last executing test programs:

3m28.183991241s ago: executing program 32 (id=48):
r0 = socket$inet6(0xa, 0x2, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$batadv(&(0x7f0000000200), r1)
getsockname$packet(r1, &(0x7f0000000440)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000000c0)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000380)=@newlink={0x3c, 0x10, 0x437, 0x1, 0x0, {0x0, 0x0, 0x0, r2, 0x2a8e9, 0xc4a48b7f26be2e0b}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x8, 0x2, 0x0, 0x1, [@IFLA_GRE_COLLECT_METADATA={0x4}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4000000}, 0x40)
sendmmsg$inet(r0, &(0x7f00000018c0)=[{{&(0x7f0000000040)={0x2, 0x4e1c, @multicast1}, 0x10, 0x0, 0x0, &(0x7f0000000080)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r2, @empty, @multicast1}}}], 0x20}}], 0x1, 0x4880)

3m11.76802754s ago: executing program 33 (id=600):
r0 = creat(&(0x7f0000000100)='./file0\x00', 0x0)
close(r0)
socket$inet6(0xa, 0x2, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f00000001c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000180), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r1}})
sendmmsg$inet6(r0, &(0x7f0000004540)=[{{&(0x7f0000000000)={0xa, 0x4e21, 0x81, @loopback, 0xd}, 0x1c, 0x0, 0x0, 0xfffffffffffffffd}}, {{&(0x7f0000001600)={0xa, 0x4e22, 0x9, @private1}, 0x1c, 0x0, 0x0, &(0x7f0000001940)=[@hopopts={{0x18, 0x29, 0x36, {0x3a}}}, @tclass={{0x14, 0x29, 0x43, 0xb}}, @rthdr_2292={{0x18, 0x29, 0x39, {0x3b, 0x0, 0x1, 0x3}}}], 0x48}}, {{0x0, 0x0, 0x0}}], 0x3, 0x20010080)

2m46.617172245s ago: executing program 34 (id=1073):
r0 = perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x28, 0x1, 0x0, 0x0, 0x0, 0x100000000000009, 0x3c033, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x107b7e, 0x2, @perf_config_ext={0x0, 0x3fff8000}, 0x8312, 0x32, 0x43a1bd76, 0x7, 0x9, 0x6, 0x2, 0x0, 0x0, 0x0, 0x2009}, 0x0, 0x400000000, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000018c0)={0x5, 0x5, &(0x7f0000000180)=ANY=[@ANYBLOB="180800000000000000000000000000001800000000000000000000000000000095"], &(0x7f0000000280)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x48, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004845}, 0x480c5)
r2 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000540)=ANY=[@ANYBLOB="140000001000040000000000000000000000000a20000000000a05000000000000000000070000000900010073797a30000000003c000000090a010400000000000000000700000008000a40000000000900020073797a31000000000900010073797a300000000008000540000000218c0000000c0a01030000000000000000070000090900020073797a31000000000900010073797a3000000000600003805c000080080003400000000250000b802c0001800a0001006c696d69740000001c0002800c00024000000000000000000c000140000000000000000320"], 0x110}}, 0x0)

2m44.338736727s ago: executing program 35 (id=1102):
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32, @ANYRES16], 0x3c}, 0x1, 0x0, 0x0, 0x40020c1}, 0x0)
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffc000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000ffe000/0x1000)=nil, &(0x7f0000ffa000/0x4000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ff0000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x899, &(0x7f0000000040)={0x0, 0x3cb1, 0x1c080, 0xa, 0x20002f7})
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1c, 0x3, &(0x7f0000000000)=@framed={{0xdb, 0xa, 0xa, 0xfe00, 0xa0, 0x71, 0x10, 0x1d}}, 0x0, 0x7fff, 0x53, 0x0, 0x0, 0x79, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3}, 0x94)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

2m8.033930453s ago: executing program 36 (id=1849):
bpf$BPF_TASK_FD_QUERY(0x14, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x2c, &(0x7f0000000000)='/proc/sys/net/\x00\x00v4\x00\x00s/\x92ync_\x00le\xf44.\xab%nN\xd4\xa2\x88\x00\xd1l,'}, 0x30)
r0 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
fchdir(r0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r1, &(0x7f0000000180)=""/82, 0x52)
getdents64(r1, 0xfffffffffffffffe, 0x29)

2m0.500104592s ago: executing program 37 (id=1952):
pwritev2(0xffffffffffffffff, 0x0, 0x0, 0x7000, 0x0, 0x3)
prlimit64(0x0, 0xe, &(0x7f0000000000)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000002200)=0x1)
r0 = syz_open_dev$MSR(&(0x7f0000000200), 0x0, 0x0)
read$msr(r0, &(0x7f0000002700)=""/102392, 0x18ff8)
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000300)='net/igmp6\x00')
preadv(r1, &(0x7f0000002400)=[{&(0x7f0000001340)=""/4096, 0x1000}], 0x1, 0x39c5, 0x0)

1m53.032276306s ago: executing program 38 (id=2071):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = memfd_create(&(0x7f00000003c0)=' \xc76\xbe\x91\x8d\x182)!\x9a%\xa2\xd28\xd6\x06\a\x0e\xfc\xfe\x12\x8f&\x13\xae%@T\xa3\xb0>\\\xec\xa9\xf9Q@6A\x10\x8cn|\x00\x00\x00\x00v\x00\x00\x00\x00\x00\x00\x05\x00\x00\x00\x00\x00\x00\x00\x1d\x03\xe1\xfcm\x9b\xf7fo\"i\xa1hk\x1f\xf5z\xc1\x7f\xa4\\]\xc4\xbe3\xf9\xa8\t?:\xd8\xda\x84\xffpI[\x1c\x00\x00\x00\x00\xf9v\x00\x00\x00\x00\x00T\xb6\xbe\x0f~\xc0\x92\xe9O{\xa8\x81(\x01\x14\xfc\x83\xf9\xfb\x05\x94T\x81@Lq]\xf9\x15zj\x87\xc4\x8e\xe8/\xb9-&R\x8e\xb2\xb3bBx\x1e1\x18\x8f\x19\xf7]#\xed,\xc7\x11\tp\xf4\xa3\xee\x00\x00\x00\x00\'}\x18\xe8O\xa8\xe9\xcf\xb6\xe4U\x92\xd2\x9d\xb8<X\xfa\xdd\x8a6\xa1\x82\xf7r\xd8z\x85\x8do\xa5\xed\xd4\xbc8U\x1e\xf2tl8\xfe\xd0\x94\xfe\xf5\x1c+\x00U\te\xfa6\xca\xb9\xb4Q\xd9\xee\r6\x861h{\xc7z\'F\xc7\x91\x06x\xe1`\xf1:\xcf+\xd5\f\xb2\xce\xa4\x06\x90\x90\x9b\x1d\xcaa\xf7\x8f\xaf\x80\x93\xafT\xdfl\xec\xc6\x91\x96\r[n\xc6\x99\x1fr<\x06\xb3\xbcT\x00\xda6\x18/\xc1\x81\x8e8L\xcb*S_\xd0:\xa4V\xbd\xf1\xa4\x955\xa9\x9d\xe0\x9b\xd3\x95\xc88n:\x89>?2\xc8\xe7kovd\xa4\x1bl+\x14\x17\x14\x17C2! U\x04:\xd93W;\xfc\x1b\xfd}\x05\xf9\x11\xf3)>q\x10\xd3\xf0\xaf>\xf8t(bX\xe3g\x05\xfe\b\xbcy\x95*\xca\a\xaf\xbb\xf9\xc3Y\xa2\x91\x90.\xc8\xbe\xb0\xa6\xbd\xbd\xfd\xfaf*\xb2&\x82\xa0\x17\xe7)\xf5\xa2\xccv\n\x1b\xd4\xf4\x11*\xc9\xc6*\xa4.\x94[$\xb8\xb3Q\xde\xd8A\xa4~\xfb\xf2\tM\x1e\xe9\xa5\v\xc5\xba(\x89\xb0l\x92H\x1cR\x1f>\xc4ie\xe0B\xf0[\xe2\xe1\x12\x1d\x8fR&\xd1\xa6#\xda.\x0f\xd7\xd7\xa4\x90\x14\x92I\xf82&\x16<\xf2RR\xc2\x02.Q\xef\x85\xef\xf9\xe5\x00\xe9\xca\xb1\x8c\x11\x11l\x9f\xc8\b\xf7A\xa6\x81\xad\xdc\x95\xc8\xefP2\xa8\x87\x01\x00\\\xfee \n0F\xbc\x85\xc5C\xd0\x99\xe4\t\xab`\'t\xc2\xe9\x13\xcag\xea\xb3\xb5\x92\x00J\xc6y\x05\xcc\xde\xa0\xf6\xb9 \xe5\xdd\f\x18\xfc\xe0\xc3(\xd8\xeb\x1a6\xe6\xfa\x93\xc07R\x0f-\x9e\xf3\x87E\xa3\xd5o\x1bA\x88L/\xe7>45Q?\be\x7f\xa9\x9a\xcae\xd8Y\xdf]\x1bS\x825\xcb\x00\xa4}\x97\x84T\xad\x9b\x1e!\x8a\xbc\x02+#Q\xa9 \xe9\x05r\xe1\xec\x0f\xa7\xe6Of\x95\x02{\xa0\xdeq\x90x!\xd0\x0f\t\x9d\xcd z\x1fJ<\x1c8\x80,U\x9f\x0e\xc4\xa7\xa9\xd0\xe0\x87\xdb\x03\x1f\x00\x05\xbc8Y\xdcQ\b\xfe\xa22T\xf0P\xce\x9c\x9f\xcf\xa3F\x85%&\x1fS\x8e\xff\xbd;2\xe3\x18\xb2I\xfd\x85\xbc\x84\xc3\x01}2\x1c\xa3\x12\xee\xd4\x89\xfd\f!\xe9\xe9\xe4\xf2\xf8\xb8\\\xf3\xcc9\x93\xc2\xfb1\xa3\xeb\xca8.%\x8f@\x88\x92\x9eR\xe2\xb2\x14\b\x18\x12P\xbc\xfb\x12\xa6\n\f\x11\x13J\xf7 u~\x8b\x0f\xb4D\x97\xceUM\xca\x00\x8f\xdd\x1a\xee\xf7\xfb\xf7\xba\xba\x80\x91\xb24\xf8d\xdbM\xf3\xf1\xe5\x15\xbf\xb86\xb4V\xe7$\xd6\xac*\xaa^\xb0x\x1a\xf8\xd0\x10}\x86\xab\xe7\x93\xb3l\xa9\x05\x82};m\xac7\xe5\x9bYH\xd2B:\xc9#\xac\xb3\r/\x0eF\xc2?N%\x8d#\xabk\x99\xe1\x86\xcdcJ\xdd9\x85\xf8\xb2F\xd7\xf2\xc5o\x1e\x7f\x97\\\xe7\'\xc1D/\r\xaf\x98Q\"\x7f\x13\x89\a\xbe\x06\xf35\xff\xe6\xa8\x9c\x01\xc3\x88\xa4\x95\x06\xa0\x1a/%w\x98\xf8h\f\xe6\xf2$y\xee\xa7\x16\xf8\x91#\x06\xad6p\xc2\x0f_6\xaeIr;\xfd\xf9\xc0\xb8O\xc7\xac\xf9\xc00\xac\x90\xf4\xc7U\xc35b\xa1\x8a\xf5\rRn%\xb9\xf9\xbbT J;\xfc\xd8\xf9\x887\x1d&\x90$\x066\xf1\x9f8\xd5\x88\x13\xfc\xa8\xd8\x10\x04\xbd\xd4\xfa\f\x1b\xfb\x98\x98\xc0\xfa\xae\x13q\x00\x00', 0x1)
ftruncate(r2, 0x400000)
finit_module(r2, 0x0, 0x0)

1m45.314564182s ago: executing program 39 (id=2211):
socket$inet6_udp(0xa, 0x2, 0x0)
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
fcntl$lock(0xffffffffffffffff, 0x7, 0x0)
fcntl$lock(r0, 0x7, &(0x7f0000000040)={0x1, 0x0, 0x200000000})
r1 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000001100)='fdinfo/4\x00')
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
pread64(r1, &(0x7f0000002140)=""/17, 0x11, 0x0)

1m41.868046668s ago: executing program 40 (id=2257):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000009b00)={&(0x7f0000000500)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x3}}, [@NFT_MSG_NEWRULE={0x48, 0x6, 0xa, 0x401, 0x0, 0x0, {0xa, 0x0, 0x4}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x1c, 0x4, 0x0, 0x1, [{0x18, 0x1, 0x0, 0x1, @synproxy={{0xd}, @val={0x4}}}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x70}, 0x1, 0x0, 0x0, 0x4000850}, 0x24044010)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x1f, 0x18, &(0x7f0000000700)=ANY=[@ANYBLOB="18000000feffffff0000000000000000b7080000000000007b8af8ff00000000b7080000010000807b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018230000", @ANYRES32, @ANYBLOB="0000000000000000b7050000080000008500f4ffa50000001801000020201af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300000000000085000000b00000070e55a0ef"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x11, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x2}, 0x94)
r1 = socket$kcm(0xa, 0x922000000003, 0x11)
setsockopt$sock_attach_bpf(r1, 0x29, 0x24, &(0x7f00000000c0), 0x4)
sendmsg$kcm(r1, &(0x7f0000000000)={&(0x7f00000007c0)=@l2tp6={0xa, 0x0, 0x0, @mcast1, 0x9}, 0x80, &(0x7f0000000080)=[{&(0x7f0000000780)="f4000900062b2c25fe80000000000000dc8b850f238466cc00007a000000ad6e911b51818462b4003a000001", 0x38}], 0x1}, 0x0)

1m6.472999743s ago: executing program 41 (id=2807):
r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000200), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000040)={{0x1}})
r1 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0)
ioctl$SNDRV_TIMER_IOCTL_SELECT(r1, 0x40345410, &(0x7f0000000180)={{0x1, 0x1}})
ioctl$SNDRV_TIMER_IOCTL_START(r1, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_START(r0, 0x54a0)
ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r1, 0x54a2)

45.100248267s ago: executing program 1 (id=3120):
r0 = socket$pppl2tp(0x18, 0x1, 0x1)
r1 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r0, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r1, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x20}}, 0x2}}, 0x2e)
r2 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000300)={0xffffffffffffffff, 0x2000000, 0x3, 0x0, &(0x7f0000000600)="c9f7b9", 0x0, 0x7ffd, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
sendmsg$L2TP_CMD_SESSION_DELETE(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000005c0)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="01002cbd701004000000050000000600010005000000080009000200000008000b000000000008000c00a80a00000500130008000000050005"], 0x44}, 0x1, 0x0, 0x0, 0x20008802}, 0x30)

44.634644848s ago: executing program 1 (id=3124):
openat(0xffffffffffffff9c, 0x0, 0x121042, 0x115)
r0 = syz_clone(0x1000000, 0x0, 0x0, 0x0, 0x0, 0x0)
r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00')
syz_read_part_table(0x405b, &(0x7f0000004080)="$eJzszjFKA1EUBdCbxMGvDARBK0EM9jJ2VrOL6SVrsFZxdmIZXIArsnQLIyhGEkW0CKicU73P5b1/wx9RltMoycP8fi/J8Sx907yGW2/5zvtSc5Zqt4xTJ7n8eLNbbL43AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADwS41XXtdraVlO88P0V23O66QcTJPbSar2aJT9ZHb6yd1J8phklOQpSTfdUH8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4J+5WHltr8f1F6t3J+nb6mW8STIMw/Dtb0vSLX7SE57ZgQMBAAAAACD/10aoqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqwg4cCAAAAAAA+b82QlVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVRV24EAGAAAAQJi/dR7tBwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgKMCAAD//wx/Es8=")
fchdir(r1)
mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000140)='proc\x00', 0x0, 0x0)
syz_open_procfs$namespace(r0, &(0x7f0000002400)='ns/time\x00')

44.319270116s ago: executing program 1 (id=3128):
syz_open_dev$vcsa(0x0, 0x2, 0x40000)
bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x3003, 0x0, 0x0, 0x0, 0x9, 0x0, 0x3}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$netlink(0x10, 0x3, 0x8000000004)
writev(r2, &(0x7f0000000140)=[{&(0x7f0000000080)="580000001400192340834b80040d8c560a067f0200ff000000000000000058000b4824ca945f64009400ff0325010ebc000000000000008000f0fffeffe809005300fff5dd00000010000100080c10000000000000000000", 0x58}], 0x1)

43.923264361s ago: executing program 1 (id=3134):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x408e, &(0x7f0000000240)={[{@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x2e}}, {@min_batch_time={'min_batch_time', 0x3d, 0xfff}}, {@inode_readahead_blks={'inode_readahead_blks', 0x3d, 0x80}}, {@stripe={'stripe', 0x3d, 0x4000}}, {@errors_remount}, {@max_batch_time={'max_batch_time', 0x3d, 0x4}}]}, 0x3, 0x43a, &(0x7f0000000340)="$eJzs28tvG0UYAPBv13FKXySU8ugDCBRExCNp0gI9cAGBxAEkJDiUY0jSqtRtUBMkWlUQECpHVIk74ojEX8AJLgg4IXGFO6pUoVxaOBmtvZs4jp0mwY5L/ftJm8zsjjPzeXbs2Z1sAH1rJPuRROyJiN8jYqieXV1gpP7r5tLl6b+XLk8nUa2+9VdSK3dj6fJ0UbR43e48M5pGpJ8lcahFvfMXL52dqlRmL+T58YVz74/PX7z07JlzU6dnT8+enzxx4vixiReen3yuI3Fmbbpx8KO5wwdee+fqG9Mnr77787dJEX9THB0yst7BJ6rVDlfXW3sb0slADxvCppQiIuuucm38D0UpVjpvKF79tKeNA7qqWq1Wd7c/vFgF7mBJbLTk2fzzArgzFF/02fVvsW3T1OO2cP2l+gVQFvfNfKsfGYg0L1Nuur7tpJGIOLn4z1fZFt25DwEAsMr32fznmVbzvzTubyh3d742NBwR90TEvoi4NyL2R8R9EbWyD0TEg5usv3mRZO38J722pcA2KJv/vZivba2e/xWzvxgu5bm9tfjLyakzldmj+XsyGuUdWX5inTp+eOW3L9oda5z/ZVtWfzEXzNtxbWDH6tfMTC1M/ZeYG13/JOLgQKv4k+WVgCQiDkTEwS3Wceapbw63O9Yu/vJG/nAH1pmqX0c8We//xWiKv5Csvz45fldUZo+OF2fFWr/8euXNdvXfuv+7K+v/XS3P/+X4h5PG9dr5zddx5Y/P217TbPX8H0zerqUH830fTi0sXJiIGExerze6cf/kymuLfFE+i3/0SOvxvy9W3olDEZGdxA9FxMMR8Uje9kcj4rGIOLJO/D+9/Ph7W4+/u7L4ZzbV/yuJwWje0zpROvvjd6sqHd5M/Fn/H6+lRvM9G/n820i7tnY2AwAAwP9PGhF7IknHltNpOjZW/3/5/bErrczNLzx9au6D8zP1ZwSGo5wWd7qGGu6HTuSX9UV+sil/LL9v/GVpZy0/Nj1Xmel18NDndrcZ/5k/S71uHdB1nteC/mX8Q/8y/qF/Gf/Qv1qM/529aAew/Vp9/3/cg3YA269p/Fv2gz7i+h/6l/EP/cv4h740vzNu/ZC8hMSaRKS3RTMkupTo9ScTAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAZ/wbAAD//9E940M=")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000980)='./file1\x00', 0x42, 0xc2)
pwrite64(r0, &(0x7f0000000080)="cc", 0x1, 0x200980)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x101042, 0x15)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r1, 0x0)
r2 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
process_vm_writev(r2, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x20, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0xd8d0481}], 0x1, 0x0)

43.679467563s ago: executing program 1 (id=3138):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000140), 0x40241, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000000)={'syzkaller1\x00', 0xc201})
r1 = socket$kcm(0x2, 0xa, 0x2)
r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a)
recvmsg(r2, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2000000}, 0x105aa)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000040)={'syzkaller1\x00', @multicast})
write$tun(r0, &(0x7f00000004c0)=ANY=[@ANYBLOB="000086dd0500560008005400000060ec970001983a00fc000018c6ba35000000000000000700ff020000000000000000000000000001"], 0xfdef)

43.456544672s ago: executing program 1 (id=3141):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x258, @loopback, 0x4}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x80006, @loopback, 0x3fd}], 0x1c)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000080)=0x42, 0x4)
sendto$inet6(r0, &(0x7f0000000240)='S', 0x2a000, 0x40000201, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r1, 0xffffffffffffffff, 0x0)

43.436477764s ago: executing program 42 (id=3141):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000000)=[@in6={0xa, 0x4e23, 0x258, @loopback, 0x4}], 0x1c)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f00000000c0)=[@in6={0xa, 0x4e23, 0x80006, @loopback, 0x3fd}], 0x1c)
setsockopt$sock_int(r0, 0x1, 0x21, &(0x7f0000000080)=0x42, 0x4)
sendto$inet6(r0, &(0x7f0000000240)='S', 0x2a000, 0x40000201, 0x0, 0x0)
r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0026}]})
close_range(r1, 0xffffffffffffffff, 0x0)

39.19206195s ago: executing program 0 (id=3197):
syz_mount_image$ext4(&(0x7f0000000900)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x1000040, &(0x7f00000000c0)={[{@nouid32}, {@nodioread_nolock}, {@noquota}, {@delalloc}, {@journal_dev={'journal_dev', 0x3d, 0x9}}, {@commit}]}, 0x1, 0x5a3, &(0x7f00000002c0)="$eJzs3T1sG3UbAPDnznHTj7xv+krvK72gDhUgFamqk/QDClO7IipV6oDEApHjRlWcuIodaKJIpHuF6IAAdSkbDIwgBgbEwsjKwseMVNEIpKYDGDk+p2nqFCfEMcS/n3TJ/3939vP8fX7OvtOdHEDfOtr4k0Y8EREXk4jhdcsGIlt4tLneyvJi8f7yYjGJev3Sz0kkEXFvebHYWj/J/h+KiKWI+H9EfJWPOJ6uPeW+VqM6vzA1Xi6XZrP+SG366kh1fuHElenxydJkaebU8y+cOXv6zNjJsfXp3q+v7+W3NtYb3998+8Y3L92++fEnR5aK744ncS6GsmXrx7GTmq9JPs5tmH+6G8F6KOl1AmxLLqvzRin9L4Yjl1V9O/X1O4fBXUkP6KL6YER9zbom0AcSRQ99qvU9oHH825p28/vHnfPNA5BG3JXlxeJb0Yo/0Dw3EftXj00O/pI8dGTSON48vJuJsictXY+I0YGBR9//Sfb+277RnUiQrvryfHNDPbr907X9T7TZ/wy1zp3+Ra3930q2/1tpEz+3yf7vYocxfnv1xw82jX99MJ5sGz9Zi5+0iZ9GxOsdxr/1yudnN1tW/zDiWLSP35I8/vzwyOUr5dJo82/bGF8cO/Li5uOPOLhJ/OY52/2riawf/74sp7TD8X/29adPLT0m/rNPP377t3v9D0TEOx3G/8+9j17ebNmd68ndxreArW7/JPJxu8P4z507+l3WdNYQAAAAAAAAAAB2ULp6LVuSFtbaaVooNO/h/W8cTMuVau345crczETzmrfDkU9bV1oNN/tJoz+WXY/b6p/c0D+VywLmDqz2C8VKeaLHYwcAAAAAAAAAAAAAAAAAAIC/i0Mb7v//Nbd6///Gn6sG9qrNf/Ib2OvUP/Svh+s/6VkewO7z+Q99q67+oX+pf+hf6h/6l/qH/tW2/g/sfh7A7vP5D/1L/QMAAAAAAAAAAAAAAAAAAAAAAAAAQFdcvHChMdXvLy8WG/2Jgfm5qcobJyZK1anC9FyxUKzMXi1MViqT5VKhWJn+s+dLKpWrozEzd22kVqrWRqrzC69NV+ZmWr8pWsp3fUQAAAAAAAAAAAAAAAAAAADwzzO0OiVpISLf7KdpoRDxr4g4nERy+Uq5NBoR/46Ib3P5wUZ/rNdJAwAAAAAAAAAAAAAAAAAAwB5TnV+YGi+XS7PdawxkoTp71A+1ruYzsJWVI2JpZ9NoPOOWH5XPXsDubqY+aeQ6fB/2faOHOyUAAAAAAAAAAAAAAAAAAOhTD2767fQRv3c3IQAAAAAAAAAAAAAAAAAAAOhL6U9JRDSmY8PPDG1cui9Zya3+j4g3b11679p4rTY71ph/d21+7f1s/sle5A90qlWnaUQ06hgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4oDq/MDVeLpdmt9kY7GCdXo8RAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAYDv+CAAA//9bQM66")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x42, 0x0)
truncate(&(0x7f0000000940)='./file1\x00', 0x2fffffd)
mmap(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x27ffff7, 0x4012011, r1, 0x0)
sendmmsg(0xffffffffffffffff, &(0x7f00000030c0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x9200000000000000)
ioctl$EXT4_IOC_MOVE_EXT(r0, 0x40305829, &(0x7f0000000180)={0x17c04, 0xffffffffffffffff, 0x84, 0x75ea, 0x800004})

38.790857276s ago: executing program 0 (id=3203):
munmap(&(0x7f0000001000/0x3000)=nil, 0x3000)
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0x3c, &(0x7f0000000040)=0x1, 0x4)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000000c0)=0x1, 0x4)
connect$inet(r0, &(0x7f0000000080)={0x2, 0x0, @loopback}, 0x10)
setsockopt$inet_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f00000001c0)=0xffffffffffffffff, 0x4)
sendmmsg$inet(r0, &(0x7f00000060c0)=[{{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000001040)="fc", 0x1}], 0x1}}], 0x1, 0x4000000)

38.50731235s ago: executing program 0 (id=3205):
bpf$PROG_LOAD(0x5, &(0x7f0000000280)={0x15, 0x2000000000000216, &(0x7f0000000440)=ANY=[@ANYBLOB="18000000000000000000000000000000850000000f00000018010000646c6c2400000000000000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], 0x0, 0xffffffff, 0x0, 0x0, 0x41000, 0x1c, '\x00', 0x0, @fallback=0x28, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xb, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r1 = perf_event_open(&(0x7f00000012c0)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x200, 0x20, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_bp={0x0}, 0x0, 0x400000, 0x0, 0x0, 0x80000001, 0xffffffff}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
ioctl$PERF_EVENT_IOC_SET_BPF(r1, 0x40042408, r0)
r2 = socket$inet6_tcp(0xa, 0x1, 0x0)
r3 = dup(r2)
setsockopt$IPT_SO_SET_REPLACE(r3, 0x4000000000000, 0x40, &(0x7f0000000000)=@raw={'raw\x00', 0xe501, 0x3, 0x490, 0x320, 0x6affffff, 0x3403000b, 0x320, 0x7, 0x3f8, 0x230, 0x230, 0x3f8, 0x223, 0x3, 0x0, {[{{@ip={@remote, @local, 0x0, 0x0, 'veth1_macvtap\x00', 'veth1_to_team\x00', {}, {}, 0x6}, 0x0, 0x2d8, 0x320, 0x0, {0x1000000}, [@common=@unspec=@bpf0={{0x230}, {0x1, [{0x6}]}}, @common=@unspec=@time={{0x38}}]}, @unspec=@CT0={0x48, 'CT\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 'pptp\x00'}}}, {{@uncond, 0x0, 0x70, 0xd8}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'syz0\x00', 'syz1\x00'}}}], {{'\x00', 0x0, 0x70, 0x98}, {0x28, '\x00', 0x4}}}}, 0x4f0)

37.790992124s ago: executing program 0 (id=3214):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x214802, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfe39}], 0x1, 0xe7b, 0x0, 0x0)

37.444841184s ago: executing program 0 (id=3216):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r1, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x0, 0x8})
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuset.effective_cpus\x00', 0x275a, 0x0)
fcntl$lock(r2, 0x26, &(0x7f0000000000)={0x1})
flock(r2, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

36.854150087s ago: executing program 0 (id=3224):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x8a42, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0x5, "d52c2000000102000300ecffffff0100"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup(r1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x6)
ioctl$TCFLSH(r1, 0x540b, 0x2)

36.781070753s ago: executing program 43 (id=3224):
r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000001c0), 0x8a42, 0x0)
ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x3, 0x1000002, 0x0, 0x5, "d52c2000000102000300ecffffff0100"})
r1 = syz_open_pts(r0, 0x0)
r2 = dup(r1)
ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000000c0)=0xe)
ioctl$TIOCPKT(r0, 0x5420, &(0x7f0000000080)=0x6)
ioctl$TCFLSH(r1, 0x540b, 0x2)

34.89063674s ago: executing program 2 (id=3254):
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x880}, 0x0)
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x8, 0x94, 0x7fff0000}]})
close_range(r0, 0xffffffffffffffff, 0x0)
syz_io_uring_setup(0x758a, &(0x7f00000002c0)={0x0, 0xf657, 0x1, 0x9, 0x80000}, 0x0, 0x0)
connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000)={0x28, 0x0, 0x0, @hyper}, 0x10)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
io_uring_register$IORING_REGISTER_FILES(0xffffffffffffffff, 0x1f, &(0x7f0000000000)=[r0], 0x1)

34.748167233s ago: executing program 2 (id=3255):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
mkdirat(r2, &(0x7f0000000000)='./file0\x00', 0x10e)
open_tree(r2, &(0x7f0000000040)='./file0/file0\x00', 0x81000)

34.620513804s ago: executing program 2 (id=3256):
r0 = gettid()
timer_create(0x1, &(0x7f0000000800)={0x0, 0x21, 0x4, @tid=r0}, &(0x7f0000000000))
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x3ed4, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x9)
prlimit64(0x0, 0x2, &(0x7f0000000040)={0x0, 0xffffffffffffffff}, 0x0)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}, {0x0, 0x989680}}, 0x0)
mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x400000, 0x3, &(0x7f0000000000/0x400000)=nil)

34.510686654s ago: executing program 2 (id=3258):
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000200)='./file1\x00', 0x214802, &(0x7f0000000980)={[{@nojournal_checksum}, {@nombcache}, {@barrier}, {@norecovery}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@lazytime}, {@nodelalloc}, {@usrquota}, {@noauto_da_alloc}, {@bh}, {@init_itable}]}, 0xff, 0x551, &(0x7f0000000cc0)="$eJzs3d9vU1UcAPDv7Tp+KyMhJPpgFnkQg3Rs8wcmPuCjUSKJvmOzXRaylpK1I2ySCA/y4oshJsZIYvwDfPeR+A/4V5AoCTFk0Qdfam53ywprt9EVNuznk9xyzj23nHt67vdwbs8lDWBojWcvhYhXIuLbJOJwR1kx8sLx1eNWHl6fybYkms3P/koiyfe1j0/yPw+2M8WI376OOFl4rMqx7KW+tDxfrlTShXznRKN6ZaK+tHzqUrU8l86ll6emp8+8Mz31/nvvDqytb57/54dP73505pvjK9//cv/I7STOxqG8rLMd23CjMzMe4/lnMhpnnzhwcgCV7SbJTp8AfRnJ43w0sjHgcIzkUQ/8/30VEU1gSCXiH4ZUex7Qvrcf0H3wC+PBh6s3QOvbX1z9biT2te6NDqwkj90ZJe0vMrYpq+PXP+/czrYY3PcQAJu6cTMiTheL68e/JB//+nd6C8c8WYfxD56fu9n8561u85/Co/lPdJn/HOwSu/3YPP4L9wdQTU/Z/O+DrvPffNFqLMZG8txLrexocvFSJc3Gtpcj4kSM7s3yG63nnFm51+xV1jn/y7as/vZcMD+P+8W9j79nttwob6/Vax7cjHi16/w3edT/SZf+zz6P81us41h657VeZZu3/9lq/hzxRtf+X1vRSjZen5xoXQ8T7ativb9vHfu9V/073f6s/w9s3P6xpHO9tv70dfy079+0V1m/1/+e5PNWek++71q50ViYjNiTfLJ+/9Tae9v59vFZ+08c33j863b974+IL7bY/ltHb/U8dFv9P4BF16z9s0/V/0+fuPfxlz/23/6s/99upU7ke7Yy/m31BLfz2QEAAAAAAMBuU4iIQ5EUSo/ShUKptPp8x9E4UKjU6o2TF2uvR6us9fxDob3SfbjjeYjJ/HnYdn7qifx0RByJiO9G9rfypZlaZXanGw8AAAAAAAAAAAAAAAAAAAC7xMEe//8/88fITp8d8Mz5yW8YXpvG/yB+6QnYlfz7D8NL/MPwEv8wvMQ/DC/xD8NL/MPwEv8wvMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAADNT5c+eyrbny8PpMlp+9urQ4X7t6ajatz5eqizOlmdrCldJcrTZXSUsztepmf1+lVrsyORWL1yYaab0xUV9avlCtLV5uXLhULc+lF9LR59IqAAAAAAAAAAAAAAAAAAAAeLHUl5bny5VKuiAh0VeiuDtOQ2LAiZ0emQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABgzX8BAAD//7VBN58=")
open(&(0x7f0000000180)='./bus\x00', 0x14927e, 0x0)
mount(&(0x7f0000000280)=@loop={'/dev/loop', 0x0}, &(0x7f0000000140)='./bus\x00', 0x0, 0x5000, 0x0)
r0 = open(&(0x7f0000000000)='./bus\x00', 0x8000, 0xa0)
ioctl$LOOP_SET_STATUS64(r0, 0x4c04, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x8005, 0x0, 0x0, 0x14, 0xd, "ef359f413bb9386ff7d6a4ae6dddfbd1ce5d29c2ee5e5ca9000ff8ee09e7376b7a5ff537ed73ac58818d78c660e677df8dc905b90242b7c528a076d2f6a00400", "036c5bc6780820d1cbf7966d61fdcf335263bd9b0abdc2542ded71038259ca171ce1a311ef545032d71e14ef3dc177e9b48b001d00", "f28359738e229a4c66810000000000d300e6d602000000000000000000000001", [0x8]})
r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x143041, 0x0)
pwritev2(r1, &(0x7f00000001c0)=[{&(0x7f0000000080)="ff", 0xfe39}], 0x1, 0xe7b, 0x0, 0x0)

34.145862307s ago: executing program 2 (id=3262):
syz_genetlink_get_family_id$devlink(0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000100)={0x1, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x10020, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @perf_config_ext, 0x10208}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x1}, 0x0, 0x0, 0x8, 0x2, 0x2, 0x3f, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0x1)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={0xffffffffffffffff, 0x2f00020b, 0xe, 0x0, &(0x7f0000000200)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0x7515, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="220000000400000010000000"], 0x48)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0)={r0, <r1=>0xffffffffffffffff}, 0x4)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x11, 0x10, &(0x7f0000000100)=@framed={{}, [@snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x3264}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}, {}, {0x85, 0x0, 0x0, 0x76}}]}, &(0x7f0000000080)='GPL\x00', 0x5, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xfffffffe}, 0x94)

33.151196515s ago: executing program 2 (id=3272):
r0 = socket(0x1e, 0x1, 0x0)
close(0x3)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000002080)={r2}, &(0x7f00000020c0)=0x8)

33.062037872s ago: executing program 44 (id=3272):
r0 = socket(0x1e, 0x1, 0x0)
close(0x3)
socket(0x2, 0x80805, 0x0)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_GET_LOCAL_ADDRS(r0, 0x84, 0x6d, &(0x7f0000002080)={r2}, &(0x7f00000020c0)=0x8)

23.924503602s ago: executing program 3 (id=3429):
perf_event_open(&(0x7f0000000500)={0x2, 0x80, 0x29, 0x1, 0x0, 0x0, 0x0, 0x5, 0xf4261, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x147b7e, 0x0, @perf_bp={0x0, 0x6}, 0x19196, 0x20000, 0x43a1bd76, 0x4, 0x2c9, 0x2, 0x2, 0x0, 0x0, 0x0, 0x200b}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x8)
fcntl$lock(0xffffffffffffffff, 0x6, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x0)
r0 = socket$inet_sctp(0x2, 0x1, 0x84)
setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, &(0x7f0000000580)=[@in={0x2, 0x4e21, @local}], 0x10)
sendmsg$inet_sctp(r0, &(0x7f0000000700)={&(0x7f0000000340)=@in={0x2, 0x4e21, @local}, 0x10, &(0x7f00000006c0)=[{&(0x7f0000000380)='N', 0x1}], 0x1}, 0x801)
setsockopt$inet_sctp_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f00000001c0)={0x0, 0x1}, 0x8)

23.055691778s ago: executing program 3 (id=3441):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext2\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x200c042, &(0x7f0000000440)={[{@block_validity}, {@oldalloc}, {@sysvgroups}, {@data_err_abort}, {@debug_want_extra_isize={'debug_want_extra_isize', 0x3d, 0x80}}, {@init_itable}, {@noblock_validity}, {@errors_continue}, {@errors_continue}], [{@dont_hash}, {@uid_lt}, {@audit}, {@obj_type={'obj_type', 0x3d, 'oldalloc'}}, {@fscontext={'fscontext', 0x3d, 'unconfined_u'}}]}, 0x23, 0x56a, &(0x7f00000015c0)="$eJzs3c9rHFUcAPDvbJL+1qZQinqQQA9WajdN4o8KQutRtFjQe12SaSjZdEt2U5pYaHuwFy9SBBEL4h/g3WPxH/CvKGihSAl68BKZzWy7TbL5uXW3zucD0743M5s3b998335nZ5cNoLBGsn9KEa9GxDdJxOG2bYORbxxZ2W/p8Y3JbEliefmzP5NI8nWt/ZP8/4N55ZWI+PWriJOlte3WFxZnKtVqOpfXRxuzV0frC4unLs9WptPp9Mr4xMSZdybG33/v3a719c0Lf3//6f2Pznx9fOm7nx8euZvEuTiUb2vvxy7caq+MxEj+nAzFuVU7jnWhsX6S9PoA2JGBPM6HIpsDDsdAHvXA/9/NiFgGCioR/1BQrTygdW3fpevgF8ajD1cugNb2f3DlvZHY17w2OrCUPHNllF3vDneh/ayNX/64dzdbYpP3IW52oT2Allu3I+L04ODa+S/J57+dO91883hjq9so2usP9NL9LP95a738p/Qk/4l18p+D68TuTmwe/6WHXWimoyz/+2Dd/PfJ1DU8kNdeauZ8Q8mly9X0dES8HBEnYmhvVt/ofs6ZpQfLnba153/ZkrXfygXz43g4uPfZx0xVGpXd9Lndo9sRrz3Nf5NYM//va+a6q8c/ez4ubLGNY+m91ztt27z/7bqfAS//FPHGuuP/9I5WsvH9ydHm+TDaOivW+uvOsd86tb+9/ndfNv4HNu7/cNJ+v7a+/TZ+3PdP2mnbTs//PcnnzfKefN31SqMxNxaxJ/lk7frxp49t1Vv7Z/0/cXzj+W+9839/RHyxxf7fOXqn4679MP5T2xr/7RcefPzlD53a39r4v90sncjXbGX+2+oB7ua5AwAAAAAAgH5TiohDkZTKT8qlUrm88vmOo3GgVK3VGycv1eavTEXzu7LDMVRq3ek+3PZ5iLH887Ct+viq+kREHImIbwf2N+vlyVp1qtedBwAAAAAAAAAAAAAAAAAAgD5xsMP3/zO/D/T66IDnzk9+Q3FtGv/d+KUnoC95/YfiEv9QXOIfikv8Q3GJfygu8Q/FJf6huMQ/AAAAAAAAAAAAAAAAAAAAAAAAAAAAdNWF8+ezZXnp8Y3JrD51bWF+pnbt1FRanynPzk+WJ2tzV8vTtdp0NS1P1mY3+3vVWu3q2HjMXx9tpPXGaH1h8eJsbf5K4+Ll2cp0ejEd+k96BQAAAAAAAAAAAAAAAAAAAC+W+sLiTKVaTecUOhbORl8cxo4LyWajfDY/GXbUxGDvO6jwHAo9npgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoM2/AQAA///fKTPH")
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000200)={'vlan1\x00', <r2=>0x0})
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000080)=ANY=[@ANYBLOB="480000001400b59500000000000000000a000000", @ANYRES32=r2, @ANYBLOB="14000200fe8000000000000000000000000000aa080009003f0c0000140001"], 0x48}}, 0x0)
sendmsg$TIPC_NL_LINK_SET(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000140)=ANY=[], 0x50}}, 0x0)
rename(&(0x7f00000000c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0)
sendmmsg(r0, &(0x7f0000000000), 0x4000000000001f2, 0x0)

22.963860336s ago: executing program 3 (id=3442):
bpf$PROG_LOAD(0x5, &(0x7f00000002c0)={0x3, 0xc, &(0x7f0000000440)=@framed={{0x18, 0x0, 0x0, 0x0, 0x7ff}, [@call={0x85, 0x0, 0x0, 0x2a}, @printk={@lld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x72}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x20, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000980)={0x0, 0x4, &(0x7f0000000480)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0x75}]}, 0x0}, 0x94)
r0 = perf_event_open(&(0x7f0000000fc0)={0x1, 0x80, 0x2, 0x0, 0x0, 0x0, 0x0, 0x400, 0xf6103, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, @perf_bp={0x0, 0x8}, 0x40, 0x0, 0x0, 0x0, 0x7, 0x0, 0xffff}, 0x0, 0xffefffffffffffff, 0xffffffffffffffff, 0x0)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x7, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
ioctl$PERF_EVENT_IOC_SET_BPF(r0, 0x40042408, r1)
r2 = socket$kcm(0xa, 0x2, 0x3a)
sendmsg$kcm(r2, &(0x7f0000000440)={&(0x7f0000000800)=@in6={0xa, 0x0, 0x0, @loopback={0xff00000000000000, 0x1ff0000aa}}, 0x80, &(0x7f0000000c00)=[{&(0x7f0000000780)="80005b020eaa4da2", 0xfdef}], 0x1, 0x0, 0x0, 0x900}, 0x0)

22.963438416s ago: executing program 3 (id=3443):
mkdirat(0xffffffffffffff9c, &(0x7f0000002000)='./file0\x00', 0x0)
mount$bind(&(0x7f0000000100)='.\x00', &(0x7f0000000300)='./file0/../file0\x00', 0x0, 0x2151090, 0x0)
mount$bind(0x0, &(0x7f00000005c0)='./file0\x00', 0x0, 0x100000, 0x0)
mount$bind(&(0x7f0000000040)='./file0\x00', &(0x7f00000000c0)='./file0/file0\x00', 0x0, 0x8b101a, 0x0)
mount$bind(0x0, &(0x7f00000003c0)='./file0/file0\x00', 0x0, 0x80000, 0x0)
mount$bind(&(0x7f0000000200)='./file0/file0\x00', &(0x7f0000000280)='./file0\x00', 0x0, 0x2301091, 0x0)
umount2(&(0x7f00000002c0)='./file0\x00', 0x0)

22.944670258s ago: executing program 3 (id=3444):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x24, &(0x7f0000000040)={0x0, 0x0, 0x10001, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0x42795000)
r1 = syz_clone(0x0, 0x0, 0x43, 0x0, 0x0, 0x0)
process_vm_writev(r1, &(0x7f0000001c80)=[{&(0x7f0000001bc0)=""/156, 0x9c}], 0x1, &(0x7f0000001d80)=[{&(0x7f0000001cc0)=""/116, 0x20001c34}], 0x1, 0x0)

22.334676782s ago: executing program 3 (id=3456):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r1}, 0x20)
connect$unix(r0, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

22.25121813s ago: executing program 45 (id=3456):
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000180)='cgroup.controllers\x00', 0x275a, 0x0)
close(r0)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
listen(r1, 0x0)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000200)=@base={0xf, 0x4, 0x4, 0x12}, 0x48)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000a80)={r2, &(0x7f0000000940), &(0x7f0000000a40)=@tcp6=r1}, 0x20)
connect$unix(r0, &(0x7f0000000940)=@file={0x0, './file0\x00'}, 0x6e)
ioctl$sock_SIOCINQ(r0, 0x541b, &(0x7f0000000040))

17.16762267s ago: executing program 6 (id=3524):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$netlink(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$nl_route_sched(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f00000002c0)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000100)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000008c0)=ANY=[@ANYBLOB="480000001000050700000086d7c0d6c878f064eb", @ANYRES32=r3, @ANYBLOB="0000000000000000280012000c00010076657468"], 0x48}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000004c0)={&(0x7f0000000900)=@newqdisc={0x30, 0x24, 0xf1d, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xfff1, 0xffff}}, [@qdisc_kind_options=@q_ingress={0xc}]}, 0x30}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d80)=@delchain={0x30, 0x64, 0xf31, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xffe0}, {0x10, 0xffff}}, [@filter_kind_options=@f_fw={{0x7}, {0x4}}]}, 0x30}}, 0x4040004)

16.850812068s ago: executing program 6 (id=3527):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$unix(0x1, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000000340)={'syzkaller0\x00', @multicast})
r2 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff8000}]})
close_range(r2, 0xffffffffffffffff, 0x0)

15.815888659s ago: executing program 6 (id=3531):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x4)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000001c0)=@gcm_128={{0x304}, "145aa359352e4de0", "e8a1056a7c356ba2b862ef93136b1587", "28aa90f4", "ff0547161677e7a1"}, 0x28)
sendto$inet6(r0, &(0x7f0000000340)="d1", 0x1, 0x8000, 0x0, 0x0)
write$binfmt_aout(r0, 0x0, 0xfdef)
write$binfmt_elf64(r0, 0x0, 0xfdd6)

15.728517377s ago: executing program 6 (id=3532):
perf_event_open(&(0x7f0000000340)={0x2, 0x80, 0x2a, 0x1, 0x0, 0x0, 0x0, 0x7, 0x510, 0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x1, @perf_bp={0x0, 0x1}, 0x106200, 0x10004, 0x20da, 0x5, 0xa, 0x20005, 0xb, 0x0, 0x0, 0x0, 0x20000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb, 0x4008032, 0xffffffffffffffff, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9101)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', 0x0)

15.232839641s ago: executing program 6 (id=3537):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x80)
fchdir(r1)
r2 = inotify_init1(0x80800)
inotify_add_watch(r2, &(0x7f0000000240)='.\x00', 0x60000726)
r3 = openat(0xffffffffffffff9c, &(0x7f0000004280)='.\x00', 0x0, 0x0)
getdents64(r3, &(0x7f0000000180)=""/46, 0x2e)

14.998867332s ago: executing program 6 (id=3539):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="600000001000390426bd70000000000000000000", @ANYRES32=r3, @ANYBLOB="01980000000000004000128008000100736974003400028006000e000100000008000300ac1414"], 0x60}}, 0x0)
sendto$packet(r0, &(0x7f0000000440)="a80320000a0014000000fbf719143baa111f43c851ffab286e16195ecf3d77bb32b6d78839980700e6669d3c865c6b96e84000050016f37fe8c0295f5c", 0x3d, 0x840, &(0x7f00000000c0)={0x11, 0x86dd, r3, 0x1, 0x10, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14)

14.937225457s ago: executing program 46 (id=3539):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x46c, 0x4)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000380)={0x0, 0x4076cbba9945d516, &(0x7f0000000340)={0x0, 0x14}}, 0x0)
getsockname$packet(r2, &(0x7f0000000140)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000400)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000180)=ANY=[@ANYBLOB="600000001000390426bd70000000000000000000", @ANYRES32=r3, @ANYBLOB="01980000000000004000128008000100736974003400028006000e000100000008000300ac1414"], 0x60}}, 0x0)
sendto$packet(r0, &(0x7f0000000440)="a80320000a0014000000fbf719143baa111f43c851ffab286e16195ecf3d77bb32b6d78839980700e6669d3c865c6b96e84000050016f37fe8c0295f5c", 0x3d, 0x840, &(0x7f00000000c0)={0x11, 0x86dd, r3, 0x1, 0x10, 0x6, @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0xe}}, 0x14)

3.134935232s ago: executing program 9 (id=3685):
socket$kcm(0xa, 0x5, 0x0)
sendmsg$inet(0xffffffffffffffff, 0x0, 0x20000004)
syz_mount_image$ext4(&(0x7f0000000a00)='ext4\x00', &(0x7f00000009c0)='./file1\x00', 0x1004410, &(0x7f0000000980), 0x1, 0x5b0, &(0x7f0000000a40)="$eJzs3U9oHNcZAPBvZncl/1EtFVpoiw+mLbhgvJL8p3V7sq+lBoMPhV5asVoLoZXWaKXWEoLKd1PqQ0iCL84tOeSYkEMOIZccc80lIeeAiUUClg/Jht2dldeyZK8UrdfR/n4w0nvzRvu9N7vf084wwwQwsE41fqQRv46Ia0nEaEdbPrLGU63tNjfWSkOxVkqiXr/+dRJJRDzaWCu1t0+y38cjYj0ifhURHxcizqRbLznULtRWVuemKpXyYlYfX5q/OV5bWT07Oz81U54pL5z/058vXrpwcfLcZGd3H9c7a4W9jfXOF3f/d+fTv96/+867J9dLr00lcTlGsrbOcRyk1j4pxOVt6y/0IlgfJf3uAPuSy/K8kUq/jNHIZVm/k3rn5DD8UroH9FB9OKK+paMIDIBE0sOAan8PaBz/tpeX+f3jwZXWAUgj7ubGWum/0Y6fb52biCPNY5Nj3yRPHZk0jjfHXmZHOZTWb0fERD7/7Oc/yT5/+zdxEB2kpz660nqjnn3/0635J3aYf0ba505/pGz+G4qI5vy3uUP83C7z37UuY3z3jy/f3DX+7eH4Tb51bvfp+MlW/GSH+GlE/KvL+Pf+/sGl3drqb0Wcjp3jtyXPPz88fmO2Up5o/dwxxoenT/5l9/FHHNslfuuc7ZFmRzrHP5T1Ke1y/O9/8t5v158T/w+/2yl++tz9fzQi/t9l/J8/evtvu7U9uJ08bHwL2Ov7n0Qh7ncZ/4+XT32eFZ01BAAAAAAAAACAA5Q2r2VL0uJWOU2LxdY9vL+IY2mlWls6c6O6vDDduuZtLApp+0qr0VY9adQns+txxzbq9fpspXyuXc/az+eygLmjzXqxVK1M93nsAAAAAAAAAAAAAAAAAAAA8Ko4vu3+/29zzfv/tz+uGjisdn/kN3DYyX8YXJ35f6LjwYvA4ef/PwysuvyHwSX/YXDJfxhc8h8Gl/yHwSX/YXDJfwAAAAAAAAAAAAAAAAAAAAAAAAAA6IlrV682lvrjjbVSoz6dX1meq/777HS5NlecXy4VS9XFm8WZanWmUi6WqvMver2kWr05EQvLt8aXyrWl8drK6j/nq8sL7WeKlgs9HxEAAAAAAAAAAAAAAAAAAAD89Iw0lyQtRhRa9TQtFiN+FhFjSSQ3ZivliYg4ERGf5QrDjfpkvzsNAAAAAAAAAAAAAAAAAAAAh0xtZXVuqlIpL/aukM9C9TBE94X8XjaOiPWD7UbjFff8V4VsB/Z51x2OQu7V+By++oU+TkoAAAAAAAAAAAAAAAAAADCgntz02+1ffN/bDgEAAAAAAAAAAAAAAAAAAMBASr9KIqKxnB79/cj21qFkM9f8HRH/uXf99VtTS0uLk431D7fWL72RrT/Xj/4D3WrnaRoRjTwGAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAnqitrM5NVSrlxf0UkohoLC/YuN9jBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANiPHwIAAP//R8/KnQ==")
mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x3000004, 0x3032, 0xffffffffffffffff, 0x0)
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$packet(0x11, 0x3, 0x300)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000d40)=@newqdisc={0x3a8, 0x24, 0x3fe3aa0262d8c783, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}, {0x8}}, [@qdisc_kind_options=@q_choke={{0xa}, {0x378, 0x2, [@TCA_CHOKE_PARMS={0x14, 0x1, {0x0, 0x0, 0x0, 0x0, 0x2}}, @TCA_CHOKE_PARMS={0x14, 0x1, {0x64, 0x2, 0x3, 0x17, 0xd, 0x8, 0x1}}, @TCA_CHOKE_MAX_P={0x8, 0x3, 0x2}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "dc542b4e237011fb38ddb228806571a8633206e26df63a43bbc516382325dedd79c1cf0a26379dfaf72cb5ab9ab7efe16f312ee9ab598d1ac0d7903ac69c51f1b6842ebecf00dec5deff737b59f0c1f0b57cc6c2b7b8c5b2c527aafa57222f4bd2355ccab39fa20d4033b6b687491532080101805feb9c6fa8a56a77186efcb394ce1a1cd7f2130835e3bf9e3ac25d0a102a808be13beb51f37da6d10046f131834545ee5013f43e41e91eb18a12c28540ab4106286e0f7568f6a9cd0c0da51df08e42848096b25d455ebec9adfd6e493d8c9725bc2d49bbbae0a5375b359f91d9dad20ed109ffbc52469cffd2cf5df7773f7a4c72ae167485315c326281efc4"}, @TCA_CHOKE_MAX_P={0x8}, @TCA_CHOKE_STAB={0x104, 0x2, "a2a88faa7ec665a571a9ad3d1f9512e3c591df4a4554c6c2e2cc6cb4d9aee4579684743ad4888f1522a47ddaff3d4f9450d288e8559bc4f795aa0d1bc74d926038adb808cba6e90535b2eb8ba3e8ff927207d17a86b10d604e77a459df67e7f0c842d463ca5977b7e2eb55fbb9881d15633717817c735da52a1da7d64bb22e58550d8ee20883e41ec2f119a6a6364d68900c1cce4a3b3225a9ce9e1e00b444e9e7bcd10e1dec202ce7786aa7cf10d4dd6bbcee586d7903a6239ff90b49cd7fddb0c67ddab326cdb2d0fa48a783f691be9ebaa1243b21afd04a372650aa7eb46a2675cc67ae12d3b99c9acb4d9fb7c78081d269b443affd86eededd4867311221"}, @TCA_CHOKE_PARMS={0x14}, @TCA_CHOKE_STAB={0x104, 0x2, "554b956aa3fcfbc4a187baf0437163b5d33108db016465f92a93480d2c246d90f03741da6ee916f7c9917dbd81da67d6150151679559af8402b932745d19fbfbd679c133c4714565f91cd05790d990818bac85598b6a844cb2c2d277aaca9a88ee0e6a834ba02b4e549f11fb13e9fe33730c55997f2d3b7e6469210db81587fc522295f49a78f4e08ddfb01172b12a19b303a0c47fa3500cdc3e6725a79dcd3731c37083c3bbe73c43e7e2ea82c72986a1499c677c565ea1cfc874e7e978e4ebe8d338f0b37807d40333ee570133982998623ec809826f1009856a9d9d8e839c65d3ead78c6b3cb8f7beee8e59f19de93d06628a2cdfa4333d96882b96c36cc3"}]}}]}, 0x3a8}}, 0x0)

3.120487593s ago: executing program 7 (id=3686):
read$msr(0xffffffffffffffff, 0x0, 0x0)
openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0)
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
r1 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r1, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xc4, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x33}, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffd}, {0x0, 0x0, 0x200000000000000}, 0xfffffffc}, [@mark={0xc, 0x15, {0x350760, 0x81}}]}, 0xc4}, 0x1, 0x0, 0x0, 0x40800}, 0x2c040010)
r2 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000004c0)=@updpolicy={0xb8, 0x19, 0x1, 0x0, 0x0, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x0, 0x0, 0xa, 0x0, 0x0, 0x87}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x7fffffff, 0x0, 0xfffffffffffffffb}, {0x0, 0x0, 0x200000000000000}}}, 0xb8}}, 0x2c000010)
sendmsg$nl_xfrm(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=@updpolicy={0xb8, 0x14, 0x1, 0x0, 0x800, {{@in=@multicast1=0xe0000002, @in, 0x0, 0x0, 0x1000, 0x0, 0xa, 0x20}, {}, {0x1, 0x6, 0x0, 0xfffffffffffffffe}, 0x0, 0x6e6bbc}}, 0xb8}, 0x1, 0x0, 0x0, 0x404c830}, 0x0)

3.008335213s ago: executing program 7 (id=3688):
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x1, 0x2)
fchdir(r1)
fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff)
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='memory.swap.current\x00', 0x275a, 0x0)
write$binfmt_script(r2, &(0x7f0000000000), 0x208e24b)

2.92693622s ago: executing program 9 (id=3690):
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4)
connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0xffb2)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x2, &(0x7f0000000ac0)=@gcm_128={{0x304}, "629f2ad1e25e04f2", "bddff730a979d9b52e732fd6a9c1b085", "ace06e88", "747a2aaf941f2665"}, 0x28)
r1 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='memory.events\x00', 0x275a, 0x0)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x2000001, 0x12, r1, 0x0)
setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x4, &(0x7f0000000280)=@gcm_128={{0x304}, "41c000", "0cfcb67ecace717eb34a87013860510f", "15f4807f", "d4c27feb98ae71cc"}, 0x28)

2.81908685s ago: executing program 9 (id=3693):
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0xb, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xc093, 0x2, @perf_bp={0x0, 0x8}, 0x4, 0x0, 0x11000, 0x0, 0x2, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xdfffffffffffffff, 0xffffffffffffffff, 0xb)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f00000002c0)='./bus\x00', 0x404, &(0x7f00000001c0)={[{@max_batch_time={'max_batch_time', 0x3d, 0x4}}, {@debug}, {@journal_dev={'journal_dev', 0x3d, 0x7}}]}, 0x1, 0x5fd, &(0x7f00000006c0)="$eJzs3c9vFFUcAPDv7LalpWALMSoepIkxkCgtLWCI8QBXYxr8ES9erLQgoUDT1mjRhJLgxcR4McbEkwfxv1AiV0960YMXT4aEqOFo4prZ7vTnbH8s7Q4wn0+y7My8ebw3LN++t6/vzQRQWgPpH5WIAxExlUT0JfOLaR3RSBxYOO/ePx+fTV9J1Gpv/JVE0jiWnZ803nsbmbsj4ucfk9hfXVvuzNzVi2OTkxPTjf2h2UtTQzNzV49cuDR2fuL8xOWRF0dOnjh+4uTw0Zau69raQ2l1Puj7dPTtb7/+Nxn+7vfRJE7FK40Tl1/HdhmIgfq/SbI2qffkdhdWkGrj/8nyjzjpKLBCbEn2+XVGxJPRF9VY+vD64pPXCq0csKNqSUQNKKlE/ENJZf2A7Lv96u/BlUJ6JUA73D29MACwNv47FsYGo7s+NrD7XhLLh3WSiGhtZG6lPRHx0+3RG+duj96Y3rsz43BAvvnrEfHUsvjvylKSevz3R3f01+O/siL+037BmcZ7evz1FstfPVQs/qF9FuK/O6f9X4r/aBL/7yyL/3dbLH9gafO9nhXx39PqJQEAAAAAAEBp3TodES/kzf+pLM7/iZz5P70RcWobyh9Ytb/29/+VO9tQDJDj7umIl3Pn/1aiujD7t7/a+D3/3vp8gM7k3IXJiaMR8VhEHI7OXen+8DplHPls/1fN0gYa8/+yV1p++r50RuVOx66VecbHZsfu97qBiLvXI57Onf+bLLb/SU77n/48mNpkGfufu3mmWdrG8Q/slNo3EYdy2/+lu1Yk69+fY6jeHxjKegVrPfPR5983K7/V+HeLCbh/afu/e/3470+W369nZutlHJvrqDVLa7X/35W8Wb/lTLZc4cOx2dnp4Yie5NVqenTF8ZGt1xkeRVk8ZPGSxv/hZ9cf/8vr//dExPyqvzv5e+Wa4swT//X+0aw++v9QnDT+x7fU/jfdSOYjcpNGbvb/0Kz8zbX/x+tt/eHGEeN/sODLLEy7Vh7PCdCOvKR21xcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgWViNgTSWVwcbtSGRyM6I2Ix2N3ZfLKzOzz5668f3k8Tas//7+SPem3b2E/yZ7/379sf2TV/rGI2BcRX1R76vuDZ69Mjhd98QAAAAAAAAAAAAAAAAAAAPCA6G2y/j/1Z7Xo2gE7rqPoCgCFyYn/X4qoB9B+2n8oL/EP5SX+obzEP5SX+IfyEv9QXuIfykv8AwAAAADAI2XfwVu/JREx/1JP/ZXqaqR1FlozYKdViq4AUBi3+IHyMvUHyst3fCDZIL27aaaNcjbLnJo6u3FmAAAAAAAAAAAAACBz6ID1/1BW1v9DeVn/D+WVrf8/WHA9gPZr+Tt+0zW9wMNovZX8zcN9E+v/AQAAAAAAAAAAAIBtMTN39eLY5OTEdPs2fm089Cv3nJ6IaHN9so23iii02I1arXat/lE8IPV5yDeyqfCbz9WdHwU7s5Gt9dtcroJ+IAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGv8HwAA//+xpBxA")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./bus\x00', 0x4040, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000004400)='./bus\x00', 0x1c1202, 0x0)
write(r1, &(0x7f0000004200)='t', 0x1)
sendfile(r1, r0, 0x0, 0x3ffff)
sendfile(r1, r0, 0x0, 0x7ffff000)

2.505464668s ago: executing program 7 (id=3700):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$can_j1939(0x1d, 0x2, 0x7)
ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f00000000c0)={'vcan0\x00', <r2=>0x0})
bind$can_j1939(r1, &(0x7f0000000340)={0x1d, r2, 0x0, {0x2, 0x0, 0x6}, 0xfe}, 0x18)
setsockopt$sock_int(r1, 0x1, 0x6, &(0x7f0000000040)=0x1, 0x4)
sendmsg$inet(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000003c0)=[{&(0x7f0000000280)="81b641f1f3843704b6", 0x9}], 0x1}, 0x4048081)
setsockopt$SO_J1939_FILTER(r1, 0x6b, 0x1, &(0x7f0000000400)=[{0x10000000003, 0x2, {0x0, 0x1}, {0x3, 0xf0}, 0x1, 0xfe}, {0x2, 0x1, {0x2, 0xf0, 0x3}, {0x1}, 0x0, 0x2}], 0x40)
sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000000)=@newtfilter={0x24, 0x11, 0x1, 0x70bd26, 0x25dfdbfc, {0x0, 0x0, 0x74, r2, {0xb, 0xfff2}, {0xfff1, 0x9}, {0x2, 0xd}}}, 0x24}, 0x1, 0xf0ffffffffffff, 0x0, 0x4012}, 0x20000050)

2.428341694s ago: executing program 7 (id=3702):
ioprio_set$pid(0x2, 0x0, 0x0)
sched_setscheduler(0x0, 0x5, &(0x7f0000000480))
r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x0)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x0)
fchdir(r1)
r2 = open(&(0x7f0000000040)='./bus\x00', 0x143142, 0x80)
sendfile(r2, r2, 0x0, 0x1000000201005)

2.316453494s ago: executing program 8 (id=3706):
pipe(&(0x7f0000000500)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
r1 = fsopen(&(0x7f0000000080)='autofs\x00', 0x0)
fsconfig$FSCONFIG_SET_FD(r1, 0x5, &(0x7f00000005c0)='fd', 0x0, r0)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x2)
mkdirat(r2, &(0x7f0000000040)='./file0\x00', 0x0)
fchdir(r2)
symlinkat(&(0x7f0000002040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00', 0xffffffffffffff9c, &(0x7f0000003040)='./file0/file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/file0\x00')

2.316205664s ago: executing program 7 (id=3707):
syz_mount_image$ext4(&(0x7f0000000100)='ext4\x00', &(0x7f0000000080)='./file0\x00', 0x3000010, &(0x7f0000000340)={[{@errors_remount}, {@nodioread_nolock}]}, 0x1, 0x512, &(0x7f0000000380)="$eJzs3d9rY1kdAPDvvW1mOzNdk1WRdcF1cVc6i07Sbt3dIqLriz4tqOv7WNu0lCZNadJ1Whbt4H8ggoJPPvki+AcIwzz4B8jAgL6ID6KiiM7og6DOlSQ3TidN2rrTNp3m84HTnHPvzf2ec0NO7o/TewMYWy9FxFsRMRERr0ZEMZ+e5in2uqm93IP77y21UxJZ9s5fk0jyab11tdcxGRFX87dNRcTXvhzxzeRg3ObO7vpirVbdysuVVn2z0tzZvb5WX1ytrlY35ufn3lh4c+H1hdks90TtLPUyP/nS529/+lu/u/Hna99uV+tzH4lC9LXjJHWbXuhsi572Nto6jWAj0PvMC6OuCAAAx9Lex/9gRHyis/9fjInO3lyfiVHUDAAAADgp2Rem499JRAYAAABcWGlETEeSlvOxANORppfycwMfjitprdFsfWqlsb2x3J4XUYpCurJWq87mY4VLUUja5bl8jG2v/FpfeT4inouI7xcvd8rlpUZtecTnPgAAAGBcXO07/v9HMe3kjzbg/wQAAACA86s0tAAAAABcFA75AQAA4OLrP/6/PaJ6AAAAAKfiK2+/3U5Z7/nXy+/ubK833r2+XG2ul+vbS+WlxtZmebXRWO3cs69+1PpqjcbmZ2Jj+2alVW22Ks2d3Rv1xvZG68baY4/ABgAAAM7Qcx+/8+skIvY+e7mTIr8PIMBj/jDqCgAnaWLUFQBGxl28YXwVRl0BYOSSI+YbvAMAAE+/mY8evP7fe/6/cwNwsRnrAwDjx/V/GF8FIwBhrKUR8YFu9plhywy9/v/L40bJsoi7xf1TnF8EAICzNd1JSVrOjwOmI03L5YhnI9JSFJKVtVp1Nj8++FWx8Ey7PNd5Z3LkmGEAAAAAAAAAAAAAAAAAAAAAAAAAoCvLksgAAACACy0i/VPSuZt/xEzxlen+8wOXkn8W44954Ufv/ODmYqu1Ndee/rfOs7wuRUTrh/n014Y+PgwAAAA4acne0Fnd4/T8de5MawUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADAGHhw/72lXjrLuH/5YkSUBsWfjKnO61QUIuLK35OY3Pe+JCImTiD+3q2IeH5Q/CQeZllWymvRHz+NiMunHL/U2TTD4189gfgwzu60+5+3Bn3/0nip8zr4+zeZpyc1vP9L88jPd/q5Qf3fswfWVh8Y44V7P6sMjX8r4oXJwf1Pr/9NhsR/+cDa/pVl2cEY3/j67u6w+NmPI2YG/v4kj8WqtOqblebO7vW1+uJqdbW6MT8/98bCmwuvL8xWVtZq1fzvwBjf+9jPHx7W/isD4v/2N93+97D2vzJspX3+c+/m/Q91s4VB8a+9PPD3dyqGxE/z375P5vn2/Jlefq+b3+/Fn9598bD2Lw/Z/kd9/teO2f5Xv/rd3x9zUQDgDDR3dtcXa7Xq1iGZqWMs8zRmfjF1Lqrxf2ay73Q/ufNSn/ebae+tPprSa9U5qNi+THZmsSbinDT5f5mRdksAAMApeLTTP+qaAAAAAAAAAAAAAAAAAAAAwPg6i9uJ9cfcG01TAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAO9d8AAAD//yLg4A8=")
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300)=<r0=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x47f2, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(r0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xbecd6000)
r1 = open(&(0x7f0000000140)='.\x00', 0x8000, 0x112)
getdents(r1, &(0x7f0000001fc0)=""/184, 0xb8)

2.280312867s ago: executing program 8 (id=3709):
r0 = socket$netlink(0x10, 0x3, 0x10)
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000000000), 0x4)
r1 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r1, 0x107, 0x12, &(0x7f0000000000)={0x0, 0xa006}, 0x4)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x40241, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201})
syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), r0)

2.170455737s ago: executing program 9 (id=3710):
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x3, 0x8031, 0xffffffffffffffff, 0x0)
mlock(&(0x7f0000656000/0x3000)=nil, 0x3000)
mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x4, 0x0, 0x0, 0x2)
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000003940)=ANY=[@ANYBLOB="210000000000000000000000000010000004"], 0x48)
mmap(&(0x7f0000001000/0x2000)=nil, 0x2000, 0x2000002, 0x13, r0, 0x0)
mbind(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x4003, &(0x7f0000000c00)=0xc, 0x6, 0x2)
mlockall(0x7)
mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0xd3283d0368e269b3, 0x8031, 0xffffffffffffffff, 0x6a0a4000)

2.092279504s ago: executing program 8 (id=3711):
r0 = socket$inet_udp(0x2, 0x2, 0x0)
setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000200)=0x474c, 0x4)
bind$inet(r0, &(0x7f00000001c0)={0x2, 0x0, @local}, 0x10)
connect$inet(r0, &(0x7f0000000480)={0x2, 0x4e20, @multicast1}, 0x10)
sendmmsg(r0, &(0x7f0000007fc0), 0x800001d, 0x0)
setsockopt$inet_int(r0, 0x0, 0x8, &(0x7f0000000000)=0xfffffff9, 0x4)
setsockopt$inet_int(r0, 0x0, 0xd, &(0x7f0000000040)=0xfffffffc, 0x4)
recvmmsg(r0, &(0x7f0000002640)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f0000000740)=""/137, 0x89}, 0x2}, {{0x0, 0x0, 0x0, 0x0, &(0x7f0000001f80)=""/23, 0x17}, 0x80}], 0x2, 0x45833af92e4b39ff, 0x0)

1.91912972s ago: executing program 4 (id=3713):
set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5)
pipe2(&(0x7f0000000000)={<r0=>0xffffffffffffffff}, 0x0)
r1 = memfd_create(&(0x7f00000000c0)='\xe9`\x10\x98[\x82?O3#\xfa\x02\xdc\x96\xa1\xbc\x80\x00+\xb6O', 0x0)
fcntl$setpipe(r0, 0x407, 0x8001a0)
splice(r0, 0x0, r1, 0x0, 0x200002, 0xa)
keyctl$link(0x8, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
getdents64(0xffffffffffffffff, 0x0, 0x0)

1.896971872s ago: executing program 7 (id=3714):
pipe(&(0x7f0000000080)={0xffffffffffffffff, <r0=>0xffffffffffffffff})
pipe(&(0x7f0000000000)={<r1=>0xffffffffffffffff})
unshare(0x22020400)
timer_create(0x0, &(0x7f0000000200)={0x0, 0x21, 0x2, @tid=0xffffffffffffffff}, &(0x7f0000000300)=<r2=>0x0)
fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5})
mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1)
timer_settime(r2, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
tee(r1, r0, 0x80000001, 0x0)

1.840446057s ago: executing program 5 (id=3715):
syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_SENDMSG={0x9, 0x4, 0x0, 0xffffffffffffffff, 0x0, &(0x7f0000000a00)={0x0, 0x0, 0x0}, 0x0, 0x50, 0x1})
r0 = syz_io_uring_setup(0x2221, &(0x7f0000000100)={0x0, 0x6e7f, 0x800, 0x0, 0x5cc}, &(0x7f0000000280)=<r1=>0x0, &(0x7f00000005c0)=<r2=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffa, 0x0, 0x4)
io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f0000000740)=[{0x0}], 0x1)
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f00000000c0)={0x1, &(0x7f0000000200)=[{0x30, 0x4, 0x0, 0x2}]}, 0xffffffffffffff0e)
mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5)
syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_EPOLL_CTL=@mod={0x1d, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x3, 0x0, 0x1})
io_uring_enter(r0, 0x66ae, 0x4, 0x2, 0x0, 0x0)

1.815585849s ago: executing program 4 (id=3716):
r0 = socket(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket(0x10, 0x803, 0x0)
syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), r2)
getsockname$packet(r2, &(0x7f0000000100)={0x11, 0x0, <r3=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000200)=0x14)
sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffff11feffffff000000", @ANYRES32=r3, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000005840)={0x0, 0x0, &(0x7f00000005c0)={&(0x7f0000001240)=@newqdisc={0x78, 0x24, 0x5820a61ca228651, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x3548, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xb}}}]}, 0x78}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000006c0)=@newtfilter={0x70, 0x2c, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x0, r3, {0xa}, {}, {0xd}}, [@filter_kind_options=@f_basic={{0xa}, {0x40, 0x2, [@TCA_BASIC_EMATCHES={0x3c, 0x2, 0x0, 0x1, [@TCA_EMATCH_TREE_HDR={0x8, 0x1, {0x94}}, @TCA_EMATCH_TREE_LIST={0x30, 0x2, 0x0, 0x1, [@TCF_EM_NBYTE={0x10, 0x1, 0x0, 0x0, {{}, {0x0, 0x0, 0x1}}}, @TCF_EM_META={0x1c, 0x2, 0x0, 0x0, {{0x0, 0x4, 0x4}, [@TCA_EM_META_HDR={0xc}, @TCA_EM_META_LVALUE={0x4}]}}]}]}]}}]}, 0x70}}, 0x800)

1.69117012s ago: executing program 4 (id=3717):
r0 = syz_create_resource$binfmt(&(0x7f0000001400)='./file0\x00')
sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000002c0)=ANY=[@ANYBLOB="3c060000a13f010828bd70000000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000004200400140014007465616d5f736c6176655f300000000008"], 0x3c}}, 0x0)
openat$binfmt(0xffffffffffffff9c, r0, 0x42, 0x1ff)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x2, 0x4, &(0x7f0000000200)=ANY=[@ANYBLOB="180000000300000000000000feffff10850000000700000095"], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x100, 0x0, '\x00', 0x0, @fallback=0x30, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfeaf, 0x0, 0x0, 0x0}, 0x94)
truncate(&(0x7f0000000180)='./file0\x00', 0x8fff5)
r2 = bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000012c0)={r1, 0x0, 0x30, 0x0, @val=@uprobe_multi={&(0x7f0000000140)='./file0\x00', &(0x7f0000000640)=[0x7, 0x7], 0x0, 0x0, 0x2, 0x1}}, 0x40)
sendmsg$inet(0xffffffffffffffff, &(0x7f00000002c0)={0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)}, 0x0)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000340)={r2, 0x58, &(0x7f00000002c0)}, 0x10)

1.609544767s ago: executing program 4 (id=3718):
prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f0000000080)={&(0x7f0000ff7000/0x1000)=nil, &(0x7f0000007000/0x3000)=nil, &(0x7f0000ffc000/0x4000)=nil, &(0x7f0000004000/0x2000)=nil, &(0x7f0000ff8000/0x4000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffd000/0x3000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000ff5000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ffa000/0x2000)=nil, 0x0}, 0x68)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0}, 0x24004045)
r0 = io_uring_setup(0x1b7b, &(0x7f0000000040)={0x0, 0x970, 0x1d480, 0x0, 0x44a})
io_uring_enter(r0, 0x8af, 0xc0b8, 0x0, &(0x7f0000000100)={[0x6]}, 0x8)
r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r1, 0x0, 0x6, 0x0, &(0x7f0000000000)="b5e379a5389b", 0x0, 0x500, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50)
ioctl$int_in(0xffffffffffffffff, 0x5452, &(0x7f0000000180)=0x7)
io_uring_enter(r0, 0x2219, 0x7721, 0x16, 0x0, 0x0)

1.396256716s ago: executing program 4 (id=3719):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000180)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f0000000240)=@abs={0x0, 0x0, 0x4e23}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
r2 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r2, 0x1, r1, &(0x7f0000000100)={0x20000014})
perf_event_open(&(0x7f0000000040)={0x2, 0x80, 0x65, 0x0, 0x0, 0x0, 0x0, 0x8, 0x40008, 0xa, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x2, @perf_config_ext={0x9, 0x6}, 0x0, 0x0, 0x800000, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0xc0}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x1)
epoll_wait(r2, &(0x7f0000000140)=[{}], 0x1, 0xffffffff)

1.395851876s ago: executing program 8 (id=3720):
perf_event_open(&(0x7f0000000000)={0x2, 0x80, 0x2b, 0x1, 0x0, 0x0, 0x0, 0x4, 0x510, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, @perf_bp={0x0, 0xa}, 0x102260, 0x10000, 0x0, 0x1, 0x8, 0x20003, 0x0, 0x0, 0x0, 0x0, 0x2000000020000006}, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x2)
r0 = socket$inet_mptcp(0x2, 0x1, 0x106)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_int(r1, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4)
connect$inet6(r1, &(0x7f0000000200)={0xa, 0x0, 0x2, @loopback}, 0x1c)
setsockopt$inet6_tcp_TCP_ULP(r1, 0x6, 0x1f, &(0x7f00000000c0), 0x4)
setsockopt$inet6_tcp_TLS_TX(r1, 0x11a, 0x2, &(0x7f0000000680)=@gcm_128={{0x303}, "000037d7009400", "c0b6c5b29ca2b838d41ac2fc7ddf972d", "e9be1eae", "bb10000000000001"}, 0x28)
close_range(r0, 0xffffffffffffffff, 0x0)

1.353235849s ago: executing program 5 (id=3721):
r0 = socket$inet6_sctp(0xa, 0x1, 0x84)
r1 = socket$inet6_sctp(0xa, 0x5, 0x84)
shutdown(r1, 0x0)
close(0x3)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r1, 0x84, 0x6f, &(0x7f0000000200)={<r2=>0x0, 0x10, &(0x7f00000001c0)=[@in={0x2, 0x4e23, @rand_addr=0x64010100}]}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_PRIMARY_ADDR(r1, 0x84, 0x7a, &(0x7f0000000340)={r2, @in6={{0xa, 0x3, 0x4, @mcast1}}}, &(0x7f0000000040)=0x84)
mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x1)
setsockopt$inet_sctp6_SCTP_PEER_ADDR_THLDS(r0, 0x84, 0x1f, &(0x7f00000004c0)={0x0, @in6={{0xa, 0x4e22, 0x4d, @dev={0xfe, 0x80, '\x00', 0x2b}, 0xf}}, 0xd, 0x7}, 0x90)

1.257608838s ago: executing program 5 (id=3722):
recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0)
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$sock_int(r0, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r0, &(0x7f0000000540)={0xa, 0x4e22, 0x7, @empty, 0x200}, 0x1c)
r1 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_int(r1, 0x29, 0x4b, &(0x7f0000000100)=0x401, 0x4)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000000180)=0x800001, 0x4)
bind$inet6(r1, &(0x7f0000000140)={0xa, 0x4e22, 0x3, @loopback={0x100000}, 0x6}, 0x1c)

1.036483758s ago: executing program 5 (id=3723):
mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0)
r0 = open_tree(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x89901)
move_mount(r0, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x0)
chroot(&(0x7f0000000440)='./file0/../file0/../file0/../file0\x00')
r1 = open_tree(0xffffffffffffff9c, &(0x7f0000000640)='\x00', 0x9101)
move_mount(r1, &(0x7f0000000140)='.\x00', 0xffffffffffffff9c, &(0x7f0000000080)='./file0/../file0/../file0/../file0\x00', 0x0)
syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0)
pivot_root(&(0x7f00000001c0)='./file0/../file0/../file0/../file0\x00', &(0x7f0000000100)='./file0/../file0/../file0/../file0/file0\x00')

978.892703ms ago: executing program 5 (id=3724):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2f, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX(r0, 0x84, 0x6e, &(0x7f0000000140)=[@in={0x2, 0x4e24, @rand_addr=0x64010100}], 0x10)
r1 = socket$inet_sctp(0x2, 0x1, 0x84)
getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={<r2=>0x0}, &(0x7f0000000040)=0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000280)={r2, 0x4}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r0, 0x84, 0x7c, &(0x7f0000000080)={r2, 0x9, 0x7fff}, 0x8)
setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(r0, 0x84, 0x7b, &(0x7f0000000180)={r2}, 0x8)

530.549342ms ago: executing program 8 (id=3725):
ptrace$setregs(0xd, 0x0, 0x20000000002, 0x0)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4805}, 0x20000050)
sendmsg$NFT_BATCH(r0, &(0x7f0000000840)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000440)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x5}}, [@NFT_MSG_NEWFLOWTABLE={0x40, 0x16, 0xa, 0x401, 0x0, 0x0, {0x2, 0x0, 0x2}, [@NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0x14, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_PRIORITY={0x8, 0x2, 0x1, 0x0, 0x1}, @NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x1}}}, 0x68}}, 0x0)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r1, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})

508.343025ms ago: executing program 9 (id=3726):
r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0000}]})
r1 = socket$inet6_sctp(0xa, 0x1, 0x84)
r2 = dup(r1)
setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r2, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e24, 0x6, @empty, 0x3}], 0x1c)
sendmsg$inet6(r1, &(0x7f0000000800)={&(0x7f0000000080)={0xa, 0x4e24, 0x8, @loopback, 0x4}, 0x1c, &(0x7f0000000380)=[{&(0x7f0000000140)="88", 0x1}], 0x1}, 0x4048043)
setsockopt$SO_BINDTODEVICE(r1, 0x1, 0x19, &(0x7f0000000000)='vlan1\x00', 0x10)
shutdown(r1, 0x1)
close_range(r0, 0xffffffffffffffff, 0x0)

278.875985ms ago: executing program 4 (id=3727):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
syz_mount_image$ext4(&(0x7f0000000080)='ext4\x00', &(0x7f0000000040)='./file1\x00', 0x3000046, &(0x7f00000004c0)={[{@delalloc}, {@data_err_abort}, {@barrier_val={'barrier', 0x3d, 0x2}}, {@usrquota}, {@data_err_ignore}, {@nobarrier}, {@oldalloc}, {@grpquota}, {@noload}, {@user_xattr}, {@bh}, {@dioread_nolock}]}, 0x1, 0x553, &(0x7f0000001080)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8Hbjkn9ybnfnPv9/TcnBsSwNCayP4UIl6OiG+SiIMRkeTrRiNfObG23er9q7PZkkSj8elfSXO7rN56rdbz9ueVlyLit68ijhc2tltbXlkolcvpYl6frFcuTdaWV05cqJTm0/n04vTMzKm3Z6bfe/edvsX6xtl/vv/k9oenvj66+t0vdw/dTOJ0HMjXtcfxBK61VyZiIn9PxuL0IxtO9aGxnSQZ9A6wLSN5no9F1gccjJE864H/vy8jogEMqUT+w5BqjQNa1/Z9ug5+btz7YO0CaGP8o2ufjcSe5rXRvtXkoSuj7Hp3vA/tZ238+uetm9kS/fscAmBL165HxMnR0Y39X5L3f9t3sodtHm1D/wfPzu1s/PNmp/FPYX38Ex3GP/s75O52bJ3/hbt9aKarbPz3fsfx7/qk1fhIXnuhOeYbS85fKKdZ3/ZiRByLsd1ZfbP5nFOrdxrd1rWP/7Ila781Fsz34+7o7oefM1eql54k5nb3rke80nH8m6wf/6TD8c/ej7M9tnEkvfVat3Vbx/90NX6KeL3j8X8wo5VsPj852TwfJltnxUZ/3zjye7f2Bx1/dvz3bR7/eNI+X1t7/DZ+3PNv2m3dQ/FH7+f/ruSzZnlX/tiVUr2+OBWxK/l44+PTD57bqre2z+I/dnTz/q/T+b83Ij7vMf4bh39+taf4B3T85x7r+D9+4c5HX/zQrf3e+r+3mqVj+SO99H+97uCTvHcAAAAAAACw0xQi4kAkheJ6uVAoFtfu7zgc+wrlaq1+/Hx16eJcNL8rOx5jhdZM98G2+yGm8vthW/XpR+ozEXEoIr4d2dusF2er5blBBw8AAAAAAAAAAAAAAAAAAAA7xP4u3//P/DEy6L0Dnjo/+Q3Da8v878cvPQE7kv//MLzkPwwv+Q/DS/7D8JL/MLzkPwwv+Q/DS/4DAAAAAAAAAAAAAAAAAAAAAAAAAABAX509cyZbGqv3r85m9bnLy0sL1csn5tLaQrGyNFucrS5eKs5Xq/PltDhbrWz1euVq9dLUdCxdmayntfpkbXnlXKW6dLF+7kKlNJ+eS8eeSVQAAAAAAAAAAAAAAAAAAADwfKktryyUyuV0UUFhW4XRnbEbCn0uDLpnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAH/gsAAP//6AY3sQ==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x1c1840, 0x0)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./bus\x00', 0x0, 0x0)
r2 = openat(0xffffffffffffff9c, &(0x7f0000000e80)='./bus\x00', 0x1c1002, 0x0)
write$bt_hci(r2, &(0x7f0000000bc0)={0x1, @remote_name_req_cancel={{0x41a, 0x6}}}, 0xa)
sendfile(r2, r0, 0x0, 0x40001)
sendfile(r2, r1, 0x0, 0x7ffff000)

128.817038ms ago: executing program 8 (id=3728):
r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0)
ftruncate(r0, 0x8800000)
socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
pipe2(&(0x7f0000000100)={<r3=>0xffffffffffffffff, <r4=>0xffffffffffffffff}, 0x0)
splice(r2, 0x0, r4, 0x0, 0x7ffff000, 0x0)
r5 = io_uring_setup(0x35bb, &(0x7f0000000180)={0x0, 0x82b0, 0x100, 0x3, 0x241, 0x0, r3})
close_range(r5, 0xffffffffffffffff, 0x0)
sendfile(r1, r0, 0x0, 0x100000000)

631.159µs ago: executing program 5 (id=3729):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x80, 0x4}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
r3 = syz_io_uring_setup(0x2de5, &(0x7f0000000140)={0x0, 0x980a, 0x2, 0x400002, 0xc5}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r3, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x3, 0x0, 0x0)

480.43µs ago: executing program 47 (id=3729):
r0 = syz_io_uring_setup(0x5c2, &(0x7f0000000140)={0x0, 0x0, 0x80, 0x4}, &(0x7f0000000300)=<r1=>0x0, &(0x7f0000000580)=<r2=>0x0)
r3 = syz_io_uring_setup(0x2de5, &(0x7f0000000140)={0x0, 0x980a, 0x2, 0x400002, 0xc5}, &(0x7f0000000000)=<r4=>0x0, &(0x7f0000000040)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_POLL_ADD={0x6, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, {0x8001}})
io_uring_enter(r3, 0x2b93, 0xf9d0, 0x22, 0x0, 0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4)
syz_io_uring_submit(r1, r2, &(0x7f00000004c0)=@IORING_OP_TIMEOUT={0xb, 0x49, 0x0, 0x0, 0x4, &(0x7f0000000280)={0x0, 0x989680}, 0x1, 0x40, 0x1})
io_uring_enter(r0, 0x6e2, 0x3900, 0x3, 0x0, 0x0)

0s ago: executing program 9 (id=3730):
timer_create(0x1, &(0x7f0000000200)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x8031, 0xffffffffffffffff, 0x94eb2000)
fcntl$lock(0xffffffffffffffff, 0x26, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x1})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{0x77359400}}, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r0 = socket$kcm(0x1e, 0x5, 0x0)
sendmsg$kcm(r0, &(0x7f0000000540)={&(0x7f0000000280)=@tipc=@name={0x1e, 0x2, 0x0, {{0x1, 0x1}}}, 0x80, &(0x7f0000000580)=[{&(0x7f0000000300)="80", 0x1}], 0x1}, 0x0)

kernel console output (not intermixed with test programs):

d state
[  197.932691][T12771] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #16: comm syz.1.2810: corrupted inode contents
[  197.941222][T12764] bridge_slave_0: entered allmulticast mode
[  197.956198][T12771] loop1: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  197.956618][T12771] EXT4-fs (loop1): Remounting filesystem read-only
[  197.966706][    C1] EXT4-fs (loop1): error count since last fsck: 1
[  197.966816][    C1] EXT4-fs (loop1): initial error at time 2000000299: ext4_do_update_inode:5569: inode 16
[  197.967167][    C1] EXT4-fs (loop1): last error at time 2000000299: ext4_do_update_inode:5569: inode 16
[  197.985046][T12764] bridge_slave_0: entered promiscuous mode
[  197.987740][T12764] bridge0: port 2(bridge_slave_1) entered blocking state
[  197.988811][T12764] bridge0: port 2(bridge_slave_1) entered disabled state
[  197.990177][T12764] bridge_slave_1: entered allmulticast mode
[  197.991008][T12764] bridge_slave_1: entered promiscuous mode
[  198.045192][T12764] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  198.069181][T12771] EXT4-fs (loop1): 1 truncate cleaned up
[  198.081371][T10678] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  198.092883][T10678] Quota error (device loop1): write_blk: dquota write failed
[  198.100392][T10678] Quota error (device loop1): remove_free_dqentry: Can't write block (5) with free entries
[  198.111177][T10678] EXT4-fs (loop1): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  198.118998][T12764] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  198.125581][T10678] EXT4-fs (loop1): Quota write (off=8, len=24) cancelled because transaction is not started
[  198.146954][T12771] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  198.177942][T12764] team0: Port device team_slave_0 added
[  198.194377][T12764] team0: Port device team_slave_1 added
[  198.258219][T12764] batman_adv: batadv0: Adding interface: batadv_slave_0
[  198.265524][T12764] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  198.277219][T10814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  198.370053][T12764] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  198.403057][T12764] batman_adv: batadv0: Adding interface: batadv_slave_1
[  198.424417][T12764] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  198.463638][T12764] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  198.518717][T12764] hsr_slave_0: entered promiscuous mode
[  198.532441][T12764] hsr_slave_1: entered promiscuous mode
[  198.549831][T12764] debugfs: 'hsr0' already exists in 'hsr'
[  198.566453][T12764] Cannot create hsr debugfs directory
[  199.183626][T12764] netdevsim netdevsim8 netdevsim0: renamed from eth0
[  199.208691][T12764] netdevsim netdevsim8 netdevsim1: renamed from eth1
[  199.231985][T12764] netdevsim netdevsim8 netdevsim2: renamed from eth2
[  199.272839][T12764] netdevsim netdevsim8 netdevsim3: renamed from eth3
[  199.924680][T12884] loop1: detected capacity change from 0 to 8192
[  199.941674][T12884] FAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  199.973095][T12889] netlink: 'syz.3.2837': attribute type 83 has an invalid length.
[  199.985420][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.017158][T12884] FAT-fs (loop1): Filesystem has been set read-only
[  200.019655][T12764] 8021q: adding VLAN 0 to HW filter on device bond0
[  200.046889][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.062763][T12896] loop3: detected capacity change from 0 to 128
[  200.086717][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.094263][T12764] 8021q: adding VLAN 0 to HW filter on device team0
[  200.141366][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.153187][T10668] bridge0: port 1(bridge_slave_0) entered blocking state
[  200.160271][T10668] bridge0: port 1(bridge_slave_0) entered forwarding state
[  200.168047][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.180184][T12896] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  200.213271][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.235766][T10668] bridge0: port 2(bridge_slave_1) entered blocking state
[  200.242949][T10668] bridge0: port 2(bridge_slave_1) entered forwarding state
[  200.265503][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.280426][T12896] ext4 filesystem being mounted at /548/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  200.291838][T12764] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  200.311329][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.320190][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.354579][T12884] FAT-fs (loop1): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  200.398366][T12764] 8021q: adding VLAN 0 to HW filter on device batadv0
[  200.416817][ T3319] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  201.008086][T12764] veth0_vlan: entered promiscuous mode
[  201.042858][T12764] veth1_vlan: entered promiscuous mode
[  201.112279][T12764] veth0_macvtap: entered promiscuous mode
[  201.130383][T12764] veth1_macvtap: entered promiscuous mode
[  201.176751][T12764] batman_adv: batadv0: Interface activated: batadv_slave_0
[  201.210061][T12764] batman_adv: batadv0: Interface activated: batadv_slave_1
[  201.222116][T12961] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2844'.
[  201.245464][   T12] netdevsim netdevsim8 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  201.266579][T12961] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2844'.
[  201.284832][   T12] netdevsim netdevsim8 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  201.318070][   T12] netdevsim netdevsim8 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  201.347602][   T28] kauditd_printk_skb: 11 callbacks suppressed
[  201.347618][   T28] audit: type=1400 audit(2000000303.307:4438): avc:  denied  { mounton } for  pid=12764 comm="syz-executor" path="/root/syzkaller.FJwxEB/syz-tmp" dev="sda1" ino=2065 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_home_t tclass=dir permissive=1
[  201.379058][   T12] netdevsim netdevsim8 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  201.433892][   T28] audit: type=1400 audit(2000000303.307:4439): avc:  denied  { mount } for  pid=12764 comm="syz-executor" name="/" dev="tmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  201.502483][   T28] audit: type=1400 audit(2000000303.317:4440): avc:  denied  { mounton } for  pid=12764 comm="syz-executor" path="/root/syzkaller.FJwxEB/syz-tmp/newroot/sys/kernel/debug" dev="debugfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:debugfs_t tclass=dir permissive=1
[  201.589373][   T28] audit: type=1400 audit(2000000303.317:4441): avc:  denied  { mounton } for  pid=12764 comm="syz-executor" path="/root/syzkaller.FJwxEB/syz-tmp/newroot/proc/sys/fs/binfmt_misc" dev="proc" ino=37037 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:sysctl_fs_t tclass=dir permissive=1
[  201.691494][   T28] audit: type=1400 audit(2000000303.337:4442): avc:  denied  { mounton } for  pid=12764 comm="syz-executor" path="/dev/gadgetfs" dev="devtmpfs" ino=538 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:device_t tclass=dir permissive=1
[  201.801414][   T28] audit: type=1400 audit(2000000303.337:4443): avc:  denied  { mount } for  pid=12764 comm="syz-executor" name="/" dev="gadgetfs" ino=3830 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nfs_t tclass=filesystem permissive=1
[  201.890087][   T28] audit: type=1400 audit(2000000303.377:4444): avc:  denied  { mount } for  pid=12973 comm="syz.1.2846" name="/" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=filesystem permissive=1
[  201.952089][   T28] audit: type=1400 audit(2000000303.377:4445): avc:  denied  { mounton } for  pid=12973 comm="syz.1.2846" path="/140/file0" dev="devtmpfs" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:device_t tclass=dir permissive=1
[  202.011448][   T28] audit: type=1400 audit(2000000303.467:4446): avc:  denied  { setopt } for  pid=12978 comm="syz.1.2847" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  202.081272][   T28] audit: type=1400 audit(2000000303.597:4447): avc:  denied  { connect } for  pid=12983 comm="syz.1.2848" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  202.177801][T13015] loop3: detected capacity change from 0 to 128
[  202.205735][T13015] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  202.270247][T13015] ext4 filesystem being mounted at /553/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  202.411134][ T3319] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  202.719306][T13050] loop3: detected capacity change from 0 to 4096
[  202.753284][T13057] netlink: 240 bytes leftover after parsing attributes in process `syz.8.2858'.
[  202.766594][T13050] EXT4-fs: Ignoring removed bh option
[  202.801373][T13050] EXT4-fs: Ignoring removed mblk_io_submit option
[  202.846595][T13050] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  203.217286][T13091] loop8: detected capacity change from 0 to 2048
[  203.295112][T13091] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  203.471753][T13107] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  203.510028][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  203.566270][T13107] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 128 with error 28
[  203.612421][T13107] EXT4-fs (loop8): This should not happen!! Data will be lost
[  203.612421][T13107] 
[  203.659653][T13107] EXT4-fs (loop8): Total free blocks count 0
[  203.709659][T13107] EXT4-fs (loop8): Free/Dirty block details
[  203.771855][T13107] EXT4-fs (loop8): free_blocks=2415919504
[  203.825117][T13107] EXT4-fs (loop8): dirty_blocks=1600
[  203.842014][T13107] EXT4-fs (loop8): Block reservation details
[  203.885867][T13107] EXT4-fs (loop8): i_reserved_data_blocks=117
[  204.171653][T13139] xt_bpf: check failed: parse error
[  204.301675][T13091] EXT4-fs (loop8): Delayed block allocation failed for inode 15 at logical offset 128 with max blocks 2048 with error 28
[  204.651748][T13165] netlink: 'syz.1.2882': attribute type 29 has an invalid length.
[  204.679676][T13165] netlink: 'syz.1.2882': attribute type 29 has an invalid length.
[  204.700003][T13165] netlink: 500 bytes leftover after parsing attributes in process `syz.1.2882'.
[  206.001685][T13210] loop8: detected capacity change from 0 to 2048
[  206.061738][T13210] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  206.329128][   T12] EXT4-fs error (device loop8): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  206.344659][   T12] EXT4-fs (loop8): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 1460 with error 28
[  206.358874][   T12] EXT4-fs (loop8): This should not happen!! Data will be lost
[  206.358874][   T12] 
[  206.369137][   T12] EXT4-fs (loop8): Total free blocks count 0
[  206.375315][   T12] EXT4-fs (loop8): Free/Dirty block details
[  206.381624][   T12] EXT4-fs (loop8): free_blocks=2415919504
[  206.387436][   T12] EXT4-fs (loop8): dirty_blocks=1472
[  206.393740][   T12] EXT4-fs (loop8): Block reservation details
[  206.399777][   T12] EXT4-fs (loop8): i_reserved_data_blocks=92
[  206.423890][T12764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  206.465437][T13220] netlink: 20 bytes leftover after parsing attributes in process `syz.8.2905'.
[  206.507753][   T28] kauditd_printk_skb: 9 callbacks suppressed
[  206.507769][   T28] audit: type=1400 audit(2000000308.467:4457): avc:  denied  { write } for  pid=13221 comm="syz.8.2906" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  206.893468][   T28] audit: type=1400 audit(2000000308.857:4458): avc:  denied  { name_bind } for  pid=13244 comm="syz.2.2916" src=20002 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:port_t tclass=rawip_socket permissive=1
[  207.360349][   T28] audit: type=1400 audit(2000000309.317:4459): avc:  denied  { read write } for  pid=13253 comm="syz.8.2919" name="vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  207.385159][   T28] audit: type=1400 audit(2000000309.317:4460): avc:  denied  { open } for  pid=13253 comm="syz.8.2919" path="/dev/vga_arbiter" dev="devtmpfs" ino=3 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:xserver_misc_device_t tclass=chr_file permissive=1
[  207.786736][T13271] loop1: detected capacity change from 0 to 512
[  207.796293][T13271] EXT4-fs: Ignoring removed i_version option
[  207.814012][T13271] EXT4-fs: Ignoring removed bh option
[  207.837149][T13276] netlink: 32 bytes leftover after parsing attributes in process `syz.2.2929'.
[  207.847987][T13271] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  207.870027][T13271] ext4 filesystem being mounted at /167/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  207.988644][   T28] audit: type=1400 audit(2000000309.947:4461): avc:  denied  { associate } for  pid=13294 comm="syz.2.2935" name="3" scontext=root:object_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=filesystem permissive=1
[  208.118044][T10814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  208.137902][T13303] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2939'.
[  208.487656][T13315] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.508971][T13315] bridge_slave_1: left allmulticast mode
[  208.555951][T13315] bridge_slave_1: left promiscuous mode
[  208.571460][T13315] bridge0: port 2(bridge_slave_1) entered disabled state
[  208.798228][T13315] bond0: (slave bridge_slave_1): Enslaving as an active interface with an up link
[  209.156610][T13320] netlink: 48 bytes leftover after parsing attributes in process `syz.8.2944'.
[  209.299828][T13323] netlink: 32 bytes leftover after parsing attributes in process `syz.3.2946'.
[  209.359274][T13328] netlink: 'syz.1.2947': attribute type 1 has an invalid length.
[  209.402364][T13328] bond1: entered promiscuous mode
[  209.407516][T13328] bond1: entered allmulticast mode
[  209.438877][T13332] loop3: detected capacity change from 0 to 512
[  209.451774][T13334] bond1: (slave ip6gretap1): making interface the new active one
[  209.469705][T13334] ip6gretap1: entered promiscuous mode
[  209.476816][T13332] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  209.516346][T13334] ip6gretap1: entered allmulticast mode
[  209.529970][T13334] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  209.575837][T13332] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  209.731802][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  209.743469][T13343] xt_hashlimit: size too large, truncated to 1048576
[  209.809542][T13350] netlink: 24 bytes leftover after parsing attributes in process `syz.3.2954'.
[  209.906549][T13356] netlink: 4 bytes leftover after parsing attributes in process `syz.8.2958'.
[  210.070914][T13366] loop2: detected capacity change from 0 to 128
[  210.782869][T13379] all: renamed from bridge_slave_1 (while UP)
[  210.988336][   T28] audit: type=1400 audit(2000000312.947:4462): avc:  denied  { cmd } for  pid=13398 comm="syz.1.2975" path="socket:[37623]" dev="sockfs" ino=37623 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=io_uring permissive=1
[  211.275855][T13417] loop0: detected capacity change from 0 to 512
[  211.302427][T13417] ext4: Unknown parameter 'dont_appraise'
[  211.372383][T13408] loop1: detected capacity change from 0 to 128
[  211.386196][T13408] FAT-fs (loop1): utf8 is not a recommended IO charset for FAT filesystems, filesystem will be case sensitive!
[  211.405405][T13408] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  211.526747][   T12] FAT-fs (loop1): Invalid FSINFO signature: 0x41615252, 0x80417272 (sector = 1)
[  211.622204][T13429] loop0: detected capacity change from 0 to 128
[  211.630935][T13429] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  211.646417][T13429] ext4 filesystem being mounted at /167/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  211.759168][   T28] audit: type=1400 audit(2000000313.717:4463): avc:  denied  { setopt } for  pid=13436 comm="syz.1.2988" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rxrpc_socket permissive=1
[  212.082565][T13456] loop2: detected capacity change from 0 to 1024
[  212.112516][T13456] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a016c118, mo2=0002]
[  212.130555][T13462] macvtap1: entered promiscuous mode
[  212.136066][T13462] syz_tun: entered promiscuous mode
[  212.145442][T13462] syz_tun: left promiscuous mode
[  212.156801][T13456] System zones: 0-1, 3-12
[  212.186441][T13456] EXT4-fs (loop2): mounted filesystem 00000000-0500-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  212.200193][   T28] audit: type=1400 audit(2000000314.147:4464): avc:  denied  { getopt } for  pid=13463 comm="syz.8.2997" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  212.262990][ T9311] EXT4-fs (loop2): unmounting filesystem 00000000-0500-0000-0000-000000000000.
[  212.276533][T13467] loop1: detected capacity change from 0 to 128
[  212.288885][T13467] EXT4-fs (loop1): mounting ext2 file system using the ext4 subsystem
[  212.298633][T13467] EXT4-fs (loop1): failed to initialize system zone (-117)
[  212.307341][T13467] EXT4-fs (loop1): mount failed
[  212.455268][T13484] netlink: 24 bytes leftover after parsing attributes in process `syz.3.3004'.
[  212.485144][ T9884] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  212.561724][T13489] Falling back ldisc for ttyS3.
[  212.802830][T13504] netlink: 104 bytes leftover after parsing attributes in process `syz.3.3011'.
[  212.884444][   T28] audit: type=1400 audit(2000000314.847:4465): avc:  denied  { watch_reads } for  pid=13511 comm="syz.2.3016" path="/223" dev="tmpfs" ino=1171 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=dir permissive=1
[  212.949994][T13514] loop2: detected capacity change from 0 to 1024
[  212.963729][T13514] EXT4-fs: inline encryption not supported
[  212.970687][   T28] audit: type=1400 audit(2000000314.927:4466): avc:  denied  { bind } for  pid=13515 comm="syz.3.3018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  212.989825][T13518] loop0: detected capacity change from 0 to 128
[  212.998704][   T28] audit: type=1400 audit(2000000314.957:4467): avc:  denied  { setopt } for  pid=13515 comm="syz.3.3018" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_generic_socket permissive=1
[  212.999263][T13517] netlink: 'syz.3.3018': attribute type 10 has an invalid length.
[  213.029027][T13514] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  213.055788][   T28] audit: type=1400 audit(2000000315.007:4468): avc:  denied  { create } for  pid=13513 comm="syz.2.3017" name="bus" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  213.070548][T13517] team0: Failed to send options change via netlink (err -105)
[  213.087962][T13517] team0: Port device dummy0 added
[  213.103517][   T28] audit: type=1400 audit(2000000315.057:4469): avc:  denied  { setattr } for  pid=13513 comm="syz.2.3017" name="bus" dev="loop2" ino=18 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  213.104517][T13518] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  213.132358][T13522] netlink: 'syz.3.3018': attribute type 10 has an invalid length.
[  213.145011][T13518] ext4 filesystem being mounted at /171/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  213.149805][   T28] audit: type=1400 audit(2000000315.057:4470): avc:  denied  { add_name } for  pid=13513 comm="syz.2.3017" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  213.178056][T13522] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  213.197304][ T9311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  213.209490][ T9884] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  213.213390][T13522] team0: Failed to send options change via netlink (err -105)
[  213.228682][T13522] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  213.247479][T13522] team0: Port device dummy0 removed
[  213.259726][T13522] dummy0: entered promiscuous mode
[  213.265791][T13522] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  213.281109][T13524] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3022'.
[  213.369284][T13524] loop0: detected capacity change from 0 to 8192
[  213.401560][ T3303]  loop0: p1 < > p2 p4 < p5 >
[  213.406762][   T28] audit: type=1326 audit(2000000315.367:4471): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13533 comm="syz.3.3026" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fcc960cc629 code=0x0
[  213.427970][ T3303] loop0: partition table partially beyond EOD, truncated
[  213.455697][ T3303] loop0: p1 start 134217728 is beyond EOD, truncated
[  213.467643][ T3303] loop0: p2 size 591360 extends beyond EOD, truncated
[  213.490244][ T3303] loop0: p5 size 591360 extends beyond EOD, truncated
[  213.506236][T13524]  loop0: p1 < > p2 p4 < p5 >
[  213.513328][T13524] loop0: partition table partially beyond EOD, truncated
[  213.581315][T13524] loop0: p1 start 134217728 is beyond EOD, truncated
[  213.593007][T13524] loop0: p2 size 591360 extends beyond EOD, truncated
[  213.611136][T13524] loop0: p5 size 591360 extends beyond EOD, truncated
[  213.802110][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  213.813973][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  213.821909][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory
[  213.846201][T13543] loop0: detected capacity change from 0 to 4096
[  213.880999][T13543] EXT4-fs: Ignoring removed mblk_io_submit option
[  213.885267][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop0p4, 10) failed: No such file or directory
[  213.903739][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop0p5, 10) failed: No such file or directory
[  213.905019][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop0p2, 10) failed: No such file or directory
[  213.932129][T13543] EXT4-fs: test_dummy_encryption option not supported
[  213.967221][   T28] audit: type=1400 audit(2000000315.927:4472): avc:  denied  { create } for  pid=13549 comm="syz.0.3031" name="file0" scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=blk_file permissive=1
[  214.426397][T13560] netlink: 28 bytes leftover after parsing attributes in process `syz.3.3035'.
[  214.519907][T13569] netlink: 12 bytes leftover after parsing attributes in process `syz.2.3040'.
[  214.529691][T13569] netlink: 8 bytes leftover after parsing attributes in process `syz.2.3040'.
[  214.557788][T13574] SELinux: unrecognized netlink message: protocol=0 nlmsg_type=0 sclass=netlink_route_socket pid=13574 comm=syz.2.3041
[  214.573892][T13574] netlink: 'syz.2.3041': attribute type 1 has an invalid length.
[  214.591761][ T3605] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  214.606062][T13574] bond2: (slave bridge1): making interface the new active one
[  214.614522][T13574] bond2: (slave bridge1): Enslaving as an active interface with an up link
[  215.094572][T13604] loop8: detected capacity change from 0 to 512
[  215.157943][T13604] EXT4-fs (loop8): revision level too high, forcing read-only mode
[  215.169232][T13604] EXT4-fs (loop8): orphan cleanup on readonly fs
[  215.192356][T13604] EXT4-fs error (device loop8): ext4_do_update_inode:5569: inode #16: comm syz.8.3051: corrupted inode contents
[  215.204947][T13604] loop8: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  215.206934][T13604] EXT4-fs (loop8): Remounting filesystem read-only
[  215.216707][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  215.216889][    C0] EXT4-fs (loop8): initial error at time 2000000317: ext4_do_update_inode:5569: inode 16
[  215.217359][    C0] EXT4-fs (loop8): last error at time 2000000317: ext4_do_update_inode:5569: inode 16
[  215.255499][T13604] EXT4-fs (loop8): 1 truncate cleaned up
[  215.261944][T10678] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  215.272923][T10678] EXT4-fs (loop8): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  215.284607][T10678] EXT4-fs (loop8): Quota write (off=8, len=24) cancelled because transaction is not started
[  215.307627][T13604] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  215.398104][T12764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.520878][T13612] loop0: detected capacity change from 0 to 4096
[  215.582489][T13612] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  215.713181][ T9884] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  215.777826][T13624] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3060'.
[  215.826190][T13629] loop0: detected capacity change from 0 to 128
[  215.871581][T13629] EXT4-fs (loop0): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  215.905622][T13629] ext4 filesystem being mounted at /180/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  215.993081][ T9884] EXT4-fs (loop0): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  216.121805][T13646] A link change request failed with some changes committed already. Interface gre1 may have been left with an inconsistent configuration, please check.
[  216.254542][T13652] loop1: detected capacity change from 0 to 512
[  216.315290][T13652] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  216.356473][T13652] ext4 filesystem being mounted at /204/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  216.406676][T13652] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #2: comm syz.1.3071: corrupted inode contents
[  216.407086][T13638] loop2: detected capacity change from 0 to 32768
[  216.431042][T13652] EXT4-fs error (device loop1): ext4_dirty_inode:6450: inode #2: comm syz.1.3071: mark_inode_dirty error
[  216.452588][T13652] EXT4-fs error (device loop1): ext4_do_update_inode:5569: inode #2: comm syz.1.3071: corrupted inode contents
[  216.464781][ T3303]  loop2: p1 p3 < >
[  216.468607][ T3303] loop2: partition table partially beyond EOD, truncated
[  216.485249][ T3303] loop2: p3 start 265216 is beyond EOD, truncated
[  216.494129][T13665] SELinux: failed to load policy
[  216.499605][T13652] EXT4-fs error (device loop1): __ext4_ext_dirty:207: inode #2: comm syz.1.3071: mark_inode_dirty error
[  216.513744][T13638]  loop2: p1 p3 < >
[  216.517676][T13638] loop2: partition table partially beyond EOD, truncated
[  216.525611][T13638] loop2: p3 start 265216 is beyond EOD, truncated
[  216.525773][T13667] EXT4-fs warning (device loop1): ext4_es_cache_extent:1082: inode #2: comm syz.1.3071: ES cache extent failed: add [0,1,21,0x1] conflict with existing [0,8,576460752303423487,0x18]
[  216.525773][T13667] 
[  216.645696][T13652] EXT4-fs warning (device loop1): ext4_empty_dir:3087: inode #18: comm syz.1.3071: directory missing '.'
[  216.665077][T13673] program syz.3.3076 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  216.738230][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  216.751555][T10814] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  216.773399][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop2p1, 10) failed: No such file or directory
[  216.826774][T13685] ipip0: entered promiscuous mode
[  216.839091][   T28] kauditd_printk_skb: 17 callbacks suppressed
[  216.839105][   T28] audit: type=1400 audit(2000000318.797:4484): avc:  denied  { bind } for  pid=13684 comm="syz.2.3083" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  216.894434][   T28] audit: type=1326 audit(2000000318.837:4485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=13681 comm="syz.1.3080" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f6d16aec629 code=0x0
[  217.664417][T13700] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3096'.
[  217.823287][T13711] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3091'.
[  217.864311][T10678] netdevsim netdevsim8 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  217.873174][T13711] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3091'.
[  217.882410][T10678] netdevsim netdevsim8 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  217.893581][T13717] netlink: 8 bytes leftover after parsing attributes in process `syz.3.3094'.
[  217.903788][T10678] netdevsim netdevsim8 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  217.915295][T10678] netdevsim netdevsim8 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  217.926464][T13717] netlink: 'syz.3.3094': attribute type 5 has an invalid length.
[  217.937716][T13717] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3094'.
[  217.955555][T13717] geneve3: entered promiscuous mode
[  217.961005][T13717] geneve3: entered allmulticast mode
[  217.994514][   T30] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 58587 - 0
[  218.011397][   T30] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 58587 - 0
[  218.045135][T13724] netlink: 'syz.1.3098': attribute type 10 has an invalid length.
[  218.060176][   T30] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 58587 - 0
[  218.073726][   T30] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 58587 - 0
[  218.095567][T13733] netlink: 'syz.1.3098': attribute type 10 has an invalid length.
[  218.107855][T13732] geneve4: entered promiscuous mode
[  218.116961][T13724] team0: Failed to send options change via netlink (err -105)
[  218.131957][T13724] team0: Port device dummy0 added
[  218.142149][T13733] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  218.168387][T13733] team0: Failed to send options change via netlink (err -105)
[  218.179282][T13733] team0: Failed to send port change of device dummy0 via netlink (err -105)
[  218.189650][T13733] team0: Port device dummy0 removed
[  218.197999][T13733] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  218.237901][T13739] loop1: detected capacity change from 0 to 128
[  218.359223][T13750] loop2: detected capacity change from 0 to 512
[  218.405743][T13750] EXT4-fs (loop2): encrypted files will use data=ordered instead of data journaling mode
[  218.448423][T13750] EXT4-fs (loop2): 1 truncate cleaned up
[  218.461738][T13750] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  218.477238][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.477238][   T30] loop1: rw=1, sector=129, nr_sectors = 8 limit=128
[  218.504626][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.504626][   T30] loop1: rw=1, sector=145, nr_sectors = 8 limit=128
[  218.530291][ T9311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  218.548757][   T28] audit: type=1400 audit(2000000320.507:4486): avc:  denied  { mounton } for  pid=13758 comm="syz.3.3114" path="/618/file0" dev="tmpfs" ino=3247 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:user_tmpfs_t tclass=fifo_file permissive=1
[  218.552964][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.552964][   T30] loop1: rw=1, sector=161, nr_sectors = 8 limit=128
[  218.598004][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.598004][   T30] loop1: rw=1, sector=177, nr_sectors = 8 limit=128
[  218.611784][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.611784][   T30] loop1: rw=1, sector=193, nr_sectors = 8 limit=128
[  218.625400][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.625400][   T30] loop1: rw=1, sector=209, nr_sectors = 8 limit=128
[  218.639129][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.639129][   T30] loop1: rw=1, sector=225, nr_sectors = 8 limit=128
[  218.661320][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.661320][   T30] loop1: rw=1, sector=241, nr_sectors = 8 limit=128
[  218.675109][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.675109][   T30] loop1: rw=1, sector=257, nr_sectors = 8 limit=128
[  218.689026][   T30] kworker/u8:1: attempt to access beyond end of device
[  218.689026][   T30] loop1: rw=1, sector=273, nr_sectors = 8 limit=128
[  218.797484][   T28] audit: type=1400 audit(2000000320.757:4487): avc:  denied  { wake_alarm } for  pid=13769 comm="syz.2.3117" capability=35  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[  218.852722][   T28] audit: type=1400 audit(2000000320.817:4488): avc:  denied  { bind } for  pid=13773 comm="syz.3.3119" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bluetooth_socket permissive=1
[  218.906800][   T28] audit: type=1400 audit(2000000320.837:4489): avc:  denied  { ioctl } for  pid=13769 comm="syz.2.3117" path="socket:[39326]" dev="sockfs" ino=39326 ioctlcmd=0x8933 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=ieee802154_socket permissive=1
[  219.050382][T10668] Bluetooth: hci0: Frame reassembly failed (-84)
[  219.328112][T13666] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  219.397048][   T28] audit: type=1400 audit(2000000321.357:4490): avc:  denied  { read } for  pid=13793 comm="syz.0.3126" name="msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  219.460790][   T28] audit: type=1400 audit(2000000321.357:4491): avc:  denied  { open } for  pid=13793 comm="syz.0.3126" path="/dev/cpu/0/msr" dev="devtmpfs" ino=85 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cpu_device_t tclass=chr_file permissive=1
[  219.592787][T13788] loop1: detected capacity change from 0 to 32768
[  219.648057][ T3303]  loop1: p1 p3 < >
[  219.654972][T13788]  loop1: p1 p3 < >
[  219.830564][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  219.851970][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  219.875840][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop1p1, 10) failed: No such file or directory
[  219.886854][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop1p3, 10) failed: No such file or directory
[  219.925753][T13810] loop2: detected capacity change from 0 to 1024
[  219.946305][T13799] loop0: detected capacity change from 0 to 32768
[  219.953657][T13810] EXT4-fs: inline encryption not supported
[  219.975802][T13810] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.008622][ T3307]  loop0: p1 p3 < >
[  220.012510][ T3307] loop0: partition table partially beyond EOD, truncated
[  220.033216][ T3307] loop0: p3 start 265216 is beyond EOD, truncated
[  220.053689][T13799]  loop0: p1 p3 < >
[  220.059563][T13799] loop0: partition table partially beyond EOD, truncated
[  220.077863][T13799] loop0: p3 start 265216 is beyond EOD, truncated
[  220.105131][T13822] loop1: detected capacity change from 0 to 512
[  220.133187][T13822] EXT4-fs (loop1): encrypted files will use data=ordered instead of data journaling mode
[  220.169784][T13822] EXT4-fs (loop1): 1 truncate cleaned up
[  220.180220][T13822] EXT4-fs (loop1): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.246810][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  220.262201][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop0p1, 10) failed: No such file or directory
[  220.334303][T10814] EXT4-fs error (device loop1): ext4_lookup:1785: inode #11: comm syz-executor: iget: bad extra_isize 46 (inode size 256)
[  220.372732][T10814] EXT4-fs (loop1): Remounting filesystem read-only
[  220.463870][T13833] loop0: detected capacity change from 0 to 512
[  220.470778][T13833] EXT4-fs (loop0): encrypted files will use data=ordered instead of data journaling mode
[  220.490609][T13831] EXT4-fs (loop1): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.500041][T13835] loop3: detected capacity change from 0 to 128
[  220.508815][T13833] EXT4-fs (loop0): 1 truncate cleaned up
[  220.526327][T13833] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  220.606814][ T9311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.662041][ T9884] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.673517][T13844] loop2: detected capacity change from 0 to 512
[  220.710323][T13844] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  220.726365][T13844] ext4 filesystem being mounted at /251/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  220.747058][   T28] audit: type=1400 audit(2000000322.697:4492): avc:  denied  { append } for  pid=13843 comm="syz.2.3143" name="file1" dev="loop2" ino=15 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:unlabeled_t tclass=file permissive=1
[  220.784676][ T9311] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  220.983267][T13840] chnl_net:caif_netlink_parms(): no params data found
[  221.070829][T13840] bridge0: port 1(bridge_slave_0) entered blocking state
[  221.081455][   T43] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  221.091579][T13840] bridge0: port 1(bridge_slave_0) entered disabled state
[  221.098832][T13840] bridge_slave_0: entered allmulticast mode
[  221.105560][T13840] bridge_slave_0: entered promiscuous mode
[  221.112905][T13840] bridge0: port 2(bridge_slave_1) entered blocking state
[  221.120202][T13840] bridge0: port 2(bridge_slave_1) entered disabled state
[  221.127584][T13840] bridge_slave_1: entered allmulticast mode
[  221.134582][T13840] bridge_slave_1: entered promiscuous mode
[  221.156901][T13840] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  221.174336][T13840] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  221.199697][T13840] team0: Port device team_slave_0 added
[  221.206798][T13840] team0: Port device team_slave_1 added
[  221.224885][T13840] batman_adv: batadv0: Adding interface: batadv_slave_0
[  221.233209][T13840] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  221.293848][T13840] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  221.317246][T13840] batman_adv: batadv0: Adding interface: batadv_slave_1
[  221.332216][T13840] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  221.397704][T13840] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  221.414959][T13864] xt_CT: You must specify a L4 protocol and not use inversions on it
[  221.461966][T13840] hsr_slave_0: entered promiscuous mode
[  221.488373][T13840] hsr_slave_1: entered promiscuous mode
[  221.498076][T13840] debugfs: 'hsr0' already exists in 'hsr'
[  221.507408][T13840] Cannot create hsr debugfs directory
[  221.612636][   T28] audit: type=1400 audit(2000000323.577:4493): avc:  denied  { nlmsg_read } for  pid=13893 comm="syz.0.3156" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_xfrm_socket permissive=1
[  221.711387][T13898] lo: Caught tx_queue_len zero misconfig
[  221.788700][T13916] loop3: detected capacity change from 0 to 512
[  221.804615][T13916] EXT4-fs (loop3): encrypted files will use data=ordered instead of data journaling mode
[  221.827316][T13916] EXT4-fs (loop3): 1 truncate cleaned up
[  221.841526][T13916] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  221.870097][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  222.046235][T13840] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  222.273257][T13840] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  222.289379][T13840] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  222.350417][T13840] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  222.456112][T13840] 8021q: adding VLAN 0 to HW filter on device bond0
[  222.481664][T13840] 8021q: adding VLAN 0 to HW filter on device team0
[  222.540037][ T2084] bridge0: port 1(bridge_slave_0) entered blocking state
[  222.547166][ T2084] bridge0: port 1(bridge_slave_0) entered forwarding state
[  222.572847][ T2084] bridge0: port 2(bridge_slave_1) entered blocking state
[  222.580097][ T2084] bridge0: port 2(bridge_slave_1) entered forwarding state
[  222.620952][T13993] vlan3: entered allmulticast mode
[  222.645432][T13993] macsec0: entered allmulticast mode
[  222.656887][T13993] veth1_macvtap: entered allmulticast mode
[  222.687947][T13999] netlink: 8 bytes leftover after parsing attributes in process `syz.0.3174'.
[  222.726489][T13840] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network
[  222.737777][T13840] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  222.871035][T13840] 8021q: adding VLAN 0 to HW filter on device batadv0
[  222.997719][T14030] EXT4-fs: Ignoring removed bh option
[  223.096538][T14030] EXT4-fs: inline encryption not supported
[  223.162334][T14030] EXT4-fs (loop3): feature flags set on rev 0 fs, running e2fsck is recommended
[  223.300770][T14030] EXT4-fs warning (device loop3): ext4_update_dynamic_rev:1142: updating to rev 1 because of new feature flag, running e2fsck is recommended
[  223.306859][T13840] veth0_vlan: entered promiscuous mode
[  223.324415][T14057] set_capacity_and_notify: 1 callbacks suppressed
[  223.324434][T14057] loop8: detected capacity change from 0 to 512
[  223.337523][T13840] veth1_vlan: entered promiscuous mode
[  223.353941][T13840] veth0_macvtap: entered promiscuous mode
[  223.367948][T13840] veth1_macvtap: entered promiscuous mode
[  223.381479][T13840] batman_adv: batadv0: Interface activated: batadv_slave_0
[  223.408145][T13840] batman_adv: batadv0: Interface activated: batadv_slave_1
[  223.427398][T10678] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  223.442469][T14030] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.3179: bg 0: block 248: padding at end of block bitmap is not set
[  223.442486][ T2084] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  223.480897][T14057] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  223.500249][T14030] loop3: lost filesystem error report for type 5 error -117
[  223.500419][T14030] Quota error (device loop3): write_blk: dquota write failed
[  223.507859][    C0] EXT4-fs (loop3): error count since last fsck: 1
[  223.507896][    C0] EXT4-fs (loop3): last error at time 2000000325: ext4_validate_block_bitmap:441
[  223.533462][ T2084] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  223.542823][T14030] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[  223.555988][T14057] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.3182: bad orphan inode 131083
[  223.565958][ T2084] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  223.576763][T14057] loop8: lost filesystem error report for type 5 error -117
[  223.577328][T14057] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  223.632732][T14030] EXT4-fs error (device loop3): ext4_acquire_dquot:7003: comm syz.3.3179: Failed to acquire dquot type 1
[  223.644497][T14030] loop3: lost filesystem error report for type 5 error -117
[  223.645333][T14030] EXT4-fs (loop3): 1 truncate cleaned up
[  223.658892][T14030] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0008-000000000000 r/w without journal. Quota mode: writeback.
[  223.677135][T14057] netlink: 148 bytes leftover after parsing attributes in process `syz.8.3182'.
[  223.703806][T14057] A link change request failed with some changes committed already. Interface ip6_vti0 may have been left with an inconsistent configuration, please check.
[  223.752591][T14030] netlink: 199836 bytes leftover after parsing attributes in process `syz.3.3179'.
[  223.800808][T14086] loop0: detected capacity change from 0 to 128
[  223.831728][T12764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  223.981374][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0008-000000000000.
[  224.839500][T14159] loop0: detected capacity change from 0 to 1024
[  224.847515][T14161] netlink: 'syz.3.3196': attribute type 1 has an invalid length.
[  224.876899][T14161] 8021q: adding VLAN 0 to HW filter on device bond5
[  224.915964][T14159] EXT4-fs (loop0): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  224.958870][T14159] ext4 filesystem being mounted at /200/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  225.031617][T14178] netlink: 'syz.5.3201': attribute type 1 has an invalid length.
[  225.039393][T14178] netlink: 'syz.5.3201': attribute type 4 has an invalid length.
[  225.076273][T14181] EXT4-fs error (device loop0): ext4_free_blocks:6726: comm syz.0.3197: Freeing blocks not in datazone - block = 0, count = 16
[  225.099767][T14178] netlink: 9462 bytes leftover after parsing attributes in process `syz.5.3201'.
[  225.239815][ T2084] EXT4-fs error (device loop0): ext4_validate_block_bitmap:441: comm kworker/u8:8: bg 0: block 112: padding at end of block bitmap is not set
[  225.280556][ T2084] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 1 with error 28
[  225.306917][ T2084] EXT4-fs (loop0): This should not happen!! Data will be lost
[  225.306917][ T2084] 
[  225.334886][ T2084] EXT4-fs (loop0): Total free blocks count 0
[  225.352111][ T2084] EXT4-fs (loop0): Free/Dirty block details
[  225.358093][ T2084] EXT4-fs (loop0): free_blocks=16
[  225.371283][ T2084] EXT4-fs (loop0): dirty_blocks=16
[  225.381467][ T2084] EXT4-fs (loop0): Block reservation details
[  225.391672][ T2084] EXT4-fs (loop0): i_reserved_data_blocks=1
[  225.428279][ T9884] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  226.138196][T14205] xt_CT: You must specify a L4 protocol and not use inversions on it
[  226.247503][T14238] loop0: detected capacity change from 0 to 1024
[  226.258766][T14238] EXT4-fs: Ignoring removed bh option
[  226.296338][T14238] EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  226.391363][T14238] loop0: detected capacity change from 1024 to 64
[  226.417685][T14238] bio_check_eod: 180 callbacks suppressed
[  226.417701][T14238] syz.0.3214: attempt to access beyond end of device
[  226.417701][T14238] loop0: rw=2049, sector=256, nr_sectors = 2 limit=64
[  226.437270][T14238] EXT4-fs warning (device loop0): ext4_end_bio:373: I/O error 10 writing to inode 15 starting block 128)
[  226.448812][T14238] Buffer I/O error on device loop0, logical block 128
[  226.456080][T14238] syz.0.3214: attempt to access beyond end of device
[  226.456080][T14238] loop0: rw=2049, sector=262, nr_sectors = 130 limit=64
[  226.469850][T14238] EXT4-fs warning (device loop0): ext4_end_bio:373: I/O error 10 writing to inode 15 starting block 131)
[  226.482865][T14238] Buffer I/O error on device loop0, logical block 131
[  226.489743][T14238] Buffer I/O error on device loop0, logical block 132
[  226.496537][T14238] Buffer I/O error on device loop0, logical block 133
[  226.503341][T14238] Buffer I/O error on device loop0, logical block 134
[  226.510116][T14238] Buffer I/O error on device loop0, logical block 135
[  226.520148][T14238] Buffer I/O error on device loop0, logical block 136
[  226.526955][T14238] Buffer I/O error on device loop0, logical block 137
[  226.533831][T14238] Buffer I/O error on device loop0, logical block 138
[  226.540626][T14238] Buffer I/O error on device loop0, logical block 139
[  226.727821][   T28] audit: type=1400 audit(2000000328.687:4494): avc:  denied  { read } for  pid=14252 comm="syz.5.3219" path="socket:[39915]" dev="sockfs" ino=39915 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=rawip_socket permissive=1
[  226.798545][T14255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  226.812640][T14255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  226.821281][T14255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  226.830107][T14255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  226.840746][T14255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  226.858348][T14255] vhci_hcd: Failed attach request for unsupported USB speed: UNKNOWN
[  226.878589][T14255] vhci_hcd vhci_hcd.0: pdev(5) rhport(6) sockfd(15)
[  226.885219][T14255] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed)
[  226.896554][T11413] EXT4-fs (loop0): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  226.906337][T14244] kmmpd-loop0: attempt to access beyond end of device
[  226.906337][T14244] loop0: rw=8402945, sector=128, nr_sectors = 2 limit=64
[  226.909363][T14255] vhci_hcd vhci_hcd.0: Device attached
[  226.924920][T14244] Buffer I/O error on dev loop0, logical block 64, lost sync page write
[  226.949130][T14256] vhci_hcd: connection closed
[  226.949467][T10678] vhci_hcd vhci_hcd.5: stop threads
[  226.963957][T10678] vhci_hcd vhci_hcd.5: release socket
[  226.998977][T10678] vhci_hcd vhci_hcd.5: disconnect device
[  227.073618][T14264] loop8: detected capacity change from 0 to 128
[  227.085841][T14264] EXT4-fs (loop8): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  227.105327][T14264] ext4 filesystem being mounted at /66/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  227.162174][T12764] EXT4-fs (loop8): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  227.251043][T14269] xt_CT: You must specify a L4 protocol and not use inversions on it
[  227.320438][T14278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3230'.
[  227.401563][T14278] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3230'.
[  227.475106][T14290] all: renamed from veth1_to_bond (while UP)
[  227.668211][T14274] chnl_net:caif_netlink_parms(): no params data found
[  227.732612][T14274] bridge0: port 1(bridge_slave_0) entered blocking state
[  227.760744][T14274] bridge0: port 1(bridge_slave_0) entered disabled state
[  227.792897][T14274] bridge_slave_0: entered allmulticast mode
[  227.799450][T14274] bridge_slave_0: entered promiscuous mode
[  227.843713][T14274] bridge0: port 2(bridge_slave_1) entered blocking state
[  227.850821][T14274] bridge0: port 2(bridge_slave_1) entered disabled state
[  227.897383][T14274] bridge_slave_1: entered allmulticast mode
[  227.909126][T14274] bridge_slave_1: entered promiscuous mode
[  227.923536][T14307] syz_tun: entered allmulticast mode
[  227.929431][T14306] syz_tun: left allmulticast mode
[  227.978500][T14274] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  228.008389][T14274] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  228.076246][T14274] team0: Port device team_slave_0 added
[  228.083524][T14274] team0: Port device team_slave_1 added
[  228.120146][T14274] batman_adv: batadv0: Adding interface: batadv_slave_0
[  228.130665][T14274] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  228.168600][T14313] loop8: detected capacity change from 0 to 128
[  228.208349][T14274] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  228.240166][T14274] batman_adv: batadv0: Adding interface: batadv_slave_1
[  228.250742][T14274] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  228.332548][T14274] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  228.423717][T14319] loop8: detected capacity change from 0 to 128
[  228.428712][T14274] hsr_slave_0: entered promiscuous mode
[  228.461677][T14274] hsr_slave_1: entered promiscuous mode
[  228.481689][T14274] debugfs: 'hsr0' already exists in 'hsr'
[  228.493001][T14274] Cannot create hsr debugfs directory
[  228.518729][   T30] netdevsim netdevsim0 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.555373][   T30] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.568353][   T30] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  228.687097][   T30] netdevsim netdevsim0 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.697756][   T30] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.718269][   T30] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  228.838272][   T30] netdevsim netdevsim0 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.849015][   T30] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.860495][   T30] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  228.936466][   T30] netdevsim netdevsim0 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  228.948091][   T30] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  228.960459][   T30] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 1] type 2 family 0 port 20004 - 0
[  228.962293][T14341] xt_CT: You must specify a L4 protocol and not use inversions on it
[  229.101412][   T30] bridge_slave_1: left allmulticast mode
[  229.107175][   T30] bridge_slave_1: left promiscuous mode
[  229.132944][T14349] loop5: detected capacity change from 0 to 512
[  229.143560][   T30] bridge0: port 2(bridge_slave_1) entered disabled state
[  229.155255][   T30] bridge_slave_0: left allmulticast mode
[  229.161064][   T30] bridge_slave_0: left promiscuous mode
[  229.169069][T14349] EXT4-fs (loop5): encrypted files will use data=ordered instead of data journaling mode
[  229.199702][   T30] bridge0: port 1(bridge_slave_0) entered disabled state
[  229.217031][T14349] EXT4-fs (loop5): 1 truncate cleaned up
[  229.250097][T14349] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  229.294440][   T28] audit: type=1400 audit(2000000331.257:4495): avc:  denied  { remount } for  pid=14348 comm="syz.5.3253" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:fs_t tclass=filesystem permissive=1
[  229.340484][T14349] EXT4-fs (loop5): re-mounted 00000000-0000-0000-0000-000000000000.
[  229.395052][   T30] bond2 (unregistering): (slave geneve2): Releasing active interface
[  229.414512][T14363] mmap: syz.2.3256 (14363): VmData 33202176 exceed data ulimit 0. Update limits or use boot option ignore_rlimit_data.
[  229.460308][   T30] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  229.470534][   T30] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  229.519941][T14370] loop2: detected capacity change from 0 to 1024
[  229.531737][T14370] EXT4-fs: Ignoring removed bh option
[  229.542657][   T30] bond0 (unregistering): Released all slaves
[  229.560277][T13840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  229.569414][   T30] bond1 (unregistering): Released all slaves
[  229.604748][   T30] bond2 (unregistering): Released all slaves
[  229.642976][T14370] EXT4-fs (loop2): mounted filesystem 00000000-0000-0000-0000-001000000000 r/w without journal. Quota mode: writeback.
[  229.669541][   T30] hsr_slave_0: left promiscuous mode
[  229.691293][T14370] loop2: detected capacity change from 1024 to 64
[  229.720214][T14370] syz.2.3258: attempt to access beyond end of device
[  229.720214][T14370] loop2: rw=2049, sector=256, nr_sectors = 2 limit=64
[  229.754144][   T30] hsr_slave_1: left promiscuous mode
[  229.774443][   T30] batman_adv: batadv0: Removing interface: batadv_slave_0
[  229.795849][T14370] EXT4-fs warning (device loop2): ext4_end_bio:373: I/O error 10 writing to inode 15 starting block 128)
[  229.807714][T14370] syz.2.3258: attempt to access beyond end of device
[  229.807714][T14370] loop2: rw=2049, sector=262, nr_sectors = 130 limit=64
[  229.807804][   T30] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  229.821578][T14370] EXT4-fs warning (device loop2): ext4_end_bio:373: I/O error 10 writing to inode 15 starting block 131)
[  229.859248][   T30] batman_adv: batadv0: Removing interface: batadv_slave_1
[  229.892116][   T30] veth1_macvtap: left promiscuous mode
[  229.911284][   T30] veth0_macvtap: left promiscuous mode
[  229.916847][   T30] veth1_vlan: left promiscuous mode
[  229.922336][   T30] veth0_vlan: left promiscuous mode
[  229.960077][ T9688] IPVS: starting estimator thread 0...
[  230.037268][   T30] team0 (unregistering): Port device team_slave_1 removed
[  230.047622][   T30] team0 (unregistering): Port device team_slave_0 removed
[  230.072825][T14386] IPVS: using max 2064 ests per chain, 103200 per kthread
[  230.090799][   T30] team0 (unregistering): Port device dummy0 removed
[  230.184764][T14274] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  230.219891][T14274] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  230.243401][T14274] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  230.267864][T14274] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  230.401149][T14344] EXT4-fs (loop2): unmounting filesystem 00000000-0000-0000-0000-001000000000.
[  230.426570][T14274] 8021q: adding VLAN 0 to HW filter on device bond0
[  230.441365][T14378] kmmpd-loop2: attempt to access beyond end of device
[  230.441365][T14378] loop2: rw=8402945, sector=128, nr_sectors = 2 limit=64
[  230.471224][T14274] 8021q: adding VLAN 0 to HW filter on device team0
[  230.477032][T14422] loop8: detected capacity change from 0 to 128
[  230.502280][T14378] Buffer I/O error on dev loop2, logical block 64, lost sync page write
[  230.513423][ T2084] bridge0: port 1(bridge_slave_0) entered blocking state
[  230.520585][ T2084] bridge0: port 1(bridge_slave_0) entered forwarding state
[  230.603551][ T2084] bridge0: port 2(bridge_slave_1) entered blocking state
[  230.610645][ T2084] bridge0: port 2(bridge_slave_1) entered forwarding state
[  230.647611][T10668] kworker/u8:16: attempt to access beyond end of device
[  230.647611][T10668] loop8: rw=1, sector=145, nr_sectors = 16 limit=128
[  230.682116][T10668] kworker/u8:16: attempt to access beyond end of device
[  230.682116][T10668] loop8: rw=1, sector=169, nr_sectors = 8 limit=128
[  230.692931][T14274] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  230.719460][T10668] kworker/u8:16: attempt to access beyond end of device
[  230.719460][T10668] loop8: rw=1, sector=185, nr_sectors = 8 limit=128
[  230.736377][T10668] kworker/u8:16: attempt to access beyond end of device
[  230.736377][T10668] loop8: rw=1, sector=201, nr_sectors = 8 limit=128
[  230.778088][T14431] sctp: [Deprecated]: syz.8.3270 (pid 14431) Use of int in max_burst socket option.
[  230.778088][T14431] Use struct sctp_assoc_value instead
[  231.023281][T14274] 8021q: adding VLAN 0 to HW filter on device batadv0
[  231.041196][T14426] loop5: detected capacity change from 0 to 32768
[  231.113656][ T3303]  loop5: p1 p2 p3 < p5 >
[  231.119252][ T3303] loop5: p1 size 242222080 extends beyond EOD, truncated
[  231.147557][ T3303] loop5: p2 start 16777215 is beyond EOD, truncated
[  231.249942][   T28] audit: type=1400 audit(2000000333.207:4496): avc:  denied  { mount } for  pid=14471 comm="syz.8.3276" name="/" dev="cgroup2" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:cgroup_t tclass=filesystem permissive=1
[  231.453796][T14426]  loop5: p1 p2 p3 < p5 >
[  231.460889][T14426] loop5: p1 size 242222080 extends beyond EOD, truncated
[  231.475727][T14426] loop5: p2 start 16777215 is beyond EOD, truncated
[  231.510277][ T3001]  loop5: p1 p2 p3 < p5 >
[  231.519524][ T3001] loop5: p1 size 242222080 extends beyond EOD, truncated
[  231.563352][ T3001] loop5: p2 start 16777215 is beyond EOD, truncated
[  231.608901][T14492] loop8: detected capacity change from 0 to 1024
[  231.647172][T14492] EXT4-fs: Ignoring removed nomblk_io_submit option
[  231.699128][T14492] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  231.747805][T14510] loop3: detected capacity change from 0 to 512
[  231.764015][T14452] chnl_net:caif_netlink_parms(): no params data found
[  231.821713][T14510] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000d40000 r/w without journal. Quota mode: writeback.
[  231.888060][T14274] veth0_vlan: entered promiscuous mode
[  231.888462][T12764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  231.898699][T14274] veth1_vlan: entered promiscuous mode
[  231.915578][T14510] ext4 filesystem being mounted at /664/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  231.926353][T14274] veth0_macvtap: entered promiscuous mode
[  231.943311][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[  231.943985][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  231.965082][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  231.986908][T14274] veth1_macvtap: entered promiscuous mode
[  232.020325][T14274] batman_adv: batadv0: Interface activated: batadv_slave_0
[  232.054541][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  232.062455][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[  232.066791][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  232.105875][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000d40000.
[  232.116673][T14452] bridge0: port 1(bridge_slave_0) entered blocking state
[  232.123867][ T3308] udevd[3308]: inotify_add_watch(7, /dev/loop5p3, 10) failed: No such file or directory
[  232.135121][ T3307] udevd[3307]: inotify_add_watch(7, /dev/loop5p5, 10) failed: No such file or directory
[  232.146341][ T3303] udevd[3303]: inotify_add_watch(7, /dev/loop5p1, 10) failed: No such file or directory
[  232.149782][T14452] bridge0: port 1(bridge_slave_0) entered disabled state
[  232.165530][   T28] audit: type=1400 audit(2000000334.127:4497): avc:  denied  { ioctl } for  pid=14520 comm="syz.8.3285" path="socket:[42727]" dev="sockfs" ino=42727 ioctlcmd=0x8914 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=netlink_iscsi_socket permissive=1
[  232.215008][T14452] bridge_slave_0: entered allmulticast mode
[  232.222020][T14452] bridge_slave_0: entered promiscuous mode
[  232.236109][T14274] batman_adv: batadv0: Interface activated: batadv_slave_1
[  232.271537][T14452] bridge0: port 2(bridge_slave_1) entered blocking state
[  232.286570][T14452] bridge0: port 2(bridge_slave_1) entered disabled state
[  232.294211][T14452] bridge_slave_1: entered allmulticast mode
[  232.302342][T14452] bridge_slave_1: entered promiscuous mode
[  232.332228][   T30] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  232.343657][   T30] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  232.404833][T14540] loop3: detected capacity change from 0 to 1024
[  232.418897][T14540] EXT4-fs: inline encryption not supported
[  232.433948][   T30] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  232.456461][T14540] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  232.458938][   T30] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  232.501267][T14452] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  232.534253][T14452] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  232.562324][   T28] audit: type=1400 audit(2000000334.527:4498): avc:  denied  { remove_name } for  pid=14539 comm="syz.3.3290" name="file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" dev="loop3" ino=21 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:unlabeled_t tclass=dir permissive=1
[  232.562420][T14540] EXT4-fs warning (device loop3): ext4_rename_delete:3729: inode #18: comm syz.3.3290: Deleting old file: nlink 2, error=-2
[  232.632285][T14452] team0: Port device team_slave_0 added
[  232.639036][T14452] team0: Port device team_slave_1 added
[  232.668741][T14452] batman_adv: batadv0: Adding interface: batadv_slave_0
[  232.676410][T14452] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.722723][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  232.727706][T14452] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  232.752984][T14452] batman_adv: batadv0: Adding interface: batadv_slave_1
[  232.760084][T14452] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  232.786600][T14452] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  232.815213][T14560] loop3: detected capacity change from 0 to 512
[  232.832595][T14562] netlink: 'syz.8.3298': attribute type 1 has an invalid length.
[  232.875960][T14452] hsr_slave_0: entered promiscuous mode
[  232.936494][T14452] hsr_slave_1: entered promiscuous mode
[  232.943730][T14452] debugfs: 'hsr0' already exists in 'hsr'
[  232.949875][T14452] Cannot create hsr debugfs directory
[  232.985966][T14566] bond1: (slave ip6gretap1): making interface the new active one
[  232.994070][T14566] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  233.001932][T14566] ip6_tunnel: ip6gretap1 xmit: Local address not yet configured!
[  233.009977][T14566] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  233.185890][T14452] netdevsim netdevsim6 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.208026][T14452] netdevsim netdevsim6 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.290303][T14452] netdevsim netdevsim6 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.309165][T14452] netdevsim netdevsim6 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.373706][T14452] netdevsim netdevsim6 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.419441][T14452] netdevsim netdevsim6 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.494377][T14452] netdevsim netdevsim6 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  233.511057][   T28] audit: type=1400 audit(2000000335.467:4499): avc:  denied  { setopt } for  pid=14593 comm="syz.3.3310" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  233.514248][T14452] netdevsim netdevsim6 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  233.658061][T14452] netdevsim netdevsim6 netdevsim0: renamed from eth0
[  233.667211][T14452] netdevsim netdevsim6 netdevsim1: renamed from eth1
[  233.676823][T14452] netdevsim netdevsim6 netdevsim2: renamed from eth2
[  233.685955][T14452] netdevsim netdevsim6 netdevsim3: renamed from eth3
[  233.760308][T14452] 8021q: adding VLAN 0 to HW filter on device bond0
[  233.778119][T14452] 8021q: adding VLAN 0 to HW filter on device team0
[  233.802571][ T2084] bridge0: port 1(bridge_slave_0) entered blocking state
[  233.809659][ T2084] bridge0: port 1(bridge_slave_0) entered forwarding state
[  233.832797][ T2084] bridge0: port 2(bridge_slave_1) entered blocking state
[  233.839900][ T2084] bridge0: port 2(bridge_slave_1) entered forwarding state
[  234.058952][T14452] 8021q: adding VLAN 0 to HW filter on device batadv0
[  234.427957][T14452] veth0_vlan: entered promiscuous mode
[  234.465370][T14452] veth1_vlan: entered promiscuous mode
[  234.508135][T14641] loop7: detected capacity change from 0 to 2048
[  234.534896][T14452] veth0_macvtap: entered promiscuous mode
[  234.554087][T14452] veth1_macvtap: entered promiscuous mode
[  234.579417][T14641] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  234.598620][T14452] batman_adv: batadv0: Interface activated: batadv_slave_0
[  234.608579][T14452] batman_adv: batadv0: Interface activated: batadv_slave_1
[  234.755999][   T12] netdevsim netdevsim6 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  234.781686][   T12] netdevsim netdevsim6 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  234.803928][   T12] netdevsim netdevsim6 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  234.817652][   T12] netdevsim netdevsim6 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  234.922798][T14652] netlink: 8 bytes leftover after parsing attributes in process `syz.8.3321'.
[  234.997674][T14655] bridge_slave_0: left allmulticast mode
[  235.010026][   T12] EXT4-fs error (device loop7): ext4_mb_generate_buddy:1315: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  235.026553][T14655] bridge_slave_0: left promiscuous mode
[  235.032368][   T12] EXT4-fs (loop7): Delayed block allocation failed for inode 18 at logical offset 0 with max blocks 582 with error 28
[  235.052050][T14655] bridge0: port 1(bridge_slave_0) entered disabled state
[  235.059427][   T12] EXT4-fs (loop7): This should not happen!! Data will be lost
[  235.059427][   T12] 
[  235.075036][   T12] EXT4-fs (loop7): Total free blocks count 0
[  235.086945][T14655] bridge_slave_1: left allmulticast mode
[  235.092977][T14655] bridge_slave_1: left promiscuous mode
[  235.099724][T14655] bridge0: port 2(bridge_slave_1) entered disabled state
[  235.107464][   T12] EXT4-fs (loop7): Free/Dirty block details
[  235.114585][   T12] EXT4-fs (loop7): free_blocks=2415919504
[  235.120794][   T12] EXT4-fs (loop7): dirty_blocks=592
[  235.127883][T14655] bond0: (slave bond_slave_0): Releasing backup interface
[  235.135276][   T12] EXT4-fs (loop7): Block reservation details
[  235.141613][   T12] EXT4-fs (loop7): i_reserved_data_blocks=37
[  235.157964][T14274] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  235.261822][T14655] bond0: (slave bond_slave_1): Releasing backup interface
[  235.356190][T14655] team0: Port device team_slave_0 removed
[  235.372606][T14655] team0: Port device team_slave_1 removed
[  235.392852][T14655] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  235.413786][T14655] batman_adv: batadv0: Removing interface: batadv_slave_0
[  235.686929][T14655] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  235.695057][T14655] batman_adv: batadv0: Removing interface: batadv_slave_1
[  235.761125][T14655] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check.
[  235.796592][T14658] team0: Mode changed to "broadcast"
[  236.211341][T14689] netlink: 'syz.3.3334': attribute type 11 has an invalid length.
[  236.219265][T14689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3334'.
[  236.256688][T14689] netlink: 'syz.3.3334': attribute type 11 has an invalid length.
[  236.296373][T14689] netlink: 4 bytes leftover after parsing attributes in process `syz.3.3334'.
[  236.816269][   T28] audit: type=1400 audit(2000000338.777:4500): avc:  denied  { append } for  pid=14734 comm="syz.8.3364" name="sg0" dev="devtmpfs" ino=137 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  237.376446][T14752] netlink: 40 bytes leftover after parsing attributes in process `syz.5.3360'.
[  237.584140][T14765] loop3: detected capacity change from 0 to 2048
[  237.634543][T14765] EXT4-fs: Ignoring removed nobh option
[  237.648368][T14767] netlink: 'syz.5.3368': attribute type 1 has an invalid length.
[  237.656470][T14767] netlink: 16150 bytes leftover after parsing attributes in process `syz.5.3368'.
[  237.711062][T14765] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  237.741485][T14765] ext4 filesystem being mounted at /687/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  237.821616][T14774] 9pnet: p9_errstr2errno: server reported unknown error 0x000000
[  237.850381][ T3319] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  237.915872][T14790] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3373'.
[  237.925120][T14790] netlink: 20 bytes leftover after parsing attributes in process `syz.3.3373'.
[  237.972917][T14794] sch_fq: defrate 7 ignored.
[  238.004149][T14795] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3379'.
[  238.037355][T14799] syzkaller1: entered promiscuous mode
[  238.043216][T14799] syzkaller1: entered allmulticast mode
[  238.126500][   T28] audit: type=1400 audit(2000000340.087:4501): avc:  denied  { read write } for  pid=14810 comm="syz.8.3387" name="usbmon4" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  238.157882][   T28] audit: type=1400 audit(2000000340.087:4502): avc:  denied  { open } for  pid=14810 comm="syz.8.3387" path="/dev/usbmon4" dev="devtmpfs" ino=154 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  238.197323][   T28] audit: type=1400 audit(2000000340.147:4503): avc:  denied  { ioctl } for  pid=14810 comm="syz.8.3387" path="/dev/usbmon4" dev="devtmpfs" ino=154 ioctlcmd=0x9205 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:usbmon_device_t tclass=chr_file permissive=1
[  238.278960][T10678] Bluetooth: hci0: Frame reassembly failed (-84)
[  238.388759][   T28] audit: type=1400 audit(2000000340.347:4504): avc:  denied  { write } for  pid=14838 comm="syz.8.3395" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=smc_socket permissive=1
[  238.453296][T14842] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3396'.
[  238.463438][T14843] loop5: detected capacity change from 0 to 1024
[  238.472833][T14843] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  238.484768][T14843] System zones: 0-1, 3-36
[  238.490003][T14843] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.3397: bad orphan inode 134217728
[  238.502863][T14843] loop5: lost filesystem error report for type 5 error -117
[  238.503842][T14843] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  238.562707][T14848] netlink: 'syz.3.3398': attribute type 1 has an invalid length.
[  238.597311][T14848] 8021q: adding VLAN 0 to HW filter on device bond6
[  238.617268][T14848] bond6: option tlb_dynamic_lb: unable to set because the bond device is up
[  238.698574][T14852] loop3: detected capacity change from 0 to 8192
[  238.755646][T14852] bio_check_eod: 53 callbacks suppressed
[  238.755662][T14852] syz.3.3400: attempt to access beyond end of device
[  238.755662][T14852] loop3: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  239.055569][T13840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.175466][T14870] loop5: detected capacity change from 0 to 512
[  239.182813][T14870] EXT4-fs: Ignoring removed i_version option
[  239.189005][T14870] EXT4-fs: Ignoring removed bh option
[  239.241224][T14870] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  239.261191][T14870] ext4 filesystem being mounted at /50/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  239.336922][T13840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  239.417379][T14887] netlink: 'syz.3.3415': attribute type 1 has an invalid length.
[  239.518923][   T28] audit: type=1400 audit(2000000341.477:4505): avc:  denied  { write } for  pid=14893 comm="syz.8.3416" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  239.554215][T14887] gretap2: entered allmulticast mode
[  239.578807][T14887] bond7: (slave gretap2): making interface the new active one
[  239.592763][   T28] audit: type=1326 audit(2000000341.487:4506): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14882 comm="syz.6.3413" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7fe0e4b8c629 code=0x0
[  239.620528][T14887] bond7: (slave gretap2): Enslaving as an active interface with an up link
[  240.052128][T14920] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.063841][T14920] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.097676][   T28] audit: type=1400 audit(2000000342.057:4507): avc:  denied  { ioctl } for  pid=14923 comm="syz.8.3430" path="/dev/sg0" dev="devtmpfs" ino=137 ioctlcmd=0x5393 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:scsi_generic_device_t tclass=chr_file permissive=1
[  240.351753][   T43] Bluetooth: hci0: command 0x1003 tx timeout
[  240.357809][ T3605] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  240.393291][   T28] audit: type=1326 audit(2000000342.357:4508): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=14939 comm="syz.7.3437" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f745859c629 code=0x0
[  240.488116][T14945] loop8: detected capacity change from 0 to 128
[  240.585109][T14945] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  240.594181][T14945] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  240.723685][T14950] loop5: detected capacity change from 0 to 1024
[  240.730479][T14950] EXT4-fs: Ignoring removed mblk_io_submit option
[  240.737480][T14950] EXT4-fs: inline encryption not supported
[  240.744101][T14950] EXT4-fs (loop5): stripe (65535) is not aligned with cluster size (4096), stripe is disabled
[  240.756859][T14950] EXT4-fs error (device loop5): ext4_orphan_get:1417: comm syz.5.3440: bad orphan inode 11
[  240.767021][T14950] loop5: lost filesystem error report for type 5 error -117
[  240.767666][T14950] EXT4-fs (loop5): Remounting filesystem read-only
[  240.781304][    C0] EXT4-fs (loop5): error count since last fsck: 1
[  240.782476][T14950] ext4_test_bit(bit=10, block=4) = 1
[  240.787981][    C0] EXT4-fs (loop5): initial error at time 2000000342: ext4_orphan_get:1417
[  240.794435][T14950] is_bad_inode(inode)=0
[  240.801914][    C0] EXT4-fs (loop5): last error at time 2000000342: ext4_orphan_get:1417
[  240.814520][T14950] NEXT_ORPHAN(inode)=3254779904
[  240.819392][T14950] max_ino=32
[  240.822686][T14950] i_nlink=0
[  240.826150][T14950] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  240.839293][T14950] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  240.968569][T14954] loop3: detected capacity change from 0 to 1024
[  241.018920][   T28] audit: type=1400 audit(2000000342.977:4509): avc:  denied  { write } for  pid=14957 comm="syz.3.3442" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  241.118510][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.118510][   T30] loop8: rw=1, sector=145, nr_sectors = 16 limit=128
[  241.132226][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.132226][   T30] loop8: rw=1, sector=169, nr_sectors = 8 limit=128
[  241.146067][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.146067][   T30] loop8: rw=1, sector=185, nr_sectors = 8 limit=128
[  241.160219][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.160219][   T30] loop8: rw=1, sector=201, nr_sectors = 8 limit=128
[  241.173972][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.173972][   T30] loop8: rw=1, sector=217, nr_sectors = 8 limit=128
[  241.196736][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.196736][   T30] loop8: rw=1, sector=233, nr_sectors = 8 limit=128
[  241.222730][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.222730][   T30] loop8: rw=1, sector=249, nr_sectors = 8 limit=128
[  241.236554][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.236554][   T30] loop8: rw=1, sector=265, nr_sectors = 8 limit=128
[  241.250218][   T30] kworker/u8:1: attempt to access beyond end of device
[  241.250218][   T30] loop8: rw=1, sector=281, nr_sectors = 8 limit=128
[  241.365927][T14970] netlink: 8 bytes leftover after parsing attributes in process `syz.7.3449'.
[  241.562665][T14983] loop8: detected capacity change from 0 to 128
[  241.605841][T14983] FAT-fs (loop8): bogus number of reserved sectors
[  241.626052][T14983] FAT-fs (loop8): This looks like a DOS 1.x volume, but isn't a recognized floppy size (128 sectors)
[  241.638928][T14981] loop5: detected capacity change from 0 to 8192
[  241.647886][T14983] FAT-fs (loop8): Can't find a valid FAT filesystem
[  241.662739][T14981] FAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  241.685098][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.713826][T14981] FAT-fs (loop5): Filesystem has been set read-only
[  241.720614][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.762584][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.801643][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.831323][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.891375][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.900212][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.918480][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.927430][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  241.988164][T14981] FAT-fs (loop5): error, fat_get_cluster: invalid cluster chain (i_pos 1046)
[  242.255780][T14989] chnl_net:caif_netlink_parms(): no params data found
[  242.317697][T14989] bridge0: port 1(bridge_slave_0) entered blocking state
[  242.325032][T14989] bridge0: port 1(bridge_slave_0) entered disabled state
[  242.332567][T14989] bridge_slave_0: entered allmulticast mode
[  242.339337][T14989] bridge_slave_0: entered promiscuous mode
[  242.346669][T14989] bridge0: port 2(bridge_slave_1) entered blocking state
[  242.354364][T14989] bridge0: port 2(bridge_slave_1) entered disabled state
[  242.361878][T14989] bridge_slave_1: entered allmulticast mode
[  242.368512][T14989] bridge_slave_1: entered promiscuous mode
[  242.473842][T14989] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  242.509763][T14989] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  242.576617][T10675] Bluetooth: hci0: Frame reassembly failed (-84)
[  242.594202][T15018] syzkaller0: entered promiscuous mode
[  242.599849][T15018] syzkaller0: entered allmulticast mode
[  242.624285][T14989] team0: Port device team_slave_0 added
[  242.634408][T14989] team0: Port device team_slave_1 added
[  242.667343][T14989] batman_adv: batadv0: Adding interface: batadv_slave_0
[  242.674553][T14989] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  242.703018][T14989] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  242.714740][T14989] batman_adv: batadv0: Adding interface: batadv_slave_1
[  242.722842][T14989] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  242.757463][T14989] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  242.786673][   T28] audit: type=1400 audit(2000000344.747:4510): avc:  denied  { watch watch_reads } for  pid=15034 comm="syz.5.3471" path="/" dev="proc" ino=1 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:proc_t tclass=dir permissive=1
[  242.827247][T14989] hsr_slave_0: entered promiscuous mode
[  242.834327][T14989] hsr_slave_1: entered promiscuous mode
[  242.848648][T14989] debugfs: 'hsr0' already exists in 'hsr'
[  242.854867][T14989] Cannot create hsr debugfs directory
[  243.058663][T15061] vxcan1: entered promiscuous mode
[  243.115858][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.144718][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.178541][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.199997][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.226532][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.244525][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.262394][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.280363][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.293371][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.308545][ T9690] hid-generic 0103:0004:0000.0004: unknown main item tag 0x0
[  243.326502][ T9690] hid-generic 0103:0004:0000.0004: hidraw0: <UNKNOWN> HID v0.02 Device [syz0] on syz1
[  243.397454][T15088] fido_id[15088]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory
[  243.424292][T14989] netdevsim netdevsim9 netdevsim0: renamed from eth0
[  243.471362][   T28] audit: type=1400 audit(2000000345.427:4511): avc:  denied  { setopt } for  pid=15094 comm="syz.5.3481" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=phonet_socket permissive=1
[  243.528209][T14989] netdevsim netdevsim9 netdevsim1: renamed from eth1
[  243.541100][T14989] netdevsim netdevsim9 netdevsim2: renamed from eth2
[  243.589980][T14989] netdevsim netdevsim9 netdevsim3: renamed from eth3
[  243.752158][T14989] 8021q: adding VLAN 0 to HW filter on device bond0
[  243.775722][T14989] 8021q: adding VLAN 0 to HW filter on device team0
[  243.803018][T10675] bridge0: port 1(bridge_slave_0) entered blocking state
[  243.810203][T10675] bridge0: port 1(bridge_slave_0) entered forwarding state
[  243.865614][T15135] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  243.874103][T15135] batman_adv: batadv0: Removing interface: batadv_slave_0
[  243.882260][T15135] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  243.889725][T15135] batman_adv: batadv0: Removing interface: batadv_slave_1
[  243.930716][T10675] bridge0: port 2(bridge_slave_1) entered blocking state
[  243.937995][T10675] bridge0: port 2(bridge_slave_1) entered forwarding state
[  243.989091][T14989] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  244.080000][T14989] 8021q: adding VLAN 0 to HW filter on device batadv0
[  244.153600][T15163] loop7: detected capacity change from 0 to 512
[  244.182943][T15163] EXT4-fs: Ignoring removed oldalloc option
[  244.213895][T15163] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  244.228007][T15163] EXT4-fs error (device loop7): ext4_iget_extra_inode:5025: inode #11: comm syz.7.3488: corrupted in-inode xattr: invalid ea_ino
[  244.261555][T15163] loop7: lost file I/O error report for ino 11 type 5 pos 0x0 len 0x0 error -117
[  244.261787][T15163] EXT4-fs error (device loop7): ext4_orphan_get:1396: comm syz.7.3488: couldn't read orphan inode 11 (err -117)
[  244.282894][    C0] EXT4-fs (loop7): error count since last fsck: 1
[  244.282917][    C0] EXT4-fs (loop7): initial error at time 2000000346: ext4_iget_extra_inode:5025: inode 11
[  244.282952][    C0] EXT4-fs (loop7): last error at time 2000000346: ext4_iget_extra_inode:5025: inode 11
[  244.330789][T15163] loop7: lost filesystem error report for type 5 error -117
[  244.350257][T15163] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  244.409748][T14989] veth0_vlan: entered promiscuous mode
[  244.438176][T14274] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  244.442351][T14989] veth1_vlan: entered promiscuous mode
[  244.513321][T14989] veth0_macvtap: entered promiscuous mode
[  244.533817][T14989] veth1_macvtap: entered promiscuous mode
[  244.561116][T14989] batman_adv: batadv0: Interface activated: batadv_slave_0
[  244.578189][T14989] batman_adv: batadv0: Interface activated: batadv_slave_1
[  244.602070][   T43] Bluetooth: hci0: command 0x1003 tx timeout
[  244.608376][ T3605] Bluetooth: hci0: Opcode 0x1003 failed: -110
[  244.615996][T10678] netdevsim netdevsim9 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  244.639097][T10678] netdevsim netdevsim9 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  244.670055][T10678] netdevsim netdevsim9 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  244.700101][T10678] netdevsim netdevsim9 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  245.133256][   T28] audit: type=1400 audit(2000000347.067:4512): avc:  denied  { remount } for  pid=15245 comm="syz.7.3498" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:tmpfs_t tclass=filesystem permissive=1
[  245.277742][T15250] loop9: detected capacity change from 0 to 8192
[  245.372159][T15250] bio_check_eod: 90 callbacks suppressed
[  245.372175][T15250] syz.9.3499: attempt to access beyond end of device
[  245.372175][T15250] loop9: rw=0, sector=57847, nr_sectors = 1 limit=8192
[  245.417697][T15270] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.433217][T15270] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.504874][T15278] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  245.527214][T15278] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  245.545704][T10678] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.599101][T15270] loop5: detected capacity change from 0 to 1024
[  245.649000][T15270] EXT4-fs: Ignoring removed orlov option
[  245.658949][T15270] EXT4-fs (loop5): ext4_check_descriptors: Checksum for group 0 failed (62631!=20869)
[  245.705060][T10678] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.716372][T15270] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=a040e11d, mo2=0002]
[  245.744986][T15270] System zones: 0-1, 2-3, 4-36, 98-101, 102-102
[  245.752494][T15270] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  245.848064][T10678] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  245.966621][T10678] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  246.159778][T15284] chnl_net:caif_netlink_parms(): no params data found
[  246.500983][T15284] bridge0: port 1(bridge_slave_0) entered blocking state
[  246.531301][T15284] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.538576][T15284] bridge_slave_0: entered allmulticast mode
[  246.561982][T15284] bridge_slave_0: entered promiscuous mode
[  246.570680][T15284] bridge0: port 2(bridge_slave_1) entered blocking state
[  246.600922][T15284] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.629619][T15284] bridge_slave_1: entered allmulticast mode
[  246.640018][T13840] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  246.675602][T15284] bridge_slave_1: entered promiscuous mode
[  246.688876][T10678] bridge_slave_1: left allmulticast mode
[  246.705151][T10678] bridge_slave_1: left promiscuous mode
[  246.715293][T10678] bridge0: port 2(bridge_slave_1) entered disabled state
[  246.736327][T15378] loop5: detected capacity change from 0 to 128
[  246.758434][T10678] bridge_slave_0: left allmulticast mode
[  246.776320][T10678] bridge_slave_0: left promiscuous mode
[  246.798656][T10678] bridge0: port 1(bridge_slave_0) entered disabled state
[  246.798678][T15378] syz.5.3522: attempt to access beyond end of device
[  246.798678][T15378] loop5: rw=2049, sector=225, nr_sectors = 8 limit=128
[  246.829167][T15378] syz.5.3522: attempt to access beyond end of device
[  246.829167][T15378] loop5: rw=2049, sector=241, nr_sectors = 8 limit=128
[  246.855515][T15385] netlink: 24 bytes leftover after parsing attributes in process `syz.6.3524'.
[  246.871593][T15378] syz.5.3522: attempt to access beyond end of device
[  246.871593][T15378] loop5: rw=2049, sector=257, nr_sectors = 24 limit=128
[  246.897112][T15378] syz.5.3522: attempt to access beyond end of device
[  246.897112][T15378] loop5: rw=2049, sector=289, nr_sectors = 8 limit=128
[  246.943727][T15378] syz.5.3522: attempt to access beyond end of device
[  246.943727][T15378] loop5: rw=2049, sector=305, nr_sectors = 8 limit=128
[  246.957948][T15378] syz.5.3522: attempt to access beyond end of device
[  246.957948][T15378] loop5: rw=2049, sector=321, nr_sectors = 8 limit=128
[  246.971639][T15378] syz.5.3522: attempt to access beyond end of device
[  246.971639][T15378] loop5: rw=2049, sector=337, nr_sectors = 8 limit=128
[  246.985457][T15378] syz.5.3522: attempt to access beyond end of device
[  246.985457][T15378] loop5: rw=2049, sector=353, nr_sectors = 8 limit=128
[  247.001454][T15378] syz.5.3522: attempt to access beyond end of device
[  247.001454][T15378] loop5: rw=2049, sector=369, nr_sectors = 8 limit=128
[  247.034327][T10678] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  247.044674][T10678] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  247.061140][T10678] bond0 (unregistering): Released all slaves
[  247.079076][   T28] audit: type=1400 audit(2000000349.037:4513): avc:  denied  { setopt } for  pid=15389 comm="syz.9.3525" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  247.137728][T15284] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  247.161677][T10678] hsr_slave_0: left promiscuous mode
[  247.172332][T10678] hsr_slave_1: left promiscuous mode
[  247.223549][T10678] veth1_macvtap: left promiscuous mode
[  247.239192][T10678] veth0_macvtap: left promiscuous mode
[  247.270357][T10678] veth1_vlan: left promiscuous mode
[  247.281344][T10678] veth0_vlan: left promiscuous mode
[  247.586473][T10678] team0 (unregistering): Port device team_slave_1 removed
[  247.619494][T10678] team0 (unregistering): Port device team_slave_0 removed
[  247.665258][T15397] syz.9.3528 invoked oom-killer: gfp_mask=0x100cca(GFP_HIGHUSER_MOVABLE), order=0, oom_score_adj=1000
[  247.714342][T15397] CPU: 1 UID: 0 PID: 15397 Comm: syz.9.3528 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  247.714382][T15397] Tainted: [W]=WARN
[  247.714401][T15397] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  247.714424][T15397] Call Trace:
[  247.714431][T15397]  <TASK>
[  247.714440][T15397]  __dump_stack+0x1d/0x30
[  247.714471][T15397]  dump_stack_lvl+0x95/0xd0
[  247.714493][T15397]  dump_stack+0x15/0x1b
[  247.714594][T15397]  dump_header+0x80/0x240
[  247.714616][T15397]  oom_kill_process+0x295/0x350
[  247.714725][T15397]  out_of_memory+0x97d/0xb80
[  247.714758][T15397]  try_charge_memcg+0x62e/0xa10
[  247.714796][T15397]  mem_cgroup_swapin_charge_folio+0x103/0x1f0
[  247.714870][T15397]  __swap_cache_prepare_and_add+0x386/0x530
[  247.714908][T15397]  swap_cache_alloc_folio+0xa2/0x120
[  247.714959][T15397]  swap_cluster_readahead+0x26e/0x3d0
[  247.714991][T15397]  swapin_readahead+0xde/0x840
[  247.715016][T15397]  ? _raw_spin_unlock+0x9/0x30
[  247.715069][T15397]  ? swap_put_entries_cluster+0x385/0x3a0
[  247.715154][T15397]  ? swap_put_entries_cluster+0xe1/0x3a0
[  247.715182][T15397]  ? __rcu_read_unlock+0x4e/0x70
[  247.715200][T15397]  ? swap_cache_get_folio+0x26f/0x280
[  247.715227][T15397]  do_swap_page+0x309/0x2210
[  247.715270][T15397]  ? css_rstat_updated+0xbb/0x280
[  247.715311][T15397]  ? __rcu_read_lock+0x36/0x50
[  247.715335][T15397]  ? pte_offset_map_rw_nolock+0x19e/0x200
[  247.715402][T15397]  handle_mm_fault+0xb40/0x3020
[  247.715437][T15397]  ? vma_start_read+0x1c7/0x2c0
[  247.715471][T15397]  do_user_addr_fault+0x62f/0x1050
[  247.715515][T15397]  ? fpregs_assert_state_consistent+0xb3/0xe0
[  247.715600][T15397]  ? arch_exit_to_user_mode_prepare+0x26/0x80
[  247.715622][T15397]  ? trace_page_fault_user+0x1f/0xe0
[  247.715651][T15397]  exc_page_fault+0x62/0xa0
[  247.715686][T15397]  asm_exc_page_fault+0x26/0x30
[  247.715715][T15397] RIP: 0033:0x7f89d759a04c
[  247.715735][T15397] Code: 4a 31 13 00 eb 24 66 66 2e 0f 1f 84 00 00 00 00 00 66 66 2e 0f 1f 84 00 00 00 00 00 66 90 48 81 c3 f0 00 00 00 48 39 dd 74 24 <80> 7b 20 00 74 ee 8b 43 0c 85 c0 74 e7 48 89 df 48 81 c3 f0 00 00
[  247.715759][T15397] RSP: 002b:00007ffc6c551880 EFLAGS: 00010202
[  247.715778][T15397] RAX: 0000000000000000 RBX: 00007f89d7946090 RCX: 00005555849c0808
[  247.715804][T15397] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000
[  247.715820][T15397] RBP: 00007f89d7947da0 R08: 0000000000000000 R09: 0000000000000000
[  247.715884][T15397] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000003c8c6
[  247.715895][T15397] R13: 00007f89d794618c R14: 000000000003c673 R15: 00007f89d7946180
[  247.715914][T15397]  </TASK>
[  247.715925][T15397] memory: usage 285100kB, limit 307200kB, failcnt 135
[  247.991701][T15397] memory+swap: usage 225204kB, limit 9007199254740988kB, failcnt 0
[  247.999642][T15397] kmem: usage 224852kB, limit 9007199254740988kB, failcnt 0
[  248.005132][T15284] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  248.017882][T15397] Memory cgroup stats for /syz9:
[  248.018154][T15397] cache 0
[  248.026714][T15397] rss 8192
[  248.036520][T15397] shmem 0
[  248.043921][T15397] mapped_file 0
[  248.055513][T15397] dirty 0
[  248.062847][T15397] writeback 8192
[  248.070838][T15397] workingset_refault_anon 7
[  248.079125][T15397] workingset_refault_file 0
[  248.084051][T15397] swap 167936
[  248.095781][T15397] swapcached 3223552
[  248.120509][T15397] pgpgin 31285
[  248.128582][T15397] pgpgout 31277
[  248.137599][T15397] pgfault 22519
[  248.152224][T15284] team0: Port device team_slave_0 added
[  248.155807][T15397] pgmajfault 3
[  248.173297][T15397] inactive_anon 12288
[  248.178055][T15284] team0: Port device team_slave_1 added
[  248.181898][T15397] active_anon 20480
[  248.197836][T15397] inactive_file 0
[  248.216943][T15397] active_file 0
[  248.228151][T15397] unevictable 0
[  248.246160][T15397] hierarchical_memory_limit 314572800
[  248.255398][T15284] batman_adv: batadv0: Adding interface: batadv_slave_0
[  248.291371][T15397] hierarchical_memsw_limit 9223372036854771712
[  248.297637][T15284] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  248.325373][T15397] total_cache 0
[  248.328937][T15397] total_rss 8192
[  248.342375][T15397] total_shmem 0
[  248.349750][T15397] total_mapped_file 0
[  248.366177][T15397] total_dirty 0
[  248.369693][T15397] total_writeback 8192
[  248.389266][T15284] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  248.412151][T15397] total_workingset_refault_anon 7
[  248.417332][T15397] total_workingset_refault_file 0
[  248.422046][   T28] audit: type=1400 audit(2000000350.377:4514): avc:  denied  { setopt } for  pid=15451 comm="syz.5.3533" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=key_socket permissive=1
[  248.442432][T15284] batman_adv: batadv0: Adding interface: batadv_slave_1
[  248.449440][T15397] total_swap 167936
[  248.461357][T15397] total_swapcached 3223552
[  248.465814][T15397] total_pgpgin 31285
[  248.469754][T15284] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  248.504761][T15397] total_pgpgout 31277
[  248.508775][T15397] total_pgfault 22519
[  248.513055][T15397] total_pgmajfault 3
[  248.517273][T15397] total_inactive_anon 12288
[  248.521966][T15284] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  248.532580][T15397] total_active_anon 20480
[  248.536998][T15397] total_inactive_file 0
[  248.541190][T15397] total_active_file 0
[  248.545582][T15397] total_unevictable 0
[  248.549892][T15397] oom-kill:constraint=CONSTRAINT_MEMCG,nodemask=(null),cpuset=/,mems_allowed=0,oom_memcg=/syz9,task_memcg=/syz9,task=syz.9.3528,pid=15397,uid=0
[  248.561133][T15452] bond1: option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[  248.565024][T15397] Memory cgroup out of memory: Killed process 15397 (syz.9.3528) total-vm:96340kB, anon-rss:1236kB, file-rss:22300kB, shmem-rss:0kB, UID:0 pgtables:144kB oom_score_adj:1000
[  248.593567][T15452] bond1 (unregistering): Released all slaves
[  248.649088][T15284] hsr_slave_0: entered promiscuous mode
[  248.656290][T15284] hsr_slave_1: entered promiscuous mode
[  248.662310][T15284] debugfs: 'hsr0' already exists in 'hsr'
[  248.668058][T15284] Cannot create hsr debugfs directory
[  249.143899][T15284] netdevsim netdevsim7 netdevsim0: renamed from eth0
[  249.177246][T15284] netdevsim netdevsim7 netdevsim1: renamed from eth1
[  249.233643][T15501] bridge0: port 2(bridge_slave_1) entered disabled state
[  249.241100][T15501] bridge0: port 1(bridge_slave_0) entered disabled state
[  249.290712][T15501] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  249.300671][T15501] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  249.334815][T15284] netdevsim netdevsim7 netdevsim2: renamed from eth2
[  249.353401][T15284] netdevsim netdevsim7 netdevsim3: renamed from eth3
[  249.401319][T10675] netdevsim netdevsim5 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.428314][   T30] netdevsim netdevsim5 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.439447][   T30] netdevsim netdevsim5 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.453550][   T30] netdevsim netdevsim5 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  249.564045][T15284] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.610011][T15534] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3548'.
[  249.646410][T15534] netlink: 4 bytes leftover after parsing attributes in process `syz.9.3548'.
[  249.705960][T15284] 8021q: adding VLAN 0 to HW filter on device team0
[  249.716815][T15548] netlink: 24 bytes leftover after parsing attributes in process `syz.9.3552'.
[  249.747475][   T30] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.754606][   T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.849116][T10678] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.856299][T10678] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.971050][   T28] audit: type=1400 audit(2000000351.927:4515): avc:  denied  { read } for  pid=15569 comm="syz.9.3557" name="nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  249.997739][T15575] netlink: 96 bytes leftover after parsing attributes in process `syz.9.3557'.
[  250.002360][T15502] chnl_net:caif_netlink_parms(): no params data found
[  250.011217][   T28] audit: type=1400 audit(2000000351.927:4516): avc:  denied  { open } for  pid=15569 comm="syz.9.3557" path="/dev/nvram" dev="devtmpfs" ino=98 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:nvram_device_t tclass=chr_file permissive=1
[  250.054217][T15578] loop8: detected capacity change from 0 to 512
[  250.062970][T15578] EXT4-fs: test_dummy_encryption option not supported
[  250.174956][T15502] bridge0: port 1(bridge_slave_0) entered blocking state
[  250.182243][T15502] bridge0: port 1(bridge_slave_0) entered disabled state
[  250.189493][T15502] bridge_slave_0: entered allmulticast mode
[  250.199135][T15502] bridge_slave_0: entered promiscuous mode
[  250.206637][T15502] bridge0: port 2(bridge_slave_1) entered blocking state
[  250.214009][T15502] bridge0: port 2(bridge_slave_1) entered disabled state
[  250.221413][T15502] bridge_slave_1: entered allmulticast mode
[  250.227943][T15502] bridge_slave_1: entered promiscuous mode
[  250.288950][T15284] 8021q: adding VLAN 0 to HW filter on device batadv0
[  250.298650][T15502] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  250.309912][T15502] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  250.332398][T15502] team0: Port device team_slave_0 added
[  250.339247][T15502] team0: Port device team_slave_1 added
[  250.356831][T15502] batman_adv: batadv0: Adding interface: batadv_slave_0
[  250.379500][T15502] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.412531][T15502] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  250.426145][T15502] batman_adv: batadv0: Adding interface: batadv_slave_1
[  250.442736][T15502] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem.
[  250.469036][T15603] netlink: 24 bytes leftover after parsing attributes in process `syz.8.3563'.
[  250.485425][T15502] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  250.543270][T15502] hsr_slave_0: entered promiscuous mode
[  250.549579][T15502] hsr_slave_1: entered promiscuous mode
[  250.555838][T15502] debugfs: 'hsr0' already exists in 'hsr'
[  250.561773][T15502] Cannot create hsr debugfs directory
[  250.727454][   T28] audit: type=1400 audit(2000000352.687:4517): avc:  denied  { bind } for  pid=15617 comm="syz.8.3565" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=mctp_socket permissive=1
[  250.748065][T15502] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.769824][T15284] veth0_vlan: entered promiscuous mode
[  250.779889][T15284] veth1_vlan: entered promiscuous mode
[  250.815495][T15502] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  250.846112][T15284] veth0_macvtap: entered promiscuous mode
[  250.854176][T15284] veth1_macvtap: entered promiscuous mode
[  250.867920][T15284] batman_adv: batadv0: Interface activated: batadv_slave_0
[  250.881532][T15284] batman_adv: batadv0: Interface activated: batadv_slave_1
[  250.895159][T10668] netdevsim netdevsim7 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  250.917234][T10668] netdevsim netdevsim7 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  250.941214][T10668] netdevsim netdevsim7 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  250.954365][T10668] netdevsim netdevsim7 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  250.984331][T15502] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.071038][T15502] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  251.188926][T15502] netdevsim netdevsim4 netdevsim0: renamed from eth0
[  251.206974][T15502] netdevsim netdevsim4 netdevsim1: renamed from eth1
[  251.223746][T15502] netdevsim netdevsim4 netdevsim2: renamed from eth2
[  251.243183][T15502] netdevsim netdevsim4 netdevsim3: renamed from eth3
[  251.339700][T15502] 8021q: adding VLAN 0 to HW filter on device bond0
[  251.425160][T15502] 8021q: adding VLAN 0 to HW filter on device team0
[  251.528159][   T30] bridge0: port 1(bridge_slave_0) entered blocking state
[  251.535362][   T30] bridge0: port 1(bridge_slave_0) entered forwarding state
[  251.679263][   T30] bridge0: port 2(bridge_slave_1) entered blocking state
[  251.686443][   T30] bridge0: port 2(bridge_slave_1) entered forwarding state
[  251.756887][T15646] netlink: 'syz.7.3572': attribute type 4 has an invalid length.
[  251.786501][T15646] netlink: 'syz.7.3572': attribute type 4 has an invalid length.
[  252.114054][T15502] 8021q: adding VLAN 0 to HW filter on device batadv0
[  252.359616][T15502] veth0_vlan: entered promiscuous mode
[  252.368333][T15502] veth1_vlan: entered promiscuous mode
[  252.387725][T15502] veth0_macvtap: entered promiscuous mode
[  252.396622][T15502] veth1_macvtap: entered promiscuous mode
[  252.414503][T15502] batman_adv: batadv0: Interface activated: batadv_slave_0
[  252.429593][T15502] batman_adv: batadv0: Interface activated: batadv_slave_1
[  252.449801][ T9090] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  252.470472][ T9090] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  252.491119][ T9090] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  252.518642][ T9090] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  253.110158][   T28] audit: type=1400 audit(2000000355.067:4518): avc:  denied  { read } for  pid=15701 comm="syz.7.3587" path="socket:[48788]" dev="sockfs" ino=48788 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=icmp_socket permissive=1
[  253.148582][T15704] loop7: detected capacity change from 0 to 164
[  253.157557][T15704] Unable to read rock-ridge attributes
[  253.180064][   T28] audit: type=1400 audit(2000000355.137:4519): avc:  denied  { mount } for  pid=15703 comm="syz.7.3588" name="/" dev="loop7" ino=1792 scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  253.225901][T15704] Unable to read rock-ridge attributes
[  253.278401][   T28] audit: type=1400 audit(2000000355.237:4520): avc:  denied  { unmount } for  pid=15284 comm="syz-executor" scontext=root:sysadm_r:sysadm_t tcontext=system_u:object_r:iso9660_t tclass=filesystem permissive=1
[  253.299088][T15708] loop8: detected capacity change from 0 to 1024
[  253.308783][T15708] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  253.317479][T15708] System zones: 0-1, 3-36
[  253.329294][T15708] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.3590: bad orphan inode 134217728
[  253.341102][T15708] loop8: lost filesystem error report for type 5 error -117
[  253.341286][    C0] EXT4-fs (loop8): error count since last fsck: 1
[  253.355076][    C0] EXT4-fs (loop8): initial error at time 2000000355: ext4_orphan_get:1417
[  253.363618][    C0] EXT4-fs (loop8): last error at time 2000000355: ext4_orphan_get:1417
[  253.377911][T15708] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.581033][T15717] loop7: detected capacity change from 0 to 1024
[  253.590840][T15717] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  253.599063][T15717] System zones: 0-1, 3-36
[  253.604909][T15717] EXT4-fs error (device loop7): ext4_orphan_get:1417: comm syz.7.3592: bad orphan inode 134217728
[  253.615700][T15717] loop7: lost filesystem error report for type 5 error -117
[  253.616312][T15717] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  253.656666][T15720] netlink: 16 bytes leftover after parsing attributes in process `syz.9.3593'.
[  253.766670][T15724] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3595'.
[  253.849992][T15729] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3597'.
[  253.879292][T12764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.148543][   T28] audit: type=1400 audit(2000000356.107:4521): avc:  denied  { shutdown } for  pid=15743 comm="syz.8.3602" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=vsock_socket permissive=1
[  254.243798][T15752] A link change request failed with some changes committed already. Interface vlan2 may have been left with an inconsistent configuration, please check.
[  254.544018][T15284] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  254.774321][T15770] xt_hashlimit: max too large, truncated to 1048576
[  254.790929][   T28] audit: type=1400 audit(2000000356.747:4522): avc:  denied  { module_load } for  pid=15772 comm="syz.5.3612" path=2F6D656D66643A20C736BE918D183229219A25A2D238D606070EFCFE128F2613AE254054A3B03E5CECA9F951403641108C6E7C202864656C6574656429 dev="hugetlbfs" ino=48902 scontext=root:sysadm_r:sysadm_t tcontext=root:object_r:hugetlbfs_t tclass=system permissive=1
[  254.863536][T15775] loop7: detected capacity change from 0 to 512
[  254.920745][T15775] EXT4-fs (loop7): encrypted files will use data=ordered instead of data journaling mode
[  254.923402][T15773] Invalid ELF header magic: != ELF
[  254.943831][T15775] EXT4-fs (loop7): 1 truncate cleaned up
[  254.950609][T15775] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.070888][T15284] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.232595][   T28] audit: type=1400 audit(2000000357.197:4523): avc:  denied  { map } for  pid=15787 comm="syz.4.3618" path="socket:[47701]" dev="sockfs" ino=47701 scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tcp_socket permissive=1
[  255.469152][T15802] loop8: detected capacity change from 0 to 512
[  255.486386][T15802] EXT4-fs (loop8): encrypted files will use data=ordered instead of data journaling mode
[  255.513031][T15802] EXT4-fs error (device loop8): ext4_orphan_get:1417: comm syz.8.3623: bad orphan inode 131083
[  255.531308][T15802] loop8: lost filesystem error report for type 5 error -117
[  255.531895][T15802] EXT4-fs (loop8): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  255.700261][T12764] EXT4-fs (loop8): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  255.909629][T15813] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3627'.
[  255.932706][T15813] netlink: 12 bytes leftover after parsing attributes in process `syz.8.3627'.
[  256.285260][T15824] netlink: 24 bytes leftover after parsing attributes in process `syz.4.3630'.
[  258.860507][T15896] netlink: 4 bytes leftover after parsing attributes in process `syz.8.3658'.
[  259.363142][T15904] netlink: 24 bytes leftover after parsing attributes in process `syz.5.3661'.
[  259.518354][   T28] audit: type=1400 audit(2000000361.477:4524): avc:  denied  { write } for  pid=15905 comm="syz.5.3662" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=pppox_socket permissive=1
[  259.597921][T15908] loop5: detected capacity change from 0 to 128
[  259.971626][T15930] syzkaller1: entered promiscuous mode
[  259.977273][T15930] syzkaller1: entered allmulticast mode
[  260.428803][   T28] audit: type=1326 audit(2000000362.387:4525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=root:sysadm_r:sysadm_t pid=15909 comm="syz.8.3663" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f0be484c629 code=0x7fc00000
[  260.588185][T15957] loop8: detected capacity change from 0 to 128
[  260.605558][T15957] bio_check_eod: 6 callbacks suppressed
[  260.605574][T15957] syz.8.3683: attempt to access beyond end of device
[  260.605574][T15957] loop8: rw=8390657, sector=129, nr_sectors = 1 limit=128
[  260.625545][T15957] Buffer I/O error on dev loop8, logical block 129, lost async page write
[  260.634416][T15957] syz.8.3683: attempt to access beyond end of device
[  260.634416][T15957] loop8: rw=8390657, sector=130, nr_sectors = 1 limit=128
[  260.648500][T15957] Buffer I/O error on dev loop8, logical block 130, lost async page write
[  260.657452][T15957] syz.8.3683: attempt to access beyond end of device
[  260.657452][T15957] loop8: rw=8390657, sector=131, nr_sectors = 1 limit=128
[  260.689996][T15957] Buffer I/O error on dev loop8, logical block 131, lost async page write
[  260.698999][T15957] syz.8.3683: attempt to access beyond end of device
[  260.698999][T15957] loop8: rw=8390657, sector=132, nr_sectors = 1 limit=128
[  260.713051][T15957] Buffer I/O error on dev loop8, logical block 132, lost async page write
[  260.721830][T15957] syz.8.3683: attempt to access beyond end of device
[  260.721830][T15957] loop8: rw=8390657, sector=133, nr_sectors = 1 limit=128
[  260.736313][T15957] Buffer I/O error on dev loop8, logical block 133, lost async page write
[  260.745449][T15957] syz.8.3683: attempt to access beyond end of device
[  260.745449][T15957] loop8: rw=8390657, sector=129, nr_sectors = 1 limit=128
[  260.759495][T15957] Buffer I/O error on dev loop8, logical block 129, lost async page write
[  260.776113][T15957] syz.8.3683: attempt to access beyond end of device
[  260.776113][T15957] loop8: rw=8390657, sector=130, nr_sectors = 1 limit=128
[  260.796156][T15957] Buffer I/O error on dev loop8, logical block 130, lost async page write
[  260.802230][T15959] SELinux: failed to load policy
[  260.805473][T15957] syz.8.3683: attempt to access beyond end of device
[  260.805473][T15957] loop8: rw=8390657, sector=131, nr_sectors = 1 limit=128
[  260.824004][T15957] Buffer I/O error on dev loop8, logical block 131, lost async page write
[  260.833225][T15957] syz.8.3683: attempt to access beyond end of device
[  260.833225][T15957] loop8: rw=8390657, sector=132, nr_sectors = 1 limit=128
[  260.847316][T15957] Buffer I/O error on dev loop8, logical block 132, lost async page write
[  260.856216][T15957] syz.8.3683: attempt to access beyond end of device
[  260.856216][T15957] loop8: rw=8390657, sector=133, nr_sectors = 1 limit=128
[  260.881803][T15957] Buffer I/O error on dev loop8, logical block 133, lost async page write
[  260.905111][T15963] loop9: detected capacity change from 0 to 1024
[  260.916286][T15964] netlink: 104 bytes leftover after parsing attributes in process `syz.7.3686'.
[  260.941807][T15963] EXT4-fs (loop9): mounted filesystem 00000000-0000-0006-0000-000000000000 r/w without journal. Quota mode: none.
[  260.965813][T15963] ext4 filesystem being mounted at /33/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  261.039477][T10668] nci: nci_add_new_protocol: the target found does not have the desired protocol
[  261.048817][T15969] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  261.086106][T14989] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0006-0000-000000000000.
[  261.216133][T15987] loop9: detected capacity change from 0 to 1024
[  261.226930][T15987] [EXT4 FS bs=1024, gc=1, bpg=131072, ipg=32, mo=e040c01c, mo2=0002]
[  261.242028][T15987] System zones: 0-1, 3-36
[  261.271262][T15987] EXT4-fs error (device loop9): ext4_orphan_get:1417: comm syz.9.3693: bad orphan inode 134217728
[  261.282075][T15987] loop9: lost filesystem error report for type 5 error -117
[  261.293614][    C0] EXT4-fs (loop9): error count since last fsck: 1
[  261.305716][T15987] EXT4-fs (loop9): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  261.307400][    C0] EXT4-fs (loop9): initial error at time 2000000363: ext4_orphan_get:1417
[  261.328337][    C0] EXT4-fs (loop9): last error at time 2000000363: ext4_orphan_get:1417
[  261.386291][   T28] audit: type=1400 audit(2000000363.347:4526): avc:  denied  { listen } for  pid=15997 comm="syz.8.3697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  261.406742][   T28] audit: type=1400 audit(2000000363.347:4527): avc:  denied  { accept } for  pid=15997 comm="syz.8.3697" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=tipc_socket permissive=1
[  261.514346][T16006] netlink: 4 bytes leftover after parsing attributes in process `syz.7.3700'.
[  261.702081][T16022] loop7: detected capacity change from 0 to 512
[  261.752976][T16022] EXT4-fs (loop7): revision level too high, forcing read-only mode
[  261.771642][T16022] EXT4-fs (loop7): orphan cleanup on readonly fs
[  261.782002][T16022] EXT4-fs error (device loop7): ext4_do_update_inode:5569: inode #16: comm syz.7.3707: corrupted inode contents
[  261.796847][T16022] loop7: lost file I/O error report for ino 16 type 5 pos 0x0 len 0x0 error -117
[  261.797318][T16022] EXT4-fs (loop7): Remounting filesystem read-only
[  261.806506][    C0] EXT4-fs (loop7): error count since last fsck: 1
[  261.806524][    C0] EXT4-fs (loop7): initial error at time 2000000363: ext4_do_update_inode:5569: inode 16
[  261.806549][    C0] EXT4-fs (loop7): last error at time 2000000363: ext4_do_update_inode:5569: inode 16
[  261.840388][T16022] EXT4-fs (loop7): 1 truncate cleaned up
[  261.846617][ T9090] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  261.867324][ T9090] Quota error (device loop7): write_blk: dquota write failed
[  261.881046][ T9090] Quota error (device loop7): remove_free_dqentry: Can't write block (5) with free entries
[  261.906830][ T9090] EXT4-fs (loop7): Quota write (off=5120, len=1024) cancelled because transaction is not started
[  261.917990][ T9090] Quota error (device loop7): write_blk: dquota write failed
[  261.925654][ T9090] Quota error (device loop7): free_dqentry: Can't move quota data block (5) to free list
[  261.935832][ T9090] EXT4-fs (loop7): Quota write (off=8, len=24) cancelled because transaction is not started
[  261.946314][ T9090] Quota error (device loop7): v2_write_file_info: Can't write info structure
[  261.955424][ T9090] Quota error (device loop7): do_check_range: Getting dqdh_entries 15 out of range 0-14
[  261.966203][T16022] EXT4-fs (loop7): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[  261.981502][T14989] EXT4-fs (loop9): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.028325][T16033] netlink: 'syz.5.3712': attribute type 4 has an invalid length.
[  262.066773][T16033] netlink: 'syz.5.3712': attribute type 4 has an invalid length.
[  262.107224][T15284] EXT4-fs (loop7): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  262.212555][T16043] netlink: 4 bytes leftover after parsing attributes in process `syz.4.3716'.
[  262.250692][T16043] netlink: 12 bytes leftover after parsing attributes in process `syz.4.3716'.
[  263.754297][T16071] loop4: detected capacity change from 0 to 1024
[  263.771210][T16071] EXT4-fs: Ignoring removed oldalloc option
[  263.821561][T16071] EXT4-fs: Ignoring removed bh option
[  264.046596][T16071] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  264.324656][T16082] chnl_net:caif_netlink_parms(): no params data found
[  264.351001][T10675] ==================================================================
[  264.359140][T10675] BUG: KCSAN: data-race in copy_folio_from_iter_atomic / copy_folio_from_iter_atomic
[  264.368642][T10675] 
SYZFAIL: failed to recv rpc
fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor)
[  264.370998][T10675] write to 0xffff888146262488 of 20 bytes by task 16071 on cpu 0:
[  264.378828][T10675]  copy_folio_from_iter_atomic+0x75f/0x1170
[  264.384758][T10675]  generic_perform_write+0x2c1/0x490
[  264.390109][T10675]  ext4_buffered_write_iter+0x1ee/0x3c0
[  264.395690][T10675]  ext4_file_write_iter+0x380/0xfa0
[  264.400922][T10675]  iter_file_splice_write+0x6bc/0xa80
[  264.406335][T10675]  direct_splice_actor+0x156/0x2a0
[  264.411501][T10675]  splice_direct_to_actor+0x311/0x670
[  264.416916][T10675]  do_splice_direct+0x119/0x1a0
[  264.421810][T10675]  do_sendfile+0x382/0x650
[  264.426259][T10675]  __x64_sys_sendfile64+0x105/0x150
[  264.431486][T10675]  x64_sys_call+0x2dc4/0x3020
[  264.436205][T10675]  do_syscall_64+0x12c/0x370
[  264.440851][T10675]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  264.446785][T10675] 
[  264.449129][T10675] read to 0xffff888146262400 of 1024 bytes by task 10675 on cpu 1:
[  264.457043][T10675]  copy_folio_from_iter_atomic+0x75f/0x1170
[  264.462978][T10675]  generic_perform_write+0x2c1/0x490
[  264.468301][T10675]  shmem_file_write_iter+0xc5/0xf0
[  264.473453][T10675]  lo_rw_aio+0x67d/0x730
[  264.477736][T10675]  loop_process_work+0x56c/0xac0
[  264.482704][T10675]  loop_workfn+0x31/0x40
[  264.486971][T10675]  process_scheduled_works+0x4de/0x9e0
[  264.492478][T10675]  worker_thread+0x581/0x770
[  264.497106][T10675]  kthread+0x22a/0x280
[  264.501226][T10675]  ret_from_fork+0x150/0x360
[  264.505868][T10675]  ret_from_fork_asm+0x1a/0x30
[  264.510682][T10675] 
[  264.513026][T10675] Reported by Kernel Concurrency Sanitizer on:
[  264.519209][T10675] CPU: 1 UID: 0 PID: 10675 Comm: kworker/u8:18 Tainted: G        W           syzkaller #0 PREEMPT(full) 
[  264.530543][T10675] Tainted: [W]=WARN
[  264.534367][T10675] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  264.544449][T10675] Workqueue: loop4 loop_workfn
[  264.549253][T10675] ==================================================================
[  264.670607][T16082] bridge0: port 1(bridge_slave_0) entered blocking state
[  264.729124][T16082] bridge0: port 1(bridge_slave_0) entered disabled state
[  264.750808][T16082] bridge_slave_0: entered allmulticast mode
[  264.772148][T16082] bridge_slave_0: entered promiscuous mode
[  264.941987][ T2084] bridge_slave_0: left allmulticast mode
[  264.947768][ T2084] bridge_slave_0: left promiscuous mode
[  264.953499][ T2084] bridge0: port 1(bridge_slave_0) entered disabled state
[  265.004285][T16071] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  265.017693][ T2084] bond0 (unregistering): Released all slaves
[  265.346306][ T2084] netdevsim netdevsim9 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.394481][ T2084] netdevsim netdevsim9 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.454123][ T2084] netdevsim netdevsim9 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.504167][ T2084] netdevsim netdevsim9 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.566039][ T2084] netdevsim netdevsim7 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.624505][ T2084] netdevsim netdevsim7 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.685843][ T2084] netdevsim netdevsim7 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.735242][ T2084] netdevsim netdevsim7 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.827704][ T2084] netdevsim netdevsim8 netdevsim3 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.838105][ T2084] netdevsim netdevsim8 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.894811][ T2084] netdevsim netdevsim8 netdevsim2 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.905754][ T2084] netdevsim netdevsim8 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  265.956899][ T2084] netdevsim netdevsim8 netdevsim1 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  265.967398][ T2084] netdevsim netdevsim8 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.004761][ T2084] netdevsim netdevsim8 netdevsim0 (unregistering): unset [0, 0] type 1 family 0 port 8472 - 0
[  266.015217][ T2084] netdevsim netdevsim8 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  266.078599][ T2084] bridge_slave_1: left allmulticast mode
[  266.085648][ T2084] bridge_slave_1: left promiscuous mode
[  266.091495][ T2084] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.102045][ T2084] bridge_slave_0: left allmulticast mode
[  266.107730][ T2084] bridge_slave_0: left promiscuous mode
[  266.113902][ T2084] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.122504][ T2084] bridge_slave_1: left allmulticast mode
[  266.128236][ T2084] bridge_slave_1: left promiscuous mode
[  266.134614][ T2084] bridge0: port 2(bridge_slave_1) entered disabled state
[  266.142827][ T2084] bridge_slave_0: left allmulticast mode
[  266.148486][ T2084] bridge_slave_0: left promiscuous mode
[  266.154288][ T2084] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.162803][ T2084] bridge_slave_0: left allmulticast mode
[  266.168622][ T2084] bridge_slave_0: left promiscuous mode
[  266.174864][ T2084] bridge0: port 1(bridge_slave_0) entered disabled state
[  266.334099][ T2084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.344470][ T2084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.354731][ T2084] bond0 (unregistering): Released all slaves
[  266.385216][ T2084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.395119][ T2084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.405019][ T2084] bond0 (unregistering): Released all slaves
[  266.415455][ T2084] bond1 (unregistering): (slave ip6gretap1): Releasing active interface
[  266.543820][ T2084] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  266.553938][ T2084] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  266.563889][ T2084] bond0 (unregistering): (slave bridge_slave_1): Releasing backup interface
[  266.573693][ T2084] bond0 (unregistering): Released all slaves
[  266.581595][ T2084] bond1 (unregistering): Released all slaves
[  266.635946][ T2084] hsr_slave_0: left promiscuous mode
[  266.641886][ T2084] hsr_slave_1: left promiscuous mode
[  266.647555][ T2084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.655119][ T2084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.663108][ T2084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.670545][ T2084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.682506][ T2084] hsr_slave_0: left promiscuous mode
[  266.688409][ T2084] hsr_slave_1: left promiscuous mode
[  266.694728][ T2084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.702290][ T2084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.710008][ T2084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.717954][ T2084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.728100][ T2084] hsr_slave_0: left promiscuous mode
[  266.733987][ T2084] hsr_slave_1: left promiscuous mode
[  266.739784][ T2084] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  266.747436][ T2084] batman_adv: batadv0: Removing interface: batadv_slave_0
[  266.755788][ T2084] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  266.763760][ T2084] batman_adv: batadv0: Removing interface: batadv_slave_1
[  266.783972][ T2084] veth1_macvtap: left promiscuous mode
[  266.789581][ T2084] veth0_macvtap: left promiscuous mode
[  266.795337][ T2084] veth1_vlan: left promiscuous mode
[  266.800573][ T2084] veth0_vlan: left promiscuous mode
[  266.806583][ T2084] veth1_macvtap: left promiscuous mode
[  266.812253][ T2084] veth0_macvtap: left promiscuous mode
[  266.817772][ T2084] veth1_vlan: left promiscuous mode
[  266.823091][ T2084] veth0_vlan: left promiscuous mode
[  266.828955][ T2084] veth1_macvtap: left promiscuous mode
[  266.834553][ T2084] veth0_macvtap: left promiscuous mode
[  266.840127][ T2084] veth1_vlan: left promiscuous mode
[  266.845547][ T2084] veth0_vlan: left promiscuous mode
[  266.987842][ T2084] team0 (unregistering): Port device team_slave_1 removed
[  266.999296][ T2084] team0 (unregistering): Port device team_slave_0 removed
[  267.060894][ T2084] team0 (unregistering): Port device team_slave_1 removed
[  267.070968][ T2084] team0 (unregistering): Port device team_slave_0 removed
[  267.133358][ T2084] team0 (unregistering): Port device team_slave_1 removed
[  267.143336][ T2084] team0 (unregistering): Port device team_slave_0 removed
[  267.758419][ T2084] IPVS: stop unused estimator thread 0...