last executing test programs:

10.621877327s ago: executing program 1 (id=1179):
setrlimit(0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0)
r3 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd)
keyctl$dh_compute(0x17, &(0x7f0000000000)={r3, r3, r3}, &(0x7f00000001c0)=""/201, 0xc9, 0x0)
sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0)

8.878301333s ago: executing program 1 (id=1185):
socket$kcm(0x10, 0x2, 0x4)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$kcm(0x23, 0x2, 0x0)
bpf$MAP_CREATE_TAIL_CALL(0x0, &(0x7f00000007c0)={0x3, 0x4, 0x4, 0xa, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x50)
socket$nl_generic(0x10, 0x3, 0x10)
socket$inet_udplite(0x2, 0x2, 0x88)
socket$unix(0x1, 0x1, 0x0)
socket$unix(0x1, 0x1, 0x0)
r0 = syz_io_uring_setup(0xd2, &(0x7f0000000480)={0x0, 0x2000000, 0x0, 0xfffffffc, 0x13b}, &(0x7f00000002c0)=<r1=>0x0, &(0x7f00000000c0)=<r2=>0x0)
write$RDMA_USER_CM_CMD_RESOLVE_IP(0xffffffffffffffff, &(0x7f0000000200)={0x3, 0x40, 0xfa02, {{0x6000000, 0x0, 0x0, @local}, {0xa, 0x0, 0x0, @mcast2}, 0xffffffffffffffff, 0xfffffffc}}, 0x48)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000200))
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_MADVISE={0x19, 0x7b, 0x0, 0x0, 0x0, &(0x7f0000011000/0x4000)=nil, 0x4000, 0xc})
io_uring_enter(r0, 0x2b76, 0x0, 0x0, 0x0, 0x0)

8.477759463s ago: executing program 3 (id=1188):
socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_udp(0xa, 0x2, 0x0)
ptrace$PTRACE_GETSIGMASK(0x420a, r0, 0x0, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000e40)=@raw={'raw\x00', 0x3c1, 0x3, 0x4c0, 0x0, 0x18c, 0x203, 0x8000000, 0x19030000, 0x3f0, 0x2e0, 0x2e0, 0x3f0, 0x2e0, 0x3, 0x0, {[{{@uncond, 0x300, 0x2d8, 0x300, 0x0, {}, [@common=@unspec=@bpf0={{0x230}, {0x13, [{0x1d}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0xe}, {}, {0x0, 0x0, 0x3}, {0x2}, {}, {0x0, 0x0, 0x0, 0x1}, {}, {}, {0x16}, {}, {}, {0x7}, {}, {0x0, 0x0, 0x0, 0x101}, {}, {}, {}, {}, {}, {}, {0xfffe}, {}, {}, {}, {0x0, 0xfd}, {}, {0x7a04}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x800}, {}, {0xb84, 0x0, 0x0, 0xf00}, {0x0, 0x1, 0x0, 0x3}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x4}]}}]}, @common=@unspec=@NFQUEUE3={0x28, 'NFQUEUE\x00', 0x3, {0x0, 0x4}}}, {{@uncond, 0x0, 0xa8, 0xf0}, @common=@unspec=@IDLETIMER={0x48, 'IDLETIMER\x00', 0x0, {0xb, 'syz1\x00', {0x6c8}}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x520)

8.397748442s ago: executing program 1 (id=1189):
getresgid(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tipc={{0x6, 0x4, 0x0, 0x9, 0x40, 0x64, 0x0, 0xf1, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x10}, @broadcast, {[@generic={0x82, 0x2}]}}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0xb, 0x2, 0x9, 0x0, 0x1, 0x400, 0x45, 0x20000000, 0x4e21, 0x4e21, 0x1, 0x3}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x1, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x2000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

8.383685923s ago: executing program 2 (id=1191):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0x102, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
close(r4)
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000380)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0x0, 0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x100, 0x7, 0x6361, 0x5, 0xffffffed, 0x6}, [@TCA_NETEM_LATENCY64={0xc, 0xa, 0x6}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000300)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b925, 0x25dfdbff, {0x0, 0x0, 0x0, r6, {0x0, 0xe}, {0xb, 0xb}, {0x0, 0xb}}, [@qdisc_kind_options=@q_pfifo_head_drop={{0x14}, {0x8, 0x2, 0x5}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2401c061}, 0x4008000)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

7.229852049s ago: executing program 3 (id=1192):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r3 = getpid()
sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r4=>0xffffffffffffffff, <r5=>0xffffffffffffffff})
connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r5, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
recvmmsg(0xffffffffffffffff, &(0x7f00000066c0), 0xa0d, 0x0, 0x0)
recvmmsg(r2, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x20001b80}, {&(0x7f0000001b80)=""/112, 0x70}], 0x2, 0x0, 0xa0028cb4}}], 0x40000000000013c, 0x700, 0x0)
sendfile(r1, r0, 0x0, 0x578410eb)

7.146520308s ago: executing program 0 (id=1194):
madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000003c0)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mknodat$loop(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x1000, 0x1)
timer_create(0x0, 0x0, 0x0)
mprotect(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0)
mprotect(&(0x7f00004a4000/0x800000)=nil, 0x800000, 0x2)

6.784708565s ago: executing program 2 (id=1195):
socket$kcm(0x10, 0x2, 0x4)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x200000000000011, 0x2, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000000)={'bridge0\x00', <r5=>0x0})
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0x0, 0x0, {0x0, 0x0, 0x74, r5, 0x0, 0x11203}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_VLAN_DEFAULT_PVID={0x6, 0x27, 0x20}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x800}, 0x0)

6.778587265s ago: executing program 1 (id=1196):
r0 = socket$kcm(0x11, 0x3, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r2)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r2, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
r5 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000002c0)=@newqdisc={0x40, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, r6, {0x0, 0xd}, {0xffff, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0xc, 0x2, [@TCA_FQ_CODEL_CE_THRESHOLD={0x8, 0x7, 0xfffffff9}]}}]}, 0x40}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4008000)
setsockopt$sock_attach_bpf(r0, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r0, &(0x7f00000000c0)={&(0x7f0000000580)=@xdp={0x2c, 0x4, r4, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accbe1ba0777cfbf6ae77256da82f6184b8a34f9015cc99e570000002b21c90b000000000000721a5dbb56a3d9e16e7c2179c9b5b24722944820e624fc5b17d0822ca4232c98a9936ba722475ca5", 0x72}, {&(0x7f0000000440)="63f805d7649496db72959832930469edc7b700c9e37eed5653ecb716cdb8981cd819af0b33254465cc904b7b31789d65c0e0d33330e2ef36205dd154e363bcadf8f2ea93f45503c6d9fd8dfe5a638cfeb9f79c930a4d18260e5a08ffd35ed8371cff78119319b2b62c7cd9378c73ae90c801681f55ef26cb00"/135, 0x87}, {&(0x7f0000001400)="7f4ba13c5a27118dc920175650f0c9ba1809dd13a6e2d5b38f40adfa278c09e0e3bd05add4d780cd753b50f06f3b51f43761c7783f38ceaefc2dad57889d8b3a2d21314410f64ec2fa92e3a14b0141b39c020021d1edd011fbccb808a317fff4cf49aab12da619d67102048ec43c76cdb9d395e8b7b6e589d788aeeecb5080fc3d5ec6ccd656e49c0a642671d3fc363b46240bbc46ad965399b71db3c8f2b269b20870a3d2a6a8de5213b0f9d41c510c827056b7284391da244ec7653648b670f9a3483b314d861992ed7fb369eda093e1643c300b94d996fc592adb22c379be070ce5cd806da85a492dd4199cceb4c5b750222485325cf1073bf87e93bdf7da8af8f5f626541afd142e24ee8f4be9f038453c0edf500deabfe4d1a7a9de51df012bc2f3b767b3c03be6ace8c37ad571323cd363116e01f98a8ff8148d3900a65b788e99ddf9d9a2383f1730c7868d2dd031034bce5a77bd1ef3385105968be7bd830bde788092f657be36f89ea55ced486e18982d01339ed04a934a43c7b3", 0x17f}], 0x3}, 0x0)

6.701861163s ago: executing program 4 (id=1197):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x6)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000240)=0x1)
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
socket$phonet(0x23, 0x2, 0x1)
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r3 = socket$l2tp(0x2, 0x2, 0x73)
setsockopt$SO_BINDTODEVICE(r3, 0x1, 0x19, 0x0, 0x0)
bind$inet(r3, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
writev(0xffffffffffffffff, &(0x7f0000001bc0)=[{0x0}, {0x0}], 0x2)
r4 = fsopen(&(0x7f0000000040)='efivarfs\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r4, 0x6, 0x0, 0x0, 0x0)

5.974034526s ago: executing program 3 (id=1198):
mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x4)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000040)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
r3 = syz_open_dev$usbfs(&(0x7f0000000480), 0x77, 0x41341)
ioctl$USBDEVFS_IOCTL(r3, 0xc0105512, &(0x7f0000000200))

5.567107887s ago: executing program 0 (id=1199):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_io_uring_setup(0x247a8, 0x0, 0x0, 0x0)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r3, 0x84, 0x64, &(0x7f0000000900)=[@in={0x2, 0x4e23, @loopback}, @in6={0xa, 0x0, 0x0, @loopback, 0x7fc}], 0x2c)
sendto$inet6(r3, &(0x7f0000000040)="e4", 0x1, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback, 0x5}, 0x1c)
setsockopt$inet_sctp6_SCTP_EVENTS(r3, 0x84, 0xb, &(0x7f0000000200)={0x41, 0x80, 0xfe, 0x2, 0x9, 0x40, 0x8, 0x5a, 0x0, 0x9, 0xa}, 0xe)
recvmmsg(r3, &(0x7f0000000740)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/21, 0x15}, 0x1ff}], 0x4000000000001bf, 0x40000023, 0x0)

5.537392461s ago: executing program 2 (id=1200):
r0 = socket$kcm(0x10, 0x400000002, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xc, 0xf}}, [@qdisc_kind_options=@q_drr={0x8}]}, 0x2c}, 0x1, 0x0, 0x0, 0x8001}, 0x20008850)
r5 = socket(0x400000000010, 0x3, 0x0)
r6 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)=@newtfilter={0x34, 0x2c, 0xd27, 0x70bd2d, 0x25dfdbfc, {0x0, 0x0, 0x0, r7, {0x0, 0x2}, {}, {0x7, 0x9}}, [@filter_kind_options=@f_flower={{0xb}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x24000850}, 0x20084084)
r8 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000140)=@newtfilter={0x24, 0x2c, 0xd27, 0x30bd29, 0x21dfdbfc, {0x0, 0x0, 0x0, r9, {0x0, 0x9}, {}, {0xd}}}, 0x24}, 0x1, 0x0, 0x0, 0x24000014}, 0x200c4004)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x2, &(0x7f0000000080)=[{&(0x7f0000000140)="600000002e000d190a762d7f089e", 0xfca2}, {&(0x7f0000000280)="68cabf2dfb58fc0a1d6b689866f05d490d010088a8ffff0200258f2e4409b8f9e6aaeb88bea123dc2c6726e89b1ae2f6e8bcb5ee52dcd7298d39093c510293bca0b646a3ce904f6e6b788b3204c233e60ddc", 0x52}], 0x2}, 0x0)

5.537174681s ago: executing program 4 (id=1201):
socket$kcm(0x10, 0x400000002, 0x0)
fsopen(0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15)
syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x5)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)

5.462244028s ago: executing program 1 (id=1202):
syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
close(r0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000010c0)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
request_key(0x0, &(0x7f0000001ffb)={'syz', 0x1}, &(0x7f0000001fee)='y\xa9n::e\x00\x00\x05\x00\x00\x00\x00\x00H\x00\x00\x00', 0x0)
execve(&(0x7f0000000180)='./file1\x00', 0x0, &(0x7f0000000800)={[&(0x7f0000000940)='\x7f\xb7\xc3\x7f\xa5a\xd6A*c\x9b\xd8R\xf02b\xefA|uiWb\x8f\xee\x1c\xc5\xdb^\x11\x16h\x83\x94y<yN\xfbXh[\xe9\xa9\x1702\x7f\x9e\xf0\x99\xad\xdc;p\x98R\a\xb1\x9d^\x0f\x121\xb3\xab7P\xd6\xcb\x06\xfe2~W\xd9\xad\x80\xd9!\x89%\xb80\xa3l;\x1eK\x90\x15\xc6\x11A\xfc\x7f\xc6\xed\xe7\xa3\x9f\xb4\xce\"\xef\xa8\x86F\x15\xb9\rj\f\xafa\xb0}\xde\'E\x84\xb2bO\xd2\xd4\x85F\xde1e\xe0\xf2\xa0/\xd3<\xda\xfe\x04,\xfa\x97\xb6\xf4\xcf\x0el\xf2\xbd\x18\x88\xd7\x02\xce\x99\x1f\xadj\x89\xd9\xb7\xae9\xb0\xb0{n.\xd7\x87C\x0eh|KZG\x108l\n\xcd\xe9\x04\xafM\xbf\x83#>\x89\xf1Y{\x87\xd5\xf3\xccMr\xc5\xbdT\x9e\xc4\x84\x06\xcd\x8b\xcd\t\x01']})

4.35865541s ago: executing program 0 (id=1203):
r0 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000000)={'vcan0\x00'})
bind$can_j1939(r0, 0x0, 0x0)
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
openat(0xffffffffffffffff, &(0x7f0000001740)='.\x00', 0x51b001, 0x588)
setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000000100)={0x0, 0x7}, 0x8)
setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000040)={0x0, 0xaf1}, 0x8)
bind$inet6(r1, &(0x7f00000002c0)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$ETHTOOL_MSG_DEBUG_SET(r2, 0x0, 0x0)
sendmmsg$inet6(r1, &(0x7f0000000200)=[{{&(0x7f00000000c0)={0xa, 0x4e23, 0x0, @loopback, 0x1}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000001680)='\t', 0x1}], 0x1}}], 0x1, 0x885)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newlink={0x28, 0x10, 0x1, 0x70bd25, 0x25dfdbfa, {0x0, 0x0, 0x0, 0x0, 0x40810}, [@IFLA_GROUP={0x8}]}, 0x28}, 0x1, 0x0, 0x0, 0x4008011}, 0x4004)
setsockopt$inet_sctp6_SCTP_RESET_STREAMS(r1, 0x84, 0x77, &(0x7f0000000300)=ANY=[@ANYRES32=0x0, @ANYBLOB="01"], 0x8)
setsockopt$inet_sctp6_SCTP_RESET_ASSOC(r1, 0x84, 0x78, &(0x7f0000000080), 0x4)

4.35813761s ago: executing program 4 (id=1204):
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
r3 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r3, 0x107, 0x12, &(0x7f0000000140)={0x0, 0x6}, 0x4)
setsockopt$packet_fanout_data(r3, 0x107, 0x16, &(0x7f0000000100)={0x0, 0x0}, 0x10)
r4 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000020000000000000000ee000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x80)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r4, 0x5, 0xb68, 0x560b0007, &(0x7f0000000000)="259a53f271a76d2688634c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.937691544s ago: executing program 2 (id=1205):
getresgid(0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7)
syz_emit_ethernet(0x4e, &(0x7f0000000000)={@local, @remote, @void, {@ipv4={0x800, @tipc={{0x6, 0x4, 0x0, 0x9, 0x40, 0x64, 0x0, 0xf1, 0x6, 0x0, @dev={0xac, 0x14, 0x14, 0x10}, @broadcast, {[@generic={0x82, 0x2}]}}, @name_distributor={{0x28, 0x0, 0x0, 0x0, 0x1, 0xa, 0xb, 0x2, 0x9, 0x0, 0x1, 0x400, 0x45, 0x20000000, 0x4e21, 0x4e21, 0x1, 0x3}}}}}}, 0x0)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000140)={0x6, 0x1, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], 0x0, 0x0, 0x0, 0x0, 0x41000}, 0x94)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000480)={0x6, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000002c0)='syzkaller\x00'}, 0x90)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x2000, &(0x7f0000000000)='%', 0x0, 0xd01, 0x1000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

1.937292704s ago: executing program 3 (id=1206):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f00000000c0), r2)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x44081}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x100, 0x0)
r5 = socket(0x10, 0x3, 0x0)
close(r4)
r6 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff3}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x28, 0x2, {{0x3, 0x7, 0x6361, 0x5, 0xffffffff, 0x2000006}, [@TCA_NETEM_CORRUPT={0xc, 0x4, {0xe, 0x8}}]}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x48c333998f2df87f}, 0x0)
ioctl$SIOCSIFHWADDR(r4, 0x8922, &(0x7f0000002280)={'syzkaller0\x00', @random="2b0100004ec6"})

1.936994834s ago: executing program 4 (id=1207):
socket$netlink(0x10, 0x3, 0x4)
socket$packet(0x11, 0x2, 0x300)
landlock_create_ruleset(0x0, 0x0, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
socket$inet(0x2, 0x3, 0x2)
r0 = socket$netlink(0x10, 0x3, 0x4)
syz_io_uring_setup(0x88b, &(0x7f0000000300)={0x0, 0xaee5, 0x10, 0x5, 0x32f}, 0x0, 0x0)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$inet_sctp(0x2, 0x1, 0x84)
socket$nl_netfilter(0x10, 0x3, 0xc)
socket$nl_rdma(0x10, 0x3, 0x14)
socket$kcm(0xa, 0x922000000003, 0x11)
r1 = socket(0x400000000010, 0x3, 0x0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000940)={&(0x7f0000000500)=ANY=[@ANYBLOB="640000001000030400"/20, @ANYRES32=0x0, @ANYBLOB="e5fda988000000002800128009000100766c616e00000000180002800c0002001c0000001f000000060001000000000008000500", @ANYRES32=r2, @ANYBLOB='\b\x00\n\x00', @ANYRES32=r0], 0x64}, 0x1, 0x0, 0x0, 0x8811}, 0x0)

1.936390674s ago: executing program 0 (id=1208):
socket$inet6(0xa, 0x800000000000002, 0x0)
socket$rds(0x15, 0x5, 0x0)
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x200000c, 0x3032, 0xffffffffffffffff, 0xeac4b000)
bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb3, 0x7f}, 0x48)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}, 0x2000000}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "0587a06a93f2aad4", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a50003"}, 0x38)
bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
shutdown(r0, 0x1)
socket$inet6_tcp(0xa, 0x1, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x2, 0x3, 0xfffffffffffffffd}, 0x0, &(0x7f0000000240)={0x3ff, 0x0, 0x0, 0x9, 0x0, 0x0, 0x7fffffff}, 0x0, 0x0)

1.936202654s ago: executing program 1 (id=1209):
bpf$PROG_LOAD(0x5, 0x0, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
sendmmsg$unix(r0, &(0x7f00000bd000), 0x2d, 0x20040040)
bpf$TOKEN_CREATE(0x24, 0x0, 0x0)
bpf$BPF_BTF_GET_FD_BY_ID(0x13, 0x0, 0x0)
bpf$OBJ_GET_MAP(0x7, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r4 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r4, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58)
r5 = accept4(r4, 0x0, 0x0, 0x0)
recvmmsg(r5, &(0x7f000000a400), 0x6fe, 0x10163, 0x0)

1.408789708s ago: executing program 3 (id=1210):
r0 = userfaultfd(0x80000)
ioctl$F2FS_IOC_DECOMPRESS_FILE(r0, 0xf517, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0)
getsockopt$sock_cred(0xffffffffffffffff, 0x1, 0x11, &(0x7f00000000c0)={<r1=>0x0}, &(0x7f0000000100)=0xc)
sched_setscheduler(r1, 0x2, &(0x7f0000000080)=0x7)
r2 = getpid()
sched_setscheduler(r2, 0x1, &(0x7f0000000400)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e)
sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
bpf$BPF_PROG_DETACH(0x8, 0x0, 0x0)
r5 = socket$kcm(0x10, 0x2, 0x10)
sendmsg$kcm(r5, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="1400000029000b05d25a806f8c6394f90424fc60", 0x14}], 0x1}, 0x0)

1.035723895s ago: executing program 2 (id=1211):
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
setsockopt$ARPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x60, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
r1 = getpid()
sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x6770c000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r2=>0xffffffffffffffff, <r3=>0xffffffffffffffff})
connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x48840}, 0x20040080)
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r4, &(0x7f0000000100)={0x28, 0x0, 0x0, @local}, 0x10)
r5 = accept4$unix(r0, 0x0, 0x0, 0x0)
recvfrom$unix(r5, 0x0, 0x0, 0x10120, 0x0, 0x0)

1.012478048s ago: executing program 4 (id=1212):
connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(0xffffffffffffffff, &(0x7f00000bd000), 0x318, 0x0)
ioctl$DRM_IOCTL_SET_SAREA_CTX(0xffffffffffffffff, 0x4010641c, &(0x7f0000000100)={0x0, 0x0})
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f07ebbeeb, 0x8031, 0xffffffffffffffff, 0xbf5ce000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000018c0)=ANY=[@ANYBLOB="0a000000d2cf00003d36000002"], 0x48)
bpf$BPF_MAP_LOOKUP_AND_DELETE_ELEM(0x15, &(0x7f0000000380)={r3, &(0x7f0000001940), &(0x7f00000002c0)=""/187}, 0x20)

1.010428498s ago: executing program 0 (id=1213):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000009c0)=ANY=[@ANYBLOB], &(0x7f0000000300)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbee2, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
sendmsg$key(0xffffffffffffffff, 0x0, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r3, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f000000c280)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a20000000000a01010000000000000000050000000900010073797a300000000064000000030a01030000000000000000050000000900010073797a30000000000900030073797a300000000008000a40000000032800048008000240000000120800014000000000140003006e657464657673696d30000000000000080000000000000014000000110001"], 0xac}}, 0x0)

2.0979ms ago: executing program 2 (id=1214):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x100}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff})
setsockopt$SO_ATTACH_FILTER(r4, 0x1, 0x1a, &(0x7f0000000000)={0x3, &(0x7f00000000c0)=[{0x20, 0x0, 0x81, 0xfffff034}, {0x20, 0x0, 0x0, 0xfffff038}, {0x6}]}, 0x10)
sendmmsg(r3, &(0x7f0000000180), 0x4000190, 0x0)
shmat(0x0, &(0x7f0000ff9000/0x1000)=nil, 0x5000)
shmdt(0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x5, 0x16, &(0x7f0000000240)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x4a}, 0x94)

1.45197ms ago: executing program 3 (id=1215):
syz_mount_image$f2fs(&(0x7f000000e000), &(0x7f0000000080)='./file2\x00', 0x10, &(0x7f0000000300)={[{@nodiscard}, {@jqfmt_vfsv0}, {@fault_type={'fault_type', 0x3d, 0x7fff}}, {@gc_merge}, {@noflush_merge}, {@nocheckpoint_merge}, {@acl}, {@grpjquota}, {@compress_cache}, {@checkpoint_diasble}, {@background_gc_on}, {@background_gc_off}, {@alloc_mode_def}]}, 0x4, 0x550c, &(0x7f00000089c0)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DKJjT9WPRWdRc/sEtZ9eBJ0yQN2U0ypUnT2pMHj+LB/0QUPHn0b/Dg2Zt4ULwJSmYmuvUDhKaN3f5+MHnmffPmmecNy8IzUxLAuTWf/PJTKW7ElYiYjYjrEdl5qTgy63l4LiJuRsTMY0epmP9j4mJEXI2IG6Pkec5S8dZnt4e31n588+evv7104drnX303vV0D0/Z8RHR38vP9bh7TVh4fFvO1YTuL3dVhEfM3uo+KcZrH/eZWlmG/Nl5Xy+JKK1+f7uz1R3G7U6uPYqu9nc3v9PIL9oetcZ7sAw9ru9m40dzKYrufZrF1mNd1cJj/33bYH+R5GkW+D7P0MRiMYz7fPGjm+9l5lMV6b1DM53nTRvNgFIdFLC4X9bTTyOrYOs43/f/2Vru3d5AMm7v9dtpL1irVFyvVO+XqbtpoDpqr5Vq3cWc1WWh1RsvKg2atu95K01anWamn3cVkoVWvl6vVZOFuc6td6yXVamWlslReWyzObiev3X836TSShVF8pd3bG7Q7/WQ73U3yTywmy5WVlxaTW9Xk7Y3NZPPBvXsbm++8f/e9+y9vvPFqsehvZb0Qy0vLy+XqUnm5uniO9v9xUXSyMLH9w7GUpl0AwNmj/wem4eT6/90HESff/4f+fyLOVP87LmuC/e953z8ci/4fAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODc+n7ui9ezk/l8fK2Yf6qYeqYYlyJiJiJ++wezcfFIztkiz9y/rJ/7Sw3flCLLMLrGpeK4GhHrxfHr0yf9LQAAAMCT68uPbn6ad+v5y/y0C+I05TdtZq5/MKF8pYiYm/9hQtlmRi/PTihZ9u/7QhxMKFt2A+vyhJLlt9wuTCrbfzJ7JFx+LJTyMHOq5QAAAKfiaCdwul0IAAAAp+mTaRfAdJRi/Chz/Cw4+8v7Px8IXjkyAgAAAM6g0rQLAAAAAE5c1v/7/T8AAAB4suW//wcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPzOzv3cJg5EcQB+Nnhh/2nRau/byt6gjC1hj3uMKCBNUEAOpIU0QA3klhIiiPA4BCIOkTy2lej7JGcylvnxBsFhZqQBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALt1X68Xt1e/rtjm7fTt5RgMAAABcsq3Wi/qfWep/be5/b279bPpFRJQRcWnuPopPZ5mjJqd6ef7m9PnqVQ13EXXC4T0mzfUlIv401+OPrj8FAAAA+Lg2y9U8zdbTn9nQBdGntGhTfvubKa+IiGr2kCmtPOT9yhRWf7/H8T9TWr2ANc0UlpbcxrnS3qT+uR9X7aYnTZGa8uLLjkVmGzsAANCj0VnT7ywEAACAPv0bugCGUcTzVuZxK3CSmmZ77/NZDwAAAHiHiqELAAAAADpXz/97Ov9v7/w/AAAAGEY6/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAubav1YrNczdvm7Pbt5BkNAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwxP68o0AIhEEY7F3fmcz9DysNmpqaVIHw8TcGAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwJvf/eX/xNQ4k8y9NpaeR5K1U2Pr1Ng7N47+ML5+DQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAX+/OSAiEQBFEwZ/zvpO9/WEnQM4gQAQ2PKmrRAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwRb/75f/E1DiTzJ02lo5HkrWrxtZVY+9B4+jBePs3AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAXO/fzGkcVBwD8zc7OxlbFNcoeIqLgQS92u62tvYkHJXjwTxBCuq2xW3+0OdhSxFy8Sc69iB5FBCXe+j/0nEAu8ZbDHiJ4jszszO7kB7j+6Mwm+XzgzfvuMMz7vlkI+c57CQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEBh+O4kjtNDexQ38nObew+W037rUJ96tL69kLY0jqpM+mR4ufwh6ozDvTqSAQAA4GyIi/o+hLCTbCymfaOd1f9JcU1a83//7Cgu6vnDdX/RF7V/2n77dffF8UDt0TjpTW+sDPoXj6bSfHKznG3P/e0VzezJZ+9e4uwLaXyw9sIwyZ5n9O3jx++1snCuimwBgH/jQtHnQfH7UNr36kwMgDOjWSq8i/o/btebEwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEAVhmvh6SKOQggLzUmc2tp7sHxc/2h9e6FoVx8+XA9fT+6Z3iIJIdxYGfQvVjqb2Xb33v1bS4NB/071wSshhLpGfyef/q2Pprg4hFqej+D/Cfbn8i97RvI5IUGNP5QAADiVkryldf1OsrGYnovmQ9j/4WD9/3opDlPW/7sfX90sj1Wu/3uVzXD2dVdvf969e+/+myu3l272b/Y/fetS7+3e5WtXrlzrZu9Kut6YAAAA8N+08lau/xvzR9f/z5fiMGX9/8V3va/KY8Xq/2NNFv3qzgQAAOBse/7VP/+IjjkftVrhy6XV1Tu90XH8+dLoWEOq/9hc3sr1fzxfd1YAAABAFYZr0YH1/+ulOEy5/v/Mjy/9XL5nHEI4l6//X1j+bHC9uunMtCr+nLjuOQIAAFCvc3krr/8n2f7/xnjLQyOE8MZrozj/N4BT1f/x+9/8VB6rvP//cnVTnEmNzuh5ZH0nhGan7owAAAA4zZ7KW1rs/55sLH7yy/kPW/b/AwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAFTtrwAAAP//RAE/8A==")
syz_mount_image$fuse(0x0, &(0x7f0000002080)='./file0\x00', 0x0, 0x0, 0x0, 0x0, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000480)=0x7)
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@ipv6_newaddr={0x40, 0x14, 0x9535393fea6295b5, 0x70bd27, 0x25dfdbff, {0xa, 0x17, 0x0, 0xff}, [@IFA_LOCAL={0x14, 0x2, @private1}, @IFA_CACHEINFO={0x14, 0x6, {0x7f, 0x94a, 0x8001, 0x6}}]}, 0x40}, 0x1, 0x0, 0x0, 0x2004c040}, 0x0)
setsockopt$inet_int(0xffffffffffffffff, 0x0, 0x18, &(0x7f0000000100)=0x2, 0x4)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
ioctl$sock_bt_hci(r3, 0x400448e0, 0xfffffffffffffffe)

1.00323ms ago: executing program 4 (id=1216):
openat$damon_mk_contexts(0xffffffffffffff9c, &(0x7f0000000640), 0x2000, 0xc)
pipe2$9p(&(0x7f0000000180)={0xffffffffffffffff, <r0=>0xffffffffffffffff}, 0x0)
dup(r0)
socket$nl_sock_diag(0x10, 0x3, 0x4)
socket$inet_icmp(0x2, 0x2, 0x1)
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="19000000040000000400000005"], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xc, &(0x7f00000001c0)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bc82000000000000a6020000f8ffffffb703000008000000cd03000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp=0xedf0e51957efc755, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r1}, &(0x7f0000000240), &(0x7f0000000380)=r2}, 0x20)
r3 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48)
socket$nl_rdma(0x10, 0x3, 0x14)
bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x17, 0x17, &(0x7f00000007c0)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0xa0}}, {}, [@printk={@p, {0x3, 0x3, 0x3, 0xa, 0xa}, {0x5}, {0x7, 0x0, 0x3, 0x0}, {}, {}, {0x16}}], {{0x6, 0x1, 0xb, 0x0}, {0x5}, {0x85, 0x0, 0x0, 0x5}}}, &(0x7f0000000140)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sysctl, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = socket$inet6_mptcp(0xa, 0x1, 0x106)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000440)={r1, &(0x7f0000000680)='@', &(0x7f0000000400)=@tcp6=r4, 0x2}, 0x20)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r2, 0x18000000000002a0, 0x5ee, 0x0, &(0x7f0000000580)="b9ff03076804268c989e14f088a8", 0x0, 0x500, 0x60000000, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50)

0s ago: executing program 0 (id=1217):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f00000000c0)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, &(0x7f0000000780)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3f8, 0x1, 0x32}, 0x9c)
bind$inet6(r3, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendto$inet6(r3, &(0x7f0000847fff)='X', 0xfee4, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r3, 0x0, 0x0, 0x4048884)

kernel console output (not intermixed with test programs):

 IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[   35.817016][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[   35.818546][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[   35.825190][ T4329] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[   35.827227][ T4329] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[   35.831856][ T4328] 8021q: adding VLAN 0 to HW filter on device batadv0
[   35.835283][ T4323] 8021q: adding VLAN 0 to HW filter on device batadv0
[   35.836446][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[   35.838126][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[   35.839399][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   35.840674][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   35.844858][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   35.846104][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   35.865262][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   35.866848][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.886143][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   35.887677][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.897586][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   35.899267][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   35.900897][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   35.903726][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   35.907538][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   35.908765][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   35.910193][ T4320] device veth0_vlan entered promiscuous mode
[   35.932103][ T4327] 8021q: adding VLAN 0 to HW filter on device batadv0
[   35.933852][ T4320] device veth1_vlan entered promiscuous mode
[   35.935161][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   35.936576][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   35.938020][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   35.939521][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   35.940863][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   35.951734][ T4329] 8021q: adding VLAN 0 to HW filter on device batadv0
[   35.956001][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   35.957467][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   35.958683][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   35.960328][ T4323] device veth0_vlan entered promiscuous mode
[   35.981155][ T4323] device veth1_vlan entered promiscuous mode
[   35.982541][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   35.983935][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   35.985310][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   35.999038][ T4320] device veth0_macvtap entered promiscuous mode
[   36.003283][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   36.004816][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.006427][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.007934][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   36.009537][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   36.011851][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.016556][ T4320] device veth1_macvtap entered promiscuous mode
[   36.025004][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.026555][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   36.027982][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   36.029502][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   36.030829][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   36.039783][ T4327] device veth0_vlan entered promiscuous mode
[   36.042826][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.044315][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.048767][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[   36.050365][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[   36.052487][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   36.053995][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   36.055515][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   36.056844][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   36.058481][ T4323] device veth0_macvtap entered promiscuous mode
[   36.063993][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.069365][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.070935][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.073216][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.075527][ T4323] device veth1_macvtap entered promiscuous mode
[   36.076971][ T4329] device veth0_vlan entered promiscuous mode
[   36.079854][ T4320] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.083878][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.085387][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.086752][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   36.089458][ T4327] device veth1_vlan entered promiscuous mode
[   36.095089][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   36.096479][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[   36.097896][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[   36.099353][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[   36.100714][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[   36.106335][ T4320] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.107699][ T4320] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.108978][ T4320] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.110287][ T4320] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.114732][ T4328] device veth0_vlan entered promiscuous mode
[   36.117889][ T4329] device veth1_vlan entered promiscuous mode
[   36.123088][ T4328] device veth1_vlan entered promiscuous mode
[   36.129353][ T4323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.130945][ T4323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.134762][ T4323] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.145471][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   36.147015][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   36.148450][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan0: link becomes ready
[   36.149926][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   36.152014][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.153560][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.154999][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.156568][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.158758][ T4323] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.160397][ T4323] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.163151][ T4323] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.165108][ T4327] device veth0_macvtap entered promiscuous mode
[   36.167982][ T4327] device veth1_macvtap entered promiscuous mode
[   36.173680][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvlan1: link becomes ready
[   36.175213][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.176707][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.178076][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.179672][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   36.188249][ T4323] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.189698][ T4323] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.192593][ T4323] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.193801][ T4323] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.195811][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.197376][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.203880][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.205564][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.207090][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.208703][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.210849][ T4327] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.214153][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.215780][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.217163][ T4327] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.218759][ T4327] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.220791][ T4327] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.224307][ T4328] device veth0_macvtap entered promiscuous mode
[   36.226048][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.227563][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.229018][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.230539][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.232114][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   36.235340][ T4327] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.236768][ T4327] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.238173][ T4327] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.239511][ T4327] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.248965][ T4328] device veth1_macvtap entered promiscuous mode
[   36.256073][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.257670][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[   36.259228][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[   36.265871][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.267602][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.269164][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.270779][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.273581][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.275116][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.277332][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.284994][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.286598][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.290048][ T4329] device veth0_macvtap entered promiscuous mode
[   36.293095][ T4329] device veth1_macvtap entered promiscuous mode
[   36.297428][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.298891][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.300258][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.302420][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.303974][ T4328] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.305481][ T4328] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.307908][ T4328] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.315396][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[   36.316829][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[   36.318171][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.319698][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   36.329140][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.330452][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.336258][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.337925][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.339394][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.340909][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.342576][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.343978][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.345420][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   36.346939][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.349079][ T4329] batman_adv: batadv0: Interface activated: batadv_slave_0
[   36.350760][ T4328] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.352609][ T4328] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.353947][ T4328] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.355300][ T4328] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.358893][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   36.360235][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   36.362734][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   36.373007][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.374681][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.376168][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.377755][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.379214][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.380916][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.382805][ T4329] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   36.384450][ T4329] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   36.386605][ T4329] batman_adv: batadv0: Interface activated: batadv_slave_1
[   36.391487][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   36.393183][  T250] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   36.399510][ T4329] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   36.400932][ T4329] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   36.404994][ T4329] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   36.406354][ T4329] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   36.419589][  T288] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.420974][  T288] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.426971][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   36.445954][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.447363][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.449496][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   36.454736][   T39] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.455941][   T39] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.463304][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   36.495438][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.496694][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.498465][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   36.502025][ T4416] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.503235][ T4416] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.505002][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   36.508273][ T4416] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.509532][ T4416] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.510819][  T288] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.513318][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   36.514636][  T288] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.516347][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   36.530877][  T288] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.532194][  T288] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.535840][  T288] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   36.549366][   T39] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   36.550634][   T39] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   36.555539][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   36.801705][ T4438] loop1: detected capacity change from 0 to 40427
[   37.043176][ T4438] F2FS-fs (loop1): invalid crc value
[   37.074385][ T4438] F2FS-fs (loop1): Found nat_bits in checkpoint
[   37.084242][ T4438] F2FS-fs (loop1): Start checkpoint disabled!
[   37.102883][ T4438] F2FS-fs (loop1): Mounted with checkpoint version = 48b305e6
[   37.310834][ T4335] Bluetooth: hci1: command 0x041b tx timeout
[   37.314660][ T4326] Bluetooth: hci2: command 0x041b tx timeout
[   37.314684][ T4330] Bluetooth: hci0: command 0x041b tx timeout
[   37.314756][ T4336] Bluetooth: hci3: command 0x041b tx timeout
[   37.318356][ T4330] Bluetooth: hci4: command 0x041b tx timeout
[   37.550566][ T4455] binder: 4454:4455 IncRefs 0 refcount change on invalid ref 0 ret -22
[   37.574126][ T4455] binder: 4454:4455 got transaction to invalid handle, 1
[   37.575228][ T4455] binder: 4455:4454 cannot find target node
[   37.576159][ T4455] binder: 4454:4455 transaction call to 0:0 failed 3/29201/-22, size 0-0 line 3045
[   37.577763][ T4455] binder: 4454:4455 ioctl c0306201 20000580 returned -14
[   37.593874][ T4455] binder: 4454:4455 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[   37.595830][ T4455] binder: 4455 RLIMIT_NICE not set
[   37.596674][ T4455] binder: 4454:4455 ioctl c0306201 20000240 returned -11
[   37.597922][ T4455] binder: 4454:4455 got reply transaction with no transaction stack
[   37.599191][ T4455] binder: 4454:4455 transaction reply to 0:0 failed 4/29201/-71, size 0-0 line 2946
[   37.609002][  T288] kworker/u4:4: attempt to access beyond end of device
[   37.609002][  T288] loop1: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[   37.654761][ T4435] loop0: detected capacity change from 0 to 32768
[   37.669178][ T4402] binder: undelivered TRANSACTION_ERROR: 29201
[   37.699823][ T4470] loop1: detected capacity change from 0 to 512
[   37.707399][ T4470] EXT2-fs (loop1): warning: mounting ext3 filesystem as ext2
[   37.709652][ T4435] XFS (loop0): Mounting V5 Filesystem
[   37.808553][ T4435] XFS (loop0): Ending clean mount
[   37.908112][ T4476] loop2: detected capacity change from 0 to 8192
[   37.910511][ T4476] FAT-fs (loop2): Unrecognized mount option "./file0" or missing value
[   38.422715][ T4488] netlink: 72 bytes leftover after parsing attributes in process `syz.1.14'.
[   39.014032][ T4495] netlink: 4 bytes leftover after parsing attributes in process `syz.1.17'.
[   39.107486][ T4499] loop4: detected capacity change from 0 to 16
[   39.184986][ T4499] erofs: (device loop4): mounted with root inode @ nid 36.
[   39.399830][ T4337] Bluetooth: hci2: command 0x040f tx timeout
[   39.400967][ T4337] Bluetooth: hci1: command 0x040f tx timeout
[   39.402093][ T4337] Bluetooth: hci4: command 0x040f tx timeout
[   39.403111][ T4337] Bluetooth: hci3: command 0x040f tx timeout
[   39.404061][ T4337] Bluetooth: hci0: command 0x040f tx timeout
[   39.502433][ T4504] netlink: 'syz.1.17': attribute type 10 has an invalid length.
[   39.517709][ T4504] bond0: (slave netdevsim0): Enslaving as an active interface with an up link
[   39.638641][ T4320] XFS (loop0): Unmounting Filesystem
[   40.226549][ T4515] sctp: [Deprecated]: syz.3.22 (pid 4515) Use of struct sctp_assoc_value in delayed_ack socket option.
[   40.226549][ T4515] Use struct sctp_sack_info instead
[   40.297350][ T4519] loop0: detected capacity change from 0 to 512
[   40.308551][ T4519] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[   40.312307][ T4519] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[   40.334512][ T4519] EXT4-fs error (device loop0): ext4_orphan_get:1400: inode #15: comm syz.0.20: inode has both inline data and extents flags
[   40.339723][ T4519] EXT4-fs error (device loop0): ext4_orphan_get:1405: comm syz.0.20: couldn't read orphan inode 15 (err -117)
[   40.343523][ T4519] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[   40.371531][ T4519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   40.372981][ T4519] netlink: 'syz.0.20': attribute type 30 has an invalid length.
[   40.375798][ T4519] netdevsim netdevsim0 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   40.377300][ T4519] netdevsim netdevsim0 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   40.378662][ T4519] netdevsim netdevsim0 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   40.379929][ T4519] netdevsim netdevsim0 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   40.382975][ T4519] netlink: 8 bytes leftover after parsing attributes in process `syz.0.20'.
[   40.384330][ T4519] netlink: 'syz.0.20': attribute type 30 has an invalid length.
[   40.387680][ T4519] Zero length message leads to an empty skb
[   40.398019][ T4522] loop3: detected capacity change from 0 to 4096
[   40.419797][ T4320] EXT4-fs (loop0): unmounting filesystem.
[   40.425254][ T4522] NILFS (loop3): invalid segment: Checksum error in segment payload
[   40.426599][ T4522] NILFS (loop3): trying rollback from an earlier position
[   40.474019][ T4522] NILFS (loop3): recovery complete
[   40.476560][ T4529] NILFS (loop3): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   41.127321][ T4544] binder: 4543:4544 tried to acquire reference to desc 0, got 1 instead
[   41.130593][   T22] binder: undelivered TRANSACTION_COMPLETE
[   41.143811][   T22] binder: undelivered transaction 9, process died.
[   41.374709][ T4553] loop2: detected capacity change from 0 to 4096
[   41.386656][ T4553] EXT4-fs: Ignoring removed bh option
[   41.434512][ T4553] EXT4-fs (loop2): Test dummy encryption mode enabled
[   41.439457][ T4553] [EXT4 FS bs=4096, gc=1, bpg=524288, ipg=32, mo=a842c018, mo2=0003]
[   41.440895][ T4553] System zones: 0-5
[   41.446503][ T4553] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[   41.461802][ T4326] Bluetooth: hci0: command 0x0419 tx timeout
[   41.464565][ T4557] Injecting memory failure for pfn 0x13a5dc at process virtual address 0x20ffd000
[   41.464874][ T4337] Bluetooth: hci4: command 0x0419 tx timeout
[   41.466116][ T4335] Bluetooth: hci1: command 0x0419 tx timeout
[   41.467051][ T4326] Bluetooth: hci3: command 0x0419 tx timeout
[   41.467896][ T4335] Bluetooth: hci2: command 0x0419 tx timeout
[   41.472643][ T4557] Memory failure: 0x13a5dc: recovery action for clean LRU page: Recovered
[   41.474080][ T4557] Injecting memory failure for pfn 0x13a5d8 at process virtual address 0x20ffe000
[   41.477912][ T4557] Memory failure: 0x13a5d8: recovery action for clean LRU page: Recovered
[   41.479269][ T4557] Injecting memory failure for pfn 0x137847 at process virtual address 0x20fff000
[   41.480874][ T4557] Memory failure: 0x137847: recovery action for clean LRU page: Recovered
[   41.566316][ T4327] EXT4-fs (loop2): unmounting filesystem.
[   42.775633][ T4584] sctp: [Deprecated]: syz.0.42 (pid 4584) Use of int in max_burst socket option.
[   42.775633][ T4584] Use struct sctp_assoc_value instead
[   42.864850][ T4587] binder: 4582:4587 tried to acquire reference to desc 0, got 1 instead
[   42.867128][ T4587] binder_alloc: 4582: pid 4582 spamming oneway? 1 buffers allocated for a total size of 4096
[   42.873872][   T22] binder: release 4582:4587 transaction 18 out, still active
[   42.875097][   T22] binder: undelivered TRANSACTION_COMPLETE
[   42.876047][   T22] binder: undelivered TRANSACTION_COMPLETE
[   42.884382][   T22] binder: send failed reply for transaction 18, target dead
[   42.885507][   T22] binder: undelivered transaction 19, process died.
[   43.541860][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   43.544813][ T4598] loop3: detected capacity change from 0 to 256
[   43.548927][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   43.550151][ T4597] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   43.570846][ T4598] FAT-fs (loop3): Directory bread(block 64) failed
[   43.577735][ T4598] FAT-fs (loop3): Directory bread(block 65) failed
[   43.578827][ T4598] FAT-fs (loop3): Directory bread(block 66) failed
[   43.587348][ T4598] FAT-fs (loop3): Directory bread(block 67) failed
[   43.588529][ T4598] FAT-fs (loop3): Directory bread(block 68) failed
[   43.589552][ T4598] FAT-fs (loop3): Directory bread(block 69) failed
[   43.590702][ T4598] FAT-fs (loop3): Directory bread(block 70) failed
[   43.599771][ T4598] FAT-fs (loop3): Directory bread(block 71) failed
[   43.601317][ T4598] FAT-fs (loop3): Directory bread(block 72) failed
[   43.602474][ T4598] FAT-fs (loop3): Directory bread(block 73) failed
[   43.648529][ T4597] device bond_slave_1 entered promiscuous mode
[   43.650011][ T4597] device bond_slave_1 left promiscuous mode
[   43.965461][ T4604] loop4: detected capacity change from 0 to 128
[   44.620631][ T4616] netlink: 'syz.3.51': attribute type 3 has an invalid length.
[   44.642997][ T4616] netlink: 'syz.3.51': attribute type 3 has an invalid length.
[   45.655971][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   45.660280][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   45.669626][ T4639] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   45.684227][ T4639] device bridge_slave_0 left promiscuous mode
[   45.687400][ T4639] bridge0: port 1(bridge_slave_0) entered disabled state
[   45.717626][ T4630] loop1: detected capacity change from 0 to 32768
[   45.720188][ T4630] =======================================================
[   45.720188][ T4630] WARNING: The mand mount option has been deprecated and
[   45.720188][ T4630]          and is ignored by this kernel. Remove the mand
[   45.720188][ T4630]          option from the mount to silence this warning.
[   45.720188][ T4630] =======================================================
[   45.728128][ T4639] device bridge_slave_1 left promiscuous mode
[   45.729862][ T4639] bridge0: port 2(bridge_slave_1) entered disabled state
[   45.815578][ T4639] bond0: (slave bond_slave_0): Releasing backup interface
[   45.856780][ T4639] bond0: (slave bond_slave_1): Releasing backup interface
[   46.709255][ T4639] team0: Port device team_slave_0 removed
[   46.716744][ T4639] team0: Port device team_slave_1 removed
[   46.718104][ T4639] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   46.719252][ T4639] batman_adv: batadv0: Removing interface: batadv_slave_0
[   46.747714][ T4639] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   46.748952][ T4639] batman_adv: batadv0: Removing interface: batadv_slave_1
[   46.757330][ T4640] netlink: 8 bytes leftover after parsing attributes in process `syz.4.58'.
[   46.777254][ T4643] team0: Mode changed to "loadbalance"
[   46.833931][ T4658] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   47.266243][ T4664] loop4: detected capacity change from 0 to 32768
[   47.270324][ T4672] netlink: 24 bytes leftover after parsing attributes in process `syz.0.67'.
[   47.283740][ T4672] netlink: 4 bytes leftover after parsing attributes in process `syz.0.67'.
[   47.301106][ T4664] XFS (loop4): Mounting V5 Filesystem
[   47.371438][ T4664] XFS (loop4): Ending clean mount
[   47.376459][ T4666] loop3: detected capacity change from 0 to 1024
[   47.377417][ T4664] XFS (loop4): Quotacheck needed: Please wait.
[   47.420070][ T4666] hfsplus: failed to load extents file
[   47.427780][ T4664] XFS (loop4): Quotacheck: Done.
[   48.189284][ T4328] XFS (loop4): Unmounting Filesystem
[   48.193292][ T4672] bond0: (slave bond_slave_0): Releasing backup interface
[   48.995064][ T4694] 8021q: adding VLAN 0 to HW filter on device bond0
[   48.997730][ T4694] team0: Port device bond0 added
[   49.007796][ T4699] team0: Failed to send port change of device bond0 via netlink (err -105)
[   49.014451][ T4699] bridge0: port 1(bridge_slave_0) entered disabled state
[   49.023642][ T4699] bridge0: port 2(bridge_slave_1) entered disabled state
[   49.028194][ T4699] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[   49.030293][ T4699] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[   49.192257][ T4701] ªªªªªª: renamed from vlan0
[   50.296619][ T4726] loop0: detected capacity change from 0 to 128
[   50.370200][ T4726] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[   50.453973][ T4320] EXT4-fs (loop0): unmounting filesystem.
[   50.739959][ T4733] loop0: detected capacity change from 0 to 32768
[   51.096439][ T4733] XFS (loop0): Mounting V5 Filesystem
[   51.125803][ T4733] XFS (loop0): Ending clean mount
[   51.129189][ T4733] XFS (loop0): Quotacheck needed: Please wait.
[   51.147825][ T4733] XFS (loop0): Quotacheck: Done.
[   51.628888][ T4320] XFS (loop0): Unmounting Filesystem
[   51.646581][ T4753] netlink: 24 bytes leftover after parsing attributes in process `syz.3.86'.
[   51.658495][ T4753] netlink: 4 bytes leftover after parsing attributes in process `syz.3.86'.
[   55.122321][ T4800] Bluetooth: hci0: Opcode 0x0c20 failed: -4
[   55.199320][ T4779] loop2: detected capacity change from 0 to 32768
[   55.328280][ T4811] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   55.329660][ T4811] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   55.331122][ T4811] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   55.332391][ T4811] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   55.338880][ T4811] bond0: (slave vxlan0): Enslaving as an active interface with an up link
[   55.340204][ T4809] tipc: Started in network mode
[   55.343639][ T4809] tipc: Node identity 4, cluster identity 4711
[   55.344600][ T4809] tipc: Node number set to 4
[   55.650210][ T4779] XFS (loop2): Mounting V5 Filesystem
[   55.753780][ T4779] XFS (loop2): log mount failed
[   56.236705][ T4836] loop3: detected capacity change from 0 to 512
[   56.242497][ T4836] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[   56.244738][ T4836] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[   56.258145][ T4836] EXT4-fs warning (device loop3): ext4_expand_extra_isize_ea:2819: Unable to expand inode 11. Delete some EAs or run e2fsck.
[   56.260520][ T4836] EXT4-fs (loop3): 1 truncate cleaned up
[   56.262429][ T4836] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[   56.302327][ T4834] loop4: detected capacity change from 0 to 1024
[   56.310750][ T4834] hfsplus: failed to load extents file
[   56.311821][ T4836] loop3: detected capacity change from 512 to 3
[   56.318399][ T4836] Dev loop3: unable to read RDB block 3
[   56.320436][ T4836]  loop3: unable to read partition table
[   56.325778][ T4836] loop3: partition table beyond EOD, truncated
[   56.328002][ T4836] loop_reread_partitions: partition scan of loop3 (y‚Þ˜«Ý) failed (rc=-5)
[   56.329103][ T4839] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5929: Out of memory
[   56.333682][ T4839] EXT4-fs error (device loop3): ext4_dirty_inode:6133: inode #16: comm syz.3.105: mark_inode_dirty error
[   56.335999][ T4839] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5929: Out of memory
[   56.338654][ T4839] EXT4-fs error (device loop3): ext4_dirty_inode:6133: inode #16: comm syz.3.105: mark_inode_dirty error
[   56.340943][ T4839] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5929: Out of memory
[   56.346117][ T4839] EXT4-fs error (device loop3): ext4_dirty_inode:6133: inode #16: comm syz.3.105: mark_inode_dirty error
[   56.349370][ T4839] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5929: Out of memory
[   56.359157][ T4839] EXT4-fs error (device loop3): ext4_dirty_inode:6133: inode #16: comm syz.3.105: mark_inode_dirty error
[   56.364714][ T4839] EXT4-fs error (device loop3) in ext4_reserve_inode_write:5929: Out of memory
[   56.367361][ T4839] EXT4-fs error (device loop3): ext4_dirty_inode:6133: inode #16: comm syz.3.105: mark_inode_dirty error
[   56.372569][ T4839] syz.3.105: attempt to access beyond end of device
[   56.372569][ T4839] loop3: rw=0, sector=70, nr_sectors = 2 limit=3
[   56.376580][ T4839] EXT4-fs (loop3): pa 000000007e83ee34: logic 0, phys. 193, len 32
[   56.405174][ T4323] EXT4-fs (loop3): unmounting filesystem.
[   56.444484][ T4841] loop4: detected capacity change from 0 to 256
[   56.454438][ T4841] exFAT-fs (loop4): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   56.460188][ T4841] exFAT-fs (loop4): Medium has reported failures. Some data may be lost.
[   56.471961][ T4841] exFAT-fs (loop4): failed to load upcase table (idx : 0x00012112, chksum : 0xbf1871ed, utbl_chksum : 0xe619d30d)
[   57.061116][ T4330] Bluetooth: hci0: command 0x0c20 tx timeout
[   57.080259][ T4851] Bluetooth: hci0: Opcode 0x0c20 failed: -110
[   57.642729][ T4864] loop4: detected capacity change from 0 to 128
[   58.205707][ T4861] syz.4.110: attempt to access beyond end of device
[   58.205707][ T4861] loop4: rw=1, sector=145, nr_sectors = 896 limit=128
[   58.226713][ T4868] netlink: 'syz.3.115': attribute type 1 has an invalid length.
[   58.241659][ T4868] device bond1 entered promiscuous mode
[   58.242943][ T4868] 8021q: adding VLAN 0 to HW filter on device bond1
[   58.266232][ T4874] tipc: Failed to remove unknown binding: 66,1,1/0:2267020967/2267020969
[   58.278574][ T4868] netlink: 28 bytes leftover after parsing attributes in process `syz.3.115'.
[   58.291592][ T4868] bond1: (slave bridge1): making interface the new active one
[   58.292847][ T4868] device bridge1 entered promiscuous mode
[   58.294635][ T4868] bond1: (slave bridge1): Enslaving as an active interface with an up link
[   58.315666][ T4874] tipc: Failed to remove unknown binding: 66,1,1/0:2267020967/2267020969
[   58.317301][ T4874] tipc: Failed to remove unknown binding: 66,1,1/0:2267020967/2267020969
[   58.346903][ T4628] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[   58.370764][ T4877] MPTCP: kernel_bind error, err=-98
[   58.373369][ T4881] netlink: 12 bytes leftover after parsing attributes in process `syz.1.117'.
[   58.377647][ T4881] device gre1 entered promiscuous mode
[   58.967252][ T4895] loop2: detected capacity change from 0 to 4096
[   59.116194][ T4898] loop3: detected capacity change from 0 to 8
[   59.119712][ T4898] MTD: Attempt to mount non-MTD device "/dev/loop3"
[   59.126086][ T4314] udevd[4314]: incorrect cramfs checksum on /dev/loop3
[   59.154621][ T4479] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   59.336931][ T4904] process 'syz.3.125' launched './file2' with NULL argv: empty string added
[   59.343718][ T4904] cramfs: Error -5 while decompressing!
[   59.344671][ T4904] cramfs: 000000008b0e1cbc(26)->0000000023e38227(4096)
[   59.345905][ T4904] cramfs: Error -3 while decompressing!
[   59.346786][ T4904] cramfs: 0000000051d030bf(26)->00000000c140279d(4096)
[   59.347874][ T4904] cramfs: Error -3 while decompressing!
[   59.348813][ T4904] cramfs: 00000000884ec118(16)->00000000970e44e6(4096)
[   59.350110][ T4904] cramfs: Error -5 while decompressing!
[   59.350946][ T4904] cramfs: 000000008b0e1cbc(26)->0000000023e38227(4096)
[   60.157939][ T4330] Bluetooth: hci0: command 0x0c20 tx timeout
[   60.676328][ T4926] netlink: 'syz.4.131': attribute type 1 has an invalid length.
[   60.685306][ T4926] device bond1 entered promiscuous mode
[   60.686365][ T4926] 8021q: adding VLAN 0 to HW filter on device bond1
[   60.727307][ T4924] netlink: 'syz.1.132': attribute type 5 has an invalid length.
[   60.730352][ T4924] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[   60.731810][ T4924] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[   60.732971][ T4924] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[   60.734508][ T4924] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[   60.736970][ T4924] batman_adv: batadv0: Adding interface: vxlan0
[   60.737931][ T4924] batman_adv: batadv0: The MTU of interface vxlan0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[   60.741915][ T4924] batman_adv: batadv0: Interface activated: vxlan0
[   60.750866][ T4926] netlink: 28 bytes leftover after parsing attributes in process `syz.4.131'.
[   60.761686][ T4926] bond1: (slave bridge1): making interface the new active one
[   60.762895][ T4926] device bridge1 entered promiscuous mode
[   60.764628][ T4926] bond1: (slave bridge1): Enslaving as an active interface with an up link
[   60.767685][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[   63.573417][ T4977] 8021q: adding VLAN 0 to HW filter on device bond0
[   63.575701][ T4977] team0: Failed to send options change via netlink (err -105)
[   63.576918][ T4977] team0: Port device bond0 added
[   63.609419][ T4978] netlink: 'syz.0.148': attribute type 3 has an invalid length.
[   63.610827][ T4978] netlink: 'syz.0.148': attribute type 3 has an invalid length.
[   64.493782][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[   64.495030][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[   64.622180][    T7] cfg80211: failed to load regulatory.db
[   65.553851][ T4987] loop3: detected capacity change from 0 to 65536
[   65.640445][ T4987] XFS (loop3): Mounting V5 Filesystem
[   65.676369][ T4987] XFS (loop3): Ending clean mount
[   65.743787][ T5025] loop0: detected capacity change from 0 to 128
[   65.811205][ T5025] syz.0.159: attempt to access beyond end of device
[   65.811205][ T5025] loop0: rw=1, sector=145, nr_sectors = 896 limit=128
[   66.334479][ T4323] XFS (loop3): Unmounting Filesystem
[   66.820936][ T5040] loop4: detected capacity change from 0 to 2048
[   67.358810][ T5049] device wg1 entered promiscuous mode
[   68.704428][ T5067] loop4: detected capacity change from 0 to 8
[   68.707561][ T5067] MTD: Attempt to mount non-MTD device "/dev/loop4"
[   68.728138][ T5069] device syzkaller0 entered promiscuous mode
[   68.738917][ T4479] udevd[4479]: incorrect cramfs checksum on /dev/loop4
[   68.755710][ T4479] udevd[4479]: incorrect cramfs checksum on /dev/loop4
[   69.117173][ T5072] cramfs: Error -5 while decompressing!
[   69.118103][ T5072] cramfs: 000000002feaff67(26)->000000003d5c920a(4096)
[   69.119348][ T5072] cramfs: Error -3 while decompressing!
[   69.120246][ T5072] cramfs: 000000000257db8e(26)->000000009182f88b(4096)
[   69.121511][ T5072] cramfs: Error -3 while decompressing!
[   69.122406][ T5072] cramfs: 00000000fabbc942(16)->000000005582e3ea(4096)
[   69.123848][ T5072] cramfs: Error -5 while decompressing!
[   69.124838][ T5072] cramfs: 000000002feaff67(26)->000000003d5c920a(4096)
[   69.363274][ T5080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.175'.
[   69.376705][ T5080] netlink: 4 bytes leftover after parsing attributes in process `syz.2.175'.
[   69.387870][ T5083] loop0: detected capacity change from 0 to 1024
[   69.395901][ T5083] hfsplus: failed to load extents file
[   70.973135][ T5105] loop4: detected capacity change from 0 to 2048
[   71.291174][ T5116] netem: change failed
[   71.300367][ T5105]  loop4: p1 < > p4
[   71.329150][ T5105] loop4: p4 size 8388608 extends beyond EOD, truncated
[   73.170635][ T5133] netlink: 'syz.3.191': attribute type 1 has an invalid length.
[   73.472814][ T5133] 8021q: adding VLAN 0 to HW filter on device bond2
[   73.494491][ T5140] bond2: (slave ip6gretap1): making interface the new active one
[   73.496527][ T5140] bond2: (slave ip6gretap1): Enslaving as an active interface with an up link
[   73.497865][ T4416] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[   74.184143][ T4312] udevd[4312]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[   74.219083][ T5159] netlink: 4 bytes leftover after parsing attributes in process `syz.1.198'.
[   74.232158][ T5162] loop3: detected capacity change from 0 to 512
[   74.237738][ T5162] EXT2-fs (loop3): error: revision level too high, forcing read-only mode
[   74.240223][ T5162] EXT2-fs (loop3): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[   75.030412][ T5166] 8021q: adding VLAN 0 to HW filter on device bond2
[   75.146371][ T5166] device veth0 entered promiscuous mode
[   75.148209][ T5166] bond2: (slave macvlan2): making interface the new active one
[   75.149785][ T5166] bond2: (slave macvlan2): Enslaving as an active interface with an up link
[   75.153975][   T39] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[   76.383242][ T5195] netlink: 36 bytes leftover after parsing attributes in process `syz.1.209'.
[   76.988928][ T5214] loop2: detected capacity change from 0 to 512
[   76.997349][ T5214] EXT2-fs (loop2): error: revision level too high, forcing read-only mode
[   76.998782][ T5214] EXT2-fs (loop2): 0.5b, 95/08/09, bs=4096, gc=1, bpg=32768, ipg=32, mo=a00a8]
[   78.642849][ T5215] tipc: Started in network mode
[   78.643721][ T5215] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   78.646984][ T5215] tipc: Enabled bearer <eth:team0>, priority 0
[   79.062342][ T5241] netlink: 168 bytes leftover after parsing attributes in process `syz.3.219'.
[   79.729798][ T4403] tipc: Node number set to 11578026
[   79.901982][ T4330] Bluetooth: hci3: Malformed Event: 0x48
[   79.908244][ T5262] team0: Port device vlan1 added
[   79.913578][ T4446] tipc: Resetting bearer <eth:team0>
[   79.915080][ T5262] netlink: 'syz.3.228': attribute type 10 has an invalid length.
[   79.935640][ T5262] bond0: (slave dummy0): Enslaving as an active interface with an up link
[   79.937614][ T4446] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[   79.964139][ T5266] loop3: detected capacity change from 0 to 2048
[   80.004348][ T4479] I/O error, dev loop3, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[   80.023927][ T5268] loop4: detected capacity change from 0 to 16
[   80.072006][ T5268] erofs: (device loop4): erofs_fc_fill_super: rootino(nid 36) is not a directory(i_mode 66700)
[   81.801242][ T5275] tipc: Started in network mode
[   81.802140][ T5275] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711
[   81.803321][ T5275] tipc: Enabled bearer <eth:team0>, priority 0
[   81.842479][ T5293] loop0: detected capacity change from 0 to 65536
[   81.907335][ T5293] XFS (loop0): Mounting V5 Filesystem
[   81.916632][ T5293] XFS (loop0): Ending clean mount
[   81.966815][ T4320] XFS (loop0): Unmounting Filesystem
[   82.070408][ T5311] loop3: detected capacity change from 0 to 32768
[   82.095909][ T5311] ERROR: (device loop3): diNewExt: no free extents
[   82.095909][ T5311] 
[   82.098313][ T5311] ERROR: (device loop3): remounting filesystem as read-only
[   82.099549][ T5311] ialloc: diAlloc returned -5!
[   82.274085][ T5315] netlink: 168 bytes leftover after parsing attributes in process `syz.2.239'.
[   82.931125][    T7] tipc: Node number set to 11578026
[   84.608860][ T5348] loop3: detected capacity change from 0 to 512
[   84.610422][ T5348] EXT4-fs: Ignoring removed orlov option
[   84.627769][ T5348] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[   85.834049][ T5348] EXT4-fs (loop3): orphan cleanup on readonly fs
[   85.837631][ T5348] EXT4-fs error (device loop3): ext4_validate_block_bitmap:438: comm syz.3.250: bg 0: block 248: padding at end of block bitmap is not set
[   85.862479][ T5348] Quota error (device loop3): write_blk: dquota write failed
[   85.868177][ T5348] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[   85.879777][ T5358] netlink: 'syz.4.252': attribute type 1 has an invalid length.
[   85.881197][ T5348] EXT4-fs error (device loop3): ext4_acquire_dquot:6809: comm syz.3.250: Failed to acquire dquot type 1
[   85.890559][ T5358] 8021q: adding VLAN 0 to HW filter on device bond3
[   85.908842][ T5358] bond3: (slave ip6gretap1): making interface the new active one
[   85.912436][ T5358] bond3: (slave ip6gretap1): Enslaving as an active interface with an up link
[   85.914019][ T5064] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[   85.917621][ T5348] EXT4-fs (loop3): 1 truncate cleaned up
[   85.953059][ T5348] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: writeback.
[   86.285646][   T27] audit: type=1326 audit(86.270:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5346 comm="syz.3.250" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f15b9e8 code=0x0
[   87.276895][ T5379] netlink: 12 bytes leftover after parsing attributes in process `syz.0.256'.
[   87.348006][ T5381] netlink: 4 bytes leftover after parsing attributes in process `syz.4.257'.
[   87.374720][ T4323] EXT4-fs (loop3): unmounting filesystem.
[   87.448246][ T5379] loop0: detected capacity change from 0 to 32768
[   87.456694][ T5379] BTRFS: device fsid c9fe44da-de57-406a-8241-57ec7d4412cf devid 1 transid 8 /dev/loop0 scanned by syz.0.256 (5379)
[   87.476328][ T5379] BTRFS info (device loop0): first mount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   87.478123][ T5379] BTRFS info (device loop0): using crc32c (crc32c-generic) checksum algorithm
[   87.479681][ T5379] BTRFS info (device loop0): use zlib compression, level 3
[   87.480901][ T5379] BTRFS info (device loop0): using free space tree
[   87.495578][ T5379] BTRFS info (device loop0): enabling ssd optimizations
[   87.552383][ T4320] BTRFS info (device loop0): last unmount of filesystem c9fe44da-de57-406a-8241-57ec7d4412cf
[   88.524296][ T5418] loop2: detected capacity change from 0 to 8
[   88.560543][ T5420] tipc: Enabled bearer <udp:syz2>, priority 10
[   88.575061][ T5421] sch_tbf: burst 1821 is lower than device lo mtu (65550) !
[   89.781887][ T5422] netlink: 12 bytes leftover after parsing attributes in process `syz.4.264'.
[   89.825537][ T5424] tipc: Enabling of bearer <eth:team0> rejected, already enabled
[   89.954065][ T5443] netlink: 'syz.2.270': attribute type 4 has an invalid length.
[   90.259194][ T5452] netlink: 'syz.2.270': attribute type 4 has an invalid length.
[   90.279483][ T5448] loop3: detected capacity change from 0 to 4096
[   90.312078][ T5456] loop0: detected capacity change from 0 to 1024
[   90.952035][ T5466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.278'.
[   91.014832][ T5466] netlink: 4 bytes leftover after parsing attributes in process `syz.4.278'.
[   94.904199][ T5527] loop0: detected capacity change from 0 to 256
[   94.914987][ T5527] exFAT-fs (loop0): bogus data start sector
[   94.918201][ T5527] exFAT-fs (loop0): failed to read boot sector
[   94.924082][ T5527] exFAT-fs (loop0): failed to recognize exfat type
[   96.706400][ T5560] device syzkaller0 entered promiscuous mode
[   96.729944][ T5564] loop4: detected capacity change from 0 to 1024
[   97.227440][ T5564] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[   97.723719][ T4328] EXT4-fs (loop4): unmounting filesystem.
[   98.058232][ T5591] netlink: 24 bytes leftover after parsing attributes in process `syz.0.310'.
[   98.179545][ T5594] loop0: detected capacity change from 0 to 4096
[   98.187986][ T5594] ntfs3: loop0: Different NTFS' sector size (4096) and media sector size (512)
[   98.272668][ T5594] ntfs3: loop0: Mark volume as dirty due to NTFS errors
[   99.188811][ T5618] netlink: 12 bytes leftover after parsing attributes in process `syz.3.319'.
[  102.088473][ T5654] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  102.183818][ T5656] devpts: called with bogus options
[  103.997015][ T5693] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  103.998851][ T5693] device syzkaller0 entered promiscuous mode
[  104.068364][ T5693] tipc: Resetting bearer <eth:syzkaller0>
[  104.095264][ T5692] tipc: Resetting bearer <eth:syzkaller0>
[  104.739797][ T5692] tipc: Disabling bearer <eth:syzkaller0>
[  105.555344][ T5720] bridge0: the hash_elasticity option has been deprecated and is always 16
[  106.323069][ T5739] loop2: detected capacity change from 0 to 16
[  106.778611][ T5739] erofs: (device loop2): mounted with root inode @ nid 36.
[  107.427993][ T5751] netlink: 'syz.2.361': attribute type 1 has an invalid length.
[  107.469608][ T5751] 8021q: adding VLAN 0 to HW filter on device bond1
[  107.477492][ T5726] loop4: detected capacity change from 0 to 32768
[  107.489598][ T5746] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  107.492227][ T5746] device syzkaller0 entered promiscuous mode
[  107.518897][ T5751] bond1: (slave erspan0): making interface the new active one
[  107.522125][ T5751] bond1: (slave erspan0): Enslaving as an active interface with an up link
[  107.523643][ T4653] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  107.549175][ T5746] tipc: Resetting bearer <eth:syzkaller0>
[  107.558913][ T5726] XFS (loop4): Mounting V5 Filesystem
[  107.563863][ T5745] tipc: Resetting bearer <eth:syzkaller0>
[  107.649507][ T5726] XFS (loop4): Ending clean mount
[  107.651887][ T5745] tipc: Disabling bearer <eth:syzkaller0>
[  107.653886][ T5764] netlink: 'syz.1.363': attribute type 1 has an invalid length.
[  107.664169][ T5764] 8021q: adding VLAN 0 to HW filter on device bond1
[  107.674142][ T5766] bond1: (slave ip6gretap1): making interface the new active one
[  107.676296][ T5766] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  107.677668][ T5726] sch_tbf: burst 3936 is lower than device lo mtu (65550) !
[  109.045581][ T5780] 9pnet_fd: p9_fd_create_tcp (5780): problem connecting socket to 127.0.0.1
[  109.076968][ T4328] XFS (loop4): Unmounting Filesystem
[  109.237766][ T5792] loop3: detected capacity change from 0 to 164
[  110.075024][ T5812] netlink: 24 bytes leftover after parsing attributes in process `syz.4.371'.
[  110.350327][ T5816] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  110.354248][ T5816] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  110.370636][ T5812] netlink: 4 bytes leftover after parsing attributes in process `syz.4.371'.
[  110.460916][ T5818] tipc: Started in network mode
[  110.462129][ T5818] tipc: Node identity c2ababd85e47, cluster identity 4711
[  110.463258][ T5818] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  110.465415][ T5818] device syzkaller0 entered promiscuous mode
[  110.473088][ T5818] tipc: Resetting bearer <eth:syzkaller0>
[  110.477758][ T5817] tipc: Resetting bearer <eth:syzkaller0>
[  110.531711][ T5817] tipc: Disabling bearer <eth:syzkaller0>
[  110.535013][ T5820] loop4: detected capacity change from 0 to 4096
[  110.625951][ T5822] loop2: detected capacity change from 0 to 2048
[  110.660537][ T5822] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: none.
[  110.752158][ T5831] EXT4-fs error (device loop2): ext4_mb_generate_buddy:1097: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  110.756257][ T5831] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 640 with error 28
[  110.758527][ T5831] EXT4-fs (loop2): This should not happen!! Data will be lost
[  110.758527][ T5831] 
[  110.759926][ T5831] EXT4-fs (loop2): Total free blocks count 0
[  110.760786][ T5831] EXT4-fs (loop2): Free/Dirty block details
[  110.763066][ T5831] EXT4-fs (loop2): free_blocks=2415919504
[  110.764050][ T5831] EXT4-fs (loop2): dirty_blocks=656
[  110.765011][ T5831] EXT4-fs (loop2): Block reservation details
[  110.765907][ T5831] EXT4-fs (loop2): i_reserved_data_blocks=41
[  110.927464][ T5839] netlink: 165 bytes leftover after parsing attributes in process `syz.1.382'.
[  111.135221][ T4653] EXT4-fs (loop2): Delayed block allocation failed for inode 15 at logical offset 640 with max blocks 2048 with error 28
[  111.481067][   T27] audit: type=1326 audit(112.453:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5851 comm="syz.2.387" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x0
[  111.732882][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  111.997705][ T5865] loop3: detected capacity change from 0 to 256
[  112.004517][ T5865] FAT-fs (loop3): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  112.007603][ T5865] FAT-fs (loop3): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  112.026620][ T5865] netlink: 12 bytes leftover after parsing attributes in process `syz.3.391'.
[  112.393567][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  112.558978][ T5884] Driver unsupported XDP return value 0 on prog  (id 49) dev N/A, expect packet loss!
[  112.779114][   T27] audit: type=1326 audit(113.743:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5880 comm="syz.2.396" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x0
[  112.988660][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  113.918518][ T5900] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  113.920000][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  114.020023][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  114.411843][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  114.475777][ T5902] loop4: detected capacity change from 0 to 40427
[  114.481632][ T5902] F2FS-fs (loop4): invalid crc value
[  114.513759][ T5902] F2FS-fs (loop4): Found nat_bits in checkpoint
[  114.529713][ T5902] F2FS-fs (loop4): Start checkpoint disabled!
[  114.536286][ T5902] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e6
[  114.620896][ T5918] capability: warning: `syz.3.405' uses deprecated v2 capabilities in a way that may be insecure
[  114.675654][  T250] kworker/u4:3: attempt to access beyond end of device
[  114.675654][  T250] loop4: rw=2049, sector=40960, nr_sectors = 16 limit=40427
[  115.029996][ T5920] netlink: 28 bytes leftover after parsing attributes in process `syz.2.407'.
[  115.091539][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  115.469702][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  115.488778][   T27] audit: type=1326 audit(116.463:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5929 comm="syz.2.410" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x0
[  115.610097][ T5937] loop2: detected capacity change from 0 to 1024
[  115.930872][ T5937] EXT4-fs: Ignoring removed oldalloc option
[  115.932729][ T5937] EXT4-fs: Ignoring removed bh option
[  115.935319][ T5937] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  116.052557][ T5937] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  117.136527][   T27] audit: type=1326 audit(117.673:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5944 comm="syz.0.414" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x0
[  117.151158][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  117.760641][ T5956] loop0: detected capacity change from 0 to 32768
[  117.804326][ T5956] ERROR: (device loop0): diNewExt: no free extents
[  117.804326][ T5956] 
[  117.806134][ T5956] ERROR: (device loop0): remounting filesystem as read-only
[  117.807489][ T5956] ialloc: diAlloc returned -5!
[  118.454281][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  118.502276][ T1515] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  118.506001][ T4327] EXT4-fs (loop2): unmounting filesystem.
[  118.646281][ T5973] netlink: 'syz.1.422': attribute type 1 has an invalid length.
[  118.670853][ T5978] netdevsim netdevsim1 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  118.674951][ T5978] netdevsim netdevsim1 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  118.676223][ T5978] netdevsim netdevsim1 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  118.678965][ T5978] netdevsim netdevsim1 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  118.682514][ T5978] bond2: (slave geneve2): making interface the new active one
[  118.684603][ T5978] bond2: (slave geneve2): Enslaving as an active interface with an up link
[  119.578126][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  119.688132][ T5973] netlink: 28 bytes leftover after parsing attributes in process `syz.1.422'.
[  119.691129][ T5973] 8021q: adding VLAN 0 to HW filter on device bond2
[  119.692543][ T5990] netlink: 'syz.0.424': attribute type 1 has an invalid length.
[  119.699160][ T5990] 8021q: adding VLAN 0 to HW filter on device bond1
[  119.704655][ T5996] bond1: (slave ip6gretap1): making interface the new active one
[  119.707611][ T5996] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  119.710237][ T4412] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  119.728284][ T5999] device syzkaller0 entered promiscuous mode
[  120.814270][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  121.119749][ T6017] loop4: detected capacity change from 0 to 8192
[  121.525364][ T6017]  loop4: p2 p3 p4[EZD]
[  121.543696][ T6017] loop4: p3 start 360447 is beyond EOD, truncated
[  121.544818][ T6017] loop4: p4 size 264072 extends beyond EOD, truncated
[  122.034383][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  122.102270][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  122.416780][ T6038] syz.2.439 uses obsolete (PF_INET,SOCK_PACKET)
[  122.461566][ T4314] udevd[4314]: inotify_add_watch(7, /dev/loop4p4, 10) failed: No such file or directory
[  122.464743][ T4479] udevd[4479]: inotify_add_watch(7, /dev/loop4p2, 10) failed: No such file or directory
[  122.956225][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  123.051586][ T4367] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  123.513742][ T6059] netlink: 'syz.0.444': attribute type 10 has an invalid length.
[  123.874971][ T6059] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  123.968067][ T6072] netlink: 12 bytes leftover after parsing attributes in process `syz.1.447'.
[  124.095796][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  124.812723][ T6081] netlink: 'syz.1.450': attribute type 1 has an invalid length.
[  124.850445][ T6081] 8021q: adding VLAN 0 to HW filter on device bond3
[  124.855213][ T6087] netlink: 4 bytes leftover after parsing attributes in process `syz.3.453'.
[  124.885078][ T6088] loop4: detected capacity change from 0 to 256
[  124.932609][ T6081] 8021q: adding VLAN 0 to HW filter on device bond3
[  124.933908][ T6081] bond3: (slave vxcan1): The slave device specified does not support setting the MAC address
[  124.936253][ T6081] bond3: (slave vxcan1): Error -95 calling set_mac_address
[  124.991097][ T6095] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.992819][ T6095] device batadv_slave_1 entered promiscuous mode
[  125.006769][ T6095] batman_adv: batadv0: Removing interface: batadv_slave_1
[  125.013530][ T6095] bond3: (slave batadv_slave_1): making interface the new active one
[  125.015232][ T6095] bond3: (slave batadv_slave_1): Enslaving as an active interface with an up link
[  125.131227][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  125.239147][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  125.310412][ T6101] set match dimension is over the limit!
[  125.385696][ T6081] netlink: 28 bytes leftover after parsing attributes in process `syz.1.450'.
[  125.387723][ T6081] 8021q: adding VLAN 0 to HW filter on device bond3
[  125.931748][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  125.932818][ T2062] ieee802154 phy1 wpan1: encryption failed: -22
[  126.036769][ T4919] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  126.312833][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  126.370915][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.460'.
[  126.384222][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.3.460'.
[  126.753458][ T6127] netlink: 'syz.3.465': attribute type 1 has an invalid length.
[  126.763142][ T6127] 8021q: adding VLAN 0 to HW filter on device bond3
[  126.774565][ T6127] bond3: (slave veth3): Enslaving as an active interface with a down link
[  126.790563][ T6127] device veth0_to_bond entered promiscuous mode
[  126.791943][ T6127] device veth0_to_bond left promiscuous mode
[  126.793854][ T6127] bond3: (slave vlan2): Enslaving as an active interface with a down link
[  126.876864][ T6135] loop0: detected capacity change from 0 to 512
[  126.878856][ T6135] EXT4-fs: Ignoring removed mblk_io_submit option
[  126.879981][ T6135] EXT4-fs: Ignoring removed bh option
[  126.883806][ T6135] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  126.886921][ T6135] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  126.906541][ T6135] EXT4-fs (loop0): 1 truncate cleaned up
[  126.907439][ T6135] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  127.207581][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  127.278903][ T6147] netlink: 8 bytes leftover after parsing attributes in process `syz.2.471'.
[  127.290424][ T6147] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  127.371838][ T4387] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  127.668851][ T6141] netlink: 8 bytes leftover after parsing attributes in process `syz.4.470'.
[  128.195181][ T4402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  128.411266][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.197047][ T6180] Bluetooth: MGMT ver 1.22
[  129.198297][ T6180] Bluetooth: hci0: service_discovery: expected 4 bytes, got 7 bytes
[  129.434259][ T6190] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.435852][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.775877][ T4330] Bluetooth: hci4: command 0x0405 tx timeout
[  129.800930][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  129.829359][ T6194] loop2: detected capacity change from 0 to 1024
[  129.915447][ T6201] netlink: 'syz.3.488': attribute type 4 has an invalid length.
[  129.985809][ T6208] netlink: 12 bytes leftover after parsing attributes in process `syz.3.489'.
[  130.085798][ T6181] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  130.088028][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  130.332547][ T6213] HTB: quantum of class 80070008 is small. Consider r2q change.
[  131.278050][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  131.432071][ T3899] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  132.331597][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.329313][ T6271] dns_resolver: Unsupported server list version (0)
[  133.339096][ T4402] net_ratelimit: 1 callbacks suppressed
[  133.339106][ T4402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.373335][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  133.493828][ T6279] loop2: detected capacity change from 0 to 40427
[  133.497572][ T6279] F2FS-fs (loop2): build fault injection attr: rate: 771, type: 0x3ffff
[  133.500615][ T6279] F2FS-fs (loop2): invalid crc value
[  133.509752][ T6279] F2FS-fs (loop2): Found nat_bits in checkpoint
[  133.528824][ T6279] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  134.408034][ T4327] syz-executor: attempt to access beyond end of device
[  134.408034][ T4327] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  134.411340][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.427077][ T6295] loop3: detected capacity change from 0 to 512
[  134.428466][ T6295] EXT4-fs: Ignoring removed nobh option
[  134.445314][ T6295] EXT4-fs (loop3): Test dummy encryption mode enabled
[  134.794240][ T4402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.834447][ T6295] EXT4-fs error (device loop3): __ext4_iget:5091: inode #11: block 1: comm syz.3.514: invalid block
[  134.840380][ T6295] EXT4-fs error (device loop3): ext4_orphan_get:1405: comm syz.3.514: couldn't read orphan inode 11 (err -117)
[  134.884193][ T6308] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  134.890880][ T6295] EXT4-fs (loop3): mounted filesystem without journal. Quota mode: none.
[  135.243757][ T4323] EXT4-fs (loop3): unmounting filesystem.
[  135.325329][ T6319] loop3: detected capacity change from 0 to 256
[  135.353689][ T6319] FAT-fs (loop3): Directory bread(block 64) failed
[  135.358026][ T6319] FAT-fs (loop3): Directory bread(block 65) failed
[  135.359194][ T6319] FAT-fs (loop3): Directory bread(block 66) failed
[  135.365571][ T6319] FAT-fs (loop3): Directory bread(block 67) failed
[  135.367607][ T6319] FAT-fs (loop3): Directory bread(block 68) failed
[  135.369323][ T6319] FAT-fs (loop3): Directory bread(block 69) failed
[  135.370495][ T6319] FAT-fs (loop3): Directory bread(block 70) failed
[  135.374764][ T6319] FAT-fs (loop3): Directory bread(block 71) failed
[  135.377608][ T6319] FAT-fs (loop3): Directory bread(block 72) failed
[  135.379772][ T6319] FAT-fs (loop3): Directory bread(block 73) failed
[  135.459801][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  135.963327][ T6332] binder: 6329:6332 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  135.965304][ T6332] binder: 6332 RLIMIT_NICE not set
[  136.015827][ T6333] binder: 6329:6333 tried to acquire reference to desc 0, got 1 instead
[  136.021091][ T6331] device syzkaller0 entered promiscuous mode
[  136.034542][ T6332] binder: 6329:6332 new transaction not allowed when there is a transaction on thread todo
[  136.040739][ T6332] binder: 6329:6332 transaction call to 6329:0 failed 32/29201/-71, size 0-0 line 3086
[  136.062613][ T4375] binder: send failed reply for transaction 31 to 6329:6333
[  136.064003][ T4375] binder: undelivered TRANSACTION_ERROR: 29201
[  136.064947][ T4375] binder: release 6329:6333 transaction 24 out, still active
[  136.066087][ T4375] binder: undelivered TRANSACTION_COMPLETE
[  136.067196][ T4375] binder: undelivered TRANSACTION_COMPLETE
[  136.068204][ T4375] binder: undelivered TRANSACTION_ERROR: 29189
[  136.070328][ T4375] binder: send failed reply for transaction 24, target dead
[  136.154609][ T6335] loop3: detected capacity change from 0 to 32768
[  136.646850][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  137.038419][ T6353] netlink: 'syz.3.529': attribute type 11 has an invalid length.
[  137.416822][ T6361] netlink: 'syz.2.532': attribute type 1 has an invalid length.
[  138.076542][ T4402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.077978][ T4402] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  138.528989][ T6373] netlink: 8 bytes leftover after parsing attributes in process `syz.4.535'.
[  138.554830][ T6373] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  138.574483][ T6373] netlink: 36 bytes leftover after parsing attributes in process `syz.4.535'.
[  138.575975][ T6373] IPv6: ADDRCONF(NETDEV_CHANGE): gre2: link becomes ready
[  138.634163][ T6388] loop3: detected capacity change from 0 to 764
[  138.673824][ T6391] netlink: 4 bytes leftover after parsing attributes in process `syz.2.541'.
[  138.675604][ T6391] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  138.764840][ T6397] loop0: detected capacity change from 0 to 128
[  139.032360][ T6402] Symlink component flag not implemented
[  139.033340][ T6402] Symlink component flag not implemented
[  139.388957][ T4387] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  139.499629][ T6408] syz.0.543: attempt to access beyond end of device
[  139.499629][ T6408] loop0: rw=0, sector=2078, nr_sectors = 1 limit=128
[  139.516858][ T6408] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000819)
[  139.518143][ T6408] FAT-fs (loop0): Filesystem has been set read-only
[  139.524461][ T6408] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000819)
[  139.529340][ T6408] FAT-fs (loop0): error, invalid access to FAT (entry 0x00000819)
[  140.214222][ T6391] batman_adv: batadv0: Removing interface: batadv_slave_1
[  140.556526][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.030066][ T6424] netlink: 'syz.3.549': attribute type 10 has an invalid length.
[  141.041276][ T6424] tipc: Resetting bearer <eth:team0>
[  141.055180][ T6424] tipc: Resetting bearer <eth:team0>
[  141.058795][ T6424] 8021q: adding VLAN 0 to HW filter on device team0
[  141.635781][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  141.745380][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.279057][ T6440] loop0: detected capacity change from 0 to 128
[  142.287682][ T6440] EXT4-fs (loop0): Test dummy encryption mode enabled
[  142.651742][ T4375] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.653704][   T14] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  142.668029][ T6440] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: none.
[  142.681503][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.0.553'.
[  142.682332][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.0.553'.
[  142.745413][ T6424] tipc: Resetting bearer <eth:team0>
[  142.749660][ T6424] tipc: Resetting bearer <eth:team0>
[  142.778060][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  143.686292][ T6473] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  144.073115][  T112] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  144.567996][ T6491] loop3: detected capacity change from 0 to 2048
[  144.575298][ T6491] UDF-fs: error (device loop3): udf_read_tagged: tag checksum failed, block 99: 0x27 != 0x4d
[  144.626015][ T6491] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  144.995581][    T7] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.143155][ T4387] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  145.800364][ T6510] netlink: 4 bytes leftover after parsing attributes in process `syz.4.570'.
[  146.171205][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  146.697069][ T6551] netlink: 'syz.0.576': attribute type 1 has an invalid length.
[  146.717657][ T6551] 8021q: adding VLAN 0 to HW filter on device bond2
[  146.806028][ T6543] bond2: (slave veth5): Enslaving as an active interface with a down link
[  146.865538][ T6543] device gretap1 entered promiscuous mode
[  146.868267][ T6543] bond2: (slave gretap1): making interface the new active one
[  146.870806][ T6543] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  147.292567][ T4403] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.303180][ T4500] IPv6: ADDRCONF(NETDEV_CHANGE): bond2: link becomes ready
[  147.375554][ T6608] netlink: 76 bytes leftover after parsing attributes in process `syz.1.581'.
[  147.839926][ T6627] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.862402][ T6627] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.863952][ T6627] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  147.896911][ T6627] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  149.432646][ T6657] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  152.724223][ T4387] libceph: connect (1)[c::]:6789 error -101
[  152.736603][ T4387] libceph: mon0 (1)[c::]:6789 connect error
[  152.768215][ T6715] ceph: No mds server is up or the cluster is laggy
[  153.273733][ T4337] Bluetooth: Wrong link type (-22)
[  153.723933][   T27] audit: type=1326 audit(154.703:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6730 comm="syz.2.613" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7fc00000
[  153.744893][   T27] audit: type=1326 audit(154.703:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6730 comm="syz.2.613" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=198 compat=0 ip=0xffff86d5b9e8 code=0x7fc00000
[  153.764644][   T27] audit: type=1326 audit(154.713:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6730 comm="syz.2.613" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7fc00000
[  153.824011][ T6752] netlink: 12 bytes leftover after parsing attributes in process `syz.4.618'.
[  153.887710][ T6760] 8021q: adding VLAN 0 to HW filter on device bond5
[  153.890516][ T6760] bond4: (slave bond5): Enslaving as an active interface with an up link
[  154.002980][ T6763] loop0: detected capacity change from 0 to 1764
[  154.191852][ T6752] netlink: 28 bytes leftover after parsing attributes in process `syz.4.618'.
[  154.194180][ T6752] 8021q: adding VLAN 0 to HW filter on device bond4
[  154.321587][ T6768] tipc: Enabled bearer <udp:s>, priority 10
[  154.466638][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.622'.
[  154.474678][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.622'.
[  154.476991][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.622'.
[  154.479780][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.622'.
[  154.482030][ T6777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.622'.
[  155.278600][ T4337] Bluetooth: hci3: ACL packet for unknown connection handle 200
[  155.658641][ T6800] netlink: 12 bytes leftover after parsing attributes in process `syz.0.633'.
[  155.691839][ T6800] 8021q: adding VLAN 0 to HW filter on device bond4
[  155.695111][ T6800] bond3: (slave bond4): Enslaving as an active interface with an up link
[  155.713826][ T6800] netlink: 28 bytes leftover after parsing attributes in process `syz.0.633'.
[  155.716262][ T6800] 8021q: adding VLAN 0 to HW filter on device bond3
[  155.756156][ T6808] tipc: Enabled bearer <udp:s>, priority 10
[  155.800155][ T6814] netlink: 28 bytes leftover after parsing attributes in process `syz.3.638'.
[  155.804708][ T6814] netlink: 'syz.3.638': attribute type 10 has an invalid length.
[  155.806388][ T6814] bridge0: port 1(team0) entered blocking state
[  155.807724][ T6814] bridge0: port 1(team0) entered disabled state
[  156.929391][ T6826] loop2: detected capacity change from 0 to 1764
[  156.957545][ T6830] loop0: detected capacity change from 0 to 256
[  156.971074][ T6830] exFAT-fs (loop0): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  156.972917][ T6830] exFAT-fs (loop0): Medium has reported failures. Some data may be lost.
[  156.976398][ T6830] exFAT-fs (loop0): failed to load upcase table (idx : 0x0000ff98, chksum : 0xc64c1d22, utbl_chksum : 0xe619d30d)
[  156.984794][ T4479] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  157.064046][ T6830] exFAT-fs (loop0): hint_cluster is invalid (17)
[  158.259475][ T6848] netlink: 'syz.1.646': attribute type 10 has an invalid length.
[  158.263074][ T6848] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  158.276054][ T6863] device bridge_slave_1 left promiscuous mode
[  158.277322][ T6863] bridge0: port 2(bridge_slave_1) entered disabled state
[  158.909639][ T4330] Bluetooth: hci1: command 0x0406 tx timeout
[  158.911840][ T4326] Bluetooth: hci4: command 0x0406 tx timeout
[  158.913901][ T4337] Bluetooth: hci2: command 0x0406 tx timeout
[  158.936405][ T6863] device bridge_slave_0 left promiscuous mode
[  158.944980][ T6863] bridge0: port 1(bridge_slave_0) entered disabled state
[  160.446624][ T6894] __nla_validate_parse: 8 callbacks suppressed
[  160.446642][ T6894] netlink: 8 bytes leftover after parsing attributes in process `syz.0.658'.
[  160.976851][ T4330] Bluetooth: hci1: command 0x0406 tx timeout
[  161.651144][ T6925] netlink: 28 bytes leftover after parsing attributes in process `syz.4.666'.
[  161.654769][ T6925] netlink: 8 bytes leftover after parsing attributes in process `syz.4.666'.
[  161.666472][ T6925] netlink: 'syz.4.666': attribute type 10 has an invalid length.
[  161.668200][ T6925] bridge0: port 1(team0) entered blocking state
[  161.669429][ T6925] bridge0: port 1(team0) entered disabled state
[  161.681649][ T6925] device team_slave_0 entered promiscuous mode
[  161.682710][ T6925] device team_slave_1 entered promiscuous mode
[  161.684941][ T6925] bridge0: port 1(team0) entered blocking state
[  161.686330][ T6925] bridge0: port 1(team0) entered forwarding state
[  161.710678][ T6928] netlink: 28 bytes leftover after parsing attributes in process `syz.0.668'.
[  161.773329][ T4335] Bluetooth: hci3: command 0x0406 tx timeout
[  162.234544][ T6936] netlink: 4 bytes leftover after parsing attributes in process `syz.2.672'.
[  162.236199][ T6936] device bridge_slave_1 left promiscuous mode
[  162.237416][ T6936] bridge0: port 2(bridge_slave_1) entered disabled state
[  163.568833][ T6946] loop0: detected capacity change from 0 to 512
[  163.570152][ T6946] EXT4-fs: Ignoring removed orlov option
[  163.585045][ T6946] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  163.593280][ T6946] EXT4-fs (loop0): orphan cleanup on readonly fs
[  163.596339][ T6946] EXT4-fs error (device loop0): ext4_validate_block_bitmap:438: comm syz.0.673: bg 0: block 248: padding at end of block bitmap is not set
[  163.624883][ T6946] Quota error (device loop0): write_blk: dquota write failed
[  163.631479][ T6946] Quota error (device loop0): qtree_write_dquot: Error -117 occurred while creating quota
[  164.261382][ T6946] EXT4-fs error (device loop0): ext4_acquire_dquot:6809: comm syz.0.673: Failed to acquire dquot type 1
[  164.379728][ T6946] EXT4-fs (loop0): 1 truncate cleaned up
[  164.465846][ T6936] device bridge_slave_0 left promiscuous mode
[  164.467232][ T6936] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.528583][ T6946] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  164.598821][   T27] audit: type=1326 audit(165.573:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6944 comm="syz.0.673" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x0
[  165.752648][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  166.703837][ T6994] netlink: 24 bytes leftover after parsing attributes in process `syz.2.688'.
[  166.718114][ T6995] netlink: 'syz.4.698': attribute type 10 has an invalid length.
[  166.721194][ T6995] bridge0: port 1(team0) entered disabled state
[  166.729999][ T6995] bridge0: port 1(team0) entered blocking state
[  166.730994][ T6995] bridge0: port 1(team0) entered forwarding state
[  166.734883][ T6995] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  166.805761][ T6999] bridge0: the hash_elasticity option has been deprecated and is always 16
[  166.833710][ T7003] netlink: 28 bytes leftover after parsing attributes in process `syz.2.689'.
[  166.835134][ T7003] netlink: 8 bytes leftover after parsing attributes in process `syz.2.689'.
[  166.861254][ T7005] netlink: 4 bytes leftover after parsing attributes in process `syz.1.691'.
[  166.862743][ T7005] device bridge_slave_1 left promiscuous mode
[  166.863693][ T7005] bridge0: port 2(bridge_slave_1) entered disabled state
[  166.913119][ T7005] device bridge_slave_0 left promiscuous mode
[  166.914221][ T7005] bridge0: port 1(bridge_slave_0) entered disabled state
[  167.299650][ T7014] loop4: detected capacity change from 0 to 2048
[  167.314178][ T7014] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: none.
[  167.422477][ T7003] netlink: 'syz.2.689': attribute type 10 has an invalid length.
[  167.423923][ T7003] bridge0: port 1(team0) entered blocking state
[  167.425044][ T7003] bridge0: port 1(team0) entered disabled state
[  167.427368][ T7003] device team_slave_0 entered promiscuous mode
[  167.428535][ T7003] device team_slave_1 entered promiscuous mode
[  167.429656][ T7003] device bond_slave_0 entered promiscuous mode
[  167.430702][ T7003] device bond_slave_1 entered promiscuous mode
[  167.446979][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  169.191842][ T7046] fuse: Bad value for 'fd'
[  169.210951][ T7038] loop4: detected capacity change from 0 to 4096
[  169.217504][ T7038] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  169.234901][ T7038] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  169.316743][ T7052] netlink: 24 bytes leftover after parsing attributes in process `syz.3.704'.
[  169.763123][ T7065] netlink: 28 bytes leftover after parsing attributes in process `syz.1.708'.
[  169.764670][ T7065] netlink: 8 bytes leftover after parsing attributes in process `syz.1.708'.
[  169.780276][ T7065] netlink: 'syz.1.708': attribute type 10 has an invalid length.
[  169.789107][ T7065] bridge0: port 1(team0) entered blocking state
[  169.791243][ T7065] bridge0: port 1(team0) entered disabled state
[  169.796144][ T7065] device team_slave_0 entered promiscuous mode
[  169.797128][ T7065] device team_slave_1 entered promiscuous mode
[  169.801595][ T7065] bridge0: port 1(team0) entered blocking state
[  169.802695][ T7065] bridge0: port 1(team0) entered forwarding state
[  170.435105][ T7074] device syzkaller0 entered promiscuous mode
[  171.805031][ T7094] netlink: 8 bytes leftover after parsing attributes in process `syz.2.721'.
[  174.315542][ T7146] netlink: 8 bytes leftover after parsing attributes in process `syz.4.733'.
[  174.664250][ T7156] usb usb6: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK.
[  174.665598][ T7156] vhci_hcd: invalid port number 96
[  174.666404][ T7156] vhci_hcd: default hub control req: 0006 v000d i0060 l0
[  178.103306][ T7202] serio: Serial port pts0
[  178.222650][ T7191] netlink: 165 bytes leftover after parsing attributes in process `syz.3.743'.
[  179.905477][ T7232] loop0: detected capacity change from 0 to 32768
[  179.912663][ T7232] XFS (loop0): Mounting V5 Filesystem
[  179.927505][ T7232] XFS (loop0): Ending clean mount
[  179.945197][ T7232] sch_tbf: burst 3936 is lower than device lo mtu (65550) !
[  180.642862][ T7232] 9pnet_fd: p9_fd_create_tcp (7232): problem connecting socket to 127.0.0.1
[  180.652807][ T4320] XFS (loop0): Unmounting Filesystem
[  180.674223][ T7245] netlink: 'syz.3.761': attribute type 1 has an invalid length.
[  180.684206][ T7245] bond4: (slave vxcan3): The slave device specified does not support setting the MAC address
[  180.686923][ T7245] bond4: (slave vxcan3): Error -95 calling set_mac_address
[  180.760260][ T7251] bond4: (slave bridge4): Enslaving as an active interface with a down link
[  180.763153][ T7246] netlink: 12 bytes leftover after parsing attributes in process `syz.1.759'.
[  180.770197][ T7251] device macvlan2 entered promiscuous mode
[  180.774583][ T7251] device bond4 entered promiscuous mode
[  180.775775][ T7251] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  181.090564][ T7251] device bond4 left promiscuous mode
[  181.194687][ T7246] tipc: Bearer <udp:syz0>: already 2 bearers with priority 10
[  181.195895][ T7246] tipc: Bearer <udp:syz0>: trying with adjusted priority
[  181.196936][ T7246] tipc: Enabling of bearer <udp:syz0> rejected, max 3 bearers permitted
[  182.290642][ T7280] netlink: 12 bytes leftover after parsing attributes in process `syz.4.768'.
[  182.792217][ T7290] netlink: 'syz.3.771': attribute type 1 has an invalid length.
[  182.803110][ T7290] 8021q: adding VLAN 0 to HW filter on device bond5
[  182.804792][ T7280] netlink: 4 bytes leftover after parsing attributes in process `syz.4.768'.
[  182.898781][   T27] audit: type=1326 audit(184.875:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7284 comm="syz.0.770" exe="/root/syz-executor" sig=31 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x0
[  182.944816][ T7293] bond5: (slave ip6gretap2): making interface the new active one
[  182.946664][ T7293] bond5: (slave ip6gretap2): Enslaving as an active interface with an up link
[  182.984096][ T7295] xt_hashlimit: overflow, try lower: 18446744073709551615/255
[  183.636740][ T7312] netlink: 'syz.0.787': attribute type 1 has an invalid length.
[  183.645498][ T7312] 8021q: adding VLAN 0 to HW filter on device bond5
[  183.672030][ T7312] 8021q: adding VLAN 0 to HW filter on device bond5
[  183.673558][ T7312] bond5: (slave vxcan3): The slave device specified does not support setting the MAC address
[  183.676236][ T7312] bond5: (slave vxcan3): Error -95 calling set_mac_address
[  183.725216][ T7316] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  183.727268][ T7316] device batadv_slave_1 entered promiscuous mode
[  183.736975][ T7316] batman_adv: batadv0: Removing interface: batadv_slave_1
[  183.748570][ T7316] bond5: (slave batadv_slave_1): making interface the new active one
[  183.752950][ T7316] bond5: (slave batadv_slave_1): Enslaving as an active interface with an up link
[  184.102847][ T7312] netlink: 28 bytes leftover after parsing attributes in process `syz.0.787'.
[  184.111827][ T7312] 8021q: adding VLAN 0 to HW filter on device bond5
[  184.127908][ T7322] netlink: 12 bytes leftover after parsing attributes in process `syz.1.789'.
[  184.129151][ T7320] loop2: detected capacity change from 0 to 4096
[  184.192127][ T7324] netlink: 'syz.0.779': attribute type 1 has an invalid length.
[  184.215934][ T7322] netlink: 4 bytes leftover after parsing attributes in process `syz.1.789'.
[  184.348871][ T7324] netdevsim netdevsim0 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0
[  184.350289][ T7324] netdevsim netdevsim0 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0
[  184.360857][ T7324] netdevsim netdevsim0 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0
[  184.363974][ T7324] netdevsim netdevsim0 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0
[  184.375287][ T7324] bond6: (slave geneve2): making interface the new active one
[  184.377937][ T7324] bond6: (slave geneve2): Enslaving as an active interface with an up link
[  184.379380][ T7326] netlink: 28 bytes leftover after parsing attributes in process `syz.0.779'.
[  184.382690][ T7326] 8021q: adding VLAN 0 to HW filter on device bond6
[  185.180897][ T7348] netlink: 165 bytes leftover after parsing attributes in process `syz.0.795'.
[  185.626318][ T7352] netlink: 'syz.2.797': attribute type 10 has an invalid length.
[  185.633435][ T7354] netlink: 8 bytes leftover after parsing attributes in process `syz.3.783'.
[  185.673877][ T7352] device wlan1 entered promiscuous mode
[  185.675348][ T7352] bond0: (slave wlan1): Enslaving as an active interface with an up link
[  186.328148][ T7369] netlink: 12 bytes leftover after parsing attributes in process `syz.3.790'.
[  186.333357][ T7369] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  187.661061][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  188.279965][ T7395] netlink: 12 bytes leftover after parsing attributes in process `syz.4.798'.
[  188.904955][   T27] audit: type=1326 audit(191.888:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7408 comm="syz.0.804" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x0
[  189.211459][ T7413] loop0: detected capacity change from 0 to 1024
[  189.213056][ T7413] EXT4-fs: Ignoring removed oldalloc option
[  189.214095][ T7413] EXT4-fs: Ignoring removed bh option
[  189.217564][ T7413] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  189.234946][ T7415] netlink: 'syz.3.808': attribute type 1 has an invalid length.
[  189.247911][ T7415] 8021q: adding VLAN 0 to HW filter on device bond6
[  189.254366][ T7419] netlink: 12 bytes leftover after parsing attributes in process `syz.4.807'.
[  189.258473][ T7419] tipc: Started in network mode
[  189.259328][ T7419] tipc: Node identity 00000000000000000000000000000001, cluster identity 4711
[  189.284756][ T7419] tipc: Enabled bearer <udp:syz0>, priority 10
[  189.320410][ T7413] EXT4-fs (loop0): mounted filesystem without journal. Quota mode: writeback.
[  190.301206][ T4387] tipc: Node number set to 1
[  191.693364][ T4320] EXT4-fs (loop0): unmounting filesystem.
[  191.740588][ T7453] netlink: 8 bytes leftover after parsing attributes in process `syz.0.814'.
[  191.802490][ T7455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.815'.
[  191.818975][   T27] audit: type=1326 audit(194.798:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7456 comm="syz.3.827" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f15b9e8 code=0x0
[  193.715953][ T7491] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[  195.299161][ T7501] netlink: 'syz.2.826': attribute type 1 has an invalid length.
[  195.364315][ T7501] bond2: (slave vxcan3): The slave device specified does not support setting the MAC address
[  195.366781][ T7501] bond2: (slave vxcan3): Error -95 calling set_mac_address
[  195.681153][ T7512] bond2: (slave bridge2): Enslaving as an active interface with a down link
[  195.691662][ T7512] device macvlan2 entered promiscuous mode
[  195.693262][ T7512] device bond2 entered promiscuous mode
[  195.695095][ T7512] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  195.724490][ T7512] device bond2 left promiscuous mode
[  197.549442][   T27] audit: type=1326 audit(200.528:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7529 comm="syz.1.835" exe="/root/syz-executor" sig=9 arch=c00000b7 syscall=98 compat=0 ip=0xffff9b15b9e8 code=0x0
[  197.590890][   T27] audit: type=1326 audit(200.568:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.599783][   T27] audit: type=1326 audit(200.578:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=211 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.634288][   T27] audit: type=1326 audit(200.578:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.638136][   T27] audit: type=1326 audit(200.578:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.641731][   T27] audit: type=1326 audit(200.578:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=56 compat=0 ip=0xffffb9d59dd4 code=0x7ffc0000
[  197.645246][   T27] audit: type=1326 audit(200.578:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.648214][   T27] audit: type=1326 audit(200.578:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.651476][   T27] audit: type=1326 audit(200.578:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=29 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  197.654696][   T27] audit: type=1326 audit(200.578:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7535 comm="syz.0.839" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffffb9d5b9e8 code=0x7ffc0000
[  198.143693][ T7558] netlink: 'syz.2.844': attribute type 4 has an invalid length.
[  198.702876][ T7567] I/O error, dev loop2, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  198.704560][ T7567] isofs_fill_super: bread failed, dev=loop2, iso_blknum=16, block=32
[  199.540796][ T7586] netlink: 'syz.4.850': attribute type 1 has an invalid length.
[  199.549981][ T7586] 8021q: adding VLAN 0 to HW filter on device bond6
[  199.571409][ T7586] bond6: (slave veth3): Enslaving as an active interface with a down link
[  199.590064][ T7586] device veth0_to_bond entered promiscuous mode
[  199.868657][ T7586] device veth0_to_bond left promiscuous mode
[  199.870899][ T7586] bond6: (slave vlan3): making interface the new active one
[  199.888608][ T7586] device veth0_to_bond entered promiscuous mode
[  199.896286][ T7586] device vlan3 entered promiscuous mode
[  199.897996][ T7586] bond6: (slave vlan3): Enslaving as an active interface with an up link
[  199.900603][ T6612] IPv6: ADDRCONF(NETDEV_CHANGE): bond6: link becomes ready
[  201.096323][ T7620] device syzkaller0 entered promiscuous mode
[  201.105933][ T7621] loop4: detected capacity change from 0 to 1024
[  201.108308][ T7621] EXT4-fs: Ignoring removed oldalloc option
[  201.109318][ T7621] EXT4-fs: Ignoring removed bh option
[  201.110905][ T7621] EXT4-fs: Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  201.125836][ T7621] EXT4-fs (loop4): mounted filesystem without journal. Quota mode: writeback.
[  201.714766][ T4328] EXT4-fs (loop4): unmounting filesystem.
[  202.346056][ T7648] netlink: 'syz.2.866': attribute type 1 has an invalid length.
[  202.426675][ T7648] 8021q: adding VLAN 0 to HW filter on device bond3
[  202.434550][ T7653] bond3: (slave veth5): Enslaving as an active interface with a down link
[  203.162593][ T7648] device veth0_to_bond entered promiscuous mode
[  203.163968][ T7648] device veth0_to_bond left promiscuous mode
[  203.166005][ T7648] bond3: (slave vlan2): making interface the new active one
[  203.167831][ T7648] device veth0_to_bond entered promiscuous mode
[  203.169445][ T7648] device vlan2 entered promiscuous mode
[  203.170582][ T7648] bond3: (slave vlan2): Enslaving as an active interface with an up link
[  203.176249][ T5855] IPv6: ADDRCONF(NETDEV_CHANGE): bond3: link becomes ready
[  203.635624][ T7674] netlink: 'syz.4.874': attribute type 1 has an invalid length.
[  204.478085][ T7691] netlink: 8 bytes leftover after parsing attributes in process `syz.0.879'.
[  204.481673][ T7691] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  204.486860][ T7691] netlink: 36 bytes leftover after parsing attributes in process `syz.0.879'.
[  204.488519][ T7691] IPv6: ADDRCONF(NETDEV_CHANGE): gre1: link becomes ready
[  204.578520][ T7683] loop4: detected capacity change from 0 to 40427
[  204.582882][ T7683] F2FS-fs (loop4): build fault injection attr: rate: 771, type: 0x3ffff
[  204.595948][ T7683] F2FS-fs (loop4): invalid crc value
[  205.032887][ T7683] F2FS-fs (loop4): Found nat_bits in checkpoint
[  205.789904][ T7707] netlink: 'syz.2.883': attribute type 10 has an invalid length.
[  205.803792][ T7707] device team_slave_0 left promiscuous mode
[  205.804959][ T7707] device team_slave_1 left promiscuous mode
[  205.806012][ T7707] device bond_slave_0 left promiscuous mode
[  205.806996][ T7707] device bond_slave_1 left promiscuous mode
[  205.807982][ T7707] device wlan1 left promiscuous mode
[  205.810105][ T7683] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[  205.885482][ T7707] bridge0: port 1(team0) entered disabled state
[  205.892189][ T7707] bridge0: port 1(team0) entered disabled state
[  206.251757][ T7707] 8021q: adding VLAN 0 to HW filter on device team0
[  206.281830][ T7718] 8021q: adding VLAN 0 to HW filter on device bond4
[  207.044394][ T4328] syz-executor: attempt to access beyond end of device
[  207.044394][ T4328] loop4: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  208.494889][ T7762] loop0: detected capacity change from 0 to 32768
[  208.526085][ T7762] ocfs2: Slot 0 on device (7,0) was already allocated to this node!
[  208.537854][ T7762] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  209.054907][ T4320] ocfs2: Unmounting device (7,0) on (node local)
[  210.049421][ T7790] netlink: 'syz.4.912': attribute type 10 has an invalid length.
[  210.059076][ T7793] set match dimension is over the limit!
[  210.060956][ T7790] device team_slave_0 left promiscuous mode
[  210.063242][ T7790] device team_slave_1 left promiscuous mode
[  210.070543][ T7790] bridge0: port 1(team0) entered disabled state
[  210.073371][ T7790] bridge0: port 1(team0) entered disabled state
[  210.352691][ T7790] 8021q: adding VLAN 0 to HW filter on device team0
[  210.355059][ T7790] bond0: (slave team0): Enslaving as an active interface with an up link
[  210.397984][ T7790] bond2: option mode: unable to set because the bond device has slaves
[  210.413967][ T7790] device bond_slave_0 entered promiscuous mode
[  210.415117][ T7790] device bond_slave_1 entered promiscuous mode
[  210.416066][ T7790] device vxlan0 entered promiscuous mode
[  210.417050][ T7790] device bridge0 entered promiscuous mode
[  210.417959][ T7790] device team_slave_0 entered promiscuous mode
[  210.418881][ T7790] device team_slave_1 entered promiscuous mode
[  210.427485][ T7790] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  210.429528][ T7790] bond2: (slave macvlan3): Enslaving as a backup interface with an up link
[  211.725958][ T7822] netlink: 'syz.3.909': attribute type 1 has an invalid length.
[  212.054482][ T7827] netlink: 4 bytes leftover after parsing attributes in process `syz.1.911'.
[  212.056865][ T7827] netlink: 4 bytes leftover after parsing attributes in process `syz.1.911'.
[  212.072637][ T7822] 8021q: adding VLAN 0 to HW filter on device bond7
[  212.112068][ T7819] bond7: (slave veth7): Enslaving as an active interface with a down link
[  212.134480][ T7831] device gretap1 entered promiscuous mode
[  212.141685][ T7831] bond7: (slave gretap1): making interface the new active one
[  212.143820][ T7831] bond7: (slave gretap1): Enslaving as an active interface with an up link
[  212.147660][ T4446] IPv6: ADDRCONF(NETDEV_CHANGE): bond7: link becomes ready
[  212.850046][ T7844] netlink: 76 bytes leftover after parsing attributes in process `syz.0.915'.
[  212.982811][ T7851] netlink: 4 bytes leftover after parsing attributes in process `syz.1.918'.
[  213.014542][ T7852] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  215.739418][ T7903] netlink: 12 bytes leftover after parsing attributes in process `syz.4.933'.
[  215.781983][ T7903] bridge3: port 1(veth5) entered blocking state
[  215.783042][ T7903] bridge3: port 1(veth5) entered disabled state
[  215.784591][ T7903] device veth5 entered promiscuous mode
[  215.808910][ T7903] bridge3: port 2(veth0_to_bond) entered blocking state
[  215.813659][ T7903] bridge3: port 2(veth0_to_bond) entered disabled state
[  215.830396][ T7903] bridge3: port 3(veth7) entered blocking state
[  215.836088][ T7903] bridge3: port 3(veth7) entered disabled state
[  215.840607][ T7903] device veth7 entered promiscuous mode
[  215.852975][    T9] bond6: (slave vlan3): link status definitely down, disabling slave
[  215.854530][    T9] device vlan3 left promiscuous mode
[  215.856560][    T9] bond6: now running without any active interface!
[  216.752813][ T7922] loop2: detected capacity change from 0 to 32768
[  216.798905][ T7922] JBD2: Ignoring recovery information on journal
[  216.912632][ T7922] ocfs2: Mounting device (7,2) on (node local, slot 0) with ordered data mode.
[  217.852858][ T4335] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0
[  217.854510][ T4335] Bluetooth: hci3: Injecting HCI hardware error event
[  217.858438][ T4330] Bluetooth: hci3: hardware error 0x00
[  218.245028][ T7939] loop4: detected capacity change from 0 to 32768
[  218.258198][ T7939] (syz.4.943,7939,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  218.260680][ T7939] (syz.4.943,7939,0):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  218.274941][ T7939] JBD2: Ignoring recovery information on journal
[  218.378697][ T7939] ocfs2: Mounting device (7,4) on (node local, slot 0) with ordered data mode.
[  218.494218][ T4327] ocfs2: Unmounting device (7,2) on (node local)
[  218.535371][ T7951] netlink: 4 bytes leftover after parsing attributes in process `syz.1.944'.
[  218.851889][ T7955] (syz.4.943,7955,0):ocfs2_read_blocks_sync:112 ERROR: status = -12
[  218.853357][ T7955] (syz.4.943,7955,0):update_backups:188 ERROR: status = -12
[  218.854464][ T7955] ocfs2: Failed to update super blocks on 7,4 during fs resize. This condition is not fatal, but fsck.ocfs2 should be run to fix it
[  218.932213][ T7957] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  219.417717][ T7964] loop2: detected capacity change from 0 to 512
[  219.419081][ T7964] EXT4-fs: Ignoring removed i_version option
[  219.581012][    C1] sched: RT throttling activated
[  219.587601][ T7967] tipc: Enabled bearer <udp:syz2>, priority 10
[  219.588923][ T4328] ocfs2: Unmounting device (7,4) on (node local)
[  219.592868][ T7967] netlink: 104 bytes leftover after parsing attributes in process `syz.0.948'.
[  219.596999][ T7967] tipc: New replicast peer: fe80:0000:0000:0000:0000:0000:0000:00bb
[  219.599667][ T7967] tipc: Enabled bearer <udp:syz0>, priority 10
[  219.848243][ T7964] [EXT4 FS bs=2048, gc=1, bpg=16384, ipg=32, mo=e000c018, mo2=0002]
[  219.849868][ T7964] System zones: 0-2, 18-18, 34-35
[  219.969672][ T7964] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  220.366662][ T7975] netlink: 'syz.1.951': attribute type 10 has an invalid length.
[  220.368109][ T7975] tipc: Resetting bearer <eth:team0>
[  220.455434][ T4330] Bluetooth: hci3: Opcode 0x0c03 failed: -110
[  220.472162][ T4327] EXT4-fs (loop2): unmounting filesystem.
[  220.510307][ T7975] device team_slave_0 left promiscuous mode
[  220.513131][ T7975] device team_slave_1 left promiscuous mode
[  220.529777][ T7975] bridge0: port 1(team0) entered disabled state
[  220.533817][ T7975] bridge0: port 1(team0) entered disabled state
[  220.547569][ T7984] loop4: detected capacity change from 0 to 256
[  220.554965][ T7984] exFAT-fs (loop4): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  220.557195][ T7984] exFAT-fs (loop4): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  220.584025][ T7975] tipc: Resetting bearer <eth:team0>
[  220.586812][ T7975] 8021q: adding VLAN 0 to HW filter on device team0
[  220.588769][ T7975] bond0: (slave team0): Enslaving as an active interface with an up link
[  220.604536][ T7978] 8021q: adding VLAN 0 to HW filter on device bond4
[  220.610703][ T7986] device bond_slave_0 entered promiscuous mode
[  220.611886][ T7986] device bond_slave_1 entered promiscuous mode
[  220.612933][ T7986] device netdevsim0 entered promiscuous mode
[  220.614579][ T7986] device wlan1 entered promiscuous mode
[  220.616239][ T7986] device team_slave_0 entered promiscuous mode
[  220.617102][ T7986] device team_slave_1 entered promiscuous mode
[  220.624204][ T7986] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  220.628241][ T7986] bond4: (slave macvlan2): Enslaving as a backup interface with an up link
[  220.697072][ T7992] loop4: detected capacity change from 0 to 4096
[  220.744508][ T7992] ntfs3: loop4: Different NTFS' sector size (4096) and media sector size (512)
[  220.745777][ T5498] device vlan2 left promiscuous mode
[  220.756630][ T6604] IPv6: ADDRCONF(NETDEV_CHANGE): bond4: link becomes ready
[  221.541594][ T4328] ntfs3: loop4: ntfs_sync_fs r=1a failed, -22.
[  221.545754][ T4328] ntfs3: loop4: ntfs_evict_inode r=1a failed, -22.
[  221.546715][ T4328] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[  223.820410][ T8028] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  224.039796][ T8028] tipc: Resetting bearer <eth:syzkaller0>
[  224.068719][ T8041] loop0: detected capacity change from 0 to 256
[  224.085936][ T8041] exFAT-fs (loop0): failed to load upcase table (idx : 0x00011bf5, chksum : 0xcea91b8a, utbl_chksum : 0xe619d30d)
[  224.088357][ T8041] exFAT-fs (loop0): bogus allocation bitmap size(need : 2, cur : 17179869186)
[  224.602237][ T8047] fuse: Bad value for 'fd'
[  224.783814][ T8055] I/O error, dev loop4, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 1
[  224.785223][ T8055] isofs_fill_super: bread failed, dev=loop4, iso_blknum=16, block=32
[  225.018719][ T8056] A link change request failed with some changes committed already. Interface team0 may have been left with an inconsistent configuration, please check.
[  225.217089][ T8065] loop2: detected capacity change from 0 to 1024
[  226.241046][ T8065] EXT4-fs (loop2): mounted filesystem without journal. Quota mode: writeback.
[  227.767330][ T4327] EXT4-fs (loop2): unmounting filesystem.
[  227.835474][ T8075] loop0: detected capacity change from 0 to 32768
[  227.954630][ T8075] XFS (loop0): Mounting V5 Filesystem
[  228.023698][ T8075] XFS (loop0): Ending clean mount
[  228.035928][ T8075] XFS (loop0): Quotacheck needed: Please wait.
[  228.552785][ T8075] XFS (loop0): Quotacheck: Done.
[  229.262839][ T8122] sctp: [Deprecated]: syz.3.984 (pid 8122) Use of struct sctp_assoc_value in delayed_ack socket option.
[  229.262839][ T8122] Use struct sctp_sack_info instead
[  229.622030][ T4320] XFS (loop0): Unmounting Filesystem
[  230.358658][ T8136] netlink: 12 bytes leftover after parsing attributes in process `syz.3.989'.
[  230.372707][ T8136] bridge5: port 1(veth9) entered blocking state
[  230.376594][ T8136] bridge5: port 1(veth9) entered disabled state
[  230.378555][ T8136] device veth9 entered promiscuous mode
[  230.418296][ T8136] bridge5: port 2(veth0_to_bond) entered blocking state
[  230.419657][ T8136] bridge5: port 2(veth0_to_bond) entered disabled state
[  230.425684][ T8136] device veth0_to_bond entered promiscuous mode
[  230.484555][ T8136] bridge5: port 3(veth11) entered blocking state
[  230.485706][ T8136] bridge5: port 3(veth11) entered disabled state
[  230.487137][ T8136] device veth11 entered promiscuous mode
[  231.070508][ T8148] netlink: 'syz.3.993': attribute type 10 has an invalid length.
[  231.072009][ T8148] netlink: 40 bytes leftover after parsing attributes in process `syz.3.993'.
[  233.601206][ T8181] netlink: 'syz.0.998': attribute type 10 has an invalid length.
[  233.611739][ T8181] 8021q: adding VLAN 0 to HW filter on device team0
[  233.614500][ T8181] bond0: (slave team0): Enslaving as an active interface with an up link
[  233.899343][ T8190] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1004'.
[  233.905777][ T8192] loop4: detected capacity change from 0 to 512
[  233.949535][ T8181] 8021q: adding VLAN 0 to HW filter on device bond7
[  233.979585][ T8181] device bond_slave_1 entered promiscuous mode
[  233.980716][ T8181] device wlan1 entered promiscuous mode
[  233.981642][ T8181] device team_slave_0 entered promiscuous mode
[  233.982580][ T8181] device team_slave_1 entered promiscuous mode
[  233.988180][ T8181] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  233.991965][ T8181] bond7: (slave macvlan2): unknown ethtool speed (30000) for port 1 (set it to 0)
[  233.993506][ T8181] bond7: (slave macvlan2): speed changed to 0 on port 1
[  233.996701][ T8181] bond7: (slave macvlan2): Enslaving as a backup interface with an up link
[  234.008189][ T8190] bridge3: port 1(veth3) entered blocking state
[  234.009318][ T8190] bridge3: port 1(veth3) entered disabled state
[  234.014863][ T8190] device veth3 entered promiscuous mode
[  234.041620][ T8198] bridge3: port 2(veth0_to_bond) entered blocking state
[  234.042673][ T8198] bridge3: port 2(veth0_to_bond) entered disabled state
[  234.044305][ T8198] device veth0_to_bond entered promiscuous mode
[  234.053876][   T11] IPv6: ADDRCONF(NETDEV_CHANGE): bond7: link becomes ready
[  234.322551][ T8190] bridge3: port 3(veth5) entered blocking state
[  234.323879][ T8190] bridge3: port 3(veth5) entered disabled state
[  234.325534][ T8190] device veth5 entered promiscuous mode
[  234.428958][ T8210] device syzkaller0 entered promiscuous mode
[  235.366086][ T8234] loop0: detected capacity change from 0 to 1024
[  235.557137][ T8221] device syzkaller0 entered promiscuous mode
[  235.708894][ T8240] netlink: 'syz.1.1014': attribute type 1 has an invalid length.
[  235.728221][ T8240] bond5: (slave ipvlan1): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond.
[  235.730403][ T8240] bond5: (slave ipvlan1): The slave device specified does not support setting the MAC address
[  235.732159][ T8240] bond5: (slave ipvlan1): Setting fail_over_mac to active for active-backup mode
[  236.166011][ T8244] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1014'.
[  240.290941][ T8313] loop0: detected capacity change from 0 to 64
[  240.972821][ T8316] netlink: 'syz.2.1028': attribute type 1 has an invalid length.
[  240.978023][ T8316] 8021q: adding VLAN 0 to HW filter on device bond5
[  241.047547][ T8316] bond5: (slave veth7): Enslaving as an active interface with a down link
[  241.147536][ T8316] device gretap1 entered promiscuous mode
[  241.166278][ T8316] bond5: (slave gretap1): making interface the new active one
[  241.180786][ T8316] bond5: (slave gretap1): Enslaving as an active interface with an up link
[  241.249051][ T1613] IPv6: ADDRCONF(NETDEV_CHANGE): bond5: link becomes ready
[  242.583333][ T8361] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1040'.
[  242.595482][ T8361] bridge3: port 1(veth9) entered blocking state
[  242.596482][ T8361] bridge3: port 1(veth9) entered disabled state
[  242.597835][ T8361] device veth9 entered promiscuous mode
[  242.627252][ T8361] bridge3: port 2(veth0_to_bond) entered blocking state
[  242.630636][ T8361] bridge3: port 2(veth0_to_bond) entered disabled state
[  242.650305][ T8361] bridge3: port 3(veth11) entered blocking state
[  242.653557][ T8361] bridge3: port 3(veth11) entered disabled state
[  242.655783][ T8361] device veth11 entered promiscuous mode
[  242.673720][ T6614] bond3: (slave vlan2): link status definitely down, disabling slave
[  242.675998][ T6614] bond3: now running without any active interface!
[  244.602493][ T8395] netlink: 'syz.4.1047': attribute type 1 has an invalid length.
[  244.659756][ T8395] 8021q: adding VLAN 0 to HW filter on device bond7
[  244.690653][ T8389] bond7: (slave veth9): Enslaving as an active interface with a down link
[  244.722457][ T8389] device gretap1 entered promiscuous mode
[  244.725293][ T8389] bond7: (slave gretap1): making interface the new active one
[  244.727715][ T8389] bond7: (slave gretap1): Enslaving as an active interface with an up link
[  244.777472][ T6614] IPv6: ADDRCONF(NETDEV_CHANGE): bond7: link becomes ready
[  244.822506][ T8403] netlink: 104 bytes leftover after parsing attributes in process `syz.1.1050'.
[  246.200065][ T8412] binder: 8407:8412 tried to acquire reference to desc 0, got 1 instead
[  246.202720][ T8412] binder: 8407:8412 ERROR: Thread waiting for process work before calling BC_REGISTER_LOOPER or BC_ENTER_LOOPER (state 10)
[  246.208151][ T8412] binder: 8412 RLIMIT_NICE not set
[  246.209683][ T8412] binder: 8412 RLIMIT_NICE not set
[  246.226223][   T24] binder: release 8407:8412 transaction 37 out, still active
[  246.227410][   T24] binder: undelivered TRANSACTION_COMPLETE
[  246.228372][   T24] binder: send failed reply for transaction 44 to 8407:8412
[  246.229774][   T24] binder: release 8407:8412 transaction 37 in, still active
[  246.230947][   T24] binder: send failed reply for transaction 37, target dead
[  246.232727][   T24] binder: undelivered TRANSACTION_COMPLETE
[  246.236931][   T24] binder: undelivered TRANSACTION_ERROR: 29189
[  246.313897][ T8421] loop4: detected capacity change from 0 to 256
[  246.587874][ T8421] FAT-fs (loop4): Directory bread(block 64) failed
[  246.589016][ T8421] FAT-fs (loop4): Directory bread(block 65) failed
[  246.590105][ T8421] FAT-fs (loop4): Directory bread(block 66) failed
[  246.591224][ T8421] FAT-fs (loop4): Directory bread(block 67) failed
[  246.592281][ T8421] FAT-fs (loop4): Directory bread(block 68) failed
[  246.593338][ T8421] FAT-fs (loop4): Directory bread(block 69) failed
[  246.594342][ T8421] FAT-fs (loop4): Directory bread(block 70) failed
[  246.595353][ T8421] FAT-fs (loop4): Directory bread(block 71) failed
[  246.596343][ T8421] FAT-fs (loop4): Directory bread(block 72) failed
[  246.597351][ T8421] FAT-fs (loop4): Directory bread(block 73) failed
[  246.621049][   T27] kauditd_printk_skb: 58 callbacks suppressed
[  246.621059][   T27] audit: type=1326 audit(249.598:82): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.3.1057" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f15b9e8 code=0x7ffc0000
[  246.636263][   T27] audit: type=1326 audit(249.618:83): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8418 comm="syz.3.1057" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff8f15b9e8 code=0x7ffc0000
[  248.812983][ T2062] ieee802154 phy0 wpan0: encryption failed: -22
[  248.946662][ T8459] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  250.198828][   T27] audit: type=1326 audit(253.178:84): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.218281][   T27] audit: type=1326 audit(253.198:85): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.225636][   T27] audit: type=1326 audit(253.208:86): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.262819][   T27] audit: type=1326 audit(253.218:87): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.266001][   T27] audit: type=1326 audit(253.218:88): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.269151][   T27] audit: type=1326 audit(253.218:89): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=280 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.272465][   T27] audit: type=1326 audit(253.218:90): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.275432][   T27] audit: type=1326 audit(253.218:91): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8472 comm="syz.2.1071" exe="/root/syz-executor" sig=0 arch=c00000b7 syscall=98 compat=0 ip=0xffff86d5b9e8 code=0x7ffc0000
[  250.780633][ T8489] loop0: detected capacity change from 0 to 256
[  251.287436][ T8489] FAT-fs (loop0): Directory bread(block 64) failed
[  251.288532][ T8489] FAT-fs (loop0): Directory bread(block 65) failed
[  251.289592][ T8489] FAT-fs (loop0): Directory bread(block 66) failed
[  251.290578][ T8489] FAT-fs (loop0): Directory bread(block 67) failed
[  251.291727][ T8489] FAT-fs (loop0): Directory bread(block 68) failed
[  251.293046][ T8489] FAT-fs (loop0): Directory bread(block 69) failed
[  251.294014][ T8489] FAT-fs (loop0): Directory bread(block 70) failed
[  251.294993][ T8489] FAT-fs (loop0): Directory bread(block 71) failed
[  251.296060][ T8489] FAT-fs (loop0): Directory bread(block 72) failed
[  251.296984][ T8489] FAT-fs (loop0): Directory bread(block 73) failed
[  251.337933][ T8497] device syzkaller0 entered promiscuous mode
[  252.060119][ T8504] netlink: 'syz.0.1081': attribute type 10 has an invalid length.
[  252.063154][ T8504] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.064477][ T8504] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.100554][ T8504] bridge0: port 2(bridge_slave_1) entered blocking state
[  252.101728][ T8504] bridge0: port 2(bridge_slave_1) entered forwarding state
[  252.102838][ T8504] bridge0: port 1(bridge_slave_0) entered blocking state
[  252.103916][ T8504] bridge0: port 1(bridge_slave_0) entered forwarding state
[  252.107994][ T8504] device bridge0 entered promiscuous mode
[  252.109536][ T8504] bond0: (slave bridge0): Enslaving as an active interface with an up link
[  252.112797][ T5498] IPv6: ADDRCONF(NETDEV_CHANGE): vlan2: link becomes ready
[  252.117835][ T8514] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1081'.
[  252.119347][ T8514] device bridge_slave_1 left promiscuous mode
[  252.120504][ T8514] bridge0: port 2(bridge_slave_1) entered disabled state
[  252.146692][ T8514] device bridge_slave_0 left promiscuous mode
[  252.148124][ T8514] bridge0: port 1(bridge_slave_0) entered disabled state
[  252.632833][ T8514] bond0: (slave bridge0): Releasing backup interface
[  254.535348][ T8537] kthread_run failed with err -4
[  254.843159][ T8552] loop4: detected capacity change from 0 to 2048
[  255.221988][ T8563] bridge0: failed insert local address into bridge forwarding table
[  255.661530][ T8552] UDF-fs: INFO Mounting volume 'LiuxUDF', timestamp 2022/11/22 14:59 (1000)
[  258.297169][ T8605] device vlan4 entered promiscuous mode
[  258.376697][ T8607] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1107'.
[  258.380873][ T8607] device vlan0 entered promiscuous mode
[  258.386509][ T8607] device bond0 entered promiscuous mode
[  258.387565][ T8607] device team0 entered promiscuous mode
[  258.774952][ T8617] tipc: Enabling of bearer <eth:syzkaller0> rejected, already enabled
[  259.083903][ T8618] netlink: 132 bytes leftover after parsing attributes in process `syz.4.1108'.
[  260.278277][ T8638] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1116'.
[  260.308797][ T8625] loop0: detected capacity change from 0 to 32768
[  260.350335][ T8625] (syz.0.1112,8625,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  260.357280][ T8625] (syz.0.1112,8625,1):ocfs2_block_check_validate:402 ERROR: CRC32 failed: stored: 0xb3775c19, computed 0x2dd1c265. Applying ECC.
[  260.365789][ T8625] JBD2: Ignoring recovery information on journal
[  260.394272][ T8625] ocfs2: Mounting device (7,0) on (node local, slot 0) with ordered data mode.
[  263.079334][ T4320] ocfs2: Unmounting device (7,0) on (node local)
[  264.600540][ T8706] tipc: Enabling of bearer <eth:syzkaller0> rejected, max 3 bearers permitted
[  264.873039][ T8719] loop2: detected capacity change from 0 to 128
[  264.874597][ T8719] UDF-fs: bad mount option "1844674407370955161500000000000000000778
[  264.874597][ T8719] " or missing value
[  265.647998][ T8740] loop2: detected capacity change from 0 to 4096
[  265.749220][ T8740] ntfs3: loop2: Failed to load $MFT.
[  265.793850][ T4479] I/O error, dev loop2, sector 3968 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  266.126502][ T8750] loop2: detected capacity change from 0 to 1024
[  266.136526][ T8752] loop4: detected capacity change from 0 to 128
[  266.186301][ T8750] hfsplus: failed to load attributes file
[  266.566741][ T4314] I/O error, dev loop2, sector 0 op 0x0:(READ) flags 0x80700 phys_seg 1 prio class 2
[  268.110408][ T8780] netlink: 'syz.4.1148': attribute type 16 has an invalid length.
[  268.117556][ T8780] netlink: 'syz.4.1148': attribute type 17 has an invalid length.
[  269.064344][ T8801] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  270.433318][ T8808] loop2: detected capacity change from 0 to 40427
[  270.441582][ T8808] F2FS-fs (loop2): Invalid log sectors per block(0) log sectorsize(9)
[  270.443751][ T8808] F2FS-fs (loop2): Can't find valid F2FS filesystem in 1th superblock
[  270.449206][ T8808] F2FS-fs (loop2): invalid crc value
[  270.467819][ T8808] F2FS-fs (loop2): Disable nat_bits due to incorrect cp_ver (10241045589465957861, 10241044815247771109)
[  270.492150][ T8808] F2FS-fs (loop2): Try to recover 1th superblock, ret: 0
[  270.493447][ T8808] F2FS-fs (loop2): Mounted with checkpoint version = 48b305e5
[  271.149606][ T4327] syz-executor: attempt to access beyond end of device
[  271.149606][ T4327] loop2: rw=2049, sector=45096, nr_sectors = 8 limit=40427
[  271.666528][ T8839] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1165'.
[  273.893076][ T8874] device lo entered promiscuous mode
[  273.899554][ T8874] device tunl0 entered promiscuous mode
[  273.902679][ T8874] device gre0 entered promiscuous mode
[  273.905633][ T8874] device gretap0 entered promiscuous mode
[  273.908189][ T8874] device erspan0 entered promiscuous mode
[  273.910461][ T8874] device ip_vti0 entered promiscuous mode
[  273.913002][ T8874] device ip6_vti0 entered promiscuous mode
[  273.915405][ T8874] device sit0 entered promiscuous mode
[  273.917861][ T8874] device ip6tnl0 entered promiscuous mode
[  273.920211][ T8874] device ip6gre0 entered promiscuous mode
[  273.922084][ T8874] device syz_tun entered promiscuous mode
[  273.924250][ T8874] device ip6gretap0 entered promiscuous mode
[  273.926375][ T8874] device vcan0 entered promiscuous mode
[  273.930323][ T8874] device bond0 entered promiscuous mode
[  273.932501][ T8874] device team0 entered promiscuous mode
[  273.943746][ T8874] device dummy0 entered promiscuous mode
[  273.945811][ T8874] device nlmon0 entered promiscuous mode
[  274.411941][    C0] Dead loop on virtual device ipvlan1, fix it urgently!
[  274.544618][ T8874] device caif0 entered promiscuous mode
[  274.545722][ T8874] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  275.237514][ T8888] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1180'.
[  275.239710][ T8888] netlink: 24 bytes leftover after parsing attributes in process `syz.4.1180'.
[  276.003389][ T4330] Bluetooth: Unexpected continuation frame (len 16)
[  277.462811][ T8919] device syzkaller0 entered promiscuous mode
[  277.545553][ T8929] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  278.003101][ T8929] tipc: Resetting bearer <eth:syzkaller0>
[  278.580956][   T14] tipc: Node number set to 2632756184
[  281.896191][ T8975] netlink: 60 bytes leftover after parsing attributes in process `syz.2.1200'.
[  282.037984][ T8991] device bond_slave_1 left promiscuous mode
[  282.040381][ T8991] device wlan1 left promiscuous mode
[  282.043265][ T8991] device team_slave_0 left promiscuous mode
[  282.044336][ T8991] device team_slave_1 left promiscuous mode
[  282.441159][ T8991] device wg1 left promiscuous mode
[  282.597510][ T8991] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  282.616049][ T8991] device batadv_slave_1 left promiscuous mode
[  282.857259][ T8991] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  282.858727][ T8991] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  282.860104][ T8991] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  282.861748][ T8991] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  283.031435][ T8991] netdevsim netdevsim0 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  283.032933][ T8991] netdevsim netdevsim0 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  283.034279][ T8991] netdevsim netdevsim0 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  283.035511][ T8991] netdevsim netdevsim0 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  283.105564][ T8991] tipc: Resetting bearer <eth:syzkaller0>
[  283.141330][ T8991] device syzkaller0 left promiscuous mode
[  283.151876][ T8991] device gretap1 left promiscuous mode
[  283.178673][ T8991] netdevsim netdevsim0 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0
[  283.179974][ T8991] netdevsim netdevsim0 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0
[  283.181426][ T8991] netdevsim netdevsim0 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0
[  283.182638][ T8991] netdevsim netdevsim0 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0
[  283.328631][ T8995] netlink: 12 bytes leftover after parsing attributes in process `syz.4.1207'.
[  283.353862][ T8995] device vlan6 entered promiscuous mode
[  283.808110][ T8996] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  285.287761][ T9034] netlink: 'syz.1.1218': attribute type 1 has an invalid length.
[  285.319777][ T9028] Unable to handle kernel NULL pointer dereference at virtual address 0000000000000000
[  285.321535][ T9028] Mem abort info:
[  285.322071][ T9028]   ESR = 0x0000000086000006
[  285.322716][ T9028]   EC = 0x21: IABT (current EL), IL = 32 bits
[  285.323618][ T9028]   SET = 0, FnV = 0
[  285.324194][ T9028]   EA = 0, S1PTW = 0
[  285.324799][ T9028]   FSC = 0x06: level 2 translation fault
[  285.325636][ T9028] user pgtable: 4k pages, 48-bit VAs, pgdp=0000000117d53000
[  285.326728][ T9028] [0000000000000000] pgd=0800000108b19003, p4d=0800000108b19003, pud=08000001032ab003, pmd=0000000000000000
[  285.328721][ T9028] Internal error: Oops: 0000000086000006 [#1] PREEMPT SMP
[  285.329690][ T9028] Modules linked in:
[  285.330207][ T9028] CPU: 0 PID: 9028 Comm: syz.4.1216 Not tainted syzkaller #0
[  285.331338][ T9028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/03/2025
[  285.332880][ T9028] pstate: 82400805 (Nzcv daif +PAN -UAO +TCO -DIT -SSBS BTYPE=-c)
[  285.334022][ T9028] pc : 0x0
[  285.334502][ T9028] lr : bond_xdp_xmit+0x27c/0x45c
[  285.335268][ T9028] sp : ffff800021af7220
[  285.335922][ T9028] x29: ffff800021af72e0 x28: 000000000000000f x27: ffff800021af7248
[  285.337043][ T9028] x26: dfff800000000000 x25: ffff800012b67cd8 x24: ffff0000f3470000
[  285.338158][ T9028] x23: fffffbffeff99910 x22: ffff0000d9bf0000 x21: fffffbffeff99910
[  285.339308][ T9028] x20: 0000000000000001 x19: 0000000000000000 x18: 0000000000000000
[  285.340514][ T9028] x17: ffff8000181f9000 x16: ffff8000082d10fc x15: 0000000000000002
[  285.341820][ T9028] x14: 0000000000000001 x13: 0000000000ff0100 x12: 0000000000080000
[  285.342949][ T9028] x11: 0000000000008d04 x10: ffff80002a3af000 x9 : ffff800021af7280
[  285.344043][ T9028] x8 : 0000000000000000 x7 : 0000000000000000 x6 : 0000000000000000
[  285.345176][ T9028] x5 : 0000000000000000 x4 : 0000000000000008 x3 : 0000000000000001
[  285.346396][ T9028] x2 : ffff800021af72a0 x1 : 0000000000000001 x0 : ffff0000f3470000
[  285.347564][ T9028] Call trace:
[  285.348032][ T9028]  0x0
[  285.348432][ T9028]  bq_xmit_all+0xab0/0xf10
[  285.349086][ T9028]  __dev_flush+0xc4/0x18c
[  285.349704][ T9028]  xdp_do_flush+0x14/0x28
[  285.350326][ T9028]  bpf_test_run_xdp_live+0x10e0/0x1544
[  285.351111][ T9028]  bpf_prog_test_run_xdp+0x560/0xb88
[  285.351914][ T9028]  bpf_prog_test_run+0x2dc/0x364
[  285.352686][ T9028]  __sys_bpf+0x4ec/0x634
[  285.353240][ T9028]  __arm64_sys_bpf+0x80/0x98
[  285.353925][ T9028]  invoke_syscall+0x98/0x2bc
[  285.354604][ T9028]  el0_svc_common+0x138/0x258
[  285.355259][ T9028]  do_el0_svc+0x58/0x13c
[  285.355849][ T9028]  el0_svc+0x58/0x138
[  285.356450][ T9028]  el0t_64_sync_handler+0x84/0xf0
[  285.357147][ T9028]  el0t_64_sync+0x18c/0x190
[  285.357788][ T9028] Code: bad PC value
[  285.358368][ T9028] ---[ end trace 0000000000000000 ]---
[  285.638935][ T9028] Kernel panic - not syncing: Oops: Fatal exception in interrupt
[  285.640036][ T9028] SMP: stopping secondary CPUs
[  285.640794][ T9028] Kernel Offset: disabled
[  285.641391][ T9028] CPU features: 0x080000,000f0097,a65bfea7
[  285.642262][ T9028] Memory Limit: none
[  285.884685][ T9028] Rebooting in 86400 seconds..