last executing test programs:

4m32.433955649s ago: executing program 4 (id=669):
r0 = socket$key(0xf, 0x3, 0x2)
sendmsg$key(r0, &(0x7f0000000040)={0x3, 0x0, 0x0, 0x1, 0x7}, 0x0)

4m32.251765161s ago: executing program 4 (id=671):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000001c0)='./file2\x00', 0x404, &(0x7f00000003c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x7}}, {@journal_dev={'journal_dev', 0x3d, 0x1}}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x6a}}, {@user_xattr}, {@errors_remount}, {@nouid32}]}, 0x1, 0x446, &(0x7f0000000c00)="$eJzs28tvG8UfAPDv2kn66zP5VeXRBxAoiIpH0qSl9MAFBBIHkJDgUI4hSatSt0FNkEgVQUCoHFEl7ogjEv8AnOCCgBMSV7ijShXKpYWT0dq7ie3aaZI62RR/PtK2M7tjzXw9M/bsThxAzxpO/0ki9kTE7xExWM82Fxiu/3draWHy76WFySSq1Tf/Smrlbi4tTOZF89ftzjN9EaVPkzjcpt7Z+SsXJiqV6ctZfnTu4nujs/NXnj1/ceLc9LnpS+OnT588Mfb8qfHnuhJnGtfNQx/OHDn46tvXXp88c+2dn79J8vhb4uiS4dUuPlGtdrm6Yu1tSCd9BTaEdSnXp2n01+b/YJRjpfMG45VPCm0csKmq1Wr1/s6XF6vAf1gSRbcAKEb+RZ/e/+bHFi09toUbL9ZvgNK4b2VH/UpflLIy/S33t900HBFnFv/5Mj1ic55DAAA0+T5d/zzTbv1XisbnQvuyPZShiPh/ROyPiFMRcSAi7ouolX0gIh5cZ/2tmyS3r39K1zcU2Bql678Xsr2t5vVfvvqLoXKW21uLvz85e74yfTx7T45F/440P7ZKHT+8/Nvnna41rv/SI60/Xwtm7bjet6P5NVMTcxN3E3OjGx9HHOprF3+yvBOQRMTBiDi0wTrOP/X1kU7X7hz/Krqwz1T9KuLJev8vRkv8uWT1/cnR/0Vl+vhoPipu98uvV9/oVP9dxd8Faf/vajv+l+MfShr3a2fXX8fVPz5rf0+zb+PjfyB5q+ncBxNzc5fHIgaS1+qNbjw/3lJufKV8Gv+xo+3n//5YeScOR0Q6iB+KiIcj4pGs7x6NiMci4ugq8f/00uPvdrq2Hfp/ah39PxDLA2F+ILLE8pn2ifKFH79rqnRoPfGn/X+yljqWnVnL599a2rWx0QwAAAD3nlJE7ImkNLKcLpVGRup/w38gdpUqM7NzT5+def/SVP03AkPRX8qfdA02PA8dy27r8/x4S/5E9tz4i/LOWn5kcqYyVXTw0ON2d5j/qT/LRbcO2HR+rwW9y/yH3mX+Q+8y/6F3tZn/O4toB7D12n3/f1RAO4Ct1zL/bftBD3H/D72rcf4nBbYD2Hq+/6Enze6MO/9IvgcSA9ujGfdQIkprL/xtNtqKbrPE2hMFfzABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB0yb8BAAD//3YK4vE=")
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0500000004000000ff0f000007"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x20, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @netfilter, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000880)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000740)='kfree\x00', r1, 0x0, 0x40008003}, 0x18)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ethtool(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$ETHTOOL_MSG_LINKMODES_SET(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000380)={0x40, r3, 0x7, 0x0, 0x0, {}, [@ETHTOOL_A_LINKMODES_HEADER={0x18, 0x1, 0x0, 0x1, [@ETHTOOL_A_HEADER_DEV_NAME={0x14, 0x2, 'syz_tun\x00'}]}, @ETHTOOL_A_LINKMODES_OURS={0x14, 0x3, 0x0, 0x1, [@ETHTOOL_A_BITSET_BITS={0x10, 0x3, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, [@ETHTOOL_A_BITSET_BIT_NAME={0x6, 0x2, '*\x00'}]}]}]}]}, 0x40}}, 0x0)
lsetxattr$trusted_overlay_upper(&(0x7f0000000100)='./file1\x00', &(0x7f00000000c0), &(0x7f0000000080)=ANY=[], 0xfe37, 0x0)
r4 = socket(0x2b, 0x80801, 0x1)
setsockopt$IP_VS_SO_SET_TIMEOUT(r4, 0x0, 0x48a, &(0x7f0000000180)={0xd, 0xfffffffa, 0x3a1}, 0xc)
r5 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f00000010c0)=ANY=[@ANYBLOB="0200000004000000080000000100000080"], 0x50)
setsockopt$MRT_FLUSH(r4, 0x0, 0xd4, &(0x7f0000000140)=0x8, 0x4)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000480)={r5}, 0x4)
r6 = signalfd4(0xffffffffffffffff, &(0x7f0000000580)={[0x1]}, 0x8, 0x0)
fgetxattr(r6, &(0x7f00000005c0)=@known='user.syz\x00', 0x0, 0x0)
r7 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x10, &(0x7f0000000800)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32=r5, @ANYRES64=0x0], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000100)='kfree\x00', r7, 0x0, 0x4000000080000000}, 0x18)
rename(&(0x7f0000000000)='./file1\x00', &(0x7f0000000100)='./file2\x00')
r8 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r8, @ANYBLOB="0000000000000000b702000014000080b7030000000000008500000083000000bf0900000000000055090100000000009500000000000000bf91000000000000b7020000000000008500000084000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[], 0x7c}}, 0x20000090)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="140000001000010000000000000000080000000a90000000030a0300000000000000000002e000000c00020000000000000000010900010073797a30"], 0xb8}}, 0x0)

4m31.673162276s ago: executing program 4 (id=676):
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]})
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r1 = accept4$packet(0xffffffffffffffff, &(0x7f0000000300)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @dev}, &(0x7f0000000340)=0x14, 0x80000)
setsockopt$packet_fanout_data(r1, 0x107, 0x16, &(0x7f0000000400)={0x3, &(0x7f00000003c0)=[{0x3, 0x80, 0x7, 0x9}, {0x8000, 0x9, 0x0, 0x61d32a51}, {0x5, 0x46, 0x0, 0x1}]}, 0x10)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0)
r3 = openat$uhid(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0)
readv(r3, &(0x7f0000000140)=[{&(0x7f0000000080)=""/155, 0x9b}], 0x1)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000040)='kmem_cache_free\x00', r4}, 0x18)

4m29.837768145s ago: executing program 4 (id=689):
syz_mount_image$f2fs(&(0x7f0000000040), &(0x7f0000000240)='./bus\x00', 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="6163746976655f6c6f67733d342c646174615f666c7573682c66617374626f6f742c6a71666d743d76667376312c6e6f696e6c696e655f64656e7472792c7573726a71756f74613d66326673002c00ff371013587045d0d273e856ce75c2b11120ece6d6a76856a2cdd8c835ef14aa3aea583b7f3affd12ff9abc9b21098874a75607f009920ad1a283ce7b8b528e239692ab156e30dd8365f708e6c98cfcd0b30d5304dd70f87da026e2d4e4df1ad07ba72683f43d76541d455d1fa118f0900000009fe28bfded255e7c5806f05b80ec0e186b4f72759eb096a1fe6793e734fe61555f01ff9f23bc11370aa247215e8f1410ea4728bb2a2c2d20bc5e61b0a4c7ddb25da21c75f35f711581d1f5b8db3be07c80000000000000000"], 0x1, 0x54f4, &(0x7f0000005600)="$eJzs3M1rI2UYAPBn2u1+uxbx4G0HFqGFTdj0Y9Fb1V38wC7Fj4MnTZM0ZDfJlCZNa08ePIoH/xNR8OTRv8GDZ2/iQfEmKJmZ6tYvhKaNtb8fTJ6ZN2+eed5QCs9MmADOrfn0px+SuBFXImI2Iq5H5PtJueXWivBMRNyMiJnHtqQc/23gYkRcjYgb4+RFzqR865Pbo1ur37/245dfX7pw7dMvvpneqoFpezYietvF/l6viFm7iA/L8fqok8feyqiMxRu9R+VxVsS91maeYa9+OK+ex+V2MT/b3h2MY5LUG+PY7mzl49v94oSDUfswT/6Bh/Wd/LjZ2sxjZ5DlsX1Q1LV/UPxvOxgMizzNMt/7efoYDg9jMd7abxXr2X6Ux0Z/WI4XebNma38cR2UsTxeNrNvM69g8zjf93/Z6p7+7n45aO4NO1k9Xq7XnqrW7ldpO1mwNWyuVeq95dyVdaHfH0yrDVr231s6ydrdVbWS9xXSh3WhUarV04V5rs1Pvp7Vadbl6p7K6WO7dTl9+8HbabaYL4/hip7877HQH6Va2kxafWEyXqsvPL6a3aumb6xvpxhv3769vvPXuvXcevLD+6kvlpD+VlS4s3VlaqtTuVJZqi+do/R+WRU9w/XAsybQLADh79P/ANEyj/9/qTq7/D/3/RJyp/ve89/8nsH44Fv0/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAMC59e3cZ6/kO/PF8bVy/ImIm+Ohp8rjJCJmIuKXvzAbF4/knC3zzP3N/Lk/1PBVEnmG8TkuldvViFgrt5+fPOlvAQAAAP6/Pv/g5sdFt168zE+7IE5TcdFm5vp7E8qXRMTc/HcTyjYzfnl6Qsnyv+8LsT+hbPkFrMsTSlZccrswqWz/yuyRcPmxkBRh5lTLAQAATsXRTuB0uxAAAABO00fTLoDpSOLwVubhveD8l/e/3xC8cuQIAAAAOIOSaRcAAAAAnLi8//+H5/+F5/8BAADA2Vc8/w8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPiVnfvJSR2K4gB8Wuh7vD9GYpy7FWewDJfg0KFhAW6CJeAW3ABrwJlLMGBoS7QGE5PetpF8X9JebkN+nBIm515SAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6NJzsZo/3l89tM3Z7tpJczcAAADAMZtiNS9fTKv5v/r6WX3pop5nEZFHxLHefRS/GpmjOqf44v3FpxqeIsqE/Wf8ro+/EXFdH6/nXX8LAAAAcLrWi+Ws6tar03ToguhTtWiT/79JlJdFRDF9SZSW70+XicLK3/c47hKllQtYk0Rh1ZLbOFXat4waw+TDkFVD3ms5AABAL5qdQL9dCAAAAH26HboAhpHFYSvzsBdc/vP+fUPwT2MGAAAA/EDZ0AUAAAAAnSv7f8//AwAAgNNWPf8PAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACALm2K1Xy9WM7a5mx37aS5GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADgjf15R4EQCIMw2Lu+M5n7H1YaNDU1qQLh428MBgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIA3v/vL/4mpcSaZe20sPY8ka6fG1qmxd24c/WF8/RoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAu9uclBUIgCKJgzvjfSd//sJKgZxAhAhoeVdSiAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4It+98v/ialxJpk7bSwdjyRrV42tq8beg8bRg/H2bwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAudu7nNY4qDgD4d2Z2trYqxig5RETBg17sdlNbe/WgBA/+CUJItzW69Ueagy1FyMWb5NyL6FFEUOKt/0PPLfRSbz3soYJnZWZnmmkacLV0Zpt8PvD2fWcY5n3fJIR8570EAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKA2eW8vzoqPhWmcVudu3b+2XvS39/WFGzt3lotWxEmbST8dXm0eJEvdJQIAAMDRkdX1fUTczXdXiz5dKOv/vL6mqPl/eH4a1/X8/rq/7uvav2i//3bv5QcDLUzHKW56YWM8OvVoKr0nN8v59sK/XtErn3z57iUrvyDph9svTfLyeSbf3bz5fr8Mj7WRLQDwf5ys+yqofx8q+mGXiQFwZPQahXdd/2cL3eYEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA0IbJdjxbx0lELPf24sLt+9fWD+pv7NxZrtvZ69d3mvcsbpFHxIWN8ehUi3OZd5evXP1sbTwebbYfvBYR3Y1eBR/PcE1ElxkKHjdIq+/1ecnn6Qg6/sEEAMChk1etqOvv5rurxblkMeLvHx+u/99sxDFj/X/vk7O3mmM16/9hazOcf4OtS18OLl+5+vbGpbWLo4ujz99ZGb47PH3uzJlzg/JdycAbEwAAAB5PP4no76v/08VH1/9PNOKYsf7/6vvhN82xMvX/gfYW/brOBAAA4Gh78fW//kwOOJ/0+/H12tbW5nD6WR3H5kp5vNJBqv/Zsao16/9sseusAAAAgDZMtpOH1v/PN+KYcf3/uZ9e+aV5zywijlfr/yfXvxifb286c62NPyfueo4AAAB063jVmuv/ebn/P32w5SGNiLfemMbVvwGcqf7PPvj25+ZYzf3/p9ub4lxKl6bPo+yXInpLXWcEAADAYfZM1Ypi/498d/XTX0981Lf/HwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBt/wQAAP//K8ZAQg==")
openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x4)
truncate(&(0x7f00000002c0)='./file1\x00', 0x42d9)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
syz_mount_image$fuse(0x0, &(0x7f00000000c0)='./bus\x00', 0x3000009, 0x0, 0x1, 0x0, 0x0)
mount$overlay(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000b80), 0x8, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file0'}}, {@lowerdir={'lowerdir', 0x3d, '.'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(0x0)
openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x101142, 0xeaff)

4m28.215663665s ago: executing program 4 (id=705):
clock_adjtime(0x2, 0x0)
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0x8, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000bb00551a000000000000000018120000", @ANYRES32=r0, @ANYBLOB="0000000000000000b703000000000000850000001b000000b70000000000000095"], &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x18)
readahead(0xffffffffffffffff, 0x4ca841af, 0x3ff)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = socket$nl_route(0x10, 0x3, 0x0)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r4=>0x0})
sendto$packet(r2, &(0x7f0000000180)="a6bea8a120e5f8320c30ce5086dd", 0xe, 0x0, &(0x7f0000000140)={0x11, 0x19, r4, 0x1, 0x0, 0x6, @random="000000000004"}, 0x14)

4m25.294394146s ago: executing program 4 (id=718):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {0x0, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)

4m24.505015862s ago: executing program 32 (id=718):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$igmp(0x2, 0x3, 0x2)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, 0x0)
sendmsg$nl_xfrm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000680)=@newsa={0x15c, 0x10, 0x713, 0x0, 0x25dfdbfc, {{@in=@multicast1, @in6=@mcast2, 0x4, 0x0, 0x4e21, 0x2, 0x0, 0x0, 0x0, 0x21, 0x0, 0xee00}, {@in6=@private1, 0x4d6, 0x32}, @in=@multicast2, {0x0, 0x0, 0x0, 0x9, 0xffffffff00000001, 0x0, 0x80000001, 0x543}, {0x4, 0x7fffffffffffffff, 0x0, 0x1}, {}, 0x70bd2c, 0x3500, 0x2, 0x0, 0x0, 0x50}, [@algo_aead={0x60, 0x12, {{'rfc4106(gcm(aes))\x00'}, 0xa0, 0x60, "210466d38547aa140db9a200000000c538c7cb7a"}}, @offload={0xc, 0x1c, {0x0, 0x3}}]}, 0x15c}, 0x1, 0x0, 0x0, 0x880}, 0x2014)

1m8.844952946s ago: executing program 5 (id=2451):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000040)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="12000000060000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r1, <r2=>0xffffffffffffffff}, &(0x7f0000000080), &(0x7f0000000380)=r0}, 0x20)
bpf$MAP_GET_NEXT_KEY(0x4, &(0x7f0000000300)={r2, &(0x7f00000001c0), &(0x7f0000000400)=""/198}, 0x20)

1m7.891829641s ago: executing program 5 (id=2452):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000500)={{0x14}, [@NFT_MSG_NEWRULE={0x34, 0x6, 0xa, 0x40b, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_USERDATA={0x5, 0x7, 0x1, 0x0, "86"}]}], {0x14}}, 0x5c}, 0x1, 0x0, 0x0, 0x2000094}, 0x4000800)

1m7.715313437s ago: executing program 5 (id=2454):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x5, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x33, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f0000000200), &(0x7f0000000280)}, 0x20)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10)
r2 = socket$inet6(0xa, 0x1, 0x0)
setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000740)=@raw={'raw\x00', 0x3c1, 0x3, 0x408, 0x230, 0x12, 0x60a, 0x0, 0x202, 0x338, 0x2e8, 0x2e8, 0x338, 0x2c0, 0x4, 0x0, {[{{@ipv6={@ipv4={'\x00', '\xff\xff', @dev}, @mcast2, [], [], 'veth1_to_bond\x00', 'xfrm0\x00'}, 0x0, 0x108, 0x230, 0x0, {}, [@common=@unspec=@statistic={{0x38}}, @common=@inet=@socket2={{0x28}}]}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x1, 0x57c, 'system_u:object_r:file_context_t:s0\x00'}}}, {{@ipv6={@private2, @loopback, [], [], 'vxcan1\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x108}, @common=@inet=@HMARK={0x60, 'HMARK\x00', 0x0, {@ipv4=@empty, [], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x39e}}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x468)

1m7.455231871s ago: executing program 5 (id=2457):
syz_mount_image$ext4(&(0x7f0000000780)='ext4\x00', &(0x7f0000000100)='./file0\x00', 0x3800480, &(0x7f0000002200), 0x45, 0x786, &(0x7f00000007c0)="$eJzs3d9rW2UfAPDvSX93e9/2hRd0XhUELYyldtZNwYuJFyI4GOi1W0mzMps2o0nHWgpuiOCNoOKFoDe79se889Yft/pfeCEbU7vhxAupnDRZszXpkq1J5vb5wGme5zwnfZ5vnnOe8yTnkATwyJpI/2QiDkTEB0nEWHV9EhEDlVR/xLGt7W5urOfSJYnNzdd/Syrb3NhYz0Xdc1L7qpnHI+L7dyMOZnbWW1pdW5gtFPLL1fxUefHsVGl17dCZxdn5/Hx+6cj0zMzho88dPbJ3sf7x09r+qx++8vRXx/5657HL7/+QxLHYXy2rj2OvTMRE9TUZSF/C27y815X1WLJ7cYM9gAdB2jF9W0d5HIix6KukmhjpZssAgE55OyI2m+lrWgIA/Kslzc//AMBDqfY5wI2N9Vxt6e0nEt117aWIGN6Kv3Z9c6ukv3rNbrhyHXT0RnLblZEkIsb3oP6JiPjsmze/SJfo0HVIgEYuXIyIU+MTO8f/ZMc9C+16poVtJu7IG/+ge75N5z/PN5r/ZW7Nf6LB/GeowbF7L+5+/Geu7EE1TaXzvxfr7m27WRd/1XhfNfefypxvIDl9ppBPx7b/RsRkDAyl+eld6pi8/vf1ZmX187/fP3rr87T+9HF7i8yV/qHbnzM3W569n5jrXbsY8UR/o/iTW/2fNJn/nmixjldfeO/TZmVp/Gm8tWVn/J21eSniqYb9v31HW7Lr/YlTld1hqrZTNPD1z5+MNqu/vv/TJa2/9l6gG9L+H909/vGk/n7NUvt1/Hhp7LtmZXePv/H+P5i8UUkPVtedny2Xl6cjBpPXdq4/vP3cWr62fRr/5JONj//d9v/0PeGpFuPvv/rrl/cef2el8c+11f/tJy7fXOhrVn9r/T9TSU1W17Qy/rXawPt57QAAAAAAAAAAAAAAAAAAAAAAAACgVZmI2B9JJnsrnclks1u/4f3/GM0UiqXywdPFlaW5qPxW9ngMZGpfdTlW932o09Xvw6/lD9+RfzYi/hcRHw+NVPLZXLEw1+vgAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAKBqX5Pf/0/9MtTr1gEAHTPc1+sWAADdNtzf6xYAAN023NbWIx1rBwDQPe2d/wGAh4HzPwA8epz/AQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA6LATx4+ny+afG+u5ND93bnVloXju0Fy+tJBdXMllc8Xls9n5YnG+kM/miotN/9GFrYdCsXh2JpZWzk+V86XyVGl17eRicWWpfPLM4ux8/mR+oGuRAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDrSqtrC7OFQn5ZQkKi7URc2DqOHpT27F0iBrdHiZGejU8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD7p/AgAA//+mAybn")
bpf$PROG_LOAD(0x5, &(0x7f0000001540)={0x11, 0xc, &(0x7f0000000840)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000400007020000f8ffffffb703000008000000b7"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregs(0xd, r0, 0x930, &(0x7f0000000800))
ptrace$poke(0x21, r0, 0x0, 0x0)

1m7.007768321s ago: executing program 5 (id=2460):
bpf$MAP_CREATE(0x0, &(0x7f0000002040)=ANY=[@ANYBLOB="1e0000000000000005000000ff"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000004c0)={0x3, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x7, 0x0, 0x0, 0x0, 0x51}, 0x94)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x3, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000000004005f9500000000000000"], &(0x7f00000003c0)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000140)='contention_end\x00', r0}, 0x10)
socket$inet_sctp(0x2, 0x5, 0x84)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000480)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
pipe2(&(0x7f0000000000)={0xffffffffffffffff, <r2=>0xffffffffffffffff}, 0x80000)
splice(r1, 0x0, r2, 0x0, 0x6, 0x0)
socket$inet(0x2, 0x800, 0x3)
r3 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2})
r4 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r4, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
r5 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r5, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={0xffffffffffffffff, &(0x7f0000000080), &(0x7f00000002c0)=@udp}, 0x20)
recvmsg$can_bcm(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0)
close_range(r3, 0xffffffffffffffff, 0x0)

1m5.323775682s ago: executing program 5 (id=2468):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c0000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a3100000000100003800c000080080003400000000214000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

1m4.883659812s ago: executing program 33 (id=2468):
r0 = socket$inet_sctp(0x2, 0x5, 0x84)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a5c000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc200011800e000100636f6e6e6c696d69740000040c00028008"], 0x84}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
sendmsg$NFT_BATCH(r1, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000380)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a3c0000000c0a010100000000000000000a0000070900020073797a31000000000900010073797a3100000000100003800c000080080003400000000214000000110001"], 0x64}, 0x1, 0x0, 0x0, 0x24000850}, 0x40)
close_range(r0, 0xffffffffffffffff, 0x0)

20.872131509s ago: executing program 1 (id=2782):
socket$netlink(0x10, 0x3, 0x0)
syz_emit_ethernet(0xc2, &(0x7f0000000280)={@random="f20334efde04", @random, @void, {@llc_tr={0x11, {@snap={0xaa, 0x0, "738c", "d86c14", 0x8828, "a1308e9f8dd9cc9d955394f3024579d05cb752fbb27a8348144b597dd733fceaad33c5c3790e585eae515d8e3737f306c75fa3992070b0a249ca0cc5e9f89ba769c7f83e376b837f468a65270c2e07adf046d57c40c7527fb633fd5fd80e4776a763c86e7f328125ab86f2ff984d13d0d812c49f1c54b3f9eb44d97ef35be00de6d92ccdef386b9449d615b4f7f7d1bff199b7bd3ae7d28ba0d2f4a73be939156107e96b9a5b8b870d59c1"}}}}}, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, &(0x7f0000000980)={0x17, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x7a, 0x0, 0x0, 0x41000, 0x44, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='afs_volume\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000800)={[{@acl}, {@block_validity}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x587, &(0x7f0000000f80)="$eJzs3U1rG9caAOB3ZMn5cO6NAyHcexeXQBZNSSPHdj9SKDRdljY00O5TYSsmWI6CJYfYDTRZNJtuSiiU0kDpD+i+y9A/0F8RaAOhBNMuSkFl5JGt2JIdOzJSoueBSc6ZD595feY9PqORUABD62T6Ty7ivxHxVRJxtG1bPrKNJ9f2W31yayZdkmg0Pv49iSRb19o/yf4fyyr/iYifv4g4k9vabm15Zb5UqZQXs/pEfeH6RG155ezVhdJcea58bWp6+vwb01Nvv/Vmz2J99dKf33704P3zX55a/ebHR8fuJXEhjmTb2uN4DrfbKydLf2elQlzYtONkDxobJEm/T4A9GcnyvBDpGHA0RrKsB15+n0dEY02uAQyZpJn/YxvjADAkWvOA1r19j+6DXxiP31u7AWrGPtoef37ttZE42Lw3OryaPHVnlN7vjveg/bSNn367fy9dYvvXIQ7tUAfYldt3IuJcPr91/E+y8W/vzjVfPN7e5jaG7e8P9NODdP7zWqf5X259/hMd5j9jHXJ3L3bO/9yjHjTTVTr/e6fj/Hd96BofyWr/as75CsmVq5XyuYj4d0ScjsKBtL7d85zzqw8b3ba1z//SJW2/NRfMzuNR/sDTx8yW6qWIGH2euFse34n4X75T/Ml6/ycd+j/9fVzq+BMLW9acKN//f7f2d45/fzV+iHilY/9vPNFKtn8+OdG8HiZaV8VWf9w98Uu39vsdf9r/h7ePfzxpf15b230b3x/8q9xt216v/9Hkk2a5lQQ3S/X64mTEaPJhs36wff3UxrGtemv/NP7Tp7Yf/zpd/+nN16fPGP/d43e77joI/T+7q/7ffeHhB5991639Z+v/15ul09mabPzrLLtWnvUEn/f3BwAAAAAAAIMkFxFHIskV18u5XLG49v6O43E4V6nW6meuVJeuzUbzs7LjUci1nnQfbXs/xGT2fthWfWpTfToijkXE1yOHmvXiTLUy2+/gAQAAAAAAAAAAAAAAAAAAYECMdfn8f+rXkX6fHbDvml9scKDfZwH0w45f+d+Lb3oCBtKO+Q+8tOQ/DC/5D8NL/sPwkv8wvOQ/DC/5D8NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXbp4MV0aq09uzaT12RvLS/PVG2dny7X54sLSTHGmuni9OFetzlXKxZnqwk4/r1KtXp+ciqWbE/VyrT5RW165vFBdula/fHWhNFe+XC5s7Jrb38gAAAAAAAAAAAAAAAAAAADgxVFbXpkvVSrlRYWuhXdjIE5jPwNcs6fD84MShUKXwp2se3d3VB8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY5J8AAAD//9ybLZI=")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
inotify_init()
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001900)="2e00000011008188040900000000000000a1810031000000000f000000048002002d1f00000000000000e2000000", 0x2e}], 0x1}, 0x20000000)

20.061367615s ago: executing program 1 (id=2789):
openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x0)

19.675521254s ago: executing program 1 (id=2795):
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz0\x00', 0x1ff)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="02000000040000008000000005"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000008c0)='mm_page_free\x00', r2}, 0x18)
r3 = openat$cgroup_freezer_state(r0, &(0x7f00000002c0), 0x2, 0x0)
sendfile(r3, r3, 0x0, 0x8000002)

19.447937597s ago: executing program 1 (id=2798):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000006"], 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000007000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000e00007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000140)='kfree\x00', r1, 0x0, 0xffffffffffffffff}, 0x18)
r2 = gettid()
timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc))
timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x3938700}, {0x0, 0x989680}}, 0x0)
futex(0x0, 0xd, 0x0, 0x0, 0x0, 0x2)
futex(&(0x7f000000cffc), 0x80000000000b, 0x0, 0x0, &(0x7f0000048000)=0x2000000, 0x300)
futex(&(0x7f000000cffc), 0xc, 0x1, 0x0, &(0x7f0000048000)=0x1, 0x0)

19.188083619s ago: executing program 1 (id=2801):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x20000090)
sendmsg$NFT_BATCH(r0, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0)

19.003974784s ago: executing program 1 (id=2805):
bpf$PROG_LOAD_XDP(0x5, &(0x7f00000007c0)={0x6, 0xa, 0x0, &(0x7f0000000380)='syzkaller\x00', 0x3, 0x0, 0x0, 0x41000, 0x53, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5}, 0x94)
r0 = socket$inet6(0xa, 0x2, 0x0)
bind$inet6(r0, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty}, 0x1c)
setsockopt$inet6_udp_int(r0, 0x11, 0x68, &(0x7f0000000080)=0xa40, 0x4)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f00000001c0), 0xa2f01, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32})
socket$kcm(0x2, 0xa, 0x2)
write$tun(r1, &(0x7f0000000340)=ANY=[@ANYBLOB="0a000000bbbbbbbbbbbbaaaaaaaaaabb86dd6d002000001011ff00000000000100070000000000000000ff0200000000000000000000000000014f194e20"], 0xfdef)

8.612621295s ago: executing program 3 (id=2863):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000000280)={[{@noload}, {@nodelalloc}, {@init_itable_val={'init_itable', 0x3d, 0x3}}, {@inlinecrypt}, {@data_err_ignore}, {@nodiscard}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@block_validity}]}, 0x1, 0x557, &(0x7f0000000fc0)="$eJzs3c+LG1UcAPDvZHf7W9tCKSoiCz1Yqc12d/1RwUM9ihYLeq9hM13KJk3ZZEt3Ldge7MWLFEHEgnjXu8fiP+BfUdBCkbLowUtkspNt2k266TZttubzgSnvZSZ5852Z7+ubvFkSwMiazP4pRLwcEd8kEfsjIsnXjUe+cnJtu9V7V+ayJYlm89O/ktZ2Wb39We337c0rL0XEb19FHCtsbLe+vLJQqlTSxbw+1ahenKovrxw/Xy3Np/PphZlm8+TbszPvvfvOwGJ948w/339y68OTXx9Z/e6XOwdvJHEq9uXrOuN4Alc7K5MxmR+TiTj10IbTA2hsO0mGvQNsyVie5xOR9QH7YyzPeuD/78uIaAIjKpH/MKLa44D2vf2A7oOfG3c/WLsB2hj/+Np3I7GrdW+0ZzV54M4ou989MID2szZ+/fPmjWyJwX0PAbCpq9ci4sT4+Mb+L8n7v6070cc2D7eh/4Nn51Y2/nmz2/insD7+iS7jn71dcncrNs//wp0BNNNTNv57v+v4d33S6sBYXnuhNeabSM6dr6RZ3/ZiRByNiZ1Z/VHzOSdXbzd7resc/2VL1n57LJjvx53xnQ++p1xqlJ4k5k53r0W80nX8m6yf/6TL+c+Ox5k+2zic3nyt17rN43+6mj9FvN71/N+f0Uq6zk/Ozubzk1Ot62GqfVVs9Pf1w7/3an/Y8Wfnf8+j4z+QdM7X1h+/jR93/Zv2WvdA/NH/9b8j+axV3pG/drnUaCxOR+xIPt74+sz997br7e2z+I8eeXT/1+363x0Rn/cZ//VDP7/aV/xDOv/lxzr/j1+4/dEXP/Rqv7/+761W6Wj+Sj/9X787+CTHDgAAAAAAALabQkTsi6RQXC8XCsXi2vMdh2JPoVKrN46dqy1dKMe1fWvPPxTaM937O56HmM6fh23XZx6qz0bEwYj4dmx3q16cq1XKww4eAAAAAAAAAAAAAAAAAAAAtom9Pf7+P/PH2LD3Dnjq/OQ3jK5N838Qv/QEbEv+/4fRJf9hdMl/GF3yH0aX/IfRJf9hdMl/GF3yHwAAAAAAAAAAAAAAAAAAAAAAAAAAAAbqzOnT2dJcvXdlLquXLy0vLdQuHS+n9YVidWmuOFdbvFicr9XmK2lxrlbd7PMqtdrF6ZlYujzVSOuNqfryytlqbelC4+z5amk+PZtOPJOoAAAAAAAAAAAAAAAAAAAA4PlSX15ZKFUq6aKCwpYK49tjNxQGXBh2zwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA9/0XAAD//zWdOco=")
timer_create(0x2, 0x0, &(0x7f0000000000)=<r0=>0x0)
timer_settime(r0, 0x1, &(0x7f000006b000)={{0x0, 0x989680}, {0x0, 0x9}}, 0x0)
timer_gettime(r0, &(0x7f0000000040))

8.401114243s ago: executing program 3 (id=2865):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000bc0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x0, 0x3}}}]}, 0x38}}, 0x0)
r4 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r4)
socket$nl_generic(0x10, 0x3, 0x10)
ioctl$SIOCSIFHWADDR(r4, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
sendmsg$nl_route_sched(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000640)=@newtfilter={0x84, 0x2c, 0xd27, 0x70bd26, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x0, 0x4}, {}, {0x8, 0xf}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x6, 0x1000, 0x3, 0xfffffffc, 0x8}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x1, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x20000010}, 0x20000000)
r5 = socket$kcm(0x11, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000600), 0x56)
sendmsg$kcm(r5, &(0x7f00000000c0)={&(0x7f0000000380)=@xdp={0x2c, 0x0, r6, 0x3e}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000180)="27030200590214000600002fb96dbcf706e10500000086ddffff1144ee163cd4b8bf4a31accb", 0x26}], 0x1}, 0x4)

7.523530614s ago: executing program 2 (id=2869):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r2, &(0x7f0000000400)="aa", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x3f66400, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r2, 0x1)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
getpid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="400100002000080027bd7000fcdbdf253300000020010000000000000000000000000000e00000020000000000000000000000004e22fff94e2300000a0000a0", @ANYRES32, @ANYRES32], 0x140}}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a00000015000300686173683a69702c706f72742c6e6574000000000bf22680e12c17"], 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

7.194360927s ago: executing program 2 (id=2873):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000100)='./file1\x00', 0x42, 0x1ff)
write$binfmt_elf64(r0, &(0x7f0000000180)=ANY=[@ANYBLOB="7f454c4609040000000000000000000003003e00ebffffff7c00000000"], 0x78)
close(r0)
execveat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0, 0x0, 0x1000)

6.99106188s ago: executing program 2 (id=2875):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
open_by_handle_at(r0, 0x0, 0x36f0516f)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsopen(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000400)=0x126a, &(0x7f0000002540)=0x2)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1802, 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000001700))
getsockopt$inet_mreqn(r2, 0x0, 0x32, &(0x7f0000002100)={@empty, @multicast2}, &(0x7f0000002140)=0xc)
sendto$inet(r2, 0x0, 0x0, 0x24000840, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f00000000c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x0, 0x300}]}}}}}}}, 0x0)

6.065386158s ago: executing program 6 (id=2877):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020100000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, 0x0, 0x0)

5.943674796s ago: executing program 6 (id=2878):
syz_mount_image$iso9660(&(0x7f0000000040), &(0x7f0000000080)='./file1\x00', 0x1008014, &(0x7f0000000000)=ANY=[], 0x3, 0x7e9, &(0x7f0000001f80)="$eJzs3U1sHPXZAPBnHDsfRm+EeF/lRVEIk0ClIAWz3kColQMs67EzdL1r7a6rRFVFEXGQhQMIilpygagStFWrqqf2Rrly661VpVZqpdJTpXLopTckThWV+iVQVcnVzO46a8cfwUkcKL+flf3Pzj7/+T8z3syzs96dCQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgkvp0pTKZRCNvLpxLN1efbrfmtnh8sLxfrWnWeHzNuBFJ8S/274+P/t6b939XHz5U3ByPI717R2J/0eyPy3ccuvPM/46ODPpvkdBOHbvOuCTix/1klxdfWv/ovpuf2C303V984i4frxS3s1kz70Q+V5vN0rzTSqdOn648dHamk87kjaxzvtPN5tJ6O6t1W+30RP2BdHJq6lSaTZxvLTRnp2uNbDDz0Qerlcrp9MmJ+azW7rSaDz0ZnfrZvNHIm7NlTLXyjShiHk3rg6dIbS5NLy4tL57aLtUiaHLtrD1x9TY9cv+dH7zy/t+WFosn5GYLSfqjVicnq9XJ049MPfJopTJarVSrMTRjT0RUhkURUXaJkYiiyy150vIZcnN23HATjPTrfzQij2YsxLlIN/gZi3pMRztaMVfc/+PYNRF9g/r/hYf+8vutxh2u/4Mqf/fVhw9HWf+P9u4d3az+b5jrbv68HK/G5Xguno7lWI7FeOm2Z7TNz8iNLiFZc282smhGHp1oRR5zUSvnpP05aUzF6TgdlXgqzsZMdCKNmcijEVl04nx0ohtZ+YyqRzuyqEU3WtGONE5EPR6INCZjKqbiVKSRxUScj1YsRDNmYzpq5VIuxlK53U+ty/LQgfj5s3/44K1iejVocqvVer14IReL8dctglaL+XD9XzNjuPavrBSvF9ZHqP+fd7dgLw47szKo/wAAAMB/raR89704/h+Le8qpmbyRfWXLLh+vlHYvSQAAAOCGlH/5P1I0Y8XUPZEUx/+VDSLf2/XcAAAAgJsjKb9jl0TEeNzbm7oYS/F6LMZGbwIAAAAAn0Hl3/+PFs14xGvljMHpUiq9jwQAAAAAn3Xf3uwc++8PzrHbmd+X/HIsIsaSK/Pn7k8u1Yq42qU9vX795surS+zOHE4O9hdSNqdHL9+RRMRoPTuSDM5++e99vfbD8vbw6Gr3zc71n7TbWyYQWydQ3ovvxbFezLELZXNHv8to0htlfCZvZBP1VuNMeUrE4l/3leeXvhlRjP6d5tzBJC4uLS9OPPPC8oUylytF9ysH+idQvOY8ilvkstLfAnHPxms8Vn4Roz/ueG/cyvD6j/S6j2w9ZjI85htxvBdzfLzXjg8e6Y25vxhzcuLMZNRqB0e62bnuKytDa9/PYnJ1zceuXNrBmr8R9/Vi7jtxX6/ZIIvqmiyevzaL6tD2v85tMXiWbZvFW8deO/fP37aS7NR2WZzaKIvRjbNY2ROxflsA3C4Xy7P+XK1CB8oq9K+V/il+kiR6dbcoVrVeQN82+9piL/ePq6Osvso40P+jwlCtG4311f3qHvT6qvtK9PbofSd6rydGD29QVyob7NFfXHrx3f4e/eF3fvSTrx793U/LcXdU3d6JB3ox/Sbu+vW6LM68u7C3yKJY5++vq6pvFz3e3nTcTqOaxJWIPV+/9GIcevnVyw8uXXr62cX/WXy+WtSghyuVR6p71/2CNs0UgM+v7a+xs2nEoM4kD687qo4La+vuXasfKZiIZ+KFWI4LcbL8tkFE3LvxuONDH0M4uc1R6/jQFV5ObnNseTW2em1sEpvEnhraYv//w7L56Jb8OgBgVxzfoA7/pn9h223q/+o78yfjRC9ik+PutbV83dFxbF7LN/LFoWlXLQKAncnaHybj3TeTdjuff2pyamqy1j2bpe1W/UtpO5+ezdK9zW7Wrp+tNWezdL445K8P3jiezjppZ2F+vtXupjOtdhojnfxceeX3tLO/HzNXa3bzeme+kdU6WVpvNbu1ejedzjv1dH7hiUbeOZu1y86d+ayez+T1WjdvNdNOa6FdzybStJNlQ4H5dNbs5jN5MdlM59v5XK19JSIaC3NZOp116u18vtvqLXAwVt6cabXnysVOXLv6f97NbQ0AnxYvv3r5uaeXlxdf2tnEn64n+HavIwCwlioNAAAAAAAAAAAAAACffquf/79zMFHMvYFvBH6yiX1xfcFjcQNjrfRPFHTrV+dTNXHNKg8u53i7E9vNia899thzQ3MODMc88drdZ69vOXG935SNNw9G7P3ZD3pzHt88+Fs39XfxXsRO/oOsJFvErNlN7N3FXRIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAbOo/AQAA//86f0/X")
symlinkat(0x0, 0xffffffffffffff9c, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xa, 0xc, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8d}, 0x94)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f0000000080)=[{0x200000000006, 0x9, 0x4, 0x7ffc0002}]})
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x0, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pivot_root(&(0x7f0000000000)='.\x00', &(0x7f00000004c0)='./file1\x00')
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0xb, 0x59032, 0xffffffffffffffff, 0x0)
r1 = getpid()
ioctl$BTRFS_IOC_TREE_SEARCH_V2(r0, 0xc0709411, &(0x7f0000000580)={{0x0, 0x3, 0x3, 0x1ff, 0x0, 0x8, 0x1ff, 0xd7, 0x7, 0x4, 0x1, 0x1, 0x1, 0xc}, 0x8, [0x0]})
madvise(&(0x7f0000a5e000/0x1000)=nil, 0x1000, 0x17)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000e80)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000007c0)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000740), &(0x7f0000000780)}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x22c7, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c3"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000002c0)='kfree\x00', r4, 0x0, 0x2}, 0x18)
process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0)
r5 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
r6 = getgid()
lchown(0x0, 0x0, r6)
r7 = syz_open_dev$tty1(0xc, 0x4, 0x4)
r8 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000040)={'bridge_slave_0\x00'})
r9 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r9, &(0x7f0000000000)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000002080)=@newtaction={0xe68, 0x30, 0x25, 0x0, 0x0, {}, [{0xe54, 0x1, [@m_pedit={0xe50, 0x1, 0x0, 0x0, {{0xa}, {0xe24, 0x2, 0x0, 0x1, [@TCA_PEDIT_PARMS_EX={0xe20, 0x4, {{{}, 0x2}, [{}, {0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x2}, {0x0, 0x6}, {0x1000}, {0x1}, {}, {}, {0x0, 0xfffffffc, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x20000}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x8}, {0x1}, {0x8001, 0x0, 0x0, 0x0, 0xfffffffe}, {}, {0x0, 0x0, 0x7}, {0x0, 0x7}, {0x0, 0x0, 0x0, 0xfffffffd, 0x0, 0xfffffffe}, {}, {0x0, 0x2, 0x0, 0x0, 0xfffffffc, 0x1000000}, {}, {}, {}, {0xfffffffc}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x4}, {}, {0x0, 0x0, 0x8001}, {}, {0x0, 0x0, 0x10000000}, {0x0, 0x1, 0x0, 0x0, 0x0, 0x2}, {0x7}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x8}, {}, {}, {0x0, 0x0, 0x0, 0x1}, {0x0, 0x800000}, {}, {}, {0x0, 0x0, 0x0, 0x8000}, {0x0, 0x0, 0x2}, {0x4, 0xc000000}, {}, {0x0, 0x80000000}, {}, {0x0, 0x0, 0x0, 0x0, 0x7}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x0, 0x0, 0x6}, {}, {0x7}, {}, {}, {}, {}, {}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x23}, {0x0, 0x0, 0x0, 0x404}, {0x0, 0x0, 0x0, 0x2, 0xfffffffc}, {0x0, 0x0, 0x8}, {}, {0x0, 0x0, 0x0, 0x0, 0x100000}, {}, {0x0, 0x0, 0x0, 0x0, 0x2}, {}, {0x0, 0x0, 0x9f, 0x0, 0x6, 0x1}, {0x20000, 0x0, 0x9}, {0x0, 0x0, 0x0, 0x0, 0x7}, {0x0, 0x0, 0x0, 0x0, 0x9}, {}, {}, {0x0, 0x0, 0x2}, {}, {0xfffffffd}, {}, {}, {}, {}, {0xfffffffd, 0x1}, {}, {}, {0x0, 0x0, 0x1, 0x0, 0x747}, {0x8}, {0x0, 0x0, 0x0, 0x0, 0x4}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x0, 0x10}, {0x0, 0x0, 0x0, 0x800}, {}, {0x0, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x0, 0x6}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff}, {}, {0x0, 0x0, 0x0, 0x0, 0x0, 0xb}, {0x0, 0x0, 0x101, 0x0, 0x401}, {}, {0x0, 0x78}, {0x0, 0x5}, {}, {0x0, 0x0, 0x0, 0x2}], [{0x2}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {0x1}, {}, {0x0, 0x1}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x1}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {0x4}, {}, {}, {}, {}, {0x1}, {}, {}, {}, {}, {}, {}, {0x0, 0x1}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {}, {0x5}, {}, {0x2}, {0x0, 0x1}]}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xe68}}, 0x0)
sendmmsg$unix(0xffffffffffffffff, &(0x7f0000004640)=[{{&(0x7f0000000880)=@file={0x0, './file0\x00'}, 0x6e, 0x0, 0x0, 0x0, 0x0, 0x8000}}, {{&(0x7f0000003a80)=@file={0x1, './file0\x00'}, 0x6e, &(0x7f0000003ec0)=[{&(0x7f0000003b00)="1eccf6acf51ce3f5059f6a100437c8698454b978d6d49e68ce6a894b75fea009038992f1b9c6b41dddfcfeac38a9c4ae6eeb556dd443c01341d2daa8aa96cbd106125248ffc55e6b9e1e9d47afb5844df9d311857ae42fdea74455e2be4dcddc2ae21ee3781364be669b977bad952ef6e9b35bdc3248e45834903c5dcb7d6f374efc", 0x82}, {&(0x7f0000003bc0)="49df1aa6bf043b3f6d7a600956af9c3cef9deb7996382895432205749842846110770733c425108089ee8b1350cda7425ecd403c4f971aa0e421913ab2bbbdd8e0e9550e98f773ca9f2fdc865df02384cd3bd200c7b482c96687ef6f6bccd3da27505661055d253f261527f1d13b030580f3dc6228790193ee4b4fbeb7c596b1aa2ceb4ee0bacd63e4d0b7ee485aba04f467fe9c676eb90bfa02458ce025eafead2fabeebc6d6418c660680891a9889f", 0xb0}, {&(0x7f0000003c80)="ad8c6e7b970cefe461a27305f0100d6c56199798936383e81babb568b521f39d40e356e432b8e55a711ccb6b9b0bbb558a30cae3c187f8cc03b7293e20520b369f997cd4a7200d3bc70f4c471f21e228d82f9661034644cf03513b597ab443412757b3600c26c014489c6f0b18d1e30d094ab5fd96115fac5c29fd1ad5fcf56e5afc833f670c0d5048396d25b87bf64fd00e48ab5e104ea02ccd953fd26619a8b8bbdc4a2cad51dc688df4d5c4d53e691a4581ff913d7de89a8dadfbd04b8a0daadef3665a934ca0", 0xc8}, {&(0x7f0000000c40)="095bc6829f02c7e246a3046af626cf18df99493df6be3bfa9390f1821bb5f319086910e4515c0bdcff31181f05a7c3c2e06213cb0a", 0x35}, {0x0}, {&(0x7f0000003dc0)="30cf70bdd46e249dad0e51e4e8c1be86a405ac7cd8ad0ca7790be3598f167afbb6e55eda1d4e32742a289e8d010022e38b7eb9d588524ec5c8bc0b879208517ca2d3", 0x42}, {&(0x7f0000000140)="35fa2be9b694bff1c5c7ee4576ec3c45f0c6851cae736332a9db59f158f4048858d1a1a2e1dc74f7496b1bc5a9a574b474060a1aee63521d1589df9948f5482816b6e5a859c75c17c3cb2abd883356630000000000000000", 0x58}], 0x7, 0x0, 0x0, 0x804}}, {{0x0, 0x0, &(0x7f0000004140)=[{&(0x7f00000000c0)="0d823f77e3b138553bfbdec1c5fff465f639607a8c77cc9457a605e41c7a0878d4dcb72c845c326136754544ced8ead1344ece0fc55f0d83fea2b18a51aed015ece6e918", 0x44}, {&(0x7f0000004040)="ae528d0c38de4bfae46c16c1be56dbfc2905a0879fe655b8accc30c56a21432cad6f0ba64996d025dc00ce264cb2d630393b95d43ac7c6747d89d45506795ff19b055e5c585964ca2e5c9eca44bf362065830afe3634218baa45eb06ab13f0b94bedabeebf9e000457f1507af74f0070fb5cfeac92833079460fbef76a1d7788fc8233107a680dc8c757dc4c36a1", 0x8e}, {&(0x7f0000004100)="0d990965ee85d72e16e1b8c8cb2e69200e8027539a9202bfb7663d51360390732fd3481341b0fa73a0ae645c423b5c534dc08f0f48a4dc28ab5605d15b", 0x3d}], 0x3, &(0x7f0000000b00)=ANY=[@ANYBLOB, @ANYRES64, @ANYRES32, @ANYRES32, @ANYBLOB="0000000014000000000000000100000001000000", @ANYRES32, @ANYBLOB="000000001c010000000000000100000002000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="000000001c0000000000000001eaff00511342ca02000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYRES16, @ANYBLOB="000000001c000000000000000100000002000000", @ANYRES32, @ANYRES32, @ANYRES32=r6, @ANYBLOB="0000010000000000ffffffffffffff0000000000", @ANYRES32=r7, @ANYRES8, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32=r3, @ANYRES32=r8, @ANYBLOB="0000000028000000000000000100000001000000", @ANYRES32, @ANYRES32=r9, @ANYRES32=r5, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRESDEC, @ANYRES32, @ANYRES32, @ANYRES32, @ANYRES32], 0x110, 0x811}}], 0x3, 0x40001)
getgroups(0x1, &(0x7f00000002c0)=[0xffffffffffffffff])
socket$inet_udp(0x2, 0x2, 0x0)

2.763840254s ago: executing program 3 (id=2880):
prctl$PR_SET_NAME(0xf, &(0x7f0000000480)='gtp\x00')
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000240)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFVLAN_SET_VLAN_NAME_TYPE_CMD(r1, 0x8982, &(0x7f0000000200)={0x6, 'team0\x00', {0x9}, 0x7})
r5 = socket(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000001c0)=@newqdisc={0x2c, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r7, {0x0, 0x6}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_qfg={0x8}]}, 0x2c}}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x3f, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000850000007d000000180100002020732600000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000001000000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r8 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r8, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000240)=ANY=[@ANYBLOB="7c02000021000100000000000100000000000000000000000000000000000000fe8000000000000000000000000000bb00000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="0003000000000002cc011100e0000001000000000000000000000000ac1414aa000000000000000000000000ac1414aa000000000000000000000000ffffffff0000000000000000000000003c040000053500000a00020000000000000000000000000000000000ac1e0001000000000000000063f728e9497e7331000000000000000000000000000000000000000000000000000000006c01000006350000020002"], 0x27c}}, 0x0)

2.763404094s ago: executing program 6 (id=2881):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000340), 0x302, 0x0)
ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r2 = socket(0x400000000010, 0x3, 0x0)
r3 = socket$unix(0x1, 0x5, 0x0)
ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r2, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000640)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd26, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xfff1}, {0xffff, 0xffff}, {0xffff, 0xf}}, [@qdisc_kind_options=@q_htb={{0x8}, {0x1c, 0x2, [@TCA_HTB_INIT={0x18, 0x2, {0x3, 0x4, 0x6}}]}}]}, 0x48}, 0x1, 0x0, 0x0, 0x40000}, 0x0)
r5 = socket(0x400000000010, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r5, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000700)=@newtfilter={0x38, 0x2c, 0xd27, 0x30bd29, 0x25dfdc00, {0x0, 0x0, 0x0, 0x0, {0x0, 0x2}, {}, {0x8}}, [@filter_kind_options=@f_matchall={{0xd}, {0x4}}]}, 0x38}, 0x1, 0x0, 0x0, 0x10}, 0x0)
close(0xffffffffffffffff)
socket(0x2, 0x5, 0x0)
ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmmsg$inet(r0, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {0x0, @dev={0xac, 0x14, 0x14, 0x41}, @rand_addr=0x64010102}}}], 0x20}}], 0x1, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='sys_enter\x00'}, 0x18)
keyctl$KEYCTL_RESTRICT_KEYRING(0x1d, 0x0, &(0x7f0000000200)='asymmetric\x00', &(0x7f00000002c0)=@chain)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000340)='kfree\x00', 0xffffffffffffffff, 0x0, 0x2}, 0x18)
socket$nl_generic(0x10, 0x3, 0x10)
syz_read_part_table(0x1054, &(0x7f0000000000)="$eJzsz8EJwkAQBdC/2aCkC5uwEAUrsAivXmzGLrxYgd2IRDZB0AbUw3uHgT/DftjwU31yWSTZ1JbKY1qWadasurd4renasswxxzbGceg/C6drOdyGU6vNkOXrMt5re7+fu5Ptutudv/BFAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPh7zwAAAP//llkLfw==")

2.756444383s ago: executing program 2 (id=2882):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r2, &(0x7f0000000400)="aa", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x3f66400, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r2, 0x1)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
getpid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="400100002000080027bd7000fcdbdf253300000020010000000000000000000000000000e00000020000000000000000000000004e22fff94e2300000a0000a0", @ANYRES32, @ANYRES32], 0x140}}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a00000015000300686173683a69702c706f72742c6e6574000000000bf22680e12c17"], 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

2.546549135s ago: executing program 2 (id=2884):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
r1 = dup(r0)
sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYBLOB="640000000206030000000000fffff0000000000016000300686173683a6e65742c706f72742c6e6574000000050004000000000005000500020000000900020073797a3200000000050001000700000014000780080013400000000008001240"], 0x64}}, 0x0)
sendmsg$IPSET_CMD_DESTROY(r0, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000240)=ANY=[@ANYBLOB="1c0000000306010200040000000000000200000a0500010007"], 0x1c}, 0x1, 0x0, 0x0, 0x40841}, 0x4)

2.265026658s ago: executing program 2 (id=2886):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="020000000400000008000000060000000010"], 0x48)
r0 = openat$sndseq(0xffffffffffffff9c, 0x0, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000680)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000540)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000003000010850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback=0x30, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r2}, 0x10)
ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r0, 0xc08c5332, &(0x7f0000000180)={0x0, 0x0, 0x0, 'queue1\x00'})
ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r0, 0x40605346, &(0x7f0000000100)={0x0, 0x0, {0x1, 0x0, 0x0, 0x0, 0x80000}, 0x100})
bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x1c, 0x4, 0x4, 0x2, 0xe002, 0x1, 0xfffffffc, '\x00', 0x0, 0xffffffffffffffff, 0x3}, 0x50)
creat(&(0x7f0000000840)='./mnt\x00', 0x12)
r3 = getpgid(0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000001fc0)=ANY=[@ANYBLOB="19000000040000000800000008"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bf"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x7, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffff}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000040)={{r4}, &(0x7f0000000000), 0x0}, 0x20)
syz_open_dev$vcsu(&(0x7f00000007c0), 0xd, 0x200)
bpf$PROG_LOAD(0x5, &(0x7f0000001b00)={0x12, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000800)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0xb, '\x00', 0x0, @fallback=0x26, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r5 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000008c0)=ANY=[@ANYBLOB="54000000000801010000ffffe00000000a000000050003002f0000000600024000000000240004800800024000000000080001400000fcff07000140800000010800014080000001090001"], 0x54}, 0x1, 0x0, 0x0, 0x4004}, 0x28040000)
r6 = syz_pidfd_open(r3, 0x0)
r7 = pidfd_getfd(r6, r6, 0x0)
setns(r7, 0x66020000)
mount$9p_fd(0x0, &(0x7f0000000980)='.\x00', 0x0, 0x104000, 0x0)
syz_clone(0x498144ee5f62e149, 0x0, 0x17, 0x0, 0x0, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x1c0)
mount$bind(&(0x7f0000000000)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0)
r8 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x89901)
move_mount(r8, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x262)
umount2(&(0x7f0000000040)='.\x00', 0x2)

2.26479828s ago: executing program 0 (id=2887):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000100)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020100000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000300)={0x0, 0x0, 0x0}, 0x0)

2.264042486s ago: executing program 3 (id=2888):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000240)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
r4 = socket$nl_route(0x10, 0x3, 0x0)
r5 = socket(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x2)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r6)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000003c0)=0x14)
sendmsg$nl_route_sched(r5, &(0x7f0000005840)={0x0, 0x0, 0x0}, 0x0)
sendmsg$nl_route_sched(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000003200)=@newtfilter={0x34, 0x28, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r7}, [@filter_kind_options=@f_basic={{0xa}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x8000}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000280)={0x0, 0x3f, &(0x7f00000001c0)={&(0x7f0000000000)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r3}}, 0x24}, 0x1, 0x0, 0x0, 0x4008000}, 0x0)

2.188244338s ago: executing program 6 (id=2889):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000c00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000f6000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
syz_emit_ethernet(0x0, 0x0, 0x0)

2.081062341s ago: executing program 0 (id=2890):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="1e000000000000000500000006"], 0x48)
bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000bc0)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x2, 0x0, 0x0, 0x0, 0xf, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000580)='GPL\x00', 0xc, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x31, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000300)={&(0x7f0000000280)='kfree\x00', r1}, 0x18)
r2 = syz_io_uring_setup(0x10e, &(0x7f0000001cc0)={0x0, 0xf07d, 0x400, 0x40000, 0x101}, &(0x7f0000000400)=<r3=>0x0, &(0x7f0000000380)=<r4=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r3, r4, &(0x7f00000004c0)=@IORING_OP_READV=@pass_iovec={0x1, 0x1, 0x4004, @fd_index=0x1, 0x8, &(0x7f0000002a40)=[{&(0x7f0000000280)=""/221, 0xdd}, {&(0x7f0000000840)=""/4096, 0x1000}, {&(0x7f0000002b00)=""/4099, 0x1000}, {&(0x7f0000000440)=""/107}, {&(0x7f0000000500)=""/193}, {&(0x7f00000003c0)=""/18}, {&(0x7f0000000700)=""/148}, {&(0x7f0000002840)=""/245}, {&(0x7f0000002940)=""/226}], 0x11b, 0x1d})
io_uring_enter(r2, 0x8aa, 0x0, 0x0, 0x0, 0x0)

2.01296628s ago: executing program 6 (id=2891):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x80)
open_by_handle_at(r0, 0x0, 0x36f0516f)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
fsopen(0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1)
getsockopt$bt_BT_SNDMTU(r1, 0x112, 0xc, &(0x7f0000000400)=0x126a, &(0x7f0000002540)=0x2)
socket$netlink(0x10, 0x3, 0x0)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={0x0, 0xffffffffffffffff, 0x0, 0x2}, 0x18)
bind$netlink(r3, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r3, 0x1, 0x8, &(0x7f0000000000), 0x4)
setsockopt$netlink_NETLINK_BROADCAST_ERROR(r3, 0x10e, 0x4, &(0x7f0000000640)=0x1802, 0x4)
r4 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0xfd, &(0x7f00000004c0)=[{&(0x7f0000000380)="2e00000010008188e6b62aa73772cc9f1ba1f848110000005e140602000000000e000a001000000002900000121f", 0x2e}], 0x1}, 0x40)
sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="2e00000010008188040f80ec59acbc0413a1f848110000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x8084)
bind$inet(r2, &(0x7f0000000040)={0x2, 0x4e22, @empty}, 0x67)
setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, 0x0, 0x0)
getsockname$packet(0xffffffffffffffff, 0x0, &(0x7f0000001700))
getsockopt$inet_mreqn(r2, 0x0, 0x32, &(0x7f0000002100)={@empty, @multicast2}, &(0x7f0000002140)=0xc)
sendto$inet(r2, 0x0, 0x0, 0x24000840, &(0x7f0000000080)={0x2, 0x0, @remote}, 0x10)
syz_emit_ethernet(0x42, &(0x7f00000000c0)={@local, @remote, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x34, 0x0, 0x0, 0x0, 0x6, 0x0, @remote, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x8, 0x10, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa, 0x0, 0x300}]}}}}}}}, 0x0)

1.956060117s ago: executing program 0 (id=2892):
r0 = socket$inet6(0x10, 0x3, 0x0)
prctl$PR_SET_NAME(0xf, &(0x7f0000000280)='+}[@\x00')
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f00000009c0)=ANY=[@ANYBLOB="620af8ffa1dc0021bfa100000000000007010000f8ffffffb702000007000000bd120000000000008500000010000000b70000000000000095000000000000003faf4f2aa3d9b18ed812a2e2c49e8020a6f4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24561f1b2607995daa56f151905ea23c22624c9f87f9793f3bbb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64b751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07372c29184ff7f4a7c0000070000006056feb4cc664c0af9360a1f7a5e6b607130c89f18c0c1089d8b8588d72ec29c48b45e0000000000000401d01aa27ae8b09e00e79ab20b0b8ed8fb7a68000000000000000000006fa03c6468978089b302d7ff6023cdcedb5e0125ebbcebdde510cb2364149215108337719acd97cfa107d40224edc5465a932b77a74e802a0dc6bf25d8a242bc6099ad2300000480006ef6c1ff0900ff0000000010c63a949e8b7955394ffaff03000000000000ab87b1bfeda7be586602d985430cea080000000000000026abfb0767192361448279b05d96a703a660581eecdbf5bcd3de227a167ca17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c9b081d6a08000000ea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af740b5b7632d5933a1c1fa5605bd7603f2ba2a790d62d6faec2fed44da4928b30142ba1fde5c5d50b83bae616b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0cb97fca585ec6bf58351d578be00d952aab9c71764b0a8a7583c90b3433b809bdb9fbd48bc877505ebf6c9d13330ca006bce1a84521f14518c9b476fccbd6c712016219848624b87cec2dbe98223d8d9e86c5ea06d108d8f80a0eb4fa39f6b5c02e6d6d90756ff578f57000000009700cf0b4b8bc229413300000000000000000003000000000000000000000000001000000000559711e6e8fcffffffffffffffb2d02edc3e01dd271c896249ed85b980680b09000000000f0000169cdcacc413b48dafb7a2c8cb482bac0ac502d9ba96ffffffd897ef3b7cda42f93d53046da21b40216e14ba2d6af8656b01e17addaedab25b30002abbba7fa725f38400be7c1f001b2cd3170400000085be9e48dccf1f9f3282830689da6b53b263339863297771d74732d400003341bf4a00fc9fec2271ff01589646efd1cf870cd7bb2366fde4a594290c405ff870ce5dfd3467decb05cfd9fcb32c8ed1dbd9d30a64c108285e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78249788f11f761038b75d4fe32b561d46ea3abe0fa4d30dc94ef241875f3b4b6ab7929a57affe760e717a04becff0f719197724f4fce1093b62d7e8c7123d890cec55bf404e4e1f74b7eed82571be54c72d978cf906df08f11f1c4042e36acd37d7f9e109f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2acd1fe582786105c70600000000000000b7561301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c542c9062ece84c99a061887a20639b41c8c12ee86c50804042b3eac1f871b136345cf67ca3fb5aac518a75f9e7d7101da841735e186c489b3a06fb99e0347f23a054de2f4d92d6bd72ee2c9f0390a6f01e3e483b4ad05573af403269b4a39ce40293947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f91e358c3b377327ac9ecc34f24c9ae153ec60ac0694da85bff9f5f4df90400000000000000d6b2c5eaff07000000000000b99c9cc0ad1857216f000000009191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e669261192899d4562db0e22d564ae09bb6d163118e401e024fd452277c3887d6116c6cc9d8046c216c1f895778cb26e22a2a798de44aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99a3594191e104d417e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250df98674152f94e32409e2a3bce109b6000000000000a1fec9000000d694210d7560eb92d6a97a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137ab79a404abde7750898b59270b939b81367ac91bd627e87306703be8672d70d1ab57075228a9f46ed9bd1f00fb8191bbab2dc591dda61f0868afc4294859323e7a45319f18101288a0268893373750d1a8fe64680b0a3fc22dd704e4214de5946912d6c98cd1a9fbe1e7d58c08acaf30065b928a31d2eca55f74a23641f61f2d5b308cf01cfaed9ef0ce21d69993e9960ff5f76015e6009756237badf4e7965bbe2777e808fcba821a00e8c5c39609ff854356cb490000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66018d169fc03aa188546bb2e51935ab9067ec3ad2a182068e1e3a0e2505bc7f41019645466ac96e0d0b3bc19faa5449209b085f3c334b47f067bbab40743b2a428f1da1f626602111b40e761fd21081920382f14d12ca3c471c7868e7da7eaa69eb7f7f80572fdd11bb1d070080fbc22bf73468788df51710eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331ff5e20fa26b8471d9e1cc9eb3d541e407cc2dae5e690cd628ab84875f2c50ba830d3f474b079b407000000deff000040430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df902aeec50e71b967ce7daac4be290159f6bcd75f0dda9de5532e66ae9e48b0ed1254a81faae79b6af6fbb869604d51de44c4e0973171ad47d6c00ebc7603093f000000fdec743af930cd6db49a47613808bad959719c0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f15d6533f78a1f4e2df4ca23d867693fd42de9b49a1b36d48a44ba6a4530e59bec53e876dc660dd6d89f80a4377b1b1292a893a516dab183ee65744fb8fc4f9ce2242e0f000000000100000000d77480e0345effff6413258d1f6eb190aa28cbb4bafe3436b176c7ed4b132fb805d5edd9d188daf28d89c014c3ecca10ae55704544673e1fb03b84f63e022fe755f4007a4a899eaf52c4f491f1e97c862e29e4570600000091c691faee1e0c8fe056a07474e6e5490a7d3c3402000000b60600d837c6befc63ddf2f594ad7cbc56a1e44d218c956a5392a995f1fae8e9f206efbb33854dc70104d74dc07748f9745cb796da2dfb714a0500000000000000faed94fc39acfb3fd25dfa8116a154cd1226e1bb72b59fed817072a0da60160761fd3dffda0f7c592eabd8ab68334d2a1693cb187539049e331272bf5135044df8161400211b8012b6eb1ed5656e83f65509bb4b323c5bd61bff949d3bade2f6ffda1360c2786e16937ab61d6dcafed319c7167d0885f9c6d1f442954c167dd9b4acd9468ce3674c82bbb2e31389179b025dbe063b7f906217b2cf8410c7023aa3e5cc3ba1000000000000000000000000000000006ae6301a2da44394275c582a6516bb92ea1980a0a659f2f1811c8b281c209647c4241f292b20508b215dde27bb2487a6e2b5e4a8ccfab90c23827ef06cbe364073005f8a6d1456aaeb85ffb7858f24eced67a67ab825e863928ed64c83f62ffdaa997657335b63c6b4163aff094059e626766845fd779c9e6cdbbd64c2499ce3ffe2fef03f7cdd0d90f3a7579579a142c0f7b318264d5c13c31cf475829528267ead38523cab7e1664e8426cfce471fef821c8a02a7e7d954d05b68a9c28f79429b09e2bb3681ae2b831e27c735123361c193d66ed4d71f19b199d371ec6bfada7cd370e3fdd3cd980fa1e145fd3f3e96b1feb53c865e1ada08f5d16ed652ee0c7f45352222692fbd679212c225d097aa90f7e1fb1f983415f43e75a19ecf7fd21bfa150ef563aa72ba3c43c5f3d9be128ec26b691f31f9cab931631606a81622f120675c962be2d3b5e95f74f0b209e42e6bdd76e6e725295b1d78d928f6f63e4581d5cc41cbde2ba66adc1168070c8c6e18a6a234f5f9311ef0f78924b68dbb4712efdb6974667bdb54f16fd2061b9ba93638dd177227e94e4ebd0ec1d437db948062bf41742000000000000000000305f70dd02fa0c61d5fe6d8ff35389246037e18d34c1375ae04f44f0c2543c772c5ccb137be7dc1874c514b37c668554d77d4ea5ed144a648257f4a0301067bbcd9b91072659d872f26b796e2b81025edb5f45f785e2c2602b248ecdd80f019ca659be7e8ae953325a27564f33c9d458a60be3dab38baab7eb1a66ab1ffd6308f7fd51beb356fe75eb985b7581bb5584c53984ba9c3340f97e8d3825681c53de5f554e595b00000000000000006a8fa9f05d64c4be42f981f00051a39938613067dbd1427e01bfec016e51844cefa8a855bf23ac887b4a88eed6d9443857242f28e31a41d20105fbf3394ff910e734b4d9101265ff729c426e01c1ab13dda8c388b909006f19eecb87e39175e85e17000000000000000000009431807e43886903526074e6b40244c938a4c68a38c25ddd7c143b3f1400010000ec66815cf8d1f56aa1424bc9b5d58790298e5b310969e50c222563b54e60854e1b0100448aca8c5ccbf5546ce4c3cd5a733fec25fb94e1e0f966bcbd28a4d8fe4f556eaa1104a793006619700798354c6ae05025040965e3083562bfa20968c04007d21dc02c9fd1f75e1ff40f439bdde4e784012e52049b483d02f81b88f5f57816b3fecec79cfca8d37203e769759d6b6a56b7605ced8ee18475a77ff0963a565fb6021d216c01b1098e40550a1cfd80e918d685a7b099a4f8ed654cd76ca61fe5ad8a31ec558fdbfa706d5e738bceae81fe777c307d5bc72183a4c2d35732ab916a781b9912160a3fd2a2e74dd690c57bdfdc1f069f949170ef8cb9c13c12138116bca7a8c59363799be7005c51bc25a8bbe2cf5ddf6aa161693782b0e7feb8a768f391b49d4c978c96dbb52f21c122eba9f17c8bed10591958cf06321a248b5f76ceedfe0d080d6aeadc11b237b3326dd04b86ac37c0d131544888db9e128d059761ad9a393e96c3b41c13c5a381bff187a75de560ba6eb3faa5ff8d2bb3c88f8de5efc2fb2200cfda6d07ceae22577064334fbf76a23e62e6059211d995b879f6b7d3f7fcf03652b81e6b7cdeff947ad185d3c6269ca247b429c3b872a8f1ef60407d29a874f4ec31c9effed55543a65a6b4d778cebcd43b7905f3960140bd783540a7353014bda8e9c7a34a5f428fd1f8eb11e837dd9d586487fdebcb1ecd3a003ff0fda4be617fecf1ff0ef2c74664d60a4b9423f3297bc8eb91b4ee1d73272abbef3e7a828a7d7ab055a8eb58fe379de85338304e26e3620941b463e9049fd105c74c91cc4d71b0f76e2c2e4825106aa7ce2a3adbbc7a0443ece58e752b47e6f677eff7c5c568a89d6e36b165c39132a0f27080ece2a94c320b002c77f82662675a7713c7067081cac15994698c41ff4754268ae1676384ff799783f55d7e5a1a0920300000000000000d98440c355927629f2bcf9dc405a18ca0264400abf38e90000000000000000008faf2cddffbfa69bf32eb718e88ec75603ed7c7a8825ce0f27a114bd7a4ab74d0c7b8d90ccc1c3ca6620def782e24d75aed70eb676437f62677a69e0994cd82d72e95493c830fe9515329f40b7025326dec33a527c5d999298eaa3690fd0d38a02fc6e0bc16dbe19f353027edc014411e1138087221492f5d5e5cc9d0a1acd3f581eda9a807aa0e609f935f626d96351e0ff116686cbeb8939feecd5dac8cf45101942cc7cec21b7f337df5431bcf7e504b7c427f70a10e1cb8993a661306a0576b638a0171e6800b5b35589d676eb30ed1a72e8f7b057eb281c4504195635b6b285ebaba019913a2520e43ed790231f047f7d3789c10ae7d724929f77aec1d33d9587580268ee14396f71e7ef588cb2560d6bd0795a9b97281229eb16de086553469fad7214ffc3e416f8b8e442dce1d37f9b1c88a5d8a8d9f2fe45bd8df213ecb4194c8554aea13cadcd502e51f6fec80418e772b5bd8d0228949058038b185909ee542848680f9ad43f4057d676d5e21ae3d7e0e4a28c04f112a94707f032b35915e42993ff148291b8babe026646ee41905992db217561b90811c4702a14f312fe5d2ae7257db6be1034cc1c346b76a853ce274bf0435e18f7e86c660c18c80f30505dd4cf2ae2a1893b83c62d61bfeadc1f913e4cab2b897e096dd3fe3525090410cb23bab36cdf200a36014032cf6e5121803c5a0c4a273a19f340163fc6265425d513a1294b8439276394945d94a589708e32a1cb30f1fa4b2f08e01dc5e8c6732e6dc59b5c8cb400000000000000592c9b68f09c8f5ddb20b4ae08b4d9df548e5ed6cd47b91a4bea8b6aa52edf64576aef1e43f2958437fdc20fbbd0d4e13d8cce1193b2f9b4"], &(0x7f0000000100)='GPL\x00'}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000dc0)={&(0x7f0000000300)='neigh_update\x00', r1}, 0x18)
sendto$inet6(r0, &(0x7f00000000c0)="900000001c001f4d154a817393278bff0a80a578020000000104740014000100ac1414bb0542d6401051a2d708f37ac8da1a297e0099c5ac0000c5b068d0bf46d323456536016466fcb78dcaaf6c3efed495a46215be0000760700c0c80cefd28581d158ba86c9d2896c6d3bca2d0000000b0015009e49a6560641263da4de1df32c1739d7fbee9aa241731ae9e0b390", 0x90, 0x0, 0x0, 0x0)

1.847961614s ago: executing program 3 (id=2893):
syz_emit_ethernet(0x0, 0x0, 0x0)
syz_open_dev$tty1(0xc, 0x4, 0x1)
bpf$PROG_LOAD(0x5, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000780)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000ddffffff850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000300)='sched_switch\x00', r0}, 0x10)
r1 = open(&(0x7f00009e1000)='./file0\x00', 0x60840, 0x0)
fcntl$setlease(r1, 0x400, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='afs_volume\x00', 0xffffffffffffffff, 0x0, 0x8}, 0x18)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000c80)='./file1\x00', 0x210000, &(0x7f0000000800)={[{@acl}, {@block_validity}, {@journal_ioprio={'journal_ioprio', 0x3d, 0x6}}, {}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@resuid}, {@nodelalloc}, {@acl}, {@noinit_itable}]}, 0xfc, 0x587, &(0x7f0000000f80)="$eJzs3U1rG9caAOB3ZMn5cO6NAyHcexeXQBZNSSPHdj9SKDRdljY00O5TYSsmWI6CJYfYDTRZNJtuSiiU0kDpD+i+y9A/0F8RaAOhBNMuSkFl5JGt2JIdOzJSoueBSc6ZD595feY9PqORUABD62T6Ty7ivxHxVRJxtG1bPrKNJ9f2W31yayZdkmg0Pv49iSRb19o/yf4fyyr/iYifv4g4k9vabm15Zb5UqZQXs/pEfeH6RG155ezVhdJcea58bWp6+vwb01Nvv/Vmz2J99dKf33704P3zX55a/ebHR8fuJXEhjmTb2uN4DrfbKydLf2elQlzYtONkDxobJEm/T4A9GcnyvBDpGHA0RrKsB15+n0dEY02uAQyZpJn/YxvjADAkWvOA1r19j+6DXxiP31u7AWrGPtoef37ttZE42Lw3OryaPHVnlN7vjveg/bSNn367fy9dYvvXIQ7tUAfYldt3IuJcPr91/E+y8W/vzjVfPN7e5jaG7e8P9NODdP7zWqf5X259/hMd5j9jHXJ3L3bO/9yjHjTTVTr/e6fj/Hd96BofyWr/as75CsmVq5XyuYj4d0ScjsKBtL7d85zzqw8b3ba1z//SJW2/NRfMzuNR/sDTx8yW6qWIGH2euFse34n4X75T/Ml6/ycd+j/9fVzq+BMLW9acKN//f7f2d45/fzV+iHilY/9vPNFKtn8+OdG8HiZaV8VWf9w98Uu39vsdf9r/h7ePfzxpf15b230b3x/8q9xt216v/9Hkk2a5lQQ3S/X64mTEaPJhs36wff3UxrGtemv/NP7Tp7Yf/zpd/+nN16fPGP/d43e77joI/T+7q/7ffeHhB5991639Z+v/15ul09mabPzrLLtWnvUEn/f3BwAAAAAAAIMkFxFHIskV18u5XLG49v6O43E4V6nW6meuVJeuzUbzs7LjUci1nnQfbXs/xGT2fthWfWpTfToijkXE1yOHmvXiTLUy2+/gAQAAAAAAAAAAAAAAAAAAYECMdfn8f+rXkX6fHbDvml9scKDfZwH0w45f+d+Lb3oCBtKO+Q+8tOQ/DC/5D8NL/sPwkv8wvOQ/DC/5D8NL/gMAAAAAAAAAAAAAAAAAAAAAAAAAAEBPXbp4MV0aq09uzaT12RvLS/PVG2dny7X54sLSTHGmuni9OFetzlXKxZnqwk4/r1KtXp+ciqWbE/VyrT5RW165vFBdula/fHWhNFe+XC5s7Jrb38gAAAAAAAAAAAAAAAAAAADgxVFbXpkvVSrlRYWuhXdjIE5jPwNcs6fD84MShUKXwp2se3d3VB8HJQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADY5J8AAAD//9ybLZI=")
renameat2(0xffffffffffffff9c, &(0x7f0000000440)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000140)='./file1aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
r2 = socket$kcm(0x10, 0x2, 0x0)
creat(&(0x7f0000000280)='./file0\x00', 0xecf86c37d53049cc)
inotify_init()
sendmsg$kcm(r2, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000001900)="2e00000011008188040900000000000000a1810031000000000f000000048002002d1f00000000000000e2000000", 0x2e}], 0x1}, 0x20000000)

602.614914ms ago: executing program 0 (id=2894):
r0 = bpf$MAP_CREATE(0x0, 0x0, 0x48)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x10)
r2 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r2, 0x84, 0x7b, &(0x7f00000000c0)={0x0, 0x3}, 0x8)
sendto$inet6(r2, &(0x7f0000000400)="aa", 0x1, 0x0, &(0x7f0000000080)={0xa, 0x0, 0x3f66400, @dev={0xfe, 0x80, '\x00', 0x6}, 0x3}, 0x1c)
shutdown(r2, 0x1)
prctl$PR_SET_NAME(0xf, &(0x7f0000000140)='+}[@\x00')
bpf$PROG_LOAD(0x5, 0x0, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000340)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x10, 0x7ffc1ffb}]})
rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8)
getpid()
sendmsg$nl_xfrm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000200)={0x10, 0x0, 0x0, 0x100}, 0xc, &(0x7f0000000380)={&(0x7f0000000640)=ANY=[@ANYBLOB="400100002000080027bd7000fcdbdf253300000020010000000000000000000000000000e00000020000000000000000000000004e22fff94e2300000a0000a0", @ANYRES32, @ANYRES32], 0x140}}, 0x10)
socket$inet6(0xa, 0x2, 0x0)
r3 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_CREATE(r3, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000140)=ANY=[@ANYBLOB="500000000206050000000000000000000000000005000400000000000900020073797a31000000000500010007000000050005000a00000015000300686173683a69702c706f72742c6e6574000000000bf22680e12c17"], 0x50}}, 0x0)
r4 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$IPSET_CMD_ADD(r4, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000780)=ANY=[@ANYBLOB="74000000090601020000000000000000030000000900020073797a310000000005000100070000004c0007801800018014000240fe8000000000000000000000000000aa1800148014000240fc000000000000000000000000000000060004404e1f0000050007008400000006000540"], 0x74}, 0x1, 0x0, 0x0, 0x10040003}, 0x0)

589.956682ms ago: executing program 6 (id=2895):
openat$qrtrtun(0xffffffffffffff9c, 0x0, 0x40)
socketpair$unix(0x1, 0x2, 0x0, 0x0)
getresuid(0x0, &(0x7f0000000080), &(0x7f00000000c0))
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file2\x00', 0x300c056, &(0x7f0000000d80)={[{@noload}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@dioread_lock}, {@errors_remount}, {@max_dir_size_kb={'max_dir_size_kb', 0x3d, 0x4007b1}}, {@data_err_ignore}, {@grpquota}, {@nobh}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x55a, &(0x7f0000000480)="$eJzs3d9rW+UbAPDnpO1+f7/rYAwVkcIunMyla+uPCV7MS9HhQO9naM/KaLKMJh1rHbhduBtvZAgiDsR7vfdy+A/4Vwx0MGQUvfAmctKTLluTNuuypprPB05533NO8p435zxvn5M3IQEMrYnsTyHixYj4Kok4HBFJvm008o0Ta/utPrw+my1JNBof/5E098vqredqPe5gXnkhIn75IuJkYWO7teWVhVK5nC7m9cl65cpkbXnl1KVKaT6dTy9Pz8yceXNm+p233+pbX187/9e3H919/8yXx1e/+en+kdtJnI1D+bb2fjyDG+2ViZjIX5OxOPvEjlN9aGw3SQZ9AGzLSB7nY5GNAYdjJI964L/v84hoAEMqEf8wpFp5QOvefvP74P/vUFaycx68t3YDtLH/o2vvjcS+5r3RgdXksTuj7H53vA/tZ238/Pud29kS/XsfAmBLN25GxOnR0Y3jX5KPf9t3uvPqfe2VJ9sw/sHOuZvlP693yn8K6/lPdMh/DnaI3e3YOv4L9/vQTFdZ/vdux/x3fdJqfCSv/a+Z840lFy+V09N5NnwixvZm9c3mc86s3mt029ae/2VL1n4rF8yP4/7o3scfM1eql56lz+0e3Ix4qWP+m6yf/6TD+c9ej/M9tnEsvfNKt21b9//5avwQ8WrH8/9oRivZfH5ysnk9TLauio3+vHXs127tD7r/2fk/sHn/x5P2+dra07fx/b6/027bHut/9H7970k+aZb35Ouuler1xamIPcmHG9dPP3psq97aP+v/ieObj3+drv/9EfFpj/2/dfTHl3vq/4DO/9xTnf+nL9z74LPvurXf2/j3RrN0Il/Ty/jX6wE+y2sHAAAAAAAAu00hIg5FUiiulwuFYnHt8x1H40ChXK3VT16sLl2ei+Z3ZcdjrNCa6T7c9nmIqfzzsK369BP1mYg4EhFfj+xv1ouz1fLcoDsPAAAAAAAAAAAAAAAAAAAAu8TBLt//z/w2MuijA547P/kNw2vL+O/HLz0Bu5L//zC8xD8ML/EPw0v8w/AS/zC8xD8ML/EPw0v8AwAAAAAAAAAAAAAAAAAAAAAAAAAAQF+dP3cuWxqrD6/PZvW5q8tLC9Wrp+bS2kKxsjRbnK0uXinOV6vz5bQ4W61s9XzlavXK1HQsXZusp7X6ZG155UKlunS5fuFSpTSfXkjHdqRXAAAAAAAAAAAAAAAAAAAA8O9SW15ZKJXL6aKCwrYKo7vjMBT6XBj0yAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAj/wTAAD//wQrN8c=")
creat(&(0x7f0000000240)='./bus\x00', 0x0)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1002, 0x0)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000}, 0x4000000)
sendmsg$NFT_BATCH(r2, &(0x7f0000009b40)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4000850}, 0x20040040)
sendfile(r1, r0, 0x0, 0x3ffff)
r3 = open(&(0x7f0000000080)='./file1\x00', 0x145142, 0x0)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
mlock(&(0x7f0000000000/0x800000)=nil, 0x800000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2)
madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x17)
ftruncate(r3, 0x2007ffc)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x14, &(0x7f0000000400)=ANY=[@ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085000000010000001801000020756c2500"], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x40, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x5, &(0x7f0000000440)=ANY=[@ANYBLOB="1809000000"], 0x0, 0xfffffdfe, 0x0, 0x0, 0x727c45cd4283345, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
sendfile(r3, r3, 0x0, 0x800000009)
open(&(0x7f0000000300)='./file1\x00', 0x14b042, 0xc4)

341.608708ms ago: executing program 0 (id=2896):
syz_clone(0x100200, 0x0, 0x0, 0x0, 0x0, 0x0)
r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000400)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000006c59850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x2b, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000003c0)={&(0x7f0000000f00)='kfree\x00', r0}, 0x18)
mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x3000002, 0x5d031, 0xffffffffffffffff, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x600, 0x0)
remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x3)

313.917801ms ago: executing program 3 (id=2897):
r0 = io_uring_setup(0x3c92, &(0x7f0000000100)={0x0, 0x3, 0x0, 0xffffffff, 0x2})
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
bind$vsock_stream(r1, &(0x7f0000000040)={0x28, 0x0, 0x2710, @local}, 0x10)
listen(r1, 0x0)
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000640)={0x28, 0x0, 0x2710}, 0x10)
r3 = accept(r1, 0x0, 0x0)
r4 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="120000000400000004000000a4"], 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000140)={r4, &(0x7f0000000080), &(0x7f00000002c0)=@udp=r3}, 0x20)
recvmsg$can_bcm(r3, &(0x7f00000003c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x0)
syz_genetlink_get_family_id$devlink(&(0x7f0000000180), r3)
r5 = bpf$MAP_CREATE(0x0, &(0x7f0000001740)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48)
r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001800)={0x11, 0xc, &(0x7f0000000600)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b7040000fa540000850000008200000095"], &(0x7f0000000140)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x26, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000a80)='kfree\x00', r6}, 0x18)
close_range(r0, r3, 0x0)

0s ago: executing program 0 (id=2898):
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x16, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa2"], 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x8ff20c2c10f0093d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_CONST_STR(0x2, &(0x7f00000002c0)={{}, &(0x7f0000000040), &(0x7f0000000280)='%pS    \x00'}, 0x20)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10)
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.cpu/cgroup.procs\x00', 0xa02, 0xc1)
sendfile(r0, r0, 0x0, 0x2)

kernel console output (not intermixed with test programs):

" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  314.151779][   T30] audit: type=1326 audit(313.664:3337): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11370 comm="syz.3.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  314.197665][T11382] +
: renamed from syzkaller0
[  314.221311][   T30] audit: type=1326 audit(313.664:3338): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11370 comm="syz.3.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  314.283644][ T5831] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  314.303935][   T30] audit: type=1326 audit(313.664:3339): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11370 comm="syz.3.1811" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f0f9d78f703 code=0x7ffc0000
[  314.819014][T11398] loop1: detected capacity change from 0 to 2048
[  315.415348][T11398]  loop1: unable to read partition table
[  315.421853][T11398] loop_reread_partitions: partition scan of loop1 () failed (rc=-5)
[  315.792729][T11417] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1828'.
[  317.041981][T11446] loop3: detected capacity change from 0 to 1024
[  317.060746][T11446] EXT4-fs (loop3): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  317.089411][T11446] EXT4-fs (loop3): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  317.111715][T11446] JBD2: no valid journal superblock found
[  317.117820][T11446] EXT4-fs (loop3): Could not load journal inode
[  317.209377][T11450] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1841'.
[  317.281627][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  317.724057][T11464] loop1: detected capacity change from 0 to 512
[  317.744202][T11464] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  317.788268][T11464] EXT4-fs (loop1): 1 truncate cleaned up
[  317.807345][T11464] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  318.708357][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  318.810728][T11475] smc: net device bond0 applied user defined pnetid SYZ0
[  318.962919][T11482] netlink: 40 bytes leftover after parsing attributes in process `syz.0.1854'.
[  319.032943][T11482] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1854'.
[  319.355689][   T52] Bluetooth: hci1: command 0x0406 tx timeout
[  319.382157][T11501] netlink: 16 bytes leftover after parsing attributes in process `syz.5.1863'.
[  319.709004][   T30] kauditd_printk_skb: 96 callbacks suppressed
[  319.709022][   T30] audit: type=1326 audit(319.674:3436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  319.778759][   T30] audit: type=1326 audit(319.704:3437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  320.354931][   T30] audit: type=1326 audit(319.724:3438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  320.377926][   T30] audit: type=1326 audit(319.724:3439): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe79978f703 code=0x7ffc0000
[  320.400842][   T30] audit: type=1326 audit(319.724:3440): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe79978e17f code=0x7ffc0000
[  320.425570][   T30] audit: type=1326 audit(319.794:3441): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe79978f757 code=0x7ffc0000
[  320.447597][   T30] audit: type=1326 audit(319.854:3442): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe79978df10 code=0x7ffc0000
[  320.470717][   T30] audit: type=1326 audit(319.854:3443): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe79978e32a code=0x7ffc0000
[  320.492646][   T30] audit: type=1326 audit(319.964:3444): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  320.539164][   T30] audit: type=1326 audit(319.984:3445): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11517 comm="syz.0.1872" exe="/root/syz-executor" sig=0 arch=c000003e syscall=433 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  320.844583][T11541] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1880'.
[  320.873021][T11540] +
: renamed from syzkaller0
[  321.328703][T11557] loop3: detected capacity change from 0 to 1024
[  321.379624][T11557] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  321.416373][T11557] EXT4-fs error (device loop3): ext4_mb_mark_diskspace_used:4193: comm syz.3.1887: Allocating blocks 401-513 which overlap fs metadata
[  321.481292][T11557] EXT4-fs (loop3): pa ffff888056a37828: logic 0, phys. 113, len 25
[  321.489750][T11557] EXT4-fs error (device loop3): ext4_mb_release_inode_pa:5444: group 0, free 2, pa_free 9
[  321.523911][T11557] EXT4-fs error (device loop3): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  321.586206][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  321.845755][T11586] batman_adv: batadv0: Removing interface: virt_wifi0
[  321.852922][T11585] netlink: 40 bytes leftover after parsing attributes in process `syz.5.1899'.
[  321.894176][T11585] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1899'.
[  322.056490][T11593] loop5: detected capacity change from 0 to 512
[  322.110657][T11593] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  322.309066][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  322.931029][T11614] netlink: 40 bytes leftover after parsing attributes in process `syz.1.1913'.
[  322.967321][T11614] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1913'.
[  323.901468][T11623] loop1: detected capacity change from 0 to 8192
[  323.989177][T11623]  loop1: p2 p3 p4
[  323.997268][T11623] loop1: p2 start 164919041 is beyond EOD, truncated
[  324.017814][T11623] loop1: p3 size 66846464 extends beyond EOD, truncated
[  324.027041][T11623] loop1: p4 size 37048832 extends beyond EOD, truncated
[  324.345027][T11637] loop5: detected capacity change from 0 to 1024
[  324.776570][T11637] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  324.795427][   T30] kauditd_printk_skb: 107 callbacks suppressed
[  324.795446][   T30] audit: type=1800 audit(324.754:3553): pid=11637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1922" name="bus" dev="loop5" ino=18 res=0 errno=0
[  324.839123][T11637] EXT4-fs error (device loop5): ext4_mb_mark_diskspace_used:4193: comm syz.5.1922: Allocating blocks 401-513 which overlap fs metadata
[  324.868082][T11637] EXT4-fs (loop5): pa ffff888056a37d98: logic 0, phys. 113, len 25
[  324.876346][T11637] EXT4-fs error (device loop5): ext4_mb_release_inode_pa:5444: group 0, free 2, pa_free 9
[  324.888376][   T30] audit: type=1804 audit(324.804:3554): pid=11637 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.5.1922" name="/newroot/204/file1/bus" dev="loop5" ino=18 res=1 errno=0
[  324.909781][T11637] EXT4-fs error (device loop5): mb_free_blocks:2017: group 0, inode 18: block 129:freeing already freed block (bit 8); block bitmap corrupt.
[  324.983539][T11647] block device autoloading is deprecated and will be removed.
[  325.020027][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  325.290379][T11659] netlink: 'syz.0.1929': attribute type 10 has an invalid length.
[  326.921715][T11691] loop2: detected capacity change from 0 to 764
[  326.976055][T11691] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  327.047203][T11688] xt_TCPMSS: Only works on TCP SYN packets
[  327.150819][T11696] sch_fq: defrate 8 ignored.
[  327.315473][T11705] loop5: detected capacity change from 0 to 1024
[  327.345017][T11705] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  327.364152][T11705] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  327.389746][T11705] JBD2: no valid journal superblock found
[  327.399555][T11705] EXT4-fs (loop5): Could not load journal inode
[  327.626472][T11710] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1949'.
[  328.221232][T11712] faux_driver regulatory: loading /lib/firmware/regulatory.db failed with error -4
[  328.230662][T11712] faux_driver regulatory: Direct firmware load for regulatory.db failed with error -4
[  328.241126][T11712] faux_driver regulatory: Falling back to sysfs fallback for: regulatory.db
[  329.231338][T11749] bond0: (slave dummy0): Releasing backup interface
[  329.291298][T11749] bridge_slave_0: left allmulticast mode
[  329.305178][T11749] bridge_slave_0: left promiscuous mode
[  329.318495][T11749] bridge0: port 1(bridge_slave_0) entered disabled state
[  329.364415][T11749] bridge_slave_1: left allmulticast mode
[  329.377637][   T30] audit: type=1326 audit(329.344:3555): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.405513][T11749] bridge_slave_1: left promiscuous mode
[  329.416171][T11749] bridge0: port 2(bridge_slave_1) entered disabled state
[  329.436819][T11753] loop1: detected capacity change from 0 to 1024
[  329.448700][T11753] EXT4-fs: Ignoring removed nomblk_io_submit option
[  329.455136][   T30] audit: type=1326 audit(329.344:3556): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.516484][T11749] bond0: (slave bond_slave_0): Releasing backup interface
[  329.534940][   T30] audit: type=1326 audit(329.374:3557): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.539189][T11753] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  329.624508][T11749] bond0: (slave bond_slave_1): Releasing backup interface
[  329.644838][   T30] audit: type=1326 audit(329.374:3558): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.717798][T11749] team0: Port device team_slave_0 removed
[  329.739737][   T30] audit: type=1326 audit(329.374:3559): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.806435][T11749] team0: Port device team_slave_1 removed
[  329.832658][   T30] audit: type=1326 audit(329.374:3560): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.914912][   T30] audit: type=1326 audit(329.374:3561): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  329.990881][   T30] audit: type=1326 audit(329.374:3562): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  330.084433][   T30] audit: type=1326 audit(329.384:3563): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  330.174873][   T30] audit: type=1326 audit(329.384:3564): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7fe79978f703 code=0x7ffc0000
[  330.254895][   T30] audit: type=1326 audit(329.384:3565): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7fe79978e17f code=0x7ffc0000
[  330.340264][   T30] audit: type=1326 audit(329.394:3566): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7fe79978f757 code=0x7ffc0000
[  330.384304][   T30] audit: type=1326 audit(329.394:3567): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7fe79978df10 code=0x7ffc0000
[  330.385055][T11767] netlink: 16 bytes leftover after parsing attributes in process `syz.0.1967'.
[  330.431148][   T30] audit: type=1326 audit(329.394:3568): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=3 compat=0 ip=0x7fe79978e32a code=0x7ffc0000
[  330.454360][   T30] audit: type=1326 audit(329.444:3569): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11750 comm="syz.0.1962" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  330.690469][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  330.875459][T11776] +
: renamed from syzkaller0
[  332.308902][T11804] loop1: detected capacity change from 0 to 1024
[  332.347225][T11804] EXT4-fs: Ignoring removed orlov option
[  332.418497][T11804] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  332.611468][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  333.228198][T11821] loop1: detected capacity change from 0 to 128
[  333.301637][T11821] FAT-fs (loop1): Invalid FSINFO signature: 0x41615200, 0x61417272 (sector = 1)
[  333.335133][T11823] loop3: detected capacity change from 0 to 512
[  333.475667][T11821] syz.1.1987: attempt to access beyond end of device
[  333.475667][T11821] loop1: rw=0, sector=2065, nr_sectors = 8 limit=128
[  333.965778][T11833] syz.3.1994: vmalloc error: size 34359742464, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=syz3,mems_allowed=0-1
[  334.084953][T11833] CPU: 0 UID: 0 PID: 11833 Comm: syz.3.1994 Not tainted syzkaller #0 PREEMPT(full) 
[  334.084982][T11833] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  334.084997][T11833] Call Trace:
[  334.085004][T11833]  <TASK>
[  334.085014][T11833]  dump_stack_lvl+0x189/0x250
[  334.085057][T11833]  ? __pfx_dump_stack_lvl+0x10/0x10
[  334.085088][T11833]  ? __pfx__printk+0x10/0x10
[  334.085111][T11833]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  334.085137][T11833]  ? cpuset_print_current_mems_allowed+0x1f/0x360
[  334.085169][T11833]  ? cpuset_print_current_mems_allowed+0x2ee/0x360
[  334.085197][T11833]  warn_alloc+0x214/0x310
[  334.085220][T11833]  ? stack_trace_save+0x9c/0xe0
[  334.085246][T11833]  ? __pfx_warn_alloc+0x10/0x10
[  334.085275][T11833]  ? kasan_save_track+0x4f/0x80
[  334.085293][T11833]  ? kasan_save_track+0x3e/0x80
[  334.085311][T11833]  ? __kasan_kmalloc+0x93/0xb0
[  334.085330][T11833]  ? __kmalloc_cache_noprof+0x3e2/0x700
[  334.085348][T11833]  ? xskq_create+0x56/0x170
[  334.085375][T11833]  ? xsk_setsockopt+0x57b/0x8d0
[  334.085398][T11833]  ? do_sock_setsockopt+0x17c/0x1b0
[  334.085423][T11833]  ? __x64_sys_setsockopt+0x13f/0x1b0
[  334.085449][T11833]  ? do_syscall_64+0xfa/0xfa0
[  334.085471][T11833]  __vmalloc_node_range_noprof+0x134/0x1640
[  334.085528][T11833]  ? __pfx___vmalloc_node_range_noprof+0x10/0x10
[  334.085557][T11833]  ? __kasan_kmalloc+0x93/0xb0
[  334.085585][T11833]  vmalloc_user_noprof+0xad/0xf0
[  334.085605][T11833]  ? xskq_create+0xbf/0x170
[  334.085634][T11833]  xskq_create+0xbf/0x170
[  334.085664][T11833]  xsk_init_queue+0xb0/0x110
[  334.085695][T11833]  xsk_setsockopt+0x57b/0x8d0
[  334.085730][T11833]  ? __pfx_xsk_setsockopt+0x10/0x10
[  334.085760][T11833]  ? __pfx_aa_sk_perm+0x10/0x10
[  334.085791][T11833]  ? aa_sock_opt_perm+0xff/0x1b0
[  334.085814][T11833]  ? bpf_lsm_socket_setsockopt+0x9/0x20
[  334.085834][T11833]  ? __pfx_xsk_setsockopt+0x10/0x10
[  334.085862][T11833]  do_sock_setsockopt+0x17c/0x1b0
[  334.085895][T11833]  __x64_sys_setsockopt+0x13f/0x1b0
[  334.085929][T11833]  do_syscall_64+0xfa/0xfa0
[  334.085948][T11833]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.085968][T11833]  ? clear_bhb_loop+0x60/0xb0
[  334.085993][T11833]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  334.086012][T11833] RIP: 0033:0x7f0f9d78f6c9
[  334.086032][T11833] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  334.086050][T11833] RSP: 002b:00007f0f9e658038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  334.086072][T11833] RAX: ffffffffffffffda RBX: 00007f0f9d9e5fa0 RCX: 00007f0f9d78f6c9
[  334.086087][T11833] RDX: 0000000000000002 RSI: 000000000000011b RDI: 0000000000000004
[  334.086100][T11833] RBP: 00007f0f9d811f91 R08: 0000000000000004 R09: 0000000000000000
[  334.086113][T11833] R10: 0000200000000000 R11: 0000000000000246 R12: 0000000000000000
[  334.086126][T11833] R13: 00007f0f9d9e6038 R14: 00007f0f9d9e5fa0 R15: 00007ffff018fbf8
[  334.086161][T11833]  </TASK>
[  334.086240][T11833] Mem-Info:
[  334.401151][T11833] active_anon:10789 inactive_anon:0 isolated_anon:0
[  334.401151][T11833]  active_file:15396 inactive_file:42636 isolated_file:0
[  334.401151][T11833]  unevictable:768 dirty:262 writeback:0
[  334.401151][T11833]  slab_reclaimable:12157 slab_unreclaimable:115341
[  334.401151][T11833]  mapped:31402 shmem:7411 pagetables:2023
[  334.401151][T11833]  sec_pagetables:0 bounce:0
[  334.401151][T11833]  kernel_misc_reclaimable:0
[  334.401151][T11833]  free:1028366 free_pcp:25507 free_cma:0
[  334.448186][T11833] Node 0 active_anon:43456kB inactive_anon:0kB active_file:61584kB inactive_file:170348kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:125908kB dirty:1044kB writeback:0kB shmem:28408kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:13108kB pagetables:7964kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  334.527914][T11833] Node 1 active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:0kB dirty:4kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB kernel_stack:64kB pagetables:128kB sec_pagetables:0kB all_unreclaimable? no Balloon:0kB
[  334.665179][T11833] Node 0 DMA free:15360kB boost:0kB min:204kB low:252kB high:300kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  334.734934][T11833] lowmem_reserve[]: 0 2495 2497 2497 2497
[  334.754880][T11833] Node 0 DMA32 free:188020kB boost:0kB min:34232kB low:42788kB high:51344kB reserved_highatomic:0KB free_highatomic:0KB active_anon:47556kB inactive_anon:0kB active_file:61584kB inactive_file:170348kB unevictable:1536kB writepending:1044kB zspages:0kB present:3129332kB managed:2555548kB mlocked:0kB bounce:0kB free_pcp:83208kB local_pcp:51408kB free_cma:0kB
[  334.849747][T11833] lowmem_reserve[]: 0 0 1 1 1
[  334.859903][T11833] Node 0 Normal free:0kB boost:0kB min:16kB low:20kB high:24kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB zspages:0kB present:1048580kB managed:1388kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB
[  334.920374][T11833] lowmem_reserve[]: 0 0 0 0 0
[  334.961047][T11833] Node 1 Normal free:3892236kB boost:0kB min:55652kB low:69564kB high:83476kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:196kB unevictable:1536kB writepending:4kB zspages:0kB present:4194300kB managed:4111100kB mlocked:0kB bounce:0kB free_pcp:13116kB local_pcp:5084kB free_cma:0kB
[  334.961172][T11833] lowmem_reserve[]: 0 0 0 0 0
[  334.961219][T11833] Node 0 DMA: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 1*1024kB (U) 1*2048kB (M) 3*4096kB (M) = 15360kB
[  334.961363][T11833] Node 0 DMA32: 614*4kB (ME) 841*8kB (ME) 547*16kB (UME) 350*32kB (ME) 260*64kB (UME) 137*128kB (ME) 73*256kB (ME) 45*512kB (UM) 31*1024kB (ME) 9*2048kB (M) 5*4096kB (M) = 175696kB
[  334.961561][T11833] Node 0 Normal: 0*4kB 0*8kB 0*16kB 0*32kB 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 0kB
[  334.961682][T11833] Node 1 Normal: 81*4kB (UME) 55*8kB (UME) 43*16kB (UME) 189*32kB (UME) 51*64kB (UME) 8*128kB (UME) 4*256kB (UME) 5*512kB (UME) 2*1024kB (UM) 2*2048kB (UE) 945*4096kB (M) = 3892236kB
[  334.961902][T11833] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  334.961921][T11833] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  334.961939][T11833] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB
[  334.961957][T11833] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB
[  334.961975][T11833] 66415 total pagecache pages
[  334.961989][T11833] 0 pages in swap cache
[  334.961997][T11833] Free swap  = 124996kB
[  334.962007][T11833] Total swap = 124996kB
[  334.962016][T11833] 2097051 pages RAM
[  334.962025][T11833] 0 pages HighMem/MovableOnly
[  334.962034][T11833] 426202 pages reserved
[  334.962043][T11833] 0 pages cma reserved
[  337.133156][T11893] netlink: 'syz.3.2015': attribute type 10 has an invalid length.
[  337.177598][T11893] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  337.579071][   T30] kauditd_printk_skb: 45 callbacks suppressed
[  337.579091][   T30] audit: type=1326 audit(337.544:3615): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.1.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  337.874466][T11901] loop3: detected capacity change from 0 to 2048
[  338.308675][   T30] audit: type=1326 audit(337.544:3616): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.1.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  338.346441][T11901]  loop3: unable to read partition table
[  338.352645][T11901] loop_reread_partitions: partition scan of loop3 () failed (rc=-5)
[  338.356868][   T30] audit: type=1326 audit(337.544:3617): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11896 comm="syz.1.2017" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  339.253896][T11919] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  339.300163][T11918] tipc: Disabling bearer <eth:syzkaller0>
[  339.315897][ T5836] Process accounting resumed
[  339.809581][T11934] loop3: detected capacity change from 0 to 512
[  339.827126][T11934] EXT4-fs: Ignoring removed nobh option
[  339.856724][T11934] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2031: iget: bad i_size value: 38620345925642
[  339.885456][T11934] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2031: couldn't read orphan inode 15 (err -117)
[  339.922237][T11934] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  340.071266][T11938] netlink: 8 bytes leftover after parsing attributes in process `syz.0.2032'.
[  340.829437][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  340.915460][T11951] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  340.937352][T11949] tipc: Disabling bearer <eth:syzkaller0>
[  341.382090][T11963] netlink: 'syz.1.2042': attribute type 29 has an invalid length.
[  341.448646][T11963] netlink: 'syz.1.2042': attribute type 29 has an invalid length.
[  341.481046][T11963] netlink: 508 bytes leftover after parsing attributes in process `syz.1.2042'.
[  341.521034][T11963] unsupported nla_type 66
[  341.535458][T11967] loop2: detected capacity change from 0 to 2048
[  341.591741][T11967] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  341.654083][T11967] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2044'.
[  341.768910][T11975] netlink: 'syz.0.2046': attribute type 1 has an invalid length.
[  341.820904][T11978] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2046'.
[  341.838504][T11975] 8021q: adding VLAN 0 to HW filter on device bond3
[  341.859985][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  342.038173][T11980] netlink: 'syz.2.2047': attribute type 13 has an invalid length.
[  342.231106][T11988] loop5: detected capacity change from 0 to 512
[  342.396840][   T30] audit: type=1326 audit(342.364:3618): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.407625][T11991] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2052'.
[  342.507976][   T30] audit: type=1326 audit(342.364:3619): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.579650][   T30] audit: type=1326 audit(342.364:3620): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.669332][   T30] audit: type=1326 audit(342.364:3621): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.698796][   T30] audit: type=1326 audit(342.364:3622): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.701301][T11978] bond3 (unregistering): Released all slaves
[  342.721822][   T30] audit: type=1326 audit(342.364:3623): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.750795][   T30] audit: type=1326 audit(342.364:3624): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=316 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.787688][   T30] audit: type=1326 audit(342.364:3625): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.837803][   T30] audit: type=1326 audit(342.364:3626): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.897252][   T30] audit: type=1326 audit(342.364:3627): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  342.994216][   T30] audit: type=1326 audit(342.364:3628): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  343.107245][   T30] audit: type=1326 audit(342.364:3629): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=85 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  343.205492][   T30] audit: type=1326 audit(342.364:3630): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=11990 comm="syz.3.2052" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  343.583782][T11980] veth1_vlan: left allmulticast mode
[  343.827477][ T3577] netdevsim netdevsim2 eth0: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.867902][ T3577] netdevsim netdevsim2 eth1: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.913478][ T3577] netdevsim netdevsim2 eth2: unset [1, 0] type 2 family 0 port 6081 - 0
[  343.948383][ T3577] netdevsim netdevsim2 eth3: unset [1, 0] type 2 family 0 port 6081 - 0
[  344.043085][T12020] syzkaller1: entered promiscuous mode
[  344.060460][T12020] syzkaller1: entered allmulticast mode
[  344.525283][T12030] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2068'.
[  344.751306][T12040] loop2: detected capacity change from 0 to 2048
[  344.836191][T12040] Alternate GPT is invalid, using primary GPT.
[  344.864709][T12033] loop1: detected capacity change from 0 to 8192
[  344.865470][T12040]  loop2: p1 p2 p3
[  344.919235][T12040] loop2: partition table partially beyond EOD, truncated
[  344.955342][T12033]  loop1: p2 p3 p4
[  344.959899][T12033] loop1: p2 start 164919041 is beyond EOD, truncated
[  344.980650][T12033] loop1: p3 size 66846464 extends beyond EOD, truncated
[  345.018680][T12033] loop1: p4 size 37048832 extends beyond EOD, truncated
[  345.557027][T12064] netlink: 'syz.1.2081': attribute type 13 has an invalid length.
[  345.608754][T12068] netlink: 'syz.3.2084': attribute type 21 has an invalid length.
[  345.693283][T12071] loop3: detected capacity change from 0 to 512
[  345.749754][T12071] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2084: inode has both inline data and extents flags
[  345.772222][T12064] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  345.789675][T12077] loop5: detected capacity change from 0 to 256
[  345.800461][T12071] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2084: couldn't read orphan inode 15 (err -117)
[  345.838864][T12068] netlink: 156 bytes leftover after parsing attributes in process `syz.3.2084'.
[  345.856718][T12071] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  345.878775][T12068] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2084'.
[  346.328510][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  346.587202][T12100] loop3: detected capacity change from 0 to 256
[  347.367418][T12117] loop2: detected capacity change from 0 to 2048
[  347.495982][T12117] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  347.520425][T12117] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2103'.
[  348.230172][T12126] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  348.322522][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  348.613028][T12142] netlink: 124 bytes leftover after parsing attributes in process `syz.1.2112'.
[  349.213749][T12153] loop1: detected capacity change from 0 to 4096
[  349.245832][T12153] EXT4-fs: Ignoring removed nomblk_io_submit option
[  349.263902][T12153] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  349.556195][T12155] loop5: detected capacity change from 0 to 2048
[  349.682805][T12163] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2120'.
[  349.856309][T12155] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  350.052247][T12155] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2118'.
[  350.143483][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.397079][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  350.778657][T12184] netlink: 96 bytes leftover after parsing attributes in process `syz.1.2127'.
[  351.945493][T12200] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2134'.
[  352.862350][   T30] kauditd_printk_skb: 106 callbacks suppressed
[  352.862369][   T30] audit: type=1326 audit(352.824:3737): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  352.944929][   T30] audit: type=1326 audit(352.854:3738): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.009504][T12221] loop1: detected capacity change from 0 to 256
[  353.015850][   T30] audit: type=1326 audit(352.854:3739): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.015900][   T30] audit: type=1326 audit(352.854:3740): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.015938][   T30] audit: type=1326 audit(352.854:3741): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.145274][   T30] audit: type=1326 audit(352.854:3742): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.166853][   T30] audit: type=1326 audit(352.854:3743): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.188936][   T30] audit: type=1326 audit(352.854:3744): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.218855][   T30] audit: type=1326 audit(352.854:3745): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.255251][T12228] netlink: 44 bytes leftover after parsing attributes in process `syz.5.2145'.
[  353.275166][   T30] audit: type=1326 audit(352.854:3746): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12212 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  353.459844][T12237] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2149'.
[  354.459238][T12266] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2160'.
[  354.485260][T12268] GUP no longer grows the stack in syz.3.2162 (12268): 200000004000-20000000a000 (200000002000)
[  354.514904][T12268] CPU: 1 UID: 0 PID: 12268 Comm: syz.3.2162 Not tainted syzkaller #0 PREEMPT(full) 
[  354.514931][T12268] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  354.514943][T12268] Call Trace:
[  354.514950][T12268]  <TASK>
[  354.514959][T12268]  dump_stack_lvl+0x189/0x250
[  354.514993][T12268]  ? __pfx_dump_stack_lvl+0x10/0x10
[  354.515018][T12268]  ? __pfx__printk+0x10/0x10
[  354.515042][T12268]  ? find_vma+0xe7/0x160
[  354.515080][T12268]  __get_user_pages+0x2465/0x29f0
[  354.515132][T12268]  get_user_pages_remote+0x2f1/0xac0
[  354.515156][T12268]  ? __pfx_mtree_load+0x10/0x10
[  354.515187][T12268]  ? __pfx_get_user_pages_remote+0x10/0x10
[  354.515213][T12268]  ? __access_remote_vm+0x367/0x7d0
[  354.515241][T12268]  __access_remote_vm+0x211/0x7d0
[  354.515275][T12268]  ? __pfx___access_remote_vm+0x10/0x10
[  354.515304][T12268]  ? alloc_pages_noprof+0xbe/0x190
[  354.515333][T12268]  proc_pid_cmdline_read+0x430/0x810
[  354.515360][T12268]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  354.515382][T12268]  ? rw_verify_area+0x2a6/0x4d0
[  354.515411][T12268]  vfs_readv+0x5aa/0x850
[  354.515427][T12268]  ? __pfx_proc_pid_cmdline_read+0x10/0x10
[  354.515448][T12268]  ? __pfx_vfs_readv+0x10/0x10
[  354.515477][T12268]  ? __fget_files+0x2a/0x420
[  354.515504][T12268]  ? __fget_files+0x3a0/0x420
[  354.515526][T12268]  ? __fget_files+0x2a/0x420
[  354.515558][T12268]  __x64_sys_preadv+0x197/0x2a0
[  354.515583][T12268]  ? __pfx___x64_sys_preadv+0x10/0x10
[  354.515609][T12268]  ? do_syscall_64+0xbe/0xfa0
[  354.515627][T12268]  do_syscall_64+0xfa/0xfa0
[  354.515643][T12268]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.515659][T12268]  ? clear_bhb_loop+0x60/0xb0
[  354.515679][T12268]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  354.515695][T12268] RIP: 0033:0x7f0f9d78f6c9
[  354.515711][T12268] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  354.515726][T12268] RSP: 002b:00007f0f9e658038 EFLAGS: 00000246 ORIG_RAX: 0000000000000127
[  354.515745][T12268] RAX: ffffffffffffffda RBX: 00007f0f9d9e5fa0 RCX: 00007f0f9d78f6c9
[  354.515758][T12268] RDX: 0000000000000001 RSI: 0000200000000040 RDI: 0000000000000006
[  354.515770][T12268] RBP: 00007f0f9d811f91 R08: 0000000000000000 R09: 0000000000000000
[  354.515781][T12268] R10: 0000000000000300 R11: 0000000000000246 R12: 0000000000000000
[  354.515791][T12268] R13: 00007f0f9d9e6038 R14: 00007f0f9d9e5fa0 R15: 00007ffff018fbf8
[  354.515819][T12268]  </TASK>
[  356.205838][T12290] sch_fq: defrate 8 ignored.
[  356.989716][T12304] netlink: 104 bytes leftover after parsing attributes in process `syz.2.2176'.
[  357.023292][T12306] bridge_slave_0: left allmulticast mode
[  357.039994][T12306] bridge_slave_0: left promiscuous mode
[  357.054066][T12306] bridge0: port 1(bridge_slave_0) entered disabled state
[  357.071168][T12298] loop1: detected capacity change from 0 to 8192
[  357.077938][T12307] netlink: 'syz.5.2175': attribute type 10 has an invalid length.
[  357.087289][T12307] netlink: 40 bytes leftover after parsing attributes in process `syz.5.2175'.
[  357.107370][T12306] bond0: (slave bond_slave_0): Releasing backup interface
[  357.137945][T12306] bond0: (slave bond_slave_1): Releasing backup interface
[  357.149919][T12298]  loop1: p2 p3 p4
[  357.161158][T12298] loop1: p2 start 164919041 is beyond EOD, truncated
[  357.176849][T12298] loop1: p3 size 66846464 extends beyond EOD, truncated
[  357.191932][T12306] team0: Port device team_slave_0 removed
[  357.202794][T12298] loop1: p4 size 37048832 extends beyond EOD, truncated
[  357.234196][T12306] team0: Port device team_slave_1 removed
[  357.259882][T12306] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  357.278703][T12306] batman_adv: batadv0: Removing interface: batadv_slave_0
[  357.289663][T12306] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  357.297973][T12306] batman_adv: batadv0: Removing interface: batadv_slave_1
[  357.313702][T12306] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  357.385027][T12307] batman_adv: batadv0: Adding interface: virt_wifi0
[  357.393161][T12307] batman_adv: batadv0: Interface activated: virt_wifi0
[  357.463731][T12318] netlink: 44 bytes leftover after parsing attributes in process `syz.2.2179'.
[  357.672314][T12331] IPVS: sync thread started: state = MASTER, mcast_ifn = hsr0, syncid = 4, id = 0
[  357.673525][T12330] IPVS: stopping master sync thread 12331 ...
[  357.953916][   T30] kauditd_printk_skb: 59 callbacks suppressed
[  357.953934][   T30] audit: type=1326 audit(357.914:3806): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12348 comm="syz.5.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  358.002378][   T30] audit: type=1326 audit(357.944:3807): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12348 comm="syz.5.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=2 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  358.023688][T12350] loop3: detected capacity change from 0 to 2048
[  358.040090][   T30] audit: type=1326 audit(357.944:3808): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12348 comm="syz.5.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  358.068549][   T30] audit: type=1326 audit(357.944:3809): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12348 comm="syz.5.2191" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  358.238729][T12350] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  358.584957][   T24] usb 4-1: new high-speed USB device number 3 using dummy_hcd
[  358.665990][T12368] loop5: detected capacity change from 0 to 1024
[  358.685370][T12368] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  358.718542][T12368] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  358.742141][T12368] JBD2: no valid journal superblock found
[  358.748230][T12368] EXT4-fs (loop5): Could not load journal inode
[  358.755476][   T24] usb 4-1: device descriptor read/64, error -71
[  358.817501][T12373] wireguard0: entered promiscuous mode
[  358.839657][T12373] wireguard0: entered allmulticast mode
[  358.914202][T12378] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2203'.
[  358.933133][   T30] audit: type=1326 audit(358.894:3810): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.1.2202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  358.957021][   T30] audit: type=1326 audit(358.894:3811): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.1.2202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=319 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  358.961900][T12380] loop1: detected capacity change from 0 to 512
[  358.980421][   T30] audit: type=1326 audit(358.894:3812): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.1.2202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=9 compat=0 ip=0x7f9dc218f703 code=0x7ffc0000
[  359.016325][T12380] EXT4-fs (loop1): orphan cleanup on readonly fs
[  359.023623][T12380] EXT4-fs error (device loop1): ext4_orphan_get:1418: comm syz.1.2202: bad orphan inode 13
[  359.034295][T12380] ext4_test_bit(bit=12, block=18) = 1
[  359.039895][T12380] is_bad_inode(inode)=0
[  359.044231][T12380] NEXT_ORPHAN(inode)=2130706432
[  359.049773][T12380] max_ino=32
[  359.053121][T12380] i_nlink=1
[  359.056475][   T24] usb 4-1: new high-speed USB device number 4 using dummy_hcd
[  359.067416][   T30] audit: type=1326 audit(358.924:3813): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.1.2202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=1 compat=0 ip=0x7f9dc218e17f code=0x7ffc0000
[  359.068973][T12380] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  359.112112][T12380] EXT4-fs (loop1): warning: mounting fs with errors, running e2fsck is recommended
[  359.122668][   T30] audit: type=1326 audit(358.924:3814): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.1.2202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=11 compat=0 ip=0x7f9dc218f757 code=0x7ffc0000
[  359.170296][   T30] audit: type=1326 audit(358.924:3815): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12377 comm="syz.1.2202" exe="/root/syz-executor" sig=0 arch=c000003e syscall=257 compat=0 ip=0x7f9dc218df10 code=0x7ffc0000
[  359.196626][T12380] EXT4-fs (loop1): re-mounted 00000000-0000-0000-0000-000000000000 r/w.
[  359.205334][   T24] usb 4-1: device descriptor read/64, error -71
[  359.213152][T12386] netlink: 20 bytes leftover after parsing attributes in process `syz.2.2205'.
[  359.232360][T12380] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.2202: iget: bad i_size value: 360287970189639690
[  359.247908][T12380] EXT4-fs error (device loop1): ext4_lookup:1787: inode #15: comm syz.1.2202: iget: bad i_size value: 360287970189639690
[  359.317775][   T24] usb usb4-port1: attempt power cycle
[  359.329053][T12391] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2207'.
[  359.695358][   T24] usb 4-1: new high-speed USB device number 5 using dummy_hcd
[  359.725720][T12409] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  359.727042][   T24] usb 4-1: device descriptor read/8, error -71
[  359.762892][T12384] Bluetooth: hci0: Opcode 0x0c03 failed: -4
[  359.824660][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  359.893696][T12417] loop5: detected capacity change from 0 to 512
[  359.956913][T12417] EXT4-fs (loop5): revision level too high, forcing read-only mode
[  359.971250][T12417] EXT4-fs (loop5): orphan cleanup on readonly fs
[  359.999839][T12417] EXT4-fs error (device loop5): ext4_do_update_inode:5636: inode #16: comm syz.5.2220: corrupted inode contents
[  360.013043][T12417] EXT4-fs (loop5): Remounting filesystem read-only
[  360.020023][T12417] EXT4-fs (loop5): 1 truncate cleaned up
[  360.029049][T10482] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  360.040349][T10482] EXT4-fs (loop5): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  360.063668][T10482] EXT4-fs (loop5): Quota write (off=8, len=24) cancelled because transaction is not started
[  360.111552][T12417] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  360.125588][   T24] usb 4-1: new high-speed USB device number 6 using dummy_hcd
[  360.151885][   T24] usb 4-1: device descriptor read/8, error -71
[  360.949699][   T24] usb usb4-port1: unable to enumerate USB device
[  361.118375][T12438] syzkaller0: entered allmulticast mode
[  361.140113][T12438] syzkaller0: entered promiscuous mode
[  361.223744][T10493] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm kworker/u8:26: bg 0: block 345: padding at end of block bitmap is not set
[  361.256224][T12438] syzkaller0 (unregistering): left allmulticast mode
[  361.266603][T12438] syzkaller0 (unregistering): left promiscuous mode
[  361.271764][T10493] EXT4-fs (loop3): Remounting filesystem read-only
[  361.613634][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  361.883120][T12449] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2228'.
[  361.893307][T12447] loop3: detected capacity change from 0 to 8192
[  361.957060][T12447]  loop3: p2 p3 p4
[  361.981981][T12447] loop3: p2 start 164919041 is beyond EOD, truncated
[  362.012029][T12447] loop3: p3 size 66846464 extends beyond EOD, truncated
[  362.034450][T12447] loop3: p4 size 37048832 extends beyond EOD, truncated
[  362.425593][T12457] syzkaller0: entered promiscuous mode
[  362.438887][T12457] syzkaller0: entered allmulticast mode
[  362.763652][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  363.375416][T12486] loop5: detected capacity change from 0 to 512
[  363.430710][T12486] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  365.427868][   T30] kauditd_printk_skb: 352 callbacks suppressed
[  365.427887][   T30] audit: type=1326 audit(365.394:4162): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12502 comm="syz.0.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  365.460837][   T30] audit: type=1326 audit(365.404:4163): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12502 comm="syz.0.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=120 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  365.484240][   T30] audit: type=1326 audit(365.404:4164): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12502 comm="syz.0.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  365.527312][   T30] audit: type=1326 audit(365.404:4165): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12502 comm="syz.0.2249" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  366.369450][T12486] team0: Device vxcan3 is up. Set it down before adding it as a team port
[  366.674589][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  366.771842][T12523] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2258'.
[  366.840660][T12526] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2258'.
[  366.895911][T12522] loop3: detected capacity change from 0 to 2048
[  366.933982][T12527] loop5: detected capacity change from 0 to 1024
[  366.947827][T12522] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  366.980961][T12527] EXT4-fs (loop5): ext4_check_descriptors: Inode bitmap for group 0 overlaps block group descriptors
[  367.018436][T12522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2259'.
[  367.020615][T12527] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (51554!=20869)
[  367.070815][T12527] JBD2: no valid journal superblock found
[  367.084496][T12527] EXT4-fs (loop5): Could not load journal inode
[  367.128527][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  367.260085][   T30] audit: type=1326 audit(367.224:4166): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.5.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  367.300439][   T30] audit: type=1326 audit(367.224:4167): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.5.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  367.326081][   T30] audit: type=1326 audit(367.224:4168): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.5.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=430 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  367.349307][   T30] audit: type=1326 audit(367.224:4169): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.5.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  367.472648][   T30] audit: type=1326 audit(367.234:4170): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.5.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=431 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  367.548467][   T30] audit: type=1326 audit(367.234:4171): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12536 comm="syz.5.2263" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fd6c7f8f6c9 code=0x7ffc0000
[  367.602570][T12552] netlink: 28 bytes leftover after parsing attributes in process `syz.1.2270'.
[  367.623644][T12552] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2270'.
[  367.635022][T12555] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2271'.
[  367.773881][T12558] netlink: 24 bytes leftover after parsing attributes in process `gtp'.
[  367.879930][T12558] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[  367.956847][T12565] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2273'.
[  368.197764][T12577] netlink: 14 bytes leftover after parsing attributes in process `syz.0.2280'.
[  368.207956][T12577] hsr_slave_0: left promiscuous mode
[  368.215153][T12577] hsr_slave_1: left promiscuous mode
[  368.369295][T12591] loop5: detected capacity change from 0 to 1024
[  368.385735][T12591] EXT4-fs: Ignoring removed orlov option
[  368.422893][T12591] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  368.466766][T12600] netlink: 'syz.0.2290': attribute type 1 has an invalid length.
[  368.503877][T12591] IPv6: NLM_F_CREATE should be specified when creating new route
[  368.518371][T12603] loop3: detected capacity change from 0 to 164
[  368.527269][T12591] IPv6: Can't replace route, no match found
[  368.546791][T12603] syz.3.2291: attempt to access beyond end of device
[  368.546791][T12603] loop3: rw=524288, sector=263328, nr_sectors = 4 limit=164
[  368.592140][T12603] syz.3.2291: attempt to access beyond end of device
[  368.592140][T12603] loop3: rw=0, sector=263328, nr_sectors = 4 limit=164
[  368.608638][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.011980][T12627] loop1: detected capacity change from 0 to 1024
[  369.032515][T12627] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  369.146107][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  369.888786][T12641] loop5: detected capacity change from 0 to 2048
[  370.000247][T12641] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  370.063298][T12641] EXT4-fs error (device loop5): ext4_readdir:264: inode #2: block 16: comm syz.5.2308: path /281/file0: bad entry in directory: rec_len is smaller than minimal - offset=108, inode=646161, rec_len=0, size=4096 fake=0
[  370.089840][T12641] EXT4-fs (loop5): Remounting filesystem read-only
[  370.260518][ T8345] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  370.412852][T12661] usb usb1: usbfs: interface 0 claimed by hub while 'syz.5.2313' sets config #1
[  371.584225][   T30] kauditd_printk_skb: 18 callbacks suppressed
[  371.584244][   T30] audit: type=1326 audit(371.544:4190): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.617649][   T30] audit: type=1326 audit(371.564:4191): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.677003][   T30] audit: type=1326 audit(371.564:4192): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.764392][   T30] audit: type=1326 audit(371.564:4193): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.800049][   T30] audit: type=1326 audit(371.564:4194): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.849650][T12691] __nla_validate_parse: 3 callbacks suppressed
[  371.849694][T12691] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2323'.
[  371.861458][   T30] audit: type=1326 audit(371.564:4195): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=41 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.913648][   T30] audit: type=1326 audit(371.564:4196): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  371.963847][   T30] audit: type=1326 audit(371.564:4197): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  372.020549][T12694] loop3: detected capacity change from 0 to 512
[  372.031477][   T30] audit: type=1326 audit(371.564:4198): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  372.081002][   T30] audit: type=1326 audit(371.564:4199): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12683 comm="syz.1.2322" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  372.308181][T12702] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2328'.
[  375.579150][T12751] loop1: detected capacity change from 0 to 2048
[  375.642445][T12751] Alternate GPT is invalid, using primary GPT.
[  375.665036][T12751]  loop1: p2 p3 p7
[  376.469678][T12768] blktrace: Concurrent blktraces are not allowed on loop4
[  376.518408][T12769] SET target dimension over the limit!
[  376.822308][T12775] loop5: detected capacity change from 0 to 128
[  377.791959][T12800] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2363'.
[  378.707472][T12814] loop3: detected capacity change from 0 to 2048
[  378.750579][T12814] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  378.776936][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  378.925710][T12819] syzkaller0: entered promiscuous mode
[  378.934519][T12819] syzkaller0: entered allmulticast mode
[  379.095841][T12822] loop1: detected capacity change from 0 to 8192
[  379.110433][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  379.377329][T12822]  loop1: p2 p3 p4
[  379.395694][T12822] loop1: p2 start 164919041 is beyond EOD, truncated
[  379.453880][T12822] loop1: p3 size 66846464 extends beyond EOD, truncated
[  379.497937][T12822] loop1: p4 size 37048832 extends beyond EOD, truncated
[  379.541479][T12824] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2371'.
[  379.782304][T12834] 9p: Bad value for 'rfdno'
[  379.793302][T12832] loop2: detected capacity change from 0 to 512
[  379.817067][T12832] EXT4-fs (loop2): Cannot use DAX on a filesystem that may contain inline data
[  379.992781][T12840] loop3: detected capacity change from 0 to 4096
[  380.042511][T12842] loop2: detected capacity change from 0 to 2048
[  380.043638][T12840] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.050137][T12842] EXT4-fs: Ignoring removed mblk_io_submit option
[  380.077591][T12842] EXT4-fs: Ignoring removed i_version option
[  380.121483][T12842] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  380.172530][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  380.172551][   T30] audit: type=1800 audit(380.124:4225): pid=12842 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.2379" name="bus" dev="loop2" ino=18 res=0 errno=0
[  380.227717][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  380.275370][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  381.514181][T12858] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2385'.
[  381.741905][   T30] audit: type=1326 audit(381.704:4226): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.766896][   T30] audit: type=1326 audit(381.704:4227): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.789176][   T30] audit: type=1326 audit(381.724:4228): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.823946][T12871] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2387'.
[  381.833527][   T30] audit: type=1326 audit(381.734:4229): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.857207][   T30] audit: type=1326 audit(381.734:4230): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.879917][   T30] audit: type=1326 audit(381.734:4231): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=265 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.904233][   T30] audit: type=1326 audit(381.734:4232): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  381.926596][   T30] audit: type=1326 audit(381.734:4233): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=12868 comm="syz.2.2389" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  383.176257][T12878] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2391'.
[  383.308439][T12878] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2391'.
[  383.459071][T12892] loop3: detected capacity change from 0 to 256
[  383.483671][T12878] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2391'.
[  383.506854][   T30] audit: type=1804 audit(383.474:4234): pid=12892 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.2396" name="/newroot/462/file0/bus" dev="loop3" ino=1048649 res=1 errno=0
[  384.897442][T12920] netlink: 'syz.5.2408': attribute type 10 has an invalid length.
[  384.959197][T12920] team0: Failed to send options change via netlink (err -105)
[  384.968537][T12920] team0: Port device dummy0 added
[  385.251686][T12932] netdevsim netdevsim5 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.493586][T12932] netdevsim netdevsim5 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  385.584337][T12932] netdevsim netdevsim5 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.367984][T12932] netdevsim netdevsim5 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  386.391087][T12951] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  386.596193][T12955] netlink: 'syz.3.2423': attribute type 10 has an invalid length.
[  386.622868][T12955] bond0: (slave dummy0): Releasing backup interface
[  386.788916][T12969] random: crng reseeded on system resumption
[  386.880294][T12975] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2432'.
[  386.898387][T12963] loop5: detected capacity change from 0 to 8192
[  387.018957][T12972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2430'.
[  387.019892][T12972] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2430'.
[  387.045928][T12963]  loop5: p2 p3 p4
[  387.046065][T12963] loop5: p2 start 164919041 is beyond EOD, truncated
[  387.046090][T12963] loop5: p3 size 66846464 extends beyond EOD, truncated
[  387.054121][T12963] loop5: p4 size 37048832 extends beyond EOD, truncated
[  388.059498][T12992] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2437'.
[  388.372929][T12999] netlink: 'syz.2.2440': attribute type 10 has an invalid length.
[  388.551292][T13008] netlink: 16 bytes leftover after parsing attributes in process `syz.5.2444'.
[  388.671653][T12999] team0: Failed to send options change via netlink (err -105)
[  388.689150][T12999] team0: Port device dummy0 added
[  389.310866][T13022] netlink: 36 bytes leftover after parsing attributes in process `syz.5.2449'.
[  390.642063][T13037] xt_SECMARK: only valid in 'mangle' or 'security' table, not 'raw'
[  390.951615][T13044] loop5: detected capacity change from 0 to 2048
[  391.020780][T13044] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  391.152290][T13052] netlink: 96 bytes leftover after parsing attributes in process `syz.0.2458'.
[  391.225033][ T8345] EXT4-fs error (device loop5): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  391.297040][ T8345] EXT4-fs error (device loop5) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  391.307507][T10493] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 3 with error 28
[  391.327633][T13054] loop3: detected capacity change from 0 to 512
[  391.333612][T10493] EXT4-fs (loop5): This should not happen!! Data will be lost
[  391.333612][T10493] 
[  391.362344][T13054] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2459: inode has both inline data and extents flags
[  391.364066][T10493] EXT4-fs (loop5): Total free blocks count 0
[  391.395259][T13054] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2459: couldn't read orphan inode 15 (err -117)
[  391.427127][T13054] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  391.429325][T10493] EXT4-fs (loop5): Free/Dirty block details
[  391.509351][T10493] EXT4-fs (loop5): free_blocks=0
[  391.532213][T10493] EXT4-fs (loop5): dirty_blocks=1104
[  391.554245][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  391.556759][T10493] EXT4-fs (loop5): Block reservation details
[  391.604966][T10493] EXT4-fs (loop5): i_reserved_data_blocks=69
[  392.067789][T13051] EXT4-fs (loop5): Delayed block allocation failed for inode 18 at logical offset 4 with max blocks 1098 with error 28
[  393.825938][   T52] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1
[  393.831829][   T52] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9
[  393.832903][   T52] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9
[  393.833947][   T52] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4
[  393.834602][   T52] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2
[  393.981713][T13094] loop3: detected capacity change from 0 to 512
[  393.989603][T13094] EXT4-fs: Ignoring removed nobh option
[  394.005331][T13094] EXT4-fs error (device loop3): ext4_orphan_get:1392: inode #15: comm syz.3.2477: iget: bad i_size value: 38620345925642
[  394.024630][T13094] EXT4-fs error (device loop3): ext4_orphan_get:1397: comm syz.3.2477: couldn't read orphan inode 15 (err -117)
[  394.027562][T13094] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  394.943660][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  395.915485][ T5842] Bluetooth: hci1: command tx timeout
[  395.967247][ T3577] bond0 (unregistering): Released all slaves
[  395.988587][ T3577] bond1 (unregistering): Released all slaves
[  397.997460][ T5842] Bluetooth: hci1: command tx timeout
[  398.656754][   T30] kauditd_printk_skb: 11 callbacks suppressed
[  398.656770][   T30] audit: type=1326 audit(398.624:4246): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  398.765029][   T30] audit: type=1326 audit(398.624:4247): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  398.895429][   T30] audit: type=1326 audit(398.624:4248): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  398.934933][   T30] audit: type=1326 audit(398.624:4249): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  398.987562][   T30] audit: type=1326 audit(398.624:4250): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  399.011395][   T30] audit: type=1326 audit(398.624:4251): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  399.033842][   T30] audit: type=1326 audit(398.624:4252): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  399.409965][   T30] audit: type=1326 audit(398.624:4253): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  399.521395][ T3577] hsr_slave_0: left promiscuous mode
[  399.607164][ T3577] hsr_slave_1: left promiscuous mode
[  399.650320][   T30] audit: type=1326 audit(398.624:4254): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  399.803179][   T30] audit: type=1326 audit(398.624:4255): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13134 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  399.815806][ T3577] batman_adv: batadv0: Interface deactivated: virt_wifi0
[  399.869978][ T3577] batman_adv: batadv0: Removing interface: virt_wifi0
[  399.895254][T13159] loop2: detected capacity change from 0 to 512
[  400.076791][ T5842] Bluetooth: hci1: command tx timeout
[  400.282613][T13159] EXT4-fs: Ignoring removed nobh option
[  400.336125][ T3577] veth1_macvtap: left promiscuous mode
[  400.341712][ T3577] veth0_macvtap: left promiscuous mode
[  400.350212][T13159] EXT4-fs error (device loop2): ext4_orphan_get:1392: inode #15: comm syz.2.2498: iget: bad i_size value: 38620345925642
[  400.378504][T13159] EXT4-fs error (device loop2): ext4_orphan_get:1397: comm syz.2.2498: couldn't read orphan inode 15 (err -117)
[  400.459799][T13159] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  401.667599][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  402.071330][T13191] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2507'.
[  402.155086][ T5842] Bluetooth: hci1: command tx timeout
[  402.502221][ T3577] team0 (unregistering): Port device dummy0 removed
[  402.772412][T13185] sch_fq: defrate 8 ignored.
[  402.815275][T13189] ip6gretap0: entered promiscuous mode
[  402.821015][T13189] ip6gretap0: left promiscuous mode
[  402.876391][T13193] loop2: detected capacity change from 0 to 256
[  403.850504][T13088] chnl_net:caif_netlink_parms(): no params data found
[  403.918744][T13206] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2512'.
[  405.213858][T13088] bridge0: port 1(bridge_slave_0) entered blocking state
[  405.213988][T13088] bridge0: port 1(bridge_slave_0) entered disabled state
[  405.214206][T13088] bridge_slave_0: entered allmulticast mode
[  405.218455][T13088] bridge_slave_0: entered promiscuous mode
[  405.299501][T13088] bridge0: port 2(bridge_slave_1) entered blocking state
[  405.299650][T13088] bridge0: port 2(bridge_slave_1) entered disabled state
[  405.299859][T13088] bridge_slave_1: entered allmulticast mode
[  405.301987][T13088] bridge_slave_1: entered promiscuous mode
[  405.411839][T13088] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  405.428168][T13088] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  405.548035][T13088] team0: Port device team_slave_0 added
[  405.580936][T13088] team0: Port device team_slave_1 added
[  405.679893][T13228] loop2: detected capacity change from 0 to 8192
[  405.718712][T13088] batman_adv: batadv0: Adding interface: batadv_slave_0
[  405.718729][T13088] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  405.718755][T13088] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  405.723750][T13088] batman_adv: batadv0: Adding interface: batadv_slave_1
[  405.723770][T13088] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  405.723795][T13088] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  406.072763][T13228]  loop2: p2 p3 p4
[  406.074174][T13228] loop2: p2 start 164919041 is beyond EOD, truncated
[  406.074244][T13228] loop2: p3 size 66846464 extends beyond EOD, truncated
[  406.272244][T13242] loop3: detected capacity change from 0 to 2048
[  406.361140][T13228] loop2: p4 size 37048832 extends beyond EOD, truncated
[  406.631178][T13242] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  407.344648][T13088] hsr_slave_0: entered promiscuous mode
[  407.354310][T13088] hsr_slave_1: entered promiscuous mode
[  407.658346][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  407.725681][T13256] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2527'.
[  409.321173][T13088] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  409.449122][T13294] loop2: detected capacity change from 0 to 2048
[  410.100602][T13088] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  410.140168][T13294] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  410.222359][T13088] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  410.267225][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  410.326269][T13088] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  410.892045][T13322] netlink: 'syz.3.2548': attribute type 29 has an invalid length.
[  410.908806][T13322] netlink: 'syz.3.2548': attribute type 29 has an invalid length.
[  410.923407][T13322] netlink: 508 bytes leftover after parsing attributes in process `syz.3.2548'.
[  410.961088][T13088] 8021q: adding VLAN 0 to HW filter on device bond0
[  411.076481][T13088] 8021q: adding VLAN 0 to HW filter on device team0
[  411.094853][T10486] bridge0: port 1(bridge_slave_0) entered blocking state
[  411.102191][T10486] bridge0: port 1(bridge_slave_0) entered forwarding state
[  411.218636][ T3577] bridge0: port 2(bridge_slave_1) entered blocking state
[  411.225924][ T3577] bridge0: port 2(bridge_slave_1) entered forwarding state
[  412.522561][T13088] 8021q: adding VLAN 0 to HW filter on device batadv0
[  413.111876][   T30] kauditd_printk_skb: 35 callbacks suppressed
[  413.111893][   T30] audit: type=1326 audit(413.074:4291): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.151514][T13357] loop2: detected capacity change from 0 to 512
[  413.159912][   T30] audit: type=1326 audit(413.114:4292): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=258 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.182053][   T30] audit: type=1326 audit(413.114:4293): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.204631][   T30] audit: type=1326 audit(413.114:4294): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.227145][T13357] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  413.268578][   T30] audit: type=1326 audit(413.114:4295): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=165 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.317687][T13357] EXT4-fs error (device loop2): ext4_orphan_get:1418: comm syz.2.2559: bad orphan inode 131083
[  413.318501][T13362] netlink: 12 bytes leftover after parsing attributes in process `syz.1.2560'.
[  413.345614][   T30] audit: type=1326 audit(413.114:4296): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.356468][T13357] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.389515][   T30] audit: type=1326 audit(413.114:4297): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.431956][T13365] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2560'.
[  413.434955][   T30] audit: type=1326 audit(413.114:4298): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=48 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.480140][   T30] audit: type=1326 audit(413.114:4299): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.532864][   T30] audit: type=1326 audit(413.114:4300): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13356 comm="syz.2.2559" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  413.689864][T13373] loop3: detected capacity change from 0 to 1024
[  413.700855][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.772867][T13373] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  413.807897][T13373] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2563'.
[  413.910847][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  413.928290][T13382] loop1: detected capacity change from 0 to 512
[  413.946067][T13382] EXT4-fs: Ignoring removed nobh option
[  413.968915][T13088] veth0_vlan: entered promiscuous mode
[  413.982632][T13382] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2566: iget: bad i_size value: 38620345925642
[  413.987641][T13088] veth1_vlan: entered promiscuous mode
[  414.035390][T13382] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2566: couldn't read orphan inode 15 (err -117)
[  414.042878][T13088] veth0_macvtap: entered promiscuous mode
[  414.060553][T13088] veth1_macvtap: entered promiscuous mode
[  414.071519][T13382] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  414.088239][T13387] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  414.140579][T13088] batman_adv: batadv0: Interface activated: batadv_slave_0
[  414.157733][T13088] batman_adv: batadv0: Interface activated: batadv_slave_1
[  414.179828][ T2978] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  414.192029][ T2978] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  414.279504][ T2978] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  414.314635][ T2978] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  415.447731][T13398] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2571'.
[  415.461033][T13398] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2571'.
[  415.592355][ T2978] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.611753][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  415.615768][ T2978] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.744035][ T3577] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  415.772327][ T3577] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  415.916399][T13410] loop2: detected capacity change from 0 to 1024
[  415.951572][T13410] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  415.993293][T13410] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2577'.
[  416.157846][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  416.171211][T13418] loop1: detected capacity change from 0 to 256
[  417.341020][T13431] loop1: detected capacity change from 0 to 512
[  417.356238][T13431] EXT4-fs: Ignoring removed nobh option
[  417.428193][T13431] EXT4-fs error (device loop1): ext4_orphan_get:1392: inode #15: comm syz.1.2583: iget: bad i_size value: 38620345925642
[  417.455612][T13431] EXT4-fs error (device loop1): ext4_orphan_get:1397: comm syz.1.2583: couldn't read orphan inode 15 (err -117)
[  417.513393][T13431] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  417.538667][T13429] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2582'.
[  418.344977][T13364] EXT4-fs error (device loop1): ext4_validate_block_bitmap:432: comm ext4lazyinit: bg 0: block 5: invalid block bitmap
[  418.450127][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.617221][T13447] loop3: detected capacity change from 0 to 2048
[  418.670987][T13449] loop2: detected capacity change from 0 to 1024
[  418.671273][T13447] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.737346][T13449] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  418.795824][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  418.835511][T13449] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2591'.
[  418.838359][T13464] loop1: detected capacity change from 0 to 256
[  418.854326][T13462] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2594'.
[  418.919047][   T30] kauditd_printk_skb: 40 callbacks suppressed
[  418.919062][   T30] audit: type=1804 audit(418.884:4341): pid=13464 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.2593" name="/newroot/569/file0/bus" dev="loop1" ino=1048657 res=1 errno=0
[  418.933470][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  419.042011][T13472] loop6: detected capacity change from 0 to 512
[  419.059433][T13472] EXT4-fs: Ignoring removed nobh option
[  419.083120][T13472] EXT4-fs error (device loop6): ext4_orphan_get:1392: inode #15: comm syz.6.2598: iget: bad i_size value: 38620345925642
[  419.116711][T13472] EXT4-fs error (device loop6): ext4_orphan_get:1397: comm syz.6.2598: couldn't read orphan inode 15 (err -117)
[  419.143221][T13472] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  419.179755][T13479] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2599'.
[  419.878623][T13492] loop3: detected capacity change from 0 to 512
[  419.914680][   T30] audit: type=1326 audit(419.874:4342): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  419.990730][T13492] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  420.024296][   T30] audit: type=1326 audit(419.874:4343): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.070389][T13088] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.076074][   T30] audit: type=1326 audit(419.874:4344): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.174968][   T30] audit: type=1326 audit(419.874:4345): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.260091][   T30] audit: type=1326 audit(419.874:4346): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=127 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.343246][T13507] loop6: detected capacity change from 0 to 256
[  420.349810][   T30] audit: type=1326 audit(419.874:4347): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.349865][   T30] audit: type=1326 audit(419.874:4348): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.349909][   T30] audit: type=1326 audit(419.904:4349): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=436 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.349949][   T30] audit: type=1326 audit(419.904:4350): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13494 comm="syz.2.2604" exe="/root/syz-executor" sig=0 arch=c000003e syscall=231 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  420.428000][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.470287][T13505] loop2: detected capacity change from 0 to 1024
[  420.530446][T13505] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  420.602397][T13505] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2607'.
[  420.715257][T13517] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2610'.
[  420.761080][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  420.885065][T13519] netlink: 16 bytes leftover after parsing attributes in process `syz.6.2611'.
[  421.119563][T13527] loop6: detected capacity change from 0 to 128
[  421.138132][T13527] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  421.151430][T13523] loop2: detected capacity change from 0 to 1024
[  421.159528][T13523] EXT4-fs: Ignoring removed nobh option
[  421.168660][T13523] EXT4-fs: Ignoring removed bh option
[  421.209418][T13088] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  421.292115][T13523] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  421.390127][T13535] syzkaller0: entered promiscuous mode
[  421.404148][T13535] syzkaller0: entered allmulticast mode
[  421.933683][T13542] loop6: detected capacity change from 0 to 1024
[  422.023434][T13545] random: crng reseeded on system resumption
[  422.074396][T13542] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  422.188296][T13552] loop1: detected capacity change from 0 to 256
[  422.320343][T13554] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2624'.
[  422.351341][T13556] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2625'.
[  422.496076][T13542] EXT4-fs error (device loop6): ext4_mb_mark_diskspace_used:4193: comm syz.6.2620: Allocating blocks 497-513 which overlap fs metadata
[  422.539668][T13541] EXT4-fs (loop6): pa ffff888053766828: logic 32, phys. 161, len 22
[  422.539836][T13541] EXT4-fs error (device loop6): ext4_mb_release_inode_pa:5444: group 0, free 0, pa_free 1
[  422.628941][T13088] EXT4-fs (loop6): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  422.902604][T13568] syzkaller0: entered promiscuous mode
[  422.902626][T13568] syzkaller0: entered allmulticast mode
[  423.170631][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.387907][T13582] netlink: 36 bytes leftover after parsing attributes in process `syz.3.2636'.
[  423.438099][T13586] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2638'.
[  423.536037][T13589] loop2: detected capacity change from 0 to 2048
[  423.564443][T13594] syzkaller0: entered promiscuous mode
[  423.571014][T13594] syzkaller0: entered allmulticast mode
[  423.579077][T13589] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  423.683833][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  423.885479][T13607] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2649'.
[  423.980508][T13615] netlink: 'syz.2.2645': attribute type 1 has an invalid length.
[  424.011819][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  424.011838][   T30] audit: type=1326 audit(423.974:4418): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13613 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  424.032931][T13619] netlink: 16 bytes leftover after parsing attributes in process `syz.0.2652'.
[  424.063752][   T30] audit: type=1326 audit(424.024:4419): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13613 comm="syz.3.2651" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0f9d78f6c9 code=0x7ffc0000
[  424.129169][T13622] loop2: detected capacity change from 0 to 1024
[  424.228188][T13622] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  424.279604][T13622] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2654'.
[  424.287219][T13634] loop3: detected capacity change from 0 to 128
[  424.295441][T13630] loop1: detected capacity change from 0 to 2048
[  424.322130][T13634] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  424.418659][   T30] audit: type=1800 audit(424.384:4420): pid=13634 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2658" name="bus" dev="loop3" ino=12 res=0 errno=0
[  424.457199][T13630] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  424.495257][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.539637][ T5831] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  424.577131][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  424.676091][T13643] netlink: 36 bytes leftover after parsing attributes in process `syz.0.2663'.
[  424.829329][T13654] netlink: 16 bytes leftover after parsing attributes in process `syz.2.2666'.
[  424.919593][T13662] netlink: 24 bytes leftover after parsing attributes in process `syz.1.2670'.
[  425.016566][T13664] loop2: detected capacity change from 0 to 1024
[  425.037516][T13662] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2670'.
[  425.063934][T13664] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  425.140791][T13664] netlink: 14 bytes leftover after parsing attributes in process `syz.2.2671'.
[  425.180194][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  425.242241][T13673] netlink: 'syz.0.2673': attribute type 10 has an invalid length.
[  425.252967][T13673] bond0: (slave dummy0): Releasing backup interface
[  425.416710][T13678] loop2: detected capacity change from 0 to 2048
[  425.674929][T13678] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  425.897317][T13685] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2677'.
[  426.023533][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  426.106664][T13691] netlink: 16 bytes leftover after parsing attributes in process `syz.3.2681'.
[  426.280751][T13701] loop3: detected capacity change from 0 to 2048
[  426.327614][T13701] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  426.328457][T13704] netlink: 'syz.1.2686': attribute type 10 has an invalid length.
[  426.512598][ T5831] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz-executor: bg 0: block 234: padding at end of block bitmap is not set
[  426.549061][ T5831] EXT4-fs error (device loop3) in ext4_mb_clear_bb:6667: Corrupt filesystem
[  426.641281][ T5831] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  428.074185][   T52] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1
[  428.087428][   T52] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9
[  428.096694][   T52] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9
[  428.107392][   T52] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4
[  428.116151][   T52] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2
[  428.405212][T13755] loop2: detected capacity change from 0 to 2048
[  428.638057][T13755] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  429.278946][ T5829] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  429.542676][T13771] loop2: detected capacity change from 0 to 256
[  429.607072][   T30] audit: type=1804 audit(429.564:4421): pid=13771 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.2710" name="/newroot/494/file0/bus" dev="loop2" ino=1048660 res=1 errno=0
[  430.014267][T13780] __nla_validate_parse: 6 callbacks suppressed
[  430.014288][T13780] netlink: 36 bytes leftover after parsing attributes in process `syz.1.2714'.
[  430.155209][   T52] Bluetooth: hci4: command tx timeout
[  430.415447][T13793] loop2: detected capacity change from 0 to 8192
[  430.458895][T13793]  loop2: p2 p3 p4
[  430.465256][T13793] loop2: p2 start 164919041 is beyond EOD, truncated
[  430.488532][T13793] loop2: p3 size 66846464 extends beyond EOD, truncated
[  430.499659][T13793] loop2: p4 size 37048832 extends beyond EOD, truncated
[  430.738222][ T1332] bond0 (unregistering): Released all slaves
[  430.808291][T13742] chnl_net:caif_netlink_parms(): no params data found
[  430.883753][T13805] netlink: 'syz.6.2722': attribute type 1 has an invalid length.
[  431.023158][ T1332] tipc: Left network mode
[  431.069579][T13812] loop1: detected capacity change from 0 to 1024
[  431.082599][T13810] netlink: 36 bytes leftover after parsing attributes in process `syz.6.2724'.
[  431.179496][T13812] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  431.253146][T13821] loop6: detected capacity change from 0 to 128
[  431.264711][T13812] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2725'.
[  431.313473][T13821] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  431.356036][T13812] hsr_slave_0: left promiscuous mode
[  431.371918][   T30] audit: type=1800 audit(431.334:4422): pid=13821 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2727" name="bus" dev="loop6" ino=12 res=0 errno=0
[  431.398122][T13812] hsr_slave_1: left promiscuous mode
[  431.417551][T13088] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  431.574387][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  431.697949][T13742] bridge0: port 1(bridge_slave_0) entered blocking state
[  431.716737][T13742] bridge0: port 1(bridge_slave_0) entered disabled state
[  431.744754][   T30] audit: type=1326 audit(431.694:4423): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  431.767988][T13742] bridge_slave_0: entered allmulticast mode
[  431.789344][T13742] bridge_slave_0: entered promiscuous mode
[  431.805969][T13742] bridge0: port 2(bridge_slave_1) entered blocking state
[  431.813285][   T30] audit: type=1326 audit(431.694:4424): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  431.838303][T13742] bridge0: port 2(bridge_slave_1) entered disabled state
[  431.845711][T13742] bridge_slave_1: entered allmulticast mode
[  431.853765][T13742] bridge_slave_1: entered promiscuous mode
[  431.859744][   T30] audit: type=1326 audit(431.694:4425): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=234 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  431.883400][   T30] audit: type=1326 audit(431.694:4426): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  431.918327][   T30] audit: type=1326 audit(431.704:4427): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13836 comm="syz.1.2732" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f9dc218f6c9 code=0x7ffc0000
[  432.177068][T13742] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  432.221394][T13742] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  432.240873][   T52] Bluetooth: hci4: command tx timeout
[  432.685510][T13862] loop6: detected capacity change from 0 to 128
[  432.728829][T13742] team0: Port device team_slave_0 added
[  432.738893][T13862] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  432.799457][T13742] team0: Port device team_slave_1 added
[  432.848937][   T30] audit: type=1800 audit(432.814:4428): pid=13862 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2740" name="bus" dev="loop6" ino=12 res=0 errno=0
[  433.029947][T13088] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  434.319018][   T52] Bluetooth: hci4: command tx timeout
[  434.644075][T13742] batman_adv: batadv0: Adding interface: batadv_slave_0
[  434.651227][T13742] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  434.677498][T13742] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  434.694433][T13742] batman_adv: batadv0: Adding interface: batadv_slave_1
[  434.701816][T13742] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  434.729238][T13742] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  434.863728][   T30] audit: type=1326 audit(434.824:4429): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  434.944355][T13742] hsr_slave_0: entered promiscuous mode
[  434.956075][   T30] audit: type=1326 audit(434.824:4430): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  434.989605][T13742] hsr_slave_1: entered promiscuous mode
[  435.030052][T13742] debugfs: 'hsr0' already exists in 'hsr'
[  435.041033][T13742] Cannot create hsr debugfs directory
[  435.068270][   T30] audit: type=1326 audit(434.854:4431): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.090642][   T30] audit: type=1326 audit(434.864:4432): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.114073][   T30] audit: type=1326 audit(434.864:4433): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.185389][   T30] audit: type=1326 audit(434.874:4434): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=321 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.268547][   T30] audit: type=1326 audit(434.874:4435): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.324732][T13899] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2752'.
[  435.343271][   T30] audit: type=1326 audit(434.874:4436): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.397020][   T30] audit: type=1326 audit(434.884:4437): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="syz.2.2746" exe="/root/syz-executor" sig=0 arch=c000003e syscall=157 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.422020][   T30] audit: type=1326 audit(434.884:4438): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=13881 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  435.467677][T13899] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2752'.
[  435.762429][ T1332] IPVS: stop unused estimator thread 0...
[  435.811657][T13906] netlink: 'syz.1.2754': attribute type 10 has an invalid length.
[  435.847045][T13908] loop6: detected capacity change from 0 to 128
[  435.906418][T13908] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  436.070175][T13088] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  436.141929][   T24] IPVS: starting estimator thread 0...
[  436.246204][T13919] IPVS: using max 29 ests per chain, 69600 per kthread
[  436.395750][   T52] Bluetooth: hci4: command tx timeout
[  436.498561][T13742] netdevsim netdevsim3 netdevsim0: renamed from eth0
[  436.527890][T13742] netdevsim netdevsim3 netdevsim1: renamed from eth1
[  436.531148][T13937] netlink: 'syz.2.2767': attribute type 10 has an invalid length.
[  436.571406][T13742] netdevsim netdevsim3 netdevsim2: renamed from eth2
[  436.605732][T13742] netdevsim netdevsim3 netdevsim3: renamed from eth3
[  436.622974][T13942] loop6: detected capacity change from 0 to 256
[  436.861291][T13742] 8021q: adding VLAN 0 to HW filter on device bond0
[  436.926400][T13742] 8021q: adding VLAN 0 to HW filter on device team0
[  436.952421][T10482] bridge0: port 1(bridge_slave_0) entered blocking state
[  436.959688][T10482] bridge0: port 1(bridge_slave_0) entered forwarding state
[  437.023918][T10482] bridge0: port 2(bridge_slave_1) entered blocking state
[  437.031204][T10482] bridge0: port 2(bridge_slave_1) entered forwarding state
[  437.245335][T13973] netlink: 'syz.6.2781': attribute type 10 has an invalid length.
[  437.294741][T13973] team0: Failed to send options change via netlink (err -105)
[  437.326139][T13973] team0: Port device dummy0 added
[  437.490879][T13980] serio: Serial port ttyS3
[  437.909680][T13979] loop1: detected capacity change from 0 to 1024
[  437.951492][T13979] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  438.055130][T13979] netlink: 14 bytes leftover after parsing attributes in process `syz.1.2782'.
[  438.175481][ T5832] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  438.381253][T13742] 8021q: adding VLAN 0 to HW filter on device batadv0
[  438.512635][T13742] veth0_vlan: entered promiscuous mode
[  438.542486][T13742] veth1_vlan: entered promiscuous mode
[  438.644010][T13742] veth0_macvtap: entered promiscuous mode
[  438.673358][T13742] veth1_macvtap: entered promiscuous mode
[  438.759375][T13742] batman_adv: batadv0: Interface activated: batadv_slave_0
[  438.808078][T13742] batman_adv: batadv0: Interface activated: batadv_slave_1
[  438.832808][T10482] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  438.867582][ T3577] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  438.888028][ T3577] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  438.907783][ T3577] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  439.163573][ T1332] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  439.174426][ T1332] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  439.248063][ T1332] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  439.270326][ T1332] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  440.285582][ T1297] ieee802154 phy0 wpan0: encryption failed: -22
[  440.359170][T14053] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  440.579831][T14058] loop3: detected capacity change from 0 to 512
[  440.629351][T14058] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  440.652155][   T30] kauditd_printk_skb: 26 callbacks suppressed
[  440.652172][   T30] audit: type=1326 audit(440.614:4465): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  440.666524][T14058] EXT4-fs error (device loop3): ext4_do_update_inode:5636: inode #2: comm syz.3.2810: corrupted inode contents
[  440.702890][T14058] EXT4-fs error (device loop3): ext4_dirty_inode:6521: inode #2: comm syz.3.2810: mark_inode_dirty error
[  440.704498][T14056] syzkaller0: entered promiscuous mode
[  440.716080][T14058] EXT4-fs error (device loop3): ext4_do_update_inode:5636: inode #2: comm syz.3.2810: corrupted inode contents
[  440.733752][   T30] audit: type=1326 audit(440.614:4466): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  440.765406][   T30] audit: type=1326 audit(440.654:4467): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  440.786766][   T30] audit: type=1326 audit(440.654:4468): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  440.805250][T14056] syzkaller0: entered allmulticast mode
[  440.845822][   T30] audit: type=1326 audit(440.654:4469): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  440.891025][T13742] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  440.905157][   T30] audit: type=1326 audit(440.654:4470): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  440.952708][ T5842] Bluetooth: hci5: unexpected cc 0x0c03 length: 249 > 1
[  440.971019][ T5842] Bluetooth: hci5: unexpected cc 0x1003 length: 249 > 9
[  440.994575][ T5842] Bluetooth: hci5: unexpected cc 0x1001 length: 249 > 9
[  441.005316][   T30] audit: type=1326 audit(440.654:4471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  441.039864][ T5842] Bluetooth: hci5: unexpected cc 0x0c23 length: 249 > 4
[  441.056852][ T5842] Bluetooth: hci5: unexpected cc 0x0c38 length: 249 > 2
[  441.075823][   T30] audit: type=1326 audit(440.654:4472): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  441.155708][   T30] audit: type=1326 audit(440.664:4473): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  441.177532][   T30] audit: type=1326 audit(440.664:4474): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14060 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  441.379867][T14082] netlink: 'syz.3.2818': attribute type 1 has an invalid length.
[  441.578545][T14088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2822'.
[  441.589956][T14088] netlink: 4 bytes leftover after parsing attributes in process `syz.0.2822'.
[  441.627760][T14090] loop3: detected capacity change from 0 to 128
[  441.697849][T14090] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  441.749450][T14093] netlink: 24 bytes leftover after parsing attributes in process `syz.0.2824'.
[  441.806271][T13742] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  442.221294][T14105] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2830'.
[  442.427381][T14112] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2833'.
[  443.202829][   T52] Bluetooth: hci5: command tx timeout
[  444.289866][T14080] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  444.305191][T14112] IPVS: Error connecting to the multicast addr
[  444.461990][T14119] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2836'.
[  444.523473][ T2978] netdevsim netdevsim1 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.567559][T14123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2836'.
[  444.659943][ T2978] netdevsim netdevsim1 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.773380][ T2978] netdevsim netdevsim1 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  444.793002][T14129] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2840'.
[  444.879809][ T2978] netdevsim netdevsim1 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  445.077794][T14137] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.203195][T14133] loop6: detected capacity change from 0 to 8192
[  445.218702][T14137] bridge_slave_0 (unregistering): left allmulticast mode
[  445.227498][T14137] bridge_slave_0 (unregistering): left promiscuous mode
[  445.234881][T14137] bridge0: port 1(bridge_slave_0) entered disabled state
[  445.252137][T14133]  loop6: p2 p3 p4
[  445.275667][T14133] loop6: p2 start 164919041 is beyond EOD, truncated
[  445.280613][   T52] Bluetooth: hci5: command tx timeout
[  445.282562][T14133] loop6: p3 size 66846464 extends beyond EOD, truncated
[  445.330531][T14133] loop6: p4 size 37048832 extends beyond EOD, truncated
[  445.459198][T14141] syzkaller0: entered promiscuous mode
[  445.465104][T14141] syzkaller0: entered allmulticast mode
[  445.488047][T14143] __nla_validate_parse: 3 callbacks suppressed
[  445.488065][T14143] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  445.576179][T14146] syz.3.2846 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  445.641585][T14148] loop6: detected capacity change from 0 to 128
[  445.668231][T14148] EXT4-fs (loop6): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  445.704181][   T30] kauditd_printk_skb: 25 callbacks suppressed
[  445.704202][   T30] audit: type=1800 audit(445.654:4500): pid=14148 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2845" name="bus" dev="loop6" ino=12 res=0 errno=0
[  445.750982][T13088] EXT4-fs (loop6): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  446.208809][T14164] serio: Serial port ttyS3
[  446.412520][T14167] netlink: 24 bytes leftover after parsing attributes in process `gtp'.
[  446.676981][T14171] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2853'.
[  446.753136][T14172] netlink: 96 bytes leftover after parsing attributes in process `syz.6.2853'.
[  447.363755][   T52] Bluetooth: hci5: command tx timeout
[  448.101099][T14178] loop3: detected capacity change from 0 to 8192
[  448.156749][T14178]  loop3: p2 p3 p4
[  448.160633][T14178] loop3: p2 start 164919041 is beyond EOD, truncated
[  448.167804][T14178] loop3: p3 size 66846464 extends beyond EOD, truncated
[  448.176396][T14178] loop3: p4 size 37048832 extends beyond EOD, truncated
[  449.438847][   T52] Bluetooth: hci5: command tx timeout
[  449.455157][T14188] netlink: 'syz.6.2858': attribute type 10 has an invalid length.
[  449.506810][T14192] netlink: 'syz.6.2858': attribute type 10 has an invalid length.
[  449.641273][T14201] loop3: detected capacity change from 0 to 1024
[  449.658182][T14201] EXT4-fs: inline encryption not supported
[  449.674541][T14201] EXT4-fs: Ignoring removed nobh option
[  449.685367][T14201] EXT4-fs: Ignoring removed bh option
[  449.700818][T14205] netlink: 'syz.2.2864': attribute type 10 has an invalid length.
[  449.717898][T14205] netlink: 40 bytes leftover after parsing attributes in process `syz.2.2864'.
[  449.735626][T14201] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  449.780355][T13742] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  450.357425][ T2978] smc: removing net device bond0 with user defined pnetid SYZ2
[  450.367307][ T2978] bond0 (unregistering): Released all slaves
[  450.390954][T14192] team0: Port device dummy0 removed
[  450.404108][T14192] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  450.543911][T14205] dummy0: entered promiscuous mode
[  450.571361][T14205] team0: Port device dummy0 removed
[  450.583602][T14205] bridge0: port 1(dummy0) entered blocking state
[  450.600913][T14205] bridge0: port 1(dummy0) entered disabled state
[  450.619595][T14205] dummy0: entered allmulticast mode
[  450.801570][T14213] syzkaller0: entered promiscuous mode
[  450.807935][T14213] syzkaller0: entered allmulticast mode
[  450.824939][ T2978] tipc: Disabling bearer <udp:syz2>
[  450.840476][ T2978] tipc: Left network mode
[  450.874290][   T30] audit: type=1326 audit(450.834:4501): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  450.987153][   T30] audit: type=1326 audit(450.834:4502): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.066669][   T30] audit: type=1326 audit(450.834:4503): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.102857][   T30] audit: type=1326 audit(450.834:4504): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.139009][   T30] audit: type=1326 audit(450.834:4505): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.176255][   T30] audit: type=1326 audit(450.834:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.439185][   T30] audit: type=1326 audit(450.834:4507): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.472999][   T30] audit: type=1326 audit(450.834:4508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.526167][   T30] audit: type=1326 audit(450.834:4509): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=46 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.580635][T14246] netlink: 'syz.2.2875': attribute type 10 has an invalid length.
[  451.594633][   T30] audit: type=1326 audit(450.834:4510): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14226 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f615498f6c9 code=0x7ffc0000
[  451.633081][T14247] netlink: 'syz.2.2875': attribute type 10 has an invalid length.
[  452.378153][T14254] loop6: detected capacity change from 0 to 764
[  452.440412][T14254] Symlink component flag not implemented
[  452.446592][T14254] Symlink component flag not implemented
[  452.452391][T14254] Symlink component flag not implemented (129)
[  452.477964][T14254] Symlink component flag not implemented (6)
[  452.494721][T14254] rock: directory entry would overflow storage
[  452.502392][T14254] rock: sig=0x4f50, size=4, remaining=3
[  452.524847][T14254] iso9660: Corrupted directory entry in block 6 of inode 1792
[  455.331911][T14246] dummy0: left allmulticast mode
[  455.337127][T14246] dummy0: left promiscuous mode
[  455.342286][T14246] bridge0: port 1(dummy0) entered disabled state
[  455.357252][T14246] team0: Port device dummy0 added
[  455.373764][T14247] team0: Port device dummy0 removed
[  455.384546][T14247] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  455.395706][T14258] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  455.550491][T14260] netlink: 24 bytes leftover after parsing attributes in process `gtp'.
[  455.563783][T14067] chnl_net:caif_netlink_parms(): no params data found
[  455.650336][T14260] netlink: 4 bytes leftover after parsing attributes in process `gtp'.
[  455.705303][T14268] netlink: 96 bytes leftover after parsing attributes in process `syz.3.2880'.
[  455.742542][T14266] loop6: detected capacity change from 0 to 8192
[  455.786122][T14266]  loop6: p2 p3 p4
[  455.790098][T14266] loop6: p2 start 164919041 is beyond EOD, truncated
[  455.797092][T14266] loop6: p3 size 66846464 extends beyond EOD, truncated
[  455.824181][T14266] loop6: p4 size 37048832 extends beyond EOD, truncated
[  455.863736][T14272] IPVS: Unknown mcast interface: hsr0
[  455.998499][T14277] netlink: 'syz.2.2886': attribute type 1 has an invalid length.
[  456.003417][T14281] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2888'.
[  456.127969][T14284] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2888'.
[  456.328181][T14290] netlink: 'syz.6.2891': attribute type 10 has an invalid length.
[  456.380346][T14293] netlink: 'syz.6.2891': attribute type 10 has an invalid length.
[  456.388714][ T2978] veth1_macvtap: left promiscuous mode
[  456.394432][ T2978] veth0_macvtap: left promiscuous mode
[  456.401314][ T2978] veth1_vlan: left allmulticast mode
[  456.406885][ T2978] veth1_vlan: left promiscuous mode
[  456.412268][ T2978] veth0_vlan: left promiscuous mode
[  456.427301][T14295] loop3: detected capacity change from 0 to 1024
[  456.462053][T14295] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  456.496602][T14295] netlink: 14 bytes leftover after parsing attributes in process `syz.3.2893'.
[  456.772089][T14299] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm ext4lazyinit: bg 0: block 88: padding at end of block bitmap is not set
[  457.513344][T14290] bond0: (slave dummy0): Releasing backup interface
[  457.524567][T14290] team0: Port device dummy0 added
[  457.530697][T14067] bridge0: port 1(bridge_slave_0) entered blocking state
[  457.539282][T14067] bridge0: port 1(bridge_slave_0) entered disabled state
[  457.546647][T14067] bridge_slave_0: entered allmulticast mode
[  457.555102][T14067] bridge_slave_0: entered promiscuous mode
[  457.563827][T14292] netlink: 96 bytes leftover after parsing attributes in process `+}[@'.
[  457.579098][T14293] team0: Port device dummy0 removed
[  457.588871][T14293] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  457.626123][T14295] hsr_slave_0: left promiscuous mode
[  457.650533][T14295] hsr_slave_1: left promiscuous mode
[  457.671594][T14301] loop6: detected capacity change from 0 to 1024
[  457.679937][T14301] EXT4-fs: Ignoring removed nobh option
[  457.685645][T14301] EXT4-fs: Ignoring removed bh option
[  457.709682][T14067] bridge0: port 2(bridge_slave_1) entered blocking state
[  457.713128][T14301] EXT4-fs (loop6): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  457.717294][T14067] bridge0: port 2(bridge_slave_1) entered disabled state
[  457.736957][   T30] kauditd_printk_skb: 67 callbacks suppressed
[  457.736974][   T30] audit: type=1804 audit(457.704:4578): pid=14301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.6.2895" name="/newroot/80/file2/bus" dev="loop6" ino=18 res=1 errno=0
[  457.743293][T14067] bridge_slave_1: entered allmulticast mode
[  457.774140][T14067] bridge_slave_1: entered promiscuous mode
[  457.782405][   T30] audit: type=1804 audit(457.734:4579): pid=14301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.6.2895" name="/newroot/80/file2/bus" dev="loop6" ino=18 res=1 errno=0
[  457.803049][   T30] audit: type=1800 audit(457.734:4580): pid=14301 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.6.2895" name="file1" dev="loop6" ino=15 res=0 errno=0
[  457.844946][   T30] audit: type=1326 audit(457.774:4581): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  457.871858][   T30] audit: type=1326 audit(457.774:4582): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  457.899335][   T30] audit: type=1326 audit(457.774:4583): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=14 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  457.920913][   T30] audit: type=1326 audit(457.774:4584): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  457.960166][   T30] audit: type=1326 audit(457.774:4585): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  457.982091][   T30] audit: type=1326 audit(457.774:4586): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  458.018586][T14067] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  458.023683][   T30] audit: type=1326 audit(457.774:4587): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14302 comm="+}[@" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7fe79978f6c9 code=0x7ffc0000
[  458.038841][T14067] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  458.073844][T13742] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  458.228127][ T5917] ------------[ cut here ]------------
[  458.234160][ T5917] WARNING: ./include/linux/ns_common.h:255 at destroy_super_work+0x15c/0x1a0, CPU#1: kworker/1:7/5917
[  458.245400][ T5917] Modules linked in:
[  458.249814][ T5917] CPU: 1 UID: 0 PID: 5917 Comm: kworker/1:7 Not tainted syzkaller #0 PREEMPT(full) 
[  458.259293][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  458.270186][ T5917] Workqueue: events destroy_super_work
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  458.276450][ T5917] RIP: 0010:destroy_super_work+0x15c/0x1a0
[  458.282308][ T5917] Code: 26 63 ff 48 81 c3 a8 fc ff ff 48 89 df e8 ec 26 63 ff 4c 89 f7 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6a 7c e1 ff e8 25 92 86 ff 90 <0f> 0b 90 e9 6d ff ff ff e8 17 92 86 ff 4c 89 e7 be 03 00 00 00 e8
[  458.302166][ T5917] RSP: 0018:ffffc9000465fa48 EFLAGS: 00010293
[  458.308311][ T5917] RAX: ffffffff823a8d5b RBX: ffff88807344c898 RCX: ffff88802b6c9e80
[  458.316344][ T5917] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  458.324344][ T5917] RBP: 0000000000000004 R08: ffff888057608193 R09: 1ffff1100aec1032
[  458.332405][ T5917] R10: dffffc0000000000 R11: ffffed100aec1033 R12: ffff888057608190
[  458.340571][ T5917] R13: dffffc0000000000 R14: ffff88807344c000 R15: ffff888057608000
[  458.348622][ T5917] FS:  0000000000000000(0000) GS:ffff888125fcc000(0000) knlGS:0000000000000000
[  458.357644][ T5917] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  458.364257][ T5917] CR2: 00007f84621e7dac CR3: 0000000078430000 CR4: 00000000003526f0
[  458.373046][ T5917] Call Trace:
[  458.377025][ T5917]  <TASK>
[  458.380083][ T5917]  ? process_one_work+0x868/0x15e0
[  458.385275][ T5917]  process_one_work+0x93a/0x15e0
[  458.390242][ T5917]  ? __lock_acquire+0xab9/0xd20
[  458.395277][ T5917]  ? __pfx_process_one_work+0x10/0x10
[  458.400696][ T5917]  ? assign_work+0x3a1/0x410
[  458.405371][ T5917]  worker_thread+0x9b0/0xee0
[  458.410014][ T5917]  kthread+0x711/0x8a0
[  458.414108][ T5917]  ? __pfx_worker_thread+0x10/0x10
[  458.419305][ T5917]  ? __pfx_kthread+0x10/0x10
[  458.423923][ T5917]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.429236][ T5917]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.434475][ T5917]  ? __pfx_kthread+0x10/0x10
[  458.439190][ T5917]  ret_from_fork+0x599/0xb30
[  458.443810][ T5917]  ? __pfx_ret_from_fork+0x10/0x10
[  458.449046][ T5917]  ? __switch_to_asm+0x39/0x70
[  458.453832][ T5917]  ? __switch_to_asm+0x33/0x70
[  458.458674][ T5917]  ? __pfx_kthread+0x10/0x10
[  458.463289][ T5917]  ret_from_fork_asm+0x1a/0x30
[  458.468159][ T5917]  </TASK>
[  458.471861][ T5917] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  458.479172][ T5917] CPU: 1 UID: 0 PID: 5917 Comm: kworker/1:7 Not tainted syzkaller #0 PREEMPT(full) 
[  458.488567][ T5917] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  458.498643][ T5917] Workqueue: events destroy_super_work
[  458.504135][ T5917] Call Trace:
[  458.507419][ T5917]  <TASK>
[  458.510346][ T5917]  dump_stack_lvl+0x99/0x250
[  458.514937][ T5917]  ? __asan_memcpy+0x40/0x70
[  458.519534][ T5917]  ? __pfx_dump_stack_lvl+0x10/0x10
[  458.524733][ T5917]  ? __pfx__printk+0x10/0x10
[  458.529329][ T5917]  vpanic+0x237/0x6d0
[  458.533305][ T5917]  ? __pfx_vpanic+0x10/0x10
[  458.537794][ T5917]  ? is_bpf_text_address+0x292/0x2b0
[  458.543072][ T5917]  ? is_bpf_text_address+0x26/0x2b0
[  458.548269][ T5917]  panic+0xb9/0xc0
[  458.551982][ T5917]  ? __pfx_panic+0x10/0x10
[  458.556397][ T5917]  ? ret_from_fork_asm+0x1a/0x30
[  458.561330][ T5917]  __warn+0x318/0x4d0
[  458.565303][ T5917]  ? destroy_super_work+0x15c/0x1a0
[  458.570557][ T5917]  ? destroy_super_work+0x15c/0x1a0
[  458.575752][ T5917]  report_bug+0x2be/0x4f0
[  458.580080][ T5917]  ? destroy_super_work+0x15c/0x1a0
[  458.585278][ T5917]  ? destroy_super_work+0x15c/0x1a0
[  458.590476][ T5917]  ? destroy_super_work+0x15e/0x1a0
[  458.595674][ T5917]  handle_bug+0x84/0x160
[  458.599910][ T5917]  exc_invalid_op+0x1a/0x50
[  458.604413][ T5917]  asm_exc_invalid_op+0x1a/0x20
[  458.609257][ T5917] RIP: 0010:destroy_super_work+0x15c/0x1a0
[  458.615059][ T5917] Code: 26 63 ff 48 81 c3 a8 fc ff ff 48 89 df e8 ec 26 63 ff 4c 89 f7 5b 41 5c 41 5d 41 5e 41 5f 5d e9 6a 7c e1 ff e8 25 92 86 ff 90 <0f> 0b 90 e9 6d ff ff ff e8 17 92 86 ff 4c 89 e7 be 03 00 00 00 e8
[  458.634709][ T5917] RSP: 0018:ffffc9000465fa48 EFLAGS: 00010293
[  458.640775][ T5917] RAX: ffffffff823a8d5b RBX: ffff88807344c898 RCX: ffff88802b6c9e80
[  458.648740][ T5917] RDX: 0000000000000000 RSI: 0000000000000004 RDI: 0000000000000000
[  458.656702][ T5917] RBP: 0000000000000004 R08: ffff888057608193 R09: 1ffff1100aec1032
[  458.664673][ T5917] R10: dffffc0000000000 R11: ffffed100aec1033 R12: ffff888057608190
[  458.672638][ T5917] R13: dffffc0000000000 R14: ffff88807344c000 R15: ffff888057608000
[  458.680611][ T5917]  ? destroy_super_work+0x15b/0x1a0
[  458.685818][ T5917]  ? destroy_super_work+0x15b/0x1a0
[  458.691014][ T5917]  ? process_one_work+0x868/0x15e0
[  458.696120][ T5917]  process_one_work+0x93a/0x15e0
[  458.701051][ T5917]  ? __lock_acquire+0xab9/0xd20
[  458.705915][ T5917]  ? __pfx_process_one_work+0x10/0x10
[  458.711290][ T5917]  ? assign_work+0x3a1/0x410
[  458.715877][ T5917]  worker_thread+0x9b0/0xee0
[  458.720483][ T5917]  kthread+0x711/0x8a0
[  458.724550][ T5917]  ? __pfx_worker_thread+0x10/0x10
[  458.729660][ T5917]  ? __pfx_kthread+0x10/0x10
[  458.734244][ T5917]  ? _raw_spin_unlock_irq+0x23/0x50
[  458.739441][ T5917]  ? lockdep_hardirqs_on+0x9c/0x150
[  458.744638][ T5917]  ? __pfx_kthread+0x10/0x10
[  458.749221][ T5917]  ret_from_fork+0x599/0xb30
[  458.753810][ T5917]  ? __pfx_ret_from_fork+0x10/0x10
[  458.758926][ T5917]  ? __switch_to_asm+0x39/0x70
[  458.763682][ T5917]  ? __switch_to_asm+0x33/0x70
[  458.768524][ T5917]  ? __pfx_kthread+0x10/0x10
[  458.773102][ T5917]  ret_from_fork_asm+0x1a/0x30
[  458.777877][ T5917]  </TASK>
[  458.781163][ T5917] Kernel Offset: disabled
[  458.785473][ T5917] Rebooting in 86400 seconds..