last executing test programs:

3m17.134118594s ago: executing program 0 (id=98):
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.swap.events\x00', 0x275a, 0x0)
setsockopt$sock_attach_bpf(r0, 0x1, 0x2a, &(0x7f0000000100)=r2, 0x4)
sendmsg$unix(r1, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000140)="17fb", 0x2}], 0x1, &(0x7f00000000c0)=[@rights={{0x14, 0x1, 0x1, [r1]}}], 0x18, 0x80}, 0x40000)
recvmsg(r0, &(0x7f0000000700)={0x0, 0x0, &(0x7f00000004c0)=[{&(0x7f00000005c0)=""/189, 0xbd}], 0x1}, 0x40)

3m16.922839376s ago: executing program 0 (id=102):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x2010846, &(0x7f0000000b00), 0x1, 0x55f, &(0x7f0000000580)="$eJzs3d9rU+cbAPDnpK2/v18riGxjjIIXczhT2+6Hg124y7HJhO3ehfZYpKmRJhXbCdOLebObIYMxJozdb/e7lP0D+yuETZAhZbvYTcZJT2q0SRNrtNF8PnDkfXNO+p4n73le35M3IQEMrYnsn0LEyxHxTRJxMCKSfN9o5Dsn1o9bu391NtuSqNc//StpHJfVm3+r+bz9eeWliPjtq4jjhc3tVldWF0rlcrqU1ydri5cmqyurJy4slubT+fTi9MzMqbdnpt97952+xfrG2X++/+T2h6e+Prr23S93D91M4nQcyPe1xvEErrVWJmIif03G4vQjB071obFBkuz0CbAtI3mej0U2BhyMkTzrgRfflxFRB4ZUIv9hSDXnAc17+z7dBz837n2wfgO0Of7R9fdGYk/j3mjfWvLQnVF2vzveh/azNn7989bNbIv+vQ8B0NW16xFxcnR08/iX5OPf9p3s4ZhH2zD+wbNzO5v/vNlu/lPYmP9Em/nP/ja5ux3d879wtw/NdJTN/95vO//dWLQaH8lr/2vM+caS8xfKaTa2/T8ijsXY7qy+1XrOqbU79U77Wud/2Za135wL5udxd3T3w8+ZK9VKTxJzq3vXI15pO/9NNvo/adP/2etxtsc2jqS3Xuu0r3v8T1f9p4jX2/b/gxWtZOv1ycnG9TDZvCo2+/vGkd87tb/T8Wf9v2/r+MeT1vXa6uO38eOef9NO+x6KP3q//nclnzXKu/LHrpRqtaWpiF3Jx5sfn37w3Ga9eXwW/7GjW49/7a7/vRHxeY/x3zj886s9xd+t/5/CImsW/9xj9f/jF+589MUP248/6/+3GqVj+SO9jH+9nuCTvHYAAAAAAAAwaAoRcSCSQnGjXCgUi+uf7zgc+wrlSrV2/Hxl+eJcNL4rOx5jheZK98GWz0NM5Z+HbdanH6nPRMShiPh2ZG+jXpytlOd2OngAAAAAAAAAAAAAAAAAAAAYEPs7fP8/88fITp8d8NT5yW8YXl3zvx+/9AQMJP//w/CS/zC85D8ML/kPw0v+w/CS/zC85D8ML/kPAAAAAAAAAAAAAAAAAAAAAAAAAAAAfXX2zJlsq6/dvzqb1ecurywvVC6fmEurC8XF5dnibGXpUnG+Upkvp8XZymK3v1euVC5NTcfylclaWq1NVldWzy1Wli/Wzl1YLM2n59KxZxIVAAAAAAAAAAAAAAAAAAAAPF+qK6sLpXI5XVJQ2FZhdDBOY3UhYiBO40Up7PTIBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//8NI25Q==")
syz_mount_image$erofs(&(0x7f0000000080), &(0x7f0000000100)='./file1\x00', 0x3008003, &(0x7f00000000c0)=ANY=[], 0x2, 0x200, &(0x7f00000002c0)="$eJzsmbFrFEEUxr+Z3ds7gwRtLGwsDBjR7O3uqaSJEMFSEKKo5WHWEN3k5LJC7kDwsLHRzkKwtbG0sLCy8C+w1UIFwcIrBQthZGZnd4e93fMOTwXzfpDJN/PezLz3YF6xB4Ig9iyfPn778PDc8qWTAPZjAXW9/sXKfbjh//7JnROPV84/ffHu2Zvt+buviucxAEJUXve9aHIAvF61EIPZyYoQmM/tC0YIWuMyOI5rfQUMbiJ/CEUyCcFwTfvcNHRnnxZR6F7vROs3NqPQk4Mvh0AOLTM+GdRwwLAOoKGiE4IZ9p1e/1Y7isJuUdREes+IaVrBK8up41vlWEFaPSGk/9UH9wdyrmsDDzyrnw8OX+sWGNa0XkYdruvmJTHyP2zn51uT5D9jcVbd9WjSXc+VOLj05wNLRPpGptkly/g3SvcfidpMzmHFFfmgs5VDw7QHmj6f/1nu+LVPY/xjhLaPmN7ORdGF34jQKSlUJvL+JDv7MaM/2bCz/tGMt243d3r9pc2t9ka4EW4HQeuMd8rzTgdN1YiScUz/a6j+NGecX6vwdZiD3XYcd/1dIO762TxIxjwBrL3sfJVbDkD1P47Fo+oI1VNV2vXyO5j+4+q/VItWuee9ypwIgiAIgiAIgiAIgiAIgiDKOQKG5JcwwfQH0TKCi+oL5c8AAAD//40vYXw=")
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x10, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="b4000000000700007910080000000000c3000000000000"], 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sk_msg}, 0x94)
r0 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, 0x0, 0x143042, 0x100)
pwritev2(r1, 0x0, 0x0, 0xe7b, 0x0, 0x0)
openat(r0, 0x0, 0x441, 0x14a)
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f00000001c0)='./bus\x00', 0x24b837, 0x0, 0x3, 0x0, &(0x7f0000000240))
chdir(&(0x7f00000003c0)='./bus\x00')
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000004c0)='blkio.bfq.io_merged\x00', 0x275a, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x2, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./bus\x00', &(0x7f0000000440), 0x8, &(0x7f0000000200)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})
chdir(&(0x7f0000000000)='./bus\x00')
munmap(&(0x7f0000002000/0x1000)=nil, 0x1000)
r2 = open(&(0x7f00000000c0)='.\x00', 0x8000, 0x50)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)
getdents(r2, &(0x7f0000001fc0)=""/184, 0xb8)

3m16.444147389s ago: executing program 0 (id=107):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000000c0)='./bus\x00', 0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB='memory=low,background_gc=off,noquota,inline_dentry,data_flush,disable_roll_forward,noinline_xattr,discard,checkpoint=disable,user_xattr,atgc,resuid=', @ANYRESHEX=0x0, @ANYBLOB="2c6a71666d743d76667376312c7573726a71756f74613d2d29242d2e25272a2c2c00a40988e362019a69db5cb2a8b125934e5652c7c1af7aa1b29a3326b2ca0000000000"], 0xff, 0x5512, &(0x7f00000079c0)="$eJzs3EtvG1UUAODjpGnpgxIhFuw6UoWUSLVVpw/BrkArHiJVVGDBChzbsdzanih2nJAVC5aIBf8EgcSKJb+BBWt2iAWIHRLIcyfQ8JCQ4sSk+T5pfOZeX58516oqnZnIAZxai9kvP1XicpyPiPmIuBRRnFfKo3Anhecj4kpEzD12VMr5PybORsSFiLg8SZ5yVsq3Prs2vnrrxzd//vrbc2cufv7Vd7PbNTBrL0REfzOd7/RTzDspPiznG+NuEfs3x2VMb/QfleM8xZ32epFhp7G/rlHEG520Pt/cHk7iRq/RnMROd6OY3xykCw7Hnf08xQceNraKcau9XsTuMC9iZy/VtbuX/m/bG45SnlaZ78MifYxG+zHNt3fbaT+bj4rYHIzK+ZQ3b7V3J3FcxvJy0cx7raKO9cN80/9vb3UH27vZuL017OaD7Fat/mKtfrta38pb7VH7ZrXRb92+mS11epNl1VG70b/TyfNOr11r5v3lbKnTbFbr9Wzpbnu92xhk9XrtRu169dZyeXYte+3+u1mvlS1N4ivdwfao2xtmG/lWlj6xnK3Ubry0nF2tZ2+vrmVrD+7dW1175/27791/efWNV8tFfysrW1q5vrJSrV+vrtSXT9H+Py6LnuL+4VAqsy4A4OTR/wOzcHT9/9aDiKPv/0P/PxUnqv897f3/EewfDkX/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwan2/8MXrxcliGl8s558up54tx5WImIuI3/7BfJw9kHO+zLPwL+sX/lLDN5UoMkyuca48LkTEnfL49Zmj/hYAAADgyfXlR1c+Td16elmcdUEcp3TTZu7SB1PKV4mIhcUfppRtbvLy3JSSFf++z8TulLIVN7DOTClZuuU2tWz/yfyB8NRjoZLC3LGWAwAAHIuDncDxdiEAAAAcp09mXQCzUYn9R5n7z4KLv7z/84Hg+QMjAAAA4ASqzLoAAAAA4MgV/b/f/wMAAIAnW/r9PwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOB3du4mN20gjgPo3wYX6IeKqu57le7gGD1Cl11WHKCX4ABd0Cv0ApyB7HKECCLsCYEIRZE8NiF6TzLDGPNjxoLFzKABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAu3VSr+b/f3/60zdnu2snTGwAAAOCcTbWa10+mTf1DOv8pnfqS6kVElBFxbuw+iHcnmYOUUz1e//f4+upJG/5H1An7zxil431EfE/H3eeu7wIAAABcsdHzL68Xy1kzWm8epv20itehmbQpP/7IlFdERDW9zZRW7vO+Zgqrv9/D+JUprZ7AGmcKa6bchrnSXqT+uR9m7cZHRdEU5dm3HRqZre8AAECPBidFv6MQAAAA+vTz0g3gMop4WMo8LAWmPwyk5b3JSQ0AAAC4QsWlGwAAAAB0rh7/97T/3y73/n+T3HcDAAAA3qhm/z8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC6tKlW8/ViOWubs921k6c3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9+zPOwqEQBiEwd71ncnc/7DSoKmpSRUIH39jMAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAG9+95f/E1PjTDL32lh6HknWTo2tU2Pv3Dj6w/j6NQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsT8vKRACQRAFc8b/Tvr+h5UEPYMIEdDwqKIWDQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAF/3ul/8TU+NMMnfaWDoeSdauGltXjb0HjaMH4+3fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABwsXM/r3FUcQDA38zsbH+ouEbZQ0QUPOjFbre1tTfxoAQP/glCSLc1duuPNgdbipiLN8m5F9GjiKDEW/+Hnlvopd562EMFz8qbnclO0oCr4swm+XzgzfvuY5j3fbMQ8p03CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFCZvDOLs3joTeO0HLv3+NZa7O/v6aM7Ww+WY4tx0mTSB8NL9Q9Jv71EAAAAODqyqr4PITzMt1din/aK+j+vzok1/3fPTOOqnt9b91d9VfvH9usvj17Ymag3nSde9NL6eHT6yVQ6/98qF9uzf3tGp7jzxbOXrPhC0vc3n5/kx+P9TL65e/fdbnFrjzWRLQDwb5yq+jKofh+K/bDNxAA4Mjq1wruq/7NeuzkBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANGGyGZ6q4iSEsNyZxdH9x7fW9uvvbD1Yrtr527e3wleza8ZL5CGES+vj0elGV7PYrt+4eWV1PB5daz54OYTQ1uxvl8u/8uEcJ4eweyQLe0cEixyk5Ze9KPkcjKDFH0oAABxKedliXf8w316JY8lSCH9+v7v+f60Whznr/0cfnb9Xn6te/w8bW+HiG2xc/Wxw/cbNN9avrl4eXR598uaZ4VvDsxfOnbswKJ6VDDwxAQAA4L/plq1e/6dLT+7/n6zFYc76//Nvh1/W58rU//uabfq1nQkAAMDR9twrf/ye7DOedLvhi9WNjWvD6XHn85npsYVU/7FjZavX/9lS21kBAAAATZhsJrv2/y/W4jDn/v/TP7z4U/2aWQjhRLn/f2rt0/HF5paz0Jr4c+K21wgAAEC7TpStvv+fF+//pzuvPKQhhNdfncblvwGcq/7P3vv6x/pc9ff/zza3xIWU9qf3o+j7IXT6bWcEAADAYXa8bLHY/y3fXvn455MfdL3/DwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANC0vwIAAP//PJY89w==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000200)='./bus\x00', 0x141842, 0x9)
ioctl$F2FS_IOC_SET_PIN_FILE(r0, 0x4004f50d, &(0x7f0000000000)=0x201)
r1 = open(&(0x7f0000000000)='./bus\x00', 0x1, 0xc32a4cddd557707a)
fallocate(r1, 0x0, 0x0, 0x9000f4)
r2 = openat(0xffffffffffffff9c, &(0x7f00000000c0)='./bus\x00', 0x40, 0x0)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x43001, 0x20)
sendfile(r3, r2, 0x0, 0x3ffff)

3m12.17543307s ago: executing program 0 (id=125):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
times(0x0)
r4 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r4, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x20}}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})
r5 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
r6 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
sendmsg$nl_route(r6, 0x0, 0x0)
preadv(r5, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}], 0x1, 0x1006c, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r0)

3m8.461195464s ago: executing program 0 (id=138):
r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0)
bind$bt_l2cap(r0, &(0x7f0000000000)={0x1f, 0x0, @any, 0x4, 0x1}, 0xe)
listen(r0, 0x3)
accept4$bt_l2cap(r0, 0x0, 0x0, 0x800)
syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="043e130100c900", @ANYRESDEC], 0x16)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

3m6.124072059s ago: executing program 0 (id=140):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='ocfs2_dlmfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = fsopen(&(0x7f0000000200)='affs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f00000000c0)='%(:2', 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f00000002c0)={'filter\x00', 0x7, 0x4, 0x3ac, 0x0, 0x2cc, 0xe0, 0x2cc, 0x2cc, 0x2cc, 0x4, 0x0, {[{{@arp={@multicast1, @empty, 0x0, 0xffffff00, 0xc, 0x0, {@mac=@local, {[0xff, 0x80, 0x0, 0x1fe, 0xff, 0xff]}}, {@mac=@broadcast, {[0xff, 0x0, 0xff, 0x0, 0xff]}}, 0xdfe, 0x2, 0x7, 0xe, 0xfa, 0x8a5c, 'batadv0\x00', 'team0\x00', {0xff}, {}, 0x0, 0x12}, 0xbc, 0xe0}, @unspec=@NFQUEUE0={0x20, 'NFQUEUE\x00', 0x0, {0x9}}}, {{@arp={@empty, @multicast1, 0xff, 0x0, 0x4, 0x2, {@empty, {[0xff, 0x0, 0xff, 0x0, 0xff, 0x101]}}, {@mac=@broadcast, {[0x0, 0xff, 0x0, 0x0, 0x0, 0xff]}}, 0x9, 0x5, 0x5, 0x2, 0x7, 0xa7c, 'wlan0\x00', 'bond_slave_0\x00', {}, {0xb50cca1d00497645}, 0x0, 0x202}, 0xbc, 0xe0}, @unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0xfff}}}, {{@arp={@multicast1, @remote, 0xff, 0xff000000, 0xa, 0x6, {@empty, {[0xff, 0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff]}}, 0x1, 0x10, 0x3, 0x5, 0x4, 0x9e, 'gre0\x00', 'wg0\x00', {}, {0xff}, 0x0, 0x8}, 0xbc, 0x13f}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast2, @rand_addr=0x64010100, 0x2}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x3f8)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m54.016131809s ago: executing program 4 (id=177):
ioctl$TCSETSF2(0xffffffffffffffff, 0x402c542d, &(0x7f0000000040)={0x82, 0x3, 0x0, 0x717e387b, 0x40, "1ae34e0626788a22b2fb12dab240794233a5bd", 0x4, 0x2})
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000080), 0x60081, 0x0)
ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000000)=0x15)
ioctl$TCSETS(r0, 0x404c4701, &(0x7f0000000040)={0x1, 0x0, 0x0, 0x400000, 0x14, "3eccd8000000000000000010000000040100"})
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000180)=0xf9)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f00000001c0)=0xd)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000280)=0xb3)
ioctl$TIOCSTI(r0, 0x5412, &(0x7f0000000140)=0x85)

2m50.981721566s ago: executing program 32 (id=140):
mkdirat(0xffffffffffffff9c, &(0x7f00000001c0)='./file1\x00', 0x0)
mount(0x0, &(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='ocfs2_dlmfs\x00', 0x0, 0x0)
chdir(&(0x7f00000000c0)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f00000005c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[@ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
r0 = fsopen(&(0x7f0000000200)='affs\x00', 0x1)
fsconfig$FSCONFIG_SET_STRING(r0, 0x1, 0x0, &(0x7f00000000c0)='%(:2', 0x0)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeeb, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0)
r4 = socket$inet_sctp(0x2, 0x1, 0x84)
r5 = socket$netlink(0x10, 0x3, 0x0)
sendmmsg(r5, &(0x7f00000002c0), 0x40000000000009f, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(r4, 0x0, 0x60, &(0x7f00000002c0)={'filter\x00', 0x7, 0x4, 0x3ac, 0x0, 0x2cc, 0xe0, 0x2cc, 0x2cc, 0x2cc, 0x4, 0x0, {[{{@arp={@multicast1, @empty, 0x0, 0xffffff00, 0xc, 0x0, {@mac=@local, {[0xff, 0x80, 0x0, 0x1fe, 0xff, 0xff]}}, {@mac=@broadcast, {[0xff, 0x0, 0xff, 0x0, 0xff]}}, 0xdfe, 0x2, 0x7, 0xe, 0xfa, 0x8a5c, 'batadv0\x00', 'team0\x00', {0xff}, {}, 0x0, 0x12}, 0xbc, 0xe0}, @unspec=@NFQUEUE0={0x20, 'NFQUEUE\x00', 0x0, {0x9}}}, {{@arp={@empty, @multicast1, 0xff, 0x0, 0x4, 0x2, {@empty, {[0xff, 0x0, 0xff, 0x0, 0xff, 0x101]}}, {@mac=@broadcast, {[0x0, 0xff, 0x0, 0x0, 0x0, 0xff]}}, 0x9, 0x5, 0x5, 0x2, 0x7, 0xa7c, 'wlan0\x00', 'bond_slave_0\x00', {}, {0xb50cca1d00497645}, 0x0, 0x202}, 0xbc, 0xe0}, @unspec=@CLASSIFY={0x24, 'CLASSIFY\x00', 0x0, {0xfff}}}, {{@arp={@multicast1, @remote, 0xff, 0xff000000, 0xa, 0x6, {@empty, {[0xff, 0xff, 0x0, 0xff]}}, {@empty, {[0xff, 0xff, 0xff, 0xff]}}, 0x1, 0x10, 0x3, 0x5, 0x4, 0x9e, 'gre0\x00', 'wg0\x00', {}, {0xff}, 0x0, 0x8}, 0xbc, 0x13f}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @multicast2, @rand_addr=0x64010100, 0x2}}}], {{'\x00', 0xbc, 0xe0}, {0x24}}}}, 0x3f8)
ioctl$vim2m_VIDIOC_QUERYBUF(0xffffffffffffffff, 0xc044560f, &(0x7f0000000080)=@mmap={0x0, 0x2, 0x4, 0x0, 0x7, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, "10110401"}})
mount$overlay(0x0, &(0x7f0000000140)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000040)={[{@xino_on}, {@lowerdir={'lowerdir', 0x3d, './file0'}, 0x3a}], [], 0x2f})

2m48.076059296s ago: executing program 4 (id=188):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
bind$inet6(r0, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
setsockopt$inet6_int(r0, 0x29, 0xb, &(0x7f0000000100)=0x80000002, 0x4)
shutdown(r0, 0x2)

2m47.800855791s ago: executing program 4 (id=192):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$can_bcm(0x1d, 0x2, 0x2)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000100)={'vcan0\x00', <r2=>0x0})
connect$can_bcm(r1, &(0x7f00000000c0)={0x1d, r2}, 0x10)
sendmsg$can_bcm(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[@ANYBLOB="0100000003ece1e40ad8871461ab0800", @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=0x0, @ANYRES64=r0, @ANYBLOB="3bf81bb9f9"], 0x20000600}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000004000/0x4000)=nil)
sendmsg$can_bcm(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000580)=ANY=[], 0x4640}, 0x2, 0x0, 0x0, 0x8084}, 0x4004)

2m47.472052989s ago: executing program 4 (id=195):
sched_setscheduler(0x0, 0x2, 0x0)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
getsockopt$sock_cred(r0, 0x1, 0x11, &(0x7f0000000040), &(0x7f0000000100)=0xc)
sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000005580)=""/102392, 0x18ff8)
madvise(&(0x7f0000c00000/0x400000)=nil, 0x400000, 0xe)
r2 = gettid()
timer_create(0xb, &(0x7f00000000c0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r3 = syz_open_dev$cec(&(0x7f0000000240), 0x0, 0x22582)
ioctl$CEC_RECEIVE(r3, 0xc0386106, &(0x7f0000000000)={0x8, 0xe, 0x80005, 0xfffffffe, 0x0, 0x1, "260000000000000754439400", 0xc, 0x0, 0x5, 0x2, 0x0, 0x0, 0x9d})

2m41.558142903s ago: executing program 4 (id=200):
r0 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000200), 0x2, 0x0)
ioctl$VIDIOC_STREAMOFF(r0, 0x40045613, &(0x7f0000000000)=0x562)

2m41.400378543s ago: executing program 4 (id=202):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x80, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x44}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x10, 0x6, 0x4d0, 0x320, 0x190, 0x320, 0xc8, 0x190, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, 0x0, {[{{@ipv6={@local, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'virt_wifi0\x00', 'veth0_to_bond\x00', {}, {}, 0x2c}, 0x0, 0xa4, 0xc8, 0x0, {0x7a00000000000000}}, @HL={0x24}}, {{@ipv6={@loopback, @mcast2, [0x0, 0x0, 0xffffffff], [], 'pimreg\x00', 'veth1_macvtap\x00', {}, {}, 0x0, 0x25, 0x7}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0x0, 0xffffffff, 0xff], [0xffffff00, 0xffffffff, 0xff, 0xff000000], 'veth0_virt_wifi\x00', 'ip6tnl0\x00', {0xff}, {0xff}, 0xff, 0x8, 0x5, 0x22}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @private1, [0xffffffff, 0xffffff00, 0xffffffff], [0xff, 0xffffffff, 0x0, 0xff], 'dvmrp1\x00', 'netpci0\x00', {}, {0xff}, 0x0, 0x9, 0x4, 0x13}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@private1, @loopback, [0xff, 0x0, 0x0, 0xffffff00], [0xffffff00, 0xff000000, 0xffffff00, 0xff], 'bond_slave_0\x00', 'erspan0\x00', {0xff}, {}, 0x2b, 0x3, 0x0, 0x20}, 0x0, 0xa4, 0xe8}, @SNPT={0x44, 'SNPT\x00', 0x0, {@ipv4, @ipv4=@multicast1, 0x80, 0x1}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x52c)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x1}, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x94, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4f, 0x6, "fc0837ce0ecf6f59418b15917858047d491646d2f6f0592504645c490d58de7326fa43372d12a2b2865e46195a2b56357b37e3145afdeeac88272a5f84c6086440f60f24b5ee0000000000"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, &(0x7f0000000280))
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0000001f0000000200000022bf000001000000", @ANYRES32, @ANYBLOB="08000000dd0000000000000000c8d05300000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680), r0)
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001240)={0x14, r7, 0xd0141dcd7c0ac8e5, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000010)

2m26.264686379s ago: executing program 33 (id=202):
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={&(0x7f0000000000)=@l2tp6={0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}}, 0x80, 0x0, 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB], 0x44}, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet_buf(0xffffffffffffffff, 0x0, 0x8008000000010, 0x0, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@mangle={'mangle\x00', 0x10, 0x6, 0x4d0, 0x320, 0x190, 0x320, 0xc8, 0x190, 0x408, 0x408, 0x408, 0x408, 0x408, 0x6, 0x0, {[{{@ipv6={@local, @ipv4={'\x00', '\xff\xff', @multicast1}, [], [], 'virt_wifi0\x00', 'veth0_to_bond\x00', {}, {}, 0x2c}, 0x0, 0xa4, 0xc8, 0x0, {0x7a00000000000000}}, @HL={0x24}}, {{@ipv6={@loopback, @mcast2, [0x0, 0x0, 0xffffffff], [], 'pimreg\x00', 'veth1_macvtap\x00', {}, {}, 0x0, 0x25, 0x7}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@mcast2, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, [0x0, 0x0, 0xffffffff, 0xff], [0xffffff00, 0xffffffff, 0xff, 0xff000000], 'veth0_virt_wifi\x00', 'ip6tnl0\x00', {0xff}, {0xff}, 0xff, 0x8, 0x5, 0x22}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@private2={0xfc, 0x2, '\x00', 0x1}, @private1, [0xffffffff, 0xffffff00, 0xffffffff], [0xff, 0xffffffff, 0x0, 0xff], 'dvmrp1\x00', 'netpci0\x00', {}, {0xff}, 0x0, 0x9, 0x4, 0x13}, 0x0, 0xa4, 0xc8}, @unspec=@CHECKSUM={0x24}}, {{@ipv6={@private1, @loopback, [0xff, 0x0, 0x0, 0xffffff00], [0xffffff00, 0xff000000, 0xffffff00, 0xff], 'bond_slave_0\x00', 'erspan0\x00', {0xff}, {}, 0x2b, 0x3, 0x0, 0x20}, 0x0, 0xa4, 0xe8}, @SNPT={0x44, 'SNPT\x00', 0x0, {@ipv4, @ipv4=@multicast1, 0x80, 0x1}}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x52c)
bind$bt_hci(0xffffffffffffffff, &(0x7f00000001c0)={0x1f, 0x1}, 0x6)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000540)=@newtaction={0xf0, 0x30, 0x1, 0x0, 0x0, {}, [{0xdc, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x94, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4f, 0x6, "fc0837ce0ecf6f59418b15917858047d491646d2f6f0592504645c490d58de7326fa43372d12a2b2865e46195a2b56357b37e3145afdeeac88272a5f84c6086440f60f24b5ee0000000000"}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xf0}, 0x1, 0x0, 0x0, 0x804}, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34)
r2 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
getsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x20, 0x0, &(0x7f0000000280))
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=ANY=[@ANYBLOB="0b0000001f0000000200000022bf000001000000", @ANYRES32, @ANYBLOB="08000000dd0000000000000000c8d05300000000", @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000300), &(0x7f0000000400), 0x401, r5, 0x0, 0xa002a0}, 0x38)
openat$sequencer(0xffffff9c, &(0x7f0000001bc0), 0x88302, 0x0)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000140)={0x0, 0x74}}, 0x0)
r6 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r6, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x34, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x14080, 0x10000}, [@IFLA_XDP={0xc, 0x2b, 0x0, 0x1, [@IFLA_XDP_FD={0x8}]}, @IFLA_GROUP={0x8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20000040}, 0x0)
r7 = syz_genetlink_get_family_id$ipvs(&(0x7f0000000680), r0)
sendmsg$IPVS_CMD_ZERO(r0, &(0x7f0000001340)={0x0, 0x0, &(0x7f0000001300)={&(0x7f0000001240)={0x14, r7, 0xd0141dcd7c0ac8e5, 0x70bd27, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x4004010}, 0x4000010)

26.041037508s ago: executing program 5 (id=474):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x4, 0x358, 0xffffffff, 0xe8, 0x1b8, 0xc8, 0xffffffff, 0xffffffff, 0xe8, 0x288, 0xe8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = signalfd(r1, &(0x7f00000003c0), 0x8)
unshare(0x400)
r5 = epoll_create1(0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000000)={0x10000000})
read$FUSE(r4, &(0x7f0000000480)={0x2020}, 0x2020)
setxattr(&(0x7f00000024c0)='./file0\x00', &(0x7f0000002540)=ANY=[@ANYBLOB="62747266732c2adc2e265e2ee5d7a05d233a0e23ee7b264a36f4e597a91d6b789d05120b93f66689efdf534d4f54c5e1fa82fa08e270e596baaa774372c0844461002a7e3593dbbe792207c1a77096d13b5a066938b688cd20ebcb4d0aaf01ef4193d8d73bdfd3c0083fac5d"], 0x0, 0x0, 0x1)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
r8 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r8, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000005c0)={&(0x7f00000008c0)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0x24008004)
r9 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r9, &(0x7f0000000140)={0xa, 0x802, 0x7, @empty}, 0x1c)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000640)=""/165, 0xa5}], 0x1, 0x180, 0x9)
ptrace$getregset(0x4204, r7, 0x202, &(0x7f0000000140)={0x0})

24.512762846s ago: executing program 5 (id=478):
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$getregset(0x13, r0, 0x2, &(0x7f0000000080)={0x0})
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0100000004000000080000000d"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x10, &(0x7f0000000180)=@framed={{0x18, 0x0, 0x0, 0x0, 0x20}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r2}}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x81}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x10, &(0x7f0000000180)=ANY=[], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
setsockopt$sock_attach_bpf(r3, 0x1, 0x32, &(0x7f00000000c0)=r5, 0x4)
sendmsg$unix(r4, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x11, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000340)='GPL\x00', 0x6, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r6 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r6, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000300)={<r7=>0xffffffffffffffff, <r8=>0xffffffffffffffff})
connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r7, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
syz_io_uring_setup(0x88f, &(0x7f0000000140)={0x0, 0xaee4, 0x1, 0x2, 0xbfdffffc}, &(0x7f0000000000), &(0x7f0000000280))
r9 = syz_init_net_socket$llc(0x1a, 0x1, 0x0)
connect$llc(r9, &(0x7f0000000180)={0x1a, 0x0, 0x0, 0x8, 0x0, 0x4, @multicast}, 0x10)
sendmmsg(r9, &(0x7f0000001380), 0x3fffffffffffeed, 0x0)

20.634902395s ago: executing program 5 (id=483):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xfffffffb}, 0x0)
bpf$BPF_PROG_DETACH(0x9, 0x0, 0x0)
r2 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r2, 0xaf01, 0x0)
r3 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r2, 0x4004af07, &(0x7f0000000240)=r3)
ioctl$VHOST_SET_VRING_KICK(r2, 0x4008af20, &(0x7f0000000040)={0x1, r3})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r2, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/87, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r2, 0x4008af03, &(0x7f0000000680))
openat$cgroup_root(0xffffffffffffff9c, &(0x7f00000005c0)='./cgroup/syz0\x00', 0x200002, 0x0)
ioctl$VHOST_VSOCK_SET_RUNNING(r2, 0x4004af61, &(0x7f0000000000)=0x1)
timer_create(0x0, &(0x7f00000003c0)={0x0, 0x21, 0x800000000004}, &(0x7f0000000380))
ptrace$PTRACE_SETSIGMASK(0x420b, 0x0, 0x0, 0x0)
setsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x21, 0x0, 0x0)
sendmmsg$inet6(0xffffffffffffffff, &(0x7f0000000d00)=[{{&(0x7f0000000380)={0xa, 0x4e23, 0x7, @private0={0xfc, 0x0, '\x00', 0x1}, 0x2}, 0x1c, &(0x7f0000000c80)=[{0x0}], 0x1}}], 0x1, 0x200400c0)

18.570297933s ago: executing program 2 (id=486):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x2)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0)
mkdir(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
getrlimit(0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x60000600)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x109342, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r0, 0x8, 0x4000, 0x4000)

15.81372331s ago: executing program 2 (id=494):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0xbe, 0x0, 0x7fff0000}]})
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x10080, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
creat(&(0x7f0000000440)='./bus\x00', 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

12.909349712s ago: executing program 2 (id=500):
mkdirat(0xffffffffffffff9c, 0x0, 0x0)
chdir(0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, 0x0, &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2)
shutdown(r1, 0x1)
r2 = socket$kcm(0x10, 0x3, 0x10)
sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000016000b63d25a80648c2594f91524fc60", 0x14}], 0x1}, 0x40048820)
socket$nl_netfilter(0x10, 0x3, 0xc)
r3 = syz_open_dev$sndctrl(&(0x7f0000000000), 0x208000c9, 0x101002)
ioctl$SNDRV_CTL_IOCTL_RAWMIDI_NEXT_DEVICE(r3, 0xc0045520, &(0x7f0000000040)=0xffffffff)
syz_init_net_socket$x25(0x9, 0x5, 0x0)
r4 = getpid()
r5 = syz_pidfd_open(r4, 0x0)
r6 = pidfd_getfd(r5, r5, 0x0)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
setns(r6, 0x66020000)
r7 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r7, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-cast6-avx\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r7, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r8 = accept4(r7, 0x0, 0x0, 0x800)
sendmmsg$alg(r8, &(0x7f0000000040)=[{0x0, 0x0, 0x0}], 0x1, 0x40800)
recvmsg(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x51}], 0x1}, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
r9 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r9, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000440)=ANY=[@ANYBLOB="440000000a0605000000000000000000010000050900020073797a30000000000500010007000000080009400000000114000880100007800a001100aa"], 0x44}, 0x1, 0x0, 0x0, 0x8040}, 0x44000)

10.724865253s ago: executing program 6 (id=503):
r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000980)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010025bd7000fddbdf252100000009001f007078b62299"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

9.380070312s ago: executing program 1 (id=505):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
shutdown(0xffffffffffffffff, 0x2)

9.31193732s ago: executing program 6 (id=506):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x2)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0)
mkdir(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
getrlimit(0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x60000600)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x109342, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r0, 0x8, 0x4000, 0x4000)

8.901395387s ago: executing program 5 (id=507):
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
setsockopt$SO_TIMESTAMP(r0, 0x1, 0x3f, &(0x7f0000000080)=0x1, 0x4)
bind$inet(r0, &(0x7f0000000480)={0x2, 0x4e23, @multicast1}, 0x10)
sendto$inet(r0, 0x0, 0x0, 0x28040041, &(0x7f0000000000)={0x2, 0x24e23, @loopback}, 0x10)
sendmsg$inet(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000280)="17", 0x1}], 0x1}, 0x8c0)
recvmmsg(r0, &(0x7f0000001400)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000540)=""/140, 0x8c}, 0x4}, {{0x0, 0x0, 0x0}, 0x9}], 0x2, 0x0, 0x0)

8.583966704s ago: executing program 7 (id=509):
syz_io_uring_setup(0x45, &(0x7f0000000300)={0x0, 0x0, 0x40, 0x2, 0x18}, &(0x7f0000000100), &(0x7f00000000c0)=<r0=>0x0)
sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="640000000001010400000000141a000002000000240001801400018008000100e000000108000200e00000010c00028005000100000000002400028014000180080001000000000008000200ac1e00010c00028005000100000000000800074000000001"], 0x64}}, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000400)=ANY=[@ANYRESDEC=r0, @ANYRESDEC], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000580)=""/186, 0x41100, 0x23, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './cgroup\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000e00)=0x2)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = syz_open_dev$video(&(0x7f0000000180), 0x3, 0x1)
ioctl$VIDIOC_S_FMT(r4, 0xc0d05605, &(0x7f00000002c0)={0x9, @pix={0xb, 0x9, 0x32315258, 0x7, 0xe, 0x8, 0x5, 0xa, 0x0, 0x2, 0x0, 0x3}})
mount(&(0x7f0000000080)=@nullb, &(0x7f0000000040)='./cgroup\x00', &(0x7f00000000c0)='affs\x00', 0xa08410, 0x0)
r5 = socket$inet_udp(0x2, 0x2, 0x0)
r6 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r6, 0x0, 0x0)
bind$inet(r5, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x16)
setsockopt$inet_IP_XFRM_POLICY(r5, 0x0, 0x11, &(0x7f00000002c0)={{{@in6=@mcast2, @in6=@private2, 0x0, 0x0, 0x4e21, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x6, 0x0, 0xfffffffffffffffd, 0x0, 0x0, 0x100000000000}, {}, 0x0, 0x0, 0x1, 0x0, 0x3}, {{@in6=@mcast2, 0x0, 0x33}, 0x0, @in=@loopback, 0x0, 0x0, 0x0, 0xb7, 0xfffffffe}}, 0xe8)
sendmmsg(r5, &(0x7f0000007fc0), 0x800001d, 0x0)
r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x3, 0x4, &(0x7f0000000200)=@framed={{0x18, 0x2, 0x0, 0x0, 0xfffffffc}, [@call={0x85, 0x0, 0x0, 0x20}]}, &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x41100}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r7, 0x0, 0xe, 0x0, &(0x7f0000000100)="b34715ecd04550d3abc89b6f7bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$NFNL_MSG_ACCT_DEL(0xffffffffffffffff, &(0x7f00000000c0)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x80000000}, 0xc, &(0x7f0000000040)={&(0x7f0000000340)={0x8c, 0x3, 0x7, 0x301, 0x0, 0x0, {0x5}, [@NFACCT_FLAGS={0x8, 0x5, 0x1, 0x0, 0x1}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xffffffffffff7fff}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x7}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0x46e}, @NFACCT_BYTES={0xc, 0x3, 0x1, 0x0, 0x5}, @NFACCT_FILTER={0x34, 0x7, 0x0, 0x1, [@NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x2}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0xfffff801}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x7ff}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x10}, @NFACCT_FILTER_MASK={0x8, 0x1, 0x1, 0x0, 0x2}, @NFACCT_FILTER_VALUE={0x8, 0x2, 0x1, 0x0, 0x6}]}, @NFACCT_PKTS={0xc, 0x2, 0x1, 0x0, 0xff}]}, 0x8c}, 0x1, 0x0, 0x0, 0x24040000}, 0x40)

8.551971241s ago: executing program 1 (id=510):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x60, 0x4, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x60}}, 0x40)

8.457790436s ago: executing program 2 (id=511):
landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="000e00000000000000000000001500"/24], &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000440)="e43006ea3eb060409f11616b0ff107c8b5c84a2513725dd800704d068c0a1d6565ec464eaa", &(0x7f0000000b00)="4155eeb476bb994a7adbf9ced4cff73ffcc565c90d1d14d488c98904e0d534423e707c5479b3594e0fdb8e8fe861ad8b0baf8b88a81271f0124bb6b06ccb0ab9b2584e405faac843e88185bad71856917b1d4d97243b2bd4497bee39a561d0189bee83a0347b64dc849e99bf872e3fc58867d649170aaa5e5ee950c69d24b89a90d7ac96e65aacfddedea3512f37", 0x3}, 0x38)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008855}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000100001f500000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}, 0x1, 0x0, 0x0, 0x2004c040}, 0xc050)

8.229169055s ago: executing program 1 (id=513):
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
capset(&(0x7f00000004c0)={0x20080522}, &(0x7f0000000500)={0x0, 0x2000, 0x0, 0x0, 0x0, 0x3cd})
socket$packet(0x11, 0x3, 0x300)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffdffffffffff, 0xfa11, 0xffffffff}, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_GET(r2, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000680)={&(0x7f00000000c0)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="01002bbd70000e001000540000"], 0x14}, 0x1, 0x0, 0x0, 0x20000850}, 0x4000000)
close(r2)
madvise(&(0x7f0000bdc000/0x4000)=nil, 0x86ac726dff2f4713, 0xa)
syz_clone(0x1000, 0x0, 0x0, 0x0, 0x0, 0x0)

7.719816583s ago: executing program 5 (id=515):
mkdirat(0xffffffffffffff9c, &(0x7f00000021c0)='./file0\x00', 0x2d)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_io_uring_setup(0x118d7, 0x0, 0x0, &(0x7f00000002c0))
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000040)={0x38, 0x5, 0x9, 0x6, 0x0, 0xb49, 0x9, 0x8, 0x2, 0x3}, 0x0)
mkdir(&(0x7f00000000c0)='./file0\x00', 0x22)
r2 = syz_open_dev$vim2m(&(0x7f0000000000), 0x1, 0x2)
ioctl$vim2m_VIDIOC_REQBUFS(r2, 0xc0145608, 0x0)
r3 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
unshare(0x62040200)
ioctl$F2FS_IOC_GARBAGE_COLLECT_RANGE(r3, 0x4018f50b, &(0x7f0000000100)={0xfffffffb, 0x0, 0x40})
r4 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r4, 0x0, 0x4000000)
ioctl$IOMMU_TEST_OP_CREATE_ACCESS(0xffffffffffffffff, 0x3ba0, &(0x7f0000000340)={0x48, 0x5, 0x0, 0x0, 0xffffffffffffffff, 0x1})
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000200)=ANY=[@ANYBLOB="600000000206010800000000000000000000000005000400000000000900020073797a31000000001400078008001240000000000500140008000000050005000a000000050001000600000011000300686173683a69702c706f7274"], 0x60}}, 0x0)
r6 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000c80)=ANY=[@ANYBLOB="5c000000090601080000000000000000070000000900020073797a31000000000500010007000000340007801800018014000240fe8000000000000000000000000000bb060004400e1f00cd050007008800000006000540"], 0x5c}, 0x1, 0x0, 0x0, 0x10000042}, 0x90)

7.565426458s ago: executing program 7 (id=516):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000300)={&(0x7f0000000500)=ANY=[@ANYBLOB="9feb010018030000000000007c0000007c00000002000000000000000000000e0000000000000000000000000600000d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00000000000000000000000900000000000000000000000900000000000000000000000a02262478fe4ecc6e7083b93dbdc872fffa3668e120269d5877fd64e43ad3d48c82d158d0d9671cc94ec1d41d429a2e4c08d10af2b2bc3f815c59d50a891f56f793f5"], 0x0, 0x96}, 0x28)
r0 = openat(0xffffffffffffff9c, 0x0, 0x300000d, 0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0)
sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r2, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
r4 = socket$inet(0x2, 0xa, 0x262)
ioctl$sock_inet_SIOCSARP(r4, 0x8955, &(0x7f0000000000)={{0x2, 0x0, @dev}, {0x1, @local}, 0x4a, {0x2, 0x0, @multicast2}})
ioctl$sock_inet_SIOCSARP(r4, 0x8953, &(0x7f0000000000)={{0x2, 0x4e22, @dev}, {0x0, @multicast}, 0x38, {0x2, 0x2, @broadcast}, 'syz_tun\x00'})
socket$nl_xfrm(0x10, 0x3, 0x6)
r5 = socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet(r5, &(0x7f0000000000)={0x2, 0x4e21, @broadcast}, 0x2f)
setsockopt$inet_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f0000000340)='illinois', 0x8)
connect$inet(r5, &(0x7f0000000180)={0x2, 0x4e21, @dev={0xac, 0x14, 0x14, 0x1b}}, 0x10)
sendto$inet(r5, &(0x7f0000000000), 0xffffffffffffff94, 0x0, 0x0, 0x0)
recvfrom$inet(r0, &(0x7f0000000080)=""/8, 0x8, 0x720, 0x0, 0x0)
unshare(0x6a040000)
capset(&(0x7f0000000040)={0x19980330}, &(0x7f0000000080)={0x6, 0x6, 0x2, 0x87, 0xffffffff, 0x2})
syz_open_dev$tty20(0xc, 0x4, 0x0)
bind$phonet(0xffffffffffffffff, 0x0, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000006c0)=ANY=[@ANYBLOB="9feb010018000000000000000c0000000c000000020000000000000000000004000000000000f125e9ebb3908735f5e554df73dc9c476b192e28c405691a10cda7a54033f59b7144714c945ea248b2bf9deb48222c69b9a9c4f43182558132d9a7c88f04074a9c6fbd6706fe183b38e68fdab4434d90"], 0x0, 0x26, 0x0, 0x1}, 0x28)

7.418141463s ago: executing program 2 (id=517):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x4, 0x358, 0xffffffff, 0xe8, 0x1b8, 0xc8, 0xffffffff, 0xffffffff, 0xe8, 0x288, 0xe8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = signalfd(r1, &(0x7f00000003c0), 0x8)
unshare(0x400)
r5 = epoll_create1(0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000000)={0x10000000})
read$FUSE(r4, &(0x7f0000000480)={0x2020}, 0x2020)
setxattr(&(0x7f00000024c0)='./file0\x00', &(0x7f0000002540)=ANY=[@ANYBLOB="62747266732c2adc2e265e2ee5d7a05d233a0e23ee7b264a36f4e597a91d6b789d05120b93f66689efdf534d4f54c5e1fa82fa08e270e596baaa774372c0844461002a7e3593dbbe792207c1a77096d13b5a066938b688cd20ebcb4d0aaf01ef4193d8d73bdfd3c0083fac5d"], 0x0, 0x0, 0x1)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r8 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r8, &(0x7f00000005c0)={&(0x7f00000008c0)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0x24008004)
r9 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r9, &(0x7f0000000140)={0xa, 0x802, 0x7, @empty}, 0x1c)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000640)=""/165, 0xa5}], 0x1, 0x180, 0x9)
ptrace$getregset(0x4204, r7, 0x202, &(0x7f0000000140)={0x0})

6.028294602s ago: executing program 2 (id=519):
r0 = socket$netlink(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f0000000300)={0x60, 0x1403, 0x1, 0x0, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'vlan1\x00'}}, {{0x9, 0x2, 'syz2\x00'}, {0x8, 0x41, 'rxe\x00'}, {0x14, 0x33, 'ipvlan0\x00'}}]}, 0x60}, 0x1, 0x0, 0x0, 0x80c9}, 0x20000000)

5.434633824s ago: executing program 6 (id=520):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000440), 0x1, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000140)=@newqdisc={0x78, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25d7dbfb, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0x10, 0xf}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{0x10, 0x8, 0x8, 0x8, 0x81}, 0x103, 0x0, 0x7, 0x7, 0x7, 0xa, 0x12, 0x7, 0x7, 0x3, {0x3, 0x2, 0x3, 0x35db, 0x2, 0x6}}}}]}, 0x78}, 0x1, 0x0, 0x0, 0x40188c0}, 0x0)
r3 = socket$kcm(0x11, 0x3, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x44, 0x2c, 0xd27, 0x170bd2b, 0x2, {0x0, 0x0, 0x0, r6, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x14, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}]}}]}, 0x44}, 0x1, 0x0, 0x0, 0xc804}, 0x2)
close(r4)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
setsockopt$sock_attach_bpf(r3, 0x107, 0xf, &(0x7f0000000600), 0x56)
r7 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r7, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r8=>0x0})
sendmsg$kcm(r3, &(0x7f0000000280)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r8, 0x42}, 0x80, &(0x7f00000000c0)=[{&(0x7f0000000200)="27030200000314000e00003c000300000000ff8400000000000000000000030000060000000085dc9d9839dc1336", 0x2e}], 0x1}, 0x4005)

5.411764889s ago: executing program 3 (id=521):
openat$snapshot(0xffffffffffffff9c, &(0x7f0000000140), 0x1, 0x0)
socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0)
ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100))
openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x802, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380))
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000100)=0x5)
ioctl$FBIOBLANK(0xffffffffffffffff, 0x4611, 0x1)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
openat$binderfs(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8)
mount(&(0x7f0000000040)=@nullb, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='ntfs3\x00', 0x1000080, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200))
prctl$PR_MCE_KILL(0x4e, 0x1, 0x4000)

5.180197785s ago: executing program 7 (id=522):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, 0x0)
socket$inet_tcp(0x2, 0x1, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000280)={0xa, 0x4e22, 0xd, @loopback, 0x6}, 0x1c)
connect$inet6(0xffffffffffffffff, &(0x7f0000000140)={0xa, 0x4e22, 0x23, @loopback, 0x23}, 0x1c)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000002100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000040900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000000c00028008000140fffff27414000000110001"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
shutdown(0xffffffffffffffff, 0x2)

4.395528184s ago: executing program 3 (id=523):
r0 = syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002)
ioctl$SG_IO(r0, 0x2285, 0x0)
r1 = fcntl$dupfd(r0, 0x0, r0)
write$sndseq(r1, 0x0, 0x0)
write$sndseq(r1, &(0x7f00000005c0)=[{0x3, 0x4, 0x5, 0x1, @tick, {0x1, 0x10}, {0x4, 0x10}, @raw32={[0x4, 0x1, 0x81]}}, {0x2, 0x7, 0x7f, 0x1, @time={0x40, 0xe69}, {0xe}, {0x7, 0x9}, @ext={0x0, 0x0}}, {0x5, 0x6a, 0xf7, 0x2, @time={0xb, 0x5d}, {0x9e, 0x66}, {0x52, 0x5}, @result={0xb4c, 0x8}}, {0x3, 0x5, 0xff, 0x0, @tick=0x6, {0x1, 0x2}, {0x9, 0x81}, @connect={{0x62, 0x83}, {0x1, 0x40}}}], 0x70)
read$snapshot(r1, 0x0, 0xffffffbf)
read$FUSE(r1, 0x0, 0x0)

4.301985279s ago: executing program 7 (id=524):
openat$vicodec0(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]})
r1 = syz_usb_connect$printer(0x0, 0x2d, &(0x7f0000000000)=ANY=[@ANYBLOB="12010000000000402505a8a4410001020b0109021b00010100c000090400000207010100090501020002"], 0x0)
syz_usb_control_io$printer(r1, 0x0, &(0x7f00000011c0)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000001180)={0x20, 0x0, 0x1}})
pwritev2(0xffffffffffffffff, &(0x7f00000015c0)=[{&(0x7f0000000080)="ec", 0x1}], 0x1, 0xfffff, 0x0, 0x0)
close_range(r0, 0xffffffffffffffff, 0x3f00000000000000)

3.25237444s ago: executing program 3 (id=525):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={0x0, 0x60}}, 0x0)
sendmsg$IPSET_CMD_FLUSH(r0, &(0x7f0000000300)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x40000}, 0xc, &(0x7f0000000280)={&(0x7f0000000180)={0x60, 0x4, 0x6, 0x3, 0x0, 0x0, {0x2, 0x0, 0x9}, [@IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz0\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}]}, 0x60}}, 0x40)

2.944585746s ago: executing program 3 (id=526):
mkdirat(0xffffffffffffff9c, &(0x7f0000000200)='./file0\x00', 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000080)=[{0x6, 0xbe, 0x0, 0x7fff0000}]})
mkdir(&(0x7f00000002c0)='./bus\x00', 0x0)
mkdir(&(0x7f0000000440)='./file1\x00', 0x0)
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', 0x10080, 0x0)
r1 = fanotify_init(0x200, 0x0)
fanotify_mark(r1, 0x1, 0x4800003e, r0, 0x0)
creat(&(0x7f0000000440)='./bus\x00', 0x0)
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

2.908606189s ago: executing program 1 (id=527):
syz_open_dev$loop(&(0x7f0000000100), 0xfffffffffffffffe, 0x4000)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101)
r1 = dup(r0)
write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c)
r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003, 0x0, 0x0, r1}, &(0x7f0000000100)=<r3=>0x0, &(0x7f0000000240)=<r4=>0x0)
syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x230}})
io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0)
futex(&(0x7f000000cffc)=0x100000000000004, 0x0, 0x4, &(0x7f0000edfff0)={0x77359400}, 0x0, 0x0)

2.736249995s ago: executing program 6 (id=528):
r0 = socket$kcm(0x11, 0x3, 0x0)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000000), 0x4)
sendmsg$kcm(r0, &(0x7f0000000080)={&(0x7f0000000680)=@qipcrtr={0x2a, 0x3, 0x1}, 0x80, &(0x7f00000000c0)=[{&(0x7f00000001c0)="270502001a0014000600a5cbcc19a9905c8647002fb96dbcf706013c9aa1f82fa00956725faf2f61952a03060000d4c6e9c07f0f7b68d90540739b", 0x3b}, {&(0x7f0000000240)="5be581b6d2c6ba5af6c2242e2c8db6", 0xf}, {&(0x7f0000000040)="9c", 0x1}, {&(0x7f0000000800)="80d3aef09561a82fce5da3b0ac7a79759f90dd0d6cd3990d6b0ce1aad5a6d636b0dc103b351a20af5cea17ddacf0fae5e63f46b2ecd0dc15bcf546fd654527393bf1944763f1ba51d3e844d6f8409a10d12d3864d100f4e9f5ecb84a44c9920113f9212230d7e480e87c61b2bddae6a30b1783eab79920949b4d181fb94608884e835ac3685ae56a0dcb25264adf3483339965ab9d88deeb345632ea3b31e5cf8a24e8cbbb22e2249266f2de84d269ead8649f6625a3d2f6220e74df1ae0269d85790d63335b5baee8845b30cc9910c1f3d3134afb4886949153b625545a4f06a7babe44427b24e3636ebf3b00d8a9cedb2268ab4cc9b80ea6a2bba8b7cef7e6316107d283b9b30e2fac78ab030c333be5524aa8a5a9d016bba6af7163bae66f9c52a5605b8c619d257e4bb28f3e7ade04426b26633d3579c081cd97b16218e7f538d57d658fe0b84e3ed72811e0f1710a72bf6bec20bdbe56f44f4872b5e7a1ff8d7a53159882e24368e3293caac36a5626dee760ee28fd7563c2ebb926957690e163f9ae6a22f031ff986847d8f0dae0f1cae4cadc3825ee9a2c48fc3f5c06950526afbde611d946e95951bd27c96f74c17bfad9a495dcf75b562d02caf3b45533c384ba6059b08b458853c0386e25e45148c4753a898dd88fed0297ade7e5ea7b2a1ebec26585cc4566d8a6560d284001413cd0eb6be9335ede4a9caaa0b1c9e1745986a5d31c620afccf71c3dbc521f49751dc077ca5e1955d92382488397f93f1ab0aa49ff4040d8ebe00b6563c1f0194d48342dc8cd633e5eaee4d2eba45d8c2915ec22d928c3597ac4111432988abfbb8f1d69b01ca2d40736bd1297144b96254cc94508c1bf9a4fcc3eb2b8631dc9ae727aea6eeef2513b9d013e1744667621302809e85e78d406edbb30c7cb6d6934fc98a7fdfe678fcfdae6f112ccb75392dd6852d0c0e3370258896502d34cd69f8b0b2cf06c5fe339d1a5028dd6895e4acd1be257e58590e1307e86dffccd91e7a1edaf4f5fea3644299c9c0bda93e14b01f5ba49759fdb537e1cb311a7e5026c7a69cae9adbff30a20a8c25984c28cdfd5fb310fe50263c631c06947815684899fc589bf62ad6ea16b09760603f2e57cbad38b5652a3cc5292c48e57c0c93ddedf390383047bb33e2184fbdfdf6dd45d74fa82640fb956ee5c2981b09ddae840f5a17d0d33547de4e7b39f8748a907e7e71a5e5caad42d8437f9e0c0fc38e6107fd9daa0b32cb6a08b6a95bc8d9d63df674884ccb6c3bd8a3f74af1e5b6b28ec65037fa5e06b524f2d1f49b01b58c54f9dea943cd1dbda10ede9fe11c9e8be0254e944384015e7ce2da70374fbbae217f913295136fa9287048ddbb7f04467c449bfabb9ae11b44c73a9d5ffde02fd2cce441cb26f4960cab1a8aa3a1af7423df8d578193318546b1773dd2c620a5ffe4adb776f4833550eec9d4fb9a59c823a7a2f58f0759a6533e2d10bbeaacd8ed02f95608263bb329ab4e1fbd44b287f3cd0536c58ef4183e5dd7132ed0f736b19caf59150476ae94da392677fdff371a16c2bb925a9edae00b90634ae5eb51070ab42e3332de31174f1156ff196822e25a86ee4bc6600bd5116808d78ca2b4396bac9c91af19c0896bbf0de57ac96eabc139511522fe5125c6f0250537be7844ed887dca86949d626604141d24acb04445d07aab0dfb5e310cdf071125d501dfadba9e205f7da65a3fce06f7692c5696482e372084388362f8832a5102e667597ec5397fa32722891f7b461915d4747e9b576420b29ef093ba1b2cb66f16e8a2f965bb6490c7a1aace48c86b0693899eb0977dbe3cf3b7d26a3ef2b1632f3d74f465c773e86068ba5a279b0f87c3cb530bddee4b07ca9ff5c3740fdc6783c6371229aacd1f8ca9502029082ead201dfe57395df3f103a6509e665ebfc326cc3579c9d2b9e280db3dfd1225dc5f4d33eb046250245e09c848c8e772b73e48c0ed8f923b5375022635025a4e85e41f80a12dfce5cdd96a4ca3a2ba7c0adb580f45fb6a5f9211b86c37e85f0c2fe2e542879f045951ffce72ebdda0fc89a7b52b2fb5ebb544594fd4a2b1abeb17d4b43609dc4a65aa522ae8ae11e929ced040694c0ad17a028dc011265a43740f07b5752daab6bf9786594c155b141748cfa1286d5d459a323d6f40ff715afc4855faf70ef08da83f65ee4384853f801727b5b40930e22c912ee51b271b48fa71b5a9ab8210ef21615503a52ff5f88699f0b79598384da914409dd64b0f4d17b08cdba6a6c56aab3efea4d25bc75efbce4e532001ab0faf52772754941a7261f8188c4973d76f58da1389d31a6b0ecd0f89383b35e45b6b776011337396e7a5b769c53b8ef3c558ca478e41830c16891e7c1bd01c518612e94387ff26dcc9317a0913732508b6fcb931eb9878c74ca9f11a34ed4c3ccd388c2f30e6c2fd349f16f2c99786b5a3367ba56425e50aba8377b989eea2b579dc14c313b4536e1ecfa4973feb2a855be79c01dee5d7178048abce80f962b62880462c23bcb31a70313bf580e56e3dd7f1a72d9ca14dde796b221d56daa5c98fae08bd0b4983528b37e9437d4bfd376703b1cab14814ab4599fc581c022a47496fc589778dc5ab3c119b6d643531ef9d6d5bb3303191673c0487c7757da00b80ce3b06a04fa1a48fc90262d8f2d09829cdeb452ef9bed30c24c42856013ed89ee2403b7b442e41061d55d2548c4713d2a672410007f6e7a5c40c3a2ffd4db79d927756f1de61ac1544363f99192756af7a03edead89d8c3b88f5a1d648edefdb6fdf3a0c28968aec28093f4d1ff1af8cf29695f878afaa70ebde5eb3b72719f1f7ac7ecb992740583f68963a2b1b9f9b47b57f10b6560eeb29abfda784e694e5edf8556e15ce3723af2b91100898670f797f149e0f995317f9d9f120b09b59f31c4bf7023e52f8ca913fd7545fb7ef2e390032a6ba5a6d7c59072aadca56ceb16a9071dbd8a2572055a1b2cd49ade006e1f51fd68de8d9c284e13d96d192778acfabcbf330a3eb63845982be836d2eb4bf342a4a24d5e024a7f1b717e122b3c5bafbd161561507cd7dd96ed3d8112dfa003744e0ab3926c8a00d0c68edc494bce7e610184c1744ff5651e7e1d5c2b763dc911c284da5c0a8e4928a609bc5360501f12a417ef210ee34a081ea49205c47b582680d2694a458fcb2417a83044c1b0352a8c96c0f964f2854a49941aaec71bc3f3ac04fa63dc977bb8367577da2b1848b3d7e3793203f6533be70cc8c9d919f1ee3eee6dd1ae115ca5f7e5d44669f9ca9b0fb610dcef32deca389a6653f8f6fc1b01ce7480c7c414ac9c5f71530cb43fd14e7fa28793c21f14715d850b2b54e6c6f57b3ef229fcc2322ab2fffd5604d0d19db8aa7580bfe796122040f6a6931fd476c410e1d5686a2b05d634dfddcbc7c4074cd7760170eeb6e0314188ab77684ac1976015aa1cad6f671fe1f5b9cbf8aafd1a5567538630e71419add6101179a1741a9b35349871dc66481e142869ee2316bcaf13589aa476a7c3134ef04f14720240052ff34b25cf6822922be3e88f1feac3c689bc2adcf07cec296d6f38d4553b0bf54b55b5b6384a1e7f9477fe912311821fbbb8100b6559d8ead2c1cb57275161cc3cea8340609075ebb680d70d92b0c8471c943ea55187e700cd1583632a228aa0b7db9d18b9f5ab0c057363bed8c494327a14be4d885f5e196b07881c30dca3e0813a2e71e98cbfc6d359faea3da8525ea13d2cb5d342a44960f4ee062ac2875debe51e5f09a11be5d0286b428ff86bf3ad8ae965df61014537b36ddef22fbce3bf4ba1f38983859e3caf448e86085bccd22b0427ca33f1ede263d92de603cb97f19fa19a1a443d4126731ade38d47e59417d7a20adb4ad2af9502bbc92c5640aa16dc7b615e4c9ee4faa900c2a8763a071f7d0e2130cf93571cbe76ccd1a9e663303bcfb937f4925653bed99e5d9fc704540bac42445a649f5c2410053b7ebee1a3a0148a17f163c5b32d0ee0b4f4082db20349b5f15227ba031d90d8e751a028c9c6f52ccf9b82bd27d5abdffb0e38415ba50e7525e1049d31137676addbf080f11807683fdc7283483503be42455e5e4779d6a68f65589afed5be9291c06240cb289c2adb916fab36abf8905d0e3543d1ec3e88794177fded71476444e7cfcbb61af95f22ee26451ebe34f1d61d24487715ac664e71890b991960b73f1374df6deed46528d33ff33f734babbaebe3118a18737bc4a9533f7b992ff44fce5602eb9d7a53673f97d08c527ffc3dfacda1c225c7e9657365289b702eaddc1e7895a8ea5304922eeeeff4db49259e77ff5c9b934941fbd2d1f4586a58f1e007521a4ddb2873a7c63ba725fb0742710570f46b4ee77f06482652caa4742e04b5460861655f40381b75e6f98c0f8e8523b93cea7795fcfa923259b0b51afe8fbb62ed9db60892170cda4c1d1a26a78fcfd7ac02f1cf5d05ce8a9ea0fda879d55e082d067c80dfadee21c0a76eaeea9e16322c84b67db4a94c9e40036cde9ab90819b3fda377dde32901ce34285fd4ae880f70179af27e550485d7bda08242bc142538eb5e3445324bdebeab47bd3b3d65fe87b1384b098f6c6a4f421fd5f8d42fc9a263", 0xcdc}], 0x4}, 0x48081)

2.463592206s ago: executing program 7 (id=529):
landlock_create_ruleset(&(0x7f0000000040)={0x2, 0x3, 0x3}, 0x18, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000280)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="000e00000000000000000000001500"/24], &(0x7f0000000100)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000380)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x4, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2)
recvmmsg(r1, &(0x7f0000000040), 0x80002c1, 0x2, 0x0)
bpf$MAP_LOOKUP_BATCH(0x18, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000440)="e43006ea3eb060409f11616b0ff107c8b5c84a2513725dd800704d068c0a1d6565ec464eaa", &(0x7f0000000b00)="4155eeb476bb994a7adbf9ced4cff73ffcc565c90d1d14d488c98904e0d534423e707c5479b3594e0fdb8e8fe861ad8b0baf8b88a81271f0124bb6b06ccb0ab9b2584e405faac843e88185bad71856917b1d4d97243b2bd4497bee39a561d0189bee83a0347b64dc849e99bf872e3fc58867d649170aaa5e5ee950c69d24b89a90d7ac96e65aacfddedea3512f37", 0x3}, 0x38)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000600)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}, 0x1, 0x0, 0x0, 0x4008855}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000000cc0)={0x0, 0x0, &(0x7f0000000ac0)={&(0x7f0000000bc0)=ANY=[@ANYBLOB="14000000100001f500000000000000000100000a14000000020a497f75241d4e1deb00000500000614000000110001"], 0x3c}, 0x1, 0x0, 0x0, 0x2004c040}, 0xc050)

2.329434271s ago: executing program 6 (id=530):
r0 = socket$netlink(0x10, 0x3, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x7, 0xc, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_extract_tcp_res$synack(0x0, 0x1, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f0000000300)={0xe, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x9, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r1 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000380)={<r2=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bind$inet6(0xffffffffffffffff, 0x0, 0x0)
listen(0xffffffffffffffff, 0x0)
times(0x0)
r3 = socket$inet_udp(0x2, 0x2, 0x0)
ioctl$sock_inet_SIOCADDRT(r3, 0x890b, &(0x7f0000000380)={0x0, {0x2, 0x4e23, @empty}, {0x2, 0xfffe, @dev={0xac, 0x14, 0x14, 0x20}}, {0x2, 0x4e23, @rand_addr=0x64010102}, 0x107, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000000})
r4 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='net/netlink\x00')
r5 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0xd, 0x0, 0x0, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x94)
sendmsg$nl_route(r5, 0x0, 0x0)
preadv(r4, &(0x7f0000000600)=[{&(0x7f0000000280)=""/215, 0xd7}], 0x1, 0x1006c, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, r0)

2.240551738s ago: executing program 3 (id=531):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000000)=@filter={'filter\x00', 0xe, 0x4, 0x358, 0xffffffff, 0xe8, 0x1b8, 0xc8, 0xffffffff, 0xffffffff, 0xe8, 0x288, 0xe8, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x0, 0xa8, 0xe8}, @common=@inet=@TCPOPTSTRIP={0x40}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@STANDARD={0x28, '\x00', 0x0, 0xffffffffffffffff}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@inet=@SYNPROXY={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3b8)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f0000000400)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = signalfd(r1, &(0x7f00000003c0), 0x8)
unshare(0x400)
r5 = epoll_create1(0x0)
r6 = socket$inet6(0xa, 0x2, 0x0)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000000)={0x10000000})
read$FUSE(r4, &(0x7f0000000480)={0x2020}, 0x2020)
setxattr(&(0x7f00000024c0)='./file0\x00', &(0x7f0000002540)=ANY=[@ANYBLOB="62747266732c2adc2e265e2ee5d7a05d233a0e23ee7b264a36f4e597a91d6b789d05120b93f66689efdf534d4f54c5e1fa82fa08e270e596baaa774372c0844461002a7e3593dbbe792207c1a77096d13b5a066938b688cd20ebcb4d0aaf01ef4193d8d73bdfd3c0083fac5d"], 0x0, 0x0, 0x1)
r7 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
bind$inet6(0xffffffffffffffff, &(0x7f0000000240)={0xa, 0x2, 0x1000, @empty}, 0x1c)
r8 = socket$inet(0x2, 0x2, 0x1)
sendmsg$inet(r8, &(0x7f00000005c0)={&(0x7f00000008c0)={0x2, 0x4e22, @multicast1}, 0x10, 0x0}, 0x24008004)
r9 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r9, &(0x7f0000000140)={0xa, 0x802, 0x7, @empty}, 0x1c)
preadv(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000640)=""/165, 0xa5}], 0x1, 0x180, 0x9)
ptrace$getregset(0x4204, r7, 0x202, &(0x7f0000000140)={0x0})

1.685378503s ago: executing program 5 (id=532):
syz_mount_image$ext4(&(0x7f00000004c0)='ext4\x00', &(0x7f0000000500)='./file0\x00', 0x1000410, &(0x7f0000000440)={[{@grpid}, {@grpquota}]}, 0x4, 0x4eb, &(0x7f0000000540)="$eJzs3c9vVFsdAPDvnXZoKQMFZaFGBRFFQ5j+ABqCC2GjMYTESFy5gNoOTdMZpum0SCuLsnRvIokr/RPcuTBh5cKdO925wYUJKnkv9CVvMS/3zqUd2g7te7Qd6Hw+ye2955xhvufMcM6Ze2B6AuhZZyNiNSKORMS9iBjO85P8iButI33cq5ePp9ZePp5Kotm8878kK0/zou3PpI7lzzkYET/7ccQvk61xG8src5PVamUhT48s1uZHGssrl2YLec74xNjE6LXLV8f3rK1nan968aPZWz//y5+/8fzvq9//dVqt0m+OZ2Xt7dhLraYXo9SW1x8Rt/YjWJf0539/+PCkve1LEXEu6//D0Ze9mwDAYdZsDkdzuD0NABx26f1/KZJCOV8LKEWhUC631vBOx1ChWm8sXhyuLz2YjmwN62QUC/dnq5XRfK3wZBSTND2WXW+kxzelL0fEqYj47cDRLF2eqlenu/nBBwB62LFN8//HA635HwA45Aa7XQEA4MCZ/wGg95j/AaD3fI7537cDAeCQcP8PAL3H/A8AvWfH+f/JwdQDADgQP719Oz2aa/nvv55+uLz0g9LDS9OVxly5tjRVnqovzJdn6vWZaqU81Wzu9HzVen1+7Mp6srG8crdWX3qweHe2NjlTuVsp7nN7AICdnTrz7J9JRKxeP5od0baXg7kaDrdCtysAdE1ftysAdI3v80Dv2sU9vmUAOOS22aL3DR3/i9BTm7/Ch+rCV63/Q6+y/g+964ut//9wz+sBHDzr/9C7ms3Env8A0GOs8QPv9O//AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0KNK2ZEUytle4Kvpz0K5HHE8Ik5GMbk/W62MRsSJiPjHQHEgTY91u9IAwDsq/CfJ9/+6MHy+tLn0SPLJQHaOiF/9/s7vHk0uLi6Mpfn/X89ffJrnjx/pRgMAgHY3tma15un83HYj/+rl46nXx0FW8cXN1uaiady1/GiV9Ed/dh6MYkQMfZTk6Zb080rfHsRffRIRX9lo/6O2CKVsDaS18+nm+Gns4/sQf+P13xy/8Eb8QlaWnovZa/HlPagL9JpnN1vjZN730i6W979CnM3O2/f/wWyEenevx7+1LeNfYX3869sSP8n6/Nn19Ntr8uLKX3+yJbM53Cp7EvG1/u3iJ+vxkw7j7/ldtvFfX//muU5lzT9EXIjt47fUsmF2ZLE2P9JYXrk0W5ucqcxUHoyPT4xNjF67fHV8JFujbv3823Yx/nv94olO8dP2D3WIP7hD+7+zy/b/8dN7v/jWW+J/79vbv/+n3xI/nRO/u8v4k0M3Om7fncaf7tD+nd7/i7uM//zfK9O7fCgAcAAayytzk9VqZWGHi/Sz5k6PcfFhXsRqxHtQDRfv1UW3RyZgv210+m7XBAAAAAAAAAAAAAAA6KSxvDI3EPv7daJutxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIDD67MAAAD//w/PzvM=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x441, 0x2)
mount$overlay(0x0, 0x0, 0x0, 0x0, 0x0)
openat(0xffffffffffffff9c, 0x0, 0x1cb842, 0x0)
mkdir(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0)
getrlimit(0xa, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
unshare(0x60000600)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, 0x0, 0x0)
openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x109342, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x0)
pwrite64(r2, &(0x7f00000000c0)='a', 0x200000c1, 0x9000)
fallocate(r0, 0x8, 0x4000, 0x4000)

201.57103ms ago: executing program 6 (id=533):
r0 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000005c0), 0xffffffffffffffff)
sendmsg$IEEE802154_ADD_IFACE(0xffffffffffffffff, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000680)={&(0x7f0000000980)=ANY=[@ANYBLOB=' \x00\x00\x00', @ANYRES16=r0, @ANYBLOB="010025bd7000fddbdf252100000009001f007078b62299"], 0x20}, 0x1, 0x0, 0x0, 0x40000}, 0x0)

201.406166ms ago: executing program 1 (id=534):
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000e00)={0x3, 0xc, &(0x7f0000000700)=ANY=[@ANYBLOB="180000000000000000000000000000008500000061000000180100002020642500000000202020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000500"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000900)={r0, 0x18000000000002a0, 0xe, 0x0, &(0x7f0000000fc0)="d2ff03076003008cb89e08f086dd", 0x0, 0xd5b5, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x4c)

201.147265ms ago: executing program 3 (id=535):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet(0x2, 0x4000000000000001, 0x0)
bind$inet(r0, &(0x7f00000000c0)={0x2, 0x4e23, @multicast1}, 0x10)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000480)={0xffffffffffffffff, 0x0, 0x25, 0x2, @val=@uprobe_multi={0x0, 0x0, 0x0, 0x6, 0x0, 0x1}}, 0x40)
r1 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_VRING_BASE(r1, 0xaf01, 0x0)
r2 = eventfd(0xfffffff9)
ioctl$VHOST_SET_LOG_FD(r1, 0x4004af07, &(0x7f0000000240)=r2)
ioctl$VHOST_SET_VRING_KICK(r1, 0x4008af20, &(0x7f0000000040)={0x1, r2})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/67, 0x0})
ioctl$VHOST_SET_VRING_ADDR(r1, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, &(0x7f0000000380)=""/246, &(0x7f0000000580)=""/79, &(0x7f0000000480)=""/70, 0x100000})
ioctl$VHOST_SET_MEM_TABLE(r1, 0x4008af03, &(0x7f0000000680)={0x1, 0x0, [{0x0, 0x0, 0x0}]})
ioctl$VHOST_SET_VRING_ERR(r1, 0x4008af22, &(0x7f00000002c0)={0x1, r2})
ioctl$VHOST_VSOCK_SET_RUNNING(r1, 0x4004af61, &(0x7f0000000000)=0x1)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
syz_clone(0xc30e3400, 0x0, 0x0, &(0x7f0000000000), 0x0, 0x0)

199.786595ms ago: executing program 7 (id=536):
setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x1, 0x2a, 0x0, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x0)
syz_mount_image$ext4(&(0x7f00000009c0)='ext4\x00', &(0x7f0000000540)='./file0\x00', 0x400, &(0x7f0000000200)={[{@nodioread_nolock}, {@journal_dev={'journal_dev', 0x3d, 0x40000ff}}, {@errors_continue}, {@nouid32}, {@resgid}, {@acl}, {@init_itable_val={'init_itable', 0x3d, 0x8d55}}]}, 0x0, 0x48d, &(0x7f0000000a00)="$eJzs281rHOUfAPDvTLKb9teX5FfrS2vVaBGCYtKkVXvwolQQqSjooR5jsi2h20aaKLYWm4p4EqSgZ/Eo+hd4E0HUk+DVkycpFO2lrafITGaSTbp5odlk0+7nAzP7PDPP7Dzfnbdnn2c3gI7Vn82SiJ0R8UdE9M5lFxfon3u5ef3i2K3rF8eSmJ198+8kL3fj+sWxsmi53Y4iM5BGpJ8kxU4Wmzp/4fRovV47V+SHps+8OzR1/sIz758ZPVU7VTs7cvTokcPDzz838mxL4sziurH/o8kD+155+8prYyeuvPPLd1l9dxbrG+Nolf4s8H9mc0vXPdnqnbXZrnzek8+T7jZXhjXriojscFXy6783umLh4PXGyx+3tXLAhsqeTT3Lr56ZBe5hSay1ZKXhngHc/coHffb9t5w2odmxZVx7ce4LUBb3zWKaW9MdaVGmMv/9tvX6I+LEzL9fZVNsUD8EAECjz8a+PF6Nnvjw1revZm2P3vk1aTyQv/6Zz3cXYyh9EfH/iNgTEfdFxN6IuD8iL/tgRDy0zvrc3v5Jr67zLVeUtf9eKMa2Frf/ytZf9HUVuV15/JXk5ES9dqj4TAai0pPlh1fYxw/Hfv98uXWN7b9syvZftgWLelztXtJBNz46PRqV9US94NrliP3dzeJP5kcCkojYFxH757da0wDP7jIx8dQ3B5YrtHr8K2jBONPs11l4M1n8M7Ek/lLSOD45cdv45NC2qNcODZVnxe1+/e3TN5bb/7rib4FrtbnXhuO/tEhf0jheO9Xa/d/h+Z9Wk7fyceZqMeb4wej09LnhiGpyPM9Xi7L58pGFbct8WT47/wcONr/+9xTbZPE/HBHZSfxIRDwaEY8VdX88Ip6IiIMrxPjzS6vHH2mbjv/liPGm97/583/J8T9/4XR5a1xYsmKi6/RP3y+3/7Ud/yN5aqBYkt//VtGsOt1NqnynnxsAAADcTdL8N/BJOjifTtPBwbnf8O+N/6X1yanpp09Ovnd2fO638n1RScuert6iP7Q+Ua8NJzPFO1aSY1GvjRR9xWV/6eGi3/iLru15fnBssj7e5tih0+1Y5vrP/NXV7toBG2x706Uj1U2vCNAGS8fR08XZS6+HmwHcq/xfGzrXKtd/uln1ADaf5z90rmbX/6UleWMBcG/y/IfO5fqHDpX+2O4aAG3k+Q8dadU/77cnsa1xSXXlwtUtUueWJbbqQckTEWUi3RL1kdigRLvvTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAK3xXwAAAP//uIXZzg==")
mount$bpf(0x0, &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x2182039, 0x0)
mount$bpf(0x200000000000, &(0x7f0000000000)='./file0/../file0\x00', 0x0, 0x989046, 0x0)
mount$bpf(0x200000000000, 0x0, 0x0, 0x2085000, 0x0)
r0 = openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, 0x0)
r1 = openat$dir(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000000)=""/49, 0x31)

0s ago: executing program 1 (id=537):
syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
setrlimit(0x7, 0x0)
r1 = fsopen(&(0x7f0000000600)='devpts\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x1, 0x1)
fchdir(r2)
r3 = open(&(0x7f0000000080)='.\x00', 0x480, 0x0)
fremovexattr(r3, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
sendmsg$nl_netfilter(r0, &(0x7f0000000380)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x90}, 0x40884)
eventfd2(0x0, 0x0)
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x7, 0x0)
r4 = socket$nl_generic(0x11, 0x3, 0x10)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r6, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x24}}, 0x0)
getsockname$packet(r6, &(0x7f0000000080)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="4800000010000507000000000000000016000000", @ANYRES32=r7, @ANYBLOB="0000000200000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000140)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_clsact={0xb}]}, 0x30}}, 0x0)
r8 = socket$nl_route(0x10, 0x3, 0x0)
r9 = socket(0x10, 0x803, 0x4)
syz_genetlink_get_family_id$nl80211(&(0x7f0000000380), r9)
getsockname$packet(r9, &(0x7f0000000100)={0x11, 0x0, <r10=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route_sched(r8, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000e40)=@delchain={0x40, 0x2c, 0xf31, 0x70bd29, 0x0, {0x0, 0x0, 0x0, r10, {}, {0xfff2, 0xffff}, {0xfff3}}, [@filter_kind_options=@f_matchall={{0xd}, {0xc, 0x2, [@TCA_MATCHALL_CLASSID={0x6, 0x1, {0x0, 0xfff3}}]}}]}, 0x40}}, 0x4010)
recvmmsg(r4, &(0x7f0000006380)=[{{0x0, 0x0, 0x0}, 0x6}], 0x1, 0x2001, 0x0)
r11 = epoll_create1(0x0)
epoll_pwait(r11, &(0x7f0000000600)=[{}], 0x1, 0x1ff, 0x0, 0x0)
io_setup(0x6, &(0x7f0000000040))
open$dir(&(0x7f0000000400)='./file0\x00', 0x0, 0x0)

kernel console output (not intermixed with test programs):

FAT-fs (loop0): Directory bread(block 72) failed
[   96.821790][ T6091] FAT-fs (loop0): Directory bread(block 73) failed
[   97.170324][ T6095] loop0: detected capacity change from 0 to 512
[   97.201320][   T29] usb 4-1: new high-speed USB device number 7 using dummy_hcd
[   97.230295][ T6095] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   97.303037][ T6095] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   97.348835][ T6095] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[   97.371034][    C1] EXT4-fs (loop0): error count since last fsck: 1
[   97.377567][    C1] EXT4-fs (loop0): initial error at time 1771345526: ext4_mb_generate_buddy:1315
[   97.386720][    C1] EXT4-fs (loop0): last error at time 1771345526: ext4_mb_generate_buddy:1315
[   97.419820][   T29] usb 4-1: Using ep0 maxpacket: 8
[   97.462111][   T29] usb 4-1: config 12 has an invalid interface number: 148 but max is 0
[   97.467000][ T6098] loop1: detected capacity change from 0 to 256
[   97.470363][   T29] usb 4-1: config 12 has no interface number 0
[   97.470419][   T29] usb 4-1: config 12 interface 148 altsetting 56 endpoint 0xB has invalid maxpacket 512, setting to 64
[   97.484152][ T6095] EXT4-fs warning (device loop0): ext4_expand_extra_isize_ea:2858: Unable to expand inode 15. Delete some EAs or run e2fsck.
[   97.495411][ T6098] exfat: Invalid uid '0x00000000ffffffff'
[   97.528503][ T6095] EXT4-fs (loop0): 1 truncate cleaned up
[   97.540307][ T6095] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[   97.561858][   T29] usb 4-1: config 12 interface 148 altsetting 56 endpoint 0xF has invalid maxpacket 991, setting to 64
[   97.581327][   T29] usb 4-1: config 12 interface 148 has no altsetting 0
[   97.591088][   T29] usb 4-1: New USB device found, idVendor=05ac, idProduct=921c, bcdDevice=37.07
[   97.600121][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   97.632030][   T29] usb 4-1: Product: syz
[   97.636219][   T29] usb 4-1: Manufacturer: syz
[   97.644357][   T29] usb 4-1: SerialNumber: syz
[   97.664754][ T6095] EXT4-fs error (device loop0): ext4_expand_extra_isize_ea:2808: inode #12: comm syz.0.38: corrupted xattr block 5: invalid header
[   97.718650][ T6102] Illegal XDP return value 4294967294 on prog  (id 4) dev syz_tun, expect packet loss!
[   97.900308][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[   98.108046][   T29] appledisplay 4-1:12.148: Could not find int-in endpoint
[   98.120105][   T29] usbhid 4-1:12.148: couldn't find an input interrupt endpoint
[   98.137710][   T29] usb 4-1: USB disconnect, device number 7
[   98.148022][ T6109] netlink: 84 bytes leftover after parsing attributes in process `syz.0.41'.
[   98.537123][ T6121] netlink: 8 bytes leftover after parsing attributes in process `syz.4.46'.
[   98.692811][ T6125] loop5: detected capacity change from 0 to 1024
[   98.942533][ T6130] loop0: detected capacity change from 0 to 512
[   98.967490][ T6125] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[   98.975309][ T6133] loop3: detected capacity change from 0 to 256
[   98.985761][ T6130] EXT4-fs: Ignoring removed bh option
[   99.030690][ T6125] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[   99.449531][ T6130] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[   99.590733][ T6125] EXT4-fs error (device loop5): ext4_acquire_dquot:7003: comm syz.5.48: Failed to acquire dquot type 0
[   99.643518][ T6125] loop5: lost filesystem error report for type 5 error -117
[   99.647799][ T6133] FAT-fs (loop3): Directory bread(block 64) failed
[   99.647965][ T6125] EXT4-fs error (device loop5): mb_free_blocks:2047: group 0, 
[   99.655186][    C0] EXT4-fs (loop5): error count since last fsck: 1
[   99.655211][    C0] EXT4-fs (loop5): initial error at time 1771345528: ext4_acquire_dquot:7003
[   99.655241][    C0] EXT4-fs (loop5): last error at time 1771345528: ext4_acquire_dquot:7003
[   99.695494][ T6125] inode 13: block 144:freeing already freed block (bit 9); block bitmap corrupt.
[   99.726739][ T6133] FAT-fs (loop3): Directory bread(block 65) failed
[   99.792083][ T6125] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #13: comm syz.5.48: corrupted inode contents
[   99.822746][ T6130] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.50: invalid indirect mapped block 4294967295 (level 0)
[   99.837025][ T6133] FAT-fs (loop3): Directory bread(block 66) failed
[   99.871349][ T6133] FAT-fs (loop3): Directory bread(block 67) failed
[   99.888675][ T6133] FAT-fs (loop3): Directory bread(block 68) failed
[   99.901181][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[   99.902079][ T6130] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[   99.921103][ T6125] EXT4-fs error (device loop5): ext4_dirty_inode:6450: inode #13: comm syz.5.48: mark_inode_dirty error
[   99.942577][ T6133] FAT-fs (loop3): Directory bread(block 69) failed
[   99.949179][ T6133] FAT-fs (loop3): Directory bread(block 70) failed
[   99.960988][    C0] EXT4-fs (loop0): error count since last fsck: 1
[   99.967433][    C0] EXT4-fs (loop0): initial error at time 1771345529: ext4_free_branches:1023: inode 16
[   99.977147][    C0] EXT4-fs (loop0): last error at time 1771345529: ext4_free_branches:1023: inode 16
[   99.996937][ T6130] EXT4-fs error (device loop0): ext4_free_branches:1023: inode #16: comm syz.0.50: invalid indirect mapped block 4294967295 (level 1)
[  100.016526][ T6130] loop0: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  100.030751][ T6133] FAT-fs (loop3): Directory bread(block 71) failed
[  100.044210][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  100.047379][ T6133] FAT-fs (loop3): Directory bread(block 72) failed
[  100.064035][ T6130] EXT4-fs (loop0): 1 orphan inode deleted
[  100.064058][ T6130] EXT4-fs (loop0): 1 truncate cleaned up
[  100.066125][ T6130] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.075248][ T6125] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #13: comm syz.5.48: corrupted inode contents
[  100.108502][ T6133] FAT-fs (loop3): Directory bread(block 73) failed
[  100.126516][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  100.127203][ T6125] EXT4-fs error (device loop5): __ext4_ext_dirty:207: inode #13: comm syz.5.48: mark_inode_dirty error
[  100.149045][ T6142] overlayfs: missing 'lowerdir'
[  100.155067][ T6130] EXT4-fs error (device loop0): ext4_lookup:1785: inode #14: comm syz.0.50: invalid fast symlink length 39
[  100.168483][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  100.168938][ T6125] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #13: comm syz.5.48: corrupted inode contents
[  100.231478][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  100.232363][ T6125] EXT4-fs error (device loop5) in ext4_orphan_del:303: Corrupt filesystem
[  100.260223][ T6125] loop5: lost filesystem error report for type 5 error -117
[  100.260651][ T6125] EXT4-fs error (device loop5): ext4_do_update_inode:5569: inode #13: comm syz.5.48: corrupted inode contents
[  100.284107][ T6144] syz.3.51: attempt to access beyond end of device
[  100.284107][ T6144] loop3: rw=1, sector=1352, nr_sectors = 32 limit=256
[  100.301323][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  100.305587][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.331642][ T6125] EXT4-fs error (device loop5): ext4_truncate:4587: inode #13: comm syz.5.48: mark_inode_dirty error
[  100.344276][ T6125] loop5: lost file I/O error report for ino 13 type 5 pos 0x0 len 0x0 error -117
[  100.344700][ T6125] EXT4-fs error (device loop5) in ext4_process_orphan:345: Corrupt filesystem
[  100.364349][ T6125] loop5: lost filesystem error report for type 5 error -117
[  100.365902][ T6144] syz.3.51: attempt to access beyond end of device
[  100.365902][ T6144] loop3: rw=1, sector=1416, nr_sectors = 32 limit=256
[  100.374780][ T6125] EXT4-fs (loop5): 1 truncate cleaned up
[  100.463206][ T6125] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  100.488918][ T6144] syz.3.51: attempt to access beyond end of device
[  100.488918][ T6144] loop3: rw=1, sector=1512, nr_sectors = 32 limit=256
[  100.520251][ T6150] loop0: detected capacity change from 0 to 1024
[  100.562846][ T6144] syz.3.51: attempt to access beyond end of device
[  100.562846][ T6144] loop3: rw=1, sector=1576, nr_sectors = 32 limit=256
[  100.580920][ T6125] Quota error (device loop5): do_check_range: Getting block 64 out of range 1-5
[  100.605327][ T6150] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  100.619707][ T6144] syz.3.51: attempt to access beyond end of device
[  100.619707][ T6144] loop3: rw=1, sector=1640, nr_sectors = 32 limit=256
[  100.653730][ T6144] syz.3.51: attempt to access beyond end of device
[  100.653730][ T6144] loop3: rw=1, sector=1704, nr_sectors = 32 limit=256
[  100.673382][ T6144] syz.3.51: attempt to access beyond end of device
[  100.673382][ T6144] loop3: rw=1, sector=1768, nr_sectors = 32 limit=256
[  100.715949][ T6125] Quota error (device loop5): qtree_read_dquot: Can't read quota structure for id 0
[  100.755429][ T6144] syz.3.51: attempt to access beyond end of device
[  100.755429][ T6144] loop3: rw=1, sector=1864, nr_sectors = 32 limit=256
[  100.774466][ T6125] EXT4-fs error (device loop5): ext4_acquire_dquot:7003: comm syz.5.48: Failed to acquire dquot type 0
[  100.809410][ T6144] syz.3.51: attempt to access beyond end of device
[  100.809410][ T6144] loop3: rw=1, sector=1928, nr_sectors = 32 limit=256
[  100.866318][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  100.910044][ T6144] syz.3.51: attempt to access beyond end of device
[  100.910044][ T6144] loop3: rw=1, sector=1992, nr_sectors = 32 limit=256
[  100.989881][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  101.035284][ T6160] loop1: detected capacity change from 0 to 1024
[  101.093183][ T6160] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  101.277783][ T6159] EXT4-fs error (device loop1): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 25 vs 4278190105 free clusters
[  101.322274][ T6165] loop4: detected capacity change from 0 to 1024
[  101.334829][ T6172] loop2: detected capacity change from 0 to 8
[  101.391222][ T6159] EXT4-fs (loop1): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  101.397597][ T6172] SQUASHFS error: Failed to read block 0x1ec: -5
[  101.427021][ T6165] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a84ec019, mo2=0002]
[  101.446618][ T6159] EXT4-fs (loop1): This should not happen!! Data will be lost
[  101.446618][ T6159] 
[  101.477626][ T6165] System zones: 1-12
[  101.495061][ T6172] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  101.533962][ T6165] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  101.571098][ T6159] EXT4-fs (loop1): Total free blocks count 0
[  101.577099][ T6159] EXT4-fs (loop1): Free/Dirty block details
[  101.626461][ T6159] EXT4-fs (loop1): free_blocks=68451041280
[  101.645491][ T6159] EXT4-fs (loop1): dirty_blocks=16
[  101.660847][ T6159] EXT4-fs (loop1): Block reservation details
[  101.682829][ T6159] EXT4-fs (loop1): i_reserved_data_blocks=1
[  101.894749][ T5821] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.140055][ T6183] loop3: detected capacity change from 0 to 1024
[  102.199376][ T6183] EXT4-fs: Ignoring removed bh option
[  102.205265][ T6183] EXT4-fs: inline encryption not supported
[  102.246766][ T6183] EXT4-fs (loop3): stripe (9) is not aligned with cluster size (16), stripe is disabled
[  102.256901][ T5819] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  102.328956][ T6183] EXT4-fs (loop3): can't mount with data_err=abort, fs mounted w/o journal
[  102.524874][ T6192] Zero length message leads to an empty skb
[  103.398386][ T6196] loop0: detected capacity change from 0 to 512
[  103.534625][ T6196] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  103.586883][ T6196] ext4 filesystem being mounted at /14/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  103.626249][ T6169] loop5: detected capacity change from 0 to 40427
[  103.657227][ T6169] F2FS-fs (loop5): invalid crc value
[  104.035108][ T6169] F2FS-fs (loop5): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  104.071309][ T6169] F2FS-fs (loop5): Start checkpoint disabled!
[  104.105210][ T6169] F2FS-fs (loop5): f2fs_disable_checkpoint() finish, err:0
[  104.174647][ T6169] F2FS-fs (loop5): Mounted with checkpoint version = 48b305e6
[  104.265940][   T30] audit: type=1800 audit(1771345533.303:18): pid=6169 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.62" name="file0" dev="loop5" ino=10 res=0 errno=0
[  105.280824][ T6222] loop4: detected capacity change from 0 to 128
[  105.293382][ T6222] FAT-fs (loop4): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  105.456015][ T6222] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  105.816504][   T30] audit: type=1800 audit(1771345534.783:19): pid=6222 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.79" name="file1" dev="loop4" ino=1048620 res=0 errno=0
[  106.387942][ T3495] bio_check_eod: 13 callbacks suppressed
[  106.387963][ T3495] kworker/u8:11: attempt to access beyond end of device
[  106.387963][ T3495] loop5: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  106.412559][ T3495] CPU: 0 UID: 0 PID: 3495 Comm: kworker/u8:11 Not tainted syzkaller #0 PREEMPT(full) 
[  106.412588][ T3495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  106.412604][ T3495] Workqueue: writeback wb_workfn (flush-7:5)
[  106.412659][ T3495] Call Trace:
[  106.412669][ T3495]  <TASK>
[  106.412678][ T3495]  dump_stack_lvl+0xe8/0x150
[  106.412716][ T3495]  f2fs_handle_critical_error+0x37c/0x540
[  106.412762][ T3495]  f2fs_write_end_io+0xcdb/0xff0
[  106.412810][ T3495]  __submit_merged_bio+0x256/0x700
[  106.412856][ T3495]  f2fs_submit_page_write+0xec4/0x23e0
[  106.412927][ T3495]  ? __pfx_f2fs_submit_page_write+0x10/0x10
[  106.412971][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.413001][ T3495]  ? __f2fs_is_valid_blkaddr+0xd2a/0x14f0
[  106.413036][ T3495]  do_write_page+0x40f/0xac0
[  106.413077][ T3495]  f2fs_outplace_write_data+0x11a/0x220
[  106.413114][ T3495]  f2fs_do_write_data_page+0x123b/0x16f0
[  106.413138][ T3495]  ? memcg_rstat_updated+0xee/0x220
[  106.413183][ T3495]  ? __pfx_f2fs_do_write_data_page+0x10/0x10
[  106.413206][ T3495]  ? lru_gen_update_size+0x7c9/0xd10
[  106.413242][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.413271][ T3495]  ? __mod_zone_page_state+0xd7/0x140
[  106.413332][ T3495]  f2fs_write_single_data_page+0x976/0x18b0
[  106.413377][ T3495]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  106.413437][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.413466][ T3495]  ? folio_clear_dirty_for_io+0x573/0x710
[  106.413500][ T3495]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  106.413538][ T3495]  f2fs_write_data_pages+0x1a5b/0x35e0
[  106.413564][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.413593][ T3495]  ? lock_release+0x4b/0x3d0
[  106.413667][ T3495]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  106.413709][ T3495]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  106.413779][ T3495]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  106.413841][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.413892][ T3495]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[  106.413927][ T3495]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  106.413955][ T3495]  do_writepages+0x32e/0x550
[  106.413994][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414023][ T3495]  ? reacquire_held_locks+0x104/0x190
[  106.414059][ T3495]  ? writeback_sb_inodes+0x43d/0x19a0
[  106.414096][ T3495]  __writeback_single_inode+0x133/0x11a0
[  106.414128][ T3495]  ? do_raw_spin_unlock+0xf5/0x210
[  106.414159][ T3495]  writeback_sb_inodes+0x944/0x19a0
[  106.414195][ T3495]  ? ret_from_fork_asm+0x1a/0x30
[  106.414243][ T3495]  ? __lock_acquire+0x6b5/0x2cf0
[  106.414282][ T3495]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  106.414309][ T3495]  ? do_raw_spin_lock+0x12b/0x2f0
[  106.414377][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414406][ T3495]  ? rcu_is_watching+0x15/0xb0
[  106.414440][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414479][ T3495]  wb_writeback+0x456/0xb70
[  106.414512][ T3495]  ? queue_io+0x1d1/0x4a0
[  106.414549][ T3495]  ? __pfx_wb_writeback+0x10/0x10
[  106.414575][ T3495]  ? do_raw_spin_lock+0x12b/0x2f0
[  106.414625][ T3495]  wb_workfn+0x414/0xf50
[  106.414667][ T3495]  ? look_up_lock_class+0x57/0x110
[  106.414713][ T3495]  ? __pfx_wb_workfn+0x10/0x10
[  106.414756][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414784][ T3495]  ? do_raw_spin_lock+0x12b/0x2f0
[  106.414813][ T3495]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  106.414837][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414873][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414906][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414936][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.414969][ T3495]  ? process_scheduled_works+0xa25/0x1830
[  106.415000][ T3495]  ? process_scheduled_works+0xa25/0x1830
[  106.415034][ T3495]  process_scheduled_works+0xb02/0x1830
[  106.415099][ T3495]  ? __pfx_process_scheduled_works+0x10/0x10
[  106.415139][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.415167][ T3495]  ? assign_work+0x3d5/0x5e0
[  106.415205][ T3495]  worker_thread+0xa50/0xfc0
[  106.415240][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.415286][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.415326][ T3495]  kthread+0x388/0x470
[  106.415351][ T3495]  ? __pfx_worker_thread+0x10/0x10
[  106.415381][ T3495]  ? __pfx_kthread+0x10/0x10
[  106.415407][ T3495]  ret_from_fork+0x51e/0xb90
[  106.415444][ T3495]  ? __pfx_ret_from_fork+0x10/0x10
[  106.415474][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  106.415499][ T3495]  ? __switch_to+0xc7d/0x1450
[  106.415532][ T3495]  ? __pfx_kthread+0x10/0x10
[  106.415557][ T3495]  ret_from_fork_asm+0x1a/0x30
[  106.415619][ T3495]  </TASK>
[  106.415698][ T3495] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  106.477702][ T6226] syzkaller0: entered promiscuous mode
[  106.985718][ T3495] kworker/u8:11: attempt to access beyond end of device
[  106.985718][ T3495] loop5: rw=2049, sector=45120, nr_sectors = 8 limit=40427
[  107.003992][ T6226] syzkaller0: entered allmulticast mode
[  107.072615][ T3495] CPU: 1 UID: 0 PID: 3495 Comm: kworker/u8:11 Not tainted syzkaller #0 PREEMPT(full) 
[  107.072647][ T3495] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  107.072663][ T3495] Workqueue: writeback wb_workfn (flush-7:5)
[  107.072712][ T3495] Call Trace:
[  107.072722][ T3495]  <TASK>
[  107.072732][ T3495]  dump_stack_lvl+0xe8/0x150
[  107.072771][ T3495]  f2fs_handle_critical_error+0x37c/0x540
[  107.072819][ T3495]  f2fs_write_end_io+0xcdb/0xff0
[  107.072873][ T3495]  __submit_merged_bio+0x256/0x700
[  107.072921][ T3495]  f2fs_submit_merged_write+0x284/0x390
[  107.072968][ T3495]  ? __pfx_f2fs_submit_merged_write+0x10/0x10
[  107.073021][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.073051][ T3495]  ? folio_unlock+0x101/0x160
[  107.073093][ T3495]  f2fs_write_single_data_page+0x134e/0x18b0
[  107.073144][ T3495]  ? __pfx_f2fs_write_single_data_page+0x10/0x10
[  107.073208][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.073237][ T3495]  ? folio_clear_dirty_for_io+0x573/0x710
[  107.073273][ T3495]  ? folio_clear_dirty_for_io+0x1d4/0x710
[  107.073312][ T3495]  f2fs_write_data_pages+0x1a5b/0x35e0
[  107.073339][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.073368][ T3495]  ? lock_release+0x4b/0x3d0
[  107.073449][ T3495]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  107.073495][ T3495]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  107.073575][ T3495]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  107.073647][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.073704][ T3495]  ? __pfx_f2fs_inode_chksum_set+0x10/0x10
[  107.073741][ T3495]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  107.073770][ T3495]  do_writepages+0x32e/0x550
[  107.073812][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.073842][ T3495]  ? reacquire_held_locks+0x104/0x190
[  107.073877][ T3495]  ? writeback_sb_inodes+0x43d/0x19a0
[  107.073917][ T3495]  __writeback_single_inode+0x133/0x11a0
[  107.073951][ T3495]  ? do_raw_spin_unlock+0xf5/0x210
[  107.073983][ T3495]  writeback_sb_inodes+0x944/0x19a0
[  107.074021][ T3495]  ? ret_from_fork_asm+0x1a/0x30
[  107.074073][ T3495]  ? __lock_acquire+0x6b5/0x2cf0
[  107.074114][ T3495]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  107.074141][ T3495]  ? do_raw_spin_lock+0x12b/0x2f0
[  107.074223][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074252][ T3495]  ? rcu_is_watching+0x15/0xb0
[  107.074287][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074329][ T3495]  wb_writeback+0x456/0xb70
[  107.074364][ T3495]  ? queue_io+0x1d1/0x4a0
[  107.074405][ T3495]  ? __pfx_wb_writeback+0x10/0x10
[  107.074432][ T3495]  ? do_raw_spin_lock+0x12b/0x2f0
[  107.074481][ T3495]  wb_workfn+0x414/0xf50
[  107.074525][ T3495]  ? look_up_lock_class+0x57/0x110
[  107.074577][ T3495]  ? __pfx_wb_workfn+0x10/0x10
[  107.074627][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074657][ T3495]  ? do_raw_spin_lock+0x12b/0x2f0
[  107.074687][ T3495]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  107.074712][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074751][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074785][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074816][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.074850][ T3495]  ? process_scheduled_works+0xa25/0x1830
[  107.074882][ T3495]  ? process_scheduled_works+0xa25/0x1830
[  107.074918][ T3495]  process_scheduled_works+0xb02/0x1830
[  107.074993][ T3495]  ? __pfx_process_scheduled_works+0x10/0x10
[  107.075035][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.075064][ T3495]  ? assign_work+0x3d5/0x5e0
[  107.075105][ T3495]  worker_thread+0xa50/0xfc0
[  107.075141][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.075193][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.075236][ T3495]  kthread+0x388/0x470
[  107.075261][ T3495]  ? __pfx_worker_thread+0x10/0x10
[  107.075292][ T3495]  ? __pfx_kthread+0x10/0x10
[  107.075319][ T3495]  ret_from_fork+0x51e/0xb90
[  107.075358][ T3495]  ? __pfx_ret_from_fork+0x10/0x10
[  107.075388][ T3495]  ? srso_alias_return_thunk+0x5/0xfbef5
[  107.075417][ T3495]  ? __switch_to+0xc7d/0x1450
[  107.075452][ T3495]  ? __pfx_kthread+0x10/0x10
[  107.075479][ T3495]  ret_from_fork_asm+0x1a/0x30
[  107.075542][ T3495]  </TASK>
[  107.075552][ T3495] F2FS-fs (loop5): Stopped filesystem due to reason: 3
[  107.132371][   T93] FAT-fs (loop4): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  107.243888][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  107.672935][ T6235] loop2: detected capacity change from 0 to 1024
[  107.751591][    T0] NOHZ tick-stop error: local softirq work is pending, handler #102!!!
[  107.761231][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  107.872139][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  108.398312][ T6235] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  108.468778][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  108.509467][ T6244] loop0: detected capacity change from 0 to 128
[  108.540651][ T6244] vfat: Unknown parameter 'defcontext'
[  108.793523][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  108.881072][ T5923] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[  109.001354][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  109.010030][    T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!!
[  109.062463][ T5923] usb 1-1: Using ep0 maxpacket: 16
[  109.073719][ T5923] usb 1-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  109.117256][ T5923] usb 1-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 22
[  109.163630][ T5923] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  109.187340][ T5923] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1
[  109.205759][ T5923] usb 1-1: SerialNumber: syz
[  109.955307][ T5923] cdc_acm 1-1:1.0: skipping garbage
[  110.081934][ T5923] usb 1-1: USB disconnect, device number 2
[  110.247664][ T6259] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  110.591901][   T29] usb 4-1: new high-speed USB device number 8 using dummy_hcd
[  110.771603][   T29] usb 4-1: Using ep0 maxpacket: 16
[  110.789932][   T29] usb 4-1: New USB device found, idVendor=05d1, idProduct=2001, bcdDevice= 9.00
[  110.809094][   T29] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  110.843517][   T29] usb 4-1: Product: syz
[  110.863027][ T6277] loop0: detected capacity change from 0 to 1024
[  110.863229][   T29] usb 4-1: Manufacturer: syz
[  110.885089][   T29] usb 4-1: SerialNumber: syz
[  110.902702][ T6277] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  110.920905][   T29] usb 4-1: config 0 descriptor??
[  110.955957][   T29] ftdi_sio 4-1:0.0: FTDI USB Serial Device converter detected
[  111.005979][   T29] usb 4-1: Detected FT232H
[  111.051480][   T10] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[  111.321204][   T10] usb 3-1: Using ep0 maxpacket: 32
[  111.340505][   T10] usb 3-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024
[  111.367938][ T5820] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  111.383961][   T29] ftdi_sio ttyUSB0: Unable to write latency timer: -71
[  111.384957][   T10] usb 3-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79
[  111.407816][   T29] ftdi_sio 4-1:0.0: GPIO initialisation failed: -71
[  111.409849][   T10] usb 3-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2
[  111.434101][   T29] usb 4-1: FTDI USB Serial Device converter now attached to ttyUSB0
[  111.452776][   T10] usb 3-1: Product: syz
[  111.462229][   T10] usb 3-1: Manufacturer: syz
[  111.466472][   T29] usb 4-1: USB disconnect, device number 8
[  111.487434][   T10] usb 3-1: SerialNumber: syz
[  111.555189][   T10] usb 3-1: config 0 descriptor??
[  111.571717][ T6274] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22
[  111.581340][   T29] ftdi_sio ttyUSB0: FTDI USB Serial Device converter now disconnected from ttyUSB0
[  111.589536][   T10] hub 3-1:0.0: bad descriptor, ignoring hub
[  111.605782][   T29] ftdi_sio 4-1:0.0: device disconnected
[  111.619012][   T10] hub 3-1:0.0: probe with driver hub failed with error -5
[  111.856527][ T6304] syzkaller0: entered promiscuous mode
[  111.862760][ T6304] syzkaller0: entered allmulticast mode
[  111.906892][ T6304] tipc: Started in network mode
[  111.913940][ T6304] tipc: Node identity 7a343bd4115b, cluster identity 4711
[  111.935287][ T6304] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  111.988757][ T6303] tipc: Resetting bearer <eth:syzkaller0>
[  112.046806][ T6303] tipc: Disabling bearer <eth:syzkaller0>
[  112.248891][ T6318] loop1: detected capacity change from 0 to 512
[  112.292381][ T6321] process 'syz.3.115' launched './file0' with NULL argv: empty string added
[  112.322814][ T6318] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  112.351817][ T6318] ext4 filesystem being mounted at /26/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  112.446740][ T6326] loop4: detected capacity change from 0 to 256
[  112.557390][ T6298] loop0: detected capacity change from 0 to 40427
[  112.609070][   T12] raw-gadget.1 gadget.2: failed to queue suspend event
[  112.646594][ T6298] F2FS-fs (loop0): invalid crc value
[  112.791336][ T6274] raw-gadget.1 gadget.2: failed to queue resume event
[  112.862763][ T6305] raw-gadget.1 gadget.2: failed to queue suspend event
[  112.868893][ T6274] raw-gadget.1 gadget.2: failed to queue suspend event
[  112.881111][ T6305] raw-gadget.1 gadget.2: failed to queue disconnect event
[  113.097396][ T6298] F2FS-fs (loop0): f2fs_recover_fsync_data: recovery fsync data, check_only: 1
[  113.120296][ T6298] F2FS-fs (loop0): Start checkpoint disabled!
[  113.178990][    T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!!
[  113.281426][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  113.349308][ T6298] F2FS-fs (loop0): f2fs_disable_checkpoint() finish, err:0
[  113.361176][ T6298] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e6
[  113.425789][ T6344] syz.4.121 uses obsolete (PF_INET,SOCK_PACKET)
[  113.580291][ T6345] capability: warning: `syz.4.121' uses 32-bit capabilities (legacy support in use)
[  114.261986][ T5842] Bluetooth: hci6: command 0x1003 tx timeout
[  114.319330][   T52] Bluetooth: hci6: Opcode 0x1003 failed: -110
[  114.812699][    T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!!
[  114.823033][    T0] NOHZ tick-stop error: local softirq work is pending, handler #42!!!
[  115.444541][ T5821] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  115.513397][   T29] usb 3-1: USB disconnect, device number 2
[  115.692852][ T5832] Bluetooth: hci0: Opcode 0x206a failed: -110
[  115.694172][   T52] Bluetooth: hci0: command 0x206a tx timeout
[  116.061118][ T6362] loop1: detected capacity change from 0 to 8
[  116.236374][ T6362] SQUASHFS error: Failed to read block 0x1ec: -5
[  116.242846][ T6362] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  117.498259][ T6382] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  117.510664][ T6383] netlink: 12 bytes leftover after parsing attributes in process `syz.5.134'.
[  117.529815][ T6383] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  117.537297][ T6383] IPv6: NLM_F_CREATE should be set when creating new route
[  117.754542][ T6383] netlink: 12 bytes leftover after parsing attributes in process `syz.5.134'.
[  118.570228][ T6377] vhci_hcd vhci_hcd.0: pdev(4) rhport(0) sockfd(6)
[  118.576880][ T6377] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  118.649929][ T6377] vhci_hcd vhci_hcd.0: Device attached
[  119.001624][ T6382] random: crng reseeded on system resumption
[  119.040643][ T6382] netlink: 4 bytes leftover after parsing attributes in process `syz.1.135'.
[  119.107256][ T6372] netlink: 20 bytes leftover after parsing attributes in process `syz.2.131'.
[  119.211981][ T5823] usb 42-1: SetAddress Request (2) to port 0
[  119.251927][ T5823] usb 42-1: new SuperSpeed USB device number 2 using vhci_hcd
[  119.350861][ T6396] vhci_hcd vhci_hcd.0: pdev(1) rhport(0) sockfd(6)
[  119.357404][ T6396] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  119.506051][ T6405] fuseblk: Unknown parameter '
'
[  119.601690][   T52] sysfs: cannot create duplicate filename '/devices/virtual/bluetooth/hci1/hci1:201'
[  119.612474][   T52] CPU: 0 UID: 0 PID: 52 Comm: kworker/u9:0 Not tainted syzkaller #0 PREEMPT(full) 
[  119.612503][   T52] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  119.612520][   T52] Workqueue: hci1 hci_rx_work
[  119.612556][   T52] Call Trace:
[  119.612565][   T52]  <TASK>
[  119.612576][   T52]  dump_stack_lvl+0xe8/0x150
[  119.612614][   T52]  sysfs_create_dir_ns+0x271/0x2a0
[  119.612646][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.612679][   T52]  ? __pfx_sysfs_create_dir_ns+0x10/0x10
[  119.612713][   T52]  ? do_raw_spin_unlock+0xf5/0x210
[  119.612745][   T52]  kobject_add_internal+0x62b/0xd00
[  119.612793][   T52]  kobject_add+0x163/0x240
[  119.612827][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.612889][   T52]  ? __pfx_kobject_add+0x10/0x10
[  119.612925][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.612955][   T52]  ? _raw_spin_unlock+0x28/0x50
[  119.612979][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613013][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613042][   T52]  ? get_device_parent+0x366/0x3a0
[  119.613085][   T52]  device_add+0x408/0xb70
[  119.613126][   T52]  hci_conn_add_sysfs+0xd5/0x210
[  119.613161][   T52]  le_conn_complete_evt+0xf1d/0x1430
[  119.613202][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613243][   T52]  ? __pfx_le_conn_complete_evt+0x10/0x10
[  119.613281][   T52]  ? __mutex_unlock_slowpath+0x1bd/0x7d0
[  119.613314][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613347][   T52]  ? __pfx___mutex_lock+0x10/0x10
[  119.613380][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613409][   T52]  ? skb_pull_data+0xfb/0x200
[  119.613451][   T52]  hci_le_conn_complete_evt+0x187/0x470
[  119.613503][   T52]  hci_event_packet+0x7af/0x12c0
[  119.613545][   T52]  ? __pfx_hci_le_meta_evt+0x10/0x10
[  119.613583][   T52]  ? __pfx_hci_event_packet+0x10/0x10
[  119.613622][   T52]  ? kcov_remote_start+0x49a/0x7a0
[  119.613661][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613690][   T52]  ? hci_send_to_monitor+0xe2/0x590
[  119.613720][   T52]  hci_rx_work+0x3ee/0x1030
[  119.613756][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613791][   T52]  ? process_scheduled_works+0xa25/0x1830
[  119.613827][   T52]  process_scheduled_works+0xb02/0x1830
[  119.613901][   T52]  ? __pfx_process_scheduled_works+0x10/0x10
[  119.613942][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.613971][   T52]  ? assign_work+0x3d5/0x5e0
[  119.614010][   T52]  worker_thread+0xa50/0xfc0
[  119.614065][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.614106][   T52]  kthread+0x388/0x470
[  119.614130][   T52]  ? __pfx_worker_thread+0x10/0x10
[  119.614161][   T52]  ? __pfx_kthread+0x10/0x10
[  119.614187][   T52]  ret_from_fork+0x51e/0xb90
[  119.614225][   T52]  ? __pfx_ret_from_fork+0x10/0x10
[  119.614255][   T52]  ? srso_alias_return_thunk+0x5/0xfbef5
[  119.614284][   T52]  ? __switch_to+0xc7d/0x1450
[  119.614318][   T52]  ? __pfx_kthread+0x10/0x10
[  119.614343][   T52]  ret_from_fork_asm+0x1a/0x30
[  119.614402][   T52]  </TASK>
[  119.614498][   T52] kobject: kobject_add_internal failed for hci1:201 with -EEXIST, don't try to register things with the same name in the same directory.
[  119.930719][   T52] Bluetooth: hci1: failed to register connection device
[  119.964067][ T6396] vhci_hcd vhci_hcd.0: Device attached
[  120.572297][ T6391] vhci_hcd: connection reset by peer
[  120.791162][   T29] usb 36-1: SetAddress Request (2) to port 0
[  120.797215][   T29] usb 36-1: new SuperSpeed USB device number 2 using vhci_hcd
[  120.976939][   T36] vhci_hcd vhci_hcd.4: stop threads
[  121.043113][   T36] vhci_hcd vhci_hcd.4: release socket
[  121.496248][   T36] vhci_hcd vhci_hcd.4: disconnect device
[  121.856312][ T6410] (syz.0.140,6410,0):dlmfs_mkdir:421 ERROR: invalid domain name for directory.
[  121.933001][ T6397] vhci_hcd: connection reset by peer
[  121.943142][ T1037] vhci_hcd vhci_hcd.1: stop threads
[  121.949336][ T1037] vhci_hcd vhci_hcd.1: release socket
[  122.180893][ T1037] vhci_hcd vhci_hcd.1: disconnect device
[  122.963975][ T6417] o2cb: This node has not been configured.
[  122.969789][ T6417] o2cb: Cluster check failed. Fix errors before retrying.
[  122.977104][ T6417] (syz.0.140,6417,1):user_dlm_register:674 ERROR: status = -22
[  122.984695][ T6417] (syz.0.140,6417,1):dlmfs_mkdir:438 ERROR: Error -22 could not register domain "file0"
[  124.056905][ T6437] netlink: 'syz.4.149': attribute type 10 has an invalid length.
[  124.961965][ T5823] usb 42-1: device descriptor read/8, error -110
[  125.053364][ T6437] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[  125.436114][ T5823] usb usb42-port1: attempt power cycle
[  125.623091][ T6447] 8021q: adding VLAN 0 to HW filter on device bond1
[  125.701606][ T5923] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  125.721345][ T6449] bond_slave_0: entered promiscuous mode
[  125.727209][ T6449] bond_slave_1: entered promiscuous mode
[  125.732959][ T6449] syz_tun: entered promiscuous mode
[  125.990694][ T6449] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  126.053939][ T5923] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  126.067812][ T5923] usb 6-1: config 0 interface 0 altsetting 6 endpoint 0x81 has invalid maxpacket 512, setting to 64
[  126.275773][ T5832] Bluetooth: hci1: command 0x0406 tx timeout
[  126.571732][   T29] usb 36-1: device descriptor read/8, error -110
[  126.696299][ T5823] usb usb42-port1: unable to enumerate USB device
[  126.761076][ T5923] usb 6-1: config 0 interface 0 altsetting 6 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  126.790862][ T5923] usb 6-1: config 0 interface 0 has no altsetting 0
[  126.805096][ T5923] usb 6-1: New USB device found, idVendor=20bc, idProduct=5500, bcdDevice= 0.00
[  126.812923][ T6449] bond1: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  126.824507][ T5923] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  126.847639][ T6449] bond1: (slave macvlan2): speed changed to 0 on port 1
[  126.858596][ T5923] usb 6-1: config 0 descriptor??
[  126.881681][ T6453] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  126.893837][ T6449] bond1: (slave macvlan2): Enslaving as a backup interface with an up link
[  127.153497][   T29] usb usb36-port1: attempt power cycle
[  127.388624][ T5923] betop 0003:20BC:5500.0002: ignoring exceeding usage max
[  127.438121][ T5923] betop 0003:20BC:5500.0002: hidraw0: USB HID v0.07 Device [HID 20bc:5500] on usb-dummy_hcd.5-1/input0
[  127.476195][   T52] Bluetooth: hci3: connection err: -111
[  127.491081][ T5923] betop 0003:20BC:5500.0002: no inputs found
[  127.684614][   T24] usb 6-1: USB disconnect, device number 2
[  127.762950][   T29] usb usb36-port1: unable to enumerate USB device
[  128.245392][ T6480] evm: overlay not supported
[  130.397408][ T6490] loop5: detected capacity change from 0 to 1024
[  130.504136][   T24] hid-generic 0000:0000:0000.0003: unknown main item tag 0x0
[  130.548121][   T24] hid-generic 0000:0000:0000.0003: hidraw0: <UNKNOWN> HID v0.00 Device [syz1] on syz0
[  130.693354][ T6490] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  132.093049][ T6507] fido_id[6507]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  132.130848][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  132.137599][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  133.375356][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  136.257979][ T6531] loop3: detected capacity change from 0 to 40427
[  136.307581][ T6531] F2FS-fs (loop3): build fault injection rate: 771
[  136.330147][ T6531] F2FS-fs (loop3): invalid crc value
[  136.677629][ T6531] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  136.705523][ T6531] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e5
[  138.521079][   T52] Bluetooth: hci2: hcon ffff888029fc8000 sent 1 < count 65533
[  138.582062][ T5827] syz-executor: attempt to access beyond end of device
[  138.582062][ T5827] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  138.603654][   T52] Bluetooth: hci2: hcon ffff888029fc8000 sent 0 < count 1058
[  138.611989][   T52] Bluetooth: hci2: hcon ffff888029fcc000 sent 1 < count 15
[  138.661713][ T5827] CPU: 1 UID: 0 PID: 5827 Comm: syz-executor Not tainted syzkaller #0 PREEMPT(full) 
[  138.661746][ T5827] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  138.661760][ T5827] Call Trace:
[  138.661769][ T5827]  <TASK>
[  138.661779][ T5827]  dump_stack_lvl+0xe8/0x150
[  138.661821][ T5827]  f2fs_handle_critical_error+0x37c/0x540
[  138.661868][ T5827]  f2fs_write_end_io+0xcdb/0xff0
[  138.661940][ T5827]  __submit_merged_bio+0x256/0x700
[  138.661987][ T5827]  __submit_merged_write_cond+0x3c9/0x4e0
[  138.662025][ T5827]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  138.662064][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662094][ T5827]  f2fs_write_data_pages+0x2975/0x35e0
[  138.662145][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.662176][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662198][ T5827]  ? css_rstat_updated+0x23a/0x530
[  138.662239][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662260][ T5827]  ? rcu_is_watching+0x15/0xb0
[  138.662286][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662307][ T5827]  ? mod_memcg_lruvec_state+0x1a7/0x360
[  138.662334][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662356][ T5827]  ? __lock_acquire+0x6b5/0x2cf0
[  138.662388][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662413][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662434][ T5827]  ? __lock_acquire+0x6b5/0x2cf0
[  138.662461][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662483][ T5827]  ? do_raw_spin_lock+0x12b/0x2f0
[  138.662506][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662531][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662552][ T5827]  ? do_raw_spin_unlock+0xf5/0x210
[  138.662571][ T5827]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  138.662592][ T5827]  do_writepages+0x32e/0x550
[  138.662618][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662641][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662666][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662688][ T5827]  ? do_raw_spin_unlock+0xf5/0x210
[  138.662716][ T5827]  filemap_fdatawrite+0x1e9/0x2f0
[  138.662745][ T5827]  ? __pfx_filemap_fdatawrite+0x10/0x10
[  138.662801][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662825][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.662850][ T5827]  ? do_raw_spin_unlock+0xf5/0x210
[  138.662878][ T5827]  f2fs_sync_dirty_inodes+0x30e/0x860
[  138.662912][ T5827]  f2fs_write_checkpoint+0x9df/0x26a0
[  138.662962][ T5827]  ? __pfx_f2fs_write_checkpoint+0x10/0x10
[  138.663017][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.663038][ T5827]  ? kfree+0x1c1/0x630
[  138.663063][ T5827]  ? f2fs_stop_gc_thread+0x7f/0xb0
[  138.663094][ T5827]  kill_f2fs_super+0x314/0x720
[  138.663120][ T5827]  ? __pfx_kill_f2fs_super+0x10/0x10
[  138.663151][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.663172][ T5827]  ? lockdep_hardirqs_on+0x7a/0x110
[  138.663195][ T5827]  ? srso_alias_return_thunk+0x5/0xfbef5
[  138.663229][ T5827]  deactivate_locked_super+0xbc/0x130
[  138.663257][ T5827]  cleanup_mnt+0x437/0x4d0
[  138.663286][ T5827]  ? _raw_spin_unlock_irq+0x23/0x50
[  138.663310][ T5827]  task_work_run+0x1d9/0x270
[  138.663333][ T5827]  ? __pfx_task_work_run+0x10/0x10
[  138.663362][ T5827]  exit_to_user_mode_loop+0xed/0x480
[  138.663383][ T5827]  ? rcu_is_watching+0x15/0xb0
[  138.663412][ T5827]  do_syscall_64+0x32d/0xf80
[  138.663434][ T5827]  ? trace_irq_disable+0x3b/0x150
[  138.663460][ T5827]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.663484][ T5827]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  138.663503][ T5827] RIP: 0033:0x7fedb5d9d1d7
[  138.663520][ T5827] Code: a2 c7 05 bc e3 24 00 00 00 00 00 eb 96 e8 e1 12 00 00 90 31 f6 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 b8 a6 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 01 c3 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8
[  138.663535][ T5827] RSP: 002b:00007ffd9ca84af8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6
[  138.663553][ T5827] RAX: 0000000000000000 RBX: 00007fedb5e31c3b RCX: 00007fedb5d9d1d7
[  138.663566][ T5827] RDX: 0000000000000000 RSI: 0000000000000009 RDI: 00007ffd9ca84bb0
[  138.663577][ T5827] RBP: 00007ffd9ca84bb0 R08: 00007ffd9ca85bb0 R09: 00000000ffffffff
[  138.663590][ T5827] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffd9ca85c40
[  138.663601][ T5827] R13: 00007fedb5e31c3b R14: 00000000000217c0 R15: 00007ffd9ca85c80
[  138.663630][ T5827]  </TASK>
[  138.663637][ T5827] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  138.950594][ T6548] Bluetooth: MGMT ver 1.23
[  139.945231][ T6560] sp0: Synchronizing with TNC
[  139.994716][ T6558] [U] è
[  140.651048][ T5832] Bluetooth: hci6: Opcode 0x0c03 failed: -110
[  146.205894][   T36] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  146.265411][ T6594] netlink: 4 bytes leftover after parsing attributes in process `syz.3.199'.
[  146.337689][ T6595] netlink: 28 bytes leftover after parsing attributes in process `syz.3.199'.
[  146.390667][ T6597] netlink: 14 bytes leftover after parsing attributes in process `syz.3.199'.
[  147.392344][ T6597] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  147.405098][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  147.424514][   T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  147.432123][   T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  147.440119][   T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  147.448124][   T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  147.499969][ T6597] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  147.565395][ T6597] bond0 (unregistering): Released all slaves
[  147.960115][   T36] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  148.132845][ T6613] wg0: entered allmulticast mode
[  151.311038][ T5832] Bluetooth: hci1: command tx timeout
[  151.403395][   T36] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.102043][   T36] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  152.681168][ T6642] 9pnet_virtio: no channels available for device syz
[  153.383974][ T5832] Bluetooth: hci1: command tx timeout
[  154.279150][ T6645] overlayfs: "xino=on" is useless with all layers on same fs, ignore.
[  154.287628][ T6645] overlayfs: overlapping lowerdir path
[  156.761307][ T5832] Bluetooth: hci1: command tx timeout
[  157.338706][ T6649] vivid-007: disconnect
[  157.450726][ T6655] netlink: 12 bytes leftover after parsing attributes in process `syz.1.216'.
[  157.469386][ T6639] vivid-007: reconnect
[  157.903944][ T6660] comedi: valid board names for 8255 driver are:
[  157.910552][ T6660]  8255
[  157.913537][ T6660] comedi: valid board names for vmk80xx driver are:
[  157.920252][ T6660]  vmk80xx
[  157.923546][ T6660] comedi: valid board names for usbduxsigma driver are:
[  157.931745][ T6660]  usbduxsigma
[  157.936110][ T6660] comedi: valid board names for usbduxfast driver are:
[  157.943230][ T6660]  usbduxfast
[  157.946760][ T6660] comedi: valid board names for usbdux driver are:
[  157.953477][ T6660]  usbdux
[  157.956578][ T6660] comedi: valid board names for ni6501 driver are:
[  157.963539][ T6660]  ni6501
[  157.966695][ T6660] comedi: valid board names for dt9812 driver are:
[  157.973552][ T6660]  dt9812
[  157.976612][ T6660] comedi: valid board names for ni_labpc_cs driver are:
[  157.984105][ T6660]  ni_labpc_cs
[  157.987662][ T6660] comedi: valid board names for ni_daq_700 driver are:
[  157.994735][ T6660]  ni_daq_700
[  157.998182][ T6660] comedi: valid board names for labpc_pci driver are:
[  158.005194][ T6660]  labpc_pci
[  158.008561][ T6660] comedi: valid board names for adl_pci9118 driver are:
[  158.015702][ T6660]  pci9118dg
[  158.019043][ T6660]  pci9118hg
[  158.022416][ T6660]  pci9118hr
[  158.025733][ T6660] comedi: valid board names for 8255_pci driver are:
[  158.034364][ T6660]  8255_pci
[  158.037658][ T6660] comedi: valid board names for s526 driver are:
[  158.044281][ T6660]  s526
[  158.047196][ T6660] comedi: valid board names for multiq3 driver are:
[  158.054001][ T6660]  multiq3
[  158.057183][ T6660] comedi: valid board names for pcmuio driver are:
[  158.063939][ T6660]  pcmuio48
[  158.067209][ T6660]  pcmuio96
[  158.070481][ T6660] comedi: valid board names for pcmmio driver are:
[  158.078167][ T6660]  pcmmio
[  158.092333][ T6660] comedi: valid board names for pcmda12 driver are:
[  158.099103][ T6660]  pcmda12
[  158.102361][ T6660] comedi: valid board names for pcmad driver are:
[  158.108906][ T6660]  pcmad12
[  158.112120][ T6660]  pcmad16
[  158.115260][ T6660] comedi: valid board names for ni_labpc driver are:
[  158.122166][ T6660]  lab-pc-1200
[  158.125714][ T6660]  lab-pc-1200ai
[  158.129431][ T6660]  lab-pc+
[  158.133791][ T6660] comedi: valid board names for atmio16 driver are:
[  158.141270][ T6660]  atmio16
[  158.144445][ T6660]  atmio16d
[  158.147747][ T6660] comedi: valid board names for ni_at_ao driver are:
[  158.154607][ T6660]  at-ao-6
[  158.157751][ T6660]  at-ao-10
[  158.161065][ T6660] comedi: valid board names for ni_at_a2150 driver are:
[  158.168173][ T6660]  ni_at_a2150
[  158.171777][ T6660] comedi: valid board names for adq12b driver are:
[  158.178433][ T6660]  adq12b
[  158.181578][ T6660] comedi: valid board names for mpc624 driver are:
[  158.188237][ T6660]  mpc624
[  158.191398][ T6660] comedi: valid board names for c6xdigio driver are:
[  158.198283][ T6660]  c6xdigio
[  158.201518][ T6660] comedi: valid board names for aio_iiro_16 driver are:
[  158.208616][ T6660]  aio_iiro_16
[  158.361527][   T36] bridge_slave_1: left allmulticast mode
[  158.369672][   T36] bridge_slave_1: left promiscuous mode
[  158.401805][ T6657] slcan: can't register candev
[  158.409198][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.793451][   T36] bridge_slave_0: left allmulticast mode
[  158.843460][   T36] bridge_slave_0: left promiscuous mode
[  158.909106][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  159.041823][   T52] Bluetooth: hci1: command tx timeout
[  159.338497][ T6660] comedi: valid board names for aio_aio12_8 driver are:
[  159.391056][ T6660]  aio_aio12_8
[  159.394446][ T6660]  aio_ai12_8
[  159.468274][ T6660]  aio_ao12_4
[  159.478922][ T6660] comedi: valid board names for fl512 driver are:
[  159.532591][ T6660]  fl512
[  159.535462][ T6660] comedi: valid board names for dmm32at driver are:
[  159.630994][ T6660]  dmm32at
[  159.634021][ T6660] comedi: valid board names for dt282x driver are:
[  159.644481][ T6667] loop2: detected capacity change from 0 to 512
[  159.921300][ T6660]  dt2821
[  159.924244][ T6660]  dt2821-f
[  159.931724][ T6667] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  159.976179][ T6660]  dt2821-g
[  159.979307][ T6660]  dt2823
[  160.022715][ T6660]  dt2824-pgh
[  160.028485][ T6660]  dt2824-pgl
[  160.062571][ T6667] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 219 vs 220 free clusters
[  160.090963][    C1] EXT4-fs (loop2): error count since last fsck: 1
[  160.091461][ T6660]  dt2825
[  160.097390][    C1] EXT4-fs (loop2): initial error at time 1771345589: ext4_mb_generate_buddy:1315
[  160.109450][    C1] EXT4-fs (loop2): last error at time 1771345589: ext4_mb_generate_buddy:1315
[  160.157082][ T6667] EXT4-fs (loop2): 1 truncate cleaned up
[  160.191011][ T6660]  dt2827
[  160.193960][ T6660]  dt2828
[  160.196870][ T6660]  dt2829
[  160.199780][ T6660]  dt21-ez
[  160.229355][ T6667] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  160.311435][ T6660]  dt23-ez
[  160.314466][ T6660]  dt24-ez
[  160.317465][ T6660]  dt24-ez-pgl
[  160.320811][ T6660] comedi: valid board names for dt2817 driver are:
[  160.383097][ T6660]  dt2817
[  160.401032][ T6660] comedi: valid board names for dt2815 driver are:
[  160.416788][ T6660]  dt2815
[  160.444769][ T6660] comedi: valid board names for dt2814 driver are:
[  160.467987][ T6660]  dt2814
[  160.472911][ T6660] comedi: valid board names for dt2811 driver are:
[  160.518917][ T6660]  dt2811-pgh
[  160.522289][ T6660]  dt2811-pgl
[  160.525618][ T6660] comedi: valid board names for dt2801 driver are:
[  160.575700][ T6660]  dt2801
[  160.578655][ T6660] comedi: valid board names for das6402 driver are:
[  160.616195][ T6660]  das6402-12
[  160.619487][ T6660]  das6402-16
[  160.624398][ T6660] comedi: valid board names for das1800 driver are:
[  160.632912][ T6660]  das-1701st
[  160.636203][ T6660]  das-1701st-da
[  160.639724][ T6660]  das-1702st
[  160.650831][ T6660]  das-1702st-da
[  160.654493][ T6660]  das-1702hr
[  160.657765][ T6660]  das-1702hr-da
[  160.663978][ T6660]  das-1701ao
[  160.667250][ T6660]  das-1702ao
[  160.670508][ T6660]  das-1801st
[  160.689529][ T6660]  das-1801st-da
[  160.694014][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  160.709612][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  160.723559][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  160.732236][ T6660]  das-1802st
[  160.771451][ T6660]  das-1802st-da
[  160.775003][ T6660]  das-1802hr
[  160.812141][   T36] bond0 (unregistering): Released all slaves
[  160.823981][ T6660]  das-1802hr-da
[  160.827515][ T6660]  das-1801hc
[  160.830773][ T6660]  das-1802hc
[  160.856443][ T6678] overlay: ./file0 is not a directory
[  160.937924][ T6660]  das-1801ao
[  161.149278][ T6660]  das-1802ao
[  161.164874][ T6660] comedi: valid board names for das800 driver are:
[  161.254836][ T6660]  das-800
[  161.257959][ T6660]  cio-das800
[  161.261756][ T6606] chnl_net:caif_netlink_parms(): no params data found
[  161.285262][ T6660]  das-801
[  161.288361][ T6660]  cio-das801
[  161.295823][ T6660]  das-802
[  161.299056][ T6660]  cio-das802
[  161.333188][ T6660]  cio-das802/16
[  161.336741][ T6660] comedi: valid board names for isa-das08 driver are:
[  161.477946][ T6660]  isa-das08
[  161.513103][ T6660]  das08-pgm
[  161.516330][ T6660]  das08-pgh
[  161.519500][ T6660]  das08-pgl
[  161.549423][ T6660]  das08-aoh
[  161.662746][ T6660]  das08-aol
[  161.665965][ T6660]  das08-aom
[  161.669228][ T6660]  das08/jr-ao
[  161.685486][ T6688] 9pnet_virtio: no channels available for device syz
[  161.931307][ T6660]  das08jr-16-ao
[  161.934884][ T6660]  pc104-das08
[  161.938226][ T6660]  das08jr/16
[  161.991290][ T6660] comedi: valid board names for das16m1 driver are:
[  162.015403][ T6660]  das16m1
[  162.018422][ T6660] comedi: valid board names for dac02 driver are:
[  162.060102][ T6660]  dac02
[  162.110994][ T6660] comedi: valid board names for rti802 driver are:
[  162.152282][ T6660]  rti802
[  162.155248][ T6660] comedi: valid board names for rti800 driver are:
[  162.200981][ T6660]  rti800
[  162.214630][ T6660]  rti815
[  162.217561][ T6660] comedi: valid board names for pcm3724 driver are:
[  162.404307][ T6660]  pcm3724
[  162.407365][ T6660] comedi: valid board names for pcl818 driver are:
[  162.444931][ T6660]  pcl818l
[  162.447950][ T6660]  pcl818h
[  162.514287][ T6699] xt_NFQUEUE: number of queues (62232) out of range (got 67565)
[  163.132345][ T6660]  pcl818hd
[  163.135468][ T6660]  pcl818hg
[  163.138550][ T6660]  pcl818
[  163.213054][ T6660]  pcl718
[  163.216009][ T6660]  pcm3718
[  163.219061][ T6660] comedi: valid board names for pcl816 driver are:
[  163.276920][ T5832] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  163.286573][ T5832] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  163.294240][ T5832] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  163.311912][   T29] usb 3-1: new high-speed USB device number 3 using dummy_hcd
[  163.314174][ T6606] bridge0: port 1(bridge_slave_0) entered blocking state
[  163.337165][ T6606] bridge0: port 1(bridge_slave_0) entered disabled state
[  163.341144][ T6660]  pcl816
[  163.344346][ T5832] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  163.356610][ T6606] bridge_slave_0: entered allmulticast mode
[  163.356693][ T5832] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  163.374596][ T6606] bridge_slave_0: entered promiscuous mode
[  163.400695][ T6660]  pcl814b
[  163.416895][ T6136] bond0: (slave syz_tun): Releasing backup interface
[  163.438793][ T6606] bridge0: port 2(bridge_slave_1) entered blocking state
[  163.446464][ T6660] comedi: valid board names for pcl812 driver are:
[  163.544375][ T6660]  pcl812
[  163.547318][ T6660]  pcl812pg
[  163.563415][ T6606] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.572408][   T29] usb 3-1: unable to get BOS descriptor or descriptor too short
[  163.574552][ T6606] bridge_slave_1: entered allmulticast mode
[  163.586447][ T6660]  acl8112pg
[  163.589904][   T29] usb 3-1: config 13 has an invalid interface number: 177 but max is 0
[  163.606625][ T6660]  acl8112dg
[  163.609826][ T6660]  acl8112hg
[  163.621630][ T6660]  a821pgl
[  163.624637][ T6660]  a821pglnda
[  163.627899][ T6660]  a821pgh
[  163.630897][ T6660]  a822pgl
[  163.636084][ T6606] bridge_slave_1: entered promiscuous mode
[  163.661665][   T29] usb 3-1: config 13 has no interface number 0
[  163.678106][ T6660]  a822pgh
[  163.689163][ T6660]  a823pgl
[  163.699258][ T6660]  a823pgh
[  163.711072][   T29] usb 3-1: config 13 interface 177 altsetting 4 has an endpoint descriptor with address 0x99, changing to 0x89
[  163.743215][ T6660]  pcl813
[  163.746144][ T6660]  pcl813b
[  163.762147][ T6660]  acl8113
[  163.766283][ T6660]  iso813
[  163.769198][ T6660]  acl8216
[  163.775322][   T29] usb 3-1: config 13 interface 177 altsetting 4 endpoint 0x89 has an invalid bInterval 248, changing to 11
[  163.820974][   T29] usb 3-1: config 13 interface 177 has no altsetting 0
[  163.838911][ T6660]  a826pg
[  163.858244][ T6660] comedi: valid board names for pcl730 driver are:
[  163.875298][   T29] usb 3-1: New USB device found, idVendor=15c2, idProduct=0042, bcdDevice=ef.b8
[  163.907629][   T29] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  163.941934][ T6660]  pcl730
[  163.944871][ T6660]  iso730
[  163.947781][ T6660]  acl7130
[  163.950776][ T6660]  pcm3730
[  163.991778][ T6660]  pcl725
[  163.995515][ T6660]  p8r8dio
[  163.998528][ T6660]  acl7225b
[  164.011164][   T29] usb 3-1: Product: syz
[  164.015407][ T6660]  p16r16dio
[  164.018589][ T6660]  pcl733
[  164.035994][   T29] usb 3-1: Manufacturer: syz
[  164.040594][   T29] usb 3-1: SerialNumber: syz
[  164.056560][ T6660]  pcl734
[  164.059585][ T6660]  opmm-1616-xt
[  164.071757][   T36] hsr_slave_0: left promiscuous mode
[  164.101804][ T6660]  pearl-mm-p
[  164.105108][ T6660]  ir104-pbf
[  164.123166][   T36] hsr_slave_1: left promiscuous mode
[  164.129253][ T6660] comedi: valid board names for pcl726 driver are:
[  164.136273][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  164.171404][ T6660]  pcl726
[  164.176849][ T6660]  pcl727
[  164.179805][ T6660]  pcl728
[  164.182372][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  164.207616][ T6660]  acl6126
[  164.210661][ T6660]  acl6128
[  164.223583][ T6660] comedi: valid board names for pcl724 driver are:
[  164.230097][ T6660]  pcl724
[  164.261074][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  164.268577][ T6660]  pcl722
[  164.290390][ T6660]  pcl731
[  164.295043][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  164.306531][ T6660]  acl7122
[  164.321048][ T6660]  acl7124
[  164.341075][ T6660]  pet48dio
[  164.348462][ T6660]  pcmio48
[  164.357284][ T6660]  onyx-mm-dio
[  164.370546][ T6660] comedi: valid board names for pcl711 driver are:
[  164.395704][   T36] veth1_macvtap: left promiscuous mode
[  164.404841][   T36] veth0_macvtap: left promiscuous mode
[  164.405685][ T6660]  pcl711
[  164.423702][   T36] veth1_vlan: left promiscuous mode
[  164.436449][ T6660]  pcl711b
[  164.444632][   T36] veth0_vlan: left promiscuous mode
[  164.447044][ T6660]  acl8112hg
[  164.475584][ T6660]  acl8112dg
[  164.485196][ T6660] comedi: valid board names for amplc_pc263 driver are:
[  164.511154][ T6660]  pc263
[  164.517655][ T6660] comedi: valid board names for amplc_pc236 driver are:
[  164.536372][ T6660]  pc36at
[  164.543239][ T6660] comedi: valid board names for amplc_dio200 driver are:
[  164.561087][ T6660]  pc212e
[  164.568319][ T6660]  pc214e
[  164.590137][ T6660]  pc215e
[  164.605905][ T6660]  pc218e
[  164.613947][ T6660]  pc272e
[  164.637491][ T6660] comedi: valid board names for comedi_parport driver are:
[  164.672892][ T6660]  comedi_parport
[  164.696087][ T6660] comedi: valid board names for comedi_test driver are:
[  164.718424][ T6660]  comedi_test
[  164.728489][ T6660] comedi: valid board names for comedi_bond driver are:
[  164.744170][ T6715] fuseblk: Unknown parameter '
'
[  164.957139][ T6660]  comedi_bond
[  165.461984][   T52] Bluetooth: hci0: command tx timeout
[  166.019436][   T29] imon 3-1:13.177: unable to register, err -19
[  167.043995][   T29] usb 3-1: USB disconnect, device number 3
[  167.541033][   T52] Bluetooth: hci0: command tx timeout
[  167.547176][ T6737] IPVS: length: 528 != 6248
[  167.883351][   T36] team0 (unregistering): Port device team_slave_1 removed
[  167.981949][   T36] team0 (unregistering): Port device team_slave_0 removed
[  168.263515][ T6751] syz.5.239 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  168.433852][   T30] audit: type=1326 audit(1771345597.353:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.433915][   T30] audit: type=1326 audit(1771345597.353:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.433963][   T30] audit: type=1326 audit(1771345597.353:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434013][   T30] audit: type=1326 audit(1771345597.353:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434064][   T30] audit: type=1326 audit(1771345597.353:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434111][   T30] audit: type=1326 audit(1771345597.353:25): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434159][   T30] audit: type=1326 audit(1771345597.353:26): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434206][   T30] audit: type=1326 audit(1771345597.353:27): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434252][   T30] audit: type=1326 audit(1771345597.353:28): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.434299][   T30] audit: type=1326 audit(1771345597.353:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6745 comm="syz.5.239" exe="/root/syz-executor" sig=0 arch=c000003e syscall=66 compat=0 ip=0x7f7a7199bf79 code=0x7ffc0000
[  168.548655][ T6752] netlink: 24 bytes leftover after parsing attributes in process `syz.1.237'.
[  169.324788][ T6606] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  169.356253][ T6606] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  169.532776][ T6754] loop2: detected capacity change from 0 to 8
[  169.611427][   T52] Bluetooth: hci0: command tx timeout
[  169.747919][ T6753] SQUASHFS error: Failed to read block 0x1ec: -5
[  169.754293][ T6753] SQUASHFS error: Unable to read metadata cache entry [1ea]
[  170.024213][ T6606] team0: Port device team_slave_0 added
[  170.035422][ T6606] team0: Port device team_slave_1 added
[  170.175192][ T6606] batman_adv: batadv0: Adding interface: batadv_slave_0
[  170.182259][ T6606] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  170.209362][ T6606] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  170.242154][ T6606] batman_adv: batadv0: Adding interface: batadv_slave_1
[  170.249832][ T6606] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  170.282122][ T6606] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  170.489544][ T6606] hsr_slave_0: entered promiscuous mode
[  170.502247][ T6606] hsr_slave_1: entered promiscuous mode
[  170.515364][ T6606] debugfs: 'hsr0' already exists in 'hsr'
[  170.532166][ T6606] Cannot create hsr debugfs directory
[  170.888673][ T6759] bridge_slave_0: left allmulticast mode
[  170.925198][ T6759] bridge_slave_0: left promiscuous mode
[  170.963106][ T6759] bridge0: port 1(bridge_slave_0) entered disabled state
[  171.082348][ T6759] bridge_slave_1: left allmulticast mode
[  171.103926][ T6759] bridge_slave_1: left promiscuous mode
[  171.130196][ T6759] bridge0: port 2(bridge_slave_1) entered disabled state
[  171.194543][ T6759] bond0: (slave bond_slave_0): Releasing backup interface
[  171.325849][ T6759] bond0: (slave bond_slave_1): Releasing backup interface
[  171.719768][   T52] Bluetooth: hci0: command tx timeout
[  172.006397][ T6759] team0: Port device team_slave_0 removed
[  172.286139][ T6759] team0: Port device team_slave_1 removed
[  172.346355][ T6759] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  172.387224][ T6759] batman_adv: batadv0: Removing interface: batadv_slave_0
[  172.428434][ T6759] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  172.469307][ T6759] batman_adv: batadv0: Removing interface: batadv_slave_1
[  172.515922][ T6759] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  174.969900][   T30] kauditd_printk_skb: 85 callbacks suppressed
[  174.969953][   T30] audit: type=1326 audit(1771345603.873:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.325790][ T6799] workqueue: Failed to create a rescuer kthread for wq "xfs-conv/nullb0": -EINTR
[  175.403721][   T30] audit: type=1326 audit(1771345603.873:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.481423][   T30] audit: type=1326 audit(1771345603.873:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.520216][ T6701] chnl_net:caif_netlink_parms(): no params data found
[  175.520998][   T30] audit: type=1326 audit(1771345603.873:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.606870][   T30] audit: type=1326 audit(1771345603.883:119): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.619695][   T36] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  175.661099][   T30] audit: type=1326 audit(1771345603.883:120): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.801130][   T30] audit: type=1326 audit(1771345603.883:121): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.847454][   T30] audit: type=1326 audit(1771345603.883:122): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  175.901570][   T30] audit: type=1326 audit(1771345603.893:123): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6793 comm="syz.1.245" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7fcb8119bf79 code=0x7ffc0000
[  176.944423][   T36] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  177.301175][ T6810] ip6gretap1: default qdisc (pfifo_fast) fail, fallback to noqueue
[  177.722730][   T36] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.206456][   T36] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  181.467128][ T6701] bridge0: port 1(bridge_slave_0) entered blocking state
[  181.505064][ T6701] bridge0: port 1(bridge_slave_0) entered disabled state
[  181.583484][ T6701] bridge_slave_0: entered allmulticast mode
[  181.663904][ T6701] bridge_slave_0: entered promiscuous mode
[  181.946786][ T6701] bridge0: port 2(bridge_slave_1) entered blocking state
[  181.966976][ T6701] bridge0: port 2(bridge_slave_1) entered disabled state
[  181.987267][ T6701] bridge_slave_1: entered allmulticast mode
[  182.112506][ T6701] bridge_slave_1: entered promiscuous mode
[  185.666810][ T6701] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  185.799021][ T6701] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  185.881049][ T6871] warning: `syz.3.258' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  187.196668][ T6896] netlink: 40 bytes leftover after parsing attributes in process `syz.2.262'.
[  188.161401][ T5895] usb 2-1: new high-speed USB device number 2 using dummy_hcd
[  188.444827][ T5895] usb 2-1: Using ep0 maxpacket: 8
[  188.586686][ T5895] usb 2-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  188.774008][ T5895] usb 2-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  188.888283][ T6606] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  188.909640][ T5895] usb 2-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  188.962547][ T5895] usb 2-1: config 0 descriptor??
[  189.013096][ T5895] usb 2-1: bad CDC descriptors
[  189.060606][ T6606] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  189.155882][ T6915] netlink: 'syz.3.265': attribute type 10 has an invalid length.
[  189.189124][ T5895] usb 2-1: USB disconnect, device number 2
[  189.223179][ T6701] team0: Port device team_slave_0 added
[  189.257199][ T6606] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  189.270296][ T6917] IPVS: length: 528 != 8
[  189.423532][ T6701] team0: Port device team_slave_1 added
[  189.499247][ T6920] 8021q: adding VLAN 0 to HW filter on device bond0
[  189.785209][ T6606] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  190.733942][   T36] bridge_slave_1: left allmulticast mode
[  190.797946][   T36] bridge_slave_1: left promiscuous mode
[  190.827168][   T36] bridge0: port 2(bridge_slave_1) entered disabled state
[  190.887464][   T36] bridge_slave_0: left allmulticast mode
[  190.918295][   T36] bridge_slave_0: left promiscuous mode
[  190.948289][   T36] bridge0: port 1(bridge_slave_0) entered disabled state
[  191.583856][   T36] bond_slave_0: left promiscuous mode
[  191.625877][   T36] bond_slave_1: left promiscuous mode
[  191.999650][ T6943] loop5: detected capacity change from 0 to 512
[  192.080511][ T6943] EXT4-fs error (device loop5): ext4_orphan_get:1391: inode #15: comm syz.5.273: inode has both inline data and extents flags
[  192.172713][ T6943] loop5: lost file I/O error report for ino 15 type 5 pos 0x0 len 0x0 error -117
[  192.190021][ T6943] EXT4-fs error (device loop5): ext4_orphan_get:1396: comm syz.5.273: couldn't read orphan inode 15 (err -117)
[  192.199173][    C1] EXT4-fs (loop5): error count since last fsck: 1
[  192.199190][    C1] EXT4-fs (loop5): initial error at time 1771345621: ext4_orphan_get:1391: inode 15
[  192.199219][    C1] EXT4-fs (loop5): last error at time 1771345621: ext4_orphan_get:1391: inode 15
[  192.291021][ T6943] loop5: lost filesystem error report for type 5 error -117
[  192.292766][ T6943] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  192.384749][   T30] audit: type=1326 audit(1771345621.433:124): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  192.408382][   T30] audit: type=1326 audit(1771345621.433:125): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  192.475572][   T30] audit: type=1326 audit(1771345621.433:126): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.529507][   T36] bond1 (unregistering): (slave macvlan2): Removing an active aggregator
[  192.539520][   T36] bond1 (unregistering): (slave macvlan2): Releasing backup interface
[  192.599409][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  192.639345][   T30] audit: type=1326 audit(1771345621.433:127): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.711301][   T30] audit: type=1326 audit(1771345621.433:128): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.736254][   T30] audit: type=1326 audit(1771345621.433:129): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.736893][   T36] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  192.760230][   T30] audit: type=1326 audit(1771345621.433:130): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.876424][   T36] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  192.921790][   T30] audit: type=1326 audit(1771345621.443:131): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.924489][ T6953] netlink: 16 bytes leftover after parsing attributes in process `syz.5.276'.
[  192.945140][   T30] audit: type=1326 audit(1771345621.443:132): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  192.980600][   T36] bond0 (unregistering): Released all slaves
[  193.037824][   T36] bond1 (unregistering): Released all slaves
[  193.056437][ T6953] netlink: 32 bytes leftover after parsing attributes in process `syz.5.276'.
[  193.071127][   T30] audit: type=1326 audit(1771345621.443:133): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6948 comm="syz.2.275" exe="/root/syz-executor" sig=0 arch=c000003e syscall=230 compat=0 ip=0x7fd5f475c84e code=0x7ffc0000
[  193.474747][ T6701] batman_adv: batadv0: Adding interface: batadv_slave_0
[  193.508023][ T6701] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.539818][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  193.539903][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  193.557971][ T6701] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  193.624198][ T6701] batman_adv: batadv0: Adding interface: batadv_slave_1
[  193.641066][ T6701] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  193.708705][ T6701] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  193.742836][   T36] tipc: Left network mode
[  193.817782][   T29] hid-generic FFFF:0003:0000.0004: unknown main item tag 0x0
[  193.830392][   T29] hid-generic FFFF:0003:0000.0004: unknown main item tag 0x0
[  193.881759][   T29] hid-generic FFFF:0003:0000.0004: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  194.008210][ T6967] fido_id[6967]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  194.104493][ T6904] Bluetooth: (null): Invalid header checksum
[  194.467468][ T6701] hsr_slave_0: entered promiscuous mode
[  194.496185][ T6701] hsr_slave_1: entered promiscuous mode
[  194.514326][ T6701] debugfs: 'hsr0' already exists in 'hsr'
[  194.528335][ T6701] Cannot create hsr debugfs directory
[  194.901047][ T5823] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  195.096726][ T5823] usb 6-1: Using ep0 maxpacket: 8
[  195.128617][ T5823] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  195.155653][ T5823] usb 6-1: New USB device found, idVendor=0421, idProduct=0335, bcdDevice=5f.0e
[  195.213973][ T5823] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  195.312691][ T5823] usb 6-1: config 0 descriptor??
[  195.318577][   T36] hsr_slave_0: left promiscuous mode
[  195.387785][ T5823] usb 6-1: bad CDC descriptors
[  195.410443][   T36] hsr_slave_1: left promiscuous mode
[  195.429768][ T5823] cdc_acm 6-1:0.0: Control and data interfaces are not separated!
[  195.448837][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  195.475646][ T5823] cdc_acm 6-1:0.0: This needs exactly 3 endpoints
[  195.491028][   T36] batman_adv: batadv0: Removing interface: batadv_slave_0
[  195.498328][ T5823] cdc_acm 6-1:0.0: probe with driver cdc_acm failed with error -22
[  195.516762][   T36] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  195.531124][   T36] batman_adv: batadv0: Removing interface: batadv_slave_1
[  195.582975][ T6996] xt_NFQUEUE: number of queues (62232) out of range (got 67565)
[  195.789257][ T5823] usb 6-1: USB disconnect, device number 3
[  196.202861][   T36] veth1_macvtap: left promiscuous mode
[  196.208378][   T36] veth0_macvtap: left promiscuous mode
[  196.238120][   T36] veth1_vlan: left promiscuous mode
[  196.259583][   T36] veth0_vlan: left promiscuous mode
[  196.980503][   T36] team0 (unregistering): Port device team_slave_1 removed
[  197.004081][   T36] team0 (unregistering): Port device team_slave_0 removed
[  197.111022][ T5823] usb 6-1: new high-speed USB device number 4 using dummy_hcd
[  197.311061][ T5823] usb 6-1: Using ep0 maxpacket: 32
[  197.321592][ T5823] usb 6-1: config index 0 descriptor too short (expected 29220, got 36)
[  197.342496][ T5823] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32
[  197.380967][ T5823] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81
[  197.396705][ T5823] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0
[  197.417794][ T5823] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0
[  197.437626][ T5823] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18
[  197.514560][ T5823] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40
[  197.516110][ T6606] 8021q: adding VLAN 0 to HW filter on device bond0
[  197.562504][ T5823] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  197.609699][ T5823] usb 6-1: config 0 descriptor??
[  197.854898][ T5823] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 4 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17
[  197.917097][ T5823] usb 6-1: USB disconnect, device number 4
[  198.007593][ T6606] 8021q: adding VLAN 0 to HW filter on device team0
[  198.022186][ T5823] usblp0: removed
[  198.112691][   T30] kauditd_printk_skb: 62 callbacks suppressed
[  198.112707][   T30] audit: type=1326 audit(1771345627.173:196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7017 comm="syz.3.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb5d9bf79 code=0x7ffc0000
[  198.193476][   T30] audit: type=1326 audit(1771345627.173:197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7017 comm="syz.3.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7fedb5d9bf79 code=0x7ffc0000
[  198.250895][ T5895] hid-generic FFFF:0003:0000.0005: unknown main item tag 0x0
[  198.255338][ T6904] bridge0: port 1(bridge_slave_0) entered blocking state
[  198.269784][ T5895] hid-generic FFFF:0003:0000.0005: unknown main item tag 0x0
[  198.269852][ T6904] bridge0: port 1(bridge_slave_0) entered forwarding state
[  198.324427][   T30] audit: type=1326 audit(1771345627.173:198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7017 comm="syz.3.290" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7fedb5d9bf79 code=0x7ffc0000
[  198.378402][ T5895] hid-generic FFFF:0003:0000.0005: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  198.605347][ T7022] fido_id[7022]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  198.996552][ T6904] bridge0: port 2(bridge_slave_1) entered blocking state
[  199.003746][ T6904] bridge0: port 2(bridge_slave_1) entered forwarding state
[  199.225811][ T7040] loop1: detected capacity change from 0 to 256
[  200.706598][ T6701] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  200.731320][ T5829] Bluetooth: hci4: command 0x0406 tx timeout
[  200.731565][ T5833] Bluetooth: hci5: command 0x0406 tx timeout
[  200.737355][ T5829] Bluetooth: hci2: command 0x0406 tx timeout
[  200.743714][ T5844] Bluetooth: hci3: command 0x0406 tx timeout
[  200.785324][ T6701] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  201.018052][ T6701] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  201.035185][ T6701] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  201.174936][ T6606] 8021q: adding VLAN 0 to HW filter on device batadv0
[  201.261781][ T5940] usb 2-1: new low-speed USB device number 3 using dummy_hcd
[  203.851146][ T5940] usb 2-1: config 168 descriptor has 1 excess byte, ignoring
[  203.858580][ T5940] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 77, setting to 8
[  203.944713][ T5940] usb 2-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F
[  204.061512][ T5940] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 10
[  204.086087][ T6701] 8021q: adding VLAN 0 to HW filter on device bond0
[  204.132833][ T5940] usb 2-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 65535, setting to 8
[  204.199321][ T5940] usb 2-1: unable to read config index 1 descriptor/start: -71
[  204.231878][ T6701] 8021q: adding VLAN 0 to HW filter on device team0
[  204.261029][ T5940] usb 2-1: can't read configurations, error -71
[  204.338226][ T3495] bridge0: port 1(bridge_slave_0) entered blocking state
[  204.345399][ T3495] bridge0: port 1(bridge_slave_0) entered forwarding state
[  204.425436][ T3495] bridge0: port 2(bridge_slave_1) entered blocking state
[  204.432604][ T3495] bridge0: port 2(bridge_slave_1) entered forwarding state
[  204.785431][ T7103] loop1: detected capacity change from 0 to 256
[  205.229283][ T6606] veth0_vlan: entered promiscuous mode
[  205.324732][ T6606] veth1_vlan: entered promiscuous mode
[  205.324791][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.5.314'.
[  205.422959][ T7118] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  205.430237][ T7118] IPv6: NLM_F_CREATE should be set when creating new route
[  205.491289][ T7118] netlink: 12 bytes leftover after parsing attributes in process `syz.5.314'.
[  206.493587][   T36] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.516901][  T998] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.754341][ T5842] Bluetooth: hci6: unexpected cc 0x0c03 length: 249 > 1
[  206.764867][ T5842] Bluetooth: hci6: unexpected cc 0x1003 length: 249 > 9
[  206.776892][ T5842] Bluetooth: hci6: unexpected cc 0x1001 length: 249 > 9
[  206.795021][ T5842] Bluetooth: hci6: unexpected cc 0x0c23 length: 249 > 4
[  206.800648][  T998] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.817982][ T5842] Bluetooth: hci6: unexpected cc 0x0c38 length: 249 > 2
[  206.889178][ T7145] loop5: detected capacity change from 0 to 1024
[  206.891208][  T998] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  206.958146][ T7145] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  207.174192][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  207.275883][ T6701] 8021q: adding VLAN 0 to HW filter on device batadv0
[  207.373259][   T30] audit: type=1326 audit(1771345636.433:199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  207.473121][   T30] audit: type=1326 audit(1771345636.483:200): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  207.593503][   T30] audit: type=1326 audit(1771345636.483:201): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  207.739589][   T30] audit: type=1326 audit(1771345636.483:202): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  208.471026][   T30] audit: type=1326 audit(1771345636.483:203): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  208.560690][   T30] audit: type=1326 audit(1771345636.483:204): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  208.710396][   T30] audit: type=1326 audit(1771345636.483:205): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  208.816977][   T30] audit: type=1326 audit(1771345636.483:206): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  208.897261][   T52] Bluetooth: hci6: command tx timeout
[  208.903181][   T30] audit: type=1326 audit(1771345636.483:207): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  208.940991][   T30] audit: type=1326 audit(1771345636.483:208): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7133 comm="syz.1.319" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7fcb8113d399 code=0x7ffc0000
[  209.797155][ T7194] program syz.3.330 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  209.914273][ T7142] chnl_net:caif_netlink_parms(): no params data found
[  210.974015][   T52] Bluetooth: hci6: command tx timeout
[  212.293571][ T7224] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(9)
[  212.300193][ T7224] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  213.251436][   T52] Bluetooth: hci6: command tx timeout
[  215.292208][   T52] Bluetooth: hci6: command tx timeout
[  215.319241][ T7224] vhci_hcd vhci_hcd.0: Device attached
[  216.341041][ T5910] usb 40-1: SetAddress Request (2) to port 0
[  216.376268][ T5910] usb 40-1: new SuperSpeed USB device number 2 using vhci_hcd
[  216.384911][ T7142] bridge0: port 1(bridge_slave_0) entered blocking state
[  216.581984][ T7142] bridge0: port 1(bridge_slave_0) entered disabled state
[  216.589190][ T7142] bridge_slave_0: entered allmulticast mode
[  216.643718][ T7142] bridge_slave_0: entered promiscuous mode
[  216.732336][ T7142] bridge0: port 2(bridge_slave_1) entered blocking state
[  216.739469][ T7142] bridge0: port 2(bridge_slave_1) entered disabled state
[  216.751577][ T7239] 9pnet_virtio: no channels available for device syz
[  216.804240][ T7142] bridge_slave_1: entered allmulticast mode
[  216.848221][ T7142] bridge_slave_1: entered promiscuous mode
[  217.006253][ T6701] veth0_vlan: entered promiscuous mode
[  217.224934][ T7142] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  217.328323][ T7142] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  217.463962][ T6701] veth1_vlan: entered promiscuous mode
[  217.650602][ T1124] bridge_slave_1: left allmulticast mode
[  217.666571][ T1124] bridge_slave_1: left promiscuous mode
[  217.682000][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state
[  217.782958][ T1124] bridge_slave_0: left allmulticast mode
[  217.788637][ T1124] bridge_slave_0: left promiscuous mode
[  217.829162][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state
[  217.838732][ T7225] vhci_hcd: connection reset by peer
[  217.879187][   T93] vhci_hcd vhci_hcd.3: stop threads
[  217.910132][   T93] vhci_hcd vhci_hcd.3: release socket
[  217.950848][   T93] vhci_hcd vhci_hcd.3: disconnect device
[  218.297190][ T5842] Bluetooth: hci2: hcon ffff888029fc8000 sent 0 < count 65533
[  218.556020][ T5842] Bluetooth: hci2: hcon ffff888029fc8000 sent 0 < count 1058
[  218.832962][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  218.857964][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  218.882759][ T1124] bond0 (unregistering): Released all slaves
[  218.928143][ T7142] team0: Port device team_slave_0 added
[  218.987565][ T7142] team0: Port device team_slave_1 added
[  219.160985][ T5956] usb 4-1: new high-speed USB device number 9 using dummy_hcd
[  219.222918][ T7142] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.250204][ T7142] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  219.319526][ T7142] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.342947][ T7142] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.357355][ T7142] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  219.393384][ T5956] usb 4-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  219.421146][ T7142] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  219.470161][ T5956] usb 4-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  219.505534][ T1124] hsr_slave_0: left promiscuous mode
[  219.515523][ T5956] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  219.521415][ T7277] loop5: detected capacity change from 0 to 512
[  219.530306][ T1124] hsr_slave_1: left promiscuous mode
[  219.540761][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0
[  219.560260][ T5956] usb 4-1: Product: syz
[  219.566854][ T5956] usb 4-1: Manufacturer: syz
[  219.580490][ T5956] usb 4-1: SerialNumber: syz
[  219.585842][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1
[  219.613405][ T1124] veth1_vlan: left promiscuous mode
[  219.651832][ T7277] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  219.668224][ T1124] veth0_vlan: left promiscuous mode
[  219.746186][ T7277] ext4 filesystem being mounted at /86/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  219.836750][ T5956] usblp 4-1:1.0: usblp0: USB Unidirectional printer dev 9 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  220.090147][    C0] usblp0: nonzero write bulk status received: -71
[  220.090701][ T5956] usb 4-1: USB disconnect, device number 9
[  220.159107][ T5956] usblp0: removed
[  220.291952][ T1124] team0 (unregistering): Port device team_slave_1 removed
[  220.329569][ T1124] team0 (unregistering): Port device team_slave_0 removed
[  221.691389][ T5910] usb 40-1: device descriptor read/8, error -110
[  223.150212][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  223.168484][   T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  223.176425][   T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  223.184561][   T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  223.192401][   T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  223.278389][ T5910] usb usb40-port1: attempt power cycle
[  223.682866][ T7142] hsr_slave_0: entered promiscuous mode
[  223.742104][ T7142] hsr_slave_1: entered promiscuous mode
[  223.944624][ T5910] usb usb40-port1: unable to enumerate USB device
[  225.214710][   T52] Bluetooth: hci1: command tx timeout
[  225.768632][ T7334] block device autoloading is deprecated and will be removed.
[  226.048330][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.292074][   T52] Bluetooth: hci1: command tx timeout
[  229.531017][   T52] Bluetooth: hci1: command tx timeout
[  230.081774][ T7294] chnl_net:caif_netlink_parms(): no params data found
[  230.135808][ T7142] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  230.262793][ T7142] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  230.295400][ T7142] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  230.535341][ T7142] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  230.691596][ T1124] bridge_slave_1: left allmulticast mode
[  230.697326][ T1124] bridge_slave_1: left promiscuous mode
[  230.707708][ T1124] bridge0: port 2(bridge_slave_1) entered disabled state
[  230.775965][ T1124] bridge_slave_0: left allmulticast mode
[  230.784795][ T1124] bridge_slave_0: left promiscuous mode
[  230.803778][ T1124] bridge0: port 1(bridge_slave_0) entered disabled state
[  231.544838][ T7383] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(6)
[  231.551374][ T7383] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus)
[  231.621064][   T52] Bluetooth: hci1: command tx timeout
[  231.678130][ T7383] vhci_hcd vhci_hcd.0: Device attached
[  231.708755][ T1124] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  231.768110][ T1124] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  231.838285][ T1124] bond0 (unregistering): Released all slaves
[  232.009402][ T7384] vhci_hcd: connection closed
[  232.009542][ T5989] usb 40-1: SetAddress Request (6) to port 0
[  232.020656][ T5989] usb 40-1: new SuperSpeed USB device number 6 using vhci_hcd
[  232.061553][ T1133] vhci_hcd vhci_hcd.3: stop threads
[  232.067349][ T1133] vhci_hcd vhci_hcd.3: release socket
[  232.099876][ T1133] vhci_hcd vhci_hcd.3: disconnect device
[  232.108379][ T5989] usb 40-1: enqueue for inactive port 0
[  232.183217][ T7386] bridge0: entered promiscuous mode
[  232.189419][ T7386] macvlan2: entered promiscuous mode
[  232.392281][ T1124] hsr_slave_0: left promiscuous mode
[  232.399176][ T1124] hsr_slave_1: left promiscuous mode
[  232.411746][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_0
[  232.430079][ T1124] batman_adv: batadv0: Removing interface: batadv_slave_1
[  232.468170][ T1124] veth1_vlan: left promiscuous mode
[  232.474509][ T1124] veth0_vlan: left promiscuous mode
[  232.552032][ T5989] usb usb40-port1: attempt power cycle
[  233.181874][ T5989] usb usb40-port1: unable to enumerate USB device
[  234.165770][ T7400] loop5: detected capacity change from 0 to 512
[  234.294168][ T7400] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  234.381125][ T7400] ext4 filesystem being mounted at /93/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  234.402058][ T1124] team0 (unregistering): Port device team_slave_1 removed
[  234.504618][ T1124] team0 (unregistering): Port device team_slave_0 removed
[  235.336330][ T7294] bridge0: port 1(bridge_slave_0) entered blocking state
[  235.347204][ T7294] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.360041][ T7294] bridge_slave_0: entered allmulticast mode
[  235.377429][ T7294] bridge_slave_0: entered promiscuous mode
[  235.804457][   T52] Bluetooth: hci3: hcon ffff888028d70000 sent 1 < count 65533
[  235.877544][   T52] Bluetooth: hci3: hcon ffff888028d70000 sent 0 < count 1058
[  235.943826][ T7294] bridge0: port 2(bridge_slave_1) entered blocking state
[  235.951635][ T7294] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.996829][ T7294] bridge_slave_1: entered allmulticast mode
[  236.015717][ T7294] bridge_slave_1: entered promiscuous mode
[  236.356335][   T10] hid-generic FFFF:0003:0000.0006: unknown main item tag 0x0
[  236.381349][   T10] hid-generic FFFF:0003:0000.0006: unknown main item tag 0x0
[  236.431387][   T10] hid-generic FFFF:0003:0000.0006: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  236.562223][ T7294] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  237.103784][ T7430] fido_id[7430]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  237.107125][ T7294] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  237.529141][ T7294] team0: Port device team_slave_0 added
[  238.358990][ T7294] team0: Port device team_slave_1 added
[  238.565911][ T7294] batman_adv: batadv0: Adding interface: batadv_slave_0
[  238.580938][ T7294] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  238.621327][ T7294] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  238.642570][ T7294] batman_adv: batadv0: Adding interface: batadv_slave_1
[  238.649507][ T7294] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  238.853510][ T7294] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  241.123229][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  241.206743][ T7294] hsr_slave_0: entered promiscuous mode
[  241.226929][ T7294] hsr_slave_1: entered promiscuous mode
[  241.256988][ T7294] debugfs: 'hsr0' already exists in 'hsr'
[  241.271944][ T7294] Cannot create hsr debugfs directory
[  241.933618][ T7142] 8021q: adding VLAN 0 to HW filter on device bond0
[  242.345251][ T7142] 8021q: adding VLAN 0 to HW filter on device team0
[  242.485904][   T50] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.493244][   T50] bridge0: port 1(bridge_slave_0) entered forwarding state
[  242.676942][   T50] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.684086][   T50] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.515251][ T7496] netlink: 12 bytes leftover after parsing attributes in process `syz.1.397'.
[  245.941459][ T7526] netlink: 28 bytes leftover after parsing attributes in process `syz.5.402'.
[  246.053441][ T7294] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  246.134635][ T7294] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  246.217537][ T7294] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  246.285045][ T7294] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  246.427081][ T7142] 8021q: adding VLAN 0 to HW filter on device batadv0
[  247.344326][ T7553] loop2: detected capacity change from 0 to 512
[  247.443185][ T7553] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  247.561453][ T7553] ext4 filesystem being mounted at /81/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  247.592697][ T7294] 8021q: adding VLAN 0 to HW filter on device bond0
[  247.697766][ T7294] 8021q: adding VLAN 0 to HW filter on device team0
[  247.797451][   T36] bridge0: port 1(bridge_slave_0) entered blocking state
[  247.804620][   T36] bridge0: port 1(bridge_slave_0) entered forwarding state
[  247.927312][   T36] bridge0: port 2(bridge_slave_1) entered blocking state
[  247.934491][   T36] bridge0: port 2(bridge_slave_1) entered forwarding state
[  248.073677][ T7142] veth0_vlan: entered promiscuous mode
[  248.116726][ T7142] veth1_vlan: entered promiscuous mode
[  248.121624][ T7577] netlink: 16 bytes leftover after parsing attributes in process `syz.3.410'.
[  248.159078][ T7577] netlink: 32 bytes leftover after parsing attributes in process `syz.3.410'.
[  248.217608][ T5989] hid-generic FFFF:0003:0000.0007: unknown main item tag 0x0
[  248.230982][ T5989] hid-generic FFFF:0003:0000.0007: unknown main item tag 0x0
[  248.251080][ T5989] hid-generic FFFF:0003:0000.0007: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  248.280576][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  248.310129][ T7142] veth0_macvtap: entered promiscuous mode
[  248.425778][ T7584] fido_id[7584]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  248.627998][ T7592] loop2: detected capacity change from 0 to 256
[  248.714554][ T7594] loop5: detected capacity change from 0 to 128
[  248.722234][ T7594] FAT-fs (loop5): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  248.746717][ T7594] FAT-fs (loop5): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  248.786436][ T7594] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 0)
[  248.795229][ T7594] FAT-fs (loop5): Filesystem has been set read-only
[  249.374360][ T7142] veth1_macvtap: entered promiscuous mode
[  249.590267][ T7142] batman_adv: batadv0: Interface activated: batadv_slave_0
[  249.672519][ T7142] batman_adv: batadv0: Interface activated: batadv_slave_1
[  249.721541][   T93] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  249.902585][   T93] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  249.929498][ T1124] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.883154][ T1124] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  252.797215][ T7636] loop5: detected capacity change from 0 to 512
[  252.937205][ T7625] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  252.988176][ T7636] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.031894][ T7636] ext4 filesystem being mounted at /104/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  254.463558][ T7653] netlink: 16 bytes leftover after parsing attributes in process `syz.3.426'.
[  254.472712][ T7653] netlink: 32 bytes leftover after parsing attributes in process `syz.3.426'.
[  254.541774][ T7625] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.628303][ T7294] 8021q: adding VLAN 0 to HW filter on device batadv0
[  254.691276][ T7625] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  254.761080][ T6900] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.768943][ T6900] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.914171][ T7625] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  255.011580][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  255.017967][ T1297] ieee802154 phy1 wpan1: encryption failed: -22
[  255.071665][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  255.079510][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  255.347647][   T50] netdevsim netdevsim1 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  255.434037][   T50] netdevsim netdevsim1 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  255.504552][   T50] netdevsim netdevsim1 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  255.588464][   T50] netdevsim netdevsim1 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  255.610058][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.715685][ T7662] syzkaller1: entered promiscuous mode
[  255.757302][ T7662] syzkaller1: entered allmulticast mode
[  256.020790][ T7678] fuseblk: Unknown parameter '
'
[  256.394458][ T7686] IPVS: length: 528 != 8
[  258.273595][ T5989] hid-generic FFFF:0003:0000.0008: unknown main item tag 0x0
[  258.292251][ T5989] hid-generic FFFF:0003:0000.0008: unknown main item tag 0x0
[  258.338471][ T5989] hid-generic FFFF:0003:0000.0008: hidraw0: <UNKNOWN> HID v0.03 Device [syz1] on syz1
[  258.505775][ T7705] fido_id[7705]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  258.665204][ T7294] veth0_vlan: entered promiscuous mode
[  259.349367][ T7713] loop6: detected capacity change from 0 to 40427
[  259.423948][ T7713] F2FS-fs (loop6): Image doesn't support compression
[  259.430745][ T7713] F2FS-fs (loop6): build fault injection rate: 684
[  259.437382][ T7713] F2FS-fs (loop6): build fault injection type: 0x35f7
[  259.452341][ T7713] F2FS-fs (loop6): invalid crc value
[  259.640310][ T7712] bridge0: port 1(bridge_slave_0) entered disabled state
[  259.643124][ T7709] netlink: 16 bytes leftover after parsing attributes in process `syz.2.438'.
[  259.649791][ T7712] bridge0: port 2(bridge_slave_1) entered disabled state
[  259.657192][ T7709] netlink: 32 bytes leftover after parsing attributes in process `syz.2.438'.
[  259.764119][ T7713] F2FS-fs (loop6): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  259.781393][ T7713] F2FS-fs (loop6): Start checkpoint disabled!
[  259.787350][ T7294] veth1_vlan: entered promiscuous mode
[  259.804345][ T7713] F2FS-fs (loop6): f2fs_disable_checkpoint() finish, err:0
[  259.813076][ T7713] F2FS-fs (loop6): Mounted with checkpoint version = 48b305e6
[  259.957442][ T7294] veth0_macvtap: entered promiscuous mode
[  260.031880][ T7294] veth1_macvtap: entered promiscuous mode
[  260.038696][ T1124] kworker/u8:8: attempt to access beyond end of device
[  260.038696][ T1124] loop6: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  260.083341][ T1124] CPU: 0 UID: 0 PID: 1124 Comm: kworker/u8:8 Not tainted syzkaller #0 PREEMPT(full) 
[  260.083375][ T1124] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  260.083392][ T1124] Workqueue: writeback wb_workfn (flush-7:6)
[  260.083441][ T1124] Call Trace:
[  260.083451][ T1124]  <TASK>
[  260.083460][ T1124]  dump_stack_lvl+0xe8/0x150
[  260.083499][ T1124]  f2fs_handle_critical_error+0x37c/0x540
[  260.083546][ T1124]  f2fs_write_end_io+0xcdb/0xff0
[  260.083593][ T1124]  __submit_merged_bio+0x256/0x700
[  260.083639][ T1124]  __submit_merged_write_cond+0x3c9/0x4e0
[  260.083688][ T1124]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  260.083754][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.083793][ T1124]  f2fs_write_data_pages+0x2975/0x35e0
[  260.083819][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.083888][ T1124]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  260.083928][ T1124]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  260.083997][ T1124]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  260.084059][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.084109][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.084141][ T1124]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  260.084169][ T1124]  do_writepages+0x32e/0x550
[  260.084208][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.084236][ T1124]  ? reacquire_held_locks+0x104/0x190
[  260.084272][ T1124]  ? writeback_sb_inodes+0x43d/0x19a0
[  260.084309][ T1124]  __writeback_single_inode+0x133/0x11a0
[  260.084342][ T1124]  ? do_raw_spin_unlock+0xf5/0x210
[  260.084372][ T1124]  writeback_sb_inodes+0x944/0x19a0
[  260.084408][ T1124]  ? ret_from_fork_asm+0x1a/0x30
[  260.084460][ T1124]  ? __lock_acquire+0x6b5/0x2cf0
[  260.084506][ T1124]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  260.084534][ T1124]  ? do_raw_spin_lock+0x12b/0x2f0
[  260.084604][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.084633][ T1124]  ? rcu_is_watching+0x15/0xb0
[  260.084667][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.084714][ T1124]  wb_writeback+0x456/0xb70
[  260.084751][ T1124]  ? queue_io+0x1d1/0x4a0
[  260.084790][ T1124]  ? __pfx_wb_writeback+0x10/0x10
[  260.084816][ T1124]  ? do_raw_spin_lock+0x12b/0x2f0
[  260.084860][ T1124]  wb_workfn+0x414/0xf50
[  260.084902][ T1124]  ? look_up_lock_class+0x57/0x110
[  260.084949][ T1124]  ? __pfx_wb_workfn+0x10/0x10
[  260.084995][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085024][ T1124]  ? do_raw_spin_lock+0x12b/0x2f0
[  260.085052][ T1124]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  260.085077][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085114][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085148][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085182][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085215][ T1124]  ? process_scheduled_works+0xa25/0x1830
[  260.085247][ T1124]  ? process_scheduled_works+0xa25/0x1830
[  260.085282][ T1124]  process_scheduled_works+0xb02/0x1830
[  260.085344][ T1124]  ? __pfx_process_scheduled_works+0x10/0x10
[  260.085380][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085404][ T1124]  ? assign_work+0x3d5/0x5e0
[  260.085441][ T1124]  worker_thread+0xa50/0xfc0
[  260.085493][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085533][ T1124]  kthread+0x388/0x470
[  260.085558][ T1124]  ? __pfx_worker_thread+0x10/0x10
[  260.085589][ T1124]  ? __pfx_kthread+0x10/0x10
[  260.085614][ T1124]  ret_from_fork+0x51e/0xb90
[  260.085651][ T1124]  ? __pfx_ret_from_fork+0x10/0x10
[  260.085681][ T1124]  ? srso_alias_return_thunk+0x5/0xfbef5
[  260.085805][ T1124]  ? __switch_to+0xc7d/0x1450
[  260.085839][ T1124]  ? __pfx_kthread+0x10/0x10
[  260.085865][ T1124]  ret_from_fork_asm+0x1a/0x30
[  260.085922][ T1124]  </TASK>
[  260.088370][ T1124] F2FS-fs (loop6): Stopped filesystem due to reason: 3
[  260.108843][ T7294] batman_adv: batadv0: Interface activated: batadv_slave_0
[  260.624470][ T7294] batman_adv: batadv0: Interface activated: batadv_slave_1
[  260.711111][   T49] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  260.719945][   T49] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  260.767320][   T49] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  260.886423][   T49] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  260.962169][ T7731] fuseblk: Unknown parameter '
'
[  262.119762][   T50] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  262.330127][   T30] kauditd_printk_skb: 58 callbacks suppressed
[  262.330148][   T30] audit: type=1326 audit(1771345691.383:267): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  262.340313][   T50] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  262.607026][ T7742] IPVS: length: 528 != 8
[  263.309130][   T30] audit: type=1326 audit(1771345691.383:268): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  263.338428][   T30] audit: type=1326 audit(1771345691.383:269): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=246 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  264.058720][   T30] audit: type=1326 audit(1771345691.383:270): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  264.081055][   T30] audit: type=1326 audit(1771345691.383:271): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  264.154060][ T7743] mmap: syz.2.447 (7743) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  264.260537][   T49] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  264.271768][   T49] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  264.450948][   T30] audit: type=1326 audit(1771345691.383:272): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  264.509567][   T30] audit: type=1326 audit(1771345691.383:273): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=42 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  264.711378][   T30] audit: type=1326 audit(1771345691.383:274): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  264.852575][   T30] audit: type=1326 audit(1771345691.383:275): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  266.820996][   T30] audit: type=1326 audit(1771345691.383:276): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7732 comm="syz.2.447" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd5f479bf79 code=0x7ffc0000
[  267.600095][ T7773] bridge0: port 1(bridge_slave_0) entered disabled state
[  267.616978][ T7773] bridge0: port 2(bridge_slave_1) entered disabled state
[  267.755760][ T7773] macvlan2: left promiscuous mode
[  268.137080][ T7773] loop3: detected capacity change from 0 to 40427
[  268.185381][ T7771] comedi comedi0: Minor 3 could not be opened
[  268.206285][ T7773] F2FS-fs (loop3): Image doesn't support compression
[  268.214530][ T7773] F2FS-fs (loop3): build fault injection rate: 684
[  268.221166][ T7773] F2FS-fs (loop3): build fault injection type: 0x35f7
[  268.233878][ T7773] F2FS-fs (loop3): invalid crc value
[  268.321490][ T7773] F2FS-fs (loop3): f2fs_recover_fsync_data: recovery fsync data, check_only: 0
[  268.351285][ T7773] F2FS-fs (loop3): Start checkpoint disabled!
[  268.361100][ T7773] F2FS-fs (loop3): f2fs_disable_checkpoint() finish, err:0
[  268.368762][ T7773] F2FS-fs (loop3): Mounted with checkpoint version = 48b305e6
[  268.624197][   T50] kworker/u8:4: attempt to access beyond end of device
[  268.624197][   T50] loop3: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  268.711529][   T50] CPU: 1 UID: 0 PID: 50 Comm: kworker/u8:4 Not tainted syzkaller #0 PREEMPT(full) 
[  268.711562][   T50] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  268.711579][   T50] Workqueue: writeback wb_workfn (flush-7:3)
[  268.711629][   T50] Call Trace:
[  268.711638][   T50]  <TASK>
[  268.711647][   T50]  dump_stack_lvl+0xe8/0x150
[  268.711686][   T50]  f2fs_handle_critical_error+0x37c/0x540
[  268.711732][   T50]  f2fs_write_end_io+0xcdb/0xff0
[  268.711782][   T50]  __submit_merged_bio+0x256/0x700
[  268.711828][   T50]  __submit_merged_write_cond+0x3c9/0x4e0
[  268.711877][   T50]  ? __pfx___submit_merged_write_cond+0x10/0x10
[  268.711932][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.711981][   T50]  f2fs_write_data_pages+0x2975/0x35e0
[  268.712007][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.712078][   T50]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  268.712120][   T50]  ? __pfx_f2fs_available_free_memory+0x10/0x10
[  268.712190][   T50]  ? __pfx_f2fs_balance_fs_bg+0x10/0x10
[  268.712253][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.712304][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.712337][   T50]  ? __pfx_f2fs_write_data_pages+0x10/0x10
[  268.712365][   T50]  do_writepages+0x32e/0x550
[  268.712407][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.712437][   T50]  ? reacquire_held_locks+0x104/0x190
[  268.712473][   T50]  ? writeback_sb_inodes+0x43d/0x19a0
[  268.712510][   T50]  __writeback_single_inode+0x133/0x11a0
[  268.712543][   T50]  ? do_raw_spin_unlock+0xf5/0x210
[  268.712574][   T50]  writeback_sb_inodes+0x944/0x19a0
[  268.712611][   T50]  ? ret_from_fork_asm+0x1a/0x30
[  268.712661][   T50]  ? __lock_acquire+0x6b5/0x2cf0
[  268.712700][   T50]  ? __pfx_writeback_sb_inodes+0x10/0x10
[  268.712728][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  268.712799][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.712829][   T50]  ? rcu_is_watching+0x15/0xb0
[  268.712865][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.712904][   T50]  wb_writeback+0x456/0xb70
[  268.712938][   T50]  ? queue_io+0x1d1/0x4a0
[  268.712982][   T50]  ? __pfx_wb_writeback+0x10/0x10
[  268.713009][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  268.713054][   T50]  wb_workfn+0x414/0xf50
[  268.713096][   T50]  ? look_up_lock_class+0x57/0x110
[  268.713145][   T50]  ? __pfx_wb_workfn+0x10/0x10
[  268.713189][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713218][   T50]  ? do_raw_spin_lock+0x12b/0x2f0
[  268.713246][   T50]  ? __pfx_do_raw_spin_lock+0x10/0x10
[  268.713271][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713308][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713342][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713374][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713407][   T50]  ? process_scheduled_works+0xa25/0x1830
[  268.713440][   T50]  ? process_scheduled_works+0xa25/0x1830
[  268.713475][   T50]  process_scheduled_works+0xb02/0x1830
[  268.713542][   T50]  ? __pfx_process_scheduled_works+0x10/0x10
[  268.713583][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713612][   T50]  ? assign_work+0x3d5/0x5e0
[  268.713650][   T50]  worker_thread+0xa50/0xfc0
[  268.713687][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713734][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713775][   T50]  kthread+0x388/0x470
[  268.713800][   T50]  ? __pfx_worker_thread+0x10/0x10
[  268.713831][   T50]  ? __pfx_kthread+0x10/0x10
[  268.713857][   T50]  ret_from_fork+0x51e/0xb90
[  268.713895][   T50]  ? __pfx_ret_from_fork+0x10/0x10
[  268.713925][   T50]  ? srso_alias_return_thunk+0x5/0xfbef5
[  268.713960][   T50]  ? __switch_to+0xc7d/0x1450
[  268.713994][   T50]  ? __pfx_kthread+0x10/0x10
[  268.714020][   T50]  ret_from_fork_asm+0x1a/0x30
[  268.714078][   T50]  </TASK>
[  268.714088][   T50] F2FS-fs (loop3): Stopped filesystem due to reason: 3
[  269.152703][   T52] Bluetooth: hci1: hcon ffff888029fcc000 sent 1 < count 65533
[  269.210815][   T52] Bluetooth: hci1: hcon ffff888029fcc000 sent 0 < count 1058
[  269.391984][   T52] Bluetooth: hci1: hcon ffff88807a044000 sent 1 < count 15
[  271.217168][ T7800] fuseblk: Unknown parameter '
'
[  271.529517][ T7802] IPVS: length: 528 != 8
[  272.556993][ T7805] random: crng reseeded on system resumption
[  275.225374][ T7817] ntfs3(nullb0): Primary boot signature is not NTFS.
[  275.237647][ T7817] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  275.470752][ T7822] loop5: detected capacity change from 0 to 512
[  275.553628][ T7822] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  275.727919][ T7822] ext4 filesystem being mounted at /109/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  280.083750][   T30] kauditd_printk_skb: 30 callbacks suppressed
[  280.083773][   T30] audit: type=1326 audit(1771345709.143:307): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7836 comm="syz.3.469" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fedb5d9bf79 code=0x7fc00000
[  281.831780][   T52] Bluetooth: hci1: hcon ffff888029fcc000 sent 0 < count 65533
[  281.904321][   T52] Bluetooth: hci1: hcon ffff888029fcc000 sent 0 < count 1058
[  281.913810][   T52] Bluetooth: hci1: hcon ffff88807a044000 sent 0 < count 15
[  281.946840][ T5822] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  282.429700][ T7870] loop6: detected capacity change from 0 to 256
[  288.357051][ T7908] sch_fq: defrate 0 ignored.
[  289.328334][ T7917] loop2: detected capacity change from 0 to 512
[  289.463964][ T7917] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  289.476659][ T7917] ext4 filesystem being mounted at /100/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  291.359364][ T7944] loop3: detected capacity change from 0 to 256
[  291.432546][ T5940] usb 2-1: new high-speed USB device number 5 using dummy_hcd
[  291.619034][ T5940] usb 2-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  291.680406][ T5940] usb 2-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  291.730944][ T5940] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  291.744170][ T5940] usb 2-1: Product: syz
[  291.748325][ T5940] usb 2-1: Manufacturer: syz
[  291.780680][ T5940] usb 2-1: SerialNumber: syz
[  291.896977][ T5825] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  292.059110][ T5940] usblp 2-1:1.0: usblp0: USB Unidirectional printer dev 5 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  292.221198][ T5940] usb 2-1: USB disconnect, device number 5
[  292.428698][ T5940] usblp0: removed
[  295.332836][ T7969] 9pnet_virtio: no channels available for device syz
[  297.146154][ T7979] netlink: 12 bytes leftover after parsing attributes in process `syz.3.497'.
[  297.173806][ T7983] random: crng reseeded on system resumption
[  298.359396][ T7986] ntfs3(nullb0): Primary boot signature is not NTFS.
[  298.422060][ T7986] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  298.884431][ T8002] loop6: detected capacity change from 0 to 512
[  299.053276][ T8002] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  299.171046][ T8002] ext4 filesystem being mounted at /16/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  302.464218][ T8068] random: crng reseeded on system resumption
[  302.637909][ T8071] ntfs3(nullb0): Primary boot signature is not NTFS.
[  302.650258][ T8071] ntfs3(nullb0): try to read out of volume at offset 0x3e7ffffe00
[  303.122797][ T7142] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  303.781984][   T24] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  303.964353][   T24] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  304.016674][   T24] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.41
[  304.059989][   T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=11
[  304.090455][   T24] usb 8-1: Product: syz
[  304.111529][   T24] usb 8-1: Manufacturer: syz
[  304.128475][   T24] usb 8-1: SerialNumber: syz
[  304.386922][   T24] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 2 if 0 alt 0 proto 1 vid 0x0525 pid 0xA4A8
[  304.439098][ T8061] infiniband syz2: set down
[  304.455523][ T8061] infiniband syz2: added ipvlan0
[  304.499864][ T8061] workqueue: Failed to create a rescuer kthread for wq "ib_mad1": -EINTR
[  304.515679][ T8061] infiniband syz2: Couldn't open port 1
[  304.586561][ T5989] usb 8-1: USB disconnect, device number 2
[  304.641930][ T5989] usblp0: removed
[  304.785598][ T8061] RDS/IB: syz2: added
[  304.812378][ T8061] smc: adding ib device syz2 with port count 1
[  304.819273][ T8061] smc:    ib device syz2 port 1 has no pnetid
[  306.292512][ T8126] loop5: detected capacity change from 0 to 512
[  307.647869][ T8137] loop7: detected capacity change from 0 to 512
[  307.681325][ T8126] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  307.781446][ T8126] ext4 filesystem being mounted at /115/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  307.856039][ T8137] ------------[ cut here ]------------
[  307.861856][ T8137] EA inode 11 i_nlink=2
[  307.861876][ T8137] WARNING: fs/ext4/xattr.c:1059 at ext4_xattr_inode_update_ref+0x4c9/0x5a0, CPU#1: syz.7.536/8137
[  307.876697][ T8137] Modules linked in:
[  307.880804][ T8137] CPU: 1 UID: 0 PID: 8137 Comm: syz.7.536 Not tainted syzkaller #0 PREEMPT(full) 
[  307.890076][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  307.900311][ T8137] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[  307.907242][ T8137] Code: 74 08 4c 89 ef e8 9f 2b 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 ab dc 12 09 44 89
[  307.926948][ T8137] RSP: 0018:ffffc9000d69f240 EFLAGS: 00010246
[  307.933608][ T8137] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[  307.941887][ T8137] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff901819d0
[  307.949951][ T8137] RBP: ffffc9000d69f330 R08: ffff8880526c647f R09: 1ffff1100a4d8c8f
[  307.959463][ T8137] R10: dffffc0000000000 R11: ffffed100a4d8c90 R12: ffffffff901819d0
[  307.968397][ T8137] R13: 000000000000000b R14: 1ffff1100a4d8c5a R15: ffff8880526c62d0
[  307.976450][ T8137] FS:  00007f4fdf9f26c0(0000) GS:ffff88812556a000(0000) knlGS:0000000000000000
[  307.985647][ T8137] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  307.992350][ T8137] CR2: 00007fcb81417dac CR3: 000000004f664000 CR4: 0000000000350ef0
[  307.995852][ T8146] netlink: 24 bytes leftover after parsing attributes in process `syz.1.537'.
[  308.000317][ T8137] Call Trace:
[  308.012984][ T8137]  <TASK>
[  308.015928][ T8137]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  308.022348][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.027998][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.033778][ T8137]  ? __kmalloc_cache_noprof+0x31c/0x660
[  308.039350][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.046487][ T8137]  ? __ext4_journal_ensure_credits+0x30/0x450
[  308.053580][ T8137]  ext4_xattr_inode_dec_ref_all+0x8cb/0xe40
[  308.059504][ T8137]  ? __mark_inode_dirty+0xb66/0x1470
[  308.064878][ T8137]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[  308.071340][ T8137]  ? __ext4_journal_get_write_access+0x27f/0x590
[  308.077775][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.083513][ T8137]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[  308.090212][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.096498][ T8137]  ext4_xattr_delete_inode+0xb45/0xd10
[  308.102413][ T8137]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[  308.108511][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.114249][ T8137]  ext4_evict_inode+0xa63/0xeb0
[  308.119127][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.124881][ T8137]  ? __pfx_ext4_evict_inode+0x10/0x10
[  308.130276][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.136001][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.142747][ T8137]  ? do_raw_spin_unlock+0xf5/0x210
[  308.149302][ T8137]  ? __pfx_ext4_evict_inode+0x10/0x10
[  308.155641][ T8137]  evict+0x61e/0xb10
[  308.159566][ T8137]  ? __pfx_evict+0x10/0x10
[  308.164076][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.169725][ T8137]  ? _raw_spin_unlock+0x28/0x50
[  308.174666][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.180325][ T8137]  ? iput+0xb25/0xe80
[  308.184411][ T8137]  ext4_orphan_cleanup+0xc38/0x1470
[  308.189647][ T8137]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  308.195846][ T8137]  ? ext4_register_li_request+0x259/0x720
[  308.203656][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.209308][ T8137]  ? errseq_check_and_advance+0x66/0x120
[  308.215570][ T8137]  ext4_fill_super+0x59ff/0x6320
[  308.220553][ T8137]  ? __pfx_ext4_fill_super+0x10/0x10
[  308.226448][ T8137]  ? snprintf+0xe8/0x140
[  308.230724][ T8137]  ? __pfx_snprintf+0x10/0x10
[  308.235778][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.241521][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.247173][ T8137]  ? set_blocksize+0x1c9/0x440
[  308.253523][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.259173][ T8137]  ? sb_set_blocksize+0x155/0x240
[  308.265235][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.270943][ T8137]  ? setup_bdev_super+0x4c1/0x5b0
[  308.275992][ T8137]  get_tree_bdev_flags+0x431/0x4f0
[  308.281164][ T8137]  ? __pfx_ext4_fill_super+0x10/0x10
[  308.286465][ T8137]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  308.292238][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.297898][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.303636][ T8137]  vfs_get_tree+0x92/0x2a0
[  308.308073][ T8137]  do_new_mount+0x341/0xd30
[  308.312724][ T8137]  ? apparmor_capable+0x137/0x1a0
[  308.317777][ T8137]  ? __pfx_do_new_mount+0x10/0x10
[  308.322943][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.328595][ T8137]  ? ns_capable+0x89/0xe0
[  308.333026][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.338677][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.344390][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.350039][ T8137]  ? user_path_at+0xd4/0x160
[  308.356127][ T8137]  __se_sys_mount+0x31d/0x420
[  308.360834][ T8137]  ? __pfx___se_sys_mount+0x10/0x10
[  308.366987][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.372692][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.378341][ T8137]  ? __x64_sys_mount+0x20/0xc0
[  308.383198][ T8137]  do_syscall_64+0x14d/0xf80
[  308.387801][ T8137]  ? trace_irq_disable+0x3b/0x150
[  308.392877][ T8137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.398969][ T8137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  308.404913][ T8137] RIP: 0033:0x7f4fdeb9d20a
[  308.409349][ T8137] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  308.429437][ T8137] RSP: 002b:00007f4fdf9f1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  308.437909][ T8137] RAX: ffffffffffffffda RBX: 00007f4fdf9f1ee0 RCX: 00007f4fdeb9d20a
[  308.445977][ T8137] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007f4fdf9f1ea0
[  308.455379][ T8137] RBP: 00002000000009c0 R08: 00007f4fdf9f1ee0 R09: 0000000000000400
[  308.464333][ T8137] R10: 0000000000000400 R11: 0000000000000246 R12: 0000200000000540
[  308.472388][ T8137] R13: 00007f4fdf9f1ea0 R14: 000000000000048d R15: 0000200000000200
[  308.480391][ T8137]  </TASK>
[  308.483513][ T8137] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  308.490793][ T8137] CPU: 1 UID: 0 PID: 8137 Comm: syz.7.536 Not tainted syzkaller #0 PREEMPT(full) 
[  308.499985][ T8137] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  308.510030][ T8137] Call Trace:
[  308.513310][ T8137]  <TASK>
[  308.516226][ T8137]  vpanic+0x56c/0xa60
[  308.520221][ T8137]  ? __pfx__printk+0x10/0x10
[  308.524800][ T8137]  ? __pfx_vpanic+0x10/0x10
[  308.529300][ T8137]  ? is_bpf_text_address+0x292/0x2b0
[  308.534585][ T8137]  ? is_bpf_text_address+0x26/0x2b0
[  308.539796][ T8137]  panic+0xc5/0xd0
[  308.543518][ T8137]  ? __pfx_panic+0x10/0x10
[  308.547950][ T8137]  __warn+0x315/0x4f0
[  308.552002][ T8137]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[  308.557992][ T8137]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[  308.563988][ T8137]  __report_bug+0x29a/0x540
[  308.568922][ T8137]  ? ext4_get_group_desc+0x434/0x4e0
[  308.574221][ T8137]  ? ext4_xattr_inode_update_ref+0x4c9/0x5a0
[  308.580204][ T8137]  ? __pfx___report_bug+0x10/0x10
[  308.585235][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.590870][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.596508][ T8137]  ? set_normalized_timespec64+0xf0/0x1a0
[  308.602226][ T8137]  ? __ext4_journal_get_write_access+0x84/0x590
[  308.608473][ T8137]  report_bug_entry+0x19a/0x290
[  308.613321][ T8137]  ? ext4_xattr_inode_update_ref+0x511/0x5a0
[  308.619293][ T8137]  ? ext4_xattr_inode_update_ref+0x516/0x5a0
[  308.625269][ T8137]  handle_bug+0xca/0x200
[  308.629513][ T8137]  exc_invalid_op+0x1a/0x50
[  308.634022][ T8137]  asm_exc_invalid_op+0x1a/0x20
[  308.638902][ T8137] RIP: 0010:ext4_xattr_inode_update_ref+0x511/0x5a0
[  308.645493][ T8137] Code: 74 08 4c 89 ef e8 9f 2b 96 ff 4d 8b 6d 00 48 b8 00 00 00 00 00 fc ff df 41 0f b6 04 06 84 c0 75 77 41 8b 17 4c 89 e7 4c 89 ee <67> 48 0f b9 3a 4c 8b 6c 24 28 e9 59 fe ff ff e8 ab dc 12 09 44 89
[  308.665099][ T8137] RSP: 0018:ffffc9000d69f240 EFLAGS: 00010246
[  308.671252][ T8137] RAX: 0000000000000000 RBX: 00000000ffffffff RCX: dffffc0000000000
[  308.679213][ T8137] RDX: 0000000000000002 RSI: 000000000000000b RDI: ffffffff901819d0
[  308.687175][ T8137] RBP: ffffc9000d69f330 R08: ffff8880526c647f R09: 1ffff1100a4d8c8f
[  308.695225][ T8137] R10: dffffc0000000000 R11: ffffed100a4d8c90 R12: ffffffff901819d0
[  308.703191][ T8137] R13: 000000000000000b R14: 1ffff1100a4d8c5a R15: ffff8880526c62d0
[  308.711182][ T8137]  ? __pfx_ext4_xattr_inode_update_ref+0x10/0x10
[  308.717515][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.723150][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.728788][ T8137]  ? __kmalloc_cache_noprof+0x31c/0x660
[  308.734342][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.739979][ T8137]  ? __ext4_journal_ensure_credits+0x30/0x450
[  308.746047][ T8137]  ext4_xattr_inode_dec_ref_all+0x8cb/0xe40
[  308.751952][ T8137]  ? __mark_inode_dirty+0xb66/0x1470
[  308.757244][ T8137]  ? __pfx_ext4_xattr_inode_dec_ref_all+0x10/0x10
[  308.763659][ T8137]  ? __ext4_journal_get_write_access+0x27f/0x590
[  308.769993][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.775624][ T8137]  ? __pfx___ext4_journal_get_write_access+0x10/0x10
[  308.782388][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.788023][ T8137]  ext4_xattr_delete_inode+0xb45/0xd10
[  308.793503][ T8137]  ? __pfx_ext4_xattr_delete_inode+0x10/0x10
[  308.799490][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.805127][ T8137]  ext4_evict_inode+0xa63/0xeb0
[  308.809982][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.815623][ T8137]  ? __pfx_ext4_evict_inode+0x10/0x10
[  308.820993][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.826632][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.832258][ T8137]  ? do_raw_spin_unlock+0xf5/0x210
[  308.837365][ T8137]  ? __pfx_ext4_evict_inode+0x10/0x10
[  308.842744][ T8137]  evict+0x61e/0xb10
[  308.846647][ T8137]  ? __pfx_evict+0x10/0x10
[  308.851060][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.856699][ T8137]  ? _raw_spin_unlock+0x28/0x50
[  308.861544][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.867176][ T8137]  ? iput+0xb25/0xe80
[  308.871172][ T8137]  ext4_orphan_cleanup+0xc38/0x1470
[  308.876386][ T8137]  ? __pfx_ext4_orphan_cleanup+0x10/0x10
[  308.882023][ T8137]  ? ext4_register_li_request+0x259/0x720
[  308.887742][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.893479][ T8137]  ? errseq_check_and_advance+0x66/0x120
[  308.899129][ T8137]  ext4_fill_super+0x59ff/0x6320
[  308.904089][ T8137]  ? __pfx_ext4_fill_super+0x10/0x10
[  308.909367][ T8137]  ? snprintf+0xe8/0x140
[  308.913623][ T8137]  ? __pfx_snprintf+0x10/0x10
[  308.918306][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.923933][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.929567][ T8137]  ? set_blocksize+0x1c9/0x440
[  308.934335][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.939969][ T8137]  ? sb_set_blocksize+0x155/0x240
[  308.944998][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.950626][ T8137]  ? setup_bdev_super+0x4c1/0x5b0
[  308.955647][ T8137]  get_tree_bdev_flags+0x431/0x4f0
[  308.960759][ T8137]  ? __pfx_ext4_fill_super+0x10/0x10
[  308.966050][ T8137]  ? __pfx_get_tree_bdev_flags+0x10/0x10
[  308.971687][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.977325][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  308.982965][ T8137]  vfs_get_tree+0x92/0x2a0
[  308.987378][ T8137]  do_new_mount+0x341/0xd30
[  308.991883][ T8137]  ? apparmor_capable+0x137/0x1a0
[  308.996915][ T8137]  ? __pfx_do_new_mount+0x10/0x10
[  309.001950][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.007599][ T8137]  ? ns_capable+0x89/0xe0
[  309.011928][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.017562][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.023199][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.028827][ T8137]  ? user_path_at+0xd4/0x160
[  309.033424][ T8137]  __se_sys_mount+0x31d/0x420
[  309.038115][ T8137]  ? __pfx___se_sys_mount+0x10/0x10
[  309.043308][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.048946][ T8137]  ? srso_alias_return_thunk+0x5/0xfbef5
[  309.054583][ T8137]  ? __x64_sys_mount+0x20/0xc0
[  309.059349][ T8137]  do_syscall_64+0x14d/0xf80
[  309.064205][ T8137]  ? trace_irq_disable+0x3b/0x150
[  309.069231][ T8137]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.075302][ T8137]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  309.081189][ T8137] RIP: 0033:0x7f4fdeb9d20a
[  309.085607][ T8137] Code: 48 c7 c2 e8 ff ff ff f7 d8 64 89 02 b8 ff ff ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48
[  309.105212][ T8137] RSP: 002b:00007f4fdf9f1e58 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  309.113623][ T8137] RAX: ffffffffffffffda RBX: 00007f4fdf9f1ee0 RCX: 00007f4fdeb9d20a
[  309.121588][ T8137] RDX: 00002000000009c0 RSI: 0000200000000540 RDI: 00007f4fdf9f1ea0
[  309.129550][ T8137] RBP: 00002000000009c0 R08: 00007f4fdf9f1ee0 R09: 0000000000000400
[  309.137518][ T8137] R10: 0000000000000400 R11: 0000000000000246 R12: 0000200000000540
[  309.145480][ T8137] R13: 00007f4fdf9f1ea0 R14: 000000000000048d R15: 0000200000000200
[  309.153468][ T8137]  </TASK>
[  309.156559][ T8137] Kernel Offset: disabled
[  309.160979][ T8137] Rebooting in 86400 seconds..