last executing test programs:

16m15.028098711s ago: executing program 0 (id=175):
socket$nl_netfilter(0x10, 0x3, 0xc)
prlimit64(0x0, 0xe, &(0x7f0000000600)={0x9, 0x20000008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000140)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e22}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x48)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15)
syz_open_procfs(0x0, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19)
ioctl$EXT4_IOC_GROUP_EXTEND(0xffffffffffffffff, 0x40086607, 0x0)

16m14.031930043s ago: executing program 0 (id=180):
bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x41100, 0x60, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x2, 0x0, &(0x7f0000000440)=[{0x1, 0x2, 0x3, 0xc}, {0x5, 0x5, 0xf, 0x1}], 0x10, 0xe}, 0x94)
r0 = syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0)
ptrace(0x10, r0)
ptrace$setregset(0x4205, r0, 0x1, &(0x7f0000000100)={&(0x7f0000000040)="dcef58b7f29c1f7c93d183044aedba283413e674c7719c33a4b17f028f68610a6c55bb2bf8282853f3e16f8394a8676ff55a3507e2ad50248c6130863b0f7433c7fbc9b978a39eae88bffd05d139cedbee444f7c98e1f92b0f64462b4b470bedced2125e0b1f38fbaa348c6d75aa1a4011e9cdae15ecb9309b0101edbf6dd6d111d6132f1821a4e4cbec8438c571a70e7ca7b0451a6c", 0x96})
ptrace$setregset(0x4205, r0, 0x200, &(0x7f00000001c0)={&(0x7f0000000440)="c94522e546f93f6dedf11f1509685636", 0x60})

16m13.666802835s ago: executing program 0 (id=182):
r0 = socket$packet(0x11, 0x3, 0x300)
setsockopt$packet_fanout(r0, 0x107, 0x12, &(0x7f0000000140)={0x1, 0x6}, 0x4)
setsockopt$packet_fanout_data(r0, 0x107, 0x16, 0x0, 0x0)
r1 = socket(0x2, 0x3, 0x6)
bind$inet(r1, &(0x7f0000000080)={0x2, 0xfffa, @local}, 0x10)
sendto$inet(r1, &(0x7f00000023c0)="8ce2ad4d4f95e087a7846d3f81", 0x14, 0x0, &(0x7f0000002400)={0x2, 0x0, @multicast2}, 0x10)

16m13.473173544s ago: executing program 0 (id=184):
prlimit64(0x0, 0xe, 0x0, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
syz_mount_image$jfs(&(0x7f0000000400), &(0x7f0000000000)='./file1\x00', 0x800c08, &(0x7f0000000200)=ANY=[@ANYBLOB="2c756d61736b3d300004000000000000000000", @ANYRES32, @ANYRESOCT=0x0, @ANYRESDEC, @ANYRESOCT, @ANYRESHEX, @ANYRES16, @ANYRESOCT, @ANYRES8, @ANYRES16=0x0, @ANYRESOCT], 0x21, 0x624a, &(0x7f0000000880)="$eJzs3UuPHFfZB/Cnr3PxG8fKIsprITRJzCWE+BqMIUCSBSzYsEDeIluTSWThALINciILTzQbFnwIEBJLhFiy4gNkwZYdHwBLNhIoqxSqmXPGNeVp94zt6eqZ8/tJ4+qnTlX3Kf+7prunqvoEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABA//MGPz/Ui4sqv0owTEf8Xg4h+xFJdr0TE0sqJ5jovxWZzvBgRo4WIev3Nf56PeDMiPj0ecf/BndV69vk99uP7f/7HH35y7Ed//9PozH//cmvw1qTlbt/+7X/+evfJtxcAAABKVFVV1Usf809GxDB9tgcAjr78+l8leb567ur1OeuPWq1Wqw9h3VTt7m6ziIj15jr1ewaH4wHgkFmPz7ruAh2Sf9GGEXGs604Ac63XdQc4EPcf3FntpXx7zdeDla32fC7IjvzXe9vXd0yaTtM+x2RWz6+NGMQLE/qzNKM+zJOcf7+d/5Wt9nFa7qDzn5VJ+Y+3Ln0qTs5/0M6/5ejk3981/1Ll/If7yn8gfwAAAAAAmGP57/8nOj7+u/D0m7Injzv+uzKjPgAAAAAAAADAs7bf8f+GrfH/thn/DwAAAOZW/Vm99rvjD+dN+i62ev7lXsRzreWBwqSLZZa77gcAAAAAAAAAAAAAlGS4dQ7v5V7EKCKeW16uqqr+aWrX+/W06x92pW8/lKzrX/IAALDl0+Ota/l7EYsRcTl9199oeXm5qhaXlqvlamkhv58dLyxWS43PtXlaz1sY7+EN8XBc1Xe22Fivadrn5Wnt7furH2tcDfbQsdnoMHAAiIitV6P7XpGOmKp6Prp+l8PhYP8/euz/7EXXz1MAAADg4FVVVfXS13mfTMf8+113CgCYifz63z4uoFar1Wq1+ujVTdXu7jaLiFhvrlO/ZzAcPwAcMuvxWdddoEPyL9owIl7quhPAXOt13QEOxP0Hd1Z7Kd9e8/Ugje+ezwXZkf96b3O9vP5u02na55jM6vm1EYN4YUJ/XpxRH+ZJzr/fzv/KVvs4LXfQ+c/KpPzr7TzRQX+6lvMftPNvOTr593fNv1Q5/+G+8h/IHwAAAAAA5lj++/+JuTr+O37SzZnqccd/Vw7sUQEAAAAAAADgYN1/cGc1X/eaj/9/YZflXP95NOX8e/IvUs6/38r/q63lBo3b9959mP+/H9xZ/eOtf/1/nu4x/4d310vPrF56RvRSU2+Ypk+zdY/aGA3G9SONev3BMJ3zU43ej2txPdbi7I5l++n/42H7uUc2YrTZXg222s/vaB9ut+f1L+xoH6Uznaql3H46VuPncT3e22yv2xambP/ilPZqSnvOf2D/L1LOf9j4qfNfTu291rR275P+I/t9c7rb47xz7Yu/OXvwmzPVRgy2t62p3r5XOujP5v/JsXH88ubajdO3r966deNcpMmOuecjTZ6xnP8o/Wz//n91qz3/om7ur/c+Ge87/3mxEcOJ+b/auF1v72sz7lsXcv7j9JPzfy+1777/H+b8J+//r3fQHwAAAAAAAAAAAAAAAHicqqo2LxF9JyIuput/uro2EwCYrfz6XyV5/qzqwYwfT60+5HVvzvoz0/rz6lnd3zDmYXvU6i7qpmp3bzeLiPhbc536PcOvd7szAGCefR4R/+y6E3RG/gXL3/dXT0913Rlgpm5+9PFPr16/vnbjZtc9AQAAAAAAAACeVB7/c6Ux/vOpqqrutpbbMf7ru7HytON/DvON7QFGJwxUPdj/Nj3ORn886DeGG385Jo3/Pdq+9bjxv4dTHm80pX08pX3h0VlLzWJxyvq7XujRkPN/uTHe+amIONkafr2E8V/bY96XIOf/SuP5XOf/ldZyzfyr3x/m/Ps78j9z68NfnLn50cdvXPvw6gdrH6z97MK5c2cvXLx46dKlM+9fu752duvfDnt8sHL+eexr54GWJeefM5d/WXL+X0q1/MuS8/9yquVflpx/fr8n/7Lk/PNnH/mXJef/WqrlX5ac/9dSLf+y5PxfT7X8y5Lz/3qq5V+WnP8bqZZ/WXL+p1Mt/7Lk/M+keo/5Lx10v5iNnH8+wmX/L0vOP5/ZIP+y5PzPp1r+Zcn5X0i1/MuS838z1fIvS87/G6mWf1ly/hdTLf+y5Py/mWr5lyXnfynV8i9Lzv9bqZZ/WXL+3061/MuS838r1fIvS87/O6mWf1ly/t9NtfzLkvP/XqrlX5ac/9upln9ZHn7/vxtuzPjGyNNvfm90/ZsJAAAAAAAAAAAAAGibxenEXW8jAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADA/9iBAwEAAAAAIP/XRqiqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqqrCDhwIAAAAAAD5vzZCVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVVFfbuLkaus74f+Nn17nrtQGIg5O/kb2DjmBASJ7t+iV9oU0x4bXgPhEJfsF3v2iz4Da9dAo1ko0CJhFFRRdtw0RYQKrmpiCpU0QpQLlCrqpWgvaA3iIqWi6gKKKBWaivIVnPO8zw7Mzs7M+sdr8+c8/lI8c87c2bOmTNnzu53ne8MAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAs1tfO/epkSzLGv/lf2zJsuc1/r5pakt+2auu9RYCAAAAa/WL/M9nb0gXHOrjRk3L/N1Lv/O1xcXFxey9G/5w/HOLi+mKqSwb35hl+XXRkz9830jzMsGj2eTIaNPXoz1Wv6HH9WM9rh/vcf1Ej+s39rh+ssf1y3bAMpuK38fkd7Yj/+uWYpdmN2bj+XU7Otzq0ZGNo6Pxdzm5kfw2i+PHs/nsZDaXzbQsXyw7ki//jVsb63pTFtc12rSubY0j5KePHIvbMBL28Y6WdS3dZ/Tj12RTP/vpI8f+/PwzN3eaPXdDy/0V23nH9sZ2fiJcUmzrSLYx7ZO4naNN27mtw3OyoWU7R/LbNf7evp3P9rmdG5Y2c121P+eT2Wj+9+/m+2ms+dd6aT9tC5f9921Zll1a2uz2ZZatKxvNNrdcMrr0/EwWR2TjPhqH0guzsVUdp7f2cZw25uyO1uO0/TURn/9bw+3GVtiG5qfpxx+faHref754Jcdp1HjUK71W2o/BQb9WynIMxuPiu/mDfqzjMbgjPP5Hbl/5GOx47HQ4BtPjbjoGt/c6BkcnNuTbPPqVzXHt21uOwV0ty2/I1zSSz6dv734MTp8/dXZ64aMfu3v+1NETcyfmTu/ZtWtmz759Bw4cmD4+f3Jupvjzivd32W3ORtNrYHvYd/E18Iq2ZZsP1cUvTiw7/17p63Cyy+twS9uyg34djrU/uJH1eUEuHdPxkuK18e7GTp+8PJqt8BrLn5871/46TI+76XU41vQ67Pg9Zdk2j+S36fU6bCxz9s7+fmYZa/qv0zas/L1gbcfglqZjsP3nkfZjcNA/j5TlGJwMx8X371z5e8G2sL2P7VztzyMblh2D6eGGc0/jkvTz/uSBfHQ6Lm9pXHHdRHZhYe7cPQ8fPX/+3K4sjHXxoqZjpf143dz0mLJlx+voqo/XQ/MvfeyWDpdvCftq8u7GH5MrPleNZfbe0/25yr+7dd6fLZfuzsIYsPXen52+mzf250SWff7bH3/wm498/rUr7s9G3vzE9Np/Fk+5tOn8O77C+Tfm/ueK9aW7enTD+Fjx+t2Q9s54y/m49akay89dI/m6n53u73w8Hv5b7/PxjV3Ox1vblh30+Xi8/cHF8/FIr992rE378zkZjpOTM93Px41ltu5e7TE51vV8fFuYI2H/vzIkhZSLmo6dlY7btK6xsfHwuMbiGlqP0z0ty4+HbNZY1xO7r+w4veO24r42pEe3ZL2O06m2ZQd9nKbffa10nI70+u3blWl/PifDcXHjnu7HaWOZp/au/dy5Kf616dw50esYHN8w0djm8XQQ5uf7bHFTPAbvyY5lZ7KT2Wx+7UR+PI3k69p5b3/H4ET4b73PlVu7HIN3tC076GMwfR9b6dgbGVv+4Aeg/fmcDMfF4/d2PwYby7xu/2B/dr0jXJKWafrZtf33ayv9zuuWtt10tY6VsbCd397f/XezjWVOHlhtzuy+n+4Kl1zXYT+1v35Xek3NZuuzn7aG7XzmwMr7qbE9jWU+d7DP4+lQlmUXP3x//vve8O8rf3nhe19r+XeXTv+mc/HD9//k+cf/djXbD8Dwe64Ym4vvdU3/MtXPv/8DAAAAQyHm/tEwE/kfAAAAKiPm/vh/hSfyPwAAAFRGzP1jYSY1yf9bX/fM/HMXs9TMXwzi9Wk3PFAsFzuuM+HrqcUljcvv//Lcf/3Nxf7WPZpl2c8f+N2Oy299IG5XYSps55Ovb718ma/d3de6jzx0Ma23ub/+hXD/8fH0exh0quDOZFn2jRs+k69n6n2X8/nUA0fy+eClxx5tLPPsweLrePunX1Qs/yeh/Hvo+NGW2z8d9sOPwpx5c+f9EW/31cuv3Lb/PUvri7cb2X59/rAff39xv/F9cj77aLF83M8rbf83P/3EVxvLP/zyztt/cbTz9j8R7vfLYf7PS4rlm5+Dxtfxdp8M2x/XF293z5e+1XH7n/xUsfzZNxTLHQkzrv+O8PWONzwz37y/Hh452vK4sjcWy8X1z3zv9/Pr4/3F+2/f/snDl1v2R/vx8dQ/F/cz3bZ8vDyuJ/rrtvU37qf5+Izrf+L3jrTs517rf/LBp1/SuN/29d/VttzZD9+Zr3/p/lrfselPP/mZjuuL23PoL862PJ5D7wyv47D+x98fjsdw/f8+Wdxf+7srHHln6/knLv+FLRdbHk/0pp8V63/y1SfyuXFy0+brnvf86y+9rLHvsuy7G4v767X+E392pmX7v3hTsT/i9bGj377+lcT1n/vIztNnFi7Mz6a9+sgN+XvnvKXYnri9N4Rza/vXh8+c/8DcuamZqZksm6ruW+hdsS+F+ZNiXOq+9OKyM+idD4Xn85Y//sbm2//p0/Hyf3l3cfnlNxfft14RlvtsuHxLeP5Wt/7lHr/1pvz1PfJU2MLF5e8XvBbbdvzHgb4WDI+//eeCeLyfffEH8v3QuC7/vhFf12vc/h/MFvfz9bBfF8M7M2+/aWl9zcvH90a4/K7i9b7m/RdOc/F5/Up4vt/6o+L+43bFx/uD8HPMt7a2nu/i8fH1i6Pt95+/i8elcD7JLhXXx6Xi/r787E0dNy++D0l26eb86z9I93Pzqh7mShY+ujB9cv70hYenz88tnJ9e+OjHDp86c+H0+cP5e3ke/mCv2y+dnzbn56fZuX17s/xsdaYYV9m13v6zDx2b3T9z++zc8aMXjp9/6OzcuRPHFhaOzc0u3H70+PG5j/S6/fzsfbt2H9yzf/fOE/Oz9x04eHDPwZ3zp880NqPYqB72zXxo5+lzh/ObLNy39+Cue+/dO7Pz1JnZufv2z8zsvNDr9vn3pp2NW//OznNzJ4+enz81t3Nh/mNz9+06uG/f7p7vBnjq7PGFqelzF05PX1iYOzddPJap8/nFje99vW5PNS38a/HzbLuR4o34srfftS+9P2vDlz++4l0Vi7S9gegz4b1o/v4FZw/083XM/eNhJjXJ/wAAAFAHMfdPhJnI/wAAAFAZMfdvDDOR/wEAAKAyYu6fDDOpSf6vXP9/68W+1q//r//fvL/0/2vW/39X2fr/jfPFXOp16v+vzVr79/r/gf6//r/+v/6//j8DULb+f8z9m7KslvkfAAAA6iDm/s1hJvI/AAAAVEbM/deFmcj/AAAAUBkx9z8vzKQm+V//X/9f/1//X/+/8/rXt//v8/8HRf+/O/3/HvT/p7N69f8vDXL79f/77P9P9bonqqRs/f+Y+58fZlKT/A8AAAB1EHP/9WEm8j8AAABURsz9N4SZyP8AAABQGTH3bwkzqUn+1//X/9f/1//X/++8fv3/4aT/353+fw/6/z7/X//f5/8zUGXr/8fc/4Iwk5rkfwAAAKie5b9MiLn/hWEm8j8AAACUz9iV3Szm/heFmSzL/1e4AgAAAOCai7n/xqytCF6Tf//X/9f/1//X/9f/77z+/vv/GzL9//LQ/+9O/78H/f+19ecbJ0b9f/1//X+alK3/n+f+bDJ7cZhJTfI/AAAA1EHM/TeFmcj/AAAAUBkx9/+/MBP5HwAAACoj5v6tYSY1yf/6//r/dev//9te/X/9f5//X2X6/93p//eg/+/z//X/9f8ZjPiDUsn6/zH33xxmUpP8DwAAAHUQc/8tYSbyPwAAAFRGzP3/P8xE/gcAAIDKiLl/W5hJTfK//n/J+/+xOar/7/P/9f/1//X/+6L/353+fw/6//r/+v/6/wzUQsn6/zH3vyTMpCb5HwAAAOog5v6XhpnI/wAAAFAZMfe/LMxE/gcAAIDKiLl/KsykJvlf/7/k/f+iBz/h8//1//X/9f/1//uj/9+d/n8P+v/6//r/+v8MVNn6/zH33xpmUpP8DwAAAHUQc//2MBP5HwAAACoj5v7bwkzkfwAAAKiMmPt3hJnUJP/r/w9F/z/T/9f/1//X/9f/74/+f3f6/z3o/+v/6//r/zNQZev/x9z/8jCTmuR/AAAAqIOY+28PM5H/AQAAoDJi7n9FmIn8DwAAAJURc/8dYSY1yf/6//r/+v/6//r/ndev/z+c9P+70//vQf9f/1//X/+fgSpb/z/m/leGmdQk/wMAAEAdxNx/Z5iJ/A8AAACVEXP/XWEm8j8AAABURsz9O8NMapL/9f/1//X/9f/1/zuvX/9/OOn/d6f/34P+v/6//r/+PwNVtv5/zP13h5nUJP8DAABAHcTcf0+YifwPAAAAlRFz/3SYifwPAAAAlRFz/0yYSU3yv/6//r/+fyn7//lNStn/f9nS/er/F/T/y0X/vzv9/x70//X/r3n/f1z/n0opW/8/5v5dYSY1yf8AAABQBzH37w4zkf8BAACgMmLu3xNmIv8DAABAZcTcvzfMpCb5X/9f/1//v5T9/1wp+/9N9P8L+v/lov/f3eD7//Eh6v/r/+v/+/x//X+WK1v/P+b+e8NMapL/AQAAoA5i7t8XZiL/AwAAQGXE3L8/zET+BwAAgMqIuf9AmElN8r/+v/6//r/+v/5/5/Xr/w+ncvb/R/te//D1/33+/3D1/092vfZa9+fX6lpvv/6//j/Lla3/H3P/wTCTmuR/AAAAqIOY+18VZiL/AwAAQGXE3P9LYSbyPwAAAFRGzP2/HGZSk/yv/1/2/v9opv+v/6//r/+v/9+/cvb/+6f/r//v8/+Hd/v1//X/Wa5s/f+Y++8LM6lJ/gcAAIA6iLn/V8JM5H8AAACojJj7Xx1mIv8DAABAZcTcfyjMpCb5v2L9/8n+1jxM/X+f/38N+/+vae/f6//r/+v/l5/+f3f6/z3o/+v/6//r/zNQZev/x9z/mjCTmuR/AAAAqIOY++8PM5H/AQAAoDJi7n9tmIn8DwAAAJURc//rwkxqkv8r1v+v4Of/6//7/H/9f/1//f/V0P/vTv+/B/1//X/9f/1/Bqps/f+Y+18fZlKT/A8AAAB1EHP/G8KMxq/ZFgEAAACDFnP/G8NM/Ps/AAAAVEbM/W8KM6lJ/tf/1//X/9f/1//vvH79/+Gk/9+d/n8P+v/6//r/+v8MVNn6/zH3/2qYSU3yPwAAANRBzP0PhJnI/wAAAFAZMfe/OcxE/gcAAIDKiLn/LWEmNcn/+v/6//r/+v/6/53Xr/8/nPT/uxuy/v8vrg+X6/8X9P/Lvf2r7f+PtX19Vfr/P1yp/7+4sf32+v9cDWXr/8fc/9Ywk5rkfwAAAKiDmPvfFmYi/wMAAEBlxNz/9jAT+R8AAAAqI+b+d4SZ1CT/6/83tmOpvaz/r/+fX7Au/f93/Kf+v/5/pv8/cPr/3Q1Z/9/n/7fR/y/39vv8f/1/litb/z/m/neGmdQk/wMAAEAdxNz/YJiJ/A8AAACVEXP/u8JM5H8AAACojJj73x1mUpP8r//v8//1/33+v/5/5/Wvtv/f6TzQTP9/fej/d6f/34P+v/5/2fr//67/z3ArW/8/5v6Hwkxqkv8BAACgDmLuf0+YifwPAAAAlRFz/6+Fmcj/AAAAUBkx9783zKQm+X/l/v+HWhe8Sv3/Tfr/ffb/p/T/9f/1/9seT9n6/73o/68P/f/u9P970P/X/y9b/9/n/zPkytb/j7n/fWEm/ef/yb6XBAAAAK6JmPt/PcykJv/+DwAAAHUQc/9vhJnI/wAAAFAZMff/ZphJTfK/z/8flv6/z//P9P+Hv/8/qv+v/3/1rV//P5559P/1//X/I/1//X/9f9qVrf8fc/9vhZnUJP8DAABAHcTc//4wE/kfAAAAhkKn/ye7Xcz9h8NM5H8AAACojJj7j4SZ1CT/6//XqP//V/9QXKn/Pxz9/z/a/o/f/87bjuyqUv/f5//r/6+Ddf38/8aL3+f/6//r/yf6//r/+v+0K1v/P+b+o2EmNcn/AAAAUAcx9/92mIn8DwAAAJURc/+xMBP5HwAAACoj5v7ZMJOa5H/9/xr1/33+/3D1/4f48//j/tD/bzWw/n886er/d7Su/f/3LPXE9f9X2/+f6Hip/r/+/zBvv/6//j/Lla3/H3P/XJhJTfI/AAAA1EHI/aPHi7l0hfwPAAAAlRFz/4kwE/kfAAAAKiPm/g+EmdQk/+v/6//r/+v/+/z/zusvbf/f5/93pf/fXXn6/53p/+v/D/P26//r/7Nc2fr/MffPh5nUJP8DAABAHcTc/8EwE/kfAAAAKiPm/g+Fmcj/AAAAUBkx958MM6lJ/tf/1//X/9f/1//vvH79/+Gk/9+d/n8P+v/6/1ey/eG40f/X/2e5svX/Y+4/FWZSk/wPAADA/7F3J02SluX+x7OgOVQFEYezO4uzOWt9CSx0rS/AhRs3RqgLUHFWpHEeccJ5wHnGARRxQsUZnFCcRcR5QEUUB8Row+7rurqq86knq7ozq568789nwYX9t82EP6HnR/ONmx7k7r8wbrH/AQAAoBm5+y+KW+x/AAAAaEbu/kfGLZ3sf/2//r/Z/v9++v/dPl//r/9vmf5/yEX1e/r/BfT/+n/v/+v/Waqp9f+5+x8Vt3Sy/wEAAKAHufsfHbfY/wAAANCM3P0Xxy32PwAAADQjd/9j4pZO9v8p/f/GrM/+PzNe/X9L/b/3/3f9fP2//r9lB9v/X/af/+Zbg/7/JP3/Avp//b/+X//PUk2t/8/d/9i4pZP9DwAAAD3I3f+4uMX+BwAAgGbk7n983GL/AwAAQDNy9z8hbulk/3v/3/v/+n/9v/5/+PP1/+vJ+//jeur/L77lvAvvuvb/rtvP56++/79zZ/8f9P/LcdjfX/+v/2fe1Pr/3P1PjFs62f8AAADQg9z9T4pb7H8AAABoRu7+J8ct9j8AAAA0I3f/U+KWTva//l//r//X/7fS/18RP67/75v+f1xP/f/pfL73//X/+n/9P8s1tf4/d/8lcUsn+x8AAAB6kLv/qXGL/Q8AAADNyN1/adxi/wMAAEAzcvcfjVs62f/6/9X3///S/+v/4+r/vf+v/189/f84/f8C+n/9v/5f/89STa3/z91/WdzSyf4HAACAHuTuf1rcYv8DAABAM3L3Pz1usf8BAACgGbn7nxG3dLL/9f/e/9f/6//1/8Ofr/9fT/r/cfr/BfT/Z9rPn6P/1//r/9lun/3/PSP/tb2U/j93/zPjlk72PwAAAPQgd/+z4hb7HwAAAJqRu//ZcYv9DwAAAM3I3f+cuKWT/a//1//r//X/p93/z/+ld5z+f9jy+v+t+s/U/8/T/4+bTP+/cWTwh/X/a9//e/9f/6//Z4epvf+fu/+5cUsn+x8AAAB6kLv/eXHLyP7f99/MBwAAAA5V7v7nxy1+/R8AAADWXlZnuftfELd0sv/1//p//b/+3/v/w58/1v9ft+37ef9/WvT/4ybT/+9C/6//X+fvr//X/zNvav1/7v4Xxi2d7H8AAADoQe7+y+MW+x8AAACakbv/RXGL/Q8AAADNyN3/4rilk/0/3P+f/H/X/++N/n/n99f/D//1saz+P/8T9f+j/f/9233/X/8/Rv8/Tv+/gP5///38tj9E/f/p9P+X1O9NvP/fWvTz9f8MmVr/n7v/JXFLJ/sfAAAAepC7/6Vxi/0PAAAAzcjd/7K4xf4HAACAZuTuvyJu6WT/e/9f/5/9/OYa9P9n6/+9/z+R9/9nB97/H9H/75H+f5z+fwH9v/f/23j/P3/I+/8cuqn1/7n7Xx63dLL/AQAAoAe5+18Rt9j/AAAAsB62/7MDp/4DpSF3/yvjFvsfAAAAmpG7/1VxSyf7X/+v//f+v/5f/z/8+dPq/73/v1f6/3H6/wX0/6vo54801v9fudvPn0L/f+nq3v/X/3NadvT/15/88cPq/3P3vzpu6WT/AwAAQA9y978mbrH/AQAAoBm5+18bt9j/AAAA0Izc/a+LWzrZ/yvv/7d2/2z9v/5f/6//1/+f+KtH/788+v9x+v8F9P/e/2/j/X/9P5Oxo//f5rD6/9z9r49bOtn/AAAA0IPc/W+IW+x/AAAAaEbu/ivjFvsfAAAAmpG7/41xSyf73/v/+n/9v/5f/z/8+d7/X0/6/3H6/wX0/9v7+YfP9P/6f/0/Z2hq/X/u/jfFLZ3sfwAAAOhB7v43xy32PwAAADQjd/9b4hb7HwAAAJqRu/+tcUsn+1//v9r+P39c/6//n+n/9f/6/wPRbf+/MfS/RPN26f9vetjRB+78Ef2//t/7//p//T9LMIn+/9jJ/+syd//b4pZO9j8AAAD0IHf/2+MW+x8AAACakbv/HXGL/Q8AAADNyN3/zrhln/v/f5b6rQ6O/t/7//p//b/+f/jz9f/rqdv+f4+8/7+A/l//r//X/7NUk+j/t/3r3P3vilv8+j8AAAA0I3f/u+MW+x8AAACakbv/PXGL/Q8AAADNyN3/3rilk/2v/9f/6//1//r/4c/X/68n/f+4ifb/W/k7+v/T6v/vuI/+fxLfX/+v/2fe1Pr/3P1XxS2d7H8AAADoQe7+98Ut9j8AAAA0I3f/++MW+x8AAACacU90Vh84/q/62//6f/2//l//r/8f/nz9/3rS/4+baP9fDqT/v3rkCwz1/8fOnXr/7/3/iXx//b/+n3lT6/9z938wbulk/wMAAEAPcvdfHbfY/wAAANCM3P3XxC32PwAAADQjd/+H4pZO9r/+X/+v/9f/6/+HP3+g/z+y/Xvp/6dJ/z9O/7/Aer7/r/+fyPfX/+v/mTe1/j93/4fjlk72PwAAAPQgd/+1cYv9DwAAAM3I3f+RuMX+BwAAgGbk7r8ubulk/+v/9f/6f/2//n/4873/v55W1//P9P/6f/3/Avvq589dylc+vO8/QP+v/2fe1Pr/3P0fjVs62f8AAADQg9z9H4tb9rL/t85f1dcCAAAAlih3/8fjFr/+DwAAAM3I3f+JuKWT/a//n83O2hYv6//1/8d/QP+v/192/3++/v+geP9/nP5/Af2/9//1//p/lmpq/X/u/k/GLZ3sfwAAAOhB7v7r4xb7HwAAAJpx9/Hfbs4+FbfY/wAAANCM3P2fjls62f/6f+//7+z/ZzP9v/5f/3/CAbz/vznT/y+d/n+c/n8B/X+b/f9Zs4b6/61df77+nymaWv+fu/8zcUsn+x8AAAB6kLv/hrjF/gcAAIBm5O7/bNxi/wMAAEAzcvd/Lm7pZP/r//X/3v/X/+v/hz//APr/+rOq/18e/f84/f8C+v82+3/v/+v/OTRT6/9z938+bulk/wMAAEAPcvd/IW6x/wEAAKAZufu/GLfY/wAAANCM3P1fils62f/6f/2//l//r/8f/nz9/3rS/4/T/y+g/9f/6//1/yzV1Pr/3P1fjls62f8AAADQg9z9N8Yt9j8AAAA0I3f/TXGL/Q8AAADNyN3/lbilk/2v/9f/6//Xs//f1P/r//X/g6bS/19wwQNu1v/r//X/+n/9v/6/d1Pr/3P3fzVu6WT/AwAAQA9y938tbrH/AQAAoBm5+78et9j/AAAA0Izc/d+IWzrZ//P9/zmzE4XqCUP9fzRq+v9t9P87v7/+f/ivD+//6//1/6t3av9/7j5/vvf/g/5f/6//X23////zP1//T4um1v/n7r85bulk/wMAAEAPcvd/M26x/wEAAKAZufu/FbfY/wAAANCM3P23xC2d7H/v/+v/9f8H2f9v6P/1//r/FZvK+//6/9P7/vp//f86f/9m3v8/W//P8qy+/9+K39tb/5+7/9txSyf7HwAAAHqQu/87cYv9DwAAAM3I3f/duMX+BwAAgGbk7v9e3NLJ/tf/6//1/97/1/8Pf77+fz3p/8fp/xfop//fHPrBw+7nz9Rhf/9m+n/v/7NEU3v/P3f/9+OWTvY/AAAA9CB3/w/iFvsfAAAAmpG7/4dxi/0PAAAAzcjd/6O4pZP9r//X/7ff/z9E/3/K5x9S/39U/6//Pwj6//xf9GH6/wUm0/8P//+i9/+n/f31//p/5k2t/8/df2vc0sn+BwAAgB7k7v9x3GL/AwAAQDNy998Wt9j/AAAA0Izc/T+JWzrZ//r/vvr/jVmP/b/3/yfS/3v/X/9/IPT/4/T/C0ym/1/5+/+DDrufP4Tvf+8yv7/+X//PvKn1/7n7b9840uX+BwAAgHX1oPs+4ta9/ntvP/7bzdlP4xb7HwAAAJqRu/9ncYv9DwAAAM3I3f/zuKWT/a//76v/7/P9f/2//l//3xP9/zj9/wL6/976/6V+f/2//p95U+v/c/f/Im7ZNvyO7PuPEgAAAJiS3P2/jFs6+fV/AAAA6EHu/l/FLXP7/9ge/6l2AAAAYGpy9/86bunk1//XuP8fzjJa6/9nK+r/49/Xa/9/wwU7/3zp//X/Q5+v/19P+v9xZ9j/H9vQ/+v/Rwz387f9t/5f/6//79fU+v/c/b+JWzrZ/wAAANCoHX9HIXf/b+MW+x8AAACakbv/d3GL/Q8AAADNyN1/R9zSyf5f4/5/lz+gxvr/03r/f6t+z/v/nb//f/nm4Ocvvf8/Z+cfr/5/mP7/YOj/x3n/fwH9v/f/9f/6f5Zqav1/7v7fxy2d7H8AAADoQe7+P8Qt9j8AAAA0I3f/H+MW+x8AAACakbv/zrilk/2v/2+x/9/D+//6/z76/10+v533///3vKM3Pvih11yl/+ekg+z/868F/b/+X/9/gv5f/6//51RT6/9z9/8pbulk/wMAAEAPcvffFbfY/wAAANCM3P1/jlvsfwAAAGhG7v6/xC2d7H/9v/5/Kv1//rk+hP7/6Pr1/9kU997/e/9f/z/P+//j9P8L6P/1//p//T9LNbX+P3f/3XFLJ/sfAAAAepC7/69xS+7/jX3/rXsAAABgYnL3/+343fbPaPn1fwAAAGjGid2/Oft73NLJ/tf/6/+n0v8n7/+f/Hne/z9B/6//34+17/9nZ+n/9f/6/zX9/vp//T/zptb/5+7/R9zSyf4HAACAHuTu34hbdu7//zrYbwUAAAAs0z3Hf7s5+2fc4tf/AQAAoBm5+++NWzrZ//p//b/+X/+v/x/+fP3/elr7/t/7//p//f/afn/9v/6feVPr/3P3/zsAAP//q2RquA==")
rename(&(0x7f0000000040)='./file1\x00', &(0x7f0000000300)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00')
mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0)
mkdir(&(0x7f0000000180)='./bus\x00', 0x0)
mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000380)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]})
chdir(&(0x7f00000000c0)='./bus\x00')
open(0x0, 0x143c62, 0x0)

16m10.582869857s ago: executing program 0 (id=201):
socket$nl_netfilter(0x10, 0x3, 0xc)
bpf$MAP_CREATE(0x0, 0x0, 0x50)
bpf$MAP_UPDATE_ELEM(0x2, 0x0, 0x0)
socket$inet_sctp(0x2, 0x5, 0x84)
ioctl$sock_SIOCGIFINDEX_802154(0xffffffffffffffff, 0x8933, &(0x7f0000000780)={'wpan4\x00'})
ioctl$sock_bt_hci(0xffffffffffffffff, 0x800448d2, 0x0)
socket$packet(0x11, 0x2, 0x300)
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth0_vlan\x00', <r1=>0x0})
r2 = gettid()
r3 = socket(0x10, 0x803, 0x0)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x3c, 0x10, 0x403, 0xfffffff9, 0x25dfdbfe, {0x0, 0x0, 0x74, r1, 0x19c04, 0x55007}, [@IFLA_NET_NS_PID={0x8, 0x13, r2}, @IFLA_IFNAME={0x14, 0x3, 'veth0_virt_wifi\x00'}]}, 0x3c}, 0x1, 0x0, 0x0, 0x4802}, 0x0)

16m8.431007051s ago: executing program 0 (id=211):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6000000005142106"], 0x60}, 0x1, 0x0, 0x0, 0x40000dc}, 0x4081)
bind$unix(r0, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xffffffffffffffae)
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00')
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
fallocate(0xffffffffffffffff, 0x1, 0x2, 0x7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x7462b000)
mbind(&(0x7f0000195000/0x2000)=nil, 0x2000, 0x4000, &(0x7f0000000400)=0xfb, 0x8, 0x3)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x378)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000b00)=[{0x0}, {&(0x7f0000000680)="e4836d513bcab6b90efd3ebcdfc597b9a7e727a3ece8daadf4b04a69b21dfd745934e8870086d4dcd91c1c9a69f5d303d175b4bcc0da016fb4be47336b3557b59b09b0bce1bace8b3eb86e9f3e3b4244a7bd9bad12f2ae80c3f5a6a08634b6f70ef4d694f97312f472beb24c47fbd19e9e7b2b8c851592d64758d2ff1ac341f208c6d28c62c00052de2165ad51a3db18c1315d89e480c2b6c35b5b3cfb67b110c0320acb9ef107cad8d463534bf85c32818e900374ee12822cacd3ab1cce26bd76299bbb1218e2bb99e46314cc40aa7ac7efe2d8a48a9c464e26adb85f0e5c4aed3cc8917a962fe33a589be315bc0b6b0500000033e40768e4bf8d4bf27013be64c89be276a0410ff80e298c45a5d0105424d94a869372adee93bc25c4cb8e9599860e2bbd60b6142c2c3e65074ee1bc4443db9b4b94217c3d3440713f56ec", 0x13f}], 0x2, 0x0, 0x0, 0x54}, 0x4040884)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000002e80)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x9, 0xb, 0x1c, "fee8a2ab78fc979fd1e080b8780000000000000000000000000000000001000000000000000000000000000000000000000000000000000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd0000000001800000000018f42e6000", [0x0, 0x87a]}})
syz_io_uring_setup(0x5002, &(0x7f0000000200)={0x0, 0x6c89, 0x40, 0x1, 0x25}, &(0x7f0000000280), 0x0)
read$FUSE(r3, &(0x7f0000000e40)={0x2020}, 0x2020)

16m7.840639146s ago: executing program 32 (id=211):
r0 = socket$unix(0x1, 0x5, 0x0)
r1 = socket$nl_rdma(0x10, 0x3, 0x14)
sendmsg$RDMA_NLDEV_CMD_PORT_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000001c0)=ANY=[@ANYBLOB="6000000005142106"], 0x60}, 0x1, 0x0, 0x0, 0x40000dc}, 0x4081)
bind$unix(r0, &(0x7f0000000300)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
listen(r0, 0x0)
r2 = socket$unix(0x1, 0x5, 0x0)
connect$unix(r2, &(0x7f0000000280)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e)
connect$unix(r2, &(0x7f00000000c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0xffffffffffffffae)
r3 = syz_open_procfs(0x0, &(0x7f00000002c0)='fdinfo/3\x00')
r4 = syz_open_dev$loop(&(0x7f0000000100), 0x2, 0x0)
r5 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='blkio.bfq.io_service_bytes_recursive\x00', 0x275a, 0x0)
fallocate(0xffffffffffffffff, 0x1, 0x2, 0x7)
mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, 0xffffffffffffffff, 0x7462b000)
mbind(&(0x7f0000195000/0x2000)=nil, 0x2000, 0x4000, &(0x7f0000000400)=0xfb, 0x8, 0x3)
setsockopt$IP6T_SO_SET_REPLACE(0xffffffffffffffff, 0x29, 0x40, &(0x7f0000000980)=@raw={'raw\x00', 0x8, 0x3, 0x318, 0x170, 0xffffffff, 0xffffffff, 0x170, 0xffffffff, 0x3f8, 0xffffffff, 0xffffffff, 0x3f8, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0x148, 0x170, 0x0, {}, [@common=@unspec=@helper={{0x48}}, @common=@inet=@hashlimit1={{0x58}, {'bond_slave_1\x00', {0x41, 0x1ff, 0x6, 0xb0e2, 0x10001, 0x84e, 0xfffffffb, 0x18, 0x8}, {0x1}}}]}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'erspan0\x00', 'gre0\x00'}, 0x0, 0xa8, 0xd8}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x378)
sendmsg$inet_sctp(0xffffffffffffffff, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000b00)=[{0x0}, {&(0x7f0000000680)="e4836d513bcab6b90efd3ebcdfc597b9a7e727a3ece8daadf4b04a69b21dfd745934e8870086d4dcd91c1c9a69f5d303d175b4bcc0da016fb4be47336b3557b59b09b0bce1bace8b3eb86e9f3e3b4244a7bd9bad12f2ae80c3f5a6a08634b6f70ef4d694f97312f472beb24c47fbd19e9e7b2b8c851592d64758d2ff1ac341f208c6d28c62c00052de2165ad51a3db18c1315d89e480c2b6c35b5b3cfb67b110c0320acb9ef107cad8d463534bf85c32818e900374ee12822cacd3ab1cce26bd76299bbb1218e2bb99e46314cc40aa7ac7efe2d8a48a9c464e26adb85f0e5c4aed3cc8917a962fe33a589be315bc0b6b0500000033e40768e4bf8d4bf27013be64c89be276a0410ff80e298c45a5d0105424d94a869372adee93bc25c4cb8e9599860e2bbd60b6142c2c3e65074ee1bc4443db9b4b94217c3d3440713f56ec", 0x13f}], 0x2, 0x0, 0x0, 0x54}, 0x4040884)
ioctl$LOOP_CONFIGURE(r4, 0x4c0a, &(0x7f0000002e80)={r5, 0x0, {0x2a00, 0x80010000, 0x0, 0x2, 0x0, 0x0, 0x9, 0xb, 0x1c, "fee8a2ab78fc979fd1e080b8780000000000000000000000000000000001000000000000000000000000000000000000000000000000000100", "2809e8dbe108598948224ad54afac11d875397bdb22d0000b420a1a93c5240f45f819e01177d3d458dd4992861ac00", "f4bd0000000001800000000018f42e6000", [0x0, 0x87a]}})
syz_io_uring_setup(0x5002, &(0x7f0000000200)={0x0, 0x6c89, 0x40, 0x1, 0x25}, &(0x7f0000000280), 0x0)
read$FUSE(r3, &(0x7f0000000e40)={0x2020}, 0x2020)

5.959222115s ago: executing program 6 (id=3024):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000040)={'ip6gretap0\x00', <r1=>0x0})
sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000300)=@newlink={0x50, 0x10, 0x1, 0x0, 0x0, {0x0, 0x0, 0x0, r1}, [@IFLA_LINKINFO={0x2c, 0x12, 0x0, 0x1, @ip6gretap={{0xe}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @rand_addr=' \x01\x00'}]}}}, @IFLA_VFINFO_LIST={0x4}]}, 0x50}}, 0x0)

5.827422123s ago: executing program 6 (id=3026):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0], 0xfc}}, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00)

5.703388885s ago: executing program 3 (id=3027):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[], &(0x7f00000005c0)='GPL\x00', 0x3}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x18, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}}}}, 0x0)

5.505660146s ago: executing program 6 (id=3030):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB], 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @exit], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)

5.494247687s ago: executing program 3 (id=3031):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
sendmsg$TIPC_CMD_ENABLE_BEARER(r2, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

5.290101764s ago: executing program 6 (id=3036):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r2, &(0x7f0000000240)="800000800000210ee7decd7a0000", 0xe, 0x40, &(0x7f0000000140)={0x11, 0x8100, r1, 0x1, 0xd8, 0x6, @remote}, 0x14)

4.855291672s ago: executing program 6 (id=3044):
bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0600000004000000ff0f000007"], 0x48)
r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000500)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
bpf$PROG_BIND_MAP(0xa, &(0x7f00000004c0)={r0}, 0xc)

4.695985242s ago: executing program 6 (id=3047):
socket$inet_icmp_raw(0x2, 0x3, 0x1)
syz_init_net_socket$bt_hci(0x1f, 0x3, 0x5)
close(0x4)
syz_open_procfs$namespace(0x0, &(0x7f0000000200)='ns/cgroup\x00')
unshare(0x6a040000)
socket$netlink(0x10, 0x3, 0x0)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$devlink(&(0x7f0000000140), r0)
r1 = socket$pppl2tp(0x18, 0x1, 0x1)
r2 = socket$inet6_udp(0xa, 0x2, 0x0)
connect$pppl2tp(r1, &(0x7f0000000740)=@pppol2tpv3={0x18, 0x1, {0x3, r2, {0x2, 0x4e24, @broadcast}, 0x2, 0x0, 0x4}}, 0x2e)
syz_genetlink_get_family_id$l2tp(&(0x7f0000000040), 0xffffffffffffffff)
socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$pppl2tp(0x18, 0x1, 0x1)
connect$pppl2tp(r3, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, r2, {0x2, 0x10, @broadcast}, 0x2}}, 0x2e)

3.276848281s ago: executing program 4 (id=3059):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0xefffffff]}]}]}, 0x30}}, 0x0)

2.795782537s ago: executing program 3 (id=3062):
r0 = socket$inet_tcp(0x2, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xe, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
pselect6(0x40, &(0x7f00000001c0)={0x0, 0x0, 0x3, 0xfffffffffffffffd}, 0x0, 0x0, 0x0, 0x0)
r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000900000001"], 0x48)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x2, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000300)={{r3}, &(0x7f00000000c0), &(0x7f00000002c0)=r2}, 0x20)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000000)={r4, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x11dc0, &(0x7f0000002480)=ANY=[], 0x0)

2.78732112s ago: executing program 4 (id=3063):
r0 = socket$inet6_sctp(0xa, 0x5, 0x84)
setsockopt$inet_sctp6_SCTP_INITMSG(r0, 0x84, 0x2, &(0x7f00000000c0)={0xfffc, 0xc}, 0x8)
getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)}, &(0x7f0000000140)=0x10)
getsockopt$inet_sctp6_SCTP_MAX_BURST(r0, 0x84, 0x14, &(0x7f0000000540), &(0x7f00000005c0)=0x4)

2.717910163s ago: executing program 5 (id=3065):
r0 = socket$rds(0x15, 0x5, 0x0)
sendmsg$inet(r0, &(0x7f0000000480)={&(0x7f0000000000)={0x2, 0x4e22, @initdev={0xac, 0x1e, 0x1, 0x0}}, 0x10, &(0x7f0000000380)=[{&(0x7f00000001c0)="91cfdfefdb", 0x5}], 0x1}, 0x0)
sendmsg$rds(r0, &(0x7f0000000140)={&(0x7f00000000c0)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x4}, 0x0)
setsockopt$RDS_CANCEL_SENT_TO(r0, 0x114, 0x1, &(0x7f0000000100)={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}, 0x10)

2.56297824s ago: executing program 4 (id=3068):
r0 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000980)=[{&(0x7f0000000040)="2e00000011008188040f80ec59acbc0413a1f8480b0000005e140602000000000e0027001000000002800000121f", 0x2e}], 0x1}, 0x0)

2.495441591s ago: executing program 5 (id=3069):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0200001900010000000000000000000a0101000000000000000000000000000a01010100000000000000000000000000000003000000000a00002008000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fcffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e0000000000000001000000000000000000000000000000fdffffffffffffffdd02040040000000040000000000000000000100000000008401050020010000000000000000000000000001000000002b00000000000000fc010000000000000000000000000001000000000000ff000000000000000000000000000000000000000000000000000000000100000000320000000000000000000000000000000000fffffffffffffeffc0cf0000000000000000000000000700000000000000000000000000000000000001000000003c0000000277218b3bc01d49"], 0x23c}}, 0x8000000)

2.385689033s ago: executing program 5 (id=3071):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xfc}}, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00)

2.243507881s ago: executing program 5 (id=3072):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000240)="6848b2796acd812dce3d01d190a3cab1e8ce", 0x12}], 0x2}, 0x0)

2.178481766s ago: executing program 4 (id=3074):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r3=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000740)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000006c0)=@newqdisc={0x48, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r3, {0x0, 0xfff1}, {0xffff, 0xffff}, {0x0, 0x10}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}, 0x1, 0x0, 0x0, 0x4000000}, 0x20040084)
r4 = socket$inet6(0xa, 0x2, 0x0)
r5 = socket$unix(0x1, 0x1, 0x0)
ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r6=>0x0})
r7 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r7)
r8 = socket(0x400000000010, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000380)={'syzkaller0\x00', <r9=>0x0})
sendmsg$nl_route_sched(r8, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000022c0)=@newtfilter={0x94, 0x2c, 0xd27, 0x70bd2b, 0x2, {0x0, 0x0, 0x0, r9, {0x0, 0x10}, {}, {0x8, 0x4}}, [@filter_kind_options=@f_flow={{0x9}, {0x64, 0x2, [@TCA_FLOW_MODE={0x8, 0x2, 0x1}, @TCA_FLOW_KEYS={0x8, 0x1, 0x1e3a9}, @TCA_FLOW_ACT={0x50, 0x9, 0x0, 0x1, [@m_csum={0x4c, 0x1, 0x0, 0x0, {{0x9}, {0x20, 0x2, 0x0, 0x1, [@TCA_CSUM_PARMS={0x1c, 0x1, {{0x3d1, 0x3, 0x0, 0x6, 0x6}, 0x67}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x1, 0x1}}}}]}]}}]}, 0x94}}, 0x2)
ioctl$SIOCSIFHWADDR(r7, 0x8914, &(0x7f00000000c0)={'syzkaller0\x00', @link_local={0x1, 0x80, 0xc2, 0x0, 0x0, 0x2}})
sendmmsg$inet(r4, &(0x7f00000017c0)=[{{&(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10, 0x0, 0x0, &(0x7f00000006c0)=[@ip_pktinfo={{0x1c, 0x0, 0x8, {r6, @dev={0xac, 0x14, 0x14, 0x41}, @empty}}}], 0x20}}], 0x1, 0x0)

2.078985878s ago: executing program 5 (id=3075):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x1c1342, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$nl_generic(0x10, 0x3, 0x10)
syz_genetlink_get_family_id$tipc(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})

2.021013512s ago: executing program 2 (id=3076):
r0 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r1=>0x0})
r2 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r2, &(0x7f0000000240)="800000800000210ee7decd7a0000", 0xe, 0x40, &(0x7f0000000140)={0x11, 0x8100, r1, 0x1, 0xd8, 0x6, @remote}, 0x14)

1.780953178s ago: executing program 4 (id=3077):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', <r1=>0x0})
r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000000), 0xffffffffffffffff)
sendmsg$NL80211_CMD_SET_CQM(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000580)={0x30, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_CQM={0x14, 0x5e, 0x0, 0x1, [@NL80211_ATTR_CQM_RSSI_HYST={0x8, 0x2, 0x1000000}, @NL80211_ATTR_CQM_RSSI_THOLD={0x8, 0x1, [0xefffffff]}]}]}, 0x30}}, 0x0)

1.778615475s ago: executing program 3 (id=3078):
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b000000000000"], 0x50)
r1 = socket$packet(0x11, 0x3, 0x300)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0x5, &(0x7f0000000200)=@raw=[@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r0}}, @exit], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000040)=r2, 0x4)
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=ANY=[], 0x44}, 0x1, 0x0, 0x0, 0x24008000}, 0x0)

1.631356673s ago: executing program 2 (id=3079):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
close(0x3)
r1 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
connect$netrom(r1, &(0x7f0000000300)={{0x6, @rose, 0x8}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @default, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default]}, 0x48)
r2 = syz_init_net_socket$netrom(0x6, 0x5, 0x0)
bind$netrom(r2, &(0x7f00000004c0)={{0x6, @rose, 0x1}, [@netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x1}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null]}, 0x48)
listen(r2, 0x80)
accept$netrom(r2, 0x0, 0x0)
openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='memory.events\x00', 0x275a, 0x0)
write$cgroup_int(0xffffffffffffffff, &(0x7f0000000200), 0x806000)
ioctl$FS_IOC_RESVSP(0xffffffffffffffff, 0x40305829, &(0x7f0000000380)={0x0, 0x0, 0x4000, 0x9ffffc})
read(r1, &(0x7f00000003c0)=""/123, 0x7b)
sendmsg(r1, &(0x7f0000000c00)={0x0, 0x0, 0x0}, 0x40)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4850}, 0x0)

1.564575635s ago: executing program 1 (id=3080):
r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b00"/12], 0x48)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, r0}, 0x50)
r2 = bpf$PROG_LOAD(0x5, &(0x7f00000005c0)={0x16, 0x18, &(0x7f0000000800)=ANY=[@ANYBLOB="1800000000000000000000000180000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000006d000000bf91000000000000b7020000000000008500000085000000b70000000000000095"], &(0x7f00000007c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r2, 0xfca804a0, 0x10, 0x38, &(0x7f00000002c0)="b80a000500000000", &(0x7f0000000300)=""/8, 0x2f00, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c)

1.538950543s ago: executing program 3 (id=3081):
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000e00), 0xffffffffffffffff)
sendmsg$NL80211_CMD_GET_SCAN(r0, &(0x7f0000000f00)={0x0, 0x0, &(0x7f0000000ec0)={&(0x7f0000000380)={0x1c, r1, 0xf21, 0x0, 0x0, {{}, {@val={0x8}, @void}}}, 0x1c}, 0x1, 0x0, 0x0, 0x20000015}, 0x44000)

1.411497846s ago: executing program 2 (id=3082):
socket$nl_netfilter(0x10, 0x3, 0xc)
close(0x3)
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a28000000000a030000000000000000000a00000708000240000000020900010073797a31000000002c000000030a010100000000000000000a0000070900010073797a31000000000900030073797a320000000014000000110001"], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x0)
sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000880)=ANY=[@ANYBLOB="140000001000010000000000000000000500000a50000000090a010400000000000000000a0000040900010073797a310000000008000540000000020900020073797a310000000008000a40fffffffc0c00098008000140000000010800084000000001140000001100010000"], 0x78}, 0x1, 0x0, 0x0, 0x4000850}, 0x40)
r1 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_MSG_GETSETELEM(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=ANY=[@ANYBLOB="2c0000000d0a010300000000000000000a0000010900020073797a31000000000900010073797a31"], 0x2c}, 0x1, 0x0, 0x0, 0x24000801}, 0x8000)

1.411332445s ago: executing program 1 (id=3083):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000003c0)=ANY=[@ANYBLOB="3c0200001900010000000000000000000a0101000000000000000000000000000a01010100000000000000000000000000000003000000000a00002008000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="fcffffffffffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001e0000000000000001000000000000000000000000000000fdffffffffffffffdd02040040000000040000000000000000000100000000008401050020010000000000000000000000000001000000002b00000000000000fc010000000000000000000000000001000000000000ff000000000000000000000000000000000000000000000000000000000100000000320000000000000000000000000000000000fffffffffffffeffc0cf0000000000000000000000000700000000000000000000000000000000000001000000003c0000000277218b3bc01d49"], 0x23c}}, 0x8000000)

1.32199125s ago: executing program 1 (id=3084):
r0 = socket$nl_xfrm(0x10, 0x3, 0x6)
sendmsg$nl_xfrm(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000480)=ANY=[@ANYBLOB="fc0000001900674c0000000000000000e0000001000000000000000000000000e000000200000000000000000000000000000000000000000a00000000000000", @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB], 0xfc}}, 0x0)
r1 = socket$inet6(0xa, 0x80002, 0x0)
connect$inet6(r1, &(0x7f0000002140)={0xa, 0x4e25, 0x1, @mcast2, 0x7}, 0x1c)
sendmmsg$inet6(r1, &(0x7f0000003cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x4001c00)

1.317638499s ago: executing program 2 (id=3085):
r0 = socket$packet(0x11, 0x2, 0x300)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000140)={'syz_tun\x00', <r1=>0x0})
r2 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f00000006c0)=ANY=[@ANYBLOB], &(0x7f00000005c0)='GPL\x00', 0x3}, 0x94)
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r2, r1, 0x25, 0x0, @void}, 0x10)
syz_emit_ethernet(0x4e, &(0x7f0000002e40)={@local, @dev, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "7428dd", 0x18, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_na={0x89, 0x0, 0x0, 0x0, '\x00', @initdev={0xfe, 0x88, '\x00', 0x0, 0x0}}}}}}}, 0x0)

1.19306087s ago: executing program 1 (id=3086):
r0 = openat$ppp(0xffffffffffffff9c, &(0x7f0000001740), 0x101042, 0x0)
r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000140)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffff56}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10)
ioctl$PPPIOCNEWUNIT(r0, 0xc004743e, &(0x7f00000001c0)=0x3)
ioctl$PPPIOCGIDLE(r0, 0x4004743c, 0x0)

1.191478657s ago: executing program 2 (id=3087):
syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', 0xffffffffffffffff, 0x0, 0x4}, 0x18)
r0 = socket$kcm(0x10, 0x400000002, 0x0)
sendmsg$inet(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000200)=[{&(0x7f00000000c0)="1b0000001a007f029e", 0x9}, {&(0x7f0000000240)="6848b2796acd812dce3d01d190a3cab1e8ce", 0x12}], 0x2}, 0x0)

1.08865365s ago: executing program 1 (id=3088):
socket$nl_netfilter(0x10, 0x3, 0xc)
socket(0x2b, 0x800, 0x100)
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udplite(0xa, 0x2, 0x88)
r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000b00)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x50)
r2 = socket$packet(0x11, 0x3, 0x300)
r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xa, &(0x7f0000000200)=@raw=[@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r1}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0xfffff362}, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x4, 0x0, 0x0, 0x6d69eb6142f1923b}}, @exit], &(0x7f0000000380)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000280)='cgroup.controllers\x00', 0x275a, 0x0)
write$cgroup_int(r4, &(0x7f0000000000), 0x12)
setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f0000000040)=r3, 0x4)
bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000380)=@newlink={0x20, 0x10, 0x401, 0x0, 0x101, {0x0, 0x0, 0x0, 0x0, 0x56952}}, 0x20}}, 0x40000)

119.043912ms ago: executing program 4 (id=3089):
r0 = socket$netlink(0x10, 0x3, 0x10)
bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4)
bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x38, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0)
sendmsg$IPSET_CMD_CREATE(0xffffffffffffffff, 0x0, 0x0)
r1 = socket$kcm(0x2, 0xa, 0x2)
ioctl$sock_SIOCETHTOOL(r1, 0x8946, &(0x7f0000000080)={'netdevsim0\x00', &(0x7f0000000040)=@ethtool_sfeatures={0x3b, 0x2, [{}, {0xfffffffe}]}})
bind$netlink(r0, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket$netlink(0x10, 0x3, 0x10)
r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0xb, &(0x7f0000000080)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000730000007b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000040)='contention_begin\x00', r2}, 0x18)
r3 = socket$kcm(0x10, 0x2, 0x0)
sendmsg$inet(r3, &(0x7f0000000140)={0x0, 0x2, &(0x7f0000000100)=[{&(0x7f0000000180)="5c00000013006bcd9e3fe3dc4e48aa31086b8703410000004000000000000000040014000d000a00100000009ee517d34460bc08eab556a705251e6182949a3651f60a84c9f5d1938837e786a6d0bdd7fcf50e4509c5bb5a00f69853", 0x5c}], 0x1, 0x0, 0x0, 0x1f000801}, 0x0)

72.564612ms ago: executing program 3 (id=3090):
socket(0xa, 0x3, 0x3a)
socket$netlink(0x10, 0x3, 0x0)
bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000700)=ANY=[@ANYBLOB="9feb01001800000000000000180000001800000004000000020000000000000c02000000000000000000000d0000000000005f"], 0x0, 0x34}, 0x20)
socket$inet6(0xa, 0x3, 0x8)
pipe(&(0x7f00000000c0))
socket(0xa, 0x3, 0x3a)
socket$nl_generic(0x10, 0x3, 0x10)
socket$packet(0x11, 0x2, 0x300)
socket$nl_route(0x10, 0x3, 0x0)
socketpair(0x1, 0x20000000000001, 0x0, &(0x7f0000000100))
r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x19, 0x4, 0x4, 0x2, 0x0, 0x1, 0xfffffffc}, 0x50)
r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0x14, &(0x7f00000001c0)=ANY=[@ANYBLOB="18000000000100000000000000000000180100002020782500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000007000000850000000600000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000fcffffff7b8af8ff00000000bca2000000000000a6020000f8ffffffb703000018000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x38, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r2 = socket$inet_tcp(0x2, 0x1, 0x0)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000480)={{r0}, &(0x7f0000000280), &(0x7f0000000340)=r1}, 0x20)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'syz_tun\x00', <r3=>0x0})
bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000002c0)={r1, r3, 0x25, 0x2, @void}, 0x10)
syz_emit_ethernet(0x16, &(0x7f0000000380)={@local, @remote, @void, {@llc={0x4, {@snap={0x0, 0x1, "c8", "118190", 0x60}}}}}, 0x0)

71.776151ms ago: executing program 2 (id=3091):
r0 = socket$phonet_pipe(0x23, 0x5, 0x2)
listen(r0, 0x6)
r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000007c0)={&(0x7f0000000040)='contention_end\x00', r2, 0x0, 0x2}, 0x18)
r3 = socket$packet(0x11, 0x2, 0x300)
getsockopt$packet_int(r3, 0x107, 0x8, 0x0, &(0x7f0000000080)=0xfb98296d35fb5f3f)
ppoll(&(0x7f0000000500)=[{r1}], 0x1, 0x0, 0x0, 0x0)
bpf$MAP_CREATE_RINGBUF(0x0, 0x0, 0x48)
r4 = socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_80211(r4, 0x8933, 0x0)
syz_genetlink_get_family_id$nl80211(&(0x7f00000007c0), r4)
bpf$MAP_CREATE_CONST_STR(0x0, 0x0, 0x0)
bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x2, 0x4, 0x1, 0x9}, 0x50)
bpf$MAP_CREATE(0x0, 0x0, 0x48)
r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000080)={0x3, 0x7, &(0x7f00000006c0)=ANY=[], &(0x7f0000000a00)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f00000002c0)={0xffffffffffffffff, 0xe0, &(0x7f00000004c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, &(0x7f0000000180), &(0x7f0000000200), 0x8, 0x0, 0x8, 0x0, 0x0}}, 0x10)
bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000640)={r5, 0xe0, &(0x7f0000000540)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10)
r6 = bpf$BPF_LINK_CREATE(0x1c, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff, 0x2f, 0x0, @void}, 0x10)
bpf$LINK_DETACH(0x22, &(0x7f0000000080)=r6, 0x4)
bpf$LINK_DETACH(0x22, &(0x7f0000000140)=r6, 0x4)

39.116939ms ago: executing program 1 (id=3092):
r0 = socket(0x2c, 0x3, 0x0)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="02000000040000000410000009"], 0x48)
r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="0d00000006000000040000000100000001000000", @ANYRES32=r1], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000440)={{r2}, &(0x7f0000000840), &(0x7f0000000340)=r1}, 0x20)
pipe(&(0x7f0000000280)={0xffffffffffffffff, <r3=>0xffffffffffffffff})
writev(r3, &(0x7f0000002180)=[{&(0x7f0000000b80)="2eec711f70abb5a31ead08c7571d8dbe3513461cdae3e277bb4a0c321145a64f7d3038a9", 0x24}], 0x1)
write$cgroup_devices(r3, 0x0, 0xffdd)
write$cgroup_subtree(r3, &(0x7f0000000100)=ANY=[], 0x32600)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000cc0)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc0200000000000000ae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af6bda9df2c3af36effff9af2551ce896165127cb3f011a7d06602e2fc40848228567ffb400000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7500d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df2624f56da648d28ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71400fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada10eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d32940000088dde499000000fdffffff00000000000f000000ef0000000000000000000000000c52f4ebd2c893bb97a068bd10734a83584898eccb26f7b789cfc4cd995fa3e11a5c74c85404e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18aba6b16455a66c3b84b138efc20a546d3d5227e23b03f2a834391ade2ff3e93ee296c4082ee73e7c353312c9d75711ce1623e9c54bdff59d2a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1ce6d0b2fea02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc0847a1ff2f7fc3c2b99a96fc4275ad107274e2934a87a4ddcdb112754ca5bdec0ead14b6c0f19a43a2f05c7f0be31491eb8c9ff68236c8600040000000000000000000066e034c81c3cab64e4fc8dc55ce0ada18dcbf31c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f224baf1221c15fa12313ffbfa7c2730309f66705b71e6205e7cbf3643561eabb9a63fcd604d5cc27e1317ad94cf438d71873e540be16b6ca205081173bd03c4754fc4674812daab482fd390a1c903b5d28a1eb247b5837d7603b92495d5c569f6433c3fca5206cb0000003fdbbd3892c52c2e7612e05de32322e980a3d69931e2c9312dd517c96f2ee90362476ed853c4c9b7d4ebf13cbaa795860e92a3d7d004f2c491db38eb769f094d5d48b262cc35c40682138cf13a49aa9f27abec00002f01ba1251aaf2385416ca719300"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10)
bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000600)=@bpf_ext={0x1c, 0x13, &(0x7f00000006c0)=ANY=[@ANYBLOB="18000000080000000000001400000100c01811081906cc747fea22309d042000000000000000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf090000000000005509010000000000950000000000000015350c00100000009310f4ff0400000018400000060000000000000000000000bf91000000000000b7020000010000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000380)='GPL\x00', 0x3c0, 0x10, &(0x7f00000003c0)=""/16, 0x41100, 0x2, '\x00', 0x0, 0x0, r3, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x18c5f, r4, 0x2, &(0x7f0000000400)=[0x1], &(0x7f0000000500)=[{0x3, 0x3, 0x7, 0x3}, {0x4, 0x2, 0x5, 0xb}], 0x10, 0x8}, 0x94)
r5 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000001c40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000500000095000000000000009500a5050000000077d8f3b423cdac8d80000000000000002be16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f7535f7866907dc6751dfb265a0e3ccae669e17fd6587d452d6453559c3421eed73d56615fe6c54c3b3ffe1b4ce25d7c983c044c03bf3a48dfe47ec9dd6c091c30b93bfae76d9ebacd3ed3e26e7a23129d6606fd28a69989d552af9cc9e5ef6bda9df2c3af36effff9af2551ce935b0f327cb3f011a2fd52347125907000000000000003ed38ae89d24e1cebfba2f87925bfacba83109751fe6c05405d027edd68149ee99eef6a6992308a4fc0b7c70bc677d6dd4aed4af7511d7900a820b6347184e9a217b5614cd50cbe43a1ed2526814bc0000e9e086ce48e90defb6670c3df262ad0a97aec7291c25447c106a99893e10db21901eb397b2f5fd71d20fa7a050fbbef9e326ea27e513e96068fd1e8a43e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e49ee52b59d13182e1f24ed200ada12f7a1525320e716660000000000b02b001500a710eb1affb87ba55b2d72078e9f40b4ae7d01000000d11cd22c35d3294000000000000000000000000000000000000000000000000000000000000000000000000c52f4ebd2c893bb97a068bd10738d3c9f7a98eccb26f7e2df3ad37b729ac83b0dcb4f48f3c3356b9997fc455a17690b6f7f9ccbe4b1701941b18a904c0e585a66c3b84b138efc20a546d3d5227e23b03f2a834391ad24fe977076ce7d9b20cf92cb151763d41f5c76e2ff3e93ee296c4082ee73e7e197253a2b66c353312c9d75711ce1623e9c54bdff59d1a69dcb7d84c235b23a4480c2461b405cfd1a38992f295ad3adc94cd07c850d1c77a211bfa02c24e9280333152fb794e4ddea02017a6c139b50101caecaf2abc084075ad10727522934a87a4ddcdb112754ca5bdec0ead14b6c0f19a4b126bbe0c2b8c9ff68236c8600000000000000000000000066e034c81c3cab4e33fc8dc55ce0ada18dcb1a47a87baf63e4edf11c6e82893add3bee3e10fc873d1d922b0877cbcd95b839d3059d5140a1f742f6e75741e39e5cb6a193e06a1043375b0f61b5d4e17c81baa31b924d84f2243471221c158ae8f44bfbfa7c2730302b66a99f66705b71e6205e7cbf36435e1eabb9a63fcd604d5cc27e1317ad94cf438d7187a2fe4e06fa6cbf84ef1efa82cb2c4af6bd1370616cdbe2b98fd89b79824ba089df1f81e6fcef073059f5f1d6a221d791839d7826ed1759c2153532c393fd1bd7be2e7f5abf2f0800000000ea46c07adee10d0f2bc85cf37182256e4fd8f56942726efc07180eaa5421d697665c8bacd39cdb392e6153af80bc1a69e3bfab032e78c9a96eab13be845a0d44ef2a4ab414ac2e4802a3b5d3aa2a4a4fc259206d97d0cc1602d6b45ff414c53fc9f5f68438f0423e168a97923ca0464b40b2f797841fb2bb2e5ad9feff37220ab7c34f4c382c247e7735adb55c209f7c0f8880733dbd3f5a095cc6a2"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6}, 0x70)
r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10)
bpf$BPF_GET_MAP_INFO(0xf, &(0x7f0000000140)={r6, 0x44}, 0x10)
setsockopt$sock_int(r0, 0x1, 0x2e, &(0x7f0000000280)=0x497, 0x4)
r7 = epoll_create1(0x0)
epoll_ctl$EPOLL_CTL_ADD(r7, 0x1, r0, &(0x7f0000000100))
epoll_ctl$EPOLL_CTL_MOD(r7, 0x3, r0, &(0x7f00000005c0)={0x2000a210})
r8 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180d00000000000000ff8ae05a0000bada00000000000000"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r8}, 0x10)
r9 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000080), 0xffffffffffffffff)
r10 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
ioctl$sock_SIOCGIFINDEX_802154(r10, 0x8933, &(0x7f0000000340)={'wpan0\x00', <r11=>0x0})
sendmsg$NL802154_CMD_DEL_SEC_LEVEL(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000540)={0x40, r9, 0x1, 0x70bd25, 0x25dfdbfd, {}, [@NL802154_ATTR_SEC_LEVEL={0x24, 0x2d, 0x0, 0x1, [@NL802154_SECLEVEL_ATTR_FRAME={0x8, 0x2, 0x3}, @NL802154_SECLEVEL_ATTR_DEV_OVERRIDE={0x5}, @NL802154_SECLEVEL_ATTR_CMD_FRAME={0x8, 0x3, 0x2}, @NL802154_SECLEVEL_ATTR_LEVELS={0x5, 0x1, 0x7}]}, @NL802154_ATTR_IFINDEX={0x8, 0x3, r11}]}, 0x40}, 0x1, 0x0, 0x0, 0x20000000}, 0x40080)
socketpair$unix(0x2d, 0x2, 0x0, &(0x7f0000000200))

0s ago: executing program 5 (id=3093):
r0 = socket$nl_netfilter(0x10, 0x3, 0xc)
sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)={{0x14, 0x10, 0x1, 0x0, 0x0, {0x1}}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWCHAIN={0x2c, 0x3, 0xa, 0x101, 0x0, 0x0, {0x1}, [@NFTA_CHAIN_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_CHAIN_NAME={0x9, 0x3, 'syz2\x00'}]}, @NFT_MSG_NEWRULE={0x2c, 0x6, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_RULE_CHAIN_ID={0x8}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x4}]}], {0x14}}, 0xa0}, 0x1, 0x0, 0x0, 0x40000c0}, 0x0)

kernel console output (not intermixed with test programs):

igh-speed USB device number 23 using dummy_hcd
[  663.928111][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  664.011040][   T24] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  664.165883][   T24] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  664.244021][   T24] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  664.344372][   T24] usb 5-1: Manufacturer: syz
[  664.436158][   T24] usb 5-1: config 0 descriptor??
[  665.167792][   T24] uclogic 0003:256C:006D.0012: failed retrieving Huion firmware version: -71
[  665.203107][   T24] uclogic 0003:256C:006D.0012: failed probing parameters: -71
[  665.231317][   T24] uclogic 0003:256C:006D.0012: probe with driver uclogic failed with error -71
[  665.292803][   T24] usb 5-1: USB disconnect, device number 23
[  668.328619][T12020] netlink: 'syz.6.1511': attribute type 4 has an invalid length.
[  668.650623][T12024] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  669.273245][T12029] netlink: 75 bytes leftover after parsing attributes in process `syz.4.1516'.
[  669.879355][   T30] audit: type=1400 audit(1768407525.840:505): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12032 comm="syz.4.1517"
[  670.299453][T12040] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  670.966962][T12050] netlink: 44 bytes leftover after parsing attributes in process `syz.5.1521'.
[  670.986851][T12050] bridge0: port 2(bridge_slave_1) entered disabled state
[  670.994141][T12050] bridge0: port 1(bridge_slave_0) entered disabled state
[  671.839768][T12060] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  676.659660][   T10] usb 5-1: new high-speed USB device number 24 using dummy_hcd
[  676.899620][   T10] usb 5-1: Using ep0 maxpacket: 32
[  676.938776][   T10] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  676.961940][   T10] usb 5-1: config 0 has no interface number 0
[  677.854852][   T10] usb 5-1: config 0 interface 184 has no altsetting 0
[  677.869537][   T10] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  677.999473][   T10] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  678.012214][   T10] usb 5-1: Product: syz
[  678.019684][   T10] usb 5-1: Manufacturer: syz
[  678.031904][   T10] usb 5-1: SerialNumber: syz
[  678.040923][T12093] overlayfs: failed to clone lowerpath
[  678.050913][T12093] overlay: Unknown parameter '/owerdir'
[  678.070021][   T10] usb 5-1: config 0 descriptor??
[  678.077819][   T10] smsc75xx v1.0.0
[  678.715158][   T10] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  678.765217][   T10] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  678.993092][T12107] overlayfs: failed to clone lowerpath
[  679.424714][   T10] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61
[  679.452664][   T10] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61
[  679.519795][   T10] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  679.574932][   T10] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -61
[  680.835488][   T10] usb 5-1: USB disconnect, device number 24
[  681.157546][   T30] audit: type=1400 audit(1768407537.120:506): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12126 comm="syz.5.1542"
[  683.412793][   T30] audit: type=1400 audit(1768407539.330:507): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12138 comm="syz.3.1545"
[  684.505791][T12159] overlayfs: failed to clone lowerpath
[  684.513087][T12159] overlayfs: failed to clone lowerpath
[  685.741609][T12166] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  687.679661][   T24] usb 6-1: new high-speed USB device number 39 using dummy_hcd
[  688.020820][   T24] usb 6-1: Using ep0 maxpacket: 32
[  688.055248][   T24] usb 6-1: config 0 has an invalid interface number: 184 but max is 0
[  688.098429][   T24] usb 6-1: config 0 has no interface number 0
[  688.259965][   T24] usb 6-1: config 0 interface 184 has no altsetting 0
[  688.282995][   T24] usb 6-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  688.291309][T12192] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  688.331724][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  688.362399][   T24] usb 6-1: Product: syz
[  688.366552][   T24] usb 6-1: Manufacturer: syz
[  688.380859][   T24] usb 6-1: SerialNumber: syz
[  688.402045][   T24] usb 6-1: config 0 descriptor??
[  688.626966][T12201] netlink: 12 bytes leftover after parsing attributes in process `syz.6.1560'.
[  689.370822][   T24] smsc75xx v1.0.0
[  690.087083][T12209] netlink: 'syz.6.1562': attribute type 4 has an invalid length.
[  690.123000][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  690.160740][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  690.386466][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  690.399862][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  691.233683][T12214] overlayfs: failed to resolve '/=./file0': -2
[  691.848037][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to write reg index 0x00000010: -71
[  691.919674][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): Failed to write HW_CFG: -71
[  691.976594][   T24] smsc75xx 6-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -71
[  692.032462][   T24] smsc75xx 6-1:0.184: probe with driver smsc75xx failed with error -71
[  692.070304][T12226] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  692.102899][   T24] usb 6-1: USB disconnect, device number 39
[  692.492056][T12231] gre2: entered promiscuous mode
[  694.016021][T12246] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  695.012372][T12254] netlink: 'syz.2.1572': attribute type 4 has an invalid length.
[  698.064743][T12267] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  699.904548][T12284] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  701.331017][   T30] audit: type=1400 audit(1768407557.300:508): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12297 comm="syz.4.1584"
[  701.522716][T12304] netlink: 'syz.3.1585': attribute type 4 has an invalid length.
[  701.602384][   T30] audit: type=1400 audit(1768407557.500:509): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12300 comm="syz.3.1585"
[  703.122068][T12311] overlayfs: failed to clone lowerpath
[  703.311437][T12315] overlayfs: failed to clone lowerpath
[  707.342284][T12339] fuse: Bad value for 'fd'
[  707.358761][T12338] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1593'.
[  707.660074][   T10] usb 6-1: new high-speed USB device number 40 using dummy_hcd
[  707.872437][   T10] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  707.884204][   T10] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  707.917342][   T10] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  707.950845][ T5983] usb 5-1: new high-speed USB device number 25 using dummy_hcd
[  707.988828][   T10] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  708.046312][T12345] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  708.058989][   T10] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  708.109646][ T5983] usb 5-1: Using ep0 maxpacket: 32
[  708.117409][ T5983] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  708.125978][ T5983] usb 5-1: config 0 has no interface number 0
[  708.241917][ T5983] usb 5-1: config 0 interface 184 has no altsetting 0
[  708.296915][ T5983] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  708.306445][ T5983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  708.351315][ T5983] usb 5-1: Product: syz
[  708.374325][ T5983] usb 5-1: Manufacturer: syz
[  708.391510][ T5983] usb 5-1: SerialNumber: syz
[  708.425046][ T5983] usb 5-1: config 0 descriptor??
[  708.462196][ T5983] smsc75xx v1.0.0
[  709.081781][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  709.576911][   T24] usb 6-1: USB disconnect, device number 40
[  709.960625][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  710.200542][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61
[  710.276565][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61
[  710.330436][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  710.343740][ T5983] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -61
[  711.903922][   T24] usb 5-1: USB disconnect, device number 25
[  719.202858][T12421] fuse: Bad value for 'fd'
[  719.437530][T12423] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1612'.
[  719.540735][T12425] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1612'.
[  719.594460][T12423] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1612'.
[  720.775570][T12439] netlink: 'syz.1.1616': attribute type 4 has an invalid length.
[  722.777829][T12458] loop5: detected capacity change from 0 to 256
[  722.896439][T12458] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  723.029338][T12463] netlink: 'syz.6.1622': attribute type 4 has an invalid length.
[  724.766189][   T30] audit: type=1400 audit(1768407580.730:510): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12467 comm="syz.3.1624"
[  727.538678][T12482] loop4: detected capacity change from 0 to 2048
[  727.651842][T12482] EXT4-fs (loop4): warning: checktime reached, running e2fsck is recommended
[  727.731510][T12482] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  727.853791][T12482] EXT4-fs error (device loop4): ext4_mb_generate_buddy:1306: group 0, block bitmap and bg descriptor inconsistent: 0 vs 150994969 free clusters
[  728.150284][T12500] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1629'.
[  728.204565][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  728.294087][T12503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1632'.
[  728.376133][T12505] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1632'.
[  728.681728][T12503] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1632'.
[  728.781678][T12511] fuse: Bad value for 'fd'
[  728.898471][T12504] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  728.916953][T12504] batadv_slave_0: entered promiscuous mode
[  729.069625][ T5983] usb 5-1: new high-speed USB device number 26 using dummy_hcd
[  729.239589][ T5983] usb 5-1: Using ep0 maxpacket: 32
[  729.251993][ T5983] usb 5-1: config 0 has an invalid interface number: 184 but max is 0
[  729.269572][ T5983] usb 5-1: config 0 has no interface number 0
[  729.289624][ T5983] usb 5-1: config 0 interface 184 has no altsetting 0
[  729.329895][ T5983] usb 5-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  729.344982][ T5983] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  729.365247][ T5983] usb 5-1: Product: syz
[  729.402430][ T5983] usb 5-1: Manufacturer: syz
[  729.417811][ T5983] usb 5-1: SerialNumber: syz
[  729.448980][ T5983] usb 5-1: config 0 descriptor??
[  729.469453][ T5983] smsc75xx v1.0.0
[  730.111852][T12520] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  730.166853][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  730.190524][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  730.713611][T12523] overlayfs: failed to resolve './file0': -2
[  730.932966][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000010: -61
[  730.960309][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): Failed to read HW_CFG: -61
[  730.993565][ T5983] smsc75xx 5-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -61
[  731.034749][ T5983] smsc75xx 5-1:0.184: probe with driver smsc75xx failed with error -61
[  731.163358][T12532] netlink: 'syz.2.1636': attribute type 4 has an invalid length.
[  732.209406][ T5983] usb 5-1: USB disconnect, device number 26
[  732.546039][T12539] loop4: detected capacity change from 0 to 256
[  732.673374][T12539] exFAT-fs (loop4): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  736.450386][T12565] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1646'.
[  736.546283][T12565] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1646'.
[  736.586234][T12565] netlink: 4 bytes leftover after parsing attributes in process `syz.3.1646'.
[  737.637056][T12570] fuse: Bad value for 'fd'
[  737.714763][T12555] loop4: detected capacity change from 0 to 65536
[  737.787016][T12555] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  737.859121][T12555] XFS (loop4): Ending clean mount
[  737.891577][T12582] netlink: 'syz.5.1649': attribute type 4 has an invalid length.
[  737.904250][   T30] audit: type=1400 audit(1768407593.870:511): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12571 comm="syz.5.1649"
[  737.964342][T12555] XFS (loop4): Quotacheck needed: Please wait.
[  738.051202][T12555] XFS (loop4): Quotacheck: Done.
[  738.295546][ T5838] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  742.976343][T12605] loop4: detected capacity change from 0 to 32768
[  743.039655][T12605] BTRFS: device fsid ed167579-eb65-4e76-9a50-61ac97e9b59d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1651 (12605)
[  743.262106][T12605] BTRFS info (device loop4): first mount of filesystem ed167579-eb65-4e76-9a50-61ac97e9b59d
[  743.340307][T12605] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[  744.373090][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-worker": -EINTR
[  744.388900][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-delalloc": -EINTR
[  744.424816][T12614] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1659'.
[  744.497043][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-cache": -EINTR
[  744.513703][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio": -EINTR
[  744.534616][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-meta": -EINTR
[  744.716045][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-rmw": -EINTR
[  744.764575][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-endio-write": -EINTR
[  744.793747][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-freespace-write": -EINTR
[  744.838045][T12605] workqueue: Failed to create a rescuer kthread for wq "btrfs-qgroup-rescan": -EINTR
[  745.008084][T12605] BTRFS error (device loop4): open_ctree failed: -12
[  748.507873][T12668] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1672'.
[  748.589723][ T5951] usb 6-1: new high-speed USB device number 41 using dummy_hcd
[  749.335744][ T5951] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  749.360856][ T5951] usb 6-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47
[  749.417790][ T5951] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d
[  749.441471][T12674] netlink: 'syz.2.1673': attribute type 4 has an invalid length.
[  749.511018][ T5951] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  749.554003][T12661] raw-gadget.0 gadget.5: fail, usb_ep_enable returned -22
[  749.629174][ T5951] usb 6-1: Quirk or no altset; falling back to MIDI 1.0
[  750.217948][T12679] loop3: detected capacity change from 0 to 256
[  750.271724][T12681] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1676'.
[  750.298933][T12679] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x544194fd, utbl_chksum : 0xe619d30d)
[  750.385992][ T5951] usb 6-1: USB disconnect, device number 41
[  750.441693][T12682] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1676'.
[  751.660064][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  751.666437][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  754.187985][T12698] veth0_virt_wifi: renamed from veth0_vlan
[  757.730274][T12733] loop4: detected capacity change from 0 to 65536
[  757.841201][T12733] XFS (loop4): DAX unsupported by block device. Turning off DAX.
[  757.852880][T12733] XFS (loop4): Mounting V5 Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  757.940052][T12733] XFS (loop4): Ending clean mount
[  757.974793][T12733] XFS (loop4): Metadata CRC error detected at xfs_allocbt_read_verify+0x42/0xe0, xfs_cntbt block 0x6 
[  757.988327][T12733] XFS (loop4): Unmount and run xfs_repair
[  757.994121][T12733] XFS (loop4): First 128 bytes of corrupted metadata buffer:
[  758.001551][T12733] 00000000: 41 42 33 43 00 00 00 02 ff ff ff ff ff ff ff ff  AB3C............
[  758.011007][T12733] 00000010: 00 00 00 00 00 00 00 06 00 00 00 01 00 00 00 10  ................
[  758.019912][T12733] 00000020: 9b 73 48 e5 2f a0 41 a5 95 26 c5 3a 67 8b 01 f3  .sH./.A..&.:g...
[  758.028740][T12733] 00000030: 00 00 00 00 b2 4a d0 a1 00 00 00 0d 00 00 00 03  .....J..........
[  758.037584][T12733] 00000040: 00 00 00 39 00 00 3f c7 00 00 00 00 00 00 00 00  ...9..?.........
[  758.046434][T12733] 00000050: 00 00 00 00 00 00 00 00 00 00 00 3f 00 00 00 00  ...........?....
[  758.055291][T12733] 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  758.064195][T12733] 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................
[  758.073055][T12733] XFS (loop4): metadata I/O error in "xfs_btree_read_buf_block+0x290/0x470" at daddr 0x6 len 2 error 74
[  758.104394][T12733] XFS (loop4): Metadata I/O Error (0x1) detected at xfs_trans_read_buf_map+0x517/0x8a0 (fs/xfs/xfs_trans_buf.c:311).  Shutting down filesystem.
[  758.119066][T12733] XFS (loop4): Please unmount the filesystem and rectify the problem(s)
[  758.240082][T12749] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1688'.
[  759.490438][ T5838] XFS (loop4): Unmounting Filesystem 9b7348e5-2fa0-41a5-9526-c53a678b01f3
[  761.552746][T12787] RDS: rds_bind could not find a transport for ::ffff:100.1.1.0, load rds_tcp or rds_rdma?
[  761.606853][ T5488] veth0_virt_wifi: left promiscuous mode
[  761.750300][ T5488] veth0_virt_wifi: entered promiscuous mode
[  765.324272][T12819] netlink: 'syz.5.1704': attribute type 4 has an invalid length.
[  765.368399][   T30] audit: type=1400 audit(1768407621.300:512): apparmor="DENIED" operation="change_onexec" class="file" info="label not found" error=-2 profile="unconfined" name=265B5EB82B2525 pid=12811 comm="syz.5.1704"
[  767.343731][T12838] netlink: 'syz.2.1707': attribute type 4 has an invalid length.
[  768.643117][T12851] fuse: Bad value for 'fd'
[  769.389644][   T24] usb 4-1: new high-speed USB device number 26 using dummy_hcd
[  769.559608][   T24] usb 4-1: Using ep0 maxpacket: 16
[  769.567540][   T24] usb 4-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xF3, changing to 0x83
[  769.609475][   T24] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x83 has an invalid bInterval 0, changing to 7
[  769.816447][T12864] netlink: 12 bytes leftover after parsing attributes in process `syz.5.1711'.
[  770.447393][   T24] usb 4-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  770.456956][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  770.509120][   T24] usb 4-1: Product: syz
[  770.559672][   T24] usb 4-1: Manufacturer: syz
[  770.586795][   T24] usb 4-1: SerialNumber: syz
[  770.611865][   T24] usb 4-1: config 0 descriptor??
[  770.784036][   T24] em28xx 4-1:0.0: New device syz syz @ 480 Mbps (2040:0264, interface 0, class 0)
[  770.799578][   T24] em28xx 4-1:0.0: Audio interface 0 found (Vendor Class)
[  772.062917][   T24] em28xx 4-1:0.0: unknown em28xx chip ID (0)
[  772.069582][   T24] em28xx 4-1:0.0: Config register raw data: 0xfffffffb
[  772.493902][   T24] em28xx 4-1:0.0: AC97 chip type couldn't be determined
[  772.502402][   T24] em28xx 4-1:0.0: No AC97 audio processor
[  773.532268][   T10] usb 4-1: USB disconnect, device number 26
[  773.782316][   T10] em28xx 4-1:0.0: Disconnecting em28xx
[  773.844102][   T10] em28xx 4-1:0.0: Freeing device
[  779.901136][T12956] fuse: Bad value for 'fd'
[  783.408419][T12984] netlink: 20 bytes leftover after parsing attributes in process `syz.4.1736'.
[  783.440138][T12986] netlink: 1752 bytes leftover after parsing attributes in process `syz.5.1737'.
[  783.470838][T12984] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1736'.
[  789.560611][T13056] netlink: 1752 bytes leftover after parsing attributes in process `syz.6.1752'.
[  792.789472][T13109] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  797.400547][   T10] usb 4-1: new high-speed USB device number 27 using dummy_hcd
[  797.560003][   T10] usb 4-1: Using ep0 maxpacket: 32
[  797.578845][   T10] usb 4-1: config 0 has an invalid interface number: 184 but max is 0
[  797.609547][   T10] usb 4-1: config 0 has no interface number 0
[  797.649752][   T10] usb 4-1: config 0 interface 184 has no altsetting 0
[  797.699997][   T10] usb 4-1: New USB device found, idVendor=0424, idProduct=7500, bcdDevice=69.ee
[  797.719610][   T10] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  797.733887][   T10] usb 4-1: Product: syz
[  797.738035][   T10] usb 4-1: Manufacturer: syz
[  797.749691][   T10] usb 4-1: SerialNumber: syz
[  797.773758][   T10] usb 4-1: config 0 descriptor??
[  797.815424][   T10] smsc75xx v1.0.0
[  798.415850][   T10] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000040: -32
[  798.447924][   T10] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Error reading E2P_CMD
[  799.361711][   T10] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read reg index 0x00000014: -32
[  799.426297][   T10] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): Failed to read PMT_CTL: -32
[  799.525643][   T10] smsc75xx 4-1:0.184 (unnamed net_device) (uninitialized): smsc75xx_reset error -32
[  799.663921][   T10] smsc75xx 4-1:0.184: probe with driver smsc75xx failed with error -32
[  800.520939][   T10] usb 4-1: USB disconnect, device number 27
[  805.179787][T13239] fuse: Bad value for 'fd'
[  811.886295][T13311] ip6_vti0 speed is unknown, defaulting to 1000
[  812.300493][T13311] lo speed is unknown, defaulting to 1000
[  813.053752][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  813.061042][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  820.944346][T13399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1828'.
[  821.058609][T13399] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1828'.
[  824.804180][T13435] fuse: Bad value for 'fd'
[  829.032122][T13458] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1841'.
[  829.261971][T13458] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1841'.
[  829.303634][T13459] ip6_vti0 speed is unknown, defaulting to 1000
[  830.639674][T13491] netlink: 24 bytes leftover after parsing attributes in process `syz.5.1846'.
[  831.619276][T13459] lo speed is unknown, defaulting to 1000
[  833.874997][T13513] ip6_vti0 speed is unknown, defaulting to 1000
[  836.089757][T13513] lo speed is unknown, defaulting to 1000
[  836.433939][T13535] fuse: Bad value for 'fd'
[  839.434508][T13550] overlayfs: "xino" feature enabled using 3 upper inode bits.
[  841.837185][T13587] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1866'.
[  843.270383][T13593] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  843.302629][   T24] lo speed is unknown, defaulting to 1000
[  843.308496][   T24] syz0: Port: 1 Link ACTIVE
[  846.008939][T13620] bridge0: port 2(bridge_slave_1) entered blocking state
[  846.016196][T13620] bridge0: port 2(bridge_slave_1) entered forwarding state
[  846.023730][T13620] bridge0: port 1(bridge_slave_0) entered blocking state
[  846.030859][T13620] bridge0: port 1(bridge_slave_0) entered forwarding state
[  846.404284][T13620] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  849.421910][T13639] fuse: Bad value for 'fd'
[  854.309561][T13675] fuse: Bad value for 'fd'
[  855.645229][T13684] fuse: Bad value for 'fd'
[  858.335018][T13706] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  858.548450][T13708] fuse: Bad value for 'fd'
[  860.627577][T13724] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1898'.
[  860.743793][T13724] netlink: 4 bytes leftover after parsing attributes in process `syz.6.1898'.
[  862.995860][T13747] ip6_vti0 speed is unknown, defaulting to 1000
[  863.785257][T13747] lo speed is unknown, defaulting to 1000
[  867.186001][T13779] ip6_vti0 speed is unknown, defaulting to 1000
[  868.920452][T13779] lo speed is unknown, defaulting to 1000
[  870.016084][T13795] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1912'.
[  870.114134][T13796] netlink: 8 bytes leftover after parsing attributes in process `syz.4.1912'.
[  870.242539][T13796] netlink: 4 bytes leftover after parsing attributes in process `syz.4.1912'.
[  871.129596][T13816] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  871.607977][T13814] ip6_vti0 speed is unknown, defaulting to 1000
[  874.012805][T13814] lo speed is unknown, defaulting to 1000
[  874.014224][T13839] ip6_vti0 speed is unknown, defaulting to 1000
[  874.500566][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  874.508245][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  875.343704][T13839] lo speed is unknown, defaulting to 1000
[  877.658615][T13862] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  879.569912][ T5983] usb 6-1: new high-speed USB device number 42 using dummy_hcd
[  879.751887][ T5983] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  879.767371][ T5983] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  880.038584][ T5983] usb 6-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  880.095841][ T5983] usb 6-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  880.112679][ T5983] usb 6-1: Manufacturer: syz
[  880.201648][ T5983] usb 6-1: config 0 descriptor??
[  881.310544][ T5983] uclogic 0003:256C:006D.0013: failed retrieving string descriptor #100: -71
[  881.399558][ T5983] uclogic 0003:256C:006D.0013: failed retrieving pen parameters: -71
[  881.484401][ T5983] uclogic 0003:256C:006D.0013: failed probing pen v1 parameters: -71
[  881.519561][ T5983] uclogic 0003:256C:006D.0013: failed probing parameters: -71
[  881.527100][ T5983] uclogic 0003:256C:006D.0013: probe with driver uclogic failed with error -71
[  881.617471][ T5983] usb 6-1: USB disconnect, device number 42
[  882.908655][T13904] overlayfs: failed to clone lowerpath
[  882.922305][T13904] overlayfs: failed to clone lowerpath
[  885.331002][T13928] netlink: 1624 bytes leftover after parsing attributes in process `syz.4.1944'.
[  886.559636][T13944] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  886.710610][T13945] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  886.846265][T13950] ip6_vti0 speed is unknown, defaulting to 1000
[  887.890075][T13950] lo speed is unknown, defaulting to 1000
[  891.907231][T13973] loop3: detected capacity change from 0 to 164
[  892.308902][T13976] ip6_vti0 speed is unknown, defaulting to 1000
[  893.840567][T13996] netlink: 1624 bytes leftover after parsing attributes in process `syz.2.1961'.
[  894.527298][T13976] lo speed is unknown, defaulting to 1000
[  895.978889][T13997] loop4: detected capacity change from 0 to 32768
[  896.141261][T13997] BTRFS: device fsid 3d39d0ba-bdae-447e-827b-b091e1a68885 devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.1960 (13997)
[  896.297017][T13997] BTRFS info (device loop4): first mount of filesystem 3d39d0ba-bdae-447e-827b-b091e1a68885
[  896.370919][T13997] BTRFS info (device loop4): using crc32c (crc32c-lib) checksum algorithm
[  896.931091][T13997] BTRFS error (device loop4): open_ctree failed: -4
[  898.730593][T14047] loop4: detected capacity change from 0 to 512
[  898.812343][T14047] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.1967: inode has both inline data and extents flags
[  898.916202][T14047] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.1967: couldn't read orphan inode 15 (err -117)
[  899.011774][T14047] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  899.503666][T14038] ip6_vti0 speed is unknown, defaulting to 1000
[  900.561758][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  901.283069][T14038] lo speed is unknown, defaulting to 1000
[  901.301607][T14059] ip6_vti0 speed is unknown, defaulting to 1000
[  901.941171][T14075] fuse: Bad value for 'fd'
[  902.687018][T14079] netlink: 1624 bytes leftover after parsing attributes in process `syz.3.1974'.
[  904.594333][T14089] process 'syz.2.1977' launched './file1' with NULL argv: empty string added
[  904.819891][T14065] ip6_vti0 speed is unknown, defaulting to 1000
[  906.910364][T14105] ip6_vti0 speed is unknown, defaulting to 1000
[  906.943288][T14065] lo speed is unknown, defaulting to 1000
[  907.140654][T14059] lo speed is unknown, defaulting to 1000
[  908.714223][   T30] audit: type=1326 audit(1768407764.680:513): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14116 comm="syz.3.1984" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f9e1858f749 code=0x0
[  909.119661][ T5986] usb 4-1: new high-speed USB device number 28 using dummy_hcd
[  909.139323][T14105] lo speed is unknown, defaulting to 1000
[  909.277894][ T5986] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  909.295714][ T5986] usb 4-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  909.316553][ T5986] usb 4-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  909.360987][ T5986] usb 4-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  909.398431][ T5986] usb 4-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  909.601626][ T5986] usb 4-1: config 0 descriptor??
[  910.131255][ T5986] plantronics 0003:047F:FFFF.0014: hiddev0,hidraw0: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.3-1/input0
[  910.178918][T14109] dummy0: entered promiscuous mode
[  910.200238][T14109] dummy0: left promiscuous mode
[  911.530422][ T5986] usb 4-1: reset high-speed USB device number 28 using dummy_hcd
[  911.719724][ T5986] usb 4-1: device descriptor read/64, error -32
[  912.012796][ T5986] usb 4-1: reset high-speed USB device number 28 using dummy_hcd
[  912.202781][ T5986] usb 4-1: device descriptor read/64, error -32
[  912.533025][ T5986] usb 4-1: reset high-speed USB device number 28 using dummy_hcd
[  912.899896][ T5986] usb 4-1: device not accepting address 28, error -71
[  913.793234][   T24] usb 4-1: USB disconnect, device number 28
[  914.459570][   T24] usb 4-1: new high-speed USB device number 29 using dummy_hcd
[  914.664753][   T24] usb 4-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  914.857660][   T24] usb 4-1: config 0 has 1 interface, different from the descriptor's value: 2
[  914.879044][   T24] usb 4-1: config 0 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 2
[  914.904127][T14180] IPVS: set_ctl: invalid protocol: 0 255.255.255.252:0
[  914.990266][   T24] usb 4-1: New USB device found, idVendor=8086, idProduct=0b5b, bcdDevice=e1.c5
[  914.999561][   T24] usb 4-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  915.007612][   T24] usb 4-1: Product: syz
[  915.017509][   T24] usb 4-1: Manufacturer: syz
[  915.029293][   T24] usb 4-1: SerialNumber: syz
[  915.060898][   T24] usb 4-1: config 0 descriptor??
[  915.092712][   T24] uvcvideo 4-1:0.0: Found UVC 34.00 device syz (8086:0b5b)
[  915.108864][   T24] uvcvideo 4-1:0.0: No valid video chain found.
[  915.552671][T14187] loop3: detected capacity change from 0 to 1024
[  915.612428][T14187] EXT4-fs: Ignoring removed orlov option
[  915.656411][T14187] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  915.781184][T14191] netlink: 256 bytes leftover after parsing attributes in process `syz.5.2003'.
[  915.819598][T14191] netlink: 72 bytes leftover after parsing attributes in process `syz.5.2003'.
[  917.151142][T14197] vivid-000: disconnect
[  917.158994][   T30] audit: type=1800 audit(1768407773.120:514): pid=14187 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.1998" name="bus" dev="loop3" ino=18 res=0 errno=0
[  917.162168][T14197] vivid-000: reconnect
[  917.298989][ T5983] usb 4-1: USB disconnect, device number 29
[  917.834418][T14199] loop5: detected capacity change from 0 to 1024
[  917.878388][T14199] ext2: Unknown parameter 'smackfsdef'
[  918.678932][T14214] xt_hashlimit: overflow, try lower: 5/0
[  918.929685][   T24] usb 6-1: new high-speed USB device number 43 using dummy_hcd
[  918.960586][T14219] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list
[  919.020265][T14220] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2014'.
[  919.089857][   T24] usb 6-1: Using ep0 maxpacket: 8
[  919.112166][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xE has an invalid bInterval 0, changing to 7
[  919.143559][   T24] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xE has invalid wMaxPacketSize 0
[  919.185587][   T24] usb 6-1: New USB device found, idVendor=0582, idProduct=28e8, bcdDevice=f5.06
[  919.215551][   T24] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  919.236453][   T24] usb 6-1: Product: syz
[  919.240958][   T24] usb 6-1: Manufacturer: syz
[  919.245051][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  919.245679][   T24] usb 6-1: SerialNumber: syz
[  919.306743][T14227] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[  919.398198][   T24] usb 6-1: config 0 descriptor??
[  919.404863][T14228] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2015'.
[  919.825773][   T30] audit: type=1800 audit(1768407775.790:515): pid=14238 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.2017" name="file1" dev="tmpfs" ino=1677 res=0 errno=0
[  920.016136][T14237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  920.081036][T14237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  920.122810][T14241] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  920.198414][T14237] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  920.267825][T14237] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  920.525976][T14242] fuse: Bad value for 'fd'
[  920.728694][   T24] usb 6-1: USB disconnect, device number 43
[  920.807476][T13979] udevd[13979]: error opening ATTR{/sys/devices/platform/dummy_hcd.5/usb6/6-1/6-1:0.0/sound/card3/controlC3/../uevent} for writing: No such file or directory
[  921.796252][T14264] loop3: detected capacity change from 0 to 512
[  921.813930][T14264] EXT4-fs: Ignoring removed i_version option
[  921.821146][T14264] EXT4-fs: Ignoring removed bh option
[  922.130975][T14264] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  922.144433][T14264] ext4 filesystem being mounted at /314/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  922.203855][T14260] EXT4-fs error (device loop3): ext4_lookup:1785: inode #12: comm syz.3.2024: iget: bad i_size value: 2533274857506816
[  923.323573][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  924.324983][T14287] fuse: Bad value for 'fd'
[  925.023098][T14293] FAULT_INJECTION: forcing a failure.
[  925.023098][T14293] name fail_usercopy, interval 1, probability 0, space 0, times 1
[  925.097732][T14293] CPU: 1 UID: 0 PID: 14293 Comm: syz.4.2033 Not tainted syzkaller #0 PREEMPT(full) 
[  925.097768][T14293] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  925.097791][T14293] Call Trace:
[  925.097801][T14293]  <TASK>
[  925.097811][T14293]  dump_stack_lvl+0xe8/0x150
[  925.097850][T14293]  should_fail_ex+0x414/0x560
[  925.097897][T14293]  _copy_from_user+0x2d/0xb0
[  925.097930][T14293]  ___sys_sendmsg+0x158/0x2a0
[  925.097967][T14293]  ? __pfx____sys_sendmsg+0x10/0x10
[  925.098042][T14293]  ? __fget_files+0x2a/0x420
[  925.098073][T14293]  ? srso_alias_return_thunk+0x5/0xfbef5
[  925.098103][T14293]  ? __fget_files+0x3a0/0x420
[  925.098147][T14293]  __x64_sys_sendmsg+0x19b/0x260
[  925.098183][T14293]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  925.098228][T14293]  ? __pfx_ksys_write+0x10/0x10
[  925.098266][T14293]  do_syscall_64+0xec/0xf80
[  925.098295][T14293]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.098319][T14293]  ? trace_irq_disable+0x37/0x100
[  925.098360][T14293]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  925.098385][T14293] RIP: 0033:0x7faa5918f749
[  925.098407][T14293] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  925.098429][T14293] RSP: 002b:00007faa5a047038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  925.098456][T14293] RAX: ffffffffffffffda RBX: 00007faa593e5fa0 RCX: 00007faa5918f749
[  925.098475][T14293] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000003
[  925.098491][T14293] RBP: 00007faa5a047090 R08: 0000000000000000 R09: 0000000000000000
[  925.098507][T14293] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  925.098523][T14293] R13: 00007faa593e6038 R14: 00007faa593e5fa0 R15: 00007ffcb6a7efe8
[  925.098561][T14293]  </TASK>
[  925.617988][T14295] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2036'.
[  926.260266][T14307] FAULT_INJECTION: forcing a failure.
[  926.260266][T14307] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  926.309826][T14307] CPU: 0 UID: 0 PID: 14307 Comm: syz.3.2041 Not tainted syzkaller #0 PREEMPT(full) 
[  926.309868][T14307] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  926.309886][T14307] Call Trace:
[  926.309896][T14307]  <TASK>
[  926.309909][T14307]  dump_stack_lvl+0xe8/0x150
[  926.309953][T14307]  should_fail_ex+0x414/0x560
[  926.310011][T14307]  _copy_from_user+0x2d/0xb0
[  926.310048][T14307]  __sys_bpf+0x1e3/0x860
[  926.310093][T14307]  ? __pfx___sys_bpf+0x10/0x10
[  926.310142][T14307]  ? srso_alias_return_thunk+0x5/0xfbef5
[  926.310166][T14307]  ? ksys_write+0x22a/0x250
[  926.310187][T14307]  ? __pfx_ksys_write+0x10/0x10
[  926.310212][T14307]  __x64_sys_bpf+0x7c/0x90
[  926.310238][T14307]  do_syscall_64+0xec/0xf80
[  926.310260][T14307]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.310282][T14307]  ? trace_irq_disable+0x37/0x100
[  926.310313][T14307]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  926.310332][T14307] RIP: 0033:0x7f9e1858f749
[  926.310349][T14307] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  926.310365][T14307] RSP: 002b:00007f9e19357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000141
[  926.310385][T14307] RAX: ffffffffffffffda RBX: 00007f9e187e5fa0 RCX: 00007f9e1858f749
[  926.310400][T14307] RDX: 0000000000000020 RSI: 0000200000000080 RDI: 0000000000000001
[  926.310412][T14307] RBP: 00007f9e19357090 R08: 0000000000000000 R09: 0000000000000000
[  926.310425][T14307] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  926.310437][T14307] R13: 00007f9e187e6038 R14: 00007f9e187e5fa0 R15: 00007ffd469d4108
[  926.310467][T14307]  </TASK>
[  926.679555][   T24] usb 5-1: new high-speed USB device number 27 using dummy_hcd
[  926.949578][   T24] usb 5-1: Using ep0 maxpacket: 16
[  927.395985][   T24] usb 5-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  927.492715][T14315] xt_cluster: node mask cannot exceed total number of nodes
[  927.504078][   T24] usb 5-1: config 0 has no interfaces?
[  927.526673][   T24] usb 5-1: New USB device found, idVendor=2040, idProduct=0264, bcdDevice=4e.d1
[  927.536073][   T24] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  927.634639][   T24] usb 5-1: Product: syz
[  927.643987][   T24] usb 5-1: Manufacturer: syz
[  927.649645][   T24] usb 5-1: SerialNumber: syz
[  927.665116][   T24] usb 5-1: config 0 descriptor??
[  927.788576][T14323] loop3: detected capacity change from 0 to 128
[  928.063740][T14323] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[  928.088083][T14323] ext4 filesystem being mounted at /317/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[  928.232538][T14317] bond8: option primary: mode dependency failed, not supported in mode balance-rr(0)
[  928.434350][T14317] bond8 (unregistering): Released all slaves
[  928.463687][T14302] netlink: 104 bytes leftover after parsing attributes in process `syz.4.2038'.
[  929.117508][T14331] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy
[  929.139091][ T5836] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  929.259292][T14331] misc raw-gadget: fail, usb_gadget_register_driver returned -16
[  929.353795][   T24] usb 5-1: USB disconnect, device number 27
[  929.697777][T14337] FAULT_INJECTION: forcing a failure.
[  929.697777][T14337] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  929.742054][T14337] CPU: 0 UID: 0 PID: 14337 Comm: syz.5.2048 Not tainted syzkaller #0 PREEMPT(full) 
[  929.742087][T14337] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  929.742102][T14337] Call Trace:
[  929.742111][T14337]  <TASK>
[  929.742122][T14337]  dump_stack_lvl+0xe8/0x150
[  929.742158][T14337]  should_fail_ex+0x414/0x560
[  929.742205][T14337]  _copy_from_user+0x2d/0xb0
[  929.742238][T14337]  ___sys_sendmsg+0x158/0x2a0
[  929.742274][T14337]  ? __pfx____sys_sendmsg+0x10/0x10
[  929.742348][T14337]  ? __fget_files+0x2a/0x420
[  929.742379][T14337]  ? srso_alias_return_thunk+0x5/0xfbef5
[  929.742408][T14337]  ? __fget_files+0x3a0/0x420
[  929.742452][T14337]  __x64_sys_sendmsg+0x19b/0x260
[  929.742488][T14337]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  929.742532][T14337]  ? __pfx_ksys_write+0x10/0x10
[  929.742577][T14337]  do_syscall_64+0xec/0xf80
[  929.742605][T14337]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.742629][T14337]  ? trace_irq_disable+0x37/0x100
[  929.742668][T14337]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  929.742693][T14337] RIP: 0033:0x7f849c38f749
[  929.742714][T14337] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  929.742735][T14337] RSP: 002b:00007f849d15b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  929.742761][T14337] RAX: ffffffffffffffda RBX: 00007f849c5e5fa0 RCX: 00007f849c38f749
[  929.742780][T14337] RDX: 0000000000000000 RSI: 0000200000000000 RDI: 0000000000000003
[  929.742795][T14337] RBP: 00007f849d15b090 R08: 0000000000000000 R09: 0000000000000000
[  929.742811][T14337] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  929.742827][T14337] R13: 00007f849c5e6038 R14: 00007f849c5e5fa0 R15: 00007ffdd0a6e448
[  929.742867][T14337]  </TASK>
[  930.444858][T14345] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2052'.
[  930.879626][ T5983] usb 5-1: new high-speed USB device number 28 using dummy_hcd
[  930.934941][T14362] fuse: Bad value for 'fd'
[  931.061642][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  931.092050][ T5983] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  931.129911][ T5983] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  931.161642][ T5983] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  931.188879][ T5983] usb 5-1: Manufacturer: syz
[  931.231108][ T5983] usb 5-1: config 0 descriptor??
[  932.420841][ T5983] uclogic 0003:256C:006D.0015: failed retrieving string descriptor #100: -71
[  932.431734][ T5983] uclogic 0003:256C:006D.0015: failed retrieving pen parameters: -71
[  932.440708][ T5983] uclogic 0003:256C:006D.0015: failed probing pen v1 parameters: -71
[  932.449405][ T5983] uclogic 0003:256C:006D.0015: failed probing parameters: -71
[  932.461454][ T5983] uclogic 0003:256C:006D.0015: probe with driver uclogic failed with error -71
[  932.509720][ T5983] usb 5-1: USB disconnect, device number 28
[  933.503776][T14388] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2068'.
[  933.655106][T14388] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2068'.
[  933.703407][T14388] netlink: 'syz.1.2068': attribute type 11 has an invalid length.
[  933.744286][T14388] netlink: 'syz.1.2068': attribute type 12 has an invalid length.
[  936.250347][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  936.258131][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  936.313291][T14416] netlink: 12 bytes leftover after parsing attributes in process `syz.3.2078'.
[  938.405693][T14454] fuse: Bad value for 'fd'
[  939.435226][T14457] overlayfs: failed to resolve './file0': -2
[  939.681215][T14467] loop3: detected capacity change from 0 to 764
[  939.757977][T14467] rock: corrupted directory entry. extent=32, offset=2044, size=237
[  939.844358][T14467] Symlink component flag not implemented
[  939.865030][T14467] Symlink component flag not implemented (7)
[  939.918157][T14474] comedi comedi0: pcl711: I/O port conflict (0x6,16)
[  941.218003][T14460] loop5: detected capacity change from 0 to 32768
[  941.273569][T14460] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2092 (14460)
[  941.367430][T14460] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  941.443467][T14460] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[  941.719901][T14460] BTRFS info (device loop5): enabling ssd optimizations
[  941.749589][T14460] BTRFS info (device loop5): turning on async discard
[  941.757380][T14460] BTRFS info (device loop5): enabling free space tree
[  942.361018][T14511] loop4: detected capacity change from 0 to 1024
[  942.414087][ T5833] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[  942.687148][   T74] hfsplus: b-tree write err: -5, ino 4
[  943.541291][T14522] warning: `syz.5.2104' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211
[  947.866164][T14558] fuse: Bad value for 'fd'
[  948.409345][T14568] FAULT_INJECTION: forcing a failure.
[  948.409345][T14568] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  948.459937][T14568] CPU: 0 UID: 0 PID: 14568 Comm: syz.5.2109 Not tainted syzkaller #0 PREEMPT(full) 
[  948.459973][T14568] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  948.459990][T14568] Call Trace:
[  948.459999][T14568]  <TASK>
[  948.460009][T14568]  dump_stack_lvl+0xe8/0x150
[  948.460048][T14568]  should_fail_ex+0x414/0x560
[  948.460093][T14568]  _copy_from_user+0x2d/0xb0
[  948.460124][T14568]  do_ipv6_setsockopt+0x23e/0x2eb0
[  948.460158][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460189][T14568]  ? aa_label_sk_perm+0x4c4/0x610
[  948.460225][T14568]  ? __pfx_do_ipv6_setsockopt+0x10/0x10
[  948.460259][T14568]  ? __pfx_aa_label_sk_perm+0x10/0x10
[  948.460288][T14568]  ? get_pid_task+0x20/0x1f0
[  948.460318][T14568]  ? get_pid_task+0x20/0x1f0
[  948.460358][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460384][T14568]  ? __lock_acquire+0x6b6/0x2cf0
[  948.460417][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460450][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460480][T14568]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  948.460507][T14568]  ? aa_sk_perm+0x15f/0x920
[  948.460539][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460576][T14568]  ? aa_sk_perm+0x7ee/0x920
[  948.460612][T14568]  ? __pfx_aa_sk_perm+0x10/0x10
[  948.460641][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460673][T14568]  ? srso_alias_return_thunk+0x5/0xfbef5
[  948.460701][T14568]  ? aa_sock_opt_perm+0xff/0x1a0
[  948.460739][T14568]  ipv6_setsockopt+0x59/0x170
[  948.460774][T14568]  ? __pfx_sock_common_setsockopt+0x10/0x10
[  948.460802][T14568]  do_sock_setsockopt+0x17c/0x1b0
[  948.460839][T14568]  __x64_sys_setsockopt+0x13f/0x1b0
[  948.460877][T14568]  do_syscall_64+0xec/0xf80
[  948.460909][T14568]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.460933][T14568]  ? trace_irq_disable+0x37/0x100
[  948.460974][T14568]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  948.461002][T14568] RIP: 0033:0x7f849c38f749
[  948.461023][T14568] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  948.461037][T14568] RSP: 002b:00007f849d15b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000036
[  948.461056][T14568] RAX: ffffffffffffffda RBX: 00007f849c5e5fa0 RCX: 00007f849c38f749
[  948.461070][T14568] RDX: 0000000000000040 RSI: 0000000000000029 RDI: 0000000000000004
[  948.461082][T14568] RBP: 00007f849d15b090 R08: 00000000000005a8 R09: 0000000000000000
[  948.461094][T14568] R10: 00002000000005c0 R11: 0000000000000246 R12: 0000000000000001
[  948.461105][T14568] R13: 00007f849c5e6038 R14: 00007f849c5e5fa0 R15: 00007ffdd0a6e448
[  948.461134][T14568]  </TASK>
[  949.125841][T14574] loop5: detected capacity change from 0 to 1024
[  949.134096][T14574] EXT4-fs: Ignoring removed orlov option
[  949.278133][T14574] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  949.299729][T14574] EXT4-fs warning (device loop5): ext4_expand_extra_isize_ea:2857: Unable to expand inode 15. Delete some EAs or run e2fsck.
[  950.610770][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  951.214353][T14612] loop4: detected capacity change from 0 to 512
[  951.237278][T14612] EXT4-fs: Warning: mounting with data=journal disables delayed allocation, dioread_nolock, O_DIRECT and fast_commit support!
[  951.260875][T14612] EXT4-fs (loop4): encrypted files will use data=ordered instead of data journaling mode
[  951.303081][T14612] EXT4-fs error (device loop4): ext4_free_branches:1023: inode #16: comm syz.4.2133: invalid indirect mapped block 83886080 (level 1)
[  951.348729][T14612] EXT4-fs (loop4): Remounting filesystem read-only
[  951.373047][T14612] EXT4-fs (loop4): 1 orphan inode deleted
[  951.429687][T14612] EXT4-fs (loop4): 1 truncate cleaned up
[  951.463722][T14612] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  952.955551][T14612] EXT4-fs warning (device loop4): ext4_empty_dir:3097: inode #2: comm syz.4.2133: directory missing '..'
[  953.023596][T14629] loop5: detected capacity change from 0 to 2048
[  953.082847][T14629] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  953.113426][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  953.188890][T14633] FAULT_INJECTION: forcing a failure.
[  953.188890][T14633] name failslab, interval 1, probability 0, space 0, times 1
[  953.269576][T14633] CPU: 0 UID: 0 PID: 14633 Comm: syz.5.2140 Not tainted syzkaller #0 PREEMPT(full) 
[  953.269611][T14633] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  953.269626][T14633] Call Trace:
[  953.269636][T14633]  <TASK>
[  953.269646][T14633]  dump_stack_lvl+0xe8/0x150
[  953.269683][T14633]  should_fail_ex+0x414/0x560
[  953.269729][T14633]  should_failslab+0xa8/0x100
[  953.269762][T14633]  kmem_cache_alloc_noprof+0x88/0x710
[  953.269801][T14633]  ? getname_flags+0xb8/0x540
[  953.269836][T14633]  getname_flags+0xb8/0x540
[  953.269865][T14633]  ? __fget_files+0x3a0/0x420
[  953.269900][T14633]  user_path_at+0x24/0x60
[  953.269938][T14633]  __se_sys_mount+0x2d4/0x410
[  953.269977][T14633]  ? __pfx___se_sys_mount+0x10/0x10
[  953.270006][T14633]  ? srso_alias_return_thunk+0x5/0xfbef5
[  953.270044][T14633]  ? srso_alias_return_thunk+0x5/0xfbef5
[  953.270072][T14633]  ? __x64_sys_mount+0x20/0xc0
[  953.270105][T14633]  do_syscall_64+0xec/0xf80
[  953.270133][T14633]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  953.270156][T14633]  ? trace_irq_disable+0x37/0x100
[  953.270197][T14633]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  953.270220][T14633] RIP: 0033:0x7f849c38f749
[  953.270242][T14633] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  953.270263][T14633] RSP: 002b:00007f849a5f6038 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  953.270296][T14633] RAX: ffffffffffffffda RBX: 00007f849c5e6090 RCX: 00007f849c38f749
[  953.270314][T14633] RDX: 0000000000000000 RSI: 0000200000000100 RDI: 0000000000000000
[  953.270331][T14633] RBP: 00007f849a5f6090 R08: 0000000000000000 R09: 0000000000000000
[  953.270347][T14633] R10: 0000000000000420 R11: 0000000000000246 R12: 0000000000000001
[  953.270363][T14633] R13: 00007f849c5e6128 R14: 00007f849c5e6090 R15: 00007ffdd0a6e448
[  953.270402][T14633]  </TASK>
[  953.667643][T14634] netlink: 16 bytes leftover after parsing attributes in process `syz.1.2142'.
[  953.993506][T14643] mmap: syz.5.2144 (14643) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst.
[  954.376868][T14626] loop3: detected capacity change from 0 to 32768
[  954.734359][T14626] read_mapping_page failed!
[  954.734788][   T30] audit: type=1326 audit(1768407810.700:516): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14624 comm="syz.3.2138" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7f9e1858f749 code=0x0
[  954.739167][T14626] ERROR: (device loop3): txCommit: 
[  954.739167][T14626] 
[  954.805584][T14649] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  954.930972][T14626] read_mapping_page failed!
[  954.945331][T14626] ERROR: (device loop3): txCommit: 
[  954.945331][T14626] 
[  955.037504][T14656] ip6_vti0 speed is unknown, defaulting to 1000
[  955.070077][T14626] read_mapping_page failed!
[  955.074696][T14626] ERROR: (device loop3): txCommit: 
[  955.074696][T14626] 
[  955.573160][T14666] loop5: detected capacity change from 0 to 512
[  955.629776][T14666] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  955.726491][T14666] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  955.851234][T14666] ext4 filesystem being mounted at /321/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  955.924368][   T30] audit: type=1800 audit(1768407811.880:517): pid=14666 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2151" name="file2" dev="loop5" ino=16 res=0 errno=0
[  955.940509][T14666] FAULT_INJECTION: forcing a failure.
[  955.940509][T14666] name failslab, interval 1, probability 0, space 0, times 0
[  956.033211][T14666] CPU: 1 UID: 0 PID: 14666 Comm: syz.5.2151 Not tainted syzkaller #0 PREEMPT(full) 
[  956.033252][T14666] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  956.033268][T14666] Call Trace:
[  956.033277][T14666]  <TASK>
[  956.033289][T14666]  dump_stack_lvl+0xe8/0x150
[  956.033327][T14666]  should_fail_ex+0x414/0x560
[  956.033375][T14666]  should_failslab+0xa8/0x100
[  956.033421][T14666]  __kmalloc_noprof+0xdf/0x800
[  956.033444][T14666]  ? srso_alias_return_thunk+0x5/0xfbef5
[  956.033474][T14666]  ? kfree+0x4d/0x660
[  956.033508][T14666]  ? tomoyo_realpath_from_path+0xe3/0x5d0
[  956.033551][T14666]  tomoyo_realpath_from_path+0xe3/0x5d0
[  956.033594][T14666]  ? tomoyo_domain+0xd8/0x130
[  956.033637][T14666]  ? tomoyo_path_number_perm+0x1bc/0x5a0
[  956.033666][T14666]  tomoyo_path_number_perm+0x1e8/0x5a0
[  956.033698][T14666]  ? __pfx_tomoyo_path_number_perm+0x10/0x10
[  956.033724][T14666]  ? srso_alias_return_thunk+0x5/0xfbef5
[  956.033752][T14666]  ? __lock_acquire+0x6b6/0x2cf0
[  956.033783][T14666]  ? srso_alias_return_thunk+0x5/0xfbef5
[  956.033822][T14666]  ? srso_alias_return_thunk+0x5/0xfbef5
[  956.033850][T14666]  ? __mutex_unlock_slowpath+0x1a1/0x730
[  956.033906][T14666]  ? __fget_files+0x2a/0x420
[  956.033940][T14666]  ? __fget_files+0x2a/0x420
[  956.033971][T14666]  ? __fget_files+0x3a0/0x420
[  956.034000][T14666]  ? __fget_files+0x2a/0x420
[  956.034037][T14666]  security_file_ioctl+0xcb/0x2d0
[  956.034067][T14666]  __se_sys_ioctl+0x47/0x170
[  956.034111][T14666]  do_syscall_64+0xec/0xf80
[  956.034138][T14666]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.034163][T14666]  ? trace_irq_disable+0x37/0x100
[  956.034203][T14666]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  956.034231][T14666] RIP: 0033:0x7f849c38f749
[  956.034253][T14666] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  956.034275][T14666] RSP: 002b:00007f849d15b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[  956.034301][T14666] RAX: ffffffffffffffda RBX: 00007f849c5e5fa0 RCX: 00007f849c38f749
[  956.034321][T14666] RDX: 0000200000000040 RSI: 00000000c028660f RDI: 0000000000000005
[  956.034339][T14666] RBP: 00007f849d15b090 R08: 0000000000000000 R09: 0000000000000000
[  956.034355][T14666] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  956.034370][T14666] R13: 00007f849c5e6038 R14: 00007f849c5e5fa0 R15: 00007ffdd0a6e448
[  956.034409][T14666]  </TASK>
[  956.034451][T14666] ERROR: Out of memory at tomoyo_realpath_from_path.
[  956.592220][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  956.936486][T14677] loop5: detected capacity change from 0 to 512
[  956.983013][T14677] EXT4-fs: Quota format mount options ignored when QUOTA feature is enabled
[  957.118935][T14677] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  957.241319][T14682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2154'.
[  957.292775][T14677] ext4 filesystem being mounted at /322/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  957.303278][T14682] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2154'.
[  957.331171][T14682] netlink: 8 bytes leftover after parsing attributes in process `syz.2.2154'.
[  957.335444][T14656] lo speed is unknown, defaulting to 1000
[  957.389089][T14682] netlink: 24 bytes leftover after parsing attributes in process `syz.2.2154'.
[  957.429480][   T30] audit: type=1800 audit(1768407813.390:518): pid=14677 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.2152" name="file2" dev="loop5" ino=16 res=0 errno=0
[  957.591553][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  957.780525][T14688] fuse: Bad value for 'fd'
[  958.036822][T14691] loop5: detected capacity change from 0 to 128
[  958.082739][T14691] EXT4-fs: Ignoring removed nobh option
[  958.282810][T14691] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  958.352781][T14691] ext4 filesystem being mounted at /323/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  958.463801][T14691] EXT4-fs warning (device loop5): ext4_group_extend:1862: can't shrink FS - resize aborted
[  958.574279][ T5833] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  958.898825][T14694] loop5: detected capacity change from 0 to 128
[  959.074304][T14698] syz.5.2156: attempt to access beyond end of device
[  959.074304][T14698] loop5: rw=2049, sector=145, nr_sectors = 16 limit=128
[  959.259844][T14698] syz.5.2156: attempt to access beyond end of device
[  959.259844][T14698] loop5: rw=2049, sector=169, nr_sectors = 8 limit=128
[  959.324810][T14698] syz.5.2156: attempt to access beyond end of device
[  959.324810][T14698] loop5: rw=2049, sector=185, nr_sectors = 8 limit=128
[  959.710016][T14709] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  960.633864][T14723] 9pnet_fd: Insufficient options for proto=fd
[  960.669758][T14723] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2165'.
[  960.761137][T14723] : entered promiscuous mode
[  961.114384][T14714] loop5: detected capacity change from 0 to 32768
[  961.145496][T14714] jfs: Bad value for 'uid'
[  961.175435][T14714] jfs: Bad value for 'uid'
[  961.469516][ T5983] usb 6-1: new high-speed USB device number 44 using dummy_hcd
[  961.659672][ T5983] usb 6-1: Using ep0 maxpacket: 16
[  961.682806][ T5983] usb 6-1: config 0 has an invalid interface number: 64 but max is 0
[  961.714422][ T5983] usb 6-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  961.753652][ T5983] usb 6-1: config 0 has no interface number 0
[  961.776413][ T5983] usb 6-1: New USB device found, idVendor=0bd3, idProduct=0555, bcdDevice= 0.1e
[  961.805749][ T5983] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  961.834089][ T5983] usb 6-1: config 0 descriptor??
[  961.872431][ T5983] uvcvideo 6-1:0.64: probe with driver uvcvideo failed with error -22
[  961.889533][ T5986] usb 5-1: new full-speed USB device number 29 using dummy_hcd
[  962.070633][ T5983] usb 6-1: USB disconnect, device number 44
[  962.134633][ T5986] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 1023, setting to 64
[  962.177077][ T5986] usb 5-1: New USB device found, idVendor=04f3, idProduct=0755, bcdDevice= 0.00
[  962.382450][ T5986] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  962.394701][ T5986] usb 5-1: config 0 descriptor??
[  962.400791][T14733] raw-gadget.1 gadget.4: fail, usb_ep_enable returned -22
[  963.265762][T14733] loop4: detected capacity change from 0 to 512
[  963.409049][T14733] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: writeback.
[  963.539610][T14733] ext4 filesystem being mounted at /338/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  963.614398][T14751] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check.
[  963.681097][T14733] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[  963.782665][T14733] EXT4-fs (loop4): re-mounted 00000000-0000-0000-0000-000000000000 ro.
[  963.990020][   T24] usb 6-1: new high-speed USB device number 45 using dummy_hcd
[  964.217316][ T5986] elan 0003:04F3:0755.0016: unknown main item tag 0x0
[  964.224221][ T5986] elan 0003:04F3:0755.0016: item fetching failed at offset 3/5
[  964.236834][ T5986] elan 0003:04F3:0755.0016: Hid Parse failed
[  964.242996][ T5986] elan 0003:04F3:0755.0016: probe with driver elan failed with error -22
[  964.269993][   T24] usb 6-1: Using ep0 maxpacket: 8
[  964.278739][   T24] usb 6-1: config 0 has an invalid interface number: 55 but max is 0
[  964.287355][   T24] usb 6-1: config 0 has no interface number 0
[  964.293556][   T24] usb 6-1: config 0 interface 55 altsetting 0 has an invalid descriptor for endpoint zero, skipping
[  964.304461][   T24] usb 6-1: config 0 interface 55 altsetting 0 has an endpoint descriptor with address 0xAB, changing to 0x8B
[  964.318292][   T24] usb 6-1: config 0 interface 55 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7
[  964.329588][   T24] usb 6-1: config 0 interface 55 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 2
[  964.342703][   T24] usb 6-1: New USB device found, idVendor=0f11, idProduct=1080, bcdDevice=fc.6a
[  964.351959][   T24] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  964.374262][   T24] usb 6-1: config 0 descriptor??
[  964.409896][   T24] ldusb 6-1:0.55: LD USB Device #0 now attached to major 180 minor 0
[  964.436027][ T5986] usb 5-1: USB disconnect, device number 29
[  964.792961][   T24] usb 6-1: USB disconnect, device number 45
[  964.839206][   T24] ldusb 6-1:0.55: LD USB Device #0 now disconnected
[  964.865963][T14771] fuse: Bad value for 'fd'
[  965.157330][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  965.471434][T14782] loop5: detected capacity change from 0 to 128
[  965.546310][T14782] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: none.
[  965.573026][T14782] ext4 filesystem being mounted at /329/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  965.787556][ T5833] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[  966.087717][T14795] loop4: detected capacity change from 0 to 1024
[  966.280736][   T10] usb 6-1: new high-speed USB device number 46 using dummy_hcd
[  966.315575][T14795] netlink: 'syz.4.2185': attribute type 2 has an invalid length.
[  966.459549][   T10] usb 6-1: Using ep0 maxpacket: 32
[  966.506001][   T10] usb 6-1: config 0 has an invalid interface number: 96 but max is 0
[  966.534653][   T10] usb 6-1: config 0 has no interface number 0
[  966.565628][   T10] usb 6-1: config 0 interface 96 has no altsetting 0
[  966.600492][   T12] hfsplus: b-tree write err: -5, ino 4
[  966.603244][   T10] usb 6-1: New USB device found, idVendor=0694, idProduct=0001, bcdDevice=b2.44
[  966.668890][   T10] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  966.732743][   T10] usb 6-1: Product: syz
[  966.736926][   T10] usb 6-1: Manufacturer: syz
[  966.781744][   T10] usb 6-1: SerialNumber: syz
[  966.830313][   T10] usb 6-1: config 0 descriptor??
[  966.850059][T14802] fuse: Bad value for 'fd'
[  966.907274][   T10] legousbtower 6-1:0.96: interrupt endpoints not found
[  967.443336][T14797] loop5: detected capacity change from 0 to 4096
[  967.499736][T14797] ntfs3(loop5): Different NTFS sector size (4096) and media sector size (512).
[  967.613934][T14815] loop4: detected capacity change from 0 to 2048
[  967.747244][T14815] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  967.869930][T14815] ext4 filesystem being mounted at /342/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  968.267476][T14826] netlink: 36 bytes leftover after parsing attributes in process `syz.2.2192'.
[  969.020055][T14832] FAULT_INJECTION: forcing a failure.
[  969.020055][T14832] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  969.041509][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  969.134580][T14832] CPU: 0 UID: 0 PID: 14832 Comm: syz.3.2193 Not tainted syzkaller #0 PREEMPT(full) 
[  969.134611][T14832] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  969.134624][T14832] Call Trace:
[  969.134632][T14832]  <TASK>
[  969.134640][T14832]  dump_stack_lvl+0xe8/0x150
[  969.134670][T14832]  should_fail_ex+0x414/0x560
[  969.134705][T14832]  _copy_from_user+0x2d/0xb0
[  969.134730][T14832]  ___sys_sendmsg+0x158/0x2a0
[  969.134757][T14832]  ? __pfx____sys_sendmsg+0x10/0x10
[  969.134817][T14832]  ? __fget_files+0x2a/0x420
[  969.134839][T14832]  ? srso_alias_return_thunk+0x5/0xfbef5
[  969.134861][T14832]  ? __fget_files+0x3a0/0x420
[  969.134892][T14832]  __x64_sys_sendmsg+0x19b/0x260
[  969.134919][T14832]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[  969.134950][T14832]  ? __pfx_ksys_write+0x10/0x10
[  969.134979][T14832]  do_syscall_64+0xec/0xf80
[  969.135000][T14832]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  969.135018][T14832]  ? trace_irq_disable+0x37/0x100
[  969.135048][T14832]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  969.135066][T14832] RIP: 0033:0x7f9e1858f749
[  969.135084][T14832] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  969.135099][T14832] RSP: 002b:00007f9e19357038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[  969.135119][T14832] RAX: ffffffffffffffda RBX: 00007f9e187e5fa0 RCX: 00007f9e1858f749
[  969.135133][T14832] RDX: 0000000000000844 RSI: 0000200000000340 RDI: 0000000000000003
[  969.135145][T14832] RBP: 00007f9e19357090 R08: 0000000000000000 R09: 0000000000000000
[  969.135156][T14832] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  969.135168][T14832] R13: 00007f9e187e6038 R14: 00007f9e187e5fa0 R15: 00007ffd469d4108
[  969.135196][T14832]  </TASK>
[  969.361935][T14797] ntfs3(loop5): failed to convert "c46c" to cp866
[  970.471444][   T10] usb 6-1: USB disconnect, device number 46
[  972.030651][T14857] loop4: detected capacity change from 0 to 512
[  972.148909][T14857] EXT4-fs (loop4): mounting ext3 file system using the ext4 subsystem
[  972.158362][T14867] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  972.193214][T14857] EXT4-fs (loop4): orphan cleanup on readonly fs
[  972.205137][T14857] EXT4-fs error (device loop4): ext4_orphan_get:1391: inode #15: comm syz.4.2203: inode has both inline data and extents flags
[  972.267388][T14857] EXT4-fs error (device loop4): ext4_orphan_get:1396: comm syz.4.2203: couldn't read orphan inode 15 (err -117)
[  972.513950][T14857] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: none.
[  972.625934][T14857] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 13: comm syz.4.2203: lblock 0 mapped to illegal pblock 13 (length 1)
[  973.592911][T14887] fuse: Bad value for 'fd'
[  973.933697][T14892] 9p: Bad value for 'wfdno'
[  974.574621][T14857] EXT4-fs error (device loop4): ext4_map_blocks:783: inode #2: block 13: comm syz.4.2203: lblock 0 mapped to illegal pblock 13 (length 1)
[  975.913170][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  978.089339][T14931] FAULT_INJECTION: forcing a failure.
[  978.089339][T14931] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  978.111112][T14928] fuse: Bad value for 'fd'
[  978.179801][T14931] CPU: 0 UID: 0 PID: 14931 Comm: syz.5.2222 Not tainted syzkaller #0 PREEMPT(full) 
[  978.179829][T14931] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  978.179840][T14931] Call Trace:
[  978.179849][T14931]  <TASK>
[  978.179857][T14931]  dump_stack_lvl+0xe8/0x150
[  978.179887][T14931]  should_fail_ex+0x414/0x560
[  978.179922][T14931]  _copy_from_user+0x2d/0xb0
[  978.179947][T14931]  __sys_bind+0x199/0x3e0
[  978.179968][T14931]  ? __pfx___sys_bind+0x10/0x10
[  978.179997][T14931]  ? __pfx_ksys_write+0x10/0x10
[  978.180022][T14931]  __x64_sys_bind+0x7a/0x90
[  978.180041][T14931]  do_syscall_64+0xec/0xf80
[  978.180064][T14931]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.180081][T14931]  ? trace_irq_disable+0x37/0x100
[  978.180111][T14931]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  978.180129][T14931] RIP: 0033:0x7f849c38f749
[  978.180144][T14931] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[  978.180160][T14931] RSP: 002b:00007f849d15b038 EFLAGS: 00000246 ORIG_RAX: 0000000000000031
[  978.180179][T14931] RAX: ffffffffffffffda RBX: 00007f849c5e5fa0 RCX: 00007f849c38f749
[  978.180193][T14931] RDX: 000000000000001c RSI: 0000200000000000 RDI: 0000000000000003
[  978.180205][T14931] RBP: 00007f849d15b090 R08: 0000000000000000 R09: 0000000000000000
[  978.180217][T14931] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  978.180228][T14931] R13: 00007f849c5e6038 R14: 00007f849c5e5fa0 R15: 00007ffdd0a6e448
[  978.180256][T14931]  </TASK>
[  978.779571][T14935] Context (ID=0x1) not attached to queue pair (handle=0x2:0xffffffff)
[  979.602780][T14938] loop3: detected capacity change from 0 to 256
[  979.646089][T14938] vfat: Bad value for 'utf8'
[  979.701868][T14942] fuse: Unknown parameter 'grid'
[  979.716071][   T30] audit: type=1326 audit(1768408091.679:519): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001e78f749 code=0x7ffc0000
[  979.815965][   T30] audit: type=1326 audit(1768408091.679:520): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=151 compat=0 ip=0x7f001e78f749 code=0x7ffc0000
[  979.887020][   T30] audit: type=1326 audit(1768408091.699:521): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f001e7865e7 code=0x7ffc0000
[  980.073371][   T30] audit: type=1326 audit(1768408091.699:522): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f001e72b829 code=0x7ffc0000
[  980.099748][   T30] audit: type=1326 audit(1768408091.699:523): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001e78f749 code=0x7ffc0000
[  980.149180][   T30] audit: type=1326 audit(1768408091.739:524): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f001e7865e7 code=0x7ffc0000
[  980.214914][   T30] audit: type=1326 audit(1768408091.739:525): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=15 compat=0 ip=0x7f001e72b829 code=0x7ffc0000
[  980.339566][   T30] audit: type=1326 audit(1768408091.739:526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=0 compat=0 ip=0x7f001e78e15c code=0x7ffc0000
[  980.461193][   T30] audit: type=1326 audit(1768408091.739:527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f001e78f749 code=0x7ffc0000
[  980.539541][   T30] audit: type=1326 audit(1768408091.739:528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=14940 comm="syz.6.2227" exe="/root/syz-executor" sig=0 arch=c000003e syscall=39 compat=0 ip=0x7f001e7865e7 code=0x7ffc0000
[  980.624438][T14953] loop3: detected capacity change from 0 to 2048
[  981.171928][T14953] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[  981.279809][T14953] ext4 filesystem being mounted at /338/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  981.962487][T14939] loop5: detected capacity change from 0 to 32768
[  982.060125][T14939] XFS (loop5): Mounting V5 Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  982.480201][T14939] XFS (loop5): Ending clean mount
[  982.917488][T14992] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  982.999622][T11991] usb 6-1: new high-speed USB device number 47 using dummy_hcd
[  983.439617][T11991] usb 6-1: Using ep0 maxpacket: 16
[  983.743326][T11991] usb 6-1: too many endpoints for config 0 interface 0 altsetting 229: 247, using maximum allowed: 30
[  983.804653][T11991] usb 6-1: config 0 interface 0 altsetting 229 has 0 endpoint descriptors, different from the interface descriptor's value: 247
[  983.994053][T11991] usb 6-1: config 0 interface 0 has no altsetting 0
[  984.030993][T11991] usb 6-1: string descriptor 0 read error: -71
[  984.037333][T11991] usb 6-1: New USB device found, idVendor=05e1, idProduct=0408, bcdDevice=59.31
[  984.118853][ T5833] XFS (loop5): Unmounting Filesystem bfdc47fc-10d8-4eed-a562-11a831b3f791
[  984.150073][T11991] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  984.171449][T11991] usb 6-1: config 0 descriptor??
[  984.224528][T11991] usb 6-1: can't set config #0, error -71
[  984.247014][T11991] usb 6-1: USB disconnect, device number 47
[  984.574489][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[  986.091620][T15014] ip6_vti0 speed is unknown, defaulting to 1000
[  987.174178][T15028] FAULT_INJECTION: forcing a failure.
[  987.174178][T15028] name fail_usercopy, interval 1, probability 0, space 0, times 0
[  987.189741][T15028] CPU: 1 UID: 0 PID: 15028 Comm: syz.4.2245 Not tainted syzkaller #0 PREEMPT(full) 
[  987.189782][T15028] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[  987.189799][T15028] Call Trace:
[  987.189810][T15028]  <TASK>
[  987.189829][T15028]  dump_stack_lvl+0xe8/0x150
[  987.189873][T15028]  should_fail_ex+0x414/0x560
[  987.189929][T15028]  _copy_to_user+0x31/0xb0
[  987.189969][T15028]  simple_read_from_buffer+0xe1/0x170
[  987.190012][T15028]  proc_fail_nth_read+0x1b3/0x220
[  987.190048][T15028]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  987.190083][T15028]  ? srso_alias_return_thunk+0x5/0xfbef5
[  987.190116][T15028]  ? rw_verify_area+0x2a6/0x4d0
[  987.190162][T15028]  ? __pfx_proc_fail_nth_read+0x10/0x10
[  987.190194][T15028]  vfs_read+0x200/0xa30
[  987.190218][T15028]  ? fdget_pos+0x247/0x320
[  987.190255][T15028]  ? __pfx___mutex_lock+0x10/0x10
[  987.190284][T15028]  ? __pfx_vfs_read+0x10/0x10
[  987.190307][T15028]  ? __fget_files+0x2a/0x420
[  987.190339][T15028]  ? srso_alias_return_thunk+0x5/0xfbef5
[  987.190365][T15028]  ? __fget_files+0x3a0/0x420
[  987.190392][T15028]  ? __fget_files+0x2a/0x420
[  987.190425][T15028]  ? srso_alias_return_thunk+0x5/0xfbef5
[  987.190455][T15028]  ksys_read+0x145/0x250
[  987.190475][T15028]  ? srso_alias_return_thunk+0x5/0xfbef5
[  987.190503][T15028]  ? __pfx_ksys_read+0x10/0x10
[  987.190536][T15028]  do_syscall_64+0xec/0xf80
[  987.190561][T15028]  ? rcu_is_watching+0x15/0xb0
[  987.190588][T15028]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.190617][T15028]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[  987.190639][T15028] RIP: 0033:0x7faa5918e15c
[  987.190659][T15028] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[  987.190678][T15028] RSP: 002b:00007faa5a005030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[  987.190702][T15028] RAX: ffffffffffffffda RBX: 00007faa593e6180 RCX: 00007faa5918e15c
[  987.190718][T15028] RDX: 000000000000000f RSI: 00007faa5a0050a0 RDI: 000000000000000a
[  987.190733][T15028] RBP: 00007faa5a005090 R08: 0000000000000000 R09: 0000000000000000
[  987.190747][T15028] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[  987.190760][T15028] R13: 00007faa593e6218 R14: 00007faa593e6180 R15: 00007ffcb6a7efe8
[  987.190796][T15028]  </TASK>
[  990.647281][T15039] fuse: Bad value for 'fd'
[  992.443602][T15014] lo speed is unknown, defaulting to 1000
[  992.650175][T11991] usb 5-1: new high-speed USB device number 30 using dummy_hcd
[  992.931807][T11991] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  992.955621][T11991] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  993.059831][T11991] usb 5-1: New USB device found, idVendor=256c, idProduct=006d, bcdDevice= 0.00
[  993.110777][T11991] usb 5-1: New USB device strings: Mfr=2, Product=0, SerialNumber=0
[  993.118842][T11991] usb 5-1: Manufacturer: syz
[  993.138725][T11991] usb 5-1: config 0 descriptor??
[  994.521968][T11991] uclogic 0003:256C:006D.0017: failed retrieving string descriptor #100: -71
[  994.549565][T11991] uclogic 0003:256C:006D.0017: failed retrieving pen parameters: -71
[  994.557730][T11991] uclogic 0003:256C:006D.0017: failed probing pen v1 parameters: -71
[  994.653322][T11991] uclogic 0003:256C:006D.0017: failed probing parameters: -71
[  994.686830][T11991] uclogic 0003:256C:006D.0017: probe with driver uclogic failed with error -71
[  994.909372][T11991] usb 5-1: USB disconnect, device number 30
[  996.716899][T15088] ip6_vti0 speed is unknown, defaulting to 1000
[  997.391416][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[  997.397863][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[  997.970780][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888039e79c00: rx timeout, send abort
[  998.481469][    C0] vxcan1: j1939_tp_rxtimer: 0xffff888039e79c00: abort rx timeout. Force session deactivation
[ 1000.634357][T15131] batadv_slave_1: entered promiscuous mode
[ 1000.672926][T15131] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2272'.
[ 1000.709823][T15131] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1001.813301][T15131] batman_adv: batadv0: Removing interface: batadv_slave_1
[ 1002.375451][T15088] lo speed is unknown, defaulting to 1000
[ 1003.067533][T15152] loop5: detected capacity change from 0 to 32768
[ 1003.091383][T15152] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop5 (7:5) scanned by syz.5.2278 (15152)
[ 1003.109478][T15152] BTRFS info (device loop5): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1003.119773][T15152] BTRFS info (device loop5): using sha256 (sha256-lib) checksum algorithm
[ 1003.267772][T15152] BTRFS info (device loop5): enabling ssd optimizations
[ 1003.274870][T15152] BTRFS info (device loop5): turning on async discard
[ 1003.281888][T15152] BTRFS info (device loop5): enabling free space tree
[ 1004.016541][T15177] netlink: 8 bytes leftover after parsing attributes in process `syz.5.2278'.
[ 1005.924151][ T5833] BTRFS info (device loop5): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1008.199579][T11991] usb 6-1: new high-speed USB device number 48 using dummy_hcd
[ 1008.359535][T11991] usb 6-1: Using ep0 maxpacket: 32
[ 1008.367052][T11991] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[ 1008.402382][T15202] FAULT_INJECTION: forcing a failure.
[ 1008.402382][T15202] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1008.410066][T11991] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[ 1008.532167][T15202] CPU: 0 UID: 0 PID: 15202 Comm: syz.3.2287 Not tainted syzkaller #0 PREEMPT(full) 
[ 1008.532204][T15202] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1008.532220][T15202] Call Trace:
[ 1008.532229][T15202]  <TASK>
[ 1008.532240][T15202]  dump_stack_lvl+0xe8/0x150
[ 1008.532278][T15202]  should_fail_ex+0x414/0x560
[ 1008.532326][T15202]  _copy_to_user+0x31/0xb0
[ 1008.532361][T15202]  simple_read_from_buffer+0xe1/0x170
[ 1008.532398][T15202]  proc_fail_nth_read+0x1b3/0x220
[ 1008.532430][T15202]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1008.532460][T15202]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1008.532489][T15202]  ? rw_verify_area+0x2a6/0x4d0
[ 1008.532528][T15202]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1008.532557][T15202]  vfs_read+0x200/0xa30
[ 1008.532579][T15202]  ? fdget_pos+0x247/0x320
[ 1008.532617][T15202]  ? __pfx___mutex_lock+0x10/0x10
[ 1008.532647][T15202]  ? __pfx_vfs_read+0x10/0x10
[ 1008.532673][T15202]  ? __fget_files+0x2a/0x420
[ 1008.532709][T15202]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1008.532737][T15202]  ? __fget_files+0x3a0/0x420
[ 1008.532768][T15202]  ? __fget_files+0x2a/0x420
[ 1008.532804][T15202]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1008.532844][T15202]  ksys_read+0x145/0x250
[ 1008.532870][T15202]  ? __pfx_ksys_read+0x10/0x10
[ 1008.532894][T15202]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1008.532935][T15202]  do_syscall_64+0xec/0xf80
[ 1008.532963][T15202]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.532986][T15202]  ? trace_irq_disable+0x37/0x100
[ 1008.533027][T15202]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1008.533051][T15202] RIP: 0033:0x7f9e1858e15c
[ 1008.533076][T15202] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1008.533097][T15202] RSP: 002b:00007f9e19357030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1008.533124][T15202] RAX: ffffffffffffffda RBX: 00007f9e187e5fa0 RCX: 00007f9e1858e15c
[ 1008.533144][T15202] RDX: 000000000000000f RSI: 00007f9e193570a0 RDI: 0000000000000004
[ 1008.533163][T15202] RBP: 00007f9e19357090 R08: 0000000000000000 R09: 0000000000000000
[ 1008.533180][T15202] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1008.533196][T15202] R13: 00007f9e187e6038 R14: 00007f9e187e5fa0 R15: 00007ffd469d4108
[ 1008.533237][T15202]  </TASK>
[ 1008.534857][T11991] usb 6-1: New USB device found, idVendor=0403, idProduct=6030, bcdDevice= 0.00
[ 1009.087968][T11991] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1009.117807][T11991] usb 6-1: config 0 descriptor??
[ 1009.178113][T15195] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2285'.
[ 1009.213544][T15195] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2285'.
[ 1009.529322][T15206] loop3: detected capacity change from 0 to 256
[ 1009.613292][T15206] exfat: Deprecated parameter 'namecase'
[ 1009.619078][T15206] exfat: Deprecated parameter 'namecase'
[ 1009.702553][T11991] ft260 0003:0403:6030.0018: unknown main item tag 0x0
[ 1009.735852][T11991] ft260 0003:0403:6030.0018: unknown main item tag 0x0
[ 1009.793427][T15206] exfat: Deprecated parameter 'namecase'
[ 1009.830384][T11991] ft260 0003:0403:6030.0018: chip code: 6424 8183
[ 1010.057652][T11991] ft260 0003:0403:6030.0018: USB HID v0.00 Device [HID 0403:6030] on usb-dummy_hcd.5-1/input0
[ 1010.075910][T15206] exFAT-fs (loop3): Medium has reported failures. Some data may be lost.
[ 1010.179114][T15206] exFAT-fs (loop3): failed to load upcase table (idx : 0x00010000, chksum : 0x7f1fc68d, utbl_chksum : 0xe619d30d)
[ 1010.251753][T11991] ft260 0003:0403:6030.0018: failed to retrieve status: -32, no wakeup
[ 1010.480200][T11991] ft260 0003:0403:6030.0018: failed to retrieve status: -5
[ 1011.050603][T11991] ft260 0003:0403:6030.0018: failed to reset I2C controller: -71
[ 1011.168322][T11991] usb 6-1: USB disconnect, device number 48
[ 1011.766695][T15231] netlink: 'syz.4.2298': attribute type 1 has an invalid length.
[ 1011.812352][T15231] loop4: detected capacity change from 0 to 256
[ 1011.877836][T15235] loop3: detected capacity change from 0 to 512
[ 1011.960645][T15235] EXT4-fs: Ignoring removed orlov option
[ 1011.997669][T15236] loop5: detected capacity change from 0 to 128
[ 1012.028313][T15235] EXT4-fs: Ignoring removed bh option
[ 1012.030754][T15236] befs: Unknown parameter '
'
[ 1012.090643][T15235] EXT4-fs: Journaled quota options ignored when QUOTA feature is enabled
[ 1012.119679][T15237] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[ 1012.167187][T15235] EXT4-fs (loop3): orphan cleanup on readonly fs
[ 1012.453625][T15235] EXT4-fs error (device loop3): ext4_validate_block_bitmap:441: comm syz.3.2301: bg 0: block 248: padding at end of block bitmap is not set
[ 1012.554718][T15235] __quota_error: 23 callbacks suppressed
[ 1012.554736][T15235] Quota error (device loop3): write_blk: dquota write failed
[ 1012.595223][T15235] Quota error (device loop3): qtree_write_dquot: Error -117 occurred while creating quota
[ 1012.656563][T15235] EXT4-fs error (device loop3): ext4_acquire_dquot:6986: comm syz.3.2301: Failed to acquire dquot type 1
[ 1012.735955][T15235] EXT4-fs (loop3): 1 truncate cleaned up
[ 1012.772950][T15235] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0000-000000000000 ro without journal. Quota mode: writeback.
[ 1012.872106][T15235] EXT4-fs error (device loop3): ext4_lookup:1789: inode #2: comm syz.3.2301: deleted inode referenced: 12
[ 1012.917004][T15251] ext4: Unknown parameter 'DN‚é_Aã?ªbÉe
[ 1012.917004][T15251]  /'
[ 1013.043599][T15253] EXT4-fs error (device loop3): ext4_lookup:1789: inode #2: comm syz.3.2301: deleted inode referenced: 12
[ 1013.074638][T15252] ip6_vti0 speed is unknown, defaulting to 1000
[ 1013.441831][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1014.566478][T15248] loop4: detected capacity change from 0 to 256
[ 1014.688372][T15248] exFAT-fs (loop4): failed to load upcase table (idx : 0x0000e8a4, chksum : 0x7bc75166, utbl_chksum : 0xe619d30d)
[ 1015.044908][T15248] exFAT-fs (loop4): error, in sector 160, dentry 11 should be unused, but 0xc1
[ 1015.059943][T15248] exFAT-fs (loop4): Filesystem has been set read-only
[ 1015.156956][T15248] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2302'.
[ 1015.741087][T15252] lo speed is unknown, defaulting to 1000
[ 1016.050678][T15267] 9p: Bad value for 'rfdno'
[ 1018.555850][T15291] A link change request failed with some changes committed already. Interface bridge_slave_0 may have been left with an inconsistent configuration, please check.
[ 1019.470581][T15303] fuse: Bad value for 'fd'
[ 1019.705004][T15309] overlayfs: "xino" feature enabled using 3 upper inode bits.
[ 1019.817451][T15310] 9p: Bad value for 'wfdno'
[ 1023.740338][T15345] tipc: Enabled bearer <eth:gre0>, priority 10
[ 1024.389907][T15363] rdma_rxe: rxe_newlink: failed to add veth1_to_team
[ 1025.045229][ T5983] tipc: Node number set to 2886997007
[ 1025.198572][T15358] ip6_vti0 speed is unknown, defaulting to 1000
[ 1025.472322][T15375] FAULT_INJECTION: forcing a failure.
[ 1025.472322][T15375] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1025.503841][T15372] fuse: Bad value for 'user_id'
[ 1025.508739][T15372] fuse: Bad value for 'user_id'
[ 1025.707798][T15375] CPU: 0 UID: 0 PID: 15375 Comm: syz.3.2338 Not tainted syzkaller #0 PREEMPT(full) 
[ 1025.707834][T15375] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1025.707850][T15375] Call Trace:
[ 1025.707859][T15375]  <TASK>
[ 1025.707870][T15375]  dump_stack_lvl+0xe8/0x150
[ 1025.707907][T15375]  should_fail_ex+0x414/0x560
[ 1025.707953][T15375]  _copy_from_user+0x2d/0xb0
[ 1025.707987][T15375]  do_sock_getsockopt+0x15c/0x3d0
[ 1025.708024][T15375]  ? __pfx_do_sock_getsockopt+0x10/0x10
[ 1025.708055][T15375]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1025.708084][T15375]  ? __fget_files+0x3a0/0x420
[ 1025.708117][T15375]  ? __fget_files+0x2a/0x420
[ 1025.708155][T15375]  __x64_sys_getsockopt+0x1a5/0x250
[ 1025.708196][T15375]  do_syscall_64+0xec/0xf80
[ 1025.708224][T15375]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.708247][T15375]  ? trace_irq_disable+0x37/0x100
[ 1025.708291][T15375]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1025.708314][T15375] RIP: 0033:0x7f9e1858f749
[ 1025.708336][T15375] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1025.708357][T15375] RSP: 002b:00007f9e19357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000037
[ 1025.708384][T15375] RAX: ffffffffffffffda RBX: 00007f9e187e5fa0 RCX: 00007f9e1858f749
[ 1025.708402][T15375] RDX: 0000000000000013 RSI: 0000000000000000 RDI: 0000000000000003
[ 1025.708418][T15375] RBP: 00007f9e19357090 R08: 0000200000000240 R09: 0000000000000000
[ 1025.708433][T15375] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1025.708448][T15375] R13: 00007f9e187e6038 R14: 00007f9e187e5fa0 R15: 00007ffd469d4108
[ 1025.708487][T15375]  </TASK>
[ 1026.318723][T15382] loop5: detected capacity change from 0 to 512
[ 1026.686559][T15358] lo speed is unknown, defaulting to 1000
[ 1027.370993][T15406] fuse: Bad value for 'fd'
[ 1029.000768][T15417] sctp: [Deprecated]: syz.4.2350 (pid 15417) Use of struct sctp_assoc_value in delayed_ack socket option.
[ 1029.000768][T15417] Use struct sctp_sack_info instead
[ 1029.436286][T15425] 9pnet_virtio: no channels available for device ./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
[ 1029.623848][T15425] 
@0Ù: renamed from bond_slave_1 (while UP)
[ 1031.213052][T15445] 9p: Bad value for 'wfdno'
[ 1032.904512][T15458] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2360'.
[ 1035.003815][T15462] loop3: detected capacity change from 0 to 128
[ 1036.725639][T15462] EXT4-fs (loop3): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1036.777585][T15462] ext4 filesystem being mounted at /362/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1038.799086][T15475] ip6_vti0 speed is unknown, defaulting to 1000
[ 1038.989220][ T5836] EXT4-fs (loop3): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1040.156279][T15475] lo speed is unknown, defaulting to 1000
[ 1043.542914][T15502] loop5: detected capacity change from 0 to 128
[ 1044.909897][T15502] EXT4-fs (loop5): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1045.011699][T15502] ext4 filesystem being mounted at /352/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1047.072595][T15518] 9p: Bad value for 'wfdno'
[ 1050.958758][ T5833] EXT4-fs (loop5): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1050.991806][T15539] loop4: detected capacity change from 0 to 128
[ 1051.743866][T15539] EXT4-fs (loop4): mounted filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09 r/w without journal. Quota mode: writeback.
[ 1051.804988][T15539] ext4 filesystem being mounted at /368/file1 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1052.717169][T15540] netlink: 'syz.6.2380': attribute type 2 has an invalid length.
[ 1053.542811][ T5838] EXT4-fs (loop4): unmounting filesystem 76b65be2-f6da-4727-8c75-0525a5b65a09.
[ 1053.948492][T15560] ip6_vti0 speed is unknown, defaulting to 1000
[ 1054.297010][T15565] fuse: Bad value for 'fd'
[ 1054.601835][T15567] loop4: detected capacity change from 0 to 4096
[ 1054.609895][T15569] loop5: detected capacity change from 0 to 512
[ 1054.940399][T15570] ntfs3(loop4): ino=21, The size of extended attributes must not exceed 64KiB
[ 1055.082551][T15574] FAULT_INJECTION: forcing a failure.
[ 1055.082551][T15574] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1055.189686][T15574] CPU: 0 UID: 0 PID: 15574 Comm: syz.3.2388 Not tainted syzkaller #0 PREEMPT(full) 
[ 1055.189721][T15574] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1055.189737][T15574] Call Trace:
[ 1055.189746][T15574]  <TASK>
[ 1055.189756][T15574]  dump_stack_lvl+0xe8/0x150
[ 1055.189794][T15574]  should_fail_ex+0x414/0x560
[ 1055.189841][T15574]  _copy_from_user+0x2d/0xb0
[ 1055.189872][T15574]  __se_sys_select+0xd3/0x270
[ 1055.189904][T15574]  ? __pfx___se_sys_select+0x10/0x10
[ 1055.189931][T15574]  ? __pfx_ksys_write+0x10/0x10
[ 1055.189961][T15574]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1055.189991][T15574]  ? __x64_sys_select+0x20/0xc0
[ 1055.190020][T15574]  do_syscall_64+0xec/0xf80
[ 1055.190048][T15574]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1055.190070][T15574]  ? trace_irq_disable+0x37/0x100
[ 1055.190109][T15574]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1055.190133][T15574] RIP: 0033:0x7f9e1858f749
[ 1055.190159][T15574] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1055.190181][T15574] RSP: 002b:00007f9e19357038 EFLAGS: 00000246 ORIG_RAX: 0000000000000017
[ 1055.190208][T15574] RAX: ffffffffffffffda RBX: 00007f9e187e5fa0 RCX: 00007f9e1858f749
[ 1055.190227][T15574] RDX: 0000000000000000 RSI: 0000200000000680 RDI: 0000000000000040
[ 1055.190243][T15574] RBP: 00007f9e19357090 R08: 0000200000000740 R09: 0000000000000000
[ 1055.190260][T15574] R10: 0000200000000700 R11: 0000000000000246 R12: 0000000000000001
[ 1055.190280][T15574] R13: 00007f9e187e6038 R14: 00007f9e187e5fa0 R15: 00007ffd469d4108
[ 1055.190319][T15574]  </TASK>
[ 1055.456567][T15569] EXT4-fs (loop5): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback.
[ 1055.569685][T15569] ext4 filesystem being mounted at /354/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1056.824642][ T5833] EXT4-fs (loop5): unmounting filesystem 00000000-0000-0000-0007-000000000000.
[ 1056.877476][T15560] lo speed is unknown, defaulting to 1000
[ 1057.669177][T15596] 9p: Bad value for 'wfdno'
[ 1058.824480][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1058.832393][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1058.899517][ T5986] usb 6-1: new high-speed USB device number 49 using dummy_hcd
[ 1059.146669][ T5986] usb 6-1: config 0 has an invalid interface number: 255 but max is 0
[ 1059.166383][ T5986] usb 6-1: config 0 has no interface number 0
[ 1059.189490][ T5986] usb 6-1: config 0 interface 255 has no altsetting 0
[ 1059.227601][ T5986] usb 6-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[ 1059.264166][ T5986] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[ 1059.280142][ T5986] usb 6-1: config 0 descriptor??
[ 1059.319850][ T5986] cp210x 6-1:0.255: cp210x converter detected
[ 1059.435936][T15615] loop3: detected capacity change from 0 to 512
[ 1059.654312][T15615] EXT4-fs (loop3): mounted filesystem 00000000-0000-0000-0007-000000000000 r/w without journal. Quota mode: writeback.
[ 1059.716049][ T5986] cp210x 6-1:0.255: failed to get vendor val 0x000e size 3: -32
[ 1059.759864][T15615] ext4 filesystem being mounted at /370/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1061.157320][T15628] usb usb8: usbfs: interface 0 claimed by hub while 'syz.3.2398' resets device
[ 1061.761080][ T5986] cp210x 6-1:0.255: failed to get vendor val 0x370c size 15: -71
[ 1061.768863][ T5986] cp210x 6-1:0.255: GPIO initialisation failed: -71
[ 1061.864408][ T5836] EXT4-fs (loop3): unmounting filesystem 00000000-0000-0000-0007-000000000000.
[ 1061.910967][ T5986] usb 6-1: cp210x converter now attached to ttyUSB0
[ 1061.935297][ T5986] usb 6-1: USB disconnect, device number 49
[ 1061.972135][ T5986] cp210x ttyUSB0: cp210x converter now disconnected from ttyUSB0
[ 1062.008994][ T5986] cp210x 6-1:0.255: device disconnected
[ 1062.034400][T15632] FAULT_INJECTION: forcing a failure.
[ 1062.034400][T15632] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1062.115205][T15632] CPU: 0 UID: 0 PID: 15632 Comm: syz.5.2403 Not tainted syzkaller #0 PREEMPT(full) 
[ 1062.115230][T15632] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1062.115241][T15632] Call Trace:
[ 1062.115248][T15632]  <TASK>
[ 1062.115256][T15632]  dump_stack_lvl+0xe8/0x150
[ 1062.115285][T15632]  should_fail_ex+0x414/0x560
[ 1062.115319][T15632]  _copy_from_user+0x2d/0xb0
[ 1062.115344][T15632]  ___sys_sendmsg+0x158/0x2a0
[ 1062.115371][T15632]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1062.115424][T15632]  ? __fget_files+0x2a/0x420
[ 1062.115446][T15632]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1062.115468][T15632]  ? __fget_files+0x3a0/0x420
[ 1062.115500][T15632]  __x64_sys_sendmsg+0x19b/0x260
[ 1062.115525][T15632]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1062.115557][T15632]  ? __pfx_ksys_write+0x10/0x10
[ 1062.115585][T15632]  do_syscall_64+0xec/0xf80
[ 1062.115607][T15632]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1062.115625][T15632]  ? trace_irq_disable+0x37/0x100
[ 1062.115654][T15632]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1062.115672][T15632] RIP: 0033:0x7f849c38f749
[ 1062.115687][T15632] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1062.115703][T15632] RSP: 002b:00007f849d15b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1062.115722][T15632] RAX: ffffffffffffffda RBX: 00007f849c5e5fa0 RCX: 00007f849c38f749
[ 1062.115735][T15632] RDX: 0000000000000000 RSI: 0000200000000240 RDI: 0000000000000003
[ 1062.115747][T15632] RBP: 00007f849d15b090 R08: 0000000000000000 R09: 0000000000000000
[ 1062.115759][T15632] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1062.115770][T15632] R13: 00007f849c5e6038 R14: 00007f849c5e5fa0 R15: 00007ffdd0a6e448
[ 1062.115798][T15632]  </TASK>
[ 1062.844309][T15646] FAULT_INJECTION: forcing a failure.
[ 1062.844309][T15646] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1062.952090][T15646] CPU: 0 UID: 0 PID: 15646 Comm: syz.5.2406 Not tainted syzkaller #0 PREEMPT(full) 
[ 1062.952124][T15646] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1062.952140][T15646] Call Trace:
[ 1062.952150][T15646]  <TASK>
[ 1062.952160][T15646]  dump_stack_lvl+0xe8/0x150
[ 1062.952198][T15646]  should_fail_ex+0x414/0x560
[ 1062.952246][T15646]  _copy_from_user+0x2d/0xb0
[ 1062.952280][T15646]  ___sys_sendmsg+0x158/0x2a0
[ 1062.952317][T15646]  ? __pfx____sys_sendmsg+0x10/0x10
[ 1062.952390][T15646]  ? __fget_files+0x2a/0x420
[ 1062.952421][T15646]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1062.952451][T15646]  ? __fget_files+0x3a0/0x420
[ 1062.952496][T15646]  __x64_sys_sendmsg+0x19b/0x260
[ 1062.952532][T15646]  ? __pfx___x64_sys_sendmsg+0x10/0x10
[ 1062.952576][T15646]  ? __pfx_ksys_write+0x10/0x10
[ 1062.952614][T15646]  do_syscall_64+0xec/0xf80
[ 1062.952643][T15646]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1062.952668][T15646]  ? trace_irq_disable+0x37/0x100
[ 1062.952709][T15646]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1062.952733][T15646] RIP: 0033:0x7f849c38f749
[ 1062.952754][T15646] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1062.952777][T15646] RSP: 002b:00007f849d15b038 EFLAGS: 00000246 ORIG_RAX: 000000000000002e
[ 1062.952803][T15646] RAX: ffffffffffffffda RBX: 00007f849c5e5fa0 RCX: 00007f849c38f749
[ 1062.952822][T15646] RDX: 0000000000000000 RSI: 00002000000029c0 RDI: 0000000000000005
[ 1062.952838][T15646] RBP: 00007f849d15b090 R08: 0000000000000000 R09: 0000000000000000
[ 1062.952861][T15646] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1062.952877][T15646] R13: 00007f849c5e6038 R14: 00007f849c5e5fa0 R15: 00007ffdd0a6e448
[ 1062.952917][T15646]  </TASK>
[ 1063.498186][T15651] FAULT_INJECTION: forcing a failure.
[ 1063.498186][T15651] name fail_usercopy, interval 1, probability 0, space 0, times 0
[ 1064.116673][T15650] fuse: Bad value for 'fd'
[ 1064.121804][T15651] CPU: 1 UID: 0 PID: 15651 Comm: syz.3.2408 Not tainted syzkaller #0 PREEMPT(full) 
[ 1064.121835][T15651] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1064.121851][T15651] Call Trace:
[ 1064.121861][T15651]  <TASK>
[ 1064.121871][T15651]  dump_stack_lvl+0xe8/0x150
[ 1064.121902][T15651]  should_fail_ex+0x414/0x560
[ 1064.121937][T15651]  _copy_to_user+0x31/0xb0
[ 1064.121963][T15651]  simple_read_from_buffer+0xe1/0x170
[ 1064.121991][T15651]  proc_fail_nth_read+0x1b3/0x220
[ 1064.122014][T15651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1064.122037][T15651]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1064.122058][T15651]  ? rw_verify_area+0x2a6/0x4d0
[ 1064.122086][T15651]  ? __pfx_proc_fail_nth_read+0x10/0x10
[ 1064.122107][T15651]  vfs_read+0x200/0xa30
[ 1064.122124][T15651]  ? fdget_pos+0x247/0x320
[ 1064.122151][T15651]  ? __pfx___mutex_lock+0x10/0x10
[ 1064.122174][T15651]  ? __pfx_vfs_read+0x10/0x10
[ 1064.122193][T15651]  ? __fget_files+0x2a/0x420
[ 1064.122219][T15651]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1064.122239][T15651]  ? __fget_files+0x3a0/0x420
[ 1064.122262][T15651]  ? __fget_files+0x2a/0x420
[ 1064.122288][T15651]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1064.122313][T15651]  ksys_read+0x145/0x250
[ 1064.122329][T15651]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1064.122352][T15651]  ? __pfx_ksys_read+0x10/0x10
[ 1064.122380][T15651]  do_syscall_64+0xec/0xf80
[ 1064.122400][T15651]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1064.122417][T15651]  ? trace_irq_disable+0x37/0x100
[ 1064.122446][T15651]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1064.122464][T15651] RIP: 0033:0x7f9e1858e15c
[ 1064.122480][T15651] Code: ec 28 48 89 54 24 18 48 89 74 24 10 89 7c 24 08 e8 99 93 02 00 48 8b 54 24 18 48 8b 74 24 10 41 89 c0 8b 7c 24 08 31 c0 0f 05 <48> 3d 00 f0 ff ff 77 34 44 89 c7 48 89 44 24 08 e8 ef 93 02 00 48
[ 1064.122496][T15651] RSP: 002b:00007f9e167f6030 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[ 1064.122515][T15651] RAX: ffffffffffffffda RBX: 00007f9e187e6090 RCX: 00007f9e1858e15c
[ 1064.122529][T15651] RDX: 000000000000000f RSI: 00007f9e167f60a0 RDI: 0000000000000003
[ 1064.122540][T15651] RBP: 00007f9e167f6090 R08: 0000000000000000 R09: 0000000000000000
[ 1064.122552][T15651] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000001
[ 1064.122563][T15651] R13: 00007f9e187e6128 R14: 00007f9e187e6090 R15: 00007ffd469d4108
[ 1064.122598][T15651]  </TASK>
[ 1064.514482][T15655] netlink: 28 bytes leftover after parsing attributes in process `syz.6.2410'.
[ 1064.587129][T15655] unsupported nla_type 24929
[ 1064.854423][T15660] syz.5.2409 (15660) used greatest stack depth: 17688 bytes left
[ 1065.151867][T15665] ip6_vti0 speed is unknown, defaulting to 1000
[ 1065.346608][T15668] loop4: detected capacity change from 0 to 128
[ 1065.365376][T15668] udf: Bad value for 'partition'
[ 1065.417831][T15668] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2415'.
[ 1065.461295][T15668] netlink: 60 bytes leftover after parsing attributes in process `syz.4.2415'.
[ 1066.482661][T15691] loop4: detected capacity change from 0 to 2048
[ 1066.594147][T15691] EXT4-fs (loop4): mounted filesystem 00000000-0000-0000-0000-000000000000 r/w without journal. Quota mode: none.
[ 1066.679553][T15691] ext4 filesystem being mounted at /376/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[ 1066.713910][T15665] lo speed is unknown, defaulting to 1000
[ 1067.513538][T15694] ip6_vti0 speed is unknown, defaulting to 1000
[ 1067.553160][ T5838] EXT4-fs (loop4): unmounting filesystem 00000000-0000-0000-0000-000000000000.
[ 1068.352675][T15709] fuse: Bad value for 'fd'
[ 1069.173939][T15694] lo speed is unknown, defaulting to 1000
[ 1069.915192][T15711] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2424'.
[ 1069.966073][T15712] netlink: 72 bytes leftover after parsing attributes in process `syz.2.2424'.
[ 1071.338174][T15723] Context (ID=0x1) not attached to queue pair (handle=0x2:0xffffffff)
[ 1072.161027][T15733] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2429'.
[ 1072.333785][T15732] ceph: No mds server is up or the cluster is laggy
[ 1072.367144][ T5986] libceph: connect (1)[c::]:6789 error -101
[ 1072.670591][ T5986] libceph: mon0 (1)[c::]:6789 connect error
[ 1073.697423][T15748] loop4: detected capacity change from 0 to 32768
[ 1073.898238][T15748] BTRFS: device fsid 395ef67a-297e-477c-816d-cd80a5b93e5d devid 1 transid 8 /dev/loop4 (7:4) scanned by syz.4.2434 (15748)
[ 1074.094370][T15748] BTRFS info (device loop4): first mount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1074.105766][T15748] BTRFS info (device loop4): using sha256 (sha256-lib) checksum algorithm
[ 1074.490820][T15748] BTRFS info (device loop4): enabling ssd optimizations
[ 1074.499512][T15748] BTRFS info (device loop4): turning on async discard
[ 1074.506311][T15748] BTRFS info (device loop4): enabling free space tree
[ 1074.671911][T15771] loop5: detected capacity change from 0 to 256
[ 1075.776979][T15776] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2434'.
[ 1076.522617][ T5838] BTRFS info (device loop4): last unmount of filesystem 395ef67a-297e-477c-816d-cd80a5b93e5d
[ 1076.533271][T15781] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2437'.
[ 1078.098255][T15808] ip6_vti0 speed is unknown, defaulting to 1000
[ 1078.766301][T15806] fuse: Bad value for 'fd'
[ 1079.722044][T15804] ip6_vti0 speed is unknown, defaulting to 1000
[ 1079.732234][T15808] lo speed is unknown, defaulting to 1000
[ 1082.546625][T15804] lo speed is unknown, defaulting to 1000
[ 1082.555005][T15845] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2456'.
[ 1086.583447][T15912] bond9: option lacp_rate: mode dependency failed, not supported in mode active-backup(1)
[ 1086.644003][T15912] bond9 (unregistering): Released all slaves
[ 1086.774311][T15927] tipc: Enabled bearer <eth:batadv0>, priority 10
[ 1087.267676][T15944] netlink: 24 bytes leftover after parsing attributes in process `syz.5.2492'.
[ 1087.508716][T15956] A link change request failed with some changes committed already. Interface netdevsim0 may have been left with an inconsistent configuration, please check.
[ 1087.887094][T15971] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2498'.
[ 1087.891560][T11991] tipc: Node number set to 2886997007
[ 1088.085663][T15978] syzkaller0: mtu less than device minimum
[ 1088.198075][T15985] x_tables: duplicate underflow at hook 2
[ 1088.204889][T15982] netlink: 'syz.4.2503': attribute type 13 has an invalid length.
[ 1088.259138][T15988] x_tables: ip6_tables: TCPOPTSTRIP target: only valid in mangle table, not raw
[ 1088.712871][T16001] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2513'.
[ 1089.522409][T16017] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2520'.
[ 1089.555234][T16017] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2520'.
[ 1089.844168][T16027] ip6_vti0 speed is unknown, defaulting to 1000
[ 1090.154290][T16037] sctp: [Deprecated]: syz.2.2526 (pid 16037) Use of int in max_burst socket option.
[ 1090.154290][T16037] Use struct sctp_assoc_value instead
[ 1090.424782][T16027] lo speed is unknown, defaulting to 1000
[ 1090.670200][T16062] tipc: Enabled bearer <eth:hsr0>, priority 10
[ 1090.870341][T16067] A link change request failed with some changes committed already. Interface ip6gretap0 may have been left with an inconsistent configuration, please check.
[ 1090.975019][T16069] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2541'.
[ 1091.010433][T16072] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1091.988132][T16098] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1092.249352][T16124] netlink: 212368 bytes leftover after parsing attributes in process `syz.6.2567'.
[ 1092.449123][T16131] netlink: 'syz.4.2570': attribute type 2 has an invalid length.
[ 1092.515109][T16131] : entered promiscuous mode
[ 1092.670133][T16146] netlink: 'syz.6.2577': attribute type 1 has an invalid length.
[ 1092.714048][T16151] netlink: 'syz.4.2570': attribute type 6 has an invalid length.
[ 1092.871506][T16155] bond8: (slave bridge1): making interface the new active one
[ 1092.881249][T16155] bond8: (slave bridge1): Enslaving as an active interface with an up link
[ 1092.935697][T16161] batadv0: entered promiscuous mode
[ 1092.941565][T16161] vlan2: entered promiscuous mode
[ 1092.965971][T16159] netlink: 8 bytes leftover after parsing attributes in process `syz.3.2579'.
[ 1093.864185][T16194] tipc: Started in network mode
[ 1093.883489][T16194] tipc: Node identity fe800000000000000000000000000034, cluster identity 4711
[ 1093.912698][T16194] tipc: Enabling of bearer <udp:syz1> rejected, failed to enable media
[ 1094.204760][T16207] tipc: Resetting bearer <eth:gre0>
[ 1094.386719][T16207] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1094.394059][T16207] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1094.574905][T16207] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1094.790580][T16213] IPVS: Unknown mcast interface: dvmrp1
[ 1094.802696][T13622] syz1: Port: 1 Link DOWN
[ 1094.802815][  T997] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.848376][  T997] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.872259][  T997] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1094.892986][  T997] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1095.025207][T16237] netlink: 'syz.4.2612': attribute type 5 has an invalid length.
[ 1095.499635][T16264] netlink: 4 bytes leftover after parsing attributes in process `syz.3.2619'.
[ 1095.577259][T16266] netlink: 'syz.6.2624': attribute type 2 has an invalid length.
[ 1095.593057][T13622] IPVS: starting estimator thread 0...
[ 1095.680731][T16267] IPVS: using max 24 ests per chain, 57600 per kthread
[ 1095.763137][T16272] netlink: 'syz.1.2626': attribute type 1 has an invalid length.
[ 1095.790054][T16272] netlink: 'syz.1.2626': attribute type 2 has an invalid length.
[ 1096.091761][T16288] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1096.166551][T16297] netlink: 'syz.6.2635': attribute type 2 has an invalid length.
[ 1096.201270][T16298] gretap0: entered promiscuous mode
[ 1096.230857][T16298] vlan2: entered promiscuous mode
[ 1096.287143][T16306] netlink: 'syz.6.2635': attribute type 6 has an invalid length.
[ 1096.732735][T16297] : entered promiscuous mode
[ 1097.265515][T16329] ip6_vti0 speed is unknown, defaulting to 1000
[ 1097.631194][T16343] netlink: 12 bytes leftover after parsing attributes in process `syz.5.2649'.
[ 1097.844632][T16349] netlink: 'syz.1.2652': attribute type 6 has an invalid length.
[ 1098.374909][T16368] netlink: 24 bytes leftover after parsing attributes in process `syz.6.2658'.
[ 1098.436276][T16329] lo speed is unknown, defaulting to 1000
[ 1099.951472][T16402] netlink: 8 bytes leftover after parsing attributes in process `syz.1.2671'.
[ 1100.268657][T16419] netlink: 'syz.4.2679': attribute type 13 has an invalid length.
[ 1100.371273][T16420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2679'.
[ 1100.430694][T16420] netlink: 8 bytes leftover after parsing attributes in process `syz.4.2679'.
[ 1100.523928][T16429] 8021q: adding VLAN 0 to HW filter on device ipvlan2
[ 1100.976241][T16444] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2687'.
[ 1101.218805][T16452] ip6_vti0 speed is unknown, defaulting to 1000
[ 1101.661592][T16474] netlink: 200 bytes leftover after parsing attributes in process `syz.4.2702'.
[ 1102.325320][T16452] lo speed is unknown, defaulting to 1000
[ 1102.896960][T16525] netlink: 28 bytes leftover after parsing attributes in process `syz.2.2723'.
[ 1102.909456][T16525] netlink: 'syz.2.2723': attribute type 7 has an invalid length.
[ 1102.917188][T16525] netlink: 'syz.2.2723': attribute type 8 has an invalid length.
[ 1102.942017][T16525] netlink: 4 bytes leftover after parsing attributes in process `syz.2.2723'.
[ 1103.069685][T16531] syzkaller0: entered promiscuous mode
[ 1103.075191][T16531] syzkaller0: entered allmulticast mode
[ 1103.085008][T16531] TC_ACT_REPEAT abuse ?
[ 1103.194415][T16534] netlink: 20 bytes leftover after parsing attributes in process `syz.3.2728'.
[ 1104.024294][T15062] udevd[15062]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory
[ 1105.006290][T16600] x_tables: ip_tables: icmp match: only valid for protocol 1
[ 1105.585531][ T5951] lo speed is unknown, defaulting to 1000
[ 1105.953326][T16631] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1105.988389][T16631] syzkaller0: entered promiscuous mode
[ 1106.012126][T16631] syzkaller0: entered allmulticast mode
[ 1106.067782][T16631] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1106.242623][T16631] tipc: Resetting bearer <eth:syzkaller0>
[ 1106.295766][T16630] tipc: Resetting bearer <eth:syzkaller0>
[ 1106.578581][T16630] tipc: Disabling bearer <eth:syzkaller0>
[ 1106.637547][T16662] netlink: 48 bytes leftover after parsing attributes in process `syz.3.2776'.
[ 1106.662646][T16665] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2778'.
[ 1106.671731][T16665] netlink: 8 bytes leftover after parsing attributes in process `syz.6.2778'.
[ 1108.614519][T16760] ip6_vti0 speed is unknown, defaulting to 1000
[ 1108.631883][T16756] tipc: Failed to remove unknown binding: 66,0,0/0:1041197335/1041197336
[ 1108.685502][T16756] tipc: Failed to remove unknown binding: 66,0,0/0:1041197335/1041197336
[ 1109.047389][T16760] lo speed is unknown, defaulting to 1000
[ 1109.218627][T16782] IPv6: Can't replace route, no match found
[ 1111.150412][T16865] netlink: 'syz.4.2844': attribute type 1 has an invalid length.
[ 1111.192465][T16865] netlink: 'syz.4.2844': attribute type 1 has an invalid length.
[ 1111.331534][T16865] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2844'.
[ 1111.379910][T16865] netlink: 16 bytes leftover after parsing attributes in process `syz.4.2844'.
[ 1111.425220][T16865] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2844'.
[ 1111.495102][T16865] netlink: 36 bytes leftover after parsing attributes in process `syz.4.2844'.
[ 1111.588810][T16880] dummy0: entered promiscuous mode
[ 1111.653915][T16880] macsec1: entered promiscuous mode
[ 1111.703207][T16880] dummy0: left promiscuous mode
[ 1112.694673][T16928] syzkaller0: entered promiscuous mode
[ 1112.741517][T16928] syzkaller0: entered allmulticast mode
[ 1113.263191][T16957] netlink: 4 bytes leftover after parsing attributes in process `syz.1.2873'.
[ 1114.125173][T17002] netlink: 'syz.2.2890': attribute type 1 has an invalid length.
[ 1114.239760][T17014] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2890'.
[ 1114.266096][T17002] bond9: entered promiscuous mode
[ 1114.272929][T17002] 8021q: adding VLAN 0 to HW filter on device bond9
[ 1114.292971][T17014] netlink: 12 bytes leftover after parsing attributes in process `syz.2.2890'.
[ 1114.334960][T17016] bond9: (slave bridge3): making interface the new active one
[ 1114.352105][T17016] bridge3: entered promiscuous mode
[ 1114.371285][T17016] bond9: (slave bridge3): Enslaving as an active interface with an up link
[ 1114.889953][T17041] netlink: 'syz.3.2899': attribute type 10 has an invalid length.
[ 1114.914995][T17041] netlink: 40 bytes leftover after parsing attributes in process `syz.3.2899'.
[ 1114.926279][T17042] netlink: 'syz.4.2900': attribute type 1 has an invalid length.
[ 1114.947537][T17041] A link change request failed with some changes committed already. Interface geneve0 may have been left with an inconsistent configuration, please check.
[ 1118.061489][T17075] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1118.318221][T17139] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1118.458357][T17154] netlink: 'syz.1.2927': attribute type 13 has an invalid length.
[ 1118.886335][T17170] netlink: 4 bytes leftover after parsing attributes in process `syz.5.2937'.
[ 1119.060718][T17176] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1119.084514][T17176] syzkaller0: entered promiscuous mode
[ 1119.102512][T17176] syzkaller0: entered allmulticast mode
[ 1119.135039][T17176] sch_tbf: burst 127 is lower than device syzkaller0 mtu (1514) !
[ 1119.251450][T17176] tipc: Resetting bearer <eth:syzkaller0>
[ 1119.307590][T17173] tipc: Resetting bearer <eth:syzkaller0>
[ 1119.423817][T17173] tipc: Disabling bearer <eth:syzkaller0>
[ 1120.261971][ T1296] ieee802154 phy0 wpan0: encryption failed: -22
[ 1120.270524][ T1296] ieee802154 phy1 wpan1: encryption failed: -22
[ 1120.863489][T17247] netlink: 'syz.6.2964': attribute type 39 has an invalid length.
[ 1120.951678][T17252] netlink: 12 bytes leftover after parsing attributes in process `syz.6.2964'.
[ 1121.445100][T17269] syzkaller0: entered promiscuous mode
[ 1121.469910][T17269] syzkaller0: entered allmulticast mode
[ 1121.947321][T17295] netlink: 4 bytes leftover after parsing attributes in process `syz.6.2985'.
[ 1121.987148][T17299] netlink: 'syz.1.2984': attribute type 16 has an invalid length.
[ 1122.017198][T17299] netlink: 'syz.1.2984': attribute type 17 has an invalid length.
[ 1122.047792][T17304] IPv6: NLM_F_REPLACE set, but no existing node found!
[ 1122.217732][T17313] netlink: 56 bytes leftover after parsing attributes in process `syz.6.2991'.
[ 1122.304822][T17299] bridge0: port 2(bridge_slave_1) entered disabled state
[ 1122.312630][T17299] bridge0: port 1(bridge_slave_0) entered disabled state
[ 1122.488090][T17299] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[ 1122.634453][T17319] netlink: 'syz.5.2983': attribute type 4 has an invalid length.
[ 1122.781380][ T5951] lo speed is unknown, defaulting to 1000
[ 1122.781506][T17294] ip6_vti0 speed is unknown, defaulting to 1000
[ 1122.789621][ T5951] syz0: Port: 1 Link DOWN
[ 1122.809943][T17318] v: renamed from dummy0 (while UP)
[ 1122.982862][ T7652] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1123.024515][ T7652] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1123.085924][T17331] sctp: [Deprecated]: syz.6.2998 (pid 17331) Use of int in max_burst socket option.
[ 1123.085924][T17331] Use struct sctp_assoc_value instead
[ 1123.116642][ T7652] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1123.171813][ T7652] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[ 1123.287148][T17328] netlink: zone id is out of range
[ 1123.313143][T17328] netlink: zone id is out of range
[ 1123.340343][T17328] netlink: set zone limit has 8 unknown bytes
[ 1123.503526][T17344] netlink: 8 bytes leftover after parsing attributes in process `syz.4.3003'.
[ 1123.696227][T17294] lo speed is unknown, defaulting to 1000
[ 1123.757867][T17355] lo: Caught tx_queue_len zero misconfig
[ 1123.959646][T17372] sctp: [Deprecated]: syz.4.3013 (pid 17372) Use of int in max_burst socket option.
[ 1123.959646][T17372] Use struct sctp_assoc_value instead
[ 1124.084497][T17378] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[ 1124.425079][T17398] netlink: 4 bytes leftover after parsing attributes in process `syz.1.3020'.
[ 1124.743507][T17408] netlink: 68 bytes leftover after parsing attributes in process `syz.6.3026'.
[ 1124.986264][T17415] sctp: [Deprecated]: syz.2.3029 (pid 17415) Use of int in max_burst socket option.
[ 1124.986264][T17415] Use struct sctp_assoc_value instead
[ 1125.178172][T17419] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[ 1125.348120][T17419] syzkaller0: entered promiscuous mode
[ 1125.372313][T17419] syzkaller0: entered allmulticast mode
[ 1125.399965][T17419] tipc: Resetting bearer <eth:syzkaller0>
[ 1125.442890][T17416] tipc: Resetting bearer <eth:syzkaller0>
[ 1125.598070][T17447] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3042'.
[ 1125.922943][T17461] sctp: [Deprecated]: syz.1.3049 (pid 17461) Use of int in max_burst socket option.
[ 1125.922943][T17461] Use struct sctp_assoc_value instead
[ 1126.263190][T17471] netlink: 56 bytes leftover after parsing attributes in process `syz.5.3052'.
[ 1126.486328][T17474] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3052'.
[ 1126.657907][T17476] netlink: 4 bytes leftover after parsing attributes in process `syz.5.3052'.
[ 1127.106397][T17486] netlink: 68 bytes leftover after parsing attributes in process `syz.4.3058'.
[ 1127.495382][T17416] tipc: Disabling bearer <eth:syzkaller0>
[ 1127.528902][T17455] ip6_vti0 speed is unknown, defaulting to 1000
[ 1127.746318][T17495] sctp: [Deprecated]: syz.4.3063 (pid 17495) Use of int in max_burst socket option.
[ 1127.746318][T17495] Use struct sctp_assoc_value instead
[ 1128.013157][T17510] netlink: 'syz.4.3068': attribute type 39 has an invalid length.
[ 1128.118642][T17512] netlink: 68 bytes leftover after parsing attributes in process `syz.5.3071'.
[ 1128.221501][T17455] lo speed is unknown, defaulting to 1000
[ 1128.661235][T17522] syzkaller0: entered promiscuous mode
[ 1128.673903][T17522] syzkaller0: entered allmulticast mode
[ 1129.161654][T17546] netlink: 68 bytes leftover after parsing attributes in process `syz.1.3084'.
[ 1130.482462][T17556] 
[ 1130.484819][T17556] ============================================
[ 1130.490956][T17556] WARNING: possible recursive locking detected
[ 1130.497096][T17556] syzkaller #0 Not tainted
[ 1130.501500][T17556] --------------------------------------------
[ 1130.507641][T17556] syz.4.3089/17556 is trying to acquire lock:
[ 1130.513692][T17556] ffff88807db0cd38 (&dev_instance_lock_key#20){+.+.}-{4:4}, at: __netdev_update_features+0xcbc/0x1e10
[ 1130.524687][T17556] 
[ 1130.524687][T17556] but task is already holding lock:
[ 1130.532029][T17556] ffff88807db0cd38 (&dev_instance_lock_key#20){+.+.}-{4:4}, at: dev_ethtool+0x716/0x19c0
[ 1130.541874][T17556] and the lock comparison function returns 0:
[ 1130.548007][T17556] 
[ 1130.548007][T17556] other info that might help us debug this:
[ 1130.556044][T17556]  Possible unsafe locking scenario:
[ 1130.556044][T17556] 
[ 1130.563470][T17556]        CPU0
[ 1130.566728][T17556]        ----
[ 1130.569986][T17556]   lock(&dev_instance_lock_key#20);
[ 1130.575270][T17556]   lock(&dev_instance_lock_key#20);
[ 1130.580553][T17556] 
[ 1130.580553][T17556]  *** DEADLOCK ***
[ 1130.580553][T17556] 
[ 1130.588682][T17556]  May be due to missing lock nesting notation
[ 1130.588682][T17556] 
[ 1130.596985][T17556] 2 locks held by syz.4.3089/17556:
[ 1130.602164][T17556]  #0: ffffffff8f311e88 (rtnl_mutex){+.+.}-{4:4}, at: dev_ethtool+0x1d0/0x19c0
[ 1130.611138][T17556]  #1: ffff88807db0cd38 (&dev_instance_lock_key#20){+.+.}-{4:4}, at: dev_ethtool+0x716/0x19c0
[ 1130.621426][T17556] 
[ 1130.621426][T17556] stack backtrace:
[ 1130.627298][T17556] CPU: 1 UID: 0 PID: 17556 Comm: syz.4.3089 Not tainted syzkaller #0 PREEMPT(full) 
[ 1130.627324][T17556] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 10/25/2025
[ 1130.627338][T17556] Call Trace:
[ 1130.627348][T17556]  <TASK>
[ 1130.627358][T17556]  dump_stack_lvl+0xe8/0x150
[ 1130.627389][T17556]  print_deadlock_bug+0x279/0x290
[ 1130.627419][T17556]  __lock_acquire+0x2540/0x2cf0
[ 1130.627447][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.627472][T17556]  ? is_bpf_text_address+0x292/0x2b0
[ 1130.627507][T17556]  ? is_bpf_text_address+0x26/0x2b0
[ 1130.627541][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.627566][T17556]  ? kernel_text_address+0xa5/0xe0
[ 1130.627598][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.627627][T17556]  ? __kernel_text_address+0xd/0x40
[ 1130.627661][T17556]  ? __netdev_update_features+0xcbc/0x1e10
[ 1130.627693][T17556]  lock_acquire+0x107/0x340
[ 1130.627713][T17556]  ? __netdev_update_features+0xcbc/0x1e10
[ 1130.627749][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.627778][T17556]  __mutex_lock+0x187/0x1350
[ 1130.627803][T17556]  ? __netdev_update_features+0xcbc/0x1e10
[ 1130.627835][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.627864][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.627889][T17556]  ? kasan_save_track+0x4f/0x80
[ 1130.627911][T17556]  ? kasan_save_free_info+0x46/0x50
[ 1130.627941][T17556]  ? __kasan_slab_free+0x5c/0x80
[ 1130.627963][T17556]  ? kmem_cache_free+0x197/0x620
[ 1130.627984][T17556]  ? __netdev_update_features+0xcbc/0x1e10
[ 1130.628014][T17556]  ? ethnl_default_notify+0x8a9/0xb20
[ 1130.628045][T17556]  ? ethnl_netdev_event+0xe2/0x160
[ 1130.628080][T17556]  ? __pfx___mutex_lock+0x10/0x10
[ 1130.628105][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628130][T17556]  ? bond_fix_features+0x195/0x1e0
[ 1130.628158][T17556]  ? __pfx_bond_fix_features+0x10/0x10
[ 1130.628186][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628214][T17556]  __netdev_update_features+0xcbc/0x1e10
[ 1130.628256][T17556]  ? __pfx___netdev_update_features+0x10/0x10
[ 1130.628285][T17556]  ? cfg80211_netdev_notifier_call+0x1e5/0x1400
[ 1130.628309][T17556]  ? _raw_spin_unlock_irqrestore+0x30/0x80
[ 1130.628330][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628355][T17556]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1130.628378][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628404][T17556]  ? __pfx_cfg80211_netdev_notifier_call+0x10/0x10
[ 1130.628426][T17556]  ? __wake_up_common_lock+0x190/0x1f0
[ 1130.628459][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628484][T17556]  ? consume_skb+0xce/0xf0
[ 1130.628509][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628533][T17556]  ? netlink_broadcast_filtered+0xf55/0x1000
[ 1130.628573][T17556]  netdev_compute_master_upper_features+0x8eb/0xab0
[ 1130.628621][T17556]  ? __pfx_netdev_compute_master_upper_features+0x10/0x10
[ 1130.628660][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628689][T17556]  bond_netdev_event+0x748/0xf80
[ 1130.628721][T17556]  ? __pfx_bond_netdev_event+0x10/0x10
[ 1130.628750][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628775][T17556]  ? inetdev_event+0x454/0x15b0
[ 1130.628804][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628830][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.628855][T17556]  ? igmp_netdev_event+0x7c/0x750
[ 1130.628883][T17556]  ? ipmr_device_event+0x1d0/0x200
[ 1130.628915][T17556]  notifier_call_chain+0x19d/0x3a0
[ 1130.628947][T17556]  netdev_features_change+0x85/0xc0
[ 1130.628970][T17556]  ? __pfx_netdev_features_change+0x10/0x10
[ 1130.628992][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.629017][T17556]  ? lockdep_hardirqs_on+0x7b/0x110
[ 1130.629040][T17556]  ? _raw_spin_unlock_irqrestore+0x4c/0x80
[ 1130.629061][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.629088][T17556]  dev_ethtool+0x1541/0x19c0
[ 1130.629115][T17556]  ? __pfx_dev_ethtool+0x10/0x10
[ 1130.629133][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.629163][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.629193][T17556]  ? dev_load+0x21/0x1f0
[ 1130.629217][T17556]  dev_ioctl+0x392/0x1150
[ 1130.629244][T17556]  sock_do_ioctl+0x22c/0x300
[ 1130.629279][T17556]  ? __pfx_sock_do_ioctl+0x10/0x10
[ 1130.629310][T17556]  ? do_futex+0x333/0x420
[ 1130.629342][T17556]  sock_ioctl+0x576/0x790
[ 1130.629376][T17556]  ? __pfx_sock_ioctl+0x10/0x10
[ 1130.629409][T17556]  ? __fget_files+0x2a/0x420
[ 1130.629437][T17556]  ? __fget_files+0x3a0/0x420
[ 1130.629463][T17556]  ? __fget_files+0x2a/0x420
[ 1130.629493][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.629517][T17556]  ? srso_alias_return_thunk+0x5/0xfbef5
[ 1130.629543][T17556]  ? __pfx_sock_ioctl+0x10/0x10
[ 1130.629574][T17556]  __se_sys_ioctl+0xfc/0x170
[ 1130.629611][T17556]  do_syscall_64+0xec/0xf80
[ 1130.629643][T17556]  ? entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1130.629664][T17556]  ? trace_irq_disable+0x37/0x100
[ 1130.629697][T17556]  entry_SYSCALL_64_after_hwframe+0x77/0x7f
[ 1130.629719][T17556] RIP: 0033:0x7faa5918f749
[ 1130.629739][T17556] Code: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48
[ 1130.629758][T17556] RSP: 002b:00007faa5a047038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[ 1130.629780][T17556] RAX: ffffffffffffffda RBX: 00007faa593e5fa0 RCX: 00007faa5918f749
[ 1130.629797][T17556] RDX: 0000200000000080 RSI: 0000000000008946 RDI: 0000000000000004
[ 1130.629812][T17556] RBP: 00007faa59213f91 R08: 0000000000000000 R09: 0000000000000000
[ 1130.629826][T17556] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[ 1130.629839][T17556] R13: 00007faa593e6038 R14: 00007faa593e5fa0 R15: 00007ffcb6a7efe8
[ 1130.629866][T17556]  </TASK>
[ 1131.193185][T17567] netlink: 'syz.4.3089': attribute type 10 has an invalid length.
[ 1131.203584][T17567] netlink: 40 bytes leftover after parsing attributes in process `syz.4.3089'.