last executing test programs:

5m37.49709621s ago: executing program 0 (id=40):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f0000000240)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r0}, 0x10)
r1 = socket$nl_audit(0x10, 0x3, 0x9)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$team(&(0x7f00000001c0), 0xffffffffffffffff)
ioctl$ifreq_SIOCGIFINDEX_team(r1, 0x8933, &(0x7f0000000140)={'team0\x00', <r4=>0x0})
sendmsg$TEAM_CMD_OPTIONS_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001540)=ANY=[@ANYBLOB='X\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="01002cbd7000ffdbdf250100000008000100", @ANYRES32=r4], 0x58}, 0x1, 0x0, 0x0, 0x400}, 0x2000c040)

5m37.03646367s ago: executing program 0 (id=44):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000840)=ANY=[@ANYBLOB="0a000000050000000300000004"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x7, 0x10001, 0x9, 0x1}, 0x48)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000000850000008600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f0000000cc0)={r2}, 0xc)

5m36.733708613s ago: executing program 0 (id=47):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r1, 0x65, 0x1, 0x0, 0x0)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000180)={'vxcan1\x00', <r2=>0x0})
setsockopt$CAN_RAW_ERR_FILTER(r1, 0x65, 0x2, &(0x7f0000000000)=0x80, 0x4)
bind$can_raw(r1, &(0x7f0000000200)={0x1d, r2}, 0x10)
sendmsg$nl_route_sched(r0, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000000c0)=@getchain={0x24, 0x11, 0x839, 0x70bd25, 0x0, {0x0, 0x0, 0x0, r2, {0x1}, {0xffff, 0xa}, {0x1}}}, 0x24}}, 0x80)

5m36.211137875s ago: executing program 0 (id=52):
syz_mount_image$vfat(&(0x7f0000000040), &(0x7f0000000080)='./file0\x00', 0x2048c5, &(0x7f0000000400)={[{@utf8no}, {@shortname_winnt}, {@rodir}, {@fat=@nfs_nostale_ro}, {@uni_xlate}, {@shortname_mixed}, {@fat=@sys_immutable}, {@fat=@dmask={'dmask', 0x3d, 0x100}}, {@fat=@showexec}, {@shortname_mixed}, {@fat=@usefree}, {@shortname_lower}]}, 0x0, 0x2ad, &(0x7f0000000840)="$eJzs3cFr024cx/HP2m3tOrb2MH7wE8QHveglbPUvKLKBWFDmKupByFyqpbEdTa10iNvNq3/H8OhJQf0HdvHmXbwMQfCyg1hZmrhsK7rNbZnr+wUlT5/n+SZP+iTlm0DT9dsvHlXLnlW2m0qkjRLSijak3GYpMBAsE355WFErujT67ePZm3fuXisUi9OzxswU5i7njTHj594+efry/Pvm6K1X429SWsvdW/+a/7T239r/6z/mwrXXJdvM1+tNe951zELFq1rG3HAd23NMpeY5jaaJtJfd+uJi29i1hbHMYsPxPGPX2qbqtE2zbpqNtrEf2JWasSzLjGXUb5L7jiitzs7ahSMZDOIw0quy0SjYyZ6NpdXjGBQAADhZ/Pw/LemY8/+HFc9UPFOrb8vvd+f/Ce0j/5f6Ov/fP/L/frCZ/2eC83c78n8AAAAAAAAAAAAAAAAAAAAAAP4FG51OttPpZMNl+EpJSksK38c9ThwN5r+/RX64l5bc561Sq9RddtsLZVXkytHkkPTdPx4C3fLM1eL0pPHl9M5dDuKXW6WkUmF8KNc7fqobb6LxyxpSJrr9vLKa6B2f7xHfKg3r4oVOKtiyI0tZfbivulwt+Mf1VvyzKWOuXC/uiB/x+wEAAAAAcBpY5pdd1+9+u2XCx4bsaO9Wbt0fUPYP9wd2XF8P6sxgfPsNAAAAAEA/8dpLA7brOg2vvVQ95YXw/w8OZYX+Rxfr7qSjNSu/6TwoKah5fVLmYi+FhKSDhif/bpa/SNpWMxH7dB9G4fPj7hmwl85xfisBAAAAOAph0j8Q90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOhje314WNj/IM8ei2wuGc9eAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACfDzwAAAP//jKwVzw==")
r0 = syz_open_procfs(0x0, &(0x7f0000000540)='mounts\x00')
mount$tmpfs(0x0, &(0x7f0000000000)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000500)='./file0\x00', &(0x7f0000000180)='./file0\x00', 0x0, 0x1333404, 0x0)
mount$bind(&(0x7f0000000300)='./file0\x00', &(0x7f0000000100)='./file0\x00', 0x0, 0x11080, 0x0)
mount$bind(&(0x7f0000000240)='.\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x1005848, 0x0)
read$FUSE(r0, &(0x7f0000002880)={0x2020}, 0x2020)

5m35.841829231s ago: executing program 0 (id=55):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket(0xa, 0x3, 0x3a)
setsockopt$MRT6_DEL_MIF(r2, 0x29, 0xc8, 0x0, 0xc000000)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local})
write$tun(r0, &(0x7f00000006c0)=ANY=[@ANYBLOB="fff586dd000411001400006000006eec00be00442f0100000000000000000000ffff7f000001ff86"], 0x7a)

5m35.386105111s ago: executing program 0 (id=59):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
unshare(0x8040480)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYRESHEX=0x0], 0x27)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='mode='])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))

5m35.071764914s ago: executing program 32 (id=59):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
unshare(0x8040480)
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
write$cgroup_subtree(0xffffffffffffffff, &(0x7f0000000100)=ANY=[@ANYRESHEX=0x0], 0x27)
mount$tmpfs(0x0, 0x0, 0x0, 0x0, &(0x7f0000000100)=ANY=[@ANYBLOB='mode='])
mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devpts\x00', 0x0, &(0x7f0000000100))

4m39.946147884s ago: executing program 3 (id=419):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f00000001c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x56)
listen(r1, 0x0)
connect$unix(r0, &(0x7f0000000140)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
r2 = socket$nl_sock_diag(0x10, 0x3, 0x4)
sendmsg$TCPDIAG_GETSOCK(r2, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000001340)={&(0x7f00000002c0)=ANY=[@ANYBLOB="4c0000001400012025bd7000fddbdf25011f08104e244e220300"], 0x4c}, 0x1, 0x0, 0x0, 0x404c0dc}, 0x8080)

4m39.82529307s ago: executing program 3 (id=422):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x1, 0xf}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x28}}}]}, 0x38}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000a80)=@newtfilter={0x488, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, r3, {0x0, 0x7}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_basic={{0xa}, {0x450, 0x2, [@TCA_BASIC_POLICE={0x44c, 0x4, [@TCA_POLICE_TBF={0x3c, 0x1, {0x3, 0x8, 0x9, 0x8, 0x0, {0x9, 0x2, 0x2, 0x7, 0x8000, 0x2}, {0x8, 0x2, 0x7, 0xf0, 0x1}, 0x0, 0x3, 0xfffffff9}}, @TCA_POLICE_RATE={0x404, 0x2, [0x4, 0x8, 0x3, 0x9, 0x4, 0x4, 0x4, 0x2, 0x0, 0x7, 0x16a, 0x6, 0x4, 0x5, 0x7fffffff, 0x6, 0x7b1, 0xb5, 0x3, 0x5, 0x0, 0x1, 0x7, 0x3, 0xe, 0xfff, 0x19, 0x3, 0xf8a3, 0xff, 0x3, 0x8, 0x2c1, 0x8, 0x6, 0xb, 0x639, 0x7, 0x3ff, 0x200, 0x8, 0xe, 0x3, 0xd65, 0x4, 0x2c, 0xb, 0xc10, 0xfb, 0x2, 0xc, 0xff, 0xffff, 0x4, 0x7ff, 0x3, 0x1, 0x8, 0x2, 0xc, 0x3ff, 0xfff, 0xef, 0x662, 0xfff, 0x0, 0x8, 0x1, 0x7ff, 0x77, 0xd0dc, 0x1, 0x10, 0x3, 0x7, 0x2, 0x5, 0x80000000, 0x0, 0xfffffffb, 0x80000000, 0x57d, 0x5, 0x8, 0x1, 0x8, 0x4, 0x6, 0x1, 0x6, 0x3, 0x0, 0xae, 0x7, 0x8001, 0xe, 0xfffffffe, 0x7, 0x3, 0x8, 0x1, 0x8, 0x7fffffff, 0x6, 0x10001, 0x3, 0x10000, 0x0, 0x8, 0x846, 0x1ff, 0x9, 0x3ff, 0xfffffffa, 0x5, 0x400, 0xaa9, 0x81, 0x8001, 0x3, 0x2c18, 0x8, 0x9, 0x9, 0x0, 0x600, 0x4, 0x80000001, 0x800, 0x100, 0x7, 0x2, 0x32, 0x6, 0x7, 0x2, 0x7, 0x8, 0x4, 0x2, 0x40000000, 0x7f, 0x7, 0x4, 0x7, 0x2, 0x5, 0x5d41, 0x1, 0x4, 0x0, 0xb, 0x7, 0x200, 0x10001, 0x9, 0x401, 0x6, 0x1, 0x3, 0x8, 0x8, 0x8, 0x9, 0x0, 0x9, 0x4, 0xc, 0x800, 0x6, 0x8, 0x32e, 0x5, 0x5, 0x2, 0x40, 0x52, 0xfff, 0x6, 0x2, 0x0, 0x7, 0x9, 0x2, 0x1, 0x9, 0x0, 0x80000001, 0x8, 0x0, 0x1, 0x9, 0x1, 0x1576, 0x8001, 0x7, 0x5, 0x1, 0xcdd6, 0x0, 0x74, 0x8000, 0x80000001, 0x6, 0x5b, 0x7, 0x5, 0xccb9, 0x9b, 0xffff8bf5, 0x7, 0x0, 0x8001, 0x9, 0x5, 0x0, 0x4, 0x8, 0x29, 0x665, 0x8, 0x9, 0x7, 0x6, 0x5c, 0x80, 0xffffffff, 0x4, 0xa000, 0x3, 0x7e8, 0x86f070e5, 0x401, 0x6, 0x4, 0x10, 0x2, 0x3, 0x6, 0x5, 0x5, 0x5, 0x1000, 0xd0, 0x5, 0x10, 0x1e70, 0x4, 0xdbc, 0x1, 0x80000000, 0x8000, 0xff, 0x4, 0xcca, 0x827]}, @TCA_POLICE_AVRATE={0x8, 0x4, 0x6}]}]}}, @TCA_RATE={0x6, 0x5, {0x0, 0x1}}]}, 0x488}, 0x1, 0x0, 0x0, 0x2000c0c1}, 0x800)

4m39.640667628s ago: executing program 3 (id=423):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="0900000004000000dd0000000a"], 0x50)
close(0x3)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x3, 0x890e, 0x1000, 0xffffffffffffffff, 0xfffffffd}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000001"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000940)='percpu_alloc_percpu\x00', r1}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0xd, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x61, 0x14, 0x74}, [@ldst={0x4}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @sock_ops}, 0x48)

4m39.475291694s ago: executing program 3 (id=424):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f00000001c0)='./file0\x00', 0x0, &(0x7f0000000380)={[{@fault_injection={'fault_injection', 0x3d, 0x40ef}}, {}, {@discard_unit_section}, {@alloc_mode_reuse}, {@checkpoint_diasble}, {@background_gc_on}, {@extent_cache}, {@four_active_logs}, {@grpjquota={'grpjquota', 0x3d, '\x00'}}, {@block_mode}, {@two_active_logs}, {@heap}, {@acl}, {@noinline_dentry}]}, 0x1, 0x550f, &(0x7f0000002bc0)="$eJzs3E1vG1UXAODjpGn69faNEAt2HalCSqTaivNRwS5AKz5EqqjAghU4tmO5tT1R7DghKxYsEQv+CQKJFUt+AwvW7BALEDskkGcm0FAQlXBskj6PND5zr6/PnGtVlc5M5ACeWgvJzz+W4npcjojZiLgWkZ2XiiOzkYfnIuJGRMw8cpSK+d8nLkbElYi4Pkqe5ywVb316a3hz/Yc3fvrqm/kLVz/78tvp7RqYtucjorubnx9085i28vigmK8N21nsrg2LmL/RfViM0zweNLezDAe143W1LK628vXp7n5/FHc6tfootto72fxuL79gf9g6zpN94EFtLxs3mttZbPfTLLaO8roOj/L/2476gzxPo8j3QZY+BoPjmM83D5v5fnYfZrHeGxTzed600TwcxWERi8tFPe00sjq2/803/d/2Zru3f5gMm3v9dtpL1ivVFyrV2+XqXtpoDppr5Vq3cXstWWx1RsvKg2atu9FK01anWamn3aVksVWvl6vVZPFOc7td6yXVamW1slxeXyrObiWv3nsn6TSSxVF8ud3bH7Q7/WQn3UvyTywlK5XVF5eSm9Xkrc2tZOv+3bubW2+/d+fdey9tvv5KseixspLFleWVlXJ1ubxSXXp8T/Pndf8fFUX/w/5hYkrTLgDg7NH/A9Nwev3/3v2I0+//Q/8/Fmeq/33C/t/+YUL0/wAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAT63v5j5/LTtZyMdXi/n/FVPPFONSRMxExK9/YTYunsg5W+SZ+5v1c3+q4etSZBlG15gvjisRsVEcv/z/tL8FAAAAOL+++PDGJ3m3nr8sTLsgJim/aTNz7f0x5StFxNzC92PKNjN6eXZMybJ/3xficEzZshtYl8aUbD675XZhTNmezOyJcOmRUMrDzETLAQAAJuJkJzDZLgQAAIBJ+njaBTAdpTh+lHn8LDj7y/s/HghePjECAAAAzqDStAsAAAAATl3W//v9PwAAADjf8t//AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAfmPnbnKWBuI4AP9b3r7gVyTGvVdxB8fwCC5dGg7gJTiAC7yCF+AMuPMIBgydEUG6MOm0jeZ5kjJMW37MELqYmWQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgSN+a3frLxzef+uYcT/2U6Q0AAADQ5dDs1u2bZao/y+df5FOvcr2KiDoiusbus3i8yZzlnOb3/Z+v72/+aMPXiDbh/B3zfDyNiLf5+PFy6F8BAAAA/l/7zXaVRuvpZTl1gxhTmrSpn78rlFdFRLP8XiitPue9LhTW/r8f4kOhtHYCa1EoLE25PZRK+yvt436ZtVtcFVUq6s6PXRpZrO8AAMCIZjfFuKMQAAAAxvR+6gYwjSp+LWVelgLnqcjLe09uagAAAMA/qJq6AQAAAMDg2vH/SPv/nez/BwAAANNI+/8BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwpEOzW+8321XfnOPp3mO+1nHpTv+eAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA/2Z93FAiBMAiDves7k7n/YaVBY0OTKhA+/sZgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHjzu7/8n5gaZ5K518bS80iydmpsnRp758bRH8bXrwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBif15SIASCIArmjP+d9P0PKwl6BhEioOFRRS0aAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvuh3v/yfmBpnkrnTxtLxSLJ21di6auw9aBw9GG//BgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBi535e46jiAIB/Z2Zna6pijJJDRBQ86MWm29ram3hQggf/BCGk2xq79Uebgy1FzMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnstM24PprZpt8PvDmfXcY5n3fBEK+814WAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2fnsaZ8VhcRKn1blb969tFP3th/rCjZ07K0Ur4qTNpB8PLzY/JMvdJQIAAMDhkdX1fUTczXfXij5dLOv/vL6mqPm/fXoS1/X8w3V/3de1f9F++fne83sDLU7GKW56bnM0PP5oKr3/b5bz7Zm/vKJXPvny3UsWC5FG+t72c+O8fJ7J1zdvvtMvwyNtZAsA/BPH6r4K6r+Hin7QZWIAHBq9RuFd1//ZYrc5AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALRhvB1P1nESESu9aVy4ff/axn79jZ07K3U7ff36Tnw5vWdxizwizm2Ohsdbnc18u3zl6oX10Wh4qf3gpYjoavS3qulf+GCGiyM6eT6C/yhIqx/2vOTzeAQd/lICAOBAyqtW1PV389214lyyFPHHdw/W/6824pix/r/34elbzbGa9f+gtRnOv9Wti5+uXr5y9fXNi+vnh+eHH79xYvDm4OSZU6fOrJbvSla9MQEAAODf6VetWf+nS4+u/x9txDFj/f/ZN4MvmmNl6v99TRf9us4EAADgcHv25d9/S/Y5n/T78fn61talweS49/nE5NhBqn/bkao16/9sqeusAAAAgDaMt5MH1v/PNuKYcf3/qe9f+LF5zywiFqr1/2Mbn4zOtjedudbGvxN3PUcAAAC6tVC15vp/Xu7/T/e2PKQR8dork7j6GsCZ6v/s3a9+aI7V3P9/sr0pzqV0efI8yn45orfcdUYAAAAcZE9UrSj2f8131z766ej7ffv/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANr2ZwAAAP//uCM2tw==")
syz_genetlink_get_family_id$ethtool(0x0, 0xffffffffffffffff)
setxattr$system_posix_acl(&(0x7f0000002a00)='.\x00', &(0x7f0000002a40)='system.posix_acl_default\x00', &(0x7f0000000100), 0x24, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000000180)='./file0\x00', 0x2000000, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000809, 0x0, 0x1, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000480)='./file1\x00', 0x1c0)
mount$overlay(0x0, &(0x7f0000000400)='./bus\x00', &(0x7f0000000b80), 0x200008, &(0x7f0000000380)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file1'}}, {@upperdir={'upperdir', 0x3d, './file0'}}]})

4m37.48148349s ago: executing program 3 (id=441):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000100)={0xa, 0x0, 0x7, @ipv4={'\x00', '\xff\xff', @local}, 0x1}, 0x1c)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000400)=0x1, 0x4)
recvfrom(r0, 0x0, 0x0, 0x40000002, 0x0, 0x0)
syz_genetlink_get_family_id$ethtool(&(0x7f0000000200), r0)
setsockopt$sock_int(r0, 0x1, 0x12, &(0x7f00000000c0)=0x8, 0x4)

4m35.833925451s ago: executing program 3 (id=456):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_writepages_result\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000180)={r1}, 0x5)
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m35.16650648s ago: executing program 33 (id=456):
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00'}, 0x94)
r1 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000002c0)='ext4_writepages_result\x00', r0}, 0x10)
r2 = bpf$ITER_CREATE(0xb, &(0x7f0000000180)={r1}, 0x5)
close(r2)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f000000850000002300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x1f, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a8"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1f, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000440)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

4m24.893165181s ago: executing program 1 (id=516):
openat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x42, 0x0)
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
setxattr$incfs_id(&(0x7f00000001c0)='./file1\x00', &(0x7f00000002c0), 0x0, 0x0, 0x0)

4m22.098365532s ago: executing program 1 (id=535):
socket$nl_xfrm(0x10, 0x3, 0x6)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000005"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000ac03000000000000850000003300000095"], &(0x7f0000000780)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000005c0)={r1, r3, 0x25, 0x0, @val=@kprobe_multi=@syms={0x1, 0x0, 0x0, 0x0, 0x8000000000000001}}, 0x30)
syz_emit_ethernet(0x4a, &(0x7f00000002c0)={@local, @empty, @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x14, 0x6, 0x0, @remote, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x5, 0x2}}}}}}}, 0x0)

4m21.987704257s ago: executing program 1 (id=536):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/syz1\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
openat$cgroup_ro(r0, &(0x7f0000000380)='memory.stat\x00', 0x275a, 0x0)
r1 = syz_io_uring_setup(0x9e, &(0x7f0000000640)={0x0, 0x5867, 0x800, 0xfffffffb, 0x1be}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000001c0)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f00000002c0)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x4007, @fd_index=0x4, 0x0, &(0x7f0000000100)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r1, 0x100847c0, 0x0, 0x1, 0x0, 0x0)

4m21.637963222s ago: executing program 1 (id=538):
syz_mount_image$msdos(&(0x7f0000000200), &(0x7f0000000000)='./file2\x00', 0x200080, &(0x7f00000002c0)=ANY=[@ANYBLOB='nodots,dmask=00000000000000000000003,usefree,nodots,flush,dots,dots,gid=', @ANYRESHEX=0x0, @ANYBLOB], 0x1, 0x214, &(0x7f0000000840)="$eJzs3D1rW1cYB/AjWa6tlhZPhXbpoV3a5bb10qVDS3GhVNCSRCEv0zWWEyFFAl8NksmgOVM+RwhkCWQL+QL+DFmymYDx5Ck3OJKs2NixE0dy4vx+ix6e/z1X5+jARVy9bP5+91ZjNUtW004ozRdC8Y/QDzuFsBCKYaQffnpwZfvOxavX/v2zUlm6MDvsx/jVd4+v377//ZPOF5cf7nYKIYStxWcbX298s/ni0s16FutZbLU7MY3L7XYnXW7W4ko9ayQx/t+spVkt1ltZbW1fvtpsj5861LIspq1ebNR6sdOOnbVeTG+k9VZMkiTOB06lem8nz8NWnuf5XD/kef62JyhMZl5Myyn3n4/c3kU97l5Nn/e71W518DjI//6nsvRLfGVhPGq7263O7OW/DvK4P58Nnw/zxUPzz8KPPwzy3eyv/yoH8nJYmfzyAQAAAADgXErinkPv7yfJUfmgeu3zgQP370vh29K4MzP5pQAAAABHyHrrjbS5Mrs2KJq1Myvmwv7Ob4+GUzxu+M9Pjz9mQsWXwyK843nKIYSjjymGM9+U6RSj75EPO6PfF5xseOl9TaP8gbwao2I+HBaVw3pjbjqbAgAAnC/jN/0nHlKc6IQAAAAAAAAAAAAAAAAAAADgEzSNPzM76zUCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALzJywAAAP//ixdW4w==")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='freezer.parent_freezing\x00', 0x275a, 0x0)
sendfile(r0, r0, 0x0, 0x3d)
r1 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r1)
ptrace$setregs(0xf, r1, 0x1fffffffffe, &(0x7f0000000280))
fchmod(r0, 0x20049549e2a2d659)

4m21.253974068s ago: executing program 1 (id=541):
socket$inet6(0xa, 0x80002, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r0, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ff6000/0x4000)=nil, 0x4000, &(0x7f0000000080)='\x00')

4m20.76165666s ago: executing program 1 (id=543):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
sendfile(r0, r0, 0x0, 0x1000000201005)

4m19.589700939s ago: executing program 34 (id=543):
mkdir(&(0x7f0000000400)='./file0\x00', 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000300)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000440)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000003c0)='./bus\x00')
r0 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
sendfile(r0, r0, 0x0, 0x1000000201005)

3m40.406084404s ago: executing program 5 (id=795):
syz_open_procfs(0x0, &(0x7f0000000040)='net/rt_cache\x00')
r0 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x1)
fchdir(r1)
openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x121440, 0x0)
execve(&(0x7f0000000040)='./file0/file0\x00', 0x0, 0x0)

3m40.103720438s ago: executing program 5 (id=798):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000100), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x304}, "0000000400", "6abc00000000000000000000001000", "f0630400", "c14ec98dcd2ad89f"}, 0x28)
sendto$inet6(r0, &(0x7f0000000140)="b9", 0x1, 0x8000, 0x0, 0x0)
syz_emit_ethernet(0x33e, 0x0, 0x0)
sendto$inet6(r0, &(0x7f0000000240)="c6", 0x1, 0xc0, 0x0, 0x0)

3m39.950961874s ago: executing program 5 (id=799):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="070000000400000008000000a5"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x8, &(0x7f0000000740)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000030000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='sched_switch\x00', r1}, 0x18)
syz_mount_image$ext4(&(0x7f00000000c0)='ext4\x00', &(0x7f00000007c0)='./file0\x00', 0x0, &(0x7f0000000a00)={[{@init_itable_val={'init_itable', 0x3d, 0x1}}, {@errors_remount}, {@resgid}, {@barrier}, {@bsdgroups}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x2000}}]}, 0x1, 0x783, &(0x7f0000001340)="$eJzs3M9rXOUaAOD3nGaa/si9kwt3ce+mCi20UDpJmk27Mm7ETaFQcFtDMgkhJ5mSmdQkFpq6E4TabFQE0b1Lt0Kpf4A7KSi4F0RrXKibkTOZTNt0Zjptk04bnwdO5vvOfN9533dm8uUcyJkA/rFezX8kEUMRcTEiis39aUQcbLQORaxvjdu8d20q35Ko1y/9kuTTYrNebB0raT4ejcaU+F9E3ClEnH7v0bjV1bX5ySwrLzX7I7WFKyPV1bUzcwuTs+XZ8uLY+PnRc+Pj50bHd63WE2+dP3zr2zc2Nr77qnbz2MCZJCYadUeztl0L9ICt16QQEzv2L+5FsD5Kehgz8BzyAACgu/w8/0Dz3KwQxTjQ7SzNCRwAAAC8lOqD9V792fNIAAAA4AWTRL8zAAAAAPbW9v8BbN/bu1f3wXby8+sRMdwu/kDjHuKIQ1GIiCObyUO3HyRb0+CZrN+IiNsTbT5/vdzR3N3o/ebh3Tkiu+12vv5MtFt/0tb6E23Wn4Ht7054Rp3Xv/vxD3RY/y72GOPrz/5f6Bj/RnXl/WPt4iet+EmH+G/3GP/mxge3Oj1X/yLiZNu/P8lDsbp8P8TIzFzW7lerle6dv07d7Vx/xJFH4idJI2rSvf4rPdb/7uZv8+td4p863v3934o/+NC8/DPxYTOPNCJuNR/z/saOGMcXvv/m0cjJ+nb86Q6vf/v3/81W/Z/3WP+PXw6u9DgUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGtKIGIokLbXaaVoqRRyNiP/GkTSrVGunZyrLi9P5cxHDUUhn5rLyaEQUt/pJ3h9rtO/3z+7oj0fEf344vBV0LiuXpirZdL+LBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoOVoRAxFkpYiIo2I34tpWir1OysAAABg1w33OwEAAABgz7n+BwAAgP3vaa//k13OAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANjXLl64kG/1zXvXpvL+9NXV5fnK1TPT5ep8aWF5qjRVWbpSmq1UZrNyaaqy8LjjpRExdj6WV0Zq5WptpLq6dnmhsrxYuzy3MDlbvlwuPJeqAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeFJDjS1JSxGRNtppWipF/CsihqOQzMxl5dGI+HdE3C0WBvP+WL+TBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYNdVV9fmJ7OsvPRyN+r7q5yeG5FEvABpdGh80nxXuo1J1iP6nmraTPRZjhPxJLOuP+Zl6XfjlT6tRwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9Fd1dW1+MsvKS9V+ZwIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEB/pT8lEZFvJ4snhnY+ezD5o9h4jIh3Pr300cpkrbY0lu//tbW/9nFz/9kHJl5/njUAAADAvvfakwzevk7fvo4HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADoVXV1bX4yy8pLe9iIG/2uEgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAeBp/BwAA//9Js7nR")
r2 = openat(0xffffffffffffff9c, &(0x7f0000000440)='./file1\x00', 0x42, 0x0)
write$P9_RREADLINK(r2, &(0x7f0000000000)={0xffffffffffffff23, 0x17, 0x2, {0x7, './file0'}}, 0xfffffdab)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
fadvise64(r2, 0x7f, 0x0, 0x4)

3m39.244743534s ago: executing program 5 (id=803):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000500)=ANY=[@ANYBLOB="05000000040000000400000005"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0xd, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="180000000000000000000000000000008500000022000000180100002020702500000000002020207b0af8ff00000000bfa100000000000007"], 0x0, 0x0, 0x0, 0x0, 0x40e00, 0x10, '\x00', 0x0, @sock_ops=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
close(0x3)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="0b00000008000000080000000600000001"], 0x50)
bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080), &(0x7f0000000140), 0x5, r1}, 0x38)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="180200009b1aecb60000000000000000850000007500000095"], 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x14, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10)

3m38.953208667s ago: executing program 5 (id=808):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x2b38094, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = open(&(0x7f0000000000)='.\x00', 0x0, 0x14)
mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0)
mount$afs(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f00000002c0), 0x0, &(0x7f0000000580)=ANY=[@ANYBLOB='dyn'])
ioctl$AUTOFS_IOC_PROTOSUBVER(r0, 0x40049366, 0x0)

3m38.699178808s ago: executing program 5 (id=811):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x7, '\x00', 0x0, 0x0}, 0x50)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbfc, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x9, 0x1, 0x4}}]}, 0x40}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0)

3m23.593796797s ago: executing program 35 (id=811):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000100)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x7, '\x00', 0x0, 0x0}, 0x50)
r0 = socket(0x10, 0x803, 0x0)
r1 = socket(0x1, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000400)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbfc, {0xa, 0x40, 0x0, 0x0, r2}, [@IFA_LOCAL={0x14, 0x2, @ipv4}, @IFA_CACHEINFO={0x14, 0x6, {0x1, 0x9, 0x1, 0x4}}]}, 0x40}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000280)=0x14)
sendmsg$nl_route(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)=@ipv6_newaddr={0x2c, 0x14, 0x9535393fea6295b5, 0x0, 0x0, {0xa, 0x0, 0x0, 0x0, r4}, [@IFA_LOCAL={0x14, 0x2, @ipv4}]}, 0x2c}}, 0x0)

56.06920683s ago: executing program 2 (id=2101):
r0 = fsopen(&(0x7f0000000180)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x0)
fchdir(r1)
r2 = openat$dir(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x40000, 0x0)
fcntl$notify(r2, 0x402, 0x40000008)
r3 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x836d9fb164f927b3)
io_setup(0x3, &(0x7f0000000600)=<r4=>0x0)
io_submit(r4, 0x1, &(0x7f0000000000)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x7, 0x0, r3, 0x0, 0x0, 0x0, 0x0, 0x2}])

55.888062798s ago: executing program 2 (id=2104):
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60)
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000380)=[@text16={0x10, 0x0}], 0x1, 0x42, 0x0, 0x0)
syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0)
ioctl$KVM_RUN(r2, 0xae80, 0x0)
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000040)={[0x4, 0x2, 0x80, 0x5, 0x0, 0x7f, 0x4232, 0x3, 0x81, 0x9c1, 0x8001, 0x5, 0x7, 0x4db6, 0x0, 0x20000], 0xdddd1000, 0xa0301})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

54.9088933s ago: executing program 2 (id=2114):
r0 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r0, &(0x7f0000000140)={0x11, 0x0, <r1=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x28a)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000000c0)=ANY=[@ANYBLOB="400000001000390400"/20, @ANYRES32=r1, @ANYBLOB="01980000000000002000128008000100677265001400028008000100", @ANYRES32=r1], 0x40}, 0x1, 0x0, 0x0, 0x4014}, 0x0)
r3 = socket(0x10, 0x3, 0x0)
getsockname$packet(r0, &(0x7f0000000100)={0x11, 0x0, <r4=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000280)=@newqdisc={0x2c, 0x24, 0x5820a61ca228659, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0xffff, 0xffff}, {0x0, 0x7}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x800)
sendmsg$nl_route_sched(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000700)=@newtfilter={0x34, 0x28, 0xd27, 0x1003ffd, 0x0, {0x0, 0x0, 0x0, r4, {0xffe0, 0x9}, {0x0, 0x9}, {0xa, 0xb}}, [@filter_kind_options=@f_fw={{0x7}, {0x8, 0x2, [@TCA_FW_POLICE={0x4}]}}]}, 0x34}, 0x1, 0x0, 0x0, 0x810}, 0x200008c4)

54.475106869s ago: executing program 2 (id=2117):
r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f0000000100), 0x2)
r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\xdenJ\xeb\x87\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38\x14\xcb\xfa\xb3j\x92\f\xe0\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf0\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12\x00\x00\x00\x00\x00\x00\x00\x00\x00', 0x2)
ftruncate(r1, 0xffff)
fcntl$addseals(r1, 0x409, 0x7)
r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000140)={r1, 0x1, 0x0, 0x4000})
mmap(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x3000007, 0x11, r2, 0x0)
r3 = syz_open_procfs(0x0, &(0x7f0000000240)='clear_refs\x00')
writev(r3, &(0x7f0000000100)=[{&(0x7f00000000c0)='4', 0x1}], 0x1)
syz_io_uring_setup(0x2b0a, &(0x7f0000000040)={0x0, 0x4, 0x1, 0x3}, &(0x7f0000019200), &(0x7f0000ffe000))

54.174054862s ago: executing program 2 (id=2121):
mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, r0)
setpgid(0x0, r0)
openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x381000, 0x120)

53.97950984s ago: executing program 2 (id=2122):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x16, 0x0)
chdir(&(0x7f00000004c0)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x1a0)
r1 = fanotify_init(0x2, 0x2)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x836d9fb164f927b3)
io_setup(0x3, &(0x7f0000000600)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000000)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x7, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x2}])

38.903961987s ago: executing program 36 (id=2122):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
mount(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='hugetlbfs\x00', 0x16, 0x0)
chdir(&(0x7f00000004c0)='./file0\x00')
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x140, 0x1a0)
r1 = fanotify_init(0x2, 0x2)
fanotify_mark(r1, 0x105, 0x40001032, r0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x836d9fb164f927b3)
io_setup(0x3, &(0x7f0000000600)=<r3=>0x0)
io_submit(r3, 0x1, &(0x7f0000000000)=[&(0x7f0000000080)={0x0, 0x0, 0x10, 0x7, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x2}])

38.856175869s ago: executing program 6 (id=2209):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
syz_mount_image$ext4(&(0x7f0000000540)='ext4\x00', &(0x7f00000001c0)='./file1\x00', 0x88, &(0x7f00000009c0)={[{@nogrpid}, {@auto_da_alloc}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x68}}, {@errors_continue}, {@lazytime}, {@quota}]}, 0x3, 0x438, &(0x7f0000000580)="$eJzs289rHFUcAPDv7GZT01+Jpf5oWjVaxeCPpElr7cGLouBBQdBDPcYkLbHbRpoItgSNIvUoBe/iUfAv8KQXUU8Fr3oXoUgurZ5WZncm2d1sfnaTrd3PByb5vpm3vPfNzNt9My8bQNcaSn8kEfsj4veI6K8VGysM1X7dXlqY/GdpYTKJSuXtv5NqvVtLC5N51fx1+/JCT0Th8ySOtmh37srVCxPl8vTlrDw6f/GD0bkrV5+fuThxfvr89KXxM2dOnRx78fT4C23JM83r1uDHs8eOvP7u9Tcnz15/75fvkjz/pjzaZGi9g09VKm1urrMO1MVJTwc7wpYUa8M0StXx3x/FWDl5/fHaZx3tHLCjKpVK5cG1Dy9WgHtYEp3uAdAZ+Qd9ev+bb7s09bgr3Hy5dgOU5n0722pHeqKQ1Sk13d+201BEnF389+t0i515DgEA0OCHdP7zXKv5XyHqnwsdzNZQBiLi/og4FBGnI+JwRDwQUa37UEQ8vMX2mxdJVs9/Dm4rr81K538vZWtbjfO/fPYXA8WsdKCafyk5N1OePpH1bDhKe9Ly2Dpt/Pjqb1+2PJA1kc//0i1tP58LZpX+6tnT+LKpifmJO8m53s1PIwZ7WuWfLK8EJBFxJCIGt9nGzDPfHlvr2NCG+a+jDetMlW8inq6d/8Voyj+XrL8+OXpflKdPjOZXxWq/3rj21lrt31H+bZCe/70tr//l/AeS+vXaua23ce2PL9a8p9k4/9bXf2/yTsO+jybm5y+PRfQmb9Q6Xb9/vKne+Er9NP/h463H/6FY+UscjYj0In4kIh6NiMeyvj8eEU9ExPHVqd3ozYKfX3ny/WpQ2k7+OyvNf2pL538l6I3mPa2D4oWfvm9odGAr+afn/1Q1Gs72bOb9bzP92t7VDAAAAP8/hYjYH0lhZDkuFEZGav/Dfzj2Fsqzc/PPnpv98NJU7TsCA1Eq5E+6+uueh45lt/V5ebypfDJ7bvxVsa9aHpmcLU91OnnocvvWGP+pP4ud7h2w43xfC7qX8Q/dy/iH7mX8Q/dqMf77OtEPYPe1+vz/pAP9AHZf0/i37AddxP0/dC/jH7qX8Q9daa4vNv6SvECwKojCXdENwQ4FnX5nAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAaI//AgAA//9Lr+a0")
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.avg_queue_size\x00', 0x275a, 0x0)
write$binfmt_script(r1, &(0x7f0000000000), 0x208e24b)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9)

38.14070669s ago: executing program 6 (id=2211):
socket$inet_udp(0x2, 0x2, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmsg$inet(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000000c0)='1', 0x1}], 0x1}, 0x1)
setsockopt$sock_attach_bpf(r0, 0x1, 0x10, &(0x7f0000000100), 0x4)
setsockopt$sock_attach_bpf(r0, 0x1, 0xa, &(0x7f0000000180), 0x4)
r2 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r3=>0x0, &(0x7f00000001c0)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000600)=[{&(0x7f0000001800)=""/216, 0xd8}], 0x1})
io_uring_enter(r2, 0x847ba, 0x0, 0xe, 0x0, 0x0)

37.085246606s ago: executing program 6 (id=2213):
socket$nl_route(0x10, 0x3, 0x0)
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
sched_setscheduler(0x0, 0x2, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r0=>0xffffffffffffffff})
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
write$tcp_mem(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x2c, 0x0, 0x2c, 0x0, 0x2c}, 0x48)
syz_emit_vhci(&(0x7f0000000040)=@HCI_EVENT_PKT={0x4, @HCI_EV_VENDOR={{0xff, 0x12}, "0255f0685072808a5752ae23758066ae0700"}}, 0x15)

36.098095738s ago: executing program 6 (id=2221):
mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0])
mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400))
chdir(&(0x7f0000000080)='./file1\x00')
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
setpgid(r0, 0x0)
setpgid(0x0, r0)
mount$9p_fd(0x0, &(0x7f00000001c0)='./file1\x00', 0x0, 0x10000, 0x0)
unlinkat$binderfs_device(0xffffffffffffff9c, &(0x7f0000000300)='./binderfs/binder1\x00')

35.753332193s ago: executing program 6 (id=2224):
ioctl$SIOCGETSGCNT_IN6(0xffffffffffffffff, 0x89e1, 0x0)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
setns(r1, 0x24020000)
r2 = syz_clone(0xb21e0000, 0x0, 0x0, 0x0, 0x0, 0x0)
socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = syz_pidfd_open(r2, 0x0)
setns(r3, 0x24020000)
mount(0x0, &(0x7f0000000140)='.\x00', 0x0, 0x13219a6, 0x0)

35.417646007s ago: executing program 6 (id=2227):
r0 = syz_io_uring_setup(0x49b, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_setup(0x10a, &(0x7f0000000680)={0x0, 0x80334c, 0x10, 0x3, 0x3d3}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000300))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x181100, 0x23456})
io_uring_enter(r0, 0x80627, 0xc1040000, 0x0, 0x0, 0x0)

35.029791744s ago: executing program 37 (id=2227):
r0 = syz_io_uring_setup(0x49b, &(0x7f0000000400)={0x0, 0x79af, 0x3180, 0x8000, 0x40024e}, &(0x7f0000000340)=<r1=>0x0, &(0x7f0000000280)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000000)=0xffb, 0x0, 0x4)
syz_io_uring_setup(0x10a, &(0x7f0000000680)={0x0, 0x80334c, 0x10, 0x3, 0x3d3}, &(0x7f0000000200)=<r3=>0x0, &(0x7f0000000300))
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='cpuset.memory_pressure_enabled\x00', 0x275a, 0x0)
syz_io_uring_submit(0x0, 0x0, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x1, 0x7})
write$UHID_CREATE2(r4, &(0x7f00000001c0)=ANY=[@ANYBLOB="06"], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1, 0x12, r4, 0x0)
syz_io_uring_submit(r3, r2, &(0x7f0000000000)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, 0x0, 0x60, 0x181100, 0x23456})
io_uring_enter(r0, 0x80627, 0xc1040000, 0x0, 0x0, 0x0)

5.125718209s ago: executing program 9 (id=2370):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(r1)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a4c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc080003400000001408000c4000000e45400000000c0a010100000000000000000a0000060900020073797a31000000000900010073797a310000000014000380100000800c00018006000100d103000014000000110001"], 0xb4}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000002c0)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWSETELEM={0x48, 0xc, 0xa, 0x101, 0x0, 0x0, {0xa, 0x0, 0x6}, [@NFTA_SET_ELEM_LIST_SET={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_ELEM_LIST_ELEMENTS={0x1c, 0x3, 0x0, 0x1, [{0x18, 0x0, 0x0, 0x1, [@NFTA_SET_ELEM_KEY={0xc, 0x1, 0x0, 0x1, [@NFTA_DATA_VALUE={0x6, 0x1, "d103"}]}, @NFTA_SET_ELEM_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f00000001c0)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a480000001e0a010100000000000000000a0000060900020073797a31000000000900010073797a31"], 0x70}, 0x1, 0x0, 0x0, 0x4451099e661a63b1}, 0x0)

4.905697759s ago: executing program 9 (id=2373):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = dup(r0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000001600000095"], 0x0, 0x401, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000023c0)={0x0, 0x4, &(0x7f0000000480)=ANY=[@ANYBLOB="18020000000000000000"], 0x0}, 0x94)
r3 = bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000080)='kfree\x00', r3}, 0x10)
connect$inet6(r1, &(0x7f0000000000)={0xa, 0x0, 0x0, @local, 0x7}, 0x1c)
setsockopt$IPT_SO_SET_REPLACE(r1, 0x4000000000000, 0x4, 0x0, 0x0)

3.984361418s ago: executing program 8 (id=2380):
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000680)=@newtfilter={0x43c, 0x2c, 0xd27, 0x70bd25, 0x8000, {0x0, 0x0, 0x0, 0x0, {0x0, 0x7}, {}, {0xffff, 0x8}}, [@filter_kind_options=@f_flow={{0x9}, {0x40c, 0x2, [@TCA_FLOW_POLICE={0x408, 0xa, 0x0, 0x1, [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x81, 0xffffffff, 0xda, 0x3, 0x0, 0x2a, 0x100, 0x73d, 0x3509, 0x3, 0x10000, 0x7, 0x1000, 0x8, 0x3, 0x3, 0x882e, 0x8, 0x6, 0x4, 0x9, 0xfffffffb, 0x2, 0x6, 0x80000000, 0x400, 0x9, 0xffff, 0x7a, 0x5, 0x7, 0x7fff, 0xffffff40, 0x9, 0x6, 0x8, 0x2, 0x57, 0x0, 0x4, 0x7fff, 0x9, 0xfffffffb, 0x2, 0xcf9f, 0x0, 0x1, 0x8, 0x1, 0x5, 0xfffffff9, 0x20d5, 0x80000001, 0x6, 0x4, 0x9, 0x8, 0xfffffffd, 0x5, 0x7, 0xc, 0x8, 0x4, 0x3, 0xfffffffe, 0x7, 0x3, 0x800, 0x1, 0x4, 0x2, 0x1, 0x1, 0x801e, 0x7, 0x1, 0x0, 0x8, 0x5, 0x8001, 0x4, 0x1, 0xfff, 0x9, 0x3, 0x7ff, 0xd0, 0x8, 0x0, 0x3, 0x1, 0x9, 0xe, 0x7fff, 0xfffffff8, 0x4, 0x0, 0xb1, 0x3, 0xffffff44, 0x1, 0x8, 0x200, 0x6, 0x556, 0x1, 0x2c, 0x5, 0x80000001, 0x1, 0x0, 0xffffff00, 0x3, 0x2, 0x7, 0x9, 0x1c00, 0x5, 0xa2, 0x3, 0x8, 0x0, 0x5, 0x8001, 0xbfffffff, 0x7, 0x80, 0x7, 0x0, 0x743, 0x5, 0x3, 0x7, 0x200, 0xd06, 0x0, 0x8, 0x3, 0x100, 0x2, 0x8, 0x1, 0x1, 0x8, 0xe, 0x5, 0x6, 0x4, 0x7ff, 0xfe, 0xfffffffe, 0x7, 0xf80, 0x7, 0x5a, 0x2302, 0xffff, 0x3ff, 0x2, 0x5, 0x1, 0x6, 0x3, 0x401, 0x10001, 0x512d, 0x1, 0xe, 0x8, 0xa3c0, 0x4, 0x8000, 0x10001, 0x15a, 0x6, 0x120000, 0x6b2, 0x7fffffff, 0x7, 0x9, 0x80000004, 0x5, 0x7e9, 0x48, 0x9, 0x3, 0x0, 0x5, 0x6, 0xf, 0xff, 0xd, 0x6, 0x9, 0x0, 0x200, 0x9, 0xff, 0x4, 0x7, 0x7, 0x8, 0x80000000, 0x56, 0x4a82, 0xffff0000, 0x7ff, 0x3e1, 0x6, 0x80000000, 0x4c0, 0x2, 0xa, 0x6, 0x2, 0x6, 0x8, 0x8000048, 0x1a, 0x2000000, 0x1ff, 0x844, 0x6, 0x3ff, 0x2, 0x100, 0x6, 0xffffffff, 0x200, 0xc26, 0x4, 0x5, 0x1, 0x7fff, 0xf, 0x401, 0x401, 0x4, 0x7, 0x3565, 0x2, 0x4, 0xebf, 0x9, 0x1000, 0x1, 0x71f, 0x2, 0x7, 0x6e8, 0x8, 0x0, 0x80000000, 0x1, 0x9, 0x2]}]}]}}]}, 0x43c}, 0x1, 0x0, 0x0, 0x1}, 0x800)
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000740)=ANY=[@ANYBLOB="7000000010000304000080000000000000007400", @ANYRES32=r2, @ANYBLOB="0000000003120100500012800b000100627269646765000040000280080005000100000006002700000000000800010015000800050025000000000008000400000000000c002e"], 0x70}, 0x1, 0x0, 0x0, 0x800}, 0x40)
r3 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r4=>0x0})
r5 = socket(0x10, 0x80002, 0x0)
sendmsg$nl_route(r5, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000940)=@bridge_setlink={0x44, 0x13, 0xa29, 0x0, 0x0, {0x7, 0x0, 0x0, r4}, [@IFLA_AF_SPEC={0x1c, 0x1a, 0x0, 0x1, [@AF_INET={0x8, 0x2, 0x0, 0x1, {0x4, 0x5, 0x0, 0x0, [{0x8, 0x0, 0x0, 0x0, 0x123e}, {0x8, 0x6}, {0x8}]}}]}]}, 0x44}}, 0x0)

3.983503119s ago: executing program 9 (id=2381):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x18, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000faff0000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000083850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10)
r1 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)=<r2=>0x0)
timer_settime(r2, 0x1, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
futex(&(0x7f000000cffc)=0x1, 0x86, 0x2, 0x0, 0x0, 0xfffffffc)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x9)
unshare(0xc000400)

3.763355378s ago: executing program 8 (id=2383):
write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000000000)={0xa, {"a2e39b214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324d078b089b3b0838681a0890e0878f0e1ac6e7049b3d6d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b343b0d076c0936cd3b78130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0d9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c30900004288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef7becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda930b000000cbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe505003d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6ae4effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d71eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d471c8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949d9a92587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15aa82000000000000a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000", 0x1000}}, 0x1006)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000080)={0xffffffffffffffff, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6000000000000000, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000000000000000fc000000000000000100000000000000ac1e000100000000000000000000000000000000000000000a0060"], 0xb8}}, 0x0)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000000)=ANY=[@ANYBLOB="b80000001300e9990000020000000000fc0000000000000000"], 0xb8}, 0x1, 0x0, 0x0, 0x80c0}, 0x0)
syz_usb_connect(0x0, 0x24, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0xb1, 0xbd, 0x2f, 0x8, 0x47d, 0x5003, 0x2f8c, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xa0, 0x58, 0xb7}}]}}]}}, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=@updpolicy={0xb8, 0x13, 0xcb23c9c9931e99e9, 0x1, 0x0, {{@in6=@private0, @in=@initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa, 0x30, 0x0, 0x0, 0x0, 0xee01}, {0x0, 0x0, 0x9}, {}, 0x0, 0x0, 0x0, 0x1}}, 0xb8}}, 0x4000)

3.72487238s ago: executing program 4 (id=2384):
mount(0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f0000001040)='./file2\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
syz_mount_image$fuse(0x0, &(0x7f00000001c0)='./file0\x00', 0x1208000, 0x0, 0x4, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000000), 0x0, &(0x7f00000000c0)={[{@workdir={'workdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@upperdir={'upperdir', 0x3d, './file2'}}], [], 0x2c})
r0 = openat$dir(0xffffffffffffff9c, &(0x7f0000000340)='./file0\x00', 0x0, 0x28)
syz_mount_image$fuse(0x0, &(0x7f0000000580)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f00000002c0)='kfree\x00', r1}, 0x10)
renameat2(r0, &(0x7f0000000380)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', r0, &(0x7f0000000040)='./file1\x00', 0x0)

3.560800707s ago: executing program 4 (id=2385):
socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000080))
r0 = socket$packet(0x11, 0x2, 0x300)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000800)=ANY=[@ANYBLOB="0b00000008000000010001000900000001"], 0x50)
bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r1, &(0x7f0000000080), &(0x7f0000000200)=""/166}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f0000000540)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xa000000}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r0, 0x1, 0x32, &(0x7f0000000180)=r2, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000001c40)=@newtaction={0x14, 0x30, 0x1, 0x2, 0x25dfdbfc}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x2000000)

3.49259078s ago: executing program 4 (id=2386):
syz_mount_image$nilfs2(&(0x7f0000000100), &(0x7f0000000000)='./file0\x00', 0x10, &(0x7f0000000280)=ANY=[@ANYRES16=0x0], 0x3, 0xf0f, &(0x7f0000001e40)="$eJzs3U1sHNUdAPA3a6+dxE68BgoGSkihFYGCHZJUTW9BoB4Rl95BIaERhtKGHoj4CD0gKiGKhDhVHKi4UCqlSK0EqlShnmhP/bj1hHqhVZVKQT20SImrOO/Z62dPdz1Zz379ftLfz2/e7Pz/47WseePdtwEYW43Vr0ePLhQhvPXRmw+98Hjx6yvbbl/b48Dq1yL2WiGEZlu/yI73adxw6eLzJ7Zqi3B49Wvqh4cvrD12JoRwLhwIH4dWeH9p+fP33n7w4Aev7Lrx9bNPvrhDp78mPw8AABhF5/+w/Ne7//77e+e/OL//eJhe256uz1uxPxOv+w/FC+V0vdwIG/tFW7SbyvabiNHI9pvI9pvM8kyW5Gtmx2mW7DfVId9E27atzhMAAACGUZrXtkLRWNzQbzQWF6/O+6/4dG6qWHz69PKpM30qFAAAAKjs3y+tvuhWCCGEEEIIIYQQIxwrc/2+AwEAAACMm/b1wnZttcO53q7UtXa01ub8W+1/4YHG1o+HHuj0+9fr3/9Bzf+flZWVfubv9/mX5X/3ZX9xAACoblSvJtN5pevotI5Bvo7gRPa47V7/N7LjTG6zzrJ1BYdlvcGyOvOf66Aqq3+7z2O/lNWfr4c5qMrqz9fpHFRl9U/XXEdVZfVvee91AJXVv7vmOqoqq39PzXVUVVb/TM11VFVW/2zNdVRVVv/emuuoqqz+fTXXUVVZ/cPystqy+ls111FVWf3zNddRVVn913X38H/0spYqyuq/vuY6qiqr/4aa6+iX22Kbfg77s/H2+XM+pxuWOR4AAACMu/9a/08IIYQQQgghhBj5eKnfNyAAAACAvkvvC0jvel+J0vhEh/HJDuPNDuNTHcanO4wDAAAAIfzm1VM3v1Gsv8//WtfDS+tGpfWXtruOUb4e4XbzX+u6Z9eaf1jWLQMAAGC8FN/++PI9D73z7PwX5/cfb5v9Xo7z3bQO6GS8N/Bh7KfXBcxm/SLNoY9vzNMo2S+/P7C37HiPXOOJAgAAwBhL8/dWKBqLbfPuVmg0FhfX5+MLoVmcOr188lDsp89n+WSuOX1l+/1dZRuWTyUDAACA0bI+3996/p8+x3chTBWLT59ePnXman92bXuz0X5fYG59e9F+X6CVbT9csv1I7KfP7/zu3O7V7Ysnvrf8eK9PHgAAAMbEmefOPvnY8vLJH/jGN+P5zZ7BKGPQvun3XyYAAKDXPvvszeYPj8z+9ur7/9fXv0vv/z8Q+624tt8f4w7pdQLpfQCb3q//6MY8c2X7PbNxv1a230SM6azuXW3HCW3rDabHzZfla208zlRJvpks32yWL1+nYDLbP+Xbl23P3wGR9pvLtufrME5mOYos/x0BAAAAyi09+9QzS2eeO3vf6acee+LkEyefPnL42LeOHTt0/zfvX1p9Xf9S+6v7AQAAgGG0/qLfflcCAAAAAAAAAAAAAAAAAAAA46uOjxPr9zkCAADAuPvXSyGEc0KIkrj6EZj9r0MIIYYuTvv72d9IH5bc7zpEvTExADX0P6YG43e/sT7p6nstYieiOYTP78pK/knzAAAAADvr0sXnT7S3m5wreppv7Witq83lmDe1s/f9Zf5KpN0uPLDxfsmeEMKfV1ZWeloUY6vu33/5hyv/uy/3Nn/612D3f/8aGw9wvFreu5Z+vtCe/5bJLvPn5/9ItfwHs/x3he7yr7yT5X80xH+0bc/dWf49XebfdP7PbDv1qnti/oXYP3hnt/k3Pv/TsU3nsbvL/F/Pzv/x0G3+7PxbXSbM3BvzA8A4avS7gB2SrhLSdfRM7KfzjZebm67ctnv938iOM3nNlW88broOuin20/XSbJY32W79M9nx9q4PNbdTZ25YXlVSVn+vnsedVlZ/V0/eACirf6rmOqoqq3+65jqqKqt/V811VFVWf7fz0H4rq39PzXVUVVb/TM11VFVW/2zNdVRVVv/emuuoqqz+fTXXUVVZ/XM111FVWf0Vb6vVrqz++ZrrqKqs/utqrqOqsvqvr7mOqsrqv6HmOvrl1tiWzYfT/HMujqV+K+tPb/GzHNV7CwAAADBs/hnX//vEGjFCCCGEEEIIIUQv4/vf6H8Na+Gd6+NtZ9/NDMCg8vd/vHn+x5vnf7x5/vl/0mv4i6yfTHQYn+ww3uwwPpWN57+v0x3Gr8+OuxKl8Rs6jH+pw/i+DuM3dRhf6DB+c4fxWzqM39phHAAAgPFwY2zNDwEAAGB0vfCLD1/71V2PXpz/4vz+42Fq07rzh2J/Ov5v/dXYz9e9T5rxf/4/iv2fxfZ3sf1btr/XnwAAAMDOS58T4///AAAAMLrS55Sa/wMAAMDomo+t+T8AAACMrutia/4PAAAAI6zYtfXm2Kb7AnfEttt1/QCAwffl2N4W2/2xvT22X4ltug64M7Zfrak+AKB3fvqdHx97o1hf7/9INn4pbk/tJueu3ikoGhtX8t8d2z2x/VqX9eSfB9Bt/mRfl3l2Kv/cNeYHAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEZHY/Xr0aMLRQhvffTmQz+Zeu1PV7bdvrbHgdWvRey1QgjNtcel0fX+L+OOly4+f6K9vRzbIhwORSjWtoeHL6xlmgkhnAsHwsehFd5fWv78vbcfPPjBK7tufP3sky/u4I9gw/kBAADAKPpfAAAA//8a8iDT")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'netdevsim0\x00', <r1=>0x0})
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0x1, 0x7, 0x2261, 0x2, 0x0, 0xffffffffffffffff, 0x0, '\x00', r1}, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r2, &(0x7f0000000000), &(0x7f0000000080)=@udp}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f0000000d80)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000d00), &(0x7f0000000d40)='%+9llu \x00'}, 0x20)
bpf$MAP_DELETE_ELEM(0x3, &(0x7f0000000040)={r2}, 0x20)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000009c0)={{r3, <r4=>0xffffffffffffffff}, &(0x7f00000008c0), &(0x7f0000000980)='%pB    \x00'}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000a40)={r4, &(0x7f0000000dc0), 0x0}, 0x20)

3.117830286s ago: executing program 4 (id=2388):
mknod(&(0x7f00000048c0)='./file0\x00', 0x0, 0xffffffff)
r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0])
read$FUSE(r0, &(0x7f00000021c0)={0x2020, 0x0, <r1=>0x0}, 0x2020)
write$FUSE_INIT(r0, &(0x7f0000000240)={0x50, 0x0, r1, {0x7, 0x1f}}, 0x50)
syz_fuse_handle_req(r0, &(0x7f0000008380)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008df76a250000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea21056000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000004000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000131a5d9400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000300000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001354c4b600", 0x2000, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f00000001c0)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
r2 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x101001, 0x0)
syz_fuse_handle_req(r0, &(0x7f0000004900)="fac4e7c21565f79b73d8d7dcc36944c7d36505ed55b2c535ba5bc78cc94f55e518d13a9f4dd794ecf1b09fe12f2893933931db285710f8c78793ddf30ff7dd86293ab0177f8aa062d6fe9529d65fab047ca34c6840b505eee9082e8ccf311bfb84ee46c0d0dd466ba326c6410b06b48ffc309ddd9fcdd816ded9830e41f8cce8d3bc31a817f29e3ecdd0329aadc8b022c55c70eff8905b9bf223ea44cbb290ffe098bb78fcc9e39f16f4f0e8d60e440abc192d530e146bdb59e9e522668bebec672a965ee7bdb300ab4314235dc0e62e94e398742cfeee3b92ce29e1a62fd8375d95ef502ebc1f04959d83a15ee9496198f0b3440b80cb9950324c9d4dfa69381c5c0920e307ab1528efe02739c2a49fc4cf09ff76c165d5005234b8f9378c74040d212eed9e7485cdd758bf4d34c2cf52b278eb3114b13b43214814ba2e2a357c028c737892d0e8ab1f1d009a00ad0dcdb9ffd0f4fa0b03d3b006fd66e8faa4fd44b64dcb92cbb5e9da64165ef01602538708e5dad3c0986a2b03d4d4276c9268af76d300b01ceef84e2a501e2c3d04e31875d1e81270409516d4272d73e9899c5a939c03be73352b61cf32ea1f6cc2d31847703843cd2e54de294b1c957ae618dddd7fdb018908dd7be379fb3db575b0859d9f2a190d8f7abc8400bbcfc866c8f8454102a5b0c215f140cb17677556241e33443aacb35073752aa65f450b2d03750ebbc07ed809f97b5a55a4f11b920cc9bf0a1db7fce63718f85c3326120c8b774ec22ff9c1b7e9114c0b931b6805fa672b53a6a617881fd73dc1b79fbeade0120e08c7abbba9bed82e9700bbf779328ce0a73f7e60459ecfc3f0daf26da8d1b57c1536ec967fdcab8cca66aab0ce0a02320c0090c78511b1672d65b3d62ed38e2655bc6ebfb2480a0c33fc68bba5c444d8cde3f977a382d6413947fcb25e3e9330f45b8874463e2a3fab87d877652de9c2d35208ad5d3e59ee9e63061af0b119d8174e7eaf71551b1f3551d0247717b5bb7d4db41767e2608a2472c7258932e22eb591c957da5fad5732c86cf18ec338e83ed25e41a2e500360c7ea86755efe0962f0d1d4cc945645e01b5a34fc74630c91cd02c5932f2df9ec1e090dd83bda328a7c8d1b8a8294c3c551c1954a7f024eb7ac01e35538612f2f23a6c52c59beab75910c5abad25a3789baa0001569e93561a8992450bdb0a757b916af413d63badc4aeeb9489357ff7fdb27e913278dbb5f2d69bc196d110638601f31fb4db2b301faa7516955d6971b562288328e14c7957696eaa03d3911ec661279e37a850b7515fb4e122c39fd6dc3af40980173e6324ee678b47f74428a593827d75aae3368e661dbe9738a2704d8f7a086e77b9ffb3eb0e16199c58eff45dbe628d268e88bb2d69a310b60db0a850afcb08a2a7b316c70209ecf034d484a6b1f68de857d4ebfd45936c04b532202bea6b3a6d3751cf73db4ca0a76faf7a972f8a68a523b0a51d593436aed65999fe96058e085b4352c0d5603365ae4cf724e5801da03665ee2071e04b45c6de0a59afc376e3ce2ef206c3161f235049d7e0b52e04ccac4f1699629b3f8736601a6dadfd00dd9545cb7cabd1cba12ddb2a23c58b1da9c69ee4ec9853aaa81e1cf7a169f91a1c077fd6c5c2fd366c9a2a285420d5633bf0544003251768db01281f8259a0d0c489f7f7cfc0fa7ff2878fb0cea89ddb3593539a1184e667f3840e8e5043508777dcef371e2ea3cf489fcfd60066a8dcfc9d0fbc21aac05f24a88ceb5c186326d1fe5b6cb4a40d25e6f847f7a4030d0a9cd29b0f9e3b49471730df5c5d1e172376ab2a27f3aaa3d1c5f354952745db1c54464e9f4d224ca1bcc7a4004bbba7a21d60a1fd5a35c1179738fbcb61241f38703610d51b18afc0e0bce11564167344568875374c6114c64b7cd25cb3c005b2577afe3c0f528d5c838152fe7b307d743596c91f43f3958e1f25f741aa4b30baa4063d0d9c3453fa18de83f744786c7b4294415e0222ecd9bd9a115663f32e9505d3618f9c716f23d9e536d429557774f7910aded24931f373507dba89766d760b714da6e264492ffee985422e60da15b7ea862935d21bb878560b0f8270f82cb3a8fc99ac35c30038b95532fe848f8a2876f5782acbad93f1426fee13fa4f0b778950bb2096c7d1c5bdd481ecae83254800f78a762983418c3fd673deda93c206ad399144b141db743640e3102fb453d553f939ad643ce9faabbb01bfad49cd30a61cce67fd46782447e14c7b2d2dc1df244cd7d72404a0f5b54187c75aa45b9b2a73727de0ce187b7e9cfd471efb73e9a84971185cf335cb33fce92e06992398e53be779782a436579bef6d7b0d93915e758fde3fd67b9a964d5a8ddc5950cb2a78262d0e36d329f9ba56b06266a126334c56852b290937423bc178a575a442046a8a4406e88b829d36bea6786774b0c513dc951b330eb5dd914a907b97e83db55cf73c2897dc3d6944dac797b8b1434327fc15caa6b309b62e1aa52d4e8ca7a7db6f99e423489951961f147b3cb14956e801f7b1a15b959546ea229898ab9b99c9a080f5d9176c59ace26b72e620b9ff6e558bfe7808a7b430c414ab90cb0f1e4101be46dc360928797171922d41bcc8c12d17375222c706b3f864f8937ca947b33eb13216b1cd1d4119fa6de7e1a07c652671d20b1930ccf14c443223a4fb93848969465feaffc703347a5d5a9b68339e3951d3b8fc17c6045201af7e84a7026bc741592bd47768a793abe5009eb9427dfcfc4e4a9b9ae71f8582b0cd9c28c6270d5bbdf0f1415c722384808cc8fdaea65eb97d5fda8dd2014163598411c51495fd9fea5ae48c9e0d158217335c0181db4d196af623b5de7ebb1a0a71090e896c11b33cccd4515d1370b00ca48df5b855b8942cf35a8da12d4eb68b52ad786e2146383c54a13a3de979d03039e42a440c6d0db2a1509ccd1aa5097af5b15b49b90928d82e7b944d0750ac6d9433526e65d3ae79201b4a20175aa12692e4ba41c4733673a47e8ea44ed2b34d3ae80ca8b05aa159662f75ba748ef793aa184c8405796185ffb25ca4cb324f4f77610a3b372f5fad04ef85ab771f2f5efa3d95ca0074b9363b3b4095dacc04d48b9c86ebdfd94981a33b2fdb712409462aca416079a5daf92fd24374b6f3f76277fc36bd6d38832ae14db4711b0503fe12b647516d1df64c11962219c17ecc60fd25704a94742d6655e57ac9f89ae1db77fe8679b7f84b403e101d70352f1d80bba74c4aefe14cec35f4168d2e9c2625a0e692504299cf8ca875e7b45fd3c71df003628c3ac6616b3b1a8edb7879e5781877a9873b3885958edec9d1a7d24cc22c49047335dec3cf9b2821c267ac8dfaea3bdb3dde0fc7d1c1c96ce04f3bd5ddd7ec3ba253cc34e7df4a03d58e716b5bf8d681c65931407a60c28922aceff1edb45417bae99167d99e97669d68efddd00a867f5b3ce5763be30e07ff2cf8b15c90a6f656f717bc1b590231f48e3fc4a85124d43a1a811b6043604870e56b81f127db36a686eb77d612609f44b0fb262b17739fbb36c67ed305e114b7b595626e897af9d59acee1af38295c366bc32e3af59427dc11d5cd594add4e226d947ff26a2140f476a43695ebc8f73cf5b7efeb2ce46d63484b9f3ded774088a0a31cb2eeae9538bf0c071f572657f905b33d4b3fb5280879cab0bc5fc7a89be10a9118c419f974c454a37bb934bd488cb1ecbdcb2ac26094f90b8093fc75454317b92278eff430f6622cbb2c4f6a8a2ef5c7388b504a6cf89bf889990977fd4f5ea1a530131a8e2356e3f1db0d9f93d7a65af79f1fadc0b40279965522d47dfe154d62036ce4e53eeb6e96473d3e2f59ce1f54414af8bada3d9b6089e7a670c7418d0f906ddd8494bbea718fb91acd0fdd0f2c19746f4c1ff87167987f056a86f03aad8c11aec6ea967383c29b9c8bc6d4f46c9c2f44fa5a43f52cda78cf36f270a7a9c77c7007a55b6770847aa8cf4676ea9abcbb91ca9a41ad56682f3dae20ed1a67d75391caabdb66808b91e86b9db4a13f7935fff256b54818a589402967c2242a70afffbc7ca73116a1ca81a126d2d609174a93b16d1fa4d18bd6a4e277aa42a8551765b241d1e54174ba7993d1694d5a191b3036cab5eed5311403ba6de613b73beddc753359f7339417e4f07724c6ba1ce99a55c6b8ec72c0a4df4776146877309382d3af87c204ce86f54c2a7c1027adee9ab2e4f6bd205fb41d7d6b2fabf7308ced5c870f156aaa9dbd24f232ad85d6123426c5e5264b4418ebc7acf1cac380212f48dd87c2000f0f0c7e4a54c04523fb7cebbc50c26691ca8ab9748831851392864c02166f5e2f0c7d5d76b71908de9ba69a88b0bbaad0dcfb9e3ad8680275e35218a60227bfb6f773fea9570831db671ec8912abe6c6190499e0100232aba631b9ab148547041f1bfabec860d19ce987c019249f07bf3effcff35a6c5402a584f0a55a3a580aa8303aa9a67856f8cc27abdfde11fd2b8c5432a46fe2c3c08ae53ff42d1c545fb890d097d9b31437c53f6563fe416570b4cb3d5fb084d9ad4165e6eaa6a24a5b77dfd6c0962d233a2030427dcab08660143dc3853d3ae8907a21f812501b1e96fca4e4c73226827477ae9e5e87f88be74228afc7393d7ed98f090577db9d70158e3acc36e07f959d32de1e34b471e2732e38d0a9397c6d3a218d0abd71af71993cff9e47793dc72d00c5d5079ad76e935c58d349f03c6a976ac204b4663324b63fba9fb7b4a048186d53f72012779b02ecc61faeed40494538a2df95f14be70f80e2c1072f56ccf59ff5d75dea6652ef90138b22c943fd4863e90216cf9ba84e69cbf43661031720bbc22e94bf2fa1dbfe8313487b4cf6cb31e9d26995471ab64a120e0eef82d95620890aaa48afa7acf4ba274dba1b5a1e37c1062fd70fab8218ceddaa8d10154e567c7cb8e5f4bb07c6c6065164c0b374b17c555f9c1ec8d108ae7ada1913db7a447e8ea3713d6e2fd6384ac3286d9941523e01d3fefb32cd65922f2113a5de4c7334657106a2c97a6282b22d7d67f39fd6601916b0d5bdcbe382fa786a3cf74b24cdbb5a2843b56ddb14d5514139b1cffcd68d45f9f082186e2ea8f774c899cbbaac2e6207cbe86645fb346fd360d94a2b61e0cf9d33778cf3b3aac5fbf29288fc065ea5a218b404b82c79098b48a8051d03b6f8c4df4843b665eaf6935ad0e703cd928d228a48b51d23afa1bde22b7655dd4d8fb73b2b10533d6da9b9fe6aac3d1e73e5157c0e33bae4f31f10212d7f87d9341e3090b3c7c8ef79efae8bb744a5f8db2bcedeceea81e8c23716e113bbd24722d6f33dfe6438006fadc9bab9809c5c5b3371994a55263a52e9bcdcd3665f8472bbc0c59d27c0a7d023763ca55f80b7a20014636be698a2f1e0a5ed5320b1591e0c1350fe41593942495ba1a214cf18dee3c73635d208a60737b253cc716d1cdf0c7546dab111bfdc0777c4ae297e9a35153e84d7c5411df5e134f2a128d5c0240aff77e076a1113214ee68fe0c294996944180a7a5c4c35ce341682cb31607c3cf5514b1f1035673f3475376a8cbf20b50cf3272a49c8aafda33fef13aa90781f9c14741886fbdda634205fa98c94dfe5f06533d17d772ec5be90243a24f1db46530fc8b8e167cec2276dc16cd755e371f85827f44da53114333abd41b2ea70faac6762d38b5751e243b2e01ce7d00dce1069419fde74c49ebfabf86eb696fc6f07a8b4f95683449416c9633f3ef6a2eba6a687291e2e7f48a3fd15bdd2187e7790fbfe684b5764d7ef0bb3ba99c2e120300cf58c408608ba6090e15539024787a0290083d808380214a8ecd11effcc05149e476b1ea5b82047411050068806e331171513c57713f0987133e155d3b312aadc9f243f8533fb07ce208d46c42604669ff4b8a28be3bc71f38b45081d262ec130a818d05d8a8b52cf923727f59380441524be1d3448223a2cccaabe7d86a88c4a9ad8683a42cadc41b4f26faa91d9c927edf30cb8137e74d7c8b40a9adc2567de40144ba8f86776a1ee234d02c56fbfecdc636aac44aa59d0392d8e8c13531350f2c4b5b6417db0667a557acca8f931d31a56c3b55f603e9646cc409dd54db6d89be0a7a5b5459639915bacc24885e4a1e2f3a805cd7a315f71601d5fcb2b658deaa676d77ad646003770df1be040641ff3391c4770e5461c38eb2b0eb58e9134de52e78d36c3dfd1ef42d9561b78116e70b3658ba7ff9411a7085b80a8082977d57e9df4851e5f7da33f06f7c47447bab0b4c7d3b9c9a511ff6d8ed4a26287d9ed154302ff6ed1aecaa226d60ded733eebc924ce2df1f7ada22a10db46e768918178cffc926b61544f59f6b0be26900a5204e97b6b91b16c227796f903e5e1d3924a4f3286579507a30a1486d7d186a2fd5059b2e83cecae0c7ae26dc7c262e717263c1599e7da38f3e3ce06abaf77876979c0835c859e101ff6fa4ab2a96e65a497cdf27b1df052d07bbe1bd4284d8f817d586667dca367a668a1904430ee1ca62098d919f0a4eea1244a8e4a7792c86165fdd8b9be99262d2f40ecda00a9a5afc1bde0e630814e8aef82176dcd37463e34e63c115d9d33012e497c41c22e98978ee1e4d44becb9df7920d9f8490427d020d602cc741a03284d01e81804714d46f13ac08e2a6a8677286fd66c528b985dc51d7b150417ce8fe991e2db228bca99fa6eecfe654307fda8a227ce880e7da556ffd3ed3adca545953da9c369033f2e819a1d66636fd1e9794bbd0d7a75e68c44c632eef85b205cab173aa5a9023ecbcdbdd43e4afc7ee5346075ee1bd79795245a8437d41496d3a25144af27fa026fc1b4135e28c753127fa19c147bc14c68b15fe170fff5b916eb069a414c069da3dd2640ddde8e819ae37b670ff42dca8010cced7373d0ee0c2fb05de16dc8959d172c4f467a25038b97fbf9e60bd3c40c73871d4114d6d81acb7d57552495c336e5da9b71b7872e9ebdf082023674118c3f94af6f05ab5e19ecd8ec055dd6eece56f850e902745173f758e2387c1464866348bbb5d436937192371564fd9769eb4542444ef4e60701594fbd6afc80fc7e0f7616ec8286fa1059395a2ff7ffd3fc434b84f23ca88fe44c8cf21e1b13b3f3f66543e71b855f3f785dfe1f954462fbcf57b591c0a725d27381251828d7fdf7e09bdbd625e89e98f61fb76d56ad69106510ecefa93853f0da630f7b4f324c17494d1fa51f94e9daa978b572065f6396a7f3d649060798b32b61ee7bc7ff03fdfd800e8dba8c9b0c8d51433972db34e0cc2666d54dacc4c1da366bfd58f5321f6daa88d4e49a450a75e2ae935471886bda66022b4167a743d8e7518fa2b427408f5c3278152f3d97404e34c2e0531a322518bea013e44c82546b135398263854cc3fa21f72389170c4e422e2e221c43634442eec3712c172f3b9a4e29c43d59ed1715391dc27f7254ac5918f9985288b5ff44a52c93c5663312331a3341fdff4d24607f91c4fc0cce634a4f69f686ab52ec6e36e41a1fc87af4eba40ab2da228194a6cc9b98f271f74666c47a3e371e866dd8a41293dd6474b2dde3f6bc452b010490e17cc4e7df92e7436788e7e60dda166a38314f18e631656862ff7ecdbb85cdad2dea4365443da5617877df6bad1abc1be597a2961df6cf34f5f110a60694b406e4ae9e48077132ed583f76b54f3c37108b19c47acc4bc02072a64a0da39bbbbd6f2110a8e925a63389d963057f466d02a10f6a6ba2112b74e28e0aae33b0f028c2270f1f07c42b25c812c3dc34f811b862c3485b4396cceca3ec6a62e47bd519533c30f3d9cf05b0ec9886f8abb796ce31b290ab6b515dcc7d7f3ab11582fff535ffe2746333c1d288f7a22ee36ed232f1a7d6dc3c825d86d211af3eecdfdea7cb7a4e5139ebec4a3b7e81518e76a6d8951bfb090705f21d158d89061815e7dba1cc8134e2f80955dc63f3fc0a5fb953b4ab05c22ca761092418c32725732e54dcf086430f6b114761b745ae8ab00127ca375ca08d7c4ff7e306f7bfeab6d87a7e43218c267ef145095fc7a1ad58a283007734de55aea229a24c63372ae40e32618468612464d61840d79d837722d8204ed09b9bda9f438df009c9a2e4584755dd4ad91a3378255e0b104258baf6175e7d9df45c3caa2aebfb5866e4d20fa09e06ab689903a1c1b622ea04f1208adbf7cd6ab7a53068441eab17dafb00a07bbd5083a6691f6f34a9fa82b1ded4660deaf67343ab9aaae5f70c0b5a287ba669f32a1431ede98ac58bb4f42ef2a23122cd6a3da7658174853a7400bbda3ea58ce0f5589a6d5eb45e0a17aedf12bb175a8d083492e768f52b23881e61f3492fc039e478a712918ff2b1721b9e6e7911e16539f6104fbd0457b5521391672f1e57cdc2632ace97d4e21372213d1546578f7c8c12218600d85bd53cc6a5f2a2b1e88400c55f13703df10ab28a327112404f4663b19c4e938acd3917bfa5580845d0060a9136dfd88000bc05d07476bda0742ced80e1f61103ac1a501cb648ec6ffcfb0c1ce6fcce6e97832a720eb621091f2bb8ca2535e4c4c2335d6cf8a88cdc484b19dd12a0cad69bcef70f1c5a416ea21ccdbaef497a4ae417370531e48fc48fd01106934b6fc6cfae0acfe78f208d5ecbb773707484b57768781f57126d774a75099b308035862572d3fbf86692d474bd92850405bfbb80dc8a525ff594bb0d908ceaa9f51b2ac7b41a2b4c45621b62b1e1ba55e394ee15c4c222598b4e58b8addf87474a3aa94e9233d36520ded5f6ede8be6c32d38af2f8a0fb27562b2e3330490d46047e0a2d383830c2b0525c049d3005888bbbd247162275b157e440942b37eaf4abb9a4d22ef15d6d3009096d9b3d6732c35c2878e4c2fc905f2d961bf3700f0c08740249b57a18be63a18ff2fd7340fa3baa719839cf8eaa389a2f3b81af202c4a9abbdd030bfaef70cb65fc961bb579ed400e648cd8c1b100b289c38067a6d422c1a0a9f027795eecdaa7230d6e0662d0f59ab1cb0671b3b99ec12b65771f0c7416456b99537d10779d496f17e0c04160e879a5d089adf6f8060d92c44039ef2475f4647b5f3b30335ba2a50403d09644a00122d3bf7553c8eccb0e8dc612a83e6e5a7acab9f014fbbc712623ea86edc9bec0e4c392efaea3c56bb5ec45832ccbe6329509a6800ee36e85bb3b65dcf5aff9aa2db6569a230cdf1296e815d717191bad83ba31c1e42b69c6a5cd214739b1af105a244283c59c4f60d730fe6835ca983f3bea050012d6b6bc13a70591950de0d0d8857c200b61158a13f2c2d2536a799b7b4ac302ffbc78e9769e324c6ebfd567f5f4c2b053f7b59b6b07285194526d40ca6a5c4c376fa127b6b100489ce5266ebafa0cdec24b5bd7a22f295402303f8d1ddc3d1427d4c3beece3309d55f138d878c8054b259c53e59489f5f3610b3784489cdfa6083867a92a5f7e30826a6f590b9c809020c0f8eb73b70a971c050a70af2ca3a70573554b97c60037872df3e5c3f2e91103827306e72fbf1b072250e432b7bf8a5540783a2848724989eb86670e1f5b0675a39f7b1548260fd211d9c05e48e1a3df852842c477a36bbbac07317246dc8b4c3383227485556992735bfea38ef7a8a3a372464dc0ee6b9a09548a37dce62d563d04eaec5cb54c9614170e0811b53fd05dbd192744f74b5e0e3cc1b29dc0755ae4fc0c14ae8927f72864a796e65130e05d012336a96e5b15f17ae6258c67ecab6505bc1a26c00d5010e86f243412ca4264da4ed41670238faca1d7c7ed6ae74cc104ff3f9c045ce7efad15db83c3f5bbf001507caf3e6ee0a11a9c10205d91a7bbc12b2a91065352440a18493315df7dfa671bf8e1bd6d67119fbc3bb69d5661a43481b00ee60dab9d725f7f166ff989a0cbe21ec7f0007bf09cf5b5bc65b5835c4d0bfe6981616dffe0eae36d5b8c39d14645801919bc537212fb941ebe346bcb5037cf8b894ca92a0682fb2b37f08609a4a9465f0c423250343fc2367da64b690e273293431a36813cea94de5cf411c5c3c0265239aafb8fbe45c55fabd94baf7053023d1b0f647abcc07be35fa5a0c3aba2da35f6c2d8a739beccd96916cd30bdd8533411a425ae30b5d02b8d79c3622118641fb8551a31e1c1f4a0551d2b57eeee4097e9c48e09481c228bef6aa3c4aa7b9e72e8731cbc57a20a9e3417ec718c6d57a401d3c04ee2e4066d6d950149e277dc2bdaa23879b2c5135611d82ad8d20a4b2235c09da69fbd9878cbc52b25622165e0ab3bffe476eb2884629596dc865f6b13ba510cb375e59195636deeeb06786a7c9904ccdc58eb8664fe7b4d32bcb9fc8ab135c25ee2c22837c6c3a8c116e8fdcfc310799d0fc974e43d3a73fa0f8bd9057a1465823567f681c1d2e6c4a33770a4dccd06bce94b0af0e4d198b040d8094d610bbbd4501d8da6028b5e73f135cba6a8d7bb6cab2f06576eacd823e520282f9f883634a6dd4cc4810cba3f760b9842a0acae7a396892b658e3b6c84d0e75196b4e6a3240e9d2aadf257ae970153238e347d3cbcbfabae300494ea0d1bf292799e09b8064ed885cce1574ee94c216c50017c43b3407716e5919fa0706fc9e9c382bb321e8d6fa2520543d0427a620bb45c56d3f7e66aa025f17863024a2bd693d932bacfa516fec791e86982d020faa819bf2264f8606ef260a29af16300971d0ec49d6f5a21f9c437b75b44eb59bbaf71947621a1e78c68e2767dd42c7f6e3dd6faeebfc8fdfe4dec6db3fdd2d53c906f6040278ea235b37442f34cfa1a1f1064acce6a7cdb9657c1ea2def6c1f2220ab57ececfe53b4bdb6e57afaac1c055f25202c1efa65b3e48f5b57dcd2b7f3572d1d96a736813ca6acc75c967a89edc5dd62eea64cd46eeab6aa879887360aec466dd287705497e832bd4eb3d73524e4847c18f8b46de1a88a00dfa43acf51fe97288d53e30c6f2739b4532c6e8f7286a25c5f5f10532fee71d7c1c1f6a1c56f2535d94e2dd774f424cab2bf3673e097fd3cfb55ba1f29a6d03dc31abc214a6dc5950824f05f0a3036690120684a7117d42e9d40b56f3738428540c27f25ce4130966fc9b08f831756d5448be9ad7d07b95bfe61fb396438bba4ccaffa7a8a21edc5324d72514427a75a3619ea107000000000000097f87c9253035ac3a1e3bf6d22725d22e31b7e0c9515f98f34ba357cc136190f81c010f83306d97a89184656bef128a648b9878bbefc508a631f949d8540ed16aead49d51911901d74d7aa9649317356ebd2ac0441be95291c1c2ba803b2e4604ac4b09e29fc6200819fb2603b46dbe929e4cc661c4f31a6cdc94a81fa62eb28bf447fe2ddbbb3d5f2b97d4189ffe5d83bc8be19ee5c92b958488a55c859d7eb5885674bd351c4125a02151529e9ab01685f2e4bba3aef0d5e9ad8678dab470d761beb8785424d51c4aa728417d1edc7cc44d8c7f2f5a09c68f940fc72a4ed2952e1985b2727befdf551d95e8d43e4dcab6f65b12ea706cbc10e5354a894e7646118e60", 0x2000, &(0x7f0000001400)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000080)={0x78, 0x0, 0x40, {0x37, 0x10, 0x0, {0x5, 0x6, 0x4030cf86, 0x1035, 0x1e93, 0x5, 0x80020000, 0x8000, 0xe26, 0x6000, 0x5, 0x0, 0x0, 0xc8, 0x80000003}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0})
lseek(r2, 0x0, 0x2)

3.079984968s ago: executing program 9 (id=2389):
r0 = socket$nl_crypto(0x10, 0x3, 0x15)
prlimit64(0x0, 0xe, &(0x7f0000000200)={0x8, 0x8a}, 0x0)
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0)
read$msr(r1, &(0x7f0000019680)=""/102376, 0x18fe8)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
chroot(0x0)
sendmsg$nl_crypto(r0, &(0x7f0000002280)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000002100)=ANY=[@ANYBLOB="e80000001000010028bd7000fcdbdf25647262675f6e6f70725f6374725f61657331393200"/56], 0xe8}, 0x1, 0x0, 0x0, 0x48015}, 0x20044086)

3.047799319s ago: executing program 4 (id=2390):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000000300)=<r1=>0x0)
timer_settime(r1, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r2 = userfaultfd(0x801)
mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0xa031, 0xffffffffffffffff, 0x0)
ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x401})
ioctl$UFFDIO_REGISTER(r2, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4})
ioctl$UFFDIO_COPY(r2, 0xc028aa03, &(0x7f0000000100)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000339000/0x1000)=nil, 0x800000})

2.455069924s ago: executing program 4 (id=2394):
socket$inet6_tcp(0xa, 0x1, 0x0)
write$UHID_CREATE2(0xffffffffffffffff, &(0x7f0000000340)=ANY=[@ANYRES32, @ANYRES8, @ANYRES8], 0x118)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x88fd537e5c114b6e, 0x11, 0xffffffffffffffff, 0x0)
syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00')
ioctl$KVM_X86_SETUP_MCE(0xffffffffffffffff, 0x4008ae9c, &(0x7f0000000000)={0x1c, 0x526d630517582f26, 0x4})
r0 = socket$inet_udplite(0x2, 0x2, 0x88)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000340)={'bridge0\x00', <r1=>0x0})
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd27, 0x0, {0x0, 0x0, 0x0, r1, {0xfff3}}}, 0x24}, 0x1, 0x0, 0x0, 0x4000091}, 0x0)

2.241871284s ago: executing program 8 (id=2396):
r0 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000001540)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@gettaction={0x14, 0x32, 0x301, 0x70bd2c, 0xfffffffe}, 0x14}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
recvmmsg(r0, &(0x7f0000005c40)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000a40)=""/165, 0xa5}, 0x8}], 0x1, 0x140, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7fc}], 0x2c)
sendto$inet6(r1, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r1, 0x84, 0xb, &(0x7f0000000200)={0x41, 0x80, 0xfe, 0x0, 0x9, 0x40, 0x8, 0x5a, 0x0, 0x0, 0x9}, 0xe)
setsockopt$inet_sctp6_SCTP_RECVRCVINFO(r1, 0x84, 0x20, &(0x7f00000005c0)=0x8, 0x4)
recvmmsg(r1, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/21, 0x15}, 0x1ff}], 0x4000000000001bf, 0x40000023, 0x0)

1.889804019s ago: executing program 8 (id=2397):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x2)
sched_setaffinity(0x0, 0x8, &(0x7f0000000240)=0x2)
syz_mount_image$bfs(&(0x7f0000000000), &(0x7f0000000040)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0, &(0x7f0000000500)=ANY=[], 0xc, 0xac, &(0x7f0000000100)="$eJzs0jFqwzAUBuBnY7cdu3foDXwHn6BnMB3tzZNLJ9+nlyh07RFygwxZsygYyUP2QAh8H0hPP/8ikP7PP2+xRryvESmlJu2aSPPyNQ7TvLTjMEVEG3+RVWU+Bw+uLs/ZR/4DWz72uatKfzh9f+4rNx+/eT7d7+IAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAcEPV63Wuo+vK8WXbLgEAAP//2Bwh+A==")
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
r0 = syz_open_dev$MSR(&(0x7f0000000100), 0x0, 0x0)
read$msr(r0, &(0x7f0000032680)=""/102400, 0x19000)
r1 = socket$unix(0x1, 0x1, 0x0)
bind$unix(r1, &(0x7f0000003000)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)

1.119548522s ago: executing program 7 (id=2398):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$inet_opts(r0, 0x0, 0xd, &(0x7f0000000040)="b5", 0x1)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f0000000240)={0x2, 0x0, @local}, 0x6f)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x0, @multicast2}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x300)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, &(0x7f0000000080)={'filter\x00', 0x7, 0x4, 0x438, 0x130, 0x240, 0x0, 0x240, 0x370, 0x350, 0x4, 0x0, {[{{@arp={@private, @local, 0x0, 0x0, 0x0, 0x0, {@mac=@broadcast}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth1_to_batadv\x00', 'batadv0\x00'}, 0xc0, 0x130}, @unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "bc2e329885ea3654891fbae8c6c66e07212432bde429bcda7deb48d85c6f5e269c2021c8f8dc09af0b3f2e10e8ac79cc67e264613c4be6838ee2daacf7926a6e"}}}, {{@uncond, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @rand_addr, @broadcast}}}, {{@arp={@private, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'veth0\x00', 'veth0_to_bond\x00'}, 0xc0, 0x110}, @mangle={0x50, 'mangle\x00', 0x0, {@empty, @empty, @initdev={0xac, 0x1e, 0x0, 0x0}, @empty}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x488)
setsockopt$inet_int(r0, 0x0, 0x14, &(0x7f0000000000)=0x40, 0x4)
recvmmsg(r0, &(0x7f0000000040), 0x291962b, 0x45833af92e4b39ff, 0x0)

963.325599ms ago: executing program 8 (id=2399):
openat$kvm(0xffffffffffffff9c, &(0x7f00000001c0), 0x400c01, 0x0)
r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0)
r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)
ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040))
ioctl$KVM_SET_REGS(0xffffffffffffffff, 0x4090ae82, &(0x7f0000000000)={[0x35, 0x7, 0x2, 0x180, 0x4, 0x10, 0xf1, 0x50, 0x7fffffffffffe, 0x5, 0x0, 0x9, 0x0, 0x6, 0x0, 0xbdb], 0xffff1001, 0x120182})
r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0)
ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil})
ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000000, 0x1000000000, 0x0, 0x43, 0x2000001, 0x0, 0x2004cb, 0x7, 0x1000000, 0x68ff, 0x5, 0x9, 0x3], 0xeeef0000, 0x202})
ioctl$KVM_RUN(r2, 0xae80, 0x0)

922.28507ms ago: executing program 9 (id=2400):
syz_mount_image$iso9660(&(0x7f0000000000), &(0x7f0000000800)='./file0\x00', 0x2002010, &(0x7f00000009c0)=ANY=[@ANYBLOB="63727566742c756e68696465006e6f726f636b2c6e6f726f636b2c6d61703d61636f726e2c6d6f64653d30783030303030303030303030303030303341636865636b3d7374726963742c6e6f726f636b2c756e6869000000006e686964652c6e6f726f636b2c636865636b3d7374726963742c636865636b3d72656c617865642c0600000000000000db4a061e79bfa3d62686b6229682e135307c8f7bfa8861937e4efeef21af9c81f2b70bc0cc4bef9cb54c61f5b0eede748b8466ae58e17009e1af74f1fd6df897edfd0b3f0fd28c336942baa01e8d6f051ef820bf4395b5c9d8fdb38ecaec0d65edc3f7a5564e3b388628ab379ce06ab9009f7d708d2e3107fa8dda7bdec69c5c6497b32eba0c00588cdf6e86f6c1d852701c415f80ca8dcd0df1e556110e55125dcee7f897de9175d51d8435841f62a83735f8bfe0cf02dc6f8c2b325fb566d691e39ee162440bf3d29889b7a2d2a335de8fc1eeba67adb3748a30293fa16e17a8efde72871698"], 0x2, 0x699, &(0x7f0000000140)="$eJzs3V9rG9n9x/HPyLIte3+E5dcSQsifk6QLDk2VkbxxMCl01dHInlbSiBm52FBY0o29hMjZNkmh8c3WN/0D2yfQu970og+i0Ot9Fr0pLSztXaE3KnNmJEvRv3ijOLvN+2V2NTrznTnfmaPoy9iaIwEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADle1XVLjupBc2fXTOZVo7AxZX26t0XdTBduzuxXcpL/VCjoQtp04Zsnq88n/7uuS+mzSyokDwUdvXP+3XvfyOd6209J6MvQaXf49PnRo/udzv6Tl4hd0Kl3/yYp11taycZkTNCW3wziMGhUtnwTxKHZ3Nhwb2/XYlML6n68F7f9hvEiP9cOI7Pm3TSlzc114xf3wp3mVrVS93uNd79Tdt0N84PldKAlFWNvO6jXg+aWjUlWJzF3zWc/TgP8SsOYg4ed/fVZR5IElV4mqDwrqOyWy6VSuVzauLN5567r5kca3ITj9mkkYu4vWnzNzOeNG5iDXFL//+pIdRXU1I52Zcb+eKoqUqjGhPWZXv1/77Y/td/B+t+r8hek72WrL8rW/yvpsyuT6v+EXIyM3WDcGmdC++l+Fm1GRk/1XEd6pPvqqKN9PZnDvo3M1bns5Qx+tuSrqUCxQgVqqGJbTNZitKkNbcjVh9pWTbGMagpUl69Ye4rVlm9fUZ4i+aqorVCRjNbk6aaMStrUptZl5KuoPYXaUVNbqqqif3e73QM9tOd9fUqO6gWVJgQsDwaVp+xpUv3/yafp6zSr/y71/22Vvg6W04fPp8UAXwHd7Pp/UG72ZldfX0YAAAAAAGDeHPvbd8f+7f6ypK5qQd1333RaAAAAAABgjhx1l3VJTnL9L+myHK7/AQAAAAD4X+PYe+wcSav2Q/3OyZ1QL/NLgIUzSBEAAAAAALwie+f/lSWpayetuCrnVNf/AAAAAADga+A3A3Ps53tz7HZ7f9bPSYpby86f/7msaNE5bu1+yzmsJGsqh1nMyCcA2rWLzrlsol77sCTJPvP8S07WWzYJZn/ewS8OZs3170QvJLC0MLiDCQk4Sc8b+eyZPtO1dJNr2TzzD45ysmvSXlZrQd0vemH9XkmVyrlc299t//zxw19IUf84Dx529osffdJ5YHM5TpqOD5OdfjqUTm78yTjJ5Zmdb8HeczHuiFdU63X522Zj1bH9ur3jX1DlMDfY0bQBOOnzV7qejtn11TR29ag/435y/IXk+EtFO2RDRx8tOidZlF488nEDMSGLgs3iRhpzY+2Gyn9Ll/ujkHMK316QysXRMRjKojyYxexz4fxr5FwMZGEfemsGzsV6ksVfkh1NyGL9dFmMjAgAvCkHuiz7LnRZdhLzfhUqZHW3Vx56b2pfqu7Mru4fDFf3Z7/vdu0GC1I++9vE1F4KSt7R1xxbh5bSQ8pfHPOO7mZ1paAJ7+juK1S3pK8/nXwHUpb2SBb/6Xa790q239+9UFX/MNTdSL9xvbyQnMLbzw5/aifAT3y8//H+43J5fcN933XvlLVoDyN7WBC1BwAwYvZ37MyMcN7XtTTi2oN/vJcuDVW8/+9/pKCoj/SJOnqgW72vELg6fq+rAx9DuJVetWrgqtWcf/ee/V664diSbk28qrO1dCC23I9dVG+T4Up9Erv+mkcBAICzdX1GHR5f/wtD9f+W1tKItYtjr7uHa3l2ddy/pJ8UW5qd/AfzPhsAALwd/OgLZ7X9ayeKgtaHpc3NUqW97Zso9H5ooqC65Zug2fYjb7vS3PJNKwrboRfWTSvSclD1YxPvtFph1Da1MDKtMA527Te/m+yr32O/UWm2Ay9u1f1K7BsvbLYrXttUg9gzrZ3v14N424/sxnHL94Ja4FXaQdg0cbgTeX7RmNj3BwKDqt9sB7UgWWyaVhQ0KtGe+VFY32n4purHXhS02mG6w15fQbMWRg2722K+O+7zAgAAvHWePj96dL/T2X/y4sJKcmmethxrQszowpKePk+uypOWfLaKOYIAAPiKOSngp9io8BoTAgAAAAAAAAAAAAAAAAAAAAAAI2bf0nfKhcVxNwtK/Zafncta9Eud3GI4sh9H807sNAu5027VuyXi6NHnU4JX+i290z8Yc3xmB/j3/5PesS1KW/Lz72tlyuC+joXvHqRndGJMsnLsquX+WOTn/88hWXj8xwmrut1ud/rmy8PncGnaAQ4v5CU9WXqFITj79yIAZ+u/AQAA//9b5DOa")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, &(0x7f0000000080)={{{@in=@loopback, @in6=@local, 0x4e21, 0x3, 0x4e20, 0x0, 0x2, 0x0, 0x0, 0x3a}, {0x0, 0x4fb0, 0x0, 0x8, 0x5, 0xff, 0x0, 0x1}, {0x4, 0x0, 0x10000000, 0xfffffffffffffffc}, 0x0, 0x1, 0x1}, {{@in=@private=0xa010101, 0x4d6, 0x33}, 0xa, @in6=@mcast2, 0x0, 0x1}}, 0xe8)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x16, 0x16, &(0x7f0000000240)=ANY=[@ANYBLOB="61129000000000006113500000000000bf2000000000000007000000180000003d030100000000009500f000000000006926000000000000bf6700000000000056"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector}, 0x94)
setsockopt$SO_BINDTODEVICE(0xffffffffffffffff, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x20041090}, 0x0)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000480), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000840)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r1, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r2, @ANYBLOB="d506330080000000ffffffffffff080211000001"], 0x6f4}}, 0x0)

717.236279ms ago: executing program 7 (id=2401):
r0 = signalfd(0xffffffffffffffff, &(0x7f0000000140), 0x8)
r1 = syz_io_uring_setup(0x38a9, &(0x7f0000000300)={0x0, 0x1595, 0x10100, 0x0, 0x17c}, &(0x7f0000000040)=<r2=>0x0, &(0x7f00000003c0)=<r3=>0x0)
syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_RECV=@use_registered_buffer={0x1b, 0x20, 0x3, r0})
io_uring_enter(r1, 0x44fd, 0x3, 0x1, 0x0, 0x0)
r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x80)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10)
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
r5 = socket$kcm(0x25, 0x1, 0x0)
sendmsg$kcm(r5, &(0x7f0000001bc0)={0x0, 0x0, 0x0}, 0x8000)

627.063963ms ago: executing program 9 (id=2402):
r0 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0)
r1 = syz_open_dev$sndctrl(&(0x7f0000000440), 0x0, 0x0)
ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r1, 0x40045532, &(0x7f0000000040))
r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0)
r3 = syz_open_dev$sndpcmp(&(0x7f0000000200), 0x0, 0xa2c65)
write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000500)={0x0, 0xfffffffffffffd83, 0xfa00, {0x0, 0x0}}, 0xfdbc)
ioctl$SNDRV_PCM_IOCTL_SYNC_PTR(r3, 0xc0884123, &(0x7f0000000300)={0x1, "244689261a33650147c14247a532ccbd3bf3b292825b3e92c12acb8ae665a3eeda1a7777428a0df8090070c05fc6c03edcda80e7db0700", {0x8002, 0x1ff}})

626.401873ms ago: executing program 8 (id=2403):
r0 = epoll_create1(0x0)
r1 = epoll_create1(0x0)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r3}, 0x18)
epoll_ctl$EPOLL_CTL_ADD(r0, 0x1, r1, &(0x7f0000000100)={0xa000000d})
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r2, &(0x7f0000000400)={0x40000018})
epoll_pwait(r0, &(0x7f0000000080)=[{}], 0x1, 0x80000000, 0x0, 0x0)

594.333235ms ago: executing program 7 (id=2404):
socket$inet(0xa, 0x801, 0x0)
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r0, 0xffffffff)
r1 = syz_io_uring_setup(0x10d2, &(0x7f0000000480)={0x0, 0x8b16, 0x80, 0x0, 0x34f}, &(0x7f00000000c0)=<r2=>0x0, &(0x7f0000000300)=<r3=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r2, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r2, r3, &(0x7f0000000200)=@IORING_OP_POLL_REMOVE={0x7, 0x50, 0x0, 0x0, 0x0, 0x1})
io_uring_enter(r1, 0x47bc, 0x0, 0x0, 0x0, 0x0)

248.617539ms ago: executing program 7 (id=2405):
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, 0x0, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0}, 0x90)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=@base={0x1, 0x7, 0x9, 0x1}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000001c0)={{r0, <r1=>0xffffffffffffffff}, &(0x7f00000002c0), &(0x7f0000000280)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000007ccfb6fbdcec0000000000000000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000000000008500000003"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000020d0039000000000000b4a518110000", @ANYRES32=r1], 0x0, 0xfffffff7, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0xa, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x32, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x2000000, 0x11, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x8001, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)

75.020777ms ago: executing program 7 (id=2406):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
r1 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @broadcast}, 0x2}}}, 0x108)
setsockopt$inet6_group_source_req(r1, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}, 0x108)
r2 = socket(0x80000000000000a, 0x2, 0x0)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2a, &(0x7f0000000080)={0x20, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}, 0x9}}, {{0xa, 0x0, 0x0, @remote}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @mcast1}}}, 0x108)
setsockopt$inet6_group_source_req(r2, 0x29, 0x2b, &(0x7f0000000200)={0x0, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @local}}}}, 0x108)
close_range(r0, 0xffffffffffffffff, 0x0)

0s ago: executing program 7 (id=2407):
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000180)={0x0, &(0x7f0000000f80)=""/4096, 0x0, 0x1000, 0x1, 0xe}, 0x28)
r0 = getpid()
r1 = syz_pidfd_open(r0, 0x0)
r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000004c0), 0x48100)
r3 = openat$sndseq(0xffffffffffffff9c, &(0x7f00000002c0), 0x1)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r3, 0xc08c5332, &(0x7f0000000040)={0x2000, 0x0, 0x0, 'queue0\x00'})
write$sndseq(r3, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32}], 0xffc8)
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_INFO(r2, 0xc08c5335, &(0x7f00000001c0)={0x0, 0x80, 0x0, 'queue0\x00'})
close_range(r1, 0xffffffffffffffff, 0x0)

kernel console output (not intermixed with test programs):

 0] type 2 family 0 port 6081 - 0
[  218.035107][ T6141] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  218.218810][ T8527] netlink: 7 bytes leftover after parsing attributes in process `syz.6.942'.
[  218.257087][ T8497] chnl_net:caif_netlink_parms(): no params data found
[  218.627605][   T27] kauditd_printk_skb: 9 callbacks suppressed
[  218.627620][   T27] audit: type=1326 audit(1763653195.366:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8530 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7fc00000
[  218.671164][ T8497] bridge0: port 1(bridge_slave_0) entered blocking state
[  218.687007][ T8497] bridge0: port 1(bridge_slave_0) entered disabled state
[  218.700996][ T8497] bridge_slave_0: entered allmulticast mode
[  218.713419][ T8497] bridge_slave_0: entered promiscuous mode
[  218.723338][ T8497] bridge0: port 2(bridge_slave_1) entered blocking state
[  218.742073][ T8497] bridge0: port 2(bridge_slave_1) entered disabled state
[  218.749775][ T8497] bridge_slave_1: entered allmulticast mode
[  218.769111][ T8497] bridge_slave_1: entered promiscuous mode
[  218.785454][ T5788] Bluetooth: hci0: Opcode 0x0c03 failed: -110
[  218.942328][ T5788] Bluetooth: hci3: command tx timeout
[  219.232279][ T8497] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  219.257539][ T8497] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  219.487449][ T8497] team0: Port device team_slave_0 added
[  219.563328][ T8497] team0: Port device team_slave_1 added
[  219.731660][ T8497] batman_adv: batadv0: Adding interface: batadv_slave_0
[  219.753152][ T8497] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.820257][ T8497] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  219.852551][ T8497] batman_adv: batadv0: Adding interface: batadv_slave_1
[  219.870149][ T8497] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  219.940144][ T8497] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  220.194214][ T8560] netlink: 'syz.6.952': attribute type 39 has an invalid length.
[  220.474275][ T8497] hsr_slave_0: entered promiscuous mode
[  220.495188][ T8497] hsr_slave_1: entered promiscuous mode
[  220.533507][ T8497] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  220.556385][ T8497] Cannot create hsr debugfs directory
[  221.028118][ T5788] Bluetooth: hci3: command tx timeout
[  221.085559][ T8568] netlink: 8 bytes leftover after parsing attributes in process `syz.6.955'.
[  221.168708][ T8566] netlink: 8 bytes leftover after parsing attributes in process `syz.6.955'.
[  221.449619][   T27] audit: type=1326 audit(1763653198.196:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8530 comm="syz.2.944" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f2415d2b829 code=0x7fc00000
[  222.025745][ T6141] hsr_slave_0: left promiscuous mode
[  222.034937][ T6141] hsr_slave_1: left promiscuous mode
[  222.070543][ T6141] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  222.088226][ T6141] batman_adv: batadv0: Removing interface: batadv_slave_0
[  222.119796][ T6141] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  222.140776][ T8584] netlink: 24 bytes leftover after parsing attributes in process `syz.2.960'.
[  222.149898][ T6141] batman_adv: batadv0: Removing interface: batadv_slave_1
[  222.202524][ T6141] bridge_slave_1: left allmulticast mode
[  222.208237][ T6141] bridge_slave_1: left promiscuous mode
[  222.222596][ T6141] bridge0: port 2(bridge_slave_1) entered disabled state
[  222.245131][ T6141] bridge_slave_0: left allmulticast mode
[  222.260420][ T6141] bridge_slave_0: left promiscuous mode
[  222.266293][ T6141] bridge0: port 1(bridge_slave_0) entered disabled state
[  222.414305][ T6141] veth1_macvtap: left promiscuous mode
[  222.420002][ T6141] veth0_macvtap: left promiscuous mode
[  222.448385][ T6141] veth1_vlan: left promiscuous mode
[  222.470824][ T6141] veth0_vlan: left promiscuous mode
[  223.100327][ T5788] Bluetooth: hci3: command tx timeout
[  223.369535][ T8593] loop6: detected capacity change from 0 to 2048
[  223.424515][ T8593] UDF-fs: error (device loop6): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  223.489931][ T8593] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  223.700196][   T27] audit: type=1800 audit(1763653200.446:46): pid=8593 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.963" name="file1" dev="loop6" ino=1346 res=0 errno=0
[  224.356404][ T6141] team0 (unregistering): Port device team_slave_1 removed
[  224.445932][ T6141] team0 (unregistering): Port device team_slave_0 removed
[  224.523863][ T6141] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  224.603756][ T6141] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  225.048265][ T8611] loop6: detected capacity change from 0 to 1024
[  225.089124][ T8611] EXT4-fs: Ignoring removed mblk_io_submit option
[  225.182534][ T5788] Bluetooth: hci3: command tx timeout
[  225.242577][ T8611] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  225.436169][ T8611] EXT4-fs warning (device loop6): ext4_expand_extra_isize_ea:2872: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  225.584625][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  226.169639][ T6141] bond0 (unregistering): Released all slaves
[  226.239527][ T8622] loop6: detected capacity change from 0 to 128
[  226.286297][ T8622] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  226.318466][ T8622] ext4 filesystem being mounted at /95/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  226.420551][ T8607] netlink: 'syz.4.967': attribute type 4 has an invalid length.
[  226.438970][ T8622] syz.6.973 (pid 8622) is setting deprecated v1 encryption policy; recommend upgrading to v2.
[  226.513375][ T8608] netlink: 'syz.4.967': attribute type 4 has an invalid length.
[  226.524949][ T7452] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  226.587353][ T8497] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  226.660602][ T8497] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  226.707085][ T8497] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  226.775762][ T8625] netlink: 4 bytes leftover after parsing attributes in process `syz.6.974'.
[  226.830219][ T8630] netlink: 4 bytes leftover after parsing attributes in process `syz.6.974'.
[  226.839601][ T8497] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  227.062609][ T8640] loop2: detected capacity change from 0 to 2048
[  227.120252][ T8640] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  227.341523][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  227.404399][ T8497] 8021q: adding VLAN 0 to HW filter on device bond0
[  227.463208][ T8497] 8021q: adding VLAN 0 to HW filter on device team0
[  227.478641][ T6122] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.485831][ T6122] bridge0: port 1(bridge_slave_0) entered forwarding state
[  227.573546][ T6122] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.580790][ T6122] bridge0: port 2(bridge_slave_1) entered forwarding state
[  229.042922][ T8675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.990'.
[  229.053418][ T8675] netlink: 4 bytes leftover after parsing attributes in process `syz.4.990'.
[  229.154379][ T8497] 8021q: adding VLAN 0 to HW filter on device batadv0
[  229.553627][ T8698] loop6: detected capacity change from 0 to 128
[  229.921322][ T8497] veth0_vlan: entered promiscuous mode
[  229.952682][ T8497] veth1_vlan: entered promiscuous mode
[  230.024173][ T8497] veth0_macvtap: entered promiscuous mode
[  230.073267][ T8497] veth1_macvtap: entered promiscuous mode
[  230.132523][ T8497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  230.146868][ T8497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.166036][ T8497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  230.183189][ T8497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.196849][ T8497] batman_adv: batadv0: Interface activated: batadv_slave_0
[  230.215513][ T8497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.241400][ T8497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.254351][ T8497] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  230.267804][ T8497] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  230.285860][ T8497] batman_adv: batadv0: Interface activated: batadv_slave_1
[  230.314686][ T8497] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  230.328147][ T8497] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  230.337285][ T8497] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  230.346429][ T8497] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  230.433086][ T8719] loop6: detected capacity change from 0 to 128
[  230.480478][ T8719] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  230.509300][ T6144] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.548833][ T8719] ext4 filesystem being mounted at /108/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  230.582836][ T6144] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  230.594200][    C0] vcan0: j1939_tp_rxtimer: 0xffff888030450400: rx timeout, send abort
[  230.605835][    C0] vcan0: j1939_tp_rxtimer: 0xffff888030450800: rx timeout, send abort
[  230.614357][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888030450400: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  230.630371][    C0] vcan0: j1939_xtp_rx_abort_one: 0xffff888030450800: 0x00000: (3) A timeout occurred and this is the connection abort to close the session.
[  230.706701][ T6122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  230.740101][ T6122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  231.009639][ T7452] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  231.401405][ T8742] tipc: Started in network mode
[  231.406605][ T8742] tipc: Node identity ac14142f, cluster identity 4711
[  231.425920][ T8742] tipc: New replicast peer: 0.0.0.0
[  231.458928][ T8742] tipc: Enabled bearer <udp:syz2>, priority 10
[  232.574195][    T8] tipc: Node number set to 2886997039
[  233.095593][ T8773] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1024'.
[  233.120321][ T8773] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1024'.
[  233.140312][ T8772] netlink: 60 bytes leftover after parsing attributes in process `syz.4.1024'.
[  233.919594][ T8782] netlink: 'syz.6.1028': attribute type 1 has an invalid length.
[  234.030995][ T8782] 8021q: adding VLAN 0 to HW filter on device bond1
[  234.099465][ T8786] sd 0:0:1:0: PR command failed: 1026
[  234.135983][ T8786] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  234.175953][ T8783] bond1: (slave geneve2): making interface the new active one
[  234.190222][ T8786] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  234.196760][ T8783] bond1: (slave geneve2): Enslaving as an active interface with an up link
[  234.344138][ T8783] syz.6.1028 (8783) used greatest stack depth: 18760 bytes left
[  234.645825][ T8792] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1032'.
[  234.655391][ T8792] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  234.837868][ T8792] batman_adv: batadv0: Removing interface: batadv_slave_1
[  237.195679][ T8839] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1047'.
[  237.334188][ T8843] Invalid ELF header len 16
[  238.315307][ T8861] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1057'.
[  238.414804][   T27] audit: type=1800 audit(1763653215.166:47): pid=8863 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.1058" name="bus" dev="overlay" ino=1498 res=0 errno=0
[  244.428318][ T8935] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1085'.
[  244.439476][ T8937] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1085'.
[  244.611380][ T8949] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1088'.
[  244.661537][ T8949] netlink: 16 bytes leftover after parsing attributes in process `syz.7.1088'.
[  244.723690][ T8954] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1090'.
[  245.030801][  T967] kernel read not supported for file [userfaultfd] (pid: 967 comm: kworker/1:2)
[  245.072524][ T8966] netlink: 'syz.4.1095': attribute type 12 has an invalid length.
[  245.078669][ T8961] loop2: detected capacity change from 0 to 8192
[  245.102991][ T8961] REISERFS warning:  read_super_block: reiserfs filesystem is deprecated and scheduled to be removed from the kernel in 2025
[  245.154519][ T8961] REISERFS (device loop2): found reiserfs format "3.5" with non-standard journal
[  245.182770][ T8961] REISERFS (device loop2): using ordered data mode
[  245.189491][ T8961] reiserfs: using flush barriers
[  245.198041][ T8961] REISERFS (device loop2): journal params: device loop2, size 512, journal first block 18, max trans len 256, max batch 225, max commit age 30, max trans age 30
[  245.215443][ T8961] REISERFS (device loop2): checking transaction log (loop2)
[  245.225589][ T8961] REISERFS (device loop2): Using r5 hash to sort names
[  245.241450][ T8961] REISERFS (device loop2): using 3.5.x disk format
[  245.259275][ T8961] REISERFS warning (device loop2): jdm-13090 reiserfs_new_inode: ACLs aren't enabled in the fs, but vfs thinks they are!
[  245.275178][ T8961] REISERFS (device loop2): Created .reiserfs_priv - reserved for xattr storage.
[  245.492309][ T8977] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1100'.
[  246.010442][ T8987] loop6: detected capacity change from 0 to 512
[  246.037587][ T8987] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  246.062860][ T8987] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  246.069700][ T8989] loop2: detected capacity change from 0 to 2048
[  246.081976][ T8992] overlayfs: failed to clone upperpath
[  246.115616][ T8987] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1104: invalid indirect mapped block 4294967295 (level 1)
[  246.177103][ T8989] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  246.191102][ T8987] EXT4-fs error (device loop6): ext4_free_branches:1030: inode #11: comm syz.6.1104: invalid indirect mapped block 4294967295 (level 1)
[  246.230566][ T8987] EXT4-fs (loop6): 2 truncates cleaned up
[  246.239070][ T8987] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  246.461252][ T8987] EXT4-fs error (device loop6): __ext4_new_inode:1075: comm syz.6.1104: reserved inode found cleared - inode=2
[  246.613472][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  247.094126][ T9020] loop6: detected capacity change from 0 to 512
[  247.106927][ T9020] EXT4-fs (loop6): #blocks per group too big: 466944
[  247.362420][ T9030] loop2: detected capacity change from 0 to 1024
[  248.005341][ T9039] loop2: detected capacity change from 0 to 40427
[  248.014754][ T9039] F2FS-fs (loop2): build fault injection attr: rate: 684, type: 0x7ffff
[  248.027256][ T9039] F2FS-fs (loop2): build fault injection attr: rate: 0, type: 0x35f7
[  248.036278][ T9039] F2FS-fs (loop2): Image doesn't support compression
[  248.057414][ T9039] F2FS-fs (loop2): invalid crc value
[  248.081779][ T9039] F2FS-fs (loop2): Found nat_bits in checkpoint
[  248.171736][ T9039] F2FS-fs (loop2): Start checkpoint disabled!
[  248.188442][ T9039] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e6
[  248.418440][ T9039] F2FS-fs (loop2): inject checkpoint error in f2fs_balance_fs of f2fs_setattr+0xf6b/0x1360
[  248.438955][ T9039] F2FS-fs (loop2): Stopped filesystem due to reason: 1
[  248.448871][ T9039] overlayfs: upper fs does not support tmpfile.
[  248.657067][ T9055] fuse: Bad value for 'fd'
[  249.389888][ T9071] capability: warning: `syz.4.1140' uses 32-bit capabilities (legacy support in use)
[  249.922025][ T9080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1144'.
[  251.423511][ T9112] loop7: detected capacity change from 0 to 40427
[  251.446053][ T9112] F2FS-fs (loop7): build fault injection attr: rate: 684, type: 0x7ffff
[  251.456193][ T9112] F2FS-fs (loop7): build fault injection attr: rate: 0, type: 0x35f7
[  251.469740][  T967] libceph: connect (1)[c::]:6789 error -101
[  251.477740][  T967] libceph: mon0 (1)[c::]:6789 connect error
[  251.478237][ T9112] F2FS-fs (loop7): Image doesn't support compression
[  251.486565][ T9114] ceph: No mds server is up or the cluster is laggy
[  251.522809][ T9112] F2FS-fs (loop7): invalid crc value
[  251.535624][ T9112] F2FS-fs (loop7): Found nat_bits in checkpoint
[  251.626259][ T9112] F2FS-fs (loop7): Start checkpoint disabled!
[  251.666516][ T9112] F2FS-fs (loop7): Mounted with checkpoint version = 48b305e6
[  251.869372][ T9112] F2FS-fs (loop7): inject checkpoint error in f2fs_balance_fs of f2fs_setattr+0xf6b/0x1360
[  251.904423][ T9112] F2FS-fs (loop7): Stopped filesystem due to reason: 1
[  251.915809][ T9112] overlayfs: upper fs does not support tmpfile.
[  252.708915][ T9146] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1167'.
[  252.990362][ T9153] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1169'.
[  253.353372][ T9164] netlink: 72 bytes leftover after parsing attributes in process `syz.6.1175'.
[  253.611343][ T9172] netlink: 2036 bytes leftover after parsing attributes in process `syz.6.1177'.
[  253.637698][ T9172] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1177'.
[  253.736142][ T9178] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1181'.
[  253.748486][ T9178] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1181'.
[  255.376138][ T9217] loop7: detected capacity change from 0 to 2048
[  255.456973][ T9217] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.561801][ T9220] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1215: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  255.643826][ T9217] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 2 with error 28
[  255.697589][ T9217] EXT4-fs (loop7): This should not happen!! Data will be lost
[  255.697589][ T9217] 
[  255.757067][ T9217] EXT4-fs (loop7): Total free blocks count 0
[  255.790550][ T9217] EXT4-fs (loop7): Free/Dirty block details
[  255.797797][ T9217] EXT4-fs (loop7): free_blocks=2415919504
[  255.830315][ T9217] EXT4-fs (loop7): dirty_blocks=16
[  255.843809][ T9217] EXT4-fs (loop7): Block reservation details
[  255.850574][ T9217] EXT4-fs (loop7): i_reserved_data_blocks=1
[  255.904130][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  255.914819][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  256.339575][ T3491] EXT4-fs (loop7): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  256.349289][ T9235] loop2: detected capacity change from 0 to 128
[  256.407741][ T9235] EXT4-fs (loop2): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  256.457110][ T9235] ext4 filesystem being mounted at /323/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  256.534852][   T27] audit: type=1326 audit(1763653233.286:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.581294][   T27] audit: type=1326 audit(1763653233.286:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.654245][   T27] audit: type=1326 audit(1763653233.286:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=7 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.710285][   T27] audit: type=1326 audit(1763653233.286:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.733023][ T5789] EXT4-fs (loop2): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  256.745767][   T27] audit: type=1326 audit(1763653233.286:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.840126][   T27] audit: type=1326 audit(1763653233.286:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.876281][   T27] audit: type=1326 audit(1763653233.286:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.899106][   T27] audit: type=1326 audit(1763653233.286:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  256.968973][   T27] audit: type=1326 audit(1763653233.286:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  257.000476][   T27] audit: type=1326 audit(1763653233.286:57): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9238 comm="syz.7.1204" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f503bf8f749 code=0x7ffc0000
[  257.357007][ T9253] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1210'.
[  258.376825][ T9279] netlink: 'syz.2.1221': attribute type 1 has an invalid length.
[  258.428531][ T9279] bond1: entered promiscuous mode
[  258.441786][ T9279] bond1: entered allmulticast mode
[  258.448119][ T9279] 8021q: adding VLAN 0 to HW filter on device bond1
[  258.467105][ T9285] macvlan2: entered promiscuous mode
[  258.472831][ T9285] macvlan2: entered allmulticast mode
[  258.481633][ T9285] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  258.538291][ T9286] netlink: 'syz.7.1223': attribute type 1 has an invalid length.
[  258.582592][ T9286] 8021q: adding VLAN 0 to HW filter on device bond1
[  258.775688][ T9288] bond1: (slave veth3): Enslaving as an active interface with a down link
[  258.969806][ T9290] bond1: (slave dummy0): making interface the new active one
[  259.014937][ T9290] dummy0: entered promiscuous mode
[  259.040983][ T9290] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  259.199586][ T9305] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1230'.
[  260.010521][   T23] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  260.220620][   T23] usb 3-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f
[  260.240161][   T23] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  260.248252][   T23] usb 3-1: Product: syz
[  260.253296][   T23] usb 3-1: Manufacturer: syz
[  260.257933][   T23] usb 3-1: SerialNumber: syz
[  260.275623][   T23] usb 3-1: config 0 descriptor??
[  260.308004][   T23] gspca_main: stk1135-2.14.0 probing 174f:6a31
[  260.602319][ T9334] overlayfs: failed to clone upperpath
[  261.954300][   T23] gspca_stk1135: reg_w 0x200 err -71
[  261.969595][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  261.978633][   T23] gspca_stk1135: Sensor write failed
[  261.985921][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.008055][   T23] gspca_stk1135: Sensor write failed
[  262.015236][ T9351] fuse: Bad value for 'fd'
[  262.020628][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.027786][   T23] gspca_stk1135: Sensor read failed
[  262.044129][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.052298][   T23] gspca_stk1135: Sensor read failed
[  262.057651][   T23] gspca_stk1135: Detected sensor type unknown (0x0)
[  262.066239][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.073090][   T23] gspca_stk1135: Sensor read failed
[  262.078510][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.085433][   T23] gspca_stk1135: Sensor read failed
[  262.095711][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.102928][   T23] gspca_stk1135: Sensor write failed
[  262.112499][   T23] gspca_stk1135: serial bus timeout: status=0x00
[  262.119488][   T23] gspca_stk1135: Sensor write failed
[  262.136753][   T23] stk1135: probe of 3-1:0.0 failed with error -71
[  262.160540][   T23] usb 3-1: USB disconnect, device number 6
[  264.313634][ T9407] overlayfs: "xino" feature enabled using 2 upper inode bits.
[  264.793762][ T9410] loop6: detected capacity change from 0 to 2048
[  264.826743][ T9410] UDF-fs: error (device loop6): udf_process_sequence: Primary Volume Descriptor not found!
[  264.898941][ T9410] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  264.946351][ T9418] netlink: 'syz.2.1272': attribute type 1 has an invalid length.
[  265.131507][  T967] usb 8-1: new high-speed USB device number 2 using dummy_hcd
[  265.360295][  T967] usb 8-1: Using ep0 maxpacket: 32
[  265.378185][  T967] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.400656][  T967] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.420203][  T967] usb 8-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[  265.449208][    T9] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  265.449409][  T967] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.501230][  T967] usb 8-1: config 0 descriptor??
[  265.642042][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  265.668930][    T9] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  265.696092][    T9] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  265.730103][    T9] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  265.757122][    T9] usb 3-1: config 0 descriptor??
[  265.940985][  T967] ft260 0003:0403:6030.0006: unknown main item tag 0x7
[  266.119702][  T967] ft260 0003:0403:6030.0006: chip code: 6424 8183
[  266.185807][    T9] cp2112 0003:10C4:EA90.0007: unknown main item tag 0x0
[  266.226486][    T9] cp2112 0003:10C4:EA90.0007: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  266.321302][  T967] ft260 0003:0403:6030.0006: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.7-1/input0
[  266.385872][    T9] cp2112 0003:10C4:EA90.0007: Part Number: 0x82 Device Version: 0xFE
[  266.522895][  T967] ft260 0003:0403:6030.0006: failed to retrieve status: -32, no wakeup
[  266.555249][  T967] ft260 0003:0403:6030.0006: failed to retrieve status: -32
[  266.960482][   T28] usb 8-1: USB disconnect, device number 2
[  266.999690][    T9] cp2112 0003:10C4:EA90.0007: error reading lock byte: -71
[  267.028021][    T9] usb 3-1: USB disconnect, device number 7
[  267.780878][ T9451] netlink: 'syz.4.1283': attribute type 1 has an invalid length.
[  267.968719][ T9451] 8021q: adding VLAN 0 to HW filter on device bond1
[  268.033608][ T9463] loop7: detected capacity change from 0 to 128
[  268.085866][ T9463] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  268.113722][ T9463] ext4 filesystem being mounted at /62/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  268.155891][ T9459] bond1: (slave veth11): Enslaving as an active interface with a down link
[  268.185867][ T5159] udevd[5159]: worker [5893] terminated by signal 33 (Unknown signal 33)
[  268.225483][ T9461] bond1: (slave dummy0): making interface the new active one
[  268.337240][ T9463] EXT4-fs error (device loop7): ext4_check_dx_root:2266: inode #2: comm syz.7.1289: Corrupt dir, invalid name for '.', running e2fsck is recommended
[  268.373273][ T9461] dummy0: entered promiscuous mode
[  268.379677][ T9461] bond1: (slave dummy0): Enslaving as an active interface with an up link
[  268.712499][ T9477] 9pnet_fd: Insufficient options for proto=fd
[  269.555255][ T8497] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  269.650408][ T9492] netlink: 'syz.7.1300': attribute type 10 has an invalid length.
[  269.686108][ T9492] 8021q: adding VLAN 0 to HW filter on device team0
[  269.703382][ T9492] bond0: (slave team0): Enslaving as an active interface with an up link
[  270.040817][ T9495] loop7: detected capacity change from 0 to 512
[  270.069200][ T9495] EXT4-fs error (device loop7): ext4_orphan_get:1399: inode #15: comm syz.7.1301: inode has both inline data and extents flags
[  270.108227][ T9495] EXT4-fs error (device loop7): ext4_orphan_get:1404: comm syz.7.1301: couldn't read orphan inode 15 (err -117)
[  270.167509][ T9495] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  270.298183][ T9505] netlink: 'syz.4.1305': attribute type 1 has an invalid length.
[  270.348352][ T9505] bond2: entered promiscuous mode
[  270.354881][ T9505] bond2: entered allmulticast mode
[  270.366353][ T9505] 8021q: adding VLAN 0 to HW filter on device bond2
[  270.423417][ T6122] dummy0: left promiscuous mode
[  270.471354][ T9505] macvlan2: entered promiscuous mode
[  270.476798][ T9505] macvlan2: entered allmulticast mode
[  270.486733][ T9505] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  270.567536][ T8497] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  270.882750][ T9513] netlink: 96 bytes leftover after parsing attributes in process `syz.7.1309'.
[  271.941301][   T23] IPVS: starting estimator thread 0...
[  272.040218][ T9545] IPVS: using max 18 ests per chain, 43200 per kthread
[  272.605400][ T9563] loop6: detected capacity change from 0 to 128
[  272.634810][ T9563] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  272.676446][ T9563] ext4 filesystem being mounted at /176/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa supports timestamps until 2038-01-19 (0x7fffffff)
[  272.746724][ T9563] EXT4-fs error (device loop6): ext4_check_dx_root:2266: inode #2: comm syz.6.1330: Corrupt dir, invalid name for '.', running e2fsck is recommended
[  273.270726][ T5797] usb 3-1: new high-speed USB device number 8 using dummy_hcd
[  273.386896][ T7452] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  273.484012][ T5797] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  273.498163][ T5797] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  273.508176][ T5797] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  273.517944][ T5797] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.530617][ T5797] usb 3-1: config 0 descriptor??
[  273.730381][   T28] usb 7-1: new high-speed USB device number 4 using dummy_hcd
[  273.920212][   T28] usb 7-1: Using ep0 maxpacket: 8
[  273.934169][   T28] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  273.955523][   T28] usb 7-1: New USB device found, idVendor=046d, idProduct=0892, bcdDevice=6d.2a
[  273.974093][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  273.980264][   T28] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  273.999779][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  274.007654][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  274.021125][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  274.022113][   T28] usb 7-1: config 0 descriptor??
[  274.028138][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  274.028193][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  274.028217][ T5797] cp2112 0003:10C4:EA90.0008: unknown main item tag 0x0
[  274.031148][ T5797] cp2112 0003:10C4:EA90.0008: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  274.044134][   T28] gspca_main: vc032x-2.14.0 probing 046d:0892
[  274.077695][ T9595] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1343'.
[  274.178178][ T5797] cp2112 0003:10C4:EA90.0008: Part Number: 0x00 Device Version: 0x00
[  274.500544][   T23] usb 8-1: new high-speed USB device number 3 using dummy_hcd
[  274.694810][   T23] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  274.707363][   T23] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  274.721627][   T23] usb 8-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  274.731610][   T23] usb 8-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  274.739719][   T23] usb 8-1: Manufacturer: syz
[  274.749124][   T23] usb 8-1: config 0 descriptor??
[  274.793014][ T9581] cp2112 0003:10C4:EA90.0008: Error starting transaction: -38
[  274.889025][ T5797] cp2112 0003:10C4:EA90.0008: error reading lock byte: -71
[  274.900336][ T5797] usb 3-1: USB disconnect, device number 8
[  275.590305][   T23] input: syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:256C:006D.0009/input/input10
[  275.657479][ T9614] netlink: 'syz.4.1351': attribute type 10 has an invalid length.
[  275.669034][ T9614] 8021q: adding VLAN 0 to HW filter on device team0
[  275.680364][ T9614] bond0: (slave team0): Enslaving as an active interface with an up link
[  275.683893][   T23] input: syz as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:256C:006D.0009/input/input11
[  275.714669][   T28] gspca_vc032x: reg_w err -71
[  275.719482][   T28] vc032x: probe of 7-1:0.0 failed with error -71
[  275.732194][   T23] input: syz Touch Strip as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:256C:006D.0009/input/input12
[  275.754392][   T28] usb 7-1: USB disconnect, device number 4
[  275.771932][   T23] input: syz Dial as /devices/platform/dummy_hcd.7/usb8/8-1/8-1:0.0/0003:256C:006D.0009/input/input13
[  275.798262][   T23] uclogic 0003:256C:006D.0009: input,hidraw0: USB HID v0.00 Keypad [syz] on usb-dummy_hcd.7-1/input0
[  275.814964][   T23] usb 8-1: USB disconnect, device number 3
[  276.445626][ T9629] overlayfs: failed to clone upperpath
[  277.054014][ T9656] loop6: detected capacity change from 0 to 1024
[  277.069383][ T9656] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  277.087987][ T9656] EXT4-fs (loop6): revision level too high, forcing read-only mode
[  277.108442][ T9656] EXT4-fs (loop6): orphan cleanup on readonly fs
[  277.125739][ T9656] EXT4-fs error (device loop6): ext4_free_blocks:6676: comm syz.6.1369: Freeing blocks not in datazone - block = 0, count = 4096
[  277.143872][ T9661] loop7: detected capacity change from 0 to 128
[  277.156814][ T9656] EXT4-fs (loop6): 1 orphan inode deleted
[  277.167828][ T9656] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  277.188662][ T9661] EXT4-fs (loop7): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  277.207617][ T9661] ext4 filesystem being mounted at /84/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  277.287312][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  277.312454][ T8497] EXT4-fs (loop7): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  278.225408][ T9694] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1384'.
[  278.430275][ T9703] fuse: Bad value for 'fd'
[  278.789253][ T9712] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  279.258618][ T9722] 8021q: adding VLAN 0 to HW filter on device bond3
[  279.268043][ T9722] bond0: (slave bond3): Enslaving as an active interface with an up link
[  279.518175][ T6111] dummy0: left promiscuous mode
[  280.149628][ T9753] bridge0: entered promiscuous mode
[  280.212087][ T9753] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1409'.
[  280.346828][ T9753] bridge0 (unregistering): left promiscuous mode
[  280.792688][ T9765] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.
[  281.796460][ T9790] loop6: detected capacity change from 0 to 164
[  281.810276][   T28] usb 3-1: new full-speed USB device number 9 using dummy_hcd
[  281.994145][   T28] usb 3-1: New USB device found, idVendor=046d, idProduct=c293, bcdDevice= 0.00
[  282.014690][   T28] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  282.040218][   T28] usb 3-1: config 0 descriptor??
[  282.128024][ T9772] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1416'.
[  282.383075][ T9801] netlink: 104 bytes leftover after parsing attributes in process `syz.4.1429'.
[  282.503061][   T28] logitech 0003:046D:C293.000A: hidraw0: USB HID v0.00 Device [HID 046d:c293] on usb-dummy_hcd.2-1/input0
[  282.534483][   T28] logitech 0003:046D:C293.000A: no inputs found
[  282.632214][ T9809] overlayfs: failed to clone upperpath
[  282.847716][ T9811] loop7: detected capacity change from 0 to 32768
[  282.867562][ T9811] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop7 scanned by syz.7.1434 (9811)
[  282.898863][ T9811] BTRFS info (device loop7): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  282.909117][ T9811] BTRFS info (device loop7): using crc32c (crc32c-intel) checksum algorithm
[  282.917875][ T9811] BTRFS info (device loop7): using free space tree
[  283.013144][ T9811] BTRFS info (device loop7): enabling ssd optimizations
[  283.020404][ T9811] BTRFS info (device loop7): auto enabling async discard
[  283.136440][ T9811] BTRFS info (device loop7): setting incompat feature flag for COMPRESS_LZO (0x8)
[  283.210138][ T8497] BTRFS info (device loop7): last unmount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  283.535155][ T5880] usb 3-1: USB disconnect, device number 9
[  284.106593][ T9850] sch_tbf: burst 0 is lower than device lo mtu (11337746) !
[  284.644329][   T27] kauditd_printk_skb: 10 callbacks suppressed
[  284.644381][   T27] audit: type=1804 audit(1763653261.396:68): pid=9864 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.4.1449" name="file1" dev="ramfs" ino=26120 res=1 errno=0
[  284.929171][ T9874] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1453'.
[  285.158101][ T9880] loop6: detected capacity change from 0 to 16
[  285.182099][ T9880] erofs: (device loop6): mounted with root inode @ nid 36.
[  285.272116][ T9880] overlay: Unknown parameter '/'
[  285.290770][ T9880] overlay: Unknown parameter '/'
[  285.752850][ T9900] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1465'.
[  286.726007][ T9931] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1476'.
[  286.797080][ T9933] sch_tbf: burst 88 is lower than device veth7 mtu (1514) !
[  286.938722][ T9939] xt_bpf: check failed: parse error
[  287.450279][    T9] usb 7-1: new high-speed USB device number 5 using dummy_hcd
[  287.532622][ T9958] capability: warning: `syz.4.1486' uses deprecated v2 capabilities in a way that may be insecure
[  287.666635][    T9] usb 7-1: New USB device found, idVendor=055f, idProduct=c230, bcdDevice=b6.ac
[  287.675987][    T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  287.684179][    T9] usb 7-1: Product: syz
[  287.688471][    T9] usb 7-1: Manufacturer: syz
[  287.693251][    T9] usb 7-1: SerialNumber: syz
[  287.699588][    T9] usb 7-1: config 0 descriptor??
[  287.707526][    T9] gspca_main: sunplus-2.14.0 probing 055f:c230
[  287.854054][ T9962] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1488'.
[  289.341438][   T28] usb 7-1: USB disconnect, device number 5
[  289.827057][T10008] overlayfs: failed to resolve './file0': -2
[  290.484746][T10029] overlayfs: failed to clone lowerpath
[  290.496835][T10029] overlayfs: failed to clone lowerpath
[  290.704557][T10034] netlink: 96 bytes leftover after parsing attributes in process `syz.4.1519'.
[  290.837598][T10037] loop2: detected capacity change from 0 to 512
[  290.846024][T10037] EXT4-fs: Ignoring removed i_version option
[  290.849118][T10038] netlink: 'syz.4.1521': attribute type 1 has an invalid length.
[  290.852422][T10037] EXT4-fs: Ignoring removed bh option
[  290.938090][T10038] 8021q: adding VLAN 0 to HW filter on device bond4
[  290.951377][T10037] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  290.981997][T10042] bond1: (slave dummy0): Releasing active interface
[  291.014315][T10037] ext4 filesystem being mounted at /395/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  291.062129][T10042] bond4: (slave dummy0): making interface the new active one
[  291.120623][T10042] bond4: (slave dummy0): Enslaving as an active interface with an up link
[  291.498293][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  291.944537][T10038] bond4 (unregistering): (slave dummy0): Releasing active interface
[  291.978919][T10038] bond4 (unregistering): Released all slaves
[  292.789936][T10063] overlayfs: failed to clone upperpath
[  292.838003][T10063] overlayfs: failed to clone upperpath
[  292.876656][T10063] overlayfs: failed to clone upperpath
[  293.211161][T10072] netlink: 7 bytes leftover after parsing attributes in process `syz.4.1534'.
[  293.530609][ T5880] libceph: connect (1)[c::]:6789 error -101
[  293.544408][ T5880] libceph: mon0 (1)[c::]:6789 connect error
[  293.618321][T10080] ceph: No mds server is up or the cluster is laggy
[  294.208227][T10101] overlayfs: failed to clone upperpath
[  294.356459][T10105] tipc: Failed to remove unknown binding: 66,1,1/0:1913130955/1913130957
[  294.366530][T10105] tipc: Failed to remove unknown binding: 66,1,1/0:1913130955/1913130957
[  294.380545][T10105] tipc: Failed to remove unknown binding: 66,1,1/0:1913130955/1913130957
[  294.568872][T10112] netlink: 24 bytes leftover after parsing attributes in process `syz.7.1551'.
[  294.777847][T10116] vlan2: entered allmulticast mode
[  294.791403][T10116] batadv0: entered allmulticast mode
[  294.857915][T10118] overlayfs: failed to verify upper (129/file1, ino=712, err=-116)
[  294.882632][T10118] overlayfs: failed to verify index dir 'upper' xattr
[  294.889562][T10118] overlayfs: try deleting index dir or mounting with '-o index=off' to disable inodes index.
[  296.321799][T10146] geneve2: entered promiscuous mode
[  296.327079][T10146] geneve2: entered allmulticast mode
[  298.241564][ T5797] usb 8-1: new high-speed USB device number 4 using dummy_hcd
[  298.430475][ T5797] usb 8-1: Using ep0 maxpacket: 8
[  298.444241][ T5797] usb 8-1: New USB device found, idVendor=16d0, idProduct=10a9, bcdDevice=30.52
[  298.459618][ T5797] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  298.468306][ T5797] usb 8-1: Product: syz
[  298.473767][ T5797] usb 8-1: Manufacturer: syz
[  298.478445][ T5797] usb 8-1: SerialNumber: syz
[  298.491262][ T5797] usb 8-1: config 0 descriptor??
[  298.736858][T10185] geneve3: entered promiscuous mode
[  298.747486][T10160] kvm: emulating exchange as write
[  298.753287][T10185] geneve3: entered allmulticast mode
[  298.776903][ T5797] usb 8-1: USB disconnect, device number 4
[  300.104358][T10223] loop6: detected capacity change from 0 to 2048
[  300.129975][T10223] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  300.200439][ T5880] usb 3-1: new high-speed USB device number 10 using dummy_hcd
[  300.394038][ T5880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  300.416569][ T5880] usb 3-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  300.440099][ T5880] usb 3-1: New USB device found, idVendor=10c4, idProduct=ea90, bcdDevice= 0.00
[  300.460154][ T5880] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  300.481598][ T5880] usb 3-1: config 0 descriptor??
[  300.915354][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  300.930181][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  300.960277][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  300.970196][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  300.988288][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  301.000774][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  301.007808][ T5880] cp2112 0003:10C4:EA90.000B: unknown main item tag 0x0
[  301.051717][ T5880] cp2112 0003:10C4:EA90.000B: hidraw0: USB HID v0.00 Device [HID 10c4:ea90] on usb-dummy_hcd.2-1/input0
[  301.151415][ T5880] cp2112 0003:10C4:EA90.000B: Part Number: 0x82 Device Version: 0xFE
[  301.184998][T10240] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1604'.
[  301.760392][T10220] cp2112 0003:10C4:EA90.000B: Multi-message I2C transactions not supported
[  301.772246][ T5880] cp2112 0003:10C4:EA90.000B: error reading lock byte: -71
[  301.788618][ T5880] usb 3-1: USB disconnect, device number 10
[  302.942817][T10271] loop2: detected capacity change from 0 to 128
[  303.121209][T10271] syz.2.1614: attempt to access beyond end of device
[  303.121209][T10271] loop2: rw=2049, sector=145, nr_sectors = 320 limit=128
[  303.225098][T10271] syz.2.1614: attempt to access beyond end of device
[  303.225098][T10271] loop2: rw=524288, sector=145, nr_sectors = 224 limit=128
[  303.265141][T10271] syz.2.1614: attempt to access beyond end of device
[  303.265141][T10271] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  303.284112][T10271] syz.2.1614: attempt to access beyond end of device
[  303.284112][T10271] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  303.310748][T10271] syz.2.1614: attempt to access beyond end of device
[  303.310748][T10271] loop2: rw=0, sector=145, nr_sectors = 8 limit=128
[  303.644000][T10286] loop6: detected capacity change from 0 to 512
[  303.701762][T10286] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a802c018, mo2=0002]
[  303.710629][T10286] System zones: 1-20
[  303.752378][T10286] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  304.004623][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  307.284073][T10347] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1644'.
[  307.297453][T10347] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1644'.
[  307.505029][T10354] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1646'.
[  308.029209][T10365] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1651'.
[  308.046501][T10365] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1651'.
[  310.121260][   T27] audit: type=1326 audit(1763653286.876:69): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10397 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0278f749 code=0x7fc00000
[  310.208418][   T27] audit: type=1326 audit(1763653286.956:70): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10397 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0278f749 code=0x7fc00000
[  310.254468][   T27] audit: type=1326 audit(1763653286.956:71): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10397 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0278f749 code=0x7fc00000
[  310.694052][T10417] netlink: 1347 bytes leftover after parsing attributes in process `syz.7.1670'.
[  310.785640][ T5788] Bluetooth: hci1: unexpected event for opcode 0x080f
[  310.843763][   T27] audit: type=1326 audit(1763653287.596:72): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10397 comm="syz.4.1662" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f8b0278f749 code=0x7fc00000
[  311.473460][T10440] sctp: [Deprecated]: syz.2.1678 (pid 10440) Use of int in max_burst socket option deprecated.
[  311.473460][T10440] Use struct sctp_assoc_value instead
[  311.856490][T10448] netlink: 4 bytes leftover after parsing attributes in process `syz.7.1681'.
[  311.909503][T10448] netlink: 12 bytes leftover after parsing attributes in process `syz.7.1681'.
[  312.469418][ T5788] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  312.478691][ T5788] Bluetooth: hci3: Injecting HCI hardware error event
[  312.489558][ T5788] Bluetooth: hci3: hardware error 0x00
[  312.613753][T10460] loop6: detected capacity change from 0 to 128
[  312.816573][T10460] syz.6.1687: attempt to access beyond end of device
[  312.816573][T10460] loop6: rw=2049, sector=145, nr_sectors = 856 limit=128
[  312.934297][T10460] syz.6.1687: attempt to access beyond end of device
[  312.934297][T10460] loop6: rw=524288, sector=145, nr_sectors = 224 limit=128
[  312.957567][T10460] syz.6.1687: attempt to access beyond end of device
[  312.957567][T10460] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  312.976569][T10460] syz.6.1687: attempt to access beyond end of device
[  312.976569][T10460] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  312.998730][T10460] syz.6.1687: attempt to access beyond end of device
[  312.998730][T10460] loop6: rw=0, sector=145, nr_sectors = 8 limit=128
[  314.545074][ T5788] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  314.639136][   T27] audit: type=1326 audit(1763653291.386:73): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10512 comm="syz.2.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7fc00000
[  314.666871][   T27] audit: type=1326 audit(1763653291.416:74): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10512 comm="syz.2.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7fc00000
[  314.717206][   T27] audit: type=1326 audit(1763653291.466:75): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10512 comm="syz.2.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7fc00000
[  314.860244][ T5788] Bluetooth: hci1: Controller not accepting commands anymore: ncmd = 0
[  314.872511][ T5788] Bluetooth: hci1: Injecting HCI hardware error event
[  314.884156][   T51] Bluetooth: hci1: hardware error 0x00
[  315.394178][   T27] audit: type=1326 audit(1763653292.146:76): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10512 comm="syz.2.1705" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7fc00000
[  316.322460][    T9] usb 8-1: new full-speed USB device number 5 using dummy_hcd
[  316.330434][   T27] audit: type=1326 audit(1763653293.076:77): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=10520 comm="syz.4.1709" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f8b0278f749 code=0x0
[  316.534640][    T9] usb 8-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[  316.544201][    T9] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  316.552547][    T9] usb 8-1: Product: syz
[  316.558736][    T9] usb 8-1: Manufacturer: syz
[  316.566063][    T9] usb 8-1: SerialNumber: syz
[  316.577428][    T9] usb 8-1: config 0 descriptor??
[  316.809075][    T9] usb 8-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[  316.940432][   T51] Bluetooth: hci1: Opcode 0x0c03 failed: -110
[  317.355663][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  317.373298][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  318.234445][    T9] dvb_usb_rtl28xxu: probe of 8-1:0.0 failed with error -71
[  318.253831][    T9] usb 8-1: USB disconnect, device number 5
[  318.298916][T10565] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1724'.
[  319.483877][T10601] loop7: detected capacity change from 0 to 128
[  319.605367][T10605] syz.7.1738: attempt to access beyond end of device
[  319.605367][T10605] loop7: rw=2049, sector=145, nr_sectors = 488 limit=128
[  319.789763][T10605] syz.7.1738: attempt to access beyond end of device
[  319.789763][T10605] loop7: rw=524288, sector=145, nr_sectors = 224 limit=128
[  319.808332][T10605] syz.7.1738: attempt to access beyond end of device
[  319.808332][T10605] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  319.830291][T10605] syz.7.1738: attempt to access beyond end of device
[  319.830291][T10605] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  319.837778][T10612] overlayfs: failed to clone upperpath
[  319.869825][T10605] syz.7.1738: attempt to access beyond end of device
[  319.869825][T10605] loop7: rw=0, sector=145, nr_sectors = 8 limit=128
[  325.109581][T10679] overlayfs: failed to clone upperpath
[  325.362103][    T9] usb 7-1: new high-speed USB device number 6 using dummy_hcd
[  325.469675][ T5788] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1
[  325.490214][ T5788] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9
[  325.499246][ T5788] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9
[  325.552140][ T5788] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4
[  325.560795][ T5788] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3
[  325.570766][ T5788] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2
[  325.591652][    T9] usb 7-1: Using ep0 maxpacket: 16
[  325.623270][    T9] usb 7-1: config 0 interface 0 altsetting 9 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  325.641330][    T9] usb 7-1: config 0 interface 0 has no altsetting 0
[  325.648101][    T9] usb 7-1: New USB device found, idVendor=1e71, idProduct=2009, bcdDevice= 0.00
[  325.657382][    T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  325.669543][    T9] usb 7-1: config 0 descriptor??
[  326.106946][    T9] nzxt-smart2 0003:1E71:2009.000C: hidraw0: USB HID v0.05 Device [HID 1e71:2009] on usb-dummy_hcd.6-1/input0
[  326.632957][T10688] chnl_net:caif_netlink_parms(): no params data found
[  326.734341][   T23] usb 7-1: USB disconnect, device number 6
[  326.839469][T10688] bridge0: port 1(bridge_slave_0) entered blocking state
[  326.858108][T10688] bridge0: port 1(bridge_slave_0) entered disabled state
[  326.869247][T10688] bridge_slave_0: entered allmulticast mode
[  326.881424][T10688] bridge_slave_0: entered promiscuous mode
[  326.892335][T10688] bridge0: port 2(bridge_slave_1) entered blocking state
[  326.899973][T10688] bridge0: port 2(bridge_slave_1) entered disabled state
[  326.907647][T10688] bridge_slave_1: entered allmulticast mode
[  326.915609][T10688] bridge_slave_1: entered promiscuous mode
[  326.977637][T10688] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  327.003759][T10688] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  327.108385][T10688] team0: Port device team_slave_0 added
[  327.119370][T10721] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1783'.
[  327.144226][T10688] team0: Port device team_slave_1 added
[  327.156983][T10721] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1783'.
[  327.276517][T10688] batman_adv: batadv0: Adding interface: batadv_slave_0
[  327.290338][T10688] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.336547][T10688] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  327.363740][T10688] batman_adv: batadv0: Adding interface: batadv_slave_1
[  327.390769][T10688] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  327.440349][T10688] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  327.629343][T10688] hsr_slave_0: entered promiscuous mode
[  327.647229][T10688] hsr_slave_1: entered promiscuous mode
[  327.666288][   T51] Bluetooth: hci3: command tx timeout
[  327.721921][T10688] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  327.729576][T10688] Cannot create hsr debugfs directory
[  328.566023][T10688] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.749567][T10688] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.848813][T10688] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  328.953811][T10688] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  329.193696][T10688] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  329.214597][T10688] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  329.234844][T10688] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  329.253810][T10688] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  329.374108][T10755] overlayfs: failed to clone upperpath
[  329.468195][T10688] 8021q: adding VLAN 0 to HW filter on device bond0
[  329.499215][T10688] 8021q: adding VLAN 0 to HW filter on device team0
[  329.517198][ T3491] bridge0: port 1(bridge_slave_0) entered blocking state
[  329.524479][ T3491] bridge0: port 1(bridge_slave_0) entered forwarding state
[  329.565431][ T3491] bridge0: port 2(bridge_slave_1) entered blocking state
[  329.572590][ T3491] bridge0: port 2(bridge_slave_1) entered forwarding state
[  329.741205][   T51] Bluetooth: hci3: command tx timeout
[  330.135657][T10688] 8021q: adding VLAN 0 to HW filter on device batadv0
[  330.814214][T10688] veth0_vlan: entered promiscuous mode
[  330.838706][T10688] veth1_vlan: entered promiscuous mode
[  330.918644][T10688] veth0_macvtap: entered promiscuous mode
[  330.946698][T10688] veth1_macvtap: entered promiscuous mode
[  330.992452][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.009332][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.026113][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.037278][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.047410][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  331.058074][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.082948][T10688] batman_adv: batadv0: Interface activated: batadv_slave_0
[  331.097687][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.130165][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.140310][T10688] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  331.160319][T10688] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  331.168541][T10791] loop2: detected capacity change from 0 to 128
[  331.178279][T10791] FAT-fs (loop2): bogus number of reserved sectors
[  331.181899][T10688] batman_adv: batadv0: Interface activated: batadv_slave_1
[  331.197253][T10791] FAT-fs (loop2): This doesn't look like a DOS 1.x volume; DOS 2.x BPB is non-zero
[  331.208149][T10791] FAT-fs (loop2): Can't find a valid FAT filesystem
[  331.212752][T10688] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  331.223973][T10688] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  331.236012][T10688] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  331.244886][T10688] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  331.418865][ T6111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.434149][ T6111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.469830][ T6111] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  331.478622][ T6111] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  331.820511][   T51] Bluetooth: hci3: command tx timeout
[  332.465734][T10838] netlink: 'syz.2.1824': attribute type 1 has an invalid length.
[  332.504081][T10838] 8021q: adding VLAN 0 to HW filter on device bond2
[  332.638402][T10838] bond2: (slave veth7): Enslaving as an active interface with a down link
[  332.787955][T10838] veth0_virt_wifi: entered promiscuous mode
[  332.848177][T10838] bond2: (slave veth0_virt_wifi): making interface the new active one
[  332.873306][T10838] bond2: (slave veth0_virt_wifi): Enslaving as an active interface with an up link
[  333.651717][T10881] netlink: 'syz.7.1841': attribute type 1 has an invalid length.
[  333.908689][   T51] Bluetooth: hci3: command tx timeout
[  336.580576][T10883] veth0_virt_wifi: entered promiscuous mode
[  336.620466][T10892] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1843'.
[  337.492448][T10929] infiniband syz1: set active
[  337.513089][T10929] A link change request failed with some changes committed already. Interface bond0 may have been left with an inconsistent configuration, please check.
[  337.576431][   T27] audit: type=1804 audit(1763653314.326:78): pid=10931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.1861" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=30306 res=1 errno=0
[  337.593681][T10929] infiniband syz1: set active
[  337.662704][   T27] audit: type=1804 audit(1763653314.326:79): pid=10931 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.7.1861" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="ramfs" ino=30306 res=1 errno=0
[  337.709252][T10933] bridge0: entered allmulticast mode
[  337.724241][   T28] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.756932][T10933] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1862'.
[  337.820989][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  337.858103][T10937] netlink: 24 bytes leftover after parsing attributes in process `syz.6.1865'.
[  338.047941][T10944] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  338.139012][T10946] 9pnet: p9_errstr2errno: server reported unknown error 184467440
[  338.381340][T10953] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1871'.
[  338.563246][T10953] hsr_slave_1 (unregistering): left promiscuous mode
[  338.574663][T10956] netlink: 'syz.4.1872': attribute type 10 has an invalid length.
[  338.619243][T10956] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  338.740317][    T9] usb 8-1: new high-speed USB device number 6 using dummy_hcd
[  338.781638][   T28] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  338.825557][T10963] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1875'.
[  338.930327][    T9] usb 8-1: Using ep0 maxpacket: 32
[  338.953553][    T9] usb 8-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7
[  338.970546][    T9] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  339.005432][    T9] usb 8-1: config 0 descriptor??
[  339.021124][    T9] gspca_main: sunplus-2.14.0 probing 041e:400b
[  339.403689][T10986] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1883'.
[  339.910372][ T5797] usb 7-1: new high-speed USB device number 7 using dummy_hcd
[  340.113689][T10998] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1889'.
[  340.125425][T10998] netlink: 'syz.4.1889': attribute type 10 has an invalid length.
[  340.130360][ T5797] usb 7-1: Using ep0 maxpacket: 16
[  340.133666][T10998] netlink: 40 bytes leftover after parsing attributes in process `syz.4.1889'.
[  340.155433][T10998] batman_adv: batadv0: Adding interface: virt_wifi0
[  340.164286][T10998] batman_adv: batadv0: The MTU of interface virt_wifi0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  340.166256][ T5797] usb 7-1: New USB device found, idVendor=06be, idProduct=a232, bcdDevice=33.f3
[  340.195707][T10998] batman_adv: batadv0: Interface activated: virt_wifi0
[  340.230406][ T5797] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  340.238520][ T5797] usb 7-1: Product: syz
[  340.251331][ T5797] usb 7-1: Manufacturer: syz
[  340.256067][ T5797] usb 7-1: SerialNumber: syz
[  340.271707][ T5797] usb 7-1: config 0 descriptor??
[  340.400623][T11006] netlink: 16 bytes leftover after parsing attributes in process `syz.4.1891'.
[  340.454169][T11006] bond0: (slave wlan1): Releasing backup interface
[  340.601506][   T27] audit: type=1326 audit(1763653317.356:80): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  340.657465][   T27] audit: type=1326 audit(1763653317.376:81): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  340.700326][    T9] gspca_sunplus: reg_w_riv err -71
[  340.715091][ T5797] dvb-usb: found a 'AME DTV-5100 USB2.0 DVB-T' in warm state.
[  340.722841][    T9] sunplus: probe of 8-1:0.0 failed with error -71
[  340.740185][   T27] audit: type=1326 audit(1763653317.376:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  340.745773][    T9] usb 8-1: USB disconnect, device number 6
[  340.782598][ T5797] dvb-usb: will pass the complete MPEG2 transport stream to the software demuxer.
[  340.790814][   T27] audit: type=1326 audit(1763653317.376:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  340.812746][ T5797] dvbdev: DVB: registering new adapter (AME DTV-5100 USB2.0 DVB-T)
[  340.836879][   T27] audit: type=1326 audit(1763653317.376:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  340.855400][ T5797] usb 7-1: media controller created
[  340.898521][   T27] audit: type=1326 audit(1763653317.376:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  340.919570][ T5797] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  340.947048][   T27] audit: type=1326 audit(1763653317.376:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  341.003724][   T27] audit: type=1326 audit(1763653317.386:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11010 comm="syz.2.1893" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f2415d8f749 code=0x7ffc0000
[  341.483420][ T5797] zl10353_read_register: readreg error (reg=127, ret==0)
[  341.484535][T11029] loop7: detected capacity change from 0 to 512
[  341.500386][ T5797] dvb-usb: no frontend was attached by 'AME DTV-5100 USB2.0 DVB-T'
[  341.508668][ T5797] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully initialized and connected.
[  341.529683][ T5797] usb 7-1: USB disconnect, device number 7
[  341.546247][T11029] EXT4-fs error (device loop7): ext4_validate_block_bitmap:439: comm syz.7.1898: bg 0: block 288: padding at end of block bitmap is not set
[  341.591423][T11029] EXT4-fs error (device loop7) in ext4_mb_clear_bb:6637: Corrupt filesystem
[  341.627092][T11029] EXT4-fs error (device loop7): ext4_clear_blocks:883: inode #13: comm syz.7.1898: attempt to clear invalid blocks 1024 len 1
[  341.658915][T11029] EXT4-fs error (device loop7): ext4_free_branches:1030: inode #13: comm syz.7.1898: invalid indirect mapped block 1819239214 (level 0)
[  341.689940][ T5797] dvb-usb: AME DTV-5100 USB2.0 DVB-T successfully deinitialized and disconnected.
[  341.691358][T11029] EXT4-fs (loop7): 1 truncate cleaned up
[  341.728328][T11029] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.881532][T10688] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.579832][T11063] ref_ctr_offset mismatch. inode: 0x87 offset: 0x0 ref_ctr_offset(old): 0x0 ref_ctr_offset(new): 0x200000000240
[  342.873023][T11076] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1915'.
[  343.722680][T11106] iommufd_mock iommufd_mock1: Adding to iommu group 0
[  344.962626][T11123] loop7: detected capacity change from 0 to 32768
[  345.034318][T11123]  loop7: p9 p11 p16
[  345.196805][T11145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.222168][T11145] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  345.381398][T11150] netlink: 'syz.7.1945': attribute type 29 has an invalid length.
[  345.389906][T11150] netlink: 'syz.7.1945': attribute type 29 has an invalid length.
[  345.421941][T11150] syzkaller1: entered promiscuous mode
[  345.428023][T11150] syzkaller1: entered allmulticast mode
[  346.228339][T11170] lo: entered allmulticast mode
[  346.257146][T11170] pimreg: entered allmulticast mode
[  346.625234][T11188] 9pnet: p9_errstr2errno: server reported unknown error 18446744073
[  347.069076][T11200] netlink: 'syz.7.1968': attribute type 4 has an invalid length.
[  347.136412][T11203] netlink: 'syz.7.1968': attribute type 4 has an invalid length.
[  347.234380][T11205] loop2: detected capacity change from 0 to 512
[  347.242929][T11205] EXT4-fs: Ignoring removed nobh option
[  347.285882][T11205] EXT4-fs error (device loop2): ext4_do_update_inode:5244: inode #3: comm syz.2.1970: corrupted inode contents
[  347.327574][T11205] EXT4-fs (loop2): Remounting filesystem read-only
[  347.345427][T11205] __quota_error: 13 callbacks suppressed
[  347.345447][T11205] Quota error (device loop2): write_blk: dquota write failed
[  347.362133][T11205] Quota error (device loop2): qtree_write_dquot: Error -5 occurred while creating quota
[  347.372103][T11205] EXT4-fs (loop2): 1 truncate cleaned up
[  347.379933][T11205] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  347.400306][T11205] ext4 filesystem being mounted at /505/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  347.655690][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  347.773388][T11217] infiniband syz1: set active
[  347.811762][T11217] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  347.849525][T11220] netlink: 'syz.4.1974': attribute type 13 has an invalid length.
[  347.896679][T11220] netlink: 'syz.4.1974': attribute type 17 has an invalid length.
[  347.966661][T11220] infiniband syz1: set active
[  347.991446][T11220] infiniband syz1: set active
[  348.021238][T11220] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  348.051879][T11221] A link change request failed with some changes committed already. Interface vlan2 may have been left with an inconsistent configuration, please check.
[  349.308816][T11237] netlink: 'syz.4.1980': attribute type 4 has an invalid length.
[  349.349657][T11237] netlink: 'syz.4.1980': attribute type 4 has an invalid length.
[  349.890233][ T5850] usb 8-1: new high-speed USB device number 7 using dummy_hcd
[  350.034628][T11256] netlink: 16 bytes leftover after parsing attributes in process `syz.6.1987'.
[  350.078908][ T5850] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config
[  350.089781][ T5850] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1279, setting to 1024
[  350.127974][ T5850] usb 8-1: config 1 interface 0 altsetting 0 bulk endpoint 0x81 has invalid maxpacket 1024
[  350.139556][ T5850] usb 8-1: config 1 interface 1 altsetting 1 has 1 endpoint descriptor, different from the interface descriptor's value: 2
[  350.161588][ T5850] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  350.175729][ T5850] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  350.185172][ T5850] usb 8-1: Product: syz
[  350.189445][ T5850] usb 8-1: Manufacturer: syz
[  350.201524][ T5850] usb 8-1: SerialNumber: syz
[  350.215520][T11246] raw-gadget.0 gadget.7: fail, usb_ep_enable returned -22
[  350.569256][T11263] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1989'.
[  351.435767][ T5850] cdc_ncm 8-1:1.0: bind() failure
[  351.452993][ T5850] cdc_ncm: probe of 8-1:1.1 failed with error -71
[  351.460315][ T5850] cdc_mbim: probe of 8-1:1.1 failed with error -71
[  351.474977][ T5850] usbtest: probe of 8-1:1.1 failed with error -71
[  351.486223][ T5850] usb 8-1: USB disconnect, device number 7
[  351.906800][T11283] loop2: detected capacity change from 0 to 32768
[  351.915159][T11283] BTRFS: device fsid a6a605fc-d5f1-4e66-8595-3726e2b761d6 devid 1 transid 8 /dev/loop2 scanned by syz.2.1997 (11283)
[  351.936366][T11283] BTRFS info (device loop2): first mount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  351.949899][T11283] BTRFS info (device loop2): using blake2b (blake2b-256-generic) checksum algorithm
[  351.967982][T11283] BTRFS info (device loop2): using free space tree
[  352.016235][T11283] BTRFS info (device loop2): enabling ssd optimizations
[  352.023474][T11283] BTRFS info (device loop2): auto enabling async discard
[  352.706874][ T5789] BTRFS info (device loop2): last unmount of filesystem a6a605fc-d5f1-4e66-8595-3726e2b761d6
[  353.205307][T11321] fuse: Bad value for 'fd'
[  353.645846][T11329] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  353.737864][T11329] netlink: 'syz.7.2008': attribute type 13 has an invalid length.
[  353.746216][T11329] netlink: 'syz.7.2008': attribute type 17 has an invalid length.
[  355.075914][T11329] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  356.304213][T11365] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  357.464068][T11397] loop2: detected capacity change from 0 to 1024
[  357.473915][T11397] EXT4-fs: Ignoring removed bh option
[  357.514320][T11397] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  357.554875][   T27] audit: type=1800 audit(1763653590.303:101): pid=11397 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2034" name="file1" dev="loop2" ino=15 res=0 errno=0
[  357.648170][ T5789] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  358.710822][T11431] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  358.801670][T11436] ALSA: seq fatal error: cannot create timer (-22)
[  358.941880][T11441] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2049'.
[  358.972500][T11441] team1: entered promiscuous mode
[  358.977612][T11441] team1: entered allmulticast mode
[  359.842525][T11470] kvm: pic: non byte read
[  359.847053][T11470] kvm: pic: non byte read
[  359.858919][T11470] kvm: pic: non byte read
[  359.864114][T11470] kvm: pic: non byte read
[  359.868590][T11470] kvm: pic: non byte read
[  359.879280][T11470] kvm: pic: non byte read
[  359.883958][T11470] kvm: pic: non byte read
[  359.889132][T11470] kvm: pic: non byte read
[  359.898754][T11470] kvm: pic: non byte read
[  359.905644][T11470] kvm: pic: non byte read
[  360.274540][T11486] sd 0:0:1:0: PR command failed: 1026
[  360.290726][T11486] sd 0:0:1:0: Sense Key : Illegal Request [current] 
[  360.298466][T11486] sd 0:0:1:0: Add. Sense: Invalid command operation code
[  360.668811][T11499] input: syz0 as /devices/virtual/input/input14
[  360.703969][   T27] audit: type=1326 audit(1763653593.453:102): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11498 comm="syz.6.2073" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f5fda38f749 code=0x0
[  360.839523][T11494] loop2: detected capacity change from 0 to 32768
[  360.856308][T11494] XFS (loop2): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  360.922132][T11494] XFS (loop2): Ending clean mount
[  361.128402][ T5789] XFS (loop2): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  361.139420][T11510] syz.7.2074[11510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.139680][T11510] syz.7.2074[11510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.163274][T11510] syz.7.2074[11510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.175168][T11510] syz.7.2074[11510] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  361.193779][T11510] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2074'.
[  362.023753][T11541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2087'.
[  362.051927][T11541] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2087'.
[  362.570695][ T5850] IPVS: starting estimator thread 0...
[  362.660153][T11558] IPVS: using max 17 ests per chain, 40800 per kthread
[  363.067790][T11570] loop6: detected capacity change from 0 to 512
[  363.091432][T11570] EXT4-fs (loop6): orphan cleanup on readonly fs
[  363.107612][T11570] EXT4-fs error (device loop6): ext4_validate_block_bitmap:439: comm syz.6.2098: bg 0: block 248: padding at end of block bitmap is not set
[  363.123029][T11562] cgroup: fork rejected by pids controller in /syz7
[  363.138612][T11570] Quota error (device loop6): write_blk: dquota write failed
[  363.164570][T11570] Quota error (device loop6): qtree_write_dquot: Error -117 occurred while creating quota
[  363.193456][T11570] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2098: Failed to acquire dquot type 1
[  363.215278][T11570] EXT4-fs (loop6): 1 truncate cleaned up
[  363.225569][T11570] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  363.268604][T11570] EXT4-fs (loop6): warning: mounting fs with errors, running e2fsck is recommended
[  363.325159][T11570] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  363.347254][T11570] ext4 filesystem being remounted at /346/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  363.438602][T11570] Quota error (device loop6): write_blk: dquota write failed
[  363.459445][T11570] Quota error (device loop6): qtree_write_dquot: Error -28 occurred while creating quota
[  363.478361][T11570] EXT4-fs error (device loop6): ext4_acquire_dquot:6933: comm syz.6.2098: Failed to acquire dquot type 1
[  363.599303][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.866804][T11628] kvm: pic: non byte write
[  363.992222][T11637] loop7: detected capacity change from 0 to 256
[  363.999155][T11637] exfat: Deprecated parameter 'utf8'
[  364.005093][T11637] exfat: Deprecated parameter 'namecase'
[  364.010843][T11637] exfat: Deprecated parameter 'utf8'
[  364.032231][T11637] exFAT-fs (loop7): failed to load upcase table (idx : 0x00010000, chksum : 0xb89b369d, utbl_chksum : 0xe619d30d)
[  364.059308][T11637] syz.7.2107: attempt to access beyond end of device
[  364.059308][T11637] loop7: rw=524288, sector=34359738488, nr_sectors = 8 limit=256
[  364.082283][T11637] syz.7.2107: attempt to access beyond end of device
[  364.082283][T11637] loop7: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  364.105877][   T27] audit: type=1800 audit(1763653596.853:103): pid=11637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2107" name="file1" dev="loop7" ino=1048629 res=0 errno=0
[  364.144441][T11637] exFAT-fs (loop7): error, tried to truncate zeroed cluster.
[  364.157404][   T27] audit: type=1804 audit(1763653596.903:104): pid=11637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.7.2107" name="/newroot/63/file0/file1" dev="loop7" ino=1048629 res=1 errno=0
[  364.157449][T11637] syz.7.2107: attempt to access beyond end of device
[  364.157449][T11637] loop7: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  364.198235][   T27] audit: type=1800 audit(1763653596.943:105): pid=11637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.7.2107" name="file1" dev="loop7" ino=1048629 res=0 errno=0
[  364.205452][T11637] syz.7.2107: attempt to access beyond end of device
[  364.205452][T11637] loop7: rw=0, sector=34359738488, nr_sectors = 8 limit=256
[  364.248128][T11637] syz.7.2107: attempt to access beyond end of device
[  364.248128][T11637] loop7: rw=0, sector=276758647, nr_sectors = 1 limit=256
[  364.383261][   T27] audit: type=1326 audit(1763653597.133:106): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11641 comm="syz.7.2109" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fd4e9b8f749 code=0x0
[  364.764309][T11654] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2114'.
[  365.010181][T11656] netlink: 'syz.2.2114': attribute type 2 has an invalid length.
[  365.076750][T11658] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2115'.
[  365.229903][T11662] overlayfs: failed to clone upperpath
[  365.371854][T11670] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2120'.
[  366.241010][ T5831] usb 7-1: new high-speed USB device number 8 using dummy_hcd
[  366.462422][T11699] netlink: 24 bytes leftover after parsing attributes in process `syz.7.2132'.
[  366.472581][ T5831] usb 7-1: config index 0 descriptor too short (expected 28277, got 36)
[  366.500310][ T5831] usb 7-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  366.519740][ T5831] usb 7-1: config 0 has no interfaces?
[  366.527309][ T5831] usb 7-1: New USB device found, idVendor=056a, idProduct=0063, bcdDevice= 0.00
[  366.540052][ T5831] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  366.566788][ T5831] usb 7-1: config 0 descriptor??
[  366.783079][T11703] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  368.096962][T11730] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  368.524128][T11736] loop7: detected capacity change from 0 to 256
[  368.807255][ T5831] usb 7-1: USB disconnect, device number 8
[  369.030460][ T5880] usb 8-1: new high-speed USB device number 8 using dummy_hcd
[  369.240179][ T5880] usb 8-1: Using ep0 maxpacket: 8
[  369.252379][ T5880] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024
[  369.270395][ T5880] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024
[  369.282389][ T5880] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32
[  369.292670][ T5880] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3
[  369.305897][ T5880] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23
[  369.315082][ T5880] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  369.551653][ T5880] usb 8-1: GET_CAPABILITIES returned 0
[  369.560184][ T5880] usbtmc 8-1:16.0: can't read capabilities
[  369.803557][ T5850] usb 8-1: USB disconnect, device number 8
[  371.694081][T11770] loop6: detected capacity change from 0 to 1024
[  371.703632][T11770] EXT4-fs: Ignoring removed mblk_io_submit option
[  371.712443][T11770] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  371.722144][T11770] EXT4-fs (loop6): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  371.735917][T11770] EXT4-fs error (device loop6): ext4_ext_check_inode:520: inode #11: comm syz.6.2159: pblk 0 bad header/extent: invalid extent entries - magic f30a, entries 1, max 4(4), depth 32512(32512)
[  371.760517][T11770] EXT4-fs error (device loop6): ext4_orphan_get:1404: comm syz.6.2159: couldn't read orphan inode 11 (err -117)
[  371.781563][T11770] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  371.829490][T11770] EXT4-fs (loop6): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  371.859944][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  371.944387][T11778] loop6: detected capacity change from 0 to 128
[  371.952353][T11778] EXT4-fs (loop6): couldn't mount as ext3 due to feature incompatibilities
[  373.846676][T11823] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2179'.
[  373.949972][T11819] cgroup: fork rejected by pids controller in /syz4
[  374.102674][T11823] hsr_slave_1 (unregistering): left promiscuous mode
[  375.643641][T11896] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2192'.
[  375.975881][T11893] cgroup: fork rejected by pids controller in /syz6
[  377.800009][    C0] sched: RT throttling activated
[  378.785992][ T1289] ieee802154 phy0 wpan0: encryption failed: -22
[  378.793745][ T1289] ieee802154 phy1 wpan1: encryption failed: -22
[  380.943676][T11976] loop6: detected capacity change from 0 to 512
[  380.990189][T11976] EXT4-fs (loop6): encrypted files will use data=ordered instead of data journaling mode
[  381.041234][T11976] EXT4-fs (loop6): 1 truncate cleaned up
[  381.071703][T11976] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  381.323512][T11983] loop7: detected capacity change from 0 to 128
[  381.434141][ T7452] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.518741][ T5788] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  381.540425][ T5788] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  381.549799][ T5788] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  381.574707][ T5788] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  381.612429][ T5788] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3
[  381.619969][ T5788] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  382.106268][T11977] syz.4.2215: vmalloc error: size 16777216, failed to allocated page array size 32768, mode:0xdc2(GFP_KERNEL|__GFP_HIGHMEM|__GFP_ZERO), nodemask=(null),cpuset=syz4,mems_allowed=0-1
[  382.152343][T11977] CPU: 1 PID: 11977 Comm: syz.4.2215 Not tainted syzkaller #0
[  382.159877][T11977] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  382.169957][T11977] Call Trace:
[  382.173254][T11977]  <TASK>
[  382.176196][T11977]  dump_stack_lvl+0x16c/0x230
[  382.180897][T11977]  ? show_regs_print_info+0x20/0x20
[  382.186109][T11977]  ? load_image+0x3b0/0x3b0
[  382.190633][T11977]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  382.197073][T11977]  ? cpuset_print_current_mems_allowed+0x2e3/0x360
[  382.203592][T11977]  warn_alloc+0x210/0x300
[  382.207949][T11977]  ? zone_watermark_ok_safe+0x230/0x230
[  382.213516][T11977]  ? _raw_spin_unlock+0x28/0x40
[  382.218378][T11977]  ? __kmem_cache_free+0xba/0x1f0
[  382.223430][T11977]  __vmalloc_node_range+0x662/0x1320
[  382.228755][T11977]  ? free_vm_area+0x50/0x50
[  382.233276][T11977]  ? kvmalloc_node+0x70/0x180
[  382.237969][T11977]  ? kvmalloc_node+0x70/0x180
[  382.242663][T11977]  ? trace_kmalloc+0x1f/0xa0
[  382.247287][T11977]  kvmalloc_node+0x13f/0x180
[  382.251891][T11977]  ? xp_create_and_assign_umem+0x17c/0xc00
[  382.257719][T11977]  xp_create_and_assign_umem+0x17c/0xc00
[  382.263368][T11977]  ? mutex_lock_nested+0x20/0x20
[  382.268413][T11977]  ? dev_get_by_index+0x22/0x2d0
[  382.273360][T11977]  ? dev_get_by_index+0x22/0x2d0
[  382.278310][T11977]  xsk_bind+0x31d/0xc70
[  382.282485][T11977]  __sys_bind+0x31a/0x410
[  382.286836][T11977]  ? __ia32_sys_socketpair+0xb0/0xb0
[  382.292158][T11977]  __x64_sys_bind+0x7a/0x90
[  382.296679][T11977]  do_syscall_64+0x55/0xb0
[  382.301113][T11977]  ? clear_bhb_loop+0x40/0x90
[  382.305890][T11977]  ? clear_bhb_loop+0x40/0x90
[  382.310583][T11977]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  382.316482][T11977] RIP: 0033:0x7f8b0278f749
[  382.320995][T11977] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  382.340623][T11977] RSP: 002b:00007f8b036de038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  382.349068][T11977] RAX: ffffffffffffffda RBX: 00007f8b029e6090 RCX: 00007f8b0278f749
[  382.357049][T11977] RDX: 0000000000000010 RSI: 0000200000000100 RDI: 0000000000000003
[  382.365030][T11977] RBP: 00007f8b02813f91 R08: 0000000000000000 R09: 0000000000000000
[  382.373010][T11977] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  382.380994][T11977] R13: 00007f8b029e6128 R14: 00007f8b029e6090 R15: 00007ffd7497e018
[  382.388991][T11977]  </TASK>
[  382.421332][T11977] Mem-Info:
[  382.424522][T11977] active_anon:5600 inactive_anon:0 isolated_anon:0
[  382.424522][T11977]  active_file:17779 inactive_file:40475 isolated_file:0
[  382.424522][T11977]  unevictable:768 dirty:223 writeback:0
[  382.424522][T11977]  slab_reclaimable:11678 slab_unreclaimable:127465
[  382.424522][T11977]  mapped:24086 shmem:1399 pagetables:488
[  382.424522][T11977]  sec_pagetables:0 bounce:0
[  382.424522][T11977]  kernel_misc_reclaimable:0
[  382.424522][T11977]  free:1300303 free_pcp:11392 free_cma:0
[  382.481716][T11977] Node 0 active_anon:22400kB inactive_anon:0kB active_file:71116kB inactive_file:161692kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:96336kB dirty:892kB writeback:0kB shmem:4060kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:12308kB pagetables:1952kB sec_pagetables:0kB all_unreclaimable? no
[  382.548912][T11977] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:8kB dirty:0kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:16kB pagetables:0kB sec_pagetables:0kB all_unreclaimable? no
[  382.619398][T11977] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  382.664426][T11977] lowmem_reserve[]: 0 2525 2526 2526 2526
[  382.672171][T11977] Node 0 DMA32 free:1307748kB boost:0kB min:34676kB low:43344kB high:52012kB reserved_highatomic:0KB active_anon:22256kB inactive_anon:0kB active_file:71116kB inactive_file:160360kB unevictable:1536kB writepending:892kB present:3129332kB managed:2589600kB mlocked:0kB bounce:0kB free_pcp:22840kB local_pcp:19524kB free_cma:0kB
[  382.703438][T11977] lowmem_reserve[]: 0 0 1 1 1
[  382.708411][T11977] Node 0 Normal free:8kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB active_anon:44kB inactive_anon:0kB active_file:0kB inactive_file:1332kB unevictable:0kB writepending:0kB present:1048576kB managed:1384kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  382.736215][T11977] lowmem_reserve[]: 0 0 0 0 0
[  382.741074][T11977] Node 1 Normal free:3890708kB boost:0kB min:55208kB low:69008kB high:82808kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:208kB unevictable:1536kB writepending:0kB present:4194304kB managed:4117312kB mlocked:0kB bounce:0kB free_pcp:22752kB local_pcp:12256kB free_cma:0kB
[  382.773242][T11977] lowmem_reserve[]: 0 0 0 0 0
[  382.778172][T11977] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  382.791803][T11977] Node 0 DMA32: 2667*4kB (UME) 1770*8kB (UME) 1211*16kB (UME) 857*32kB (UME) 363*64kB (UME) 200*128kB (UME) 50*256kB (UM) 24*512kB (UME) 13*1024kB (UM) 7*2048kB (M) 277*4096kB (UM) = 1307788kB
[  382.816770][T11977] Node 0 Normal: 0*4kB 1*8kB (M) 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 8kB
[  382.829223][T11977] Node 1 Normal: 219*4kB (UME) 55*8kB (UME) 39*16kB (UME) 54*32kB (UME) 31*64kB (UME) 4*128kB (UE) 2*256kB (UE) 2*512kB (ME) 2*1024kB (UE) 1*2048kB (E) 947*4096kB (M) = 3890708kB
[  382.849281][T11977] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  382.862422][T11977] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  382.872038][T11977] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  382.890394][T11977] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  382.905604][T11977] 59567 total pagecache pages
[  382.911948][T11977] 1 pages in swap cache
[  382.916283][T11977] Free swap  = 124752kB
[  382.920808][T11977] Total swap = 124996kB
[  382.924998][T11977] 2097051 pages RAM
[  382.928845][T11977] 0 pages HighMem/MovableOnly
[  382.933713][T11977] 416137 pages reserved
[  382.937886][T11977] 0 pages cma reserved
[  383.004312][T12000] netlink: 8 bytes leftover after parsing attributes in process `syz.7.2217'.
[  383.365479][ T6145] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.603562][ T6145] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  383.660282][ T5788] Bluetooth: hci4: command tx timeout
[  383.800753][ T6145] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.057684][ T6145] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  384.499112][T11984] chnl_net:caif_netlink_parms(): no params data found
[  384.941942][T11984] bridge0: port 1(bridge_slave_0) entered blocking state
[  384.951195][T11984] bridge0: port 1(bridge_slave_0) entered disabled state
[  384.981018][T11984] bridge_slave_0: entered allmulticast mode
[  384.988640][T11984] bridge_slave_0: entered promiscuous mode
[  385.177964][T11984] bridge0: port 2(bridge_slave_1) entered blocking state
[  385.210249][T11984] bridge0: port 2(bridge_slave_1) entered disabled state
[  385.235648][T11984] bridge_slave_1: entered allmulticast mode
[  385.251935][T11984] bridge_slave_1: entered promiscuous mode
[  385.476694][   T51] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1
[  385.540850][   T51] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9
[  385.554304][   T51] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9
[  385.564135][   T51] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4
[  385.577805][   T51] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3
[  385.585327][   T51] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2
[  385.616123][T11984] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  385.639126][T11984] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  385.750387][   T51] Bluetooth: hci4: command tx timeout
[  386.032992][T11984] team0: Port device team_slave_0 added
[  386.121720][T11984] team0: Port device team_slave_1 added
[  386.300652][T11984] batman_adv: batadv0: Adding interface: batadv_slave_0
[  386.309101][T11984] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.337962][T11984] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  386.458341][T11984] batman_adv: batadv0: Adding interface: batadv_slave_1
[  386.470772][T11984] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  386.517579][T11984] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  386.758429][T11984] hsr_slave_0: entered promiscuous mode
[  386.766732][T11984] hsr_slave_1: entered promiscuous mode
[  386.777528][T11984] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  386.785291][T11984] Cannot create hsr debugfs directory
[  387.668034][ T6145] hsr_slave_0: left promiscuous mode
[  387.674578][   T51] Bluetooth: hci0: command tx timeout
[  387.682518][ T6145] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  387.692229][ T6145] batman_adv: batadv0: Removing interface: batadv_slave_0
[  387.730223][ T6145] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  387.749766][ T6145] batman_adv: batadv0: Removing interface: batadv_slave_1
[  387.802319][ T6145] veth1_macvtap: left promiscuous mode
[  387.807932][ T6145] veth0_macvtap: left promiscuous mode
[  387.813890][ T6145] veth1_vlan: left promiscuous mode
[  387.819241][ T6145] veth0_vlan: left promiscuous mode
[  387.826115][   T51] Bluetooth: hci4: command tx timeout
[  388.063064][ T6145] bond2 (unregistering): (slave veth7): Releasing active interface
[  388.071155][ T6145] bond2 (unregistering): (slave veth7): the permanent HWaddr of slave - c6:19:ba:5b:09:04 - is still in use by bond - set the HWaddr of slave to a different address to avoid conflicts
[  388.466886][ T6145] bond2 (unregistering): (slave veth0_virt_wifi): Releasing active interface
[  388.485169][ T6145] bond2 (unregistering): Released all slaves
[  389.003802][ T6145] bond1 (unregistering): Released all slaves
[  389.751507][   T51] Bluetooth: hci0: command tx timeout
[  389.908519][   T51] Bluetooth: hci4: command tx timeout
[  389.926305][ T6145] Ïåš (unregistering): Port device team_slave_1 removed
[  389.992839][ T6145] Ïåš (unregistering): Port device team_slave_0 removed
[  390.063031][ T6145] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  390.130704][ T6145] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  390.937281][ T6145] bond0 (unregistering): Released all slaves
[  390.988099][T12038] chnl_net:caif_netlink_parms(): no params data found
[  391.021553][T12081] bridge: RTM_NEWNEIGH with invalid ether address
[  391.185070][T11984] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  391.237581][T11984] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  391.302734][T11984] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  391.431295][T11984] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  391.505464][T12038] bridge0: port 1(bridge_slave_0) entered blocking state
[  391.528417][T12038] bridge0: port 1(bridge_slave_0) entered disabled state
[  391.549466][T12038] bridge_slave_0: entered allmulticast mode
[  391.557129][T12038] bridge_slave_0: entered promiscuous mode
[  391.619115][T12038] bridge0: port 2(bridge_slave_1) entered blocking state
[  391.626871][T12038] bridge0: port 2(bridge_slave_1) entered disabled state
[  391.640492][T12038] bridge_slave_1: entered allmulticast mode
[  391.648067][T12038] bridge_slave_1: entered promiscuous mode
[  391.739394][T12038] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  391.764411][T12038] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  391.820507][   T51] Bluetooth: hci0: command tx timeout
[  391.844289][ T6145] IPVS: stop unused estimator thread 0...
[  392.033187][T12038] team0: Port device team_slave_0 added
[  392.079389][T12038] team0: Port device team_slave_1 added
[  392.192234][T12038] batman_adv: batadv0: Adding interface: batadv_slave_0
[  392.199242][T12038] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.226321][T12038] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  392.393818][ T6144] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.441997][T12038] batman_adv: batadv0: Adding interface: batadv_slave_1
[  392.449088][T12038] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  392.487475][T12038] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  392.612351][ T6144] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.753024][ T6144] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.837018][T12038] hsr_slave_0: entered promiscuous mode
[  392.859620][T12038] hsr_slave_1: entered promiscuous mode
[  392.938357][ T6144] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  392.987592][T12110] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  393.125694][T11984] 8021q: adding VLAN 0 to HW filter on device bond0
[  393.214332][T12112] sch_tbf: burst 4398 is lower than device lo mtu (11337746) !
[  393.269429][T11984] 8021q: adding VLAN 0 to HW filter on device team0
[  393.334494][ T6111] bridge0: port 1(bridge_slave_0) entered blocking state
[  393.341851][ T6111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  393.365524][ T6141] bridge0: port 2(bridge_slave_1) entered blocking state
[  393.372735][ T6141] bridge0: port 2(bridge_slave_1) entered forwarding state
[  393.511616][ T6144] tipc: Disabling bearer <udp:syz2>
[  393.517559][ T6144] tipc: Left network mode
[  393.606560][T12038] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  393.623628][T12038] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  393.682240][T12118] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2256'.
[  393.801248][T12038] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  393.829630][T12038] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  393.921096][   T51] Bluetooth: hci0: command tx timeout
[  394.209053][T11984] 8021q: adding VLAN 0 to HW filter on device batadv0
[  394.669661][T12038] 8021q: adding VLAN 0 to HW filter on device bond0
[  394.826519][T12038] 8021q: adding VLAN 0 to HW filter on device team0
[  394.904628][ T6111] bridge0: port 1(bridge_slave_0) entered blocking state
[  394.911866][ T6111] bridge0: port 1(bridge_slave_0) entered forwarding state
[  395.039806][ T6111] bridge0: port 2(bridge_slave_1) entered blocking state
[  395.047052][ T6111] bridge0: port 2(bridge_slave_1) entered forwarding state
[  395.235693][T11984] veth0_vlan: entered promiscuous mode
[  395.384938][T11984] veth1_vlan: entered promiscuous mode
[  395.524632][T11984] veth0_macvtap: entered promiscuous mode
[  395.580852][ T6144] hsr_slave_0: left promiscuous mode
[  395.618354][ T6144] hsr_slave_1: left promiscuous mode
[  395.719374][ T6144] veth1_macvtap: left promiscuous mode
[  395.725221][ T6144] veth0_macvtap: left promiscuous mode
[  395.735986][ T6144] veth1_vlan: left promiscuous mode
[  395.742258][ T6144] veth0_vlan: left promiscuous mode
[  395.959037][ T6144] pimreg (unregistering): left allmulticast mode
[  396.027938][ T6144] bridge0 (unregistering): left allmulticast mode
[  396.140571][ T6144] bond1 (unregistering): (slave geneve2): Releasing active interface
[  396.356119][ T6144] bond1 (unregistering): Released all slaves
[  397.977995][ T6144] bond0 (unregistering): Released all slaves
[  398.015091][ T6144] lo (unregistering): left allmulticast mode
[  398.025968][T11984] veth1_macvtap: entered promiscuous mode
[  398.033216][T12158] netlink: 44 bytes leftover after parsing attributes in process `syz.4.2266'.
[  398.137481][T11984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.162644][T11984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.190155][T11984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.210087][T11984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.240245][T11984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  398.256558][T11984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.273272][T11984] batman_adv: batadv0: Interface activated: batadv_slave_0
[  398.284859][T11984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  398.295637][T11984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.306626][T11984] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  398.328215][T11984] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  398.372749][T11984] batman_adv: batadv0: Interface activated: batadv_slave_1
[  398.435357][T11984] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  398.446834][T11984] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  398.458761][T11984] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  398.477214][T11984] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  398.529397][T12038] 8021q: adding VLAN 0 to HW filter on device batadv0
[  398.822291][ T6111] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.835967][ T6144] IPVS: stop unused estimator thread 0...
[  398.844765][ T6111] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  398.940806][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  398.954112][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  399.007642][T12183] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2272'.
[  399.148408][T12183] hsr_slave_1 (unregistering): left promiscuous mode
[  399.442603][T12038] veth0_vlan: entered promiscuous mode
[  399.493115][T12038] veth1_vlan: entered promiscuous mode
[  399.571729][T12038] veth0_macvtap: entered promiscuous mode
[  399.597426][T12038] veth1_macvtap: entered promiscuous mode
[  399.676656][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.710090][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.740671][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.769556][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.790128][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.811951][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.833520][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[  399.862111][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.887489][T12038] batman_adv: batadv0: Interface activated: batadv_slave_0
[  399.931258][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  399.966685][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  399.996682][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  400.014128][T12190] cgroup: fork rejected by pids controller in /syz8
[  400.036791][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.056773][T12038] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[  400.078531][T12038] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[  400.097348][T12038] batman_adv: batadv0: Interface activated: batadv_slave_1
[  400.142901][T12038] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  400.170243][T12038] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  400.199451][T12038] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  400.211855][T12038] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  400.458755][ T3491] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  400.490866][ T3491] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  400.509386][ T6122] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  400.540554][ T6122] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
	
	

	
	


	
			
	


	
	
			
	

	
				
		
	
	
		

				
			





	

[  402.403135][   T23] usb 10-1: 0:2 : does not exist

syzkaller
syzkaller login: [  402.839578][T12276] netlink: 'syz.8.2289': attribute type 10 has an invalid length.
[  402.920644][T12276] 8021q: adding VLAN 0 to HW filter on device bond0
[  402.953028][T12276] team0: Port device bond0 added
[  402.959213][T12277] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2289'.
[  403.060543][   T23] usb 10-1: USB disconnect, device number 2
[  403.293251][T12281] overlayfs: missing 'lowerdir'
[  403.789334][T12277] team0 (unregistering): Port device team_slave_0 removed
[  403.847946][T12277] team0 (unregistering): Port device team_slave_1 removed
[  403.930126][T12277] team0 (unregistering): Port device bond0 removed
[  404.193295][T12283] loop7: detected capacity change from 0 to 32768
[  404.214189][T12283] XFS (loop7): Mounting V5 Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  404.276616][T12283] XFS (loop7): Ending clean mount
[  404.298620][T12283] XFS (loop7): Quotacheck needed: Please wait.
[  404.384169][T12283] XFS (loop7): Quotacheck: Done.
[  405.060292][T10688] XFS (loop7): Unmounting Filesystem d7dc424e-7990-42cb-9f91-9cb7200a101d
[  405.388882][T12305] syz.8.2299[12305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.389123][T12305] syz.8.2299[12305] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  405.840451][T12311] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  405.995603][T12318] loop9: detected capacity change from 0 to 1024
[  406.004151][T12318] EXT4-fs: Ignoring removed i_version option
[  406.077797][T12318] EXT4-fs (loop9): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  406.267867][T12318] EXT4-fs error (device loop9): ext4_read_block_bitmap_nowait:478: comm syz.9.2303: Invalid block bitmap block 0 in block_group 0
[  406.287608][T12318] Quota error (device loop9): write_blk: dquota write failed
[  406.295367][T12318] Quota error (device loop9): qtree_write_dquot: Error -117 occurred while creating quota
[  406.308165][T12318] EXT4-fs error (device loop9): ext4_acquire_dquot:6933: comm syz.9.2303: Failed to acquire dquot type 0
[  406.346627][T12318] EXT4-fs error (device loop9): ext4_free_blocks:6676: comm syz.9.2303: Freeing blocks not in datazone - block = 0, count = 4096
[  406.380929][T12318] EXT4-fs error (device loop9): ext4_read_inode_bitmap:140: comm syz.9.2303: Invalid inode bitmap blk 0 in block_group 0
[  406.396869][T12318] EXT4-fs error (device loop9) in ext4_free_inode:363: Corrupt filesystem
[  406.410973][T12318] EXT4-fs (loop9): 1 orphan inode deleted
[  406.424346][T12318] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  406.662766][ T3491] Quota error (device loop9): do_check_range: Getting block 0 out of range 1-8
[  407.072899][ T3491] EXT4-fs error (device loop9): ext4_release_dquot:6969: comm kworker/u4:8: Failed to release dquot type 0
[  407.349145][T12311] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  407.695501][T12311] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.021769][T12311] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  408.476331][T12311] netdevsim netdevsim7 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  408.512322][T12333] syz_tun: entered allmulticast mode
[  408.569055][T12311] netdevsim netdevsim7 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  408.584109][T12038] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  408.593501][T12311] netdevsim netdevsim7 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  408.633753][T12311] netdevsim netdevsim7 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  408.646582][T12332] syz_tun: left allmulticast mode
[  409.342001][T12357] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  409.384365][ T5797] IPVS: starting estimator thread 0...
[  409.490402][T12360] IPVS: using max 17 ests per chain, 40800 per kthread
[  410.057800][T12375] loop7: detected capacity change from 0 to 65
[  410.073588][T12375] BFS-fs: bfs_fill_super(): NOTE: filesystem loop7 was created with 512 inodes, the real maximum is 511, mounting anyway
[  410.683567][   T27] audit: type=1326 audit(1763653643.403:107): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.8.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9174f8f749 code=0x7fc00000
[  411.060197][   T27] audit: type=1326 audit(1763653643.803:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.8.2328" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9174f8f749 code=0x7fc00000
[  411.589569][T12407] netlink: 'syz.4.2337': attribute type 1 has an invalid length.
[  411.679891][T12410] bridge0: port 2(bridge_slave_1) entered disabled state
[  411.687661][T12410] bridge0: port 1(bridge_slave_0) entered disabled state
[  411.818339][T12412] bond4: (slave veth1): Enslaving as an active interface with a down link
[  412.045331][T12407] bond4 (unregistering): (slave veth1): Releasing active interface
[  412.142153][T12407] bond4 (unregistering): Released all slaves
[  412.563803][T12461] loop8: detected capacity change from 0 to 1024
[  412.775369][T12468] netlink: 96 bytes leftover after parsing attributes in process `syz.7.2347'.
[  413.007689][ T6122] hfsplus: bad catalog file entry
[  413.034903][ T6122] hfsplus: b-tree write err: -5, ino 3
[  413.056549][T12475] netlink: 96 bytes leftover after parsing attributes in process `syz.4.2350'.
[  413.713756][T12504] netlink: 4 bytes leftover after parsing attributes in process `syz.7.2361'.
[  413.874850][T12508] loop9: detected capacity change from 0 to 512
[  413.939753][T12508] FAT-fs (loop9): Directory bread(block 199916) failed
[  413.957037][T12508] FAT-fs (loop9): Directory bread(block 199917) failed
[  413.970292][T12508] FAT-fs (loop9): Directory bread(block 199918) failed
[  413.984894][T12508] FAT-fs (loop9): Directory bread(block 199919) failed
[  414.003515][T12508] FAT-fs (loop9): Directory bread(block 199920) failed
[  414.018334][T12508] FAT-fs (loop9): Directory bread(block 199921) failed
[  414.032289][T12508] FAT-fs (loop9): Directory bread(block 199922) failed
[  414.047172][T12508] FAT-fs (loop9): Directory bread(block 199923) failed
[  414.067579][T12514] loop8: detected capacity change from 0 to 512
[  414.091298][T12514] EXT4-fs: Ignoring removed nomblk_io_submit option
[  414.099184][T12514] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  414.100644][T12508] FAT-fs (loop9): Directory bread(block 199916) failed
[  414.137383][T12508] FAT-fs (loop9): Directory bread(block 199917) failed
[  414.138362][T12514] EXT4-fs (loop8): 1 truncate cleaned up
[  414.186564][T12514] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  414.283490][T11984] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  414.342911][T12520] bridge0: port 2(bridge_slave_1) entered disabled state
[  414.350616][T12520] bridge0: port 1(bridge_slave_0) entered disabled state
[  414.610219][T12532] netlink: 28 bytes leftover after parsing attributes in process `syz.9.2370'.
[  414.738602][T12528] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.933033][T12528] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  414.963945][T12537] picdev_read: 77 callbacks suppressed
[  414.963965][T12537] kvm: pic: non byte read
[  414.977662][T12537] kvm: pic: level sensitive irq not supported
[  414.977818][T12537] kvm: pic: non byte read
[  414.989212][T12537] kvm: pic: level sensitive irq not supported
[  414.989299][T12537] kvm: pic: non byte read
[  415.000578][T12537] kvm: pic: level sensitive irq not supported
[  415.000660][T12537] kvm: pic: non byte read
[  415.012981][T12537] kvm: pic: level sensitive irq not supported
[  415.013062][T12537] kvm: pic: non byte read
[  415.024363][T12537] kvm: pic: level sensitive irq not supported
[  415.024442][T12537] kvm: pic: non byte read
[  415.035614][T12537] kvm: pic: level sensitive irq not supported
[  415.035690][T12537] kvm: pic: non byte read
[  415.046996][T12537] kvm: pic: level sensitive irq not supported
[  415.047093][T12537] kvm: pic: non byte read
[  415.059271][T12537] kvm: pic: level sensitive irq not supported
[  415.059355][T12537] kvm: pic: non byte read
[  415.070954][T12537] kvm: pic: level sensitive irq not supported
[  415.071040][T12537] kvm: pic: non byte read
[  415.082394][T12537] kvm: pic: level sensitive irq not supported
[  415.102079][T12528] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.222677][T12528] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  415.384699][T12549] syz.7.2378[12549] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  415.384890][T12549] syz.7.2378[12549] is installing a program with bpf_probe_write_user helper that may corrupt user memory!
[  415.445668][T12528] netdevsim netdevsim4 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  415.481762][T12528] netdevsim netdevsim4 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  415.537631][T12528] netdevsim netdevsim4 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  415.570764][T12528] netdevsim netdevsim4 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  415.716127][T12556] bridge0: port 2(bridge_slave_1) entered disabled state
[  415.724109][T12556] bridge0: port 1(bridge_slave_0) entered disabled state
[  415.950872][T12561] overlayfs: failed to clone upperpath
[  416.261238][  T967] usb 9-1: new high-speed USB device number 2 using dummy_hcd
[  416.460088][  T967] usb 9-1: Using ep0 maxpacket: 8
[  416.469618][  T967] usb 9-1: New USB device found, idVendor=047d, idProduct=5003, bcdDevice=2f.8c
[  416.485209][  T967] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  416.504931][  T967] usb 9-1: Product: syz
[  416.509172][  T967] usb 9-1: Manufacturer: syz
[  416.519598][  T967] usb 9-1: SerialNumber: syz
[  416.536421][  T967] usb 9-1: config 0 descriptor??
[  416.565613][  T967] gspca_main: se401-2.14.0 probing 047d:5003
[  416.767787][T12583] netlink: 8 bytes leftover after parsing attributes in process `syz.9.2389'.
[  417.273629][T12590] netlink: 4 bytes leftover after parsing attributes in process `syz.4.2394'.
[  417.289357][T12590] bridge_slave_1: left allmulticast mode
[  417.296934][T12590] bridge_slave_1: left promiscuous mode
[  417.327191][T12590] bridge0: port 2(bridge_slave_1) entered disabled state
[  417.345830][T12590] bridge_slave_0: left allmulticast mode
[  417.355170][T12590] bridge_slave_0: left promiscuous mode
[  417.365249][T12590] bridge0: port 1(bridge_slave_0) entered disabled state
[  417.559419][   T27] audit: type=1326 audit(1763653650.303:109): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  417.603977][  T967] gspca_se401: read req failed req 0x06 error -19
[  417.631137][T12594] tc_dump_action: action bad kind
[  417.641473][  T967] usb 9-1: USB disconnect, device number 2
[  417.804682][T12599] loop8: detected capacity change from 0 to 65
[  417.815263][T12599] BFS-fs: bfs_fill_super(): NOTE: filesystem loop8 was created with 512 inodes, the real maximum is 511, mounting anyway
[  418.436622][   T27] audit: type=1326 audit(1763653651.153:110): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.510372][   T27] audit: type=1326 audit(1763653651.153:111): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.596443][   T27] audit: type=1326 audit(1763653651.153:112): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.652414][   T27] audit: type=1326 audit(1763653651.153:113): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.700361][   T27] audit: type=1326 audit(1763653651.153:114): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.742640][   T27] audit: type=1326 audit(1763653651.153:115): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.767091][   T27] audit: type=1326 audit(1763653651.153:116): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.798784][   T27] audit: type=1326 audit(1763653651.153:117): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  418.831015][T12609] loop9: detected capacity change from 0 to 164
[  418.845476][   T27] audit: type=1326 audit(1763653651.153:118): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12591 comm="syz.7.2395" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd4e9b8f749 code=0x7fc00000
[  419.700120][    C1] 
[  419.702538][    C1] ============================================
[  419.708688][    C1] WARNING: possible recursive locking detected
[  419.714925][    C1] syzkaller #0 Not tainted
[  419.719351][    C1] --------------------------------------------
[  419.725493][    C1] syz.8.2403/12613 is trying to acquire lock:
[  419.731550][    C1] ffffc9000b8590d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c8/0x5a0
[  419.741145][    C1] 
[  419.741145][    C1] but task is already holding lock:
[  419.748507][    C1] ffffc9000b8dd0d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c8/0x5a0
[  419.758080][    C1] 
[  419.758080][    C1] other info that might help us debug this:
[  419.766135][    C1]  Possible unsafe locking scenario:
[  419.766135][    C1] 
[  419.774009][    C1]        CPU0
[  419.777277][    C1]        ----
[  419.780563][    C1]   lock(&rb->spinlock);
[  419.784804][    C1]   lock(&rb->spinlock);
[  419.789051][    C1] 
[  419.789051][    C1]  *** DEADLOCK ***
[  419.789051][    C1] 
[  419.797205][    C1]  May be due to missing lock nesting notation
[  419.797205][    C1] 
[  419.805515][    C1] 4 locks held by syz.8.2403/12613:
[  419.810713][    C1]  #0: ffffffff8cd30000 (rcu_callback){....}-{0:0}, at: rcu_core+0xc51/0x1720
[  419.819591][    C1]  #1: ffffffff8cd2fee0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run3+0xf4/0x400
[  419.828883][    C1]  #2: ffffc9000b8dd0d8 (&rb->spinlock){-.-.}-{2:2}, at: __bpf_ringbuf_reserve+0x1c8/0x5a0
[  419.838868][    C1]  #3: ffffffff8cd2fee0 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0xde/0x3c0
[  419.848158][    C1] 
[  419.848158][    C1] stack backtrace:
[  419.854032][    C1] CPU: 1 PID: 12613 Comm: syz.8.2403 Not tainted syzkaller #0
[  419.861487][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/02/2025
[  419.871618][    C1] Call Trace:
[  419.874896][    C1]  <IRQ>
[  419.877745][    C1]  dump_stack_lvl+0x16c/0x230
[  419.882454][    C1]  ? show_regs_print_info+0x20/0x20
[  419.887733][    C1]  ? print_deadlock_bug+0x435/0x5d0
[  419.892920][    C1]  __lock_acquire+0x5d40/0x7c80
[  419.897764][    C1]  ? verify_lock_unused+0x140/0x140
[  419.903050][    C1]  ? try_to_wake_up+0x454/0x1140
[  419.907981][    C1]  ? __lock_acquire+0x7c80/0x7c80
[  419.912995][    C1]  ? mark_lock+0x94/0x320
[  419.917338][    C1]  ? __lock_acquire+0x1260/0x7c80
[  419.922364][    C1]  lock_acquire+0x197/0x410
[  419.926864][    C1]  ? __bpf_ringbuf_reserve+0x1c8/0x5a0
[  419.932330][    C1]  ? read_lock_is_recursive+0x20/0x20
[  419.937700][    C1]  ? verify_lock_unused+0x140/0x140
[  419.942890][    C1]  ? mark_lock+0x94/0x320
[  419.947210][    C1]  _raw_spin_lock_irqsave+0xa8/0xf0
[  419.952396][    C1]  ? __bpf_ringbuf_reserve+0x1c8/0x5a0
[  419.957843][    C1]  ? _raw_spin_lock+0x40/0x40
[  419.962507][    C1]  ? deref_stack_reg+0x1bd/0x240
[  419.967459][    C1]  __bpf_ringbuf_reserve+0x1c8/0x5a0
[  419.972738][    C1]  ? bpf_ringbuf_notify+0x30/0x30
[  419.977768][    C1]  ? __cant_sleep+0x210/0x210
[  419.982434][    C1]  bpf_ringbuf_reserve+0x5c/0x70
[  419.987362][    C1]  bpf_prog_fe0ed97373b08409+0x2d/0x4a
[  419.992808][    C1]  bpf_trace_run2+0x1d1/0x3c0
[  419.997476][    C1]  ? bpf_trace_run2+0xde/0x3c0
[  420.002228][    C1]  ? bpf_trace_run1+0x3b0/0x3b0
[  420.007067][    C1]  ? __bpf_trace_contention_end+0xce/0x130
[  420.012866][    C1]  __bpf_trace_contention_end+0xdd/0x130
[  420.018489][    C1]  ? __bpf_trace_contention_begin+0x130/0x130
[  420.024545][    C1]  ? deref_stack_reg+0x1bd/0x240
[  420.029474][    C1]  ? verify_lock_unused+0x140/0x140
[  420.034663][    C1]  trace_contention_end+0xe6/0x110
[  420.039764][    C1]  __pv_queued_spin_lock_slowpath+0x7ec/0x9d0
[  420.045840][    C1]  ? __pv_queued_spin_unlock_slowpath+0x2a0/0x2a0
[  420.052260][    C1]  do_raw_spin_lock+0x24e/0x2c0
[  420.057109][    C1]  ? __rwlock_init+0x150/0x150
[  420.061865][    C1]  _raw_spin_lock_irqsave+0xb4/0xf0
[  420.067070][    C1]  ? _raw_spin_lock+0x40/0x40
[  420.071734][    C1]  ? rcu_core+0xcc4/0x1720
[  420.076137][    C1]  ? __irq_exit_rcu+0xc7/0x190
[  420.080885][    C1]  ? irq_exit_rcu+0x9/0x20
[  420.085290][    C1]  ? sysvec_apic_timer_interrupt+0xa4/0xc0
[  420.091085][    C1]  ? asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  420.097228][    C1]  ? do_nanosleep+0x17f/0x5f0
[  420.101896][    C1]  ? hrtimer_nanosleep+0x15f/0x350
[  420.107000][    C1]  ? __se_sys_clock_nanosleep+0x2ea/0x370
[  420.112706][    C1]  ? do_syscall_64+0x55/0xb0
[  420.117289][    C1]  __bpf_ringbuf_reserve+0x1c8/0x5a0
[  420.122568][    C1]  ? bpf_ringbuf_notify+0x30/0x30
[  420.127671][    C1]  ? __cant_sleep+0x210/0x210
[  420.132341][    C1]  ? refcount_dec_if_one+0xe0/0xe0
[  420.137442][    C1]  bpf_ringbuf_reserve+0x5c/0x70
[  420.142370][    C1]  bpf_prog_fe0ed97373b08409+0x2d/0x4a
[  420.147815][    C1]  bpf_trace_run3+0x1e7/0x400
[  420.152479][    C1]  ? bpf_trace_run3+0xf4/0x400
[  420.157225][    C1]  ? bpf_trace_run2+0x3c0/0x3c0
[  420.162061][    C1]  ? rcu_core+0xcc4/0x1720
[  420.166463][    C1]  ? put_ucounts+0x11d/0x230
[  420.171059][    C1]  ? get_ucounts+0x60/0x60
[  420.175481][    C1]  ? rcu_core+0xc51/0x1720
[  420.179885][    C1]  ? rcu_core+0xcc4/0x1720
[  420.184288][    C1]  kmem_cache_free+0x1e0/0x280
[  420.189127][    C1]  ? put_cred_rcu+0x237/0x2a0
[  420.193792][    C1]  ? __put_cred+0x130/0x130
[  420.198298][    C1]  ? __put_cred+0x130/0x130
[  420.202806][    C1]  rcu_core+0xcc4/0x1720
[  420.207066][    C1]  ? rcu_cpu_kthread_park+0x90/0x90
[  420.212250][    C1]  ? __lock_acquire+0x7c80/0x7c80
[  420.217273][    C1]  ? rebalance_domains+0x8ad/0x9d0
[  420.222381][    C1]  ? rebalance_domains+0x127/0x9d0
[  420.227480][    C1]  handle_softirqs+0x280/0x820
[  420.232230][    C1]  ? __irq_exit_rcu+0xc7/0x190
[  420.236982][    C1]  ? do_softirq+0x180/0x180
[  420.241474][    C1]  ? irqtime_account_irq+0xb6/0x1c0
[  420.246756][    C1]  __irq_exit_rcu+0xc7/0x190
[  420.251342][    C1]  ? irq_exit_rcu+0x20/0x20
[  420.255840][    C1]  irq_exit_rcu+0x9/0x20
[  420.260070][    C1]  sysvec_apic_timer_interrupt+0xa4/0xc0
[  420.265707][    C1]  </IRQ>
[  420.269074][    C1]  <TASK>
[  420.272002][    C1]  asm_sysvec_apic_timer_interrupt+0x1a/0x20
[  420.277969][    C1] RIP: 0010:_raw_spin_unlock_irqrestore+0xa9/0x110
[  420.284458][    C1] Code: 74 05 e8 ea 7c 13 f7 48 c7 44 24 20 00 00 00 00 9c 8f 44 24 20 f6 44 24 21 02 75 4b f7 c3 00 02 00 00 74 01 fb bf 01 00 00 00 <e8> f2 f8 e2 f6 65 8b 05 e3 41 8b 75 85 c0 74 3c 48 c7 04 24 0e 36
[  420.304062][    C1] RSP: 0018:ffffc90005607ba0 EFLAGS: 00000206
[  420.310119][    C1] RAX: 9f143971be7c4800 RBX: 0000000000000a06 RCX: 9f143971be7c4800
[  420.318080][    C1] RDX: dffffc0000000000 RSI: ffffffff8aaabce0 RDI: 0000000000000001
[  420.326037][    C1] RBP: ffffc90005607c30 R08: ffffffff8e4a8d6f R09: 1ffffffff1c951ad
[  420.333998][    C1] R10: dffffc0000000000 R11: fffffbfff1c951ae R12: dffffc0000000000
[  420.342044][    C1] R13: ffffc90005607dc0 R14: ffff8880b8f2b700 R15: 1ffff92000ac0f74
[  420.350009][    C1]  ? _raw_spin_unlock+0x40/0x40
[  420.354863][    C1]  do_nanosleep+0x17f/0x5f0
[  420.359355][    C1]  ? do_nanosleep+0x80/0x5f0
[  420.363950][    C1]  ? usleep_range_state+0x1a0/0x1a0
[  420.369167][    C1]  ? __asan_memset+0x22/0x40
[  420.373775][    C1]  ? __hrtimer_init+0x186/0x270
[  420.378637][    C1]  hrtimer_nanosleep+0x15f/0x350
[  420.383588][    C1]  ? __might_fault+0xc6/0x120
[  420.388273][    C1]  ? nanosleep_copyout+0x120/0x120
[  420.393385][    C1]  ? __remove_hrtimer+0x470/0x470
[  420.398415][    C1]  ? timespec64_add_safe+0x1e0/0x1e0
[  420.403707][    C1]  __se_sys_clock_nanosleep+0x2ea/0x370
[  420.409246][    C1]  ? __x64_sys_clock_nanosleep+0xb0/0xb0
[  420.414888][    C1]  ? lockdep_hardirqs_on+0x98/0x150
[  420.420116][    C1]  do_syscall_64+0x55/0xb0
[  420.424532][    C1]  ? clear_bhb_loop+0x40/0x90
[  420.429206][    C1]  ? clear_bhb_loop+0x40/0x90
[  420.433874][    C1]  entry_SYSCALL_64_after_hwframe+0x68/0xd2
[  420.439772][    C1] RIP: 0033:0x7f9174fc2005
[  420.444185][    C1] Code: 24 0c 89 3c 24 48 89 4c 24 18 e8 f6 54 ff ff 4c 8b 54 24 18 48 8b 54 24 10 41 89 c0 8b 74 24 0c 8b 3c 24 b8 e6 00 00 00 0f 05 <44> 89 c7 48 89 04 24 e8 4f 55 ff ff 48 8b 04 24 48 83 c4 28 f7 d8
[  420.463784][    C1] RSP: 002b:00007ffe01ecabe0 EFLAGS: 00000293 ORIG_RAX: 00000000000000e6
[  420.472242][    C1] RAX: ffffffffffffffda RBX: 00007f91751e5fa0 RCX: 00007f9174fc2005
[  420.480237][    C1] RDX: 00007ffe01ecac20 RSI: 0000000000000000 RDI: 0000000000000000
[  420.488241][    C1] RBP: 00007f91751e7da0 R08: 0000000000000000 R09: 0000000000745d1e
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  420.496315][    C1] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000066801
[  420.504276][    C1] R13: 00007ffe01ecad40 R14: ffffffffffffffff R15: 00007ffe01ecad60
[  420.512272][    C1]  </TASK>
[  421.224698][ T6149] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.294505][ T6149] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.368578][ T6149] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  421.493971][ T6149] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  422.388888][ T6149] hsr_slave_0: left promiscuous mode
[  422.395070][ T6149] hsr_slave_1: left promiscuous mode
[  422.401416][ T6149] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  422.408895][ T6149] batman_adv: batadv0: Removing interface: batadv_slave_0
[  422.416594][ T6149] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  422.424490][ T6149] batman_adv: batadv0: Removing interface: batadv_slave_1
[  422.432158][ T6149] bridge_slave_1: left allmulticast mode
[  422.437890][ T6149] bridge_slave_1: left promiscuous mode
[  422.443620][ T6149] bridge0: port 2(bridge_slave_1) entered disabled state
[  422.452413][ T6149] bridge_slave_0: left allmulticast mode
[  422.458056][ T6149] bridge_slave_0: left promiscuous mode
[  422.463887][ T6149] bridge0: port 1(bridge_slave_0) entered disabled state
[  422.475301][ T6149] veth1_macvtap: left promiscuous mode
[  422.480904][ T6149] veth0_macvtap: left promiscuous mode
[  422.487017][ T6149] veth1_vlan: left promiscuous mode
[  422.493447][ T6149] veth0_vlan: left promiscuous mode
[  422.687487][ T6149] team0 (unregistering): Port device team_slave_1 removed
[  422.732617][ T6149] team0 (unregistering): Port device team_slave_0 removed
[  422.768091][ T6149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  422.808528][ T6149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  422.878617][ T6149] bond0 (unregistering): Released all slaves
[  423.294562][ T6149] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.335423][ T6149] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.384935][ T6149] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  423.444816][ T6149] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  424.158893][ T6149] hsr_slave_0: left promiscuous mode
[  424.164881][ T6149] hsr_slave_1: left promiscuous mode
[  424.200256][ T6149] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  424.207720][ T6149] batman_adv: batadv0: Removing interface: batadv_slave_0
[  424.216443][ T6149] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  424.224845][ T6149] batman_adv: batadv0: Removing interface: batadv_slave_1
[  424.232732][ T6149] bridge_slave_1: left allmulticast mode
[  424.238499][ T6149] bridge_slave_1: left promiscuous mode
[  424.244661][ T6149] bridge0: port 2(bridge_slave_1) entered disabled state
[  424.252716][ T6149] bridge_slave_0: left allmulticast mode
[  424.258365][ T6149] bridge_slave_0: left promiscuous mode
[  424.264135][ T6149] bridge0: port 1(bridge_slave_0) entered disabled state
[  424.273958][ T6149] veth1_macvtap: left promiscuous mode
[  424.279456][ T6149] veth0_macvtap: left promiscuous mode
[  424.285159][ T6149] veth1_vlan: left promiscuous mode
[  424.290565][ T6149] veth0_vlan: left promiscuous mode
[  424.601691][ T6149] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  424.616905][ T6149] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  424.863984][ T6149] bond0 (unregistering): Released all slaves
[  425.226264][ T6149] IPVS: stop unused estimator thread 0...
[  425.426862][T12590] infiniband syz1: set down
[  425.448605][ T5880] infiniband syz1: ib_query_port failed (-19)
[  425.457998][ T6149] smc: removing ib device syz1