last executing test programs:

4m32.604210587s ago: executing program 4 (id=785):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
socket(0x400000000010, 0x3, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000280)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
bpf$PROG_LOAD(0x5, &(0x7f00000054c0)={0x3, 0x16, &(0x7f0000001000)=ANY=[@ANYBLOB="61154c00000000006113500000000000bfa00000000000001503000008004e002d3501000000000095004100000000006916360000000000bf67000000000000350605000fff07206706000005000000160302000ee60060bf500000000000000f650000000000006507f9ff0100000007070000cddfffff1e75000000000000bf54000000000000070400000400f9ffbd4301000000000095000000000000001500000000000000950000000000000032ed3c12dc8c27df8ecf264e0f84f9f17d3c30e32f1754558f2278af6d71d79a5e12814cb1d8a5d4601d295c45a6a0b9bdb7dd3997f9c9c4f6f3be4b369289aa6812b8e007e733a9a4f1b0af3dda82ee45a010fb94fe9de57b9d8a814261bdb94a05000000c6c60bf70d742a81762bab8395fa64810b5b40d893ea8fe01c5473d51b546cad3f1d5ab2af27546e7c955ccefa1f6ab689b555202da2e0ec2871b4a7e65836429a527dc47ebe84a423b6c8d345dc8da3085b0ab71ca1b901627b562ed04ae76002d4519af619e3cca4d69e88158f0200000000c8fb730a5c1bf2b2bb71a629361997a75fd552bdc2300000008ac86d8a297dff0445a15f21dce4de9f29eff65aadc841848c9b562a31e56723888fb126a163f16f920ae2fb494059bba8e3b680324a188076ebae3f55c4e9b2ad9bc1172ba7cbebe174aba210d739a018f9bbec63222d20cecac4d03723f1c932c9a6aa57f1ad2e99e0e67ab93716d20000009fbb0f53acbb40b4f8e2738270b31562ed834f2af97787f696649a462e7ee4bcf8b07a10d6735154beb4000000000000000000000000004000bc00f679629709e7e78f4ddc211bc3ebe6bd9d42ca0140a7afaab43176e65ec1118d50d1e827f3472f4445d253880800000000000000690884f800031e03a651bb96589a7e2e509bcc1d161347623cb5e7ac4629c8ab04871bc47287cd31cc43010000207b40407d000000210000000000000000005f37d83f84e98a523d80bd970d703f37ca364a601ae899a56715a0a62a34c6c94cce6994521629ab028acfc1d926a0f6a5489af8dc2f17923f3c40dfd1970a55c22fe3a5ac000000f4000000000000000000000000c1eb2d91fb79ea00000000000000bb0d00000000000000000000e4007be511fe32fbc90e2364a55e9bb66ac64423d2d00fea2594e190deae46e26c596f84eba9000000000000003cc3aa39ee4b1386bab561cda886fa642994cacd473b543ccb5f0d7b63924f17c67b13631d22a11dc3c6939628950000000000000001c7205a6b068fff496d2da7d632bd1f61b007e1ff5f1be1969a1ba791ad46d800000000c7f26a0337302f3b41eae59809fd05d12f6186f117b062df67d3a63f3265dd1410eea68208a3f26b2989b832d8b34a34a4f08b34b30410856e858d27adee7daf32903d3fc78700d429a2d4c8b6d803eb83eecfe4c7ff9e6ab5a52e83d089dad7a8710e0254f1b11cced7bc3c8da0c44d2ebf9f6f3ff3be4d1458077c2253b0c7c7a0a9fdd63bf910dc20e5cb2a88e59febc47f1212a21f631dbaa74f22bad050e9856b48ae3a03a497c37758537650fe6db88aa3c41fdc3d78e046f6160e1741299e8dc29906870e6431ed1eab5d067a183f064b060a8ec12725d42e3a74863d66bee966b1574f8e01b3f34a267ff0afa1e1c758a0079b747067312e9815a21cb3f1f8150d999d788535a4d3114dbc7e2bf2402a75fd7a55733360040855ed5d1c0d634fb9fb38f84d9d87b27f8a5d91217b728f13e3ee20e69e0ffb2780b1a7af137ff7b4ff010404faf0a4da65396174b4563d54b52f06c870edf0c5d744b5272b44c23488b2bdbff947c4dfa108cbb88202ee1192b81f428a5b3c299848649e1a6bff52f657a67463d7dbf85ae9321fc2b517dc4a29b9b5a8ded5de8206c812439ab129ae818837ee1562078fc524b3baf49a0be9bb7d958d5e87c6c09bf71a894bad62934782cc308e936d7637e07c4a2a3bc87b0da23c00d9ef418cf19e7a8c4c328be0ce95798adc2dca871073f6bd61dc18487b6feb89752cd600000000abc86b94f8cbde4d470667bee722a6a2af483ad0d3415ed0f9db059acaba9eaea93f811d434e00000000000000000000d154ba10a8e51489a614e69722bac30000000000000000000000000000c5dfd188ff555285b9743d3aac000583f42d168613151d681a2f71373f20d92c9048407c91fabecfe8b3f2d5454d127edab14ba61ba1cfc4336324c86f3dcb43e9a58208077e90f6ec1c7ac756f61dcc372cdd30b82507489f0bbfbd3c3f21752e81319c0161e154ceb16e00bc7f5a6962dff317f4d014786e432817064874d69a39cb0da31bcc5f81894d8a80756447322207b4007dff12eb95066cc6bc256f0a12282224d718b06ca80b57aa183dd0c3eee45891441f2b89b4c67aa9882281393954972046974f18df232cd7fca610e33f51c2d062020f403d85ff36c26e2f6bd1d82f4d3ceb3472d9a77e0057a3bfe697d9ab7585f4a1b381343d2cf855689232f4fc5135790662dc1419a374be9d7b3e5be2886d23add90d862f1a682ff11c798e338af3e5bb0f9d3952b15bf3e0c618c89d20ca1e18a031397693bf3cfbd8417e5b55e641c898c280356f2da222d5d68919d98158578dcf18efa404e508bcbbb8cfcf70086821ebdf34c9a1dff45af873df904c2bdbef81f246d26f4b40df949e12bdac18533d4e11c608cc31d60cb591c40a7b386fa1c753336d7220a35118d4919b45eff32aab684e62c6691de14e97aa7e9dc8ecf0cd50540246d2b746e41e5b4e2c095039dfe0f71db6265f7580d098be40ef36faee5d1695830d4242a23e541e6ce9fa1998d8961cf4fe3c8e8fbb566f148c8befc229614a4b7f80d237b8abc6fd0407de31d6e5532f360d379f20f054692b47207922fe6c14eba96c9a7ae906abc1ae1ae8c4fae92883cfa1978a04bbff4bbe0000000000000000000000000044585397feaadda3fcc64e7b0c08f7ac5c64cb190f1712a3b10fc34eb758705f1751d8c8b712eb39d2b8ad44f129c2c9aedb15"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0xffffffffffffffd2}, 0x48)

4m29.94249463s ago: executing program 4 (id=789):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x80000100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x0, 0x0)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x4)
madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17)

4m28.959583219s ago: executing program 4 (id=793):
bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340), 0x48)
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000340)={0x18, 0x3, &(0x7f0000000d00)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='syzkaller\x00'}, 0x90)
socket$nl_generic(0x10, 0x3, 0x10)
mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup/syz1\x00', 0x1ff)
socket$nl_route(0x10, 0x3, 0x0)
socket$nl_route(0x10, 0x3, 0x0)
openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0)
r0 = socket$netlink(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0))
r1 = socket$packet(0x11, 0x2, 0x300)
getsockname$packet(r1, &(0x7f00000000c0)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @random}, &(0x7f0000000140))
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newlink={0xec, 0x10, 0x801, 0x0, 0x0, {0x0, 0x0, 0x0, r2}, [@IFLA_AF_SPEC={0xcc, 0x1a, 0x0, 0x1, [@AF_INET6={0x18, 0x2, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @local}]}, @AF_INET={0x30, 0x2, 0x0, 0x1, {0x4, 0x1, 0x0, 0x1, [{0x3}, {0x8}, {0x4}, {0x8}, {0x8}]}}, @AF_INET={0x18, 0x2, 0x0, 0x1, {0x14, 0x1, 0x0, 0x1, [{0x11}, {0x8}]}}, @AF_INET6={0x18, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x14, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}]}, @AF_INET={0x28, 0x2, 0x0, 0x1, {0x24, 0x1, 0x0, 0x1, [{0x8}, {0x8}, {0x8}, {0x8}]}}, @AF_MPLS={0x4}, @AF_INET6={0x0, 0xa, 0x0, 0x1, [@IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_TOKEN={0x0, 0x7, @dev}, @IFLA_INET6_TOKEN={0x0, 0x7, @mcast2}, @IFLA_INET6_TOKEN={0x0, 0x7, @rand_addr=' \x01\x00'}, @IFLA_INET6_TOKEN={0x0, 0x7, @private1}, @IFLA_INET6_ADDR_GEN_MODE, @IFLA_INET6_ADDR_GEN_MODE]}, @AF_MPLS={0x4}]}]}, 0xec}}, 0x0)

4m27.13922241s ago: executing program 4 (id=800):
syz_mount_image$ext4(&(0x7f0000000000)='ext4\x00', &(0x7f0000000bc0)='./file0\x00', 0x1a00444, &(0x7f0000000080)={[{@grpquota}, {@noblock_validity}]}, 0x1, 0xbbb, &(0x7f0000001800)="$eJzs3M9rHOUbAPBnJpvf+TbpF1FbBANSFcVt2pQKPbWeRQU9eGxMNiVk+8Mkggk9pPWuHkQ8FKR/guDdXjwJHupB619QxCJFL20PK7M/0jWb3cR0s2PTzwfezPvOO9nneTLZzDuwkwCeWJPZlzTiUEScTSLG6/vTiBio9oYi1mvH3b97eTZrSVQq7/6RRBIR9+5enm28VlLfjtYHQxFx840k/v9Ja9zl1bXFmXK5tFQfH105f+no8uraawvnZ86VzpUunJh+/cT0yenpLtZ6+9IHXz3301svXr3+6dTbXx74IYnTMVafa66jWyZjcuNn0qwQETPdDpaTvno9zXUmhRwTAgCgo7RpDfd0jEdfPFy8jcf3P+eaHAAAANAVlb6ICgAAALDPJe7/AQAAYJ9rfA7g3t3Ls42W7ycSeuvOmYiYqNXfeL65NlOI9ep2KPojYuTPJJofa01q3/bIJrNI3/5Yylps9xzycBcCbrJ+JSKe3er8J9X6J6pPcbfWn0bEVBfiT24a9/r371HqP92F+HnXD8CT6caZ2oWs9fqX1tY/g7XR5utfYYtr127kff1rrP/ut6z/0o31X1+b9d87O4xx+MErN9vNNa//3v/s17ksfrZ9pKL+hTtXIg4Xtqo/2ag/aVP/2R3GGJ29fa3dXFZ/Vm+j9br+yvWII9XVXGv9DUmn/090dH6hXJqqfd3i9VdPdo7ffP6zlsVv3Av0Qnb+R2J35//SDmNMPPP7oXZz29ef/jaQvFftDdT3fDyzsrJ0LGIgebN1//HOuTSOabxGVv/LL3R+/29Vf/Y3Yb3+c8h+e67Ut9n46qaYo0eOf7P7+vdWVv/cLs//5zuM8fV31z7ctGvjzZV3/QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8HtKIGIskLW7007RYjBiNiKdiJC1fXF55df7iRxfmsrmIiehP5xfKpamIGK+Nk2x8rNp/OD6+aTwdEQcj4ovx4eq4OHuxPJd38QAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGwYjYixSNJiRKQR8dd4mhaLeWcFAAAAdN1E3gkAAAAAe879PwAAAOx/Lff/hX+MhnqZCwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAPvSwedv3EoiYv3UcLVlBupz/blmBuy1dGeHjex1HkDv9eWdAJCbQlO/UqlUckwF6DH3+ECyzfxQ25nBrucCAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwH/XS4du3EoiYv3UcLVlBupz/blmBuy1NO8EgNz0dZpMtt0BPMYKeScA5MY9PlBb2T+o1LTOD7X9zsGH3fXdRQUAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADg8TFWbUlajIi02k/TYjHifxExEf3J/ELEVEQciIhfxvsH5xfKpWN5Jw0AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEDXLa+uLc6Uy6UlHR2dLnaGo2exhutv5jbHDLaf6tDJ+Q8TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAC5WF5dW5wpl0tLy3lnAgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAORteXVtcaZcLi3tYSfvGgEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAyM/fAQAA///+hAlq")
r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000100)='freezer.parent_freezing\x00', 0x275a, 0x0)
write$binfmt_script(r0, &(0x7f0000000000), 0x208e24b)
sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0)
mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f00000002c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x3000046, &(0x7f00000000c0), 0x1, 0x55c, &(0x7f00000003c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9uzKVr648JPsxH0eFA32do78pouowmHWsduD24F19kCCIOxHd993H4D/hXDHQwZBR98CVy05suW5M2a7OlWz4fuOWce2967jf3fk/OzUlIAANrLPtTiHg1Ir5NIg5GRJJvG45849jqfisPrk1nSxL1+md/J439snrzfzUftz+vvBIRv38dcaKwvt3q0vJcqVxOF/L6eG3+8nh1afnkxfnSbDqbXpqcmjr9ztTk+++927NYj5/794dP73x0+pujK9//eu/QrSTOxIF8W2sc23C9tTIWY/lzMhJnHttxogeN7SRJvw+ALRnK83wksj7gYAzlWQ+8+L6KiDowoBL5DwOqOQ5o3tv36D74uXH/w9UboPXxD6++NxJ7GvdG+1aSR+6Msvvd0R60n7Xx21+3b2VL9O59CIBNXb8REaeGh9f3f0ne/23dqS72ebwN/R88O3ey8c9b7cY/hbXxT7QZ/+xvk7tb0Sn/j7/cXFO414NmOsrGfx+0Hf+uTVqNDuW1lxpjvpHkwsVymvVt2SEei5HdWX2j+ZzTK3frnba1jv+yJWu/ORbMj+Pe8O5HHzNTqpW2E3Or+zciXms7/k3Wzn/S5vxnz8e5Lts4kt5+o9O2zeN/uuo/R7zZ9vw/nNFKNp6fHG9cD+PNq2K9f24e+aNT+/2OPzv/+zaOfzRpna+tPnkbP+35L+207ZH4o/vrf1fyeaO8K193tVSrLUxE7Eo+Wb9+8uFjm/Xm/ln8x45u3P+1u/73RsQXXcZ/8/Avr3cVf5/O/8wTnf8nL9z9+MsfO7XfXf/3dqN0LF/TTf/X7QFu57kDAAAAAACAnaYQEQciKRTXyoVCsbj6+Y7Dsa9QrlRrJy5UFi/NROO7sqMxUmjOdB9s+TzERP552GZ98rH6VEQciojvhvY26sXpSnmm38EDAAAAAAAAAAAAAAAAAADADrG/w/f/M38O9fvogKfOT37D4No0/3vxS0/AjuT1HwaX/IfB1TH/vQEILzyv/zC45D8MLvkPg0v+w+CS/wAAAAAAAAAAAAAAAAAAAAAAAAAAANBT586ezZb6yoNr01l95srS4lzlysmZtDpXnF+cLk5XFi4XZyuV2XJanK7Mb/b/ypXK5YnJWLw6XkurtfHq0vL5+cripdr5i/Ol2fR8OvJMogIAAAAAAAAAAAAAAAAAAIDnS3Vpea5ULqcLCgpbKgzvjMNQ6HGh3z0TAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADz0fwAAAP//s6436w==")
r1 = creat(&(0x7f0000000040)='./bus\x00', 0x0)
mount(&(0x7f0000000380)=@loop={'/dev/loop', 0x0}, &(0x7f0000000100)='./bus\x00', 0x0, 0x63d014, 0x0)
r2 = open(&(0x7f0000000080)='./bus\x00', 0x185102, 0x0)
mmap(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x2, 0x28011, r2, 0x0)
connect$inet(0xffffffffffffffff, &(0x7f0000000400)={0x2, 0x4e20, @remote}, 0x10)
ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r1, 0xc0185879, &(0x7f0000000080)={@desc={0x1, 0x0, @desc3}})

4m24.241464845s ago: executing program 4 (id=812):
finit_module(0xffffffffffffffff, 0x0, 0x1)
r0 = fsopen(&(0x7f0000000040)='cgroup2\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0)
r1 = fsmount(r0, 0x0, 0x82)
fchdir(r1)
mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0)
unlinkat(r1, &(0x7f0000000140)='./file0\x00', 0x200)
r2 = fsopen(&(0x7f0000000000)='cgroup2\x00', 0x0)
fsconfig$FSCONFIG_SET_BINARY(r2, 0x6, 0x0, 0x0, 0x0)
r3 = fsmount(r2, 0x0, 0x0)
r4 = openat$cgroup_subtree(r3, &(0x7f0000000040), 0x2, 0x0)
write$cgroup_subtree(r4, &(0x7f0000000080)={[{0x2d, 'pids'}]}, 0x6)

4m19.019218704s ago: executing program 4 (id=835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="12000000070000000400000002"], 0x48)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r0, &(0x7f0000000480), &(0x7f0000000580)=@tcp=r2}, 0x99)
write(r2, &(0x7f0000000080)="48645ec2c41aa65125022fe83410b21bd41117e521f997d69742c63a69e3434338a74a5d11158cf046f81d507c93db8557f99b91abeda8166c39e552a9b8455b754e", 0x42)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r0, &(0x7f0000000600), &(0x7f0000000340)=@udp=r1, 0x2}, 0x20)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/97, 0x61}], 0x1})
r6 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000400)={0xf0f021})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

4m18.757933597s ago: executing program 32 (id=835):
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="12000000070000000400000002"], 0x48)
socketpair(0x1, 0x2, 0x0, &(0x7f0000000040)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f00000005c0)={r0, &(0x7f0000000480), &(0x7f0000000580)=@tcp=r2}, 0x99)
write(r2, &(0x7f0000000080)="48645ec2c41aa65125022fe83410b21bd41117e521f997d69742c63a69e3434338a74a5d11158cf046f81d507c93db8557f99b91abeda8166c39e552a9b8455b754e", 0x42)
bpf$MAP_UPDATE_ELEM(0x2, &(0x7f0000000240)={r0, &(0x7f0000000600), &(0x7f0000000340)=@udp=r1, 0x2}, 0x20)
openat$vhost_vsock(0xffffffffffffff9c, 0x0, 0x2, 0x0)
r3 = syz_io_uring_setup(0xbdc, &(0x7f0000000640)={0x0, 0xec25, 0x400, 0x1, 0x40000333}, &(0x7f00000006c0)=<r4=>0x0, &(0x7f00000001c0)=<r5=>0x0)
syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_submit(r4, r5, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, &(0x7f0000000400)=[{&(0x7f0000000000)=""/97, 0x61}], 0x1})
r6 = syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2)
ioctl$vim2m_VIDIOC_S_CTRL(r6, 0xc008561c, &(0x7f0000000400)={0xf0f021})
io_uring_enter(r3, 0x847ba, 0x0, 0xe, 0x0, 0x0)

11.775862983s ago: executing program 0 (id=1697):
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r1, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000500)=ANY=[@ANYBLOB="380000001800010000000000000000000a000000000000000000000008000400", @ANYRES32=r1, @ANYBLOB="06001500070000000c00168008000100", @ANYRES64=r0], 0x38}}, 0x10)
getsockopt$IP_VS_SO_GET_TIMEOUT(r1, 0x0, 0x486, &(0x7f0000000240), 0x0)
r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000002c0), r2)
sendmsg$IEEE802154_LLSEC_LIST_DEV(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000300)={0x14, r3, 0x701, 0x4}, 0x14}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x4, 0x5, &(0x7f0000000040)=ANY=[@ANYBLOB="18020000000000000000000000000000850000002200000085000000050000009500000000000000c3492895246348bf79855db116f785cc6b65"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x46)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000100)={r4, 0x0, 0xe, 0x0, &(0x7f0000000900)="e02742e8680d85ff9782762f4305", 0x0, 0x6f12, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50)
socket$inet_tcp(0x2, 0x1, 0x0)
r5 = epoll_create(0x100)
r6 = socket$inet6_sctp(0xa, 0x5, 0x84)
unshare(0x600)
epoll_ctl$EPOLL_CTL_MOD(r5, 0x3, r6, &(0x7f0000000380)={0x90000004})

8.161364513s ago: executing program 1 (id=1709):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r1)
socket$inet_udp(0x2, 0x2, 0x0)
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = socket$unix(0x1, 0x1, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r4=>0x0})
sendmsg$nl_route_sched(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000440)=@newqdisc={0x58, 0x24, 0x4ee4e6a52ff56541, 0x70bd2d, 0xffffffff, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2, 0x2}}, [@qdisc_kind_options=@q_sfb={{0x8}, {0x2c, 0x2, @TCA_SFB_PARMS={0x28, 0x1, {0x2a, 0x8001, 0x2, 0x6, 0x6, 0x5, 0x3, 0x200, 0xfffffffb}}}}]}, 0x58}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b923, 0x80000, {0x0, 0x0, 0x0, r4, {0x0, 0x9}, {0x10, 0xb}, {0xfff1, 0xb}}, [@qdisc_kind_options=@q_cake={{0x9}, {0x4}}]}, 0x34}, 0x1, 0x0, 0x0, 0x2000c061}, 0x0)
r5 = socket$nl_generic(0x10, 0x3, 0x10)
r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000080), r5)
sendmsg$TIPC_CMD_ENABLE_BEARER(r5, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000680)=ANY=[@ANYBLOB='8\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="010000000d0000000000010000000000000001410000001c001700000000000000006574683a73797a6b616c6c657230"], 0x38}}, 0x0)

8.031301379s ago: executing program 0 (id=1711):
r0 = socket$netlink(0x10, 0x3, 0xf)
setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0x5, &(0x7f0000000040)=0xdb98, 0x4)
ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000040)={0xaa, 0x4})
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
r1 = epoll_create1(0x80000)
epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, 0xffffffffffffffff, &(0x7f0000000100)={0x2002})
socket$packet(0x11, 0x3, 0x300)
connect$unix(0xffffffffffffffff, 0x0, 0x0)
sendmmsg$unix(0xffffffffffffffff, 0x0, 0x0, 0x0)
bind$inet(0xffffffffffffffff, 0x0, 0x0)
socket$packet(0x11, 0x3, 0x300)
sendto$inet(0xffffffffffffffff, 0x0, 0x0, 0x44810, 0x0, 0x0)
r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000006c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000fef7ff7a0af0fff80000ff79a4f0ff00000000b7060000efffffff2d6405000000000065040400010000000404000001007d60b7030000000000006a0a00fe00ba23008500000098000000b70000000000000095000000000000006f88300eaa171100756695acf0af839ec5300a584fe44c80de0b061417e9ade22cecede5d5be6ab3d7828ee094518a5800000082c81ddfe3960a29ea15fa7e26f0f3e51416b698f6da6fe8af496d22585ffab3af24974fae00d824313ffef788c6983945dd3663f79f67e78a48b24a4bcdc33b38c5f86e96111199f0f0af9f42099a0f54041889b971cf394bd43473a5ac2acab9768cbc52ff7f000000000000711727c4a32a6b7ecdae05d2b3fed4572eb0d88976d2adda68000010000000c47b18cf93996a43e2e080f57fadf535d8b3078ebe16b10160fad64474a7b558f7a56f41022feec18e013abd8fda2b96779e534d0675fbcc13ba9f9eb96319fd5b49521d5cb2ced401d7b6fce658f203a9c2da91116d986730da1be85b0000829512099df32814820fbf7be91cd13b77f4e4e599f8bbca388247856073472312a9ff4273b9cd08000000000000616e888cda842c661577818c2069cb41a73b4b7fc28882cad315db3fffc5183deca7a32838ec0ad70d4f55382c1879b71ec504d2f3e3883428ee350123a5cad346f6d517f6fcea5b6bc4fcffffffffffff03f419a6e45fd98e77da4a8202ebbdafe6b2e38c9d7e506f5da2958cf7f0d9b31ca3275e64e29d39d158cebe43308cf8760588001172e19685e9a334aec76530861b772a1da96f0a227514bd0bc26df2b50a45e4eceae1ddfe88d58879d12afdb295ce2edecb253e0471714fa124211203000000000000001f502b6c760655ffb20ae13a1a94f7ae229fbf5da7cae4f994ee82fc98c864c3e352ad16f98208cf1469dd6c1212582a3687f7dbdf708929643f3f0f4e947c40742452685ec044fc71eaca9abc92145677e14054331801b1412b39049ed782742f9a1b6aca9123b243c1a68c047f2db79701b62c8cc0d2f608c7f62d107ebc68df9f8d296721c9d465dad604bc0dc500000000000000000000000000000000000000000568a4997dd54fa83aacd2d209f66de2e26dc2fd862a0b8ee149c148197176745fc8ff1dd5bd6611daa882298a37b041b34668d4662ea8fbe2e787dfc4c8bef2124f0439b2d18ec83361da5cc732f365b0a528db31b90bc1405b6d5301c34319ccae29b1d6034b665c79baeeeac5e71d24e2e3b6ffc5bc2dcb600e645c0048b45e286a49e888d21abfc817085d9c00e08525207e33505226fdda16e6da6dd31f7a1736029b87e8d6a05bcb356298d7dccd7de2af0885bd4939ff96ab74da3871b077e4058c8752ba4994eafed8b239d781638fa339fa0f7dd135af3f80e40f4b885770cf27d205a45d4702f97b8b7c57b180c50b2b370dfb35dc895e8f05d6e71829f36150b2cde31469c4aea0c64850eb3f3e0dc35f8cdd76bdde2018366c3201307c370433762676f72e68c962430a0000000000000000000000000000e737dc2e1a3fdebbb510c663d24f72b954965201f775b3739c14dd4832647c028be09f2809fd396fa26532a30a37737e95f0f41dd024b7bf8a6bf807c9fd9b8c7a39717729339dc3054117cb95693bdd61edcc2860b66545e194a961bdc5457d76ae1a87050e12ead896f3337d5a000000000000000000400000602bfd2f1ace65f2e74dc99cb73a37f40362b7904e8a0ea8d2d9805c924f9985d22972031a1223afa1288af3f48c93fcdb11963d0b748287448f722dc180e87637b662b11effabf45beda2e3a7e1adf8f94b619fa152b33440f2358a745848caf7000eb305c936d26964a2a85e133d01368b8d228d02f96064de261cf02c9632a0eb4ab259e8f4dd63d8b6d2d6b2a0c29fbab7d04d73a381c296af344655b64e12f216fbc646cc6bd60ca773d187f2fd317f6cb2309d1a13526a44b7d9b2bf93947dc3ac3340a7a114051d33d152310574f0d784910dc1a8f5bbf3610c544437626236458f285196161496389b02ba46a72da0149b4ddfdd4ef7862a07395752a37cb0244e94e1310e0c0a148a9a48b149bf2f345f3f89813c9eb05160f63f0b363deee5cb77ea6e951857e1942e5c56d72d724af7aa24a8aadb512f3302972c53b0eb7a693e0b0c775b21aed72995cfe9e9347a07d43ce3db9f22d461e86416ffff6f2e4e36306630052a2b03ee36ec52af0d684fabd5f38adffaa6c5a7a8100d1aefaf8576b363690b76e2eb96b07ab790cf63cfc334b7469b5b5b397c622f7c3ee064f9272443bcb928b6f7a2450cd33550a42843b0b5ac9e37134c81bd56b72e1030b05a5b3ac47b5af22a9dff0700004adacc71db2b15b4ffd98e30224763382ade45d164be76b2e9a674448f3ee2cd29707484df87ea6e8e6333b5fcb1b8b43a7c005ea800000000000000000000010000000000387592adc78ccfe479549e6f4efc14c4a5cfe845e6157d6fe70b278147edf0e25065ec6b17f8022493d105c9c31121e7957aeec5f7f2af0446d128778c8bf15b87a0eec6f4c75966b5f0e06744bda63134223416102aea1254d57c390e1f84ec7d5c3a758ce59c9e2c4ce1f28b6783661e272bf1cb5c8ac177aa9c6ccbead9a96b22394afb840247e5d69473b836f070dc0bf9302e33b03d4e07395c82e33667726b51ff24b0bbea730702835159e3517ffb3da0d01833589fec3bdab629b21e5d9e87c3c58d962ff5e75c81f583c64b7d5a643674801e18b06ca98b49d9e28d004c7ebccf076c64ef71421f672b0948b18ab5af448ca9446e71ba6dd4bd15a12553066de7cb767a121d56d9d26ce27fdbe6721191f2ed1cc3f9c5e3d5cba447c4793165b3cbf51c7d0cf9edf823641e1bc7db7803b60dc8b21e49a33a73ac00337067dfd3ecaf4e6dceee1048f300000000000000000000000000000000000000000000007958a50896df65337581398793d0a9abe75251908c07d2957ca70ad7ac31aae536294d6a944cd35f46cb554d8aecae5a72cb24596d896ff9ad83473567b6cb9d032c395a1459399cea31ebafc1e77649b55af527ca0f1ac972ee72a78391473c1b9e0000000000000000004076eac7e605f8de6f0ce5702af52c5d78bac0097d92f078a3a98229ebf281c3c876d2614109b69967871fea621fb2a29a77a1516b51d9b1c3c5ef1436f50fad4a1cd92a211fec61d37c8b410a20fbdeb642228d6cfeb8cda8eea3a7f343fcaa0459b9d916abb668d4799534307084ee7d854dd0850000000000000000000000002f40c3e24f9c0a56edf543425058c35febda26a43bdab770212186b84421d8b841cf9181d47c08cb392e414c1efba9978a97769e65ae443644dbdb32a50cdc717a34d1aa9ced37820a6d1cd0920a9a07e36a85e967bfa7f2caf1c9b52c06f4d178fbb91a169e9533e401819e57cab814761819b0fc517239a6777dbb92a7462538dbd8a4b82f87df7982b44b160a598c75bafa5a9b388a44303dbebc83ac2ad2da3ae80c851bc2fdb8d444597fdac4538aa33bb9204ffe534b15a1878be30157d0815d38fc2effeb7b87d6bd15e21c7b7c7d1ad7b3fd69b4bd06716a203e82f4c0413719eae0967fc70f03570375c2d0986b0200897e505afb87b878f3e13187001bba6a401bd56f3f8eb5384e33"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x304, 0x10, &(0x7f0000000000), 0xfffffea2}, 0x48)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000640)={r2, 0x0, 0xe, 0x0, &(0x7f0000000040)="63eced8e46dc3f0adf33c9f7b986", 0x0, 0xcfac, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48)

7.955144773s ago: executing program 1 (id=1712):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000200)='.\x00', 0x0, &(0x7f0000002c40)=ANY=[@ANYRESDEC, @ANYRES16, @ANYRES8], 0x1, 0x380, &(0x7f0000002e40)="$eJzs3c+LG2UYwPEnu7PZZEs3OYiiIPugF70Mu6tnJUgL4oJlbcRWEKbdWQ0Zk2UmRCLiriev4s1/QLD0WPBQUG9e3Iu3evHiyb0IghYRR+bHm03SyY9NU5K23w+0eZL3fTLvm0zC84bNm5N3vviwvh/Y+05LlgoqORGRuyJlWRIjl1zkJcORvHjuzzvP5q9cfaOys3NhV/Vi5fJL26q6vvHdR58UraTb7VU5Lr93IoXfjp88fvrkv8sf1AKtBdpottTRa81fW841z9W9WlC3VS95rhO4WmsErp+0N5P2fa95cNBRp7F3fu3Ad4NAnUZH625HW01t+R113ndqDbVtW8+vZQ33EVaYIqd6Y3fXqUx5wOtT5mHW/gnDcESz71ecZRG7eE9L9cYDHRcAAFhIA/X/V6ZGKMtSt6DMpWuBfBz3LwOi+t/E3ZbT+v/mcz+0zr19az2t/2/n0/p/WWpSNvX/y78kaX31f3T0mdf/3wxcv7cieugdnqXzfdX/WAwb/a/I309X7Kmo/o9eDd0V/Wfv3tyMA+p/AAAAAAAAAAAAAAAAAAAAAAAeBnfDsBSGYclcmn+nXyFIr5tr6ReNV+czXMzYkOe/+92v7vmAR9JbV65KId64w1oX8T5vV9vV5DJtNx03pST/xudDKtlw4ihu1EhZvvcO29WVNGE5/r8iouKJK1tSknJffhxffH3nwpYmkvz4+Iftas5ai/L3pRbnb0tJnsjO387Mz8sLz/fk21KSn69LUzzZS9/HTP6nW6qvvbkzkF+M+2V59cE+JQAAAAAAzJytWkiXz+X+9W+yfrdt1ax2+Sm9A7O+Tj4f+FEy1uebmetzq/SMNdepAwAAAADw2AjyH9cdz3P9oDM0KMq4PuavgQaaLBlzz1FgTdCnL7gTByuj+iz3zLD/luFZ+fQXNCYdhh90ZOIxm+CvVcl8MM0WrtEtZlNirzB2zKMCM/8JOhfO+hT4wdLZ5+76wUY0Hp1qOj1B/LFRzpJhfeRSFJiH9P6OlQRm59xxnZ/68uu/pztELt21t7fplVvmDBiZnhu45WjMSftHGI4dz0r2u8W30/zIDAAAAIAFYYr+YjDvkQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA8Piaxe5o44J5zxEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABYFP8HAAD//wlD6JQ=")
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/74, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400))
r1 = eventfd2(0xe8, 0x0)
ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f0000000240)={0x0, r1})
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
r2 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r2, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4092})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

7.873044567s ago: executing program 1 (id=1714):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@file={0x0, '.\x00'}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
mkdirat(0xffffffffffffff9c, &(0x7f0000000400)='./file0\x00', 0x0)
mount$fuse(0x0, 0x0, 0x0, 0x8, &(0x7f0000000040)=ANY=[@ANYBLOB='fd=', @ANYRESDEC=0x0])
mount(0x0, &(0x7f0000000440)='./file0\x00', &(0x7f0000000280)='autofs\x00', 0x201000c, &(0x7f0000000040))
r3 = openat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x40000, 0x120)
ioctl$AUTOFS_DEV_IOCTL_ASKUMOUNT(r3, 0x80049370, 0x0)

7.80727878s ago: executing program 0 (id=1715):
r0 = socket$netlink(0x10, 0x3, 0x0)
r1 = socket(0x10, 0x803, 0x0)
sendmsg$IPVS_CMD_SET_INFO(r1, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, <r2=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000040)=0x14)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=ANY=[@ANYBLOB="3c0000001000850600"/20, @ANYRES32=r2, @ANYBLOB="0000000000004a641c0012000c000100626f6e64000000000c0002000800010006"], 0x3c}}, 0x0)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket(0x1, 0x803, 0x0)
r5 = socket$netlink(0x10, 0x3, 0x0)
r6 = socket(0x10, 0x803, 0x8)
sendmsg$IPVS_CMD_SET_INFO(r6, &(0x7f0000000b00)={0x0, 0x0, &(0x7f0000000ac0)={0x0, 0x14}}, 0x0)
getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, <r7=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14)
sendmsg$nl_route(r5, &(0x7f00000000c0)={0x0, 0x60, &(0x7f0000000300)={&(0x7f0000000900)=ANY=[@ANYBLOB="5c00000010001ffffcffffff0000000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000340012800b0001006772657461700000240002800800070064010100060003001008000008001500700f0d0008000700ac1414bb08000a00", @ANYRES32=r7], 0x5c}}, 0x40)
getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, <r8=>0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14)
sendmsg$nl_route(r3, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x300}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}]}}}, @IFLA_LINK={0x8, 0x5, r8}, @IFLA_MASTER={0x8, 0xa, r8}]}, 0x4c}}, 0x884)

6.301293495s ago: executing program 5 (id=1719):
syz_mount_image$vfat(&(0x7f0000000140), &(0x7f0000000100)='./file0\x00', 0x624a9, &(0x7f0000001540)=ANY=[@ANYRESOCT, @ANYRES16, @ANYRES64, @ANYRES16, @ANYRESOCT, @ANYRES64, @ANYRES8, @ANYRES32], 0x1, 0x38d, &(0x7f0000001600)="$eJzs3c9rI2UYwPEn6TSddGmTgygK0ge96GVoq2clyC6IBZe6EXcFYXY71ZAxKTOhkkW29eRVvPkPCC57XPCwoN682Iu39eLFk70Igi4ijsyPN5tkp02aZkl39/uBNs/M+z6Zd5JJeN7QvD1874uPm9uhs+12pGirFERE7olUpSgZq5DeliTHvrx87s+7z5cuX3mrtrFxflP1Qu3SK+uqurzy3Seflq20250FOah+cCj2bwdPHzx7+N+ljxqhNkJttTvq6tX2rx33qu/pViNsOqoXfc8NPW20Qi9I29tp+7bf3tnpqtvaWlrcCbwwVLfV1abX1U5bO0FX3Q/dRksdx9GlxbzhPsbs/o3l8XLqNzc33dqEB7w2YR6m7Z8oio5pDoKaOyfilB9oqd98qOMCAABn0lD9/5WpEapS7BWUhWwuUEriwWlAXP+buNdyv/6/9cIPnXPv3l7O6v87paz+n5OGVE39/+ovadpA/R8ffer1/zdD2w9WRI+8vZN0PlX9j7NhZfAV+XvyKu0X1//xq6E3o//s/VurSUD9DwAAAAAAAAAAAAAAAAAAAADAo+BeFFWiKKqYW/Nz/ysE2bbZyr5ovDCb4WLKjnj+e9/96l0PeCy9c/mK2MnCHdayiP/5bn23nt5m7abjqlTk3+R6yKQLTuwnjRqryvf+3m59PkuYS37XRFR88WRNKlIdyE/iC29unF/TVJqfHH9vt16wFuP8bWkk+etSkafy89dz80vy0ot9+Y5U5Odr0hZftrL3MZN/Y031jbc3hvLLSb88rz/cpwQAAAAAgKlzVO1s+lwdnP+m83fHUc1rl5+yOzDz6/TzgR8lZ36+qsWc+blVec6a6akDAAAAAPDECEvXm67ve0HYPTIoy6g+5q+BhposGXHPcWCN0WcguJsE88f1mes7w8E9R2eVsv+gMe4wgrArY4/ZBH8tSO6DaZZwjfeYRYl9e+SYjwvM+Y/R2T7pUxCExZOfuxeEK/F4dKLT6QuSj40KlvQ33VjKrufu9aZcjPeYh/R0x0oDs3LuqM7PfPn135MdopCt2tvf9NptcwUcm14Y2rM/4qL9I4pGjmc+/93iW/tUbzYAAAAAZsoU/eVw1iMBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAODJNY3V0UYFsz5HAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA4Kz4PwAA//933OWl")
r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000001500), 0x2, 0x0)
ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000000480)=""/74, 0x0})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000400))
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x0, 0x0, 0x0, &(0x7f0000000340)=""/185, &(0x7f0000000140)=""/92})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1)
ioctl$VHOST_VSOCK_SET_GUEST_CID(r0, 0x4008af60, &(0x7f0000000040)={@my=0x1})
ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000001c40)={0x2, 0x0, [{0x0, 0x66, &(0x7f0000001b00)=""/102}, {0xdddd0000, 0x23, &(0x7f0000001ac0)=""/35}]})
setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}, 0x10)
r1 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r1, &(0x7f0000000200)={0x28, 0x0, 0xffffffff, @my=0x1}, 0x10)
ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000080)=""/57, 0x0, &(0x7f0000000500)=""/4092})
ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1)

6.228442979s ago: executing program 0 (id=1720):
syz_open_dev$tty1(0xc, 0x4, 0x1)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f00000001c0)=0x8)
getpid()
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
close(0x3)
r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x20080, 0x0)
ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000180)=0x6f)
r3 = dup2(r2, r2)
ioctl$SNDCTL_DSP_SPEED(r3, 0xc0045002, &(0x7f00000001c0)=0x2)
read$FUSE(r3, &(0x7f00000063c0)={0x2020}, 0x2020)

6.063392197s ago: executing program 5 (id=1721):
recvmsg$unix(0xffffffffffffffff, 0x0, 0x11040)
syz_mount_image$ext4(&(0x7f0000000440)='ext3\x00', &(0x7f0000000040)='./file0\x00', 0x82cd, &(0x7f0000000280)={[{@usrquota}, {@auto_da_alloc}]}, 0x0, 0x4bd, &(0x7f0000000a00)="$eJzs3M9rXNUeAPDvvZkk/Z289/res7XaaBWLP5ImrVpQsAqKCwVBF3UlMUlLbdpIE6EtwUYpdSNowb0IbgT/AleuRF0JbnUvhSLdtLoauXPvTCfJzOR3Jk0+H7jNOTNn7jnfOffeOXPO3AawZfVl/yQRuyLit4joiYi0vsD2fMvK3bk1PfLXremRJMrlN/9MspfF7VvTI9WiSfF3Z54pZTtKryZxokG9k5cunx0eHx+7UOQHps69PzB56fJTZ84Nnx47PXZ+6PjxY0cHn31m6OlViTNr0+39H04c2Pfq29dfHzl5/d2fvk0idlSfr49jhZ7rqSWna+/JXI+uUmUbxe66dFJqY0NYku6IyLqrs3L+90TH1T2153ri5Y/b2jhgTZXL5fJQ86dnysAmlkS7WwC0R/WDPvv+W93WaeixIdx8Mf8ClMV9p9jyZ0r5PEh3/t1o9xrV3xcRJ2f+/jLbYsnzEJ1r1CoAYDP7Phv/PNlg/FeK+F9duT3F2lBvRPwrIv4dEf+JiL0R8d/Iy/4/Iu5rXE3fO03q75uTnz/+SW+sILwFZeO/54u1rdnjv9oqWG9Hkdtdib8zOXVmfOxI8Z4cjs7uLD/YcO9JxEz299fPmtVfP/7Ltqz+6liwaMeNUvfs14wOTw2vOPDCzY8i9pcaxZ9E6W4UsS8i9i+zjjOPf3Ng9iMdtdTC8bewCutM5a8iHsv7fybmxF+VtF6fHNgW42NHBqpHxXw//3LtjWb15/Gn0Tr+7SsPtIms/3c0Ov5fqMXfm9Sv107O20XXQnVc+/2Tpt9plnv8dyVvzar84vDU1IXBiK7ktfmP101wV/MXR+++p4cPzY7/lcoCblq5xkXR//dHRHYQPxARD0bEwaLtD0XEwxFxqEX8P770yHtN4z+Yx1893JZ0/K+CrP9HG17/mvX/EhLbij2c/eG7ZvXX+r/aYQ37/1g1U2lU5fq3wCmx2JYu710DAACAe0saEbsiSftr6TTt789/L783dqTjE5NTT5ya+OD8aH6PQG90ptWZrp66+dDB2nxBnh8q5oqvFPmjxbzxFx3bK/n+kYnx0TbHDlvdzogT0eD8z/zR0e7WAWtu3jpauac9DQHWnfs1Yeta/vnvygH3ugXO4nS92gGsP5/isHU1Ov+v1GeSyH8lD2w6Pv9h66qd/58vonDd7V5zb94E7j2tPv/9FAA2N+N/2JKWdV//RkrE1xGtyyQbpalLSny6kpeX1qGFkS7z5aUF+msxia62dMpQR8TsR9L1bEZpsf+rRVwqX2lZpnsR+4k4uavdVycAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAICV+ycAAP//0dHUZQ==")
prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f0000000400)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
unshare(0x20060400)
r3 = timerfd_create(0x0, 0x80800)
timerfd_gettime(r3, &(0x7f0000000000))

4.189622551s ago: executing program 5 (id=1723):
seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x1d, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0xc0, 0x49, 0x7fff0000}]})
close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2)
prlimit64(0x0, 0xe, &(0x7f0000000040)={0x8, 0x20000008b}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000340)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
r2 = socket$packet(0x11, 0x2, 0x300)
setsockopt$packet_fanout(r2, 0x107, 0x12, &(0x7f0000000000)={0x4, 0x1000}, 0x4)
pselect6(0x32, &(0x7f0000000100)={0x0, 0x0, 0xffff, 0x2, 0x0, 0x0, 0x0, 0x400}, 0x0, &(0x7f0000000240)={0x1f, 0x3, 0x0, 0x10000000000, 0x1000000002, 0x0, 0x0, 0x6}, 0x0, 0x0)
setsockopt$packet_int(r2, 0x107, 0xa, &(0x7f0000000080)=0x2, 0x4)
setsockopt$packet_rx_ring(r2, 0x107, 0x5, &(0x7f0000000140)=@req3={0x1000, 0x3a, 0x1000, 0x3a, 0x7ff, 0x2, 0x3b}, 0x1c)
r3 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000b00)={0x6, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000002000000000000000000000095"], &(0x7f00000002c0)='syzkaller\x00'}, 0x94)
bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r3, 0x5, 0xb68, 0x560b0000, &(0x7f0000000000)="259a53f271a76d2673004c6588a8", 0x0, 0xd01, 0x2a0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x48)

3.963081582s ago: executing program 3 (id=1725):
unshare(0x2040400)
r0 = bpf$MAP_CREATE(0x0, &(0x7f00000004c0)=ANY=[@ANYBLOB="0200000004000000041e000009"], 0x50)
r1 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0xd, 0x3, 0x4, 0x801, 0x0, r0, 0x15b4}, 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000008c0)={{r1}, 0x0, &(0x7f0000000880)=r0}, 0x20)

3.787210291s ago: executing program 3 (id=1728):
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5)
ptrace(0x10, 0x0)
openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0)
statx(0xffffffffffffff9c, &(0x7f00000086c0)='./file0\x00', 0x800, 0x2, &(0x7f0000008700))
openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80200, 0x0)
r0 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102)
writev(r0, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2)
syz_open_dev$sg(0x0, 0x200000000a2, 0xa0104)
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r1, 0x8933, &(0x7f0000000200)={'batadv_slave_0\x00', <r2=>0x0})
r3 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000880)=@ipv6_newroute={0x38, 0x18, 0x1, 0x70bd2c, 0x0, {0xa, 0x0, 0x0, 0x0, 0xfd, 0x2, 0xff}, [@RTA_OIF={0x8, 0x4, r2}, @RTA_ENCAP_TYPE={0x6, 0x15, 0x8}, @RTA_ENCAP={0xc, 0x16, 0x0, 0x1, @LWTUNNEL_IP_FLAGS={0x6, 0x6, 0x8}}]}, 0x38}, 0x1, 0x0, 0x0, 0x4901}, 0x0)

3.703912815s ago: executing program 3 (id=1729):
r0 = socket$inet_smc(0x2b, 0x1, 0x0)
ioctl$int_in(r0, 0x5452, &(0x7f0000000000)=0xfffffffffffffdf1)
sendto$inet(r0, 0x0, 0x0, 0x20000090, 0x0, 0x0)
shutdown(r0, 0x1)
setsockopt$sock_int(r0, 0x1, 0x7, &(0x7f0000000080)=0x4000004, 0x4)
bind$inet6(0xffffffffffffffff, &(0x7f0000000100)={0xa, 0x4e23, 0x8001, @empty, 0xffffff5d}, 0x1c)
listen(0xffffffffffffffff, 0x50)
r1 = socket$inet6(0xa, 0x5, 0x0)
setsockopt$sock_int(r1, 0x1, 0xf, &(0x7f0000fee000)=0x3fa, 0x4)
bind$inet6(r1, 0x0, 0x0)
r2 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f00000004c0)={'bond0\x00'})
bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, 0x0, &(0x7f00000001c0)='GPL\x00'}, 0x94)
close(0x3)

3.620564659s ago: executing program 3 (id=1731):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$media(&(0x7f0000000040), 0x4, 0x0)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = socket$isdn(0x22, 0x2, 0x26)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x80044943, 0x0)
r4 = syz_genetlink_get_family_id$devlink(&(0x7f00000016c0), 0xffffffffffffffff)
sendmsg$DEVLINK_CMD_RATE_GET(r2, &(0x7f0000001780)={0x0, 0x0, &(0x7f0000001740)={&(0x7f0000000140)={0x14, r4, 0xf1aad47e89fb43b5}, 0x14}}, 0x0)
ioctl$MEDIA_IOC_REQUEST_ALLOC(r1, 0x80047c05, &(0x7f0000000080))
r5 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x40000, 0x0)
ioctl$TUNSETIFF(r5, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r6 = socket(0x10, 0x803, 0x0)
ioctl$sock_SIOCGIFINDEX(r6, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r7=>0x0})
sendmsg$nl_route_sched(r6, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f00000004c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd28, 0xffffffff, {0x0, 0x0, 0x0, r7, {0x0, 0x9}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x4}}]}, 0x38}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

3.495317745s ago: executing program 2 (id=1732):
r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0)
r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x109540)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000000)={0x7fff, 0x8, 0x100})
r3 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r3, 0xc02064b2, &(0x7f0000000080)={0x8, 0xffff, 0x400})
r4 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0)
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x7, 0x1, 0x7})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4})
ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f0000000140)={0x6, 0x1000, 0x800})
fcntl$dupfd(r2, 0x406, r4)
close_range(r0, 0xffffffffffffffff, 0x0)

3.475141946s ago: executing program 3 (id=1733):
timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000300))
fcntl$lock(0xffffffffffffffff, 0x25, &(0x7f0000000040)={0x0, 0x0, 0xfd8b, 0x5})
mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1)
timer_settime(0x0, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0)
r0 = socket(0x40000000015, 0x5, 0x0)
recvmmsg(r0, &(0x7f0000001740)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2, 0x0)
mmap(&(0x7f0000000000/0x200000)=nil, 0x200000, 0x300000b, 0x204031, 0xffffffffffffffff, 0xec776000)
r1 = fsopen(&(0x7f0000000180)='proc\x00', 0x1)
fsconfig$FSCONFIG_CMD_CREATE(r1, 0x6, 0x0, 0x0, 0x0)
r2 = fsmount(r1, 0x0, 0x1)
fchdir(r2)
r3 = openat$dir(0xffffffffffffff9c, &(0x7f0000000580)='.\x00', 0x8480, 0x85)
lseek(r3, 0x100, 0x0)
getdents(r3, &(0x7f0000001fc0)=""/184, 0xb8)

3.472017606s ago: executing program 2 (id=1734):
syz_init_net_socket$netrom(0x6, 0x5, 0x0)
r0 = socket(0x10, 0x3, 0x0)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f00000000c0)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'lo\x00', <r2=>0x0})
sendmsg$nl_route_sched(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000780)={&(0x7f00000001c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r2, {0x0, 0x2}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_prio={{0x9}, {0x18, 0x2, {0x8}}}]}, 0x48}}, 0x0)
sendmsg$nl_route_sched(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000280)=@newqdisc={0x34, 0x24, 0xd0f, 0x0, 0x25dfdbfc, {0x60, 0x0, 0x0, r2, {}, {0x1, 0x2}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x40004}, 0x40000)
setsockopt$inet6_tcp_int(0xffffffffffffffff, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc)
setsockopt$inet6_tcp_TCP_REPAIR_WINDOW(0xffffffffffffffff, 0x6, 0x1d, &(0x7f0000000280)={0x800000, 0x3, 0x0, 0xfffffffe}, 0x14)
r3 = socket$nl_route(0x10, 0x3, 0x0)
r4 = socket$inet6_sctp(0xa, 0x1, 0x84)
setsockopt$inet6_IPV6_FLOWLABEL_MGR(r4, 0x29, 0x20, &(0x7f0000000280)={@remote, 0x7, 0x0, 0x3, 0x4, 0x23, 0x5}, 0x20)
sendmsg$nl_route(r3, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000000)=@mpls_delroute={0x30, 0x18, 0x9, 0x0, 0x0, {0x1c, 0x14, 0x0, 0x0, 0xfe, 0x0, 0x0, 0x1}, [@RTA_VIA={0x4, 0x12, {0x0, "f1b9a81697008d68a0328c49d2ee"}}]}, 0x30}}, 0x0)
r5 = socket$inet_sctp(0x2, 0x5, 0x84)
getsockopt$inet_sctp_SCTP_AUTO_ASCONF(r5, 0x84, 0x1e, &(0x7f0000000180), &(0x7f00000001c0)=0x4)

3.301048375s ago: executing program 5 (id=1735):
bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x11, 0x13, &(0x7f0000000080)=@framed={{0x18, 0x8}, [@func={0x85, 0x0, 0x1, 0x0, 0x6}, @map_fd={0x18, 0x0, 0x3, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0xffffff85}, @generic, @initr0, @exit, @alu, @printk={@x, {}, {}, {}, {0x7, 0x0, 0xb, 0x2, 0x0, 0x0, 0x9}, {}, {0x85, 0x0, 0x0, 0x2d}}]}, &(0x7f0000000000)='GPL\x00', 0x2, 0xde, &(0x7f0000000340)=""/222}, 0x23)
syz_mount_image$ext4(&(0x7f0000000040)='ext4\x00', &(0x7f0000000000)='./file1\x00', 0x3000046, &(0x7f0000010340)={[{@dioread_nolock}, {@orlov}, {@noauto_da_alloc}, {@noauto_da_alloc}, {@data_err_ignore}, {@norecovery}, {@dioread_nolock}, {@grpquota}, {@discard}, {@user_xattr}, {@mb_optimize_scan={'mb_optimize_scan', 0x3d, 0x1}}, {@nobh}, {@lazytime}]}, 0x11, 0x556, &(0x7f00000005c0)="$eJzs3d9rW1UcAPDvTdv91nUwhopIYQ9O5tK19ccEH+aj6HCg7zO0d2U0WUaTjrUO3B7ciy8yBBEH4ru++zj8B/wrBjoYMoo++BK56U2XrUmbddnSmc8H7nZO7k3O/ebe7+m5OTckgKE1kf1TiHg5Ir5JIg5GRJKvG4185cTadqv3r85mSxKNxqd/Jc3tsnrrtVrP259XXoqI376KOF7Y2G5teWWhVC6ni3l9sl65NFlbXjlxoVKaT+fTi9MzM6fenpl+7913+hbrG2f/+f6T2x+e+vro6ne/3D10M4nTcSBf1x7HE7jWXpmIifw9GYvTj2w41YfGdoJd+f/JgPeD7RnJ83wssj7gYIzkWQ/8/30ZEQ1gSCXyH4ZUaxzQurbv03Xwc+PeB2sXQBvjH137bCT2NK+N9q0mD10ZZde7431oP2vj1z9v3cyW6N/nEABbunY9Ik6Ojm7s/5K8/9u+kz1s82gb+j94dm5n4583O41/Cuvjn+gw/tnfIXe3Y+v8L9ztQzNdZeO/9zuOf9cnrcZH8toLzTHfWHL+QjnN+rYXI+JYjO3O6pvN55xavdPotq59/JctWfutsWC+H3dHdz/8nLlSvfQkMbe7dz3ilY7j32T9+Ccdjn/2fpztsY0j6a3Xuq3bOv6nq/FTxOsdj/+DGa1k8/nJyeb5MNk6Kzb6+8aR37u1P+j4s+O/b/P4x5P2+dra47fx455/027rHoo/ej//dyWfNcut+ccrpXp9cSpiV/LxxsenHzy3VW9tn8V/7Ojm/V+n839vRHzeY/w3Dv/8ak/xD+j4zz3W8X/8wp2PvvihW/u99X9vNUvH8kd66f963cEnee8AAAAAAABgpylExIFICsX1cqFQLK7d33E49hXK1Vr9+Pnq0sW5aH5XdjzGCq2Z7oNt90NM5ffDturTj9RnIuJQRHw7srdZL85Wy3ODDh4AAAAAAAAAAAAAAAAAAAB2iP1dvv+f+WNk0HsHPHV+8huG15b5349fegJ2JH//YXjJfxhe8h+Gl/yH4SX/YXjJfxhe8h+Gl/wHAAAAAAAAAAAAAAAAAAAAAAAAAACAvjp75ky2NFbvX53N6nOXl5cWqpdPzKW1hWJlabY4W128VJyvVufLaXG2Wtnq9crV6qWp6Vi6MllPa/XJ2vLKuUp16WL93IVKaT49l449k6gAAAAAAAAAAAAAAAAAAADg+VJbXlkolcvpooLCtgqjO2M3FPpcGHTPBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP/BcAAP//xVY3tw==")
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file1\x00', 0x42, 0x22)
r1 = openat(0xffffffffffffff9c, &(0x7f0000000080)='./file1\x00', 0x2141, 0x40)
setsockopt$bt_BT_FLUSHABLE(r0, 0x112, 0x8, &(0x7f0000000500)=0x7, 0x4)
r2 = socket$nl_route(0x10, 0x3, 0x0)
sendmsg$nl_route(r2, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @lowpan={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xc}]}, 0x40}}, 0x0)
r3 = syz_pidfd_open(0x0, 0x0)
setns(r3, 0x24020000)
syz_clone(0x102c8000, 0x0, 0xfffffffffffffef7, 0x0, 0x0, 0x0)
prctl$PR_GET_TAGGED_ADDR_CTRL(0x38)
pwrite64(r1, &(0x7f0000000140)="f6", 0xffffff07, 0x8000c61)
ioctl$FIBMAP(r0, 0x1, &(0x7f00000000c0)=0x9)
ioctl$FS_IOC_FSSETXATTR(r0, 0x401c5820, &(0x7f0000000100)={0x5, 0x3, 0x4, 0x8000, 0x638})

3.265087797s ago: executing program 2 (id=1736):
bpf$ENABLE_STATS(0x20, 0x0, 0x0)
socket$kcm(0xa, 0x2, 0x88)
r0 = openat$tun(0xffffffffffffff9c, 0x0, 0xc0, 0x0)
ioctl$TUNSETTXFILTER(r0, 0x400454d1, 0x0)
sendmsg$kcm(0xffffffffffffffff, 0x0, 0x8102000)
sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)=[{&(0x7f0000000240)="2e0400001c008102e00f80ecdb4cb9f207c804a01000000088", 0x19}], 0x1, 0x0, 0x0, 0x5865}, 0x0)
socketpair(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = bpf$MAP_CREATE(0x0, &(0x7f00000001c0)=ANY=[@ANYBLOB="12000000050000000400000002"], 0x50)
bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{r2, <r3=>0xffffffffffffffff}, &(0x7f0000000240), &(0x7f0000000140)=r1}, 0x20)
bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1e, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x34, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r5=>0xffffffffffffffff, <r6=>0xffffffffffffffff})
setsockopt$sock_attach_bpf(r5, 0x1, 0x32, &(0x7f0000000180)=r4, 0x4)
sendmsg$inet(r6, &(0x7f0000000100)={0x0, 0x1, 0x0}, 0x200400c0)

3.080217305s ago: executing program 2 (id=1737):
r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101})
r1 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r2=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x70bd25, 0x25dfdbfd, {0x0, 0x0, 0x0, r2, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000080)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70b922, 0x25dfdbfc, {0x0, 0x0, 0x0, r2, {0x0, 0x4}, {0xe, 0xb}, {0x9, 0xd}}, [@qdisc_kind_options=@q_pfifo={{0xa}, {0x8, 0x2, 0x80000000}}]}, 0x38}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890)
r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0)
close(r3)
socket$netlink(0x10, 0x3, 0x0)
ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r4 = socket$nl_route(0x10, 0x3, 0x0)
ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', <r5=>0x0})
r6 = socket$packet(0x11, 0x3, 0x300)
sendto$packet(r6, &(0x7f0000002400)="80", 0x1, 0x200000c1, &(0x7f00000001c0)={0x11, 0x88a8, r5, 0x1, 0x3}, 0x14)

2.910456074s ago: executing program 2 (id=1738):
socket$netlink(0x10, 0x3, 0x0)
r0 = openat$tun(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0)
ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x4801})
r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x8000, 0x0)
close(r1)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000001000))
ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast})
r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0)
close(r2)
socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080))
ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="0100"})
socket(0x400000000010, 0x3, 0x0)
close(0x4)
close(0xffffffffffffffff)

2.742889293s ago: executing program 2 (id=1739):
syz_mount_image$f2fs(&(0x7f0000000140), &(0x7f0000000080)='./file0\x00', 0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="6e6f626172726965722c6e6f657874656e745f63616368652c6673796e635f6d6f64653d7374726963742c696e6c696e655f78617474720000693a653d3078303030303030303030303030303766662c736d61636b6673726f6f080000006673f52b00e58abba2d0cc27be339f6f4fe5ad35a724e1531a622f050000008586eb5ba3614d2c24abf5a2614c0f111e057112dafd66336a5e3b6512b81cda80be6e9a34ccc2b88c0100008000000000e3f5def862b95c20ee847008000b0c22653d2ff30036732e46b56357afe57094f42ba61c5e8b4e184d7dd50000000000000000c0469264c247cd3c7fcb39043dda97538456bc294ae31e525d3b664cf8e83b52b1885b866b58698b3f132aced62a4fc7c8c400b805173d7488a35708d2523190c0014689f57be6ee3f5d28935a0000000000000000000000000000000000000059c1403d010001008ab61fa90695a8b268c277645c1e357ec9316354f659d4244fe126a8364eaa0de6bf4ba21c767782a04bdbb8c86d0cc7e3f03f8ef15c0ee311768cccb8affb0ae5d7cd0000000097676c046a6c754c98dd5f400ad99a588d983ae6e07b4e0e0907266aca53b30a815a84295fb5eab2f263613d36994dc15562892c33ed149270907e9c2e4d0cac7dd9735621a0c6768d4f70c664699157854bb1b85ce3f6ea44456e4f1ae1575315d77f2b995ce4d6ce21b17ca891c155ddd9916e997c32e78231e8d54675e4edf480980023b9736180ff98cf93f888eb70abb728b7e91a5d75b7e43e54f92b6e679249576f12533bef1c93aa993977f15c0a7b595423444db6e87480c46c408f6d48afa1bacf5608585e164e40c3dcb30433e1b75b02d507bff2110e0d09a644ddc10e5847c0c9bb8cfbccc2c27d515bfb2f"], 0x1, 0x5514, &(0x7f0000005d80)="$eJzs3M1rI2UYAPAn7Xa/XYt48LYDi9DCJmy67aK3qrv4gV3KqgdPmiZpyG6SKU2a1p48eBQPnv0nRMGTR/8GD569iQfFm6BkZqpbP8ClSWPb3w8mz7xv3jzzvGFZeGZKAjiz5pNffirFtbgUEbMRcTUiOy8VR2Y1D89FxPWImHnsKBXzf0ycj4jLEXFtlDzPWSre+vTm8MbKj2/8/PW3F85d+fyr76a3a2Dano+I7lZ+vtvNY9rK48NivjZsZ7G7PCxi/kb3UTFO87jb3Mgy7NYO1tWyeLuVr0+3dvqjuNmp1Uex1d7M5rd6+QX7w9ZBnuwDD2vb2bjR3Mhiu59msbWf17W3n//ftt8f5HkaRb4PsvQxGBzEfL6518z3s/Uoi/XeoJjP86aN5t4oDotYXC7qaaeR1bFxlG/6/+3Ndm9nLxk2t/vttJesVKovVKp3ytXttNEcNJfLtW7jznKy0OqMlpUHzVp3tZWmrU6zUk+7i8lCq14vV6vJwt3mRrvWS6rVyu3KrfLKYnF2M3n1/jtJp5EsjOLL7d7OoN3pJ5vpdpJ/YjFZqtx+cTG5UU3eWltP1h/cu7e2/vZ7d9+9/9La668Ui/5WVrKwdGtpqVy9VV6qLp6h/X9UFD3G/cORlJ5s+YVJ1QFwguj/gWmYXP+//SBi8v1/6P/H4kT1vxPr/z87s/uHI3nC/h8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAgNPj+7kvXstO5vPxlWL+qWLqmWJcioiZiPjtH8zG+UM5Z4s8c/+yfu4vNXxTiizD6BoXiuNyRKwWx69PT/pbAAAAgNPryw+vf5J36/nL/LQL4jjlN21mrr4/pnyliJib/2FM2WZGL8+OKVn27/tc7I0pW3YD6+KYkuW33M6NK9t/MnsoXHwslPIwc6zlAAAAx+JwJ3C8XQgAAADH6eNpF8B0lOLgUebBs+DsL+//fCB46dAIAAAAOIFK0y4AAAAAmLis//f7fwAAAHC65b//BwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAv7NzP7lpA1EcgJ8NLvSfiqru26N0B8foEbrssuIAvQRHoFfIBTgD2eUIEUR4HBSiJIrisa2Q75PMMBb8/IzwYmakAQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAALp0Wa0X//9+/9c2Z7dv54WX/dG2bgAAAHgLttV6Ub+Zpf7H5vzn5tTXpl9ERBkRD43dR/HuJHPU5FSPfL66V8NFRJ1wuMakOT5ExM/muP7S9a8AAAAA52uzXM3TaD29zIYuiD6lSZvy069MeUVEVLOrTGnlIe9bprD6/z2OP5nS6gmsaaawNOU2zpX2LPXjfpy1m95pitSUT38/270DAAA9Gp00/Y5CAAAA6NPvoQtgGEXcLmUelwInqWmW996f9AAAAIBXqBi6AAAAAKBz9fjf/n8AAABw3tL+fwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHRpW60Xm+Vq3jZnt28nz90AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADADfvzjgIhEAZhsHd9ZzL3P6w0aGpqUgXCx98YDAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAvPndX/5PTI0zydxrY+l5JFk7NbZOjb1z4+gP4+vXAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABc7M9tCoAgEIbBrezrX3j/w8YLeoYIZkB42EVBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAOBH7hnLOLXO2BJPVbVME3vGvaqOrBJnVokrF/p4sPUPfwQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwMvO/bzGUcUBAH8zs7NJq+IaZQ8RseBBLzbd1tbexIMSPPgnCCHd1titP9ocbClCLt4k515EjyKCEm/9H3puoZd662EPFTxX5lcy+XFYhZ3ZZD8fePO+Mwzzvm8WQr77XgIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAADsM/5wL06yQ6+I4/Law2d317P+0YE+c3/78XLWsjhqMunj4Y36SdSvnSw2nwwAAADzIanq+xDCk3RnNevjXl7/p9U9Wc3/00tFXNXzB+v+qq9q/6z9+cfT13YH6hXjZA+9ujEanjucSmd6s5xhz1+e4KZO/ubz716S/AOJP9l6dZzm7zP64cGDj7p5uDD9dAGA/+ds1ZdB9ftQ1g/aTAyAudGpFd5V/Z/02s0JAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAoAnjrfBCFUchhOXOXpx59Ozu+lH9/e3Hy1W7dO/edv2Z2SPSEMLVjdHwXFhscDaz7dbtO9fXRqPhzeaDN0MIbY3+QTn9659NcHMIU0rjTEtvfs6CuPywZyWf4xG0+EMJAIATKS1bVtc/SXdWs2vRUgjPf95f/79di8OE9f/Tzy89rI9Vr/8Hjc1w9q1s3vh65dbtO+9u3Fi7Nrw2/PK984P3BxcuX7x4eSX/rqQ4tp0mAAAAx1i3bPX6P146vP5/uhaHCev/b34cfFcfK1H/H2lv0a/tTAAAAObbK2f++Ts64nrU7YZv1zY3bw6K4+75+eLYQqr/2ULZ6vV/stR2VgAAAEATxlvRvvX/K7U4TLj+/+Ivr/9Wf2YSQjhVrv+fXf9qdKW56cy0qfzx8EL5cDsLAAAAKOvxUwfW/9N8/3+8u+UhDiG881YRl/8GcKL6P/n4+1/rY9X3/19oboozKe4X7yPv+yF0+m1nBAAAwEm2mLdeXv//le6sfvH76U+79v8DAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAANO3fAAAA///FdTwZ")
r0 = socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000700)={'wlan1\x00', <r2=>0x0})
sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000240)={0x24, r1, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r2}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0)
r3 = socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan1\x00', <r5=>0x0})
sendmsg$NL80211_CMD_CONNECT(r3, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000240)={0x28, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0)
syz_mount_image$ext4(&(0x7f0000000240)='ext4\x00', &(0x7f0000000280)='./mnt\x00', 0x0, &(0x7f00000002c0), 0x0, 0x236, &(0x7f0000000300)="$eJzs3TFoM2UcBvDnLomf/b4gVRdBUEFEtFDqJrjURaEgpYgIKlREXJRWqC1urZOLg84qnVyKuFkdpUtxUQSnqh3qImhxsDjoELlcK9VGFFNz8t3vB5fcJe97//e4e95kOS5Aa00nmU/SSTKTpJekON/grnqZPt3cntpfTgaDx38shu3q7dpZv2tJtpI8mGSvLPJiN9nYffro54NH731jvXfPe7tPTU30IE8dHx0+dvLu4usfLjyw8fmX3y8WmU//D8d1+YoRn3WL5Jb/otj/RNFtegT8E0uvfvBVlftbk9w9zH8vZeqT9+baDXu93P/OX/V964cvbp/kWIHLNxj0qt/ArQHQOmWSfopyNkm9Xpazs/V/+K87V8uXVtdemXlhdX3l+aZnKuCy9JPDRz6+8tG1P+X/u06df+D6VeX/iaWdb6r1k07TowEmqcr/zLOb90X+oXXkH9pL/qG95B/aS/6hveQf2kv+ob3kH9pL/qG95B/a63z+AYB2GVxp+g5koClNzz8AAAAAAAAAAAAAAAAAAMBF21P7y2fLpGp++nZy/HCS7qj6neHziJMbh69XfyqqZr8r6m5jeebOMXcwpvcbvvv6pm+brf/ZHc3W31xJtl5LMtftXrz+itPr79+7+W++7z03ZoExPfRks/V/3Wm2/sJB8kk1/8yNmn/K3DZ8Hz3/9KvzN2b9l38ZcwcAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABMzG8BAAD//8n0bSk=")
r6 = socket$nl_generic(0x10, 0x3, 0x10)
r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000280), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f00000002c0)={'wlan0\x00', <r8=>0x0})
sendmsg$NL80211_CMD_FRAME(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000640)={&(0x7f0000000400)=ANY=[@ANYBLOB='D\x00\x00\x00', @ANYRES16=r7, @ANYBLOB="010000000000fcdbdf253b00000008000300", @ANYRES32=r8, @ANYBLOB="25003300d0000000080211000001080211000000505050505050"], 0x44}}, 0x4000084)

2.563068471s ago: executing program 1 (id=1740):
r0 = socket$unix(0x1, 0x1, 0x0)
r1 = socket$nl_route(0x10, 0x3, 0x0)
r2 = socket$netlink(0x10, 0x3, 0x0)
bind$netlink(r2, &(0x7f0000514ff4)={0x10, 0x0, 0x0, 0x2ffffffff}, 0xc)
socket(0x10, 0x3, 0x0)
tkill(0x0, 0xd)
socket$nl_route(0x10, 0x3, 0x0)
r3 = socket$netlink(0x10, 0x3, 0x0)
socket$unix(0x1, 0x1, 0x0)
sendmsg$nl_route_sched(r3, 0x0, 0x0)
ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0)
ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'veth0_to_hsr\x00', <r4=>0x0})
sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x0, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0xb}, {0xffff, 0xffff}, {0x5, 0xfff2}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8, 0x2, {0x5, 0xa}}}]}, 0x38}, 0x1, 0x0, 0x0, 0x20000001}, 0x0)
sendmsg$nl_route_sched(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000040)=@newqdisc={0x34, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdbfb, {0x0, 0x0, 0x0, r4, {0x0, 0xf}, {0x1, 0xb}, {0xd, 0xb}}, [@qdisc_kind_options=@q_pfifo_fast={0xf}]}, 0x34}, 0x1, 0x0, 0x0, 0x8021}, 0x4048800)

2.420653128s ago: executing program 1 (id=1741):
socket$alg(0x26, 0x5, 0x0)
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7)
r0 = getpid()
sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x890d000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
r3 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=@base={0xe, 0x4, 0x4, 0x3}, 0x50)
r4 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, r3, 0x0, '\x00', 0x0, 0x0}, 0x50)
bpf$PROG_LOAD(0x5, &(0x7f0000000840)={0x18, 0x1c, &(0x7f0000000d80)=@ringbuf={{0x18, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x6}, {{0x18, 0x1, 0x1, 0x0, r3}, {}, {}, {0x85, 0x0, 0x0, 0x5}}, {{0x5, 0x0, 0x3}, {0x95, 0x0, 0x0, 0x700}}, [@snprintf={{0x7, 0x0, 0xb, 0x2}, {0x3, 0x3, 0x3, 0xa, 0x9, 0xfe00}, {0x6, 0x0, 0x6, 0x9, 0x0, 0x0, 0x3}, {0x3, 0x3, 0x6, 0xa, 0xa, 0xfff0, 0xf1}, {0x7, 0x1, 0xb, 0x6, 0x8}, {0x7, 0x0, 0x0, 0x8}, {}, {}, {0x7, 0x0, 0x6, 0x0}, {0x18, 0x9, 0x2, 0x0, r4}, {}, {0x46, 0x8, 0xfff0, 0x76}}], {{0x6, 0x1, 0x5, 0x2}, {0x6, 0x0, 0x5, 0x8, 0x0, 0x0, 0x1}, {0x85, 0x0, 0x0, 0x7}}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0xd, '\x00', 0x0, @fallback=0xd, 0x0, 0xf00, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94)

1.419196819s ago: executing program 5 (id=1742):
sendmsg$IPVS_CMD_SET_INFO(0xffffffffffffffff, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x40081c4}, 0x44000)
bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0x14, &(0x7f0000000980)=ANY=[@ANYRESHEX], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x19, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94)
r0 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000780)=ANY=[@ANYBLOB="2000000040000701feffffff00000000017c000004004280040001800400028016a31fdf7ce10161d410ff422b8e2fbb5087050c7166e190fcfe13dbf82a57a82fefc92afd799452a689e3a5"], 0x20}}, 0xc000)
r1 = socket$alg(0x26, 0x5, 0x0)
sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0)
bind$alg(r1, &(0x7f00000004c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-camellia-asm\x00'}, 0x58)
setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18)
r2 = accept4(r1, 0x0, 0x0, 0x800)
sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0xfffffe3f}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed884e7cb51726b360fbb37b4fe035bbb095873048"}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11"}], 0x1, &(0x7f0000000380)=[@op={0x18, 0x117, 0x3, 0x1}], 0x18}], 0x1, 0x40800)
recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000580), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000013c0)={'wlan1\x00', <r4=>0x0})
sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000001380)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000dc0)=ANY=[@ANYBLOB="f4060000", @ANYRES16=r3, @ANYBLOB="01000000000000e14f003b00000008000300", @ANYRES32=r4, @ANYBLOB="d50633008000009effffffffffff080211000001"], 0x6f4}}, 0x0)

1.311378994s ago: executing program 0 (id=1743):
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket(0x2a, 0x2, 0x0)
r1 = socket$nl_generic(0x10, 0x3, 0x10)
r2 = socket$nl_generic(0x10, 0x3, 0x10)
r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f0000000740)={'wlan1\x00', <r4=>0x0})
r5 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r5, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000380)={0x24, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, "16"}]}, 0x24}}, 0x0)
sendmsg$NL80211_CMD_REGISTER_FRAME(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000780)=ANY=[@ANYBLOB='$\x00\x00\x00', @ANYRES16=r3, @ANYBLOB="010000000005000000003a00000008000300", @ANYRES32=r4, @ANYBLOB="05005b"], 0x24}}, 0x0)
r6 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff)
ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', <r7=>0x0})
r8 = socket$nl_generic(0x10, 0x3, 0x10)
sendmsg$NL80211_CMD_REGISTER_FRAME(r8, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000180)={0x24, r6, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r7}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x5, 0x5b, 'R'}]}, 0x24}}, 0x0)
close_range(r0, 0xffffffffffffffff, 0x0)

1.311164224s ago: executing program 1 (id=1744):
bpf$PROG_LOAD(0x5, &(0x7f0000000800)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000001000000b703000000000080850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90)
socket$vsock_stream(0x28, 0x1, 0x0)
socket(0x10, 0x3, 0x4)
epoll_create1(0x0)
r0 = syz_io_uring_setup(0x1eb1, &(0x7f0000000480)={0x0, 0x100000, 0x2, 0x1, 0x24f}, &(0x7f0000000080)=<r1=>0x0, &(0x7f0000000040))
syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x40, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4)
syz_io_uring_complete(r1)
r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000840)='memory.events.local\x00', 0x275a, 0x0)
ftruncate(r2, 0x5)
fsmount(0xffffffffffffffff, 0x1, 0x3)
setsockopt$inet6_IPV6_XFRM_POLICY(0xffffffffffffffff, 0x29, 0x23, 0x0, 0x0)
connect$inet6(0xffffffffffffffff, 0x0, 0x0)
pselect6(0x40, &(0x7f00000000c0), 0x0, &(0x7f0000000140)={0x1ff, 0x0, 0x5}, 0x0, 0x0)
io_uring_enter(r0, 0x8a4, 0x0, 0x1, 0x0, 0x0)

1.119781073s ago: executing program 0 (id=1745):
prlimit64(0x0, 0xe, &(0x7f0000000240)={0x8, 0x248}, 0x0)
sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7)
r0 = getpid()
sched_setaffinity(0x0, 0x1, &(0x7f00000002c0)=0x2)
sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xffffe000)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f00000004c0)=@abs={0x0, 0x0, 0x4e24}, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x3fffffffffffeda, 0x2, 0x0)
r3 = socket$inet6_icmp(0xa, 0x2, 0x3a)
bind$inet6(r3, &(0x7f0000000240)={0xa, 0x4e26, 0x1000, @empty}, 0x1c)
pread64(0xffffffffffffffff, &(0x7f0000000580)=""/245, 0xf5, 0x3)
syz_mount_image$vfat(&(0x7f0000000200), &(0x7f0000000000)='./file0\x00', 0x1810882, &(0x7f0000000040)=ANY=[@ANYBLOB="756e695f786c6174653d312c726f6469722c757466383d302c73686f72746e616d653d77696e6e742c757466383d302c757466383d312c756e695f786c6174653d302c696f636861727365743d63703433372c756e695f786c6174653d302c6572726f72733d72656d6f756e742d726f2c757466383d312c757466383d312c73686f72746e616d653d77696e39352c6e66733d6e6f7374616c655f726f2c756e695f786c6174653d312c73686f72746e616d653d77696e39352c646973636172642c004338cb8631b26441e86414f461975e105d02960776fcb7ddfd80b96c1b2ffd13d5cc37784797dbc9e26b7c39310b49940995ce6e6ce1c218890b59506de99e2dd234abcde0be50d3de656741fee78f74e94ee73bd6d7162f0d2a8275e0a6125615ce223c21fe303d561d81b2681dce1c0b7061c5a347b2040e7b6c9210507527467dad005f3e38c47d4daa9d76c69f51ffeb2f81123fe54df14c6c02413e51ba63c35f11"], 0x0, 0x2b9, &(0x7f0000000280)="$eJzs3T9rc1UYAPDnpmkSdUgGJxG8oIPTy9t3dUmVFqqZlAzqoMW2IE0QWij4B9NOri6OfgJBcHP1A7j4DQRXwc0OhSv35t4kbdPYaNP65/db+vTc85zznNPTlA45ef/54eFeGgdnn/0crVYStW504zyJTtSichqXdL8MAODf7DzL4rdsbJm8JCJaqysLAFihpf/+f7fykgCAFXvr7Xfe2Oz1tt5M01ZsD7846ef/2edfx883D+LDGMR+PI52XERkE+N4O8uyUT3NdeKl4eikn2cO3/uxHH/z14gifyPa0SmaLufv9LY20rGZ/FFex9Pl/N08/0m049k58+/0tp7MyY9+I15+cab+R9GOnz6Ij2IQe0UR0/zPN9L0teyr3z99Ny8vz09GJ/1m0W8qW7vnHw0AAAAAAAAAAAAAAAAAAAAAAP9hj8q7c5pR3N+TN5X376xd5N+sR1rpXL6fZ5yfVANduR9olMXX1f06j9M0zcqO0/x6PFeP+sOsGgAAAAAAAAAAAAAAAAAAAP5Zjj/+5HB3MNg/KoLXszKYtCwXVLcBVG/r/6vjdCct9aMXYnHn5nSuWhkuGDnWqj5JxMIy8kX8vd24dfDUTTV/8+2yA7b+vM/6dK7olJtxx+uqTtfhbjJ/D5tRtbSqQ/L9bJ9G3HKuxk2PsqWOX2Puo/bSa288UwSjBX0iWVTYK7+Md65sKX+hTid9GsWuzk1fL4OZ9CtnY6nzfP21Iknu/OUHAAAAAAAAAAAAAAAAAACYMX3T75yHZwtTa1lzZWUBAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAwL2afv7/JKhfa7kajMrkccsPry7o3Iij4wdeIgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAP8DfwQAAP//4wFdTQ==")

70.924576ms ago: executing program 5 (id=1746):
socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0)
recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0)
sched_setattr(0x0, &(0x7f0000000280)={0x38, 0x5, 0x8, 0x8001, 0x0, 0x9, 0x0, 0xfffffe0000000001, 0xfa11, 0xffffffff}, 0x0)
socket$l2tp(0x2, 0x2, 0x73)
sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={0x0, 0x28}, 0x1, 0x0, 0x0, 0x4048011}, 0xc000)
socket$nl_rdma(0x10, 0x3, 0x14)
r2 = socket(0x10, 0x3, 0x0)
sendmsg$TIPC_NL_BEARER_ENABLE(0xffffffffffffffff, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000080)=ANY=[], 0x6c}}, 0x0)
r3 = socket(0x10, 0x803, 0x0)
sendmsg$nl_route(r3, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)=ANY=[@ANYBLOB="540000001400b59500000000000000000a000000", @ANYRES32=r3, @ANYBLOB="14000100004000000000000000000000006758f3fce64e4a"], 0x54}, 0x1, 0x0, 0x0, 0x800}, 0x80)
sendmmsg(r2, &(0x7f0000000000), 0x4000000000001f2, 0x0)

0s ago: executing program 3 (id=1747):
prlimit64(0x0, 0xe, &(0x7f0000000140)={0x7, 0x100}, 0x0)
r0 = getpid()
sched_setscheduler(r0, 0x1, &(0x7f0000000200)=0x7)
sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x7)
mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0)
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={<r1=>0xffffffffffffffff, <r2=>0xffffffffffffffff})
connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e)
sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0)
recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0)
sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6)
mremap(&(0x7f00007ff000/0x4000)=nil, 0x4000, 0x4000, 0x3, &(0x7f0000580000/0x4000)=nil)
r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r4 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000180), r3)
sendmsg$NLBL_MGMT_C_ADD(r3, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="f4000000", @ANYRES16=r4, @ANYBLOB="cd3e0000000000000000010000000800020005000000ce0001"], 0xf4}}, 0x20040084)

kernel console output (not intermixed with test programs):

DDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   61.044106][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   61.068269][ T4188] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.083911][ T4188] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.093976][ T4188] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.123877][ T4188] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.156660][ T1408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.164679][ T1408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.172527][  T154] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.206351][  T154] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.219263][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.230540][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.243470][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.255317][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.265551][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.276891][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.288476][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0
[   61.300050][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.320197][ T4186] batman_adv: batadv0: Interface activated: batadv_slave_0
[   61.330497][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.341700][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   61.353516][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[   61.362720][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[   61.417422][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.439464][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.454065][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.474875][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.485247][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.503190][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.514037][ T4186] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1
[   61.531809][ T4186] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems!
[   61.543483][ T4186] batman_adv: batadv0: Interface activated: batadv_slave_1
[   61.569025][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[   61.590704][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[   61.621999][ T4186] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[   61.679678][ T4186] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[   61.702168][ T4186] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[   61.733761][ T4186] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[   61.852420][ T4242] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   61.881717][ T4242] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   61.966578][ T4242] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   61.990697][ T1408] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   62.016472][ T1408] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   62.093906][ T4284] loop0: detected capacity change from 0 to 512
[   62.326353][ T4284] EXT4-fs (loop0): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[   62.377000][ T4284] ext4 filesystem being mounted at /4/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[   62.390813][ T4279] loop1: detected capacity change from 0 to 32768
[   62.447305][ T4279] =======================================================
[   62.447305][ T4279] WARNING: The mand mount option has been deprecated and
[   62.447305][ T4279]          and is ignored by this kernel. Remove the mand
[   62.447305][ T4279]          option from the mount to silence this warning.
[   62.447305][ T4279] =======================================================
[   62.541665][ T4279] JBD2: Ignoring recovery information on journal
[   62.690032][ T4279] ocfs2: Mounting device (7,1) on (node local, slot 0) with ordered data mode.
[   62.706827][   T23] Bluetooth: hci4: command 0x0419 tx timeout
[   62.715815][   T23] Bluetooth: hci0: command 0x0419 tx timeout
[   62.799484][ T4282] bridge0: port 2(bridge_slave_1) entered disabled state
[   62.808185][ T4282] bridge0: port 1(bridge_slave_0) entered disabled state
[   62.816071][   T23] Bluetooth: hci1: command 0x0419 tx timeout
[   62.822294][   T23] Bluetooth: hci3: command 0x0419 tx timeout
[   62.857171][ T4232] Bluetooth: hci2: command 0x0419 tx timeout
[   62.987677][ T4290] loop_set_status: loop1 () has still dirty pages (nrpages=7)
[   63.208748][ T4279] syz.1.2 (4279) used greatest stack depth: 18808 bytes left
[   63.649254][ T4282] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   63.699895][ T4282] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   63.765751][ T4191] ocfs2: Unmounting device (7,1) on (node local)
[   64.001527][ T4301] loop1: detected capacity change from 0 to 256
[   64.042647][ T4301] exFAT-fs (loop1): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[   64.074126][ T4301] exFAT-fs (loop1): Medium has reported failures. Some data may be lost.
[   64.098275][ T4301] exFAT-fs (loop1): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[   64.709288][    C1] vcan0: j1939_tp_rxtimer: 0xffff888024aec800: rx timeout, send abort
[   64.751857][ T4282] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.761050][ T4282] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.770330][ T4282] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   64.780036][ T4282] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   65.096811][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   65.111668][  T155] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   65.176585][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   65.185678][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   65.209775][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807bc5c800: rx timeout, send abort
[   65.218467][    C1] vcan0: j1939_tp_rxtimer: 0xffff888024aec800: abort rx timeout. Force session deactivation
[   65.297598][ T4309] process 'syz.3.14' launched './file0' with NULL argv: empty string added
[   65.337472][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   65.346621][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #0a!!!
[   65.407311][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   65.506818][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #08!!!
[   65.516898][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #40!!!
[   65.526502][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   65.535682][    T0] NOHZ tick-stop error: Non-RCU local softirq work is pending, handler #02!!!
[   66.226075][    C1] vcan0: j1939_tp_rxtimer: 0xffff88807bc5c800: abort rx timeout. Force session deactivation
[   66.384466][ T4303] netlink: 4 bytes leftover after parsing attributes in process `syz.1.13'.
[   66.557744][  T154] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.565763][  T154] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.611145][ T4323] netlink: 24 bytes leftover after parsing attributes in process `syz.4.5'.
[   66.628475][ T4242] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[   66.678066][ T4313] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[   66.695590][ T4326] device syzkaller0 entered promiscuous mode
[   66.711487][ T4313] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[   66.739839][ T4326] tipc: Started in network mode
[   66.748809][ T4326] tipc: Node identity 52214df92d9f, cluster identity 4711
[   66.770393][ T4326] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[   66.780279][ T4313] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[   66.805777][ T4325] tipc: Resetting bearer <eth:syzkaller0>
[   66.855738][ T4325] tipc: Disabling bearer <eth:syzkaller0>
[   66.985936][ T4337] netlink: 4 bytes leftover after parsing attributes in process `syz.0.22'.
[   67.242181][ T4345] loop1: detected capacity change from 0 to 256
[   67.330662][ T4348] Illegal XDP return value 2097816080, expect packet loss!
[   68.745335][ T4364] loop3: detected capacity change from 0 to 16
[   69.004264][ T4364] erofs: (device loop3): mounted with root inode @ nid 36.
[   70.148779][ T4376] 
[   70.149762][ T4378] netlink: 24 bytes leftover after parsing attributes in process `syz.4.38'.
[   70.482872][ T4386] device syzkaller0 entered promiscuous mode
[   72.087210][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[   72.093975][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[   76.655047][ T4192] usb 3-1: new high-speed USB device number 2 using dummy_hcd
[   77.898622][ T4463] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   77.966369][ T4192] usb 3-1: Using ep0 maxpacket: 32
[   78.148360][ T4468] L1TF CPU bug present and SMT on, data leak possible. See CVE-2018-3646 and https://www.kernel.org/doc/html/latest/admin-guide/hw-vuln/l1tf.html for details.
[   78.165424][ T4192] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[   78.252074][ T4192] usb 3-1: config 0 has 0 interfaces, different from the descriptor's value: 1
[   78.875287][ T4192] usb 3-1: New USB device found, idVendor=0458, idProduct=706e, bcdDevice=35.64
[   78.886067][ T4192] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[   78.979919][ T4192] usb 3-1: config 0 descriptor??
[   79.442045][ T4192] usb 3-1: USB disconnect, device number 2
[   79.795513][ T4495] netlink: 'syz.0.67': attribute type 4 has an invalid length.
[   79.837007][ T4497] netlink: 'syz.1.68': attribute type 1 has an invalid length.
[   81.608001][ T4529] xt_CHECKSUM: CHECKSUM should be avoided.  If really needed, restrict with "-p udp" and only use in OUTPUT
[   81.649963][ T4529] x_tables: ip_tables: rpfilter match: used from hooks FORWARD, but only valid from PREROUTING
[   81.669528][ T1108] cfg80211: failed to load regulatory.db
[   83.056303][    C1] sched: RT throttling activated
[   83.368940][  T144] bond0: (slave bond_slave_0): interface is now down
[   83.385490][ T4546] netlink: 'syz.4.85': attribute type 10 has an invalid length.
[   83.396526][  T144] bond0: (slave bond_slave_1): interface is now down
[   83.446443][ T4546] device syz_tun entered promiscuous mode
[   83.462832][ T4308] bond0: (slave bond_slave_0): interface is now down
[   83.478689][ T4308] bond0: (slave bond_slave_1): interface is now down
[   83.508256][ T4546] bond0: (slave syz_tun): Enslaving as an active interface with an up link
[   83.520107][ T4308] bond0: (slave syz_tun): interface is now down
[   83.568096][  T144] bond0: (slave bond_slave_0): interface is now down
[   84.450321][  T144] bond0: (slave bond_slave_1): interface is now down
[   84.458785][  T144] bond0: (slave syz_tun): interface is now down
[   84.471942][  T144] bond0: now running without any active interface!
[   84.711901][ T4561] loop4: detected capacity change from 0 to 256
[   84.811527][ T4558] loop2: detected capacity change from 0 to 4096
[   84.888407][ T4564] netlink: 'syz.1.91': attribute type 1 has an invalid length.
[   85.026926][ T4566] input: syz1 as /devices/virtual/input/input5
[   85.130471][ T4570] NILFS (loop2): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[   85.681047][ T4577] loop4: detected capacity change from 0 to 40427
[   86.818885][ T4577] F2FS-fs (loop4): Invalid log_blocksize (268), supports only 12
[   86.826956][ T4577] F2FS-fs (loop4): Can't find valid F2FS filesystem in 1th superblock
[   86.849044][ T4577] F2FS-fs (loop4): invalid crc value
[   87.021170][ T4577] F2FS-fs (loop4): Found nat_bits in checkpoint
[   87.103523][ T4577] F2FS-fs (loop4): Try to recover 1th superblock, ret: 0
[   87.110997][ T4577] F2FS-fs (loop4): Mounted with checkpoint version = 48b305e5
[   88.256204][   T26] audit: type=1800 audit(1773936654.122:2): pid=4597 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.97" name="file1" dev="loop4" ino=10 res=0 errno=0
[   88.825120][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[   88.963639][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[   89.117911][ T4592] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[   89.379041][ T4592] device bridge_slave_0 left promiscuous mode
[   90.134651][ T4592] bridge0: port 1(bridge_slave_0) entered disabled state
[   90.269746][ T4592] device bridge_slave_1 left promiscuous mode
[   90.281321][ T4592] bridge0: port 2(bridge_slave_1) entered disabled state
[   90.302200][ T4592] bond0: (slave bond_slave_0): Releasing backup interface
[   90.326005][ T4592] bond0: (slave bond_slave_1): Releasing backup interface
[   90.380643][ T4592] team0: Port device team_slave_0 removed
[   90.407861][ T4592] team0: Port device team_slave_1 removed
[   90.414078][ T4592] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   90.428585][ T4592] batman_adv: batadv0: Removing interface: batadv_slave_0
[   90.437680][ T4592] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   90.463941][ T4592] batman_adv: batadv0: Removing interface: batadv_slave_1
[   90.524276][ T4599] team0: Mode changed to "loadbalance"
[   90.754878][ T4618] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[   91.545413][ T4625] bridge0: port 2(bridge_slave_1) entered disabled state
[   91.552955][ T4625] bridge0: port 1(bridge_slave_0) entered disabled state
[   93.410447][ T4625] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[   93.423204][ T4647] pci 0000:00:05.0: vgaarb: changed VGA decodes: olddecodes=io+mem,decodes=none:owns=io+mem
[   93.459307][ T4625] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[   93.491977][ T4648] loop3: detected capacity change from 0 to 8
[   93.605485][ T4648] SQUASHFS error: zlib decompression failed, data probably corrupt
[   93.621737][ T4648] SQUASHFS error: Failed to read block 0x9b: -5
[   93.631400][ T4648] SQUASHFS error: Unable to read metadata cache entry [99]
[   93.644877][ T4648] SQUASHFS error: Unable to read inode 0x127
[   93.923204][ T4625] netdevsim netdevsim4 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.932735][ T4625] netdevsim netdevsim4 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.941839][ T4625] netdevsim netdevsim4 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[   93.951763][ T4625] netdevsim netdevsim4 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[   94.044167][ T4630] netlink: 'syz.0.110': attribute type 4 has an invalid length.
[   94.055700][ T4632] netlink: 'syz.0.110': attribute type 4 has an invalid length.
[   94.243814][ T4658] loop3: detected capacity change from 0 to 256
[   94.304382][ T4662] netlink: 12 bytes leftover after parsing attributes in process `syz.0.120'.
[   94.446388][   T23] usb 5-1: new high-speed USB device number 2 using dummy_hcd
[   94.449457][   T26] audit: type=1800 audit(1773936660.332:3): pid=4658 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.117" name="file1" dev="loop3" ino=1048601 res=0 errno=0
[   94.726532][   T23] usb 5-1: Using ep0 maxpacket: 8
[   95.116806][   T23] usb 5-1: New USB device found, idVendor=0ccd, idProduct=00b3, bcdDevice=2d.ea
[   95.146926][   T23] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[   95.180916][   T23] usb 5-1: Product: syz
[   95.195458][   T23] usb 5-1: Manufacturer: syz
[   95.212391][   T23] usb 5-1: SerialNumber: syz
[   95.229404][ T4192] Process accounting resumed
[   95.252519][   T23] usb 5-1: config 0 descriptor??
[   96.488406][   T23] usb 5-1: dvb_usb_v2: found a 'TerraTec NOXON DAB Stick' in warm state
[   97.227856][   T23] dvb_usb_rtl28xxu: probe of 5-1:0.0 failed with error -71
[   97.254480][   T23] usb 5-1: USB disconnect, device number 2
[   97.330653][ T4711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.135'.
[   97.359294][ T4711] netlink: 12 bytes leftover after parsing attributes in process `syz.0.135'.
[   97.387433][ T4711] Zero length message leads to an empty skb
[   97.393500][ T4713] netlink: 'syz.2.134': attribute type 10 has an invalid length.
[   97.525238][ T4707] loop4: detected capacity change from 0 to 4096
[   97.533740][    C1] PF_CAN: dropped non conform CAN skbuff: dev type 1, len 16
[   97.541955][ T4713] team0: Device vxcan1 is of different type
[   97.565068][ T4715] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[   97.658652][ T4715] sch_tbf: burst 32855 is lower than device lo mtu (11337746) !
[   97.691921][ T4707] ntfs3: loop4: ntfs_set_state r=3 failed, -22.
[   97.902066][ T4455] ntfs3: loop4: ntfs3_write_inode r=3 failed, -22.
[   97.958206][ T4188] ntfs3: loop4: ntfs_set_state r=3 failed, -22.
[   97.964781][ T4188] ntfs3: loop4: Mark volume as dirty due to NTFS errors
[   97.985940][ T4188] ntfs3: loop4: ntfs_set_state r=3 failed, -22.
[   97.994923][    T9] ntfs3: loop4: ntfs3_write_inode r=3 failed, -22.
[   98.011490][ T4188] ntfs3: loop4: ntfs_evict_inode r=3 failed, -22.
[   99.238597][ T4777] netlink: 8 bytes leftover after parsing attributes in process `syz.4.141'.
[   99.842803][   T21] usb 1-1: new high-speed USB device number 2 using dummy_hcd
[   99.887852][ T4800] netlink: 24 bytes leftover after parsing attributes in process `syz.4.148'.
[   99.974828][ T4803] netlink: 4 bytes leftover after parsing attributes in process `syz.4.148'.
[  100.286871][   T21] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  100.468142][   T21] usb 1-1: config 0 has no interfaces?
[  100.474591][   T21] usb 1-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  100.484256][   T21] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  100.502841][   T21] usb 1-1: config 0 descriptor??
[  101.396832][ T4817] bond1: (slave ip6gretap1): no link monitoring support
[  101.448420][ T4817] bond1: (slave ip6gretap1): MII and ETHTOOL support not available for slave, and arp_interval/arp_ip_target module parameters not specified, thus bonding will not detect link failures! see bonding.txt for details
[  101.568251][ T4817] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  102.380081][ T4231] usb 1-1: USB disconnect, device number 2
[  102.497326][ T4865] netlink: 12 bytes leftover after parsing attributes in process `syz.1.161'.
[  102.672602][ T4863] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  102.728145][ T4863] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  102.774873][ T4876] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off.
[  103.101195][ T4885] netlink: 24 bytes leftover after parsing attributes in process `syz.1.167'.
[  103.309419][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  103.469320][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  103.497485][ T4887] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  103.531627][ T4887] bond1: (slave ip6gretap1): Releasing backup interface
[  103.569000][ T4894] netlink: 4 bytes leftover after parsing attributes in process `syz.3.168'.
[  104.773529][ T4904] tipc: Failed to remove unknown binding: 66,0,0/0:943947496/943947498
[  104.792621][ T4904] tipc: Failed to remove unknown binding: 66,0,0/0:943947496/943947497
[  104.808406][ T4904] tipc: Failed to remove unknown binding: 66,0,0/0:943947496/943947498
[  104.838491][ T4904] tipc: Failed to remove unknown binding: 66,0,0/0:943947496/943947497
[  104.907263][ T4906] x_tables: duplicate underflow at hook 2
[  104.977947][ T4908] syz.0.174 uses obsolete (PF_INET,SOCK_PACKET)
[  105.013180][ T4910] netlink: 'syz.4.175': attribute type 8 has an invalid length.
[  105.295333][ T4920] sch_tbf: burst 19872 is lower than device lo mtu (65550) !
[  105.300804][ T4917] loop0: detected capacity change from 0 to 1024
[  105.488091][ T4925] sock: sock_set_timeout: `syz.3.181' (pid 4925) tries to set negative timeout
[  105.502211][ T4917] hfsplus: invalid btree flag
[  105.516115][ T4917] hfsplus: failed to load extents file
[  105.558737][ T4917] x_tables: ip6_tables: policy.0 match: invalid size 312 (kernel) != (user) 0
[  107.006852][ T4954] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  108.627508][ T4966] loop4: detected capacity change from 0 to 128
[  108.726700][   T26] audit: type=1800 audit(1773936674.612:4): pid=4966 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.198" name="bus" dev="loop4" ino=1048602 res=0 errno=0
[  109.974787][ T4987] 8021q: adding VLAN 0 to HW filter on device bond1
[  110.012370][ T4987] 8021q: adding VLAN 0 to HW filter on device macvlan2
[  110.023670][ T4987] bond1: (slave macvlan2): making interface the new active one
[  110.033220][ T4987] bond1: (slave macvlan2): Enslaving as an active interface with an up link
[  110.043710][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  115.776237][ T5037] sctp: [Deprecated]: syz.2.220 (pid 5037) Use of struct sctp_assoc_value in delayed_ack socket option.
[  115.776237][ T5037] Use struct sctp_sack_info instead
[  117.595810][ T5061] KVM: KVM_SET_CPUID{,2} after KVM_RUN may cause guest instability
[  117.643673][ T5075] overlayfs: failed to clone upperpath
[  117.649605][ T5061] KVM: KVM_SET_CPUID{,2} will fail after KVM_RUN starting with Linux 5.16
[  117.883054][ T5081] tipc: Started in network mode
[  117.916772][ T5081] tipc: Node identity ac1414aa, cluster identity 4711
[  117.925447][ T5081] tipc: Enabled bearer <udp:s>, priority 10
[  118.077021][ T5090] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  118.125106][ T5092] bond0: (slave syz_tun): Releasing backup interface
[  118.199700][ T5092] device bridge_slave_0 left promiscuous mode
[  118.206037][ T5092] bridge0: port 1(bridge_slave_0) entered disabled state
[  120.157150][ T5092] device bridge_slave_1 left promiscuous mode
[  120.192041][ T5092] bridge0: port 2(bridge_slave_1) entered disabled state
[  120.825391][ T5092] bond0: (slave bond_slave_0): Releasing backup interface
[  120.839233][ T5092] bond0: (slave bond_slave_1): Releasing backup interface
[  120.968857][ T5092] team0: Port device team_slave_0 removed
[  120.985965][ T5092] team0: Port device team_slave_1 removed
[  121.026353][ T5092] batman_adv: batadv0: Removing interface: batadv_slave_0
[  121.034933][ T5121] loop0: detected capacity change from 0 to 128
[  121.053865][ T5092] batman_adv: batadv0: Removing interface: batadv_slave_1
[  121.069898][ T5101] team0: Mode changed to "broadcast"
[  121.113091][ T5108] netlink: 4 bytes leftover after parsing attributes in process `syz.4.242'.
[  121.158576][ T5121] FAT-fs (loop0): Directory bread(block 524322) failed
[  121.185575][ T5121] FAT-fs (loop0): Directory bread(block 524323) failed
[  121.202863][ T5121] FAT-fs (loop0): Directory bread(block 524324) failed
[  121.211668][   T13] tipc: Node number set to 2886997162
[  121.211762][ T5121] FAT-fs (loop0): Directory bread(block 524325) failed
[  121.231892][ T5121] FAT-fs (loop0): Directory bread(block 524326) failed
[  121.271752][ T5121] FAT-fs (loop0): Directory bread(block 524327) failed
[  121.303958][ T5121] FAT-fs (loop0): Directory bread(block 524328) failed
[  121.342957][ T5133] nf_conntrack: default automatic helper assignment has been turned off for security reasons and CT-based firewall rule not found. Use the iptables CT target to attach helpers instead.
[  121.366555][ T5121] FAT-fs (loop0): Directory bread(block 524329) failed
[  121.490906][ T5133] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  121.600282][ T5121] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=2128861522 (272494274816 ns) > initial count (149818882688 ns). Using initial count to start timer.
[  123.044199][ T5168] loop1: detected capacity change from 0 to 256
[  123.171364][   T26] audit: type=1800 audit(1773936689.052:5): pid=5168 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.260" name="file1" dev="loop1" ino=1048603 res=0 errno=0
[  123.278658][   T13] Process accounting resumed
[  123.378986][ T5182] netlink: 20 bytes leftover after parsing attributes in process `syz.4.267'.
[  123.436132][ T5182] netdevsim netdevsim4 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  123.445806][ T5182] netdevsim netdevsim4 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  123.454687][ T5182] netdevsim netdevsim4 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  123.463572][ T5182] netdevsim netdevsim4 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  123.506675][ T5185] loop2: detected capacity change from 0 to 512
[  123.682530][ T5185] EXT4-fs (loop2): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  123.706680][ T5185] ext4 filesystem being mounted at /41/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  124.332710][ T5183] bridge0: port 2(bridge_slave_1) entered disabled state
[  124.340154][ T5183] bridge0: port 1(bridge_slave_0) entered disabled state
[  124.348699][   T13] usb 1-1: new high-speed USB device number 3 using dummy_hcd
[  124.606482][   T13] usb 1-1: Using ep0 maxpacket: 16
[  124.714676][ T5183] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  124.757330][ T5183] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  124.766444][   T13] usb 1-1: unable to get BOS descriptor or descriptor too short
[  124.847402][   T13] usb 1-1: config 8 has an invalid descriptor of length 0, skipping remainder of the config
[  124.857842][   T13] usb 1-1: config 8 has 0 interfaces, different from the descriptor's value: 1
[  125.026655][   T13] usb 1-1: New USB device found, idVendor=0424, idProduct=c001, bcdDevice=e2.0c
[  125.035758][   T13] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  125.047755][   T13] usb 1-1: Product: syz
[  125.051963][   T13] usb 1-1: Manufacturer: syz
[  125.056961][   T13] usb 1-1: SerialNumber: syz
[  125.164455][ T5183] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.173759][ T5183] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.183538][ T5183] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.192708][ T5183] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  125.296687][ T5184] netlink: 4 bytes leftover after parsing attributes in process `syz.4.267'.
[  125.312706][ T5182] netlink: 4 bytes leftover after parsing attributes in process `syz.4.267'.
[  125.359718][ T5184] netlink: 4 bytes leftover after parsing attributes in process `syz.4.267'.
[  125.380015][   T13] usb 1-1: USB disconnect, device number 3
[  125.546252][ T5220] netlink: 4 bytes leftover after parsing attributes in process `syz.2.279'.
[  125.619216][ T5222] sch_tbf: burst 32855 is lower than device lo mtu (65550) !
[  128.767264][ T5244] loop4: detected capacity change from 0 to 512
[  128.877190][ T5244] EXT4-fs (loop4): mounted filesystem without journal. Opts: nodioread_nolock,sb=0x0000000000000001,,errors=continue. Quota mode: writeback.
[  128.940568][ T5244] ext4 filesystem being mounted at /57/file2 supports timestamps until 2038-01-19 (0x7fffffff)
[  129.030550][ T4232] usb 1-1: new high-speed USB device number 4 using dummy_hcd
[  129.306492][ T4232] usb 1-1: Using ep0 maxpacket: 32
[  129.322145][ T5280] netlink: 8 bytes leftover after parsing attributes in process `syz.3.299'.
[  130.336450][ T4232] usb 1-1: unable to read config index 0 descriptor/all
[  130.347167][ T4232] usb 1-1: can't read configurations, error -71
[  130.412803][ T5297] device syzkaller0 entered promiscuous mode
[  130.574223][ T5303] netlink: 76 bytes leftover after parsing attributes in process `syz.2.308'.
[  130.776633][ T4232] usb 1-1: new high-speed USB device number 5 using dummy_hcd
[  131.906377][ T4232] usb 1-1: Using ep0 maxpacket: 32
[  132.037173][ T4232] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  132.056488][ T4232] usb 1-1: config 0 has no interfaces?
[  132.296917][ T4232] usb 1-1: New USB device found, idVendor=0582, idProduct=008d, bcdDevice=b8.a2
[  132.357015][ T4232] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  132.395965][ T4232] usb 1-1: Product: syz
[  132.417407][ T4232] usb 1-1: Manufacturer: syz
[  132.439554][ T4232] usb 1-1: SerialNumber: syz
[  132.472570][ T4232] usb 1-1: config 0 descriptor??
[  132.798985][ T5339] sch_tbf: burst 4398 is lower than device lo mtu (65550) !
[  132.812852][ T5339] netlink: 12 bytes leftover after parsing attributes in process `syz.1.322'.
[  132.835472][ T1111] usb 1-1: USB disconnect, device number 5
[  132.859841][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  132.872954][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  134.234624][ T5361] device syzkaller0 entered promiscuous mode
[  135.366613][ T5407] tipc: Enabled bearer <udp:syz2>, priority 10
[  135.390130][ T5407] tipc: Enabled bearer <ib:wg1>, priority 0
[  135.411613][ T5409] IPVS: lc: UDP 224.0.0.2:0 - no destination available
[  135.533762][ T5419] tipc: Enabling of bearer <eth:syzkaller0> rejected, failed to enable media
[  135.869881][ T5209] usb 3-1: new full-speed USB device number 3 using dummy_hcd
[  136.742071][ T4231] tipc: Node number set to 2143178233
[  137.166830][ T5209] usb 3-1: unable to get BOS descriptor or descriptor too short
[  137.257725][ T5209] usb 3-1: not running at top speed; connect to a high speed hub
[  137.427374][ T5209] usb 3-1: config 0 has an invalid interface number: 88 but max is 0
[  137.467919][ T5209] usb 3-1: config 0 has no interface number 0
[  138.280102][ T5209] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has an invalid bInterval 0, changing to 10
[  138.291749][ T5209] usb 3-1: config 0 interface 88 altsetting 8 endpoint 0x86 has invalid maxpacket 178, setting to 64
[  138.303679][ T5209] usb 3-1: config 0 interface 88 has no altsetting 0
[  138.476791][ T5209] usb 3-1: New USB device found, idVendor=0460, idProduct=0004, bcdDevice=96.31
[  138.492911][ T5209] usb 3-1: New USB device strings: Mfr=1, Product=84, SerialNumber=3
[  138.511383][ T5209] usb 3-1: Product: syz
[  138.525893][ T5209] usb 3-1: Manufacturer: syz
[  138.539909][ T5209] usb 3-1: SerialNumber: syz
[  138.558382][ T5209] usb 3-1: config 0 descriptor??
[  138.646525][ T5209] usb 3-1: can't set config #0, error -71
[  138.676589][ T5209] usb 3-1: USB disconnect, device number 3
[  139.616797][ T4232] usb 1-1: new high-speed USB device number 6 using dummy_hcd
[  139.866397][ T4232] usb 1-1: Using ep0 maxpacket: 32
[  139.986667][ T4232] usb 1-1: config 0 has an invalid interface number: 83 but max is 0
[  140.005192][ T4232] usb 1-1: config 0 has no interface number 0
[  140.018471][ T4232] usb 1-1: config 0 interface 83 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0
[  140.276658][ T4232] usb 1-1: New USB device found, idVendor=112a, idProduct=0001, bcdDevice=d8.11
[  140.285771][ T4232] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  140.317092][ T4232] usb 1-1: Product: syz
[  140.324767][ T4232] usb 1-1: Manufacturer: syz
[  140.335437][ T4232] usb 1-1: SerialNumber: syz
[  140.358795][ T4232] usb 1-1: config 0 descriptor??
[  140.408411][ T4232] redrat3 1-1:0.83: Couldn't find all endpoints
[  140.459006][ T5527] netlink: 1319 bytes leftover after parsing attributes in process `syz.1.383'.
[  140.613615][ T5534] netlink: 'syz.1.385': attribute type 15 has an invalid length.
[  140.639439][ T5482] udc-core: couldn't find an available UDC or it's busy
[  140.649284][ T5482] misc raw-gadget: fail, usb_gadget_probe_driver returned -16
[  140.666925][ T1108] usb 1-1: USB disconnect, device number 6
[  140.711480][ T5534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  140.719591][ T5534] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  141.522529][ T5571] netlink: 'syz.0.402': attribute type 16 has an invalid length.
[  141.540861][ T5571] netlink: 'syz.0.402': attribute type 17 has an invalid length.
[  141.575500][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  141.588311][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  141.599952][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  141.611821][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  141.629707][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  141.646087][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  141.655551][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready
[  141.673994][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready
[  141.683815][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready
[  141.698985][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  141.708464][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready
[  141.719704][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.727487][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  141.735610][ T5571] 8021q: adding VLAN 0 to HW filter on device bond0
[  141.743923][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  141.753972][ T5571] 8021q: adding VLAN 0 to HW filter on device team0
[  141.772515][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  141.789277][ T5571] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready
[  141.802330][ T5571] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  142.385530][ T5606] netlink: 64 bytes leftover after parsing attributes in process `syz.0.415'.
[  142.395089][ T5606] netlink: 64 bytes leftover after parsing attributes in process `syz.0.415'.
[  142.404530][ T5606] netlink: 64 bytes leftover after parsing attributes in process `syz.0.415'.
[  142.413885][ T5606] A link change request failed with some changes committed already. Interface geneve1 may have been left with an inconsistent configuration, please check.
[  143.590155][ T4202] Bluetooth: Wrong link type (-22)
[  144.870851][ T5649] 8021q: adding VLAN 0 to HW filter on device bond1
[  145.879347][ T5674] netem: change failed
[  146.209233][ T5679] bond1: (slave batadv_slave_1): Enslaving as a backup interface with a down link
[  146.553679][ T5693] netlink: 'syz.1.442': attribute type 4 has an invalid length.
[  147.218476][ T5707] loop4: detected capacity change from 0 to 164
[  147.265533][ T5707] rock: directory entry would overflow storage
[  147.282317][ T5707] rock: sig=0x5053, size=7, remaining=4
[  147.288731][ T5707] isofs_fill_super: root inode is not a directory. Corrupted media?
[  147.840005][ T5710] bridge0: port 2(bridge_slave_1) entered disabled state
[  147.847329][ T5710] bridge0: port 1(bridge_slave_0) entered disabled state
[  148.306202][ T5710] tipc: Resetting bearer <ib:wg1>
[  149.369085][ T5710] batman_adv: batadv0: Interface deactivated: batadv_slave_0
[  149.467157][ T5710] batman_adv: batadv0: Interface deactivated: batadv_slave_1
[  150.212867][ T5710] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  150.222154][ T5710] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  150.231936][ T5710] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  150.242105][ T5710] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  150.374128][ T5711] netlink: 12 bytes leftover after parsing attributes in process `syz.1.448'.
[  150.402830][ T5718] netlink: 4 bytes leftover after parsing attributes in process `syz.3.450'.
[  150.424024][ T5731] netlink: 12 bytes leftover after parsing attributes in process `syz.4.454'.
[  150.595000][ T5738] IPv6: ADDRCONF(NETDEV_CHANGE): bpq0: link becomes ready
[  153.136432][ T5759] binder: 5757:5759 ioctl c0306201 200000000180 returned -14
[  155.403823][ T5809] bridge0: port 3(syz_tun) entered blocking state
[  155.422303][ T5809] bridge0: port 3(syz_tun) entered disabled state
[  155.436937][ T5809] device syz_tun entered promiscuous mode
[  155.444605][ T5811] netlink: 24 bytes leftover after parsing attributes in process `syz.3.483'.
[  155.855262][ T5817] loop0: detected capacity change from 0 to 2048
[  155.964838][ T5817] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  156.068395][ T5817] netlink: 182 bytes leftover after parsing attributes in process `syz.0.484'.
[  157.116627][ T5847] netlink: 'syz.4.495': attribute type 16 has an invalid length.
[  157.131426][ T5847] netlink: 'syz.4.495': attribute type 17 has an invalid length.
[  157.168085][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  157.196004][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  157.219709][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  157.251003][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  157.283153][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  157.308187][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  157.318999][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  157.348616][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready
[  157.368060][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready
[  157.379142][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready
[  157.390718][ T5847] device syz_tun left promiscuous mode
[  157.397876][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  157.414762][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready
[  157.427657][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  157.436820][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  157.445010][ T5847] 8021q: adding VLAN 0 to HW filter on device bond0
[  157.456069][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  157.472909][ T5847] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready
[  157.481450][ T5847] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  158.950598][ T5870] netlink: 16 bytes leftover after parsing attributes in process `syz.2.503'.
[  159.167524][ T5884] netlink: 'syz.2.508': attribute type 16 has an invalid length.
[  159.182519][ T5884] netlink: 'syz.2.508': attribute type 17 has an invalid length.
[  159.196082][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  159.216126][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  159.239473][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  159.263355][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  159.284088][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  159.293896][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  159.343716][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  159.382765][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready
[  159.402168][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready
[  159.418757][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready
[  159.436029][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  159.462933][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready
[  159.475089][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  159.488768][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  159.500457][ T5884] 8021q: adding VLAN 0 to HW filter on device bond0
[  159.508122][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  159.517623][ T5884] 8021q: adding VLAN 0 to HW filter on device team0
[  159.525570][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  159.536192][ T5884] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready
[  159.544386][ T5884] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  159.606505][   T23] usb 1-1: new high-speed USB device number 7 using dummy_hcd
[  159.617700][ T5907] bridge0: port 1(syz_tun) entered blocking state
[  159.625002][ T5907] bridge0: port 1(syz_tun) entered disabled state
[  159.647582][ T5907] device syz_tun entered promiscuous mode
[  159.673016][ T5907] bridge0: port 1(syz_tun) entered blocking state
[  159.679975][ T5907] bridge0: port 1(syz_tun) entered forwarding state
[  159.700830][ T5910] bridge0: port 1(syz_tun) entered learning state
[  160.756429][   T23] usb 1-1: Using ep0 maxpacket: 8
[  160.876496][   T23] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  160.896335][   T23] usb 1-1: config 0 has no interfaces?
[  160.912329][   T23] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  160.936768][   T23] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  160.955925][   T23] usb 1-1: config 0 descriptor??
[  162.664177][ T1108] usb 1-1: USB disconnect, device number 7
[  164.731479][ T5970] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  164.808060][ T5970] device bridge_slave_0 left promiscuous mode
[  164.827019][ T5970] bridge0: port 1(bridge_slave_0) entered disabled state
[  164.837797][ T5970] device bridge_slave_1 left promiscuous mode
[  164.844093][ T5970] bridge0: port 2(bridge_slave_1) entered disabled state
[  164.891258][ T5970] bond0: (slave bond_slave_0): Releasing backup interface
[  164.905840][ T5974] loop4: detected capacity change from 0 to 4096
[  164.923174][ T5970] bond0: (slave bond_slave_1): Releasing backup interface
[  164.938364][ T5970] team0: Failed to send options change via netlink (err -105)
[  164.948993][ T5970] team0: Failed to send port change of device team_slave_0 via netlink (err -105)
[  164.960719][ T5970] team0: Port device team_slave_0 removed
[  165.014037][ T5970] team0: Failed to send options change via netlink (err -105)
[  165.034376][ T5970] team0: Failed to send port change of device team_slave_1 via netlink (err -105)
[  165.061943][ T5970] team0: Port device team_slave_1 removed
[  165.084053][ T5970] batman_adv: batadv0: Removing interface: batadv_slave_0
[  165.121654][ T5970] batman_adv: batadv0: Removing interface: batadv_slave_1
[  165.159191][ T5958] netlink: 'syz.0.534': attribute type 16 has an invalid length.
[  165.169683][ T5958] netlink: 'syz.0.534': attribute type 17 has an invalid length.
[  165.214996][ T5958] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  165.237206][ T5958] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  165.274041][ T5958] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  165.299450][ T5975] team0: Failed to send options change via netlink (err -105)
[  165.309568][ T5975] team0: Mode changed to "activebackup"
[  166.616355][ T1108] usb 3-1: new high-speed USB device number 4 using dummy_hcd
[  166.743546][ T6011] sch_tbf: burst 19872 is lower than device lo mtu (11337746) !
[  166.856548][ T1108] usb 3-1: Using ep0 maxpacket: 8
[  167.086888][ T1108] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  167.217157][ T1108] usb 3-1: config 0 has no interfaces?
[  167.324553][ T1108] usb 3-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  167.518675][ T1108] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  167.536659][ T1108] usb 3-1: config 0 descriptor??
[  167.620499][ T6020] netlink: 'syz.1.553': attribute type 16 has an invalid length.
[  167.629358][ T6020] netlink: 'syz.1.553': attribute type 17 has an invalid length.
[  167.637523][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  167.652784][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  167.679728][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  167.747569][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  167.768646][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  167.783468][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  167.838921][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  167.858851][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  167.868568][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready
[  167.879840][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready
[  167.889688][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready
[  167.899036][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  167.908765][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready
[  168.062281][ T6020] bridge0: port 3(syz_tun) entered blocking state
[  168.068900][ T6020] bridge0: port 3(syz_tun) entered forwarding state
[  168.611607][ T6020] 8021q: adding VLAN 0 to HW filter on device bond0
[  168.661217][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): bond0: link becomes ready
[  168.682433][ T6020] 8021q: adding VLAN 0 to HW filter on device team0
[  168.704514][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  168.713711][ T6020] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready
[  168.721807][ T6020] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  168.742744][ T6026] device syz_tun left promiscuous mode
[  168.770556][ T6026] bridge0: port 1(syz_tun) entered disabled state
[  168.785842][ T6026] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  168.797206][ T6026] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  168.804866][ T6026] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  168.830105][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  168.858578][    T9] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0.257: link becomes ready
[  168.868989][ T6031] sch_tbf: burst 3298 is lower than device lo mtu (65550) !
[  168.941510][ T4174] usb 3-1: USB disconnect, device number 4
[  169.031258][ T6055] netlink: 8 bytes leftover after parsing attributes in process `syz.3.563'.
[  169.065866][ T6058] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  169.073674][ T6058] IPv6: NLM_F_CREATE should be set when creating new route
[  171.484803][ T6077] loop0: detected capacity change from 0 to 256
[  171.670967][ T6058] device syzkaller0 left promiscuous mode
[  172.621183][ T6071] device bridge2 entered promiscuous mode
[  174.139376][ T6122] loop4: detected capacity change from 0 to 256
[  175.553172][ T6134] loop0: detected capacity change from 0 to 4096
[  177.936434][ T6130] netlink: 12 bytes leftover after parsing attributes in process `syz.0.584'.
[  180.479746][ T6191] fuse: Unknown parameter '4'
[  180.495458][ T6191] sctp: [Deprecated]: syz.3.605 (pid 6191) Use of int in max_burst socket option deprecated.
[  180.495458][ T6191] Use struct sctp_assoc_value instead
[  180.719353][ T6196] bond1: (slave ip6gretap2): Enslaving as a backup interface with an up link
[  180.885596][ T6200] bond1 (unregistering): (slave batadv_slave_1): Releasing backup interface
[  180.922293][ T6200] bond1 (unregistering): (slave ip6gretap2): Releasing backup interface
[  181.049442][ T6200] bond1 (unregistering): Released all slaves
[  183.117275][ T1108] Bluetooth: hci4: command 0x0406 tx timeout
[  183.123503][ T1108] Bluetooth: hci2: command 0x0406 tx timeout
[  183.129671][ T1108] Bluetooth: hci0: command 0x0406 tx timeout
[  183.135910][ T1108] Bluetooth: hci3: command 0x0406 tx timeout
[  183.153741][ T4192] Bluetooth: hci1: command 0x0406 tx timeout
[  183.254574][ T6218] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  183.273957][ T6197] ALSA: mixer_oss: invalid OSS volume ';ʸg��Ԋ8�\>Px�i9�h�~��]Q�7'
[  183.282482][ T6197] ALSA: mixer_oss: invalid OSS volume 'eQCȡ*���q�pA�ڜ��e�T��|K�'
[  183.290795][ T6197] ALSA: mixer_oss: invalid OSS volume ':�a��z����]�q��e�X�fb]݆�B��.'
[  183.299178][ T6197] ALSA: mixer_oss: invalid OSS volume '��j|�����q⩃˚[�w�3�^.���ג�'
[  183.307525][ T6197] ALSA: mixer_oss: invalid OSS volume '�"P޸��ۜ���o[�8>�7|�YMe�p��q'
[  183.316149][ T6197] ALSA: mixer_oss: invalid OSS volume '��wI��׷�#�t\�W�,�bP=&e�'
[  184.728291][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880603f3400: rx timeout, send abort
[  185.228379][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880603f1000: rx timeout, send abort
[  185.436324][ T6243] netlink: 12 bytes leftover after parsing attributes in process `syz.1.619'.
[  185.479986][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880603f3400: abort rx timeout. Force session deactivation
[  185.736659][    C1] vcan0: j1939_tp_rxtimer: 0xffff8880603f1000: abort rx timeout. Force session deactivation
[  185.910075][ T6253] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link
[  186.092837][ T6256] bond1 (unregistering): (slave ip6gretap1): Releasing backup interface
[  186.383527][ T6261] loop0: detected capacity change from 0 to 2048
[  186.476822][ T6256] bond1 (unregistering): Released all slaves
[  186.647450][ T6261] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  186.798825][ T6259] EXT4-fs error (device loop0): ext4_mb_generate_buddy:1161: group 0, block bitmap and bg descriptor inconsistent: 25 vs 281 free clusters
[  189.133608][ T6259] EXT4-fs (loop0): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 3 with error 28
[  189.254202][ T6259] EXT4-fs (loop0): This should not happen!! Data will be lost
[  189.254202][ T6259] 
[  189.316709][ T6259] EXT4-fs (loop0): Total free blocks count 0
[  189.322879][ T6259] EXT4-fs (loop0): Free/Dirty block details
[  189.329037][ T6259] EXT4-fs (loop0): free_blocks=4096
[  189.334323][ T6259] EXT4-fs (loop0): dirty_blocks=16
[  189.343713][ T6259] EXT4-fs (loop0): Block reservation details
[  189.350073][ T6259] EXT4-fs (loop0): i_reserved_data_blocks=1
[  192.706201][ T6337] netlink: 'syz.1.647': attribute type 1 has an invalid length.
[  192.855571][ T6337] bond2: (slave veth5): Enslaving as an active interface with a down link
[  192.898114][ T6349] bond2: (slave dummy0): making interface the new active one
[  192.908092][ T6349] bond2: (slave dummy0): Enslaving as an active interface with an up link
[  192.926482][ T6351] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  192.933763][ T6351] IPv6: NLM_F_CREATE should be set when creating new route
[  192.954293][ T6344] loop4: detected capacity change from 0 to 1024
[  192.965428][ T6337] netlink: 14 bytes leftover after parsing attributes in process `syz.1.647'.
[  192.992033][ T6337] bond2: (slave dummy0): Releasing active interface
[  193.040645][ T6344] EXT4-fs (loop4): Ignoring removed orlov option
[  193.145192][ T6344] EXT4-fs (loop4): mounted filesystem without journal. Opts: block_validity,bsddf,nombcache,inode_readahead_blks=0x0000000000000000,debug_want_extra_isize=0x0000000000000080,orlov,nogrpid,noauto_da_alloc,grpjquota=,,errors=continue. Quota mode: none.
[  194.299305][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  194.306019][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  195.974832][ T6354] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.984684][ T6354] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0
[  195.994842][ T6354] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.004069][ T6354] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0
[  196.134605][ T6364] netlink: 798 bytes leftover after parsing attributes in process `syz.4.653'.
[  196.328995][ T6390] device syzkaller0 entered promiscuous mode
[  196.605728][ T6421] netlink: 1319 bytes leftover after parsing attributes in process `syz.3.684'.
[  196.666737][ T1108] usb 3-1: new high-speed USB device number 5 using dummy_hcd
[  196.722853][ T6422] set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state.
[  198.383726][ T1108] usb 3-1: config 0 interface 0 altsetting 0 has an invalid endpoint with address 0xFF, skipping
[  198.412001][ T1108] usb 3-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  198.445968][ T1108] usb 3-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  198.497801][ T6445] loop4: detected capacity change from 0 to 1024
[  198.529864][ T1108] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  198.540188][ T1108] usb 3-1: config 0 descriptor??
[  198.576859][ T6445] UDF-fs: INFO Mounting volume 'LinuxUDF', timestamp 2022/11/22 14:59 (1000)
[  198.582229][ T1108] usbhid 3-1:0.0: couldn't find an input interrupt endpoint
[  199.952688][ T6445] cgroup: fork rejected by pids controller in /syz4
[  199.999250][ T6454] device ipip0 entered promiscuous mode
[  200.216562][ T6592] netlink: 'syz.3.689': attribute type 15 has an invalid length.
[  200.301464][ T6594] netlink: 1319 bytes leftover after parsing attributes in process `syz.0.688'.
[  201.819734][ T5209] usb 3-1: USB disconnect, device number 5
[  201.953097][ T6611] program syz.2.695 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  202.043422][ T6605] netlink: 20 bytes leftover after parsing attributes in process `syz.1.692'.
[  202.062271][ T6613] program syz.2.695 is using a deprecated SCSI ioctl, please convert it to SG_IO
[  202.063213][ T6605] device ip6gre1 entered promiscuous mode
[  202.616347][ T5209] usb 3-1: new full-speed USB device number 6 using dummy_hcd
[  203.227385][ T6625] device syzkaller0 entered promiscuous mode
[  203.232904][ T6630] overlayfs: failed to clone upperpath
[  203.556666][ T5209] usb 3-1: unable to get BOS descriptor or descriptor too short
[  203.652822][ T5209] usb 3-1: not running at top speed; connect to a high speed hub
[  204.636400][ T5209] usb 3-1: config 3 has an invalid descriptor of length 0, skipping remainder of the config
[  204.669073][ T5209] usb 3-1: config 3 has 0 interfaces, different from the descriptor's value: 1
[  205.324989][ T6649] bridge0: port 3(syz_tun) entered disabled state
[  205.926372][ T5209] usb 3-1: New USB device found, idVendor=04dd, idProduct=9031, bcdDevice=56.ea
[  205.935487][ T5209] usb 3-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  205.953337][ T6654] netlink: 'syz.1.707': attribute type 16 has an invalid length.
[  205.971923][ T6654] netlink: 'syz.1.707': attribute type 17 has an invalid length.
[  206.028511][ T6654] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  206.056594][ T5209] usb 3-1: can't set config #3, error -71
[  206.065538][ T5209] usb 3-1: USB disconnect, device number 6
[  206.117215][ T6654] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  206.161176][ T6654] bridge0: port 3(syz_tun) entered blocking state
[  206.167757][ T6654] bridge0: port 3(syz_tun) entered forwarding state
[  206.211888][ T6654] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  206.329550][ T6666] capability: warning: `syz.0.722' uses deprecated v2 capabilities in a way that may be insecure
[  208.431804][ T6675] loop0: detected capacity change from 0 to 1024
[  211.628579][ T6701] netlink: 'syz.2.724': attribute type 16 has an invalid length.
[  211.642661][ T6701] netlink: 'syz.2.724': attribute type 17 has an invalid length.
[  211.655661][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  211.678058][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): tunl0: link becomes ready
[  211.703668][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): gre0: link becomes ready
[  211.734952][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): gretap0: link becomes ready
[  211.763369][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): erspan0: link becomes ready
[  211.804123][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): ip_vti0: link becomes ready
[  211.838345][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): ip6_vti0: link becomes ready
[  211.872657][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): sit0: link becomes ready
[  211.905092][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): ip6tnl0: link becomes ready
[  211.931878][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gre0: link becomes ready
[  211.958922][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): syz_tun: link becomes ready
[  211.983880][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): ip6gretap0: link becomes ready
[  212.099543][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  212.136146][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  212.185763][ T6701] 8021q: adding VLAN 0 to HW filter on device bond0
[  212.245841][ T6701] 8021q: adding VLAN 0 to HW filter on device team0
[  212.255484][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): dummy0: link becomes ready
[  212.265665][ T6701] IPv6: ADDRCONF(NETDEV_CHANGE): nlmon0: link becomes ready
[  212.275097][ T6701] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  213.074686][ T6707] xt_TPROXY: Can be used only with -p tcp or -p udp
[  216.077262][ T6744] loop0: detected capacity change from 0 to 512
[  216.098581][ T6745] netlink: 'syz.2.735': attribute type 27 has an invalid length.
[  216.102538][ T6744] FAT-fs (loop0): Unrecognized mount option "uid=+1" or missing value
[  216.951643][ T6721] netdevsim netdevsim4 netdevsim0: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.961116][ T6721] netdevsim netdevsim4 netdevsim1: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.970259][ T6721] netdevsim netdevsim4 netdevsim2: unset [0, 0] type 1 family 0 port 8472 - 0
[  216.979206][ T6721] netdevsim netdevsim4 netdevsim3: unset [0, 0] type 1 family 0 port 8472 - 0
[  222.294759][ T6812] sctp: [Deprecated]: syz.0.756 (pid 6812) Use of int in max_burst socket option.
[  222.294759][ T6812] Use struct sctp_assoc_value instead
[  222.360353][ T6814] device vlan2 entered promiscuous mode
[  222.394678][ T6814] device bond0 entered promiscuous mode
[  222.410154][ T6814] device bond_slave_0 entered promiscuous mode
[  222.433004][ T6814] device bond_slave_1 entered promiscuous mode
[  222.459110][ T6809] netlink: 8 bytes leftover after parsing attributes in process `syz.4.754'.
[  225.572049][ T6868] VFS: Mount too revealing
[  225.760277][ T6874] loop0: detected capacity change from 0 to 512
[  226.596613][ T6882] xt_TPROXY: Can be used only with -p tcp or -p udp
[  227.331156][ T6874] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: writeback.
[  227.587803][ T6874] ext4 filesystem being mounted at /147/bus supports timestamps until 2038-01-19 (0x7fffffff)
[  229.139471][ T5210] usb 3-1: new high-speed USB device number 7 using dummy_hcd
[  229.976557][ T5210] usb 3-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  231.040322][ T5210] usb 3-1: config 0 has no interfaces?
[  231.045874][ T5210] usb 3-1: New USB device found, idVendor=0bed, idProduct=1100, bcdDevice=ec.c3
[  231.055718][ T5210] usb 3-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  231.078309][ T5210] usb 3-1: config 0 descriptor??
[  231.164514][ T6926] netlink: 'syz.1.796': attribute type 21 has an invalid length.
[  231.173028][ T5210] usb 3-1: can't set config #0, error -71
[  231.181919][ T5210] usb 3-1: USB disconnect, device number 7
[  231.188146][ T6926] IPv6: NLM_F_CREATE should be specified when creating new route
[  232.696779][ T6926] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  232.704219][ T6926] IPv6: NLM_F_CREATE should be set when creating new route
[  232.711616][ T6926] IPv6: NLM_F_CREATE should be set when creating new route
[  232.718862][ T6926] IPv6: NLM_F_CREATE should be set when creating new route
[  233.642432][   T26] audit: type=1326 audit(1773937055.519:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  233.750354][ T6928] netlink: 'syz.1.796': attribute type 21 has an invalid length.
[  233.750411][   T26] audit: type=1326 audit(1773937055.569:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=206 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  233.794500][   T26] audit: type=1326 audit(1773937055.569:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  233.796756][ T6928] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  233.864187][   T26] audit: type=1326 audit(1773937055.569:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  234.806132][   T26] audit: type=1326 audit(1773937055.569:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=53 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  235.042351][ T6951] device batadv_slave_0 entered promiscuous mode
[  235.222316][   T26] audit: type=1326 audit(1773937055.569:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  235.299539][ T6952] netlink: 40 bytes leftover after parsing attributes in process `syz.4.793'.
[  235.425442][ T6952] netlink: 40 bytes leftover after parsing attributes in process `syz.4.793'.
[  235.657601][ T6952] netlink: 40 bytes leftover after parsing attributes in process `syz.4.793'.
[  235.752567][   T26] audit: type=1326 audit(1773937055.569:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  236.267627][   T26] audit: type=1326 audit(1773937055.579:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=186 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  236.785187][   T26] audit: type=1326 audit(1773937055.579:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  236.925602][   T26] audit: type=1326 audit(1773937055.579:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6933 comm="syz.3.788" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  236.988452][ T6964] loop4: detected capacity change from 0 to 4096
[  238.299669][ T6964] EXT4-fs (loop4): mounted filesystem without journal. Opts: grpquota,noblock_validity,,errors=continue. Quota mode: writeback.
[  238.682836][ T6985] netlink: 28 bytes leftover after parsing attributes in process `syz.1.806'.
[  239.285452][ T6995] bond0 speed is unknown, defaulting to 1000
[  239.327072][ T6997] netlink: 14 bytes leftover after parsing attributes in process `syz.1.810'.
[  239.409721][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.508495][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.558284][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.592874][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.635211][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.651683][ T6997] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface
[  239.685982][ T6997] device bond_slave_0 left promiscuous mode
[  239.689990][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.712860][ T6997] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface
[  239.745826][ T6997] device bond_slave_1 left promiscuous mode
[  239.752072][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.772751][ T6997] bond0 (unregistering): Released all slaves
[  239.791692][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.815540][ T6995] bond0 speed is unknown, defaulting to 1000
[  239.842570][ T6995] infiniband syz1: Couldn't register device with driver model
[  239.855783][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  239.904419][ T6995] siw: device registration error -19
[  239.945457][ T7009] loop2: detected capacity change from 0 to 512
[  239.952891][ T4188] EXT4-fs warning (device loop4): ext4_empty_dir:3139: inode #11: lblock 0: comm syz-executor: error -12 reading directory block
[  240.092966][ T7009] EXT4-fs (loop2): Warning: mounting with an experimental mount option 'dioread_nolock' for blocksize < PAGE_SIZE
[  240.196641][ T7009] EXT4-fs (loop2): ext4_check_descriptors: Checksum for group 0 failed (17031!=33349)
[  240.253253][ T7009] [EXT4 FS bs=1024, gc=1, bpg=8192, ipg=32, mo=a84ee02c, mo2=0002]
[  240.543243][ T7009] System zones: 1-12
[  240.977417][ T7009] EXT4-fs (loop2): orphan cleanup on readonly fs
[  240.987930][ T7009] EXT4-fs error (device loop2): ext4_free_branches:1030: inode #11: comm syz.2.815: invalid indirect mapped block 2 (level 2)
[  241.083483][ T7009] EXT4-fs (loop2): Remounting filesystem read-only
[  241.441393][ T7009] EXT4-fs (loop2): 1 truncate cleaned up
[  241.441915][ T7009] EXT4-fs (loop2): mounted filesystem without journal. Opts: dioread_nolock,max_batch_time=0x0000000000000006,usrquota,errors=remount-ro,i_version. Quota mode: writeback.
[  242.688576][ T7043] netlink: 52 bytes leftover after parsing attributes in process `syz.2.824'.
[  245.356652][ T7072] chnl_net:caif_netlink_parms(): no params data found
[  245.507471][ T7072] bridge0: port 1(bridge_slave_0) entered blocking state
[  245.514826][ T7072] bridge0: port 1(bridge_slave_0) entered disabled state
[  245.523431][ T7072] device bridge_slave_0 entered promiscuous mode
[  245.532536][ T7072] bridge0: port 2(bridge_slave_1) entered blocking state
[  245.539775][ T7072] bridge0: port 2(bridge_slave_1) entered disabled state
[  245.550088][ T7072] device bridge_slave_1 entered promiscuous mode
[  245.621016][ T7072] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  245.669394][ T7072] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  245.727811][ T7072] team0: Port device team_slave_0 added
[  245.765154][ T7072] team0: Port device team_slave_1 added
[  245.860502][   T26] kauditd_printk_skb: 28 callbacks suppressed
[  245.860521][   T26] audit: type=1804 audit(1773937067.739:44): pid=7098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.1.843" name="bus" dev="ramfs" ino=40530 res=1 errno=0
[  245.927455][ T7072] batman_adv: batadv0: Adding interface: batadv_slave_0
[  245.932989][   T26] audit: type=1804 audit(1773937067.769:45): pid=7098 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.843" name="bus" dev="ramfs" ino=40530 res=1 errno=0
[  245.952226][ T7072] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.649787][ T7072] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active
[  246.688161][ T7072] batman_adv: batadv0: Adding interface: batadv_slave_1
[  246.695331][ T7072] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem.
[  246.731746][ T7072] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active
[  246.816827][   T26] audit: type=1800 audit(1773937068.699:46): pid=7075 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.837" name="bus" dev="ramfs" ino=40500 res=0 errno=0
[  246.910622][ T7072] device hsr_slave_0 entered promiscuous mode
[  246.956790][ T7072] device hsr_slave_1 entered promiscuous mode
[  246.973365][ T7072] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  247.013882][ T7072] Cannot create hsr debugfs directory
[  247.096364][ T1108] Bluetooth: hci3: command 0x0409 tx timeout
[  247.159436][ T7109] netlink: 'syz.2.847': attribute type 4 has an invalid length.
[  247.928200][ T7072] netdevsim netdevsim5 netdevsim0: renamed from eth0
[  248.915011][ T7072] netdevsim netdevsim5 netdevsim1: renamed from eth1
[  249.078613][ T7072] netdevsim netdevsim5 netdevsim2: renamed from eth2
[  249.137351][ T7072] netdevsim netdevsim5 netdevsim3: renamed from eth3
[  249.176637][ T1108] Bluetooth: hci3: command 0x041b tx timeout
[  249.270605][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.0.857'.
[  249.310286][ T7135] netlink: 12 bytes leftover after parsing attributes in process `syz.0.857'.
[  249.422909][ T7072] 8021q: adding VLAN 0 to HW filter on device bond0
[  249.455170][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  249.464620][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  249.477724][ T7072] 8021q: adding VLAN 0 to HW filter on device team0
[  249.556941][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  249.571595][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  249.584898][ T1408] bridge0: port 1(bridge_slave_0) entered blocking state
[  249.592166][ T1408] bridge0: port 1(bridge_slave_0) entered forwarding state
[  249.609035][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  249.642835][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  249.654930][ T1408] bridge0: port 2(bridge_slave_1) entered blocking state
[  249.662124][ T1408] bridge0: port 2(bridge_slave_1) entered forwarding state
[  249.693900][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): bridge0: link becomes ready
[  249.705626][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  249.724946][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  249.812565][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_team: link becomes ready
[  249.829986][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_0: link becomes ready
[  249.845799][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_team: link becomes ready
[  249.866197][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team_slave_1: link becomes ready
[  249.875169][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  249.891681][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  249.928212][ T7072] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network
[  249.950453][ T7072] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  249.965646][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): team0: link becomes ready
[  249.984309][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  250.000913][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  250.200845][ T7153] device syzkaller0 entered promiscuous mode
[  250.535744][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  250.546593][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  250.581777][ T7072] 8021q: adding VLAN 0 to HW filter on device batadv0
[  251.280091][ T1108] Bluetooth: hci3: command 0x040f tx timeout
[  252.439623][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  252.469106][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  252.698567][ T7072] device veth0_vlan entered promiscuous mode
[  252.717114][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  252.732827][ T7186] loop2: detected capacity change from 0 to 1024
[  252.747762][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  253.158676][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  253.207623][ T7186] EXT4-fs (loop2): Ignoring removed mblk_io_submit option
[  253.397533][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  253.510910][   T21] Bluetooth: hci3: command 0x0419 tx timeout
[  253.523309][ T7072] device veth1_vlan entered promiscuous mode
[  253.544522][ T7186] EXT4-fs (loop2): mounted filesystem without journal. Opts: auto_da_alloc,mblk_io_submit,,errors=continue. Quota mode: none.
[  253.632480][ T4776] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  253.642825][ T4776] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  253.659627][ T7072] device veth0_macvtap entered promiscuous mode
[  253.678794][ T7072] device veth1_macvtap entered promiscuous mode
[  253.725002][ T7204] netlink: 'syz.3.877': attribute type 21 has an invalid length.
[  253.768442][ T7204] IPv6: NLM_F_CREATE should be specified when creating new route
[  253.784617][ T7204] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  253.791970][ T7204] IPv6: NLM_F_CREATE should be set when creating new route
[  253.799469][ T7204] IPv6: NLM_F_CREATE should be set when creating new route
[  253.806747][ T7204] IPv6: NLM_F_CREATE should be set when creating new route
[  253.832533][ T7207] netlink: 'syz.3.877': attribute type 21 has an invalid length.
[  253.851011][ T7207] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  253.887922][ T7213] device gretap0 entered promiscuous mode
[  253.893889][ T7213] device vlan2 entered promiscuous mode
[  253.909773][ T7214] netlink: 'syz.1.878': attribute type 1 has an invalid length.
[  253.923477][ T7214] netlink: 146340 bytes leftover after parsing attributes in process `syz.1.878'.
[  253.954200][ T7072] batman_adv: batadv0: Interface activated: batadv_slave_0
[  253.961870][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  253.972181][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): macsec0: link becomes ready
[  253.985815][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  254.002174][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  254.023805][ T7072] batman_adv: batadv0: Interface activated: batadv_slave_1
[  254.040158][ T7072] netdevsim netdevsim5 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  254.057578][ T7072] netdevsim netdevsim5 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  254.076470][ T7072] netdevsim netdevsim5 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  254.085725][ T7072] netdevsim netdevsim5 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  254.223141][ T4242] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.224519][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  254.239283][ T4242] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.249159][ T4242] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  254.258217][ T4242] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  254.272206][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  254.281437][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  254.289710][ T4771] IPv6: ADDRCONF(NETDEV_CHANGE): wlan1: link becomes ready
[  254.686737][ T7232] virtio-fs: tag </dev/md0> not found
[  256.369838][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  256.371442][ T7242] netlink: set zone limit has 8 unknown bytes
[  256.382597][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  258.129987][ T7253] netlink: 'syz.5.891': attribute type 4 has an invalid length.
[  259.803453][ T7283] netlink: 8 bytes leftover after parsing attributes in process `syz.3.899'.
[  260.818332][ T7286] netlink: 8 bytes leftover after parsing attributes in process `syz.2.898'.
[  262.621188][ T7298] netlink: 52 bytes leftover after parsing attributes in process `syz.0.903'.
[  263.600326][ T7305] netlink: 76 bytes leftover after parsing attributes in process `syz.0.903'.
[  263.648682][ T7305] netlink: 52 bytes leftover after parsing attributes in process `syz.0.903'.
[  263.762956][ T7313] netlink: 'syz.3.908': attribute type 4 has an invalid length.
[  264.416487][ T1108] usb 1-1: new full-speed USB device number 8 using dummy_hcd
[  265.386928][ T7340] netlink: 12 bytes leftover after parsing attributes in process `syz.3.914'.
[  265.495059][ T7343] bridge1: port 1(veth5) entered blocking state
[  265.501918][ T7343] bridge1: port 1(veth5) entered disabled state
[  265.536396][ T7343] device veth5 entered promiscuous mode
[  265.555177][ T7343] bridge1: port 1(veth5) entered blocking state
[  265.561516][ T7343] bridge1: port 1(veth5) entered forwarding state
[  265.618880][ T7340] bridge1: port 2(veth7) entered blocking state
[  265.625737][ T7340] bridge1: port 2(veth7) entered disabled state
[  265.652996][ T7340] device veth7 entered promiscuous mode
[  265.661827][ T7340] bridge1: port 2(veth7) entered blocking state
[  265.668293][ T7340] bridge1: port 2(veth7) entered forwarding state
[  265.677251][ T1408] bridge1: port 1(veth5) entered disabled state
[  265.708423][ T1408] bridge1: port 2(veth7) entered disabled state
[  265.776609][ T1108] usb 1-1: config 0 has no interfaces?
[  265.943418][ T1108] usb 1-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  265.963038][ T1108] usb 1-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  265.971924][ T1108] usb 1-1: Product: syz
[  265.977260][ T1108] usb 1-1: Manufacturer: syz
[  265.982464][ T1108] usb 1-1: SerialNumber: syz
[  266.001590][ T1108] usb 1-1: config 0 descriptor??
[  266.284952][ T5209] usb 1-1: USB disconnect, device number 8
[  266.335441][ T7360] netlink: 'syz.1.921': attribute type 4 has an invalid length.
[  266.582192][ T7372] xt_hashlimit: size too large, truncated to 1048576
[  266.589290][ T7372] xt_hashlimit: invalid rate
[  267.678033][   T26] audit: type=1804 audit(1773937089.559:47): pid=7379 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.0.928" name="bus" dev="ramfs" ino=43058 res=1 errno=0
[  267.768609][   T26] audit: type=1804 audit(1773937089.589:48): pid=7383 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.0.928" name="bus" dev="ramfs" ino=43058 res=1 errno=0
[  268.096897][   T26] audit: type=1326 audit(1773937089.619:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.636310][   T26] audit: type=1326 audit(1773937089.619:50): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.659020][   T26] audit: type=1326 audit(1773937089.619:51): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.682485][   T26] audit: type=1326 audit(1773937089.619:52): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=16 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.714054][   T26] audit: type=1326 audit(1773937089.619:53): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.736724][   T26] audit: type=1326 audit(1773937089.619:54): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.760018][   T26] audit: type=1326 audit(1773937089.619:55): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  268.828587][   T26] audit: type=1326 audit(1773937089.619:56): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.940" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7ffc0000
[  271.712002][ T7413] netdevsim netdevsim5 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.921985][ T7413] netdevsim netdevsim5 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  272.966416][ T4232] usb 6-1: new full-speed USB device number 2 using dummy_hcd
[  273.215301][ T7413] netdevsim netdevsim5 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.395577][ T7433] netlink: 16 bytes leftover after parsing attributes in process `syz.3.944'.
[  273.486892][ T4232] usb 6-1: config 0 has no interfaces?
[  273.567942][ T7413] netdevsim netdevsim5 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0
[  273.647339][ T4232] usb 6-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b
[  273.687596][ T4232] usb 6-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2
[  273.735579][ T4232] usb 6-1: Product: syz
[  273.759115][ T4232] usb 6-1: Manufacturer: syz
[  273.785051][ T4232] usb 6-1: SerialNumber: syz
[  274.213891][ T4232] usb 6-1: config 0 descriptor??
[  274.235039][ T7413] netdevsim netdevsim5 eth0: set [1, 0] type 2 family 0 port 6081 - 0
[  274.249626][ T7413] netdevsim netdevsim5 eth1: set [1, 0] type 2 family 0 port 6081 - 0
[  274.271503][ T7413] netdevsim netdevsim5 eth2: set [1, 0] type 2 family 0 port 6081 - 0
[  274.284907][ T7413] netdevsim netdevsim5 eth3: set [1, 0] type 2 family 0 port 6081 - 0
[  274.496016][ T5207] usb 6-1: USB disconnect, device number 2
[  279.246926][ T7485] netlink: 8 bytes leftover after parsing attributes in process `syz.5.962'.
[  279.365307][ T7491] netlink: 16 bytes leftover after parsing attributes in process `syz.0.964'.
[  279.564696][ T7499] netlink: 8 bytes leftover after parsing attributes in process `syz.5.965'.
[  282.730626][ T7522] netlink: 8 bytes leftover after parsing attributes in process `syz.3.979'.
[  284.072568][ T7542] loop2: detected capacity change from 0 to 512
[  284.106598][ T7545] netlink: 64 bytes leftover after parsing attributes in process `syz.1.981'.
[  284.807128][ T7542] EXT4-fs error (device loop2): ext4_read_inode_bitmap:140: comm syz.2.978: Invalid inode bitmap blk 4 in block_group 0
[  284.824475][ T7542] EXT4-fs (loop2): mounted filesystem without journal. Opts: noblock_validity,resuid=0x0000000000000000,grpquota,noload,nobarrier,usrquota,,errors=continue. Quota mode: writeback.
[  284.889719][ T7556] netlink: 28 bytes leftover after parsing attributes in process `syz.3.983'.
[  284.908201][ T7556] netlink: 'syz.3.983': attribute type 7 has an invalid length.
[  284.916753][ T7556] netlink: 4 bytes leftover after parsing attributes in process `syz.3.983'.
[  284.992605][ T7556] device ip6gretap0 entered promiscuous mode
[  285.017197][ T7556] device syz_tun entered promiscuous mode
[  285.046696][ T7556] hsr1: Slave A (ip6gretap0) is not up; please bring it up to get a fully working HSR network
[  285.073674][ T7556] hsr1: Slave B (syz_tun) is not up; please bring it up to get a fully working HSR network
[  288.426507][ T7553] EXT4-fs error (device loop2): ext4_validate_block_bitmap:429: comm ext4lazyinit: bg 0: block 13: invalid block bitmap
[  289.850545][ T7653] loop0: detected capacity change from 0 to 22
[  289.908429][ T7653] MTD: Attempt to mount non-MTD device "/dev/loop0"
[  289.947827][ T7653] romfs: Mounting image 'rom 637cf1fa' through the block layer
[  290.137009][ T7658] loop5: detected capacity change from 0 to 128
[  290.416643][ T7658] vfat filesystem being mounted at /21/file0 supports timestamps until 2107-12-31 (0x10391447e)
[  291.121060][ T7666] netlink: 'syz.0.1014': attribute type 7 has an invalid length.
[  291.217177][ T7672] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE
[  291.224492][ T7672] IPv6: NLM_F_CREATE should be set when creating new route
[  291.283791][ T7670] attempt to access beyond end of device
[  291.283791][ T7670] loop5: rw=2049, want=241, limit=128
[  291.960332][ T7674] bridge0: port 3(syz_tun) entered disabled state
[  294.181667][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  294.202599][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  294.215089][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  294.661350][ T7723] infiniband syz2: set down
[  294.666476][ T7723] infiniband syz2: added vxcan1
[  294.712466][ T1108] vxcan1 speed is unknown, defaulting to 1000
[  294.843585][ T7723] infiniband syz2: Couldn't open port 1
[  294.890645][ T7723] RDS/IB: syz2: added
[  294.895160][ T7723] smc: adding ib device syz2 with port count 1
[  294.901800][ T7723] smc:    ib device syz2 port 1 has pnetid 
[  294.910886][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  294.969931][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  295.027900][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  295.086430][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  295.145141][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  295.203710][ T7723] vxcan1 speed is unknown, defaulting to 1000
[  295.223560][   T21] vxcan1 speed is unknown, defaulting to 1000
[  297.903518][   T26] kauditd_printk_skb: 44 callbacks suppressed
[  297.903612][   T26] audit: type=1804 audit(3921421023.777:101): pid=7758 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.1042" name="file0" dev="hugetlbfs" ino=44096 res=1 errno=0
[  298.926965][   T26] audit: type=1804 audit(3921421024.057:102): pid=7760 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.1042" name="file0" dev="hugetlbfs" ino=44096 res=1 errno=0
[  299.009992][ T7764] lo: Caught tx_queue_len zero misconfig
[  299.105159][ T7765] loop0: detected capacity change from 0 to 2048
[  299.174684][ T7767] netlink: 'syz.3.1045': attribute type 10 has an invalid length.
[  299.203990][ T7768] NILFS (loop0): segctord starting. Construction interval = 5 seconds, CP frequency < 30 seconds
[  299.204131][ T7767] netlink: 'syz.3.1045': attribute type 10 has an invalid length.
[  299.289989][ T7767] bond0: (slave dummy0): Enslaving as an active interface with an up link
[  302.214684][ T7809] netlink: 48 bytes leftover after parsing attributes in process `syz.1.1055'.
[  307.664249][ T7852] overlayfs: failed to clone upperpath
[  309.028339][ T7844] loop0: detected capacity change from 0 to 32768
[  309.153599][ T7869] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1074'.
[  309.252541][ T7844] XFS (loop0): Mounting V5 Filesystem
[  309.533031][ T7844] XFS (loop0): Ending clean mount
[  310.740586][ T7893] overlayfs: upperdir is in-use as upperdir/workdir of another mount, mount with '-o index=off' to override exclusive upperdir protection.
[  310.802985][ T4187] XFS (loop0): Unmounting Filesystem
[  310.837860][ T7897] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1090'.
[  310.883401][ T7897] netdevsim netdevsim1 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  310.892500][ T7897] netdevsim netdevsim1 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  310.901334][ T7897] netdevsim netdevsim1 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  310.910211][ T7897] netdevsim netdevsim1 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  311.012553][ T7897] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1090'.
[  311.057312][ T7901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1090'.
[  311.067615][ T7901] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1090'.
[  311.241651][ T7906] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  311.342065][ T7906] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  314.626058][ T7949] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  315.618851][ T7962] tipc: Started in network mode
[  315.623963][ T7962] tipc: Node identity 7f000001, cluster identity 4711
[  315.635904][ T7962] tipc: Enabling of bearer <udp:syz2> rejected, failed to enable media
[  315.653184][ T7962] tipc: Enabling of bearer <udp:syz0> rejected, failed to enable media
[  316.221384][ T7982] netlink: 'syz.1.1105': attribute type 7 has an invalid length.
[  316.579052][ T7988] 9pnet: Insufficient options for proto=fd
[  317.594918][ T7990] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  317.603520][ T7990] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  317.632259][ T7990] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  317.636257][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  317.639954][ T7990] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  317.650141][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  317.656668][ T7990] 8021q: adding VLAN 0 to HW filter on device bond0
[  317.694488][ T7990] A link change request failed with some changes committed already. Interface caif0 may have been left with an inconsistent configuration, please check.
[  317.872000][  T144] IPv6: ADDRCONF(NETDEV_CHANGE): hsr1: link becomes ready
[  317.938261][ T7994] IPv6: ADDRCONF(NETDEV_CHANGE): lo: link becomes ready
[  317.964958][ T7994] IPv6: ADDRCONF(NETDEV_CHANGE): vcan0: link becomes ready
[  317.985830][ T7994] bond0: (slave dummy0): Releasing backup interface
[  318.007508][ T7994] device veth5 left promiscuous mode
[  318.013033][ T7994] bridge1: port 1(veth5) entered disabled state
[  318.023149][ T7994] device veth7 left promiscuous mode
[  318.029535][ T7994] bridge1: port 2(veth7) entered disabled state
[  318.256444][   T21] usb 1-1: new high-speed USB device number 9 using dummy_hcd
[  318.692658][ T8008] netlink: 72 bytes leftover after parsing attributes in process `syz.3.1114'.
[  318.756924][   T21] usb 1-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  318.996922][ T7965] nci: __nci_request: wait_for_completion_interruptible_timeout failed -512
[  319.413224][   T21] usb 1-1: config 1 interface 1 altsetting 1 bulk endpoint 0x82 has invalid maxpacket 1024
[  320.564214][ T8022] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  320.575300][ T8022] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  320.582985][   T21] usb 1-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40
[  320.605684][   T21] usb 1-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3
[  320.614800][ T8022] sch_tbf: burst 2 is lower than device lo mtu (18) !
[  320.626270][   T21] usb 1-1: Product: syz
[  320.630574][   T21] usb 1-1: Manufacturer: syz
[  320.635190][   T21] usb 1-1: SerialNumber: syz
[  320.767963][   T21] cdc_mbim 1-1:1.0: skipping garbage
[  320.794576][ T8028] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  320.828101][   T26] audit: type=1326 audit(3921421046.707:103): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8032 comm="syz.5.1124" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f0ad5179799 code=0x0
[  321.159172][   T21] cdc_mbim 1-1:1.0: bind() failure
[  321.193796][   T21] cdc_ncm 1-1:1.1: CDC Union missing and no IAD found
[  321.293183][   T21] cdc_ncm 1-1:1.1: bind() failure
[  321.477683][   T21] usb 1-1: USB disconnect, device number 9
[  330.586434][ T8137] sctp: [Deprecated]: syz.1.1156 (pid 8137) Use of struct sctp_assoc_value in delayed_ack socket option.
[  330.586434][ T8137] Use struct sctp_sack_info instead
[  331.479873][ T8143] gretap0: refused to change device tx_queue_len
[  331.486520][ T8143] A link change request failed with some changes committed already. Interface gretap0 may have been left with an inconsistent configuration, please check.
[  331.649253][ T8133] Set syz1 is full, maxelem 768 reached
[  331.844556][ T8150] netlink: 76 bytes leftover after parsing attributes in process `syz.0.1163'.
[  332.868328][ T8164] loop0: detected capacity change from 0 to 256
[  332.900551][ T8169] uffd: Set unprivileged_userfaultfd sysctl knob to 1 if kernel faults must be handled without obtaining CAP_SYS_PTRACE capability
[  333.134867][ T8164] FAT-fs (loop0): Directory bread(block 64) failed
[  333.178281][ T8176] SET target dimension over the limit!
[  333.252664][ T8164] FAT-fs (loop0): Directory bread(block 65) failed
[  333.425184][ T8164] FAT-fs (loop0): Directory bread(block 66) failed
[  333.693385][ T8164] FAT-fs (loop0): Directory bread(block 67) failed
[  333.796421][ T8164] FAT-fs (loop0): Directory bread(block 68) failed
[  333.914670][ T8164] FAT-fs (loop0): Directory bread(block 69) failed
[  333.937293][ T8164] FAT-fs (loop0): Directory bread(block 70) failed
[  334.040656][ T8164] FAT-fs (loop0): Directory bread(block 71) failed
[  334.070924][ T8164] FAT-fs (loop0): Directory bread(block 72) failed
[  334.106658][ T8164] FAT-fs (loop0): Directory bread(block 73) failed
[  338.525276][ T8164] FAT-fs (loop0): Directory bread(block 74) failed
[  338.688964][ T8164] FAT-fs (loop0): Directory bread(block 75) failed
[  338.745816][ T8164] FAT-fs (loop0): Directory bread(block 76) failed
[  338.924850][ T8164] FAT-fs (loop0): Directory bread(block 77) failed
[  339.004654][ T8164] FAT-fs (loop0): Directory bread(block 78) failed
[  339.040004][ T8164] FAT-fs (loop0): Directory bread(block 79) failed
[  339.286451][ T8217] IPv6: NLM_F_CREATE should be specified when creating new route
[  339.559921][ T8164] FAT-fs (loop0): Directory bread(block 80) failed
[  339.776301][ T8164] FAT-fs (loop0): Directory bread(block 81) failed
[  339.865192][ T8164] FAT-fs (loop0): Directory bread(block 82) failed
[  339.916259][ T8164] FAT-fs (loop0): Directory bread(block 83) failed
[  339.969027][ T8220] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=4273022513 (8546045026 ns) > initial count (2701865562 ns). Using initial count to start timer.
[  340.367458][ T8230] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.424030][ T8230] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  340.477069][ T8230] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  342.429213][ T8249] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1196'.
[  350.844244][ T8327] syz.1.1217 sent an empty control message without MSG_MORE.
[  351.126800][ T8332] netlink: 'syz.0.1218': attribute type 3 has an invalid length.
[  353.216178][ T8347] netlink: 76 bytes leftover after parsing attributes in process `syz.3.1221'.
[  353.476371][ T8365] netlink: 'syz.1.1228': attribute type 1 has an invalid length.
[  355.642727][ T8372] bond0: (slave vxcan3): The slave device specified does not support setting the MAC address
[  355.844281][ T8372] bond0: (slave vxcan3): Error -22 calling dev_set_mtu
[  356.120375][ T8365] bond0: (slave gretap1): making interface the new active one
[  356.139709][ T8365] bond0: (slave gretap1): Enslaving as an active interface with an up link
[  359.266958][ T8434] loop7: detected capacity change from 0 to 7
[  359.311423][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  359.322613][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.344894][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  359.355916][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.576590][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  359.587564][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.596745][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  359.607756][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  359.619395][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  359.630421][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  360.896078][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  360.907093][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  361.026959][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  361.038076][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  361.046252][ T8434] ldm_validate_partition_table(): Disk read failed.
[  361.144940][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  361.155967][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  361.362597][ T8445] loop0: detected capacity change from 0 to 128
[  361.389626][    C1] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  361.400731][    C1] Buffer I/O error on dev loop7, logical block 0, async page read
[  361.409712][    C0] blk_update_request: I/O error, dev loop7, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  361.420704][    C0] Buffer I/O error on dev loop7, logical block 0, async page read
[  361.455808][ T8434] Dev loop7: unable to read RDB block 0
[  361.463221][ T8434]  loop7: unable to read partition table
[  362.473335][ T8434] loop7: partition table beyond EOD, truncated
[  362.590330][ T8434] loop_reread_partitions: partition scan of loop7 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  363.156705][ T8445] EXT4-fs (loop0): mounted filesystem without journal. Opts: ,errors=continue. Quota mode: none.
[  363.236511][ T8445] ext4 filesystem being mounted at /238/mnt supports timestamps until 2038-01-19 (0x7fffffff)
[  363.253839][ T8478] loop5: detected capacity change from 0 to 164
[  366.148762][ T8445] fscrypt (loop0, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[  366.201433][ T8478] rock: directory entry would overflow storage
[  366.272170][ T8478] rock: sig=0x66, size=4, remaining=3
[  366.507979][ T8445] fscrypt (loop0, inode 12): Missing crypto API support for Adiantum (API name: "adiantum(xchacha12,aes)")
[  367.325872][ T8510] netlink: 28 bytes leftover after parsing attributes in process `syz.3.1265'.
[  367.345755][ T8513] netlink: zone id is out of range
[  367.364280][ T8513] netlink: zone id is out of range
[  368.746185][ T8513] netlink: zone id is out of range
[  368.751360][ T8513] netlink: zone id is out of range
[  368.823539][ T8513] netlink: zone id is out of range
[  368.843296][ T8513] netlink: zone id is out of range
[  368.851957][ T8513] netlink: zone id is out of range
[  368.864063][ T8513] netlink: zone id is out of range
[  368.870540][ T8513] netlink: zone id is out of range
[  368.876027][ T8513] netlink: zone id is out of range
[  370.311835][   T26] audit: type=1326 audit(3921421096.187:104): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8531 comm="syz.3.1271" exe="/root/syz-executor" sig=31 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x0
[  370.856335][ T4232] Bluetooth: hci3: command 0x0406 tx timeout
[  376.768527][ T8600] loop5: detected capacity change from 0 to 512
[  377.303035][ T8600] EXT4-fs error (device loop5): ext4_free_branches:1030: inode #11: comm syz.5.1288: invalid indirect mapped block 256 (level 2)
[  377.393872][ T8613] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1291'.
[  377.432962][ T8600] EXT4-fs (loop5): 2 truncates cleaned up
[  377.497760][ T8613] device team1 entered promiscuous mode
[  377.503585][ T8613] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1291'.
[  377.521193][ T8613] team2 (uninitialized): Failed to send options change via netlink (err -105)
[  377.534845][ T8600] EXT4-fs (loop5): mounted filesystem without journal. Opts: grpid,auto_da_alloc,lazytime,journal_dev=0x0000000000000006,,errors=continue. Quota mode: writeback.
[  377.573305][   T26] audit: type=1326 audit(3921421103.447:105): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8614 comm="syz.2.1293" exe="/root/syz-executor" sig=9 arch=c000003e syscall=231 compat=0 ip=0x7fda7007c799 code=0x0
[  377.611026][ T8613] device team2 entered promiscuous mode
[  377.641036][   T26] audit: type=1800 audit(3921421103.467:106): pid=8600 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.5.1288" name="file1" dev="loop5" ino=15 res=0 errno=0
[  378.187019][ T8598] EXT4-fs error (device loop5): ext4_validate_block_bitmap:429: comm syz.5.1288: bg 0: block 5: invalid block bitmap
[  378.213802][ T8598] EXT4-fs (loop5): Delayed block allocation failed for inode 15 at logical offset 0 with max blocks 32 with error 28
[  378.226695][ T8598] EXT4-fs (loop5): This should not happen!! Data will be lost
[  378.226695][ T8598] 
[  378.236490][ T8598] EXT4-fs (loop5): Total free blocks count 0
[  378.242550][ T8598] EXT4-fs (loop5): Free/Dirty block details
[  378.248711][ T8598] EXT4-fs (loop5): free_blocks=0
[  378.253758][ T8598] EXT4-fs (loop5): dirty_blocks=32
[  378.258988][ T8598] EXT4-fs (loop5): Block reservation details
[  378.265031][ T8598] EXT4-fs (loop5): i_reserved_data_blocks=32
[  378.633475][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  378.642383][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  380.475353][ T8653] device syzkaller0 left promiscuous mode
[  380.633782][ T8653] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  381.726314][ T5209] usb 6-1: new high-speed USB device number 3 using dummy_hcd
[  382.446395][ T5209] usb 6-1: Using ep0 maxpacket: 16
[  382.627143][ T5209] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has an invalid bInterval 0, changing to 7
[  383.326641][ T5209] usb 6-1: config 0 interface 0 altsetting 16 endpoint 0x81 has invalid wMaxPacketSize 0
[  383.398726][ T5209] usb 6-1: config 0 interface 0 altsetting 16 has 1 endpoint descriptor, different from the interface descriptor's value: 28
[  383.414954][ T5209] usb 6-1: config 0 interface 0 has no altsetting 0
[  383.432313][ T5209] usb 6-1: New USB device found, idVendor=056a, idProduct=0331, bcdDevice= 0.00
[  383.451268][ T5209] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  383.483632][ T5209] usb 6-1: config 0 descriptor??
[  383.520747][ T8690] xt_l2tp: missing protocol rule (udp|l2tpip)
[  383.546874][ T5209] usb 6-1: can't set config #0, error -71
[  383.601890][ T5209] usb 6-1: USB disconnect, device number 3
[  384.581638][ T8714] netlink: 'syz.2.1322': attribute type 12 has an invalid length.
[  386.296563][ T1108] usb 1-1: new full-speed USB device number 10 using dummy_hcd
[  386.321020][ T8734] netlink: 24 bytes leftover after parsing attributes in process `syz.2.1328'.
[  386.402885][ T8734] netlink: 14 bytes leftover after parsing attributes in process `syz.2.1328'.
[  386.468251][ T8734] bond0 (unregistering): Released all slaves
[  386.746414][ T1108] usb 1-1: config 0 has an invalid descriptor of length 0, skipping remainder of the config
[  386.784546][ T1108] usb 1-1: config 0 has 1 interface, different from the descriptor's value: 2
[  386.802961][ T1108] usb 1-1: New USB device found, idVendor=05d8, idProduct=810a, bcdDevice=92.b8
[  386.813888][ T1108] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  386.848287][ T1108] usb 1-1: config 0 descriptor??
[  386.925967][ T1108] dvb-usb: found a 'Artec T1 USB2.0' in warm state.
[  386.933038][ T1108] dvb-usb: bulk message failed: -22 (3/0)
[  387.247872][ T8725] dvb-usb: bulk message failed: -22 (2/0)
[  388.048511][ T1108] dvb-usb: will use the device's hardware PID filter (table count: 16).
[  388.076839][ T1108] dvbdev: DVB: registering new adapter (Artec T1 USB2.0)
[  388.113941][ T1108] usb 1-1: media controller created
[  388.151049][ T1108] dvbdev: dvb_create_media_entity: media entity 'dvb-demux' registered.
[  388.478424][ T1108] dvb-usb: bulk message failed: -22 (6/0)
[  388.613778][ T1108] dvb-usb: no frontend was attached by 'Artec T1 USB2.0'
[  389.008659][ T1108] input: IR-receiver inside an USB DVB receiver as /devices/platform/dummy_hcd.0/usb1/1-1/input/input6
[  389.113006][ T1108] dvb-usb: schedule remote query interval to 150 msecs.
[  389.129215][ T1108] dvb-usb: Artec T1 USB2.0 successfully initialized and connected.
[  389.183437][ T1108] usb 1-1: USB disconnect, device number 10
[  389.489860][ T1108] dvb-usb: Artec T1 USB2.0 successfully deinitialized and disconnected.
[  390.061309][ T8798] loop5: detected capacity change from 0 to 256
[  390.162894][ T8798] exFAT-fs (loop5): Volume was not properly unmounted. Some data may be corrupt. Please run fsck.
[  390.195350][ T8802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1351'.
[  390.195868][ T8798] exFAT-fs (loop5): Medium has reported failures. Some data may be lost.
[  390.210687][ T8802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1351'.
[  391.198176][ T8802] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1351'.
[  391.217745][ T8798] exFAT-fs (loop5): failed to load upcase table (idx : 0x00010000, chksum : 0xe62de5da, utbl_chksum : 0xe619d30d)
[  391.326711][ T8802] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1351'.
[  391.335830][ T8802] netlink: 'syz.1.1351': attribute type 6 has an invalid length.
[  391.363314][ T8798] exfat filesystem being mounted at /72/file0 supports timestamps until 2107-12-31 (0x10391447f)
[  393.072353][ T8824] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1357'.
[  393.195548][ T8824] netlink: 32 bytes leftover after parsing attributes in process `syz.3.1357'.
[  396.530056][ T8853] netlink: 'syz.0.1365': attribute type 10 has an invalid length.
[  399.154560][ T8879] platform regulatory.0: loading /lib/firmware/regulatory.db failed with error -4
[  399.163901][ T8879] platform regulatory.0: Direct firmware load for regulatory.db failed with error -4
[  399.173458][ T8879] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db
[  399.189097][ T8879] syz.0.1372 (8879) used greatest stack depth: 18552 bytes left
[  399.196919][   T26] audit: type=1800 audit(3921421125.027:107): pid=8879 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1372" name="regulatory.db" dev="sda1" ino=448 res=0 errno=0
[  399.680030][ T8895] device syzkaller0 entered promiscuous mode
[  401.045176][ T8912] ODEBUG: Out of memory. ODEBUG disabled
[  401.825827][ T8928] loop0: detected capacity change from 0 to 512
[  401.901559][ T8928] FAT-fs (loop0): bogus number of FAT sectors
[  402.242434][ T8928] FAT-fs (loop0): Can't find a valid FAT filesystem
[  402.879841][ T8932] syz.1.1389 (8932) used greatest stack depth: 17560 bytes left
[  403.033568][ T8935] kvm: pic: level sensitive irq not supported
[  403.035052][ T8935] kvm: pic: non byte read
[  403.051959][ T8935] kvm: pic: non byte read
[  403.242745][ T8950] loop5: detected capacity change from 0 to 2048
[  403.349290][ T8950] EXT4-fs (loop5): mounted filesystem without journal. Opts: init_itable=0x0000000000000001,errors=remount-ro,resgid=0x0000000000000000,barrier,quota,inode_readahead_blks=0x0000000000000400,. Quota mode: writeback.
[  403.372978][ T8950] ext4 filesystem being mounted at /82/file0 supports timestamps until 2038-01-19 (0x7fffffff)
[  404.521509][    T9] EXT4-fs error (device loop5): ext4_validate_block_bitmap:438: comm kworker/u4:0: bg 0: block 345: padding at end of block bitmap is not set
[  404.540920][    T9] EXT4-fs (loop5): Remounting filesystem read-only
[  404.801721][ T8991] 9pnet: p9_errstr2errno: server reported unknown error 0x000000000000
[  408.042673][ T9024] netlink: 'syz.1.1419': attribute type 10 has an invalid length.
[  408.261787][ T9029] net_ratelimit: 23 callbacks suppressed
[  408.261805][ T9029] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  408.276759][    C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  414.982303][ T9114] netlink: 32 bytes leftover after parsing attributes in process `syz.1.1447'.
[  415.004650][ T9115] device ip6gre1 entered promiscuous mode
[  417.451920][ T9130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.498716][ T9130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.508442][ T9135] sch_tbf: burst 256 is lower than device syzkaller0 mtu (1514) !
[  417.527967][ T9130] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.557285][ T9136] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.565964][ T9136] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.608812][ T9139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.632584][ T9139] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.653788][ T9141] netlink: 19 bytes leftover after parsing attributes in process `syz.1.1457'.
[  417.677752][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1457'.
[  417.688622][ T9122] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  417.767811][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1457'.
[  417.793623][ T9141] netlink: 8 bytes leftover after parsing attributes in process `syz.1.1457'.
[  418.922465][ T9154] mkiss: ax0: crc mode is auto.
[  419.212174][ T9168] sch_tbf: burst 1 is lower than device syzkaller0 mtu (1500) !
[  419.234263][ T9168] device syzkaller0 entered promiscuous mode
[  419.244909][ T9171] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1466'.
[  419.483400][ T9178] loop5: detected capacity change from 0 to 512
[  419.666276][   T26] audit: type=1326 audit(3921421145.527:108): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=9155 comm="syz.3.1461" exe="/root/syz-executor" sig=0 arch=c000003e syscall=202 compat=0 ip=0x7f73c672c799 code=0x7fc00000
[  420.259286][ T9179] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1470'.
[  420.605306][ T9178] EXT4-fs (loop5): 1 truncate cleaned up
[  420.659489][ T9178] EXT4-fs (loop5): mounted filesystem without journal. Opts: noload,max_dir_size_kb=0x0000000000000001,jqfmt=vfsv1,noload,errors=remount-ro,usrjquota=,. Quota mode: none.
[  421.617964][ T9207] device syzkaller0 entered promiscuous mode
[  421.703580][ T9211] netlink: 4 bytes leftover after parsing attributes in process `syz.2.1479'.
[  422.604467][ T9229] team_slave_1: Caught tx_queue_len zero misconfig
[  422.624538][ T9229] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1484'.
[  424.302375][ T9248] device bridge3 entered promiscuous mode
[  424.323264][ T9248] team0: Port device bridge3 added
[  425.132149][ T9255] Invalid option length (57448) for dns_resolver key
[  425.725512][ T9286] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1500'.
[  425.768815][ T9286] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0
[  425.777748][ T9286] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0
[  425.783912][ T9280] loop0: detected capacity change from 0 to 256
[  425.786763][ T9286] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0
[  425.802182][ T9286] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0
[  425.809264][ T9280] exfat: Deprecated parameter 'namecase'
[  425.827242][ T9290] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1503'.
[  425.845274][ T9292] netlink: 32 bytes leftover after parsing attributes in process `syz.5.1503'.
[  425.870945][ T9280] exfat: Deprecated parameter 'namecase'
[  426.493966][ T9280] exFAT-fs (loop0): failed to load upcase table (idx : 0x00010000, chksum : 0xfcc0b04e, utbl_chksum : 0xe619d30d)
[  426.590330][ T9280] exfat filesystem being mounted at /285/file0 supports timestamps until 2107-12-31 (0x10391447f)
[  428.043992][ T9308] netlink: 4 bytes leftover after parsing attributes in process `syz.5.1508'.
[  428.115643][ T4187] exFAT-fs (loop0): invalid start cluster (4278190088)
[  431.150236][ T9338] loop5: detected capacity change from 0 to 1024
[  435.343741][ T4232] usb 1-1: new full-speed USB device number 11 using dummy_hcd
[  435.720329][ T4232] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10
[  435.735844][ T4232] usb 1-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0
[  435.753669][ T4232] usb 1-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21
[  435.774432][ T4232] usb 1-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00
[  435.785316][ T4232] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  435.804951][ T4232] usb 1-1: config 0 descriptor??
[  436.026226][ T9380] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1532'.
[  436.058521][ T9380] netlink: 28 bytes leftover after parsing attributes in process `syz.1.1532'.
[  436.083518][ T9380] device veth7 entered promiscuous mode
[  436.118542][ T9378] netlink: 'syz.3.1531': attribute type 33 has an invalid length.
[  436.156189][ T9378] netlink: 152 bytes leftover after parsing attributes in process `syz.3.1531'.
[  436.354366][ T4232] plantronics 0003:047F:FFFF.0001: unbalanced collection at end of report description
[  436.372679][ T4232] plantronics 0003:047F:FFFF.0001: parse failed
[  436.379072][ T4232] plantronics: probe of 0003:047F:FFFF.0001 failed with error -22
[  436.402942][ T9393] netlink: 4 bytes leftover after parsing attributes in process `syz.1.1544'.
[  437.342282][ T9400] netlink: 24 bytes leftover after parsing attributes in process `syz.3.1537'.
[  438.282323][ T5207] usb 1-1: USB disconnect, device number 11
[  440.058988][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  440.065322][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  440.252407][ T9417] print_req_error: 5 callbacks suppressed
[  440.252464][ T9417] blk_update_request: I/O error, dev loop0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.271069][ T9417] blk_update_request: I/O error, dev loop0, sector 256 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.282544][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  440.292930][ T9417] blk_update_request: I/O error, dev loop0, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.304310][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  440.314009][ T9417] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  440.321783][ T9417] UDF-fs: Scanning with blocksize 512 failed
[  440.330331][ T9417] blk_update_request: I/O error, dev loop0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.342329][ T9417] blk_update_request: I/O error, dev loop0, sector 512 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.353655][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  440.364175][ T9417] blk_update_request: I/O error, dev loop0, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.375533][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  440.385360][ T9417] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  440.393249][ T9417] UDF-fs: Scanning with blocksize 1024 failed
[  440.400474][ T9417] blk_update_request: I/O error, dev loop0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.411782][ T9417] blk_update_request: I/O error, dev loop0, sector 1024 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.424189][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  440.434197][ T9417] blk_update_request: I/O error, dev loop0, sector 2048 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.445713][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  440.455611][ T9417] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  440.463712][ T9417] UDF-fs: Scanning with blocksize 2048 failed
[  440.470309][ T9417] blk_update_request: I/O error, dev loop0, sector 64 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0
[  440.481842][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=256, location=256
[  440.491756][ T9417] UDF-fs: error (device loop0): udf_read_tagged: read failed, block=512, location=512
[  440.501819][ T9417] UDF-fs: warning (device loop0): udf_load_vrs: No anchor found
[  440.509690][ T9417] UDF-fs: Scanning with blocksize 4096 failed
[  440.515896][ T9417] UDF-fs: warning (device loop0): udf_fill_super: No partition found (1)
[  451.912036][ T9513] gfs2: gfs2 mount does not exist
[  459.853447][ T9607] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1598'.
[  459.870809][ T9609] overlayfs: failed to clone upperpath
[  459.917061][ T9610] tipc: Failed to remove unknown binding: 66,0,0/2886997162:2401957507/2401957509
[  459.926912][ T9601] tipc: Failed to remove unknown binding: 66,0,0/2886997162:1019933421/1019933422
[  459.936962][ T9601] tipc: Failed to remove unknown binding: 66,0,0/2886997162:1019933421/1019933422
[  460.993583][ T9621] binder: BINDER_SET_CONTEXT_MGR already set
[  461.030896][ T9621] binder: 9617:9621 ioctl 4018620d 200000001000 returned -16
[  461.206503][ T1408] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50
[  461.246205][ T1408] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50
[  461.265468][ T9639] semctl(GETNCNT/GETZCNT) is since 3.16 Single Unix Specification compliant.
[  461.265468][ T9639] The task syz.3.1605 (9639) triggered the difference, watch for misbehavior.
[  461.540889][ T4753] IPv6: ADDRCONF(NETDEV_CHANGE): wlan0: link becomes ready
[  464.929377][ T9647] xt_CT: No such helper "pptp"
[  465.261417][ T9659] tipc: Failed to remove unknown binding: 66,0,0/0:2133569155/2133569157
[  465.329517][ T9659] tipc: Failed to remove unknown binding: 66,0,0/0:2133569155/2133569156
[  465.343600][ T9663] device ip6gre1 entered promiscuous mode
[  465.365585][ T9659] tipc: Failed to remove unknown binding: 66,0,0/0:2133569155/2133569157
[  465.403189][ T9659] tipc: Failed to remove unknown binding: 66,0,0/0:2133569155/2133569156
[  465.542751][ T9674] 9p filesystem being mounted at /122/file0 supports timestamps until 2106-02-07 (0xffffffff)
[  466.519574][ T9692] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1626'.
[  466.643907][ T9699] syz.2.1624 calls setitimer() with new_value NULL pointer. Misfeature support will be removed
[  470.340947][ T9728] 9pnet_virtio: no channels available for device syz
[  475.039451][ T2348] usb 1-1: new low-speed USB device number 12 using dummy_hcd
[  476.216437][ T2348] usb 1-1: config 0 has an invalid interface number: 1 but max is 0
[  476.285821][ T2348] usb 1-1: config 0 has no interface number 0
[  476.306371][ T2348] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 10
[  476.358252][ T2348] usb 1-1: config 0 interface 1 altsetting 0 endpoint 0x82 has invalid maxpacket 159, setting to 8
[  476.420227][ T2348] usb 1-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22
[  476.499374][ T2348] usb 1-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0
[  476.676717][ T2348] usb 1-1: config 0 descriptor??
[  476.708024][ T9767] raw-gadget.0 gadget: fail, usb_ep_enable returned -22
[  477.280534][ T2348] iowarrior 1-1:0.1: IOWarrior product=0x1512, serial= interface=1 now attached to iowarrior0
[  477.401755][ T2348] usb 1-1: USB disconnect, device number 12
[  479.333971][ T4758] device hsr_slave_0 left promiscuous mode
[  479.570366][ T4758] device hsr_slave_1 left promiscuous mode
[  479.814139][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.823801][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.832537][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.842483][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  479.850963][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.408128][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.471982][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.480546][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.488808][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.497376][ T9824] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  480.781798][ T9835] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium
[  481.084104][ T9842] SET target dimension over the limit!
[  482.495220][ T4758] bond0 (unregistering): Released all slaves
[  482.605591][ T9827] netlink: 10 bytes leftover after parsing attributes in process `syz.3.1657'.
[  486.017946][ T9885] net_ratelimit: 1014 callbacks suppressed
[  486.017966][ T9885] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  487.084704][ T9884] netlink: 16 bytes leftover after parsing attributes in process `syz.3.1671'.
[  487.217632][ T9901] loop5: detected capacity change from 0 to 7
[  487.262852][ T9901] Dev loop5: unable to read RDB block 7
[  487.299092][ T9901]  loop5: unable to read partition table
[  487.341008][ T9901] loop5: partition table beyond EOD, truncated
[  487.408053][ T9901] loop_reread_partitions: partition scan of loop5 (���������C�j̖�P=ý?�}X���	���%��`��ր���{��֐�ȵ4FLQk݊) failed (rc=-5)
[  488.701324][ T9941] netlink: 80 bytes leftover after parsing attributes in process `syz.5.1685'.
[  488.774115][    C1] Unknown status report in ack skb
[  488.853626][ T9946] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1681'.
[  489.656816][ T9949] netlink: 'syz.5.1685': attribute type 12 has an invalid length.
[  489.835891][ T9957] loop0: detected capacity change from 0 to 40427
[  489.896501][ T9957] F2FS-fs (loop0): invalid crc value
[  490.018285][ T9957] F2FS-fs (loop0): Found nat_bits in checkpoint
[  490.078860][ T9957] F2FS-fs (loop0): Mounted with checkpoint version = 48b305e5
[  490.929922][   T26] audit: type=1800 audit(3921421216.807:109): pid=9957 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.0.1688" name="SYSV00000000" dev="hugetlbfs" ino=1 res=0 errno=0
[  491.254213][   T26] audit: type=1800 audit(3921421216.927:110): pid=9988 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.1688" name="bus" dev="loop0" ino=10 res=0 errno=0
[  491.924148][ T4187] attempt to access beyond end of device
[  491.924148][ T4187] loop0: rw=2049, want=45104, limit=40427
[  492.026598][ T9999] netlink: 8 bytes leftover after parsing attributes in process `syz.5.1698'.
[  492.131501][ T9999] 8021q: adding VLAN 0 to HW filter on device bond1
[  492.219324][T10001] bond1: (slave ip6gretap1): Enslaving as a backup interface with an up link
[  492.241864][ T4753] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  492.295703][ T1408] IPv6: ADDRCONF(NETDEV_CHANGE): bond1: link becomes ready
[  492.371425][T10003] bond1: (slave veth3): Enslaving as a backup interface with a down link
[  492.447635][ T9595] bond1: Warning: No 802.3ad response from the link partner for any adapters in the bond
[  493.983730][T10023] fuse: Bad value for 'fd'
[  495.580930][T10046] tipc: Enabled bearer <eth:syzkaller0>, priority 0
[  496.616707][T10066] netlink: 'syz.0.1715': attribute type 1 has an invalid length.
[  496.806458][T10067] bond2: (slave gretap1): making interface the new active one
[  496.865305][T10067] bond2: (slave gretap1): Enslaving as an active interface with an up link
[  496.932552][T10073] device macvlan3 entered promiscuous mode
[  496.990583][T10073] device bond2 entered promiscuous mode
[  497.030346][T10073] device gretap1 entered promiscuous mode
[  497.081849][T10073] 8021q: adding VLAN 0 to HW filter on device macvlan3
[  497.117246][T10073] bond2: (slave macvlan3): the slave hw address is in use by the bond; couldn't find a slave with a free hw address to give it (this should not have happened)
[  497.195664][T10073] device bond2 left promiscuous mode
[  497.205039][T10073] device gretap1 left promiscuous mode
[  499.710696][T10115] netlink: 'syz.2.1724': attribute type 1 has an invalid length.
[  499.910844][T10124] IPv6: NLM_F_CREATE should be specified when creating new route
[  499.976760][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  499.985921][    C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog
[  500.033366][T10130] __sock_release: fasync list not empty!
[  500.135459][T10132] delete_channel: no stack
[  500.270518][T10142] Can not set IPV6_FL_F_REFLECT if flowlabel_consistency sysctl is enable
[  500.302028][T10142] netlink: 16 bytes leftover after parsing attributes in process `syz.2.1734'.
[  501.512235][ T1429] ieee802154 phy0 wpan0: encryption failed: -22
[  501.518597][ T1429] ieee802154 phy1 wpan1: encryption failed: -22
[  502.924698][T10191] loop0: detected capacity change from 0 to 256
[  504.703198][    C1] ------------[ cut here ]------------
[  504.708764][    C1] WARNING: CPU: 1 PID: 10200 at net/mac80211/tx.c:4859 __ieee80211_beacon_get+0x179f/0x2000
[  504.718928][    C1] Modules linked in:
[  504.722848][    C1] CPU: 1 PID: 10200 Comm: syz.3.1747 Not tainted syzkaller #0
[  504.730602][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  504.740883][    C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000
[  504.747259][    C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 0d 4b 2a f8 0f 0b e9 03 ef ff ff e8 01 4b 2a f8 <0f> 0b e9 76 f2 ff ff e8 a5 92 6d 00 89 d9 80 e1 07 80 c1 03 38 c1
[  504.767119][    C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246
[  504.773306][    C1] RAX: ffffffff894ed60f RBX: ffff888073fee268 RCX: ffff888021378000
[  504.781320][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  504.789329][    C1] RBP: ffffc90000dd0b08 R08: ffff888021378000 R09: 0000000000000003
[  504.797337][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888063142800
[  504.805327][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c
[  504.813339][    C1] FS:  0000000000000000(0000) GS:ffff8880b9100000(0000) knlGS:0000000000000000
[  504.822310][    C1] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  504.828936][    C1] CR2: 00007f8ccbfd5286 CR3: 000000000c08e000 CR4: 00000000003506e0
[  504.836950][    C1] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  504.845029][    C1] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
[  504.853044][    C1] Call Trace:
[  504.856357][    C1]  <IRQ>
[  504.859232][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[  504.865426][    C1]  ? verify_lock_unused+0x140/0x140
[  504.870687][    C1]  ? __lock_acquire+0x13bc/0x7d10
[  504.875744][    C1]  ? verify_lock_unused+0x140/0x140
[  504.881003][    C1]  ieee80211_beacon_get_tim+0x48/0x840
[  504.886525][    C1]  mac80211_hwsim_beacon_tx+0xf4/0x920
[  504.892009][    C1]  __iterate_interfaces+0x243/0x500
[  504.897256][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  504.903603][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  504.909888][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  504.916979][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  504.922286][    C1]  ? hw_scan_work+0xed0/0xed0
[  504.926999][    C1]  __hrtimer_run_queues+0x4f2/0xb70
[  504.932251][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  504.937422][    C1]  hrtimer_run_softirq+0x176/0x240
[  504.942567][    C1]  handle_softirqs+0x339/0x830
[  504.947386][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  504.952351][    C1]  ? do_softirq+0x210/0x210
[  504.956899][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  504.962206][    C1]  __irq_exit_rcu+0x13b/0x230
[  504.966970][    C1]  ? irq_exit_rcu+0x20/0x20
[  504.971510][    C1]  irq_exit_rcu+0x5/0x20
[  504.975768][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  504.981451][    C1]  </IRQ>
[  504.984408][    C1]  <TASK>
[  504.987374][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  504.993462][    C1] RIP: 0010:in_lock_functions+0x0/0x20
[  504.999057][    C1] Code: cd fe ff ff 48 c7 c1 40 46 21 92 80 e1 07 80 c1 03 38 c1 0f 8c 77 ff ff ff 48 c7 c7 40 46 21 92 e8 e5 fa 5f 00 e9 66 ff ff ff <48> 81 ff 90 d3 c5 89 0f 93 c0 48 81 ff de e3 c5 89 0f 92 c1 20 c1
[  505.018823][    C1] RSP: 0018:ffffc9000322ed80 EFLAGS: 00000246
[  505.024937][    C1] RAX: 0000000000000001 RBX: ffffffff81350d2c RCX: ffffffff962daf03
[  505.032953][    C1] RDX: dffffc0000000000 RSI: ffffffff81ce4dc8 RDI: ffffffff81350d2c
[  505.040967][    C1] RBP: ffffc9000322eeb0 R08: ffffc9000322ef30 R09: 0000000000000009
[  505.049152][    C1] R10: dffffc0000000000 R11: fffff52000645dd9 R12: ffffffff81ce4dc8
[  505.057182][    C1] R13: ffffc9000322f968 R14: dffffc0000000000 R15: dffffc0000000000
[  505.065173][    C1]  ? dput+0xd8/0x1a0
[  505.069113][    C1]  ? unwind_next_frame+0xac/0x1d90
[  505.074249][    C1]  ? dput+0xd8/0x1a0
[  505.078179][    C1]  ? unwind_next_frame+0xac/0x1d90
[  505.083322][    C1]  preempt_count_add+0x8d/0x190
[  505.088232][    C1]  unwind_next_frame+0xac/0x1d90
[  505.093196][    C1]  ? dput+0xd8/0x1a0
[  505.097132][    C1]  ? stack_trace_save+0xf0/0xf0
[  505.101999][    C1]  arch_stack_walk+0x10c/0x140
[  505.106846][    C1]  ? dput+0xd8/0x1a0
[  505.110766][    C1]  stack_trace_save+0xa6/0xf0
[  505.115459][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  505.120640][    C1]  save_stack+0x121/0x230
[  505.125119][    C1]  ? verify_lock_unused+0x140/0x140
[  505.130366][    C1]  ? __reset_page_owner+0x180/0x180
[  505.135761][    C1]  ? free_unref_page_prepare+0x637/0x6c0
[  505.141444][    C1]  ? free_unref_page_list+0x119/0x820
[  505.146988][    C1]  ? release_pages+0x186c/0x1be0
[  505.151975][    C1]  ? __pagevec_release+0x6d/0xe0
[  505.157060][    C1]  ? shmem_undo_range+0x62b/0x1930
[  505.162210][    C1]  ? shmem_evict_inode+0x220/0xa40
[  505.167371][    C1]  ? evict+0x4c9/0x8d0
[  505.171464][    C1]  ? __dentry_kill+0x431/0x650
[  505.176267][    C1]  ? dentry_kill+0xb8/0x290
[  505.180789][    C1]  ? dput+0xd8/0x1a0
[  505.184797][    C1]  ? sched_clock_cpu+0x15/0x3c0
[  505.189767][    C1]  ? free_zapped_rcu+0x1f0/0x1f0
[  505.194706][    C1]  __reset_page_owner+0x51/0x180
[  505.199667][    C1]  free_unref_page_prepare+0x637/0x6c0
[  505.205126][    C1]  free_unref_page_list+0x119/0x820
[  505.210353][    C1]  ? uncharge_page+0x490/0x490
[  505.215216][    C1]  ? free_unref_page_commit+0x4c0/0x4c0
[  505.220933][    C1]  release_pages+0x186c/0x1be0
[  505.225759][    C1]  ? lru_cache_disable+0x30/0x30
[  505.230850][    C1]  __pagevec_release+0x6d/0xe0
[  505.235729][    C1]  shmem_undo_range+0x62b/0x1930
[  505.240742][    C1]  ? __lock_acquire+0x13bc/0x7d10
[  505.245791][    C1]  ? shmem_truncate_range+0xa0/0xa0
[  505.251073][    C1]  ? do_raw_spin_lock+0x128/0x2f0
[  505.256322][    C1]  ? percpu_counter_add_batch+0x13b/0x160
[  505.262073][    C1]  shmem_evict_inode+0x220/0xa40
[  505.267163][    C1]  ? inode_wait_for_writeback+0x1df/0x220
[  505.272914][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  505.278503][    C1]  ? do_raw_spin_lock+0x128/0x2f0
[  505.283562][    C1]  ? bit_waitqueue+0x30/0x30
[  505.288202][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  505.293427][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  505.299032][    C1]  evict+0x4c9/0x8d0
[  505.302982][    C1]  ? proc_nr_inodes+0x320/0x320
[  505.307886][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  505.313197][    C1]  ? _raw_spin_unlock+0x24/0x40
[  505.318087][    C1]  ? iput+0x706/0x8a0
[  505.322101][    C1]  __dentry_kill+0x431/0x650
[  505.326841][    C1]  dentry_kill+0xb8/0x290
[  505.331197][    C1]  dput+0xd8/0x1a0
[  505.334932][    C1]  __fput+0x5ee/0x930
[  505.339145][    C1]  task_work_run+0x125/0x1a0
[  505.343849][    C1]  do_exit+0x626/0x20c0
[  505.348157][    C1]  ? put_task_struct+0x80/0x80
[  505.352912][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  505.359073][    C1]  ? lock_chain_count+0x20/0x20
[  505.363948][    C1]  ? _raw_spin_lock_irq+0xb7/0xf0
[  505.368984][    C1]  do_group_exit+0x12e/0x300
[  505.373576][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  505.378786][    C1]  get_signal+0x6ca/0x12c0
[  505.383212][    C1]  arch_do_signal_or_restart+0xe7/0x12c0
[  505.388941][    C1]  ? futex_exit_release+0x1c0/0x1c0
[  505.394240][    C1]  ? get_sigframe_size+0x10/0x10
[  505.399277][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  505.405537][    C1]  ? exit_to_user_mode_loop+0x3b/0x130
[  505.411126][    C1]  exit_to_user_mode_loop+0x9e/0x130
[  505.416436][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  505.421994][    C1]  syscall_exit_to_user_mode+0x16/0x40
[  505.427483][    C1]  do_syscall_64+0x58/0xa0
[  505.432069][    C1]  ? clear_bhb_loop+0x30/0x80
[  505.436774][    C1]  ? clear_bhb_loop+0x30/0x80
[  505.441535][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  505.447432][    C1] RIP: 0033:0x7f73c672c799
[  505.451839][    C1] Code: Unable to access opcode bytes at RIP 0x7f73c672c76f.
[  505.459201][    C1] RSP: 002b:00007f73c49440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  505.467624][    C1] RAX: fffffffffffffe00 RBX: 00007f73c69a6188 RCX: 00007f73c672c799
[  505.475585][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f73c69a6188
[  505.483557][    C1] RBP: 00007f73c69a6180 R08: 0000000000000000 R09: 0000000000000000
[  505.491537][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  505.499527][    C1] R13: 00007f73c69a6218 R14: 00007ffe4d146220 R15: 00007ffe4d146308
[  505.507596][    C1]  </TASK>
[  505.510609][    C1] Kernel panic - not syncing: kernel: panic_on_warn set ...
[  505.517879][    C1] CPU: 1 PID: 10200 Comm: syz.3.1747 Not tainted syzkaller #0
[  505.525335][    C1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 02/12/2026
[  505.535390][    C1] Call Trace:
[  505.538681][    C1]  <IRQ>
[  505.541518][    C1]  dump_stack_lvl+0x188/0x250
[  505.546198][    C1]  ? show_regs_print_info+0x20/0x20
[  505.551390][    C1]  ? load_image+0x400/0x400
[  505.555905][    C1]  panic+0x2e5/0x810
[  505.559795][    C1]  ? bpf_jit_dump+0xd0/0xd0
[  505.564291][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  505.570093][    C1]  __warn+0x248/0x2b0
[  505.574235][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  505.579948][    C1]  report_bug+0x1b7/0x2e0
[  505.584455][    C1]  handle_bug+0x3a/0x70
[  505.588595][    C1]  exc_invalid_op+0x16/0x40
[  505.593087][    C1]  asm_exc_invalid_op+0x16/0x20
[  505.597924][    C1] RIP: 0010:__ieee80211_beacon_get+0x179f/0x2000
[  505.604241][    C1] Code: 2a f8 0f 0b 4f 89 64 2f 04 4f 89 64 2f 0c 43 c6 44 2f 14 f8 e9 19 fe ff ff e8 0d 4b 2a f8 0f 0b e9 03 ef ff ff e8 01 4b 2a f8 <0f> 0b e9 76 f2 ff ff e8 a5 92 6d 00 89 d9 80 e1 07 80 c1 03 38 c1
[  505.623836][    C1] RSP: 0018:ffffc90000dd08e0 EFLAGS: 00010246
[  505.630063][    C1] RAX: ffffffff894ed60f RBX: ffff888073fee268 RCX: ffff888021378000
[  505.638199][    C1] RDX: 0000000000000100 RSI: 0000000000000000 RDI: 0000000000000000
[  505.646165][    C1] RBP: ffffc90000dd0b08 R08: ffff888021378000 R09: 0000000000000003
[  505.654124][    C1] R10: 0000000000000007 R11: 0000000000000100 R12: ffff888063142800
[  505.662119][    C1] R13: dffffc0000000000 R14: 0000000000000000 R15: 1ffff920001ba12c
[  505.670101][    C1]  ? __ieee80211_beacon_get+0x179f/0x2000
[  505.675835][    C1]  ? ieee80211_beacon_get_template+0x30/0x30
[  505.681811][    C1]  ? verify_lock_unused+0x140/0x140
[  505.687107][    C1]  ? __lock_acquire+0x13bc/0x7d10
[  505.692124][    C1]  ? verify_lock_unused+0x140/0x140
[  505.697435][    C1]  ieee80211_beacon_get_tim+0x48/0x840
[  505.702948][    C1]  mac80211_hwsim_beacon_tx+0xf4/0x920
[  505.708398][    C1]  __iterate_interfaces+0x243/0x500
[  505.713592][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  505.719830][    C1]  ? mac80211_hwsim_vendor_cmd_test+0x2f0/0x2f0
[  505.726069][    C1]  ieee80211_iterate_active_interfaces_atomic+0xb3/0x140
[  505.733113][    C1]  mac80211_hwsim_beacon+0x9b/0x180
[  505.738313][    C1]  ? hw_scan_work+0xed0/0xed0
[  505.743076][    C1]  __hrtimer_run_queues+0x4f2/0xb70
[  505.748268][    C1]  ? hrtimer_interrupt+0x8d0/0x8d0
[  505.753380][    C1]  hrtimer_run_softirq+0x176/0x240
[  505.758482][    C1]  handle_softirqs+0x339/0x830
[  505.763244][    C1]  ? __irq_exit_rcu+0x13b/0x230
[  505.768088][    C1]  ? do_softirq+0x210/0x210
[  505.772678][    C1]  ? irqtime_account_irq+0xb2/0x1b0
[  505.777863][    C1]  __irq_exit_rcu+0x13b/0x230
[  505.782539][    C1]  ? irq_exit_rcu+0x20/0x20
[  505.787039][    C1]  irq_exit_rcu+0x5/0x20
[  505.791276][    C1]  sysvec_apic_timer_interrupt+0xa0/0xc0
[  505.797107][    C1]  </IRQ>
[  505.800038][    C1]  <TASK>
[  505.802978][    C1]  asm_sysvec_apic_timer_interrupt+0x16/0x20
[  505.809046][    C1] RIP: 0010:in_lock_functions+0x0/0x20
[  505.814499][    C1] Code: cd fe ff ff 48 c7 c1 40 46 21 92 80 e1 07 80 c1 03 38 c1 0f 8c 77 ff ff ff 48 c7 c7 40 46 21 92 e8 e5 fa 5f 00 e9 66 ff ff ff <48> 81 ff 90 d3 c5 89 0f 93 c0 48 81 ff de e3 c5 89 0f 92 c1 20 c1
[  505.834106][    C1] RSP: 0018:ffffc9000322ed80 EFLAGS: 00000246
[  505.840162][    C1] RAX: 0000000000000001 RBX: ffffffff81350d2c RCX: ffffffff962daf03
[  505.848121][    C1] RDX: dffffc0000000000 RSI: ffffffff81ce4dc8 RDI: ffffffff81350d2c
[  505.856261][    C1] RBP: ffffc9000322eeb0 R08: ffffc9000322ef30 R09: 0000000000000009
[  505.864275][    C1] R10: dffffc0000000000 R11: fffff52000645dd9 R12: ffffffff81ce4dc8
[  505.872375][    C1] R13: ffffc9000322f968 R14: dffffc0000000000 R15: dffffc0000000000
[  505.880513][    C1]  ? dput+0xd8/0x1a0
[  505.884406][    C1]  ? unwind_next_frame+0xac/0x1d90
[  505.889964][    C1]  ? dput+0xd8/0x1a0
[  505.894021][    C1]  ? unwind_next_frame+0xac/0x1d90
[  505.899236][    C1]  preempt_count_add+0x8d/0x190
[  505.904220][    C1]  unwind_next_frame+0xac/0x1d90
[  505.909158][    C1]  ? dput+0xd8/0x1a0
[  505.913055][    C1]  ? stack_trace_save+0xf0/0xf0
[  505.917898][    C1]  arch_stack_walk+0x10c/0x140
[  505.922653][    C1]  ? dput+0xd8/0x1a0
[  505.926654][    C1]  stack_trace_save+0xa6/0xf0
[  505.931350][    C1]  ? stack_trace_snprint+0xf0/0xf0
[  505.936478][    C1]  save_stack+0x121/0x230
[  505.940808][    C1]  ? verify_lock_unused+0x140/0x140
[  505.945996][    C1]  ? __reset_page_owner+0x180/0x180
[  505.951202][    C1]  ? free_unref_page_prepare+0x637/0x6c0
[  505.956857][    C1]  ? free_unref_page_list+0x119/0x820
[  505.962398][    C1]  ? release_pages+0x186c/0x1be0
[  505.967334][    C1]  ? __pagevec_release+0x6d/0xe0
[  505.972259][    C1]  ? shmem_undo_range+0x62b/0x1930
[  505.977360][    C1]  ? shmem_evict_inode+0x220/0xa40
[  505.982477][    C1]  ? evict+0x4c9/0x8d0
[  505.986536][    C1]  ? __dentry_kill+0x431/0x650
[  505.991291][    C1]  ? dentry_kill+0xb8/0x290
[  505.995783][    C1]  ? dput+0xd8/0x1a0
[  505.999669][    C1]  ? sched_clock_cpu+0x15/0x3c0
[  506.004523][    C1]  ? free_zapped_rcu+0x1f0/0x1f0
[  506.009449][    C1]  __reset_page_owner+0x51/0x180
[  506.014394][    C1]  free_unref_page_prepare+0x637/0x6c0
[  506.019860][    C1]  free_unref_page_list+0x119/0x820
[  506.025060][    C1]  ? uncharge_page+0x490/0x490
[  506.029882][    C1]  ? free_unref_page_commit+0x4c0/0x4c0
[  506.035447][    C1]  release_pages+0x186c/0x1be0
[  506.040221][    C1]  ? lru_cache_disable+0x30/0x30
[  506.045277][    C1]  __pagevec_release+0x6d/0xe0
[  506.050053][    C1]  shmem_undo_range+0x62b/0x1930
[  506.055000][    C1]  ? __lock_acquire+0x13bc/0x7d10
[  506.060035][    C1]  ? shmem_truncate_range+0xa0/0xa0
[  506.065243][    C1]  ? do_raw_spin_lock+0x128/0x2f0
[  506.070286][    C1]  ? percpu_counter_add_batch+0x13b/0x160
[  506.076048][    C1]  shmem_evict_inode+0x220/0xa40
[  506.081105][    C1]  ? inode_wait_for_writeback+0x1df/0x220
[  506.086943][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  506.092481][    C1]  ? do_raw_spin_lock+0x128/0x2f0
[  506.097529][    C1]  ? bit_waitqueue+0x30/0x30
[  506.102251][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  506.107473][    C1]  ? shmem_free_in_core_inode+0xb0/0xb0
[  506.113026][    C1]  evict+0x4c9/0x8d0
[  506.116958][    C1]  ? proc_nr_inodes+0x320/0x320
[  506.121801][    C1]  ? do_raw_spin_unlock+0x11d/0x230
[  506.127099][    C1]  ? _raw_spin_unlock+0x24/0x40
[  506.131952][    C1]  ? iput+0x706/0x8a0
[  506.135954][    C1]  __dentry_kill+0x431/0x650
[  506.140547][    C1]  dentry_kill+0xb8/0x290
[  506.145025][    C1]  dput+0xd8/0x1a0
[  506.148760][    C1]  __fput+0x5ee/0x930
[  506.152961][    C1]  task_work_run+0x125/0x1a0
[  506.157722][    C1]  do_exit+0x626/0x20c0
[  506.162069][    C1]  ? put_task_struct+0x80/0x80
[  506.166841][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  506.172832][    C1]  ? lock_chain_count+0x20/0x20
[  506.177683][    C1]  ? _raw_spin_lock_irq+0xb7/0xf0
[  506.182705][    C1]  do_group_exit+0x12e/0x300
[  506.187380][    C1]  ? lockdep_hardirqs_on+0x94/0x140
[  506.192576][    C1]  get_signal+0x6ca/0x12c0
[  506.197018][    C1]  arch_do_signal_or_restart+0xe7/0x12c0
[  506.202665][    C1]  ? futex_exit_release+0x1c0/0x1c0
[  506.207864][    C1]  ? get_sigframe_size+0x10/0x10
[  506.212795][    C1]  ? lockdep_hardirqs_on_prepare+0x409/0x770
[  506.218766][    C1]  ? exit_to_user_mode_loop+0x3b/0x130
[  506.224229][    C1]  exit_to_user_mode_loop+0x9e/0x130
[  506.229586][    C1]  exit_to_user_mode_prepare+0xee/0x180
[  506.235145][    C1]  syscall_exit_to_user_mode+0x16/0x40
[  506.240738][    C1]  do_syscall_64+0x58/0xa0
[  506.245164][    C1]  ? clear_bhb_loop+0x30/0x80
[  506.249836][    C1]  ? clear_bhb_loop+0x30/0x80
[  506.254617][    C1]  entry_SYSCALL_64_after_hwframe+0x66/0xd0
[  506.260608][    C1] RIP: 0033:0x7f73c672c799
[  506.265150][    C1] Code: Unable to access opcode bytes at RIP 0x7f73c672c76f.
[  506.272515][    C1] RSP: 002b:00007f73c49440e8 EFLAGS: 00000246 ORIG_RAX: 00000000000000ca
[  506.280925][    C1] RAX: fffffffffffffe00 RBX: 00007f73c69a6188 RCX: 00007f73c672c799
[  506.288901][    C1] RDX: 0000000000000000 RSI: 0000000000000080 RDI: 00007f73c69a6188
[  506.296863][    C1] RBP: 00007f73c69a6180 R08: 0000000000000000 R09: 0000000000000000
[  506.305037][    C1] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000
[  506.313044][    C1] R13: 00007f73c69a6218 R14: 00007ffe4d146220 R15: 00007ffe4d146308
[  506.321128][    C1]  </TASK>
[  506.324491][    C1] Kernel Offset: disabled
[  506.329080][    C1] Rebooting in 86400 seconds..