE_SPACE_TREE_VALID (0x2)
[  104.435279][ T5139] usb 2-1: USB disconnect, device number 5
[  104.511869][ T5227] fido_id[5227]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  104.652176][ T5253] loop5: detected capacity change from 0 to 512
[  104.760913][ T5253] EXT4-fs (loop5): orphan cleanup on readonly fs
[  104.790010][ T5253] EXT4-fs (loop5): Cannot turn on journaled quota: type 0: error -13
[  104.791927][ T5238] loop0: detected capacity change from 0 to 32768
[  104.841031][ T5253] EXT4-fs error (device loop5): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 218 vs 220 free clusters
[  104.886800][ T5253] EXT4-fs error (device loop5): ext4_clear_blocks:883: inode #13: comm syz.5.188: attempt to clear invalid blocks 2 len 1
[  104.902878][ T5238] (syz.0.186,5238,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  104.938670][ T4266] BTRFS info (device loop4): last unmount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  104.951264][ T5251] loop2: detected capacity change from 0 to 4096
[  104.963077][ T5238] (syz.0.186,5238,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  104.971560][ T5253] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.188: invalid indirect mapped block 1819239214 (level 0)
[  105.238488][ T5238] JBD2: Ignoring recovery information on journal
[  105.255900][ T5253] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #13: comm syz.5.188: invalid indirect mapped block 1819239214 (level 1)
[  105.482490][ T5253] EXT4-fs (loop5): 1 truncate cleaned up
[  105.633781][ T5253] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  106.198438][ T5253] EXT4-fs (loop5): shut down requested (2)
[  106.307980][ T5238] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  106.366014][ T5270] netlink: 'syz.1.191': attribute type 1 has an invalid length.
[  106.373708][ T5270] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.191'.
[  106.446401][ T4869] EXT4-fs (loop5): unmounting filesystem.
[  106.456448][ T5270] syz.1.191[5270] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.456538][ T5270] syz.1.191[5270] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.481113][ T5274] netlink: 'syz.2.192': attribute type 1 has an invalid length.
[  106.501139][ T4423] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 12 /dev/loop4 scanned by udevd (4423)
[  106.626561][ T5274] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.192'.
[  106.677105][ T5280] syz.2.192[5280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.677197][ T5280] syz.2.192[5280] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.694908][ T5282] netlink: 'syz.5.194': attribute type 1 has an invalid length.
[  106.737068][ T4267] ocfs2: Unmounting device (7,0) on (node local)
[  106.815679][ T5282] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.194'.
[  106.915229][ T5282] syz.5.194[5282] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  106.915324][ T5282] syz.5.194[5282] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  107.020960][ T5292] loop0: detected capacity change from 0 to 2048
[  107.110264][ T5292] UDF-fs: error (device loop0): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  107.183170][ T5292] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  107.205753][ T5302] netlink: 64 bytes leftover after parsing attributes in process `syz.2.199'.
[  107.257767][   T26] audit: type=1800 audit(1761774975.916:13): pid=5292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.196" name="file1" dev="loop0" ino=1346 res=0 errno=0
[  107.367498][   T26] audit: type=1800 audit(1761774975.946:14): pid=5292 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.196" name="file1" dev="loop0" ino=1346 res=0 errno=0
[  107.445854][ T5311] loop4: detected capacity change from 0 to 64
[  107.674862][ T5139] usb 6-1: new high-speed USB device number 2 using dummy_hcd
[  107.864065][ T5139] usb 6-1: Using ep0 maxpacket: 16
[  107.870982][ T5139] usb 6-1: config 1 interface 0 altsetting 255 endpoint 0x1 has invalid wMaxPacketSize 0
[  107.904159][ T5139] usb 6-1: config 1 interface 0 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 0
[  107.954014][ T5139] usb 6-1: config 1 interface 0 altsetting 255 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  107.990307][ T5327] netlink: 'syz.1.209': attribute type 1 has an invalid length.
[  108.004683][ T5323] loop2: detected capacity change from 0 to 4096
[  108.014420][ T5139] usb 6-1: config 1 interface 0 has no altsetting 0
[  108.048355][ T5139] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40
[  108.062395][ T5327] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.209'.
[  108.087491][ T5139] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  108.102313][ T5329] netlink: 'syz.4.210': attribute type 1 has an invalid length.
[  108.105754][ T5331] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  108.119202][ T5327] syz.1.209[5327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.131024][ T5327] syz.1.209[5327] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.152635][ T5139] usb 6-1: Product: syz
[  108.169306][ T5329] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.210'.
[  108.203048][ T5139] usb 6-1: Manufacturer: syz
[  108.207263][ T5329] syz.4.210[5329] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.208509][ T5329] syz.4.210[5329] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  108.230857][   T26] audit: type=1800 audit(1761774976.886:15): pid=5323 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.207" name="bus" dev="loop2" ino=18 res=0 errno=0
[  108.244054][ T5139] usb 6-1: SerialNumber: syz
[  108.546959][ T5343] netlink: 'syz.2.212': attribute type 1 has an invalid length.
[  108.571269][ T5139] usblp 6-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 255 proto 1 vid 0x0525 pid 0xA4A8
[  108.594196][ T4268] Bluetooth: hci0: command 0x0c1a tx timeout
[  108.594263][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  108.603146][ T5343] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.212'.
[  108.708940][ T5346] device syzkaller1 entered promiscuous mode
[  108.743623][ T5349] Illegal XDP return value 4294967262 on prog  (id 31) dev syz_tun, expect packet loss!
[  108.878122][ T5355] TCP: request_sock_TCPv6: Possible SYN flooding on port 20002. Sending cookies.  Check SNMP counters.
[  109.511249][ T5379] netlink: 'syz.0.226': attribute type 1 has an invalid length.
[  109.533153][ T4441] usb 6-1: USB disconnect, device number 2
[  109.562585][ T4441] usblp0: removed
[  109.579816][ T5379] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.226'.
[  109.824075][ T5382] netlink: 'syz.4.224': attribute type 1 has an invalid length.
[  109.831899][ T5382] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.224'.
[  110.025275][ T5377] loop1: detected capacity change from 0 to 32768
[  110.089513][ T5377] BTRFS info (device loop1): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  110.137040][ T5377] BTRFS info (device loop1): using sha256 (sha256-avx2) checksum algorithm
[  110.162398][ T5377] BTRFS info (device loop1): using free space tree
[  110.174800][ T5401] netlink: 'syz.2.230': attribute type 1 has an invalid length.
[  110.182497][ T5401] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.230'.
[  110.544097][ T5377] BTRFS info (device loop1): enabling ssd optimizations
[  110.708509][ T4274] BTRFS info (device loop1): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  110.759482][ T4273] Bluetooth: hci0: command 0x0c1a tx timeout
[  110.765657][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  111.973731][ T5453] netlink: 'syz.5.242': attribute type 1 has an invalid length.
[  111.981603][ T5453] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.242'.
[  111.995966][ T5453] bpf_get_probe_write_proto: 8 callbacks suppressed
[  111.995981][ T5453] syz.5.242[5453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.002797][ T5453] syz.5.242[5453] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.079169][ T5458] netlink: 'syz.0.244': attribute type 1 has an invalid length.
[  112.096358][ T5457] loop2: detected capacity change from 0 to 256
[  112.098409][ T5458] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.244'.
[  112.119591][ T5458] syz.0.244[5458] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.119684][ T5458] syz.0.244[5458] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  112.359150][ T5465] netlink: 'syz.4.247': attribute type 1 has an invalid length.
[  112.447829][ T5465] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.247'.
[  112.527667][ T5473] device batadv_slave_1 entered promiscuous mode
[  112.560212][ T5470] netlink: 8 bytes leftover after parsing attributes in process `syz.0.249'.
[  112.561868][ T5472] device batadv_slave_1 left promiscuous mode
[  113.427607][ T5481] loop0: detected capacity change from 0 to 16
[  113.565451][ T5481] erofs: (device loop0): mounted with root inode @ nid 36.
[  113.641554][ T5483] loop5: detected capacity change from 0 to 4096
[  113.726181][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.736188][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 47 @ nid 36
[  113.745351][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.754711][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 46 @ nid 36
[  113.764166][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 45 @ nid 36
[  113.774653][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.784004][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 43 @ nid 36
[  113.793072][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.802440][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 42 @ nid 36
[  113.811611][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.820978][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 41 @ nid 36
[  113.830090][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.839456][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 40 @ nid 36
[  113.849860][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 39 @ nid 36
[  113.858969][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 38 @ nid 36
[  113.868101][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 36 @ nid 36
[  113.877230][ T5481] erofs: (device loop0): z_erofs_extent_lookback: bogus lookback distance @ nid 36
[  113.886549][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 31 @ nid 36
[  113.895645][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 25 @ nid 36
[  113.904687][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 24 @ nid 36
[  113.913867][ T5481] erofs: (device loop0): z_erofs_readahead: readahead error at page 19 @ nid 36
[  113.923104][ T5481] syz.0.252: attempt to access beyond end of device
[  113.923104][ T5481] loop0: rw=524288, sector=784, nr_sectors = 64 limit=16
[  113.936645][ T5481] syz.0.252: attempt to access beyond end of device
[  113.936645][ T5481] loop0: rw=524288, sector=13478624080, nr_sectors = 24 limit=16
[  113.950864][ T5481] syz.0.252: attempt to access beyond end of device
[  113.950864][ T5481] loop0: rw=524288, sector=13478624032, nr_sectors = 48 limit=16
[  113.965060][ T5481] syz.0.252: attempt to access beyond end of device
[  113.965060][ T5481] loop0: rw=524288, sector=24, nr_sectors = 8 limit=16
[  113.978491][ T5481] syz.0.252: attempt to access beyond end of device
[  113.978491][ T5481] loop0: rw=524288, sector=8, nr_sectors = 16 limit=16
[  114.034228][ T4273] Bluetooth: hci0: command 0x0c1a tx timeout
[  114.040487][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  114.780965][ T5501] netlink: 'syz.1.256': attribute type 1 has an invalid length.
[  114.813424][ T5501] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.256'.
[  114.836837][ T5505] device bridge0 entered promiscuous mode
[  114.855043][ T5501] syz.1.256[5501] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.855139][ T5501] syz.1.256[5501] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  114.918982][ T5505] device macsec1 entered promiscuous mode
[  114.977596][ T5509] netlink: 'syz.5.260': attribute type 1 has an invalid length.
[  115.024997][ T5505] bridge0: port 3(macsec1) entered blocking state
[  115.045359][ T5509] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.260'.
[  115.045884][ T5505] bridge0: port 3(macsec1) entered disabled state
[  115.091592][ T5510] syz.5.260[5510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.091684][ T5510] syz.5.260[5510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  115.163451][ T5515] loop0: detected capacity change from 0 to 1024
[  115.182011][ T5515] EXT4-fs: Ignoring removed bh option
[  115.275270][ T5505] device bridge0 left promiscuous mode
[  115.365373][ T5515] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  115.547077][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  115.725956][ T5527] netlink: 'syz.2.265': attribute type 1 has an invalid length.
[  115.752492][ T5527] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.265'.
[  115.978847][ T5534] loop1: detected capacity change from 0 to 1764
[  116.729631][ T5552] netlink: 'syz.5.274': attribute type 1 has an invalid length.
[  116.742757][ T5552] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.274'.
[  116.751733][ T5554] loop1: detected capacity change from 0 to 1024
[  116.763699][ T5552] syz.5.274[5552] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.763795][ T5552] syz.5.274[5552] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  116.914112][ T4268] Bluetooth: hci0: command 0x0c1a tx timeout
[  116.914138][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  117.024203][ T5554] hfsplus: xattr searching failed
[  117.156356][ T5561] hfsplus: xattr searching failed
[  118.059747][ T5575] netlink: 32 bytes leftover after parsing attributes in process `syz.4.281'.
[  118.131918][ T5577] netlink: 'syz.1.282': attribute type 1 has an invalid length.
[  118.174204][ T5577] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.282'.
[  118.278756][ T5583] netlink: 'syz.4.284': attribute type 1 has an invalid length.
[  118.303771][ T5582] loop0: detected capacity change from 0 to 1024
[  118.325058][ T5583] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.284'.
[  118.348587][ T5583] syz.4.284[5583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.348680][ T5583] syz.4.284[5583] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  118.373484][ T5582] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  118.396188][ T5582] ext4 filesystem being mounted at /64/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  118.412183][ T5582] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.283: inode has both inline data and extents flags
[  118.431147][ T5582] EXT4-fs error (device loop0): ext4_lookup:1858: inode #15: comm syz.0.283: inode has both inline data and extents flags
[  118.520579][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  118.751783][ T5599] loop5: detected capacity change from 0 to 128
[  118.795157][ T5599] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  118.852839][ T5602] device syzkaller1 entered promiscuous mode
[  118.858328][ T5599] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  119.305983][ T5606] device syzkaller1 entered promiscuous mode
[  119.391070][ T5612] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  119.901052][ T5612] FAT-fs (loop5): Filesystem has been set read-only
[  120.274085][ T4273] Bluetooth: hci0: command 0x0c1a tx timeout
[  120.280291][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  120.610718][ T5615] loop0: detected capacity change from 0 to 16
[  120.647797][ T4433] kernel write not supported for file bpf-prog (pid: 4433 comm: kworker/0:10)
[  120.707618][ T5615] erofs: (device loop0): mounted with root inode @ nid 36.
[  120.766864][ T5620] loop1: detected capacity change from 0 to 64
[  120.886355][ T5624] netlink: 'syz.2.298': attribute type 1 has an invalid length.
[  120.907607][ T5624] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.298'.
[  121.227850][ T5637] netlink: 'syz.5.302': attribute type 1 has an invalid length.
[  121.276045][ T5637] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.302'.
[  121.313007][ T5637] syz.5.302[5637] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  121.313100][ T5637] syz.5.302[5637] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  122.136975][ T5673] netlink: 'syz.5.315': attribute type 1 has an invalid length.
[  122.164171][ T5673] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.315'.
[  122.241398][ T5645] loop2: detected capacity change from 0 to 32768
[  122.269215][ T5645] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop2 scanned by syz.2.305 (5645)
[  122.333720][ T5645] BTRFS info (device loop2): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  122.395933][ T5645] BTRFS info (device loop2): using crc32c (crc32c-intel) checksum algorithm
[  122.422370][ T5645] BTRFS info (device loop2): using free space tree
[  122.699692][ T5650] loop4: detected capacity change from 0 to 40427
[  122.773007][ T5650] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  122.842845][ T5650] F2FS-fs (loop4): invalid crc value
[  122.924188][ T5645] BTRFS info (device loop2): enabling ssd optimizations
[  122.933633][ T5650] F2FS-fs (loop4): Found nat_bits in checkpoint
[  123.000653][ T5716] netlink: 'syz.0.321': attribute type 1 has an invalid length.
[  123.056186][ T5716] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.321'.
[  123.074051][ T4268] Bluetooth: hci0: command 0x0c1a tx timeout
[  123.081344][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  123.106395][ T5717] syz.0.321[5717] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.109994][ T5717] syz.0.321[5717] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  123.129186][ T5650] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  123.240282][ T4279] BTRFS info (device loop2): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  123.575771][ T5729] loop5: detected capacity change from 0 to 512
[  123.599158][ T5729] EXT4-fs (loop5): feature flags set on rev 0 fs, running e2fsck is recommended
[  123.631024][ T4266] syz-executor: attempt to access beyond end of device
[  123.631024][ T4266] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  123.745688][ T5729] EXT4-fs warning (device loop5): ext4_update_dynamic_rev:1086: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  123.920970][ T5729] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm syz.5.325: bg 0: block 248: padding at end of block bitmap is not set
[  123.975236][ T5729] Quota error (device loop5): write_blk: dquota write failed
[  123.992106][ T5729] Quota error (device loop5): qtree_write_dquot: Error -117 occurred while creating quota
[  124.034299][ T5729] EXT4-fs error (device loop5): ext4_acquire_dquot:6809: comm syz.5.325: Failed to acquire dquot type 1
[  124.122020][ T5729] EXT4-fs (loop5): 1 truncate cleaned up
[  124.154105][ T5729] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: writeback.
[  124.210516][   T26] audit: type=1800 audit(1761774992.866:16): pid=5729 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.325" name="file1" dev="loop5" ino=15 res=0 errno=0
[  124.376107][ T4869] EXT4-fs (loop5): unmounting filesystem.
[  124.399463][   T11] Quota error (device loop5): do_check_range: Getting block 0 out of range 1-5
[  124.433754][   T11] EXT4-fs error (device loop5): ext4_release_dquot:6845: comm kworker/u4:1: Failed to release dquot type 1
[  124.687699][ T5755] sp0: Synchronizing with TNC
[  124.741274][ T5760] netlink: 'syz.5.330': attribute type 1 has an invalid length.
[  124.859329][ T5760] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.330'.
[  125.234822][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[  125.241064][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  125.757923][ T5773] netlink: 'syz.4.336': attribute type 1 has an invalid length.
[  125.764207][  T126] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  125.766263][ T5773] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.336'.
[  125.789293][ T5773] syz.4.336[5773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.789391][ T5773] syz.4.336[5773] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  125.937797][ T5780] netlink: 8 bytes leftover after parsing attributes in process `syz.0.337'.
[  125.979047][  T126] usb 3-1: Using ep0 maxpacket: 8
[  125.987196][  T126] usb 3-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0
[  126.034141][  T126] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0
[  126.068965][  T126] usb 3-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  126.115461][  T126] usb 3-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  126.174035][  T126] usb 3-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  126.203369][  T126] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.246716][ T5793] loop1: detected capacity change from 0 to 128
[  126.336729][ T5793] EXT4-fs (loop1): mounted filesystem without journal. Quota mode: none.
[  126.434992][  T126] usb 3-1: GET_CAPABILITIES returned 0
[  126.440545][  T126] usbtmc 3-1:16.0: can't read capabilities
[  126.476313][ T5793] ext4 filesystem being mounted at /71/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  127.315486][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  127.321715][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[  128.135610][ T5793] netlink: 32 bytes leftover after parsing attributes in process `syz.1.343'.
[  128.141362][ T4550] usb 3-1: USB disconnect, device number 5
[  128.194760][ T5793] netlink: 16 bytes leftover after parsing attributes in process `syz.1.343'.
[  129.597098][ T4274] EXT4-fs (loop1): unmounting filesystem.
[  129.653426][ T5822] netlink: 'syz.0.352': attribute type 1 has an invalid length.
[  129.703399][ T5822] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.352'.
[  129.780431][ T5830] syz.0.352[5830] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  129.780527][ T5830] syz.0.352[5830] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  131.386681][ T5818] loop2: detected capacity change from 0 to 32768
[  131.475206][ T5818] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by syz.2.350 (5818)
[  131.954139][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[  131.960395][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  132.756527][ T1278] ieee802154 phy0 wpan0: encryption failed: -22
[  132.762935][ T1278] ieee802154 phy1 wpan1: encryption failed: -22
[  133.119745][ T5818] BTRFS error (device loop2): open_ctree failed: -4
[  133.294714][ T4423] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop2 scanned by udevd (4423)
[  133.416082][ T5865] loop1: detected capacity change from 0 to 2048
[  133.490190][ T5865] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  133.654206][ T5876] netlink: 'syz.0.369': attribute type 1 has an invalid length.
[  133.661908][ T5876] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.369'.
[  133.728005][ T5876] syz.0.369[5876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.728099][ T5876] syz.0.369[5876] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  133.839626][ T5879] loop2: detected capacity change from 0 to 16
[  133.924009][ T5879] erofs: (device loop2): EXPERIMENTAL compressed fragments feature in use. Use at your own risk!
[  133.976292][ T5879] erofs: (device loop2): EXPERIMENTAL global deduplication feature in use. Use at your own risk!
[  134.041890][ T5879] erofs: (device loop2): mounted with root inode @ nid 36.
[  134.230232][ T5889] Set syz0 is full, maxelem 0 reached
[  134.358504][ T5894] loop2: detected capacity change from 0 to 1024
[  134.453729][ T5894] EXT4-fs: Ignoring removed nomblk_io_submit option
[  134.467705][ T5868] loop4: detected capacity change from 0 to 32768
[  134.515343][ T5868] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop4 scanned by syz.4.366 (5868)
[  134.533405][ T5894] EXT4-fs: Ignoring removed nobh option
[  134.556210][ T5899] loop0: detected capacity change from 0 to 512
[  134.630785][ T5894] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  134.676720][ T5868] BTRFS info (device loop4): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  134.676915][ T5899] EXT4-fs error (device loop0): ext4_xattr_inode_iget:404: comm syz.0.376: inode #1: comm syz.0.376: iget: illegal inode #
[  134.774872][ T5868] BTRFS info (device loop4): using blake2b (blake2b-256-generic) checksum algorithm
[  134.793145][ T5873] loop5: detected capacity change from 0 to 32768
[  134.881215][ T5868] BTRFS info (device loop4): using free space tree
[  135.125892][ T5873] 
[  135.125892][ T5873]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  135.125892][ T5873] 
[  135.255387][ T5899] EXT4-fs error (device loop0): ext4_xattr_inode_iget:409: comm syz.0.376: error while reading EA inode 1 err=-117
[  135.595420][ T5899] EXT4-fs (loop0): 1 orphan inode deleted
[  135.601763][ T5899] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  135.671962][   T26] audit: type=1800 audit(1761775004.326:17): pid=5899 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.376" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop0" ino=15 res=0 errno=0
[  135.789998][ T5868] BTRFS info (device loop4): enabling ssd optimizations
[  135.800677][ T4279] EXT4-fs (loop2): unmounting filesystem.
[  135.842860][ T4267] EXT4-fs (loop0): unmounting filesystem.
[  135.874224][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[  135.880389][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  135.950760][   T46] read_mapping_page failed!
[  136.026541][   T46] ERROR: (device loop5): txCommit: 
[  136.026541][   T46] 
[  136.069014][   T46] jfs_write_inode: jfs_commit_inode failed!
[  136.311152][ T4869] 
[  136.311152][ T4869]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.311152][ T4869] 
[  136.326924][ T4869] 
[  136.326924][ T4869]  ... Log Wrap ... Log Wrap ... Log Wrap ...
[  136.326924][ T4869] 
[  136.357365][ T4266] BTRFS info (device loop4): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  136.694517][ T5947] loop0: detected capacity change from 0 to 2048
[  136.785232][ T5947] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  136.811841][ T5956] loop5: detected capacity change from 0 to 1024
[  136.901650][   T26] audit: type=1800 audit(1761775005.556:18): pid=5947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.384" name="file1" dev="loop0" ino=1415 res=0 errno=0
[  136.950972][ T5956] EXT4-fs (loop5): mounted filesystem without journal. Quota mode: none.
[  137.013689][ T5956] ext4 filesystem being mounted at /38/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  137.104004][ T4556] usb 2-1: new high-speed USB device number 6 using dummy_hcd
[  137.123149][ T5956] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.382: inode has both inline data and extents flags
[  137.196130][ T5970] EXT4-fs error (device loop5): ext4_lookup:1858: inode #15: comm syz.5.382: inode has both inline data and extents flags
[  137.330450][ T4556] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  137.366510][ T4869] EXT4-fs (loop5): unmounting filesystem.
[  137.367436][ T4556] usb 2-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  137.420660][ T4556] usb 2-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  137.464345][ T4556] usb 2-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  137.494111][ T4556] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  137.499572][ T5976] loop0: detected capacity change from 0 to 4096
[  137.521113][ T4556] usb 2-1: config 0 descriptor??
[  137.567060][ T5976] NILFS (loop0): invalid segment: Checksum error in segment payload
[  137.606046][ T5976] NILFS (loop0): trying rollback from an earlier position
[  137.684036][ T5976] NILFS (loop0): recovery complete
[  137.717553][ T5984] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  137.801662][   T26] audit: type=1800 audit(1761775006.446:19): pid=5976 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.389" name="file1" dev="loop0" ino=12 res=0 errno=0
[  137.947198][ T4556] plantronics 0003:047F:FFFF.0006: No inputs registered, leaving
[  138.024385][ T4556] plantronics 0003:047F:FFFF.0006: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0
[  138.237860][ T4550] usb 2-1: USB disconnect, device number 6
[  138.313136][ T5967] loop4: detected capacity change from 0 to 40427
[  138.343340][ T5993] fido_id[5993]: Failed to open report descriptor at '/sys/devices/platform/dummy_hcd.1/usb2/report_descriptor': No such file or directory
[  138.372609][ T5967] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  138.453123][ T5967] F2FS-fs (loop4): invalid crc value
[  138.484798][ T5967] F2FS-fs (loop4): Found nat_bits in checkpoint
[  138.674707][ T5967] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  138.904308][ T4266] syz-executor: attempt to access beyond end of device
[  138.904308][ T4266] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.985089][ T6011] netlink: 'syz.2.398': attribute type 1 has an invalid length.
[  139.016614][ T6011] netlink: 7064 bytes leftover after parsing attributes in process `syz.2.398'.
[  139.690336][ T6022] loop2: detected capacity change from 0 to 32768
[  139.719765][ T6022] BTRFS info (device loop2): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  139.730003][ T6022] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  139.738797][ T6022] BTRFS info (device loop2): using free space tree
[  139.937735][ T5981] loop5: detected capacity change from 0 to 65536
[  139.946514][ T6036] netlink: 'syz.4.399': attribute type 1 has an invalid length.
[  140.011055][ T6036] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.399'.
[  140.036465][ T6054] syz.4.399[6054] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.036556][ T6054] syz.4.399[6054] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  140.050833][ T5981] XFS (loop5): Mounting V5 Filesystem
[  140.138691][ T6022] BTRFS info (device loop2): enabling ssd optimizations
[  140.150068][ T5981] XFS (loop5): Ending clean mount
[  140.182607][   T26] audit: type=1800 audit(1761775008.836:20): pid=5981 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.391" name="file1" dev="loop5" ino=38 res=0 errno=0
[  140.268606][ T6022] BTRFS info (device loop2): setting incompat feature flag for COMPRESS_ZSTD (0x10)
[  140.284435][ T4543] usb 2-1: new high-speed USB device number 7 using dummy_hcd
[  140.344111][ T4869] XFS (loop5): Unmounting Filesystem
[  140.433179][ T4279] BTRFS info (device loop2): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  140.530650][ T4543] usb 2-1: Using ep0 maxpacket: 8
[  140.541622][ T4543] usb 2-1: config 0 has an invalid interface number: 1 but max is 0
[  140.572833][ T6062] loop0: detected capacity change from 0 to 32768
[  140.583561][ T4543] usb 2-1: config 0 has no interface number 0
[  140.594696][ T4543] usb 2-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7
[  140.629548][ T4543] usb 2-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  140.635031][ T6062] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.404 (6062)
[  140.680563][ T4543] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  140.715153][ T4543] usb 2-1: config 0 descriptor??
[  140.799309][ T4543] iowarrior 2-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  141.122929][ T6062] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  141.154183][ T4268] Bluetooth: hci0: command 0x0c1a tx timeout
[  141.160307][ T4275] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  141.170237][ T6062] BTRFS info (device loop0): using crc32c (crc32c-intel) checksum algorithm
[  141.179687][ T6062] BTRFS info (device loop0): setting nodatacow, compression disabled
[  141.190915][ T6062] BTRFS info (device loop0): turning on flush-on-commit
[  141.199004][ T6062] BTRFS info (device loop0): enabling auto defrag
[  141.205870][ T6062] BTRFS info (device loop0): trying to use backup root at mount time
[  141.214478][ T6062] BTRFS info (device loop0): turning on async discard
[  141.221387][ T6062] BTRFS info (device loop0): using free space tree
[  141.342367][ T4490] BTRFS warning (device loop0): checksum verify failed on logical 5337088 mirror 1 wanted 0xe63dbdda found 0xc926492d level 0
[  141.422264][ T6062] BTRFS error (device loop0): failed to load root extent
[  141.430135][ T6062] BTRFS warning (device loop0): try to load backup roots slot 1
[  141.439451][   T46] BTRFS warning (device loop0): checksum verify failed on logical 5324800 mirror 1 wanted 0x9f73850b found 0x80379423 level 0
[  141.459138][ T6062] BTRFS warning (device loop0): couldn't read tree root
[  141.466558][ T6062] BTRFS warning (device loop0): try to load backup roots slot 2
[  141.479649][ T6062] BTRFS error (device loop0): parent transid verify failed on logical 5255168 mirror 1 wanted 5 found 7
[  141.506007][ T6062] BTRFS warning (device loop0): couldn't read tree root
[  141.526528][ T6062] BTRFS warning (device loop0): try to load backup roots slot 3
[  141.598203][ T6062] BTRFS info (device loop0): enabling ssd optimizations
[  141.607048][ T6062] BTRFS info (device loop0): rebuilding free space tree
[  141.666382][ T6062] BTRFS info (device loop0): checking UUID tree
[  141.960647][ T5136] usb 2-1: USB disconnect, device number 7
[  141.968241][ T4267] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[  142.130290][ T4423] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 9 /dev/loop0 scanned by udevd (4423)
[  142.345424][ T6095] loop2: detected capacity change from 0 to 32768
[  142.390729][ T6095] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9
[  142.516732][ T6129] netlink: 'syz.0.411': attribute type 1 has an invalid length.
[  142.564267][ T6129] netlink: 7064 bytes leftover after parsing attributes in process `syz.0.411'.
[  142.801370][ T4260] BTRFS error: device /dev/loop2 already registered with a higher generation, found 8 expect 9
[  143.209404][ T6151] netlink: 'syz.4.418': attribute type 1 has an invalid length.
[  143.271388][ T6151] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.418'.
[  143.288347][ T6151] syz.4.418[6151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.288445][ T6151] syz.4.418[6151] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  143.840356][ T6174] loop1: detected capacity change from 0 to 2048
[  143.897430][ T6174] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  143.920245][   T26] audit: type=1800 audit(1761775012.576:21): pid=6174 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.425" name="file2" dev="loop1" ino=1347 res=0 errno=0
[  144.013433][ T6180] netlink: 'syz.4.427': attribute type 11 has an invalid length.
[  144.062873][ T6182] netlink: 'syz.1.428': attribute type 1 has an invalid length.
[  144.086701][ T6182] netlink: 7064 bytes leftover after parsing attributes in process `syz.1.428'.
[  144.161570][ T6187] loop4: detected capacity change from 0 to 512
[  144.282913][ T6189] loop4: detected capacity change from 0 to 1024
[  144.334116][ T5136] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  144.361737][ T6191] loop1: detected capacity change from 0 to 512
[  144.402172][ T6189] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  144.411734][ T6189] ext4 filesystem being mounted at /91/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  144.418684][ T6191] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  144.427280][ T6189] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.431: inode has both inline data and extents flags
[  144.451978][ T6189] EXT4-fs error (device loop4): ext4_lookup:1858: inode #15: comm syz.4.431: inode has both inline data and extents flags
[  144.505896][ T6198] netlink: 8 bytes leftover after parsing attributes in process `syz.0.434'.
[  144.516720][ T6198] netlink: 40 bytes leftover after parsing attributes in process `syz.0.434'.
[  144.533622][ T4266] EXT4-fs (loop4): unmounting filesystem.
[  144.545989][ T5136] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32
[  144.560887][   T26] audit: type=1804 audit(1761775013.216:22): pid=6191 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.432" name="/newroot/91/file0/bus" dev="loop1" ino=1048608 res=1 errno=0
[  144.597181][ T6198] netlink: 40 bytes leftover after parsing attributes in process `syz.0.434'.
[  144.615798][ T5136] usb 6-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config
[  144.643507][ T5136] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66
[  144.666260][ T5136] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9
[  144.674398][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[  144.681223][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  144.705945][ T5136] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024
[  144.725307][ T5136] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40
[  144.734582][ T5136] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0
[  144.742593][ T5136] usb 6-1: Product: syz
[  144.754251][ T5136] usb 6-1: Manufacturer: syz
[  144.770050][ T5136] cdc_wdm 6-1:1.0: skipping garbage
[  144.780115][ T5136] cdc_wdm 6-1:1.0: skipping garbage
[  144.809623][ T5136] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device
[  144.842972][ T5136] cdc_wdm 6-1:1.0: Unknown control protocol
[  144.854220][ T6205] netlink: 'syz.4.435': attribute type 1 has an invalid length.
[  144.879211][ T6205] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.435'.
[  144.913061][ T6205] syz.4.435[6205] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  144.913167][ T6205] syz.4.435[6205] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  145.162430][ T6219] loop1: detected capacity change from 0 to 512
[  145.201245][ T6222] netlink: 'syz.4.443': attribute type 1 has an invalid length.
[  145.210033][ T6222] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.443'.
[  145.245528][ T6219] EXT4-fs error (device loop1): __ext4_fill_super:5397: inode #2: comm syz.1.442: inode has both inline data and extents flags
[  145.272195][ T6219] EXT4-fs (loop1): get root inode failed
[  145.278724][ T6219] EXT4-fs (loop1): mount failed
[  145.324205][ T4310] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  145.743694][ T5136] usb 6-1: USB disconnect, device number 3
[  145.784099][ T4310] usb 1-1: Using ep0 maxpacket: 32
[  146.500213][ T4310] usb 1-1: config index 0 descriptor too short (expected 156, got 27)
[  146.511172][ T4310] usb 1-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30
[  146.522488][ T4310] usb 1-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7
[  146.544137][ T4310] usb 1-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144
[  146.577155][ T4310] usb 1-1: config 0 interface 0 has no altsetting 0
[  146.621797][ T4310] usb 1-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66
[  146.659815][ T4310] usb 1-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172
[  146.679197][ T4310] usb 1-1: Product: syz
[  146.683414][ T4310] usb 1-1: Manufacturer: syz
[  146.708186][ T4310] usb 1-1: SerialNumber: syz
[  146.733650][ T4310] usb 1-1: config 0 descriptor??
[  146.741496][ T4310] ldusb 1-1:0.0: Interrupt out endpoint not found (using control endpoint instead)
[  146.755552][ T4310] ldusb 1-1:0.0: LD USB Device #0 now attached to major 180 minor 0
[  146.835606][ T6245] loop4: detected capacity change from 0 to 256
[  146.877793][ T6245] MINIX-fs: mounting file system with errors, running fsck is recommended
[  146.952442][ T6245] MINIX-fs warning: remounting fs with errors, running fsck is recommended
[  146.974328][ T4310] usb 1-1: USB disconnect, device number 4
[  146.991931][ T4310] ldusb 1-1:0.0: LD USB Device #0 now disconnected
[  146.994105][ T4268] Bluetooth: hci0: Opcode 0x0c1a failed: -110
[  146.998840][ T4275] Bluetooth: hci0: command 0x0c1a tx timeout
[  147.056042][ T6249] netlink: 'syz.5.454': attribute type 1 has an invalid length.
[  147.063740][ T6249] netlink: 7064 bytes leftover after parsing attributes in process `syz.5.454'.
[  147.078037][ T6247] loop1: detected capacity change from 0 to 2048
[  147.099353][ T6249] syz.5.454[6249] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.099446][ T6249] syz.5.454[6249] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  147.125307][ T6247] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  147.220327][ T6247] UDF-fs: error (device loop1): udf_rename: failed to find renamed entry again in directory (ino 1376)
[  147.330855][ T6235] loop2: detected capacity change from 0 to 32768
[  147.340791][ T6235] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop2 scanned by syz.2.447 (6235)
[  147.400134][ T6235] BTRFS info (device loop2): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  147.405400][ T6255] netlink: 'syz.4.456': attribute type 1 has an invalid length.
[  147.420763][ T6235] BTRFS info (device loop2): using sha256 (sha256-avx2) checksum algorithm
[  147.459736][ T6255] netlink: 7064 bytes leftover after parsing attributes in process `syz.4.456'.
[  147.491229][ T6235] BTRFS info (device loop2): enabling auto defrag
[  147.505937][ T6235] BTRFS info (device loop2): max_inline at 0
[  147.523641][ T6235] BTRFS info (device loop2): force clearing of disk cache
[  147.570431][ T6235] BTRFS info (device loop2): turning on sync discard
[  147.582089][ T6235] BTRFS info (device loop2): using free space tree
[  147.701694][   T26] audit: type=1326 audit(1761775016.356:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6263 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af58efc9 code=0x7ffc0000
[  147.959566][   T26] audit: type=1326 audit(1761775016.426:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6263 comm="syz.0.459" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe6af58efc9 code=0x7ffc0000
[  148.098902][ T6269] ------------[ cut here ]------------
[  148.104584][ T6269] WARNING: CPU: 0 PID: 6269 at mm/page_alloc.c:5590 __alloc_pages+0x2f4/0x4e0
[  148.113524][ T6269] Modules linked in:
[  148.117598][ T6269] CPU: 0 PID: 6269 Comm: syz.0.459 Not tainted syzkaller #0
[  148.124940][ T6269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  148.135092][ T6269] RIP: 0010:__alloc_pages+0x2f4/0x4e0
[  148.140518][ T6269] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 32 1f 45 0c 01 <0f> 0b eb a5 a9 00 00 08 00 8b 74 24 04 75 3e 44 89 f1 81 e1 7f ff
[  148.160215][ T6269] RSP: 0018:ffffc90003817a00 EFLAGS: 00010246
[  148.166424][ T6269] RAX: ffffc90003817a00 RBX: 1ffff92000702f44 RCX: 0000000000000000
[  148.174534][ T6269] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003817a68
[  148.182519][ T6269] RBP: ffffc90003817b00 R08: dffffc0000000000 R09: ffffc90003817a40
[  148.190546][ T6269] R10: fffff52000702f4d R11: 1ffff92000702f48 R12: 0000000000000013
[  148.199030][ T6269] R13: 0000000000000000 R14: 0000000000040cc0 R15: dffffc0000000000
[  148.207230][ T6269] FS:  00007fe6b04446c0(0000) GS:ffff8880b8e00000(0000) knlGS:0000000000000000
[  148.216252][ T6269] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  148.222863][ T6269] CR2: 00007fe6b0442fe0 CR3: 000000005d6b1000 CR4: 00000000003506f0
[  148.230890][ T6269] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  148.238907][ T6269] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  148.246921][ T6269] Call Trace:
[  148.250211][ T6269]  <TASK>
[  148.253152][ T6269]  ? zone_statistics+0x170/0x170
[  148.258232][ T6269]  ? __might_fault+0xa6/0x120
[  148.262929][ T6269]  ? __lock_acquire+0x7c50/0x7c50
[  148.268087][ T6269]  ? do_vfs_ioctl+0xcb5/0x1d10
[  148.272872][ T6269]  __kmalloc_large_node+0x8c/0x1e0
[  148.278044][ T6269]  ? raw_ioctl+0x17c7/0x39c0
[  148.282651][ T6269]  __kmalloc+0x110/0x240
[  148.286949][ T6269]  ? _copy_from_user+0x10b/0x170
[  148.291905][ T6269]  raw_ioctl+0x17c7/0x39c0
[  148.296369][ T6269]  ? tomoyo_path_number_perm+0x4ae/0x600
[  148.302028][ T6269]  ? __kmem_cache_free+0xb6/0x1f0
[  148.307113][ T6269]  ? tomoyo_path_number_perm+0x503/0x600
[  148.312764][ T6269]  ? tomoyo_path_number_perm+0x1b6/0x600
[  148.318447][ T6269]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  148.323956][ T6269]  ? make_qualifier+0x3f0/0x3f0
[  148.328850][ T6269]  ? __fget_files+0x28/0x4d0
[  148.333466][ T6269]  ? bpf_lsm_file_ioctl+0x5/0x10
[  148.338450][ T6269]  ? security_file_ioctl+0x7c/0xa0
[  148.343580][ T6269]  ? make_qualifier+0x3f0/0x3f0
[  148.348566][ T6269]  __se_sys_ioctl+0xfa/0x170
[  148.353179][ T6269]  do_syscall_64+0x4c/0xa0
[  148.357644][ T6269]  ? clear_bhb_loop+0x60/0xb0
[  148.362340][ T6269]  ? clear_bhb_loop+0x60/0xb0
[  148.367074][ T6269]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  148.372987][ T6269] RIP: 0033:0x7fe6af58efc9
[  148.377464][ T6269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.397136][ T6269] RSP: 002b:00007fe6b0444038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.405598][ T6269] RAX: ffffffffffffffda RBX: 00007fe6af7e5fa0 RCX: 00007fe6af58efc9
[  148.413598][ T6269] RDX: 00002000000000c0 RSI: 00000000c0085508 RDI: 0000000000000003
[  148.421621][ T6269] RBP: 00007fe6af611f91 R08: 0000000000000000 R09: 0000000000000000
[  148.429641][ T6269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.437664][ T6269] R13: 00007fe6af7e6038 R14: 00007fe6af7e5fa0 R15: 00007ffcd7dcbfe8
[  148.445698][ T6269]  </TASK>
[  148.448744][ T6269] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  148.456043][ T6269] CPU: 0 PID: 6269 Comm: syz.0.459 Not tainted syzkaller #0
[  148.463337][ T6269] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  148.473408][ T6269] Call Trace:
[  148.476693][ T6269]  <TASK>
[  148.479633][ T6269]  dump_stack_lvl+0x168/0x22e
[  148.484320][ T6269]  ? memcpy+0x3c/0x60
[  148.488311][ T6269]  ? show_regs_print_info+0x12/0x12
[  148.493515][ T6269]  ? load_image+0x3b0/0x3b0
[  148.498038][ T6269]  panic+0x2c9/0x710
[  148.501952][ T6269]  ? bpf_jit_dump+0xd0/0xd0
[  148.506483][ T6269]  __warn+0x2f8/0x4f0
[  148.510471][ T6269]  ? __alloc_pages+0x2f4/0x4e0
[  148.515251][ T6269]  ? __alloc_pages+0x2f4/0x4e0
[  148.520024][ T6269]  report_bug+0x2ba/0x4f0
[  148.524363][ T6269]  ? __alloc_pages+0x2f4/0x4e0
[  148.529144][ T6269]  handle_bug+0x3a/0x70
[  148.533307][ T6269]  exc_invalid_op+0x16/0x40
[  148.537822][ T6269]  asm_exc_invalid_op+0x16/0x20
[  148.542680][ T6269] RIP: 0010:__alloc_pages+0x2f4/0x4e0
[  148.548064][ T6269] Code: 0c 25 28 00 00 00 48 3b 8c 24 a0 00 00 00 0f 85 a0 00 00 00 48 8d 65 d8 5b 41 5c 41 5d 41 5e 41 5f 5d c3 c6 05 32 1f 45 0c 01 <0f> 0b eb a5 a9 00 00 08 00 8b 74 24 04 75 3e 44 89 f1 81 e1 7f ff
[  148.567680][ T6269] RSP: 0018:ffffc90003817a00 EFLAGS: 00010246
[  148.573765][ T6269] RAX: ffffc90003817a00 RBX: 1ffff92000702f44 RCX: 0000000000000000
[  148.581751][ T6269] RDX: 0000000000000028 RSI: 0000000000000000 RDI: ffffc90003817a68
[  148.589730][ T6269] RBP: ffffc90003817b00 R08: dffffc0000000000 R09: ffffc90003817a40
[  148.597796][ T6269] R10: fffff52000702f4d R11: 1ffff92000702f48 R12: 0000000000000013
[  148.605776][ T6269] R13: 0000000000000000 R14: 0000000000040cc0 R15: dffffc0000000000
[  148.613947][ T6269]  ? zone_statistics+0x170/0x170
[  148.618999][ T6269]  ? __might_fault+0xa6/0x120
[  148.623688][ T6269]  ? __lock_acquire+0x7c50/0x7c50
[  148.628809][ T6269]  ? do_vfs_ioctl+0xcb5/0x1d10
[  148.633593][ T6269]  __kmalloc_large_node+0x8c/0x1e0
[  148.638724][ T6269]  ? raw_ioctl+0x17c7/0x39c0
[  148.643320][ T6269]  __kmalloc+0x110/0x240
[  148.647577][ T6269]  ? _copy_from_user+0x10b/0x170
[  148.652528][ T6269]  raw_ioctl+0x17c7/0x39c0
[  148.656950][ T6269]  ? tomoyo_path_number_perm+0x4ae/0x600
[  148.662608][ T6269]  ? __kmem_cache_free+0xb6/0x1f0
[  148.667652][ T6269]  ? tomoyo_path_number_perm+0x503/0x600
[  148.673306][ T6269]  ? tomoyo_path_number_perm+0x1b6/0x600
[  148.678952][ T6269]  ? tomoyo_check_path_acl+0x1c0/0x1c0
[  148.684431][ T6269]  ? make_qualifier+0x3f0/0x3f0
[  148.689319][ T6269]  ? __fget_files+0x28/0x4d0
[  148.693927][ T6269]  ? bpf_lsm_file_ioctl+0x5/0x10
[  148.698902][ T6269]  ? security_file_ioctl+0x7c/0xa0
[  148.704028][ T6269]  ? make_qualifier+0x3f0/0x3f0
[  148.708895][ T6269]  __se_sys_ioctl+0xfa/0x170
[  148.713498][ T6269]  do_syscall_64+0x4c/0xa0
[  148.717929][ T6269]  ? clear_bhb_loop+0x60/0xb0
[  148.722637][ T6269]  ? clear_bhb_loop+0x60/0xb0
[  148.727324][ T6269]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  148.733227][ T6269] RIP: 0033:0x7fe6af58efc9
[  148.737647][ T6269] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  148.757266][ T6269] RSP: 002b:00007fe6b0444038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  148.765693][ T6269] RAX: ffffffffffffffda RBX: 00007fe6af7e5fa0 RCX: 00007fe6af58efc9
[  148.773675][ T6269] RDX: 00002000000000c0 RSI: 00000000c0085508 RDI: 0000000000000003
[  148.781667][ T6269] RBP: 00007fe6af611f91 R08: 0000000000000000 R09: 0000000000000000
[  148.789652][ T6269] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  148.797634][ T6269] R13: 00007fe6af7e6038 R14: 00007fe6af7e5fa0 R15: 00007ffcd7dcbfe8
[  148.805723][ T6269]  </TASK>
[  148.809016][ T6269] Kernel Offset: disabled
[  148.813338][ T6269] Rebooting in 86400 seconds..